2009-09-11 09:48:51 +00:00
|
|
|
<?xml version="1.0" encoding="UTF-8"?>
|
|
|
|
|
<refentry id="westcos-tool">
|
|
|
|
|
<refmeta>
|
|
|
|
|
<refentrytitle>westcos-tool</refentrytitle>
|
|
|
|
|
<manvolnum>1</manvolnum>
|
2011-08-14 21:27:55 +00:00
|
|
|
<refmiscinfo class="productname">OpenSC</refmiscinfo>
|
|
|
|
|
<refmiscinfo class="manual">OpenSC Tools</refmiscinfo>
|
|
|
|
|
<refmiscinfo class="source">opensc</refmiscinfo>
|
2009-09-11 09:48:51 +00:00
|
|
|
</refmeta>
|
|
|
|
|
|
|
|
|
|
<refnamediv>
|
|
|
|
|
<refname>westcos-tool</refname>
|
2011-03-20 13:17:29 +00:00
|
|
|
<refpurpose>utility for manipulating data structures
|
|
|
|
|
on westcos smart cards</refpurpose>
|
2009-09-11 09:48:51 +00:00
|
|
|
</refnamediv>
|
|
|
|
|
|
2011-08-14 19:52:02 +00:00
|
|
|
<refsynopsisdiv>
|
|
|
|
|
<cmdsynopsis>
|
|
|
|
|
<command>westcos-tool</command>
|
|
|
|
|
<arg choice="opt"><replaceable class="option">OPTIONS</replaceable></arg>
|
|
|
|
|
</cmdsynopsis>
|
|
|
|
|
</refsynopsisdiv>
|
2009-09-11 09:48:51 +00:00
|
|
|
|
|
|
|
|
<refsect1>
|
|
|
|
|
<title>Description</title>
|
|
|
|
|
<para>
|
|
|
|
|
The <command>westcos-tool</command> utility is used to manipulate
|
2011-08-15 08:40:57 +00:00
|
|
|
the westcos data structures on 2 Ko smart cards. Users can create PINs,
|
|
|
|
|
keys and certificates stored on the token. User PIN authentication is
|
2009-09-11 09:48:51 +00:00
|
|
|
performed for those operations that require it.
|
|
|
|
|
</para>
|
|
|
|
|
</refsect1>
|
|
|
|
|
|
|
|
|
|
<refsect1>
|
|
|
|
|
<title>Options</title>
|
|
|
|
|
<para>
|
|
|
|
|
<variablelist>
|
|
|
|
|
<varlistentry>
|
2011-03-20 13:17:29 +00:00
|
|
|
<term><option>--reader, r</option> num</term>
|
2010-05-11 14:35:38 +00:00
|
|
|
<listitem><para>
|
2011-03-20 13:17:29 +00:00
|
|
|
Use the given reader. The default is the first reader with a card.
|
2010-05-11 14:35:38 +00:00
|
|
|
</para></listitem>
|
|
|
|
|
</varlistentry>
|
2011-08-15 08:40:57 +00:00
|
|
|
|
2010-05-11 14:35:38 +00:00
|
|
|
<varlistentry>
|
|
|
|
|
<term><option>--wait, -w</option></term>
|
|
|
|
|
<listitem><para>Wait for a card to be inserted</para></listitem>
|
|
|
|
|
</varlistentry>
|
2011-08-15 08:40:57 +00:00
|
|
|
|
2010-05-11 14:35:38 +00:00
|
|
|
<varlistentry>
|
|
|
|
|
<term><option>--generate-key, -g</option></term>
|
2009-09-11 09:48:51 +00:00
|
|
|
<listitem><para>Generate a private key on smart card. The smart card must be
|
2011-03-20 13:17:29 +00:00
|
|
|
not finalized and a PIN must be installed (ie. file for PIN must be created, see option
|
2011-08-15 08:40:57 +00:00
|
|
|
-i). By default key length is 1536 bits. User authentication is required for
|
2009-09-11 09:48:51 +00:00
|
|
|
this operation. </para></listitem>
|
|
|
|
|
</varlistentry>
|
2011-08-15 08:40:57 +00:00
|
|
|
|
2010-05-11 14:35:38 +00:00
|
|
|
<varlistentry>
|
|
|
|
|
<term><option>--overwrite-key, -o</option></term>
|
2011-03-20 13:17:29 +00:00
|
|
|
<listitem><para>Overwrite the key if there is already a key on card.</para></listitem>
|
2010-05-11 14:35:38 +00:00
|
|
|
</varlistentry>
|
2011-08-15 08:40:57 +00:00
|
|
|
|
2009-09-11 09:48:51 +00:00
|
|
|
<varlistentry>
|
2010-05-11 14:35:38 +00:00
|
|
|
<term>
|
|
|
|
|
<option>--key-length</option> length,
|
|
|
|
|
<option>-l</option> length
|
|
|
|
|
</term>
|
|
|
|
|
<listitem><para>Change the length of private key, use with <option>-g</option>.
|
2009-09-11 09:48:51 +00:00
|
|
|
</para></listitem>
|
|
|
|
|
</varlistentry>
|
|
|
|
|
|
|
|
|
|
<varlistentry>
|
2010-05-11 14:35:38 +00:00
|
|
|
<term><option>--install-pin, -i</option></term>
|
2011-03-20 13:17:29 +00:00
|
|
|
<listitem><para>Install PIN file in token, you must provide PIN value
|
2010-05-11 14:35:38 +00:00
|
|
|
with <option>-x</option>.</para></listitem>
|
2009-09-11 09:48:51 +00:00
|
|
|
</varlistentry>
|
|
|
|
|
|
|
|
|
|
<varlistentry>
|
2010-05-11 14:35:38 +00:00
|
|
|
<term>
|
|
|
|
|
<option>--pin-value</option> value,
|
|
|
|
|
<option>-x</option> value
|
|
|
|
|
</term>
|
2011-03-20 13:17:29 +00:00
|
|
|
<listitem><para>set value of PIN.</para></listitem>
|
2009-09-11 09:48:51 +00:00
|
|
|
</varlistentry>
|
|
|
|
|
|
|
|
|
|
<varlistentry>
|
2010-05-11 14:35:38 +00:00
|
|
|
<term>
|
|
|
|
|
<option>--puk-value</option> value,
|
|
|
|
|
<option>-y</option> value
|
|
|
|
|
</term>
|
2011-03-20 13:17:29 +00:00
|
|
|
<listitem><para>set value of PUK (or value of new PIN for change PIN
|
2009-09-11 09:48:51 +00:00
|
|
|
command see <option>-n</option>).</para></listitem>
|
|
|
|
|
</varlistentry>
|
|
|
|
|
|
|
|
|
|
<varlistentry>
|
2010-05-11 14:35:38 +00:00
|
|
|
<term><option>--change-pin, -n</option></term>
|
2009-09-11 09:48:51 +00:00
|
|
|
<listitem><para>Changes a PIN stored on the token. User authentication
|
|
|
|
|
is required for this operation.</para></listitem>
|
|
|
|
|
</varlistentry>
|
|
|
|
|
|
|
|
|
|
<varlistentry>
|
2010-05-11 14:35:38 +00:00
|
|
|
<term><option>--unblock-pin, -u</option></term>
|
2011-03-20 13:17:29 +00:00
|
|
|
<listitem><para>Unblocks a PIN stored on the token. Knowledge of the
|
|
|
|
|
PIN Unblock Key (PUK) is required for this operation.</para></listitem>
|
2009-09-11 09:48:51 +00:00
|
|
|
</varlistentry>
|
|
|
|
|
|
|
|
|
|
<varlistentry>
|
2010-05-11 14:35:38 +00:00
|
|
|
<term>
|
2011-03-20 13:17:29 +00:00
|
|
|
<option>--certificate</option> file,
|
2011-08-15 08:40:57 +00:00
|
|
|
<option>-t</option> file
|
2010-05-11 14:35:38 +00:00
|
|
|
</term>
|
2011-03-20 13:17:29 +00:00
|
|
|
<listitem><para>Write certificate file in PEM format to the
|
2009-09-11 09:48:51 +00:00
|
|
|
card. User authentication is required for this operation.</para></listitem>
|
|
|
|
|
</varlistentry>
|
|
|
|
|
|
|
|
|
|
<varlistentry>
|
2010-05-11 14:35:38 +00:00
|
|
|
<term><option>--finalize, -f</option></term>
|
2011-03-20 13:17:29 +00:00
|
|
|
<listitem><para>Finalize the card. Once finalized the default key is invalidated so PIN and PUK
|
|
|
|
|
can't be changed anymore without user authentication. Warning,
|
|
|
|
|
un-finalized are insecure because PIN can be changed without user authentication (knowledge of default key
|
|
|
|
|
is enough).</para></listitem>
|
2009-09-11 09:48:51 +00:00
|
|
|
</varlistentry>
|
|
|
|
|
|
|
|
|
|
<varlistentry>
|
2010-05-11 14:35:38 +00:00
|
|
|
<term>
|
|
|
|
|
<option>--read-file</option> path,
|
|
|
|
|
<option>-j</option> path
|
|
|
|
|
</term>
|
2011-08-15 08:40:57 +00:00
|
|
|
<listitem><para>Get the file path the file is written
|
2010-05-11 14:35:38 +00:00
|
|
|
on disk with path name. User authentication
|
|
|
|
|
is required for this operation.</para></listitem>
|
2009-09-11 09:48:51 +00:00
|
|
|
</varlistentry>
|
|
|
|
|
|
|
|
|
|
<varlistentry>
|
2010-05-11 14:35:38 +00:00
|
|
|
<term>
|
|
|
|
|
<option>--write-file</option> path,
|
|
|
|
|
<option>-k</option> path
|
|
|
|
|
</term>
|
|
|
|
|
<listitem><para>Put the file with name path from disk
|
|
|
|
|
to card the file is written in path. User authentication
|
2009-09-11 09:48:51 +00:00
|
|
|
is required for this operation.</para></listitem>
|
|
|
|
|
</varlistentry>
|
|
|
|
|
|
|
|
|
|
<varlistentry>
|
2010-05-11 14:35:38 +00:00
|
|
|
<term><option>--help, -h</option></term>
|
|
|
|
|
<listitem><para>Print help message on screen.</para></listitem>
|
2009-09-11 09:48:51 +00:00
|
|
|
</varlistentry>
|
|
|
|
|
|
|
|
|
|
<varlistentry>
|
|
|
|
|
<term><option>-v</option></term>
|
|
|
|
|
<listitem><para>Causes <command>westcos-tool</command> to be more
|
|
|
|
|
verbose. Specify this flag several times to enable debug output
|
|
|
|
|
in the OpenSC library.</para></listitem>
|
|
|
|
|
</varlistentry>
|
|
|
|
|
|
|
|
|
|
</variablelist>
|
|
|
|
|
</para>
|
|
|
|
|
</refsect1>
|
|
|
|
|
|
|
|
|
|
<refsect1>
|
|
|
|
|
<title>Authors</title>
|
|
|
|
|
<para><command>westcos-tool</command> was written by
|
|
|
|
|
Francois Leblanc <email>francois.leblanc@cev-sa.com</email>.</para>
|
|
|
|
|
</refsect1>
|
|
|
|
|
|
|
|
|
|
</refentry>
|
