| <!DOCTYPE html> |
| <!-- |
| Copyright 2019 NXP |
| |
| This software is owned or controlled by NXP and may only be used |
| strictly in accordance with the applicable license terms. By expressly |
| accepting such terms or by downloading, installing, activating and/or |
| otherwise using the software, you are agreeing that you have read, and |
| that you agree to comply with and are bound by, such license terms. If |
| you do not agree to be bound by the applicable license terms, then you |
| may not retain, install, activate or otherwise use the software. |
| --> |
| |
| <html xmlns="http://www.w3.org/1999/xhtml"> |
| <head> |
| <meta charset="utf-8" /> |
| <title>9.7. List of ssscli commands — Plug & Trust MW v03.00.05 documentation</title> |
| <link rel="stylesheet" href="../../_static/bootstrap-sphinx.css" type="text/css" /> |
| <link rel="stylesheet" href="../../_static/pygments.css" type="text/css" /> |
| <link rel="stylesheet" type="text/css" href="../../_static/graphviz.css" /> |
| <script id="documentation_options" data-url_root="../../" src="../../_static/documentation_options.js"></script> |
| <script src="../../_static/jquery.js"></script> |
| <script src="../../_static/underscore.js"></script> |
| <script src="../../_static/doctools.js"></script> |
| <script src="../../_static/language_data.js"></script> |
| <link rel="index" title="Index" href="../../genindex.html" /> |
| <link rel="search" title="Search" href="../../search.html" /> |
| <link rel="next" title="9.8. CLI Data formats" href="cli_data_format.html" /> |
| <link rel="prev" title="9.6. Usage Examples" href="readme_usage_examples.html" /> |
| <meta charset='utf-8'> |
| <meta http-equiv='X-UA-Compatible' content='IE=edge,chrome=1'> |
| <meta name='viewport' content='width=device-width, initial-scale=1.0, maximum-scale=1'> |
| <meta name="apple-mobile-web-app-capable" content="yes"> |
| <script type="text/javascript" src="../../_static/js/jquery-1.11.0.min.js "></script> |
| <script type="text/javascript" src="../../_static/js/jquery-fix.js "></script> |
| <script type="text/javascript" src="../../_static/bootstrap-3.3.7/js/bootstrap.min.js "></script> |
| <script type="text/javascript" src="../../_static/bootstrap-sphinx.js "></script> |
| |
| </head><body> |
| |
| <div id="navbar" class="navbar navbar-inverse navbar-default navbar-fixed-top"> |
| <div class="container"> |
| <div class="navbar-header"> |
| <!-- .btn-navbar is used as the toggle for collapsed navbar content --> |
| <button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".nav-collapse"> |
| <span class="icon-bar"></span> |
| <span class="icon-bar"></span> |
| <span class="icon-bar"></span> |
| </button> |
| <a class="navbar-brand" href="../../toc.html"><span><img src="../../_static/NXP_logo_JPG.jpg"></span> |
| MW</a> |
| <span class="navbar-text navbar-version pull-left"><b>v03.00.05</b></span> |
| </div> |
| |
| <div class="collapse navbar-collapse nav-collapse"> |
| <ul class="nav navbar-nav"> |
| |
| |
| <li class="dropdown globaltoc-container"> |
| <a role="button" |
| id="dLabelGlobalToc" |
| data-toggle="dropdown" |
| data-target="#" |
| href="../../toc.html">TOC <b class="caret"></b></a> |
| <ul class="dropdown-menu globaltoc" |
| role="menu" |
| aria-labelledby="dLabelGlobalToc"><ul class="current"> |
| <li class="toctree-l1"><a class="reference internal" href="../../index.html">1. NXP Plug & Trust Middleware</a><ul> |
| <li class="toctree-l2"><a class="reference internal" href="../../organization-of-documentation.html">1.1. Organization of Documentation</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../folder-structure.html">1.2. Folder Structure</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../sw-prerequisites.html">1.3. List of Platform Prerequisites</a></li> |
| </ul> |
| </li> |
| <li class="toctree-l1"><a class="reference internal" href="../../changes/index.html">2. Changes</a><ul> |
| <li class="toctree-l2"><a class="reference internal" href="../../changes/pending.html">2.1. Pending Refactoring items</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../changes/pending.html#known-limitations">2.2. Known limitations</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../changes/v03_00_05.html">2.3. Release <code class="docutils literal notranslate"><span class="pre">v03.00.05</span></code></a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../changes/v03_00_04.html">2.4. Release <code class="docutils literal notranslate"><span class="pre">v03.00.04</span></code></a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../changes/v03_00_03.html">2.5. Release <code class="docutils literal notranslate"><span class="pre">v03.00.03</span></code></a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../changes/v03_00_02.html">2.6. Release <code class="docutils literal notranslate"><span class="pre">v03.00.02</span></code></a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../changes/v02_16_01.html">2.7. Release <code class="docutils literal notranslate"><span class="pre">v02.16.01</span></code></a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../changes/v02_16_00.html">2.8. Release <code class="docutils literal notranslate"><span class="pre">v02.16.00</span></code></a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../changes/v02_15_00.html">2.9. Release <code class="docutils literal notranslate"><span class="pre">v02.15.00</span></code></a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../changes/v02_14_00.html">2.10. Release <code class="docutils literal notranslate"><span class="pre">v02.14.00</span></code></a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../changes/v02_12_00.html">2.11. Release <code class="docutils literal notranslate"><span class="pre">v02.12.05</span></code></a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../changes/v02_12_00.html#release-v02-12-04">2.12. Release <code class="docutils literal notranslate"><span class="pre">v02.12.04</span></code></a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../changes/v02_12_00.html#release-v02-12-03">2.13. Release <code class="docutils literal notranslate"><span class="pre">v02.12.03</span></code></a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../changes/v02_12_00.html#release-v02-12-02">2.14. Release <code class="docutils literal notranslate"><span class="pre">v02.12.02</span></code></a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../changes/v02_12_00.html#release-v02-12-01">2.15. Release <code class="docutils literal notranslate"><span class="pre">v02.12.01</span></code></a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../changes/v02_12_00.html#release-v02-12-00">2.16. Release <code class="docutils literal notranslate"><span class="pre">v02.12.00</span></code></a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../changes/v02_11_03.html">2.17. Release <code class="docutils literal notranslate"><span class="pre">v02.11.03</span></code></a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../changes/v02_11_01.html">2.18. Internal Release <code class="docutils literal notranslate"><span class="pre">v02.11.01</span></code></a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../changes/v02_11_00.html">2.19. Release <code class="docutils literal notranslate"><span class="pre">v02.11.00</span></code></a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../changes/v02_10_00.html">2.20. Release <code class="docutils literal notranslate"><span class="pre">v02.10.00</span></code></a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../changes/v02_09_00.html">2.21. Release <code class="docutils literal notranslate"><span class="pre">v02.09.00</span></code></a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../changes/v02_07_00.html">2.22. Release <code class="docutils literal notranslate"><span class="pre">v02.07.00</span></code></a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../changes/v02_06_00.html">2.23. Release <code class="docutils literal notranslate"><span class="pre">v02.06.00</span></code></a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../changes/v02_05_00_to_v02_03_00.html">2.24. Release <code class="docutils literal notranslate"><span class="pre">v02.05.00</span></code></a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../changes/v02_05_00_to_v02_03_00.html#release-v02-04-00">2.25. Release <code class="docutils literal notranslate"><span class="pre">v02.04.00</span></code></a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../changes/v02_05_00_to_v02_03_00.html#release-02-03-00">2.26. Release <code class="docutils literal notranslate"><span class="pre">02.03.00</span></code></a></li> |
| </ul> |
| </li> |
| <li class="toctree-l1"><a class="reference internal" href="../../stack/index.html">3. Plug & Trust MW Stack</a><ul> |
| <li class="toctree-l2"><a class="reference internal" href="../../stack/features.html">3.1. Features</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../stack/features.html#plug-trust-mw-block-diagram">3.2. Plug & Trust MW : Block Diagram</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../sss-apis.html">3.3. SSS APIs</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../stack/se05xfeatures.html">3.4. SSS APIs: SE051 vs SE050</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../stack/param_checks.html">3.5. Parameter Check & Conventions</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../stack/i2cm.html">3.6. I2CM / Secure Sensor</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../stack/logging.html">3.7. Logging</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../stack/feature-file.html">3.8. Feature File - <code class="docutils literal notranslate"><span class="pre">fsl_sss_ftr.h</span></code></a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../stack/platf-scp-from-fs.html">3.9. Using Platform SCP Keys from File System</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../stack/auth/auth-objects.html">3.10. Auth Objects</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../stack/auth/auth-objects-userid.html">3.11. Auth Objects : UserID</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../stack/auth/auth-objects-aeskey.html">3.12. Auth Objects : AESKey</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../stack/auth/auth-objects-eckey.html">3.13. Auth Objects : ECKey</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../stack/key-id-range.html">3.14. Key Id Range and Purpose</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../stack/key-id-range.html#authentication-keys">3.15. Authentication Keys</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../stack/key-id-range.html#trust-provisioned-keyids">3.16. Trust provisioned KeyIDs</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../sss/ex/doc/puf-scp03.html">3.17. SCP03 with PUF</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../sss/doc/sss_heap_management.html">3.18. SSS Heap Management</a></li> |
| </ul> |
| </li> |
| <li class="toctree-l1"><a class="reference internal" href="../../building/index.html">4. Building / Compiling</a><ul> |
| <li class="toctree-l2"><a class="reference internal" href="../../building/windows.html">4.1. Windows Build</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../building/frdm-k64f-sdk.html">4.2. Import MCUXPresso projects from SDK</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../building/frdm-k64f-cmake.html">4.3. Freedom K64F Build (CMake - Advanced)</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../building/imx6.html">4.4. i.MX Linux Build</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../building/rpi3.html">4.5. Raspberry Pi Build</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../building/cmake.html">4.6. CMake</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../scripts/cmake_options.html">4.7. CMake Options</a></li> |
| </ul> |
| </li> |
| <li class="toctree-l1"><a class="reference internal" href="../../demos/index.html">5. Demo and Examples</a><ul> |
| <li class="toctree-l2"><a class="reference internal" href="../../demos/index.html#demo-list">5.1. Demo List</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../demos/index.html#sss-api-examples">5.2. SSS API Examples</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../demos/index.html#cloud-demos">5.3. Cloud Demos</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../demos/index.html#linux-specific-demos">5.4. Linux Specific Demos</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../demos/index.html#opc-ua-example">5.5. OPC-UA Example</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../demos/index.html#arm-psa-example">5.6. ARM PSA Example</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../demos/index.html#se05x-examples">5.7. SE05X Examples</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../demos/index.html#openssl-examples">5.8. OpenSSL Examples</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../demos/index.html#tests-for-user-crypto">5.9. Tests for User Crypto</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../demos/index.html#nxpnfcrdlib-examples">5.10. NXPNFCRDLIB examples</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../demos/index.html#ease-of-use-examples">5.11. Ease-of-Use examples</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../demos/index.html#semslite-examples">5.12. Semslite examples</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../demos/index.html#puf-examples">5.13. PUF examples</a></li> |
| </ul> |
| </li> |
| <li class="toctree-l1"><a class="reference internal" href="../../edgelock2go-agent.html">6. NXP EdgeLock 2GO Agent</a><ul> |
| <li class="toctree-l2"><a class="reference internal" href="../../nxp_iot_agent/doc/introduction.html">6.1. Introduction</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../nxp_iot_agent/doc/introduction.html#building-and-running-the-edgelock-2go-agent">6.2. Building and running the EdgeLock 2GO agent</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../nxp_iot_agent/doc/introduction.html#datastore-keystore">6.3. Datastore / Keystore</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../nxp_iot_agent/doc/introduction.html#connection-to-the-edgelock-2go-cloud-service">6.4. Connection to the EdgeLock 2GO cloud service</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../nxp_iot_agent/doc/introduction.html#claim-codes">6.5. Claim Codes</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../nxp_iot_agent/doc/edgelock2go_agent_apis.html">6.6. API</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../nxp_iot_agent/doc/readme_usage_examples.html">6.7. Usage Examples</a></li> |
| </ul> |
| </li> |
| <li class="toctree-l1"><a class="reference internal" href="../../semslite/doc/index.html">7. SEMS Lite Agent</a><ul> |
| <li class="toctree-l2"><a class="reference internal" href="../../semslite/doc/sems_lite_overview.html">7.1. SEMS Lite Overview (Only for SE051)</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../semslite/doc/sems_lite_package.html">7.2. Update Package</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../semslite/doc/sems_lite_usage.html">7.3. SEMS Lite Agent Usage</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../semslite/doc/sems_lite_mgmt_api.html">7.4. SEMS Lite management APIs</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../semslite/doc/sems_lite_process.html">7.5. SEMS Lite Agent Package Load Process</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../semslite/doc/sems_lite_api.html">7.6. APIs</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../semslite/doc/sems_lite_known_issue.html">7.7. SEMS Lite Known Issue</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../semslite/doc/demo_update.html">7.8. SEMS Lite DEMOs</a></li> |
| </ul> |
| </li> |
| <li class="toctree-l1"><a class="reference internal" href="../../plugins/index.html">8. Plugins / Add-ins</a><ul> |
| <li class="toctree-l2"><a class="reference internal" href="../../sss/plugin/openssl/scripts/readme.html">8.1. Introduction on OpenSSL engine</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../sss/plugin/mbedtls/scripts/readme.html">8.2. Introduction on mbedTLS ALT Implementation</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../sss/plugin/psa/Readme.html">8.3. Platform Security Architecture</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../plugins/akm.html">8.4. Android Key master</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../sss/plugin/open62541/readme.html">8.5. Introduction on Open62541 (OPC UA stack)</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../plugins/wifiEAP/wifiEAP.html">8.6. WiFi EAP Demo with Raspberry Pi3</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../plugins/pkcs11.html">8.7. PKCS#11 Standalone Library</a></li> |
| </ul> |
| </li> |
| <li class="toctree-l1 current"><a class="reference internal" href="../../cli-tool.html">9. CLI Tool</a><ul class="current"> |
| <li class="toctree-l2"><a class="reference internal" href="introduction.html">9.1. Introduction</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="block-diagram.html">9.2. Block Diagram</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="pre-steps.html">9.3. Steps needed before running <code class="docutils literal notranslate"><span class="pre">ssscli</span></code> tool</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="running.html">9.4. Running the <code class="docutils literal notranslate"><span class="pre">ssscli</span></code> tool - Windows</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../Provisioning/readme.html">9.5. CLI Provisioning</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="readme_usage_examples.html">9.6. Usage Examples</a></li> |
| <li class="toctree-l2 current"><a class="current reference internal" href="#">9.7. List of <code class="docutils literal notranslate"><span class="pre">ssscli</span></code> commands</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="cli_data_format.html">9.8. CLI Data formats</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="cli_object_policy.html">9.9. Object Policies Through ssscli</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../appendix/upload_se05x_using_pycli.html">9.10. Upload keys and certificates to SE05X using ssscli tool</a></li> |
| </ul> |
| </li> |
| <li class="toctree-l1"><a class="reference internal" href="../../a71ch.html">10. A71CH</a><ul> |
| <li class="toctree-l2"><a class="reference internal" href="../../a71ch/a71ch_sss.html">10.1. A71CH and SSS API</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../a71ch/a71ch_miscellaneous.html">10.2. Miscellaneous</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../a71ch/a71ch_legacy_host_api.html">10.3. A71CH Legacy API</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../a71ch/a71ch_legacy_hlse_api.html">10.4. A71CH Legacy HLSE (Generic) API</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../a71ch/a71ch_configure_tool.html">10.5. A71CH Legacy Configure Tool</a></li> |
| </ul> |
| </li> |
| <li class="toctree-l1"><a class="reference internal" href="../../appendix.html">11. Appendix</a><ul> |
| <li class="toctree-l2"><a class="reference internal" href="../../appendix/glossary.html">11.1. Glossary</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../appendix/vcom.html">11.2. APDU Commands over VCOM</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../appendix/vs2019-setup.html">11.3. Visual Studio 2019 Setup</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../appendix/ide_mcux.html">11.4. Setting up MCUXPresso IDE</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../dev-platforms.html">11.5. Development Platforms</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../appendix/se_uid.html">11.6. How to get SE Platform Information and UID</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../appendix/version_info.html">11.7. Version Information</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../demos/Certificate_Chains/Readme.html">11.8. Certificate Chains</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../appendix/rjct_server.html">11.9. JRCP_v1 Server</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../appendix/platfscp.html">11.10. Using own Platform SCP03 Keys</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../appendix/apdu_write_to_buffer.html">11.11. Write APDU to buffer</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../api/api_list.html">11.12. Plug & Trust MW APIs</a></li> |
| </ul> |
| </li> |
| </ul> |
| </ul> |
| </li> |
| |
| <li class="dropdown"> |
| <a role="button" |
| id="dLabelLocalToc" |
| data-toggle="dropdown" |
| data-target="#" |
| href="#">Page <b class="caret"></b></a> |
| <ul class="dropdown-menu localtoc" |
| role="menu" |
| aria-labelledby="dLabelLocalToc"><ul> |
| <li><a class="reference internal" href="#">9.7. List of <code class="docutils literal notranslate"><span class="pre">ssscli</span></code> commands</a><ul> |
| <li><a class="reference internal" href="#ssscli-commands">9.7.1. ssscli Commands</a></li> |
| <li><a class="reference internal" href="#set-commands">9.7.2. Set Commands</a></li> |
| <li><a class="reference internal" href="#get-commands">9.7.3. Get Commands</a></li> |
| <li><a class="reference internal" href="#generate-commands">9.7.4. Generate Commands</a></li> |
| <li><a class="reference internal" href="#refpem-commands">9.7.5. Refpem Commands</a></li> |
| <li><a class="reference internal" href="#se05x-commands">9.7.6. Se05x Commands</a></li> |
| <li><a class="reference internal" href="#a71ch-commands">9.7.7. A71CH Commands</a></li> |
| <li><a class="reference internal" href="#policy-commands">9.7.8. POLICY Commands</a></li> |
| </ul> |
| </li> |
| </ul> |
| </ul> |
| </li> |
| |
| |
| |
| |
| |
| <li> |
| <a href="readme_usage_examples.html" title="Previous Chapter: 9.6. Usage Examples"><span class="glyphicon glyphicon-chevron-left visible-sm"></span><span class="hidden-sm hidden-tablet">« 9.6. Usage Examples</span> |
| </a> |
| </li> |
| <li> |
| <a href="cli_data_format.html" title="Next Chapter: 9.8. CLI Data formats"><span class="glyphicon glyphicon-chevron-right visible-sm"></span><span class="hidden-sm hidden-tablet">9.8. CLI Data formats »</span> |
| </a> |
| </li> |
| |
| |
| |
| |
| |
| </ul> |
| |
| |
| |
| </div> |
| </div> |
| </div> |
| |
| <div class="container"> |
| <div class="row"> |
| <div class="col-md-3"> |
| <div id="sidebar" class="bs-sidenav" role="complementary"> |
| |
| <div class="sidebar-header"> |
| <h3>Plug & Trust MW</h3> |
| </div> |
| |
| <div class="row"> |
| <ul class="current"> |
| <li class="toctree-l1"><a class="reference internal" href="../../index.html">1. NXP Plug & Trust Middleware</a></li> |
| <li class="toctree-l1"><a class="reference internal" href="../../changes/index.html">2. Changes</a></li> |
| <li class="toctree-l1"><a class="reference internal" href="../../stack/index.html">3. Plug & Trust MW Stack</a></li> |
| <li class="toctree-l1"><a class="reference internal" href="../../building/index.html">4. Building / Compiling</a></li> |
| <li class="toctree-l1"><a class="reference internal" href="../../demos/index.html">5. Demo and Examples</a></li> |
| <li class="toctree-l1"><a class="reference internal" href="../../edgelock2go-agent.html">6. NXP EdgeLock 2GO Agent</a></li> |
| <li class="toctree-l1"><a class="reference internal" href="../../semslite/doc/index.html">7. SEMS Lite Agent</a></li> |
| <li class="toctree-l1"><a class="reference internal" href="../../plugins/index.html">8. Plugins / Add-ins</a></li> |
| <li class="toctree-l1 current"><a class="reference internal" href="../../cli-tool.html">9. CLI Tool</a><ul class="current"> |
| <li class="toctree-l2"><a class="reference internal" href="introduction.html">9.1. Introduction</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="block-diagram.html">9.2. Block Diagram</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="pre-steps.html">9.3. Steps needed before running <code class="docutils literal notranslate"><span class="pre">ssscli</span></code> tool</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="running.html">9.4. Running the <code class="docutils literal notranslate"><span class="pre">ssscli</span></code> tool - Windows</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../Provisioning/readme.html">9.5. CLI Provisioning</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="readme_usage_examples.html">9.6. Usage Examples</a></li> |
| <li class="toctree-l2 current"><a class="current reference internal" href="#">9.7. List of <code class="docutils literal notranslate"><span class="pre">ssscli</span></code> commands</a><ul> |
| <li class="toctree-l3"><a class="reference internal" href="#ssscli-commands">9.7.1. ssscli Commands</a></li> |
| <li class="toctree-l3"><a class="reference internal" href="#set-commands">9.7.2. Set Commands</a></li> |
| <li class="toctree-l3"><a class="reference internal" href="#get-commands">9.7.3. Get Commands</a></li> |
| <li class="toctree-l3"><a class="reference internal" href="#generate-commands">9.7.4. Generate Commands</a></li> |
| <li class="toctree-l3"><a class="reference internal" href="#refpem-commands">9.7.5. Refpem Commands</a></li> |
| <li class="toctree-l3"><a class="reference internal" href="#se05x-commands">9.7.6. Se05x Commands</a></li> |
| <li class="toctree-l3"><a class="reference internal" href="#a71ch-commands">9.7.7. A71CH Commands</a></li> |
| <li class="toctree-l3"><a class="reference internal" href="#policy-commands">9.7.8. POLICY Commands</a></li> |
| </ul> |
| </li> |
| <li class="toctree-l2"><a class="reference internal" href="cli_data_format.html">9.8. CLI Data formats</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="cli_object_policy.html">9.9. Object Policies Through ssscli</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../../appendix/upload_se05x_using_pycli.html">9.10. Upload keys and certificates to SE05X using ssscli tool</a></li> |
| </ul> |
| </li> |
| <li class="toctree-l1"><a class="reference internal" href="../../a71ch.html">10. A71CH</a></li> |
| <li class="toctree-l1"><a class="reference internal" href="../../appendix.html">11. Appendix</a></li> |
| </ul> |
| |
| </div> |
| <div class="row"> |
| <form class="form" action="../../search.html" method="get"> |
| <div class="form-group"> |
| <label for="Search">Search:</label> |
| <input type="text" name="q" class="form-control" placeholder="Search" /> |
| </div> |
| <input type="hidden" name="check_keywords" value="yes" /> |
| <input type="hidden" name="area" value="default" /> |
| </form> |
| </div> |
| </div> |
| </div> |
| <div class="body col-md-9 content" role="main"> |
| |
| <div class="section" id="list-of-ssscli-commands"> |
| <span id="cli-cmd-list"></span><h1><span class="section-number">9.7. </span>List of <code class="docutils literal notranslate"><span class="pre">ssscli</span></code> commands<a class="headerlink" href="#list-of-ssscli-commands" title="Permalink to this headline">¶</a></h1> |
| <p>ssscli uses PEM, DER and HEX data formats for keys and certificates. Refer <a class="reference internal" href="cli_data_format.html#cli-data-format"><span class="std std-ref">CLI Data formats</span></a>.</p> |
| <div class="admonition note"> |
| <p class="admonition-title">Note</p> |
| <p>Linux Environment</p> |
| <p>You can <code class="docutils literal notranslate"><span class="pre">source</span> <span class="pre">pycli/ssscli-bash-completion.sh</span></code> for auto-completion |
| on bash with linux/posix based environemnt.</p> |
| </div> |
| <div class="section" id="ssscli-commands"> |
| <h2><span class="section-number">9.7.1. </span>ssscli Commands<a class="headerlink" href="#ssscli-commands" title="Permalink to this headline">¶</a></h2> |
| <p>These are the top level commands accepted by the ssscli Tool.</p> |
| <ol class="arabic"> |
| <li><p><code class="docutils literal notranslate"><span class="pre">ssscli</span></code>:</p> |
| <div class="highlight-bat notranslate"><div class="highlight"><pre><span></span>Usage: ssscli [OPTIONS] COMMAND [ARGS]... |
| |
| Command line interface for SE050 |
| |
| Options: |
| -v, --verbose Enables verbose mode. |
| --version Show the version and exit. |
| --help Show this message and exit. |
| |
| Commands: |
| a71ch A71CH specific commands |
| cloud (Not Implemented) Cloud Specific utilities. |
| connect Open Session. |
| decrypt Decrypt Operation |
| disconnect Close session. |
| encrypt Encrypt Operation |
| <span class="k">erase</span> Erase ECC/RSA/AES Keys or Certificate (contents) |
| generate Generate ECC/RSA Key pair |
| get Get ECC/RSA/AES Keys or certificates |
| policy Create/Dump Object Policy |
| refpem Create Reference PEM/DER files (For OpenSSL Engine). |
| se05x SE05X specific commands |
| <span class="k">set</span> <span class="nv">Set ECC/RSA/AES Keys or certificates</span> |
| sign Sign Operation |
| <span class="k">verify</span> verify Operation |
| </pre></div> |
| </div> |
| </li> |
| <li><p><code class="docutils literal notranslate"><span class="pre">ssscli</span> <span class="pre">connect</span></code>:</p> |
| <div class="highlight-bat notranslate"><div class="highlight"><pre><span></span>Usage: ssscli connect [OPTIONS] subsystem method port_name |
| |
| Open Session. |
| |
| subsystem = Security subsystem is selected to be used. Can be one of |
| <span class="s2">"se05x, a71ch, mbedtls, openssl"</span> |
| |
| method = Connection method to the system. Can be one of <span class="s2">"none, sci2c,</span> |
| vcom, t1oi2c, jrcpv1, jrcpv2, pcsc<span class="s2">"</span> |
| |
| port_name = Subsystem specific connection parameters. Example: COM6, |
| 127.0.0.1:8050. Use <span class="s2">"None"</span> where not applicable. e.g. SCI2C/T1oI2C. |
| Default i2c port (i2c-1) will be used for port name = <span class="s2">"None"</span>. |
| |
| Options: |
| --auth_type [None<span class="p">|</span>PlatformSCP<span class="p">|</span>UserID<span class="p">|</span>ECKey<span class="p">|</span>AESKey<span class="p">|</span>UserID_PlatformSCP<span class="p">|</span>ECKey_PlatformSCP<span class="p">|</span>AESKey_PlatformSCP] |
| Authentication type. Default is <span class="s2">"None"</span>. Can |
| be one of <span class="s2">"None, UserID, ECKey, AESKey,</span> |
| PlatformSCP, UserID_PlatformSCP, |
| ECKey_PlatformSCP, AESKey_PlatformSCP<span class="s2">"</span> |
| |
| --scpkey TEXT File path of the platformscp keys for |
| platformscp session |
| |
| --help Show this message and exit. |
| </pre></div> |
| </div> |
| </li> |
| <li><p><code class="docutils literal notranslate"><span class="pre">ssscli</span> <span class="pre">disconnect</span></code>:</p> |
| <div class="highlight-bat notranslate"><div class="highlight"><pre><span></span>Usage: ssscli disconnect [OPTIONS] |
| |
| Close session. |
| |
| Options: |
| --help Show this message and exit. |
| </pre></div> |
| </div> |
| </li> |
| <li><p><code class="docutils literal notranslate"><span class="pre">ssscli</span> <span class="pre">set</span></code>:</p> |
| <div class="highlight-bat notranslate"><div class="highlight"><pre><span></span>Usage: ssscli set [OPTIONS] COMMAND [ARGS]... |
| |
| <span class="k">Set</span> <span class="nv">ECC/RSA/AES Keys or certificates</span> |
| |
| Options: |
| --help Show this message and exit. |
| |
| Commands: |
| aes Set AES Keys |
| cert Set Certificate |
| ecc Set ECC Keys |
| hmac Set HMAC Keys |
| rsa Set RSA Keys |
| </pre></div> |
| </div> |
| </li> |
| <li><p><code class="docutils literal notranslate"><span class="pre">ssscli</span> <span class="pre">get</span></code>:</p> |
| <div class="highlight-bat notranslate"><div class="highlight"><pre><span></span>Usage: ssscli get [OPTIONS] COMMAND [ARGS]... |
| |
| Get ECC/RSA/AES Keys or certificates |
| |
| Options: |
| --help Show this message and exit. |
| |
| Commands: |
| aes Get AES Keys |
| cert Get Certificate |
| ecc Get ECC Keys |
| rsa Get RSA Keys |
| </pre></div> |
| </div> |
| </li> |
| <li><p><code class="docutils literal notranslate"><span class="pre">ssscli</span> <span class="pre">generate</span></code>:</p> |
| <div class="highlight-bat notranslate"><div class="highlight"><pre><span></span>Usage: ssscli generate [OPTIONS] COMMAND [ARGS]... |
| |
| Generate ECC/RSA Key pair |
| |
| Options: |
| --help Show this message and exit. |
| |
| Commands: |
| ecc Generate ECC Key |
| pub Generate ECC Public Key to file |
| rsa Generate RSA Key |
| </pre></div> |
| </div> |
| </li> |
| <li><p><code class="docutils literal notranslate"><span class="pre">ssscli</span> <span class="pre">erase</span></code>:</p> |
| <div class="highlight-bat notranslate"><div class="highlight"><pre><span></span>Usage: ssscli erase [OPTIONS] keyid |
| |
| <span class="k">Erase</span> ECC/RSA/AES Keys or Certificate (contents) |
| |
| keyid = 32bit Key ID. Should be in hex format. Example: 20E8A001 |
| |
| Options: |
| --help Show this message and exit. |
| </pre></div> |
| </div> |
| </li> |
| <li><p><code class="docutils literal notranslate"><span class="pre">ssscli</span> <span class="pre">cloud</span></code>:</p> |
| <div class="highlight-bat notranslate"><div class="highlight"><pre><span></span>Usage: ssscli cloud [OPTIONS] COMMAND [ARGS]... |
| |
| <span class="p">(</span>Not Implemented<span class="p">)</span> Cloud Specific utilities. |
| |
| This helps to handle GCP/AWS/Watson specific settings. |
| |
| Options: |
| --help Show this message and exit. |
| |
| Commands: |
| aws (Not Implemented) AWS (Amazon Web Services) Specific utilities This... |
| gcp (Not Implemented) GCP (Google Cloud Platform) Specific utilities |
| This... |
| |
| ibm (Not Implemented) IBM Watson Specific utilities This helps to handle... |
| </pre></div> |
| </div> |
| </li> |
| <li><p><code class="docutils literal notranslate"><span class="pre">ssscli</span> <span class="pre">a71ch</span></code>:</p> |
| <div class="highlight-bat notranslate"><div class="highlight"><pre><span></span>Usage: ssscli a71ch [OPTIONS] COMMAND [ARGS]... |
| |
| A71CH specific commands |
| |
| Options: |
| --help Show this message and exit. |
| |
| Commands: |
| reset Debug Reset A71CH |
| uid Get A71CH Unique ID |
| </pre></div> |
| </div> |
| </li> |
| <li><p><code class="docutils literal notranslate"><span class="pre">ssscli</span> <span class="pre">se05x</span></code>:</p> |
| <div class="highlight-bat notranslate"><div class="highlight"><pre><span></span>Usage: ssscli se05x [OPTIONS] COMMAND [ARGS]... |
| |
| SE05X specific commands |
| |
| Options: |
| --help Show this message and exit. |
| |
| Commands: |
| certuid Get SE05X Cert Unique ID (10 bytes) |
| readidlist Read contents of SE050 |
| reset Reset SE05X |
| uid Get SE05X Unique ID (18 bytes) |
| </pre></div> |
| </div> |
| </li> |
| <li><p><code class="docutils literal notranslate"><span class="pre">ssscli</span> <span class="pre">refpem</span></code>:</p> |
| <div class="highlight-bat notranslate"><div class="highlight"><pre><span></span>Usage: ssscli refpem [OPTIONS] COMMAND [ARGS]... |
| |
| Create Reference PEM/DER files (For OpenSSL Engine). |
| |
| Options: |
| --help Show this message and exit. |
| |
| Commands: |
| ecc Refpem ECC Keys |
| rsa Refpem RSA Keys |
| </pre></div> |
| </div> |
| </li> |
| <li><p><code class="docutils literal notranslate"><span class="pre">ssscli</span> <span class="pre">sign</span></code>:</p> |
| <div class="highlight-bat notranslate"><div class="highlight"><pre><span></span>Usage: ssscli sign [OPTIONS] keyid input_file signature_file |
| |
| Sign Operation |
| |
| keyid = 32bit Key ID. Should be in hex format. Example: 20E8A001 |
| |
| input_file = Input file to sign. By default filename with extension .pem |
| and .cer considered as PEM format, others as DER/BINARY format. |
| |
| signature_file = File name to store signature data. By default filename |
| with extension .pem in PEM format and others in DER format. |
| |
| Options: |
| --informat TEXT Input format. TEXT can be <span class="s2">"DER"</span> or <span class="s2">"PEM"</span>. |
| --outformat TEXT Output file format. TEXT can be <span class="s2">"DER"</span> or <span class="s2">"PEM"</span> |
| --hashalgo TEXT Hash algorithm. TEXT can be one of <span class="s2">"SHA1, SHA224, SHA256,</span> |
| SHA384, SHA512, RSASSA_PKCS1_V1_5_SHA1, |
| RSASSA_PKCS1_V1_5_SHA224, RSASSA_PKCS1_V1_5_SHA256, |
| RSASSA_PKCS1_V1_5_SHA384, RSASSA_PKCS1_V1_5_SHA512, |
| RSASSA_PKCS1_PSS_MGF1_SHA1, RSASSA_PKCS1_PSS_MGF1_SHA224, |
| RSASSA_PKCS1_PSS_MGF1_SHA256, |
| RSASSA_PKCS1_PSS_MGF1_SHA384, |
| RSASSA_PKCS1_PSS_MGF1_SHA512<span class="s2">"</span> |
| |
| --help Show this message and exit. |
| </pre></div> |
| </div> |
| </li> |
| <li><p><code class="docutils literal notranslate"><span class="pre">ssscli</span> <span class="pre">verify</span></code>:</p> |
| <div class="highlight-bat notranslate"><div class="highlight"><pre><span></span>Usage: ssscli verify [OPTIONS] keyid input_file signature_file |
| |
| <span class="k">verify</span> operation |
| |
| keyid = 32bit Key ID. Should be in hex format. Example: 20E8A001 |
| |
| input_file = Input file to verify. By default filename with extension .pem |
| and .cer considered as PEM format, others as DER/BINARY format. |
| |
| filename = signature_file data file for verification. By default filename |
| with extension .pem in PEM format and others in DER format. |
| |
| Options: |
| --format TEXT input_file and signature file format. TEXT can be <span class="s2">"DER"</span> or |
| <span class="s2">"PEM"</span> |
| |
| --hashalgo TEXT Hash algorithm. TEXT can be one of <span class="s2">"SHA1, SHA224, SHA256,</span> |
| SHA384, SHA512, RSASSA_PKCS1_V1_5_SHA1, |
| RSASSA_PKCS1_V1_5_SHA224, RSASSA_PKCS1_V1_5_SHA256, |
| RSASSA_PKCS1_V1_5_SHA384, RSASSA_PKCS1_V1_5_SHA512, |
| RSASSA_PKCS1_PSS_MGF1_SHA1, RSASSA_PKCS1_PSS_MGF1_SHA224, |
| RSASSA_PKCS1_PSS_MGF1_SHA256, RSASSA_PKCS1_PSS_MGF1_SHA384, |
| RSASSA_PKCS1_PSS_MGF1_SHA512<span class="s2">"</span> |
| |
| --help Show this message and exit. |
| </pre></div> |
| </div> |
| </li> |
| <li><p><code class="docutils literal notranslate"><span class="pre">ssscli</span> <span class="pre">encrypt</span></code>:</p> |
| <div class="highlight-bat notranslate"><div class="highlight"><pre><span></span>Usage: ssscli encrypt [OPTIONS] keyid input_data filename |
| |
| Sign Operation |
| |
| keyid = 32bit Key ID. Should be in hex format. Example: 20E8A001 |
| |
| input_data = Input data to Encrypt. can be raw string or in file. |
| |
| filename = Output file name to store encrypted data. Encrypted data will |
| be stored in DER format. |
| |
| Options: |
| --algo TEXT Algorithm. TEXT can be one of <span class="s2">"oaep"</span>, <span class="s2">"rsaes"</span> |
| --help Show this message and exit. |
| </pre></div> |
| </div> |
| </li> |
| <li><p><code class="docutils literal notranslate"><span class="pre">ssscli</span> <span class="pre">decrypt</span></code>:</p> |
| <div class="highlight-bat notranslate"><div class="highlight"><pre><span></span>Usage: ssscli decrypt [OPTIONS] keyid encrypted_data filename |
| |
| Sign Operation |
| |
| keyid = 32bit Key ID. Should be in hex format. Example: 20E8A001 |
| |
| encrypted_data = Encrypted data to Decrypt. can be raw data or in file. |
| Input data should be in DER format. |
| |
| filename = Output file name to store Decrypted data. |
| |
| Options: |
| --algo TEXT Algorithm. TEXT can be one of <span class="s2">"oaep"</span>, <span class="s2">"rsaes"</span> |
| --help Show this message and exit. |
| </pre></div> |
| </div> |
| </li> |
| <li><p><code class="docutils literal notranslate"><span class="pre">ssscli</span> <span class="pre">policy</span></code>:</p> |
| <div class="highlight-bat notranslate"><div class="highlight"><pre><span></span>Usage: ssscli policy [OPTIONS] COMMAND [ARGS]... |
| |
| Create/Dump Object Policy |
| |
| Options: |
| --help Show this message and exit. |
| |
| Commands: |
| asymkey Create Asymmetric Key Object Policy |
| common Create Common Object Policy |
| commonpcrvalue Create Common PCR Value Object Policy |
| counter Create Counter Object Policy |
| dump Display Created Object Policy |
| file Create Binary file Object Policy |
| pcr Create PCR Object Policy |
| symkey Create Symmetric Key Object Policy |
| userid Create User ID Object Policy |
| </pre></div> |
| </div> |
| </li> |
| </ol> |
| </div> |
| <div class="section" id="set-commands"> |
| <h2><span class="section-number">9.7.2. </span>Set Commands<a class="headerlink" href="#set-commands" title="Permalink to this headline">¶</a></h2> |
| <p>These commands are used to set/put objects/keys to the target secure subsystem.</p> |
| <ol class="arabic"> |
| <li><p><code class="docutils literal notranslate"><span class="pre">ssscli</span> <span class="pre">set</span> <span class="pre">aes</span></code>:</p> |
| <div class="highlight-bat notranslate"><div class="highlight"><pre><span></span>Usage: ssscli set aes [OPTIONS] keyid key |
| |
| <span class="k">Set</span> <span class="nv">AES Keys</span> |
| |
| keyid = 32bit Key ID. Should be in hex format. Example: 20E8A001 |
| |
| key = Can be in file or raw key in DER or HEX format |
| |
| Options: |
| --policy_name TEXT File name of the policy to be applied |
| --help Show this message and exit. |
| </pre></div> |
| </div> |
| </li> |
| <li><p><code class="docutils literal notranslate"><span class="pre">ssscli</span> <span class="pre">set</span> <span class="pre">hmac</span></code>:</p> |
| <div class="highlight-bat notranslate"><div class="highlight"><pre><span></span>Usage: ssscli set hmac [OPTIONS] keyid key |
| |
| <span class="k">Set</span> <span class="nv">HMAC Keys</span> |
| |
| keyid = 32bit Key ID. Should be in hex format. Example: 20E8A001 |
| |
| key = Can be in file or raw key in DER or HEX format |
| |
| Options: |
| --help Show this message and exit. |
| </pre></div> |
| </div> |
| </li> |
| <li><p><code class="docutils literal notranslate"><span class="pre">ssscli</span> <span class="pre">set</span> <span class="pre">cert</span></code>:</p> |
| <div class="highlight-bat notranslate"><div class="highlight"><pre><span></span>Usage: ssscli set cert [OPTIONS] keyid key |
| |
| <span class="k">Set</span> <span class="nv">Certificate</span> |
| |
| keyid = 32bit Key ID. Should be in hex format. Example: 20E8A001 |
| |
| key = Can be raw certificate (DER format) or in file. For file, by default |
| filename with extension .pem and .cer considered as PEM format and others |
| as DER format. |
| |
| Options: |
| --format TEXT Input certificate format. TEXT can be <span class="s2">"DER"</span> or <span class="s2">"PEM"</span> |
| --policy_name TEXT File name of the policy to be applied |
| --help Show this message and exit. |
| </pre></div> |
| </div> |
| </li> |
| <li><p><code class="docutils literal notranslate"><span class="pre">ssscli</span> <span class="pre">set</span> <span class="pre">ecc</span> <span class="pre">pair</span></code>:</p> |
| <div class="highlight-bat notranslate"><div class="highlight"><pre><span></span>Usage: ssscli set ecc pair [OPTIONS] keyid key |
| |
| <span class="k">Set</span> <span class="nv">ECC Key pair</span> |
| |
| keyid = 32bit Key ID. Should be in hex format. Example: 20E8A001 |
| |
| key = Can be raw key (DER format) or in file. For file, by default |
| filename with extension .pem considered as PEM format and others as DER |
| format. |
| |
| Options: |
| --format TEXT Input key format. TEXT can be <span class="s2">"DER"</span> or <span class="s2">"PEM"</span> |
| --policy_name TEXT File name of the policy to be applied |
| --help Show this message and exit. |
| </pre></div> |
| </div> |
| </li> |
| <li><p><code class="docutils literal notranslate"><span class="pre">ssscli</span> <span class="pre">set</span> <span class="pre">ecc</span> <span class="pre">pub</span></code>:</p> |
| <div class="highlight-bat notranslate"><div class="highlight"><pre><span></span>Usage: ssscli set ecc pub [OPTIONS] keyid key |
| |
| <span class="k">Set</span> <span class="nv">ECC Public Keys</span> |
| |
| keyid = 32bit Key ID. Should be in hex format. Example: 20E8A001 |
| |
| key = Can be raw key (DER format) or in file. For file, by default |
| filename with extension .pem considered as PEM format and others as DER |
| format. |
| |
| Options: |
| --format TEXT Input key format. TEXT can be <span class="s2">"DER"</span> or <span class="s2">"PEM"</span> |
| --policy_name TEXT File name of the policy to be applied |
| --help Show this message and exit. |
| </pre></div> |
| </div> |
| </li> |
| <li><p><code class="docutils literal notranslate"><span class="pre">ssscli</span> <span class="pre">set</span> <span class="pre">rsa</span> <span class="pre">pair</span></code>:</p> |
| <div class="highlight-bat notranslate"><div class="highlight"><pre><span></span>Usage: ssscli set rsa pair [OPTIONS] keyid key |
| |
| <span class="k">Set</span> <span class="nv">RSA Key Pair</span> |
| |
| keyid = 32bit Key ID. Should be in hex format. Example: 20E8A001 |
| |
| key = Can be raw key (DER format) or in file. For file, by default |
| filename with extension .pem considered as PEM format and others as DER |
| format. |
| |
| Options: |
| --format TEXT Input key format. TEXT can be <span class="s2">"DER"</span> or <span class="s2">"PEM"</span> |
| --policy_name TEXT File name of the policy to be applied |
| --help Show this message and exit. |
| </pre></div> |
| </div> |
| </li> |
| <li><p><code class="docutils literal notranslate"><span class="pre">ssscli</span> <span class="pre">set</span> <span class="pre">rsa</span> <span class="pre">pub</span></code>:</p> |
| <div class="highlight-bat notranslate"><div class="highlight"><pre><span></span>Usage: ssscli set rsa pub [OPTIONS] keyid key |
| |
| <span class="k">Set</span> <span class="nv">RSA Public Keys</span> |
| |
| keyid = 32bit Key ID. Should be in hex format. Example: 20E8A001 |
| |
| key = Can be raw key (DER format) or in file. For file, by default |
| filename with extension .pem considered as PEM format and others as DER |
| format. |
| |
| Options: |
| --format TEXT Input key format. TEXT can be <span class="s2">"DER"</span> or <span class="s2">"PEM"</span> |
| --policy_name TEXT File name of the policy to be applied |
| --help Show this message and exit. |
| </pre></div> |
| </div> |
| </li> |
| </ol> |
| </div> |
| <div class="section" id="get-commands"> |
| <h2><span class="section-number">9.7.3. </span>Get Commands<a class="headerlink" href="#get-commands" title="Permalink to this headline">¶</a></h2> |
| <p>These commands are used to retereive/get objects/keys from the target secure subsystem.</p> |
| <ol class="arabic"> |
| <li><p><code class="docutils literal notranslate"><span class="pre">ssscli</span> <span class="pre">get</span> <span class="pre">aes</span></code>:</p> |
| <div class="highlight-bat notranslate"><div class="highlight"><pre><span></span>Usage: ssscli get aes [OPTIONS] keyid filename |
| |
| Get AES Keys |
| |
| keyid = 32bit Key ID. Should be in hex format. Example: 20E8A001 |
| |
| filename = File name to store key. Data can be in PEM or DER format based |
| on file extension. By default filename with extension .pem in PEM format |
| and others in DER format. |
| |
| Options: |
| --format TEXT Output file format. TEXT can be <span class="s2">"DER"</span> or <span class="s2">"PEM"</span> |
| --help Show this message and exit. |
| </pre></div> |
| </div> |
| </li> |
| <li><p><code class="docutils literal notranslate"><span class="pre">ssscli</span> <span class="pre">get</span> <span class="pre">cert</span></code>:</p> |
| <div class="highlight-bat notranslate"><div class="highlight"><pre><span></span>Usage: ssscli get cert [OPTIONS] keyid filename |
| |
| Get Certificate |
| |
| keyid = 32bit Key ID. Should be in hex format. Example: 401286E6 |
| |
| filename = File name to store certificate. Data can be in PEM or DER |
| format based on file extension. By default filename with extension .pem |
| and .cer in PEM format and others in DER format. |
| |
| Options: |
| --format TEXT Output file format. TEXT can be <span class="s2">"DER"</span> or <span class="s2">"PEM"</span> |
| --help Show this message and exit. |
| </pre></div> |
| </div> |
| </li> |
| <li><p><code class="docutils literal notranslate"><span class="pre">ssscli</span> <span class="pre">get</span> <span class="pre">ecc</span> <span class="pre">pair</span></code>:</p> |
| <div class="highlight-bat notranslate"><div class="highlight"><pre><span></span>Usage: ssscli get ecc pair [OPTIONS] keyid filename |
| |
| Get ECC Pair |
| |
| keyid = 32bit Key ID. Should be in hex format. Example: 20E8A001 |
| |
| filename = File name to store key. Data can be in PEM or DER format based |
| on file extension. By default filename with extension .pem in PEM format |
| and others in DER format. |
| |
| Options: |
| --format TEXT Output file format. TEXT can be <span class="s2">"DER"</span> or <span class="s2">"PEM"</span> |
| --help Show this message and exit. |
| </pre></div> |
| </div> |
| </li> |
| <li><p><code class="docutils literal notranslate"><span class="pre">ssscli</span> <span class="pre">get</span> <span class="pre">ecc</span> <span class="pre">pub</span></code>:</p> |
| <div class="highlight-bat notranslate"><div class="highlight"><pre><span></span>Usage: ssscli get ecc pub [OPTIONS] keyid filename |
| |
| Get ECC Pub |
| |
| keyid = 32bit Key ID. Should be in hex format. Example: 20E8A001 |
| |
| filename = File name to store key. Data can be in PEM or DER format based |
| on file extension. By default filename with extension .pem in PEM format |
| and others in DER format. |
| |
| Options: |
| --format TEXT Output file format. TEXT can be <span class="s2">"DER"</span> or <span class="s2">"PEM"</span> |
| --help Show this message and exit. |
| </pre></div> |
| </div> |
| </li> |
| <li><p><code class="docutils literal notranslate"><span class="pre">ssscli</span> <span class="pre">get</span> <span class="pre">rsa</span> <span class="pre">pair</span></code>:</p> |
| <div class="highlight-bat notranslate"><div class="highlight"><pre><span></span>Usage: ssscli get rsa pair [OPTIONS] keyid filename |
| |
| Get RSA Pair |
| |
| keyid = 32bit Key ID. Should be in hex format. Example: 20E8A001 |
| |
| filename = File name to store key. Data can be in PEM or DER format based |
| on file extension. By default filename with extension .pem in PEM format |
| and others in DER format. |
| |
| Options: |
| --format TEXT Output file format. TEXT can be <span class="s2">"DER"</span> or <span class="s2">"PEM"</span> |
| --help Show this message and exit. |
| </pre></div> |
| </div> |
| </li> |
| <li><p><code class="docutils literal notranslate"><span class="pre">ssscli</span> <span class="pre">get</span> <span class="pre">rsa</span> <span class="pre">pub</span></code>:</p> |
| <div class="highlight-bat notranslate"><div class="highlight"><pre><span></span>Usage: ssscli get rsa pub [OPTIONS] keyid filename |
| |
| Get RSA Pub |
| |
| keyid = 32bit Key ID. Should be in hex format. Example: 20E8A001 |
| |
| filename = File name to store key. Data can be in PEM or DER format based |
| on file extension. By default filename with extension .pem in PEM format |
| and others in DER format. |
| |
| Options: |
| --format TEXT Output file format. TEXT can be <span class="s2">"DER"</span> or <span class="s2">"PEM"</span> |
| --help Show this message and exit. |
| </pre></div> |
| </div> |
| </li> |
| </ol> |
| </div> |
| <div class="section" id="generate-commands"> |
| <h2><span class="section-number">9.7.4. </span>Generate Commands<a class="headerlink" href="#generate-commands" title="Permalink to this headline">¶</a></h2> |
| <p>These commands are used to generate objects/keys inside the target secure subsystem.</p> |
| <ol class="arabic"> |
| <li><p><code class="docutils literal notranslate"><span class="pre">ssscli</span> <span class="pre">generate</span> <span class="pre">ecc</span></code>:</p> |
| <div class="highlight-bat notranslate"><div class="highlight"><pre><span></span>Usage: ssscli generate ecc [OPTIONS] keyid [NIST_P192<span class="p">|</span>NIST_P224<span class="p">|</span>NIST_P256<span class="p">|</span>NIST |
| _P384<span class="p">|</span>NIST_P521<span class="p">|</span>Brainpool160<span class="p">|</span>Brainpool192<span class="p">|</span>Brainpool |
| 224<span class="p">|</span>Brainpool256<span class="p">|</span>Brainpool320<span class="p">|</span>Brainpool384<span class="p">|</span>Brainpoo |
| l512<span class="p">|</span>Secp160k1<span class="p">|</span>Secp192k1<span class="p">|</span>Secp224k1<span class="p">|</span>Secp256k1<span class="p">|</span>ED_255 |
| 19<span class="p">|</span>MONT_DH_25519<span class="p">|</span>MONT_DH_448] |
| |
| Generate ECC Key |
| |
| keyid = 32bit Key ID. Should be in hex format. Example: 20E8A001 |
| |
| curvetype = ECC Curve type. can be one of <span class="s2">"NIST_P192, NIST_P224,</span> |
| NIST_P256, NIST_P384, NIST_P521, Brainpool160, Brainpool192, Brainpool224, |
| Brainpool256, Brainpool320, Brainpool384, Brainpool512, Secp160k1, |
| Secp192k1, Secp224k1, Secp256k1, ED_25519, MONT_DH_25519, MONT_DH_448<span class="s2">"</span> |
| |
| Options: |
| --policy_name TEXT File name of the policy to be applied |
| --help Show this message and exit. |
| </pre></div> |
| </div> |
| </li> |
| <li><p><code class="docutils literal notranslate"><span class="pre">ssscli</span> <span class="pre">generate</span> <span class="pre">rsa</span></code>:</p> |
| <div class="highlight-bat notranslate"><div class="highlight"><pre><span></span>Usage: ssscli generate rsa [OPTIONS] keyid [1024<span class="p">|</span>2048<span class="p">|</span>3072<span class="p">|</span>4096] |
| |
| Generate RSA Key |
| |
| keyid = 32bit Key ID. Should be in hex format. Example: 20E8A001 |
| |
| bits = Number of bits. can be one of <span class="s2">"1024, 2048, 3072, 4096"</span> |
| |
| Options: |
| --policy_name TEXT File name of the policy to be applied |
| --help Show this message and exit. |
| </pre></div> |
| </div> |
| </li> |
| </ol> |
| </div> |
| <div class="section" id="refpem-commands"> |
| <h2><span class="section-number">9.7.5. </span>Refpem Commands<a class="headerlink" href="#refpem-commands" title="Permalink to this headline">¶</a></h2> |
| <p>These commands are used to get Reference/masked Keys usable by openssl engines.</p> |
| <ol class="arabic"> |
| <li><p><code class="docutils literal notranslate"><span class="pre">ssscli</span> <span class="pre">refpem</span> <span class="pre">ecc</span> <span class="pre">pair</span></code>:</p> |
| <div class="highlight-bat notranslate"><div class="highlight"><pre><span></span>Usage: ssscli refpem ecc pair [OPTIONS] keyid filename |
| |
| Create reference PEM file for ECC Pair |
| |
| keyid = 32bit Key ID. Should be in hex format. Example: 0x20E8A001 |
| |
| filename = File name to store key. Can be in PEM or DER or PKCS12 format |
| based on file extension. By default filename with extension .pem in PEM |
| format, .pfx or .p12 in PKCS12 format and others in DER format. |
| |
| Options: |
| --format TEXT Output file format. TEXT can be <span class="s2">"DER"</span> or <span class="s2">"PEM"</span> or <span class="s2">"PKCS12"</span> |
| --password TEXT Password used for PKCS12 format. |
| --help Show this message and exit. |
| </pre></div> |
| </div> |
| </li> |
| <li><p><code class="docutils literal notranslate"><span class="pre">ssscli</span> <span class="pre">refpem</span> <span class="pre">ecc</span> <span class="pre">pub</span></code>:</p> |
| <div class="highlight-bat notranslate"><div class="highlight"><pre><span></span>Usage: ssscli refpem ecc pub [OPTIONS] keyid filename |
| |
| Create reference PEM file for ECC Pub |
| |
| keyid = 32bit Key ID. Should be in hex format. Example: 20E8A001 |
| |
| filename = File name to store key. Data Can be in PEM or DER format or |
| PKCS12 format based on file extension. By default filename with extension |
| .pem in PEM format, .pfx or .p12 in PKCS12 format and others in DER |
| format. |
| |
| Options: |
| --format TEXT Output file format. TEXT can be <span class="s2">"DER"</span> or <span class="s2">"PEM"</span> or <span class="s2">"PKCS12"</span> |
| --password TEXT Password used for PKCS12 format. |
| --help Show this message and exit. |
| </pre></div> |
| </div> |
| </li> |
| <li><p><code class="docutils literal notranslate"><span class="pre">ssscli</span> <span class="pre">refpem</span> <span class="pre">rsa</span> <span class="pre">pair</span></code>:</p> |
| <div class="highlight-bat notranslate"><div class="highlight"><pre><span></span>Usage: ssscli refpem rsa pair [OPTIONS] keyid filename |
| |
| Create reference PEM file for RSA Pair |
| |
| keyid = 32bit Key ID. Should be in hex format. Example: 20E8A001 |
| |
| filename = File name to store key. Data Can be in PEM or DER format or |
| PKCS12 format based on file extension. By default filename with extension |
| .pem in PEM format, .pfx or .p12 in PKCS12 format and others in DER |
| format. |
| |
| Options: |
| --format TEXT Output file format. TEXT can be <span class="s2">"DER"</span> or <span class="s2">"PEM"</span> or <span class="s2">"PKCS12"</span> |
| --password TEXT Password used for PKCS12 format. |
| --help Show this message and exit. |
| </pre></div> |
| </div> |
| </li> |
| </ol> |
| </div> |
| <div class="section" id="se05x-commands"> |
| <h2><span class="section-number">9.7.6. </span>Se05x Commands<a class="headerlink" href="#se05x-commands" title="Permalink to this headline">¶</a></h2> |
| <p>These are the SE05x specific commands.</p> |
| <ol class="arabic"> |
| <li><p><code class="docutils literal notranslate"><span class="pre">ssscli</span> <span class="pre">se05x</span> <span class="pre">uid</span></code>:</p> |
| <div class="highlight-bat notranslate"><div class="highlight"><pre><span></span>Usage: ssscli se05x uid [OPTIONS] |
| |
| Get 18 bytes Unique ID from the SE05X Secure Module. |
| |
| Options: |
| --help Show this message and exit. |
| </pre></div> |
| </div> |
| </li> |
| <li><p><code class="docutils literal notranslate"><span class="pre">ssscli</span> <span class="pre">se05x</span> <span class="pre">certuid</span></code>:</p> |
| <div class="highlight-bat notranslate"><div class="highlight"><pre><span></span>Usage: ssscli se05x certuid [OPTIONS] |
| |
| Get 10 bytes Cert Unique ID from the SE05X Secure Module. The cert uid is |
| a subset of the Secure Module Unique Identifier |
| |
| Options: |
| --help Show this message and exit. |
| </pre></div> |
| </div> |
| </li> |
| <li><p><code class="docutils literal notranslate"><span class="pre">ssscli</span> <span class="pre">se05x</span> <span class="pre">reset</span></code>:</p> |
| <div class="highlight-bat notranslate"><div class="highlight"><pre><span></span>Usage: ssscli se05x reset [OPTIONS] |
| |
| Resets the SE05X Secure Module to the initial state. |
| |
| This command uses ``Se05x_API_DeleteAll_Iterative`` API of the SE05X MW to |
| iterately delete objects provisioned inside the SE. Because of this, some |
| objects are purposefully skipped from deletion. |
| |
| It does not use the low level SE05X API ``Se05x_API_DeleteAll`` |
| |
| <span class="k">For</span> more information, see documentation/implementation of the |
| ``Se05x_API_DeleteAll_Iterative`` API. |
| |
| Options: |
| --help Show this message and exit. |
| </pre></div> |
| </div> |
| </li> |
| <li><p><code class="docutils literal notranslate"><span class="pre">ssscli</span> <span class="pre">se05x</span> <span class="pre">readidlist</span></code>:</p> |
| <div class="highlight-bat notranslate"><div class="highlight"><pre><span></span>Usage: ssscli se05x readidlist [OPTIONS] |
| |
| Read contents of SE050 |
| |
| Options: |
| --help Show this message and exit. |
| </pre></div> |
| </div> |
| </li> |
| </ol> |
| </div> |
| <div class="section" id="a71ch-commands"> |
| <h2><span class="section-number">9.7.7. </span>A71CH Commands<a class="headerlink" href="#a71ch-commands" title="Permalink to this headline">¶</a></h2> |
| <p>These are the A71CH specific commands.</p> |
| <ol class="arabic"> |
| <li><p><code class="docutils literal notranslate"><span class="pre">ssscli</span> <span class="pre">a71ch</span> <span class="pre">uid</span></code>:</p> |
| <div class="highlight-bat notranslate"><div class="highlight"><pre><span></span>Usage: ssscli a71ch uid [OPTIONS] |
| |
| Get uid from the A71CH Secure Module. |
| |
| Options: |
| --help Show this message and exit. |
| </pre></div> |
| </div> |
| </li> |
| <li><p><code class="docutils literal notranslate"><span class="pre">ssscli</span> <span class="pre">a71ch</span> <span class="pre">reset</span></code>:</p> |
| <div class="highlight-bat notranslate"><div class="highlight"><pre><span></span>Usage: ssscli a71ch reset [OPTIONS] |
| |
| Resets the A71CH Secure Module to the initial state. |
| |
| Options: |
| --help Show this message and exit. |
| </pre></div> |
| </div> |
| </li> |
| </ol> |
| </div> |
| <div class="section" id="policy-commands"> |
| <h2><span class="section-number">9.7.8. </span>POLICY Commands<a class="headerlink" href="#policy-commands" title="Permalink to this headline">¶</a></h2> |
| <p>These are Policy commands.</p> |
| <ol class="arabic"> |
| <li><p><code class="docutils literal notranslate"><span class="pre">ssscli</span> <span class="pre">policy</span> <span class="pre">asymkey</span></code>:</p> |
| <div class="highlight-bat notranslate"><div class="highlight"><pre><span></span>Usage: ssscli policy asymkey [OPTIONS] policy_name auth_obj_id |
| |
| Create Asymmetric key object policy. |
| |
| policy_name = File name of the policy to be created. This policy name |
| should be given as input while provisioning. |
| |
| auth_obj_id = Auth object id for each Object Policy. |
| |
| Options: |
| --sign BOOLEAN Object policy Allow Sign. Enabled by Default |
| --verify BOOLEAN Object policy Allow Verify. Enabled by |
| Default |
| |
| --encrypt BOOLEAN Object policy Allow Encryption. Enabled by |
| Default |
| |
| --decrypt BOOLEAN Object policy Allow Decryption. Enabled by |
| Default |
| |
| --key_derive BOOLEAN Object policy Allow Key Derivation. Enabled |
| by Default |
| |
| --wrap BOOLEAN Object policy Allow Wrap. Enabled by Default |
| --generate BOOLEAN Object policy Allow Generate. Enabled by |
| Default |
| |
| --write BOOLEAN Object policy Allow Write. Enabled by |
| Default |
| |
| --read BOOLEAN Object policy Allow Read. Enabled by Default |
| --import_export BOOLEAN Object policy Allow Import Export. Enabled |
| by Default |
| |
| --key_agreement BOOLEAN Object policy Allow Key Agreement. Enabled |
| by Default |
| |
| --attest BOOLEAN Object policy Allow attestation. Enabled by |
| Default |
| |
| --forbid_derived_output BOOLEAN |
| Object policy Forbid Derived Output. |
| Disabled by Default |
| |
| --help Show this message and exit. |
| </pre></div> |
| </div> |
| </li> |
| <li><p><code class="docutils literal notranslate"><span class="pre">ssscli</span> <span class="pre">policy</span> <span class="pre">symkey</span></code>:</p> |
| <div class="highlight-bat notranslate"><div class="highlight"><pre><span></span>Usage: ssscli policy symkey [OPTIONS] policy_name auth_obj_id |
| |
| Create Symmetric key object policy. |
| |
| policy_name = File name of the policy to be created. This policy name |
| should be given as input while provisioning. |
| |
| auth_obj_id = Auth object id for each Object Policy. |
| |
| Options: |
| --sign BOOLEAN Object policy Allow Sign. Enabled by Default |
| --verify BOOLEAN Object policy Allow Verify. Enabled by |
| Default |
| |
| --encrypt BOOLEAN Object policy Allow Encryption. Enabled by |
| Default |
| |
| --decrypt BOOLEAN Object policy Allow Decryption. Enabled by |
| Default |
| |
| --key_derive BOOLEAN Object policy Allow Key Derivation. Enabled |
| by Default |
| |
| --wrap BOOLEAN Object policy Allow Wrap. Enabled by Default |
| --generate BOOLEAN Object policy Allow Generate. Enabled by |
| Default |
| |
| --write BOOLEAN Object policy Allow Write. Enabled by |
| Default |
| |
| --import_export BOOLEAN Object policy Allow Import Export. Enabled |
| by Default |
| |
| --desfire_auth BOOLEAN Object policy Allow to perform DESFire |
| authentication. Enabled by Default |
| |
| --desfire_dump BOOLEAN Object policy Allow to dump DESFire session |
| <span class="k">keys</span>. Enabled by Default |
| |
| --forbid_derived_output BOOLEAN |
| Object policy Forbid Derived Output. |
| Disabled by Default |
| |
| --kdf_ext_random BOOLEAN Object policy Allow key derivation ext |
| random. Enbaled by Default |
| |
| --help Show this message and exit. |
| </pre></div> |
| </div> |
| </li> |
| <li><p><code class="docutils literal notranslate"><span class="pre">ssscli</span> <span class="pre">policy</span> <span class="pre">file</span></code>:</p> |
| <div class="highlight-bat notranslate"><div class="highlight"><pre><span></span>Usage: ssscli policy file [OPTIONS] policy_name auth_obj_id |
| |
| Create Binary file object policy. |
| |
| policy_name = File name of the policy to be created. This policy name |
| should be given as input while provisioning. |
| |
| auth_obj_id = Auth object id for each Object Policy. |
| |
| Options: |
| --write BOOLEAN Object policy Allow Write. Enabled by Default |
| --read BOOLEAN Object policy Allow Read. Enabled by Default |
| --help Show this message and exit. |
| </pre></div> |
| </div> |
| </li> |
| <li><p><code class="docutils literal notranslate"><span class="pre">ssscli</span> <span class="pre">policy</span> <span class="pre">counter</span></code>:</p> |
| <div class="highlight-bat notranslate"><div class="highlight"><pre><span></span>Usage: ssscli policy counter [OPTIONS] policy_name auth_obj_id |
| |
| Create Counter object policy. |
| |
| policy_name = File name of the policy to be created. This policy name |
| should be given as input while provisioning. |
| |
| auth_obj_id = Auth object id for each Object Policy. |
| |
| Options: |
| --write BOOLEAN Object policy Allow Write. Enabled by Default |
| --read BOOLEAN Object policy Allow Read. Enabled by Default |
| --help Show this message and exit. |
| </pre></div> |
| </div> |
| </li> |
| <li><p><code class="docutils literal notranslate"><span class="pre">ssscli</span> <span class="pre">policy</span> <span class="pre">userid</span></code>:</p> |
| <div class="highlight-bat notranslate"><div class="highlight"><pre><span></span>Usage: ssscli policy userid [OPTIONS] policy_name auth_obj_id |
| |
| Create user id object policy. |
| |
| policy_name = File name of the policy to be created. This policy name |
| should be given as input while provisioning. |
| |
| auth_obj_id = Auth object id for each Object Policy. |
| |
| Options: |
| --write BOOLEAN Object policy Allow Write. Enabled by Default |
| --help Show this message and exit. |
| </pre></div> |
| </div> |
| </li> |
| <li><p><code class="docutils literal notranslate"><span class="pre">ssscli</span> <span class="pre">policy</span> <span class="pre">common</span></code>:</p> |
| <div class="highlight-bat notranslate"><div class="highlight"><pre><span></span>Usage: ssscli policy common [OPTIONS] policy_name auth_obj_id |
| |
| Create common object policy. |
| |
| policy_name = File name of the policy to be created. This policy name |
| should be given as input while provisioning. |
| |
| auth_obj_id = Auth object id for each Object Policy. |
| |
| Options: |
| --forbid_all BOOLEAN Object policy forbid all. Disabled by Default |
| --delete BOOLEAN Object policy Allow Delete. Enabled by Default |
| --req_sm BOOLEAN Object policy Allow req_sm. Disabled by Default |
| --help Show this message and exit. |
| </pre></div> |
| </div> |
| </li> |
| <li><p><code class="docutils literal notranslate"><span class="pre">ssscli</span> <span class="pre">policy</span> <span class="pre">commonpcrvalue</span></code>:</p> |
| <div class="highlight-bat notranslate"><div class="highlight"><pre><span></span>Usage: ssscli policy commonpcrvalue [OPTIONS] policy_name auth_obj_id |
| |
| Create Common PCR Value object policy. |
| |
| policy_name = File name of the policy to be created. This policy name |
| should be given as input while provisioning. |
| |
| auth_obj_id = Auth object id for each Object Policy. |
| |
| Options: |
| --pcr_obj_id TEXT Object policy PCR object ID. Zero by Default |
| --pcr_expected_value TEXT Object policy PCR Expected Value. Zero by Default |
| --help Show this message and exit. |
| </pre></div> |
| </div> |
| </li> |
| <li><p><code class="docutils literal notranslate"><span class="pre">ssscli</span> <span class="pre">policy</span> <span class="pre">dump</span></code>:</p> |
| <div class="highlight-bat notranslate"><div class="highlight"><pre><span></span>Usage: ssscli policy dump [OPTIONS] policy_name |
| |
| Display Created object policy. |
| |
| policy_name = File name of the policy to be displayed. |
| |
| Options: |
| --help Show this message and exit. |
| </pre></div> |
| </div> |
| </li> |
| </ol> |
| </div> |
| </div> |
| |
| |
| </div> |
| |
| </div> |
| </div> |
| <footer class="footer"> |
| <div class="container"> |
| <p class="pull-right"> |
| <a href="#">Back to top</a> |
| |
| </p> |
| <p> |
| © Copyright 2018-2020, NXP.<br/> |
| Created using <a href="http://sphinx-doc.org/">Sphinx</a> 2.4.1.<br/> |
| </p> |
| </div> |
| </footer> |
| </body> |
| </html> |