# Copyright (c) 2014 Yubico AB # All rights reserved. # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . # # Additional permission under GNU GPL version 3 section 7 # # If you modify this program, or any covered work, by linking or # combining it with the OpenSSL project's OpenSSL library (or a # modified version of that library), containing parts covered by the # terms of the OpenSSL or SSLeay licenses, We grant you additional # permission to convey the resulting work. Corresponding Source for a # non-source form of such a combination shall include the source code # for the parts of OpenSSL used as well as that of the covered work. [EXAMPLES] For more information about what's happening --verbose can be added to any command. For much more information --verbose=2 may be used. Display what version of the applet is running on the YubiKey Neo: yubico-piv-tool -a version Generate a new ECC-P256 key on device in slot 9a, will print the public key on stdout: yubico-piv-tool -s 9a -A ECCP256 -a generate Generate a certificate request with public key from stdin, will print the resulting request on stdout: yubico-piv-tool -s 9a -S '/CN=foo/OU=test/O=example.com/' -P 123456 \\\n -a verify -a request Generate a self-signed certificate with public key from stdin, will print the certificate, for later import, on stdout: yubico-piv-tool -s 9a -S '/CN=bar/OU=test/O=example.com/' -P 123456 \\\n -a verify -a selfsign Import a certificate from stdin: yubico-piv-tool -s 9a -a import-certificate Set a random chuid, import a key and import a certificate from a PKCS12 file with password test, into slot 9c: yubico-piv-tool -s 9c -i test.pfx -K PKCS12 -p test -a set-chuid \\\n -a import-key -a import-cert Change the management key used for administrative authentication: yubico-piv-tool -n 0807605403020108070605040302010807060504030201 \\\n -a set-mgm-key