From 76b707157ef9bffa029545a95d5cf9e740b7f7ac Mon Sep 17 00:00:00 2001
From: Neal McBurnett <nealmcb@gmail.com>
Date: Fri, 6 May 2022 09:21:00 -0600
Subject: [PATCH] Fix piv-tool generate-key command in TOKENS doc
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

[cosign/TOKENS\.md at main · sigstore/cosign](https://github.com/sigstore/cosign/blob/main/TOKENS.md) says:

... *run the* `cosign generate-key` *command* ...

Which yields this error:

```
$ cosign generate-key
Error: unknown command "generate-key" for "cosign"
```

The documentation is simply missing the `piv-tool` sub-command.

Resolves: #1849

Also fix make target for custom build: was make cosign-pivkey
now make cosign-pivkey-pkcs11key.
Drop old, brittle reference to line in Makefile.

Also make `go build` also work the same way, from the root directory.

See also: #1853

Signed-off-by: Neal McBurnett <neal@mcburnett.org>
---
 TOKENS.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/TOKENS.md b/TOKENS.md
index 4cf907b1c3e..6ab13e255a0 100644
--- a/TOKENS.md
+++ b/TOKENS.md
@@ -2,7 +2,7 @@
 
 The `cosign` command line tool optionally supports hardware tokens for signing and key management.
 This support is enabled through the [PIV protocol](https://csrc.nist.gov/projects/piv/piv-standards-and-supporting-documentation)
-and the [go-piv](https://github.com/go-piv/piv-go) library, which is not included in the standard release. Use [`make cosign-pivkey`](https://github.com/sigstore/cosign/blob/a8d1cc1132d4a019a62ff515b9375c8c5b98a5c5/Makefile#L52), or `go build -tags=pivkey`, to build `cosign` with support for hardware tokens.
+and the [go-piv](https://github.com/go-piv/piv-go) library, which is not included in the standard release. Use `make cosign-pivkey-pkcs11key`, or `go build -tags=pivkey,pkcs11key ./cmd/cosign`, to build `cosign` with support for hardware tokens.
 
 ---
 **NOTE**
@@ -18,7 +18,7 @@ We recommend using an application provided by your hardware vendor to manage key
 
 ### Setup
 
-To get started, insert a key to your computer and run the `cosign generate-key` command.
+To get started, insert a key to your computer and run the `cosign piv-tool generate-key` command.
 We recommend using the `--random-management-key=true` flag.
 
 This command generates a cryptographically-random management key and configures the device to use it.