Split out certificate creation; handle verification properly.

author: Rob Austein <sra@hactrn.net> 2016-08-21 15:40:34 -0400
committer: Rob Austein <sra@hactrn.net> 2016-08-21 15:40:34 -0400
commit: f110c617c706e3a0b21daf29802e44668e202740 (patch)
tree: bcf8f0e8fa9f3618215816e4d3d3a2170e3dbd4b /README.md
parent: 3c65389a9c1473595ac9a7e315ccde42a0ee008c (diff)
1 files changed, 8 insertions, 3 deletions
diff --git a/README.md b/README.md
index 0943cb1..bc647a5 100644
--- a/README.md
+++ b/README.md
@@ -31,13 +31,18 @@ useful things with those keys.
 * `delete-keys.sh` uses `pkcs11-tool` to delete the keys which
   `create-keys.sh` created.
 
+* `issue-certificates.sh` generates a small X.509v3 certificate tree.
+  As a sanity check, it also verifies the issued certificates.
+  This depends on the keys created by `create-keys.sh`.
+
 * `basic-signature.sh` performs a basic hash-and-sign of a data file
   using the `openssl dgst` command, writing a detached signature out
   as a binary file.  As a sanity check, it also verifies the resulting
-  signature using the corresponding public key.
+  signature using the public key extracted from the corresponding
+  certificate (so this depends on `issue-certificates.sh`).
 
-* `smime-signature.sh` generates a small X.509v3 certificate tree and
-  uses that to generate a signed S/MIME message.
+* `smime-signature.sh` generates and verifies a signed S/MIME message;
+  this also depends on `issue-certificates.sh`.
 
 ## References and notes
author	Rob Austein <sra@hactrn.net>	2016-08-21 15:40:34 -0400
committer	Rob Austein <sra@hactrn.net>	2016-08-21 15:40:34 -0400
commit	f110c617c706e3a0b21daf29802e44668e202740 (patch)
tree	bcf8f0e8fa9f3618215816e4d3d3a2170e3dbd4b /README.md
parent	3c65389a9c1473595ac9a7e315ccde42a0ee008c (diff)