pkcs11-destroy.docbook revision 0c27b3fe77ac1d5094ba3521e8142d9e7973133f
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont<!--
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews - Copyright (C) 2009, 2014-2016 Internet Systems Consortium, Inc. ("ISC")
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont -
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews - This Source Code Form is subject to the terms of the Mozilla Public
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews - License, v. 2.0. If a copy of the MPL was not distributed with this
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews - file, You can obtain one at http://mozilla.org/MPL/2.0/.
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont-->
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt<!-- Converted by db4-upgrade version 1.0 -->
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt<refentry xmlns="http://docbook.org/ns/docbook" version="5.0" xml:id="man.pkcs11-destroy">
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt <info>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt <date>2014-01-15</date>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt </info>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont <refentryinfo>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt <corpname>ISC</corpname>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt <corpauthor>Internet Systems Consortium, Inc.</corpauthor>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont </refentryinfo>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont <refmeta>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont <refentrytitle><application>pkcs11-destroy</application></refentrytitle>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont <manvolnum>8</manvolnum>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont <refmiscinfo>BIND9</refmiscinfo>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont </refmeta>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont <refnamediv>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont <refname><application>pkcs11-destroy</application></refname>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont <refpurpose>destroy PKCS#11 objects</refpurpose>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont </refnamediv>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont <docinfo>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont <copyright>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont <year>2009</year>
6ea2385360e9e2167e65f9286447da9eea189457Tinderbox User <year>2014</year>
19c7b1a0293498a3e36692c59646ed6e15ffc8d0Tinderbox User <year>2015</year>
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews <year>2016</year>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont <holder>Internet Systems Consortium, Inc. ("ISC")</holder>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont </copyright>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont </docinfo>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont <refsynopsisdiv>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt <cmdsynopsis sepchar=" ">
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont <command>pkcs11-destroy</command>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt <arg choice="opt" rep="norepeat"><option>-m <replaceable class="parameter">module</replaceable></option></arg>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt <arg choice="opt" rep="norepeat"><option>-s <replaceable class="parameter">slot</replaceable></option></arg>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt <group choice="req" rep="norepeat">
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt <arg choice="plain" rep="norepeat">-i <replaceable class="parameter">ID</replaceable></arg>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt <arg choice="plain" rep="norepeat">-l <replaceable class="parameter">label</replaceable></arg>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont </group>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt <arg choice="opt" rep="norepeat"><option>-p <replaceable class="parameter">PIN</replaceable></option></arg>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt <arg choice="opt" rep="norepeat"><option>-w <replaceable class="parameter">seconds</replaceable></option></arg>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont </cmdsynopsis>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont </refsynopsisdiv>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt <refsection><info><title>DESCRIPTION</title></info>
30eec077db2bdcb6f2a0dc388a3cdde2ede75ec1Mark Andrews
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont <para>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont <command>pkcs11-destroy</command> destroys keys stored in a
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont PKCS#11 device, identified by their <option>ID</option> or
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont <option>label</option>.
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont </para>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont <para>
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt Matching keys are displayed before being destroyed. By default,
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt there is a five second delay to allow the user to interrupt the
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt process before the destruction takes place.
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont </para>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt </refsection>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt <refsection><info><title>ARGUMENTS</title></info>
30eec077db2bdcb6f2a0dc388a3cdde2ede75ec1Mark Andrews
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont <variablelist>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont <varlistentry>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont <term>-m <replaceable class="parameter">module</replaceable></term>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont <listitem>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont <para>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont Specify the PKCS#11 provider module. This must be the full
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont path to a shared library object implementing the PKCS#11 API
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont for the device.
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont </para>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont </listitem>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont </varlistentry>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont <varlistentry>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont <term>-s <replaceable class="parameter">slot</replaceable></term>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont <listitem>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont <para>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont Open the session with the given PKCS#11 slot. The default is
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont slot 0.
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont </para>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont </listitem>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont </varlistentry>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont <varlistentry>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont <term>-i <replaceable class="parameter">ID</replaceable></term>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont <listitem>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont <para>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont Destroy keys with the given object ID.
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont </para>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont </listitem>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont </varlistentry>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont <varlistentry>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont <term>-l <replaceable class="parameter">label</replaceable></term>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont <listitem>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont <para>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont Destroy keys with the given label.
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont </para>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont </listitem>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont </varlistentry>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont <varlistentry>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont <term>-p <replaceable class="parameter">PIN</replaceable></term>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont <listitem>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont <para>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont Specify the PIN for the device. If no PIN is provided on the
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont command line, <command>pkcs11-destroy</command> will prompt for it.
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont </para>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont </listitem>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont </varlistentry>
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt <varlistentry>
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt <term>-w <replaceable class="parameter">seconds</replaceable></term>
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt <listitem>
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt <para>
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt Specify how long to pause before carrying out key destruction.
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt The default is five seconds. If set to <literal>0</literal>,
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt destruction will be immediate.
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt </para>
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt </listitem>
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt </varlistentry>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont </variablelist>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt </refsection>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt <refsection><info><title>SEE ALSO</title></info>
30eec077db2bdcb6f2a0dc388a3cdde2ede75ec1Mark Andrews
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont <para>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont <citerefentry>
b0af7cbe9220775e23127f2f38750e4a281ee871Jeremy C. Reed <refentrytitle>pkcs11-keygen</refentrytitle><manvolnum>8</manvolnum>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont </citerefentry>,
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont <citerefentry>
b0af7cbe9220775e23127f2f38750e4a281ee871Jeremy C. Reed <refentrytitle>pkcs11-list</refentrytitle><manvolnum>8</manvolnum>
b0af7cbe9220775e23127f2f38750e4a281ee871Jeremy C. Reed </citerefentry>,
b0af7cbe9220775e23127f2f38750e4a281ee871Jeremy C. Reed <citerefentry>
b0af7cbe9220775e23127f2f38750e4a281ee871Jeremy C. Reed <refentrytitle>pkcs11-tokens</refentrytitle><manvolnum>8</manvolnum>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont </citerefentry>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont </para>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt </refsection>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt</refentry>