openssl smime

January 26, 2013
openssl smime

#!/bin/bash

BASE=data/smime

CERTA="tst-sec/alice@blackhat.net.crt"
KEYA="tst-sec/alice@blackhat.net.key"

CERTB="tst-sec/bob@whitehat.org.crt"
KEYB="tst-sec/bob@whitehat.org.key"

CA="tst-sec/ca.crt"

AN=$(basename "$0")
echo -e "Basic text,\nwithout anything!\n\nNobody\n" >${BASE}/mime.txt
SUBJ="SMIME test"

echo "Encrypt for alice/blackhat"
openssl smime \
    -encrypt \
    -in ${BASE}/mime.txt \
    -out ${BASE}/enc.p7m \
    -from "${FROM}" \
    -to "${TO}" \
    -subject "${SUBJ}" \
    -des3 ${CERTA}

echo "Decrypt to alice/blackhat"
openssl smime \
    -decrypt \
    -in ${BASE}/enc.p7m \
    -out ${BASE}/enc.p7m-dec \
    -recip ${CERTA} \
    -inkey ${KEYA}

echo "Sign with alice/blackhat"
openssl smime \
    -sign \
    -in ${BASE}/mime.txt \
    -out ${BASE}/mime-signed.txt \
    -signer ${CERTA} \
    -inkey ${KEYA}

echo "Sign with CA with alice/blackhat"
openssl smime \
    -sign \
    -in ${BASE}/mime.txt \
    -out ${BASE}/mime-signed-w-ca.txt \
    -signer ${CERTA} \
    -inkey ${KEYA} \
    -certfile ${CA}

echo "Sign with alice/blackhat and bob/whitehat"
openssl smime \
    -sign \
    -in ${BASE}/mime.txt \
    -out ${BASE}/mime-signed-both.txt \
    -signer ${CERTA} \
    -inkey ${KEYA} \
    -signer ${CERTB} \
    -inkey ${KEYB}

echo "Sign not-detached with alice/blackhat"
openssl smime \
    -sign \
    -nodetach \
    -in ${BASE}/mime.txt \
    -out ${BASE}/mime-signed-nd.txt \
    -signer ${CERTA} \
    -inkey ${KEYA}

echo "Re-sign with bob/whitehat"
openssl smime \
    -resign \
    -in ${BASE}/mime-signed.txt \
    -out ${BASE}/mime-signed2nd.txt \
    -signer ${CERTB} \
    -inkey ${KEYB}

echo "Verify with CA"
openssl smime \
    -verify \
    -in ${BASE}/mime-signed.txt \
    -out ${BASE}/mime-signed-verify.txt \
    -signer ${BASE}/mime-signed-cert.txt \
    -CAfile ${CA}

echo "Verify non-detached with CA"
openssl smime \
    -verify \
    -in ${BASE}/mime-signed-nd.txt \
    -out ${BASE}/mime-signed-nd-verify.txt \
    -signer ${BASE}/mime-signed-nd-cert.txt \
    -CAfile ${CA}

echo "Verify 2 signatures with CA"
openssl smime \
    -verify \
    -in ${BASE}/mime-signed2nd.txt \
    -out ${BASE}/mime-signed2nd-verify.txt \
    -signer ${BASE}/mime-signed2nd-cert.txt \
    -CAfile ${CA}

echo "Verify 2 signatures"
openssl smime \
    -verify \
    -in ${BASE}/mime-signed-both.txt \
    -out ${BASE}/mime-signed-both-verify.txt \
    -signer ${BASE}/mime-signed-both-cert.txt \
    -CAfile ${CA}

if [ -f ${BASE}/a.pem ]; then
    openssl pkcs7 \
 -in ${BASE}/a.pem \
 -noout -text -print_certs
fi
Search This Blog

Mad Linux

openssl smime

Comments

Popular Posts

html mail - css merge

SafeQ and Minolta PCL only
