manuals: added missing "Authors" section

This commit is contained in:
Frank Morgner 2018-05-08 08:25:15 +02:00
parent 99eed0aa82
commit 1798bbe692
16 changed files with 715 additions and 636 deletions

View File

@ -88,4 +88,10 @@ smart cards and similar security tokens based on Siemens Card/OS M4.
</variablelist> </variablelist>
</para> </para>
</refsect1> </refsect1>
<refsect1>
<title>Authors</title>
<para><command>cardos-tool</command> was written by
Andreas Jellinghaus <email>aj@dungeon.inka.de</email>.</para>
</refsect1>
</refentry> </refentry>

View File

@ -185,4 +185,10 @@
</para> </para>
</refsect1> </refsect1>
<refsect1>
<title>Authors</title>
<para><command>cryptoflex-tool</command> was written by
Juha Yrjölä <email>juha.yrjola@iki.fi</email>.</para>
</refsect1>
</refentry> </refentry>

View File

@ -124,10 +124,6 @@ to enable debug output in the opensc library.</para></listitem>
</para> </para>
</refsect1> </refsect1>
<refsect1>
<title>See also</title>
<para>opensc(7)</para>
</refsect1>
<refsect1> <refsect1>
<title>Authors</title> <title>Authors</title>
<para><command>dnie-tool</command> was written by <para><command>dnie-tool</command> was written by

View File

@ -120,4 +120,10 @@
</para> </para>
</refsect1> </refsect1>
<refsect1>
<title>Authors</title>
<para><command>gids-tool</command> was written by
Vincent Le Toux <email>vincent.letoux@mysmartlogon.com</email>.</para>
</refsect1>
</refentry> </refentry>

View File

@ -84,4 +84,10 @@
</variablelist> </variablelist>
</para> </para>
</refsect1> </refsect1>
<refsect1>
<title>Authors</title>
<para><command>iasecc-tool</command> was written by
Viktor Tarasov <email>viktor.tarasov@gmail.com</email>.</para>
</refsect1>
</refentry> </refentry>

View File

@ -97,408 +97,408 @@
</para> </para>
</refsect1> </refsect1>
<refsect1> <refsect1>
<title>Commands</title> <title>Commands</title>
<para> <para>
The following commands are supported at <command>opensc-explorer</command>'s The following commands are supported at <command>opensc-explorer</command>'s
interactive prompt or in script files passed via the command line parameter interactive prompt or in script files passed via the command line parameter
<replaceable class="parameter">SCRIPT</replaceable>. <replaceable class="parameter">SCRIPT</replaceable>.
<variablelist> <variablelist>
<varlistentry> <varlistentry>
<term> <term>
<command>apdu</command> <replaceable>hex-data</replaceable> <command>apdu</command> <replaceable>hex-data</replaceable>
</term> </term>
<listitem> <listitem>
<para>Send a custom APDU command <replaceable>hex-data</replaceable>.</para> <para>Send a custom APDU command <replaceable>hex-data</replaceable>.</para>
</listitem> </listitem>
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
<term> <term>
<command>asn1</command> <replaceable>file-id</replaceable> <command>asn1</command> <replaceable>file-id</replaceable>
</term> </term>
<listitem><para>Parse and print the ASN.1 encoded content of the file specified by <listitem><para>Parse and print the ASN.1 encoded content of the file specified by
<replaceable>file-id</replaceable>.</para></listitem> <replaceable>file-id</replaceable>.</para></listitem>
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
<term> <term>
<command>cat</command> [<replaceable>file-id</replaceable> | sfi:<replaceable>short-id</replaceable>] <command>cat</command> [<replaceable>file-id</replaceable> | sfi:<replaceable>short-id</replaceable>]
</term> </term>
<listitem><para>Print the contents of the currently selected EF or the contents <listitem><para>Print the contents of the currently selected EF or the contents
of a file specified by <replaceable>file-id</replaceable> or the short file id of a file specified by <replaceable>file-id</replaceable> or the short file id
<replaceable>short-id</replaceable>. <replaceable>short-id</replaceable>.
</para></listitem> </para></listitem>
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
<term> <term>
<command>cd</command> {.. | <replaceable>file-id</replaceable> | aid:<replaceable>DF-name</replaceable>} <command>cd</command> {.. | <replaceable>file-id</replaceable> | aid:<replaceable>DF-name</replaceable>}
</term> </term>
<listitem><para> <listitem><para>
Change to another DF specified by the argument passed. Change to another DF specified by the argument passed.
If the argument given is <literal>..</literal>, then move up one level in the If the argument given is <literal>..</literal>, then move up one level in the
file system hierarchy. file system hierarchy.
If it is <replaceable>file-id</replaceable>, which must be a DF directly If it is <replaceable>file-id</replaceable>, which must be a DF directly
beneath the current DF, then change to that DF. beneath the current DF, then change to that DF.
If it is an application identifier given as If it is an application identifier given as
<literal>aid:</literal><replaceable>DF-name</replaceable>, <literal>aid:</literal><replaceable>DF-name</replaceable>,
then jump to the MF of the application denoted by then jump to the MF of the application denoted by
<replaceable>DF-name</replaceable>. <replaceable>DF-name</replaceable>.
</para></listitem> </para></listitem>
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
<term> <term>
<command>change</command> CHV<replaceable>pin-ref</replaceable> [[<replaceable>old-pin</replaceable>] <replaceable>new-pin</replaceable>] <command>change</command> CHV<replaceable>pin-ref</replaceable> [[<replaceable>old-pin</replaceable>] <replaceable>new-pin</replaceable>]
</term> </term>
<listitem> <listitem>
<para>Change a PIN, where <replaceable>pin-ref</replaceable> is the PIN reference.</para> <para>Change a PIN, where <replaceable>pin-ref</replaceable> is the PIN reference.</para>
<para> <para>
Examples: Examples:
<variablelist> <variablelist>
<varlistentry> <varlistentry>
<term><code>change CHV2 00:00:00:00:00:00 "foobar"</code></term> <term><code>change CHV2 00:00:00:00:00:00 "foobar"</code></term>
<listitem><para> <listitem><para>
Change PIN <literal>CHV2</literal> Change PIN <literal>CHV2</literal>
to the new value <literal>foobar</literal>, to the new value <literal>foobar</literal>,
giving the old value <literal>00:00:00:00:00:00</literal>. giving the old value <literal>00:00:00:00:00:00</literal>.
</para></listitem> </para></listitem>
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
<term><code>change CHV2 "foobar"</code></term> <term><code>change CHV2 "foobar"</code></term>
<listitem><para> <listitem><para>
Set PIN <literal>CHV2</literal> Set PIN <literal>CHV2</literal>
to the new value <literal>foobar</literal>. to the new value <literal>foobar</literal>.
</para></listitem> </para></listitem>
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
<term><code>change CHV2</code></term> <term><code>change CHV2</code></term>
<listitem><para> <listitem><para>
Change PIN <literal>CHV2</literal> using the card reader's pinpad. Change PIN <literal>CHV2</literal> using the card reader's pinpad.
</para></listitem> </para></listitem>
</varlistentry> </varlistentry>
</variablelist> </variablelist>
</para> </para>
</listitem> </listitem>
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
<term> <term>
<command>create</command> <replaceable>file-id</replaceable> <replaceable>size</replaceable> <command>create</command> <replaceable>file-id</replaceable> <replaceable>size</replaceable>
</term> </term>
<listitem><para>Create a new EF. <replaceable>file-id</replaceable> specifies the <listitem><para>Create a new EF. <replaceable>file-id</replaceable> specifies the
id number and <replaceable>size</replaceable> is the size of the new file. id number and <replaceable>size</replaceable> is the size of the new file.
</para></listitem> </para></listitem>
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
<term> <term>
<command>debug</command> [<replaceable>level</replaceable>] <command>debug</command> [<replaceable>level</replaceable>]
</term> </term>
<listitem> <listitem>
<para>Set OpenSC debug level to <replaceable>level</replaceable>.</para> <para>Set OpenSC debug level to <replaceable>level</replaceable>.</para>
<para>If <replaceable>level</replaceable> is omitted the current debug level will be shown.</para> <para>If <replaceable>level</replaceable> is omitted the current debug level will be shown.</para>
</listitem> </listitem>
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
<term> <term>
<command>delete</command> <replaceable>file-id</replaceable> <command>delete</command> <replaceable>file-id</replaceable>
</term> </term>
<listitem><para>Remove the EF or DF specified by <replaceable>file-id</replaceable></para></listitem> <listitem><para>Remove the EF or DF specified by <replaceable>file-id</replaceable></para></listitem>
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
<term> <term>
<command>do_get</command> <replaceable>hex-tag</replaceable> [<replaceable>output</replaceable>] <command>do_get</command> <replaceable>hex-tag</replaceable> [<replaceable>output</replaceable>]
</term> </term>
<listitem> <listitem>
<para>Copy the internal card's 'tagged' data into the local file.</para> <para>Copy the internal card's 'tagged' data into the local file.</para>
<para>The local file is specified by <replaceable>output</replaceable> while the tag of <para>The local file is specified by <replaceable>output</replaceable> while the tag of
the card's data is specified by <replaceable>hex-tag</replaceable>. the card's data is specified by <replaceable>hex-tag</replaceable>.
</para> </para>
<para> <para>
If <replaceable>output</replaceable> is omitted, the name of the output file will be If <replaceable>output</replaceable> is omitted, the name of the output file will be
derived from <replaceable>hex-tag</replaceable>. derived from <replaceable>hex-tag</replaceable>.
</para> </para>
</listitem> </listitem>
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
<term> <term>
<command>do_put</command> <replaceable>hex-tag</replaceable> <replaceable>input</replaceable> <command>do_put</command> <replaceable>hex-tag</replaceable> <replaceable>input</replaceable>
</term> </term>
<listitem> <listitem>
<para>Update internal card's 'tagged' data. </para> <para>Update internal card's 'tagged' data. </para>
<para><replaceable>hex-tag</replaceable> is the tag of the card's data. <para><replaceable>hex-tag</replaceable> is the tag of the card's data.
<replaceable>input</replaceable> is the filename of the source file or the literal data presented as <replaceable>input</replaceable> is the filename of the source file or the literal data presented as
a sequence of hexadecimal values or <literal>"</literal> enclosed string. a sequence of hexadecimal values or <literal>"</literal> enclosed string.
</para> </para>
</listitem> </listitem>
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
<term> <term>
<command>echo</command> <replaceable>string</replaceable> ... <command>echo</command> <replaceable>string</replaceable> ...
</term> </term>
<listitem> <listitem>
<para>Print the <replaceable>string</replaceable>s given.</para> <para>Print the <replaceable>string</replaceable>s given.</para>
</listitem> </listitem>
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
<term> <term>
<command>erase</command> <command>erase</command>
</term> </term>
<listitem><para>Erase the card, if the card supports it.</para></listitem> <listitem><para>Erase the card, if the card supports it.</para></listitem>
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
<term> <term>
<command>get</command> <replaceable>file-id</replaceable> [<replaceable>output</replaceable>] <command>get</command> <replaceable>file-id</replaceable> [<replaceable>output</replaceable>]
</term> </term>
<listitem> <listitem>
<para>Copy an EF to a local file. The local file is specified <para>Copy an EF to a local file. The local file is specified
by <replaceable>output</replaceable> while the card file is specified by <replaceable>file-id</replaceable>. by <replaceable>output</replaceable> while the card file is specified by <replaceable>file-id</replaceable>.
</para> </para>
<para> <para>
If <replaceable>output</replaceable> is omitted, the name of the output file will be If <replaceable>output</replaceable> is omitted, the name of the output file will be
derived from the full card path to <replaceable>file-id</replaceable>. derived from the full card path to <replaceable>file-id</replaceable>.
</para> </para>
</listitem> </listitem>
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
<term> <term>
<command>info</command> [<replaceable>file-id</replaceable>] <command>info</command> [<replaceable>file-id</replaceable>]
</term> </term>
<listitem><para>Display attributes of a file specified by <replaceable>file-id</replaceable>. <listitem><para>Display attributes of a file specified by <replaceable>file-id</replaceable>.
If <replaceable>file-id</replaceable> is not supplied, If <replaceable>file-id</replaceable> is not supplied,
the attributes of the current file are printed.</para></listitem> the attributes of the current file are printed.</para></listitem>
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
<term> <term>
<command>ls</command> [<replaceable>pattern</replaceable> ...] <command>ls</command> [<replaceable>pattern</replaceable> ...]
</term> </term>
<listitem><para>List files in the current DF. <listitem><para>List files in the current DF.
If no <replaceable>pattern</replaceable> is given, then all files are listed. If no <replaceable>pattern</replaceable> is given, then all files are listed.
If one ore more <replaceable>pattern</replaceable>s are given, only files matching If one ore more <replaceable>pattern</replaceable>s are given, only files matching
at least one <replaceable>pattern</replaceable> are listed.</para></listitem> at least one <replaceable>pattern</replaceable> are listed.</para></listitem>
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
<term> <term>
<command>find</command> [<replaceable>start-id</replaceable> [<replaceable>end-id</replaceable>]] <command>find</command> [<replaceable>start-id</replaceable> [<replaceable>end-id</replaceable>]]
</term> </term>
<listitem><para>Find all files in the current DF. <listitem><para>Find all files in the current DF.
Files are found by selecting all file identifiers in the range from <replaceable>start-fid</replaceable> to <replaceable>end-fid</replaceable> (by default from 0000 to FFFF).</para></listitem> Files are found by selecting all file identifiers in the range from <replaceable>start-fid</replaceable> to <replaceable>end-fid</replaceable> (by default from 0000 to FFFF).</para></listitem>
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
<term> <term>
<command>find_tags</command> [<replaceable>start-tag</replaceable> [<replaceable>end-tag</replaceable>]] <command>find_tags</command> [<replaceable>start-tag</replaceable> [<replaceable>end-tag</replaceable>]]
</term> </term>
<listitem><para>Find all tags of data objects in the current context. <listitem><para>Find all tags of data objects in the current context.
Tags are found by using GET DATA in the range from <replaceable>start-tag</replaceable> to <replaceable>end-tag</replaceable> (by default from 0000 to FFFF).</para></listitem> Tags are found by using GET DATA in the range from <replaceable>start-tag</replaceable> to <replaceable>end-tag</replaceable> (by default from 0000 to FFFF).</para></listitem>
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
<term> <term>
<command>mkdir</command> <replaceable>file-id</replaceable> <replaceable>size</replaceable> <command>mkdir</command> <replaceable>file-id</replaceable> <replaceable>size</replaceable>
</term> </term>
<listitem><para>Create a DF. <replaceable>file-id</replaceable> specifies the id number <listitem><para>Create a DF. <replaceable>file-id</replaceable> specifies the id number
and <replaceable>size</replaceable> is the size of the new file.</para></listitem> and <replaceable>size</replaceable> is the size of the new file.</para></listitem>
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
<term> <term>
<command>put</command> <replaceable>file-id</replaceable> <replaceable>input</replaceable> <command>put</command> <replaceable>file-id</replaceable> <replaceable>input</replaceable>
</term> </term>
<listitem><para>Copy a local file to the card. The local file is specified <listitem><para>Copy a local file to the card. The local file is specified
by <replaceable>input</replaceable> while the card file is specified by <replaceable>file-id</replaceable>. by <replaceable>input</replaceable> while the card file is specified by <replaceable>file-id</replaceable>.
</para></listitem> </para></listitem>
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
<term> <term>
<command>quit</command> <command>quit</command>
</term> </term>
<listitem><para>Exit the program.</para></listitem> <listitem><para>Exit the program.</para></listitem>
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
<term> <term>
<command>random</command> <replaceable>count</replaceable> <command>random</command> <replaceable>count</replaceable>
</term> </term>
<listitem> <listitem>
<para>Generate random sequence of <replaceable>count</replaceable> bytes.</para> <para>Generate random sequence of <replaceable>count</replaceable> bytes.</para>
</listitem> </listitem>
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
<term> <term>
<command>rm</command> <replaceable>file-id</replaceable> <command>rm</command> <replaceable>file-id</replaceable>
</term> </term>
<listitem><para>Remove the EF or DF specified by <replaceable>file-id</replaceable></para></listitem> <listitem><para>Remove the EF or DF specified by <replaceable>file-id</replaceable></para></listitem>
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
<term> <term>
<command>unblock</command> CHV<replaceable>pin-ref</replaceable> [<replaceable>puk</replaceable> [<replaceable>new pin</replaceable>]] <command>unblock</command> CHV<replaceable>pin-ref</replaceable> [<replaceable>puk</replaceable> [<replaceable>new pin</replaceable>]]
</term> </term>
<listitem> <listitem>
<para> <para>
Unblock the PIN denoted by <replaceable>pin-ref</replaceable> Unblock the PIN denoted by <replaceable>pin-ref</replaceable>
using the PUK <replaceable>puk</replaceable>, and set potentially using the PUK <replaceable>puk</replaceable>, and set potentially
change its value to <replaceable>new pin</replaceable>. change its value to <replaceable>new pin</replaceable>.
</para> </para>
<para> <para>
PUK and PIN values can be a sequence of hexadecimal values, PUK and PIN values can be a sequence of hexadecimal values,
<literal>"</literal>-enclosed strings, empty (<literal>""</literal>), <literal>"</literal>-enclosed strings, empty (<literal>""</literal>),
or absent. or absent.
If they are absent, the values are read from the card reader's pin pad. If they are absent, the values are read from the card reader's pin pad.
</para> </para>
<para> <para>
Examples: Examples:
<variablelist> <variablelist>
<varlistentry> <varlistentry>
<term><code>unblock CHV2 00:00:00:00:00:00 "foobar"</code></term> <term><code>unblock CHV2 00:00:00:00:00:00 "foobar"</code></term>
<listitem><para> <listitem><para>
Unblock PIN <literal>CHV2</literal> using PUK Unblock PIN <literal>CHV2</literal> using PUK
<literal>00:00:00:00:00:00</literal> <literal>00:00:00:00:00:00</literal>
and set it to the new value <literal>foobar</literal>. and set it to the new value <literal>foobar</literal>.
</para></listitem> </para></listitem>
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
<term><code>unblock CHV2 00:00:00:00:00:00 ""</code></term> <term><code>unblock CHV2 00:00:00:00:00:00 ""</code></term>
<listitem><para> <listitem><para>
Unblock PIN <literal>CHV2</literal> using PUK Unblock PIN <literal>CHV2</literal> using PUK
<literal>00:00:00:00:00:00</literal> keeping the old value. <literal>00:00:00:00:00:00</literal> keeping the old value.
</para></listitem> </para></listitem>
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
<term><code>unblock CHV2 "" "foobar"</code></term> <term><code>unblock CHV2 "" "foobar"</code></term>
<listitem><para> <listitem><para>
Set new value of PIN <literal>CHV2</literal> Set new value of PIN <literal>CHV2</literal>
to <literal>foobar</literal>. to <literal>foobar</literal>.
</para></listitem> </para></listitem>
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
<term><code>unblock CHV2 00:00:00:00:00:00</code></term> <term><code>unblock CHV2 00:00:00:00:00:00</code></term>
<listitem><para> <listitem><para>
Unblock PIN <literal>CHV2</literal> using PUK Unblock PIN <literal>CHV2</literal> using PUK
<literal>00:00:00:00:00:00</literal>. <literal>00:00:00:00:00:00</literal>.
The new PIN value is prompted by pinpad. The new PIN value is prompted by pinpad.
</para></listitem> </para></listitem>
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
<term><code>unblock CHV2 ""</code></term> <term><code>unblock CHV2 ""</code></term>
<listitem><para> <listitem><para>
Set PIN <literal>CHV2</literal>. Set PIN <literal>CHV2</literal>.
The new PIN value is prompted by pinpad. The new PIN value is prompted by pinpad.
</para></listitem> </para></listitem>
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
<term><code>unblock CHV2</code></term> <term><code>unblock CHV2</code></term>
<listitem><para> <listitem><para>
Unblock PIN <literal>CHV2</literal>. Unblock PIN <literal>CHV2</literal>.
The unblock code and new PIN value are prompted by pinpad. The unblock code and new PIN value are prompted by pinpad.
</para></listitem> </para></listitem>
</varlistentry> </varlistentry>
</variablelist> </variablelist>
</para> </para>
</listitem> </listitem>
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
<term> <term>
<command>update_binary</command> <replaceable>file-id</replaceable> <replaceable>offs</replaceable> <replaceable>data</replaceable> <command>update_binary</command> <replaceable>file-id</replaceable> <replaceable>offs</replaceable> <replaceable>data</replaceable>
</term> </term>
<listitem> <listitem>
<para>Binary update of the file specified by <para>Binary update of the file specified by
<replaceable>file-id</replaceable> with the literal data <replaceable>file-id</replaceable> with the literal data
<replaceable>data</replaceable> starting from offset specified <replaceable>data</replaceable> starting from offset specified
by <replaceable>offs</replaceable>.</para> by <replaceable>offs</replaceable>.</para>
<para><replaceable>data</replaceable> can be supplied as a sequencer <para><replaceable>data</replaceable> can be supplied as a sequencer
of the hex values or as a <literal>"</literal> enclosed string. </para> of the hex values or as a <literal>"</literal> enclosed string. </para>
</listitem> </listitem>
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
<term> <term>
<command>update_record</command> <replaceable>file-id</replaceable> <replaceable>rec-nr</replaceable> <replaceable>rec-offs</replaceable> <replaceable>data</replaceable> <command>update_record</command> <replaceable>file-id</replaceable> <replaceable>rec-nr</replaceable> <replaceable>rec-offs</replaceable> <replaceable>data</replaceable>
</term> </term>
<listitem> <listitem>
<para>Update record specified by <replaceable>rec-nr</replaceable> of the file <para>Update record specified by <replaceable>rec-nr</replaceable> of the file
specified by <replaceable>file-id</replaceable> with the literal data specified by <replaceable>file-id</replaceable> with the literal data
<replaceable>data</replaceable> starting from offset specified by <replaceable>data</replaceable> starting from offset specified by
<replaceable>rec-offs</replaceable>.</para> <replaceable>rec-offs</replaceable>.</para>
<para><replaceable>data</replaceable> can be supplied as a sequence of the hex values or <para><replaceable>data</replaceable> can be supplied as a sequence of the hex values or
as a <literal>"</literal> enclosed string. </para> as a <literal>"</literal> enclosed string. </para>
</listitem> </listitem>
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
<term> <term>
<command>verify</command> <replaceable>key-type</replaceable> <replaceable>key-id</replaceable> [<replaceable>key</replaceable>] <command>verify</command> <replaceable>key-type</replaceable> <replaceable>key-id</replaceable> [<replaceable>key</replaceable>]
</term> </term>
<listitem><para>Present a PIN or key to the card, where <listitem><para>Present a PIN or key to the card, where
<replaceable>key-type</replaceable> can be one of <literal>CHV</literal>, <replaceable>key-type</replaceable> can be one of <literal>CHV</literal>,
<literal>KEY</literal>, <literal>AUT</literal> or <literal>PRO</literal>. <literal>KEY</literal>, <literal>AUT</literal> or <literal>PRO</literal>.
<replaceable>key-id</replaceable> is a number representing the key or PIN reference. <replaceable>key-id</replaceable> is a number representing the key or PIN reference.
<replaceable>key</replaceable> is the key or PIN to be verified, formatted as a <replaceable>key</replaceable> is the key or PIN to be verified, formatted as a
colon-separated list of hex values or a <literal>"</literal> enclosed string. colon-separated list of hex values or a <literal>"</literal> enclosed string.
</para> </para>
<para> <para>
If <replaceable>key</replaceable> is omitted, the exact action depends on the If <replaceable>key</replaceable> is omitted, the exact action depends on the
card reader's features: if the card readers supports PIN input via a pin pad, card reader's features: if the card readers supports PIN input via a pin pad,
then the PIN will be verified using the card reader's pin pad. then the PIN will be verified using the card reader's pin pad.
If the card reader does not support PIN input, then the PIN will be asked If the card reader does not support PIN input, then the PIN will be asked
interactively. interactively.
</para> </para>
<para> <para>
Examples: Examples:
<variablelist> <variablelist>
<varlistentry> <varlistentry>
<term><code>verify CHV0 31:32:33:34:00:00:00:00</code></term> <term><code>verify CHV0 31:32:33:34:00:00:00:00</code></term>
<listitem><para> <listitem><para>
Verify <literal>CHV2</literal> using the hex value Verify <literal>CHV2</literal> using the hex value
<literal>31:32:33:34:00:00:00:00</literal> <literal>31:32:33:34:00:00:00:00</literal>
</para></listitem> </para></listitem>
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
<term><code>verify CHV1 "secret"</code></term> <term><code>verify CHV1 "secret"</code></term>
<listitem><para> <listitem><para>
Verify <literal>CHV1</literal> Verify <literal>CHV1</literal>
using the string value <literal>secret</literal>. using the string value <literal>secret</literal>.
</para></listitem> </para></listitem>
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
<term><code>verify KEY2</code></term> <term><code>verify KEY2</code></term>
<listitem><para> <listitem><para>
Verify <literal>KEY2</literal>, Verify <literal>KEY2</literal>,
get the value from the card reader's pin pad. get the value from the card reader's pin pad.
</para></listitem> </para></listitem>
</varlistentry> </varlistentry>
</variablelist> </variablelist>
</para> </para>
</listitem> </listitem>
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
<term> <term>
<command>sm</command> <replaceable>[open]</replaceable>|<replaceable>[close]</replaceable> <command>sm</command> <replaceable>[open]</replaceable>|<replaceable>[close]</replaceable>
</term> </term>
<listitem> <listitem>
<para>Calls the card's <replaceable>open</replaceable> or <replaceable>close</replaceable> Secure Messaging handler.</para> <para>Calls the card's <replaceable>open</replaceable> or <replaceable>close</replaceable> Secure Messaging handler.</para>
</listitem> </listitem>
</varlistentry> </varlistentry>
</variablelist> </variablelist>
</para> </para>
</refsect1> </refsect1>
<refsect1> <refsect1>
<title>See also</title> <title>See also</title>
@ -510,4 +510,10 @@
</para> </para>
</refsect1> </refsect1>
<refsect1>
<title>Authors</title>
<para><command>opensc-explorer</command> was written by
Juha Yrjölä <email>juha.yrjola@iki.fi</email>.</para>
</refsect1>
</refentry> </refentry>

View File

@ -175,4 +175,10 @@
</para> </para>
</refsect1> </refsect1>
<refsect1>
<title>Authors</title>
<para><command>opensc-tool</command> was written by
Juha Yrjölä <email>juha.yrjola@iki.fi</email>.</para>
</refsect1>
</refentry> </refentry>

View File

@ -201,4 +201,10 @@
</para> </para>
</refsect1> </refsect1>
<refsect1>
<title>Authors</title>
<para><command>piv-tool</command> was written by
Douglas E. Engert <email>deengert@gmail.com</email>.</para>
</refsect1>
</refentry> </refentry>

View File

@ -581,4 +581,10 @@
</para> </para>
</refsect1> </refsect1>
<refsect1>
<title>Authors</title>
<para><command>pkcs11-tool</command> was written by
Olaf Kirch <email>okir@suse.de</email>.</para>
</refsect1>
</refentry> </refentry>

View File

@ -224,4 +224,10 @@
</para> </para>
</refsect1> </refsect1>
<refsect1>
<title>Authors</title>
<para><command>pkcs15-crypt</command> was written by
Juha Yrjölä <email>juha.yrjola@iki.fi</email>.</para>
</refsect1>
</refentry> </refentry>

View File

@ -357,8 +357,8 @@
contain one long option per line, without the leading dashes, contain one long option per line, without the leading dashes,
for instance: for instance:
<programlisting> <programlisting>
pin 1234 pin 1234
puk 87654321 puk 87654321
</programlisting> </programlisting>
</para> </para>
<para> <para>
@ -921,4 +921,10 @@
</para> </para>
</refsect1> </refsect1>
<refsect1>
<title>Authors</title>
<para><command>pkcs15-init</command> was written by
Olaf Kirch <email>okir@suse.de</email>.</para>
</refsect1>
</refentry> </refentry>

View File

@ -380,4 +380,10 @@
</para> </para>
</refsect1> </refsect1>
<refsect1>
<title>Authors</title>
<para><command>pkcs15-tool</command> was written by
Juha Yrjölä <email>juha.yrjola@iki.fi</email>.</para>
</refsect1>
</refentry> </refentry>

View File

@ -263,4 +263,10 @@
</para> </para>
</refsect1> </refsect1>
<refsect1>
<title>Authors</title>
<para><command>sc-hsm-tool</command> was written by
Andreas Schwier <email>andreas.schwier@cardcontact.de</email>.</para>
</refsect1>
</refentry> </refentry>

View File

@ -43,7 +43,7 @@ span.errortext {
font-style: italic; font-style: italic;
} }
--></style></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="book"><div class="titlepage"><div><div><h1 class="title"><a name="idm1"></a>OpenSC Manuals</h1></div></div><hr></div><div class="toc"><p><b>Table of Contents</b></p><dl class="toc"><dt><span class="reference"><a href="#idm3">I. OpenSC tools</a></span></dt><dt><span class="reference"><a href="#idm3564">II. OpenSC file formats</a></span></dt></dl></div><div class="reference"><div class="titlepage"><div><div><h1 class="title"><a name="idm3"></a>OpenSC tools</h1></div></div><hr></div><div class="toc"><p><b>Table of Contents</b></p><dl class="toc"><dt><span class="refentrytitle"><a href="#cardos-tool">cardos-tool</a></span><span class="refpurpose"> &#8212; displays information about Card OS-based security tokens or format them --></style></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="book"><div class="titlepage"><div><div><h1 class="title"><a name="idm1"></a>OpenSC Manuals</h1></div></div><hr></div><div class="toc"><p><b>Table of Contents</b></p><dl class="toc"><dt><span class="reference"><a href="#idm3">I. OpenSC tools</a></span></dt><dt><span class="reference"><a href="#idm3621">II. OpenSC file formats</a></span></dt></dl></div><div class="reference"><div class="titlepage"><div><div><h1 class="title"><a name="idm3"></a>OpenSC tools</h1></div></div><hr></div><div class="toc"><p><b>Table of Contents</b></p><dl class="toc"><dt><span class="refentrytitle"><a href="#cardos-tool">cardos-tool</a></span><span class="refpurpose"> &#8212; displays information about Card OS-based security tokens or format them
</span></dt><dt><span class="refentrytitle"><a href="#cryptoflex-tool">cryptoflex-tool</a></span><span class="refpurpose"> &#8212; utility for manipulating Schlumberger Cryptoflex data structures</span></dt><dt><span class="refentrytitle"><a href="#dnie-tool">dnie-tool</a></span><span class="refpurpose"> &#8212; displays information about DNIe based security tokens</span></dt><dt><span class="refentrytitle"><a href="#eidenv">eidenv</a></span><span class="refpurpose"> &#8212; utility for accessing visible data from </span></dt><dt><span class="refentrytitle"><a href="#cryptoflex-tool">cryptoflex-tool</a></span><span class="refpurpose"> &#8212; utility for manipulating Schlumberger Cryptoflex data structures</span></dt><dt><span class="refentrytitle"><a href="#dnie-tool">dnie-tool</a></span><span class="refpurpose"> &#8212; displays information about DNIe based security tokens</span></dt><dt><span class="refentrytitle"><a href="#eidenv">eidenv</a></span><span class="refpurpose"> &#8212; utility for accessing visible data from
electronic identity cards</span></dt><dt><span class="refentrytitle"><a href="#gids-tool">gids-tool</a></span><span class="refpurpose"> &#8212; smart card utility for GIDS cards</span></dt><dt><span class="refentrytitle"><a href="#netkey-tool">netkey-tool</a></span><span class="refpurpose"> &#8212; administrative utility for Netkey E4 cards</span></dt><dt><span class="refentrytitle"><a href="#cardos-tool">iasecc-tool</a></span><span class="refpurpose"> &#8212; displays information about IAS/ECC card electronic identity cards</span></dt><dt><span class="refentrytitle"><a href="#gids-tool">gids-tool</a></span><span class="refpurpose"> &#8212; smart card utility for GIDS cards</span></dt><dt><span class="refentrytitle"><a href="#netkey-tool">netkey-tool</a></span><span class="refpurpose"> &#8212; administrative utility for Netkey E4 cards</span></dt><dt><span class="refentrytitle"><a href="#cardos-tool">iasecc-tool</a></span><span class="refpurpose"> &#8212; displays information about IAS/ECC card
</span></dt><dt><span class="refentrytitle"><a href="#openpgp-tool">openpgp-tool</a></span><span class="refpurpose"> &#8212; utility for accessing visible data OpenPGP smart cards </span></dt><dt><span class="refentrytitle"><a href="#openpgp-tool">openpgp-tool</a></span><span class="refpurpose"> &#8212; utility for accessing visible data OpenPGP smart cards
@ -84,12 +84,13 @@ smart cards and similar security tokens based on Siemens Card/OS M4.
<code class="option">-w</code> <code class="option">-w</code>
</span></dt><dd><p>Causes <span class="command"><strong>cardos-tool</strong></span> to wait for the token </span></dt><dd><p>Causes <span class="command"><strong>cardos-tool</strong></span> to wait for the token
to be inserted into reader.</p></dd></dl></div><p> to be inserted into reader.</p></dd></dl></div><p>
</p></div></div><div class="refentry"><div class="refentry.separator"><hr></div><a name="cryptoflex-tool"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>cryptoflex-tool &#8212; utility for manipulating Schlumberger Cryptoflex data structures</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">cryptoflex-tool</code> [<em class="replaceable"><code>OPTIONS</code></em>]</p></div></div><div class="refsect1"><a name="idm88"></a><h2>Description</h2><p> </p></div><div class="refsect1"><a name="idm73"></a><h2>Authors</h2><p><span class="command"><strong>cardos-tool</strong></span> was written by
Andreas Jellinghaus <code class="email">&lt;<a class="email" href="mailto:aj@dungeon.inka.de">aj@dungeon.inka.de</a>&gt;</code>.</p></div></div><div class="refentry"><div class="refentry.separator"><hr></div><a name="cryptoflex-tool"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>cryptoflex-tool &#8212; utility for manipulating Schlumberger Cryptoflex data structures</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">cryptoflex-tool</code> [<em class="replaceable"><code>OPTIONS</code></em>]</p></div></div><div class="refsect1"><a name="idm93"></a><h2>Description</h2><p>
<span class="command"><strong>cryptoflex-tool</strong></span> is used to manipulate PKCS <span class="command"><strong>cryptoflex-tool</strong></span> is used to manipulate PKCS
data structures on Schlumberger Cryptoflex smart cards. Users data structures on Schlumberger Cryptoflex smart cards. Users
can create, list and read PINs and keys stored on the smart card. can create, list and read PINs and keys stored on the smart card.
User PIN authentication is performed for those operations that require it. User PIN authentication is performed for those operations that require it.
</p></div><div class="refsect1"><a name="idm92"></a><h2>Options</h2><p> </p></div><div class="refsect1"><a name="idm97"></a><h2>Options</h2><p>
</p><div class="variablelist"><dl class="variablelist"><dt><span class="term"> </p><div class="variablelist"><dl class="variablelist"><dt><span class="term">
<code class="option">--app-df</code> <em class="replaceable"><code>num</code></em>, <code class="option">--app-df</code> <em class="replaceable"><code>num</code></em>,
<code class="option">-a</code> <em class="replaceable"><code>num</code></em> <code class="option">-a</code> <em class="replaceable"><code>num</code></em>
@ -151,11 +152,12 @@ smart cards and similar security tokens based on Siemens Card/OS M4.
<code class="option">-w</code> <code class="option">-w</code>
</span></dt><dd><p>Causes <span class="command"><strong>cryptoflex-tool</strong></span> to </span></dt><dd><p>Causes <span class="command"><strong>cryptoflex-tool</strong></span> to
wait for a card insertion.</p></dd></dl></div><p> wait for a card insertion.</p></dd></dl></div><p>
</p></div><div class="refsect1"><a name="idm213"></a><h2>See also</h2><p> </p></div><div class="refsect1"><a name="idm218"></a><h2>See also</h2><p>
<span class="citerefentry"><span class="refentrytitle">pkcs15-tool</span>(1)</span> <span class="citerefentry"><span class="refentrytitle">pkcs15-tool</span>(1)</span>
</p></div></div><div class="refentry"><div class="refentry.separator"><hr></div><a name="dnie-tool"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>dnie-tool &#8212; displays information about DNIe based security tokens</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">dnie-tool</code> [<em class="replaceable"><code>OPTIONS</code></em>]</p></div></div><div class="refsect1"><a name="idm234"></a><h2>Description</h2><p> </p></div><div class="refsect1"><a name="idm224"></a><h2>Authors</h2><p><span class="command"><strong>cryptoflex-tool</strong></span> was written by
Juha Yrjölä <code class="email">&lt;<a class="email" href="mailto:juha.yrjola@iki.fi">juha.yrjola@iki.fi</a>&gt;</code>.</p></div></div><div class="refentry"><div class="refentry.separator"><hr></div><a name="dnie-tool"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>dnie-tool &#8212; displays information about DNIe based security tokens</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">dnie-tool</code> [<em class="replaceable"><code>OPTIONS</code></em>]</p></div></div><div class="refsect1"><a name="idm244"></a><h2>Description</h2><p>
The <span class="command"><strong>dnie-tool</strong></span> utility is used to display additional information about DNIe, the Spanish National eID card. The <span class="command"><strong>dnie-tool</strong></span> utility is used to display additional information about DNIe, the Spanish National eID card.
</p></div><div class="refsect1"><a name="idm238"></a><h2>Options</h2><p> </p></div><div class="refsect1"><a name="idm248"></a><h2>Options</h2><p>
</p><div class="variablelist"><dl class="variablelist"><dt><span class="term"> </p><div class="variablelist"><dl class="variablelist"><dt><span class="term">
<code class="option">--idesp</code>, <code class="option">--idesp</code>,
<code class="option">-i</code> <code class="option">-i</code>
@ -203,16 +205,16 @@ smart cards and similar security tokens based on Siemens Card/OS M4.
</span></dt><dd><p>Causes <span class="command"><strong>dnie-tool</strong></span> to be more verbose. </span></dt><dd><p>Causes <span class="command"><strong>dnie-tool</strong></span> to be more verbose.
Specify this flag several times Specify this flag several times
to enable debug output in the opensc library.</p></dd></dl></div><p> to enable debug output in the opensc library.</p></dd></dl></div><p>
</p></div><div class="refsect1"><a name="idm315"></a><h2>See also</h2><p>opensc(7)</p></div><div class="refsect1"><a name="idm318"></a><h2>Authors</h2><p><span class="command"><strong>dnie-tool</strong></span> was written by </p></div><div class="refsect1"><a name="idm325"></a><h2>Authors</h2><p><span class="command"><strong>dnie-tool</strong></span> was written by
Juan Antonio Martinez <code class="email">&lt;<a class="email" href="mailto:jonsito@terra.es">jonsito@terra.es</a>&gt;</code>.</p></div></div><div class="refentry"><div class="refentry.separator"><hr></div><a name="eidenv"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>eidenv &#8212; utility for accessing visible data from Juan Antonio Martinez <code class="email">&lt;<a class="email" href="mailto:jonsito@terra.es">jonsito@terra.es</a>&gt;</code>.</p></div></div><div class="refentry"><div class="refentry.separator"><hr></div><a name="eidenv"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>eidenv &#8212; utility for accessing visible data from
electronic identity cards</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">eidenv</code> [<em class="replaceable"><code>OPTIONS</code></em>]</p></div></div><div class="refsect1"><a name="idm338"></a><h2>Description</h2><p> electronic identity cards</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">eidenv</code> [<em class="replaceable"><code>OPTIONS</code></em>]</p></div></div><div class="refsect1"><a name="idm345"></a><h2>Description</h2><p>
The <span class="command"><strong>eidenv</strong></span> utility is used for The <span class="command"><strong>eidenv</strong></span> utility is used for
accessing data from electronic identity cards (like accessing data from electronic identity cards (like
national eID cards) which might not be present in national eID cards) which might not be present in
PKCS#15 objects but available in custom files on the PKCS#15 objects but available in custom files on the
card. The data can be printed on screen or used by card. The data can be printed on screen or used by
other programs via environment variables. other programs via environment variables.
</p></div><div class="refsect1"><a name="idm342"></a><h2>Options</h2><p> </p></div><div class="refsect1"><a name="idm349"></a><h2>Options</h2><p>
</p><div class="variablelist"><dl class="variablelist"><dt><span class="term"> </p><div class="variablelist"><dl class="variablelist"><dt><span class="term">
<code class="option">--exec</code> <em class="replaceable"><code>prog</code></em>, <code class="option">--exec</code> <em class="replaceable"><code>prog</code></em>,
<code class="option">-x</code> <em class="replaceable"><code>prog</code></em> <code class="option">-x</code> <em class="replaceable"><code>prog</code></em>
@ -245,11 +247,11 @@ to enable debug output in the opensc library.</p></dd></dl></div><p>
<code class="option">--wait</code>, <code class="option">--wait</code>,
<code class="option">-w</code> <code class="option">-w</code>
</span></dt><dd><p>Wait for a card to be inserted</p></dd></dl></div><p> </span></dt><dd><p>Wait for a card to be inserted</p></dd></dl></div><p>
</p></div><div class="refsect1"><a name="idm393"></a><h2>Authors</h2><p><span class="command"><strong>eidenv</strong></span> utility was written by </p></div><div class="refsect1"><a name="idm400"></a><h2>Authors</h2><p><span class="command"><strong>eidenv</strong></span> utility was written by
Stef Hoeben and Martin Paljak <code class="email">&lt;<a class="email" href="mailto:martin@martinpaljak.net">martin@martinpaljak.net</a>&gt;</code>.</p></div></div><div class="refentry"><div class="refentry.separator"><hr></div><a name="gids-tool"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>gids-tool &#8212; smart card utility for GIDS cards</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">gids-tool</code> [<em class="replaceable"><code>OPTIONS</code></em>]</p></div></div><div class="refsect1"><a name="idm413"></a><p> Stef Hoeben and Martin Paljak <code class="email">&lt;<a class="email" href="mailto:martin@martinpaljak.net">martin@martinpaljak.net</a>&gt;</code>.</p></div></div><div class="refentry"><div class="refentry.separator"><hr></div><a name="gids-tool"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>gids-tool &#8212; smart card utility for GIDS cards</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">gids-tool</code> [<em class="replaceable"><code>OPTIONS</code></em>]</p></div></div><div class="refsect1"><a name="idm420"></a><p>
The <span class="command"><strong>gids-tool</strong></span> utility can be used from the command line to perform The <span class="command"><strong>gids-tool</strong></span> utility can be used from the command line to perform
miscellaneous smart card operations on a GIDS smart card. miscellaneous smart card operations on a GIDS smart card.
</p></div><div class="refsect1"><a name="idm416"></a><h2>Options</h2><p> </p></div><div class="refsect1"><a name="idm423"></a><h2>Options</h2><p>
</p><div class="variablelist"><dl class="variablelist"><dt><span class="term"> </p><div class="variablelist"><dl class="variablelist"><dt><span class="term">
<code class="option">-X</code>, <code class="option">-X</code>,
<code class="option">--initialize</code> <code class="option">--initialize</code>
@ -284,13 +286,14 @@ to enable debug output in the opensc library.</p></dd></dl></div><p>
<code class="option">--verbose</code> <code class="option">--verbose</code>
</span></dt><dd><p>Verbose operation. Use several times to </span></dt><dd><p>Verbose operation. Use several times to
enable debug output.</p></dd></dl></div><p> enable debug output.</p></dd></dl></div><p>
</p></div><div class="refsect1"><a name="idm483"></a><h2>See also</h2><p> </p></div><div class="refsect1"><a name="idm490"></a><h2>See also</h2><p>
<span class="citerefentry"><span class="refentrytitle">opensc-tool</span>(1)</span> <span class="citerefentry"><span class="refentrytitle">opensc-tool</span>(1)</span>
</p></div></div><div class="refentry"><div class="refentry.separator"><hr></div><a name="netkey-tool"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>netkey-tool &#8212; administrative utility for Netkey E4 cards</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">netkey-tool</code> [<em class="replaceable"><code>OPTIONS</code></em>] [<em class="replaceable"><code>COMMAND</code></em>]</p></div></div><div class="refsect1"><a name="idm506"></a><h2>Description</h2><p>The <span class="command"><strong>netkey-tool</strong></span> utility can be used from the </p></div><div class="refsect1"><a name="idm496"></a><h2>Authors</h2><p><span class="command"><strong>gids-tool</strong></span> was written by
Vincent Le Toux <code class="email">&lt;<a class="email" href="mailto:vincent.letoux@mysmartlogon.com">vincent.letoux@mysmartlogon.com</a>&gt;</code>.</p></div></div><div class="refentry"><div class="refentry.separator"><hr></div><a name="netkey-tool"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>netkey-tool &#8212; administrative utility for Netkey E4 cards</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">netkey-tool</code> [<em class="replaceable"><code>OPTIONS</code></em>] [<em class="replaceable"><code>COMMAND</code></em>]</p></div></div><div class="refsect1"><a name="idm518"></a><h2>Description</h2><p>The <span class="command"><strong>netkey-tool</strong></span> utility can be used from the
command line to perform some smart card operations with NetKey E4 cards command line to perform some smart card operations with NetKey E4 cards
that cannot be done easily with other OpenSC-tools, such as changing local that cannot be done easily with other OpenSC-tools, such as changing local
PINs, storing certificates into empty NetKey E4 cert-files or displaying PINs, storing certificates into empty NetKey E4 cert-files or displaying
the initial PUK-value.</p></div><div class="refsect1"><a name="idm510"></a><h2>Options</h2><p> the initial PUK-value.</p></div><div class="refsect1"><a name="idm522"></a><h2>Options</h2><p>
</p><div class="variablelist"><dl class="variablelist"><dt><span class="term"> </p><div class="variablelist"><dl class="variablelist"><dt><span class="term">
<code class="option">--help</code>, <code class="option">--help</code>,
<code class="option">-h</code> <code class="option">-h</code>
@ -318,11 +321,11 @@ to enable debug output in the opensc library.</p></dd></dl></div><p>
<code class="option">-v</code> <code class="option">-v</code>
</span></dt><dd><p>Causes <span class="command"><strong>netkey-tool</strong></span> to be more verbose. This </span></dt><dd><p>Causes <span class="command"><strong>netkey-tool</strong></span> to be more verbose. This
options may be specified multiple times to increase verbosity.</p></dd></dl></div><p> options may be specified multiple times to increase verbosity.</p></dd></dl></div><p>
</p></div><div class="refsect1"><a name="idm567"></a><h2>PIN format</h2><p>With the <code class="option">-p</code>, <code class="option">-u</code>, <code class="option">-0</code> or the <code class="option">-1</code> </p></div><div class="refsect1"><a name="idm579"></a><h2>PIN format</h2><p>With the <code class="option">-p</code>, <code class="option">-u</code>, <code class="option">-0</code> or the <code class="option">-1</code>
one of the cards pins may be specified. You may use plain ascii-strings (i.e. 123456) or a hex-string one of the cards pins may be specified. You may use plain ascii-strings (i.e. 123456) or a hex-string
(i.e. 31:32:33:34:35:36). A hex-string must consist of exactly n 2-digit hexnumbers separated by n-1 colons. (i.e. 31:32:33:34:35:36). A hex-string must consist of exactly n 2-digit hexnumbers separated by n-1 colons.
Otherwise it will be interpreted as an ascii string. For example :12:34: and 1:2:3:4 are both pins of Otherwise it will be interpreted as an ascii string. For example :12:34: and 1:2:3:4 are both pins of
length 7, while 12:34 and 01:02:03:04 are pins of length 2 and 4.</p></div><div class="refsect1"><a name="idm574"></a><h2>Commands</h2><p>When used without any options or commands, <span class="command"><strong>netkey-tool</strong></span> will length 7, while 12:34 and 01:02:03:04 are pins of length 2 and 4.</p></div><div class="refsect1"><a name="idm586"></a><h2>Commands</h2><p>When used without any options or commands, <span class="command"><strong>netkey-tool</strong></span> will
display information about the smart cards pins and certificates. This will not change display information about the smart cards pins and certificates. This will not change
your card in any aspect (assumed there are no bugs in <span class="command"><strong>netkey-tool</strong></span>). your card in any aspect (assumed there are no bugs in <span class="command"><strong>netkey-tool</strong></span>).
In particular the tries-left counters of the pins are investigated without doing In particular the tries-left counters of the pins are investigated without doing
@ -364,13 +367,13 @@ to enable debug output in the opensc library.</p></dd></dl></div><p>
</span></dt><dd><p>This unblocks the specified pin. You must specify another pin </span></dt><dd><p>This unblocks the specified pin. You must specify another pin
to be able to do this and if you don't specify a correct one, to be able to do this and if you don't specify a correct one,
<span class="command"><strong>netkey-tool</strong></span> will tell you which one is needed.</p></dd></dl></div><p> <span class="command"><strong>netkey-tool</strong></span> will tell you which one is needed.</p></dd></dl></div><p>
</p></div><div class="refsect1"><a name="idm635"></a><h2>See also</h2><p> </p></div><div class="refsect1"><a name="idm647"></a><h2>See also</h2><p>
<span class="citerefentry"><span class="refentrytitle">opensc-explorer</span>(1)</span> <span class="citerefentry"><span class="refentrytitle">opensc-explorer</span>(1)</span>
</p></div><div class="refsect1"><a name="idm641"></a><h2>Authors</h2><p><span class="command"><strong>netkey-tool</strong></span> was written by </p></div><div class="refsect1"><a name="idm653"></a><h2>Authors</h2><p><span class="command"><strong>netkey-tool</strong></span> was written by
Peter Koch <code class="email">&lt;<a class="email" href="mailto:pk_opensc@web.de">pk_opensc@web.de</a>&gt;</code>.</p></div></div><div class="refentry"><div class="refentry.separator"><hr></div><a name="cardos-tool"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>iasecc-tool &#8212; displays information about IAS/ECC card Peter Koch <code class="email">&lt;<a class="email" href="mailto:pk_opensc@web.de">pk_opensc@web.de</a>&gt;</code>.</p></div></div><div class="refentry"><div class="refentry.separator"><hr></div><a name="cardos-tool"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>iasecc-tool &#8212; displays information about IAS/ECC card
</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">iasecc-tool</code> [<em class="replaceable"><code>OPTIONS</code></em>]</p></div></div><div class="refsect1"><a name="idm661"></a><h2>Description</h2><p> </p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">iasecc-tool</code> [<em class="replaceable"><code>OPTIONS</code></em>]</p></div></div><div class="refsect1"><a name="idm673"></a><h2>Description</h2><p>
The <span class="command"><strong>iasecc-tool</strong></span> utility is used to display information about IAS/ECC v1.0.1 smart cards. The <span class="command"><strong>iasecc-tool</strong></span> utility is used to display information about IAS/ECC v1.0.1 smart cards.
</p></div><div class="refsect1"><a name="idm665"></a><h2>Options</h2><p> </p></div><div class="refsect1"><a name="idm677"></a><h2>Options</h2><p>
</p><div class="variablelist"><dl class="variablelist"><dt><span class="term"> </p><div class="variablelist"><dl class="variablelist"><dt><span class="term">
<code class="option">--reader</code> <em class="replaceable"><code>number</code></em>, <code class="option">--reader</code> <em class="replaceable"><code>number</code></em>,
</span></dt><dd><p> </span></dt><dd><p>
@ -394,8 +397,9 @@ to enable debug output in the opensc library.</p></dd></dl></div><p>
<code class="option">-w</code> <code class="option">-w</code>
</span></dt><dd><p>Causes <span class="command"><strong>iasecc-tool</strong></span> to wait for the token </span></dt><dd><p>Causes <span class="command"><strong>iasecc-tool</strong></span> to wait for the token
to be inserted into reader.</p></dd></dl></div><p> to be inserted into reader.</p></dd></dl></div><p>
</p></div></div><div class="refentry"><div class="refentry.separator"><hr></div><a name="openpgp-tool"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>openpgp-tool &#8212; utility for accessing visible data OpenPGP smart cards </p></div><div class="refsect1"><a name="idm721"></a><h2>Authors</h2><p><span class="command"><strong>iasecc-tool</strong></span> was written by
and compatible tokens</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">openpgp-tool</code> [<em class="replaceable"><code>OPTIONS</code></em>]</p></div></div><div class="refsect1"><a name="idm724"></a><h2>Description</h2><p> Viktor Tarasov <code class="email">&lt;<a class="email" href="mailto:viktor.tarasov@gmail.com">viktor.tarasov@gmail.com</a>&gt;</code>.</p></div></div><div class="refentry"><div class="refentry.separator"><hr></div><a name="openpgp-tool"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>openpgp-tool &#8212; utility for accessing visible data OpenPGP smart cards
and compatible tokens</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">openpgp-tool</code> [<em class="replaceable"><code>OPTIONS</code></em>]</p></div></div><div class="refsect1"><a name="idm741"></a><h2>Description</h2><p>
The <span class="command"><strong>openpgp-tool</strong></span> utility is used for The <span class="command"><strong>openpgp-tool</strong></span> utility is used for
accessing data from the OpenPGP v1.1 and v2.0 smart cards accessing data from the OpenPGP v1.1 and v2.0 smart cards
and compatible tokens like e.g. GPF CryptoStick v1.x, and compatible tokens like e.g. GPF CryptoStick v1.x,
@ -403,7 +407,7 @@ to enable debug output in the opensc library.</p></dd></dl></div><p>
PKCS#15 objects but available in custom files on the PKCS#15 objects but available in custom files on the
card. The data can be printed on screen or used by card. The data can be printed on screen or used by
other programs via environment variables. other programs via environment variables.
</p></div><div class="refsect1"><a name="idm728"></a><h2>Options</h2><p> </p></div><div class="refsect1"><a name="idm745"></a><h2>Options</h2><p>
</p><div class="variablelist"><dl class="variablelist"><dt><span class="term"> </p><div class="variablelist"><dl class="variablelist"><dt><span class="term">
<code class="option">--exec</code> <em class="replaceable"><code>prog</code></em>, <code class="option">--exec</code> <em class="replaceable"><code>prog</code></em>,
<code class="option">-x</code> <em class="replaceable"><code>prog</code></em> <code class="option">-x</code> <em class="replaceable"><code>prog</code></em>
@ -472,12 +476,12 @@ to enable debug output in the opensc library.</p></dd></dl></div><p>
</span></dt><dd><p> </span></dt><dd><p>
Wait for a card to be inserted. Wait for a card to be inserted.
</p></dd></dl></div><p> </p></dd></dl></div><p>
</p></div><div class="refsect1"><a name="idm819"></a><h2>Authors</h2><p><span class="command"><strong>openpgp-tool</strong></span> utility was written by </p></div><div class="refsect1"><a name="idm836"></a><h2>Authors</h2><p><span class="command"><strong>openpgp-tool</strong></span> utility was written by
Peter Marschall <code class="email">&lt;<a class="email" href="mailto:peter@adpm.de">peter@adpm.de</a>&gt;</code>.</p></div></div><div class="refentry"><div class="refentry.separator"><hr></div><a name="netkey-tool"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>netkey-tool &#8212; administrative utility for Netkey E4 cards</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">netkey-tool</code> [<em class="replaceable"><code>OPTIONS</code></em>] [<em class="replaceable"><code>COMMAND</code></em>]</p></div></div><div class="refsect1"><a name="idm841"></a><h2>Description</h2><p>The <span class="command"><strong>netkey-tool</strong></span> utility can be used from the Peter Marschall <code class="email">&lt;<a class="email" href="mailto:peter@adpm.de">peter@adpm.de</a>&gt;</code>.</p></div></div><div class="refentry"><div class="refentry.separator"><hr></div><a name="netkey-tool"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>netkey-tool &#8212; administrative utility for Netkey E4 cards</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">netkey-tool</code> [<em class="replaceable"><code>OPTIONS</code></em>] [<em class="replaceable"><code>COMMAND</code></em>]</p></div></div><div class="refsect1"><a name="idm858"></a><h2>Description</h2><p>The <span class="command"><strong>netkey-tool</strong></span> utility can be used from the
command line to perform some smart card operations with NetKey E4 cards command line to perform some smart card operations with NetKey E4 cards
that cannot be done easily with other OpenSC-tools, such as changing local that cannot be done easily with other OpenSC-tools, such as changing local
PINs, storing certificates into empty NetKey E4 cert-files or displaying PINs, storing certificates into empty NetKey E4 cert-files or displaying
the initial PUK-value.</p></div><div class="refsect1"><a name="idm845"></a><h2>Options</h2><p> the initial PUK-value.</p></div><div class="refsect1"><a name="idm862"></a><h2>Options</h2><p>
</p><div class="variablelist"><dl class="variablelist"><dt><span class="term"> </p><div class="variablelist"><dl class="variablelist"><dt><span class="term">
<code class="option">--help</code>, <code class="option">--help</code>,
<code class="option">-h</code> <code class="option">-h</code>
@ -505,11 +509,11 @@ to enable debug output in the opensc library.</p></dd></dl></div><p>
<code class="option">-v</code> <code class="option">-v</code>
</span></dt><dd><p>Causes <span class="command"><strong>netkey-tool</strong></span> to be more verbose. This </span></dt><dd><p>Causes <span class="command"><strong>netkey-tool</strong></span> to be more verbose. This
options may be specified multiple times to increase verbosity.</p></dd></dl></div><p> options may be specified multiple times to increase verbosity.</p></dd></dl></div><p>
</p></div><div class="refsect1"><a name="idm902"></a><h2>PIN format</h2><p>With the <code class="option">-p</code>, <code class="option">-u</code>, <code class="option">-0</code> or the <code class="option">-1</code> </p></div><div class="refsect1"><a name="idm919"></a><h2>PIN format</h2><p>With the <code class="option">-p</code>, <code class="option">-u</code>, <code class="option">-0</code> or the <code class="option">-1</code>
one of the cards pins may be specified. You may use plain ascii-strings (i.e. 123456) or a hex-string one of the cards pins may be specified. You may use plain ascii-strings (i.e. 123456) or a hex-string
(i.e. 31:32:33:34:35:36). A hex-string must consist of exactly n 2-digit hexnumbers separated by n-1 colons. (i.e. 31:32:33:34:35:36). A hex-string must consist of exactly n 2-digit hexnumbers separated by n-1 colons.
Otherwise it will be interpreted as an ascii string. For example :12:34: and 1:2:3:4 are both pins of Otherwise it will be interpreted as an ascii string. For example :12:34: and 1:2:3:4 are both pins of
length 7, while 12:34 and 01:02:03:04 are pins of length 2 and 4.</p></div><div class="refsect1"><a name="idm909"></a><h2>Commands</h2><p>When used without any options or commands, <span class="command"><strong>netkey-tool</strong></span> will length 7, while 12:34 and 01:02:03:04 are pins of length 2 and 4.</p></div><div class="refsect1"><a name="idm926"></a><h2>Commands</h2><p>When used without any options or commands, <span class="command"><strong>netkey-tool</strong></span> will
display information about the smart cards pins and certificates. This will not change display information about the smart cards pins and certificates. This will not change
your card in any aspect (assumed there are no bugs in <span class="command"><strong>netkey-tool</strong></span>). your card in any aspect (assumed there are no bugs in <span class="command"><strong>netkey-tool</strong></span>).
In particular the tries-left counters of the pins are investigated without doing In particular the tries-left counters of the pins are investigated without doing
@ -551,11 +555,11 @@ to enable debug output in the opensc library.</p></dd></dl></div><p>
</span></dt><dd><p>This unblocks the specified pin. You must specify another pin </span></dt><dd><p>This unblocks the specified pin. You must specify another pin
to be able to do this and if you don't specify a correct one, to be able to do this and if you don't specify a correct one,
<span class="command"><strong>netkey-tool</strong></span> will tell you which one is needed.</p></dd></dl></div><p> <span class="command"><strong>netkey-tool</strong></span> will tell you which one is needed.</p></dd></dl></div><p>
</p></div><div class="refsect1"><a name="idm970"></a><h2>See also</h2><p> </p></div><div class="refsect1"><a name="idm987"></a><h2>See also</h2><p>
<span class="citerefentry"><span class="refentrytitle">opensc-explorer</span>(1)</span> <span class="citerefentry"><span class="refentrytitle">opensc-explorer</span>(1)</span>
</p></div><div class="refsect1"><a name="idm976"></a><h2>Authors</h2><p><span class="command"><strong>netkey-tool</strong></span> was written by </p></div><div class="refsect1"><a name="idm993"></a><h2>Authors</h2><p><span class="command"><strong>netkey-tool</strong></span> was written by
Peter Koch <code class="email">&lt;<a class="email" href="mailto:pk_opensc@web.de">pk_opensc@web.de</a>&gt;</code>.</p></div></div><div class="refentry"><div class="refentry.separator"><hr></div><a name="openpgp-tool"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>openpgp-tool &#8212; utility for accessing visible data OpenPGP smart cards Peter Koch <code class="email">&lt;<a class="email" href="mailto:pk_opensc@web.de">pk_opensc@web.de</a>&gt;</code>.</p></div></div><div class="refentry"><div class="refentry.separator"><hr></div><a name="openpgp-tool"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>openpgp-tool &#8212; utility for accessing visible data OpenPGP smart cards
and compatible tokens</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">openpgp-tool</code> [<em class="replaceable"><code>OPTIONS</code></em>]</p></div></div><div class="refsect1"><a name="idm996"></a><h2>Description</h2><p> and compatible tokens</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">openpgp-tool</code> [<em class="replaceable"><code>OPTIONS</code></em>]</p></div></div><div class="refsect1"><a name="idm1013"></a><h2>Description</h2><p>
The <span class="command"><strong>openpgp-tool</strong></span> utility is used for The <span class="command"><strong>openpgp-tool</strong></span> utility is used for
accessing data from the OpenPGP v1.1 and v2.0 smart cards accessing data from the OpenPGP v1.1 and v2.0 smart cards
and compatible tokens like e.g. GPF CryptoStick v1.x, and compatible tokens like e.g. GPF CryptoStick v1.x,
@ -563,7 +567,7 @@ to enable debug output in the opensc library.</p></dd></dl></div><p>
PKCS#15 objects but available in custom files on the PKCS#15 objects but available in custom files on the
card. The data can be printed on screen or used by card. The data can be printed on screen or used by
other programs via environment variables. other programs via environment variables.
</p></div><div class="refsect1"><a name="idm1000"></a><h2>Options</h2><p> </p></div><div class="refsect1"><a name="idm1017"></a><h2>Options</h2><p>
</p><div class="variablelist"><dl class="variablelist"><dt><span class="term"> </p><div class="variablelist"><dl class="variablelist"><dt><span class="term">
<code class="option">--exec</code> <em class="replaceable"><code>prog</code></em>, <code class="option">--exec</code> <em class="replaceable"><code>prog</code></em>,
<code class="option">-x</code> <em class="replaceable"><code>prog</code></em> <code class="option">-x</code> <em class="replaceable"><code>prog</code></em>
@ -632,12 +636,12 @@ to enable debug output in the opensc library.</p></dd></dl></div><p>
</span></dt><dd><p> </span></dt><dd><p>
Wait for a card to be inserted. Wait for a card to be inserted.
</p></dd></dl></div><p> </p></dd></dl></div><p>
</p></div><div class="refsect1"><a name="idm1091"></a><h2>Authors</h2><p><span class="command"><strong>openpgp-tool</strong></span> utility was written by </p></div><div class="refsect1"><a name="idm1108"></a><h2>Authors</h2><p><span class="command"><strong>openpgp-tool</strong></span> utility was written by
Peter Marschall <code class="email">&lt;<a class="email" href="mailto:peter@adpm.de">peter@adpm.de</a>&gt;</code>.</p></div></div><div class="refentry"><div class="refentry.separator"><hr></div><a name="opensc-tool"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>opensc-tool &#8212; generic smart card utility</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">opensc-tool</code> [<em class="replaceable"><code>OPTIONS</code></em>]</p></div></div><div class="refsect1"><a name="idm1111"></a><h2>Description</h2><p> Peter Marschall <code class="email">&lt;<a class="email" href="mailto:peter@adpm.de">peter@adpm.de</a>&gt;</code>.</p></div></div><div class="refentry"><div class="refentry.separator"><hr></div><a name="opensc-tool"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>opensc-tool &#8212; generic smart card utility</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">opensc-tool</code> [<em class="replaceable"><code>OPTIONS</code></em>]</p></div></div><div class="refsect1"><a name="idm1128"></a><h2>Description</h2><p>
The <span class="command"><strong>opensc-tool</strong></span> utility can be used from the command line to perform The <span class="command"><strong>opensc-tool</strong></span> utility can be used from the command line to perform
miscellaneous smart card operations such as getting the card ATR or miscellaneous smart card operations such as getting the card ATR or
sending arbitrary APDU commands to a card. sending arbitrary APDU commands to a card.
</p></div><div class="refsect1"><a name="idm1115"></a><h2>Options</h2><p> </p></div><div class="refsect1"><a name="idm1132"></a><h2>Options</h2><p>
</p><div class="variablelist"><dl class="variablelist"><dt><span class="term"> </p><div class="variablelist"><dl class="variablelist"><dt><span class="term">
<code class="option">--version</code>, <code class="option">--version</code>,
</span></dt><dd><p>Print the OpenSC package release version.</p></dd><dt><span class="term"> </span></dt><dd><p>Print the OpenSC package release version.</p></dd><dt><span class="term">
@ -697,17 +701,18 @@ to enable debug output in the opensc library.</p></dd></dl></div><p>
<code class="option">--wait</code>, <code class="option">--wait</code>,
<code class="option">-w</code> <code class="option">-w</code>
</span></dt><dd><p>Wait for a card to be inserted.</p></dd></dl></div><p> </span></dt><dd><p>Wait for a card to be inserted.</p></dd></dl></div><p>
</p></div><div class="refsect1"><a name="idm1232"></a><h2>See also</h2><p> </p></div><div class="refsect1"><a name="idm1249"></a><h2>See also</h2><p>
<span class="citerefentry"><span class="refentrytitle">opensc-explorer</span>(1)</span> <span class="citerefentry"><span class="refentrytitle">opensc-explorer</span>(1)</span>
</p></div></div><div class="refentry"><div class="refentry.separator"><hr></div><a name="opensc-explorer"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>opensc-explorer &#8212; </p></div><div class="refsect1"><a name="idm1255"></a><h2>Authors</h2><p><span class="command"><strong>opensc-tool</strong></span> was written by
Juha Yrjölä <code class="email">&lt;<a class="email" href="mailto:juha.yrjola@iki.fi">juha.yrjola@iki.fi</a>&gt;</code>.</p></div></div><div class="refentry"><div class="refentry.separator"><hr></div><a name="opensc-explorer"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>opensc-explorer &#8212;
generic interactive utility for accessing smart card generic interactive utility for accessing smart card
and similar security token functions and similar security token functions
</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">opensc-explorer</code> [<em class="replaceable"><code>OPTIONS</code></em>] [<em class="replaceable"><code>SCRIPT</code></em>]</p></div></div><div class="refsect1"><a name="idm1255"></a><h2>Description</h2><p> </p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">opensc-explorer</code> [<em class="replaceable"><code>OPTIONS</code></em>] [<em class="replaceable"><code>SCRIPT</code></em>]</p></div></div><div class="refsect1"><a name="idm1277"></a><h2>Description</h2><p>
The <span class="command"><strong>opensc-explorer</strong></span> utility can be The <span class="command"><strong>opensc-explorer</strong></span> utility can be
used interactively to perform miscellaneous operations used interactively to perform miscellaneous operations
such as exploring the contents of or sending arbitrary such as exploring the contents of or sending arbitrary
APDU commands to a smart card or similar security token. APDU commands to a smart card or similar security token.
</p></div><div class="refsect1"><a name="idm1259"></a><h2>Options</h2><p> </p></div><div class="refsect1"><a name="idm1281"></a><h2>Options</h2><p>
The following are the command-line options for The following are the command-line options for
<span class="command"><strong>opensc-explorer</strong></span>. There are additional <span class="command"><strong>opensc-explorer</strong></span>. There are additional
interactive commands available once it is running. interactive commands available once it is running.
@ -742,189 +747,190 @@ to enable debug output in the opensc library.</p></dd></dl></div><p>
</p></dd><dt><span class="term"> </p></dd><dt><span class="term">
<code class="option">--wait</code>, <code class="option">-w</code> <code class="option">--wait</code>, <code class="option">-w</code>
</span></dt><dd><p>Wait for a card to be inserted</p></dd></dl></div><p> </span></dt><dd><p>Wait for a card to be inserted</p></dd></dl></div><p>
</p></div><div class="refsect1"><a name="idm1304"></a><h2>Commands</h2><p> </p></div><div class="refsect1"><a name="idm1326"></a><h2>Commands</h2><p>
The following commands are supported at <span class="command"><strong>opensc-explorer</strong></span>'s The following commands are supported at <span class="command"><strong>opensc-explorer</strong></span>'s
interactive prompt or in script files passed via the command line parameter interactive prompt or in script files passed via the command line parameter
<em class="replaceable"><code>SCRIPT</code></em>. <em class="replaceable"><code>SCRIPT</code></em>.
</p><div class="variablelist"><dl class="variablelist"><dt><span class="term"> </p><div class="variablelist"><dl class="variablelist"><dt><span class="term">
<span class="command"><strong>apdu</strong></span> <em class="replaceable"><code>hex-data</code></em> <span class="command"><strong>apdu</strong></span> <em class="replaceable"><code>hex-data</code></em>
</span></dt><dd><p>Send a custom APDU command <em class="replaceable"><code>hex-data</code></em>.</p></dd><dt><span class="term"> </span></dt><dd><p>Send a custom APDU command <em class="replaceable"><code>hex-data</code></em>.</p></dd><dt><span class="term">
<span class="command"><strong>asn1</strong></span> <em class="replaceable"><code>file-id</code></em> <span class="command"><strong>asn1</strong></span> <em class="replaceable"><code>file-id</code></em>
</span></dt><dd><p>Parse and print the ASN.1 encoded content of the file specified by </span></dt><dd><p>Parse and print the ASN.1 encoded content of the file specified by
<em class="replaceable"><code>file-id</code></em>.</p></dd><dt><span class="term"> <em class="replaceable"><code>file-id</code></em>.</p></dd><dt><span class="term">
<span class="command"><strong>cat</strong></span> [<em class="replaceable"><code>file-id</code></em> | sfi:<em class="replaceable"><code>short-id</code></em>] <span class="command"><strong>cat</strong></span> [<em class="replaceable"><code>file-id</code></em> | sfi:<em class="replaceable"><code>short-id</code></em>]
</span></dt><dd><p>Print the contents of the currently selected EF or the contents </span></dt><dd><p>Print the contents of the currently selected EF or the contents
of a file specified by <em class="replaceable"><code>file-id</code></em> or the short file id of a file specified by <em class="replaceable"><code>file-id</code></em> or the short file id
<em class="replaceable"><code>short-id</code></em>. <em class="replaceable"><code>short-id</code></em>.
</p></dd><dt><span class="term"> </p></dd><dt><span class="term">
<span class="command"><strong>cd</strong></span> {.. | <em class="replaceable"><code>file-id</code></em> | aid:<em class="replaceable"><code>DF-name</code></em>} <span class="command"><strong>cd</strong></span> {.. | <em class="replaceable"><code>file-id</code></em> | aid:<em class="replaceable"><code>DF-name</code></em>}
</span></dt><dd><p> </span></dt><dd><p>
Change to another DF specified by the argument passed. Change to another DF specified by the argument passed.
If the argument given is <code class="literal">..</code>, then move up one level in the If the argument given is <code class="literal">..</code>, then move up one level in the
file system hierarchy. file system hierarchy.
If it is <em class="replaceable"><code>file-id</code></em>, which must be a DF directly If it is <em class="replaceable"><code>file-id</code></em>, which must be a DF directly
beneath the current DF, then change to that DF. beneath the current DF, then change to that DF.
If it is an application identifier given as If it is an application identifier given as
<code class="literal">aid:</code><em class="replaceable"><code>DF-name</code></em>, <code class="literal">aid:</code><em class="replaceable"><code>DF-name</code></em>,
then jump to the MF of the application denoted by then jump to the MF of the application denoted by
<em class="replaceable"><code>DF-name</code></em>. <em class="replaceable"><code>DF-name</code></em>.
</p></dd><dt><span class="term"> </p></dd><dt><span class="term">
<span class="command"><strong>change</strong></span> CHV<em class="replaceable"><code>pin-ref</code></em> [[<em class="replaceable"><code>old-pin</code></em>] <em class="replaceable"><code>new-pin</code></em>] <span class="command"><strong>change</strong></span> CHV<em class="replaceable"><code>pin-ref</code></em> [[<em class="replaceable"><code>old-pin</code></em>] <em class="replaceable"><code>new-pin</code></em>]
</span></dt><dd><p>Change a PIN, where <em class="replaceable"><code>pin-ref</code></em> is the PIN reference.</p><p> </span></dt><dd><p>Change a PIN, where <em class="replaceable"><code>pin-ref</code></em> is the PIN reference.</p><p>
Examples: Examples:
</p><div class="variablelist"><dl class="variablelist"><dt><span class="term"><code class="code">change CHV2 00:00:00:00:00:00 "foobar"</code></span></dt><dd><p> </p><div class="variablelist"><dl class="variablelist"><dt><span class="term"><code class="code">change CHV2 00:00:00:00:00:00 "foobar"</code></span></dt><dd><p>
Change PIN <code class="literal">CHV2</code> Change PIN <code class="literal">CHV2</code>
to the new value <code class="literal">foobar</code>, to the new value <code class="literal">foobar</code>,
giving the old value <code class="literal">00:00:00:00:00:00</code>. giving the old value <code class="literal">00:00:00:00:00:00</code>.
</p></dd><dt><span class="term"><code class="code">change CHV2 "foobar"</code></span></dt><dd><p> </p></dd><dt><span class="term"><code class="code">change CHV2 "foobar"</code></span></dt><dd><p>
Set PIN <code class="literal">CHV2</code> Set PIN <code class="literal">CHV2</code>
to the new value <code class="literal">foobar</code>. to the new value <code class="literal">foobar</code>.
</p></dd><dt><span class="term"><code class="code">change CHV2</code></span></dt><dd><p> </p></dd><dt><span class="term"><code class="code">change CHV2</code></span></dt><dd><p>
Change PIN <code class="literal">CHV2</code> using the card reader's pinpad. Change PIN <code class="literal">CHV2</code> using the card reader's pinpad.
</p></dd></dl></div><p> </p></dd></dl></div><p>
</p></dd><dt><span class="term"> </p></dd><dt><span class="term">
<span class="command"><strong>create</strong></span> <em class="replaceable"><code>file-id</code></em> <em class="replaceable"><code>size</code></em> <span class="command"><strong>create</strong></span> <em class="replaceable"><code>file-id</code></em> <em class="replaceable"><code>size</code></em>
</span></dt><dd><p>Create a new EF. <em class="replaceable"><code>file-id</code></em> specifies the </span></dt><dd><p>Create a new EF. <em class="replaceable"><code>file-id</code></em> specifies the
id number and <em class="replaceable"><code>size</code></em> is the size of the new file. id number and <em class="replaceable"><code>size</code></em> is the size of the new file.
</p></dd><dt><span class="term"> </p></dd><dt><span class="term">
<span class="command"><strong>debug</strong></span> [<em class="replaceable"><code>level</code></em>] <span class="command"><strong>debug</strong></span> [<em class="replaceable"><code>level</code></em>]
</span></dt><dd><p>Set OpenSC debug level to <em class="replaceable"><code>level</code></em>.</p><p>If <em class="replaceable"><code>level</code></em> is omitted the current debug level will be shown.</p></dd><dt><span class="term"> </span></dt><dd><p>Set OpenSC debug level to <em class="replaceable"><code>level</code></em>.</p><p>If <em class="replaceable"><code>level</code></em> is omitted the current debug level will be shown.</p></dd><dt><span class="term">
<span class="command"><strong>delete</strong></span> <em class="replaceable"><code>file-id</code></em> <span class="command"><strong>delete</strong></span> <em class="replaceable"><code>file-id</code></em>
</span></dt><dd><p>Remove the EF or DF specified by <em class="replaceable"><code>file-id</code></em></p></dd><dt><span class="term"> </span></dt><dd><p>Remove the EF or DF specified by <em class="replaceable"><code>file-id</code></em></p></dd><dt><span class="term">
<span class="command"><strong>do_get</strong></span> <em class="replaceable"><code>hex-tag</code></em> [<em class="replaceable"><code>output</code></em>] <span class="command"><strong>do_get</strong></span> <em class="replaceable"><code>hex-tag</code></em> [<em class="replaceable"><code>output</code></em>]
</span></dt><dd><p>Copy the internal card's 'tagged' data into the local file.</p><p>The local file is specified by <em class="replaceable"><code>output</code></em> while the tag of </span></dt><dd><p>Copy the internal card's 'tagged' data into the local file.</p><p>The local file is specified by <em class="replaceable"><code>output</code></em> while the tag of
the card's data is specified by <em class="replaceable"><code>hex-tag</code></em>. the card's data is specified by <em class="replaceable"><code>hex-tag</code></em>.
</p><p> </p><p>
If <em class="replaceable"><code>output</code></em> is omitted, the name of the output file will be If <em class="replaceable"><code>output</code></em> is omitted, the name of the output file will be
derived from <em class="replaceable"><code>hex-tag</code></em>. derived from <em class="replaceable"><code>hex-tag</code></em>.
</p></dd><dt><span class="term"> </p></dd><dt><span class="term">
<span class="command"><strong>do_put</strong></span> <em class="replaceable"><code>hex-tag</code></em> <em class="replaceable"><code>input</code></em> <span class="command"><strong>do_put</strong></span> <em class="replaceable"><code>hex-tag</code></em> <em class="replaceable"><code>input</code></em>
</span></dt><dd><p>Update internal card's 'tagged' data. </p><p><em class="replaceable"><code>hex-tag</code></em> is the tag of the card's data. </span></dt><dd><p>Update internal card's 'tagged' data. </p><p><em class="replaceable"><code>hex-tag</code></em> is the tag of the card's data.
<em class="replaceable"><code>input</code></em> is the filename of the source file or the literal data presented as <em class="replaceable"><code>input</code></em> is the filename of the source file or the literal data presented as
a sequence of hexadecimal values or <code class="literal">"</code> enclosed string. a sequence of hexadecimal values or <code class="literal">"</code> enclosed string.
</p></dd><dt><span class="term"> </p></dd><dt><span class="term">
<span class="command"><strong>echo</strong></span> <em class="replaceable"><code>string</code></em> ... <span class="command"><strong>echo</strong></span> <em class="replaceable"><code>string</code></em> ...
</span></dt><dd><p>Print the <em class="replaceable"><code>string</code></em>s given.</p></dd><dt><span class="term"> </span></dt><dd><p>Print the <em class="replaceable"><code>string</code></em>s given.</p></dd><dt><span class="term">
<span class="command"><strong>erase</strong></span> <span class="command"><strong>erase</strong></span>
</span></dt><dd><p>Erase the card, if the card supports it.</p></dd><dt><span class="term"> </span></dt><dd><p>Erase the card, if the card supports it.</p></dd><dt><span class="term">
<span class="command"><strong>get</strong></span> <em class="replaceable"><code>file-id</code></em> [<em class="replaceable"><code>output</code></em>] <span class="command"><strong>get</strong></span> <em class="replaceable"><code>file-id</code></em> [<em class="replaceable"><code>output</code></em>]
</span></dt><dd><p>Copy an EF to a local file. The local file is specified </span></dt><dd><p>Copy an EF to a local file. The local file is specified
by <em class="replaceable"><code>output</code></em> while the card file is specified by <em class="replaceable"><code>file-id</code></em>. by <em class="replaceable"><code>output</code></em> while the card file is specified by <em class="replaceable"><code>file-id</code></em>.
</p><p> </p><p>
If <em class="replaceable"><code>output</code></em> is omitted, the name of the output file will be If <em class="replaceable"><code>output</code></em> is omitted, the name of the output file will be
derived from the full card path to <em class="replaceable"><code>file-id</code></em>. derived from the full card path to <em class="replaceable"><code>file-id</code></em>.
</p></dd><dt><span class="term"> </p></dd><dt><span class="term">
<span class="command"><strong>info</strong></span> [<em class="replaceable"><code>file-id</code></em>] <span class="command"><strong>info</strong></span> [<em class="replaceable"><code>file-id</code></em>]
</span></dt><dd><p>Display attributes of a file specified by <em class="replaceable"><code>file-id</code></em>. </span></dt><dd><p>Display attributes of a file specified by <em class="replaceable"><code>file-id</code></em>.
If <em class="replaceable"><code>file-id</code></em> is not supplied, If <em class="replaceable"><code>file-id</code></em> is not supplied,
the attributes of the current file are printed.</p></dd><dt><span class="term"> the attributes of the current file are printed.</p></dd><dt><span class="term">
<span class="command"><strong>ls</strong></span> [<em class="replaceable"><code>pattern</code></em> ...] <span class="command"><strong>ls</strong></span> [<em class="replaceable"><code>pattern</code></em> ...]
</span></dt><dd><p>List files in the current DF. </span></dt><dd><p>List files in the current DF.
If no <em class="replaceable"><code>pattern</code></em> is given, then all files are listed. If no <em class="replaceable"><code>pattern</code></em> is given, then all files are listed.
If one ore more <em class="replaceable"><code>pattern</code></em>s are given, only files matching If one ore more <em class="replaceable"><code>pattern</code></em>s are given, only files matching
at least one <em class="replaceable"><code>pattern</code></em> are listed.</p></dd><dt><span class="term"> at least one <em class="replaceable"><code>pattern</code></em> are listed.</p></dd><dt><span class="term">
<span class="command"><strong>find</strong></span> [<em class="replaceable"><code>start-id</code></em> [<em class="replaceable"><code>end-id</code></em>]] <span class="command"><strong>find</strong></span> [<em class="replaceable"><code>start-id</code></em> [<em class="replaceable"><code>end-id</code></em>]]
</span></dt><dd><p>Find all files in the current DF. </span></dt><dd><p>Find all files in the current DF.
Files are found by selecting all file identifiers in the range from <em class="replaceable"><code>start-fid</code></em> to <em class="replaceable"><code>end-fid</code></em> (by default from 0000 to FFFF).</p></dd><dt><span class="term"> Files are found by selecting all file identifiers in the range from <em class="replaceable"><code>start-fid</code></em> to <em class="replaceable"><code>end-fid</code></em> (by default from 0000 to FFFF).</p></dd><dt><span class="term">
<span class="command"><strong>find_tags</strong></span> [<em class="replaceable"><code>start-tag</code></em> [<em class="replaceable"><code>end-tag</code></em>]] <span class="command"><strong>find_tags</strong></span> [<em class="replaceable"><code>start-tag</code></em> [<em class="replaceable"><code>end-tag</code></em>]]
</span></dt><dd><p>Find all tags of data objects in the current context. </span></dt><dd><p>Find all tags of data objects in the current context.
Tags are found by using GET DATA in the range from <em class="replaceable"><code>start-tag</code></em> to <em class="replaceable"><code>end-tag</code></em> (by default from 0000 to FFFF).</p></dd><dt><span class="term"> Tags are found by using GET DATA in the range from <em class="replaceable"><code>start-tag</code></em> to <em class="replaceable"><code>end-tag</code></em> (by default from 0000 to FFFF).</p></dd><dt><span class="term">
<span class="command"><strong>mkdir</strong></span> <em class="replaceable"><code>file-id</code></em> <em class="replaceable"><code>size</code></em> <span class="command"><strong>mkdir</strong></span> <em class="replaceable"><code>file-id</code></em> <em class="replaceable"><code>size</code></em>
</span></dt><dd><p>Create a DF. <em class="replaceable"><code>file-id</code></em> specifies the id number </span></dt><dd><p>Create a DF. <em class="replaceable"><code>file-id</code></em> specifies the id number
and <em class="replaceable"><code>size</code></em> is the size of the new file.</p></dd><dt><span class="term"> and <em class="replaceable"><code>size</code></em> is the size of the new file.</p></dd><dt><span class="term">
<span class="command"><strong>put</strong></span> <em class="replaceable"><code>file-id</code></em> <em class="replaceable"><code>input</code></em> <span class="command"><strong>put</strong></span> <em class="replaceable"><code>file-id</code></em> <em class="replaceable"><code>input</code></em>
</span></dt><dd><p>Copy a local file to the card. The local file is specified </span></dt><dd><p>Copy a local file to the card. The local file is specified
by <em class="replaceable"><code>input</code></em> while the card file is specified by <em class="replaceable"><code>file-id</code></em>. by <em class="replaceable"><code>input</code></em> while the card file is specified by <em class="replaceable"><code>file-id</code></em>.
</p></dd><dt><span class="term"> </p></dd><dt><span class="term">
<span class="command"><strong>quit</strong></span> <span class="command"><strong>quit</strong></span>
</span></dt><dd><p>Exit the program.</p></dd><dt><span class="term"> </span></dt><dd><p>Exit the program.</p></dd><dt><span class="term">
<span class="command"><strong>random</strong></span> <em class="replaceable"><code>count</code></em> <span class="command"><strong>random</strong></span> <em class="replaceable"><code>count</code></em>
</span></dt><dd><p>Generate random sequence of <em class="replaceable"><code>count</code></em> bytes.</p></dd><dt><span class="term"> </span></dt><dd><p>Generate random sequence of <em class="replaceable"><code>count</code></em> bytes.</p></dd><dt><span class="term">
<span class="command"><strong>rm</strong></span> <em class="replaceable"><code>file-id</code></em> <span class="command"><strong>rm</strong></span> <em class="replaceable"><code>file-id</code></em>
</span></dt><dd><p>Remove the EF or DF specified by <em class="replaceable"><code>file-id</code></em></p></dd><dt><span class="term"> </span></dt><dd><p>Remove the EF or DF specified by <em class="replaceable"><code>file-id</code></em></p></dd><dt><span class="term">
<span class="command"><strong>unblock</strong></span> CHV<em class="replaceable"><code>pin-ref</code></em> [<em class="replaceable"><code>puk</code></em> [<em class="replaceable"><code>new pin</code></em>]] <span class="command"><strong>unblock</strong></span> CHV<em class="replaceable"><code>pin-ref</code></em> [<em class="replaceable"><code>puk</code></em> [<em class="replaceable"><code>new pin</code></em>]]
</span></dt><dd><p> </span></dt><dd><p>
Unblock the PIN denoted by <em class="replaceable"><code>pin-ref</code></em> Unblock the PIN denoted by <em class="replaceable"><code>pin-ref</code></em>
using the PUK <em class="replaceable"><code>puk</code></em>, and set potentially using the PUK <em class="replaceable"><code>puk</code></em>, and set potentially
change its value to <em class="replaceable"><code>new pin</code></em>. change its value to <em class="replaceable"><code>new pin</code></em>.
</p><p> </p><p>
PUK and PIN values can be a sequence of hexadecimal values, PUK and PIN values can be a sequence of hexadecimal values,
<code class="literal">"</code>-enclosed strings, empty (<code class="literal">""</code>), <code class="literal">"</code>-enclosed strings, empty (<code class="literal">""</code>),
or absent. or absent.
If they are absent, the values are read from the card reader's pin pad. If they are absent, the values are read from the card reader's pin pad.
</p><p> </p><p>
Examples: Examples:
</p><div class="variablelist"><dl class="variablelist"><dt><span class="term"><code class="code">unblock CHV2 00:00:00:00:00:00 "foobar"</code></span></dt><dd><p> </p><div class="variablelist"><dl class="variablelist"><dt><span class="term"><code class="code">unblock CHV2 00:00:00:00:00:00 "foobar"</code></span></dt><dd><p>
Unblock PIN <code class="literal">CHV2</code> using PUK Unblock PIN <code class="literal">CHV2</code> using PUK
<code class="literal">00:00:00:00:00:00</code> <code class="literal">00:00:00:00:00:00</code>
and set it to the new value <code class="literal">foobar</code>. and set it to the new value <code class="literal">foobar</code>.
</p></dd><dt><span class="term"><code class="code">unblock CHV2 00:00:00:00:00:00 ""</code></span></dt><dd><p> </p></dd><dt><span class="term"><code class="code">unblock CHV2 00:00:00:00:00:00 ""</code></span></dt><dd><p>
Unblock PIN <code class="literal">CHV2</code> using PUK Unblock PIN <code class="literal">CHV2</code> using PUK
<code class="literal">00:00:00:00:00:00</code> keeping the old value. <code class="literal">00:00:00:00:00:00</code> keeping the old value.
</p></dd><dt><span class="term"><code class="code">unblock CHV2 "" "foobar"</code></span></dt><dd><p> </p></dd><dt><span class="term"><code class="code">unblock CHV2 "" "foobar"</code></span></dt><dd><p>
Set new value of PIN <code class="literal">CHV2</code> Set new value of PIN <code class="literal">CHV2</code>
to <code class="literal">foobar</code>. to <code class="literal">foobar</code>.
</p></dd><dt><span class="term"><code class="code">unblock CHV2 00:00:00:00:00:00</code></span></dt><dd><p> </p></dd><dt><span class="term"><code class="code">unblock CHV2 00:00:00:00:00:00</code></span></dt><dd><p>
Unblock PIN <code class="literal">CHV2</code> using PUK Unblock PIN <code class="literal">CHV2</code> using PUK
<code class="literal">00:00:00:00:00:00</code>. <code class="literal">00:00:00:00:00:00</code>.
The new PIN value is prompted by pinpad. The new PIN value is prompted by pinpad.
</p></dd><dt><span class="term"><code class="code">unblock CHV2 ""</code></span></dt><dd><p> </p></dd><dt><span class="term"><code class="code">unblock CHV2 ""</code></span></dt><dd><p>
Set PIN <code class="literal">CHV2</code>. Set PIN <code class="literal">CHV2</code>.
The new PIN value is prompted by pinpad. The new PIN value is prompted by pinpad.
</p></dd><dt><span class="term"><code class="code">unblock CHV2</code></span></dt><dd><p> </p></dd><dt><span class="term"><code class="code">unblock CHV2</code></span></dt><dd><p>
Unblock PIN <code class="literal">CHV2</code>. Unblock PIN <code class="literal">CHV2</code>.
The unblock code and new PIN value are prompted by pinpad. The unblock code and new PIN value are prompted by pinpad.
</p></dd></dl></div><p> </p></dd></dl></div><p>
</p></dd><dt><span class="term"> </p></dd><dt><span class="term">
<span class="command"><strong>update_binary</strong></span> <em class="replaceable"><code>file-id</code></em> <em class="replaceable"><code>offs</code></em> <em class="replaceable"><code>data</code></em> <span class="command"><strong>update_binary</strong></span> <em class="replaceable"><code>file-id</code></em> <em class="replaceable"><code>offs</code></em> <em class="replaceable"><code>data</code></em>
</span></dt><dd><p>Binary update of the file specified by </span></dt><dd><p>Binary update of the file specified by
<em class="replaceable"><code>file-id</code></em> with the literal data <em class="replaceable"><code>file-id</code></em> with the literal data
<em class="replaceable"><code>data</code></em> starting from offset specified <em class="replaceable"><code>data</code></em> starting from offset specified
by <em class="replaceable"><code>offs</code></em>.</p><p><em class="replaceable"><code>data</code></em> can be supplied as a sequencer by <em class="replaceable"><code>offs</code></em>.</p><p><em class="replaceable"><code>data</code></em> can be supplied as a sequencer
of the hex values or as a <code class="literal">"</code> enclosed string. </p></dd><dt><span class="term"> of the hex values or as a <code class="literal">"</code> enclosed string. </p></dd><dt><span class="term">
<span class="command"><strong>update_record</strong></span> <em class="replaceable"><code>file-id</code></em> <em class="replaceable"><code>rec-nr</code></em> <em class="replaceable"><code>rec-offs</code></em> <em class="replaceable"><code>data</code></em> <span class="command"><strong>update_record</strong></span> <em class="replaceable"><code>file-id</code></em> <em class="replaceable"><code>rec-nr</code></em> <em class="replaceable"><code>rec-offs</code></em> <em class="replaceable"><code>data</code></em>
</span></dt><dd><p>Update record specified by <em class="replaceable"><code>rec-nr</code></em> of the file </span></dt><dd><p>Update record specified by <em class="replaceable"><code>rec-nr</code></em> of the file
specified by <em class="replaceable"><code>file-id</code></em> with the literal data specified by <em class="replaceable"><code>file-id</code></em> with the literal data
<em class="replaceable"><code>data</code></em> starting from offset specified by <em class="replaceable"><code>data</code></em> starting from offset specified by
<em class="replaceable"><code>rec-offs</code></em>.</p><p><em class="replaceable"><code>data</code></em> can be supplied as a sequence of the hex values or <em class="replaceable"><code>rec-offs</code></em>.</p><p><em class="replaceable"><code>data</code></em> can be supplied as a sequence of the hex values or
as a <code class="literal">"</code> enclosed string. </p></dd><dt><span class="term"> as a <code class="literal">"</code> enclosed string. </p></dd><dt><span class="term">
<span class="command"><strong>verify</strong></span> <em class="replaceable"><code>key-type</code></em> <em class="replaceable"><code>key-id</code></em> [<em class="replaceable"><code>key</code></em>] <span class="command"><strong>verify</strong></span> <em class="replaceable"><code>key-type</code></em> <em class="replaceable"><code>key-id</code></em> [<em class="replaceable"><code>key</code></em>]
</span></dt><dd><p>Present a PIN or key to the card, where </span></dt><dd><p>Present a PIN or key to the card, where
<em class="replaceable"><code>key-type</code></em> can be one of <code class="literal">CHV</code>, <em class="replaceable"><code>key-type</code></em> can be one of <code class="literal">CHV</code>,
<code class="literal">KEY</code>, <code class="literal">AUT</code> or <code class="literal">PRO</code>. <code class="literal">KEY</code>, <code class="literal">AUT</code> or <code class="literal">PRO</code>.
<em class="replaceable"><code>key-id</code></em> is a number representing the key or PIN reference. <em class="replaceable"><code>key-id</code></em> is a number representing the key or PIN reference.
<em class="replaceable"><code>key</code></em> is the key or PIN to be verified, formatted as a <em class="replaceable"><code>key</code></em> is the key or PIN to be verified, formatted as a
colon-separated list of hex values or a <code class="literal">"</code> enclosed string. colon-separated list of hex values or a <code class="literal">"</code> enclosed string.
</p><p> </p><p>
If <em class="replaceable"><code>key</code></em> is omitted, the exact action depends on the If <em class="replaceable"><code>key</code></em> is omitted, the exact action depends on the
card reader's features: if the card readers supports PIN input via a pin pad, card reader's features: if the card readers supports PIN input via a pin pad,
then the PIN will be verified using the card reader's pin pad. then the PIN will be verified using the card reader's pin pad.
If the card reader does not support PIN input, then the PIN will be asked If the card reader does not support PIN input, then the PIN will be asked
interactively. interactively.
</p><p> </p><p>
Examples: Examples:
</p><div class="variablelist"><dl class="variablelist"><dt><span class="term"><code class="code">verify CHV0 31:32:33:34:00:00:00:00</code></span></dt><dd><p> </p><div class="variablelist"><dl class="variablelist"><dt><span class="term"><code class="code">verify CHV0 31:32:33:34:00:00:00:00</code></span></dt><dd><p>
Verify <code class="literal">CHV2</code> using the hex value Verify <code class="literal">CHV2</code> using the hex value
<code class="literal">31:32:33:34:00:00:00:00</code> <code class="literal">31:32:33:34:00:00:00:00</code>
</p></dd><dt><span class="term"><code class="code">verify CHV1 "secret"</code></span></dt><dd><p> </p></dd><dt><span class="term"><code class="code">verify CHV1 "secret"</code></span></dt><dd><p>
Verify <code class="literal">CHV1</code> Verify <code class="literal">CHV1</code>
using the string value <code class="literal">secret</code>. using the string value <code class="literal">secret</code>.
</p></dd><dt><span class="term"><code class="code">verify KEY2</code></span></dt><dd><p> </p></dd><dt><span class="term"><code class="code">verify KEY2</code></span></dt><dd><p>
Verify <code class="literal">KEY2</code>, Verify <code class="literal">KEY2</code>,
get the value from the card reader's pin pad. get the value from the card reader's pin pad.
</p></dd></dl></div><p> </p></dd></dl></div><p>
</p></dd><dt><span class="term"> </p></dd><dt><span class="term">
<span class="command"><strong>sm</strong></span> <em class="replaceable"><code>[open]</code></em>|<em class="replaceable"><code>[close]</code></em> <span class="command"><strong>sm</strong></span> <em class="replaceable"><code>[open]</code></em>|<em class="replaceable"><code>[close]</code></em>
</span></dt><dd><p>Calls the card's <em class="replaceable"><code>open</code></em> or <em class="replaceable"><code>close</code></em> Secure Messaging handler.</p></dd></dl></div><p> </span></dt><dd><p>Calls the card's <em class="replaceable"><code>open</code></em> or <em class="replaceable"><code>close</code></em> Secure Messaging handler.</p></dd></dl></div><p>
</p></div><div class="refsect1"><a name="idm1658"></a><h2>See also</h2><p> </p></div><div class="refsect1"><a name="idm1680"></a><h2>See also</h2><p>
<span class="citerefentry"><span class="refentrytitle">opensc-tool</span>(1)</span> <span class="citerefentry"><span class="refentrytitle">opensc-tool</span>(1)</span>
</p></div></div><div class="refentry"><div class="refentry.separator"><hr></div><a name="piv-tool"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>piv-tool &#8212; smart card utility for HSPD-12 PIV cards</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">piv-tool</code> [<em class="replaceable"><code>OPTIONS</code></em>]</p></div></div><div class="refsect1"><a name="idm1679"></a><p> </p></div><div class="refsect1"><a name="idm1686"></a><h2>Authors</h2><p><span class="command"><strong>opensc-explorer</strong></span> was written by
Juha Yrjölä <code class="email">&lt;<a class="email" href="mailto:juha.yrjola@iki.fi">juha.yrjola@iki.fi</a>&gt;</code>.</p></div></div><div class="refentry"><div class="refentry.separator"><hr></div><a name="piv-tool"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>piv-tool &#8212; smart card utility for HSPD-12 PIV cards</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">piv-tool</code> [<em class="replaceable"><code>OPTIONS</code></em>]</p></div></div><div class="refsect1"><a name="idm1706"></a><p>
The <span class="command"><strong>piv-tool</strong></span> utility can be used from the command line to perform The <span class="command"><strong>piv-tool</strong></span> utility can be used from the command line to perform
miscellaneous smart card operations on a HSPD-12 PIV smart card as defined in NIST 800-73-3. miscellaneous smart card operations on a HSPD-12 PIV smart card as defined in NIST 800-73-3.
It is intended for use with test cards only. It can be used to load objects, and generate It is intended for use with test cards only. It can be used to load objects, and generate
key pairs, as well as send arbitrary APDU commands to a card after having authenticated key pairs, as well as send arbitrary APDU commands to a card after having authenticated
to the card using the card key provided by the card vendor. to the card using the card key provided by the card vendor.
</p></div><div class="refsect1"><a name="idm1682"></a><h2>Options</h2><p> </p></div><div class="refsect1"><a name="idm1709"></a><h2>Options</h2><p>
</p><div class="variablelist"><dl class="variablelist"><dt><span class="term"> </p><div class="variablelist"><dl class="variablelist"><dt><span class="term">
<code class="option">--serial</code> <code class="option">--serial</code>
</span></dt><dd><p>Print the card serial number derived from the CHUID object, </span></dt><dd><p>Print the card serial number derived from the CHUID object,
@ -1010,15 +1016,16 @@ to enable debug output in the opensc library.</p></dd></dl></div><p>
</span></dt><dd><p>Causes <span class="command"><strong>piv-tool</strong></span> to be more verbose. </span></dt><dd><p>Causes <span class="command"><strong>piv-tool</strong></span> to be more verbose.
Specify this flag several times to enable debug output in the opensc Specify this flag several times to enable debug output in the opensc
library.</p></dd></dl></div><p> library.</p></dd></dl></div><p>
</p></div><div class="refsect1"><a name="idm1840"></a><h2>See also</h2><p> </p></div><div class="refsect1"><a name="idm1867"></a><h2>See also</h2><p>
<span class="citerefentry"><span class="refentrytitle">opensc-tool</span>(1)</span> <span class="citerefentry"><span class="refentrytitle">opensc-tool</span>(1)</span>
</p></div></div><div class="refentry"><div class="refentry.separator"><hr></div><a name="pkcs11-tool"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>pkcs11-tool &#8212; utility for managing and using PKCS #11 security tokens</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">pkcs11-tool</code> [<em class="replaceable"><code>OPTIONS</code></em>]</p></div></div><div class="refsect1"><a name="idm1861"></a><h2>Description</h2><p> </p></div><div class="refsect1"><a name="idm1873"></a><h2>Authors</h2><p><span class="command"><strong>piv-tool</strong></span> was written by
Douglas E. Engert <code class="email">&lt;<a class="email" href="mailto:deengert@gmail.com">deengert@gmail.com</a>&gt;</code>.</p></div></div><div class="refentry"><div class="refentry.separator"><hr></div><a name="pkcs11-tool"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>pkcs11-tool &#8212; utility for managing and using PKCS #11 security tokens</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">pkcs11-tool</code> [<em class="replaceable"><code>OPTIONS</code></em>]</p></div></div><div class="refsect1"><a name="idm1893"></a><h2>Description</h2><p>
The <span class="command"><strong>pkcs11-tool</strong></span> utility is used to manage the The <span class="command"><strong>pkcs11-tool</strong></span> utility is used to manage the
data objects on smart cards and similar PKCS #11 security tokens. data objects on smart cards and similar PKCS #11 security tokens.
Users can list and read PINs, keys and certificates stored on the Users can list and read PINs, keys and certificates stored on the
token. User PIN authentication is performed for those operations token. User PIN authentication is performed for those operations
that require it. that require it.
</p></div><div class="refsect1"><a name="idm1865"></a><h2>Options</h2><p> </p></div><div class="refsect1"><a name="idm1897"></a><h2>Options</h2><p>
</p><div class="variablelist"><dl class="variablelist"><dt><span class="term"> </p><div class="variablelist"><dl class="variablelist"><dt><span class="term">
<code class="option">--attr-from</code> <em class="replaceable"><code>filename</code></em> <code class="option">--attr-from</code> <em class="replaceable"><code>filename</code></em>
</span></dt><dd><p>Extract information from <em class="replaceable"><code>filename</code></em> </span></dt><dd><p>Extract information from <em class="replaceable"><code>filename</code></em>
@ -1243,7 +1250,7 @@ to enable debug output in the opensc library.</p></dd></dl></div><p>
<code class="option">--generate-random</code> <em class="replaceable"><code>num</code></em> <code class="option">--generate-random</code> <em class="replaceable"><code>num</code></em>
</span></dt><dd><p>Get <em class="replaceable"><code>num</code></em> bytes of random data. </span></dt><dd><p>Get <em class="replaceable"><code>num</code></em> bytes of random data.
</p></dd></dl></div><p> </p></dd></dl></div><p>
</p></div><div class="refsect1"><a name="idm2268"></a><h2>Examples</h2><p> </p></div><div class="refsect1"><a name="idm2300"></a><h2>Examples</h2><p>
To list all certificates on the smart card: To list all certificates on the smart card:
</p><pre class="programlisting">pkcs11-tool --list-objects --type cert</pre><p> </p><pre class="programlisting">pkcs11-tool --list-objects --type cert</pre><p>
@ -1259,12 +1266,13 @@ to enable debug output in the opensc library.</p></dd></dl></div><p>
using the private key with ID <em class="replaceable"><code>ID</code></em> and using the private key with ID <em class="replaceable"><code>ID</code></em> and
using the RSA-PKCS mechanism: using the RSA-PKCS mechanism:
</p><pre class="programlisting">pkcs11-tool --sign --id ID --mechanism RSA-PKCS --input-file data --output-file data.sig</pre><p> </p><pre class="programlisting">pkcs11-tool --sign --id ID --mechanism RSA-PKCS --input-file data --output-file data.sig</pre><p>
</p></div></div><div class="refentry"><div class="refentry.separator"><hr></div><a name="pkcs15-crypt"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>pkcs15-crypt &#8212; perform crypto operations using PKCS#15 smart cards</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">pkcs15-crypt</code> [<em class="replaceable"><code>OPTIONS</code></em>]</p></div></div><div class="refsect1"><a name="idm2293"></a><h2>Description</h2><p> </p></div><div class="refsect1"><a name="idm2310"></a><h2>Authors</h2><p><span class="command"><strong>pkcs11-tool</strong></span> was written by
Olaf Kirch <code class="email">&lt;<a class="email" href="mailto:okir@suse.de">okir@suse.de</a>&gt;</code>.</p></div></div><div class="refentry"><div class="refentry.separator"><hr></div><a name="pkcs15-crypt"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>pkcs15-crypt &#8212; perform crypto operations using PKCS#15 smart cards</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">pkcs15-crypt</code> [<em class="replaceable"><code>OPTIONS</code></em>]</p></div></div><div class="refsect1"><a name="idm2330"></a><h2>Description</h2><p>
The <span class="command"><strong>pkcs15-crypt</strong></span> utility can be used from the The <span class="command"><strong>pkcs15-crypt</strong></span> utility can be used from the
command line to perform cryptographic operations such as computing command line to perform cryptographic operations such as computing
digital signatures or decrypting data, using keys stored on a PKCS#15 digital signatures or decrypting data, using keys stored on a PKCS#15
compliant smart card. compliant smart card.
</p></div><div class="refsect1"><a name="idm2297"></a><h2>Options</h2><p> </p></div><div class="refsect1"><a name="idm2334"></a><h2>Options</h2><p>
</p><div class="variablelist"><dl class="variablelist"><dt><span class="term"> </p><div class="variablelist"><dl class="variablelist"><dt><span class="term">
<code class="option">--version</code>, <code class="option">--version</code>,
</span></dt><dd><p>Print the OpenSC package release version.</p></dd><dt><span class="term"> </span></dt><dd><p>Print the OpenSC package release version.</p></dd><dt><span class="term">
@ -1361,17 +1369,18 @@ to enable debug output in the opensc library.</p></dd></dl></div><p>
</span></dt><dd><p>Causes <span class="command"><strong>pkcs15-crypt</strong></span> to be more </span></dt><dd><p>Causes <span class="command"><strong>pkcs15-crypt</strong></span> to be more
verbose. Specify this flag several times to enable debug output verbose. Specify this flag several times to enable debug output
in the OpenSC library.</p></dd></dl></div><p> in the OpenSC library.</p></dd></dl></div><p>
</p></div><div class="refsect1"><a name="idm2424"></a><h2>See also</h2><p> </p></div><div class="refsect1"><a name="idm2461"></a><h2>See also</h2><p>
<span class="citerefentry"><span class="refentrytitle">pkcs15-init</span>(1)</span>, <span class="citerefentry"><span class="refentrytitle">pkcs15-init</span>(1)</span>,
<span class="citerefentry"><span class="refentrytitle">pkcs15-tool</span>(1)</span> <span class="citerefentry"><span class="refentrytitle">pkcs15-tool</span>(1)</span>
</p></div></div><div class="refentry"><div class="refentry.separator"><hr></div><a name="pkcs15-init"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>pkcs15-init &#8212; smart card personalization utility</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">pkcs15-init</code> [<em class="replaceable"><code>OPTIONS</code></em>]</p></div></div><div class="refsect1"><a name="idm2454"></a><h2>Description</h2><p> </p></div><div class="refsect1"><a name="idm2470"></a><h2>Authors</h2><p><span class="command"><strong>pkcs15-crypt</strong></span> was written by
Juha Yrjölä <code class="email">&lt;<a class="email" href="mailto:juha.yrjola@iki.fi">juha.yrjola@iki.fi</a>&gt;</code>.</p></div></div><div class="refentry"><div class="refentry.separator"><hr></div><a name="pkcs15-init"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>pkcs15-init &#8212; smart card personalization utility</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">pkcs15-init</code> [<em class="replaceable"><code>OPTIONS</code></em>]</p></div></div><div class="refsect1"><a name="idm2496"></a><h2>Description</h2><p>
The <span class="command"><strong>pkcs15-init</strong></span> utility can be used to create a PKCS #15 The <span class="command"><strong>pkcs15-init</strong></span> utility can be used to create a PKCS #15
structure on a smart card, and add key or certificate objects. Details of the structure on a smart card, and add key or certificate objects. Details of the
structure that will be created are controlled via profiles. structure that will be created are controlled via profiles.
</p><p> </p><p>
The profile used by default is <span class="command"><strong>pkcs15</strong></span>. Alternative The profile used by default is <span class="command"><strong>pkcs15</strong></span>. Alternative
profiles can be specified via the <code class="option">-p</code> switch. profiles can be specified via the <code class="option">-p</code> switch.
</p></div><div class="refsect1"><a name="idm2461"></a><h2>PIN Usage</h2><p> </p></div><div class="refsect1"><a name="idm2503"></a><h2>PIN Usage</h2><p>
<span class="command"><strong>pkcs15-init</strong></span> can be used to create a PKCS #15 structure on <span class="command"><strong>pkcs15-init</strong></span> can be used to create a PKCS #15 structure on
your smart card, create PINs, and install keys and certificates on the card. your smart card, create PINs, and install keys and certificates on the card.
This process is also called <em class="replaceable"><code>personalization</code></em>. This process is also called <em class="replaceable"><code>personalization</code></em>.
@ -1403,7 +1412,7 @@ to enable debug output in the opensc library.</p></dd></dl></div><p>
are protected and cannot be parsed without authentication (usually with User PIN). are protected and cannot be parsed without authentication (usually with User PIN).
This authentication need to be done immediately after the card binding. This authentication need to be done immediately after the card binding.
In such cases <code class="option">--verify-pin</code> has to be used. In such cases <code class="option">--verify-pin</code> has to be used.
</p></div><div class="refsect1"><a name="idm2473"></a><h2>Modes of operation</h2><div class="refsect2"><a name="idm2475"></a><h3>Initialization</h3><p>This is the first step during card personalization, and will create the </p></div><div class="refsect1"><a name="idm2515"></a><h2>Modes of operation</h2><div class="refsect2"><a name="idm2517"></a><h3>Initialization</h3><p>This is the first step during card personalization, and will create the
basic files on the card. To create the initial PKCS #15 structure, invoke the basic files on the card. To create the initial PKCS #15 structure, invoke the
utility as utility as
</p><p> </p><p>
@ -1413,7 +1422,7 @@ to enable debug output in the opensc library.</p></dd></dl></div><p>
</p><p> </p><p>
If the card supports it, you should erase the contents of the card with If the card supports it, you should erase the contents of the card with
<span class="command"><strong>pkcs15-init --erase-card</strong></span> before creating the PKCS#15 structure. <span class="command"><strong>pkcs15-init --erase-card</strong></span> before creating the PKCS#15 structure.
</p></div><div class="refsect2"><a name="idm2483"></a><h3>User PIN Installation</h3><p> </p></div><div class="refsect2"><a name="idm2525"></a><h3>User PIN Installation</h3><p>
Before installing any user objects such as private keys, you need at least one Before installing any user objects such as private keys, you need at least one
PIN to protect these objects. you can do this using PIN to protect these objects. you can do this using
</p><p> </p><p>
@ -1427,7 +1436,7 @@ to enable debug output in the opensc library.</p></dd></dl></div><p>
</p><p> </p><p>
To set a label for this PIN object (which can be used by applications to display To set a label for this PIN object (which can be used by applications to display
a meaningful prompt to the user), use the <code class="option">--label</code> command line option. a meaningful prompt to the user), use the <code class="option">--label</code> command line option.
</p></div><div class="refsect2"><a name="idm2493"></a><h3>Key generation</h3><p> </p></div><div class="refsect2"><a name="idm2535"></a><h3>Key generation</h3><p>
<span class="command"><strong>pkcs15-init</strong></span> lets you generate a new key and store it on the card. <span class="command"><strong>pkcs15-init</strong></span> lets you generate a new key and store it on the card.
You can do this using: You can do this using:
</p><p> </p><p>
@ -1445,7 +1454,7 @@ to enable debug output in the opensc library.</p></dd></dl></div><p>
In addition to storing the private portion of the key on the card, In addition to storing the private portion of the key on the card,
<span class="command"><strong>pkcs15-init</strong></span> will also store the the public portion of the <span class="command"><strong>pkcs15-init</strong></span> will also store the the public portion of the
key as a PKCS #15 public key object. key as a PKCS #15 public key object.
</p></div><div class="refsect2"><a name="idm2507"></a><h3>Private Key Upload</h3><p> </p></div><div class="refsect2"><a name="idm2549"></a><h3>Private Key Upload</h3><p>
You can use a private key generated by other means and upload it to the card. You can use a private key generated by other means and upload it to the card.
For instance, to upload a private key contained in a file named For instance, to upload a private key contained in a file named
<code class="filename">okir.pem</code>, which is in PEM format, you would use <code class="filename">okir.pem</code>, which is in PEM format, you would use
@ -1469,7 +1478,7 @@ to enable debug output in the opensc library.</p></dd></dl></div><p>
a file. A PKCS #12 file usually contains the X.509 certificate corresponding a file. A PKCS #12 file usually contains the X.509 certificate corresponding
to the private key. If that is the case, <span class="command"><strong>pkcs15-init</strong></span> will to the private key. If that is the case, <span class="command"><strong>pkcs15-init</strong></span> will
store the certificate instead of the public key portion. store the certificate instead of the public key portion.
</p></div><div class="refsect2"><a name="idm2521"></a><h3>Public Key Upload</h3><p> </p></div><div class="refsect2"><a name="idm2563"></a><h3>Public Key Upload</h3><p>
You can also upload individual public keys to the card using the You can also upload individual public keys to the card using the
<code class="option">--store-public-key</code> option, which takes a filename as an <code class="option">--store-public-key</code> option, which takes a filename as an
argument. This file is supposed to contain the public key. If you don't argument. This file is supposed to contain the public key. If you don't
@ -1480,12 +1489,12 @@ to enable debug output in the opensc library.</p></dd></dl></div><p>
Since the corresponding public keys are always uploaded automatically Since the corresponding public keys are always uploaded automatically
when generating a new key, or when uploading a private key, you will when generating a new key, or when uploading a private key, you will
probably use this option only very rarely. probably use this option only very rarely.
</p></div><div class="refsect2"><a name="idm2528"></a><h3>Certificate Upload</h3><p> </p></div><div class="refsect2"><a name="idm2570"></a><h3>Certificate Upload</h3><p>
You can upload certificates to the card using the You can upload certificates to the card using the
<code class="option">--store-certificate</code> option, which takes a filename as <code class="option">--store-certificate</code> option, which takes a filename as
an argument. This file is supposed to contain the PEM encoded X.509 an argument. This file is supposed to contain the PEM encoded X.509
certificate. certificate.
</p></div><div class="refsect2"><a name="idm2532"></a><h3>Uploading PKCS #12 bags</h3><p> </p></div><div class="refsect2"><a name="idm2574"></a><h3>Uploading PKCS #12 bags</h3><p>
Most browsers nowadays use PKCS #12 format files when you ask them to Most browsers nowadays use PKCS #12 format files when you ask them to
export your key and certificate to a file. <span class="command"><strong>pkcs15-init</strong></span> export your key and certificate to a file. <span class="command"><strong>pkcs15-init</strong></span>
is capable of parsing these files, and storing their contents on the is capable of parsing these files, and storing their contents on the
@ -1499,7 +1508,7 @@ to enable debug output in the opensc library.</p></dd></dl></div><p>
and protect it with the PIN referenced by authentication ID <code class="literal">01</code>. and protect it with the PIN referenced by authentication ID <code class="literal">01</code>.
It will also store any X.509 certificates contained in the file, which is It will also store any X.509 certificates contained in the file, which is
usually the user certificate that goes with the key, as well as the CA certificate. usually the user certificate that goes with the key, as well as the CA certificate.
</p></div><div class="refsect2"><a name="idm2541"></a><h3>Secret Key Upload</h3><p> </p></div><div class="refsect2"><a name="idm2583"></a><h3>Secret Key Upload</h3><p>
You can use a secret key generated by other means and upload it to the card. You can use a secret key generated by other means and upload it to the card.
For instance, to upload an AES-secret key generated by the system random generator For instance, to upload an AES-secret key generated by the system random generator
you would use you would use
@ -1508,7 +1517,7 @@ to enable debug output in the opensc library.</p></dd></dl></div><p>
</p><p> </p><p>
By default a random ID is generated for the secret key. You may specify an ID By default a random ID is generated for the secret key. You may specify an ID
with the <code class="option">--id</code> if needed. with the <code class="option">--id</code> if needed.
</p></div></div><div class="refsect1"><a name="idm2548"></a><h2>Options</h2><p> </p></div></div><div class="refsect1"><a name="idm2590"></a><h2>Options</h2><p>
</p><div class="variablelist"><dl class="variablelist"><dt><span class="term"> </p><div class="variablelist"><dl class="variablelist"><dt><span class="term">
<code class="option">--version</code>, <code class="option">--version</code>,
</span></dt><dd><p>Print the OpenSC package release version.</p></dd><dt><span class="term"> </span></dt><dd><p>Print the OpenSC package release version.</p></dd><dt><span class="term">
@ -1562,8 +1571,8 @@ to enable debug output in the opensc library.</p></dd></dl></div><p>
contain one long option per line, without the leading dashes, contain one long option per line, without the leading dashes,
for instance: for instance:
</p><pre class="programlisting"> </p><pre class="programlisting">
pin 1234 pin 1234
puk 87654321 puk 87654321
</pre><p> </pre><p>
</p><p> </p><p>
You can specify <code class="option">--options-file</code> several times. You can specify <code class="option">--options-file</code> several times.
@ -1845,16 +1854,17 @@ to enable debug output in the opensc library.</p></dd></dl></div><p>
</span></dt><dd><p> </span></dt><dd><p>
Display help message Display help message
</p></dd></dl></div><p> </p></dd></dl></div><p>
</p></div><div class="refsect1"><a name="idm2932"></a><h2>See also</h2><p> </p></div><div class="refsect1"><a name="idm2974"></a><h2>See also</h2><p>
<span class="citerefentry"><span class="refentrytitle">pkcs15-profile</span>(5)</span> <span class="citerefentry"><span class="refentrytitle">pkcs15-profile</span>(5)</span>
</p></div></div><div class="refentry"><div class="refentry.separator"><hr></div><a name="pkcs15-tool"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>pkcs15-tool &#8212; utility for manipulating PKCS #15 data structures </p></div><div class="refsect1"><a name="idm2980"></a><h2>Authors</h2><p><span class="command"><strong>pkcs15-init</strong></span> was written by
on smart cards and similar security tokens</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">pkcs15-tool</code> [<em class="replaceable"><code>OPTIONS</code></em>]</p></div></div><div class="refsect1"><a name="idm2953"></a><h2>Description</h2><p> Olaf Kirch <code class="email">&lt;<a class="email" href="mailto:okir@suse.de">okir@suse.de</a>&gt;</code>.</p></div></div><div class="refentry"><div class="refentry.separator"><hr></div><a name="pkcs15-tool"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>pkcs15-tool &#8212; utility for manipulating PKCS #15 data structures
on smart cards and similar security tokens</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">pkcs15-tool</code> [<em class="replaceable"><code>OPTIONS</code></em>]</p></div></div><div class="refsect1"><a name="idm3000"></a><h2>Description</h2><p>
The <span class="command"><strong>pkcs15-tool</strong></span> utility is used to manipulate The <span class="command"><strong>pkcs15-tool</strong></span> utility is used to manipulate
the PKCS #15 data structures on smart cards and similar security the PKCS #15 data structures on smart cards and similar security
tokens. Users can list and read PINs, keys and certificates stored tokens. Users can list and read PINs, keys and certificates stored
on the token. User PIN authentication is performed for those on the token. User PIN authentication is performed for those
operations that require it. operations that require it.
</p></div><div class="refsect1"><a name="idm2957"></a><h2>Options</h2><p> </p></div><div class="refsect1"><a name="idm3004"></a><h2>Options</h2><p>
</p><div class="variablelist"><dl class="variablelist"><dt><span class="term"> </p><div class="variablelist"><dl class="variablelist"><dt><span class="term">
<code class="option">--version</code>, <code class="option">--version</code>,
</span></dt><dd><p>Print the OpenSC package release version.</p></dd><dt><span class="term"> </span></dt><dd><p>Print the OpenSC package release version.</p></dd><dt><span class="term">
@ -1995,15 +2005,16 @@ to enable debug output in the opensc library.</p></dd></dl></div><p>
wait for a card insertion.</p></dd><dt><span class="term"> wait for a card insertion.</p></dd><dt><span class="term">
<code class="option">--use-pinpad</code> <code class="option">--use-pinpad</code>
</span></dt><dd><p>Do not prompt the user; if no PINs supplied, pinpad will be used.</p></dd></dl></div><p> </span></dt><dd><p>Do not prompt the user; if no PINs supplied, pinpad will be used.</p></dd></dl></div><p>
</p></div><div class="refsect1"><a name="idm3192"></a><h2>See also</h2><p> </p></div><div class="refsect1"><a name="idm3239"></a><h2>See also</h2><p>
<span class="citerefentry"><span class="refentrytitle">pkcs15-init</span>(1)</span>, <span class="citerefentry"><span class="refentrytitle">pkcs15-init</span>(1)</span>,
<span class="citerefentry"><span class="refentrytitle">pkcs15-crypt</span>(1)</span> <span class="citerefentry"><span class="refentrytitle">pkcs15-crypt</span>(1)</span>
</p></div></div><div class="refentry"><div class="refentry.separator"><hr></div><a name="sc-hsm-tool"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>sc-hsm-tool &#8212; smart card utility for SmartCard-HSM</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">sc-hsm-tool</code> [<em class="replaceable"><code>OPTIONS</code></em>]</p></div></div><div class="refsect1"><a name="idm3216"></a><p> </p></div><div class="refsect1"><a name="idm3248"></a><h2>Authors</h2><p><span class="command"><strong>pkcs15-tool</strong></span> was written by
Juha Yrjölä <code class="email">&lt;<a class="email" href="mailto:juha.yrjola@iki.fi">juha.yrjola@iki.fi</a>&gt;</code>.</p></div></div><div class="refentry"><div class="refentry.separator"><hr></div><a name="sc-hsm-tool"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>sc-hsm-tool &#8212; smart card utility for SmartCard-HSM</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">sc-hsm-tool</code> [<em class="replaceable"><code>OPTIONS</code></em>]</p></div></div><div class="refsect1"><a name="idm3268"></a><p>
The <span class="command"><strong>sc-hsm-tool</strong></span> utility can be used from the command line to perform The <span class="command"><strong>sc-hsm-tool</strong></span> utility can be used from the command line to perform
extended maintenance tasks not available via PKCS#11 or other tools in the OpenSC package. extended maintenance tasks not available via PKCS#11 or other tools in the OpenSC package.
It can be used to query the status of a SmartCard-HSM, initialize a device, generate and import It can be used to query the status of a SmartCard-HSM, initialize a device, generate and import
Device Key Encryption Key (DKEK) shares and to wrap and unwrap keys. Device Key Encryption Key (DKEK) shares and to wrap and unwrap keys.
</p></div><div class="refsect1"><a name="idm3219"></a><h2>Options</h2><p> </p></div><div class="refsect1"><a name="idm3271"></a><h2>Options</h2><p>
</p><div class="variablelist"><dl class="variablelist"><dt><span class="term"> </p><div class="variablelist"><dl class="variablelist"><dt><span class="term">
<code class="option">--initialize</code>, <code class="option">--initialize</code>,
<code class="option">-X</code> <code class="option">-X</code>
@ -2075,15 +2086,16 @@ to enable debug output in the opensc library.</p></dd></dl></div><p>
</span></dt><dd><p>Causes <span class="command"><strong>sc-hsm-tool</strong></span> to be more verbose. </span></dt><dd><p>Causes <span class="command"><strong>sc-hsm-tool</strong></span> to be more verbose.
Specify this flag several times to enable debug output in the opensc Specify this flag several times to enable debug output in the opensc
library.</p></dd></dl></div><p> library.</p></dd></dl></div><p>
</p></div><div class="refsect1"><a name="idm3382"></a><h2>Examples</h2><p>Create a DKEK share:</p><p><span class="command"><strong>sc-hsm-tool --create-dkek-share dkek-share-1.pbe</strong></span></p><p>Create a DKEK share with random password split up using a (3, 5) threshold scheme:</p><p><span class="command"><strong>sc-hsm-tool --create-dkek-share dkek-share-1.pbe --pwd-shares-threshold 3 --pwd-shares-total 5</strong></span></p><p>Initialize SmartCard-HSM to use a single DKEK share:</p><p><span class="command"><strong>sc-hsm-tool --initialize --so-pin 3537363231383830 --pin 648219 --dkek-shares 1 --label mytoken</strong></span></p><p>Import DKEK share:</p><p><span class="command"><strong>sc-hsm-tool --import-dkek-share dkek-share-1.pbe</strong></span></p><p>Import DKEK share using a password split up using a (3, 5) threshold scheme for encryption:</p><p><span class="command"><strong>sc-hsm-tool --import-dkek-share dkek-share-1.pbe --pwd-shares-total 3</strong></span></p><p>Wrap referenced key, description and certificate:</p><p><span class="command"><strong>sc-hsm-tool --wrap-key wrap-key.bin --key-reference 1 --pin 648219</strong></span></p><p>Unwrap key into same or in different SmartCard-HSM with the same DKEK:</p><p><span class="command"><strong>sc-hsm-tool --unwrap-key wrap-key.bin --key-reference 10 --pin 648219 --force</strong></span></p></div><div class="refsect1"><a name="idm3405"></a><h2>See also</h2><p> </p></div><div class="refsect1"><a name="idm3434"></a><h2>Examples</h2><p>Create a DKEK share:</p><p><span class="command"><strong>sc-hsm-tool --create-dkek-share dkek-share-1.pbe</strong></span></p><p>Create a DKEK share with random password split up using a (3, 5) threshold scheme:</p><p><span class="command"><strong>sc-hsm-tool --create-dkek-share dkek-share-1.pbe --pwd-shares-threshold 3 --pwd-shares-total 5</strong></span></p><p>Initialize SmartCard-HSM to use a single DKEK share:</p><p><span class="command"><strong>sc-hsm-tool --initialize --so-pin 3537363231383830 --pin 648219 --dkek-shares 1 --label mytoken</strong></span></p><p>Import DKEK share:</p><p><span class="command"><strong>sc-hsm-tool --import-dkek-share dkek-share-1.pbe</strong></span></p><p>Import DKEK share using a password split up using a (3, 5) threshold scheme for encryption:</p><p><span class="command"><strong>sc-hsm-tool --import-dkek-share dkek-share-1.pbe --pwd-shares-total 3</strong></span></p><p>Wrap referenced key, description and certificate:</p><p><span class="command"><strong>sc-hsm-tool --wrap-key wrap-key.bin --key-reference 1 --pin 648219</strong></span></p><p>Unwrap key into same or in different SmartCard-HSM with the same DKEK:</p><p><span class="command"><strong>sc-hsm-tool --unwrap-key wrap-key.bin --key-reference 10 --pin 648219 --force</strong></span></p></div><div class="refsect1"><a name="idm3457"></a><h2>See also</h2><p>
<span class="citerefentry"><span class="refentrytitle">opensc-tool</span>(1)</span> <span class="citerefentry"><span class="refentrytitle">opensc-tool</span>(1)</span>
</p></div></div><div class="refentry"><div class="refentry.separator"><hr></div><a name="westcos-tool"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>westcos-tool &#8212; utility for manipulating data structures </p></div><div class="refsect1"><a name="idm3463"></a><h2>Authors</h2><p><span class="command"><strong>sc-hsm-tool</strong></span> was written by
on westcos smart cards</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">westcos-tool</code> [<em class="replaceable"><code>OPTIONS</code></em>]</p></div></div><div class="refsect1"><a name="idm3426"></a><h2>Description</h2><p> Andreas Schwier <code class="email">&lt;<a class="email" href="mailto:andreas.schwier@cardcontact.de">andreas.schwier@cardcontact.de</a>&gt;</code>.</p></div></div><div class="refentry"><div class="refentry.separator"><hr></div><a name="westcos-tool"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>westcos-tool &#8212; utility for manipulating data structures
on westcos smart cards</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">westcos-tool</code> [<em class="replaceable"><code>OPTIONS</code></em>]</p></div></div><div class="refsect1"><a name="idm3483"></a><h2>Description</h2><p>
The <span class="command"><strong>westcos-tool</strong></span> utility is used to manipulate The <span class="command"><strong>westcos-tool</strong></span> utility is used to manipulate
the westcos data structures on 2 Ko smart cards / tokens. Users can create PINs, the westcos data structures on 2 Ko smart cards / tokens. Users can create PINs,
keys and certificates stored on the card / token. User PIN authentication is keys and certificates stored on the card / token. User PIN authentication is
performed for those operations that require it. performed for those operations that require it.
</p></div><div class="refsect1"><a name="idm3430"></a><h2>Options</h2><p> </p></div><div class="refsect1"><a name="idm3487"></a><h2>Options</h2><p>
</p><div class="variablelist"><dl class="variablelist"><dt><span class="term"> </p><div class="variablelist"><dl class="variablelist"><dt><span class="term">
<code class="option">--change-pin</code>, <code class="option">--change-pin</code>,
<code class="option">-n</code> <code class="option">-n</code>
@ -2165,8 +2177,8 @@ to enable debug output in the opensc library.</p></dd></dl></div><p>
from disk to card. from disk to card.
On the card the file is written in <em class="replaceable"><code>filename</code></em>. On the card the file is written in <em class="replaceable"><code>filename</code></em>.
User authentication is required for this operation.</p></dd></dl></div><p> User authentication is required for this operation.</p></dd></dl></div><p>
</p></div><div class="refsect1"><a name="idm3559"></a><h2>Authors</h2><p><span class="command"><strong>westcos-tool</strong></span> was written by </p></div><div class="refsect1"><a name="idm3616"></a><h2>Authors</h2><p><span class="command"><strong>westcos-tool</strong></span> was written by
Francois Leblanc <code class="email">&lt;<a class="email" href="mailto:francois.leblanc@cev-sa.com">francois.leblanc@cev-sa.com</a>&gt;</code>.</p></div></div></div><div class="reference"><div class="titlepage"><div><div><h1 class="title"><a name="idm3564"></a>OpenSC file formats</h1></div></div><hr></div><div class="toc"><p><b>Table of Contents</b></p><dl class="toc"><dt><span class="refentrytitle"><a href="#pkcs15-profile">pkcs15-profile</a></span><span class="refpurpose"> &#8212; format of profile for <span class="command"><strong>pkcs15-init</strong></span></span></dt></dl></div><div class="refentry"><a name="pkcs15-profile"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>pkcs15-profile &#8212; format of profile for <span class="command"><strong>pkcs15-init</strong></span></p></div><div class="refsect1"><a name="idm3578"></a><h2>Description</h2><p> Francois Leblanc <code class="email">&lt;<a class="email" href="mailto:francois.leblanc@cev-sa.com">francois.leblanc@cev-sa.com</a>&gt;</code>.</p></div></div></div><div class="reference"><div class="titlepage"><div><div><h1 class="title"><a name="idm3621"></a>OpenSC file formats</h1></div></div><hr></div><div class="toc"><p><b>Table of Contents</b></p><dl class="toc"><dt><span class="refentrytitle"><a href="#pkcs15-profile">pkcs15-profile</a></span><span class="refpurpose"> &#8212; format of profile for <span class="command"><strong>pkcs15-init</strong></span></span></dt></dl></div><div class="refentry"><a name="pkcs15-profile"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>pkcs15-profile &#8212; format of profile for <span class="command"><strong>pkcs15-init</strong></span></p></div><div class="refsect1"><a name="idm3635"></a><h2>Description</h2><p>
The <span class="command"><strong>pkcs15-init</strong></span> utility for PKCS #15 smart card The <span class="command"><strong>pkcs15-init</strong></span> utility for PKCS #15 smart card
personalization is controlled via profiles. When starting, it will read two personalization is controlled via profiles. When starting, it will read two
such profiles at the moment, a generic application profile, and a card such profiles at the moment, a generic application profile, and a card
@ -2182,10 +2194,10 @@ to enable debug output in the opensc library.</p></dd></dl></div><p>
The card specific profile contains additional information required during The card specific profile contains additional information required during
card initialization, such as location of PIN files, key references etc. card initialization, such as location of PIN files, key references etc.
Profiles currently reside in <span class="command"><strong>@pkgdatadir@</strong></span> Profiles currently reside in <span class="command"><strong>@pkgdatadir@</strong></span>
</p></div><div class="refsect1"><a name="idm3586"></a><h2>Syntax</h2><p> </p></div><div class="refsect1"><a name="idm3643"></a><h2>Syntax</h2><p>
This section should contain information about the profile syntax. Will add This section should contain information about the profile syntax. Will add
this soonishly. this soonishly.
</p></div><div class="refsect1"><a name="idm3589"></a><h2>See also</h2><p> </p></div><div class="refsect1"><a name="idm3646"></a><h2>See also</h2><p>
<span class="citerefentry"><span class="refentrytitle">pkcs15-init</span>(1)</span>, <span class="citerefentry"><span class="refentrytitle">pkcs15-init</span>(1)</span>,
<span class="citerefentry"><span class="refentrytitle">pkcs15-crypt</span>(1)</span> <span class="citerefentry"><span class="refentrytitle">pkcs15-crypt</span>(1)</span>
</p></div></div></div></div></body></html> </p></div></div></div></div></body></html>

View File

@ -3,8 +3,7 @@
* card-default.c: Support for cards with no driver * card-default.c: Support for cards with no driver
* *
* Copyright (C) 2001, 2002 Juha Yrjölä <juha.yrjola@iki.fi> * Copyright (C) 2001, 2002 Juha Yrjölä <juha.yrjola@iki.fi>
* Copyright (C) 2005,2006,2007,2008,2009,2010 Douglas E. Engert <deengert@anl.gov> * Copyright (C) 2005-2016 Douglas E. Engert <deengert@gmail.com>
* Copyright (C) 2016 Douglas E. Engert <deengert@gmail.com>
* Copyright (C) 2006, Identity Alliance, Thomas Harning <thomas.harning@identityalliance.com> * Copyright (C) 2006, Identity Alliance, Thomas Harning <thomas.harning@identityalliance.com>
* Copyright (C) 2007, EMC, Russell Larner <rlarner@rsa.com> * Copyright (C) 2007, EMC, Russell Larner <rlarner@rsa.com>
* *

View File

@ -2,7 +2,7 @@
* piv-tool.c: Tool for accessing smart cards with libopensc * piv-tool.c: Tool for accessing smart cards with libopensc
* *
* Copyright (C) 2001 Juha Yrjölä <juha.yrjola@iki.fi> * Copyright (C) 2001 Juha Yrjölä <juha.yrjola@iki.fi>
* Copyright (C) 2005,2010 Douglas E. Engert <deengert@anl.gov> * Copyright (C) 2005,2010 Douglas E. Engert <deengert@gmail.com>
* *
* This library is free software; you can redistribute it and/or * This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public * modify it under the terms of the GNU Lesser General Public