diff options
author | Andreas Steffen <andreas.steffen@strongswan.org> | 2017-03-05 11:19:39 +0100 |
---|---|---|
committer | Andreas Steffen <andreas.steffen@strongswan.org> | 2017-03-06 18:54:09 +0100 |
commit | 2d41e1c51cf88cefe216aed1172a96c4816044e3 (patch) | |
tree | 2ace3bd52ea3d73940726e7c6cf0e680107e4c89 /src/pki | |
parent | d8f0d9c2846ffd2b05923ea9816b6825ccecee89 (diff) | |
download | strongswan-2d41e1c51cf88cefe216aed1172a96c4816044e3.tar.bz2 strongswan-2d41e1c51cf88cefe216aed1172a96c4816044e3.tar.xz |
pki: Edited keyid parameter use in various pki man pages and usage outputs
Diffstat (limited to 'src/pki')
-rw-r--r-- | src/pki/commands/acert.c | 4 | ||||
-rw-r--r-- | src/pki/commands/issue.c | 4 | ||||
-rw-r--r-- | src/pki/commands/pub.c | 4 | ||||
-rw-r--r-- | src/pki/commands/req.c | 6 | ||||
-rw-r--r-- | src/pki/commands/self.c | 4 | ||||
-rw-r--r-- | src/pki/commands/signcrl.c | 5 | ||||
-rw-r--r-- | src/pki/man/pki---acert.1.in | 3 | ||||
-rw-r--r-- | src/pki/man/pki---issue.1.in | 3 | ||||
-rw-r--r-- | src/pki/man/pki---pub.1.in | 4 | ||||
-rw-r--r-- | src/pki/man/pki---req.1.in | 10 | ||||
-rw-r--r-- | src/pki/man/pki---self.1.in | 3 | ||||
-rw-r--r-- | src/pki/man/pki---signcrl.1.in | 3 |
12 files changed, 34 insertions, 19 deletions
diff --git a/src/pki/commands/acert.c b/src/pki/commands/acert.c index 4f850d6d1..9e6e80938 100644 --- a/src/pki/commands/acert.c +++ b/src/pki/commands/acert.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Copyright (C) 2015 Andreas Steffen + * Copyright (C) 2015-2017 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -286,7 +286,7 @@ static void __attribute__ ((constructor))reg() {"group", 'm', 1, "group membership string to include"}, {"issuercert", 'c', 1, "issuer certificate file"}, {"issuerkey", 'k', 1, "issuer private key file"}, - {"issuerkeyid", 'x', 1, "keyid on smartcard of issuer private key"}, + {"issuerkeyid", 'x', 1, "smartcard or TPM issuer private key object handle"}, {"serial", 's', 1, "serial number in hex, default: random"}, {"lifetime", 'l', 1, "hours the acert is valid, default: 24"}, {"not-before", 'F', 1, "date/time the validity of the AC starts"}, diff --git a/src/pki/commands/issue.c b/src/pki/commands/issue.c index 333c6ebb3..b0399c78b 100644 --- a/src/pki/commands/issue.c +++ b/src/pki/commands/issue.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Copyright (C) 2015-2016 Andreas Steffen + * Copyright (C) 2015-2017 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -620,7 +620,7 @@ static void __attribute__ ((constructor))reg() {"type", 't', 1, "type of input, default: pub"}, {"cacert", 'c', 1, "CA certificate file"}, {"cakey", 'k', 1, "CA private key file"}, - {"cakeyid", 'x', 1, "keyid on smartcard of CA private key"}, + {"cakeyid", 'x', 1, "smartcard or TPM CA private key object handle"}, {"dn", 'd', 1, "distinguished name to include as subject"}, {"san", 'a', 1, "subjectAltName to include in certificate"}, {"lifetime", 'l', 1, "days the certificate is valid, default: 1095"}, diff --git a/src/pki/commands/pub.c b/src/pki/commands/pub.c index 1d876f6f7..1f9f3e03c 100644 --- a/src/pki/commands/pub.c +++ b/src/pki/commands/pub.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Copyright (C) 2015 Andreas Steffen + * Copyright (C) 2015-2017 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -199,7 +199,7 @@ static void __attribute__ ((constructor))reg() { {"help", 'h', 0, "show usage information"}, {"in", 'i', 1, "input file, default: stdin"}, - {"keyid", 'x', 1, "keyid on smartcard of private key"}, + {"keyid", 'x', 1, "smartcard or TPM private key object handle"}, {"type", 't', 1, "type of credential, default: priv"}, {"outform", 'f', 1, "encoding of extracted public key, default: der"}, } diff --git a/src/pki/commands/req.c b/src/pki/commands/req.c index e0ab213ea..7b87e6ca6 100644 --- a/src/pki/commands/req.c +++ b/src/pki/commands/req.c @@ -1,8 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Copyright (C) 2009-2015 Andreas Steffen - * HSR Hochschule fuer Technik Rapperswil - * + * Copyright (C) 2009-2017 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -217,7 +215,7 @@ static void __attribute__ ((constructor))reg() { {"help", 'h', 0, "show usage information"}, {"in", 'i', 1, "private key input file, default: stdin"}, - {"keyid", 'x', 1, "keyid on smartcard of private key"}, + {"keyid", 'x', 1, "smartcard or TPM private key object handle"}, {"type", 't', 1, "type of input key, default: priv"}, {"dn", 'd', 1, "subject distinguished name"}, {"san", 'a', 1, "subjectAltName to include in cert request"}, diff --git a/src/pki/commands/self.c b/src/pki/commands/self.c index b894ac190..1df1800bb 100644 --- a/src/pki/commands/self.c +++ b/src/pki/commands/self.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Copyright (C) 2015-2016 Andreas Steffen + * Copyright (C) 2015-2017 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -454,7 +454,7 @@ static void __attribute__ ((constructor))reg() { {"help", 'h', 0, "show usage information"}, {"in", 'i', 1, "private key input file, default: stdin"}, - {"keyid", 'x', 1, "keyid on smartcard of private key"}, + {"keyid", 'x', 1, "smartcard or TPM private key object handle"}, {"type", 't', 1, "type of input key, default: priv"}, {"dn", 'd', 1, "subject and issuer distinguished name"}, {"san", 'a', 1, "subjectAltName to include in certificate"}, diff --git a/src/pki/commands/signcrl.c b/src/pki/commands/signcrl.c index b9cf9c466..6bccf1b09 100644 --- a/src/pki/commands/signcrl.c +++ b/src/pki/commands/signcrl.c @@ -2,6 +2,9 @@ * Copyright (C) 2010 Martin Willi * Copyright (C) 2010 revosec AG * + * Copyright (C) 2017 Andreas Steffen + * HSR Hochschule fuer Technik Rapperswil + * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the * Free Software Foundation; either version 2 of the License, or (at your @@ -461,7 +464,7 @@ static void __attribute__ ((constructor))reg() {"help", 'h', 0, "show usage information"}, {"cacert", 'c', 1, "CA certificate file"}, {"cakey", 'k', 1, "CA private key file"}, - {"cakeyid", 'x', 1, "keyid on smartcard of CA private key"}, + {"cakeyid", 'x', 1, "smartcard or TPM CA private key object handle"}, {"lifetime", 'l', 1, "days the CRL gets a nextUpdate, default: 15"}, {"this-update", 'F', 1, "date/time the validity of the CRL starts"}, {"next-update", 'T', 1, "date/time the validity of the CRL ends"}, diff --git a/src/pki/man/pki---acert.1.in b/src/pki/man/pki---acert.1.in index d7460fd1f..c6ecbb989 100644 --- a/src/pki/man/pki---acert.1.in +++ b/src/pki/man/pki---acert.1.in @@ -63,7 +63,8 @@ Issuer private key file. Either this or is required. .TP .BI "\-x, \-\-issuerkeyid " hex -Key ID of a issuer private key on a smartcard. Either this or +Smartcard or TPM issuer private key object handle in hex format with an optional +h0x prefix. Either this or .B \-\-issuerkey is required. .TP diff --git a/src/pki/man/pki---issue.1.in b/src/pki/man/pki---issue.1.in index d1fa3473f..99cc64fa5 100644 --- a/src/pki/man/pki---issue.1.in +++ b/src/pki/man/pki---issue.1.in @@ -79,7 +79,8 @@ CA private key file. Either this or is required. .TP .BI "\-x, \-\-cakeyid " hex -Key ID of a CA private key on a smartcard. Either this or +Smartcard or TPM CA private key object handle in hex format with an optional +0x prefix. Either this or .B \-\-cakey is required. .TP diff --git a/src/pki/man/pki---pub.1.in b/src/pki/man/pki---pub.1.in index fe6c520f4..006b7aefa 100644 --- a/src/pki/man/pki---pub.1.in +++ b/src/pki/man/pki---pub.1.in @@ -46,6 +46,10 @@ Read command line options from \fIfile\fR. .BI "\-i, \-\-in " file Input file. If not given the input is read from \fISTDIN\fR. .TP +.BI "\-x, \-\-keyid " hex +Smartcard or TPM private key object handle in hex format with an optional +0x prefix. +.TP .BI "\-t, \-\-type " type Type of input. One of \fIpriv\fR (private key), \fIrsa\fR (RSA private key), \fIecdsa\fR (ECDSA private key), \fIpub\fR (public key), \fIpkcs10\fR (PKCS#10 diff --git a/src/pki/man/pki---req.1.in b/src/pki/man/pki---req.1.in index 4a39c5c94..09ef0862a 100644 --- a/src/pki/man/pki---req.1.in +++ b/src/pki/man/pki---req.1.in @@ -7,7 +7,9 @@ pki \-\-req \- Create a PKCS#10 certificate request .SH "SYNOPSIS" . .SY pki\ \-\-req -.OP \-\-in file +.RB [ \-\-in +.IR file | \fB\-\-keyid\fR +.IR hex ] .OP \-\-type type .BI \-\-dn\~ distinguished-name .OP \-\-san subjectAltName @@ -48,6 +50,10 @@ Read command line options from \fIfile\fR. .BI "\-i, \-\-in " file Private key input file. If not given the key is read from \fISTDIN\fR. .TP +.BI "\-x, \-\-keyid " hex +Smartcard or TPM private key object handle in hex format with an optional +0x prefix. +.TP .BI "\-t, \-\-type " type Type of the input key. Either \fIpriv\fR, \fIrsa\fR, \fIecdsa\fR or \fIbliss\fR, defaults to \fIpriv\fR. @@ -89,4 +95,4 @@ Generate a certificate request for an ECDSA key and a different digest: . .SH "SEE ALSO" . -.BR pki (1)
\ No newline at end of file +.BR pki (1) diff --git a/src/pki/man/pki---self.1.in b/src/pki/man/pki---self.1.in index 4384fa72d..aa7e6fabe 100644 --- a/src/pki/man/pki---self.1.in +++ b/src/pki/man/pki---self.1.in @@ -66,7 +66,8 @@ Read command line options from \fIfile\fR. Private key input file. If not given the key is read from \fISTDIN\fR. .TP .BI "\-x, \-\-keyid " hex -Key ID of a private key on a smartcard. +Smartcard or TPM private key object handle in hex format with an optional +0x prefix. .TP .BI "\-t, \-\-type " type Type of the input key. Either \fIpriv\fR, \fIrsa\fR, \fIecdsa\fR, \fIed25519\fR diff --git a/src/pki/man/pki---signcrl.1.in b/src/pki/man/pki---signcrl.1.in index b930bfa3c..b901ad084 100644 --- a/src/pki/man/pki---signcrl.1.in +++ b/src/pki/man/pki---signcrl.1.in @@ -56,7 +56,8 @@ CA private key file. Either this or is required. .TP .BI "\-x, \-\-cakeyid " hex -Key ID of a CA private key on a smartcard. Either this or +Smartcard or TPM CA private key object handle in hex format with an optional +0x prefix. Either this or .B \-\-cakey is required. .TP |