Xac, You seem to be looking for a utility which provides access much like tar or cpio. I'm sorry to have to report that this does not exist the way you seem to expect. If you want something that can automagically do everything that you need to accomplish from the command-line, I recommend GNU Privacy Guard, also called gpg.
To answer the remainder of your questions: PEM is "Privacy-Enhanced Mail". It is a base-64 representation (24 bits expand to 32 bits) of a DER (or BER)-encoded ASN.1 structure of some type. The type that you can expect from decoding the PEM file can usually be found in the "=====BEGIN " line; check out the Wikipedia article on it for pointers to the specifications. ASN.1 is "Abstract Syntax Notation v1", and is defined in ITU X.680, X.681, X.682, and X.683 from the ITU-T, available from http://www.itu.int/. DER and BER are defined in X.690, also from ITU-T. I recommend skipping these specs, and instead get "ASN.1: Communication Between Heterogeneous Systems", available from http://www.oss.com/asn1/dubuisson.html . Most of the time, PEM files contain X.509 Certificates. This is defined in ITU-T X.509; however, you can get by with most things appropriate for the Internet with RFC5280 or its successors (known as PKIX, or Public Key Infrastructure Extensions for the Internet). There are ways to do what you want; the main and most portable one is CMS, or "Cryptographic Message Syntax". You're looking for the "arbitrary signed content" structure. This is defined in RFC5652 (though if you're looking for something to compile with an ASN.1 compiler, you need to use the updated definitions in RFC5911). Seriously, I recommend avoiding ITU-T standards as much as possible. They're dense, obscure, and without the "key" (the map to understanding them) they're pretty much as good as encrypted for anyone trying to understand what they mean. -Kyle H On Tue, May 24, 2011 at 3:55 AM, xaccrocheur <xaccroch...@gmail.com> wrote:
Hi everyone ; This is my first msg on the list I'd like to know if there are any specifications I can read about the .pem format ? From what I understand it is a "container" meta-format, like ogg or avi, so how do I know how to read it, what to expect and how to properly write it ? I found nothing about it in the openssl man page, nor on the internets.. And on a related topic : Is there a way to sign a file, and then pack into one self-contained file -The file -The public key used to sign the file -The signature hash of the file Please excuse and correct any naming mistake that I may have made. -Phil ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
Verify This Message with Penango.p7s
Description: S/MIME Cryptographic Signature
