move the cli stuff to subdir tool
This commit is contained in:
@@ -0,0 +1,54 @@
|
||||
# Copyright (c) 2014 Yubico AB
|
||||
# All rights reserved.
|
||||
#
|
||||
# This program is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# This program is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
# Additional permission under GNU GPL version 3 section 7
|
||||
#
|
||||
# If you modify this program, or any covered work, by linking or
|
||||
# combining it with the OpenSSL project's OpenSSL library (or a
|
||||
# modified version of that library), containing parts covered by the
|
||||
# terms of the OpenSSL or SSLeay licenses, We grant you additional
|
||||
# permission to convey the resulting work. Corresponding Source for a
|
||||
# non-source form of such a combination shall include the source code
|
||||
# for the parts of OpenSSL used as well as that of the covered work.
|
||||
|
||||
AM_CFLAGS = $(WERROR_CFLAGS) $(WARN_CFLAGS)
|
||||
AM_CPPFLAGS = $(OPENSSL_CFLAGS) $(PCSC_CFLAGS)
|
||||
|
||||
bin_PROGRAMS = yubico-piv-tool
|
||||
yubico_piv_tool_SOURCES = yubico-piv-tool.c yubico-piv-tool.h2m
|
||||
yubico_piv_tool_SOURCES += cmdline.ggo cmdline.c cmdline.h
|
||||
yubico_piv_tool_LDADD = $(OPENSSL_LIBS) $(PCSC_LIBS)
|
||||
yubico_piv_tool_LDADD += $(LTLIBWINSCARD) $(PCSC_MACOSX_LIBS)
|
||||
|
||||
cmdline.c cmdline.h: cmdline.ggo Makefile.am
|
||||
gengetopt --input $^
|
||||
|
||||
BUILT_SOURCES = cmdline.c cmdline.h
|
||||
MAINTAINERCLEANFILES = $(BUILT_SOURCES)
|
||||
|
||||
# Doc.
|
||||
|
||||
dist_man_MANS = yubico-piv-tool.1
|
||||
MAINTAINERCLEANFILES += $(dist_man_MANS)
|
||||
|
||||
EXTRA_DIST = windows.mk mac.mk tests/basic.sh
|
||||
|
||||
yubico-piv-tool.1: $(yubico_piv_tool_SOURCES) \
|
||||
$(top_srcdir)/configure.ac
|
||||
$(HELP2MAN) --no-info \
|
||||
--name="Yubico PIV tool" \
|
||||
--include=$(srcdir)/yubico-piv-tool.h2m \
|
||||
--output=$@ $(builddir)/yubico-piv-tool$(EXEEXT)
|
||||
@@ -0,0 +1,56 @@
|
||||
# Copyright (c) 2014 Yubico AB
|
||||
# All rights reserved.
|
||||
#
|
||||
# This program is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# This program is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
# Additional permission under GNU GPL version 3 section 7
|
||||
#
|
||||
# If you modify this program, or any covered work, by linking or
|
||||
# combining it with the OpenSSL project's OpenSSL library (or a
|
||||
# modified version of that library), containing parts covered by the
|
||||
# terms of the OpenSSL or SSLeay licenses, We grant you additional
|
||||
# permission to convey the resulting work. Corresponding Source for a
|
||||
# non-source form of such a combination shall include the source code
|
||||
# for the parts of OpenSSL used as well as that of the covered work.
|
||||
|
||||
option "verbose" v "Print more information" int optional default="0" argoptional
|
||||
option "reader" r "Only use a matching reader" string optional default="Yubikey"
|
||||
option "key" k "Authentication key to use" string optional default="010203040506070801020304050607080102030405060708"
|
||||
option "action" a "Action to take" values="version","generate","set-mgm-key",
|
||||
"reset","pin-retries","import-key","import-certificate","set-chuid",
|
||||
"request-certificate","verify-pin","change-pin","change-puk","unblock-pin",
|
||||
"selfsign-certificate","delete-certificate" enum multiple
|
||||
text "
|
||||
Multiple actions may be given at once and will be executed in order
|
||||
for example --action=verify-pin --action=request-certificate\n"
|
||||
option "slot" s "What key slot to operate on" values="9a","9c","9d","9e" enum optional
|
||||
text "
|
||||
9a is for PIV Authentication
|
||||
9c is for Digital Signature (PIN always checked)
|
||||
9d is for Key Management
|
||||
9e is for Card Authentication (PIN never checked)\n"
|
||||
option "algorithm" A "What algorithm to use" values="RSA1024","RSA2048","ECCP256" enum optional default="RSA2048"
|
||||
option "new-key" n "New authentication key to use" string optional
|
||||
option "pin-retries" - "Number of retries before the pin code is blocked" int optional dependon="puk-retries"
|
||||
option "puk-retries" - "Number of retries before the puk code is blocked" int optional dependon="pin-retries"
|
||||
option "input" i "Filename to use as input, - for stdin" string optional default="-"
|
||||
option "output" o "Filename to use as output, - for stdout" string optional default="-"
|
||||
option "key-format" K "Format of the key being read/written" values="PEM","PKCS12" enum optional default="PEM"
|
||||
option "password" p "Password for decryption of private key file" string optional
|
||||
option "subject" S "The subject to use for certificate request" string optional
|
||||
text "
|
||||
The subject must be written as:
|
||||
/CN=host.example.com/OU=test/O=example.com/\n"
|
||||
option "pin" P "Pin/puk code for verification" string optional
|
||||
option "new-pin" N "New pin/puk code for changing" string optional dependon="pin"
|
||||
File diff suppressed because it is too large
Load Diff
@@ -0,0 +1,70 @@
|
||||
# Copyright (c) 2014 Yubico AB
|
||||
# All rights reserved.
|
||||
#
|
||||
# This program is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# This program is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
# Additional permission under GNU GPL version 3 section 7
|
||||
#
|
||||
# If you modify this program, or any covered work, by linking or
|
||||
# combining it with the OpenSSL project's OpenSSL library (or a
|
||||
# modified version of that library), containing parts covered by the
|
||||
# terms of the OpenSSL or SSLeay licenses, We grant you additional
|
||||
# permission to convey the resulting work. Corresponding Source for a
|
||||
# non-source form of such a combination shall include the source code
|
||||
# for the parts of OpenSSL used as well as that of the covered work.
|
||||
|
||||
[EXAMPLES]
|
||||
|
||||
For more information about what's happening --verbose can be added
|
||||
to any command. For much more information --verbose=2 may be used.
|
||||
|
||||
Display what version of the applet is running on the YubiKey Neo:
|
||||
|
||||
yubico-piv-tool -a version
|
||||
|
||||
Generate a new ECC-P256 key on device in slot 9a, will print the public
|
||||
key on stdout:
|
||||
|
||||
yubico-piv-tool -s 9a -A ECCP256 -a generate
|
||||
|
||||
Generate a certificate request with public key from stdin, will print
|
||||
the resulting request on stdout:
|
||||
|
||||
yubico-piv-tool -s 9a -S '/CN=foo/OU=test/O=example.com/' -P 123456 \\\n
|
||||
-a verify -a request
|
||||
|
||||
Generate a self-signed certificate with public key from stdin, will print
|
||||
the certificate, for later import, on stdout:
|
||||
|
||||
yubico-piv-tool -s 9a -S '/CN=bar/OU=test/O=example.com/' -P 123456 \\\n
|
||||
-a verify -a selfsign
|
||||
|
||||
Import a certificate from stdin:
|
||||
|
||||
yubico-piv-tool -s 9a -a import-certificate
|
||||
|
||||
Set a random chuid, import a key and import a certificate from a PKCS12
|
||||
file with password test, into slot 9c:
|
||||
|
||||
yubico-piv-tool -s 9c -i test.pfx -K PKCS12 -p test -a set-chuid \\\n
|
||||
-a import-key -a import-cert
|
||||
|
||||
Change the management key used for administrative authentication:
|
||||
|
||||
yubico-piv-tool -n 0807605403020108070605040302010807060504030201 \\\n
|
||||
-a set-mgm-key
|
||||
|
||||
Delete a certificate in slot 9a:
|
||||
|
||||
yubico-piv-tool -a delete-certificate -s 9a
|
||||
Reference in New Issue
Block a user