cryptoflex-tool(1) [centos man page]
CRYPTOFLEX-TOOL(1) OpenSC Tools CRYPTOFLEX-TOOL(1) NAME
cryptoflex-tool - utility for manipulating Schlumberger Cryptoflex data structures SYNOPSIS
cryptoflex-tool [OPTIONS] DESCRIPTION
cryptoflex-tool is used to manipulate PKCS data structures on Schlumberger Cryptoflex smart cards. Users can create, list and read PINs and keys stored on the smart card. User PIN authentication is performed for those operations that require it. OPTIONS
--app-df num, -a num Specifies the DF to operate in --create-key-files arg, -c arg Creates new RSA key files for arg keys --create-pin-files id, -P id Creates new PIN file for CHVid --exponent exp, -e exp Specifies the RSA exponent, exp, to use in key generation. The default value is 3. --generate-key, -g Generate a new RSA key pair --key-num num, -k num Specifies the key number to operate on. The default is key number 1. --list-keys, -l Lists all keys stored in a public key file --modulus-length length, -m length Specifies the modulus length to use in key generation. The default value is 1024. --prkey-file id, -p id Specifies the private key file id, id, to use --pubkey-file id, -u id Specifies the public key file id, id, to use --read-key Reads a public key from the card, allowing the user to extract and store or use the public key --reader num, -r num Forces cryptoflex-tool to use reader number num for operations. The default is to use reader number 0, the first reader in the system. --verbose, -v Causes cryptoflex-tool to be more verbose. Specify this flag several times to enable debug output in the opensc library. --verify-pin, -V Verifies CHV1 before issuing commands SEE ALSO
pkcs15-tool(1) opensc 06/17/2014 CRYPTOFLEX-TOOL(1)
Check Out this Related Man Page
PIV-TOOL(1) OpenSC Tools PIV-TOOL(1) NAME
piv-tool - smart card utility for HSPD-12 PIV cards SYNOPSIS
piv-tool [OPTIONS] The piv-tool utility can be used from the command line to perform miscellaneous smart card operations on a HSPD-12 PIV smart card as defined in NIST 800-73-3. It is intened for use with test cards only. It can be used to load objects, and generate key pairs, as well as send arbitrary APDU commands to a card after having authenticated to the card using the card key provided by the card vendor. OPTIONS
--serial Print the card serial number derived from the CHUID object, if any. Output is in hex byte format. --name, -n Print the name of the inserted card (driver) --admin argument, -A argument Authenticate to the card using a 2DES or 3DES key. The argument of the form {A|M}:ref:alg is required, were A uses "EXTERNAL AUTHENTICATION" and M uses "MUTUAL AUTHENTICATION". ref is normally 9B, and alg is 03 for 3DES. The key is provided by the card vendor, and the environment variable PIV_EXT_AUTH_KEY must point to a text file containing the key in the format: XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX --genkey argument, -G argument Generate a key pair on the card and output the public key. The argument of th form ref:alg is required, where ref is 9A, 9C, 9D or 9E and alg is 06, 07, 11 or 14 for RSA 1024, RSA 2048, ECC 256 or ECC 384 respectively. --object ContainerID, -O ContainerID Load an object on to the card. The ContainerID is as defined in NIST 800-73-n without leading 0x. Example: CHUID object is 3000 --cert ref, -s ref Load a certificate on to the card. ref is 9A, 9C, 9D or 9E --compresscert ref, -Z ref Load a certificate that has been gziped on to the card. ref is 9A, 9C, 9D or 9E --out file, -o file Output file for any operation that produces output. --in file, -i file Input file for any operation that requires an input file. --key-slots-discovery file Print properties of the key slots. Needs 'admin' authentication. --send-apdu apdu, -s apdu Sends an arbitrary APDU to the card in the format AA:BB:CC:DD:EE:FF.... This option may be repeated. --reader num, -r num Use the given reader number. The default is 0, the first reader in the system. --card-driver driver, -c driver Use the given card driver. The default is auto-detected. --wait, -w Wait for a card to be inserted --verbose, -v Causes piv-tool to be more verbose. Specify this flag several times to enable debug output in the opensc library. SEE ALSO
opensc-tool(1) opensc 06/17/2014 PIV-TOOL(1)