pkcs11-destroy.docbook revision 2eeb74d1cf5355dd98f6d507a10086e16bb08c4b
6ea2385360e9e2167e65f9286447da9eea189457Tinderbox User - Copyright (C) 2009, 2014 Internet Systems Consortium, Inc. ("ISC")
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont - Permission to use, copy, modify, and/or distribute this software for any
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont - purpose with or without fee is hereby granted, provided that the above
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont - copyright notice and this permission notice appear in all copies.
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont - PERFORMANCE OF THIS SOFTWARE.
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt<!-- Converted by db4-upgrade version 1.0 -->
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt<refentry xmlns="http://docbook.org/ns/docbook" version="5.0" xml:id="man.pkcs11-destroy">
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont <refentryinfo>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt <corpauthor>Internet Systems Consortium, Inc.</corpauthor>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont </refentryinfo>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont <refentrytitle><application>pkcs11-destroy</application></refentrytitle>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont <refname><application>pkcs11-destroy</application></refname>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont <refpurpose>destroy PKCS#11 objects</refpurpose>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont </refnamediv>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont <holder>Internet Systems Consortium, Inc. ("ISC")</holder>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont <refsynopsisdiv>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt <arg choice="opt" rep="norepeat"><option>-m <replaceable class="parameter">module</replaceable></option></arg>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt <arg choice="opt" rep="norepeat"><option>-s <replaceable class="parameter">slot</replaceable></option></arg>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt <arg choice="plain" rep="norepeat">-i <replaceable class="parameter">ID</replaceable></arg>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt <arg choice="plain" rep="norepeat">-l <replaceable class="parameter">label</replaceable></arg>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt <arg choice="opt" rep="norepeat"><option>-p <replaceable class="parameter">PIN</replaceable></option></arg>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt <arg choice="opt" rep="norepeat"><option>-w <replaceable class="parameter">seconds</replaceable></option></arg>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont </cmdsynopsis>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont </refsynopsisdiv>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt <refsection><info><title>DESCRIPTION</title></info>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont <command>pkcs11-destroy</command> destroys keys stored in a
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont PKCS#11 device, identified by their <option>ID</option> or
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt Matching keys are displayed before being destroyed. By default,
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt there is a five second delay to allow the user to interrupt the
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt process before the destruction takes place.
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt </refsection>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont <variablelist>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont <varlistentry>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont <term>-m <replaceable class="parameter">module</replaceable></term>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont Specify the PKCS#11 provider module. This must be the full
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont path to a shared library object implementing the PKCS#11 API
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont for the device.
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont </varlistentry>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont <varlistentry>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont <term>-s <replaceable class="parameter">slot</replaceable></term>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont Open the session with the given PKCS#11 slot. The default is
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont </varlistentry>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont <varlistentry>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont <term>-i <replaceable class="parameter">ID</replaceable></term>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont Destroy keys with the given object ID.
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont </varlistentry>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont <varlistentry>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont <term>-l <replaceable class="parameter">label</replaceable></term>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont Destroy keys with the given label.
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont </varlistentry>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont <varlistentry>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont <term>-p <replaceable class="parameter">PIN</replaceable></term>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont Specify the PIN for the device. If no PIN is provided on the
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont command line, <command>pkcs11-destroy</command> will prompt for it.
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont </varlistentry>
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt <varlistentry>
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt <term>-w <replaceable class="parameter">seconds</replaceable></term>
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt Specify how long to pause before carrying out key destruction.
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt The default is five seconds. If set to <literal>0</literal>,
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt destruction will be immediate.
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt </varlistentry>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont </variablelist>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt </refsection>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont <citerefentry>
b0af7cbe9220775e23127f2f38750e4a281ee871Jeremy C. Reed <refentrytitle>pkcs11-keygen</refentrytitle><manvolnum>8</manvolnum>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont </citerefentry>,
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont <citerefentry>
b0af7cbe9220775e23127f2f38750e4a281ee871Jeremy C. Reed <refentrytitle>pkcs11-list</refentrytitle><manvolnum>8</manvolnum>
b0af7cbe9220775e23127f2f38750e4a281ee871Jeremy C. Reed </citerefentry>,
b0af7cbe9220775e23127f2f38750e4a281ee871Jeremy C. Reed <citerefentry>
b0af7cbe9220775e23127f2f38750e4a281ee871Jeremy C. Reed <refentrytitle>pkcs11-tokens</refentrytitle><manvolnum>8</manvolnum>
a631b30b1ddd8b2ea780371d0d99ba1c05bc7e42Francis Dupont </citerefentry>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt </refsection>