1QCATOOL(1)            Qt Cryptographic Architecture (QCA)           QCATOOL(1)
2
3
4

NAME

6       qcatool - command line tool for the Qt Cryptographic Architecture
7
8

DESCRIPTION

10       qcatool  is  a  command  line tool for performing various cryptographic
11       operations with the Qt Cryptographic Architecture  (QCA).  qcatool  can
12       also be used for testing and debugging QCA.
13
14

USAGE

16       qcatool  has  a range of options and commands. You only ever get to use
17       one command, but you may use several, one or no options.
18
19

OPTIONS

21       As noted above, these are all optional, and may be combined.
22
23       --pass=PASSWORD
24              Specify the password to use. This is probably a bad idea  except
25              for  testing, because anyone can read the arguments to a command
26              line application.
27
28       --newpass=PASSWORD
29              Specify the new password to use for password change with the key
30              changepass  and keybundle changepass commands.  This is probably
31              a bad idea except for testing, because anyone can read the argu‐
32              ments to a command line application.
33
34       --nonroots=CERTIFICATES
35              Specify  additional  certificates, not trusted, but which may be
36              used in the trust path if appropriate trust can be established.
37
38       --roots=CERTIFICATES
39              Specify additional certificates which can  be  used  as  trusted
40              (root) certificates.
41
42       --nosys
43              Disable  use of the standard root certificates that are provided
44              by the operating system.
45
46       --noprompt
47              Disable prompting for passwords/passphrases. If you do not  pro‐
48              vide  the  passphrase on the command line (with --pass or --new‐
49              pass) this will cause qcatool to abort the command  if  a  pass‐
50              word/passphrase is required.
51
52       --ordered
53              If outputting certificate information fields (Distinguished Name
54              and Subject Alternative Name), show them in same the order  that
55              they  are  present  in the certificate rather than in a friendly
56              sorted order.
57
58       --debug
59              Enable additional output to aid debugging.
60
61       --log-file=FILENAME
62              Log to the specified file.
63
64       --log-level=LEVEL
65              Log at the specified level. The  log  level  can  be  between  0
66              (none) and 8 (most).
67
68       --nobundle
69              When  S/MIME  signing,  do  not  bundle the signer's certificate
70              chain inside the signature.  This results in a smaller signature
71              output,  but requires the recipient to have all of the necessary
72              certificates in order to verify it.
73
74

COMMANDS

76       help, --help, -h
77              Output usage (help) information.
78
79       version, --version, -v
80              Output version information.
81
82       plugins
83              List available plugins. Use  the  --debug  option  to  get  more
84              information  on  plugins which are found and which ones actually
85              loaded.
86
87       config save [provider]
88              Save provider configuration. Use this  to  have  the  provider's
89              default  configuration  written to persistent storage, which you
90              can then edit by hand.
91
92       config edit [provider]
93              Edit provider configuration. The changes are written to  persis‐
94              tent storage.
95
96       key make rsa|dsa [bits]
97              Create a key pair
98
99       key changepass [K]
100              Add/change/remove passphrase of a key
101
102       cert makereq [K]
103              Create certificate request (CSR)
104
105       cert makeself [K]
106              Create self-signed certificate
107
108       cert makereqadv [K]
109              Advanced version of 'makereq'
110
111       cert makeselfadv [K]
112              Advanced version of 'makeself'
113
114       cert validate [C]
115              Validate certificate
116
117       keybundle make [K] [C]
118              Create a keybundle
119
120       keybundle extract [X]
121              Extract certificate(s) and key
122
123       keybundle changepass [X]
124              Change passphrase of a keybundle
125
126       keystore list-stores
127              List all available keystores
128
129       keystore list [storeName]
130              List content of a keystore
131
132       keystore monitor
133              Monitor for keystore availability
134
135       keystore export [E]
136              Export a keystore entry's content
137
138       keystore exportref [E]
139              Export a keystore entry reference
140
141       keystore addkb [storeName] [cert.p12]
142              Add a keybundle into a keystore
143
144       keystore addpgp [storeName] [key.asc]
145              Add a PGP key into a keystore
146
147       keystore remove [E]
148              Remove an object from a keystore
149
150       show cert [C]
151              Examine a certificate
152
153       show req [req.pem]
154              Examine a certificate request (CSR)
155
156       show crl [crl.pem]
157              Examine a certificate revocation list
158
159       show kb [X]
160              Examine a keybundle
161
162       show pgp [P|S]
163              Examine a PGP key
164
165       message sign pgp|pgpdetach|smime [X|S]
166              Sign a message
167
168       message encrypt pgp|smime [C|P]
169              Encrypt a message
170
171       message signencrypt [S] [P]
172              PGP sign & encrypt a message
173
174       message verify pgp|smime
175              Verify a message
176
177       message decrypt pgp|smime ((X) ...)
178              Decrypt a message (S/MIME needs X)
179
180       message exportcerts
181              Export certs from S/MIME message
182
183

ARGUMENTS

185       The arguments to the commands are as follows.
186
187       K = private key.
188
189       C = certificate.
190
191       X = key bundle.
192
193       P = PGP public key.
194
195       S = PGP secret key.
196
197       E = generic entry.
198
199       These  must  be identified by either a filename or a keystore reference
200       ("store:obj").
201
202

AUTHOR

204       qcatool was written by Justin Karneges as part of QCA. This manual page
205       was written by Brad Hards.
206
207
208
209
210qcatool 1.0.0                     August 2007                       QCATOOL(1)
Impressum