Context Navigation

Back to Ticket #56354

Ticket #56354: piv-tool.1

File piv-tool.1, 4.9 KB (added by mouse07410 (Mouse), 6 years ago)
generated man page

Line
1	'\" t
2	.\" Title: piv-tool
3	.\" Author: [FIXME: author] [see http://www.docbook.org/tdg5/en/html/author]
4	.\" Generator: DocBook XSL Stylesheets v1.79.2 <http://docbook.sf.net/>
5	.\" Date: 04/25/2018
6	.\" Manual: OpenSC Tools
7	.\" Source: opensc
8	.\" Language: English
9	.\"
10	.TH "PIV\-TOOL" "1" "04/25/2018" "opensc" "OpenSC Tools"
11	.\" -----------------------------------------------------------------
12	.\" * Define some portability stuff
13	.\" -----------------------------------------------------------------
14	.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
15	.\" http://bugs.debian.org/507673
16	.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html
17	.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
18	.ie \n(.g .ds Aq \(aq
19	.el .ds Aq '
20	.\" -----------------------------------------------------------------
21	.\" * set default formatting
22	.\" -----------------------------------------------------------------
23	.\" disable hyphenation
24	.nh
25	.\" disable justification (adjust text to left margin only)
26	.ad l
27	.\" -----------------------------------------------------------------
28	.\" * MAIN CONTENT STARTS HERE *
29	.\" -----------------------------------------------------------------
30
31
32
33	.SH "NAME"
34	piv-tool \- smart card utility for HSPD\-12 PIV cards
35
36
37	.SH "SYNOPSIS"
38
39	.HP \w'\fBpiv\-tool\fR\ 'u
40
41	\fBpiv\-tool\fR
42	[\fIOPTIONS\fR]
43
44
45
46
47	.SH ""
48
49	.PP
50	The
51	\fBpiv\-tool\fR
52	utility can be used from the command line to perform miscellaneous smart card operations on a HSPD\-12 PIV smart card as defined in NIST 800\-73\-3\&. It is intended for use with test cards only\&. It can be used to load objects, and generate key pairs, as well as send arbitrary APDU commands to a card after having authenticated to the card using the card key provided by the card vendor\&.
53
54
55
56	.SH "OPTIONS"
57
58
59	.PP
60
61
62	.PP
63	\fB\-\-serial\fR
64	.RS 4
65
66
67	Print the card serial number derived from the CHUID object, if any\&. Output is in hex byte format\&.
68
69	.RE
70	.PP
71	\fB\-\-name\fR, \fB\-n\fR
72	.RS 4
73
74
75	Print the name of the inserted card (driver)
76
77	.RE
78	.PP
79	\fB\-\-admin\fR \fIargument\fR, \fB\-A\fR \fIargument\fR
80	.RS 4
81
82
83	Authenticate to the card using a 2DES or 3DES key\&. The
84	\fIargument\fR
85	of the form
86	.sp
87	.if n \{\
88	.RS 4
89	.\}
90	.nf
91	{A\|M}:\fIref\fR:\fIalg\fR
92	.fi
93	.if n \{\
94	.RE
95	.\}
96	.sp
97	is required, were
98	A
99	uses "EXTERNAL AUTHENTICATION" and
100	M
101	uses "MUTUAL AUTHENTICATION"\&.
102	\fIref\fR
103	is normally
104	9B, and
105	\fIalg\fR
106	is
107	03
108	for 3DES\&. The key is provided by the card vendor, and the environment variable
109	\fIPIV_EXT_AUTH_KEY\fR
110	must point to a text file containing the key in the format:
111	XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX
112
113	.RE
114	.PP
115	\fB\-\-genkey\fR \fIargument\fR, \fB\-G\fR \fIargument\fR
116	.RS 4
117
118
119	Generate a key pair on the card and output the public key\&. The
120	\fIargument\fR
121	of the form
122	.sp
123	.if n \{\
124	.RS 4
125	.\}
126	.nf
127	\fIref\fR:\fIalg\fR
128	.fi
129	.if n \{\
130	.RE
131	.\}
132	.sp
133	is required, where
134	\fIref\fR
135	is
136	9A,
137	9C,
138	9D
139	or
140	9E
141	and
142	\fIalg\fR
143	is
144	06,
145	07,
146	11
147	or
148	14
149	for RSA 1024, RSA 2048, ECC 256 or ECC 384 respectively\&.
150
151	.RE
152	.PP
153	\fB\-\-object\fR \fIContainerID\fR, \fB\-O\fR \fIContainerID\fR
154	.RS 4
155
156
157	Load an object onto the card\&. The
158	\fIContainerID\fR
159	is as defined in NIST 800\-73\-n without leading
160	0x\&. Example: CHUID object is 3000
161
162	.RE
163
164	.PP
165	\fB\-\-cert\fR \fIref\fR, \fB\-s\fR \fIref\fR
166	.RS 4
167
168
169	Load a certificate onto the card\&.
170	\fIref\fR
171	is
172	9A,
173	9C,
174	9D
175	or
176	9E
177
178	.RE
179
180	.PP
181	\fB\-\-compresscert\fR \fIref\fR, \fB\-Z\fR \fIref\fR
182	.RS 4
183
184
185	Load a certificate that has been gzipped onto the card\&.
186	\fIref\fR
187	is
188	9A,
189	9C,
190	9D
191	or
192	9E
193
194	.RE
195
196	.PP
197	\fB\-\-out\fR \fIfile\fR, \fB\-o\fR \fIfile\fR
198	.RS 4
199
200
201	Output file for any operation that produces output\&.
202
203	.RE
204
205	.PP
206	\fB\-\-in\fR \fIfile\fR, \fB\-i\fR \fIfile\fR
207	.RS 4
208
209
210	Input file for any operation that requires an input file\&.
211
212	.RE
213
214	.PP
215	\fB\-\-key\-slots\-discovery\fR \fIfile\fR
216	.RS 4
217
218
219	Print properties of the key slots\&. Needs \(Aqadmin\(Aq authentication\&.
220
221	.RE
222
223	.PP
224	\fB\-\-send\-apdu\fR \fIapdu\fR, \fB\-s\fR \fIapdu\fR
225	.RS 4
226
227
228	Sends an arbitrary APDU to the card in the format
229	AA:BB:CC:DD:EE:FF\&.\&.\&.\&. This option may be repeated\&.
230
231	.RE
232
233	.PP
234	\fB\-\-reader\fR \fInum\fR, \fB\-r\fR \fInum\fR
235	.RS 4
236
237
238	Use the given reader number\&. The default is
239	0, the first reader in the system\&.
240
241	.RE
242	.PP
243	\fB\-\-card\-driver\fR \fIdriver\fR, \fB\-c\fR \fIdriver\fR
244	.RS 4
245
246
247	Use the given card driver\&. The default is auto\-detected\&.
248
249	.RE
250	.PP
251	\fB\-\-wait\fR, \fB\-w\fR
252	.RS 4
253
254
255	Wait for a card to be inserted
256
257	.RE
258	.PP
259	\fB\-\-verbose\fR, \fB\-v\fR
260	.RS 4
261
262
263	Causes
264	\fBpiv\-tool\fR
265	to be more verbose\&. Specify this flag several times to enable debug output in the opensc library\&.
266
267	.RE
268
269
270
271
272	.SH "SEE ALSO"
273
274
275	.PP
276	\fBopensc-tool\fR(1)
277
278
279

Download in other formats:

Original Format