1OPENSC-EXPLORER(1)               OpenSC Tools               OPENSC-EXPLORER(1)
2
3
4

NAME

6       opensc-explorer - generic interactive utility for accessing smart card
7       and similar security token functions
8

SYNOPSIS

10       opensc-explorer [OPTIONS] [SCRIPT]
11

DESCRIPTION

13       The opensc-explorer utility can be used to perform miscellaneous
14       operations such as exploring the contents of or sending arbitrary APDU
15       commands to a smart card or similar security token.
16
17       If a SCRIPT is given, opensc-explorer runs in non-interactive mode,
18       reading the commands from SCRIPT, one command per line. If no script is
19       given, opensc-explorer runs in interactive mode, reading commands from
20       standard input.
21

OPTIONS

23       The following are the command-line options for opensc-explorer. There
24       are additional interactive commands available once it is running.
25
26       --card-driver driver, -c driver
27           Use the given card driver. The default is auto-detected.
28
29       --mf path, -m path
30           Select the file referenced by the given path on startup. The
31           default is the path to the standard master file, 3F00. If path is
32           empty (e.g.  opensc-explorer --mf ""), then no file is explicitly
33           selected.
34
35       --reader arg, -r arg
36           Number of the reader to use. By default, the first reader with a
37           present card is used. If arg is an ATR, the reader with a matching
38           card will be chosen.
39
40       --verbose, -v
41           Cause opensc-explorer to be more verbose. Specify this flag several
42           times to enable debug output in the opensc library.
43
44       --wait, -w
45           Wait for a card to be inserted.
46

COMMANDS

48       opensc-explorer supports commands with arguments at its interactive
49       prompt or in script files passed via the command line parameter SCRIPT.
50
51       Similar to a command shell like e.g.  bash, each input line is split
52       into white-space separated words. Of these words, the first one is used
53       as the command, while the remaining ones are treated as arguments to
54       that command.
55
56       The following commands are supported:
57
58       # ...
59           Treat line as a comment. Ignore anything until the end of the line
60           introduced by #.
61
62       apdu data...
63           Send a custom APDU command to the card.  data is a series of
64           sequences of hexadecimal values and strings enclosed in double
65           quotes ("...").
66
67       asn1 file-id
68           Parse and print the ASN.1 encoded content of the working EF
69           specified by file-id.
70
71       cat [file-id | sfi:short-id]
72           Print the contents of the working EF specified by file-id or the
73           short file id short-id. If no argument is given, print the the
74           contents of the currently selected EF.
75
76       cd {.. | file-id | aid:DF-name}
77           Change to another DF specified by the argument passed. If the
78           argument given is .., then move up one level in the file system
79           hierarchy. If it is a file-id, which must be a DF directly beneath
80           the current DF, then change to that DF. If it is an application
81           identifier given as aid:DF-name, then jump to the MF of the
82           application denoted by DF-name.
83
84       change CHVpin-ref [[old-pin] new-pin]
85           Change the PIN specified by pin-ref from the value given by old-pin
86           and change its value to new-pin.
87
88           old-pin and new-pin can be sequences of hexadecimal values, strings
89           enclosed in double quotes ("..."), empty (""), or absent. If
90           absent, the values are read from the card reader's pin pad.
91
92           Examples:
93
94           change CHV2 00:00:00:00:00:00 "foobar"
95               Change PIN CHV2 to the new value foobar, giving the old value
96               00:00:00:00:00:00.
97
98           change CHV2 "foobar"
99               Set PIN CHV2 to the new value foobar.
100
101           change CHV2
102               Change PIN CHV2 using the card reader's pinpad.
103
104
105       create file-id size
106           Create a new EF.  file-id specifies the numeric id, and size the
107           size of the EF to create.
108
109       debug [level]
110           Set OpenSC debug level to level.
111
112           If level is omitted, show the current debug level.
113
114       delete file-id
115           Remove the EF or DF specified by file-id.
116
117       do_get hex-tag [output]
118           Copy the contents of the card's data object (DO) specified by
119           hex-tag to the local host computer's file named output.
120
121           If output is not given, the contents of hex-tag will be displayed
122           as hex-dump.
123
124       do_put hex-tag data
125           Change the contents of the card's data object (DO) specified by
126           hex-tag to data.
127
128           data is either a sequence of hexadecimal values or a string
129           enclosed in double quotes ("...").
130
131       echo string...
132           Print the strings given.
133
134       erase
135           Erase the card, if the card supports it.
136
137       get file-id [output]
138           Copy an EF to a local file. The local file is specified by output
139           while the card file is specified by file-id.
140
141           If output is omitted, the name of the output file will be derived
142           from the full card path to file-id.
143
144       help [pattern]
145           Display the list of available commands, their options and
146           parameters together with a short help text. If pattern is given,
147           the commands shown are limited to those matching pattern.
148
149       info [file-id]
150           Display attributes of a file specified by file-id. If file-id is
151           not supplied, the attributes of the current file are displayed.
152
153       ls [pattern...]
154           List files in the current DF. If no pattern is given, then all
155           files are listed. If one ore more patterns are given, only files
156           matching at least one pattern are listed.
157
158       find [start-id [end-id]]
159           Find all files in the current DF. Files are found by selecting all
160           file identifiers in the range from start-fid to end-fid.
161
162           If not given, the default value for start-fid is 0000, while the
163           default for end-fid is FFFF.
164
165       find_tags [start-tag [end-tag]]
166           Find all tags of data objects in the current context. Tags are
167           found by using GET DATA in the range from from start-tag to
168           end-tag.
169
170           If not given, the default value for start-tag is 0000, while the
171           default for end-tag is FFFF.
172
173       mkdir file-id size
174           Create a DF.  file-id specifies the numeric id, and size the size
175           of the DF to create.
176
177       pin_info key-typekey-id
178           Get information on a PIN or key from the card, where key-type can
179           be one of CHV, KEY, AUT or PRO.  key-id is a number representing
180           the key or PIN reference.
181
182       put file-id input
183           Copy a local file to the card. The local file is specified by input
184           while the card file is specified by file-id.
185
186       quit
187           Exit the program.
188
189       random count [output-file]
190           Generate count bytes of random data. If output-file is given, write
191           the data to the host computer's file denoted by it, otherwise show
192           the data as hex dump.
193
194       rm file-id
195           Remove the EF or DF specified by file-id.
196
197       unblock CHVpin-ref [puk [new-pin]]
198           Unblock the PIN denoted by pin-ref using the PUK puk, and
199           potentially change its value to new-pin.
200
201           puk and new-pin can be sequences of hexadecimal values, strings
202           enclosed in double quotes ("..."), empty (""), or absent. If
203           absent, the values are read from the card reader's pin pad.
204
205           Examples:
206
207           unblock CHV2 00:00:00:00:00:00 "foobar"
208               Unblock PIN CHV2 using PUK 00:00:00:00:00:00 and set it to the
209               new value foobar.
210
211           unblock CHV2 00:00:00:00:00:00 ""
212               Unblock PIN CHV2 using PUK 00:00:00:00:00:00 keeping the old
213               value.
214
215           unblock CHV2 "" "foobar"
216               Set new value of PIN CHV2 to foobar.
217
218           unblock CHV2 00:00:00:00:00:00
219               Unblock PIN CHV2 using PUK 00:00:00:00:00:00. The new PIN value
220               is prompted by pinpad.
221
222           unblock CHV2 ""
223               Set PIN CHV2. The new PIN value is prompted by pinpad.
224
225           unblock CHV2
226               Unblock PIN CHV2. The unblock code and new PIN value are
227               prompted by pinpad.
228
229
230       update_binary file-id offs data
231           Binary update of the file specified by file-id with the literal
232           data data starting from offset specified by offs.
233
234           data can be supplied as a sequence of hexadecimal values or as a
235           string enclosed in double quotes ("...").
236
237       update_record file-id rec-nr rec-offs data
238           Update record specified by rec-nr of the file specified by file-id
239           with the literal data data starting from offset specified by
240           rec-offs.
241
242           data can be supplied as a sequence of hexadecimal values or as a
243           string enclosed in double quotes ("...").
244
245       verify key-typekey-id [key]
246           Present a PIN or key to the card, where key-type can be one of CHV,
247           KEY, AUT or PRO.  key-id is a number representing the key or PIN
248           reference.  key is the key or PIN to be verified, formatted as a
249           colon-separated sequence of hexadecimal values or a string enclosed
250           in double quotes ("...").
251
252           If key is omitted, the exact action depends on the card reader's
253           features: if the card readers supports PIN input via a pin pad,
254           then the PIN will be verified using the card reader's pin pad. If
255           the card reader does not support PIN input, then the PIN will be
256           asked interactively.
257
258           Examples:
259
260           verify CHV2 31:32:33:34:00:00:00:00
261               Verify CHV2 using the hex value 31:32:33:34:00:00:00:00
262
263           verify CHV1 "secret"
264               Verify CHV1 using the string value secret.
265
266           verify KEY2
267               Verify KEY2, get the value from the card reader's pin pad.
268
269
270       sm {open | close}
271           Call the card's open or close Secure Messaging handler.
272

SEE ALSO

274       opensc-tool(1)
275

AUTHORS

277       opensc-explorer was written by Juha Yrjölä <juha.yrjola@iki.fi>.
278
279
280
281opensc                            02/10/2020                OPENSC-EXPLORER(1)
Impressum