sl@0: dergen.pl sl@0: ********* sl@0: This Perl application recursively parses a set of text files translating the sl@0: contents into a DER encoding. This should now support all of the ASN.1 sl@0: tags required to create a PKCS#12 file. sl@0: sl@0: Syntax: sl@0: sl@0: * key value format sl@0: * one key per line sl@0: * tabs + whitespace up to command ignored sl@0: * comment is // sl@0: * $1 .. $N for textual substitution of args sl@0: * escape character is \ sl@0: * case insensitive sl@0: sl@0: Simple types are of the form sl@0: SIMPLE_COMMAND=arg1,arg2,arg3 sl@0: sl@0: simple types sl@0: ************ sl@0: BITSTRING sl@0: Output an DER bit string sl@0: ARG0=A sequence of 0s and 1s. sl@0: BMPSTRING sl@0: Encodes ascii text as BMPSTRING sl@0: ARG0=ascii text to encode sl@0: BMPSTRING_FILE sl@0: Includes a BMPSTRING file as a BMPSTRING element sl@0: ARG0=name of file to include sl@0: ENUMERATED sl@0: Encodes and enumerated value sl@0: ARG0=integer value of enum sl@0: IA5STRING sl@0: Encodes ascii text as BMPSTRING sl@0: ARG0=ascii text to encode sl@0: IA5STRING_FILE sl@0: Includes a IA5STRING file as an IA5STRING element sl@0: ARG0=name of file to include sl@0: INCLUDE_BINARY_FILE sl@0: Includes raw binary data from a file sl@0: ARG0=filename to include sl@0: INTEGER|INT sl@0: Outputs an integer sl@0: ARG0=Integer in decimal or hex format (leading 0x) sl@0: NULL sl@0: A null entry (no args) sl@0: OID sl@0: An ASN.1 object identifier sl@0: ARG0=Raw form (1.2.840.113549.1) or one of the defined key words (look in the source) sl@0: PRINTABLESTRING sl@0: Encodes ascii text as PRINTABLESTRING sl@0: ARG0=ascii text to encode sl@0: UTF8STRING_FILE sl@0: Includes a UTF8STRING file as an UTF8STRING element sl@0: ARG0=name of file to include sl@0: RAW sl@0: Allows raw hex to be inserted into the file sl@0: ARG0=AA:BB:CC:DD:EE:FF sl@0: UTCTIME sl@0: Encodes a utc time. N.B. no attempt is made to validate the format of the time. sl@0: ARG0=time in ascii sl@0: UTF8STRING sl@0: Encodes ascii text as UTF8STRING sl@0: ARG0=ascii text to encode sl@0: UTF8STRING_FILE sl@0: Includes a UTF8STRING file as an UTF8STRING element sl@0: ARG0=name of file to include sl@0: ********** sl@0: sl@0: Compound types are of the form and apply an encoding to the result of sl@0: recursively concatenating the embedded types. sl@0: sl@0: COMPOUND_TYPE sl@0: SIMPLE_TYPE sl@0: COMPOUND_TYPE sl@0: SIMPLE_TYPE sl@0: END sl@0: SIMPLE_TYPE sl@0: END sl@0: sl@0: compound types sl@0: ************** sl@0: BITSTRING_WRAPPER sl@0: Wraps the nested content inside a BITSTRING sl@0: INCLUDE sl@0: Allows nesting of dergen script file. Arguments may also be passed for textual substitution. Refer to arguments as $1 .. $N sl@0: ARG0=filename to include sl@0: ARG1 (optional)=argument to subtitute for $1 in include file sl@0: ARGN (optional)=argument sl@0: sl@0: IMPLICIT sl@0: Changes the tag of the embedded type according to the tag number and class arguments. sl@0: The default tag number is 0 and the default class is CONTEXT-SPECIFIC. sl@0: ARG1 (optional)=tag nummber (in hex) sl@0: ARG2 (optional)=class (UNIVERSAL,APPLICATION,CONTEXT-SPECIFIC,PRIVATE) sl@0: sl@0: ENCRYPT sl@0: Encrypts the nested data. (Requires OpenSSL) sl@0: ARG0=cipher (as defined by openssl without the leading hyphen) sl@0: ARG1=key (in hex) sl@0: ARG2=iv (in hex) sl@0: EXPLICIT sl@0: Wraps the embedded type with a new tag defined by the tag number and class arguments. sl@0: The default tag number is 0 and the default class is CONTEXT-SPECIFIC. sl@0: ARG0 (optional)=tag nummber (in hex) sl@0: ARG1 (optional)class (UNIVERSAL,APPLICATION,CONTEXT-SPECIFIC,PRIVATE) sl@0: HASH sl@0: Embeds the hash of the nested data. (Requries OpenSSL) sl@0: ARG0=algorithm (as defined by OpenSSL without the leading hyphen) sl@0: HMAC sl@0: Embeds a HMAC for the nested data. sl@0: ARG0=algorithm (SHA1|MD5) sl@0: ARG1=key (in kex) sl@0: OCTETSTRING sl@0: Wraps the nested content in an OCTETSTRING tag sl@0: OUTPUT_BINARY_FILE sl@0: Outputs the nested data in binary form to the named file and optionally includes the nested data in the sl@0: encoding stream as well. sl@0: ARG0=The filename to write the data to sl@0: ARG1=Set this to 1 to also include the binary content int he output stream (Optional) sl@0: SEQ sl@0: Embeds content in a SEQ tag sl@0: SIGN Creates a PKCS#7 signed data object of the nested data using OpenSSL's SMIME command sl@0: ARG0=signing certificate filename (PEM format) sl@0: ARG1=signing key filename (PEM format) sl@0: SET sl@0: Embeds content in a SET tag sl@0: SHELL sl@0: Executes an arbitrary shell command sl@0: ARG0=program to run sl@0: ARG1 (optional)=first argument to shell command sl@0: ARGN (optional)=last largument to shell command sl@0: sl@0: command line arguments sl@0: ********************** sl@0: --in : script file sl@0: --out : output file sl@0: --hex : output hex instead of binary sl@0: --debug : set the debug level. 0=off,1=parsing information,2=parsing & encoding information,3=everything sl@0: sl@0: other sl@0: **** sl@0: If it doesn't work then then try setting the DEBUG global variable to 1 (or 2 sl@0: or 3 for more increased verbosity)