OPENPGP\-TOOL
Section: OpenSC Tools (1)
Updated: 02/25/2021
Page Index
NAME
openpgp-tool - utility for accessing visible data OpenPGP smart cards and compatible tokens
SYNOPSIS
-
openpgp-tool [OPTIONS]
DESCRIPTION
The
openpgp-tool
utility is used for accessing data from the OpenPGP v1.1 and v2.0 smart cards and compatible tokens like e.g. GPF CryptoStick v1.x, which might not be present in PKCS#15 objects but available in custom files on the card. The data can be printed on screen or used by other programs via environment variables.
OPTIONS
--card-info, -C
-
Show card information.
--del-key arg
-
Delete key indicated by
arg.
arg
can be
1,
2,
3, or
all.
--do arg, -d arg
-
Dump private data object (DO) indicated by
arg.
arg
can be in the form
x,
10x, or
010x
to access
DO 010x, where
x
is
1,
2,
3, or
4.
--erase, -E
-
Erase (i.e. reset) the card.
--exec prog, -x prog
-
Execute the given program with data in environment variables.
--gen-key arg, -G arg
-
Generate key with the ID given as
arg.
arg
can be one of
1,
2, or
3.
--help, -h
-
Print help message on screen.
--key-info, -K
-
Show information of keys on the card.
--key-type keytype, -t keytype
-
Specify the type of the key to be generated. Supported values for
keytype
are
rsa
for RSA with 2048 bits,
rsaLENGTH
for RSA with a bit length of
LENGTH. If not given, it defaults to
rsa2048.
--pin pin
-
This option can be used to specify the PIN value on the command line. If the value is set to
env:VARIABLE, the value of the specified environment variable is used. By default, the code is prompted on the command line if needed.
Note that on most operation systems, any user can display the command line of any process on the system using utilities such as
ps(1). Therefore, you should prefer passing the codes via an environment variable on an unsecured system.
--pretty
-
Print values in pretty format.
--raw
-
Print values in raw format, as they are stored on the card.
--reader arg, -r arg
-
Number of the reader to use. By default, the first reader with a present card is used. If
arg
is an ATR, the reader with a matching card will be chosen.
--user-info, -U
-
Show card holder information.
--verify pintype
-
Verify PIN (CHV1, CHV2 or CHV3).
--version, -V
-
Print the version of the utility and exit.
--verbose, -v
-
Verbose operation. Use several times to enable debug output.
--wait, -w
-
Wait for a card to be inserted.
AUTHORS
openpgp-tool
utility was written by Peter Marschall
<peter@adpm.de>.