tpsclient(1)

1tpsclient(1)            PKI TPS tpsclient test program            tpsclient(1)
2
3
4

NAME

6       tpsclient - TPS testing tool to exercise TPS server functionality, sim‐
7       ulating a smart card
8
9

SYNOPSIS

11       tpsclient < <script-file-name>
12       tpsclient
13
14       Note this tool currently works to simulate Secure Channel Protocol 01 , GP201 tokens. Support for SCP02/GP211 is planned in future versions.
15
16
17

DESCRIPTION

19       The tpsclient command provides a way to exercise the TPS server without
20       a  hardware  token,  through the use of a simple script file containing
21       commands to the tpsclient engine.
22

OPTIONS

24       The only option is whether or not to provide a script file. Not provid‐
25       ing  the  script  argument will launch the program in interactive mode,
26       though this is not recommended. The best way to interact with  the  TPS
27       server is to provide a simple script file to tpsclient.
28
29

OPERATIONS

31       The  Operations  are  contained  within the tpsclient script file. Some
32       sample scripts are provided below.
33
34

EXAMPLES

36       tpsclient
37
38       This command will simply run the program in interactive mode.  Commands
39       will  have to be issued manually with this mode one by one, and thus is
40       not recommended.
41
42
43       List of commands inside interactive mode:
44
45
46       Output> Available Operations:
47       Output> op=debug filename=<filename> - enable debugging
48       Output> op=help
49       Output> op=ra_enroll uid=<uid> pwd=<pwd> num_threads=<number of threads> secureid_pin=<secureid_pin> keygen=<true|false> - Enrollment Via RA
50       Output> op=ra_reset_pin uid=<uid> pwd=<pwd> num_threads=<number of threads> secureid_pin=<secureid_pin> new_pin=<new_pin> - Reset Pin Via RA
51       Output> op=ra_update uid=<uid> pwd=<pwd> num_threads=<number of threads> secureid_pin=<secureid_pin> new_pin=<new_pin> - Reset Pin Via RA
52       Output> op=token_set <name>=<value> - Set Token Value
53       Output> op=token_status - Print Token Status
54       Output> op=var_get name=<name> - Get Value of Variable
55       Output> op=var_list - List All Variables
56       Output> op=var_set name=<name> value=<value> - Set Value to Variable
57
58
59
60       tpsclient < format.txt
61
62       tpsclient < enroll.txt
63
64

format.txt contents:

66       # Set the host name of the TPS server
67       op=var_set name=ra_host value=localhost.localdomain
68
69       # Set the port where the TPS server is listening
70       op=var_set name=ra_port value=8080
71
72       # Set the URL on the TPS that responds to client token operation requests
73       op=var_set name=ra_uri value=/tps/tps
74
75       # Set the cuid number of our virtual token and some other values needed by TPS
76       op=token_set cuid=40906145C76224192D2B msn=01020304 app_ver=6FBBC105 key_info=0101 major_ver=1 minor_ver=1
77
78       # Set the global platform auth key for the virtual token
79       op=token_set auth_key=404142434445464748494a4b4c4d4e4f
80
81       # Set the global platform mac key for the virtual token
82       op=token_set mac_key=404142434445464748494a4b4c4d4e4f
83
84       # Set the global platform kek key for the virtual token
85       op=token_set kek_key=404142434445464748494a4b4c4d4e4f
86
87       #Issue the actual request to format our token to the TPS server.
88       # Within this command we must provide the authentication userid, authentication password, and virtual token PIN value to proceed
89       # Also, the "extensions" consist of extra info evaluated by TPS. In this case we declare the "type" of our virtual token.
90       # The TPS uses the type to control the flow of the operation.
91
92       op=ra_format uid=user1 pwd=secret123 new_pin=secret123 num_threads=1  extensions=tokenType=userKey
93
94       # Exit the operation and leave the program
95
96       op=exit
97
98
99

enroll.txt contents:

101       # Set the host name of the TPS server
102       op=var_set name=ra_host value=localhost.localdomain
103
104       # Set the port where the TPS server is listening
105       op=var_set name=ra_port value=8080
106
107       # Set the URL on the TPS that responds to client token operation requests
108       op=var_set name=ra_uri value=/tps/tps
109
110       # Set the cuid number of our virtual token and some other values needed by TPS
111       op=token_set cuid=40906145C76224192D2B msn=01020304 app_ver=6FBBC105 key_info=0101 major_ver=1 minor_ver=1
112
113       # Set the global platform auth key for the virtual token
114       op=token_set auth_key=404142434445464748494a4b4c4d4e4f
115
116       # Set the global platform mac key for the virtual token
117       op=token_set mac_key=404142434445464748494a4b4c4d4e4f
118
119       # Set the global platform kek key for the virtual token
120       op=token_set kek_key=404142434445464748494a4b4c4d4e4f
121
122       #Issue the actual request to format our token to the TPS server.
123       # Within this command we must provide the authentication userid, authentication password, and virtual token PIN value to proceed
124       # Also, the "extensions" consist of extra info evaluated by TPS. In this case we declare the "type" of our virtual token.
125       # The TPS uses the type to control the flow of the operation.
126
127       op=ra_enroll uid=user1 pwd=secret123 new_pin=secret123 num_threads=1  extensions=tokenType=userKey
128
129

COPYRIGHT

131       Copyright (c) 2014 Red Hat, Inc. This is licensed under the GNU General
132       Public  License, version 2 (GPLv2). A copy of this license is available
133       at http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt.
134
135
136
137version 10.2                      Jul 8, 2015                     tpsclient(1)