ximaera/openssl-smime.sh

## openssl-smime.sh
# Original Source:
# https://gist.github.com/ggrandes/a57c401f1bad6bd0ffd87a557b7b5790

# SIGN / VERIFY
openssl cms -sign -keyid -md sha256 -nodetach -binary -in /etc/passwd -signer user.crt -inkey user.key -out x.smime -outform SMIME
openssl cms -verify -CAfile ca.crt -in x.smime -inform SMIME

# ENCRYPT / DECRYPT
openssl cms -encrypt -keyid -aes-256-cbc -in /etc/passwd -binary -out x.smime -outform SMIME user.crt
openssl cms -decrypt -in x.smime -inform SMIME -recip user.crt -inkey user.key

# ENCRYPT + SIGN (outform can be SMIME, PEM(base64) or DER(binary))
openssl cms -encrypt -keyid -aes-256-cbc -in /etc/passwd -binary -outform DER user.crt |
  openssl cms -sign -keyid -md sha256 -nodetach -binary -signer user.crt -inkey user.key -out x.smime -outform SMIME
# VERIFY + DECRYPT
openssl cms -verify -CAfile ca.crt -in x.smime -inform SMIME |
  openssl cms -decrypt -recip user.crt -inkey user.key -inform DER -out x
	# Original Source:
	# https://gist.github.com/ggrandes/a57c401f1bad6bd0ffd87a557b7b5790

	# SIGN / VERIFY
	openssl cms -sign -keyid -md sha256 -nodetach -binary -in /etc/passwd -signer user.crt -inkey user.key -out x.smime -outform SMIME
	openssl cms -verify -CAfile ca.crt -in x.smime -inform SMIME

	# ENCRYPT / DECRYPT
	openssl cms -encrypt -keyid -aes-256-cbc -in /etc/passwd -binary -out x.smime -outform SMIME user.crt
	openssl cms -decrypt -in x.smime -inform SMIME -recip user.crt -inkey user.key

	# ENCRYPT + SIGN (outform can be SMIME, PEM(base64) or DER(binary))
	openssl cms -encrypt -keyid -aes-256-cbc -in /etc/passwd -binary -outform DER user.crt \|
	openssl cms -sign -keyid -md sha256 -nodetach -binary -signer user.crt -inkey user.key -out x.smime -outform SMIME
	# VERIFY + DECRYPT
	openssl cms -verify -CAfile ca.crt -in x.smime -inform SMIME \|
	openssl cms -decrypt -recip user.crt -inkey user.key -inform DER -out x