Merge branch 'master' of github.com:Yubico/yubico-piv-tool
This commit is contained in:
+31
-2
@@ -823,8 +823,6 @@ static bool delete_certificate(ykpiv_state *state, enum enum_slot slot) {
|
|||||||
int main(int argc, char *argv[]) {
|
int main(int argc, char *argv[]) {
|
||||||
struct gengetopt_args_info args_info;
|
struct gengetopt_args_info args_info;
|
||||||
ykpiv_state *state;
|
ykpiv_state *state;
|
||||||
unsigned char key[KEY_LEN];
|
|
||||||
size_t key_len = sizeof(key);
|
|
||||||
int verbosity;
|
int verbosity;
|
||||||
enum enum_action action;
|
enum enum_action action;
|
||||||
unsigned int i;
|
unsigned int i;
|
||||||
@@ -846,6 +844,34 @@ int main(int argc, char *argv[]) {
|
|||||||
return EXIT_FAILURE;
|
return EXIT_FAILURE;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
for(i = 0; i < args_info.action_given; i++) {
|
||||||
|
bool needs_auth = false;
|
||||||
|
action = *args_info.action_arg++;
|
||||||
|
switch(action) {
|
||||||
|
case action_arg_generate:
|
||||||
|
case action_arg_setMINUS_mgmMINUS_key:
|
||||||
|
case action_arg_pinMINUS_retries:
|
||||||
|
case action_arg_importMINUS_key:
|
||||||
|
case action_arg_importMINUS_certificate:
|
||||||
|
case action_arg_setMINUS_chuid:
|
||||||
|
case action_arg_deleteMINUS_certificate:
|
||||||
|
needs_auth = true;
|
||||||
|
break;
|
||||||
|
case action_arg_version:
|
||||||
|
case action_arg_reset:
|
||||||
|
case action_arg_requestMINUS_certificate:
|
||||||
|
case action_arg_verifyMINUS_pin:
|
||||||
|
case action_arg_changeMINUS_pin:
|
||||||
|
case action_arg_changeMINUS_puk:
|
||||||
|
case action_arg_unblockMINUS_pin:
|
||||||
|
case action_arg_selfsignMINUS_certificate:
|
||||||
|
case action__NULL:
|
||||||
|
default:
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
if(needs_auth) {
|
||||||
|
unsigned char key[KEY_LEN];
|
||||||
|
size_t key_len = sizeof(key);
|
||||||
if(ykpiv_hex_decode(args_info.key_arg, strlen(args_info.key_arg), key, &key_len) != YKPIV_OK) {
|
if(ykpiv_hex_decode(args_info.key_arg, strlen(args_info.key_arg), key, &key_len) != YKPIV_OK) {
|
||||||
return EXIT_FAILURE;
|
return EXIT_FAILURE;
|
||||||
}
|
}
|
||||||
@@ -857,6 +883,9 @@ int main(int argc, char *argv[]) {
|
|||||||
if(verbosity) {
|
if(verbosity) {
|
||||||
fprintf(stderr, "Successful applet authentication.\n");
|
fprintf(stderr, "Successful applet authentication.\n");
|
||||||
}
|
}
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
/* openssl setup.. */
|
/* openssl setup.. */
|
||||||
OpenSSL_add_all_algorithms();
|
OpenSSL_add_all_algorithms();
|
||||||
|
|||||||
@@ -41,13 +41,13 @@ key on stdout:
|
|||||||
Generate a certificate request with public key from stdin, will print
|
Generate a certificate request with public key from stdin, will print
|
||||||
the resulting request on stdout:
|
the resulting request on stdout:
|
||||||
|
|
||||||
yubico-piv-tool -s 9a -S '/CN=foo/OU=test/O=example.com/' -P 123456 \\\n
|
yubico-piv-tool -s 9a -S '/CN=foo/OU=test/O=example.com/' -P 123456 \\
|
||||||
-a verify -a request
|
-a verify -a request
|
||||||
|
|
||||||
Generate a self-signed certificate with public key from stdin, will print
|
Generate a self-signed certificate with public key from stdin, will print
|
||||||
the certificate, for later import, on stdout:
|
the certificate, for later import, on stdout:
|
||||||
|
|
||||||
yubico-piv-tool -s 9a -S '/CN=bar/OU=test/O=example.com/' -P 123456 \\\n
|
yubico-piv-tool -s 9a -S '/CN=bar/OU=test/O=example.com/' -P 123456 \\
|
||||||
-a verify -a selfsign
|
-a verify -a selfsign
|
||||||
|
|
||||||
Import a certificate from stdin:
|
Import a certificate from stdin:
|
||||||
@@ -57,12 +57,12 @@ Import a certificate from stdin:
|
|||||||
Set a random chuid, import a key and import a certificate from a PKCS12
|
Set a random chuid, import a key and import a certificate from a PKCS12
|
||||||
file with password test, into slot 9c:
|
file with password test, into slot 9c:
|
||||||
|
|
||||||
yubico-piv-tool -s 9c -i test.pfx -K PKCS12 -p test -a set-chuid \\\n
|
yubico-piv-tool -s 9c -i test.pfx -K PKCS12 -p test -a set-chuid \\
|
||||||
-a import-key -a import-cert
|
-a import-key -a import-cert
|
||||||
|
|
||||||
Change the management key used for administrative authentication:
|
Change the management key used for administrative authentication:
|
||||||
|
|
||||||
yubico-piv-tool -n 0807605403020108070605040302010807060504030201 \\\n
|
yubico-piv-tool -n 0807605403020108070605040302010807060504030201 \\
|
||||||
-a set-mgm-key
|
-a set-mgm-key
|
||||||
|
|
||||||
Delete a certificate in slot 9a:
|
Delete a certificate in slot 9a:
|
||||||
|
|||||||
Reference in New Issue
Block a user