1WESTCOS-TOOL(1)                  OpenSC Tools                  WESTCOS-TOOL(1)
2
3
4

NAME

6       westcos-tool - utility for manipulating data structures on westcos
7       smart cards
8

SYNOPSIS

10       westcos-tool [OPTIONS]
11

DESCRIPTION

13       The westcos-tool utility is used to manipulate the westcos data
14       structures on 2 Ko smart cards / tokens. Users can create PINs, keys
15       and certificates stored on the card / token. User PIN authentication is
16       performed for those operations that require it.
17

OPTIONS

19       --change-pin, -n
20           Changes a PIN stored on the card. User authentication is required
21           for this operation.
22
23       --certificate file, -t file
24           Write certificate file file in PEM format to the card. User
25           authentication is required for this operation.
26
27       --finalize, -f
28           Finalize the card. Once finalized the default key is invalidated,
29           so PIN and PUK cannot be changed anymore without user
30           authentication.
31
32           Warning, un-finalized cards are insecure because the PIN can be
33           changed without user authentication (knowledge of default key is
34           enough).
35
36       --generate-key, -g
37           Generate a private key on the card. The card must not have been
38           finalized and a PIN must be installed (i.e. the file for the PIN
39           must have been created, see option -i). By default the key length
40           is 1536 bits. User authentication is required for this operation.
41
42       --help, -h
43           Print help message on screen.
44
45       --install-pin, -i
46           Install PIN file in on the card. You must provide a PIN value with
47           -x.
48
49       --key-length length, -l length
50           Change the length of private key. Use with -g.
51
52       --overwrite-key, -o
53           Overwrite the key if there is already a key on the card.
54
55       --pin-value pin, -x pin --puk-value puk, -y puk
56           These options can be used to specify the PIN/PUK values on the
57           command line. If the value is set to env:VARIABLE, the value of the
58           specified environment variable is used. By default, the code is
59           prompted on the command line if needed.
60
61           Note that on most operation systems, any user can display the
62           command line of any process on the system using utilities such as
63           ps(1). Therefore, you should prefer passing the codes via an
64           environment variable on an unsecured system.
65
66       --read-file filename, -j filename
67           Read the file filename from the card. The file is written on disk
68           with name filename. User authentication is required for this
69           operation.
70
71       --reader arg, -r arg
72           Number of the reader to use. By default, the first reader with a
73           present card is used. If arg is an ATR, the reader with a matching
74           card will be chosen.
75
76       --unblock-pin, -u
77           Unblocks a PIN stored on the card. Knowledge of the PIN Unblock Key
78           (PUK) is required for this operation.
79
80       --verbose -v
81           Causes westcos-tool to be more verbose. Specify this flag several
82           times to enable debug output in the OpenSC library.
83
84       --wait, -w
85           Wait for a card to be inserted.
86
87       --write-file filename, -k filename
88           Put the file with name filename from disk to card. On the card the
89           file is written in filename. User authentication is required for
90           this operation.
91

AUTHORS

93       westcos-tool was written by Francois Leblanc
94       <francois.leblanc@cev-sa.com>.
95
96
97
98opensc                            08/08/2023                   WESTCOS-TOOL(1)
Impressum