/
smime.html
83 lines (63 loc) · 3.58 KB
/
smime.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
<title>SMIME Utility</title>
<H1>SMIME Utility Home Page</H1>
<i>12.12.2010, Sampo Kellomäki (sampo@iki.fi)</i>
<ul>
<li>Newest is <b>0.7</b>, dated 19991117
<li> <a href="ftp://ftp.funet.fi/pub/languages/perl/CPAN/authors/id/SAMPO/smime-0.7.tgz">Download 0.7 from CPAN</a> (ftp.funet.fi:/pub/languages/perl/CPAN/authors/id/SAMPO/smime-0.7.tgz) (works with openssl-0.9.8g, does not work with openssl-1.0.0)
<li> Newer versions are distributed as part of ZXID, see <a href="http://zxid.org/">http://zxid.org/</a>
</ul>
<pre>
Smime tool is a set of utilities for doing smime signatures as well as
basic key generation and certificate authority functions. It does
- sign and encrypt email and other S/MIME messages
- verify signatures and decrypt messages
- generate keys, certification requests, and self signed certificates
- certificate authority: sign certificate requests into certificates
- convert pem format to and from PKCS12 (allows importing and
exporting keys to and from Netscape (and probably Outlook Express))
- interoperates with Netscape mail reader, will probably interoperate
with Outlook Express
- standards compliant uses S/MIME, PKCS12, and pem
Included in the package
- smime command line tool
- smimeutil library (written in C)
- perl module to access all of the above functionality (SMIMEUtil::)
- tutorial (the README file)
- documentation (the simeutil.h file ;-)
Applications
- provide smime capability for popular mail readers, such as elm,
pine, or mh
- CGI scripts that send S/MIME mail
- Mail processing robots that read S/MIME mail
- S/MIME over http
- Archieve signed documents in S/MIME format
- be your own certification authority
Usage
./smime -cs private password <mime-entity >smime # clear sign
./smime -cv cert <smime-entity >data # verify clear sig
./smime -ds private passwd <file >smime-sig # make detached sig
./smime -dv file <smime-sig-entity # verify detached
./smime -s private password <mime-entity >smime # sign
./smime -qs <smime-entity >signing-cert-info # find out who signed
./smime -v cert <smime-entity >signer-dn # verify signature
./smime -vc cacert <cert # verify certificate
./smime -e public <mime-entity >smime-ent # encrypt
./smime -d private password <smime-entity >mime # decrypt
./smime -qr <req.pem # Query all you can about request
./smime -qc <cert.pem # Query all you can about certificate
./smime -ca ca_cert passwd serial <req.pem >cert.pem # sign a req
./smime -p12-pem p12pw pempw <x.p12 >x.pem # convert PKCS12 to pem
./smime -pem-p12 frindly@name.com pempw p12pw <x.pem >x.p12
./smime -m type1 file1 type2 file2 type3 file3 <text # make multipart
./smime -m image/gif foo.gif <message | ./smime -s private pass >smime
./smime -kg attr passwd req.pem <dn >priv_ss.pem # keygen
./smime -base64 <file >file.base64
./smime -unbase64 <file.base64 >file
./smime -mime text/plain <file >mime-entity
./smime -mime_base64 image/gif <file.gif >mime-entity
./smime -split dirprefix <multipart # splits multipart
./smime -base64 <in | ./smime -unbase64 >out
./smime -cat <in >out # copy input to output using slurp and barf
./smime -kg 'description=Test' secret req.pem <me.dn >ss.pem
</pre>
<hr>