Merge branch 'master' of github.com:Yubico/yubico-piv-tool
This commit is contained in:
+31
-2
@@ -823,8 +823,6 @@ static bool delete_certificate(ykpiv_state *state, enum enum_slot slot) {
|
||||
int main(int argc, char *argv[]) {
|
||||
struct gengetopt_args_info args_info;
|
||||
ykpiv_state *state;
|
||||
unsigned char key[KEY_LEN];
|
||||
size_t key_len = sizeof(key);
|
||||
int verbosity;
|
||||
enum enum_action action;
|
||||
unsigned int i;
|
||||
@@ -846,6 +844,34 @@ int main(int argc, char *argv[]) {
|
||||
return EXIT_FAILURE;
|
||||
}
|
||||
|
||||
for(i = 0; i < args_info.action_given; i++) {
|
||||
bool needs_auth = false;
|
||||
action = *args_info.action_arg++;
|
||||
switch(action) {
|
||||
case action_arg_generate:
|
||||
case action_arg_setMINUS_mgmMINUS_key:
|
||||
case action_arg_pinMINUS_retries:
|
||||
case action_arg_importMINUS_key:
|
||||
case action_arg_importMINUS_certificate:
|
||||
case action_arg_setMINUS_chuid:
|
||||
case action_arg_deleteMINUS_certificate:
|
||||
needs_auth = true;
|
||||
break;
|
||||
case action_arg_version:
|
||||
case action_arg_reset:
|
||||
case action_arg_requestMINUS_certificate:
|
||||
case action_arg_verifyMINUS_pin:
|
||||
case action_arg_changeMINUS_pin:
|
||||
case action_arg_changeMINUS_puk:
|
||||
case action_arg_unblockMINUS_pin:
|
||||
case action_arg_selfsignMINUS_certificate:
|
||||
case action__NULL:
|
||||
default:
|
||||
continue;
|
||||
}
|
||||
if(needs_auth) {
|
||||
unsigned char key[KEY_LEN];
|
||||
size_t key_len = sizeof(key);
|
||||
if(ykpiv_hex_decode(args_info.key_arg, strlen(args_info.key_arg), key, &key_len) != YKPIV_OK) {
|
||||
return EXIT_FAILURE;
|
||||
}
|
||||
@@ -857,6 +883,9 @@ int main(int argc, char *argv[]) {
|
||||
if(verbosity) {
|
||||
fprintf(stderr, "Successful applet authentication.\n");
|
||||
}
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
/* openssl setup.. */
|
||||
OpenSSL_add_all_algorithms();
|
||||
|
||||
@@ -41,13 +41,13 @@ key on stdout:
|
||||
Generate a certificate request with public key from stdin, will print
|
||||
the resulting request on stdout:
|
||||
|
||||
yubico-piv-tool -s 9a -S '/CN=foo/OU=test/O=example.com/' -P 123456 \\\n
|
||||
yubico-piv-tool -s 9a -S '/CN=foo/OU=test/O=example.com/' -P 123456 \\
|
||||
-a verify -a request
|
||||
|
||||
Generate a self-signed certificate with public key from stdin, will print
|
||||
the certificate, for later import, on stdout:
|
||||
|
||||
yubico-piv-tool -s 9a -S '/CN=bar/OU=test/O=example.com/' -P 123456 \\\n
|
||||
yubico-piv-tool -s 9a -S '/CN=bar/OU=test/O=example.com/' -P 123456 \\
|
||||
-a verify -a selfsign
|
||||
|
||||
Import a certificate from stdin:
|
||||
@@ -57,12 +57,12 @@ Import a certificate from stdin:
|
||||
Set a random chuid, import a key and import a certificate from a PKCS12
|
||||
file with password test, into slot 9c:
|
||||
|
||||
yubico-piv-tool -s 9c -i test.pfx -K PKCS12 -p test -a set-chuid \\\n
|
||||
yubico-piv-tool -s 9c -i test.pfx -K PKCS12 -p test -a set-chuid \\
|
||||
-a import-key -a import-cert
|
||||
|
||||
Change the management key used for administrative authentication:
|
||||
|
||||
yubico-piv-tool -n 0807605403020108070605040302010807060504030201 \\\n
|
||||
yubico-piv-tool -n 0807605403020108070605040302010807060504030201 \\
|
||||
-a set-mgm-key
|
||||
|
||||
Delete a certificate in slot 9a:
|
||||
|
||||
Reference in New Issue
Block a user