From 3185360834dc9992c141c84517bdecd3a87312a1 Mon Sep 17 00:00:00 2001
From: Rob Austein <sra@hactrn.net>
Date: Sun, 21 Aug 2016 12:17:19 -0400
Subject: Scripts demonstrating the OpenSSL engine API with Cryptech Alpha HSM.

---
 smime-signature.sh | 32 ++++++++++++++++++++++++++++++++
 1 file changed, 32 insertions(+)
 create mode 100755 smime-signature.sh

(limited to 'smime-signature.sh')

diff --git a/smime-signature.sh b/smime-signature.sh
new file mode 100755
index 0000000..fb2f815
--- /dev/null
+++ b/smime-signature.sh
@@ -0,0 +1,32 @@
+#!/bin/sh -
+
+. ./environment.sh
+
+set -x
+
+openssl req -batch -new -engine pkcs11 -keyform ENGINE -x509 -days 365		\
+	-subj "/C=PV/O=Pottsylvanian Ministry of Offense/GN=Fearless/SN=Leader" \
+	-key label_leader -out leader.cer
+
+openssl req -batch -new -engine pkcs11 -keyform ENGINE				\
+	-subj "/GN=Natasha/SN=Fatale"						\
+	-key label_natasha							|
+openssl x509 -req -engine pkcs11 -CAkeyform ENGINE -days 60			\
+	-set_serial `date +%s` -extfile $OPENSSL_CONF -extensions ext_ee	\
+	-CAkey label_leader -CA leader.cer					\
+	-out natasha.cer
+
+openssl req -batch -new -engine pkcs11 -keyform ENGINE				\
+	-subj "/GN=Boris/SN=Badenov"						\
+	-key label_boris							|
+openssl x509 -req -engine pkcs11 -CAkeyform ENGINE -days 60			\
+	-set_serial `date +%s` -extfile $OPENSSL_CONF -extensions ext_ee	\
+	-CAkey label_leader -CA leader.cer					\
+	-out boris.cer
+
+openssl smime -engine pkcs11 -sign -text -keyform ENGINE			\
+	-inkey label_natasha -signer natasha.cer -certfile leader.cer		\
+	-from "Natasha Fatale <natasha@moo.pv>"					\
+	-to   "Boris Badenov <boris@moo.pv>"					\
+	-subject "Fiendish plot"						\
+	-in message.txt -out message.smime
-- 
cgit v1.2.3