Provided by: opensc_0.22.0-1ubuntu2_amd64 bug

NAME

       westcos-tool - utility for manipulating data structures on westcos smart cards

SYNOPSIS

       westcos-tool [OPTIONS]

DESCRIPTION

       The westcos-tool utility is used to manipulate the westcos data structures on 2 Ko smart
       cards / tokens. Users can create PINs, keys and certificates stored on the card / token.
       User PIN authentication is performed for those operations that require it.

OPTIONS

       --change-pin, -n
           Changes a PIN stored on the card. User authentication is required for this operation.

       --certificate file, -t file
           Write certificate file file in PEM format to the card. User authentication is required
           for this operation.

       --finalize, -f
           Finalize the card. Once finalized the default key is invalidated, so PIN and PUK
           cannot be changed anymore without user authentication.

           Warning, un-finalized cards are insecure because the PIN can be changed without user
           authentication (knowledge of default key is enough).

       --generate-key, -g
           Generate a private key on the card. The card must not have been finalized and a PIN
           must be installed (i.e. the file for the PIN must have been created, see option -i).
           By default the key length is 1536 bits. User authentication is required for this
           operation.

       --help, -h
           Print help message on screen.

       --install-pin, -i
           Install PIN file in on the card. You must provide a PIN value with -x.

       --key-length length, -l length
           Change the length of private key. Use with -g.

       --overwrite-key, -o
           Overwrite the key if there is already a key on the card.

       --pin-value pin, -x pin --puk-value puk, -y puk
           These options can be used to specify the PIN/PUK values on the command line. If the
           value is set to env:VARIABLE, the value of the specified environment variable is used.
           By default, the code is prompted on the command line if needed.

           Note that on most operation systems, any user can display the command line of any
           process on the system using utilities such as ps(1). Therefore, you should prefer
           passing the codes via an environment variable on an unsecured system.

       --read-file filename, -j filename
           Read the file filename from the card. The file is written on disk with name filename.
           User authentication is required for this operation.

       --reader arg, -r arg
           Number of the reader to use. By default, the first reader with a present card is used.
           If arg is an ATR, the reader with a matching card will be chosen.

       --unblock-pin, -u
           Unblocks a PIN stored on the card. Knowledge of the PIN Unblock Key (PUK) is required
           for this operation.

       --verbose -v
           Causes westcos-tool to be more verbose. Specify this flag several times to enable
           debug output in the OpenSC library.

       --wait, -w
           Wait for a card to be inserted.

       --write-file filename, -k filename
           Put the file with name filename from disk to card. On the card the file is written in
           filename. User authentication is required for this operation.

AUTHORS

       westcos-tool was written by Francois Leblanc <francois.leblanc@cev-sa.com>.