Skip to content
OpenSSL frontend for the Trusted Execution Module
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Failed to load latest commit information.
bin
lib
test
.gitignore
.project
CHANGELOG
LICENSE
Manifest
README
Rakefile
tem_openssl.gemspec

README

This is a tool for the TEM-based OpenSSL engine.

Running coverage tests:
gem install rcov
rcov -Ilib test/*.rb

Implemented commands (the format is supposed to be compatible with the "openssl"
tool):

openssl_tem reset
Resets the TEM to a working state. The TEM applet is reinitialized, and the TEM
is emitted. All key material and state on TEM is lost.

openssl_tem rsagen 2048 -out key.temkey
Generates a RSA key pair on the TEM (the size is ignored), outputs the TEM-bound
key pair to "key.temkey".

openssl_tem rsa -in key.temkey -out key.pem -pubout
Extracts the public key from a TEM-bound key pair, outputs it in PEM format to
"key.pem"

openssl_tem rsautl -encrypt -in plain.txt -inkey key.pem -out crypted.txt -pkcs
Encrypts the data in "plain.txt" using the PEM public key (or public key in a
TEM-bound key pair) in "key.pem". PKCS#1 padding is always used.

openssl_tem rsautl -decrypt -in crypted.txt -inkey key.temkey -out plain2.txt -pkcs
Decrypts the data in "crypted.txt" using TEM-bound key pair in "key.temkey".
PKCS#1 padding is always used.

openssl_tem rsautl -xsign -in plain.txt -inkey key.temkey -out signature.txt -pkcs
Signs the data in "plain.txt" using the TEM-bound key pair in "key.temkey".
PKCS#1 padding over a SHA-1 message digest of the data is always used.

openssl_tem rsautl -xverify -in signature.txt -inkey key.pem -indata plain.txt -out verif.txt -pkcs
Verifies that "signature.txt" was produced by signing the data in "plain.txt"
using the TEM-bound key with the PEM public key in "key.pem". PKCS#1 padding
over a SHA-1 of the data is always used. The output is "true" or "false".
Something went wrong with that request. Please try again.