From 099270092afd73141b7aa6c40e56f451ea46122b Mon Sep 17 00:00:00 2001 From: Frank Morgner Date: Fri, 27 Apr 2018 09:18:13 +0200 Subject: [PATCH] added documentation of some command line options --- doc/tools/cryptoflex-tool.1.xml | 12 +++++- doc/tools/opensc-tool.1.xml | 20 +++++++++ doc/tools/piv-tool.1.xml | 2 +- doc/tools/pkcs15-crypt.1.xml | 20 +++++++-- doc/tools/pkcs15-init.1.xml | 27 ++++++++---- doc/tools/pkcs15-tool.1.xml | 75 ++++++++++++++++++++++++++++++++- 6 files changed, 141 insertions(+), 15 deletions(-) diff --git a/doc/tools/cryptoflex-tool.1.xml b/doc/tools/cryptoflex-tool.1.xml index d54f1c15..1364e449 100644 --- a/doc/tools/cryptoflex-tool.1.xml +++ b/doc/tools/cryptoflex-tool.1.xml @@ -121,7 +121,8 @@ - + , + Reads a public key from the card, allowing the user to extract and store or use the public key @@ -156,6 +157,15 @@ Verifies CHV1 before issuing commands + + + , + + + Causes cryptoflex-tool to + wait for a card insertion. + + diff --git a/doc/tools/opensc-tool.1.xml b/doc/tools/opensc-tool.1.xml index b2d77a2a..00abd45a 100644 --- a/doc/tools/opensc-tool.1.xml +++ b/doc/tools/opensc-tool.1.xml @@ -55,6 +55,12 @@ Use the given card driver. The default is auto-detected. + + + , + + Lists algorithms supported by card + , @@ -90,6 +96,20 @@ Print the name of the inserted card (driver). + + + conf, + conf + + Get configuration key, format: section:name:key + + + + conf, + conf + + Get configuration key, format: section:name:key:value + num, diff --git a/doc/tools/piv-tool.1.xml b/doc/tools/piv-tool.1.xml index 30e7ac79..034c1e18 100644 --- a/doc/tools/piv-tool.1.xml +++ b/doc/tools/piv-tool.1.xml @@ -94,7 +94,7 @@ ref, - ref + ref Load a certificate onto the card. ref is 9A, diff --git a/doc/tools/pkcs15-crypt.1.xml b/doc/tools/pkcs15-crypt.1.xml index e3299049..2126f06f 100644 --- a/doc/tools/pkcs15-crypt.1.xml +++ b/doc/tools/pkcs15-crypt.1.xml @@ -140,11 +140,16 @@ + + + + + - This option tells pkcs15-crypt - that the input file is the result of an SHA1 hash operation, - rather than an MD5 hash. Again, the data must be in binary + These options tell pkcs15-crypt + that the input file is the result of the specified hash operation. + By default, an MD5 hash is expected. Again, the data must be in binary representation. @@ -179,6 +184,15 @@ of two integers (OpenSSL). + + + , + + + Causes pkcs15-crypt to + wait for a card insertion. + + , diff --git a/doc/tools/pkcs15-init.1.xml b/doc/tools/pkcs15-init.1.xml index ad3646a2..ae7dbd7d 100644 --- a/doc/tools/pkcs15-init.1.xml +++ b/doc/tools/pkcs15-init.1.xml @@ -314,11 +314,11 @@ optionally followed by a slash and the length of the key in bits. It is a good idea to specify the key ID along with this command, using the option, otherwise an intrinsic ID - will be calculated from the key material. Look the description of - the 'pkcs15-id-style' attribute in the 'pkcs15.profile' for the details - about the algorithm used to calculate intrinsic ID. - For the multi-application cards the target PKCS#15 application can be - specified by the hexadecimal AID value of the option. + will be calculated from the key material. Look the description of + the 'pkcs15-id-style' attribute in the 'pkcs15.profile' for the details + about the algorithm used to calculate intrinsic ID. + For the multi-application cards the target PKCS#15 application can be + specified by the hexadecimal AID value of the option. @@ -333,10 +333,10 @@ from filename. The file is supposed to contain one long option per line, without the leading dashes, for instance: - - pin frank - puk zappa - + +pin frank +puk zappa + You can specify several times. @@ -530,6 +530,15 @@ + + + , + + + Causes pkcs15-init to + wait for a card insertion. + + diff --git a/doc/tools/pkcs15-tool.1.xml b/doc/tools/pkcs15-tool.1.xml index 5f1ba2bf..78fe0b1e 100644 --- a/doc/tools/pkcs15-tool.1.xml +++ b/doc/tools/pkcs15-tool.1.xml @@ -75,11 +75,18 @@ List all card objects. + + + + + List card objects. + + - List the on-card PKCS#15 applications + List the on-card PKCS#15 applications. @@ -115,6 +122,18 @@ In such a case the option has to be used. + + + + + List all secret (symmetric) keys stored on the token. General + information about each secret key is listed (eg. key name, id and + algorithm). Actual secret key values are not displayed. + For some cards the PKCS#15 attributes of the private keys are protected for reading + and need the authentication with the User PIN. + In such a case the option has to be used. + + @@ -241,6 +260,22 @@ + + + , + , + + Test if the card needs a security update + + + + + , + , + + Update the card with a security update + + num @@ -269,6 +304,27 @@ in the OpenSC library. + + + PIN + + Specify PIN + + + + + PUK + + Specify Unblock PIN + + + + + PIN + + Specify New PIN (when changing or unblocking) + + @@ -277,6 +333,23 @@ (without 'auth-id' the first non-SO, non-Unblock PIN will be verified) + + + + + Equivalent to + with additional session PIN generation + + + + + , + + + Causes pkcs15-tool to + wait for a card insertion. + +