The issuer utility is used to create a set of functions that
   are embedded into CSSM, or are used by EISL. A CDSA application
   developer needs to create only the EISL_RetrieveSelfCheckKey
   function. The other functions noted here are applicable only for
   CDSA vendors (in this case, HP).

   This program generally is called by
   CDSA_SYSDIR:[SIGN]CDSA$GEN_CERTS.COM.

 SYNOPSIS

   issuer option certfile codefile functionname

 OPTIONS

   option
      A code that defines the function to be created.
      Specify one of the following values:

        -i Creates a function that returns an issuer name from
           the certificate.
        -s Creates a function that returns a signer name from
           the certificate.
        -k Creates a function that returns a trusted public key.

   NOTE: A CDSA application developer who is creating the
   EISL_RetrieveSelfCheckKey function should specify -k.
   The other codes are used only by CDSA vendors who are building CDSA
   itself rather than a CDSA application or service provider module.

   certfile
      A text file that contains the name of the certificate to be used.

   codefile
      The file to which the generated function is written.

   functionname
      Name of the function to be generated. One of the following:
      * cssm_GetIntegrityRootKeys (cssm_GetExportRootKeys for export)
      * cssm_GetIntegrityRootNames (cssm_GetExportRootNames for export)
      * EISL_RetrieveSelfCheckKey

   NOTE: CDSA application developers need to create only the
   EISL_RetrieveSelfCheckKey function (the last item in the following
   list). The full set of functions is listed here to provide a
   complete overview of the issuer utility. The other functions are
   applicable only for CDSA vendors. Those who want to learn more
   about certificate chains can refer to the Intel CDSA Manifest
   Signing Tools User's Guide.