diff options
author | Rob Austein <sra@hactrn.net> | 2016-08-21 15:40:34 -0400 |
---|---|---|
committer | Rob Austein <sra@hactrn.net> | 2016-08-21 15:40:34 -0400 |
commit | f110c617c706e3a0b21daf29802e44668e202740 (patch) | |
tree | bcf8f0e8fa9f3618215816e4d3d3a2170e3dbd4b /README.md | |
parent | 3c65389a9c1473595ac9a7e315ccde42a0ee008c (diff) |
Split out certificate creation; handle verification properly.
Diffstat (limited to 'README.md')
-rw-r--r-- | README.md | 11 |
1 files changed, 8 insertions, 3 deletions
@@ -31,13 +31,18 @@ useful things with those keys. * `delete-keys.sh` uses `pkcs11-tool` to delete the keys which `create-keys.sh` created. +* `issue-certificates.sh` generates a small X.509v3 certificate tree. + As a sanity check, it also verifies the issued certificates. + This depends on the keys created by `create-keys.sh`. + * `basic-signature.sh` performs a basic hash-and-sign of a data file using the `openssl dgst` command, writing a detached signature out as a binary file. As a sanity check, it also verifies the resulting - signature using the corresponding public key. + signature using the public key extracted from the corresponding + certificate (so this depends on `issue-certificates.sh`). -* `smime-signature.sh` generates a small X.509v3 certificate tree and - uses that to generate a signed S/MIME message. +* `smime-signature.sh` generates and verifies a signed S/MIME message; + this also depends on `issue-certificates.sh`. ## References and notes |