Signing The Tcl Scripts Example; Verifying The Signature Example; Converting The Signature With Nonbinary Data Example - Cisco Catalyst 2960 series Configuration Manual
Consolidated platform configuration guide, ios release 15.2(4)e
Hide thumbs
Also See for Catalyst 2960 series:
- Software configuration manual (980 pages) ,
- Command reference manual (800 pages) ,
- Configuration manual (120 pages)
Table of Contents
Advertisement
For some fields there will be a default value, If you enter '.', the field will be left
blank.
-----
Country Name (2 letter code) [GB]:US
State or Province Name (full name) [Berkshire]:California
Locality Name (eg, city) [Newbury]:San Jose
Organization Name (eg, company) [My Company Ltd]:Cisco Systems, Inc.
Organizational Unit Name (eg, section) []:DEPT_ACCT
Common Name (eg, your name or your server's hostname) []:Jane
Email Address []:janedoe@company.com
Host% ls -l
total 24
-rw-r--r--
-rw-r--r--
-rw-r--r--
Signing the Tcl Scripts Example
The following example shows how to sign the Tcl scripts:
Host% openssl smime -sign -in hello -out hello.pk7 -signer cert.pem -inkey privkey.pem
-outform DER -binary
Host% ls -l
total 40
-rw-r--r--
-rw-r--r--
-rw-r--r--
-rw-r--r--
-rw-r--r--
Verifying the Signature Example
The following example shows how to verify the signature:
Host% openssl smime -verify -in hello.pk7 -CAfile cert.pem -inform DER -content hello
puts hello
puts "argc = $argc"
puts "argv = $argv"
puts "argv0 = $argv0"
puts "tcl_interactive = $tcl_interactive"
Verification successful
Converting the Signature with Nonbinary Data Example
The following example shows how to convert the Tcl signature with nonbinary data:
#Cisco Tcl Signature V1.0
Then append the signature file to the end of the file.
Host% xxd -ps hello.pk7 > hello.hex
Host% cat my_append
#!/usr/bin/env expect
set my_first {#Cisco Tcl Signature V1.0}
set newline {}
set my_file [lindex $argv 0]
set my_new_file ${my_file}_sig
set my_new_handle [open $my_new_file w]
set my_handle [open $my_file r]
puts $my_new_handle $newline
puts $my_new_handle $my_first
foreach line [split [read $my_handle] "\n"]
set new_line {#}
append new_line $line
puts $my_new_handle $new_line
1 janedoe eng12
1659 Jun 12 15:01 cert.pem
1 janedoe eng12
1679 Jun 12 14:55 privkey.pem
1 janedoe eng12
451 Jun 12 14:57 pubkey.pem
1 janedoe eng12
1659 Jun 12 15:01 cert.pem
1 janedoe eng12
115 Jun 13 10:16 hello
1 janedoe eng12
1876 Jun 13 10:16 hello.pk7
1 janedoe eng12
1679 Jun 12 14:55 privkey.pem
1 janedoe eng12
451 Jun 12 14:57 pubkey.pem
Consolidated Platform Configuration Guide, Cisco IOS Release 15.2(4)E (Catalyst 2960-X Switches)
Configuration Examples for Signed Tcl Script
{
1841
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
