add support for retired key objects
slots 82-95
This commit is contained in:
+21
@@ -111,6 +111,27 @@ extern "C"
|
||||
#define YKPIV_OBJ_KEY_HISTORY 0x5fc10c
|
||||
#define YKPIV_OBJ_IRIS 0x5fc121
|
||||
|
||||
#define YKPIV_OBJ_RETIRED1 0x5fc10d
|
||||
#define YKPIV_OBJ_RETIRED2 0x5fc10e
|
||||
#define YKPIV_OBJ_RETIRED3 0x5fc10f
|
||||
#define YKPIV_OBJ_RETIRED4 0x5fc110
|
||||
#define YKPIV_OBJ_RETIRED5 0x5fc111
|
||||
#define YKPIV_OBJ_RETIRED6 0x5fc112
|
||||
#define YKPIV_OBJ_RETIRED7 0x5fc113
|
||||
#define YKPIV_OBJ_RETIRED8 0x5fc114
|
||||
#define YKPIV_OBJ_RETIRED9 0x5fc115
|
||||
#define YKPIV_OBJ_RETIRED10 0x5fc116
|
||||
#define YKPIV_OBJ_RETIRED11 0x5fc117
|
||||
#define YKPIV_OBJ_RETIRED12 0x5fc118
|
||||
#define YKPIV_OBJ_RETIRED13 0x5fc119
|
||||
#define YKPIV_OBJ_RETIRED14 0x5fc11a
|
||||
#define YKPIV_OBJ_RETIRED15 0x5fc11b
|
||||
#define YKPIV_OBJ_RETIRED16 0x5fc11c
|
||||
#define YKPIV_OBJ_RETIRED17 0x5fc11d
|
||||
#define YKPIV_OBJ_RETIRED18 0x5fc11e
|
||||
#define YKPIV_OBJ_RETIRED19 0x5fc11f
|
||||
#define YKPIV_OBJ_RETIRED20 0x5fc120
|
||||
|
||||
#define YKPIV_INS_VERIFY 0x20
|
||||
#define YKPIV_INS_CHANGE_REFERENCE 0x24
|
||||
#define YKPIV_INS_RESET_RETRY 0x2c
|
||||
|
||||
+3
-2
@@ -35,12 +35,13 @@ option "action" a "Action to take" values="version","generate","set-mgm-key",
|
||||
text "
|
||||
Multiple actions may be given at once and will be executed in order
|
||||
for example --action=verify-pin --action=request-certificate\n"
|
||||
option "slot" s "What key slot to operate on" values="9a","9c","9d","9e" enum optional
|
||||
option "slot" s "What key slot to operate on" values="9a","9c","9d","9e","82","83","84","85","86","87","88","89","8a","8b","8c","8d","8e","8f","90","91","92","93","94","95" enum optional
|
||||
text "
|
||||
9a is for PIV Authentication
|
||||
9c is for Digital Signature (PIN always checked)
|
||||
9d is for Key Management
|
||||
9e is for Card Authentication (PIN never checked)\n"
|
||||
9e is for Card Authentication (PIN never checked)
|
||||
82-95 is for Retired Key Management\n"
|
||||
option "algorithm" A "What algorithm to use" values="RSA1024","RSA2048","ECCP256","ECCP384" enum optional default="RSA2048"
|
||||
option "hash" H "Hash to use for signatures" values="SHA1","SHA256","SHA384","SHA512" enum optional default="SHA256"
|
||||
option "new-key" n "New authentication key to use" string optional
|
||||
|
||||
+60
@@ -200,6 +200,66 @@ int get_object_id(enum enum_slot slot) {
|
||||
case slot_arg_9e:
|
||||
object = YKPIV_OBJ_CARD_AUTH;
|
||||
break;
|
||||
case slot_arg_82:
|
||||
object = YKPIV_OBJ_RETIRED1;
|
||||
break;
|
||||
case slot_arg_83:
|
||||
object = YKPIV_OBJ_RETIRED2;
|
||||
break;
|
||||
case slot_arg_84:
|
||||
object = YKPIV_OBJ_RETIRED3;
|
||||
break;
|
||||
case slot_arg_85:
|
||||
object = YKPIV_OBJ_RETIRED4;
|
||||
break;
|
||||
case slot_arg_86:
|
||||
object = YKPIV_OBJ_RETIRED5;
|
||||
break;
|
||||
case slot_arg_87:
|
||||
object = YKPIV_OBJ_RETIRED6;
|
||||
break;
|
||||
case slot_arg_88:
|
||||
object = YKPIV_OBJ_RETIRED7;
|
||||
break;
|
||||
case slot_arg_89:
|
||||
object = YKPIV_OBJ_RETIRED8;
|
||||
break;
|
||||
case slot_arg_8a:
|
||||
object = YKPIV_OBJ_RETIRED9;
|
||||
break;
|
||||
case slot_arg_8b:
|
||||
object = YKPIV_OBJ_RETIRED10;
|
||||
break;
|
||||
case slot_arg_8c:
|
||||
object = YKPIV_OBJ_RETIRED11;
|
||||
break;
|
||||
case slot_arg_8d:
|
||||
object = YKPIV_OBJ_RETIRED12;
|
||||
break;
|
||||
case slot_arg_8e:
|
||||
object = YKPIV_OBJ_RETIRED13;
|
||||
break;
|
||||
case slot_arg_8f:
|
||||
object = YKPIV_OBJ_RETIRED14;
|
||||
break;
|
||||
case slot_arg_90:
|
||||
object = YKPIV_OBJ_RETIRED15;
|
||||
break;
|
||||
case slot_arg_91:
|
||||
object = YKPIV_OBJ_RETIRED16;
|
||||
break;
|
||||
case slot_arg_92:
|
||||
object = YKPIV_OBJ_RETIRED17;
|
||||
break;
|
||||
case slot_arg_93:
|
||||
object = YKPIV_OBJ_RETIRED18;
|
||||
break;
|
||||
case slot_arg_94:
|
||||
object = YKPIV_OBJ_RETIRED19;
|
||||
break;
|
||||
case slot_arg_95:
|
||||
object = YKPIV_OBJ_RETIRED20;
|
||||
break;
|
||||
case slot__NULL:
|
||||
default:
|
||||
object = 0;
|
||||
|
||||
Reference in New Issue
Block a user