cklist

cklist [-p PIN | -n]

Views details of P11 objects on all slots. If invoked with a PIN argument, the utility lists public and private objects. If invoked with the -n (--nopin) option, the utility lists only the public objects.

This utility does not output any potentially sensitive attributes, even if the object has CKA_SENSITIVE set to FALSE.

Option Description

-n, --nopin

Doesn’t call C_Login, doesn’t list private objects.

-p, --pin-for-testing=PIN

Use PIN for C_Login.

Exposes PIN, use for testing only.

Template options

--cka-encrypt=ENCRYPT

Matches CKA_ENCRYPT.

--cka-id=ID

Matches ID (hex bytestring).

--cka-issuer=ISSUER

Matches ISSUER (hex bytestring).

--cka-nfkm-hash=HASH

Matches HASH.

--cka-nfkm-ident=IDENT

Matches IDENT.

--cka-serial-number=NUMBER

Matches NUMBER (hex bytestring).

--cka-sign=SIGN

Matches CKA_SIGN.

-l, --cka-label=LABEL

Matches LABEL.

-r, --repeat-count=COUNT

Repeats the count. Default: 1.

-s, --slot-name=SLOT

Use only named SLOT.

--verify-mode

Flattens the output with security relevant attributes only.

Help options

-h, --help

Displays help for cklist.

-u, --usage

Displays a brief usage summary for cklist.

-V, --version

Displays the version number of the Security World Software that deploys cklist.