Basic glossary about Cryptography

AES "Advanced Encryption Standard". Block cipher technique.
https://en.wikipedia.org/wiki/Advanced_Encryption_Standard
https://www.google.com/search?ei=-WL-XLWPDMLlgweo7bmgAw&q=AES+C%2B%2B+source+code+site%3Aedu&oq=AES+C%2B%2B+source+code+site%3Aedu&gs_l=psy-ab.3..0i71l8.0.0..58437...0.0..0.0.0.......0......gws-wiz.-ZMf-Hyi1aw
ASN_1 ASN.1. See "DER".
https://en.wikipedia.org/wiki/Abstract_Syntax_Notation_One
https://www.openssl.org/docs/man1.0.2/man1/openssl-asn1parse.html
Asymmetric cryptography Criptografía asimétrica. Asymmetric cryptography or public key cryptography.
https://en.wikipedia.org/wiki/Public-key_cryptography
AutoFirma Software to sign files with DNIE. It can generate CAdES signatures.
https://firmaelectronica.gob.es/Home/Descargas
autoridad de sellado de tiempo
https://es.wikipedia.org/wiki/Autoridad_de_sellado_de_tiempo
Base64 Printable format to represent binary data.
https://en.wikipedia.org/wiki/Base64
BER "Basic Encoding Rules". See also "CER" and "DER".
CA "Certification Authority". Autoridad de Certificación.
https://globalsign.com
https://digicert.com
https://godaddy.com
https://letsencrypt.org
http://cacert.org
CAdES signature It can be generated with the software AutoFirma.
https://firmaelectronica.gob.es/Home/en/Ciudadanos/Formatos-Firma.html
CER "Canonical Encoding Rules". See also "BER" and "DER".
certificate Un certificado es básicamente un fichero con algunos datos de un sujeto (Subject) junto con la clave pública de dicho sujeto, todo ello firmado con la clave privada de un emisor (Issuer). Estos certificados pueden publicarse. Hay otro tipo de certificados que contienen además la clave privada del sujeto que no deben publicarse (la clave privada debería ser usada solamente por el sujeto).
To get the certificate from a SSL website (https://FQDN/..), we can use the following.
openssl s_client -connect FQDN:443 < /dev/null 2> /dev/null | openssl x509 > CERTIFICATE.crt
To show the certificate:
openssl x509 -in CERTIFICATE.crt -text
openssl x509 -in CERTIFICATE.crt -text -noout
certificate, self signed Certificado autofirmado.
https://gist.github.com/fntlnz/cf14feb5a46b2eda428e000157447309
certlm_msc certlm.msc. Programa para gestionar los certificados del contenedor de certificados local de Windows.
certmgr_msc certmgr.msc. Programa para gestionar los certificados del contenedor de certificados de usuario de Windows.
certutil Programa que permite mostrar información de un certificado, incluyendo la fecha de caducidad del certificado.
certutil -dump certificate.pfx
clave privada Private key. Ver "criptografía asimétrica".
clave pública Public key. Ver "criptografía asimétrica".
clave pública, criptografía de Public key cryptography. Criptografía de clave pública o criptografía asimétrica. Ver "criptografía asimétrica".
code signing certificate Certificado de firma de código.
https://www.google.com/search?biw=1920&bih=916&ei=ni_6XPGNG4noUeGEqYAG&q=code+signing+certificate&oq=code+signing+certificate&gs_l=psy-ab.3..0i71l8.0.0..3876...0.0..0.0.0.......0......gws-wiz.ekDwlEppnAY
CP "Certificate Policy".
https://en.wikipedia.org/wiki/Certificate_policy
CPS "Certification Practice Statement".
https://en.wikipedia.org/wiki/Certification_Practice_Statement
criptografía asimétrica Criptografía asimétrica, Criptografía de clave pública (Public key cryptography) o Criptografía de dos claves​ (Two-key cryptography).
https://es.wikipedia.org/wiki/Criptograf%C3%ADa_asim%C3%A9trica
CRL "Certificate Revocation List". Lista de revocación de certificados. X.509 defines one method of certificate revocation. This method involves each CA periodically issuing a signed data structure called a certificate revocation list (CRL). A CRL is a time stamped list identifying revoked certificates which is signed by a CA and made freely available in a public repository. Each revoked certificate is identified in a CRL by its certificate serial number. When a certificate-using system uses a certificate (e.g., for verifying a remote user's digital signature), that system not only checks the certificate signature and validity but also acquires a suitably-recent CRL and checks that the certificate serial number is not on that CRL. The meaning of "suitably-recent" may vary with local policy, but it usually means the most recently-issued CRL. See also "OSCP".
https://en.wikipedia.org/wiki/Certificate_revocation_list
CSR "Certificate Signing Request". The most common format for CSRs is defined in standard PKCS#10. See "X.509".
openssl req -new -key xformulas.net.key -subj \"/C=ES/ST=Madrid/L=Madrid/O=XFORMULAS.NET/OU=https:\/\/fb.com\/erg2332/CN=Eduardo Reyes (erg2332@gmail.com, erg2332@hotmail.com)\" -out xformulas.net.csr // CREA FICHERO CSR (FORMATO PEM)
// Country Name (2 letter code) [AU]:ES
// State or Province Name (full name) [Some-State]:Madrid
// Locality Name (eg, city) []:Madrid
// Organization Name (eg, company) [Internet Widgits Pty Ltd]:Eduardo Reyes (erg2332@gmail.com, erg2332@hotmail.com)
// Organizational Unit Name (eg, section) []:https://fb.com/erg2332
// Common Name (e.g. server FQDN or YOUR name) []:Eduardo Reyes (erg2332@gmail.com, erg2332@hotmail.com)
// arbitrary fields in X.509 certificates
https://en.wikipedia.org/wiki/Certificate_signing_request
https://www.openssl.org/docs/man1.0.2/man1/openssl-req.html
DER "Distinguished Encoding Rules". It is a binary format based in ASN.1 and used, for example, for CSR files. The DER files can be represented in plain text (Base64) using the PEM format. See also "BER" and "CER".
DES "Data Encryption Standard". Block cipher technique.
https://en.wikipedia.org/wiki/Data_Encryption_Standard
DNIE DNI Electrónico (Spain).
https://www.dnielectronico.es/
ECC "Elliptic Curve Cryptography". Criptografía de curva elíptica. It can be used instead of RSA.
https://en.wikipedia.org/wiki/Elliptic-curve_cryptography
https://www.google.com/search?sxsrf=ACYBGNQjJ9j8FdotbeAHRZhTsveXs_AocA%3A1574768989923&source=hp&ei=XRHdXZOuNaq_lwSpkLzQDg&q=%22Elliptic+Curve+Cryptography%22+site%3Aedu+filetype%3Apdf&oq=%22Elliptic+Curve+Cryptography%22+site%3Aedu+filetype%3Apdf&gs_l=psy-ab.3...2386.2386..8477...1.0..0.59.59.1......0....2j1..gws-wiz.4P5bOU-ho8Y&ved=0ahUKEwjT0PrR54fmAhWq34UKHSkID-oQ4dUDCAU&uact=5
ECC 256
ECC 384
Google Domains Google Domains is a domain registration service offered by Google.
https://domains.google/
https://en.wikipedia.org/wiki/Google_Domains
Hash function
HTTPS "Hypertext Transfer Protocol Secure".
https://en.wikipedia.org/wiki/HTTPS
https://developers.google.com/web/fundamentals/security/encrypt-in-transit/enable-https
IPsec "Internet Protocol Security".
https://en.wikipedia.org/wiki/IPsec
jarsigner Java tool to sign and verify jar files. See keytool.
// Sign jar
jarsigner -storetype pkcs12 -keystore CERTIFICATE.pfx -storepass "STORE_PWD" .\FILE.jar "ALIAS"
jarsigner -storetype pkcs12 -keystore xformulas.net.pfx -storepass "STORE_PWD" gas_app.jar "1"
jarsigner -tsa http://timestamp.digicert.com -keystore "C:\Program Files\Java\jre1.8.0_192\lib\security\cacerts" -storepass "STORE_PWD" .\FILE.jar "ALIAS"
jarsigner -tsa http://timestamp.digicert.com -keystore "C:\Program Files\Java\jre1.8.0_192\lib\security\cacerts" -storepass "STORE_PWD" -keypass "PWD" -digestalg SHA-256 .\FILE.jar "ALIAS"
// Verify signed jar
jarsigner -verify .\FILE.jar
jarsigner -verify gas_app.jar
jarsigner -verify -verbose .\FILE.jar
jarsigner -verify -verbose gas_app.jar
jarsigner -verify -verbose -certs .\FILE.jar
jarsigner -verify -verbose -certs gas_app.jar
"PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target"
If you get this warning, see keytool.
key, public To get the public key from a certificate we can use the following command.
openssl x509 -pubkey -noout -in CERTIFICATE.crt > PUBLIC.key
keytool Java tool to manage certificates of the Java keystore. See jarsigner.
// Import CA certificate (ERG2332.crt)
keytool -importcert -trustcacerts -alias "CA_ALIAS" -file CA_CERTIFICATE.crt -keystore "C:\Program Files\Java\jre1.8.0_192\lib\security\cacerts"
keytool -importcert -trustcacerts -alias "erg2332" -file ERG2332.crt -keystore "C:\Program Files\Java\jre1.8.0_192\lib\security\cacerts"
"Certificate was added to the keystore" BUT NOT AS a CA certificate (ALTHOUGH I HAVE USED THE PARAMETER "-trustcacerts")
"jarsigner -verify FILE.jar" says:
"PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target"
In theory, the signed jar contains the certificate "xformulas.net.crt", and "xformulas.net.crt" is signed with the private key corresponding to "ERG2332.crt" (certificate configurable as CA certificate according to cryptographic tools of OPENSSL and MICROSOFT).
This works without problems, for example, with OPENSSL. Also, using the same incoming file ERG2332.crt and the tools certmgr.msc and certlm.msc of MICROSFT, I can see the new CA corresponding to "ERG2332.crt", and I can see the .exe files signed correctly in the tab "Digital Signatures" of their properties in Windows.
I am still looking for the solution to this problem. The help page of this option of keytool does not show information related to this problem.
keytool -importcert -help
// Import certificate (signed by a CA)
keytool -importcert -file CERTIFICATE.crt -keystore "C:\Program Files\Java\jre1.8.0_192\lib\security\cacerts" -alias "ALIAS"
keytool -importcert -file xformulas.net.crt -keystore "C:\Program Files\Java\jre1.8.0_192\lib\security\cacerts" -alias "xformulas_net" [THIS SHOULD NOT BE NECESSARY, BECAUSE (IN THEORY) THE XFORMULAS CERTIFICATE (SIGNED BY ERG2332) IS INCLUDED IN THE JAR FILES]
// Delete certificate with alias "erg2332" from the keystore ("C:\Program Files\Java\jre1.8.0_192\lib\security\cacerts")
keytool -delete -alias "erg2332" -keystore "C:\Program Files\Java\jre1.8.0_192\lib\security\cacerts"
keytool -delete -alias "erg2332" -keystore "C:\Program Files\Java\jre1.8.0_192\lib\security\cacerts" -storepass "STORE_PWD"
// Show all the certificates of the Java keystore ("C:\Program Files\Java\jre1.8.0_192\lib\security\cacerts") and their aliases
keytool -list -v -keystore "C:\Program Files\Java\jre1.8.0_192\lib\security\cacerts"
keytool -list -v -keystore "C:\Program Files\Java\jre1.8.0_192\lib\security\cacerts" -alias "ALIAS"
// Show the certificate of a .pfx file and its alias
keytool -list -v -storetype pkcs12 -keystore CERTIFICATE.pfx
// Change Java keystore password
keytool -storepasswd -keystore "C:\Program Files\Java\jre1.8.0_192\lib\security\cacerts"
MD5 Es un tipo de hash.
openssl dgst -md5 FILE
NIST "National Institute of Standards and Technology".
https://www.nist.gov/topics/cryptography
OCSP "Online Certificate Status Protocol".
https://en.wikipedia.org/wiki/Online_Certificate_Status_Protocol
https://tools.ietf.org/html/rfc2560
https://tools.ietf.org/html/rfc6960
OCSP responder OSCP server with OpenSSL:
openssl ocsp -index demoCA/index.txt -port 8888 -rsigner rcert.pem -CA demoCA/cacert.pem -text -out log.txt
-index file: certificate status index file
-port num: port to run responder on
-rsigner file: responder certificate to sign responses with
-CA file: CA certificate
-text: print text form of request and response
-out file: output filename
https://www.openssl.org/docs/man1.1.1/man1/ocsp.html
https://www.google.com/search?sxsrf=ACYBGNSfjnOOVvCEBHRuiutY3TtWSZFFlg%3A1575542150446&source=hp&ei=ht3oXcu0GMOEjLsPp_m1mAs&q=openssl+ocsp+index+indexfile+format&oq=openssl+ocsp+index+indexfile+format&gs_l=psy-ab.3..35i39.1569.1569..2018...1.0..0.69.69.1......0....2j1..gws-wiz.wz9w_wrAMyY&ved=0ahUKEwjLj9Dxp57mAhVDAmMBHad8DbMQ4dUDCAU&uact=5
OpenSSL OpenSSL is a robust, commercial-grade, and full-featured toolkit for the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols. It is also a general-purpose cryptography library.
https://www.openssl.org/
https://slproweb.com/products/Win32OpenSSL.html
openssl version -a
openssl genrsa -out ERG.key 2048 // CREA CLAVES RSA PUBLICA Y PRIVADA EN UN FICHERO
openssl rsa -text -in ERG.key -noout // DECODIFICA Y MUESTRA CLAVES
openssl rsa -in ERG.key -pubout -out ERG_PUBLIC.key // CREA FICHERO SOLO CON LA CLAVE PUBLICA
openssl rsa -in ERG.key -out ERG_PRIVATE.key // CREA FICHERO SOLO CON LA CLAVE PRIVADA
openssl req -x509 -new -nodes -key ERG.key -sha256 -days 710 -subj \"/C=ES/ST=Madrid/L=Madrid/O=Eduardo Reyes (erg2332@gmail.com, erg2332@hotmail.com)/OU=https:\/\/fb.com\/erg2332/CN=Eduardo Reyes (erg2332@gmail.com, erg2332@hotmail.com)\" -out ERG.crt // CREA CERTIFICADO
// Country Name (2 letter code) [AU]:ES
// State or Province Name (full name) [Some-State]:Madrid
// Locality Name (eg, city) []:Madrid
// Organization Name (eg, company) [Internet Widgits Pty Ltd]:Eduardo Reyes (erg2332@gmail.com, erg2332@hotmail.com)
// Organizational Unit Name (eg, section) []:https://fb.com/erg2332
// Common Name (e.g. server FQDN or YOUR name) []:Eduardo Reyes (erg2332@gmail.com, erg2332@hotmail.com)
openssl x509 -in ERG.crt -text // MUESTRA DATOS DEL CERTIFICADO
////
openssl genrsa -out xformulas.net.key 2048 // CREA CLAVES RSA PUBLICA Y PRIVADA EN UN FICHERO
openssl rsa -text -in xformulas.net.key -noout // DECODIFICA Y MUESTRA CLAVES
openssl rsa -in xformulas.net.key -pubout -out xformulas.net_public.key // CREA FICHERO SOLO CON LA CLAVE PUBLICA
openssl rsa -in xformulas.net.key -out xformulas.net_private.key // CREA FICHERO SOLO CON LA CLAVE PRIVADA
openssl req -new -key xformulas.net.key -subj \"/C=ES/ST=Madrid/L=Madrid/O=XFORMULAS.NET/OU=https:\/\/fb.com\/erg2332/CN=Eduardo Reyes (erg2332@gmail.com, erg2332@hotmail.com)\" -out xformulas.net.csr // CREA FICHERO CSR (FORMATO PEM)
// Country Name (2 letter code) [AU]:ES
// State or Province Name (full name) [Some-State]:Madrid
// Locality Name (eg, city) []:Madrid
// Organization Name (eg, company) [Internet Widgits Pty Ltd]:XFORMULAS.NET
// Organizational Unit Name (eg, section) []:https://fb.com/erg2332
// Common Name (e.g. server FQDN or YOUR name) []:Eduardo Reyes (erg2332@gmail.com, erg2332@hotmail.com)
openssl req -text -in xformulas.net.csr -noout -verify // VERIFICA Y MUESTRA LOS DATOS DEL CSR
////
openssl x509 -req -in xformulas.net.csr -CA ERG.crt -CAkey ERG.key -CAcreateserial -out xformulas.net.crt -days 710 -sha256 // CREA CERTIFICADO .crt FIRMADO POR CA CON EL FICHERO .csr (también crea ERG.srl)
openssl x509 -in xformulas.net.crt -text // MUESTRA DATOS DEL CERTIFICADO
openssl pkcs12 -export -inkey xformulas.net_private.key -in xformulas.net.crt -out xformulas.net.pfx // CREA CERTIFICADO EN FORMATO .pfx A PARTIR DE CERTIFICADO .crt (se pide contraseña "pwd")
//openssl pkcs12 -export -inkey xformulas.net_private.key -in xformulas.net.crt -certfile more_certificates.crt -out xformulas.net.pfx // CREA CERTIFICADO EN FORMATO .pfx A PARTIR DE CERTIFICADO .crt (se pide contraseña "pwd") incluyendo more_certificates.crt [SEE_THIS]
openssl pkcs12 -help
////
openssl s_client -connect xformulas.net:443 < /dev/null 2> /dev/null | openssl x509 -pubkey -noout > PUBLIC_KEY.txt // obtiene la clave pública del certificado SSL del sitio web (https) xformulas.net
openssl s_client -connect xformulas.net:443 < /dev/null 2> /dev/null | openssl x509 > CERTIFICADO.crt // obtiene el certificado (SSL) del sitio web (https) xformulas.net
openssl x509 -in CERTIFICADO.crt -text -noout // MUESTRA DATOS DEL CERTIFICADO
PEM "Privacy-enhanced Electronic Mail". It is a Base64 format. For example, the files with "-----BEGIN CERTIFICATE-----" and "-----END CERTIFICATE-----" have this format.
pfx certificate Tipo de certificado que se puede usar para firmar código en Windows.
PKCS "Public Key Cryptography Standards".
https://en.wikipedia.org/wiki/PKCS
PKCS#10 Standard. It defines the main binary format of CSR files, DER, that is based in ASN.1. These binary files can be represented in plain text using the PEM format.
PKI Public Key Infrastructure. Infraestructura de clave pública. Sistema para distribuir y gestionar claves públicas de manera segura. Elementos: certificados, autoridad de certificación, mecanismo de almacenamiento, mecanismo de distribución, mecanismo de revocación de certificados.
private key Clave privada. See "asymmetric cryptography".
public key Clave pública. See "asymmetric cryptography".
public key cryptography Criptografía de clave pública. Asymmetric cryptography or public key cryptography.
https://en.wikipedia.org/wiki/Public-key_cryptography
RSA The RSA cryptosystem is the most widely-used public key cryptography algorithm in the world.
https://en.wikipedia.org/wiki/RSA_(cryptosystem)
https://www.di-mgt.com.au/rsa_alg.html
RSA 2048 RSA 2048.
RSA 4096
S/MIME certificate Usados para servicios de correo electrónico firmado y cifrado, que se expiden generalmente a una persona física.
sellado de tiempo confiable Se debe usar para firmar ejecutables para Windows y que la firma aparezca convenientemente en las propiedades del fichero ejecutable, en la solapa "Digital Signatures". Ver también "TSA".
Si una persona ajena descubre la clave privada asociada al certificado de un sujeto, el sujeto debería poder invalidar el certificado (revocarlo) a partir de ese momento. Si el certificado es revocado, existe la posibilidad de que no sea posible probar que un documento (o un ejecutable) ha sido firmado o cifrado con la clave privada asociada al certificado antes de ser revocado el certificado. Para evitar esa posibilidad se usa el sellado de tiempo confiable.
* Creación de estampa de tiempo confiable:
El usuario envía el hash de la información original (hash 1) a la TSA.
La TSA añade al hash 1 la fecha y la hora, y calcula para el conjunto otro hash (hash 2).
La TSA crea su firma del conjunto cifrando el hash 2 con su clave privada.
La TSA envía de vuelta al usuario la fecha y hora y la firma.
El usuario almacena la fecha y hora y la firma junto con la información original.
* Verificación posterior:
Descifrando la firma de la TSA con el certificado de la TSA se obtiene el hash 2.
Con la información original se vuelve a calcular el hash 1.
Con la fecha y hora almacenada anteriormente y el hash 1 el usuario calcula el hash del conjunto, que debe coincidir con el hash 2 almacenado y procedente de la TSA.
https://es.wikipedia.org/wiki/Sellado_de_tiempo_confiable
https://en.wikipedia.org/wiki/Trusted_timestamping
SHA Es un tipo de hash.
SHA-1 SHA-1
SHA-256 SHA-256. Es un tipo de hash.
openssl dgst -sha256 FILE
SHA-384
Signature, digital See also the software AutoFirma to generate signatures with the DNIE.
openssl dgst -sha256 -sign PRIVATE.key -out SIGNATURE FILE // crea fichero SIGNATURE conteniendo la firma del fichero FILE usando PRIVATE.key
openssl dgst -sha256 -verify PUBLIC.key -signature SIGNATURE FILE // verifica que el fichero SIGNATURE es la firma del fichero FILE usando PUBLIC.key
SignTool Herramienta que permite firmar ejecutables en Windows.
// SIGN ejecutable.exe WITH .pfx CERTIFICATE PROTECTED WITH PASSWORD "pwd"
// set Path=%Path%;C:\Program Files (x86)\Microsoft SDKs\ClickOnce\SignTool
// signtool sign /f certificate.pfx /p "pwd" ejecutable.exe // FIRMA ejecutable.exe CON EL CERTIFICADO certificate.pfx PROTEGIDO CON CONTRASEÑA "pwd"
signtool sign /debug /f certificate.pfx /p "pwd" ejecutable.exe // FIRMA ejecutable.exe CON EL CERTIFICADO certificate.pfx PROTEGIDO CON CONTRASEÑA "pwd" (el parámetro "debug" muestra más información si no se puede realizar la operación)
////
signtool sign /n "REYES GUZMAN, EDUARDO (FIRMA)" ejecutable.exe // firma ejecutable.exe con el DNI ELECTRÓNICO (se pide el pin del DNI ELECTRÓNICO)
signtool sign /n "xformulas.net" ejecutable.exe // firma ejecutable con el certificado "xformulas.net" del contenedor de certificados (ver certmgr.msc)
////
"SignTool Error: No certificates were found that met all the given criteria."
https://docs.microsoft.com/en-us/dotnet/framework/tools/signtool-exe
https://docs.microsoft.com/es-es/dotnet/framework/tools/signtool-exe
https://stackoverflow.com/questions/22946399/signtool-error-no-certificates-were-found-that-met-all-given-criteria-with-a-wi
Using a TSA:
signtool.exe sign /f certificate.pfx /p "pwd" /tr http://timestamp.digicert.com ejecutable.exe
signtool.exe sign /f certificate.pfx /p "pwd" /fd sha256 /tr http://timestamp.digicert.com ejecutable.exe
https://knowledge.digicert.com/solution/SO17631.html
SSH "Secure Shell".
https://en.wikipedia.org/wiki/Secure_Shell
SSL "Secure Sockets Layer".
SSL certificate Usado habitualmente para tener un sitio web seguro (HTTPS). Ver HTTPS.
SSLCertificateFile Directiva de Apache HTTP Server. Indica el fichero de certificado X.509 codificado con formato PEM de un servidor web.
SSLCertificateKeyFile Directiva de Apache HTTP Server. Fichero de clave privada codificada en formato PEM.
time-stamp token
TLS "Transport Layer Security".
https://en.wikipedia.org/wiki/Transport_Layer_Security
Triple DES Block cipher technique.
https://en.wikipedia.org/wiki/Triple_DES
https://xformulas.net/images/Triple_DES.jpg
TSA "Time Stamp Authority". See also "TSP".
https://en.wikipedia.org/wiki/Trusted_timestamping
https://www.openssl.org/docs/man1.1.1/man1/ts.html (server functionality not found)
https://www.google.com/search?sxsrf=ACYBGNTL1EbmENuqTEr1RTMsdF6SgS7WRg%3A1575548286594&source=hp&ei=fvXoXfSzIImdlwSrhJDgDA&q=rfc3161+server&oq=rfc3161+server&gs_l=psy-ab.3..35i39l3j0i22i30.1077.1077..1539...1.0..0.64.64.1......0....2j1..gws-wiz.HNmFh6XSi0Y&ved=0ahUKEwj06sffvp7mAhWJzoUKHSsCBMwQ4dUDCAU&uact=5
https://www.google.com/search?sxsrf=ACYBGNSjo0gy__aMKcrc-PGC_xOjXjmTYA%3A1575548958862&source=hp&ei=HvjoXafIMZLYaOOiihg&q=servidor+rfc3161+site%3Aes&oq=servidor+rfc3161+site%3Aes&gs_l=psy-ab.3...900.900..1823...1.0..0.56.56.1......0....2j1..gws-wiz.CuoUUsNyvtc&ved=0ahUKEwinz5CgwZ7mAhUSLBoKHWORAgMQ4dUDCAU&uact=5
TSP "Time Stamp Protocol".
https://en.wikipedia.org/wiki/Time_stamp_protocol
https://tools.ietf.org/html/rfc3161
TTP "Trusted Third Party". See also "TSA".
VALIDe To verify CAdES signatures created with DNIE.
https://valide.redsara.es/
X_509 X.509. Standard defining the format of public key certificates.
https://en.wikipedia.org/wiki/X.509
https://www.openssl.org/docs/man1.0.2/man1/openssl-x509.html
XOR cipher Example with C++ code.
https://xformulas.net/source_code/cpp/xor_cipher.cpp.php

Generated on 20191209_101436