9e351c05d5
This is a small command flag parser hacked away in a couple hours. It is built after cobra (https://github.com/spf13/cobra), but with some small details changed. Instead of breaking with the go flag API (single and double dashes) this uses the golang flags package. This means, that single character flags do not work, but in this case it wouldn't make much sense to replace long clear argument names with short nothing saying arguments (-p for --private-key or --public-key?). This should definitely help with the help and error messages. |
||
---|---|---|
AUTHORS | ||
LICENSE | ||
README.md | ||
TODO | ||
command.go | ||
flags.go | ||
io.go | ||
main.go | ||
private_key.go |
README.md
pkictl
Pkictl can be used to manage the lifecycle of keys and certificates.
Its main purpose is the creation of certificates and control through rules of the certification process. But it can also be used to sign and verify messages based on private/public keys.
The focus is on easy commands with clear error messages to make work for the admin or user as easy as possible. But it can also be used in scripts to implement automated workflows.
features
The following commnds will be implemented:
- create private key (RSA or ECDSA)
- create public key based on private key
- sign a message using a private key
- verify a message using a public key
- create a certificate sign request using a private key (WIP)
- create a certificate using a CSR (not implemented)
- show information about a CSR/private key/... (not implemented)
- verify certificate against rules and CSR (not implemented)
Installation
The project can be built with
go build
from the main directory. This will create the binary pkictl
.
Usage
print all commands
To print all commands, use
# ./pkictl
Usage: pkictl command args
where 'command' is one of:
create-private create a new private key
create-public create a public key from a private one
create-cert-sign create a new certificate sign request
help show this help
info get info on a file
sign sign a certificate request
sign-input sign a message with a private key
verify-signature verify a signature
Print the help for a command:
./pkictl create-public --help
Usage of create-public:
-output="STDOUT": path where the generated public key should be stored
-private-key="": path to the private key file
Contributing
The best way to contribute is to use github.com/gibheer/pkictl.