1OPENSC-EXPLORER(1)               OpenSC Tools               OPENSC-EXPLORER(1)
2
3
4

NAME

6       opensc-explorer - generic interactive utility for accessing smart card
7       and similar security token functions
8

SYNOPSIS

10       opensc-explorer [OPTIONS] [SCRIPT]
11

DESCRIPTION

13       The opensc-explorer utility can be used to perform miscellaneous
14       operations such as exploring the contents of or sending arbitrary APDU
15       commands to a smart card or similar security token.
16
17       If a SCRIPT is given, opensc-explorer runs in non-interactive mode,
18       reading the commands from SCRIPT, one command per line. If no script is
19       given, opensc-explorer runs in interactive mode, reading commands from
20       standard input.
21

OPTIONS

23       The following are the command-line options for opensc-explorer. There
24       are additional interactive commands available once it is running.
25
26       --card-driver driver, -c driver
27           Use the given card driver. The default is to auto-detect the
28           correct card driver. The literal value ?  lists all available card
29           drivers and terminates opensc-explorer.
30
31       --mf path, -m path
32           Select the file referenced by the given path on startup. The
33           default is the path to the standard master file, 3F00. If path is
34           empty (e.g.  opensc-explorer --mf ""), then no file is explicitly
35           selected.
36
37       --reader arg, -r arg
38           Number of the reader to use. By default, the first reader with a
39           present card is used. If arg is an ATR, the reader with a matching
40           card will be chosen.
41
42       --verbose, -v
43           Cause opensc-explorer to be more verbose. Specify this flag several
44           times to enable debug output in the opensc library.
45
46       --wait, -w
47           Wait for a card to be inserted.
48

COMMANDS

50       opensc-explorer supports commands with arguments at its interactive
51       prompt or in script files passed via the command line parameter SCRIPT.
52
53       Similar to a command shell like e.g.  bash, each input line is split
54       into white-space separated words. Of these words, the first one is used
55       as the command, while the remaining ones are treated as arguments to
56       that command.
57
58       The following commands are supported:
59
60       # ...
61           Treat line as a comment. Ignore anything until the end of the line
62           introduced by #.
63
64       apdu data...
65           Send a custom APDU command to the card.  data is a series of
66           sequences of hexadecimal values and strings enclosed in double
67           quotes ("...").
68
69       asn1 file-id [rec-no] [offs]
70           Parse and print the ASN.1 encoded content of the working EF
71           specified by file-id. If the optional parameter rec-no is given and
72           the file is a record-oriented EF, parse and print only the record
73           indicated by this parameter. If the optional parameter offs is
74           given, start parsing and printing the file or record at the offset
75           indicated by the value given. If this parameter is not given, the
76           default offset is 0.
77
78       cat [file-id | sfi:short-id] [rec-no]
79           Print the contents of the working EF specified by file-id or the
80           short file id short-id. If the optional second parameter rec-no is
81           given, only print the record indicated by this parameter. If no
82           argument is given, print the the contents of the currently selected
83           EF.
84
85       cd {.. | file-id | aid:DF-name}
86           Change to another DF specified by the argument passed. If the
87           argument given is .., then move up one level in the file system
88           hierarchy. If it is a file-id, which must be a DF directly beneath
89           the current DF, then change to that DF. If it is an application
90           identifier given as aid:DF-name, then jump to the MF of the
91           application denoted by DF-name.
92
93       change CHVpin-ref [[old-pin] new-pin]
94           Change the PIN specified by pin-ref from the value given by old-pin
95           and change its value to new-pin.
96
97           old-pin and new-pin can be sequences of hexadecimal values, strings
98           enclosed in double quotes ("..."), empty (""), or absent. If
99           absent, the values are read from the card reader's pin pad.
100
101           Examples:
102
103           change CHV2 00:00:00:00:00:00 "foobar"
104               Change PIN CHV2 to the new value foobar, giving the old value
105               00:00:00:00:00:00.
106
107           change CHV2 "foobar"
108               Set PIN CHV2 to the new value foobar.
109
110           change CHV2
111               Change PIN CHV2 using the card reader's pinpad.
112
113
114       create file-id size
115           Create a new EF.  file-id specifies the numeric id, and size the
116           size of the EF to create.
117
118       debug [level]
119           Set OpenSC debug level to level.
120
121           If level is omitted, show the current debug level.
122
123       delete file-id
124           Remove the EF or DF specified by file-id.
125
126       do_get hex-tag [output]
127           Copy the contents of the card's data object (DO) specified by
128           hex-tag to the local host computer's file named output.
129
130           If output is not given, the contents of hex-tag will be displayed
131           as hex-dump.
132
133       do_put hex-tag data
134           Change the contents of the card's data object (DO) specified by
135           hex-tag to data.
136
137           data is either a sequence of hexadecimal values or a string
138           enclosed in double quotes ("...").
139
140       echo string...
141           Print the strings given.
142
143       erase
144           Erase the card, if the card supports it.
145
146       get file-id [output]
147           Copy an EF to a local file. The local file is specified by output
148           while the card file is specified by file-id.
149
150           If output is omitted, the name of the output file will be derived
151           from the full card path to file-id.
152
153       get_record file-id rec-no [output]
154           Copy a record of a record-oriented EF to a local file. The local
155           file is specified by output while the card file and the record are
156           specified by file-id and rec-no,
157
158           If output is omitted, the name of the output file will be derived
159           from the full card path to file-id. and the rec-no.
160
161       help [pattern]
162           Display the list of available commands, their options and
163           parameters together with a short help text. If pattern is given,
164           the commands shown are limited to those matching pattern.
165
166       info [file-id]
167           Display attributes of a file specified by file-id. If file-id is
168           not supplied, the attributes of the current file are displayed.
169
170       ls [pattern...]
171           List files in the current DF. If no pattern is given, then all
172           files are listed. If one ore more patterns are given, only files
173           matching at least one pattern are listed.
174
175       find [start-id [end-id]]
176           Find all files in the current DF. Files are found by selecting all
177           file identifiers in the range from start-fid to end-fid.
178
179           If not given, the default value for start-fid is 0000, while the
180           default for end-fid is FFFF.
181
182       find_tags [start-tag [end-tag]]
183           Find all tags of data objects in the current context. Tags are
184           found by using GET DATA in the range from from start-tag to
185           end-tag.
186
187           If not given, the default value for start-tag is 0000, while the
188           default for end-tag is FFFF.
189
190       mkdir file-id size
191           Create a DF.  file-id specifies the numeric id, and size the size
192           of the DF to create.
193
194       pin_info key-typekey-id
195           Get information on a PIN or key from the card, where key-type can
196           be one of CHV, KEY, AUT or PRO.  key-id is a number representing
197           the key or PIN reference.
198
199       put file-id input
200           Copy a local file to the card. The local file is specified by input
201           while the card file is specified by file-id.
202
203       quit
204           Exit the program.
205
206       random count [output-file]
207           Generate count bytes of random data. If output-file is given, write
208           the data to the host computer's file denoted by it, otherwise show
209           the data as hex dump.
210
211       rm file-id
212           Remove the EF or DF specified by file-id.
213
214       unblock CHVpin-ref [puk [new-pin]]
215           Unblock the PIN denoted by pin-ref using the PUK puk, and
216           potentially change its value to new-pin.
217
218           puk and new-pin can be sequences of hexadecimal values, strings
219           enclosed in double quotes ("..."), empty (""), or absent. If
220           absent, the values are read from the card reader's pin pad.
221
222           Examples:
223
224           unblock CHV2 00:00:00:00:00:00 "foobar"
225               Unblock PIN CHV2 using PUK 00:00:00:00:00:00 and set it to the
226               new value foobar.
227
228           unblock CHV2 00:00:00:00:00:00 ""
229               Unblock PIN CHV2 using PUK 00:00:00:00:00:00 keeping the old
230               value.
231
232           unblock CHV2 "" "foobar"
233               Set new value of PIN CHV2 to foobar.
234
235           unblock CHV2 00:00:00:00:00:00
236               Unblock PIN CHV2 using PUK 00:00:00:00:00:00. The new PIN value
237               is prompted by pinpad.
238
239           unblock CHV2 ""
240               Set PIN CHV2. The new PIN value is prompted by pinpad.
241
242           unblock CHV2
243               Unblock PIN CHV2. The unblock code and new PIN value are
244               prompted by pinpad.
245
246
247       update_binary file-id offs data
248           Binary update of the file specified by file-id with the literal
249           data data starting from offset specified by offs.
250
251           data can be supplied as a sequence of hexadecimal values or as a
252           string enclosed in double quotes ("...").
253
254       update_record file-id rec-nr rec-offs data
255           Update record specified by rec-nr of the file specified by file-id
256           with the literal data data starting from offset specified by
257           rec-offs.
258
259           data can be supplied as a sequence of hexadecimal values or as a
260           string enclosed in double quotes ("...").
261
262       verify key-typekey-id [key]
263           Present a PIN or key to the card, where key-type can be one of CHV,
264           KEY, AUT or PRO.  key-id is a number representing the key or PIN
265           reference.  key is the key or PIN to be verified, formatted as a
266           colon-separated sequence of hexadecimal values or a string enclosed
267           in double quotes ("...").
268
269           If key is omitted, the exact action depends on the card reader's
270           features: if the card readers supports PIN input via a pin pad,
271           then the PIN will be verified using the card reader's pin pad. If
272           the card reader does not support PIN input, then the PIN will be
273           asked interactively.
274
275           Examples:
276
277           verify CHV2 31:32:33:34:00:00:00:00
278               Verify CHV2 using the hex value 31:32:33:34:00:00:00:00
279
280           verify CHV1 "secret"
281               Verify CHV1 using the string value secret.
282
283           verify KEY2
284               Verify KEY2, get the value from the card reader's pin pad.
285
286
287       sm {open | close}
288           Call the card's open or close Secure Messaging handler.
289

SEE ALSO

291       opensc-tool(1)
292

AUTHORS

294       opensc-explorer was written by Juha Yrjölä <juha.yrjola@iki.fi>.
295
296
297
298opensc                            08/10/2021                OPENSC-EXPLORER(1)
Impressum