1tpsclient(1) PKI TPS tpsclient test program tpsclient(1)
2
6 tpsclient - TPS testing tool to exercise TPS server functionality, sim‐
7 ulating a smart card.
8
12 tpsclient < script-file
13 tpsclient
14 Note this tool currently works to simulate Secure Channel Protocol 01,
17 GP201 tokens. Support for SCP02/GP211 is planned in future versions.
18
22 The tpsclient command provides a way to exercise the TPS server without
23 a hardware token, through the use of a simple script file containing
24 commands to the tpsclient engine.
25
29 The only option is whether or not to provide a script file. Not pro‐
30 viding the script argument will launch the program in interactive mode,
31 though this is not recommended. The best way to interact with the TPS
32 server is to provide a simple script file to tpsclient.
33
37 The Operations are contained within the tpsclient script file. Some
38 sample scripts are provided below.
39
43 tpsclient
44 This command will simply run the program in interactive mode. Commands
47 will have to be issued manually with this mode one by one, and thus is
48 not recommended.
49 List of commands inside interactive mode:
52 Output> Available Operations:
55 Output> op=debug filename=<filename> - enable debugging
56 Output> op=help
57 Output> op=ra_enroll uid=<uid> pwd=<pwd> num_threads=<number of threads> secureid_pin=<secureid_pin> keygen=<true|false> - Enrollment Via RA
58 Output> op=ra_reset_pin uid=<uid> pwd=<pwd> num_threads=<number of threads> secureid_pin=<secureid_pin> new_pin=<new_pin> - Reset Pin Via RA
59 Output> op=ra_update uid=<uid> pwd=<pwd> num_threads=<number of threads> secureid_pin=<secureid_pin> new_pin=<new_pin> - Reset Pin Via RA
60 Output> op=token_set <name>=<value> - Set Token Value
61 Output> op=token_status - Print Token Status
62 Output> op=var_get name=<name> - Get Value of Variable
63 Output> op=var_list - List All Variables
64 Output> op=var_set name=<name> value=<value> - Set Value to Variable
65 tpsclient < format.txt
69 tpsclient < enroll.txt
72 format.txt contents:
75 # Set the host name of the TPS server
78 op=var_set name=ra_host value=localhost.localdomain
79 # Set the port where the TPS server is listening
81 op=var_set name=ra_port value=8080
82 # Set the URL on the TPS that responds to client token operation requests
84 op=var_set name=ra_uri value=/tps/tps
85 # Set the cuid number of our virtual token and some other values needed by TPS
87 op=token_set cuid=40906145C76224192D2B msn=01020304 app_ver=6FBBC105 key_info=0101 major_ver=1 minor_ver=1
88 # Set the global platform auth key for the virtual token
90 op=token_set auth_key=404142434445464748494a4b4c4d4e4f
91 # Set the global platform mac key for the virtual token
93 op=token_set mac_key=404142434445464748494a4b4c4d4e4f
94 # Set the global platform kek key for the virtual token
96 op=token_set kek_key=404142434445464748494a4b4c4d4e4f
97 #Issue the actual request to format our token to the TPS server.
99 # Within this command we must provide the authentication userid, authentication password, and virtual token PIN value to proceed
100 # Also, the "extensions" consist of extra info evaluated by TPS. In this case we declare the "type" of our virtual token.
101 # The TPS uses the type to control the flow of the operation.
102 op=ra_format uid=user1 pwd=secret123 new_pin=secret123 num_threads=1 extensions=tokenType=userKey
104 # Exit the operation and leave the program
106 op=exit
108 enroll.txt contents:
112 # Set the host name of the TPS server
115 op=var_set name=ra_host value=localhost.localdomain
116 # Set the port where the TPS server is listening
118 op=var_set name=ra_port value=8080
119 # Set the URL on the TPS that responds to client token operation requests
121 op=var_set name=ra_uri value=/tps/tps
122 # Set the cuid number of our virtual token and some other values needed by TPS
124 op=token_set cuid=40906145C76224192D2B msn=01020304 app_ver=6FBBC105 key_info=0101 major_ver=1 minor_ver=1
125 # Set the global platform auth key for the virtual token
127 op=token_set auth_key=404142434445464748494a4b4c4d4e4f
128 # Set the global platform mac key for the virtual token
130 op=token_set mac_key=404142434445464748494a4b4c4d4e4f
131 # Set the global platform kek key for the virtual token
133 op=token_set kek_key=404142434445464748494a4b4c4d4e4f
134 #Issue the actual request to format our token to the TPS server.
136 # Within this command we must provide the authentication userid, authentication password, and virtual token PIN value to proceed
137 # Also, the "extensions" consist of extra info evaluated by TPS. In this case we declare the "type" of our virtual token.
138 # The TPS uses the type to control the flow of the operation.
139 op=ra_enroll uid=user1 pwd=secret123 new_pin=secret123 num_threads=1 extensions=tokenType=userKey
141
146 Copyright (c) 2014 Red Hat, Inc. This is licensed under the GNU Gen‐
147 eral Public License, version 2 (GPLv2). A copy of this license is
148 available at http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt.
149PKI Jul 8, 2015 tpsclient(1)