1 // This is a preprocessed file to define commands that we provide in Security part of the Sec module.
3 #include <SecurityTool/security_tool_commands.h>
5 SECURITY_COMMAND("add-internet-password", keychain_add_internet_password
,
6 "[-a accountName] [-d securityDomain] [-p path] [-P port] [-r protocol] [-s serverName] [-t authenticationType] [-w passwordData] [keychain]\n"
7 " -a Use \"accountName\".\n"
8 " -d Use \"securityDomain\".\n"
11 " -r Use \"protocol\".\n"
12 " -s Use \"serverName\".\n"
13 " -t Use \"authenticationType\".\n"
14 " -w Use passwordData.\n"
15 "If no keychains is specified the password is added to the default keychain.",
16 "Add an internet password item.")
18 SECURITY_COMMAND("item", keychain_item
,
19 "[-v][-a|-D|-u attr=value,...|[-q][-g] attr=value,...] [-d password | -f datafile] [attr=value,...]\n"
20 "-q Query for item matching (default)\n"
21 "-g Get password data\n"
22 "-a Add item to keychain\n"
23 "-u Update item in keychain (require query to match)\n"
24 "-D Delete item from keychain\n"
25 "Add, query, update or delete items from the keychain. Extra attr=value pairs after options always apply to the query\n"
26 "class=[genp|inet|cert|keys] is required for the query",
27 "Manipulate keychain items.")
29 SECURITY_COMMAND_IOS("add-certificates", keychain_add_certificates
,
30 "[-k keychain] file...\n"
31 "If no keychains is specified the certificates are added to the default keychain.\n"
32 "\tadd-certificates -t file...\n"
33 "Add the specified certificates to the users TrustSettings.sqlite3 database.",
34 "Add certificates to the keychain.")
36 SECURITY_COMMAND_IOS("show-certificates", keychain_show_certificates
,
37 "[-p][-s][-t] file...\n"
38 "[-k][-p][-s][-v][-t][-f][-q attr=value,...] [attr=value,...]\n"
39 " -k Show all certificates in keychain.\n"
40 " -q Query for certificates matching (implies -k)\n"
41 " -p Output cert in PEM format.\n"
42 " -f Show fingerprint (SHA1 digest of octects inside the public key bit string.)\n"
44 " -v Show entire certificate in text form.\n"
45 " -t Evaluate trust.",
46 "Display certificates in human readable form.")
48 SECURITY_COMMAND("find-internet-password", keychain_find_internet_password
,
49 "[-a accountName] [-d securityDomain] [-g] [-p path] [-P port] [-r protocol] [-s serverName] [-t authenticationType] [keychain...]\n"
50 " -a Match on \"accountName\" when searching.\n"
51 " -d Match on \"securityDomain\" when searching.\n"
52 " -g Display the password for the item found.\n"
53 " -p Match on \"path\" when searching.\n"
54 " -P Match on \"port\" when searching.\n"
55 " -r Match on \"protocol\" when searching.\n"
56 " -s Match on \"serverName\" when searching.\n"
57 " -t Match on \"authenticationType\" when searching.\n"
58 "If no keychains are specified the default search list is used.",
59 "Find an internet password item.")
61 SECURITY_COMMAND("find-generic-password", keychain_find_generic_password
,
62 "[-a accountName] [-s serviceName] [keychain...]\n"
63 " -a Match on \"accountName\" when searching.\n"
64 " -g Display the password for the item found.\n"
65 " -s Match on \"serviceName\" when searching.\n"
66 "If no keychains are specified the default search list is used.",
67 "Find a generic password item.")
69 SECURITY_COMMAND("delete-internet-password", keychain_delete_internet_password
,
70 "[-a accountName] [-d securityDomain] [-g] [-p path] [-P port] [-r protocol] [-s serverName] [-t authenticationType] [keychain...]\n"
71 " -a Match on \"accountName\" when searching.\n"
72 " -d Match on \"securityDomain\" when searching.\n"
73 " -g Display the password for the item found.\n"
74 " -p Match on \"path\" when searching.\n"
75 " -P Match on \"port\" when searching.\n"
76 " -r Match on \"protocol\" when searching.\n"
77 " -s Match on \"serverName\" when searching.\n"
78 " -t Match on \"authenticationType\" when searching.\n"
79 "If no keychains are specified the default search list is used.",
80 "Delete one or more internet password items.")
82 SECURITY_COMMAND("delete-generic-password", keychain_delete_generic_password
,
83 "[-a accountName] [-s serviceName] [keychain...]\n"
84 " -a Match on \"accountName\" when searching.\n"
85 " -g Display the password for the item found.\n"
86 " -s Match on \"serviceName\" when searching.\n"
87 "If no keychains are specified the default search list is used.",
88 "Delete one or more generic password items.")
90 SECURITY_COMMAND_IOS("keychain-export", keychain_export
,
91 "-k <keybag> [-p password ] <plist>\n"
92 " <keybag> keybag file name. (Can be created with keystorectl)\n"
93 " <password> backup password (optional)\n"
94 " <plist> backup plist file\n",
95 "Export keychain to a plist file.")
97 SECURITY_COMMAND_IOS("keychain-import", keychain_import
,
98 "-k <keybag> [-p <password> ] <plist>\n"
99 " <keybag> keybag file name. (Can be created with keystorectl)\n"
100 " <password> backup password (optional)\n"
101 " <plist> backup plist file\n",
102 "Import keychain from a plist file.")
104 SECURITY_COMMAND_IOS("pkcs12", pkcs12_util
,
105 "[options] -p <password> file\n"
106 " -d delete identity\n",
107 "Manipulate pkcs12 blobs.")
109 SECURITY_COMMAND_IOS("scep", command_scep
,
111 " -b keysize Keysize in bits.\n"
112 " -u usage Key usage bitmask in decimal (Digital Signature = 1, Key Encipherment = 4).\n"
113 " -c challenge Challenge password.\n"
114 " -n name Service instance name (required for MS SCEP).\n"
116 " -x Turn cert validation off.\n"
117 " -s subject Subject to request (O=Apple,CN=iPhone).\n"
118 " -h subjaltname SubjectAlternateName (foo.com).\n"
119 " -o capabilities Override capabilities GetCACaps returns (POSTPKIOperation,SHA-1,DES3)\n",
120 "Certify a public key using a SCEP server")
122 SECURITY_COMMAND_IOS("codesign", codesign_util
,
123 "[options] <file>\n",
124 "Verify code signature blob in binary.")
126 SECURITY_COMMAND_IOS("enroll-secure-profile", command_spc
,
127 "[options] <file>\n",
128 "Enroll in secure profile service.")
projects / apple / security.git / blob