SourceFiles.org - Use the Source, Luke
Home | Register | News | Forums | Guide | MyLinks | Bookmark

Related Sites

Latest News
  General News
  Reviews
  Press Releases
  Software
  Hardware
  Security
  Tutorials
  Off Topic


Back to files

SIGN_SC/VERIFY_SC UTILITIES USAGE

After installation (see INSTALL), you should have two utilities installed in /usr/local/bin:

. "sign_sc" that digitally signs every file you want, using the private key stored on your smartcard . "verify_sc" that verifies a digital signature.

--- SIGN_SC ---

SYNOPSIS

sign_sc [-h | --help]
sign_sc -in <file> -sc -key <pin> -out <signature> sign_sc -in <file> -keyfile <priv-key> -cert <pub-key-cert> \ -key <pwd> -out <signature>

DESCRIPTION

This command calculates the digital signature of the <file> file and outputs it into the <signature> PKCS7 file. It can either use a private key stored on a smartcard or use a private key stored on the local filesystem. In the former case it requires the smartcard's pin, in the latter case it requires a private key file, the password protecting the key (if any), and the public certificate file to include into the signature.

OPTIONS

. -in <file> MANDATORY

The file to be signed.

. -sc OPTIONAL, EXCLUDES -keyfile AND -cert

This flag tells the command to use the private key on the smartcard to calculate the signature. In this case, the -key option specifies the card PIN, and the public key certificate must be on board in the file 0x3F00/0x2000

. -out <file> MANDATORY

The file where the PKCS7 signature must be stored in.

. -keyfile <file> OPTIONAL, EXCLUDES -sc

This option selects the file that stores the private key, PEM encoded. If the key is protected by a password (i.e. is DES encrypted using a passphrase), then the password must be specified using the -key option

. -cert <file> OPTIONAL, EXCLUDES -sc

This option specifies the user public key certificate to be included into the signature. This must match (obviously) with the private key specified into the -keyfile option

. -key <pwd> OPTIONAL
This option specifies either a PIN for to be used to authenticate the command to the smartcard (if the -sc flag is present), or a passphrase to be used to decrypt the user private key specified via the -keyfile option

--- VERIFY_SC ---

SYNOPSIS

verify_sc <sigfile> -cf <root_cert> -d <orig_data>

DESCRIPTION

This command verifies the a PKCS7 digital signature stored in the <orig_data> file, using both the public key certificate stored in the signature itself, and the CA root certificate stored in the <root_cert> file.


Other Sites

Discussion Groups
  Beginners
  Distributions
  Networking / Security
  Software
  PDAs

About | FAQ | Privacy | Awards | Contact
Comments to the webmaster are welcome.
Copyright 2006 Sourcefiles.org All rights reserved.