You've already forked step-ca-cli
mirror of
https://github.com/smallstep/cli.git
synced 2025-08-09 03:22:43 +03:00
Minor tweaks for online docs.
This commit is contained in:
Mariano Cano
@@ -123,7 +123,8 @@ For examples, see **step help crypto hash**.
|
|||||||
: SHA-512/256 uses SHA-512 and truncates the output to 256 bits
|
: SHA-512/256 uses SHA-512 and truncates the output to 256 bits
|
||||||
|
|
||||||
**md5** (requires --insecure)
|
**md5** (requires --insecure)
|
||||||
: MD5 produces a 128-bit hash value`,
|
: MD5 produces a 128-bit hash value
|
||||||
|
`,
|
||||||
},
|
},
|
||||||
cli.BoolFlag{
|
cli.BoolFlag{
|
||||||
Name: "insecure",
|
Name: "insecure",
|
||||||
@@ -182,7 +183,8 @@ For examples, see **step help crypto hash**.
|
|||||||
: SHA-512/256 produces a 256-bit hash value
|
: SHA-512/256 produces a 256-bit hash value
|
||||||
|
|
||||||
**md5** (requires --insecure)
|
**md5** (requires --insecure)
|
||||||
: MD5 produces a 128-bit hash value`,
|
: MD5 produces a 128-bit hash value
|
||||||
|
`,
|
||||||
},
|
},
|
||||||
cli.BoolFlag{
|
cli.BoolFlag{
|
||||||
Name: "insecure",
|
Name: "insecure",
|
||||||
|
|||||||
@@ -25,21 +25,21 @@ be encrypted to multiple parties (using multiple keys).
|
|||||||
A typical JWE in compact serialization is a dot-separated string with five
|
A typical JWE in compact serialization is a dot-separated string with five
|
||||||
parts:
|
parts:
|
||||||
|
|
||||||
* Header: metadata describing how the plaintext payload was processed to
|
* Header: metadata describing how the plaintext payload was processed to
|
||||||
produce ciphertext (e.g., which algorithms were used to encrypt the
|
produce ciphertext (e.g., which algorithms were used to encrypt the
|
||||||
content encryption key and the plaintext payload)
|
content encryption key and the plaintext payload)
|
||||||
|
|
||||||
* Encrypted Key: the "content encryption key" that was used to encrypt the
|
* Encrypted Key: the "content encryption key" that was used to encrypt the
|
||||||
plaintext payload, encrypted for the JWE recipient(s) (see: "what's with
|
plaintext payload, encrypted for the JWE recipient(s) (see: "what's with
|
||||||
the encrypted key" below)
|
the encrypted key" below)
|
||||||
|
|
||||||
* Initialization Vector: an initialization vector for use with the specified
|
* Initialization Vector: an initialization vector for use with the specified
|
||||||
encryption algorithm, if applicable
|
encryption algorithm, if applicable
|
||||||
|
|
||||||
* Ciphertext: the ciphertext value resulting produced from authenticated
|
* Ciphertext: the ciphertext value resulting produced from authenticated
|
||||||
encryption of the plaintext with additional authenticated data
|
encryption of the plaintext with additional authenticated data
|
||||||
|
|
||||||
* Authentication Tag: value resulting fromthe authenticated encryption of
|
* Authentication Tag: value resulting fromthe authenticated encryption of
|
||||||
the plaintext with additional authenticated data
|
the plaintext with additional authenticated data
|
||||||
|
|
||||||
## What's with encrypted key?
|
## What's with encrypted key?
|
||||||
|
|||||||
@@ -147,7 +147,8 @@ appear in places you might not expect. If omitted input is read from STDIN.`,
|
|||||||
: A password-based KDF optimized to resist side-channel attacks.
|
: A password-based KDF optimized to resist side-channel attacks.
|
||||||
|
|
||||||
**argon2id**
|
**argon2id**
|
||||||
: A password-based KDF optimized to resist GPU and side-channel attacks.`,
|
: A password-based KDF optimized to resist GPU and side-channel attacks.
|
||||||
|
`,
|
||||||
},
|
},
|
||||||
cli.BoolFlag{
|
cli.BoolFlag{
|
||||||
Name: "insecure",
|
Name: "insecure",
|
||||||
|
|||||||
@@ -65,8 +65,7 @@ func init() {
|
|||||||
cmd := cli.Command{
|
cmd := cli.Command{
|
||||||
Name: "oauth",
|
Name: "oauth",
|
||||||
Usage: "authorization and single sign-on using OAuth & OIDC",
|
Usage: "authorization and single sign-on using OAuth & OIDC",
|
||||||
UsageText: `
|
UsageText: `**step oauth** [**--provider**=<provider>] [**--client-id**=<client-id> **--client-secret**=<client-secret>]
|
||||||
**step oauth** [**--provider**=<provider>] [**--client-id**=<client-id> **--client-secret**=<client-secret>]
|
|
||||||
[**--scope**=<scope> ...] [**--bare** [**--oidc**]] [**--header** [**--oidc**]]
|
[**--scope**=<scope> ...] [**--bare** [**--oidc**]] [**--header** [**--oidc**]]
|
||||||
|
|
||||||
**step oauth** **--authorization-endpoint**=<authorization-endpoint> **--token-endpoint**=<token-endpoint>
|
**step oauth** **--authorization-endpoint**=<authorization-endpoint> **--token-endpoint**=<token-endpoint>
|
||||||
@@ -121,7 +120,7 @@ $ step oauth --oidc --bare
|
|||||||
'''
|
'''
|
||||||
|
|
||||||
Use a custom OAuth2.0 server:
|
Use a custom OAuth2.0 server:
|
||||||
''''
|
'''
|
||||||
$ step oauth --client-id my-client-id --client-secret my-client-secret \
|
$ step oauth --client-id my-client-id --client-secret my-client-secret \
|
||||||
--provider https://example.org
|
--provider https://example.org
|
||||||
'''`,
|
'''`,
|
||||||
|
|||||||
@@ -178,7 +178,7 @@ generating key.`,
|
|||||||
Name: "offline",
|
Name: "offline",
|
||||||
Usage: `Creates a certificate without contacting the certificate authority. Offline mode
|
Usage: `Creates a certificate without contacting the certificate authority. Offline mode
|
||||||
uses the configuration, certificates, and keys created with **step ca init**,
|
uses the configuration, certificates, and keys created with **step ca init**,
|
||||||
but can accept a different configuration file using '--ca-config>' flag.`,
|
but can accept a different configuration file using **--ca-config** flag.`,
|
||||||
}
|
}
|
||||||
|
|
||||||
// CaConfig is a cli.Flag used to pass the CA configuration file.
|
// CaConfig is a cli.Flag used to pass the CA configuration file.
|
||||||
@@ -242,7 +242,7 @@ be stored in the 'sshpop' header.`,
|
|||||||
TeamURL = cli.StringFlag{
|
TeamURL = cli.StringFlag{
|
||||||
Name: "team-url",
|
Name: "team-url",
|
||||||
Usage: `The <url> step queries to retrieve initial team configuration. Only used with
|
Usage: `The <url> step queries to retrieve initial team configuration. Only used with
|
||||||
the --team option. If the url contains <\<\>> placeholders, they are replaced with the team ID.`,
|
the **--team** option. If the url contains <\<\>> placeholders, they are replaced with the team ID.`,
|
||||||
}
|
}
|
||||||
|
|
||||||
// RedirectURL is a cli.Flag used to pass the OAuth redirect URL.
|
// RedirectURL is a cli.Flag used to pass the OAuth redirect URL.
|
||||||
@@ -261,7 +261,7 @@ the --team option. If the url contains <\<\>> placeholders, they are replaced wi
|
|||||||
// TemplateSet is a cli.Flag used to send key-value pairs to the ca.
|
// TemplateSet is a cli.Flag used to send key-value pairs to the ca.
|
||||||
TemplateSet = cli.StringSliceFlag{
|
TemplateSet = cli.StringSliceFlag{
|
||||||
Name: "set",
|
Name: "set",
|
||||||
Usage: "The <key=value> pair with template data variables to send to the CA. Use the '--set' flag multiple times to add multiple variables.",
|
Usage: "The <key=value> pair with template data variables to send to the CA. Use the **--set** flag multiple times to add multiple variables.",
|
||||||
}
|
}
|
||||||
|
|
||||||
// TemplateSetFile is a cli.Flag used to send a JSON file to the CA.
|
// TemplateSetFile is a cli.Flag used to send a JSON file to the CA.
|
||||||
|
|||||||
Reference in New Issue
Block a user