pki: Edited keyid parameter use in various pki man pages and usage outputs

12 files changed, 34 insertions, 19 deletions

diff --git a/src/pki/commands/acert.c b/src/pki/commands/acert.c
index 4f850d6d1..9e6e80938 100644
--- a/src/pki/commands/acert.c
+++ b/src/pki/commands/acert.c
@@ -1,6 +1,6 @@
 /*
  * Copyright (C) 2009 Martin Willi
- * Copyright (C) 2015 Andreas Steffen
+ * Copyright (C) 2015-2017 Andreas Steffen
  * HSR Hochschule fuer Technik Rapperswil
  *
  * This program is free software; you can redistribute it and/or modify it
@@ -286,7 +286,7 @@ static void __attribute__ ((constructor))reg()
 			{"group",			'm', 1, "group membership string to include"},
 			{"issuercert",		'c', 1, "issuer certificate file"},
 			{"issuerkey",		'k', 1, "issuer private key file"},
-			{"issuerkeyid",		'x', 1, "keyid on smartcard of issuer private key"},
+			{"issuerkeyid",		'x', 1, "smartcard or TPM issuer private key object handle"},
 			{"serial",			's', 1, "serial number in hex, default: random"},
 			{"lifetime",		'l', 1, "hours the acert is valid, default: 24"},
 			{"not-before",		'F', 1, "date/time the validity of the AC starts"},
diff --git a/src/pki/commands/issue.c b/src/pki/commands/issue.c
index 333c6ebb3..b0399c78b 100644
--- a/src/pki/commands/issue.c
+++ b/src/pki/commands/issue.c
@@ -1,6 +1,6 @@
 /*
  * Copyright (C) 2009 Martin Willi
- * Copyright (C) 2015-2016 Andreas Steffen
+ * Copyright (C) 2015-2017 Andreas Steffen
  * HSR Hochschule fuer Technik Rapperswil
  *
  * This program is free software; you can redistribute it and/or modify it
@@ -620,7 +620,7 @@ static void __attribute__ ((constructor))reg()
 			{"type",			't', 1, "type of input, default: pub"},
 			{"cacert",			'c', 1, "CA certificate file"},
 			{"cakey",			'k', 1, "CA private key file"},
-			{"cakeyid",			'x', 1, "keyid on smartcard of CA private key"},
+			{"cakeyid",			'x', 1, "smartcard or TPM CA private key object handle"},
 			{"dn",				'd', 1, "distinguished name to include as subject"},
 			{"san",				'a', 1, "subjectAltName to include in certificate"},
 			{"lifetime",		'l', 1, "days the certificate is valid, default: 1095"},
diff --git a/src/pki/commands/pub.c b/src/pki/commands/pub.c
index 1d876f6f7..1f9f3e03c 100644
--- a/src/pki/commands/pub.c
+++ b/src/pki/commands/pub.c
@@ -1,6 +1,6 @@
 /*
  * Copyright (C) 2009 Martin Willi
- * Copyright (C) 2015 Andreas Steffen
+ * Copyright (C) 2015-2017 Andreas Steffen
  * HSR Hochschule fuer Technik Rapperswil
  *
  * This program is free software; you can redistribute it and/or modify it
@@ -199,7 +199,7 @@ static void __attribute__ ((constructor))reg()
 		{
 			{"help",	'h', 0, "show usage information"},
 			{"in",		'i', 1, "input file, default: stdin"},
-			{"keyid",	'x', 1, "keyid on smartcard of private key"},
+			{"keyid",	'x', 1, "smartcard or TPM private key object handle"},
 			{"type",	't', 1, "type of credential, default: priv"},
 			{"outform",	'f', 1, "encoding of extracted public key, default: der"},
 		}
diff --git a/src/pki/commands/req.c b/src/pki/commands/req.c
index e0ab213ea..7b87e6ca6 100644
--- a/src/pki/commands/req.c
+++ b/src/pki/commands/req.c
@@ -1,8 +1,6 @@
 /*
  * Copyright (C) 2009 Martin Willi
- * Copyright (C) 2009-2015 Andreas Steffen
- * HSR Hochschule fuer Technik Rapperswil
- *
+ * Copyright (C) 2009-2017 Andreas Steffen
  * HSR Hochschule fuer Technik Rapperswil
  *
  * This program is free software; you can redistribute it and/or modify it
@@ -217,7 +215,7 @@ static void __attribute__ ((constructor))reg()
 		{
 			{"help",	'h', 0, "show usage information"},
 			{"in",		'i', 1, "private key input file, default: stdin"},
-			{"keyid",	'x', 1, "keyid on smartcard of private key"},
+			{"keyid",	'x', 1, "smartcard or TPM private key object handle"},
 			{"type",	't', 1, "type of input key, default: priv"},
 			{"dn",		'd', 1, "subject distinguished name"},
 			{"san",		'a', 1, "subjectAltName to include in cert request"},
diff --git a/src/pki/commands/self.c b/src/pki/commands/self.c
index b894ac190..1df1800bb 100644
--- a/src/pki/commands/self.c
+++ b/src/pki/commands/self.c
@@ -1,6 +1,6 @@
 /*
  * Copyright (C) 2009 Martin Willi
- * Copyright (C) 2015-2016 Andreas Steffen
+ * Copyright (C) 2015-2017 Andreas Steffen
  * HSR Hochschule fuer Technik Rapperswil
  *
  * This program is free software; you can redistribute it and/or modify it
@@ -454,7 +454,7 @@ static void __attribute__ ((constructor))reg()
 		{
 			{"help",			'h', 0, "show usage information"},
 			{"in",				'i', 1, "private key input file, default: stdin"},
-			{"keyid",			'x', 1, "keyid on smartcard of private key"},
+			{"keyid",			'x', 1, "smartcard or TPM private key object handle"},
 			{"type",			't', 1, "type of input key, default: priv"},
 			{"dn",				'd', 1, "subject and issuer distinguished name"},
 			{"san",				'a', 1, "subjectAltName to include in certificate"},
diff --git a/src/pki/commands/signcrl.c b/src/pki/commands/signcrl.c
index b9cf9c466..6bccf1b09 100644
--- a/src/pki/commands/signcrl.c
+++ b/src/pki/commands/signcrl.c
@@ -2,6 +2,9 @@
  * Copyright (C) 2010 Martin Willi
  * Copyright (C) 2010 revosec AG
  *
+ * Copyright (C) 2017 Andreas Steffen
+ * HSR Hochschule fuer Technik Rapperswil
+ *
  * This program is free software; you can redistribute it and/or modify it
  * under the terms of the GNU General Public License as published by the
  * Free Software Foundation; either version 2 of the License, or (at your
@@ -461,7 +464,7 @@ static void __attribute__ ((constructor))reg()
 			{"help",		'h', 0, "show usage information"},
 			{"cacert",		'c', 1, "CA certificate file"},
 			{"cakey",		'k', 1, "CA private key file"},
-			{"cakeyid",		'x', 1, "keyid on smartcard of CA private key"},
+			{"cakeyid",		'x', 1, "smartcard or TPM CA private key object handle"},
 			{"lifetime",	'l', 1, "days the CRL gets a nextUpdate, default: 15"},
 			{"this-update",	'F', 1, "date/time the validity of the CRL starts"},
 			{"next-update",	'T', 1, "date/time the validity of the CRL ends"},
diff --git a/src/pki/man/pki---acert.1.in b/src/pki/man/pki---acert.1.in
index d7460fd1f..c6ecbb989 100644
--- a/src/pki/man/pki---acert.1.in
+++ b/src/pki/man/pki---acert.1.in
@@ -63,7 +63,8 @@ Issuer private key file. Either this or
 is required.
 .TP
 .BI "\-x, \-\-issuerkeyid " hex
-Key ID of a issuer private key on a smartcard. Either this or
+Smartcard or TPM issuer private key object handle in hex format with an optional
+h0x prefix. Either this or
 .B \-\-issuerkey
 is required.
 .TP
diff --git a/src/pki/man/pki---issue.1.in b/src/pki/man/pki---issue.1.in
index d1fa3473f..99cc64fa5 100644
--- a/src/pki/man/pki---issue.1.in
+++ b/src/pki/man/pki---issue.1.in
@@ -79,7 +79,8 @@ CA private key file. Either this or
 is required.
 .TP
 .BI "\-x, \-\-cakeyid " hex
-Key ID of a CA private key on a smartcard. Either this or
+Smartcard or TPM CA private key object handle in hex format with an optional
+0x prefix. Either this or
 .B \-\-cakey
 is required.
 .TP
diff --git a/src/pki/man/pki---pub.1.in b/src/pki/man/pki---pub.1.in
index fe6c520f4..006b7aefa 100644
--- a/src/pki/man/pki---pub.1.in
+++ b/src/pki/man/pki---pub.1.in
@@ -46,6 +46,10 @@ Read command line options from \fIfile\fR.
 .BI "\-i, \-\-in " file
 Input file. If not given the input is read from \fISTDIN\fR.
 .TP
+.BI "\-x, \-\-keyid " hex
+Smartcard or TPM private key object handle in hex format with an optional
+0x prefix.
+.TP
 .BI "\-t, \-\-type " type
 Type of input. One of \fIpriv\fR (private key), \fIrsa\fR (RSA private key),
 \fIecdsa\fR (ECDSA private key), \fIpub\fR (public key), \fIpkcs10\fR (PKCS#10
diff --git a/src/pki/man/pki---req.1.in b/src/pki/man/pki---req.1.in
index 4a39c5c94..09ef0862a 100644
--- a/src/pki/man/pki---req.1.in
+++ b/src/pki/man/pki---req.1.in
@@ -7,7 +7,9 @@ pki \-\-req \- Create a PKCS#10 certificate request
 .SH "SYNOPSIS"
 .
 .SY pki\ \-\-req
-.OP \-\-in file
+.RB [ \-\-in
+.IR file | \fB\-\-keyid\fR
+.IR hex ]
 .OP \-\-type type
 .BI \-\-dn\~ distinguished-name
 .OP \-\-san subjectAltName
@@ -48,6 +50,10 @@ Read command line options from \fIfile\fR.
 .BI "\-i, \-\-in " file
 Private key input file. If not given the key is read from \fISTDIN\fR.
 .TP
+.BI "\-x, \-\-keyid " hex
+Smartcard or TPM private key object handle in hex format with an optional
+0x prefix.
+.TP
 .BI "\-t, \-\-type " type
 Type of the input key. Either \fIpriv\fR, \fIrsa\fR, \fIecdsa\fR or \fIbliss\fR,
 defaults to \fIpriv\fR.
@@ -89,4 +95,4 @@ Generate a certificate request for an ECDSA key and a different digest:
 .
 .SH "SEE ALSO"
 .
-.BR pki (1)
\ No newline at end of file
+.BR pki (1)
diff --git a/src/pki/man/pki---self.1.in b/src/pki/man/pki---self.1.in
index 4384fa72d..aa7e6fabe 100644
--- a/src/pki/man/pki---self.1.in
+++ b/src/pki/man/pki---self.1.in
@@ -66,7 +66,8 @@ Read command line options from \fIfile\fR.
 Private key input file. If not given the key is read from \fISTDIN\fR.
 .TP
 .BI "\-x, \-\-keyid " hex
-Key ID of a private key on a smartcard.
+Smartcard or TPM private key object handle in hex format with an optional
+0x prefix.
 .TP
 .BI "\-t, \-\-type " type
 Type of the input key. Either \fIpriv\fR, \fIrsa\fR, \fIecdsa\fR, \fIed25519\fR
diff --git a/src/pki/man/pki---signcrl.1.in b/src/pki/man/pki---signcrl.1.in
index b930bfa3c..b901ad084 100644
--- a/src/pki/man/pki---signcrl.1.in
+++ b/src/pki/man/pki---signcrl.1.in
@@ -56,7 +56,8 @@ CA private key file. Either this or
 is required.
 .TP
 .BI "\-x, \-\-cakeyid " hex
-Key ID of a CA private key on a smartcard. Either this or
+Smartcard or TPM CA private key object handle in hex format with an optional
+0x prefix. Either this or
 .B \-\-cakey
 is required.
 .TP