1PKCS15-TOOL(1)                   OpenSC tools                   PKCS15-TOOL(1)
2
3
4

NAME

6       pkcs15-tool - utility for manipulating PKCS #15 data structures on
7       smart cards and similar security tokens
8

SYNOPSIS

10       pkcs15-tool [OPTIONS]
11

DESCRIPTION

13       The pkcs15-tool utility is used to manipulate the PKCS #15 data
14       structures on smart cards and similar security tokens. Users can list
15       and read PINs, keys and certificates stored on the token. User PIN
16       authentication is performed for those operations that require it.
17

OPTIONS

19       --learn-card, -L
20           Cache PKCS #15 token data to the local filesystem. Subsequent
21           operations are performed on the cached data where possible. If the
22           cache becomes out-of-sync with the token state (eg. new key is
23           generated and stored on the token), the cache should be updated or
24           operations may show stale results.
25
26       --read-certificate cert, -r cert
27           Reads the certificate with the given id.
28
29       --list-certificates, -c
30           Lists all certificates stored on the token.
31
32       --list-pins
33           Lists all PINs stored on the token. General information about each
34           PIN is listed (eg. PIN name). Actual PIN values are not shown.
35
36       --change-pin
37           Changes a PIN stored on the token. User authentication is required
38           for this operation.
39
40       --unblock-pin, -u
41           Unblocks a PIN stored on the token. Knowledge of the Pin Unblock
42           Key (PUK) is required for this operation.
43
44       --list-keys, -k
45           Lists all private keys stored on the token. General information
46           about each private key is listed (eg. key name, id and algorithm).
47           Actual private key values are not displayed.
48
49       --list-public-keys
50           Lists all public keys stored on the token, including key name, id,
51           algorithm and length information.
52
53       --read-public-key id
54           Reads the public key with id id, allowing the user to extract and
55           store or use the public key.
56
57       --read-ssh-key id
58           Reads the public key with id id, writing the output in format
59           suitable for $HOME/.ssh/authorized_keys.
60
61       --output filename, -o filename
62           Specifies where key output should be written. If filename already
63           exists, it will be overwritten. If this option is not given, keys
64           will be printed to standard output.
65
66       --no-cache
67           Disables token data caching.
68
69       --pin-id pin, -a pin
70           Specifies the auth id of the PIN to use for the operation. This is
71           useful with the --change-pin operation.
72
73       --reader num
74           Forces pkcs15-tool to use reader number num for operations. The
75           default is to use reader number 0, the first reader in the system.
76
77       --verbose, -v
78           Causes pkcs15-tool to be more verbose. Specify this flag several
79           times to enable debug output in the OpenSC library.
80

SEE ALSO

82       opensc(7), pkcs15-init(1), pkcs15-crypt(1)
83
84
85
86opensc                            02/16/2010                    PKCS15-TOOL(1)
Impressum