diff options
| author | Daiki Ueno <ueno@gnu.org> | 2022-02-10 15:58:08 +0100 |
|---|---|---|
| committer | Daiki Ueno <ueno@gnu.org> | 2022-03-10 09:34:39 +0100 |
| commit | c2e11191782231c429c8d49e8466f0bac9a03caf (patch) | |
| tree | d143db82cd52e572f2755782a1b44d96ff5684e7 /src/ocsptool-options.json | |
| parent | 98684efcbbdb2268637324a8a98c7607ccd73ccf (diff) | |
| download | gnutls-c2e11191782231c429c8d49e8466f0bac9a03caf.tar.gz | |
Make option specification type-safe
This switches the CLI code and documentation generation to the
external cligen module, which provides more type-safe specification.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Diffstat (limited to 'src/ocsptool-options.json')
| -rw-r--r-- | src/ocsptool-options.json | 318 |
1 files changed, 154 insertions, 164 deletions
diff --git a/src/ocsptool-options.json b/src/ocsptool-options.json index f3b4116190..0a45a14852 100644 --- a/src/ocsptool-options.json +++ b/src/ocsptool-options.json @@ -1,164 +1,154 @@ -[ - { - "meta": { - "explain": "", - "prog-title": "GnuTLS OCSP tool", - "desc": "", - "prog-name": "ocsptool", - "detail": "ocsptool is a program that can parse and print information about\nOCSP requests/responses, generate requests and verify responses. Unlike\nother GnuTLS applications it outputs DER encoded structures by default\nunless the '--outpem' option is specified.", - "short-usage": "ocsptool [options]\nocsptool --help for usage instructions.\n", - "prog-desc": "Program to handle OCSP request/responses." - }, - "options": [ - { - "arg-type": "number", - "arg-min": "0 ", - "desc": "Enable debugging", - "detail": "Specifies the debug level.", - "short-option": "d", - "arg-max": " 9999", - "long-option": "debug" - }, - { - "desc": "More verbose output", - "detail": "", - "short-option": "V", - "long-option": "verbose", - "disabled": "", - "max": "NOLIMIT" - }, - { - "long-option": "infile", - "arg-type": "file", - "desc": "Input file", - "file-exists": "yes", - "detail": "" - }, - { - "arg-type": "string", - "long-option": "outfile", - "desc": "Output file", - "detail": "" - }, - { - "arg-type": "string", - "detail": "Connects to the specified HTTP OCSP server and queries on the validity of the loaded certificate.\nIts argument can be a URL or a plain server name. It can be combined with --load-chain, where it checks\nall certificates in the provided chain, or with --load-cert and\n--load-issuer options. The latter checks the provided certificate\nagainst its specified issuer certificate.", - "long-option": "ask", - "arg-name": "server name|url", - "arg-optional": "", - "desc": "Ask an OCSP/HTTP server on a certificate validity" - }, - { - "long-option": "verify-response", - "desc": "Verify response", - "detail": "Verifies the provided OCSP response against the system trust\nanchors (unless --load-trust is provided). It requires the --load-signer\nor --load-chain options to obtain the signer of the OCSP response.", - "short-option": "e" - }, - { - "long-option": "request-info", - "short-option": "i", - "desc": "Print information on a OCSP request", - "detail": "Display detailed information on the provided OCSP request." - }, - { - "desc": "Print information on a OCSP response", - "detail": "Display detailed information on the provided OCSP response.", - "short-option": "j", - "long-option": "response-info" - }, - { - "detail": "", - "desc": "Generates an OCSP request", - "short-option": "q", - "long-option": "generate-request" - }, - { - "disabled": "yes", - "detail": "", - "long-option": "nonce", - "disable-prefix": "no-", - "desc": "Use (or not) a nonce to OCSP request" - }, - { - "file-exists": "yes", - "desc": "Reads a set of certificates forming a chain from file", - "detail": "", - "arg-type": "file", - "long-option": "load-chain" - }, - { - "desc": "Reads issuer's certificate from file", - "long-option": "load-issuer", - "detail": "", - "file-exists": "yes", - "arg-type": "file" - }, - { - "desc": "Reads the certificate to check from file", - "file-exists": "yes", - "arg-type": "file", - "detail": "", - "long-option": "load-cert" - }, - { - "long-option": "load-trust", - "detail": "When verifying an OCSP response read the trust anchors from the\nprovided file. When this is not provided, the system's trust anchors will be\nused.", - "arg-type": "file", - "file-exists": "yes", - "desc": "Read OCSP trust anchors from file", - "conflicts": "load-signer" - }, - { - "long-option": "load-signer", - "arg-type": "file", - "file-exists": "yes", - "conflicts": "load-trust", - "detail": "", - "desc": "Reads the OCSP response signer from file" - }, - { - "long-option": "inder", - "disable-prefix": "no-", - "detail": "", - "desc": "Use DER format for input certificates and private keys", - "disabled": "" - }, - { - "detail": "The output will be in DER encoded format. Unlike other GnuTLS tools, this is the default for this tool", - "long-option": "outder", - "desc": "Use DER format for output of responses (this is the default)" - }, - { - "long-option": "outpem", - "desc": "Use PEM format for output of responses", - "detail": "The output will be in PEM format." - }, - { - "file-exists": "yes", - "detail": "", - "short-option": "Q", - "arg-type": "file", - "long-option": "load-request", - "desc": "Reads the DER encoded OCSP request from file" - }, - { - "detail": "", - "file-exists": "yes", - "long-option": "load-response", - "arg-type": "file", - "short-option": "S", - "desc": "Reads the DER encoded OCSP response from file" - }, - { - "desc": "Ignore any verification errors", - "long-option": "ignore-errors", - "detail": "" - }, - { - "detail": "This can be combined with --verify-response.", - "long-option": "verify-allow-broken", - "desc": "Allow broken algorithms, such as MD5 for verification" - } - ] - } -]
\ No newline at end of file +{ + "format-version": "0.1.0", + "tool": { + "name": "ocsptool", + "title": "GnuTLS OCSP tool", + "description": "Program to handle OCSP request/responses.", + "detail": "ocsptool is a program that can parse and print information about\nOCSP requests/responses, generate requests and verify responses. Unlike\nother GnuTLS applications it outputs DER encoded structures by default\nunless the '--outpem' option is specified.", + "short-usage": "ocsptool [options]\nocsptool --help for usage instructions.\n" + }, + "sections": [ + { + "options": [ + { + "long-option": "debug", + "short-option": "d", + "description": "Enable debugging", + "detail": "Specifies the debug level.", + "argument-range": { + "min": 0, + "max": 9999 + }, + "argument-type": "number" + }, + { + "long-option": "verbose", + "short-option": "V", + "description": "More verbose output" + }, + { + "long-option": "infile", + "description": "Input file", + "file-exists": true, + "argument-type": "file" + }, + { + "long-option": "outfile", + "description": "Output file", + "argument-type": "string" + }, + { + "long-option": "ask", + "description": "Ask an OCSP/HTTP server on a certificate validity", + "detail": "Connects to the specified HTTP OCSP server and queries on the validity of the loaded certificate.\nIts argument can be a URL or a plain server name. It can be combined with --load-chain, where it checks\nall certificates in the provided chain, or with --load-cert and\n--load-issuer options. The latter checks the provided certificate\nagainst its specified issuer certificate.", + "argument-optional": true, + "argument-type": "string", + "argument-name": "server name|url" + }, + { + "long-option": "verify-response", + "short-option": "e", + "description": "Verify response", + "detail": "Verifies the provided OCSP response against the system trust\nanchors (unless --load-trust is provided). It requires the --load-signer\nor --load-chain options to obtain the signer of the OCSP response." + }, + { + "long-option": "request-info", + "short-option": "i", + "description": "Print information on a OCSP request", + "detail": "Display detailed information on the provided OCSP request." + }, + { + "long-option": "response-info", + "short-option": "j", + "description": "Print information on a OCSP response", + "detail": "Display detailed information on the provided OCSP response." + }, + { + "long-option": "generate-request", + "short-option": "q", + "description": "Generates an OCSP request" + }, + { + "long-option": "nonce", + "description": "Use (or not) a nonce to OCSP request", + "disable-prefix": "no-" + }, + { + "long-option": "load-chain", + "description": "Reads a set of certificates forming a chain from file", + "file-exists": true, + "argument-type": "file" + }, + { + "long-option": "load-issuer", + "description": "Reads issuer's certificate from file", + "file-exists": true, + "argument-type": "file" + }, + { + "long-option": "load-cert", + "description": "Reads the certificate to check from file", + "file-exists": true, + "argument-type": "file" + }, + { + "long-option": "load-trust", + "description": "Read OCSP trust anchors from file", + "detail": "When verifying an OCSP response read the trust anchors from the\nprovided file. When this is not provided, the system's trust anchors will be\nused.", + "file-exists": true, + "conflicts": [ + "load-signer" + ], + "argument-type": "file" + }, + { + "long-option": "load-signer", + "description": "Reads the OCSP response signer from file", + "file-exists": true, + "conflicts": [ + "load-trust" + ], + "argument-type": "file" + }, + { + "long-option": "inder", + "description": "Use DER format for input certificates and private keys", + "disable-prefix": "no-" + }, + { + "long-option": "outder", + "description": "Use DER format for output of responses (this is the default)", + "detail": "The output will be in DER encoded format. Unlike other GnuTLS tools, this is the default for this tool" + }, + { + "long-option": "outpem", + "description": "Use PEM format for output of responses", + "detail": "The output will be in PEM format." + }, + { + "long-option": "load-request", + "short-option": "Q", + "description": "Reads the DER encoded OCSP request from file", + "file-exists": true, + "argument-type": "file" + }, + { + "long-option": "load-response", + "short-option": "S", + "description": "Reads the DER encoded OCSP response from file", + "file-exists": true, + "argument-type": "file" + }, + { + "long-option": "ignore-errors", + "description": "Ignore any verification errors" + }, + { + "long-option": "verify-allow-broken", + "description": "Allow broken algorithms, such as MD5 for verification", + "detail": "This can be combined with --verify-response." + } + ] + } + ] +}
\ No newline at end of file |