Document sans titre

****************************************************************************
Installation
If you want to compile in the assembly language routines with Visual C++ then
you will need an assembler. This is worth doing because it will result in
faster code: for example it will typically result in a 2 times speedup in the
RSA routines. Currently the following assemblers are supported:

* Microsoft MASM (aka "ml")
* Free Netwide Assembler NASM.

NASM is freely available. Version 0.98 was used during testing: other versions
may also work. It is available from many places, see for example:
http://www.kernel.org/pub/software/devel/nasm/binaries/win32/
The NASM binary nasmw.exe needs to be installed anywhere on your PATH.

Visual C++
----------

Firstly you should run Configure:

> perl Configure VC-WIN32

Next you need to build the Makefiles and optionally the assembly language
files:
- If you are using NASM then run:

> ms\do_nasm

Copier mspdb60.dll dans c:\prgra~1\Microsof Visual Studio\VC98\bin

Then from the VC++ environment at a prompt do:

> nmake -f ms\ntdll.mak

If all is well it should compile and you will have some DLLs and executables
in out32dll. If you want to try the tests then do:

> cd out32dll
> ..\ms\test

You can also build a static version of the library using the Makefile
ms\nt.mak

****************************************************************************
Générer du random

> E:\Net\Openssl\openssl-0.9.6h\out32dll>openssl rand -out ..\ms\.rnd -rand c:/pagefile.sys;c:\docume~1\sr\ntuser.dat.log 1024
Loading 'screen' into random state - done
0 semi-random bytes loaded
****************************************************************************
> modifier apps/openssl.cnf

RANDFILE = d:/net/openssl/openssl-0.9.6h/ms/.rnd
nsComment = "OpenSSL Generated Certificate"
basicConstraints = CA:FALSE
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
****************************************************************************
Creer variable d'environnement:

PATH doit contenir out32dll
SSLEAY_CONFIG=e:\net\openssl\openssl-0.9.6h\apps\openssl.cnf
****************************************************************************
Modifier

$CATOP dans CA.pl
[ CA_default ] / dir = dans openssl.cnf

$RAND="d:/net/openssl/openssl-0.9.6h/ms/.rnd";
$REQ="openssl req -config $SSLEAY_CONFIG -rand $RAND";
*****************************************************************************
Creer CA

CA.pl -newcert
(avec Date de Validite du CA a 2 ans , ou bien directment modifier CA.pl avec par ex CA_DAYS)

openssl req -config e:\net\openssl\openssl-0.9.6h\apps\openssl.cnf -new -x509 -keyout private\cakey.pem -out cacert.pem -days 730

creates a self signed certificate (for Certificate Authority).
The resulting file goes into newreq.pem.
For the common Name (CN) use something like “ACME root Certificate”.
This file needs to be split into 2 files cacert.pem and private/cakey.pem.
The part -RSA PRIVATE KEY- goes into private/cakey.pem while the part - CERTIFICATE- goes into cacert.pem.
Delete newreq.pem when finished.

****************************************************************************
Generer Certficat

E:\Net\Openssl\CA-youg2>openssl x509 -in cacert.pem -out cacert.crt
*****************************************************************************
Enlever passphrase de private key

First recuperer partie private de newcert.req dans cust2priv.pem
E:\Net\Openssl>openssl rsa -in cust2priv.pem -out cust2.priv
read RSA key
Enter PEM pass phrase:
writing RSA key

*****************************************************************************
Affichage des certif en ASCII

E:\Net\Openssl>openssl x509 -pubkey -in cust65.crt
E:\Net\Openssl>openssl x509 -text -in cust65.crt
E:\Net\Openssl>openssl rsa -text -in priv-cust66.pem

Retour