Utilities in the Web Services PKCS #11 library
The following four utility programs are provided:
ckcheckinst
|
Checks basic functionality. |
ckinfo-dynamic
|
Prints version information. |
cklist-dynamic
|
Lists objects created on the Softcard. |
ckmechinfo
|
Lists supported mechanisms. |
Run these programs with the following commands:
Linux:
/opt/nfast/webservices/pkcs11/bin/ckcheckinst
/opt/nfast/webservices/pkcs11/bin/ckinfo-dynamic --library /opt/nfast/webservices/pkcs11/lib/libpkcs11webservices.so
/opt/nfast/webservices/pkcs11/bin/cklist-dynamic --library /opt/nfast/webservices/pkcs11/lib/libpkcs11webservices.so
/opt/nfast/webservices/pkcs11/bin/ckmechinfo
Windows:
C:\Program Files\nCipher\WebServices\pkcs11\bin\ckcheckinst.exe
C:\Program Files\nCipher\WebServices\pkcs11\bin\ckinfo-dynamic.exe --library "C:\Program Files\nCipher\WebServices\pkcs11\lib\libpkcs11webservices.so"
C:\Program Files\nCipher\WebServices\pkcs11\bin\cklist-dynamic.exe --library "C:\Program Files\nCipher\WebServices\pkcs11\lib\libpkcs11webservices.so"
C:\Program Files\nCipher\WebServices\pkcs11\bin\ckmechinfo.exe
Softcard generation tool
Because PKCS #11 does not directly support Softcard generation, a command line tool is provided.
The Softcard tool uses the same configuration file as the PKCS #11 library for the Web Services server secure connection. It does not support any logging. For more information, see Configure the Web Services PKCS #11 library.
To generate a new Softcard run the following command:
Linux:
/opt/nfast/webservices/pkcs11/bin/softcardtool -g --name=<new-softcard-name>
Windows:
C:\Program Files\nCipher\WebServices\pkcs11\bin\softcardtool.exe -g --name=<new-softcard-name>
When prompted, enter a new passphrase for the Softcard.
Special characters for name and passphrase are not supported. |
To verify the Web Services server connection, run the tool with the verbose and list options:
Linux:
/opt/nfast/webservices/pkcs11/bin/softcardtool -vl
Windows:
C:\Program Files\nCipher\WebServices\pkcs11\bin\softcardtool.exe -vl
To delete a Softcard, remove all keys associated with the Softcard and use the following command:
Linux:
/opt/nfast/webservices/pkcs11/bin/softcardtool -d --ID=<deleted-softcard-ID>
Windows:
C:\Program Files\nCipher\WebServices\pkcs11\bin\softcardtool.exe -d --ID=<deleted-softcard-ID>
To see all the available options, run
Linux:
/opt/nfast/webservices/pkcs11/bin/softcardtool --help
softcardtool, 1.1.0
Usage:
softcardtool [options]
Windows:
C:\Program Files\nCipher\WebServices\pkcs11\bin\softcardtool.exe --help
softcardtool, 1.1.0
Usage:
softcardtool.exe [options]
Options:
Help options:
-h, --help Display help for `softcardtool'.
-V, --version Display the version number of `softcardtool'.
-u, --usage Display a brief usage summary for `softcardtool'.
-v, --verbose verbose output
-i, --id=ID ID of softcard to delete
-n, --name=NAME name of softcard to generate
-l, --list list softcards
-d, --delete delete softcard by ID
-g, --generate generate a new softcard
Generates softcards and deletes them.