Man page or keyword search:   man All Sections 1 - General Commands 2 - System Calls 3 - Subroutines, Functions 4 - Special Files 5 - File Formats 6 - Games and Screensavers 7 - Macros and Conventions 8 - Maintenence Commands 9 - Kernel Interface New Commands Server 4.4BSD AIX Alpinelinux Archlinux Aros BSDOS BSDi Bifrost CentOS Cygwin Darwin Debian DigitalUNIX DragonFly ElementaryOS Fedora FreeBSD Gentoo GhostBSD HP-UX Haiku Hurd IRIX Inferno JazzOS Kali Knoppix LinuxMint MacOSX Mageia Mandriva Manjaro Minix MirBSD NeXTSTEP NetBSD OPENSTEP OSF1 OpenBSD OpenDarwin OpenIndiana OpenMandriva OpenServer OpenSuSE OpenVMS Oracle PC-BSD Peanut Pidora Plan9 QNX Raspbian RedHat Scientific Slackware SmartOS Solaris SuSE SunOS Syllable Tru64 UNIXv7 Ubuntu Ultrix UnixWare Xenix YellowDog aLinux   31170 pages apropos Keyword Search (all sections) Output format html ascii pdf view pdf save postscript

PIV-TOOL(1)			 OpenSC tools			   PIV-TOOL(1)

NAME
       piv-tool - smart card utility for HSPD-12 PIV cards

SYNOPSIS
       piv-tool [OPTIONS]

       The piv-tool utility can be used from the command line to perform
       miscellaneous smart card operations on a HSPD-12 PIV smart card as
       defined in NIST 800-73-3. It is intened for use with test cards only.
       It can be used to load objects, and generate key pairs, as well as send
       arbitrary APDU commands to a card after having authenticated to the
       card using the card key provided by the card vendor.

OPTIONS
       --serial
	   Print the derived card serial number from the CHUID object if any.
	   output is in hex byte format.

       --name, -n
	   Print the name of the inserted card (driver)

       --admin argument, -A arguement
	   Authenticate to the card using a 2DES or 3DES key. An arguement
	   {A|M}:{ref}:{alg} is required, were A uses "EXTERNAL
	   AUTHENTICATION" and M uses "MUTUAL AUTHENTICATION". ref is normally
	   9B, and alg is 03 for 3DES. The key is provided by card vendor, and
	   the environment variable PIV_EXT_AUTH_KEY must point to a text file
	   with the key in the format:
	   XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX

       --genkeyargument, -G argument
	   Generate a key pair on the card and output the public key. An
	   argument {ref}:{alg} is required, where ref is 9A, 9C, 9D or 9E and
	   alg is 06, 07, 11 or 14 for RSA 1024, RSA 2048, ECC 256 or ECC 384.

       --object ContainerID, -O ContainerID
	   Load an object on to the card. The ContainerID is defined in NIST
	   800-73-n without leading 0x. Example: CHUID object is 3000

       --cert ref, -s ref
	   Load a certificate on to the card. ref is 9A, 9C, 9D or 9E

       --compresscert ref, -Z ref
	   Load a certificate that has been gziped on to the card. ref is 9A,
	   9C, 9D or 9E

       --out file, -o file
	   Output file for any operation that produces output.

       --in file, -i file
	   Input file for any operation that requires an input file.

       --key-slots-discovery file
	   Print properties of the key slots. Needs 'admin' authentication.

       --send-apdu apdu, -s apdu
	   Sends an arbitrary APDU to the card in the format
	   AA:BB:CC:DD:EE:FF... This option may be repeated.

       --reader, -r num
	   Use the given reader number. The default is 0, the first reader in
	   the system.

       --card-driver driver, -c driver
	   Use the given card driver. The default is auto-detected.

       --wait, -w
	   Wait for a card to be inserted

       --verbose, -v
	   Causes piv-tool to be more verbose. Specify this flag several times
	   to enable debug output in the opensc library.

SEE ALSO
       opensc-tool(1)

opensc				  07/19/2011			   PIV-TOOL(1)

Vote for polarhome