diff --git a/lib/ykpiv.h b/lib/ykpiv.h index ffbee83..c0aa0ac 100644 --- a/lib/ykpiv.h +++ b/lib/ykpiv.h @@ -139,6 +139,8 @@ extern "C" #define YKPIV_OBJ_RETIRED19 0x5fc11f #define YKPIV_OBJ_RETIRED20 0x5fc120 +#define YKPIV_OBJ_ATTESTATION 0x5fff01 + #define YKPIV_INS_VERIFY 0x20 #define YKPIV_INS_CHANGE_REFERENCE 0x24 #define YKPIV_INS_RESET_RETRY 0x2c diff --git a/tool/cmdline.ggo b/tool/cmdline.ggo index 4d9ab43..85ddfdb 100644 --- a/tool/cmdline.ggo +++ b/tool/cmdline.ggo @@ -36,7 +36,7 @@ option "action" a "Action to take" values="version","generate","set-mgm-key", text " Multiple actions may be given at once and will be executed in order for example --action=verify-pin --action=request-certificate\n" -option "slot" s "What key slot to operate on" values="9a","9c","9d","9e","82","83","84","85","86","87","88","89","8a","8b","8c","8d","8e","8f","90","91","92","93","94","95" enum optional +option "slot" s "What key slot to operate on" values="9a","9c","9d","9e","82","83","84","85","86","87","88","89","8a","8b","8c","8d","8e","8f","90","91","92","93","94","95","f9" enum optional text " 9a is for PIV Authentication 9c is for Digital Signature (PIN always checked) diff --git a/tool/util.c b/tool/util.c index 17c4b12..4e2a719 100644 --- a/tool/util.c +++ b/tool/util.c @@ -262,6 +262,9 @@ int get_object_id(enum enum_slot slot) { case slot_arg_95: object = YKPIV_OBJ_RETIRED20; break; + case slot_arg_f9: + object = YKPIV_OBJ_ATTESTATION; + break; case slot__NULL: default: object = 0;