81 lines
2.8 KiB
Groff
81 lines
2.8 KiB
Groff
|
.PU
|
|||
|
.ds nm \fBpkcs15-tool\fR
|
|||
|
.TH pkcs15-tool 1 "September 3, 2002" "" OpenSC
|
|||
|
.SH NAME
|
|||
|
pkcs15-tool \- utility for manipulating PKCS #15 data structures on smart cards and similar security tokens
|
|||
|
.SH SYNOPSIS
|
|||
|
\*(nm
|
|||
|
.RI [OPTIONS]
|
|||
|
.SH DESCRIPTION
|
|||
|
The \*(nm utility is used to manipulate the PKCS #15
|
|||
|
data structures on smart cards and similar security tokens.
|
|||
|
Users can list and read PINs, keys and
|
|||
|
certificates stored on the token. User PIN authentication is
|
|||
|
performed for those operations that require it.
|
|||
|
.SH OPTIONS
|
|||
|
.TP
|
|||
|
.BR \-\-learn\-card ", " \-L
|
|||
|
Cache PKCS #15 token data to the local filesystem. Subsequent
|
|||
|
operations are performed on the cached data where possible. If
|
|||
|
the cache becomes out\-of\-sync with the token state (eg. new
|
|||
|
key is generated and stored on the token), the cache should
|
|||
|
be updated or operations may show stale results.
|
|||
|
.TP
|
|||
|
.BR "\-\-read\-certificate " \fIcert\fP ", \-r " \fIcert\fP
|
|||
|
Read the certificate with the given id
|
|||
|
.TP
|
|||
|
.BR \-\-list\-certificates ", " \-c
|
|||
|
Lists all certificates stored on the token
|
|||
|
.TP
|
|||
|
.BR \-\-list\-pins
|
|||
|
Lists all PINs stored on the token. General information about
|
|||
|
each PIN is listed (eg. PIN name). Actual PIN values are not shown.
|
|||
|
.TP
|
|||
|
.BR \-\-change\-pin
|
|||
|
Changes a PIN stored on the token. User authentication is required
|
|||
|
for this operation.
|
|||
|
.TP
|
|||
|
.BR \-\-list\-keys ", " \-k
|
|||
|
Lists all private keys stored on the token. General information about
|
|||
|
each private key is listed (eg. key name, id and algorithm). Actual private
|
|||
|
key values are not displayed.
|
|||
|
.TP
|
|||
|
.BR \-\-list\-public\-keys
|
|||
|
Lists all public keys stored on the token, including key name, id,
|
|||
|
algorithm and length information.
|
|||
|
.TP
|
|||
|
.BR "\-\-read\-public\-key " \fIid\fP
|
|||
|
Reads the public key with id \fIid\fP, allowing the user to
|
|||
|
extract and store or use the public key.
|
|||
|
.TP
|
|||
|
.BR "\-\-output " \fIfilename\fP ", \-o " \fIfilename\fP
|
|||
|
Specifies where key output should be written. If this option is not
|
|||
|
given, keys will be printed to standard output.
|
|||
|
.TP
|
|||
|
.BR \-\-no\-cache
|
|||
|
Disable token data caching.
|
|||
|
.TP
|
|||
|
.BR "\-\-pin\-id " \fIpin\fP ", \-p " \fIpin\fP
|
|||
|
Specifies the auth id of the PIN to use for the operation. This
|
|||
|
is useful with the \-\-change\-pin operation.
|
|||
|
.TP
|
|||
|
.BR "\-\-reader " \fInum\fP
|
|||
|
Forces \*(nm to use reader number \fInum\fP for operations. The default
|
|||
|
is to use reader number 0, the first reader in the system.
|
|||
|
.TP
|
|||
|
.BR \-\-quiet ", " \-q
|
|||
|
Perform operations quietly. This causes \*(nm to be less 'chatty'
|
|||
|
about the status of the operation.
|
|||
|
.TP
|
|||
|
.BR \-\-debug ", " \-d
|
|||
|
Print debug output. This option may be supplied many times each
|
|||
|
increasing the verbosity of debug messages.
|
|||
|
.SH SEE ALSO
|
|||
|
.BR opensc (7),
|
|||
|
.BR pkcs15-init (1),
|
|||
|
.BR pkcs15-crypt (1)
|
|||
|
.SH AUTHORS
|
|||
|
\*(nm was written by Juha Yrj<72>l<EFBFBD> <juha.yrjola@iki.fi>.
|
|||
|
This manpage was contributed by Joe Phillips <joe.phillips@innovationsw.com>
|
|||
|
for the Debian GNU/Linux system (but may be used by others).
|