giomba
/
opensc
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

unified documentation of handling PIN/PUK on CLI

This commit is contained in:
Frank Morgner 2020-02-18 23:33:30 +01:00
parent 6b1770e7ad
commit 261e0b6b0d
7 changed files with 125 additions and 71 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
doc/tools/dnie-tool.1.xml
View File

@ -73,13 +73,25 @@
<varlistentry> <varlistentry>
<term> <term>
<option>--pin</option> <replaceable>pin</replaceable>, <option>--pin</option> <replaceable>pin</replaceable>,
<option>-p</option> <replaceable>pin</replaceable> <option>--p</option> <replaceable>pin</replaceable>
</term> </term>
<listitem><para>Specify the user pin <replaceable>pin</replaceable> to use. <listitem>
If set to env:<replaceable>VARIABLE</replaceable>, the <para>
value of the environment variable These options can be used to specify the PIN value
<replaceable>VARIABLE</replaceable> is used. on the command line. If the value is set to
The default is do not enter pin</para></listitem> <literal>env:</literal><replaceable>VARIABLE</replaceable>, the value
of the specified environment variable is used. By default,
the code is prompted on the command line if needed.
</para>
<para>
Note that on most operation systems, any user can
display the command line of any process on the
system using utilities such as
<command>ps(1)</command>. Therefore, you should prefer
passing the codes via an environment variable
on an unsecured system.
</para>
</listitem>
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
<term> <term>

20
doc/tools/gids-tool.1.xml
View File

@ -46,9 +46,25 @@
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
<term> <term>
<option>--pin</option> <replaceable>argument</replaceable> <option>--pin</option> <replaceable>pin</replaceable>
</term> </term>
<listitem><para>Define user PIN.</para></listitem> <listitem>
<para>
This option can be used to specify the PIN value
on the command line. If the value is set to
<literal>env:</literal><replaceable>VARIABLE</replaceable>, the value
of the specified environment variable is used. By default,
the code is prompted on the command line if needed.
</para>
<para>
Note that on most operation systems, any user can
display the command line of any process on the
system using utilities such as
<command>ps(1)</command>. Therefore, you should prefer
passing the codes via an environment variable
on an unsecured system.
</para>
</listitem>
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
<term> <term>

25
doc/tools/openpgp-tool.1.xml
View File

@ -149,14 +149,25 @@
<varlistentry> <varlistentry>
<term> <term>
<option>--pin</option> <replaceable>string</replaceable> <option>--pin</option> <replaceable>pin</replaceable>
</term> </term>
<listitem><para> <listitem>
The PIN text to verify. If set to <para>
env:<replaceable>VARIABLE</replaceable>, the value of This option can be used to specify the PIN value
the environment variable on the command line. If the value is set to
<replaceable>VARIABLE</replaceable> is used. <literal>env:</literal><replaceable>VARIABLE</replaceable>, the value
</para></listitem> of the specified environment variable is used. By default,
the code is prompted on the command line if needed.
</para>
<para>
Note that on most operation systems, any user can
display the command line of any process on the
system using utilities such as
<command>ps(1)</command>. Therefore, you should prefer
passing the codes via an environment variable
on an unsecured system.
</para>
</listitem>
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>

24
doc/tools/pkcs15-init.1.xml
View File

@ -348,23 +348,25 @@
<varlistentry> <varlistentry>
<term> <term>
<option>--pin</option>, <option>--pin</option> <replaceable>pin</replaceable>,
<option>--puk</option> <option>--puk</option> <replaceable>puk</replaceable>,
<option>--so-pin</option>, <option>--so-pin</option> <replaceable>sopin</replaceable>,
<option>--so-puk</option>, <option>--so-puk</option> <replaceable>sopuk</replaceable>
</term> </term>
<listitem> <listitem>
<para> <para>
These options can be used to specify PIN/PUK values These options can be used to specify the PIN/PUK values
on the command line. If set to on the command line. If the value is set to
env:<replaceable>VARIABLE</replaceable>, the value <literal>env:</literal><replaceable>VARIABLE</replaceable>, the value
of the environment variable of the specified environment variable is used. By default,
<replaceable>VARIABLE</replaceable> is used. Note the code is prompted on the command line if needed.
that on most operation systems, any user can </para>
<para>
Note that on most operation systems, any user can
display the command line of any process on the display the command line of any process on the
system using utilities such as system using utilities such as
<command>ps(1)</command>. Therefore, you should prefer <command>ps(1)</command>. Therefore, you should prefer
passing the values via a hidden environment variable passing the codes via an environment variable
on an unsecured system. on an unsecured system.
</para> </para>
</listitem> </listitem>

29
doc/tools/pkcs15-tool.1.xml
View File

@ -310,16 +310,27 @@
<varlistentry> <varlistentry>
<term> <term>
<option>--pin</option> <replaceable>PIN</replaceable> <option>--pin</option> <replaceable>pin</replaceable>,
<option>--new-pin</option> <replaceable>newpin</replaceable>
<option>--puk</option> <replaceable>puk</replaceable>
</term> </term>
<listitem><para>Specify PIN</para></listitem> <listitem>
</varlistentry> <para>
These options can be used to specify the PIN/PUK values
<varlistentry> on the command line. If the value is set to
<term> <literal>env:</literal><replaceable>VARIABLE</replaceable>, the value
<option>--puk</option> <replaceable>PUK</replaceable> of the specified environment variable is used. By default,
</term> the code is prompted on the command line if needed.
<listitem><para>Specify Unblock PIN</para></listitem> </para>
<para>
Note that on most operation systems, any user can
display the command line of any process on the
system using utilities such as
<command>ps(1)</command>. Therefore, you should prefer
passing the codes via an environment variable
on an unsecured system.
</para>
</listitem>
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>

35
doc/tools/sc-hsm-tool.1.xml
View File

@ -120,26 +120,25 @@
<varlistentry> <varlistentry>
<term> <term>
<option>--so-pin</option> <replaceable>value</replaceable> <option>--pin</option> <replaceable>pin</replaceable>,
<option>--so-pin</option> <replaceable>sopin</replaceable>,
</term> </term>
<listitem> <listitem>
<para>Define SO-PIN for initialization. If set to <para>
env:<replaceable>VARIABLE</replaceable>, the value of These options can be used to specify the PIN values
the environment variable on the command line. If the value is set to
<replaceable>VARIABLE</replaceable> is used.</para> <literal>env:</literal><replaceable>VARIABLE</replaceable>, the value
</listitem> of the specified environment variable is used. By default,
</varlistentry> the code is prompted on the command line if needed.
</para>
<varlistentry> <para>
<term> Note that on most operation systems, any user can
<option>--pin</option> <replaceable>value</replaceable> display the command line of any process on the
</term> system using utilities such as
<listitem> <command>ps(1)</command>. Therefore, you should prefer
<para>Define user PIN for initialization, wrap or passing the codes via an environment variable
unwrap operation. If set to on an unsecured system.
env:<replaceable>VARIABLE</replaceable>, the value of </para>
the environment variable
<replaceable>VARIABLE</replaceable> is used.</para>
</listitem> </listitem>
</varlistentry> </varlistentry>

39
doc/tools/westcos-tool.1.xml
View File

@ -115,25 +115,28 @@
<varlistentry> <varlistentry>
<term> <term>
<option>--pin-value</option> <replaceable>value</replaceable>, <option>--pin-value</option> <replaceable>pin</replaceable>,
<option>-x</option> <replaceable>value</replaceable> <option>-x</option> <replaceable>pin</replaceable>
<option>--puk-value</option> <replaceable>puk</replaceable>,
<option>-y</option> <replaceable>puk</replaceable>
</term> </term>
<listitem><para>Set value of PIN. If set to <listitem>
env:<replaceable>VARIABLE</replaceable>, the value of <para>
the environment variable These options can be used to specify the PIN/PUK values
<replaceable>VARIABLE</replaceable> is used.</para></listitem> on the command line. If the value is set to
</varlistentry> <literal>env:</literal><replaceable>VARIABLE</replaceable>, the value
of the specified environment variable is used. By default,
<varlistentry> the code is prompted on the command line if needed.
<term> </para>
<option>--puk-value</option> <replaceable>value</replaceable>, <para>
<option>-y</option> <replaceable>value</replaceable> Note that on most operation systems, any user can
</term> display the command line of any process on the
<listitem><para>set value of PUK (or value of new PIN for change PIN system using utilities such as
command see <option>-n</option>). If set to <command>ps(1)</command>. Therefore, you should prefer
env:<replaceable>VARIABLE</replaceable>, the value of passing the codes via an environment variable
the environment variable on an unsecured system.
<replaceable>VARIABLE</replaceable> is used.</para></listitem> </para>
</listitem>
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>