docs+tools: improve ndnsec help, error messages, and manual page
Exit with status code 2 on malformed command line
Refs: #3777
Change-Id: Id682a5d69c15c74cfa1903db38b5389936f5be58
diff --git a/docs/conf.py b/docs/conf.py
index 9e76dff..82688a1 100644
--- a/docs/conf.py
+++ b/docs/conf.py
@@ -65,7 +65,7 @@
# General information about the project.
project = u'ndn-cxx: NDN C++ library with eXperimental eXtensions'
-copyright = u'Copyright (c) 2013-2018 Regents of the University of California.'
+copyright = u'Copyright (c) 2013-2019 Regents of the University of California.'
# The language for content autogenerated by Sphinx. Refer to documentation
# for a list of supported languages.
@@ -239,23 +239,27 @@
# One entry per manual page. List of tuples
# (source start file, name, description, authors, manual section).
man_pages = [
- ('manpages/ndnsec', 'ndnsec', u'NDN security tools', None, 1),
- ('manpages/ndnsec-cert-dump', 'ndnsec-cert-dump', 'part of NDN security tools', None, 1),
- ('manpages/ndnsec-cert-gen', 'ndnsec-cert-gen', 'part of NDN security tools', None, 1),
- ('manpages/ndnsec-cert-install', 'ndnsec-cert-instal', 'part of NDN security tools', None, 1),
- ('manpages/ndnsec-delete', 'ndnsec-delete', 'part of NDN security tools', None, 1),
+ ('manpages/ndnsec', 'ndnsec', 'NDN security toolkit', None, 1),
+ ('manpages/ndnsec-cert-dump', 'ndnsec-cert-dump', 'export an NDN certificate', None, 1),
+ ('manpages/ndnsec-cert-gen', 'ndnsec-cert-gen', 'create an NDN certificate for an identity', None, 1),
+ ('manpages/ndnsec-cert-install', 'ndnsec-cert-install', 'import an NDN certificate from a file', None, 1),
+ ('manpages/ndnsec-delete', 'ndnsec-delete', 'delete an NDN identity, key, or certificate', None, 1),
('manpages/ndnsec-export', 'ndnsec-export',
- 'export a certificate and its private key to a file', None, 1),
- ('manpages/ndnsec-get-default', 'ndnsec-get-default', 'part of NDN security tools', None, 1),
+ 'export an NDN certificate and its private key to a file', None, 1),
+ ('manpages/ndnsec-get-default', 'ndnsec-get-default',
+ 'show the default NDN identity, key, and certificate for the current user', None, 1),
('manpages/ndnsec-import', 'ndnsec-import',
- 'import a certificate and its private key from a file', None, 1),
- ('manpages/ndnsec-key-gen', 'ndnsec-key-gen', 'part of NDN security tools', None, 1),
- ('manpages/ndnsec-list', 'ndnsec-list', 'part of NDN security tools', None, 1),
- ('manpages/ndnsec-set-default', 'ndnsec-set-default', 'part of NDN security tools', None, 1),
- ('manpages/ndnsec-sign-req', 'ndnsec-sign-req', 'part of NDN security tools', None, 1),
- ('manpages/ndnsec-unlock-tpm', 'ndnsec-unlock-tpm', 'part of NDN security tools', None, 1),
- ('manpages/ndn-client.conf', 'ndn-client.conf', 'Configuration file for NDN platform', None, 5),
- ('manpages/ndn-log', 'ndn-log', 'ndn-cxx logging', None, 7),
+ 'import an NDN certificate and its private key from a file', None, 1),
+ ('manpages/ndnsec-key-gen', 'ndnsec-key-gen',
+ 'generate an NDN key for an identity', None, 1),
+ ('manpages/ndnsec-list', 'ndnsec-list',
+ 'list all known NDN identities, keys, and certificates', None, 1),
+ ('manpages/ndnsec-set-default', 'ndnsec-set-default',
+ 'change the default NDN identity, key, or certificate for the current user', None, 1),
+ ('manpages/ndnsec-sign-req', 'ndnsec-sign-req', 'generate an NDN certificate signing request', None, 1),
+ ('manpages/ndnsec-unlock-tpm', 'ndnsec-unlock-tpm', 'unlock the TPM', None, 1),
+ ('manpages/ndn-client.conf', 'ndn-client.conf', 'configuration file for NDN platform', None, 5),
+ ('manpages/ndn-log', 'ndn-log', 'ndn-cxx logging', None, 7),
]
diff --git a/docs/manpages/ndnsec-cert-dump.rst b/docs/manpages/ndnsec-cert-dump.rst
index 0a66d9b..5aa69a9 100644
--- a/docs/manpages/ndnsec-cert-dump.rst
+++ b/docs/manpages/ndnsec-cert-dump.rst
@@ -9,7 +9,7 @@
::
- $ ndnsec-cert-dump [-h] [-p] [-ikf] name
+ ndnsec-cert-dump [-h] [-p] [-ikf] name
Description
-----------
diff --git a/docs/manpages/ndnsec-cert-gen.rst b/docs/manpages/ndnsec-cert-gen.rst
index 25c6427..97e8e87 100644
--- a/docs/manpages/ndnsec-cert-gen.rst
+++ b/docs/manpages/ndnsec-cert-gen.rst
@@ -8,7 +8,7 @@
::
- $ ndnsec-cert-gen [-h] [-S timestamp] [-E timestamp] [-I info] [-s sign-id] [-i issuer-id] request
+ ndnsec-cert-gen [-h] [-S timestamp] [-E timestamp] [-I info] [-s sign-id] [-i issuer-id] request
Description
-----------
diff --git a/docs/manpages/ndnsec-cert-install.rst b/docs/manpages/ndnsec-cert-install.rst
index 1ca1ddb..a1a98a3 100644
--- a/docs/manpages/ndnsec-cert-install.rst
+++ b/docs/manpages/ndnsec-cert-install.rst
@@ -8,7 +8,7 @@
::
- $ ndnsec-cert-install [-h] [-IKN] cert-source
+ ndnsec-cert-install [-h] [-IKN] cert-source
Description
-----------
diff --git a/docs/manpages/ndnsec-export.rst b/docs/manpages/ndnsec-export.rst
index dc94939..7b51ad4 100644
--- a/docs/manpages/ndnsec-export.rst
+++ b/docs/manpages/ndnsec-export.rst
@@ -6,7 +6,7 @@
::
- $ ndnsec-export [-h] [-o output] identity
+ ndnsec-export [-h] [-o output] identity
Description
-----------
diff --git a/docs/manpages/ndnsec-get-default.rst b/docs/manpages/ndnsec-get-default.rst
index 48889c8..54da09e 100644
--- a/docs/manpages/ndnsec-get-default.rst
+++ b/docs/manpages/ndnsec-get-default.rst
@@ -8,7 +8,7 @@
::
- $ ndnsec-get-default [-h] [-kc] [-i identity|-K key] [-q]
+ ndnsec-get-default [-h] [-kc] [-i identity|-K key] [-q]
Description
-----------
diff --git a/docs/manpages/ndnsec-import.rst b/docs/manpages/ndnsec-import.rst
index c81964a..7dd02ed 100644
--- a/docs/manpages/ndnsec-import.rst
+++ b/docs/manpages/ndnsec-import.rst
@@ -6,7 +6,7 @@
::
- $ ndnsec-import [-h] input
+ ndnsec-import [-h] input
Description
-----------
diff --git a/docs/manpages/ndnsec-key-gen.rst b/docs/manpages/ndnsec-key-gen.rst
index 253073b..304f189 100644
--- a/docs/manpages/ndnsec-key-gen.rst
+++ b/docs/manpages/ndnsec-key-gen.rst
@@ -8,7 +8,7 @@
::
- $ ndnsec-key-gen [-h] [-n] [-d] [-t keyType] identity
+ ndnsec-key-gen [-h] [-n] [-d] [-t keyType] identity
Description
-----------
diff --git a/docs/manpages/ndnsec-list.rst b/docs/manpages/ndnsec-list.rst
index bc4a316..a3de1a9 100644
--- a/docs/manpages/ndnsec-list.rst
+++ b/docs/manpages/ndnsec-list.rst
@@ -9,7 +9,7 @@
::
- $ ndnsec-list [-h] [-KkCc]
+ ndnsec-list [-h] [-KkCc]
Description
-----------
diff --git a/docs/manpages/ndnsec-set-default.rst b/docs/manpages/ndnsec-set-default.rst
index da0c5b5..4af6ad9 100644
--- a/docs/manpages/ndnsec-set-default.rst
+++ b/docs/manpages/ndnsec-set-default.rst
@@ -8,7 +8,7 @@
::
- $ ndnsec-set-default [-h] [-k|c] name
+ ndnsec-set-default [-h] [-k|c] name
Description
-----------
diff --git a/docs/manpages/ndnsec-sign-req.rst b/docs/manpages/ndnsec-sign-req.rst
index 67d11f4..90a0694 100644
--- a/docs/manpages/ndnsec-sign-req.rst
+++ b/docs/manpages/ndnsec-sign-req.rst
@@ -8,7 +8,7 @@
::
- $ ndnsec-sign-req [-h] [-k] name
+ ndnsec-sign-req [-h] [-k] name
Description
-----------
diff --git a/docs/manpages/ndnsec-unlock-tpm.rst b/docs/manpages/ndnsec-unlock-tpm.rst
index 7672f00..175ba51 100644
--- a/docs/manpages/ndnsec-unlock-tpm.rst
+++ b/docs/manpages/ndnsec-unlock-tpm.rst
@@ -9,7 +9,7 @@
::
- $ ndnsec-unlock-tpm [-h]
+ ndnsec-unlock-tpm [-h]
Description
-----------
diff --git a/docs/manpages/ndnsec.rst b/docs/manpages/ndnsec.rst
index 8641d01..1eb0ed8 100644
--- a/docs/manpages/ndnsec.rst
+++ b/docs/manpages/ndnsec.rst
@@ -1,89 +1,71 @@
ndnsec
======
-``ndnsec`` is a command-line toolkit to perform various NDN security management
-operation.
+:program:`ndnsec` is a command-line toolkit to perform various NDN security
+management operations.
-Usage
------
+Synopsis
+--------
-::
+**ndnsec** *command* [*argument*]...
- $ ndnsec <command> [<args>]
-
-or alternatively
-
-::
-
- $ ndnsec-command [<args>]
+**ndnsec-**\ *command* [*argument*]...
Description
-----------
-The NDN security data are stored and managed in two places: **Public Information Base** and
-**Trusted Platform Module**. ``ndnsec`` toolkit provides a command-line interface of managing and
-using the NDN security data.
+The NDN security data are stored in two places: **Public Information Base**
+(PIB) and **Trusted Platform Module** (TPM). The :program:`ndnsec` toolkit
+provides a command-line interface for managing and using the NDN security data.
-ndnsec commands
----------------
+Commands
+--------
-ndnsec-list_
- Display information in PublicInfo.
+list_
+ List all known identities/keys/certificates.
-ndnsec-get-default_
- Get default setting info.
+get-default_
+ Show the default identity/key/certificate.
-ndnsec-set-default_
- Configure default setting.
+set-default_
+ Change the default identity/key/certificate.
-ndnsec-key-gen_
- Generate a Key-Signing-Key for an identity.
+delete_
+ Delete an identity/key/certificate.
-ndnsec-dsk-gen_
- Generate a Data-Signing-Key (DSK) for an identity and sign the DSK using the corresponding KSK.
+key-gen_
+ Generate a key for an identity.
-ndnsec-sign-req_
+sign-req_
Generate a certificate signing request.
-ndnsec-cert-gen_
- Generate an identity certificate.
+cert-gen_
+ Create a certificate for an identity.
-ndnsec-cert-dump_
- Dump a certificate from PublicInfo.
+cert-dump_
+ Export a certificate.
-ndnsec-cert-install_
- Install a certificate into PublicInfo.
+cert-install_
+ Import a certificate from a file.
-ndnsec-delete_
- Delete identity/key/certificate.
+export_
+ Export an identity as a SafeBag.
-ndnsec-export_
- Export an identity package.
+import_
+ Import an identity from a SafeBag.
-ndnsec-import_
- Import an identity package.
+unlock-tpm_
+ Unlock the TPM.
-ndnsec-set-acl_
- Configure ACL of a private key.
-
-ndnsec-unlock-tpm_
- Unlock Tpm.
-
-ndnsec-op-tool_
- Operator tool.
-
-.. _ndnsec-list: ndnsec-list.html
-.. _ndnsec-get-default: ndnsec-get-default.html
-.. _ndnsec-set-default: ndnsec-set-default.html
-.. _ndnsec-key-gen: ndnsec-key-gen.html
-.. _ndnsec-dsk-gen: ndnsec-dsk-gen.html
-.. _ndnsec-sign-req: ndnsec-sign-req.html
-.. _ndnsec-cert-gen: ndnsec-cert-gen.html
-.. _ndnsec-cert-dump: ndnsec-cert-dump.html
-.. _ndnsec-cert-install: ndnsec-cert-install.html
-.. _ndnsec-delete: ndnsec-delete.html
-.. _ndnsec-export: ndnsec-export.html
-.. _ndnsec-import: ndnsec-import.html
-.. _ndnsec-set-acl: ndnsec-set-acl.html
-.. _ndnsec-unlock-tpm: ndnsec-unlock-tpm.html
-.. _ndnsec-op-tool: ndnsec-op-tool.html
+.. _list: ndnsec-list.html
+.. _get-default: ndnsec-get-default.html
+.. _set-default: ndnsec-set-default.html
+.. _delete: ndnsec-delete.html
+.. _key-gen: ndnsec-key-gen.html
+.. _sign-req: ndnsec-sign-req.html
+.. _cert-gen: ndnsec-cert-gen.html
+.. _cert-dump: ndnsec-cert-dump.html
+.. _cert-install: ndnsec-cert-install.html
+.. _export: ndnsec-export.html
+.. _import: ndnsec-import.html
+.. _unlock-tpm: ndnsec-unlock-tpm.html
diff --git a/tools/ndnsec/main.cpp b/tools/ndnsec/main.cpp
index d2bc281..8548748 100644
--- a/tools/ndnsec/main.cpp
+++ b/tools/ndnsec/main.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/*
- * Copyright (c) 2013-2018 Regents of the University of California.
+ * Copyright (c) 2013-2019 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -25,74 +25,66 @@
#include "ndn-cxx/util/logger.hpp"
#include "ndn-cxx/version.hpp"
-#include <boost/exception/get_error_info.hpp>
+#include <boost/exception/diagnostic_information.hpp>
NDN_LOG_INIT(ndnsec);
-std::string ndnsec_helper = R"STR(\
- help Show all commands
- version Show version and exit
- list Display information in PublicInfo
- get-default Get default setting info
- set-default Configure default setting
- key-gen Generate a Key-Signing-Key for an identity
- sign-req Generate a certificate signing request
- cert-gen Generate an identity certificate
- cert-dump Dump a certificate from PublicInfo
- cert-install Install a certificate into PublicInfo
- delete Delete identity/key/certificate
- export Export an identity package
- import Import an identity package
- unlock-tpm Unlock Tpm
-)STR";
+const char NDNSEC_HELP_TEXT[] = R"STR(Usage: ndnsec COMMAND [OPTION]...
+
+Available commands:
+ help Print this help text
+ version Print program version
+ list List all known identities/keys/certificates
+ get-default Show the default identity/key/certificate
+ set-default Change the default identity/key/certificate
+ delete Delete an identity/key/certificate
+ key-gen Generate a key for an identity
+ sign-req Generate a certificate signing request
+ cert-gen Create a certificate for an identity
+ cert-dump Export a certificate
+ cert-install Import a certificate from a file
+ export Export an identity as a SafeBag
+ import Import an identity from a SafeBag
+ unlock-tpm Unlock the TPM
+
+Try 'ndnsec COMMAND --help' for more information on each command.)STR";
int
-main(int argc, char** argv)
+main(int argc, char* argv[])
{
if (argc < 2) {
- std::cerr << ndnsec_helper << std::endl;
- return 1;
+ std::cerr << NDNSEC_HELP_TEXT << std::endl;
+ return 2;
}
using namespace ndn::ndnsec;
std::string command(argv[1]);
try {
- if (command == "help") { std::cout << ndnsec_helper << std::endl; }
+ if (command == "help") { std::cout << NDNSEC_HELP_TEXT << std::endl; }
else if (command == "version") { std::cout << NDN_CXX_VERSION_BUILD_STRING << std::endl; }
else if (command == "list") { return ndnsec_list(argc - 1, argv + 1); }
else if (command == "get-default") { return ndnsec_get_default(argc - 1, argv + 1); }
else if (command == "set-default") { return ndnsec_set_default(argc - 1, argv + 1); }
+ else if (command == "delete") { return ndnsec_delete(argc - 1, argv + 1); }
else if (command == "key-gen") { return ndnsec_key_gen(argc - 1, argv + 1); }
else if (command == "sign-req") { return ndnsec_sign_req(argc - 1, argv + 1); }
else if (command == "cert-gen") { return ndnsec_cert_gen(argc - 1, argv + 1); }
else if (command == "cert-dump") { return ndnsec_cert_dump(argc - 1, argv + 1); }
else if (command == "cert-install") { return ndnsec_cert_install(argc - 1, argv + 1); }
- else if (command == "delete") { return ndnsec_delete(argc - 1, argv + 1); }
else if (command == "export") { return ndnsec_export(argc - 1, argv + 1); }
else if (command == "import") { return ndnsec_import(argc - 1, argv + 1); }
else if (command == "unlock-tpm") { return ndnsec_unlock_tpm(argc - 1, argv + 1); }
else {
- std::cerr << ndnsec_helper << std::endl;
- return 1;
+ std::cerr << "ERROR: Unknown command '" << command << "'\n"
+ << "\n"
+ << NDNSEC_HELP_TEXT << std::endl;
+ return 2;
}
}
catch (const std::exception& e) {
-
- std::cerr << "ERROR: " << e.what();
-
- std::ostringstream extendedError;
- const char* const* file = boost::get_error_info<boost::throw_file>(e);
- const int* line = boost::get_error_info<boost::throw_line>(e);
- const char* const* func = boost::get_error_info<boost::throw_function>(e);
- if (file && line) {
- extendedError << " [from " << *file << ":" << *line;
- if (func) {
- extendedError << " in " << *func;
- }
- extendedError << "]";
- }
- NDN_LOG_ERROR(e.what() << extendedError.str());
+ std::cerr << "ERROR: " << e.what() << std::endl;
+ NDN_LOG_ERROR(boost::diagnostic_information(e));
return 1;
}
diff --git a/tools/ndnsec/util.cpp b/tools/ndnsec/util.cpp
index 1a4b8f4..4895ed3 100644
--- a/tools/ndnsec/util.cpp
+++ b/tools/ndnsec/util.cpp
@@ -23,6 +23,8 @@
#include "ndn-cxx/security/impl/openssl.hpp"
+#include <unistd.h>
+
namespace ndn {
namespace ndnsec {
@@ -42,7 +44,7 @@
return true;
}
- pw0 = getpass("Confirm:");
+ pw0 = getpass("Confirm: ");
if (!pw0) {
OPENSSL_cleanse(&password1.front(), password1.size());
return false;