'\" t
.\"     Title: westcos-tool
.\"    Author: [see the "Authors" section]
.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/>
.\"      Date: 09/30/2018
.\"    Manual: OpenSC Tools
.\"    Source: opensc
.\"  Language: English
.\"
.TH "WESTCOS\-TOOL" "1" "09/30/2018" "opensc" "OpenSC Tools"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.\" http://bugs.debian.org/507673
.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html
.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.ie \n(.g .ds Aq \(aq
.el       .ds Aq '
.\" -----------------------------------------------------------------
.\" * set default formatting
.\" -----------------------------------------------------------------
.\" disable hyphenation
.nh
.\" disable justification (adjust text to left margin only)
.ad l
.\" -----------------------------------------------------------------
.\" * MAIN CONTENT STARTS HERE *
.\" -----------------------------------------------------------------
.SH "NAME"
westcos-tool \- utility for manipulating data structures on westcos smart cards
.SH "SYNOPSIS"
.HP \w'\fBwestcos\-tool\fR\ 'u
\fBwestcos\-tool\fR [\fIOPTIONS\fR]
.SH "DESCRIPTION"
.PP
The
\fBwestcos\-tool\fR
utility is used to manipulate the westcos data structures on 2 Ko smart cards / tokens\&. Users can create PINs, keys and certificates stored on the card / token\&. User PIN authentication is performed for those operations that require it\&.
.SH "OPTIONS"
.PP
.PP
\fB\-\-change\-pin\fR, \fB\-n\fR
.RS 4
Changes a PIN stored on the card\&. User authentication is required for this operation\&.
.RE
.PP
\fB\-\-certificate\fR \fIfile\fR, \fB\-t\fR \fIfile\fR
.RS 4
Write certificate file
\fIfile\fR
in PEM format to the card\&. User authentication is required for this operation\&.
.RE
.PP
\fB\-\-finalize\fR, \fB\-f\fR
.RS 4
Finalize the card\&. Once finalized the default key is invalidated, so PIN and PUK cannot be changed anymore without user authentication\&.
.sp
Warning, un\-finalized are insecure because PIN can be changed without user authentication (knowledge of default key is enough)\&.
.RE
.PP
\fB\-\-generate\-key\fR, \fB\-g\fR
.RS 4
Generate a private key on the card\&. The card must not have been finalized and a PIN must be installed (ie\&. the file for ithe PIN must havei been created, see option
\fB\-i\fR)\&. By default the key length is 1536 bits\&. User authentication is required for this operation\&.
.RE
.PP
\fB\-\-help\fR, \fB\-h\fR
.RS 4
Print help message on screen\&.
.RE
.PP
\fB\-\-install\-pin\fR, \fB\-i\fR
.RS 4
Install PIN file in on the card\&. You must provide a PIN value with
\fB\-x\fR\&.
.RE
.PP
\fB\-\-key\-length\fR \fIlength\fR, \fB\-l\fR \fIlength\fR
.RS 4
Change the length of private key\&. Use with
\fB\-g\fR\&.
.RE
.PP
\fB\-\-overwrite\-key\fR, \fB\-o\fR
.RS 4
Overwrite the key if there is already a key on the card\&.
.RE
.PP
\fB\-\-pin\-value\fR \fIvalue\fR, \fB\-x\fR \fIvalue\fR
.RS 4
Set value of PIN\&. If set to env:\fIVARIABLE\fR, the value of the environment variable
\fIVARIABLE\fR
is used\&.
.RE
.PP
\fB\-\-puk\-value\fR \fIvalue\fR, \fB\-y\fR \fIvalue\fR
.RS 4
set value of PUK (or value of new PIN for change PIN command see
\fB\-n\fR)\&. If set to env:\fIVARIABLE\fR, the value of the environment variable
\fIVARIABLE\fR
is used\&.
.RE
.PP
\fB\-\-read\-file\fR \fIpath\fR, \fB\-j\fR \fIpath\fR
.RS 4
Read the file
\fIpath\fR
from the card\&. The file is written on disk with name
\fIpath\fR\&. User authentication is required for this operation\&.
.RE
.PP
\fB\-\-reader\fR \fInum\fR, \fB\-r\fR \fInum\fR
.RS 4
Use the given reader\&. The default is the first reader with a card\&.
.RE
.PP
\fB\-\-unblock\-pin\fR, \fB\-u\fR
.RS 4
Unblocks a PIN stored on the card\&. Knowledge of the PIN Unblock Key (PUK) is required for this operation\&.
.RE
.PP
\fB\-v\fR
.RS 4
Causes
\fBwestcos\-tool\fR
to be more verbose\&. Specify this flag several times to enable debug output in the OpenSC library\&.
.RE
.PP
\fB\-\-wait\fR, \fB\-w\fR
.RS 4
Wait for a card to be inserted\&.
.RE
.PP
\fB\-\-write\-file\fR \fIpath\fR, \fB\-k\fR \fIpath\fR
.RS 4
Put the file with name
\fIpath\fR
from disk to card\&. On the card the file is written in
\fIpath\fR\&. User authentication is required for this operation\&.
.RE
.SH "AUTHORS"
.PP
\fBwestcos\-tool\fR
was written by Francois Leblanc
<francois\&.leblanc@cev\-sa\&.com>\&.