NAME
crypttool— command line tool to explore and perform cryptographic operations.
SYNOPSIS
crypttool command (help | [command-options])
crypttool help
Displays all the commands available with crypttool.
crypttool command help
Displays all the command-options available with the command.
crypttool listp [listp-options]
Lists all the installed and configured cryptographic service providers.
crypttool listks [listks-options]
Lists the entries in the specified keystore.
crypttool genk [genk-options]
Generates a secret key.
crypttool genkp [genkp-options]
Generates a public and private key pair.
crypttool crypt [crypt-options]
Encrypts or decrypts the data of an input file to an output file.
crypttool sign [sign-options]
Creates or verifies a signature of data in a file.
crypttool digest [digest-options]
Creates or verifies the digest of data in a file.
crypttool mac [mac-options]
Creates or verifies message authentication code of data in a file.
crypttool bench [bench-options]
Reports execution time of commands in a command file.
DESCRIPTION
The tool crypttool performs most of the cryptographic functions available in JCA and JCE. These functions include:
Show available providers and information associated with each of the providers.
Generate a secret key or a private and public key pair. A generated secret key can be (a) stored in a JCEKS keystore, (b) saved in a file, (c) printed on screen (Hex value), or (d) discarded. The key saved in the file is essentially a serialized SecretKey object and hence not portable across providers. A private and public key pair can be (a) saved in a file, or (b) printed on screen. Similar to a secret key, the public and private key pair is also a serialized object and not portable across providers.
Encrypt and decrypt data using symmetric or asymmetric cryptography. Note that J2SE v1.4 doesn't support any asymmetric cipher.
Create and verify digital signature. This operation involves asymmetric cryptography and requires a private and public key pair.
Create and verify message digest.
Create and verify Message Authentication Code (MAC).
Measure performance of cryptographic operations.
Association of these operations with various crypttool commands is quite obvious.
OPTIONS
The table below lists all the different options supported by the utility crypttool. As not all options apply to every command, the applicable commands are also indicated. To get all the options supported by a command, issue the command: "crypttool command help".
EXAMPLES
crypttool listp –csinfo
Lists providers with details of cryptographic services supported by each provider. Very useful for exploring the services available with a Java platform.
crypttool genk –action store –keystore test.ks
Generates a DES (default algorithm) key of size 56 bits (default keysize) and stores it in a JCEKS (default keystore type) keystore file test.ks with keystore password "changeit" (default password) and the entry alias "mykey" (default alias).
crypttool listks –keystore test.ks
Lists the entries in the keystore file test.ks. Default keystore type "JCEKS" and password "changeit" is used.
crypttool crypt -op enc -infile build.xml -outfile test.enc -keystore test.ks -iv 12345678
Encrypts file build.xml using the secret key in keystore test.ks and initialization vector as the byte array representation of string "12345678". The encrypted data is stored in the output file test.enc.
crypttool crypt -op dec -infile test.enc –outfile test.dec -keystore test.ks -iv 12345678
Decrypts the file test.enc encrypted in last command using the same secret key. The decrypted data is stored in the output file test.dec.
crypttool mac -infile build.xml -keystore test.ks -macfile test.mac crypttool mac -infile build.xml -keystore test.ks -macfile test.mac –verify
Computes the MAC of the input file build.xml and verifies it. The secret key of earlier operations is used here as well.
crypttool genkp –action save –file test.kp -algorithm RSA
Generates RSA key pair of keysize 512 (default keysize) and saves the serialized KeyPair object to the file test.kp.
crypttool sign -infile build.xml -sigfile test.sig -keyfile test.kp -algorithm SHA1WithRSA
Signs the file build.xml with the RSA private key using SHA1WithRSA algorithm and saves the signature in the file test.sig.
crypttool sign -infile build.xml -sigfile test.sig -keyfile test.kp -algorithm SHA1WithRSA -verify
Verifies the signature created by the last command.
3.145.76.250