Option to delete object by index
Signed-off-by: Raul Metsma <raul@metsma.ee>
This commit is contained in:
parent
3935d501bf
commit
91a1dd9af4
|
@ -77,9 +77,9 @@
|
|||
</term>
|
||||
<listitem>
|
||||
<para>
|
||||
Specify hash algorithm used with RSA-PKCS-PSS signature or RSA-OAEP decryption.
|
||||
Allowed values are "SHA-1", "SHA256", "SHA384", "SHA512", and some tokens may
|
||||
also allow "SHA224". Default is "SHA-1".
|
||||
Specify hash algorithm used with RSA-PKCS-PSS signature or RSA-OAEP decryption.
|
||||
Allowed values are "SHA-1", "SHA256", "SHA384", "SHA512", and some tokens may
|
||||
also allow "SHA224". Default is "SHA-1".
|
||||
</para>
|
||||
<para>
|
||||
Note that the input to RSA-PKCS-PSS has to be of the size equal to
|
||||
|
@ -396,6 +396,13 @@
|
|||
<listitem><para>Specify the index of the slot to use.</para></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term>
|
||||
<option>--object-index</option> <replaceable>index</replaceable>
|
||||
</term>
|
||||
<listitem><para>Specify the index of the object to use.</para></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term>
|
||||
<option>--token-label</option> <replaceable>label</replaceable>
|
||||
|
@ -444,13 +451,13 @@
|
|||
viewable after a login).</para></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<varlistentry>
|
||||
<term>
|
||||
<option>--always-auth</option>
|
||||
</term>
|
||||
<listitem><para>Set the CKA_ALWAYS_AUTHENTICATE attribute to a private key object.
|
||||
If set, the user has to supply the PIN for each use (sign or decrypt) with the key.</para>
|
||||
</listitem>
|
||||
If set, the user has to supply the PIN for each use (sign or decrypt) with the key.</para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
|
@ -580,7 +587,7 @@
|
|||
</term>
|
||||
<listitem><para>Write a key or certificate object to the token.
|
||||
<replaceable>filename</replaceable> points to the DER-encoded certificate or key file.
|
||||
</para></listitem>
|
||||
</para></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
|
@ -588,7 +595,7 @@
|
|||
<option>--generate-random</option> <replaceable>num</replaceable>
|
||||
</term>
|
||||
<listitem><para>Get <replaceable>num</replaceable> bytes of random data.
|
||||
</para></listitem>
|
||||
</para></listitem>
|
||||
</varlistentry>
|
||||
|
||||
</variablelist>
|
||||
|
@ -603,7 +610,7 @@
|
|||
|
||||
To read the certificate with ID <replaceable>KEY_ID</replaceable>
|
||||
in DER format from smart card:
|
||||
<programlisting>pkcs11-tool --read-object --id KEY_ID --type cert --output-file cert.der</programlisting>
|
||||
<programlisting>pkcs11-tool --read-object --id KEY_ID --type cert --output-file cert.der</programlisting>
|
||||
|
||||
To convert the certificate in DER format to PEM format, use OpenSSL
|
||||
tools:
|
||||
|
|
|
@ -155,7 +155,8 @@ enum {
|
|||
OPT_VERIFY,
|
||||
OPT_SIGNATURE_FILE,
|
||||
OPT_ALWAYS_AUTH,
|
||||
OPT_ALLOWED_MECHANISMS
|
||||
OPT_ALLOWED_MECHANISMS,
|
||||
OPT_OBJECT_INDEX
|
||||
};
|
||||
|
||||
static const struct option options[] = {
|
||||
|
@ -206,6 +207,7 @@ static const struct option options[] = {
|
|||
{ "slot", 1, NULL, OPT_SLOT },
|
||||
{ "slot-description", 1, NULL, OPT_SLOT_DESCRIPTION },
|
||||
{ "slot-index", 1, NULL, OPT_SLOT_INDEX },
|
||||
{ "object-index", 1, NULL, OPT_OBJECT_INDEX },
|
||||
{ "token-label", 1, NULL, OPT_TOKEN_LABEL },
|
||||
{ "set-id", 1, NULL, 'e' },
|
||||
{ "attr-from", 1, NULL, OPT_ATTR_FROM },
|
||||
|
@ -279,6 +281,7 @@ static const char *option_help[] = {
|
|||
"Specify the ID of the slot to use",
|
||||
"Specify the description of the slot to use",
|
||||
"Specify the index of the slot to use",
|
||||
"Specify the index of the object to use",
|
||||
"Specify the token label of the slot to use",
|
||||
"Set the CKA_ID of an object, <args>= the (new) CKA_ID",
|
||||
"Use <arg> to create some attributes when writing an object",
|
||||
|
@ -315,6 +318,8 @@ static const char * opt_slot_description = NULL;
|
|||
static const char * opt_token_label = NULL;
|
||||
static CK_ULONG opt_slot_index = 0;
|
||||
static int opt_slot_index_set = 0;
|
||||
static CK_ULONG opt_object_index = 0;
|
||||
static int opt_object_index_set = 0;
|
||||
static CK_MECHANISM_TYPE opt_mechanism = 0;
|
||||
static int opt_mechanism_used = 0;
|
||||
static const char * opt_file_to_write = NULL;
|
||||
|
@ -799,6 +804,10 @@ int main(int argc, char * argv[])
|
|||
opt_slot_index = (CK_ULONG) strtoul(optarg, NULL, 0);
|
||||
opt_slot_index_set = 1;
|
||||
break;
|
||||
case OPT_OBJECT_INDEX:
|
||||
opt_object_index = (CK_ULONG) strtoul(optarg, NULL, 0);
|
||||
opt_object_index_set = 1;
|
||||
break;
|
||||
case OPT_TOKEN_LABEL:
|
||||
if (opt_slot_set || opt_slot_description || opt_slot_index_set) {
|
||||
fprintf(stderr, "Error: Only one of --slot, --slot-label, --slot-index or --token-label can be used\n");
|
||||
|
@ -1153,9 +1162,10 @@ int main(int argc, char * argv[])
|
|||
if (opt_object_class_str == NULL)
|
||||
util_fatal("You should specify type of the object to delete");
|
||||
if (opt_object_id_len == 0 && opt_object_label == NULL &&
|
||||
opt_application_label == NULL && opt_application_id == NULL)
|
||||
opt_application_label == NULL && opt_application_id == NULL &&
|
||||
opt_object_index_set == 0)
|
||||
util_fatal("You should specify at least one of the "
|
||||
"object ID, object label, application label or application ID");
|
||||
"object ID, object label, application label, application ID or object index");
|
||||
delete_object(session);
|
||||
}
|
||||
|
||||
|
@ -4398,7 +4408,7 @@ static int delete_object(CK_SESSION_HANDLE session)
|
|||
nn_attrs++;
|
||||
}
|
||||
|
||||
rv = find_object_with_attributes(session, &obj, attrs, nn_attrs, 0);
|
||||
rv = find_object_with_attributes(session, &obj, attrs, nn_attrs, opt_object_index);
|
||||
if (rv != CKR_OK)
|
||||
p11_fatal("find_object_with_attributes()", rv);
|
||||
else if (obj==CK_INVALID_HANDLE)
|
||||
|
|
Loading…
Reference in New Issue