smime.html

<title>SMIME Utility</title>
<H1>SMIME Utility Home Page</H1>
<i>12.12.2010, Sampo Kellomäki (sampo@iki.fi)</i>

<ul>

<li>Newest is <b>0.7</b>, dated 19991117

<li> <a href="ftp://ftp.funet.fi/pub/languages/perl/CPAN/authors/id/SAMPO/smime-0.7.tgz">Download 0.7 from CPAN</a> (ftp.funet.fi:/pub/languages/perl/CPAN/authors/id/SAMPO/smime-0.7.tgz) (works with openssl-0.9.8g, does not work with openssl-1.0.0)

<li> Newer versions are distributed as part of ZXID, see <a href="http://zxid.org/">http://zxid.org/</a>

</ul>

<pre>
Smime tool is a set of utilities for doing smime signatures as well as
basic key generation and certificate authority functions. It does

        - sign and encrypt email and other S/MIME messages
        - verify signatures and decrypt messages
        - generate keys, certification requests, and self signed certificates
        - certificate authority: sign certificate requests into certificates
        - convert pem format to and from PKCS12 (allows importing and
          exporting keys to and from Netscape (and probably Outlook Express))
        - interoperates with Netscape mail reader, will probably interoperate
          with Outlook Express
        - standards compliant uses S/MIME, PKCS12, and pem

Included in the package

        - smime command line tool
        - smimeutil library (written in C)
        - perl module to access all of the above functionality (SMIMEUtil::)
        - tutorial (the README file)
        - documentation (the simeutil.h file ;-)

Applications

        - provide smime capability for popular mail readers, such as elm,
          pine, or mh
        - CGI scripts that send S/MIME mail
        - Mail processing robots that read S/MIME mail
        - S/MIME over http
        - Archieve signed documents in S/MIME format
        - be your own certification authority

Usage
        ./smime -cs private password <mime-entity >smime  # clear sign
        ./smime -cv cert <smime-entity >data              # verify clear sig
        ./smime -ds private passwd <file >smime-sig       # make detached sig
        ./smime -dv file <smime-sig-entity                # verify detached
        ./smime -s  private password <mime-entity >smime  # sign
        ./smime -qs <smime-entity >signing-cert-info      # find out who signed
        ./smime -v cert <smime-entity >signer-dn          # verify signature

        ./smime -vc cacert <cert                          # verify certificate

        ./smime -e public <mime-entity >smime-ent         # encrypt
        ./smime -d private password <smime-entity >mime   # decrypt

        ./smime -qr <req.pem    # Query all you can about request
        ./smime -qc <cert.pem   # Query all you can about certificate
        ./smime -ca ca_cert passwd serial <req.pem >cert.pem     # sign a req

        ./smime -p12-pem p12pw pempw <x.p12 >x.pem  # convert PKCS12 to pem
        ./smime -pem-p12 frindly@name.com pempw p12pw <x.pem >x.p12

        ./smime -m type1 file1 type2 file2 type3 file3 <text  # make multipart
        ./smime -m image/gif foo.gif <message | ./smime -s private pass >smime

        ./smime -kg attr passwd req.pem <dn >priv_ss.pem  # keygen

        ./smime -base64 <file >file.base64
        ./smime -unbase64 <file.base64 >file
        ./smime -mime text/plain <file >mime-entity
        ./smime -mime_base64 image/gif <file.gif >mime-entity
        ./smime -split dirprefix <multipart         # splits multipart
        ./smime -base64 <in | ./smime -unbase64 >out
        ./smime -cat <in >out   # copy input to output using slurp and barf

        ./smime -kg 'description=Test' secret req.pem <me.dn >ss.pem
</pre>
<hr>