Implement the pin command and rename clear to pin clear

We have functionality for changing the Nitrokey's user & admin PINs as
well as for resetting the user PIN coming up. With the prospect of this
new functionality arriving, it makes sense to introduce a new top-level
command for the sole purpose of PIN management.
This change introduces such a command, pin, and moves the existing clear
command for clearing the PIN cache into it.

1 files changed, 11 insertions, 2 deletions

diff --git a/nitrocli/doc/nitrocli.1 b/nitrocli/doc/nitrocli.1
index 21aab03..ef56b22 100644
--- a/nitrocli/doc/nitrocli.1
+++ b/nitrocli/doc/nitrocli.1
@@ -16,8 +16,6 @@ It can be used to access the encrypted volume and the one-time password generato
 Print the status of the connected Nitrokey device, including the stick serial
 number, the firmware version, and the PIN retry count.
 .TP
-.B nitrocli clear
-Clear the passphrases cached by the other commands.
 
 .SS Storage
 .TP
@@ -120,6 +118,17 @@ passwords using the \fBotp get\fR command.
 If \fB\-\-no\-otp\-pin\fR is set, OTP generation can be performed without PIN.
 These two options are mutually exclusive.
 
+.SS PINs
+Nitrokey devices have two PINs: the user PIN and the admin PIN. The user
+PIN must have at least six, the admin PIN at least eight characters. The
+user PIN is required for commands such as \fBotp get\fR (depending on
+the configuration) and for all \fBpws\fR commands.
+The admin PIN is usually required to change the device configuration.
+
+.TP
+.B nitrocli pin clear
+Clear the PINs cached by the other commands.
+
 .SH EXAMPLES
 .SS One-time passwords
 Configure a one-time password slot with a hexadecimal secret representation: