* Update opensc-tool and opensc-explorer man pages
* Remove not implemented pksign/pkdecrypt commands from opensc-explorer. Use pkcs15-crypt instead. git-svn-id: https://www.opensc-project.org/svnp/opensc/branches/martin/0.12@3843 c6295689-39f2-0310-b995-f0e70906c6a9
This commit is contained in:
parent
0eac0fb14c
commit
533a33521f
|
@ -58,6 +58,10 @@
|
|||
auto-detected.
|
||||
</para></listitem>
|
||||
</varlistentry>
|
||||
<varlistentry>
|
||||
<term><option>--wait, -w</option></term>
|
||||
<listitem><para>Wait for a card to be inserted</para></listitem>
|
||||
</varlistentry>
|
||||
<varlistentry>
|
||||
<term><option>--verbose, -v</option></term>
|
||||
<listitem><para>
|
||||
|
@ -152,18 +156,6 @@
|
|||
and <varname>size</varname> is the size of the new file.</para></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><option>pksign</option></term>
|
||||
<listitem><para>create a public key signature. NOTE: This command is currently not implemented.
|
||||
</para></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><option>pkdecrypt</option></term>
|
||||
<listitem><para>perform a public key decryption. NOTE: This command is currently not implemented.
|
||||
</para></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><option>erase</option></term>
|
||||
<listitem><para>erase the card, if the card supports it.</para></listitem>
|
||||
|
|
|
@ -31,11 +31,20 @@
|
|||
<title>Options</title>
|
||||
<para>
|
||||
<variablelist>
|
||||
<varlistentry>
|
||||
<term><option>--info, -i</option></term>
|
||||
<listitem><para>Print information about OpenSC, such as version and enabled components</para></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><option>--atr, -a</option></term>
|
||||
<listitem><para>Print the Answer To Reset (ATR) of the card,
|
||||
output is in hex byte format</para></listitem>
|
||||
</varlistentry>
|
||||
<varlistentry>
|
||||
<term><option>--name, -n</option></term>
|
||||
<listitem><para>Print the name of the inserted card (driver)</para></listitem>
|
||||
</varlistentry>
|
||||
<varlistentry>
|
||||
<term><option>--serial</option></term>
|
||||
<listitem><para>Print the card serial number (normally the ICCSN), output is in hex byte
|
||||
|
@ -70,6 +79,10 @@ in the system.</para></listitem>
|
|||
<term><option>--card-driver</option> driver, <option>-c</option> driver</term>
|
||||
<listitem><para>Use the given card driver. The default is auto-detected.</para></listitem>
|
||||
</varlistentry>
|
||||
<varlistentry>
|
||||
<term><option>--wait, -w</option></term>
|
||||
<listitem><para>Wait for a card to be inserted</para></listitem>
|
||||
</varlistentry>
|
||||
<varlistentry>
|
||||
<term><option>--verbose, -v</option></term>
|
||||
<listitem><para>Causes <command>opensc-tool</command> to be more verbose. Specify this flag several times
|
||||
|
|
|
@ -60,19 +60,6 @@ static const char *option_help[] = {
|
|||
"Verbose operation. Use several times to enable debug output.",
|
||||
};
|
||||
|
||||
|
||||
#if 0 /* fixme: uncomment for use with pksign */
|
||||
static u8 oid_md5[18] = /* MD5 OID is 1.2.840.113549.2.5 */
|
||||
{ 0x30, 0x20, 0x30, 0x0c, 0x06, 0x08, 0x2a, 0x86,0x48,
|
||||
0x86, 0xf7, 0x0d, 0x02, 0x05, 0x05, 0x00, 0x04, 0x10 };
|
||||
static u8 oid_sha1[15] = /* SHA-1 OID 1.3.14.3.2.26 */
|
||||
{ 0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03,
|
||||
0x02, 0x1a, 0x05, 0x00, 0x04, 0x14 };
|
||||
static u8 oid_rmd160[15] = /* RIPE MD-160 OID is 1.3.36.3.2.1 */
|
||||
{ 0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x24, 0x03,
|
||||
0x02, 0x01, 0x05, 0x00, 0x04, 0x14 };
|
||||
#endif
|
||||
|
||||
static size_t hex2binary(u8 *out, size_t outlen, const char *in);
|
||||
|
||||
struct command {
|
||||
|
@ -1176,163 +1163,6 @@ static int do_debug(int argc, char **argv)
|
|||
}
|
||||
|
||||
|
||||
static int do_pksign(int argc, char **argv)
|
||||
{
|
||||
puts ("Not yet supported");
|
||||
return -1;
|
||||
#if 0
|
||||
int i, ref, r;
|
||||
u8 indata[128];
|
||||
size_t indatalen = sizeof indata;
|
||||
u8 outdata[128];
|
||||
size_t outdatalen = sizeof outdata;
|
||||
sc_security_env_t senv;
|
||||
const u8 *oid;
|
||||
int oidlen;
|
||||
const char *s;
|
||||
|
||||
if (argc < 2 || argc > 3)
|
||||
goto usage;
|
||||
if (sscanf (argv[0], "%d", &ref) != 1 || ref < 0 || ref > 255) {
|
||||
printf("Invalid key reference.\n");
|
||||
goto usage;
|
||||
}
|
||||
|
||||
if (argv[1][0] == '"') {
|
||||
for (s = argv[1]+1, i = 0;
|
||||
i < sizeof indata && *s && *s != '"'; i++)
|
||||
indata[i] = *s++;
|
||||
indatalen = i;
|
||||
} else if (sc_hex_to_bin(argv[1], indata, &indatalen)) {
|
||||
printf("Invalid data value.\n");
|
||||
goto usage;
|
||||
}
|
||||
|
||||
|
||||
if (argc == 3) {
|
||||
if (!strcasecmp(argv[2], "SHA1")) {
|
||||
oid = oid_sha1; oidlen = sizeof oid_sha1;
|
||||
}
|
||||
else if (!strcasecmp (argv[2], "MD5")) {
|
||||
oid = oid_md5; oidlen = sizeof oid_md5;
|
||||
}
|
||||
else if (!strcasecmp (argv[2], "RMD160")) {
|
||||
oid = oid_rmd160; oidlen = sizeof oid_rmd160;
|
||||
}
|
||||
else {
|
||||
goto usage;
|
||||
}
|
||||
}
|
||||
else {
|
||||
oid = ""; oidlen = 0;
|
||||
}
|
||||
|
||||
if (indatalen + oidlen > sizeof indata) {
|
||||
printf("Data value to long.\n");
|
||||
goto usage;
|
||||
}
|
||||
|
||||
memmove(indata + oidlen, indata, indatalen);
|
||||
memcpy(indata, oid, oidlen);
|
||||
indatalen += oidlen;
|
||||
|
||||
/* setup the security environment */
|
||||
/* FIXME The values won't work for other cards. They do work
|
||||
for TCOS because there is no need for a security
|
||||
environment there */
|
||||
memset(&senv, 0, sizeof senv);
|
||||
senv.operation = SC_SEC_OPERATION_SIGN;
|
||||
senv.algorithm = SC_ALGORITHM_RSA;
|
||||
senv.key_ref_len = 1;
|
||||
senv.key_ref[0] = ref;
|
||||
senv.flags = (SC_SEC_ENV_KEY_REF_PRESENT | SC_SEC_ENV_ALG_PRESENT);
|
||||
r = sc_set_security_env(card, &senv, 0);
|
||||
if (r) {
|
||||
printf("Failed to set the security environment: %s\n",
|
||||
sc_strerror (r));
|
||||
return -1;
|
||||
}
|
||||
|
||||
/* Perform the actual sign. */
|
||||
r = sc_compute_signature(card, indata, indatalen,
|
||||
outdata, outdatalen);
|
||||
if (r<0) {
|
||||
printf("Signing failed: %s\n", sc_strerror (r));
|
||||
return -1;
|
||||
}
|
||||
util_hex_dump_asc(stdout, outdata, r, -1);
|
||||
printf ("Done.\n");
|
||||
return 0;
|
||||
usage:
|
||||
printf ("Usage: pksign <key ref> <data> [MD5|SHA1|RMD160]\n");
|
||||
return -1;
|
||||
#endif
|
||||
}
|
||||
|
||||
|
||||
static int do_pkdecrypt(int argc, char **argv)
|
||||
{
|
||||
puts ("Not yet supported");
|
||||
return -1;
|
||||
#if 0
|
||||
int i, ref, r;
|
||||
u8 indata[128];
|
||||
size_t indatalen = sizeof indata;
|
||||
u8 outdata[128];
|
||||
size_t outdatalen = sizeof outdata;
|
||||
sc_security_env_t senv;
|
||||
const char *s;
|
||||
|
||||
if (argc != 2)
|
||||
goto usage;
|
||||
if (sscanf(argv[0], "%d", &ref) != 1 || ref < 0 || ref > 255) {
|
||||
printf("Invalid key reference.\n");
|
||||
goto usage;
|
||||
}
|
||||
|
||||
if (argv[1][0] == '"') {
|
||||
for (s=argv[1]+1, i = 0;
|
||||
i < sizeof indata && *s && *s != '"'; i++)
|
||||
indata[i] = *s++;
|
||||
indatalen = i;
|
||||
} else if (sc_hex_to_bin (argv[1], indata, &indatalen)) {
|
||||
printf("Invalid data value.\n");
|
||||
goto usage;
|
||||
}
|
||||
|
||||
/* setup the security environment */
|
||||
memset (&senv, 0, sizeof senv);
|
||||
senv.operation = SC_SEC_OPERATION_DECIPHER;
|
||||
senv.algorithm = SC_ALGORITHM_RSA;
|
||||
senv.key_ref_len = 1;
|
||||
senv.key_ref[0] = ref;
|
||||
senv.flags = (SC_SEC_ENV_KEY_REF_PRESENT | SC_SEC_ENV_ALG_PRESENT);
|
||||
r = sc_set_security_env(card, &senv, 0);
|
||||
if (r) {
|
||||
printf("Failed to set the security environment: %s\n",
|
||||
sc_strerror (r));
|
||||
return -1;
|
||||
}
|
||||
|
||||
/* perform the actual decryption */
|
||||
/* FIXME: It is pretty useless to to this test padding :-; */
|
||||
memmove(indata+(sizeof indata - indatalen), indata, indatalen);
|
||||
memset(indata, 0, (sizeof indata - indatalen));
|
||||
indatalen = sizeof indata;
|
||||
r = sc_decipher(card, indata, indatalen, outdata, outdatalen);
|
||||
if (r<0) {
|
||||
printf("Decryption failed: %s\n", sc_strerror (r));
|
||||
return -1;
|
||||
}
|
||||
util_hex_dump_asc (stdout, outdata, r, -1);
|
||||
printf("Done.\n");
|
||||
return 0;
|
||||
usage:
|
||||
printf("Usage: pkdecrypt <key ref> <data>\n");
|
||||
return -1;
|
||||
#endif
|
||||
}
|
||||
|
||||
static int
|
||||
do_erase(int argc, char **argv)
|
||||
{
|
||||
|
@ -1608,8 +1438,6 @@ static struct command cmds[] = {
|
|||
{ "do_get", do_get_data, "get a data object" },
|
||||
{ "do_put", do_put_data, "put a data object" },
|
||||
{ "mkdir", do_mkdir, "create a DF" },
|
||||
{ "pksign", do_pksign, "create a public key signature" },
|
||||
{ "pkdecrypt", do_pkdecrypt, "perform a public key decryption" },
|
||||
{ "erase", do_erase, "erase card" },
|
||||
{ "random", do_random, "obtain N random bytes from card" },
|
||||
{ "quit", do_quit, "quit this program" },
|
||||
|
|
Loading…
Reference in New Issue