SDUTIL permits the execution of command-line based commands on the SecureDoc client. Its command line format follows one of the following formats:
SDUTIL /<Command> [Main_obj] [aObj1] [aObj2] .. [aObjn] [/<KeyWord1>[Arg1] [/<KeyWord2>[Arg2] … [/<KeyWordn>[Argn]
Or
SDUTIL [Main_obj] /<Command> [aObj1] [aObj2].. [aObjn] [/<KeyWord1>[Arg1] [/<KeyWord2>[Arg2] … [/<KeyWordn>[Argn]
• The Rule of the Command line
1. There are 2 kinds of entities after SDUTIL: objects and keywords;
• Keywords start with "/” or "-"; NOTE: the object has no proceeding "/”.
• A keyword can stand alone, or it may have a parameter that can follow immediately afterward. If the parameter contains a space or other delimiters then the parameter must be encapsulated with parentheses (double quotation marks ("”) ).
2. The first key word is the COMMAND of the line.
A line must have a COMMAND; it can have zero or several objects; (in other word, the objects always belong to a COMMAND) it can have zero or several keywords;
3. The first object is the "Main object”. If a command needs several objects, they appear after each other. The sequence of the objects are relevant.
4. The sequence of the keywords are not relevant. In fact, a keyword must not come twice in a line.
5. /P (print to log file) keywords is able to be used in all commands:
List of COMMANDS and associated Key Words
The Command and associated Key Words ( Description follows 4 dashes "----" )
SDUTIL ”File Name” /A - or - SDUTIL /A ”File Name” ---- Add a key file with ”File Name” to the SD space
SDUTIL ”File Name” /B - or - SDUTIL /B ”File Name” ---- Install boot logon with ”File Name’ as first key file
SDUTIL /C ”File Name” /U”User ID” /K”Key ID” /W”Password” [ /T”Token type” /S”Token slot ID” /M”Method No.” /O”Object label name]; ---- Create a key file with ”File Name” name, ”User ID”, add ”Key ID” key and password to it. If created key file is a token based key file, then there are following key word for token type, slot ID, method and object label name.
SDUTIL HDi /D [/F] - or - SDUTIL /DHDi [/F] ---- Decrypt the HDi. The object is the disk to encrypt. Only one object is allowed. If /F key word exists, that means using standard mode. Otherwise using thorough mode
SDUTIL HDi. /E”Key ID” [/F] - or - SDUTIL /E”Key ID” HDi [/F] - or - SDUTIL /EHDi /K”Key ID” [/F] ---- Encrypt a disk with the key "Key ID”. The /F key word has the same meaning as above
The object is the disk to encrypt. Only one object is allowed.
SDUTIL /G”Random Number” ---- Generate random number for the disk encryption key
SDUTIL /L ”Key File Name” ---- Login to administrative key file
SDUTIL /R”\\ServerName\ShareName” ---- Report back to server
SDUTIL /Z ---- Reboot the computer
Further Technical Information - not essential to effective use of this command • Data Structure
1. char *pObjects[20] contains all objects in correctly sequence which are got from char *argv[];
2. char *pKeyWord[20] contains all key words in correctly sequence which are got from char *argv[]. The first key word is the command.
• Process Steps
1. Get the SDJob.bat file name and logFile name from registry;
2. Call WprocessBatFile ( batfilename, Show1) function for processing the batch file;
3. Get one line of batch file and call function: ProcessEachCmdlinePara ( char * CmdLine1,int lineNum, DWORD (* notify)(WORD,WORD, DWORD, DWORD) )
4. Call SearchCmdLine_GetcmdAgrv (char * CmdLine, char *ourCmd, char *cmdArgv2[MaxParaCount] ) for getting the argument count and argument vectors in one line;
5. Transfer the argument count and argument vectors to DTool_main( int argc, char *argv[],DWORD (* notify) ( WORD, WORD, DWORD, DWORD ));
6. In Dtool_main function:
• Call CheckCommand CheckCommand(int argc, char *argv[], BYTE *wDrive, BYTE *bOperation)) for getting the arguments and other parameters. Parsing the arguments and put the correctly sequence into pObjects[20] and pKeyWord[20] based on the command. Some default values are filled in the pObjects[20] and pKeyWord[20] if they are necessary.
• According to the command (bOperation) value and parameters, the corresponding operation is executed.
7. Make a done mark (‘;’) at beginning of this line;
8. Get the next line of batch file;
9. Check if end of the batch file. If it is not , go to 3. Otherwise go to 10;
10. Delete the batch file, set the registry batch file value to empty, close everything. If there is restart computer flag set, then restart computer. Otherwise only notify user and exits the application.
|