[SCM] GNU gnutls branch, master, updated. gnutls_2_11

gnutls-commit

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[SCM] GNU gnutls branch, master, updated. gnutls_2_11_6-129-gcef6306

From:	Nikos Mavrogiannopoulos
Subject:	[SCM] GNU gnutls branch, master, updated. gnutls_2_11_6-129-gcef6306
Date:	Tue, 08 Feb 2011 22:06:19 +0000

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".

http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=cef63066036659bc39ccf76206a13d6afc10f520

The branch, master has been updated
       via  cef63066036659bc39ccf76206a13d6afc10f520 (commit)
      from  90898e4d1ee9339a0e63910d0fa9c9feca88a1d9 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit cef63066036659bc39ccf76206a13d6afc10f520
Author: Nikos Mavrogiannopoulos <address@hidden>
Date:   Tue Feb 8 23:06:14 2011 +0100

    Added documentation on p11tool.

-----------------------------------------------------------------------

Summary of changes:
 doc/cha-programs.texi |   90 +++++++++++++++++++++++++++++++++++++++++++++++++
 1 files changed, 90 insertions(+), 0 deletions(-)

diff --git a/doc/cha-programs.texi b/doc/cha-programs.texi
index 60b3514..53a7195 100644
--- a/doc/cha-programs.texi
+++ b/doc/cha-programs.texi
@@ -12,6 +12,7 @@ application.  The applications are discussed in this chapter.
 * Invoking gnutls-serv::
 * Invoking psktool::
 * Invoking srptool::
+* Invoking p11tool::
 @end menu
 
 @node Invoking certtool
@@ -846,3 +847,92 @@ $ srptool --passwd /etc/tpasswd \
 @end example
 
 @end itemize
+
address@hidden Invoking p11tool
address@hidden Invoking p11tool
address@hidden
address@hidden p11tool
+
+The @file{p11tool} is a program that helps with accessing tokens
+and security modules that support the PKCS #11 API. It requires
+the individual PKCS #11 modules to be loaded either with the
address@hidden option, or by setting up the GnuTLS configuration
+file for PKCS #11 as in @ref{sec:pkcs11}.
+
address@hidden
+p11tool help
+Usage: p11tool [options]
+
+     --export URL             Export an object specified by a pkcs11 
+                              URL
+     --list-tokens            List all available tokens
+     --list-mechanisms URL    List all available mechanisms in token.
+     --list-all               List all objects specified by a PKCS#11 
+                              URL
+     --list-all-certs         List all certificates specified by a 
+                              PKCS#11 URL
+     --list-certs             List certificates that have a private 
+                              key specified by a PKCS#11 URL
+     --list-privkeys          List private keys specified by a 
+                              PKCS#11 URL
+     --list-trusted           List certificates marked as trusted, 
+                              specified by a PKCS#11 URL
+     --initialize URL         Initializes a PKCS11 token.
+     --write URL              Writes loaded certificates, private or 
+                              secret keys to a PKCS11 token.
+     --delete URL             Deletes objects matching the URL.
+     --label label            Sets a label for the write operation.
+     --trusted                Marks the certificate to be imported as 
+                              trusted.
+     --login                  Force login to token
+     --detailed-url           Export detailed URLs.
+     --no-detailed-url        Export less detailed URLs.
+     --secret-key HEX_KEY     Provide a hex encoded secret key.
+     --load-privkey FILE      Private key file to use.
+     --load-pubkey FILE       Private key file to use.
+     --load-certificate FILE  
+                              Certificate file to use.
+     -8, --pkcs8              Use PKCS #8 format for private keys.
+     --inder                  Use DER format for input certificates 
+                              and private keys.
+     --inraw                  Use RAW/DER format for input 
+                              certificates and private keys.
+     --provider Library       Specify the pkcs11 provider library
+     --outfile FILE           Output file.
+     -d, --debug LEVEL        specify the debug level. Default is 1.
+     -h, --help               shows this help text
address@hidden verbatim
+
+After being provided the available PKCS #11 modules, it can list all tokens 
+available in your system, the objects on the tokens, and perform operations
+on them.
+
+Some examples on how to use p11tool:
+
address@hidden
+
address@hidden List all tokens
address@hidden
+$ p11tool --list-tokens
address@hidden example
+
address@hidden List all objects
address@hidden
+$ p11tool --login --list-all
address@hidden example
+
address@hidden To export an object
address@hidden 
+$ p11tool --login --export pkcs11:(OBJECT URL)
address@hidden example
+
address@hidden To copy an object to a token
address@hidden 
+$ p11tool --login --write pkcs11:(TOKEN URL) --load-certificate (certificate 
file) --label "my_cert"
address@hidden example
+
address@hidden itemize
+
+Note that typically PKCS #11 private key objects are not allowed
+to be extracted from the token.
+


hooks/post-receive
-- 
GNU gnutls

[Prev in Thread]

Current Thread

[Next in Thread]

[SCM] GNU gnutls branch, master, updated. gnutls_2_11_6-129-gcef6306, Nikos Mavrogiannopoulos <=

Prev by Date: [SCM] GNU gnutls branch, gnutls_2_12_x, updated. gnutls_2_11_6-83-g952ff86
Next by Date: [SCM] GNU gnutls branch, master, updated. gnutls_2_11_6-130-g9da8ab2
Previous by thread: [SCM] GNU gnutls branch, gnutls_2_12_x, updated. gnutls_2_11_6-83-g952ff86
Next by thread: [SCM] GNU gnutls branch, master, updated. gnutls_2_11_6-130-g9da8ab2
Index(es):
- Date
- Thread