mirror of
https://gitlab.com/Chill-Projet/chill-bundles.git
synced 2025-08-20 22:53:49 +00:00
Add workflow and signatures to dev skeleton
This commit is contained in:
BIN
resources/dev-certificate/dummy.p12
Normal file
BIN
resources/dev-certificate/dummy.p12
Normal file
Binary file not shown.
51
resources/dev-certificate/rootca.conf
Normal file
51
resources/dev-certificate/rootca.conf
Normal file
@@ -0,0 +1,51 @@
|
||||
#
|
||||
# rootca.conf
|
||||
#
|
||||
# See Ristic OpenSSL Cookbook URL above.
|
||||
|
||||
oid_section = new_oids
|
||||
|
||||
[ new_oids ]
|
||||
tsa_policy1 = 1.2.3.4.1
|
||||
tsa_policy2 = 1.2.3.4.5.6
|
||||
tsa_policy3 = 1.2.3.4.5.7
|
||||
|
||||
########### TSA extension ##############
|
||||
#
|
||||
# Copied from the OpenSSL CAtsa.cnf test configuration and modified for use as a TSA extension.
|
||||
#
|
||||
#
|
||||
|
||||
[ tsa ]
|
||||
|
||||
default_tsa = tsa_config1
|
||||
|
||||
[ tsa_config1 ]
|
||||
dir = /etc/sign-pdf # TSA root directory
|
||||
serial = /var/lib/tsa/tsa_serial # current serial number (mandatory)
|
||||
signer_cert = $dir/tsa/tsa.crt # signing certificate (optional)
|
||||
certs = $dir/tsa/tsa-chain.pem # certification chain (optional)
|
||||
signer_key = $dir/tsa/private/tsa.key # tsa private key (optional)
|
||||
default_policy = tsa_policy1
|
||||
signer_digest = sha256 # digest to use for signing (optional)
|
||||
other_policies = tsa_policy2,tsa_policy3 # other policies (optional)
|
||||
digests = sha256,sha384,sha512 # acceptable digests (mandatory)
|
||||
accuracy = secs:1,millisecs:500,microsecs:100 # accuracy optional
|
||||
ordering = yes # is ordering defined? (optional, default: no)
|
||||
tsa_name = yes # must tsa name be included in reply? (opt., default: no)
|
||||
ess_cert_id_chain = yes # must ess cert id change be incl? (opt., default: no)
|
||||
ess_cert_id_alg = sha256 # alg to compute cert. id (optional, default: sha1)
|
||||
|
||||
# added, was missing in the blog post
|
||||
crypto_device = builtin
|
||||
|
||||
# The tsa_ext extension is
|
||||
# used to create the tsa cert tsa.crt
|
||||
|
||||
[ tsa_ext ]
|
||||
|
||||
authorityKeyIdentifier = keyid:always
|
||||
basicConstraints = critical,CA:false
|
||||
extendedKeyUsage = critical,timeStamping
|
||||
keyUsage = critical,nonRepudiation
|
||||
subjectKeyIdentifier = hash
|
||||
30
resources/dev-certificate/tsa/private/tsa.key
Normal file
30
resources/dev-certificate/tsa/private/tsa.key
Normal file
@@ -0,0 +1,30 @@
|
||||
-----BEGIN ENCRYPTED PRIVATE KEY-----
|
||||
MIIFHDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQIJKTwMigNoUMCAggA
|
||||
MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECEZP8zY4qrUIBIIEyGUWpexwnxFi
|
||||
8q/Flw0Y9sL2Z7rLOriVHPhjtgt17e3rTUYaV788D/YZu/of15CnvJLj4BupcH0M
|
||||
9i/Tqd7x6iwteIl3VJ8gIQLr44qCHdsGMoqKA7JrZmrr5uZkBBBblo1wwZOuEZSp
|
||||
wXvZEBWV7H/vfdHZcc/und1bmXzn6NmBwIvyYvVD3yWuT+49n7JWshmBJj27fd2V
|
||||
lOo7nrF25fdwgHve0E5gBZO1RFjhYH5EwyRg5DtUrAt6xvpmTHfDoXo8JcfgD+RR
|
||||
Rkg1aRdty4uc8tHph+QI47hgxpCp6mvgHajn23C725F89qYF7EsSZr/eqyOxzYYr
|
||||
L9cgKJMRlQC0Lc0y9rBj6gLGCMOqkpy0fsSZ1Wdr7EpfgvjW84oGW/4slNML3zFk
|
||||
D93qPfry8LpLQZlxNTvGZHbG/EHj41RjluBkhnqCcdPueaz1zs55BMAjP3vb9Hfy
|
||||
BfMRnK7tSgLCtFn1Vu3sWT02SVMa33WYMtuFHK7jBzp6IinA8RbKRoMcMdDtmCFC
|
||||
bMTjkiC7MQ0dPFCMdn8aRAjXtnIQfQKQt5fTVeha8lWi9DAdE9iBmy1mwksCnneL
|
||||
QTiSCs9+tMRBfKsgd5eND1/KhbHlUtjq/W/tsX/cVw+mBsz7s/VePSbfqkAr3ShI
|
||||
o2KcoQHjreGzvckTAaZ0r6IaStrT+i+zjHSZChwaJClq1eE/fIld6/cr//+cS4Hn
|
||||
BdNzjBpsfSJ+mXGrR63ZxF/iqYb5Y5vUxdpHiEOWQJmS3PbvD8soPYO+IxVdXO6h
|
||||
b+CL9uune5Fznrcm3OA3QfDE64b4bif1qV4govNcnd2LxTmJ8UjdvpNgaMjwNPNI
|
||||
JhaxGzAr0BsR8Wn+A/xvhtFtfX9s2jPDhn1diNZwklGSlakaHUsU8ZQNC8sy3sJ+
|
||||
38fIQ50624P0lKx5E1L8npUytNCodg/ewSxJFANui8OpLck/DbYhvzYFhUd0F+4m
|
||||
wmXSDNrp7bWvtT/b2MYW74RF9pt+R0AipYj3z1kCmZIECc0GpaL8PLuyWvEmEmfd
|
||||
mwEz4hJ5d7JkqLSVtmYWi6U/hRr12bt5ggn9GH0M6R2Q8RV4SlKhW2jgiDC1OOUP
|
||||
iQZvVCBuL2+wpx0Xn7l3Ef6Onr/Gfa9n0JEKqrKzDl1R0GxIh3w+XTVlPmEjOMfx
|
||||
XOwn/UzMMEybo7BD/t6/9Fp6UMrqcoj9sgWyFg6UQsVlMjRva7TUPCDVxxqD53yS
|
||||
iMqDVdSwcP6Py7FtSX2D42n6m8E7GlI68qs+a/7jSBrpKWyTye8kOP5uADFHjwCy
|
||||
AZpLnfGFUG7OpfUgyVhBZSNoA4HGwSkiEdoh09uyFWcTj32DNcDqqRoN6W6azqKP
|
||||
+IlGmUrOMMnzB1jhiphYqBJQc196qRmYaRMi0oXWQx91Y+PXkXdv0E1x9+5E5SzK
|
||||
VQ3R3PlRx2uGLGxVQkXiwtNwcU++dnRPl+XIdyGzIxM2f2Ziwdi5srCxQpBMW+kK
|
||||
6Sumitx+xfcsgA32hWLlF7NJVqKqSpXSen5O8mI8H81qlNJmdWbP2kzpZyMZaK2R
|
||||
i+V1IMZyTSvNw+K7fM+apmq1DtvT4v7+6FYJ8l7AvAG/7qqpqqF+vbJzsVcz3aMw
|
||||
M/yg+z/tJtjUH4WyvZdHjw==
|
||||
-----END ENCRYPTED PRIVATE KEY-----
|
||||
42
resources/dev-certificate/tsa/tsa-chain.pem
Normal file
42
resources/dev-certificate/tsa/tsa-chain.pem
Normal file
@@ -0,0 +1,42 @@
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIDmDCCAoCgAwIBAgIRALBI/r9Su2VPe3I1YD91PrwwDQYJKoZIhvcNAQELBQAw
|
||||
NjELMAkGA1UEBhMCVVMxFTATBgNVBAoMDEV4YW1wbGUgSW5jLjEQMA4GA1UEAwwH
|
||||
Um9vdCBDQTAeFw0yNDEwMTEwNzE3NTFaFw0yNTEwMTEwNzE3NTFaMF8xCzAJBgNV
|
||||
BAYTAlVTMRUwEwYDVQQKDAxFeGFtcGxlIEluYy4xFDASBgNVBAsMC0VuZ2luZWVy
|
||||
aW5nMSMwIQYDVQQDDBpFeGFtcGxlIEluYy4gVFNBIFJlc3BvbmRlcjCCASIwDQYJ
|
||||
KoZIhvcNAQEBBQADggEPADCCAQoCggEBAOGcX2IkZmoa2ShecFL8Qr0WTq5xjWey
|
||||
fO+8/e5/F01eFL+eXoogo/mGyIcqavhb7a3lVzwmrBEp7iTfuFQ9mIt4kddFEJqb
|
||||
lV5SC+WOJm0KX83TOnDkdyDGLRoOUpkC3ZQKQ+/G7p0DUaF94q6rYyHGNn35lb9F
|
||||
ebqz/kGl3KOwGI+dCESDH1RSdPU1aRo/x06pYJhap6yNrJtX/7YmWQkPKGAGNavo
|
||||
R4iTr9GE6NlHhNQ4Fg0hc4F9+IU3kXmxA8TWSAhmzOcKdGUbz2ac/g6+Lgw4Am7u
|
||||
yqs78n176da3U0Eu9Obb03wCN3Yhsf1dqjsBLAD8Bn4iG44iTGrZI98CAwEAAaN4
|
||||
MHYwHwYDVR0jBBgwFoAUHD5JsO28Mf8S9jAWY+3jAlYs3eAwDAYDVR0TAQH/BAIw
|
||||
ADAWBgNVHSUBAf8EDDAKBggrBgEFBQcDCDAOBgNVHQ8BAf8EBAMCBkAwHQYDVR0O
|
||||
BBYEFAOm2MbXTrFPmDV2rgH4J7xSJ5KuMA0GCSqGSIb3DQEBCwUAA4IBAQBX9Zx0
|
||||
u2EfWRuP21RfO1uuaArbKS6qozG+1umXqPCpvf4EnZX1fielI35LLAZ/w2b+PXDZ
|
||||
y2i6vJVDLMpQwaXHpyT4wsxXtVocE/AqT6Y0dgMV4ebw8UP+o4dSWMWsaOn71TjI
|
||||
3TvSNrkCE8jgS+4Z5Tci0mBFgdnB24OL6cKaIgUcuJhHtdMQdJd/lu9kJ/nrsDsr
|
||||
7xE1iK0b8JPhNq35Gwbqq9PnOvQN1DKUWXggIlI4t+MtKVP2A+Ci6ssAWLk+rj3m
|
||||
SUAwNimBHp3l0uAVnFjp0Rg/4gdOSSNU4S+TXlcMxA1Ce8VGQR2Urb21Ebit5bS8
|
||||
tOcbGzdJkJFBo22C
|
||||
-----END CERTIFICATE-----
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIDOTCCAiGgAwIBAgIRALBI/r9Su2VPe3I1YD91PrswDQYJKoZIhvcNAQELBQAw
|
||||
NjELMAkGA1UEBhMCVVMxFTATBgNVBAoMDEV4YW1wbGUgSW5jLjEQMA4GA1UEAwwH
|
||||
Um9vdCBDQTAeFw0yNDEwMTEwNjU4NTRaFw0zNDEwMDkwNjU4NTRaMDYxCzAJBgNV
|
||||
BAYTAlVTMRUwEwYDVQQKDAxFeGFtcGxlIEluYy4xEDAOBgNVBAMMB1Jvb3QgQ0Ew
|
||||
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfVsoNWcVbT85bbjT5GLaN
|
||||
P8PI9pDgKvHJxqY9Des1osGrCV0q5gym9Z5RIAqMW1LSGUqzzfoNVOuOtS0EOWmx
|
||||
Go0drTCHt/uFFbSGXO5ghRXldFnuZglDrj6kTfVshxrMCAn+63PL6trxLNGMsyJn
|
||||
FdmFwr1h+XKzWTI151cpr45D+08oa7PwpPfQdy3E5O7ihAMu0DcebEHqE3aeUsO2
|
||||
yqauErFi3uAB9I9ormi5KLPEi6VdGc7WyDvI2x+L2bdsK2bJuA3JZVx8jqfgx6oc
|
||||
NdVkrJ4q5xa6G3z0sfFjdnFuBnaDppRDmcEFmrQUNcXNGFCuC06D2RSjxOvpwMiR
|
||||
AgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1Ud
|
||||
DgQWBBQcPkmw7bwx/xL2MBZj7eMCVizd4DANBgkqhkiG9w0BAQsFAAOCAQEAWT1T
|
||||
1179iZl0DsAh+auKOwa36YKiZyjhnSjYeUgSp776DKc8AA5VquLxfcHSBEnJzxYN
|
||||
7tlNob21XtFDAEbYNzU2siFxYRp3cbzY8HrOTgFo/npiYgHfAnYtAv3pwOb8AvrG
|
||||
J7+KBOlXG4RXk10CiwhR63c0QPtnQxe93I4R2m5FCq7hDw1tMzoImPHeHi/xEXNb
|
||||
3uMQV5esrIwJlZ/eihCWQ0Hu47RDzb0ooAj6pKEdKBj5ZPy7h5p3/cdCZmtvcfSc
|
||||
s5iRF/c2rcyAfssFpJs2/KWl77pQBsJl7oxdlwJjSQ7/Hsv51yYjs0Cj0oLt8tS9
|
||||
W+afHq4oRaAXFKgRBA==
|
||||
-----END CERTIFICATE-----
|
||||
84
resources/dev-certificate/tsa/tsa.crt
Normal file
84
resources/dev-certificate/tsa/tsa.crt
Normal file
@@ -0,0 +1,84 @@
|
||||
Certificate:
|
||||
Data:
|
||||
Version: 3 (0x2)
|
||||
Serial Number:
|
||||
b0:48:fe:bf:52:bb:65:4f:7b:72:35:60:3f:75:3e:bc
|
||||
Signature Algorithm: sha256WithRSAEncryption
|
||||
Issuer: C=US, O=Example Inc., CN=Root CA
|
||||
Validity
|
||||
Not Before: Oct 11 07:17:51 2024 GMT
|
||||
Not After : Oct 11 07:17:51 2025 GMT
|
||||
Subject: C=US, O=Example Inc., OU=Engineering, CN=Example Inc. TSA Responder
|
||||
Subject Public Key Info:
|
||||
Public Key Algorithm: rsaEncryption
|
||||
Public-Key: (2048 bit)
|
||||
Modulus:
|
||||
00:e1:9c:5f:62:24:66:6a:1a:d9:28:5e:70:52:fc:
|
||||
42:bd:16:4e:ae:71:8d:67:b2:7c:ef:bc:fd:ee:7f:
|
||||
17:4d:5e:14:bf:9e:5e:8a:20:a3:f9:86:c8:87:2a:
|
||||
6a:f8:5b:ed:ad:e5:57:3c:26:ac:11:29:ee:24:df:
|
||||
b8:54:3d:98:8b:78:91:d7:45:10:9a:9b:95:5e:52:
|
||||
0b:e5:8e:26:6d:0a:5f:cd:d3:3a:70:e4:77:20:c6:
|
||||
2d:1a:0e:52:99:02:dd:94:0a:43:ef:c6:ee:9d:03:
|
||||
51:a1:7d:e2:ae:ab:63:21:c6:36:7d:f9:95:bf:45:
|
||||
79:ba:b3:fe:41:a5:dc:a3:b0:18:8f:9d:08:44:83:
|
||||
1f:54:52:74:f5:35:69:1a:3f:c7:4e:a9:60:98:5a:
|
||||
a7:ac:8d:ac:9b:57:ff:b6:26:59:09:0f:28:60:06:
|
||||
35:ab:e8:47:88:93:af:d1:84:e8:d9:47:84:d4:38:
|
||||
16:0d:21:73:81:7d:f8:85:37:91:79:b1:03:c4:d6:
|
||||
48:08:66:cc:e7:0a:74:65:1b:cf:66:9c:fe:0e:be:
|
||||
2e:0c:38:02:6e:ee:ca:ab:3b:f2:7d:7b:e9:d6:b7:
|
||||
53:41:2e:f4:e6:db:d3:7c:02:37:76:21:b1:fd:5d:
|
||||
aa:3b:01:2c:00:fc:06:7e:22:1b:8e:22:4c:6a:d9:
|
||||
23:df
|
||||
Exponent: 65537 (0x10001)
|
||||
X509v3 extensions:
|
||||
X509v3 Authority Key Identifier:
|
||||
1C:3E:49:B0:ED:BC:31:FF:12:F6:30:16:63:ED:E3:02:56:2C:DD:E0
|
||||
X509v3 Basic Constraints: critical
|
||||
CA:FALSE
|
||||
X509v3 Extended Key Usage: critical
|
||||
Time Stamping
|
||||
X509v3 Key Usage: critical
|
||||
Non Repudiation
|
||||
X509v3 Subject Key Identifier:
|
||||
03:A6:D8:C6:D7:4E:B1:4F:98:35:76:AE:01:F8:27:BC:52:27:92:AE
|
||||
Signature Algorithm: sha256WithRSAEncryption
|
||||
Signature Value:
|
||||
57:f5:9c:74:bb:61:1f:59:1b:8f:db:54:5f:3b:5b:ae:68:0a:
|
||||
db:29:2e:aa:a3:31:be:d6:e9:97:a8:f0:a9:bd:fe:04:9d:95:
|
||||
f5:7e:27:a5:23:7e:4b:2c:06:7f:c3:66:fe:3d:70:d9:cb:68:
|
||||
ba:bc:95:43:2c:ca:50:c1:a5:c7:a7:24:f8:c2:cc:57:b5:5a:
|
||||
1c:13:f0:2a:4f:a6:34:76:03:15:e1:e6:f0:f1:43:fe:a3:87:
|
||||
52:58:c5:ac:68:e9:fb:d5:38:c8:dd:3b:d2:36:b9:02:13:c8:
|
||||
e0:4b:ee:19:e5:37:22:d2:60:45:81:d9:c1:db:83:8b:e9:c2:
|
||||
9a:22:05:1c:b8:98:47:b5:d3:10:74:97:7f:96:ef:64:27:f9:
|
||||
eb:b0:3b:2b:ef:11:35:88:ad:1b:f0:93:e1:36:ad:f9:1b:06:
|
||||
ea:ab:d3:e7:3a:f4:0d:d4:32:94:59:78:20:22:52:38:b7:e3:
|
||||
2d:29:53:f6:03:e0:a2:ea:cb:00:58:b9:3e:ae:3d:e6:49:40:
|
||||
30:36:29:81:1e:9d:e5:d2:e0:15:9c:58:e9:d1:18:3f:e2:07:
|
||||
4e:49:23:54:e1:2f:93:5e:57:0c:c4:0d:42:7b:c5:46:41:1d:
|
||||
94:ad:bd:b5:11:b8:ad:e5:b4:bc:b4:e7:1b:1b:37:49:90:91:
|
||||
41:a3:6d:82
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIDmDCCAoCgAwIBAgIRALBI/r9Su2VPe3I1YD91PrwwDQYJKoZIhvcNAQELBQAw
|
||||
NjELMAkGA1UEBhMCVVMxFTATBgNVBAoMDEV4YW1wbGUgSW5jLjEQMA4GA1UEAwwH
|
||||
Um9vdCBDQTAeFw0yNDEwMTEwNzE3NTFaFw0yNTEwMTEwNzE3NTFaMF8xCzAJBgNV
|
||||
BAYTAlVTMRUwEwYDVQQKDAxFeGFtcGxlIEluYy4xFDASBgNVBAsMC0VuZ2luZWVy
|
||||
aW5nMSMwIQYDVQQDDBpFeGFtcGxlIEluYy4gVFNBIFJlc3BvbmRlcjCCASIwDQYJ
|
||||
KoZIhvcNAQEBBQADggEPADCCAQoCggEBAOGcX2IkZmoa2ShecFL8Qr0WTq5xjWey
|
||||
fO+8/e5/F01eFL+eXoogo/mGyIcqavhb7a3lVzwmrBEp7iTfuFQ9mIt4kddFEJqb
|
||||
lV5SC+WOJm0KX83TOnDkdyDGLRoOUpkC3ZQKQ+/G7p0DUaF94q6rYyHGNn35lb9F
|
||||
ebqz/kGl3KOwGI+dCESDH1RSdPU1aRo/x06pYJhap6yNrJtX/7YmWQkPKGAGNavo
|
||||
R4iTr9GE6NlHhNQ4Fg0hc4F9+IU3kXmxA8TWSAhmzOcKdGUbz2ac/g6+Lgw4Am7u
|
||||
yqs78n176da3U0Eu9Obb03wCN3Yhsf1dqjsBLAD8Bn4iG44iTGrZI98CAwEAAaN4
|
||||
MHYwHwYDVR0jBBgwFoAUHD5JsO28Mf8S9jAWY+3jAlYs3eAwDAYDVR0TAQH/BAIw
|
||||
ADAWBgNVHSUBAf8EDDAKBggrBgEFBQcDCDAOBgNVHQ8BAf8EBAMCBkAwHQYDVR0O
|
||||
BBYEFAOm2MbXTrFPmDV2rgH4J7xSJ5KuMA0GCSqGSIb3DQEBCwUAA4IBAQBX9Zx0
|
||||
u2EfWRuP21RfO1uuaArbKS6qozG+1umXqPCpvf4EnZX1fielI35LLAZ/w2b+PXDZ
|
||||
y2i6vJVDLMpQwaXHpyT4wsxXtVocE/AqT6Y0dgMV4ebw8UP+o4dSWMWsaOn71TjI
|
||||
3TvSNrkCE8jgS+4Z5Tci0mBFgdnB24OL6cKaIgUcuJhHtdMQdJd/lu9kJ/nrsDsr
|
||||
7xE1iK0b8JPhNq35Gwbqq9PnOvQN1DKUWXggIlI4t+MtKVP2A+Ci6ssAWLk+rj3m
|
||||
SUAwNimBHp3l0uAVnFjp0Rg/4gdOSSNU4S+TXlcMxA1Ce8VGQR2Urb21Ebit5bS8
|
||||
tOcbGzdJkJFBo22C
|
||||
-----END CERTIFICATE-----
|
||||
1
resources/dev-certificate/tsa_serial
Normal file
1
resources/dev-certificate/tsa_serial
Normal file
@@ -0,0 +1 @@
|
||||
08
|
||||
Reference in New Issue
Block a user