added documentation of some command line options
This commit is contained in:
parent
90a5b262d0
commit
099270092a
|
@ -121,7 +121,8 @@
|
||||||
|
|
||||||
<varlistentry>
|
<varlistentry>
|
||||||
<term>
|
<term>
|
||||||
<option>--read-key</option>
|
<option>--read-key</option>,
|
||||||
|
<option>-R</option>
|
||||||
</term>
|
</term>
|
||||||
<listitem><para>Reads a public key from the card, allowing the user to
|
<listitem><para>Reads a public key from the card, allowing the user to
|
||||||
extract and store or use the public key
|
extract and store or use the public key
|
||||||
|
@ -156,6 +157,15 @@
|
||||||
<listitem><para>Verifies CHV1 before issuing commands</para></listitem>
|
<listitem><para>Verifies CHV1 before issuing commands</para></listitem>
|
||||||
</varlistentry>
|
</varlistentry>
|
||||||
|
|
||||||
|
<varlistentry>
|
||||||
|
<term>
|
||||||
|
<option>--wait</option>,
|
||||||
|
<option>-w</option>
|
||||||
|
</term>
|
||||||
|
<listitem><para>Causes <command>cryptoflex-tool</command> to
|
||||||
|
wait for a card insertion.</para></listitem>
|
||||||
|
</varlistentry>
|
||||||
|
|
||||||
</variablelist>
|
</variablelist>
|
||||||
</para>
|
</para>
|
||||||
</refsect1>
|
</refsect1>
|
||||||
|
|
|
@ -55,6 +55,12 @@
|
||||||
<listitem><para>Use the given card driver.
|
<listitem><para>Use the given card driver.
|
||||||
The default is auto-detected.</para></listitem>
|
The default is auto-detected.</para></listitem>
|
||||||
</varlistentry>
|
</varlistentry>
|
||||||
|
<varlistentry>
|
||||||
|
<term>
|
||||||
|
<option>--list-algorithms</option>,
|
||||||
|
</term>
|
||||||
|
<listitem><para>Lists algorithms supported by card</para></listitem>
|
||||||
|
</varlistentry>
|
||||||
<varlistentry>
|
<varlistentry>
|
||||||
<term>
|
<term>
|
||||||
<option>--info</option>,
|
<option>--info</option>,
|
||||||
|
@ -90,6 +96,20 @@
|
||||||
</term>
|
</term>
|
||||||
<listitem><para>Print the name of the inserted card (driver).</para></listitem>
|
<listitem><para>Print the name of the inserted card (driver).</para></listitem>
|
||||||
</varlistentry>
|
</varlistentry>
|
||||||
|
<varlistentry>
|
||||||
|
<term>
|
||||||
|
<option>--get-conf-entry</option> <replaceable>conf</replaceable>,
|
||||||
|
<option>-G</option> <replaceable>conf</replaceable>
|
||||||
|
</term>
|
||||||
|
<listitem><para>Get configuration key, format: section:name:key</para></listitem>
|
||||||
|
</varlistentry>
|
||||||
|
<varlistentry>
|
||||||
|
<term>
|
||||||
|
<option>--set-conf-entry</option> <replaceable>conf</replaceable>,
|
||||||
|
<option>-S</option> <replaceable>conf</replaceable>
|
||||||
|
</term>
|
||||||
|
<listitem><para>Get configuration key, format: section:name:key:value</para></listitem>
|
||||||
|
</varlistentry>
|
||||||
<varlistentry>
|
<varlistentry>
|
||||||
<term>
|
<term>
|
||||||
<option>--reader</option> <replaceable>num</replaceable>,
|
<option>--reader</option> <replaceable>num</replaceable>,
|
||||||
|
|
|
@ -94,7 +94,7 @@
|
||||||
<varlistentry>
|
<varlistentry>
|
||||||
<term>
|
<term>
|
||||||
<option>--cert</option> <replaceable>ref</replaceable>,
|
<option>--cert</option> <replaceable>ref</replaceable>,
|
||||||
<option>-s</option> <replaceable>ref</replaceable>
|
<option>-C</option> <replaceable>ref</replaceable>
|
||||||
</term>
|
</term>
|
||||||
<listitem><para>Load a certificate onto the card.
|
<listitem><para>Load a certificate onto the card.
|
||||||
<replaceable>ref</replaceable> is <literal>9A</literal>,
|
<replaceable>ref</replaceable> is <literal>9A</literal>,
|
||||||
|
|
|
@ -140,11 +140,16 @@
|
||||||
|
|
||||||
<varlistentry>
|
<varlistentry>
|
||||||
<term>
|
<term>
|
||||||
|
<option>--md5</option>
|
||||||
<option>--sha-1</option>
|
<option>--sha-1</option>
|
||||||
|
<option>--sha-224</option>
|
||||||
|
<option>--sha-256</option>
|
||||||
|
<option>--sha-384</option>
|
||||||
|
<option>--sha-512</option>
|
||||||
</term>
|
</term>
|
||||||
<listitem><para>This option tells <command>pkcs15-crypt</command>
|
<listitem><para>These options tell <command>pkcs15-crypt</command>
|
||||||
that the input file is the result of an SHA1 hash operation,
|
that the input file is the result of the specified hash operation.
|
||||||
rather than an MD5 hash. Again, the data must be in binary
|
By default, an MD5 hash is expected. Again, the data must be in binary
|
||||||
representation.</para></listitem>
|
representation.</para></listitem>
|
||||||
</varlistentry>
|
</varlistentry>
|
||||||
|
|
||||||
|
@ -179,6 +184,15 @@
|
||||||
of two integers (OpenSSL).</para></listitem>
|
of two integers (OpenSSL).</para></listitem>
|
||||||
</varlistentry>
|
</varlistentry>
|
||||||
|
|
||||||
|
<varlistentry>
|
||||||
|
<term>
|
||||||
|
<option>--wait</option>,
|
||||||
|
<option>-w</option>
|
||||||
|
</term>
|
||||||
|
<listitem><para>Causes <command>pkcs15-crypt</command> to
|
||||||
|
wait for a card insertion.</para></listitem>
|
||||||
|
</varlistentry>
|
||||||
|
|
||||||
<varlistentry>
|
<varlistentry>
|
||||||
<term>
|
<term>
|
||||||
<option>--verbose</option>,
|
<option>--verbose</option>,
|
||||||
|
|
|
@ -314,11 +314,11 @@
|
||||||
optionally followed by a slash and the length of the key in bits.
|
optionally followed by a slash and the length of the key in bits.
|
||||||
It is a good idea to specify the key ID along with this command,
|
It is a good idea to specify the key ID along with this command,
|
||||||
using the <option>id</option> option, otherwise an intrinsic ID
|
using the <option>id</option> option, otherwise an intrinsic ID
|
||||||
will be calculated from the key material. Look the description of
|
will be calculated from the key material. Look the description of
|
||||||
the 'pkcs15-id-style' attribute in the 'pkcs15.profile' for the details
|
the 'pkcs15-id-style' attribute in the 'pkcs15.profile' for the details
|
||||||
about the algorithm used to calculate intrinsic ID.
|
about the algorithm used to calculate intrinsic ID.
|
||||||
For the multi-application cards the target PKCS#15 application can be
|
For the multi-application cards the target PKCS#15 application can be
|
||||||
specified by the hexadecimal AID value of the <option>aid</option> option.
|
specified by the hexadecimal AID value of the <option>aid</option> option.
|
||||||
</para>
|
</para>
|
||||||
</listitem>
|
</listitem>
|
||||||
</varlistentry>
|
</varlistentry>
|
||||||
|
@ -333,10 +333,10 @@
|
||||||
from <replaceable>filename</replaceable>. The file is supposed to
|
from <replaceable>filename</replaceable>. The file is supposed to
|
||||||
contain one long option per line, without the leading dashes,
|
contain one long option per line, without the leading dashes,
|
||||||
for instance:
|
for instance:
|
||||||
<programlisting>
|
<programlisting>
|
||||||
pin frank
|
pin frank
|
||||||
puk zappa
|
puk zappa
|
||||||
</programlisting>
|
</programlisting>
|
||||||
</para>
|
</para>
|
||||||
<para>
|
<para>
|
||||||
You can specify <option>--options-file</option> several times.
|
You can specify <option>--options-file</option> several times.
|
||||||
|
@ -530,6 +530,15 @@
|
||||||
</listitem>
|
</listitem>
|
||||||
</varlistentry>
|
</varlistentry>
|
||||||
|
|
||||||
|
<varlistentry>
|
||||||
|
<term>
|
||||||
|
<option>--wait</option>,
|
||||||
|
<option>-w</option>
|
||||||
|
</term>
|
||||||
|
<listitem><para>Causes <command>pkcs15-init</command> to
|
||||||
|
wait for a card insertion.</para></listitem>
|
||||||
|
</varlistentry>
|
||||||
|
|
||||||
<varlistentry>
|
<varlistentry>
|
||||||
<term>
|
<term>
|
||||||
<option>--use-pinpad</option>
|
<option>--use-pinpad</option>
|
||||||
|
|
|
@ -75,11 +75,18 @@
|
||||||
<listitem><para>List all card objects.</para></listitem>
|
<listitem><para>List all card objects.</para></listitem>
|
||||||
</varlistentry>
|
</varlistentry>
|
||||||
|
|
||||||
|
<varlistentry>
|
||||||
|
<term>
|
||||||
|
<option>--list-info</option>
|
||||||
|
</term>
|
||||||
|
<listitem><para>List card objects.</para></listitem>
|
||||||
|
</varlistentry>
|
||||||
|
|
||||||
<varlistentry>
|
<varlistentry>
|
||||||
<term>
|
<term>
|
||||||
<option>--list-applications</option>
|
<option>--list-applications</option>
|
||||||
</term>
|
</term>
|
||||||
<listitem><para>List the on-card PKCS#15 applications</para></listitem>
|
<listitem><para>List the on-card PKCS#15 applications.</para></listitem>
|
||||||
</varlistentry>
|
</varlistentry>
|
||||||
|
|
||||||
<varlistentry>
|
<varlistentry>
|
||||||
|
@ -115,6 +122,18 @@
|
||||||
In such a case the <option>--verify-pin</option> option has to be used.</para></listitem>
|
In such a case the <option>--verify-pin</option> option has to be used.</para></listitem>
|
||||||
</varlistentry>
|
</varlistentry>
|
||||||
|
|
||||||
|
<varlistentry>
|
||||||
|
<term>
|
||||||
|
<option>--list-secret-keys</option>
|
||||||
|
</term>
|
||||||
|
<listitem><para>List all secret (symmetric) keys stored on the token. General
|
||||||
|
information about each secret key is listed (eg. key name, id and
|
||||||
|
algorithm). Actual secret key values are not displayed.
|
||||||
|
For some cards the PKCS#15 attributes of the private keys are protected for reading
|
||||||
|
and need the authentication with the User PIN.
|
||||||
|
In such a case the <option>--verify-pin</option> option has to be used.</para></listitem>
|
||||||
|
</varlistentry>
|
||||||
|
|
||||||
<varlistentry>
|
<varlistentry>
|
||||||
<term>
|
<term>
|
||||||
<option>--list-pins</option>
|
<option>--list-pins</option>
|
||||||
|
@ -241,6 +260,22 @@
|
||||||
</listitem>
|
</listitem>
|
||||||
</varlistentry>
|
</varlistentry>
|
||||||
|
|
||||||
|
<varlistentry>
|
||||||
|
<term>
|
||||||
|
<option>--test-update</option>,
|
||||||
|
<option>-T</option>,
|
||||||
|
</term>
|
||||||
|
<listitem><para>Test if the card needs a security update</para></listitem>
|
||||||
|
</varlistentry>
|
||||||
|
|
||||||
|
<varlistentry>
|
||||||
|
<term>
|
||||||
|
<option>--update</option>,
|
||||||
|
<option>-U</option>,
|
||||||
|
</term>
|
||||||
|
<listitem><para>Update the card with a security update</para></listitem>
|
||||||
|
</varlistentry>
|
||||||
|
|
||||||
<varlistentry>
|
<varlistentry>
|
||||||
<term>
|
<term>
|
||||||
<option>--reader</option> <replaceable>num</replaceable>
|
<option>--reader</option> <replaceable>num</replaceable>
|
||||||
|
@ -269,6 +304,27 @@
|
||||||
in the OpenSC library.</para></listitem>
|
in the OpenSC library.</para></listitem>
|
||||||
</varlistentry>
|
</varlistentry>
|
||||||
|
|
||||||
|
<varlistentry>
|
||||||
|
<term>
|
||||||
|
<option>--pin</option> <replaceable>PIN</replaceable>
|
||||||
|
</term>
|
||||||
|
<listitem><para>Specify PIN</para></listitem>
|
||||||
|
</varlistentry>
|
||||||
|
|
||||||
|
<varlistentry>
|
||||||
|
<term>
|
||||||
|
<option>--puk</option> <replaceable>PUK</replaceable>
|
||||||
|
</term>
|
||||||
|
<listitem><para>Specify Unblock PIN</para></listitem>
|
||||||
|
</varlistentry>
|
||||||
|
|
||||||
|
<varlistentry>
|
||||||
|
<term>
|
||||||
|
<option>--new-pin</option> <replaceable>PIN</replaceable>
|
||||||
|
</term>
|
||||||
|
<listitem><para>Specify New PIN (when changing or unblocking)</para></listitem>
|
||||||
|
</varlistentry>
|
||||||
|
|
||||||
<varlistentry>
|
<varlistentry>
|
||||||
<term>
|
<term>
|
||||||
<option>--verify-pin</option>
|
<option>--verify-pin</option>
|
||||||
|
@ -277,6 +333,23 @@
|
||||||
(without 'auth-id' the first non-SO, non-Unblock PIN will be verified)</para></listitem>
|
(without 'auth-id' the first non-SO, non-Unblock PIN will be verified)</para></listitem>
|
||||||
</varlistentry>
|
</varlistentry>
|
||||||
|
|
||||||
|
<varlistentry>
|
||||||
|
<term>
|
||||||
|
<option>--test-session-pin</option>
|
||||||
|
</term>
|
||||||
|
<listitem><para>Equivalent to <option>--verify-pin</option>
|
||||||
|
with additional session PIN generation</para></listitem>
|
||||||
|
</varlistentry>
|
||||||
|
|
||||||
|
<varlistentry>
|
||||||
|
<term>
|
||||||
|
<option>--wait</option>,
|
||||||
|
<option>-w</option>
|
||||||
|
</term>
|
||||||
|
<listitem><para>Causes <command>pkcs15-tool</command> to
|
||||||
|
wait for a card insertion.</para></listitem>
|
||||||
|
</varlistentry>
|
||||||
|
|
||||||
<varlistentry>
|
<varlistentry>
|
||||||
<term>
|
<term>
|
||||||
<option>--use-pinpad</option>
|
<option>--use-pinpad</option>
|
||||||
|
|
Loading…
Reference in New Issue