[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU gnutls branch, gnutls_2_12_x, updated. gnutls_2_11_6-83-g952ff
From: |
Nikos Mavrogiannopoulos |
Subject: |
[SCM] GNU gnutls branch, gnutls_2_12_x, updated. gnutls_2_11_6-83-g952ff86 |
Date: |
Tue, 08 Feb 2011 22:06:41 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".
http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=952ff869e55a91ed7a96e27afd760f6d7a027ebd
The branch, gnutls_2_12_x has been updated
via 952ff869e55a91ed7a96e27afd760f6d7a027ebd (commit)
from eeb9677e709ec22f9cf7b286e5e5fc07092c0f3f (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 952ff869e55a91ed7a96e27afd760f6d7a027ebd
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Tue Feb 8 23:06:14 2011 +0100
Added documentation on p11tool.
-----------------------------------------------------------------------
Summary of changes:
doc/cha-programs.texi | 90 +++++++++++++++++++++++++++++++++++++++++++++++++
1 files changed, 90 insertions(+), 0 deletions(-)
diff --git a/doc/cha-programs.texi b/doc/cha-programs.texi
index 1a892ac..db2612a 100644
--- a/doc/cha-programs.texi
+++ b/doc/cha-programs.texi
@@ -12,6 +12,7 @@ application. The applications are discussed in this chapter.
* Invoking gnutls-serv::
* Invoking psktool::
* Invoking srptool::
+* Invoking p11tool::
@end menu
@node Invoking certtool
@@ -854,3 +855,92 @@ $ srptool --passwd /etc/tpasswd \
@end example
@end itemize
+
address@hidden Invoking p11tool
address@hidden Invoking p11tool
address@hidden
address@hidden p11tool
+
+The @file{p11tool} is a program that helps with accessing tokens
+and security modules that support the PKCS #11 API. It requires
+the individual PKCS #11 modules to be loaded either with the
address@hidden option, or by setting up the GnuTLS configuration
+file for PKCS #11 as in @ref{sec:pkcs11}.
+
address@hidden
+p11tool help
+Usage: p11tool [options]
+
+ --export URL Export an object specified by a pkcs11
+ URL
+ --list-tokens List all available tokens
+ --list-mechanisms URL List all available mechanisms in token.
+ --list-all List all objects specified by a PKCS#11
+ URL
+ --list-all-certs List all certificates specified by a
+ PKCS#11 URL
+ --list-certs List certificates that have a private
+ key specified by a PKCS#11 URL
+ --list-privkeys List private keys specified by a
+ PKCS#11 URL
+ --list-trusted List certificates marked as trusted,
+ specified by a PKCS#11 URL
+ --initialize URL Initializes a PKCS11 token.
+ --write URL Writes loaded certificates, private or
+ secret keys to a PKCS11 token.
+ --delete URL Deletes objects matching the URL.
+ --label label Sets a label for the write operation.
+ --trusted Marks the certificate to be imported as
+ trusted.
+ --login Force login to token
+ --detailed-url Export detailed URLs.
+ --no-detailed-url Export less detailed URLs.
+ --secret-key HEX_KEY Provide a hex encoded secret key.
+ --load-privkey FILE Private key file to use.
+ --load-pubkey FILE Private key file to use.
+ --load-certificate FILE
+ Certificate file to use.
+ -8, --pkcs8 Use PKCS #8 format for private keys.
+ --inder Use DER format for input certificates
+ and private keys.
+ --inraw Use RAW/DER format for input
+ certificates and private keys.
+ --provider Library Specify the pkcs11 provider library
+ --outfile FILE Output file.
+ -d, --debug LEVEL specify the debug level. Default is 1.
+ -h, --help shows this help text
address@hidden verbatim
+
+After being provided the available PKCS #11 modules, it can list all tokens
+available in your system, the objects on the tokens, and perform operations
+on them.
+
+Some examples on how to use p11tool:
+
address@hidden
+
address@hidden List all tokens
address@hidden
+$ p11tool --list-tokens
address@hidden example
+
address@hidden List all objects
address@hidden
+$ p11tool --login --list-all
address@hidden example
+
address@hidden To export an object
address@hidden
+$ p11tool --login --export pkcs11:(OBJECT URL)
address@hidden example
+
address@hidden To copy an object to a token
address@hidden
+$ p11tool --login --write pkcs11:(TOKEN URL) --load-certificate (certificate
file) --label "my_cert"
address@hidden example
+
address@hidden itemize
+
+Note that typically PKCS #11 private key objects are not allowed
+to be extracted from the token.
+
hooks/post-receive
--
GNU gnutls
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU gnutls branch, gnutls_2_12_x, updated. gnutls_2_11_6-83-g952ff86,
Nikos Mavrogiannopoulos <=