File: README

package info (click to toggle)
qca2 2.3.10-2
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid
  • size: 5,888 kB
  • sloc: cpp: 59,224; ansic: 814; perl: 133; sh: 89; makefile: 34
file content (80 lines) | stat: -rw-r--r-- 2,093 bytes parent folder | download | duplicates (6) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
 
qca-softstore -- Software certificate store Plug-in to QCA

ABOUT
	qca-softstore provides simple persistent certificate store for QCA framework.
	
	The plug-in defers the private key access and passphrase prompt to the point
	it is actually required, thus enabling the use of files stored on removable media.

	The plug-in also handles the private key objects as not exportable for applications.

	In order to defer the passphrase prompt, the certificate object must be extracted
	during configuration, this also apply to PKCS#12 files, since the certificate
	is encrypted within the format.

DEPENDENCIES
	None.

CONFIGURATION
	Configuration is stored at ~/.config/Affinix/QCA.conf, in order to
	generate default configuration use:

	$ qcatool --config save qca-softstore 

	Attributes:
		entry_##_enabled (Boolean)
			Provider at this index is enabled.

		entry_##_name (String)
			Name of entry.

		entry_##_public_type (String)
			Type of public component:

			x509chain
				entry_##_public is X.509 certificate chain.
				Each certificate is encoded in base64.
				List separator is '!'.
				First entry is end certificate.

		entry_##_public (String)
			By entry_##_public_type.

		entry_##_private_type (String)
			Type of private component:

			pkcs12
				entry_##_private is PKCS#12 format file name.

			pkcs8
				entry_##_private is base64 encoded PKCS#8 format.

			pkcs8-file-pem
				entry_##_private is PEM RSA key file name or PKCS#8 PEM encoded.

			pkcs8-file-der
				entry_##_private is PKCS#8 DER format.

		entry_##_private (String)
			By entry_##_private_type.

		entry_##_no_passphrase (Boolean)
			true if entry_##_private is not protected by passphrase.

		entry_##_unlock_timeout (Integer)
			Time in seconds to until passphrase should be prompted again.
			Specify -1 for infinite.

USEFUL COMMANDS
	pkcs12->RSA PEM
		openssl pkcs12 -in <pkcs12> -nocerts -out <key>
	
	pkcs12->Certificate PEM
		openssl pkcs12 -in <pkcs12> -nokeys -out <key>

	RSA PEM->PKCS#8
		openssl pkcs8 -in <key> -topk8 -out <pkcs8> -outform DER

AUTHORS
	Alon Bar-Lev <alon.barlev@gmail.com>