add readme and todo file
This commit is contained in:
parent
022e839438
commit
8fea0018b2
|
@ -0,0 +1,66 @@
|
|||
pkictl
|
||||
======
|
||||
|
||||
Pkictl can be used to manage the lifecycle of keys and certificates.
|
||||
|
||||
Its main purpose is the creation of certificates and control through rules of the
|
||||
certification process. But it can also be used to sign and verify messages based
|
||||
on private/public keys.
|
||||
|
||||
The focus is on easy commands with clear error messages to make work for the admin
|
||||
or user as easy as possible. But it can also be used in scripts to implement
|
||||
automated workflows.
|
||||
|
||||
features
|
||||
--------
|
||||
|
||||
The following commnds will be implemented:
|
||||
|
||||
* create private key (RSA or ECDSA)
|
||||
* create public key based on private key
|
||||
* sign a message using a private key
|
||||
* verify a message using a public key
|
||||
* create a certificate sign request using a private key (WIP)
|
||||
* create a certificate using a CSR (not implemented)
|
||||
* show information about a CSR/private key/... (not implemented)
|
||||
* verify certificate against rules and CSR (not implemented)
|
||||
|
||||
Installation
|
||||
------------
|
||||
|
||||
The project can be built with
|
||||
|
||||
go build
|
||||
|
||||
from the main directory. This will create the binary `pkictl`.
|
||||
|
||||
Usage
|
||||
-----
|
||||
|
||||
### print all commands
|
||||
|
||||
To print all commands, use
|
||||
|
||||
# ./pkictl
|
||||
Usage: pkictl command args
|
||||
where 'command' is one of:
|
||||
create-private create a new private key
|
||||
create-public create a public key from a private one
|
||||
create-cert-sign create a new certificate sign request
|
||||
help show this help
|
||||
info get info on a file
|
||||
sign sign a certificate request
|
||||
sign-input sign a message with a private key
|
||||
verify-signature verify a signature
|
||||
|
||||
Print the help for a command:
|
||||
|
||||
./pkictl create-public --help
|
||||
Usage of create-public:
|
||||
-output="STDOUT": path where the generated public key should be stored
|
||||
-private-key="": path to the private key file
|
||||
|
||||
Contributing
|
||||
------------
|
||||
|
||||
The best way to contribute is to use [github.com/gibheer/pkictl](https://github.com/gibheer/pkictl).
|
|
@ -0,0 +1,12 @@
|
|||
The following list is a collection of areas, where some work is needed
|
||||
|
||||
* reduce code size by refactoring
|
||||
* make sure that critical files are checked more rigid (filesystem permissions)
|
||||
* implement message signing for RSA keys
|
||||
* implement certificate generation
|
||||
* implement verification of certificates against rules
|
||||
* implement verification of certificates against CSRs
|
||||
* implement a way to convert keys to SSH format (separate tool?)
|
||||
* split project more into lib and CLI?
|
||||
* find a way to get ED25519 working
|
||||
* implement info command
|
Loading…
Reference in New Issue