more text on key slots

This commit is contained in:
Klas Lindfors
2014-02-10 10:23:12 +01:00
parent dcb230bf66
commit 5f18703344
+9 -5
View File
@@ -29,10 +29,14 @@ option "reader" r "Only use a matching reader" string optional default="Yubikey"
option "key" k "Authentication key to use" string optional default="010203040506070801020304050607080102030405060708" option "key" k "Authentication key to use" string optional default="010203040506070801020304050607080102030405060708"
option "action" a "Action to take" values="version","generate","set-mgm-key", option "action" a "Action to take" values="version","generate","set-mgm-key",
"reset","pin-retries","import-key","import-certificate","set-chuid", "reset","pin-retries","import-key","import-certificate","set-chuid",
"request-certificate","verify-pin","change-pin","change-puk","unblock-pin" enum multiple "request-certificate","verify-pin","change-pin","change-puk","unblock-pin" enum multiple details="
details="Multiple actions may be given at once and will be executed in order Multiple actions may be given at once and will be executed in order
for example --action=verify-pin --action=request-certificate\n" for example --action=verify-pin --action=request-certificate\n"
option "slot" s "What key slot to operate on" values="9a","9c","9d","9e" enum optional option "slot" s "What key slot to operate on" values="9a","9c","9d","9e" enum optional details="
9a is for PIV Authentication
9c is for Digital Signature (PIN always checked)
9d is for Key Management
9e is for Card Authentication (PIN never checked)\n"
option "algorithm" A "What algorithm to use" values="RSA1024","RSA2048","ECCP256" enum optional default="RSA2048" option "algorithm" A "What algorithm to use" values="RSA1024","RSA2048","ECCP256" enum optional default="RSA2048"
option "new-key" n "New authentication key to use" string optional option "new-key" n "New authentication key to use" string optional
option "pin-retries" - "Number of retries before the pin code is blocked" int optional dependon="puk-retries" option "pin-retries" - "Number of retries before the pin code is blocked" int optional dependon="puk-retries"
@@ -41,7 +45,7 @@ option "input" i "Filename to use as input, - for stdin" string optional default
option "output" o "Filename to use as output, - for stdout" string optional default="-" option "output" o "Filename to use as output, - for stdout" string optional default="-"
option "key-format" K "Format of the key being read/written" values="PEM","PKCS12" enum optional default="PEM" option "key-format" K "Format of the key being read/written" values="PEM","PKCS12" enum optional default="PEM"
option "password" p "Password for decryption of private key file" string optional option "password" p "Password for decryption of private key file" string optional
option "subject" S "The subject to use for certificate request" string optional option "subject" S "The subject to use for certificate request" string optional details="
details="The subject must be written as /CN=host.example.com/OU=test/O=example.com/\n" The subject must be written as /CN=host.example.com/OU=test/O=example.com/\n"
option "pin" P "Pin/puk code for verification" string optional option "pin" P "Pin/puk code for verification" string optional
option "new-pin" N "New pin/puk code for changing" string optional dependon="pin" option "new-pin" N "New pin/puk code for changing" string optional dependon="pin"