giomba
/
opensc
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

added documentation of some command line options

This commit is contained in:
Frank Morgner 2018-04-27 09:18:13 +02:00
parent 90a5b262d0
commit 099270092a
6 changed files with 141 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
doc/tools/cryptoflex-tool.1.xml
View File

@ -121,7 +121,8 @@
<varlistentry>
<term>
<option>--read-key</option>
<option>--read-key</option>,
<option>-R</option>
</term>
<listitem><para>Reads a public key from the card, allowing the user to
extract and store or use the public key
@ -156,6 +157,15 @@
<listitem><para>Verifies CHV1 before issuing commands</para></listitem>
</varlistentry>
<varlistentry>
<term>
<option>--wait</option>,
<option>-w</option>
</term>
<listitem><para>Causes <command>cryptoflex-tool</command> to
wait for a card insertion.</para></listitem>
</varlistentry>
</variablelist>
</para>
</refsect1>

20
doc/tools/opensc-tool.1.xml
View File

@ -55,6 +55,12 @@
<listitem><para>Use the given card driver.
The default is auto-detected.</para></listitem>
</varlistentry>
<varlistentry>
<term>
<option>--list-algorithms</option>,
</term>
<listitem><para>Lists algorithms supported by card</para></listitem>
</varlistentry>
<varlistentry>
<term>
<option>--info</option>,
@ -90,6 +96,20 @@
</term>
<listitem><para>Print the name of the inserted card (driver).</para></listitem>
</varlistentry>
<varlistentry>
<term>
<option>--get-conf-entry</option> <replaceable>conf</replaceable>,
<option>-G</option> <replaceable>conf</replaceable>
</term>
<listitem><para>Get configuration key, format: section:name:key</para></listitem>
</varlistentry>
<varlistentry>
<term>
<option>--set-conf-entry</option> <replaceable>conf</replaceable>,
<option>-S</option> <replaceable>conf</replaceable>
</term>
<listitem><para>Get configuration key, format: section:name:key:value</para></listitem>
</varlistentry>
<varlistentry>
<term>
<option>--reader</option> <replaceable>num</replaceable>,

2
doc/tools/piv-tool.1.xml
View File

@ -94,7 +94,7 @@
<varlistentry>
<term>
<option>--cert</option> <replaceable>ref</replaceable>,
<option>-s</option> <replaceable>ref</replaceable>
<option>-C</option> <replaceable>ref</replaceable>
</term>
<listitem><para>Load a certificate onto the card.
<replaceable>ref</replaceable> is <literal>9A</literal>,

20
doc/tools/pkcs15-crypt.1.xml
View File

@ -140,11 +140,16 @@
<varlistentry>
<term>
<option>--md5</option>
<option>--sha-1</option>
<option>--sha-224</option>
<option>--sha-256</option>
<option>--sha-384</option>
<option>--sha-512</option>
</term>
<listitem><para>This option tells <command>pkcs15-crypt</command>
that the input file is the result of an SHA1 hash operation,
rather than an MD5 hash. Again, the data must be in binary
<listitem><para>These options tell <command>pkcs15-crypt</command>
that the input file is the result of the specified hash operation.
By default, an MD5 hash is expected. Again, the data must be in binary
representation.</para></listitem>
</varlistentry>
@ -179,6 +184,15 @@
of two integers (OpenSSL).</para></listitem>
</varlistentry>
<varlistentry>
<term>
<option>--wait</option>,
<option>-w</option>
</term>
<listitem><para>Causes <command>pkcs15-crypt</command> to
wait for a card insertion.</para></listitem>
</varlistentry>
<varlistentry>
<term>
<option>--verbose</option>,

27
doc/tools/pkcs15-init.1.xml
View File

@ -314,11 +314,11 @@
optionally followed by a slash and the length of the key in bits.
It is a good idea to specify the key ID along with this command,
using the <option>id</option> option, otherwise an intrinsic ID
will be calculated from the key material. Look the description of
the 'pkcs15-id-style' attribute in the 'pkcs15.profile' for the details
about the algorithm used to calculate intrinsic ID.
For the multi-application cards the target PKCS#15 application can be
specified by the hexadecimal AID value of the <option>aid</option> option.
will be calculated from the key material. Look the description of
the 'pkcs15-id-style' attribute in the 'pkcs15.profile' for the details
about the algorithm used to calculate intrinsic ID.
For the multi-application cards the target PKCS#15 application can be
specified by the hexadecimal AID value of the <option>aid</option> option.
</para>
</listitem>
</varlistentry>
@ -333,10 +333,10 @@
from <replaceable>filename</replaceable>. The file is supposed to
contain one long option per line, without the leading dashes,
for instance:
<programlisting>
pin frank
puk zappa
</programlisting>
<programlisting>
pin frank
puk zappa
</programlisting>
</para>
<para>
You can specify <option>--options-file</option> several times.
@ -530,6 +530,15 @@
</listitem>
</varlistentry>
<varlistentry>
<term>
<option>--wait</option>,
<option>-w</option>
</term>
<listitem><para>Causes <command>pkcs15-init</command> to
wait for a card insertion.</para></listitem>
</varlistentry>
<varlistentry>
<term>
<option>--use-pinpad</option>

75
doc/tools/pkcs15-tool.1.xml
View File

@ -75,11 +75,18 @@
<listitem><para>List all card objects.</para></listitem>
</varlistentry>
<varlistentry>
<term>
<option>--list-info</option>
</term>
<listitem><para>List card objects.</para></listitem>
</varlistentry>
<varlistentry>
<term>
<option>--list-applications</option>
</term>
<listitem><para>List the on-card PKCS#15 applications</para></listitem>
<listitem><para>List the on-card PKCS#15 applications.</para></listitem>
</varlistentry>
<varlistentry>
@ -115,6 +122,18 @@
In such a case the <option>--verify-pin</option> option has to be used.</para></listitem>
</varlistentry>
<varlistentry>
<term>
<option>--list-secret-keys</option>
</term>
<listitem><para>List all secret (symmetric) keys stored on the token. General
information about each secret key is listed (eg. key name, id and
algorithm). Actual secret key values are not displayed.
For some cards the PKCS#15 attributes of the private keys are protected for reading
and need the authentication with the User PIN.
In such a case the <option>--verify-pin</option> option has to be used.</para></listitem>
</varlistentry>
<varlistentry>
<term>
<option>--list-pins</option>
@ -241,6 +260,22 @@
</listitem>
</varlistentry>
<varlistentry>
<term>
<option>--test-update</option>,
<option>-T</option>,
</term>
<listitem><para>Test if the card needs a security update</para></listitem>
</varlistentry>
<varlistentry>
<term>
<option>--update</option>,
<option>-U</option>,
</term>
<listitem><para>Update the card with a security update</para></listitem>
</varlistentry>
<varlistentry>
<term>
<option>--reader</option> <replaceable>num</replaceable>
@ -269,6 +304,27 @@
in the OpenSC library.</para></listitem>
</varlistentry>
<varlistentry>
<term>
<option>--pin</option> <replaceable>PIN</replaceable>
</term>
<listitem><para>Specify PIN</para></listitem>
</varlistentry>
<varlistentry>
<term>
<option>--puk</option> <replaceable>PUK</replaceable>
</term>
<listitem><para>Specify Unblock PIN</para></listitem>
</varlistentry>
<varlistentry>
<term>
<option>--new-pin</option> <replaceable>PIN</replaceable>
</term>
<listitem><para>Specify New PIN (when changing or unblocking)</para></listitem>
</varlistentry>
<varlistentry>
<term>
<option>--verify-pin</option>
@ -277,6 +333,23 @@
(without 'auth-id' the first non-SO, non-Unblock PIN will be verified)</para></listitem>
</varlistentry>
<varlistentry>
<term>
<option>--test-session-pin</option>
</term>
<listitem><para>Equivalent to <option>--verify-pin</option>
with additional session PIN generation</para></listitem>
</varlistentry>
<varlistentry>
<term>
<option>--wait</option>,
<option>-w</option>
</term>
<listitem><para>Causes <command>pkcs15-tool</command> to
wait for a card insertion.</para></listitem>
</varlistentry>
<varlistentry>
<term>
<option>--use-pinpad</option>