263 lines
7.3 KiB
XML
263 lines
7.3 KiB
XML
<?xml version="1.0" encoding="UTF-8"?>
|
|
<refentry id="openpgp-tool">
|
|
<refmeta>
|
|
<refentrytitle>openpgp-tool</refentrytitle>
|
|
<manvolnum>1</manvolnum>
|
|
<refmiscinfo class="productname">OpenSC</refmiscinfo>
|
|
<refmiscinfo class="manual">OpenSC Tools</refmiscinfo>
|
|
<refmiscinfo class="source">opensc</refmiscinfo>
|
|
</refmeta>
|
|
|
|
<refnamediv>
|
|
<refname>openpgp-tool</refname>
|
|
<refpurpose>utility for accessing visible data OpenPGP smart cards
|
|
and compatible tokens</refpurpose>
|
|
</refnamediv>
|
|
|
|
<refsynopsisdiv>
|
|
<cmdsynopsis>
|
|
<command>openpgp-tool</command>
|
|
<arg choice="opt"><replaceable class="option">OPTIONS</replaceable></arg>
|
|
</cmdsynopsis>
|
|
</refsynopsisdiv>
|
|
|
|
<refsect1>
|
|
<title>Description</title>
|
|
<para>
|
|
The <command>openpgp-tool</command> utility is used for
|
|
accessing data from the OpenPGP v1.1 and v2.0 smart cards
|
|
and compatible tokens like e.g. GPF CryptoStick v1.x,
|
|
which might not be present in
|
|
PKCS#15 objects but available in custom files on the
|
|
card. The data can be printed on screen or used by
|
|
other programs via environment variables.
|
|
</para>
|
|
</refsect1>
|
|
|
|
<refsect1>
|
|
<title>Options</title>
|
|
<para>
|
|
<variablelist>
|
|
<varlistentry>
|
|
<term>
|
|
<option>--card-info</option>,
|
|
<option>-C</option>
|
|
</term>
|
|
<listitem><para>
|
|
Show card information.
|
|
</para></listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term>
|
|
<option>--del-key</option> <replaceable>arg</replaceable>
|
|
</term>
|
|
<listitem><para>
|
|
Delete key indicated by <replaceable>arg</replaceable>.
|
|
<replaceable>arg</replaceable> can be <literal>1</literal>,
|
|
<literal>2</literal>, <literal>3</literal>, or
|
|
<literal>all</literal>.
|
|
</para></listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term>
|
|
<option>--do</option> <replaceable>arg</replaceable>,
|
|
<option>-d</option> <replaceable>arg</replaceable>
|
|
</term>
|
|
<listitem><para>
|
|
Dump private data object (<abbrev>DO</abbrev>)
|
|
indicated by <replaceable>arg</replaceable>.
|
|
<replaceable>arg</replaceable> can be in the form
|
|
<replaceable>x</replaceable>,
|
|
<literal>10</literal><replaceable>x</replaceable>, or
|
|
<literal>010</literal><replaceable>x</replaceable>
|
|
to access <literal>DO 010</literal><replaceable>x</replaceable>,
|
|
where <replaceable>x</replaceable> is <literal>1</literal>,
|
|
<literal>2</literal>, <literal>3</literal>, or
|
|
<literal>4</literal>.
|
|
</para></listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term>
|
|
<option>--erase</option>,
|
|
<option>-E</option>
|
|
</term>
|
|
<listitem><para>
|
|
Erase (i.e. reset) the card.
|
|
</para></listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term>
|
|
<option>--exec</option> <replaceable>prog</replaceable>,
|
|
<option>-x</option> <replaceable>prog</replaceable>
|
|
</term>
|
|
<listitem><para>
|
|
Execute the given program with data in environment variables.
|
|
</para></listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term>
|
|
<option>--gen-key</option> <replaceable>arg</replaceable>,
|
|
<option>-G</option> <replaceable>arg</replaceable>
|
|
</term>
|
|
<listitem><para>
|
|
Generate key with the ID given as <replaceable>arg</replaceable>.
|
|
<replaceable>arg</replaceable> can be one of <literal>1</literal>,
|
|
<literal>2</literal>, or <literal>3</literal>.
|
|
</para></listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term>
|
|
<option>--help</option>,
|
|
<option>-h</option>
|
|
</term>
|
|
<listitem><para>
|
|
Print help message on screen.
|
|
</para></listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term>
|
|
<option>--key-info</option>,
|
|
<option>-K</option>
|
|
</term>
|
|
<listitem><para>
|
|
Show information of keys on the card.
|
|
</para></listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term>
|
|
<option>--key-type</option> <replaceable>keytype</replaceable>,
|
|
<option>-t</option> <replaceable>keytype</replaceable>
|
|
</term>
|
|
<listitem><para>
|
|
Specify the type of the key to be generated.
|
|
Supported values for <replaceable>keytype</replaceable> are
|
|
<literal>rsa</literal> for RSA with 2048 bits,
|
|
<literal>rsa</literal><replaceable>LENGTH</replaceable>
|
|
for RSA with a bit length of <replaceable>LENGTH</replaceable>.
|
|
|
|
If not given, it defaults to <literal>rsa2048</literal>.
|
|
</para></listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term>
|
|
<option>--pin</option> <replaceable>pin</replaceable>
|
|
</term>
|
|
<listitem>
|
|
<para>
|
|
This option can be used to specify the PIN value
|
|
on the command line. If the value is set to
|
|
<literal>env:</literal><replaceable>VARIABLE</replaceable>, the value
|
|
of the specified environment variable is used. By default,
|
|
the code is prompted on the command line if needed.
|
|
</para>
|
|
<para>
|
|
Note that on most operation systems, any user can
|
|
display the command line of any process on the
|
|
system using utilities such as
|
|
<command>ps(1)</command>. Therefore, you should prefer
|
|
passing the codes via an environment variable
|
|
on an unsecured system.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term>
|
|
<option>--pretty</option>
|
|
</term>
|
|
<listitem><para>
|
|
Print values in pretty format.
|
|
</para></listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term>
|
|
<option>--raw</option>
|
|
</term>
|
|
<listitem><para>
|
|
Print values in raw format, as they are stored on the card.
|
|
</para></listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term>
|
|
<option>--reader</option> <replaceable>arg</replaceable>,
|
|
<option>-r</option> <replaceable>arg</replaceable>
|
|
</term>
|
|
<listitem><para>
|
|
Number of the reader to use. By default, the first
|
|
reader with a present card is used. If
|
|
<replaceable>arg</replaceable> is an ATR, the
|
|
reader with a matching card will be chosen.
|
|
</para></listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term>
|
|
<option>--user-info</option>,
|
|
<option>-U</option>
|
|
</term>
|
|
<listitem><para>
|
|
Show card holder information.
|
|
</para></listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term>
|
|
<option>--verify</option> <replaceable>pintype</replaceable>
|
|
</term>
|
|
<listitem><para>
|
|
Verify PIN (CHV1, CHV2 or CHV3).
|
|
</para></listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term>
|
|
<option>--version</option>,
|
|
<option>-V</option>
|
|
</term>
|
|
<listitem><para>
|
|
Print the version of the utility and exit.
|
|
</para></listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term>
|
|
<option>--verbose</option>,
|
|
<option>-v</option>
|
|
</term>
|
|
<listitem><para>
|
|
Verbose operation. Use several times to enable debug output.
|
|
</para></listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term>
|
|
<option>--wait</option>,
|
|
<option>-w</option>
|
|
</term>
|
|
<listitem><para>
|
|
Wait for a card to be inserted.
|
|
</para></listitem>
|
|
</varlistentry>
|
|
</variablelist>
|
|
</para>
|
|
</refsect1>
|
|
|
|
<refsect1>
|
|
<title>Authors</title>
|
|
<para><command>openpgp-tool</command> utility was written by
|
|
Peter Marschall <email>peter@adpm.de</email>.</para>
|
|
</refsect1>
|
|
|
|
</refentry>
|