1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
|
<?xml version="1.0" encoding="UTF-8"?>
<refentry id="cryptoflex-tool">
<refmeta>
<refentrytitle>cryptoflex-tool</refentrytitle>
<manvolnum>1</manvolnum>
<refmiscinfo class="productname">OpenSC</refmiscinfo>
<refmiscinfo class="manual">OpenSC Tools</refmiscinfo>
<refmiscinfo class="source">opensc</refmiscinfo>
</refmeta>
<refnamediv>
<refname>cryptoflex-tool</refname>
<refpurpose>utility for manipulating Schlumberger Cryptoflex data structures</refpurpose>
</refnamediv>
<refsynopsisdiv>
<cmdsynopsis>
<command>cryptoflex-tool</command>
<arg choice="opt"><replaceable class="option">OPTIONS</replaceable></arg>
</cmdsynopsis>
</refsynopsisdiv>
<refsect1>
<title>Description</title>
<para>
<command>cryptoflex-tool</command> is used to manipulate PKCS
data structures on Schlumberger Cryptoflex smart cards. Users
can create, list and read PINs and keys stored on the smart card.
User PIN authentication is performed for those operations that require it.
</para>
</refsect1>
<refsect1>
<title>Options</title>
<para>
<variablelist>
<varlistentry>
<term>
<option>--app-df</option> <replaceable>num</replaceable>,
<option>-a</option> <replaceable>num</replaceable>
</term>
<listitem><para>Specifies the DF to operate in</para></listitem>
</varlistentry>
<varlistentry>
<term>
<option>--create-key-files</option> <replaceable>arg</replaceable>,
<option>-c</option> <replaceable>arg</replaceable>
</term>
<listitem><para>Creates new RSA key files for <replaceable>arg</replaceable> keys</para></listitem>
</varlistentry>
<varlistentry>
<term>
<option>--create-pin-files</option> <replaceable>id</replaceable>,
<option>-P</option> <replaceable>id</replaceable>
</term>
<listitem><para>Creates new PIN file for CHV<replaceable>id</replaceable></para></listitem>
</varlistentry>
<varlistentry>
<term>
<option>--exponent</option> <replaceable>exp</replaceable>,
<option>-e</option> <replaceable>exp</replaceable>
</term>
<listitem><para>Specifies the RSA exponent, <replaceable>exp</replaceable>,
to use in key generation. The default value is 3.</para></listitem>
</varlistentry>
<varlistentry>
<term>
<option>--generate-key</option>,
<option>-g</option>
</term>
<listitem><para>Generate a new RSA key pair</para></listitem>
</varlistentry>
<varlistentry>
<term>
<option>--key-num</option> <replaceable>num</replaceable>,
<option>-k</option> <replaceable>num</replaceable>
</term>
<listitem><para>Specifies the key number to operate on. The default is
key number 1.</para></listitem>
</varlistentry>
<varlistentry>
<term>
<option>--list-keys</option>,
<option>-l</option>
</term>
<listitem><para>Lists all keys stored in a public key file</para></listitem>
</varlistentry>
<varlistentry>
<term>
<option>--modulus-length</option> <replaceable>length</replaceable>,
<option>-m</option> <replaceable>length</replaceable>
</term>
<listitem><para>Specifies the modulus <replaceable>length</replaceable> to use
in key generation. The default value is 1024.</para></listitem>
</varlistentry>
<varlistentry>
<term>
<option>--prkey-file</option> <replaceable>id</replaceable>,
<option>-p</option> <replaceable>id</replaceable>
</term>
<listitem><para>Specifies the private key file id, <replaceable>id</replaceable>,
to use</para></listitem>
</varlistentry>
<varlistentry>
<term>
<option>--pubkey-file</option> <replaceable>id</replaceable>,
<option>-u</option> <replaceable>id</replaceable>
</term>
<listitem><para>Specifies the public key file id, <replaceable>id</replaceable>,
to use</para></listitem>
</varlistentry>
<varlistentry>
<term>
<option>--read-key</option>,
<option>-R</option>
</term>
<listitem><para>Reads a public key from the card, allowing the user to
extract and store or use the public key
</para></listitem>
</varlistentry>
<varlistentry>
<term>
<option>--reader</option> <replaceable>arg</replaceable>,
<option>-r</option> <replaceable>arg</replaceable>
</term>
<listitem>
<para>
Number of the reader to use. By default, the first
reader with a present card is used. If
<replaceable>arg</replaceable> is an ATR, the
reader with a matching card will be chosen.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<option>--verbose</option>,
<option>-v</option>
</term>
<listitem><para>Causes <command>cryptoflex-tool</command> to be more
verbose. Specify this flag several times to enable debug output in
the opensc library.</para></listitem>
</varlistentry>
<varlistentry>
<term>
<option>--verify-pin</option>,
<option>-V</option>
</term>
<listitem><para>Verifies CHV1 before issuing commands</para></listitem>
</varlistentry>
<varlistentry>
<term>
<option>--wait</option>,
<option>-w</option>
</term>
<listitem><para>Causes <command>cryptoflex-tool</command> to
wait for a card insertion.</para></listitem>
</varlistentry>
</variablelist>
</para>
</refsect1>
<refsect1>
<title>See also</title>
<para>
<citerefentry>
<refentrytitle>pkcs15-tool</refentrytitle>
<manvolnum>1</manvolnum>
</citerefentry>
</para>
</refsect1>
<refsect1>
<title>Authors</title>
<para><command>cryptoflex-tool</command> was written by
Juha Yrjölä <email>juha.yrjola@iki.fi</email>.</para>
</refsect1>
</refentry>
|
