Merge branch 'master' of github.com:Yubico/yubico-piv-tool

This commit is contained in:
Simon Josefsson
2014-10-01 15:33:55 +02:00
2 changed files with 44 additions and 15 deletions
+31 -2
View File
@@ -823,8 +823,6 @@ static bool delete_certificate(ykpiv_state *state, enum enum_slot slot) {
int main(int argc, char *argv[]) { int main(int argc, char *argv[]) {
struct gengetopt_args_info args_info; struct gengetopt_args_info args_info;
ykpiv_state *state; ykpiv_state *state;
unsigned char key[KEY_LEN];
size_t key_len = sizeof(key);
int verbosity; int verbosity;
enum enum_action action; enum enum_action action;
unsigned int i; unsigned int i;
@@ -846,6 +844,34 @@ int main(int argc, char *argv[]) {
return EXIT_FAILURE; return EXIT_FAILURE;
} }
for(i = 0; i < args_info.action_given; i++) {
bool needs_auth = false;
action = *args_info.action_arg++;
switch(action) {
case action_arg_generate:
case action_arg_setMINUS_mgmMINUS_key:
case action_arg_pinMINUS_retries:
case action_arg_importMINUS_key:
case action_arg_importMINUS_certificate:
case action_arg_setMINUS_chuid:
case action_arg_deleteMINUS_certificate:
needs_auth = true;
break;
case action_arg_version:
case action_arg_reset:
case action_arg_requestMINUS_certificate:
case action_arg_verifyMINUS_pin:
case action_arg_changeMINUS_pin:
case action_arg_changeMINUS_puk:
case action_arg_unblockMINUS_pin:
case action_arg_selfsignMINUS_certificate:
case action__NULL:
default:
continue;
}
if(needs_auth) {
unsigned char key[KEY_LEN];
size_t key_len = sizeof(key);
if(ykpiv_hex_decode(args_info.key_arg, strlen(args_info.key_arg), key, &key_len) != YKPIV_OK) { if(ykpiv_hex_decode(args_info.key_arg, strlen(args_info.key_arg), key, &key_len) != YKPIV_OK) {
return EXIT_FAILURE; return EXIT_FAILURE;
} }
@@ -857,6 +883,9 @@ int main(int argc, char *argv[]) {
if(verbosity) { if(verbosity) {
fprintf(stderr, "Successful applet authentication.\n"); fprintf(stderr, "Successful applet authentication.\n");
} }
break;
}
}
/* openssl setup.. */ /* openssl setup.. */
OpenSSL_add_all_algorithms(); OpenSSL_add_all_algorithms();
+4 -4
View File
@@ -41,13 +41,13 @@ key on stdout:
Generate a certificate request with public key from stdin, will print Generate a certificate request with public key from stdin, will print
the resulting request on stdout: the resulting request on stdout:
yubico-piv-tool -s 9a -S '/CN=foo/OU=test/O=example.com/' -P 123456 \\\n yubico-piv-tool -s 9a -S '/CN=foo/OU=test/O=example.com/' -P 123456 \\
-a verify -a request -a verify -a request
Generate a self-signed certificate with public key from stdin, will print Generate a self-signed certificate with public key from stdin, will print
the certificate, for later import, on stdout: the certificate, for later import, on stdout:
yubico-piv-tool -s 9a -S '/CN=bar/OU=test/O=example.com/' -P 123456 \\\n yubico-piv-tool -s 9a -S '/CN=bar/OU=test/O=example.com/' -P 123456 \\
-a verify -a selfsign -a verify -a selfsign
Import a certificate from stdin: Import a certificate from stdin:
@@ -57,12 +57,12 @@ Import a certificate from stdin:
Set a random chuid, import a key and import a certificate from a PKCS12 Set a random chuid, import a key and import a certificate from a PKCS12
file with password test, into slot 9c: file with password test, into slot 9c:
yubico-piv-tool -s 9c -i test.pfx -K PKCS12 -p test -a set-chuid \\\n yubico-piv-tool -s 9c -i test.pfx -K PKCS12 -p test -a set-chuid \\
-a import-key -a import-cert -a import-key -a import-cert
Change the management key used for administrative authentication: Change the management key used for administrative authentication:
yubico-piv-tool -n 0807605403020108070605040302010807060504030201 \\\n yubico-piv-tool -n 0807605403020108070605040302010807060504030201 \\
-a set-mgm-key -a set-mgm-key
Delete a certificate in slot 9a: Delete a certificate in slot 9a: