giomba
/
opensc
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

manuals: added missing "Authors" section

This commit is contained in:
Frank Morgner 2018-05-08 08:25:15 +02:00
parent 99eed0aa82
commit 1798bbe692
16 changed files with 715 additions and 636 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
doc/tools/cardos-tool.1.xml
View File

@ -88,4 +88,10 @@ smart cards and similar security tokens based on Siemens Card/OS M4.
</variablelist>
</para>
</refsect1>
<refsect1>
<title>Authors</title>
<para><command>cardos-tool</command> was written by
Andreas Jellinghaus <email>aj@dungeon.inka.de</email>.</para>
</refsect1>
</refentry>

6
doc/tools/cryptoflex-tool.1.xml
View File

@ -185,4 +185,10 @@
</para>
</refsect1>
<refsect1>
<title>Authors</title>
<para><command>cryptoflex-tool</command> was written by
Juha Yrjölä <email>juha.yrjola@iki.fi</email>.</para>
</refsect1>
</refentry>

4
doc/tools/dnie-tool.1.xml
View File

@ -124,10 +124,6 @@ to enable debug output in the opensc library.</para></listitem>
</para>
</refsect1>
<refsect1>
<title>See also</title>
<para>opensc(7)</para>
</refsect1>
<refsect1>
<title>Authors</title>
<para><command>dnie-tool</command> was written by

6
doc/tools/gids-tool.1.xml
View File

@ -120,4 +120,10 @@
</para>
</refsect1>
<refsect1>
<title>Authors</title>
<para><command>gids-tool</command> was written by
Vincent Le Toux <email>vincent.letoux@mysmartlogon.com</email>.</para>
</refsect1>
</refentry>

6
doc/tools/iasecc-tool.1.xml
View File

@ -84,4 +84,10 @@
</variablelist>
</para>
</refsect1>
<refsect1>
<title>Authors</title>
<para><command>iasecc-tool</command> was written by
Viktor Tarasov <email>viktor.tarasov@gmail.com</email>.</para>
</refsect1>
</refentry>

6
doc/tools/opensc-explorer.1.xml
View File

@ -510,4 +510,10 @@
</para>
</refsect1>
<refsect1>
<title>Authors</title>
<para><command>opensc-explorer</command> was written by
Juha Yrjölä <email>juha.yrjola@iki.fi</email>.</para>
</refsect1>
</refentry>

6
doc/tools/opensc-tool.1.xml
View File

@ -175,4 +175,10 @@
</para>
</refsect1>
<refsect1>
<title>Authors</title>
<para><command>opensc-tool</command> was written by
Juha Yrjölä <email>juha.yrjola@iki.fi</email>.</para>
</refsect1>
</refentry>

6
doc/tools/piv-tool.1.xml
View File

@ -201,4 +201,10 @@
</para>
</refsect1>
<refsect1>
<title>Authors</title>
<para><command>piv-tool</command> was written by
Douglas E. Engert <email>deengert@gmail.com</email>.</para>
</refsect1>
</refentry>

6
doc/tools/pkcs11-tool.1.xml
View File

@ -581,4 +581,10 @@
</para>
</refsect1>
<refsect1>
<title>Authors</title>
<para><command>pkcs11-tool</command> was written by
Olaf Kirch <email>okir@suse.de</email>.</para>
</refsect1>
</refentry>

6
doc/tools/pkcs15-crypt.1.xml
View File

@ -224,4 +224,10 @@
</para>
</refsect1>
<refsect1>
<title>Authors</title>
<para><command>pkcs15-crypt</command> was written by
Juha Yrjölä <email>juha.yrjola@iki.fi</email>.</para>
</refsect1>
</refentry>

6
doc/tools/pkcs15-init.1.xml
View File

@ -921,4 +921,10 @@
</para>
</refsect1>
<refsect1>
<title>Authors</title>
<para><command>pkcs15-init</command> was written by
Olaf Kirch <email>okir@suse.de</email>.</para>
</refsect1>
</refentry>

6
doc/tools/pkcs15-tool.1.xml
View File

@ -380,4 +380,10 @@
</para>
</refsect1>
<refsect1>
<title>Authors</title>
<para><command>pkcs15-tool</command> was written by
Juha Yrjölä <email>juha.yrjola@iki.fi</email>.</para>
</refsect1>
</refentry>

6
doc/tools/sc-hsm-tool.1.xml
View File

@ -263,4 +263,10 @@
</para>
</refsect1>
<refsect1>
<title>Authors</title>
<para><command>sc-hsm-tool</command> was written by
Andreas Schwier <email>andreas.schwier@cardcontact.de</email>.</para>
</refsect1>
</refentry>

166
doc/tools/tools.html
View File

@ -43,7 +43,7 @@ span.errortext {
font-style: italic;
}
--></style></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="book"><div class="titlepage"><div><div><h1 class="title"><a name="idm1"></a>OpenSC Manuals</h1></div></div><hr></div><div class="toc"><p><b>Table of Contents</b></p><dl class="toc"><dt><span class="reference"><a href="#idm3">I. OpenSC tools</a></span></dt><dt><span class="reference"><a href="#idm3564">II. OpenSC file formats</a></span></dt></dl></div><div class="reference"><div class="titlepage"><div><div><h1 class="title"><a name="idm3"></a>OpenSC tools</h1></div></div><hr></div><div class="toc"><p><b>Table of Contents</b></p><dl class="toc"><dt><span class="refentrytitle"><a href="#cardos-tool">cardos-tool</a></span><span class="refpurpose"> &#8212; displays information about Card OS-based security tokens or format them
--></style></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="book"><div class="titlepage"><div><div><h1 class="title"><a name="idm1"></a>OpenSC Manuals</h1></div></div><hr></div><div class="toc"><p><b>Table of Contents</b></p><dl class="toc"><dt><span class="reference"><a href="#idm3">I. OpenSC tools</a></span></dt><dt><span class="reference"><a href="#idm3621">II. OpenSC file formats</a></span></dt></dl></div><div class="reference"><div class="titlepage"><div><div><h1 class="title"><a name="idm3"></a>OpenSC tools</h1></div></div><hr></div><div class="toc"><p><b>Table of Contents</b></p><dl class="toc"><dt><span class="refentrytitle"><a href="#cardos-tool">cardos-tool</a></span><span class="refpurpose"> &#8212; displays information about Card OS-based security tokens or format them
</span></dt><dt><span class="refentrytitle"><a href="#cryptoflex-tool">cryptoflex-tool</a></span><span class="refpurpose"> &#8212; utility for manipulating Schlumberger Cryptoflex data structures</span></dt><dt><span class="refentrytitle"><a href="#dnie-tool">dnie-tool</a></span><span class="refpurpose"> &#8212; displays information about DNIe based security tokens</span></dt><dt><span class="refentrytitle"><a href="#eidenv">eidenv</a></span><span class="refpurpose"> &#8212; utility for accessing visible data from
electronic identity cards</span></dt><dt><span class="refentrytitle"><a href="#gids-tool">gids-tool</a></span><span class="refpurpose"> &#8212; smart card utility for GIDS cards</span></dt><dt><span class="refentrytitle"><a href="#netkey-tool">netkey-tool</a></span><span class="refpurpose"> &#8212; administrative utility for Netkey E4 cards</span></dt><dt><span class="refentrytitle"><a href="#cardos-tool">iasecc-tool</a></span><span class="refpurpose"> &#8212; displays information about IAS/ECC card
</span></dt><dt><span class="refentrytitle"><a href="#openpgp-tool">openpgp-tool</a></span><span class="refpurpose"> &#8212; utility for accessing visible data OpenPGP smart cards
@ -84,12 +84,13 @@ smart cards and similar security tokens based on Siemens Card/OS M4.
<code class="option">-w</code>
</span></dt><dd><p>Causes <span class="command"><strong>cardos-tool</strong></span> to wait for the token
to be inserted into reader.</p></dd></dl></div><p>
</p></div></div><div class="refentry"><div class="refentry.separator"><hr></div><a name="cryptoflex-tool"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>cryptoflex-tool &#8212; utility for manipulating Schlumberger Cryptoflex data structures</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">cryptoflex-tool</code> [<em class="replaceable"><code>OPTIONS</code></em>]</p></div></div><div class="refsect1"><a name="idm88"></a><h2>Description</h2><p>
</p></div><div class="refsect1"><a name="idm73"></a><h2>Authors</h2><p><span class="command"><strong>cardos-tool</strong></span> was written by
Andreas Jellinghaus <code class="email">&lt;<a class="email" href="mailto:aj@dungeon.inka.de">aj@dungeon.inka.de</a>&gt;</code>.</p></div></div><div class="refentry"><div class="refentry.separator"><hr></div><a name="cryptoflex-tool"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>cryptoflex-tool &#8212; utility for manipulating Schlumberger Cryptoflex data structures</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">cryptoflex-tool</code> [<em class="replaceable"><code>OPTIONS</code></em>]</p></div></div><div class="refsect1"><a name="idm93"></a><h2>Description</h2><p>
<span class="command"><strong>cryptoflex-tool</strong></span> is used to manipulate PKCS
data structures on Schlumberger Cryptoflex smart cards. Users
can create, list and read PINs and keys stored on the smart card.
User PIN authentication is performed for those operations that require it.
</p></div><div class="refsect1"><a name="idm92"></a><h2>Options</h2><p>
</p></div><div class="refsect1"><a name="idm97"></a><h2>Options</h2><p>
</p><div class="variablelist"><dl class="variablelist"><dt><span class="term">
<code class="option">--app-df</code> <em class="replaceable"><code>num</code></em>,
<code class="option">-a</code> <em class="replaceable"><code>num</code></em>
@ -151,11 +152,12 @@ smart cards and similar security tokens based on Siemens Card/OS M4.
<code class="option">-w</code>
</span></dt><dd><p>Causes <span class="command"><strong>cryptoflex-tool</strong></span> to
wait for a card insertion.</p></dd></dl></div><p>
</p></div><div class="refsect1"><a name="idm213"></a><h2>See also</h2><p>
</p></div><div class="refsect1"><a name="idm218"></a><h2>See also</h2><p>
<span class="citerefentry"><span class="refentrytitle">pkcs15-tool</span>(1)</span>
</p></div></div><div class="refentry"><div class="refentry.separator"><hr></div><a name="dnie-tool"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>dnie-tool &#8212; displays information about DNIe based security tokens</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">dnie-tool</code> [<em class="replaceable"><code>OPTIONS</code></em>]</p></div></div><div class="refsect1"><a name="idm234"></a><h2>Description</h2><p>
</p></div><div class="refsect1"><a name="idm224"></a><h2>Authors</h2><p><span class="command"><strong>cryptoflex-tool</strong></span> was written by
Juha Yrjölä <code class="email">&lt;<a class="email" href="mailto:juha.yrjola@iki.fi">juha.yrjola@iki.fi</a>&gt;</code>.</p></div></div><div class="refentry"><div class="refentry.separator"><hr></div><a name="dnie-tool"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>dnie-tool &#8212; displays information about DNIe based security tokens</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">dnie-tool</code> [<em class="replaceable"><code>OPTIONS</code></em>]</p></div></div><div class="refsect1"><a name="idm244"></a><h2>Description</h2><p>
The <span class="command"><strong>dnie-tool</strong></span> utility is used to display additional information about DNIe, the Spanish National eID card.
</p></div><div class="refsect1"><a name="idm238"></a><h2>Options</h2><p>
</p></div><div class="refsect1"><a name="idm248"></a><h2>Options</h2><p>
</p><div class="variablelist"><dl class="variablelist"><dt><span class="term">
<code class="option">--idesp</code>,
<code class="option">-i</code>
@ -203,16 +205,16 @@ smart cards and similar security tokens based on Siemens Card/OS M4.
</span></dt><dd><p>Causes <span class="command"><strong>dnie-tool</strong></span> to be more verbose.
Specify this flag several times
to enable debug output in the opensc library.</p></dd></dl></div><p>
</p></div><div class="refsect1"><a name="idm315"></a><h2>See also</h2><p>opensc(7)</p></div><div class="refsect1"><a name="idm318"></a><h2>Authors</h2><p><span class="command"><strong>dnie-tool</strong></span> was written by
</p></div><div class="refsect1"><a name="idm325"></a><h2>Authors</h2><p><span class="command"><strong>dnie-tool</strong></span> was written by
Juan Antonio Martinez <code class="email">&lt;<a class="email" href="mailto:jonsito@terra.es">jonsito@terra.es</a>&gt;</code>.</p></div></div><div class="refentry"><div class="refentry.separator"><hr></div><a name="eidenv"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>eidenv &#8212; utility for accessing visible data from
electronic identity cards</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">eidenv</code> [<em class="replaceable"><code>OPTIONS</code></em>]</p></div></div><div class="refsect1"><a name="idm338"></a><h2>Description</h2><p>
electronic identity cards</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">eidenv</code> [<em class="replaceable"><code>OPTIONS</code></em>]</p></div></div><div class="refsect1"><a name="idm345"></a><h2>Description</h2><p>
The <span class="command"><strong>eidenv</strong></span> utility is used for
accessing data from electronic identity cards (like
national eID cards) which might not be present in
PKCS#15 objects but available in custom files on the
card. The data can be printed on screen or used by
other programs via environment variables.
</p></div><div class="refsect1"><a name="idm342"></a><h2>Options</h2><p>
</p></div><div class="refsect1"><a name="idm349"></a><h2>Options</h2><p>
</p><div class="variablelist"><dl class="variablelist"><dt><span class="term">
<code class="option">--exec</code> <em class="replaceable"><code>prog</code></em>,
<code class="option">-x</code> <em class="replaceable"><code>prog</code></em>
@ -245,11 +247,11 @@ to enable debug output in the opensc library.</p></dd></dl></div><p>
<code class="option">--wait</code>,
<code class="option">-w</code>
</span></dt><dd><p>Wait for a card to be inserted</p></dd></dl></div><p>
</p></div><div class="refsect1"><a name="idm393"></a><h2>Authors</h2><p><span class="command"><strong>eidenv</strong></span> utility was written by
Stef Hoeben and Martin Paljak <code class="email">&lt;<a class="email" href="mailto:martin@martinpaljak.net">martin@martinpaljak.net</a>&gt;</code>.</p></div></div><div class="refentry"><div class="refentry.separator"><hr></div><a name="gids-tool"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>gids-tool &#8212; smart card utility for GIDS cards</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">gids-tool</code> [<em class="replaceable"><code>OPTIONS</code></em>]</p></div></div><div class="refsect1"><a name="idm413"></a><p>
</p></div><div class="refsect1"><a name="idm400"></a><h2>Authors</h2><p><span class="command"><strong>eidenv</strong></span> utility was written by
Stef Hoeben and Martin Paljak <code class="email">&lt;<a class="email" href="mailto:martin@martinpaljak.net">martin@martinpaljak.net</a>&gt;</code>.</p></div></div><div class="refentry"><div class="refentry.separator"><hr></div><a name="gids-tool"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>gids-tool &#8212; smart card utility for GIDS cards</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">gids-tool</code> [<em class="replaceable"><code>OPTIONS</code></em>]</p></div></div><div class="refsect1"><a name="idm420"></a><p>
The <span class="command"><strong>gids-tool</strong></span> utility can be used from the command line to perform
miscellaneous smart card operations on a GIDS smart card.
</p></div><div class="refsect1"><a name="idm416"></a><h2>Options</h2><p>
</p></div><div class="refsect1"><a name="idm423"></a><h2>Options</h2><p>
</p><div class="variablelist"><dl class="variablelist"><dt><span class="term">
<code class="option">-X</code>,
<code class="option">--initialize</code>
@ -284,13 +286,14 @@ to enable debug output in the opensc library.</p></dd></dl></div><p>
<code class="option">--verbose</code>
</span></dt><dd><p>Verbose operation. Use several times to
enable debug output.</p></dd></dl></div><p>
</p></div><div class="refsect1"><a name="idm483"></a><h2>See also</h2><p>
</p></div><div class="refsect1"><a name="idm490"></a><h2>See also</h2><p>
<span class="citerefentry"><span class="refentrytitle">opensc-tool</span>(1)</span>
</p></div></div><div class="refentry"><div class="refentry.separator"><hr></div><a name="netkey-tool"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>netkey-tool &#8212; administrative utility for Netkey E4 cards</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">netkey-tool</code> [<em class="replaceable"><code>OPTIONS</code></em>] [<em class="replaceable"><code>COMMAND</code></em>]</p></div></div><div class="refsect1"><a name="idm506"></a><h2>Description</h2><p>The <span class="command"><strong>netkey-tool</strong></span> utility can be used from the
</p></div><div class="refsect1"><a name="idm496"></a><h2>Authors</h2><p><span class="command"><strong>gids-tool</strong></span> was written by
Vincent Le Toux <code class="email">&lt;<a class="email" href="mailto:vincent.letoux@mysmartlogon.com">vincent.letoux@mysmartlogon.com</a>&gt;</code>.</p></div></div><div class="refentry"><div class="refentry.separator"><hr></div><a name="netkey-tool"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>netkey-tool &#8212; administrative utility for Netkey E4 cards</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">netkey-tool</code> [<em class="replaceable"><code>OPTIONS</code></em>] [<em class="replaceable"><code>COMMAND</code></em>]</p></div></div><div class="refsect1"><a name="idm518"></a><h2>Description</h2><p>The <span class="command"><strong>netkey-tool</strong></span> utility can be used from the
command line to perform some smart card operations with NetKey E4 cards
that cannot be done easily with other OpenSC-tools, such as changing local
PINs, storing certificates into empty NetKey E4 cert-files or displaying
the initial PUK-value.</p></div><div class="refsect1"><a name="idm510"></a><h2>Options</h2><p>
the initial PUK-value.</p></div><div class="refsect1"><a name="idm522"></a><h2>Options</h2><p>
</p><div class="variablelist"><dl class="variablelist"><dt><span class="term">
<code class="option">--help</code>,
<code class="option">-h</code>
@ -318,11 +321,11 @@ to enable debug output in the opensc library.</p></dd></dl></div><p>
<code class="option">-v</code>
</span></dt><dd><p>Causes <span class="command"><strong>netkey-tool</strong></span> to be more verbose. This
options may be specified multiple times to increase verbosity.</p></dd></dl></div><p>
</p></div><div class="refsect1"><a name="idm567"></a><h2>PIN format</h2><p>With the <code class="option">-p</code>, <code class="option">-u</code>, <code class="option">-0</code> or the <code class="option">-1</code>
</p></div><div class="refsect1"><a name="idm579"></a><h2>PIN format</h2><p>With the <code class="option">-p</code>, <code class="option">-u</code>, <code class="option">-0</code> or the <code class="option">-1</code>
one of the cards pins may be specified. You may use plain ascii-strings (i.e. 123456) or a hex-string
(i.e. 31:32:33:34:35:36). A hex-string must consist of exactly n 2-digit hexnumbers separated by n-1 colons.
Otherwise it will be interpreted as an ascii string. For example :12:34: and 1:2:3:4 are both pins of
length 7, while 12:34 and 01:02:03:04 are pins of length 2 and 4.</p></div><div class="refsect1"><a name="idm574"></a><h2>Commands</h2><p>When used without any options or commands, <span class="command"><strong>netkey-tool</strong></span> will
length 7, while 12:34 and 01:02:03:04 are pins of length 2 and 4.</p></div><div class="refsect1"><a name="idm586"></a><h2>Commands</h2><p>When used without any options or commands, <span class="command"><strong>netkey-tool</strong></span> will
display information about the smart cards pins and certificates. This will not change
your card in any aspect (assumed there are no bugs in <span class="command"><strong>netkey-tool</strong></span>).
In particular the tries-left counters of the pins are investigated without doing
@ -364,13 +367,13 @@ to enable debug output in the opensc library.</p></dd></dl></div><p>
</span></dt><dd><p>This unblocks the specified pin. You must specify another pin
to be able to do this and if you don't specify a correct one,
<span class="command"><strong>netkey-tool</strong></span> will tell you which one is needed.</p></dd></dl></div><p>
</p></div><div class="refsect1"><a name="idm635"></a><h2>See also</h2><p>
</p></div><div class="refsect1"><a name="idm647"></a><h2>See also</h2><p>
<span class="citerefentry"><span class="refentrytitle">opensc-explorer</span>(1)</span>
</p></div><div class="refsect1"><a name="idm641"></a><h2>Authors</h2><p><span class="command"><strong>netkey-tool</strong></span> was written by
</p></div><div class="refsect1"><a name="idm653"></a><h2>Authors</h2><p><span class="command"><strong>netkey-tool</strong></span> was written by
Peter Koch <code class="email">&lt;<a class="email" href="mailto:pk_opensc@web.de">pk_opensc@web.de</a>&gt;</code>.</p></div></div><div class="refentry"><div class="refentry.separator"><hr></div><a name="cardos-tool"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>iasecc-tool &#8212; displays information about IAS/ECC card
</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">iasecc-tool</code> [<em class="replaceable"><code>OPTIONS</code></em>]</p></div></div><div class="refsect1"><a name="idm661"></a><h2>Description</h2><p>
</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">iasecc-tool</code> [<em class="replaceable"><code>OPTIONS</code></em>]</p></div></div><div class="refsect1"><a name="idm673"></a><h2>Description</h2><p>
The <span class="command"><strong>iasecc-tool</strong></span> utility is used to display information about IAS/ECC v1.0.1 smart cards.
</p></div><div class="refsect1"><a name="idm665"></a><h2>Options</h2><p>
</p></div><div class="refsect1"><a name="idm677"></a><h2>Options</h2><p>
</p><div class="variablelist"><dl class="variablelist"><dt><span class="term">
<code class="option">--reader</code> <em class="replaceable"><code>number</code></em>,
</span></dt><dd><p>
@ -394,8 +397,9 @@ to enable debug output in the opensc library.</p></dd></dl></div><p>
<code class="option">-w</code>
</span></dt><dd><p>Causes <span class="command"><strong>iasecc-tool</strong></span> to wait for the token
to be inserted into reader.</p></dd></dl></div><p>
</p></div></div><div class="refentry"><div class="refentry.separator"><hr></div><a name="openpgp-tool"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>openpgp-tool &#8212; utility for accessing visible data OpenPGP smart cards
and compatible tokens</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">openpgp-tool</code> [<em class="replaceable"><code>OPTIONS</code></em>]</p></div></div><div class="refsect1"><a name="idm724"></a><h2>Description</h2><p>
</p></div><div class="refsect1"><a name="idm721"></a><h2>Authors</h2><p><span class="command"><strong>iasecc-tool</strong></span> was written by
Viktor Tarasov <code class="email">&lt;<a class="email" href="mailto:viktor.tarasov@gmail.com">viktor.tarasov@gmail.com</a>&gt;</code>.</p></div></div><div class="refentry"><div class="refentry.separator"><hr></div><a name="openpgp-tool"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>openpgp-tool &#8212; utility for accessing visible data OpenPGP smart cards
and compatible tokens</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">openpgp-tool</code> [<em class="replaceable"><code>OPTIONS</code></em>]</p></div></div><div class="refsect1"><a name="idm741"></a><h2>Description</h2><p>
The <span class="command"><strong>openpgp-tool</strong></span> utility is used for
accessing data from the OpenPGP v1.1 and v2.0 smart cards
and compatible tokens like e.g. GPF CryptoStick v1.x,
@ -403,7 +407,7 @@ to enable debug output in the opensc library.</p></dd></dl></div><p>
PKCS#15 objects but available in custom files on the
card. The data can be printed on screen or used by
other programs via environment variables.
</p></div><div class="refsect1"><a name="idm728"></a><h2>Options</h2><p>
</p></div><div class="refsect1"><a name="idm745"></a><h2>Options</h2><p>
</p><div class="variablelist"><dl class="variablelist"><dt><span class="term">
<code class="option">--exec</code> <em class="replaceable"><code>prog</code></em>,
<code class="option">-x</code> <em class="replaceable"><code>prog</code></em>
@ -472,12 +476,12 @@ to enable debug output in the opensc library.</p></dd></dl></div><p>
</span></dt><dd><p>
Wait for a card to be inserted.
</p></dd></dl></div><p>
</p></div><div class="refsect1"><a name="idm819"></a><h2>Authors</h2><p><span class="command"><strong>openpgp-tool</strong></span> utility was written by
Peter Marschall <code class="email">&lt;<a class="email" href="mailto:peter@adpm.de">peter@adpm.de</a>&gt;</code>.</p></div></div><div class="refentry"><div class="refentry.separator"><hr></div><a name="netkey-tool"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>netkey-tool &#8212; administrative utility for Netkey E4 cards</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">netkey-tool</code> [<em class="replaceable"><code>OPTIONS</code></em>] [<em class="replaceable"><code>COMMAND</code></em>]</p></div></div><div class="refsect1"><a name="idm841"></a><h2>Description</h2><p>The <span class="command"><strong>netkey-tool</strong></span> utility can be used from the
</p></div><div class="refsect1"><a name="idm836"></a><h2>Authors</h2><p><span class="command"><strong>openpgp-tool</strong></span> utility was written by
Peter Marschall <code class="email">&lt;<a class="email" href="mailto:peter@adpm.de">peter@adpm.de</a>&gt;</code>.</p></div></div><div class="refentry"><div class="refentry.separator"><hr></div><a name="netkey-tool"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>netkey-tool &#8212; administrative utility for Netkey E4 cards</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">netkey-tool</code> [<em class="replaceable"><code>OPTIONS</code></em>] [<em class="replaceable"><code>COMMAND</code></em>]</p></div></div><div class="refsect1"><a name="idm858"></a><h2>Description</h2><p>The <span class="command"><strong>netkey-tool</strong></span> utility can be used from the
command line to perform some smart card operations with NetKey E4 cards
that cannot be done easily with other OpenSC-tools, such as changing local
PINs, storing certificates into empty NetKey E4 cert-files or displaying
the initial PUK-value.</p></div><div class="refsect1"><a name="idm845"></a><h2>Options</h2><p>
the initial PUK-value.</p></div><div class="refsect1"><a name="idm862"></a><h2>Options</h2><p>
</p><div class="variablelist"><dl class="variablelist"><dt><span class="term">
<code class="option">--help</code>,
<code class="option">-h</code>
@ -505,11 +509,11 @@ to enable debug output in the opensc library.</p></dd></dl></div><p>
<code class="option">-v</code>
</span></dt><dd><p>Causes <span class="command"><strong>netkey-tool</strong></span> to be more verbose. This
options may be specified multiple times to increase verbosity.</p></dd></dl></div><p>
</p></div><div class="refsect1"><a name="idm902"></a><h2>PIN format</h2><p>With the <code class="option">-p</code>, <code class="option">-u</code>, <code class="option">-0</code> or the <code class="option">-1</code>
</p></div><div class="refsect1"><a name="idm919"></a><h2>PIN format</h2><p>With the <code class="option">-p</code>, <code class="option">-u</code>, <code class="option">-0</code> or the <code class="option">-1</code>
one of the cards pins may be specified. You may use plain ascii-strings (i.e. 123456) or a hex-string
(i.e. 31:32:33:34:35:36). A hex-string must consist of exactly n 2-digit hexnumbers separated by n-1 colons.
Otherwise it will be interpreted as an ascii string. For example :12:34: and 1:2:3:4 are both pins of
length 7, while 12:34 and 01:02:03:04 are pins of length 2 and 4.</p></div><div class="refsect1"><a name="idm909"></a><h2>Commands</h2><p>When used without any options or commands, <span class="command"><strong>netkey-tool</strong></span> will
length 7, while 12:34 and 01:02:03:04 are pins of length 2 and 4.</p></div><div class="refsect1"><a name="idm926"></a><h2>Commands</h2><p>When used without any options or commands, <span class="command"><strong>netkey-tool</strong></span> will
display information about the smart cards pins and certificates. This will not change
your card in any aspect (assumed there are no bugs in <span class="command"><strong>netkey-tool</strong></span>).
In particular the tries-left counters of the pins are investigated without doing
@ -551,11 +555,11 @@ to enable debug output in the opensc library.</p></dd></dl></div><p>
</span></dt><dd><p>This unblocks the specified pin. You must specify another pin
to be able to do this and if you don't specify a correct one,
<span class="command"><strong>netkey-tool</strong></span> will tell you which one is needed.</p></dd></dl></div><p>
</p></div><div class="refsect1"><a name="idm970"></a><h2>See also</h2><p>
</p></div><div class="refsect1"><a name="idm987"></a><h2>See also</h2><p>
<span class="citerefentry"><span class="refentrytitle">opensc-explorer</span>(1)</span>
</p></div><div class="refsect1"><a name="idm976"></a><h2>Authors</h2><p><span class="command"><strong>netkey-tool</strong></span> was written by
</p></div><div class="refsect1"><a name="idm993"></a><h2>Authors</h2><p><span class="command"><strong>netkey-tool</strong></span> was written by
Peter Koch <code class="email">&lt;<a class="email" href="mailto:pk_opensc@web.de">pk_opensc@web.de</a>&gt;</code>.</p></div></div><div class="refentry"><div class="refentry.separator"><hr></div><a name="openpgp-tool"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>openpgp-tool &#8212; utility for accessing visible data OpenPGP smart cards
and compatible tokens</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">openpgp-tool</code> [<em class="replaceable"><code>OPTIONS</code></em>]</p></div></div><div class="refsect1"><a name="idm996"></a><h2>Description</h2><p>
and compatible tokens</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">openpgp-tool</code> [<em class="replaceable"><code>OPTIONS</code></em>]</p></div></div><div class="refsect1"><a name="idm1013"></a><h2>Description</h2><p>
The <span class="command"><strong>openpgp-tool</strong></span> utility is used for
accessing data from the OpenPGP v1.1 and v2.0 smart cards
and compatible tokens like e.g. GPF CryptoStick v1.x,
@ -563,7 +567,7 @@ to enable debug output in the opensc library.</p></dd></dl></div><p>
PKCS#15 objects but available in custom files on the
card. The data can be printed on screen or used by
other programs via environment variables.
</p></div><div class="refsect1"><a name="idm1000"></a><h2>Options</h2><p>
</p></div><div class="refsect1"><a name="idm1017"></a><h2>Options</h2><p>
</p><div class="variablelist"><dl class="variablelist"><dt><span class="term">
<code class="option">--exec</code> <em class="replaceable"><code>prog</code></em>,
<code class="option">-x</code> <em class="replaceable"><code>prog</code></em>
@ -632,12 +636,12 @@ to enable debug output in the opensc library.</p></dd></dl></div><p>
</span></dt><dd><p>
Wait for a card to be inserted.
</p></dd></dl></div><p>
</p></div><div class="refsect1"><a name="idm1091"></a><h2>Authors</h2><p><span class="command"><strong>openpgp-tool</strong></span> utility was written by
Peter Marschall <code class="email">&lt;<a class="email" href="mailto:peter@adpm.de">peter@adpm.de</a>&gt;</code>.</p></div></div><div class="refentry"><div class="refentry.separator"><hr></div><a name="opensc-tool"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>opensc-tool &#8212; generic smart card utility</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">opensc-tool</code> [<em class="replaceable"><code>OPTIONS</code></em>]</p></div></div><div class="refsect1"><a name="idm1111"></a><h2>Description</h2><p>
</p></div><div class="refsect1"><a name="idm1108"></a><h2>Authors</h2><p><span class="command"><strong>openpgp-tool</strong></span> utility was written by
Peter Marschall <code class="email">&lt;<a class="email" href="mailto:peter@adpm.de">peter@adpm.de</a>&gt;</code>.</p></div></div><div class="refentry"><div class="refentry.separator"><hr></div><a name="opensc-tool"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>opensc-tool &#8212; generic smart card utility</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">opensc-tool</code> [<em class="replaceable"><code>OPTIONS</code></em>]</p></div></div><div class="refsect1"><a name="idm1128"></a><h2>Description</h2><p>
The <span class="command"><strong>opensc-tool</strong></span> utility can be used from the command line to perform
miscellaneous smart card operations such as getting the card ATR or
sending arbitrary APDU commands to a card.
</p></div><div class="refsect1"><a name="idm1115"></a><h2>Options</h2><p>
</p></div><div class="refsect1"><a name="idm1132"></a><h2>Options</h2><p>
</p><div class="variablelist"><dl class="variablelist"><dt><span class="term">
<code class="option">--version</code>,
</span></dt><dd><p>Print the OpenSC package release version.</p></dd><dt><span class="term">
@ -697,17 +701,18 @@ to enable debug output in the opensc library.</p></dd></dl></div><p>
<code class="option">--wait</code>,
<code class="option">-w</code>
</span></dt><dd><p>Wait for a card to be inserted.</p></dd></dl></div><p>
</p></div><div class="refsect1"><a name="idm1232"></a><h2>See also</h2><p>
</p></div><div class="refsect1"><a name="idm1249"></a><h2>See also</h2><p>
<span class="citerefentry"><span class="refentrytitle">opensc-explorer</span>(1)</span>
</p></div></div><div class="refentry"><div class="refentry.separator"><hr></div><a name="opensc-explorer"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>opensc-explorer &#8212;
</p></div><div class="refsect1"><a name="idm1255"></a><h2>Authors</h2><p><span class="command"><strong>opensc-tool</strong></span> was written by
Juha Yrjölä <code class="email">&lt;<a class="email" href="mailto:juha.yrjola@iki.fi">juha.yrjola@iki.fi</a>&gt;</code>.</p></div></div><div class="refentry"><div class="refentry.separator"><hr></div><a name="opensc-explorer"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>opensc-explorer &#8212;
generic interactive utility for accessing smart card
and similar security token functions
</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">opensc-explorer</code> [<em class="replaceable"><code>OPTIONS</code></em>] [<em class="replaceable"><code>SCRIPT</code></em>]</p></div></div><div class="refsect1"><a name="idm1255"></a><h2>Description</h2><p>
</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">opensc-explorer</code> [<em class="replaceable"><code>OPTIONS</code></em>] [<em class="replaceable"><code>SCRIPT</code></em>]</p></div></div><div class="refsect1"><a name="idm1277"></a><h2>Description</h2><p>
The <span class="command"><strong>opensc-explorer</strong></span> utility can be
used interactively to perform miscellaneous operations
such as exploring the contents of or sending arbitrary
APDU commands to a smart card or similar security token.
</p></div><div class="refsect1"><a name="idm1259"></a><h2>Options</h2><p>
</p></div><div class="refsect1"><a name="idm1281"></a><h2>Options</h2><p>
The following are the command-line options for
<span class="command"><strong>opensc-explorer</strong></span>. There are additional
interactive commands available once it is running.
@ -742,7 +747,7 @@ to enable debug output in the opensc library.</p></dd></dl></div><p>
</p></dd><dt><span class="term">
<code class="option">--wait</code>, <code class="option">-w</code>
</span></dt><dd><p>Wait for a card to be inserted</p></dd></dl></div><p>
</p></div><div class="refsect1"><a name="idm1304"></a><h2>Commands</h2><p>
</p></div><div class="refsect1"><a name="idm1326"></a><h2>Commands</h2><p>
The following commands are supported at <span class="command"><strong>opensc-explorer</strong></span>'s
interactive prompt or in script files passed via the command line parameter
<em class="replaceable"><code>SCRIPT</code></em>.
@ -916,15 +921,16 @@ to enable debug output in the opensc library.</p></dd></dl></div><p>
</p></dd><dt><span class="term">
<span class="command"><strong>sm</strong></span> <em class="replaceable"><code>[open]</code></em>|<em class="replaceable"><code>[close]</code></em>
</span></dt><dd><p>Calls the card's <em class="replaceable"><code>open</code></em> or <em class="replaceable"><code>close</code></em> Secure Messaging handler.</p></dd></dl></div><p>
</p></div><div class="refsect1"><a name="idm1658"></a><h2>See also</h2><p>
</p></div><div class="refsect1"><a name="idm1680"></a><h2>See also</h2><p>
<span class="citerefentry"><span class="refentrytitle">opensc-tool</span>(1)</span>
</p></div></div><div class="refentry"><div class="refentry.separator"><hr></div><a name="piv-tool"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>piv-tool &#8212; smart card utility for HSPD-12 PIV cards</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">piv-tool</code> [<em class="replaceable"><code>OPTIONS</code></em>]</p></div></div><div class="refsect1"><a name="idm1679"></a><p>
</p></div><div class="refsect1"><a name="idm1686"></a><h2>Authors</h2><p><span class="command"><strong>opensc-explorer</strong></span> was written by
Juha Yrjölä <code class="email">&lt;<a class="email" href="mailto:juha.yrjola@iki.fi">juha.yrjola@iki.fi</a>&gt;</code>.</p></div></div><div class="refentry"><div class="refentry.separator"><hr></div><a name="piv-tool"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>piv-tool &#8212; smart card utility for HSPD-12 PIV cards</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">piv-tool</code> [<em class="replaceable"><code>OPTIONS</code></em>]</p></div></div><div class="refsect1"><a name="idm1706"></a><p>
The <span class="command"><strong>piv-tool</strong></span> utility can be used from the command line to perform
miscellaneous smart card operations on a HSPD-12 PIV smart card as defined in NIST 800-73-3.
It is intended for use with test cards only. It can be used to load objects, and generate
key pairs, as well as send arbitrary APDU commands to a card after having authenticated
to the card using the card key provided by the card vendor.
</p></div><div class="refsect1"><a name="idm1682"></a><h2>Options</h2><p>
</p></div><div class="refsect1"><a name="idm1709"></a><h2>Options</h2><p>
</p><div class="variablelist"><dl class="variablelist"><dt><span class="term">
<code class="option">--serial</code>
</span></dt><dd><p>Print the card serial number derived from the CHUID object,
@ -1010,15 +1016,16 @@ to enable debug output in the opensc library.</p></dd></dl></div><p>
</span></dt><dd><p>Causes <span class="command"><strong>piv-tool</strong></span> to be more verbose.
Specify this flag several times to enable debug output in the opensc
library.</p></dd></dl></div><p>
</p></div><div class="refsect1"><a name="idm1840"></a><h2>See also</h2><p>
</p></div><div class="refsect1"><a name="idm1867"></a><h2>See also</h2><p>
<span class="citerefentry"><span class="refentrytitle">opensc-tool</span>(1)</span>
</p></div></div><div class="refentry"><div class="refentry.separator"><hr></div><a name="pkcs11-tool"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>pkcs11-tool &#8212; utility for managing and using PKCS #11 security tokens</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">pkcs11-tool</code> [<em class="replaceable"><code>OPTIONS</code></em>]</p></div></div><div class="refsect1"><a name="idm1861"></a><h2>Description</h2><p>
</p></div><div class="refsect1"><a name="idm1873"></a><h2>Authors</h2><p><span class="command"><strong>piv-tool</strong></span> was written by
Douglas E. Engert <code class="email">&lt;<a class="email" href="mailto:deengert@gmail.com">deengert@gmail.com</a>&gt;</code>.</p></div></div><div class="refentry"><div class="refentry.separator"><hr></div><a name="pkcs11-tool"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>pkcs11-tool &#8212; utility for managing and using PKCS #11 security tokens</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">pkcs11-tool</code> [<em class="replaceable"><code>OPTIONS</code></em>]</p></div></div><div class="refsect1"><a name="idm1893"></a><h2>Description</h2><p>
The <span class="command"><strong>pkcs11-tool</strong></span> utility is used to manage the
data objects on smart cards and similar PKCS #11 security tokens.
Users can list and read PINs, keys and certificates stored on the
token. User PIN authentication is performed for those operations
that require it.
</p></div><div class="refsect1"><a name="idm1865"></a><h2>Options</h2><p>
</p></div><div class="refsect1"><a name="idm1897"></a><h2>Options</h2><p>
</p><div class="variablelist"><dl class="variablelist"><dt><span class="term">
<code class="option">--attr-from</code> <em class="replaceable"><code>filename</code></em>
</span></dt><dd><p>Extract information from <em class="replaceable"><code>filename</code></em>
@ -1243,7 +1250,7 @@ to enable debug output in the opensc library.</p></dd></dl></div><p>
<code class="option">--generate-random</code> <em class="replaceable"><code>num</code></em>
</span></dt><dd><p>Get <em class="replaceable"><code>num</code></em> bytes of random data.
</p></dd></dl></div><p>
</p></div><div class="refsect1"><a name="idm2268"></a><h2>Examples</h2><p>
</p></div><div class="refsect1"><a name="idm2300"></a><h2>Examples</h2><p>
To list all certificates on the smart card:
</p><pre class="programlisting">pkcs11-tool --list-objects --type cert</pre><p>
@ -1259,12 +1266,13 @@ to enable debug output in the opensc library.</p></dd></dl></div><p>
using the private key with ID <em class="replaceable"><code>ID</code></em> and
using the RSA-PKCS mechanism:
</p><pre class="programlisting">pkcs11-tool --sign --id ID --mechanism RSA-PKCS --input-file data --output-file data.sig</pre><p>
</p></div></div><div class="refentry"><div class="refentry.separator"><hr></div><a name="pkcs15-crypt"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>pkcs15-crypt &#8212; perform crypto operations using PKCS#15 smart cards</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">pkcs15-crypt</code> [<em class="replaceable"><code>OPTIONS</code></em>]</p></div></div><div class="refsect1"><a name="idm2293"></a><h2>Description</h2><p>
</p></div><div class="refsect1"><a name="idm2310"></a><h2>Authors</h2><p><span class="command"><strong>pkcs11-tool</strong></span> was written by
Olaf Kirch <code class="email">&lt;<a class="email" href="mailto:okir@suse.de">okir@suse.de</a>&gt;</code>.</p></div></div><div class="refentry"><div class="refentry.separator"><hr></div><a name="pkcs15-crypt"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>pkcs15-crypt &#8212; perform crypto operations using PKCS#15 smart cards</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">pkcs15-crypt</code> [<em class="replaceable"><code>OPTIONS</code></em>]</p></div></div><div class="refsect1"><a name="idm2330"></a><h2>Description</h2><p>
The <span class="command"><strong>pkcs15-crypt</strong></span> utility can be used from the
command line to perform cryptographic operations such as computing
digital signatures or decrypting data, using keys stored on a PKCS#15
compliant smart card.
</p></div><div class="refsect1"><a name="idm2297"></a><h2>Options</h2><p>
</p></div><div class="refsect1"><a name="idm2334"></a><h2>Options</h2><p>
</p><div class="variablelist"><dl class="variablelist"><dt><span class="term">
<code class="option">--version</code>,
</span></dt><dd><p>Print the OpenSC package release version.</p></dd><dt><span class="term">
@ -1361,17 +1369,18 @@ to enable debug output in the opensc library.</p></dd></dl></div><p>
</span></dt><dd><p>Causes <span class="command"><strong>pkcs15-crypt</strong></span> to be more
verbose. Specify this flag several times to enable debug output
in the OpenSC library.</p></dd></dl></div><p>
</p></div><div class="refsect1"><a name="idm2424"></a><h2>See also</h2><p>
</p></div><div class="refsect1"><a name="idm2461"></a><h2>See also</h2><p>
<span class="citerefentry"><span class="refentrytitle">pkcs15-init</span>(1)</span>,
<span class="citerefentry"><span class="refentrytitle">pkcs15-tool</span>(1)</span>
</p></div></div><div class="refentry"><div class="refentry.separator"><hr></div><a name="pkcs15-init"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>pkcs15-init &#8212; smart card personalization utility</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">pkcs15-init</code> [<em class="replaceable"><code>OPTIONS</code></em>]</p></div></div><div class="refsect1"><a name="idm2454"></a><h2>Description</h2><p>
</p></div><div class="refsect1"><a name="idm2470"></a><h2>Authors</h2><p><span class="command"><strong>pkcs15-crypt</strong></span> was written by
Juha Yrjölä <code class="email">&lt;<a class="email" href="mailto:juha.yrjola@iki.fi">juha.yrjola@iki.fi</a>&gt;</code>.</p></div></div><div class="refentry"><div class="refentry.separator"><hr></div><a name="pkcs15-init"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>pkcs15-init &#8212; smart card personalization utility</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">pkcs15-init</code> [<em class="replaceable"><code>OPTIONS</code></em>]</p></div></div><div class="refsect1"><a name="idm2496"></a><h2>Description</h2><p>
The <span class="command"><strong>pkcs15-init</strong></span> utility can be used to create a PKCS #15
structure on a smart card, and add key or certificate objects. Details of the
structure that will be created are controlled via profiles.
</p><p>
The profile used by default is <span class="command"><strong>pkcs15</strong></span>. Alternative
profiles can be specified via the <code class="option">-p</code> switch.
</p></div><div class="refsect1"><a name="idm2461"></a><h2>PIN Usage</h2><p>
</p></div><div class="refsect1"><a name="idm2503"></a><h2>PIN Usage</h2><p>
<span class="command"><strong>pkcs15-init</strong></span> can be used to create a PKCS #15 structure on
your smart card, create PINs, and install keys and certificates on the card.
This process is also called <em class="replaceable"><code>personalization</code></em>.
@ -1403,7 +1412,7 @@ to enable debug output in the opensc library.</p></dd></dl></div><p>
are protected and cannot be parsed without authentication (usually with User PIN).
This authentication need to be done immediately after the card binding.
In such cases <code class="option">--verify-pin</code> has to be used.
</p></div><div class="refsect1"><a name="idm2473"></a><h2>Modes of operation</h2><div class="refsect2"><a name="idm2475"></a><h3>Initialization</h3><p>This is the first step during card personalization, and will create the
</p></div><div class="refsect1"><a name="idm2515"></a><h2>Modes of operation</h2><div class="refsect2"><a name="idm2517"></a><h3>Initialization</h3><p>This is the first step during card personalization, and will create the
basic files on the card. To create the initial PKCS #15 structure, invoke the
utility as
</p><p>
@ -1413,7 +1422,7 @@ to enable debug output in the opensc library.</p></dd></dl></div><p>
</p><p>
If the card supports it, you should erase the contents of the card with
<span class="command"><strong>pkcs15-init --erase-card</strong></span> before creating the PKCS#15 structure.
</p></div><div class="refsect2"><a name="idm2483"></a><h3>User PIN Installation</h3><p>
</p></div><div class="refsect2"><a name="idm2525"></a><h3>User PIN Installation</h3><p>
Before installing any user objects such as private keys, you need at least one
PIN to protect these objects. you can do this using
</p><p>
@ -1427,7 +1436,7 @@ to enable debug output in the opensc library.</p></dd></dl></div><p>
</p><p>
To set a label for this PIN object (which can be used by applications to display
a meaningful prompt to the user), use the <code class="option">--label</code> command line option.
</p></div><div class="refsect2"><a name="idm2493"></a><h3>Key generation</h3><p>
</p></div><div class="refsect2"><a name="idm2535"></a><h3>Key generation</h3><p>
<span class="command"><strong>pkcs15-init</strong></span> lets you generate a new key and store it on the card.
You can do this using:
</p><p>
@ -1445,7 +1454,7 @@ to enable debug output in the opensc library.</p></dd></dl></div><p>
In addition to storing the private portion of the key on the card,
<span class="command"><strong>pkcs15-init</strong></span> will also store the the public portion of the
key as a PKCS #15 public key object.
</p></div><div class="refsect2"><a name="idm2507"></a><h3>Private Key Upload</h3><p>
</p></div><div class="refsect2"><a name="idm2549"></a><h3>Private Key Upload</h3><p>
You can use a private key generated by other means and upload it to the card.
For instance, to upload a private key contained in a file named
<code class="filename">okir.pem</code>, which is in PEM format, you would use
@ -1469,7 +1478,7 @@ to enable debug output in the opensc library.</p></dd></dl></div><p>
a file. A PKCS #12 file usually contains the X.509 certificate corresponding
to the private key. If that is the case, <span class="command"><strong>pkcs15-init</strong></span> will
store the certificate instead of the public key portion.
</p></div><div class="refsect2"><a name="idm2521"></a><h3>Public Key Upload</h3><p>
</p></div><div class="refsect2"><a name="idm2563"></a><h3>Public Key Upload</h3><p>
You can also upload individual public keys to the card using the
<code class="option">--store-public-key</code> option, which takes a filename as an
argument. This file is supposed to contain the public key. If you don't
@ -1480,12 +1489,12 @@ to enable debug output in the opensc library.</p></dd></dl></div><p>
Since the corresponding public keys are always uploaded automatically
when generating a new key, or when uploading a private key, you will
probably use this option only very rarely.
</p></div><div class="refsect2"><a name="idm2528"></a><h3>Certificate Upload</h3><p>
</p></div><div class="refsect2"><a name="idm2570"></a><h3>Certificate Upload</h3><p>
You can upload certificates to the card using the
<code class="option">--store-certificate</code> option, which takes a filename as
an argument. This file is supposed to contain the PEM encoded X.509
certificate.
</p></div><div class="refsect2"><a name="idm2532"></a><h3>Uploading PKCS #12 bags</h3><p>
</p></div><div class="refsect2"><a name="idm2574"></a><h3>Uploading PKCS #12 bags</h3><p>
Most browsers nowadays use PKCS #12 format files when you ask them to
export your key and certificate to a file. <span class="command"><strong>pkcs15-init</strong></span>
is capable of parsing these files, and storing their contents on the
@ -1499,7 +1508,7 @@ to enable debug output in the opensc library.</p></dd></dl></div><p>
and protect it with the PIN referenced by authentication ID <code class="literal">01</code>.
It will also store any X.509 certificates contained in the file, which is
usually the user certificate that goes with the key, as well as the CA certificate.
</p></div><div class="refsect2"><a name="idm2541"></a><h3>Secret Key Upload</h3><p>
</p></div><div class="refsect2"><a name="idm2583"></a><h3>Secret Key Upload</h3><p>
You can use a secret key generated by other means and upload it to the card.
For instance, to upload an AES-secret key generated by the system random generator
you would use
@ -1508,7 +1517,7 @@ to enable debug output in the opensc library.</p></dd></dl></div><p>
</p><p>
By default a random ID is generated for the secret key. You may specify an ID
with the <code class="option">--id</code> if needed.
</p></div></div><div class="refsect1"><a name="idm2548"></a><h2>Options</h2><p>
</p></div></div><div class="refsect1"><a name="idm2590"></a><h2>Options</h2><p>
</p><div class="variablelist"><dl class="variablelist"><dt><span class="term">
<code class="option">--version</code>,
</span></dt><dd><p>Print the OpenSC package release version.</p></dd><dt><span class="term">
@ -1845,16 +1854,17 @@ to enable debug output in the opensc library.</p></dd></dl></div><p>
</span></dt><dd><p>
Display help message
</p></dd></dl></div><p>
</p></div><div class="refsect1"><a name="idm2932"></a><h2>See also</h2><p>
</p></div><div class="refsect1"><a name="idm2974"></a><h2>See also</h2><p>
<span class="citerefentry"><span class="refentrytitle">pkcs15-profile</span>(5)</span>
</p></div></div><div class="refentry"><div class="refentry.separator"><hr></div><a name="pkcs15-tool"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>pkcs15-tool &#8212; utility for manipulating PKCS #15 data structures
on smart cards and similar security tokens</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">pkcs15-tool</code> [<em class="replaceable"><code>OPTIONS</code></em>]</p></div></div><div class="refsect1"><a name="idm2953"></a><h2>Description</h2><p>
</p></div><div class="refsect1"><a name="idm2980"></a><h2>Authors</h2><p><span class="command"><strong>pkcs15-init</strong></span> was written by
Olaf Kirch <code class="email">&lt;<a class="email" href="mailto:okir@suse.de">okir@suse.de</a>&gt;</code>.</p></div></div><div class="refentry"><div class="refentry.separator"><hr></div><a name="pkcs15-tool"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>pkcs15-tool &#8212; utility for manipulating PKCS #15 data structures
on smart cards and similar security tokens</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">pkcs15-tool</code> [<em class="replaceable"><code>OPTIONS</code></em>]</p></div></div><div class="refsect1"><a name="idm3000"></a><h2>Description</h2><p>
The <span class="command"><strong>pkcs15-tool</strong></span> utility is used to manipulate
the PKCS #15 data structures on smart cards and similar security
tokens. Users can list and read PINs, keys and certificates stored
on the token. User PIN authentication is performed for those
operations that require it.
</p></div><div class="refsect1"><a name="idm2957"></a><h2>Options</h2><p>
</p></div><div class="refsect1"><a name="idm3004"></a><h2>Options</h2><p>
</p><div class="variablelist"><dl class="variablelist"><dt><span class="term">
<code class="option">--version</code>,
</span></dt><dd><p>Print the OpenSC package release version.</p></dd><dt><span class="term">
@ -1995,15 +2005,16 @@ to enable debug output in the opensc library.</p></dd></dl></div><p>
wait for a card insertion.</p></dd><dt><span class="term">
<code class="option">--use-pinpad</code>
</span></dt><dd><p>Do not prompt the user; if no PINs supplied, pinpad will be used.</p></dd></dl></div><p>
</p></div><div class="refsect1"><a name="idm3192"></a><h2>See also</h2><p>
</p></div><div class="refsect1"><a name="idm3239"></a><h2>See also</h2><p>
<span class="citerefentry"><span class="refentrytitle">pkcs15-init</span>(1)</span>,
<span class="citerefentry"><span class="refentrytitle">pkcs15-crypt</span>(1)</span>
</p></div></div><div class="refentry"><div class="refentry.separator"><hr></div><a name="sc-hsm-tool"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>sc-hsm-tool &#8212; smart card utility for SmartCard-HSM</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">sc-hsm-tool</code> [<em class="replaceable"><code>OPTIONS</code></em>]</p></div></div><div class="refsect1"><a name="idm3216"></a><p>
</p></div><div class="refsect1"><a name="idm3248"></a><h2>Authors</h2><p><span class="command"><strong>pkcs15-tool</strong></span> was written by
Juha Yrjölä <code class="email">&lt;<a class="email" href="mailto:juha.yrjola@iki.fi">juha.yrjola@iki.fi</a>&gt;</code>.</p></div></div><div class="refentry"><div class="refentry.separator"><hr></div><a name="sc-hsm-tool"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>sc-hsm-tool &#8212; smart card utility for SmartCard-HSM</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">sc-hsm-tool</code> [<em class="replaceable"><code>OPTIONS</code></em>]</p></div></div><div class="refsect1"><a name="idm3268"></a><p>
The <span class="command"><strong>sc-hsm-tool</strong></span> utility can be used from the command line to perform
extended maintenance tasks not available via PKCS#11 or other tools in the OpenSC package.
It can be used to query the status of a SmartCard-HSM, initialize a device, generate and import
Device Key Encryption Key (DKEK) shares and to wrap and unwrap keys.
</p></div><div class="refsect1"><a name="idm3219"></a><h2>Options</h2><p>
</p></div><div class="refsect1"><a name="idm3271"></a><h2>Options</h2><p>
</p><div class="variablelist"><dl class="variablelist"><dt><span class="term">
<code class="option">--initialize</code>,
<code class="option">-X</code>
@ -2075,15 +2086,16 @@ to enable debug output in the opensc library.</p></dd></dl></div><p>
</span></dt><dd><p>Causes <span class="command"><strong>sc-hsm-tool</strong></span> to be more verbose.
Specify this flag several times to enable debug output in the opensc
library.</p></dd></dl></div><p>
</p></div><div class="refsect1"><a name="idm3382"></a><h2>Examples</h2><p>Create a DKEK share:</p><p><span class="command"><strong>sc-hsm-tool --create-dkek-share dkek-share-1.pbe</strong></span></p><p>Create a DKEK share with random password split up using a (3, 5) threshold scheme:</p><p><span class="command"><strong>sc-hsm-tool --create-dkek-share dkek-share-1.pbe --pwd-shares-threshold 3 --pwd-shares-total 5</strong></span></p><p>Initialize SmartCard-HSM to use a single DKEK share:</p><p><span class="command"><strong>sc-hsm-tool --initialize --so-pin 3537363231383830 --pin 648219 --dkek-shares 1 --label mytoken</strong></span></p><p>Import DKEK share:</p><p><span class="command"><strong>sc-hsm-tool --import-dkek-share dkek-share-1.pbe</strong></span></p><p>Import DKEK share using a password split up using a (3, 5) threshold scheme for encryption:</p><p><span class="command"><strong>sc-hsm-tool --import-dkek-share dkek-share-1.pbe --pwd-shares-total 3</strong></span></p><p>Wrap referenced key, description and certificate:</p><p><span class="command"><strong>sc-hsm-tool --wrap-key wrap-key.bin --key-reference 1 --pin 648219</strong></span></p><p>Unwrap key into same or in different SmartCard-HSM with the same DKEK:</p><p><span class="command"><strong>sc-hsm-tool --unwrap-key wrap-key.bin --key-reference 10 --pin 648219 --force</strong></span></p></div><div class="refsect1"><a name="idm3405"></a><h2>See also</h2><p>
</p></div><div class="refsect1"><a name="idm3434"></a><h2>Examples</h2><p>Create a DKEK share:</p><p><span class="command"><strong>sc-hsm-tool --create-dkek-share dkek-share-1.pbe</strong></span></p><p>Create a DKEK share with random password split up using a (3, 5) threshold scheme:</p><p><span class="command"><strong>sc-hsm-tool --create-dkek-share dkek-share-1.pbe --pwd-shares-threshold 3 --pwd-shares-total 5</strong></span></p><p>Initialize SmartCard-HSM to use a single DKEK share:</p><p><span class="command"><strong>sc-hsm-tool --initialize --so-pin 3537363231383830 --pin 648219 --dkek-shares 1 --label mytoken</strong></span></p><p>Import DKEK share:</p><p><span class="command"><strong>sc-hsm-tool --import-dkek-share dkek-share-1.pbe</strong></span></p><p>Import DKEK share using a password split up using a (3, 5) threshold scheme for encryption:</p><p><span class="command"><strong>sc-hsm-tool --import-dkek-share dkek-share-1.pbe --pwd-shares-total 3</strong></span></p><p>Wrap referenced key, description and certificate:</p><p><span class="command"><strong>sc-hsm-tool --wrap-key wrap-key.bin --key-reference 1 --pin 648219</strong></span></p><p>Unwrap key into same or in different SmartCard-HSM with the same DKEK:</p><p><span class="command"><strong>sc-hsm-tool --unwrap-key wrap-key.bin --key-reference 10 --pin 648219 --force</strong></span></p></div><div class="refsect1"><a name="idm3457"></a><h2>See also</h2><p>
<span class="citerefentry"><span class="refentrytitle">opensc-tool</span>(1)</span>
</p></div></div><div class="refentry"><div class="refentry.separator"><hr></div><a name="westcos-tool"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>westcos-tool &#8212; utility for manipulating data structures
on westcos smart cards</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">westcos-tool</code> [<em class="replaceable"><code>OPTIONS</code></em>]</p></div></div><div class="refsect1"><a name="idm3426"></a><h2>Description</h2><p>
</p></div><div class="refsect1"><a name="idm3463"></a><h2>Authors</h2><p><span class="command"><strong>sc-hsm-tool</strong></span> was written by
Andreas Schwier <code class="email">&lt;<a class="email" href="mailto:andreas.schwier@cardcontact.de">andreas.schwier@cardcontact.de</a>&gt;</code>.</p></div></div><div class="refentry"><div class="refentry.separator"><hr></div><a name="westcos-tool"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>westcos-tool &#8212; utility for manipulating data structures
on westcos smart cards</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">westcos-tool</code> [<em class="replaceable"><code>OPTIONS</code></em>]</p></div></div><div class="refsect1"><a name="idm3483"></a><h2>Description</h2><p>
The <span class="command"><strong>westcos-tool</strong></span> utility is used to manipulate
the westcos data structures on 2 Ko smart cards / tokens. Users can create PINs,
keys and certificates stored on the card / token. User PIN authentication is
performed for those operations that require it.
</p></div><div class="refsect1"><a name="idm3430"></a><h2>Options</h2><p>
</p></div><div class="refsect1"><a name="idm3487"></a><h2>Options</h2><p>
</p><div class="variablelist"><dl class="variablelist"><dt><span class="term">
<code class="option">--change-pin</code>,
<code class="option">-n</code>
@ -2165,8 +2177,8 @@ to enable debug output in the opensc library.</p></dd></dl></div><p>
from disk to card.
On the card the file is written in <em class="replaceable"><code>filename</code></em>.
User authentication is required for this operation.</p></dd></dl></div><p>
</p></div><div class="refsect1"><a name="idm3559"></a><h2>Authors</h2><p><span class="command"><strong>westcos-tool</strong></span> was written by
Francois Leblanc <code class="email">&lt;<a class="email" href="mailto:francois.leblanc@cev-sa.com">francois.leblanc@cev-sa.com</a>&gt;</code>.</p></div></div></div><div class="reference"><div class="titlepage"><div><div><h1 class="title"><a name="idm3564"></a>OpenSC file formats</h1></div></div><hr></div><div class="toc"><p><b>Table of Contents</b></p><dl class="toc"><dt><span class="refentrytitle"><a href="#pkcs15-profile">pkcs15-profile</a></span><span class="refpurpose"> &#8212; format of profile for <span class="command"><strong>pkcs15-init</strong></span></span></dt></dl></div><div class="refentry"><a name="pkcs15-profile"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>pkcs15-profile &#8212; format of profile for <span class="command"><strong>pkcs15-init</strong></span></p></div><div class="refsect1"><a name="idm3578"></a><h2>Description</h2><p>
</p></div><div class="refsect1"><a name="idm3616"></a><h2>Authors</h2><p><span class="command"><strong>westcos-tool</strong></span> was written by
Francois Leblanc <code class="email">&lt;<a class="email" href="mailto:francois.leblanc@cev-sa.com">francois.leblanc@cev-sa.com</a>&gt;</code>.</p></div></div></div><div class="reference"><div class="titlepage"><div><div><h1 class="title"><a name="idm3621"></a>OpenSC file formats</h1></div></div><hr></div><div class="toc"><p><b>Table of Contents</b></p><dl class="toc"><dt><span class="refentrytitle"><a href="#pkcs15-profile">pkcs15-profile</a></span><span class="refpurpose"> &#8212; format of profile for <span class="command"><strong>pkcs15-init</strong></span></span></dt></dl></div><div class="refentry"><a name="pkcs15-profile"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>pkcs15-profile &#8212; format of profile for <span class="command"><strong>pkcs15-init</strong></span></p></div><div class="refsect1"><a name="idm3635"></a><h2>Description</h2><p>
The <span class="command"><strong>pkcs15-init</strong></span> utility for PKCS #15 smart card
personalization is controlled via profiles. When starting, it will read two
such profiles at the moment, a generic application profile, and a card
@ -2182,10 +2194,10 @@ to enable debug output in the opensc library.</p></dd></dl></div><p>
The card specific profile contains additional information required during
card initialization, such as location of PIN files, key references etc.
Profiles currently reside in <span class="command"><strong>@pkgdatadir@</strong></span>
</p></div><div class="refsect1"><a name="idm3586"></a><h2>Syntax</h2><p>
</p></div><div class="refsect1"><a name="idm3643"></a><h2>Syntax</h2><p>
This section should contain information about the profile syntax. Will add
this soonishly.
</p></div><div class="refsect1"><a name="idm3589"></a><h2>See also</h2><p>
</p></div><div class="refsect1"><a name="idm3646"></a><h2>See also</h2><p>
<span class="citerefentry"><span class="refentrytitle">pkcs15-init</span>(1)</span>,
<span class="citerefentry"><span class="refentrytitle">pkcs15-crypt</span>(1)</span>
</p></div></div></div></div></body></html>

3
src/libopensc/card-piv.c
View File

@ -3,8 +3,7 @@
* card-default.c: Support for cards with no driver
*
* Copyright (C) 2001, 2002 Juha Yrjölä <juha.yrjola@iki.fi>
* Copyright (C) 2005,2006,2007,2008,2009,2010 Douglas E. Engert <deengert@anl.gov>
* Copyright (C) 2016 Douglas E. Engert <deengert@gmail.com>
* Copyright (C) 2005-2016 Douglas E. Engert <deengert@gmail.com>
* Copyright (C) 2006, Identity Alliance, Thomas Harning <thomas.harning@identityalliance.com>
* Copyright (C) 2007, EMC, Russell Larner <rlarner@rsa.com>
*

2
src/tools/piv-tool.c
View File

@ -2,7 +2,7 @@
* piv-tool.c: Tool for accessing smart cards with libopensc
*
* Copyright (C) 2001 Juha Yrjölä <juha.yrjola@iki.fi>
* Copyright (C) 2005,2010 Douglas E. Engert <deengert@anl.gov>
* Copyright (C) 2005,2010 Douglas E. Engert <deengert@gmail.com>
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public