10 releases
| 0.4.3 | Oct 21, 2023 |
|---|---|
| 0.4.2 | Mar 16, 2023 |
| 0.4.1 | Oct 2, 2022 |
| 0.3.0 | Jul 14, 2022 |
| 0.1.5 | Mar 2, 2022 |
#1776 in Cryptography
45KB
919 lines
jpki-cli
Easy yet simple CLI to access your JPKI card.
✅ Prerequisites
All platforms:
- PC/SC supported NFC reader
On GNU/Linux:
- pcsc-lite (libpcsclite)
📦 Installation
On macOS or Linux, Homebrew Tap can be used for installation:
brew tap siketyan/tap
brew install jpki-cli
Alternatively, build from source using Cargo:
cargo install jpki-cli
💚 Examples
Crypto AP
Dumps the certificate for digital signature:
jpki-cli crypto read-certificate > certificate.der
If you want the certificate for user authentication, insert --auth:
jpki-cli crypto --auth read-certificate > certificate.der
Signs the data from stdin using key-pair for digital signature:
cat plain.txt | jpki-cli crypto sign > signature.sig
Verifies the signature using the dumped certificate:
cat plain.txt | jpki-cli crypto verify certificate.der signature.sig
Gets the PIN status:
jpki-cli crypto stat
jpki-cli crypto --auth stat # Status of PIN for authentication
Surface AP
Dumps the photo using PIN B (DoB YYMMDD + Expiry YYYY + CVC XXXX):
jpki-cli surface get photo > photo.jpg
# PIN: YYMMDDYYYYXXXX
Using PIN A (My Number) instead:
jpki-cli surface get photo > photo.jpg
# PIN: XXXXYYYYZZZZ
For list of available data to dump, see the help:
jpki-cli surface get --help
Gets the PIN status:
jpki-cli surface stat a # PIN Type A
jpki-cli surface stat b # PIN Type B
Support AP
Reads the "My Number" from the card:
jpki-cli support get my-number
Reads text attributes from the card as JSON:
jpki-cli support get attributes --pretty
jpki-cli support get attributes | jq # The output is JSON, so you can query it w/ jq
Gets the PIN status:
jpki-cli support stat
Dependencies
~19–31MB
~546K SLoC