{"id":19579734,"url":"https://github.com/wolfssl/wolfclu","last_synced_at":"2025-04-27T08:31:54.346Z","repository":{"id":37788245,"uuid":"401771971","full_name":"wolfSSL/wolfCLU","owner":"wolfSSL","description":"The wolfSSL Command Line Utility wolfCLU","archived":false,"fork":false,"pushed_at":"2025-04-04T17:04:54.000Z","size":1476,"stargazers_count":17,"open_issues_count":5,"forks_count":29,"subscribers_count":17,"default_branch":"main","last_synced_at":"2025-04-04T18:22:46.214Z","etag":null,"topics":["certificate-generation","cli","command-line-tool","cryptography","encryption","key-generation","openssl","openssl-alternative","openssl-tools","security","signature-verification","wolfcrypt","wolfssl","x509"],"latest_commit_sha":null,"homepage":"https://www.wolfssl.com","language":"C","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/wolfSSL.png","metadata":{"files":{"readme":"README.md","changelog":"ChangeLog.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-08-31T16:30:47.000Z","updated_at":"2025-04-04T17:04:58.000Z","dependencies_parsed_at":"2023-01-28T13:32:54.045Z","dependency_job_id":"24a21492-eda0-46d3-8bee-3cca4519ddd0","html_url":"https://github.com/wolfSSL/wolfCLU","commit_stats":null,"previous_names":[],"tags_count":8,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/wolfSSL%2FwolfCLU","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/wolfSSL%2FwolfCLU/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/wolfSSL%2FwolfCLU/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/wolfSSL%2FwolfCLU/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/wolfSSL","download_url":"https://codeload.github.com/wolfSSL/wolfCLU/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":251112529,"owners_count":21538162,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["certificate-generation","cli","command-line-tool","cryptography","encryption","key-generation","openssl","openssl-alternative","openssl-tools","security","signature-verification","wolfcrypt","wolfssl","x509"],"created_at":"2024-11-11T07:18:50.437Z","updated_at":"2025-04-27T08:31:49.333Z","avatar_url":"https://github.com/wolfSSL.png","language":"C","funding_links":[],"categories":[],"sub_categories":[],"readme":"# wolfCLU\n\nThis is the wolfSSL Command Line Utility (wolfCLU).\n\n## wolfSSL Installation\n\nConfigure and install wolfSSL with the following commands:\n\n```\n./autogen.sh # only needed if source pulled from GitHub\n./configure --enable-wolfclu\nmake\nmake check\nsudo make install\n```\n\n## wolfCLU Installation\n\nAfter wolfSSL is installed, install wolfCLU from the wolfCLU root directory:\n\n```\n./autogen.sh # only needed if source pulled from GitHub\n./configure\nmake\nmake check\nsudo make install\n```\n\nIf wolfSSL was recently installed run `sudo ldconfig` to update the linker cache.\n\nNow, you should be able to use wolfCLU:\n\n```\nwolfssl -h\n```\n\nIf everything worked, you should see the wolfCLU help message.\n\nFor instuctions on how to build windows, see [here](ide/winvs/README.md).\n\n## Examples\n\n### Key Generation\n\nThe command below generates an RSA public/private key pair in PEM form.\n```\nwolfssl genkey rsa -size 2048 -out mykey -outform pem -output KEY\n```\nResulting files mykey.priv and mykey.pub can be seen below.\n```\n-----BEGIN RSA PRIVATE KEY-----\nMIIEogIBAAKCAQEAvCjQxgLC0QT3m2KCBRGF9inN3xKzTd9Aht2i3on5th1gFTmh\n0X9M8MFoOnXrzAuTTq/rjR1OLJCBJkB029zoXkbGMN/D0KCXRNl1SRTH+Z5lL6ZG\n88ckhMYoAk96FDZq83WCEL/UnAkL/U1IRSHmCzmQdYSMkO4+7upvipEjwe3yP1DN\nw/Dx72fMRKagkbjAujETzVRn17kEe4uENBOX/hFPjjVf+7ie+AgY6UAxWaDt46IC\nY0c/PisP+aSj5+yLDGHcGOrgRIt4lJ8NQXvmQtyH6lfLomOobGJMbrAmy68fmCzR\ny8lfaxS05SnsUIHulotxZgZ0ZFhPB7q8EAsRKQIDAQABAoIBAG8KV0rDzlyz5bwZ\ngkmjcb84JHqE+rP2EIqGudtC6c8DvvRHsquDyNA8E1qMxL8CBcjmIMiChuPd05nT\naCNoVulsMwIcy96PJzZGbuTWEr3JMEXShwTOfUqt9maGqLDM/Ij4y+0+iCYdYKn3\ntbK2sp/lNM9ljd7p+tHcID9SMBv9YIP3XwEPHxPDXcHEah5G9eNTOYpZvNCZf0pO\nShKTDfRi/DYm6gOYMca9hiJANoG7LfkcXRDpmPYC6wzJZSN0SBNn27I9A9JkwoPQ\n/vLi9782TyNM/ncurFIiRi7vJho398WPNf0lOI+8kjvH9OPI87usYNjLAo3CXZS+\nbow7kFECgYEA7tn2yrZHfoA526mWRkkf7I9B+c/7YA++8hyt2XiDPIGMsa78yae1\nMBn9SgF/bAdYq/aazGMPKtENIF2vHEfEH9W5Kqgp9qW/emqvU9Rj6CDyznhXcwN8\nuGIPow+uSN5bPysmFp/wjg8AM9SryRaVWgkykaLvhALcTVjH8Lwv8psCgYEAyask\n4XO22NieX/v6v6uVwaVGH6Uo5uHNbu7p0SuvEQMXWEIQKB3vHdtR3XE6sH+E6rX3\n5KgxqPzbodLXd2PV15VWwTTb+/jrJkWN9Ix0nbez4eP7MrSUJjtrXKk8+1VQKCPn\nwbwsw1jsAj2DuDyqXbcnEY5t1rhY5z1JCE+89YsCgYA3Xw5IdjNizyUamFj/GEqv\nU5Ku8BlNbrkMdbuT081QxJOySWfO8/McIJpIgspgZ9+VlgjS4xAMFASgATfsLXL5\nElnn2q5HwKsAHSViILW8hY7kcJ+NSTyrnggT/DmiKPIsVbtxuUhSFoYsfdwJNRQQ\nmFtBye0OxH7/61oGpAnViwKBgF5lMXomA6w0mM0s0Q3ubsaZad1eHWsUvmfyhJdX\n7zXzUHYLViyw9j/vbL5ORb5fsgN68XGiGLyUvulcG2bS4EFssZL1/xJOTSM4411Y\ncS1x000kvWvago3yuipBPT4XjNF9HPnd7sXxVWcnDASswMHk/PCGznr3BwYV9Z1i\nVXxJAoGAN6ZLY3Ol+CxSICNe5RZM7ZTs9GadgN7jSYqFUpZQX6nMZxaftNdhVIum\nK9jchl6IVIZVOyNE0yX02oj1tUUruhC3pdSg8NQSVoYonNFvJwKzBOgVqJKsNjrF\nI+sL/vVEOzji/VePapveVG5yGDiAT1FKg6MDHJ8U+H5j+Go3bmI=\n-----END RSA PRIVATE KEY-----\n```\n```\n-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvCjQxgLC0QT3m2KCBRGF\n9inN3xKzTd9Aht2i3on5th1gFTmh0X9M8MFoOnXrzAuTTq/rjR1OLJCBJkB029zo\nXkbGMN/D0KCXRNl1SRTH+Z5lL6ZG88ckhMYoAk96FDZq83WCEL/UnAkL/U1IRSHm\nCzmQdYSMkO4+7upvipEjwe3yP1DNw/Dx72fMRKagkbjAujETzVRn17kEe4uENBOX\n/hFPjjVf+7ie+AgY6UAxWaDt46ICY0c/PisP+aSj5+yLDGHcGOrgRIt4lJ8NQXvm\nQtyH6lfLomOobGJMbrAmy68fmCzRy8lfaxS05SnsUIHulotxZgZ0ZFhPB7q8EAsR\nKQIDAQAB\n-----END PUBLIC KEY-----\n```\n### Certification Generation\n\nThis command generates an X509 certificate using the private key created above.\n```\nwolfssl req -new -days 3650 -key mykey.priv -out test.cert -x509\n```\nThe resulting file test.cert can be seen below.\n```\n-----BEGIN CERTIFICATE-----\nMIICiDCCAXCgAwIBAgIQUxgFCkVR/08kI3nA38BsLTANBgkqhkiG9w0BAQsFADAA\nMB4XDTIyMDIxODIwMzUwMFoXDTMyMDIxNjIwMzUwMFowADCCASIwDQYJKoZIhvcN\nAQEBBQADggEPADCCAQoCggEBALwo0MYCwtEE95tiggURhfYpzd8Ss03fQIbdot6J\n+bYdYBU5odF/TPDBaDp168wLk06v640dTiyQgSZAdNvc6F5GxjDfw9Cgl0TZdUkU\nx/meZS+mRvPHJITGKAJPehQ2avN1ghC/1JwJC/1NSEUh5gs5kHWEjJDuPu7qb4qR\nI8Ht8j9QzcPw8e9nzESmoJG4wLoxE81UZ9e5BHuLhDQTl/4RT441X/u4nvgIGOlA\nMVmg7eOiAmNHPz4rD/mko+fsiwxh3Bjq4ESLeJSfDUF75kLch+pXy6JjqGxiTG6w\nJsuvH5gs0cvJX2sUtOUp7FCB7paLcWYGdGRYTwe6vBALESkCAwEAATANBgkqhkiG\n9w0BAQsFAAOCAQEAHHX+4PTg1nv8Bo0LgLqmx0YtG08Ye8IvPLRNIePSYRdVwToW\nMRPOvUU2/VQ41ro+iqlvopb2wX+gNz2K89EU3PQ6tVXxj0JiVB7DpXm/8lMklf3v\n0DGAJrvK3dEPbTvb71JG5qkwcBaS8jARKXOkuyW2D9yVSVKT/CkylpanRfXuU4NL\nadaA+l398KpM0c0XT7Fl4ylSeZLLi5CSObu1kkPpYqjAGyI+y0EW79btz88U2QmB\nuqGDApXWYuBdjheL4Ysoq6YXtt6dnm8DkBVrnt+gAMCBFbBNPXxy2MODBDqya907\niky6IRTUzkBy1fssv3Gr/jOsyN8J565NST3RpQ==\n-----END CERTIFICATE-----\n```\n### DGST Sign and Verify\n\nThe commands below sign this README then verify it with the resulting signature.\n```\nwolfssl dgst -sha256 -sign mykey.priv -out readme.sig ./README.md\nwolfssl dgst -sha256 -verify mykey.pub -signature readme.sig ./README.md\n```\n\n### Creating a Certificate Authority (CA) to sign other certificates using ECC signing/verification\n\nThe following demonstrates how to create a root CA and use it to sign other certificates. This example uses ECC, but steps are similar for RSA.\n\nIn this scenario there are three entities A, B, and C, where A is meant to function as a root CA. \n\nThe following steps demonstrate how to generate keys and certificates for A, B, and C, where A is self-signed and B and C are signed by A\n\n1. Create private ECC keys for A, B, and C (to create RSA keys instead use `wolfssl -genkey rsa`)\n```\nwolfssl -genkey ecc -out ecc-key-A -output priv -outform PEM\nwolfssl -genkey ecc -out ecc-key-B -output priv -outform PEM\nwolfssl -genkey ecc -out ecc-key-C -output priv -outform PEM\n```\n\n2. Create a self-signed certificate for A, which will function as our CA\n```\nwolfssl req -new -key ecc-key-A.priv -subj O=org-A/C=US/ST=WA/L=Seattle/CN=A/OU=org-unit-A -x509 -out A.cert -outform PEM\n```\n\n3. Create certificates for B and C signed by A\n```\n# first create a certificate signing request (CSR) for B and C\nwolfssl req -new -key ecc-key-B.priv -subj O=org-B/C=US/ST=WA/L=Seattle/CN=B/OU=org-unit-B -out B.csr -outform PEM\nwolfssl req -new -key ecc-key-C.priv -subj O=org-C/C=US/ST=WA/L=Seattle/CN=C/OU=org-unit-C -out C.csr -outform PEM\n\n# now have our CA (A) sign the CSR's of B and C to generate their certificates\nwolfssl ca -in B.csr -keyfile ecc-key-A.priv -cert A.cert -out B.cert\nwolfssl ca -in C.csr -keyfile ecc-key-A.priv -cert A.cert -out C.cert\n```\n\nWe can now verify certs B and C using our CA cert A using the following command:\n```\nwolfssl verify -CAfile A.cert B.cert\nwolfssl verify -CAfile A.cert C.cert\n```\n\n## Contacts\n\nPlease contact support@wolfssl.com with any questions or comments.\n\n## License\n\nCopyright (c) 2006-2021 wolfSSL Inc.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fwolfssl%2Fwolfclu","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fwolfssl%2Fwolfclu","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fwolfssl%2Fwolfclu/lists"}