Symbian3/PDK/Source/GUID-6DF71555-1AB0-5B50-9FEA-E775F3AFEF8B.dita
changeset 3 46218c8b8afa
parent 1 25a17d01db0c
child 5 f345bda72bc4
--- a/Symbian3/PDK/Source/GUID-6DF71555-1AB0-5B50-9FEA-E775F3AFEF8B.dita	Thu Mar 11 15:24:26 2010 +0000
+++ b/Symbian3/PDK/Source/GUID-6DF71555-1AB0-5B50-9FEA-E775F3AFEF8B.dita	Thu Mar 11 18:02:22 2010 +0000
@@ -1,256 +1,256 @@
-<?xml version="1.0" encoding="utf-8"?>
-<!-- Copyright (c) 2007-2010 Nokia Corporation and/or its subsidiary(-ies) All rights reserved. -->
-<!-- This component and the accompanying materials are made available under the terms of the License 
-"Eclipse Public License v1.0" which accompanies this distribution, 
-and is available at the URL "http://www.eclipse.org/legal/epl-v10.html". -->
-<!-- Initial Contributors:
-    Nokia Corporation - initial contribution.
-Contributors: 
--->
-<!DOCTYPE concept
-  PUBLIC "-//OASIS//DTD DITA Concept//EN" "concept.dtd">
-<concept id="GUID-6DF71555-1AB0-5B50-9FEA-E775F3AFEF8B" xml:lang="en"><title>Listing
-Keystore Contents</title><prolog><metadata><keywords/></metadata></prolog><conbody>
-<p>The list command is used to display the content of the key store. It can
-be used to display the overall content of all key store implementations, to
-display the content of a specific key store implementation, or to display
-details about a specific key if we know its label. </p>
-<p><b>Listing the content of all key store implementations </b> </p>
-<p>To see all the private keys available on the device, use the command: </p>
-<p><userinput>keytool -list</userinput> </p>
-<p>The output, depending on the actual keys present on the device, will look
-similar to: </p>
-<codeblock id="GUID-1BCFB869-ABA0-5822-9921-071A6D4BD4A9" xml:space="preserve">Symbian OS KeyStore Manipulation Tool
-Copyright (c) 2004-2009 Nokia Corporation and/or its subsidiary(-ies).  All rights reserved.
-Store Label: Software key store
-gm0 is a 512 bits RSA key 
-
-Store Label: Software key store
-gm1 is a 512 bits DSA key 
-
-Store Label: Software key store
-Tls RSAKey is a 1024 bits RSA key
-</codeblock>
-<p>In this case, there are two RSA keys and one DSA key. You can get information
-in addition to the above output by using the –details (-d for short) option: </p>
-<codeblock id="GUID-08D6C409-938E-56D1-B1A2-C154C1193000" xml:space="preserve">keytool –l –d</codeblock>
-<codeblock id="GUID-DB7833DC-E9DE-54F9-B4D3-BAA79BBD5023" xml:space="preserve">keytool –l –d
-Symbian OS KeyStore Manipulation Tool
-Copyright (c) 2004-2009 Nokia Corporation and/or its subsidiary(-ies).  All rights reserved.
-Store Label: Software key store
-Version: 1.00      Serial Number: 0      Manufacturer: Nokia Corporation Store Type: Read only
-        Algorithm: RSA    Size: 512  bits
-        Usage : PKCS15 DecryptSignSignRecover    Code: 0xe 
-        Owner : 0x101f7e95 
-        User : 0x101f7e95 
-        Access flags: Extractable 
-        ID: 4d 15 e9 01 c6 ea ff a0 11 57 05 60 f4 ba 0c 0f 58 db ae e7 
-        Label: gm0
-        Native: Yes 
-        Start date: not set    End date: not set
-</codeblock>
-<p>The following table details the fields that make up the output of the list
-command: </p>
-<table id="GUID-CBBCDC21-3220-52F5-8C4A-460BCBB26EDC">
-<tgroup cols="2"><colspec colname="col0"/><colspec colname="col1"/>
-<thead>
-<row>
-<entry>Output type </entry>
-<entry>Description </entry>
-</row>
-</thead>
-<tbody>
-<row>
-<entry><p>Algorithm </p> </entry>
-<entry><p>The algorithm field shows the type of keys available. The valid
-values are RSA and DSA. </p> </entry>
-</row>
-<row>
-<entry><p>Size </p> </entry>
-<entry><p>The size of the key in bits. For instance, in the example above,
-there are three RSA keys with sizes ranging from 512 to 2048 bits. The maximum
-allowed key size, as of now, is 2048 bits. </p> </entry>
-</row>
-<row>
-<entry><p>Usage </p> </entry>
-<entry><p>The usage attribute specifies the tasks which we can perform with
-the given key. Valid values for usage are: </p> <ul>
-<li id="GUID-A275AD33-178B-50D8-AE3C-7883E75E0A29"><p>sign and signrecover
-for DSA keys </p> </li>
-<li id="GUID-894879F1-4764-552A-8570-A5B1DE5C3C4E"><p>sign, signrecover, decrypt
-and unwrap for RSA keys </p> </li>
-</ul> <p>Usage attributes are set during key import. Attempts to set invalid
-usages will result in an error. </p> </entry>
-</row>
-<row>
-<entry><p>Owner </p> </entry>
-<entry><p>Each key belongs to a specific UID. This UID represents the owner
-of the key. Typically the owner of a key is the application which imported
-the key. Only the owner of the key can remove it from the keystore. Additionally
-only the owner can set the users of a key. </p> <p>The owner of the key can
-be changed by <codeph>writedevicedata</codeph> after it is imported, using <codeph>keytool
--m &lt;keyname&gt;</codeph>. All processes that have <codeph>writedevicedata</codeph> capability
-can manipulate the keys. </p> </entry>
-</row>
-<row>
-<entry><p>User </p> </entry>
-<entry><p>The user attribute is a list of application UIDs. Each of those
-UIDs is allowed to use the key to perform a task allowed by its usage attribute,
-for example, sign data, verify a signature, and so on. </p> <p>Each key user
-belongs to a specific UID, which is, by default the process owner. It can
-be set to <codeph>all</codeph> by using <codeph>keytool –a &lt;keyname&gt;</codeph>. </p> </entry>
-</row>
-<row>
-<entry><p>Access Flags </p> </entry>
-<entry><p>Access flags reflect those defined in the PKCS#11 standard. The
-values are: </p> <ul>
-<li id="GUID-F60CF849-BCB3-5081-80FF-4DCA3D3157C5"><p>1. <codeph>Sensitive</codeph> –
-The key can only be exported in encrypted form. A key marked as sensitive
-might have been imported either from a cleartext or encrypted source. </p> </li>
-<li id="GUID-E96569F6-CD01-56B0-98B4-F905F77B58CF"><p>2. <codeph>Extractable</codeph> –
-The key can be exported. </p> </li>
-<li id="GUID-D6003F64-DE79-586B-937C-0AC0AD6110A4"><p>3. <codeph>AlwaysSensitive</codeph> –
-The key has never existed outside the keystore in unencrypted form. This access
-flag is set automatically by the key store. You do not have explicit access
-to it. It will be set only if the key has been imported as Sensitive from
-an encrypted source. </p> </li>
-<li id="GUID-0DCA4585-36AB-5402-9092-6A7C09FD3E1A"><p>4. <codeph>NeverExtractable</codeph> –
-The key cannot be exported, and has never existed outside the keystore. This
-implies that the key was created on the device. </p> </li>
-<li id="GUID-023C2B68-A7EC-5AA4-9428-BF245396B939"><p>5. <codeph>Local</codeph> –
-The key was created on the device, rather than being imported. </p> </li>
-</ul> <p>The access flag can be set only during import and the only the values <codeph>Sensitive</codeph> and <codeph>Extractable</codeph> are
-available to the users. See the section <xref href="GUID-2E02B840-FF86-5535-BA0E-5C4C3B600E9B.dita">Importing
-private keys</xref>. </p> </entry>
-</row>
-<row>
-<entry><p>ID </p> </entry>
-<entry><p>A unique identifier for the key. It is in hexadecimal format. </p> </entry>
-</row>
-<row>
-<entry><p>Label </p> </entry>
-<entry><p>The key label. A human-readable handle for the key. </p> </entry>
-</row>
-<row>
-<entry><p>Native </p> </entry>
-<entry><p>Specifies whether cryptographic operations involving the key will
-be performed on the cryptographic token or outside it. For instance, a hardware
-keystore might provide key storage but no facilities for encryption which
-will then be executed outside the token (native is false). This is always
-true for the Symbian file key store implementation. </p> </entry>
-</row>
-<row>
-<entry><p>Start and End date </p> </entry>
-<entry><p>The period of time when the key is actually valid. The key cannot
-be used outside this time frame. </p> </entry>
-</row>
-</tbody>
-</tgroup>
-</table>
-<p><b>Listing the content of a specific key store implementation </b> </p>
-<p>If the content of only a specific key store implementation is required,
-the list command can be restricted to that implementation using the –store
-option. Suppose the content of the key store implementation with index 0 (see
-the section <xref href="GUID-62AE0683-642D-539A-A590-3D8210591BD9.dita">Working
-with multiple keystore implementations</xref> for details on how to list the
-available key store implementations) is required, you can issue the following
-command: </p>
-<codeblock id="GUID-87B31B6E-C245-5AEA-A1DC-50CF121F6C4E" xml:space="preserve">keytool –store 0 –list</codeblock>
-<p>Depending on the content of the key store implementation with index 0,
-output similar to the following is displayed: </p>
-<codeblock id="GUID-BBAD731C-7A70-5A22-81E9-7534747ED081" xml:space="preserve">Symbian OS KeyStore Manipulation Tool
-Copyright (c) 2004-2009 Nokia Corporation and/or its subsidiary(-ies).  All rights reserved.
-    Algorithm: RSA    Size: 512 bits
-    Usage: Pkcs15 Sign     Code: 0x4
-    Owner: 0x101f7e95
-    User: 0x101f7e95
-    Access Flags: Extractable
-    ID: …
-    Label: rsa1
-    Native: Yes
-    Start Date: not set     End Data: not set
-</codeblock>
-<p>If you try to specify a non-existing key store implementation, the following
-error will occur: </p>
-<codeblock id="GUID-92ADD04D-B22A-55F3-A6F6-3E2747C71B77" xml:space="preserve">Symbian OS KeyStore Manipulation Tool
-Copyright (c) 2004-2009 Nokia Corporation and/or its subsidiary(-ies).  All rights reserved.
-The specified keystore implementation does not exist.
-Error during list!
-Error code KErrArgument.
-</codeblock>
-<p><b>Displaying information about a specific private key </b> </p>
-<p>It is possible to display information about a specific key whose label
-is known. This is useful, for instance, when the key store contains a significant
-amount of keys and only a particular store's keys are required. For example,
-to display information about a key with label “rsa1”, you can issue the command: </p>
-<codeblock id="GUID-C954576F-3E5D-52C7-9A67-795B4758769C" xml:space="preserve">keytool –list rsa1 -d</codeblock>
-<p>Remember that labels are case sensitive. The output should be similar to: </p>
-<codeblock id="GUID-E68F9B25-44F1-5263-A1AE-667129A73C03" xml:space="preserve">Symbian OS KeyStore Manipulation Tool
-Copyright (c) 2004-2009 Nokia Corporation and/or its subsidiary(-ies).  All rights reserved.
-    Algorithm: RSA    Size: 512 bits
-    Usage: Pkcs15 Sign     Code: 0x4
-    Owner: 0x101f7e95
-    User: 0x101f7e95
-    Access Flags: Extractable
-    ID: …
-    Label: rsa1
-    Native: Yes
-    Start Date: not set     End Data: not set
-</codeblock>
-<p>If no key in the key store corresponds to the given label, the following
-error will occur: </p>
-<codeblock id="GUID-28F8EA88-1F84-505B-8863-977A8FDA0632" xml:space="preserve">Symbian OS KeyStore Manipulation Tool
-Copyright (c) 2004-2009 Nokia Corporation and/or its subsidiary(-ies).  All rights reserved.
-Cannot find the specified key.
-</codeblock>
-<p><b>Wildcards </b> </p>
-<p>The list commands supports wildcards (“*” and “?”) on key labels. For instance
-the following command lists information about all keys whose label contains
-the string “dsa”: </p>
-<p><userinput>c:\&gt;keytool –l *dsa*</userinput> </p>
-<table id="GUID-6B2F1F3B-A301-5D0A-923A-CA6D9B04A1C1">
-<tgroup cols="3"><colspec colname="col0"/><colspec colname="col1"/><colspec colname="col2"/>
-<thead>
-<row>
-<entry>Internal name</entry>
-<entry>Algorithm</entry>
-<entry>Key size</entry>
-</row>
-</thead>
-<tbody>
-<row>
-<entry><p> <codeph>ECipherDES_CBC</codeph>  </p> </entry>
-<entry><p> <codeph>DES</codeph>  </p> </entry>
-<entry><p> <codeph>64 bits</codeph>  </p> </entry>
-</row>
-<row>
-<entry><p> <codeph>ECipher3DES_CBC</codeph>  </p> </entry>
-<entry><p> <codeph>Triple DES</codeph>  </p> </entry>
-<entry><p> <codeph>192 bits</codeph>  </p> </entry>
-</row>
-<row>
-<entry><p> <codeph>ECipherRC2_CBC_40</codeph>  </p> </entry>
-<entry><p> <codeph>RC2</codeph>  </p> </entry>
-<entry><p> <codeph>Effective key length 1024 bits</codeph>  </p> </entry>
-</row>
-<row>
-<entry><p> <codeph>ECipherRC2_CBC_128</codeph>  </p> </entry>
-<entry><p> <codeph>RC2</codeph>  </p> </entry>
-<entry><p> <codeph>Effective key length 1024 bits</codeph>  </p> </entry>
-</row>
-<row>
-<entry><p> <codeph>ECipherRC2_CBC_40_16</codeph>  </p> </entry>
-<entry><p> <codeph>RC2</codeph>  </p> </entry>
-<entry><p> <codeph>Effective key length 128 bits</codeph>  </p> </entry>
-</row>
-<row>
-<entry><p> <codeph>ECipherRC2_CBC_128_16</codeph>  </p> </entry>
-<entry><p> <codeph>RC2</codeph>  </p> </entry>
-<entry><p> <codeph>Effective key length 128 bits</codeph>  </p> </entry>
-</row>
-</tbody>
-</tgroup>
-</table></conbody><related-links>
-<link href="GUID-E90A22C7-0AD7-55C4-83BB-165E1AA1E296.dita"><linktext>Removing
-Keys</linktext></link>
+<?xml version="1.0" encoding="utf-8"?>
+<!-- Copyright (c) 2007-2010 Nokia Corporation and/or its subsidiary(-ies) All rights reserved. -->
+<!-- This component and the accompanying materials are made available under the terms of the License 
+"Eclipse Public License v1.0" which accompanies this distribution, 
+and is available at the URL "http://www.eclipse.org/legal/epl-v10.html". -->
+<!-- Initial Contributors:
+    Nokia Corporation - initial contribution.
+Contributors: 
+-->
+<!DOCTYPE concept
+  PUBLIC "-//OASIS//DTD DITA Concept//EN" "concept.dtd">
+<concept id="GUID-6DF71555-1AB0-5B50-9FEA-E775F3AFEF8B" xml:lang="en"><title>Listing
+Keystore Contents</title><prolog><metadata><keywords/></metadata></prolog><conbody>
+<p>The list command is used to display the content of the key store. It can
+be used to display the overall content of all key store implementations, to
+display the content of a specific key store implementation, or to display
+details about a specific key if we know its label. </p>
+<p><b>Listing the content of all key store implementations </b> </p>
+<p>To see all the private keys available on the device, use the command: </p>
+<p><userinput>keytool -list</userinput> </p>
+<p>The output, depending on the actual keys present on the device, will look
+similar to: </p>
+<codeblock id="GUID-1BCFB869-ABA0-5822-9921-071A6D4BD4A9" xml:space="preserve">Symbian OS KeyStore Manipulation Tool
+Copyright (c) 2004-2009 Nokia Corporation and/or its subsidiary(-ies).  All rights reserved.
+Store Label: Software key store
+gm0 is a 512 bits RSA key 
+
+Store Label: Software key store
+gm1 is a 512 bits DSA key 
+
+Store Label: Software key store
+Tls RSAKey is a 1024 bits RSA key
+</codeblock>
+<p>In this case, there are two RSA keys and one DSA key. You can get information
+in addition to the above output by using the –details (-d for short) option: </p>
+<codeblock id="GUID-08D6C409-938E-56D1-B1A2-C154C1193000" xml:space="preserve">keytool –l –d</codeblock>
+<codeblock id="GUID-DB7833DC-E9DE-54F9-B4D3-BAA79BBD5023" xml:space="preserve">keytool –l –d
+Symbian OS KeyStore Manipulation Tool
+Copyright (c) 2004-2009 Nokia Corporation and/or its subsidiary(-ies).  All rights reserved.
+Store Label: Software key store
+Version: 1.00      Serial Number: 0      Manufacturer: Nokia Corporation Store Type: Read only
+        Algorithm: RSA    Size: 512  bits
+        Usage : PKCS15 DecryptSignSignRecover    Code: 0xe 
+        Owner : 0x101f7e95 
+        User : 0x101f7e95 
+        Access flags: Extractable 
+        ID: 4d 15 e9 01 c6 ea ff a0 11 57 05 60 f4 ba 0c 0f 58 db ae e7 
+        Label: gm0
+        Native: Yes 
+        Start date: not set    End date: not set
+</codeblock>
+<p>The following table details the fields that make up the output of the list
+command: </p>
+<table id="GUID-CBBCDC21-3220-52F5-8C4A-460BCBB26EDC">
+<tgroup cols="2"><colspec colname="col0"/><colspec colname="col1"/>
+<thead>
+<row>
+<entry>Output type </entry>
+<entry>Description </entry>
+</row>
+</thead>
+<tbody>
+<row>
+<entry><p>Algorithm </p> </entry>
+<entry><p>The algorithm field shows the type of keys available. The valid
+values are RSA and DSA. </p> </entry>
+</row>
+<row>
+<entry><p>Size </p> </entry>
+<entry><p>The size of the key in bits. For instance, in the example above,
+there are three RSA keys with sizes ranging from 512 to 2048 bits. The maximum
+allowed key size, as of now, is 2048 bits. </p> </entry>
+</row>
+<row>
+<entry><p>Usage </p> </entry>
+<entry><p>The usage attribute specifies the tasks which we can perform with
+the given key. Valid values for usage are: </p> <ul>
+<li id="GUID-A275AD33-178B-50D8-AE3C-7883E75E0A29"><p>sign and signrecover
+for DSA keys </p> </li>
+<li id="GUID-894879F1-4764-552A-8570-A5B1DE5C3C4E"><p>sign, signrecover, decrypt
+and unwrap for RSA keys </p> </li>
+</ul> <p>Usage attributes are set during key import. Attempts to set invalid
+usages will result in an error. </p> </entry>
+</row>
+<row>
+<entry><p>Owner </p> </entry>
+<entry><p>Each key belongs to a specific UID. This UID represents the owner
+of the key. Typically the owner of a key is the application which imported
+the key. Only the owner of the key can remove it from the keystore. Additionally
+only the owner can set the users of a key. </p> <p>The owner of the key can
+be changed by <codeph>writedevicedata</codeph> after it is imported, using <codeph>keytool
+-m &lt;keyname&gt;</codeph>. All processes that have <codeph>writedevicedata</codeph> capability
+can manipulate the keys. </p> </entry>
+</row>
+<row>
+<entry><p>User </p> </entry>
+<entry><p>The user attribute is a list of application UIDs. Each of those
+UIDs is allowed to use the key to perform a task allowed by its usage attribute,
+for example, sign data, verify a signature, and so on. </p> <p>Each key user
+belongs to a specific UID, which is, by default the process owner. It can
+be set to <codeph>all</codeph> by using <codeph>keytool –a &lt;keyname&gt;</codeph>. </p> </entry>
+</row>
+<row>
+<entry><p>Access Flags </p> </entry>
+<entry><p>Access flags reflect those defined in the PKCS#11 standard. The
+values are: </p> <ul>
+<li id="GUID-F60CF849-BCB3-5081-80FF-4DCA3D3157C5"><p>1. <codeph>Sensitive</codeph> –
+The key can only be exported in encrypted form. A key marked as sensitive
+might have been imported either from a cleartext or encrypted source. </p> </li>
+<li id="GUID-E96569F6-CD01-56B0-98B4-F905F77B58CF"><p>2. <codeph>Extractable</codeph> –
+The key can be exported. </p> </li>
+<li id="GUID-D6003F64-DE79-586B-937C-0AC0AD6110A4"><p>3. <codeph>AlwaysSensitive</codeph> –
+The key has never existed outside the keystore in unencrypted form. This access
+flag is set automatically by the key store. You do not have explicit access
+to it. It will be set only if the key has been imported as Sensitive from
+an encrypted source. </p> </li>
+<li id="GUID-0DCA4585-36AB-5402-9092-6A7C09FD3E1A"><p>4. <codeph>NeverExtractable</codeph> –
+The key cannot be exported, and has never existed outside the keystore. This
+implies that the key was created on the device. </p> </li>
+<li id="GUID-023C2B68-A7EC-5AA4-9428-BF245396B939"><p>5. <codeph>Local</codeph> –
+The key was created on the device, rather than being imported. </p> </li>
+</ul> <p>The access flag can be set only during import and the only the values <codeph>Sensitive</codeph> and <codeph>Extractable</codeph> are
+available to the users. See the section <xref href="GUID-2E02B840-FF86-5535-BA0E-5C4C3B600E9B.dita">Importing
+private keys</xref>. </p> </entry>
+</row>
+<row>
+<entry><p>ID </p> </entry>
+<entry><p>A unique identifier for the key. It is in hexadecimal format. </p> </entry>
+</row>
+<row>
+<entry><p>Label </p> </entry>
+<entry><p>The key label. A human-readable handle for the key. </p> </entry>
+</row>
+<row>
+<entry><p>Native </p> </entry>
+<entry><p>Specifies whether cryptographic operations involving the key will
+be performed on the cryptographic token or outside it. For instance, a hardware
+keystore might provide key storage but no facilities for encryption which
+will then be executed outside the token (native is false). This is always
+true for the Symbian file key store implementation. </p> </entry>
+</row>
+<row>
+<entry><p>Start and End date </p> </entry>
+<entry><p>The period of time when the key is actually valid. The key cannot
+be used outside this time frame. </p> </entry>
+</row>
+</tbody>
+</tgroup>
+</table>
+<p><b>Listing the content of a specific key store implementation </b> </p>
+<p>If the content of only a specific key store implementation is required,
+the list command can be restricted to that implementation using the –store
+option. Suppose the content of the key store implementation with index 0 (see
+the section <xref href="GUID-62AE0683-642D-539A-A590-3D8210591BD9.dita">Working
+with multiple keystore implementations</xref> for details on how to list the
+available key store implementations) is required, you can issue the following
+command: </p>
+<codeblock id="GUID-87B31B6E-C245-5AEA-A1DC-50CF121F6C4E" xml:space="preserve">keytool –store 0 –list</codeblock>
+<p>Depending on the content of the key store implementation with index 0,
+output similar to the following is displayed: </p>
+<codeblock id="GUID-BBAD731C-7A70-5A22-81E9-7534747ED081" xml:space="preserve">Symbian OS KeyStore Manipulation Tool
+Copyright (c) 2004-2009 Nokia Corporation and/or its subsidiary(-ies).  All rights reserved.
+    Algorithm: RSA    Size: 512 bits
+    Usage: Pkcs15 Sign     Code: 0x4
+    Owner: 0x101f7e95
+    User: 0x101f7e95
+    Access Flags: Extractable
+    ID: …
+    Label: rsa1
+    Native: Yes
+    Start Date: not set     End Data: not set
+</codeblock>
+<p>If you try to specify a non-existing key store implementation, the following
+error will occur: </p>
+<codeblock id="GUID-92ADD04D-B22A-55F3-A6F6-3E2747C71B77" xml:space="preserve">Symbian OS KeyStore Manipulation Tool
+Copyright (c) 2004-2009 Nokia Corporation and/or its subsidiary(-ies).  All rights reserved.
+The specified keystore implementation does not exist.
+Error during list!
+Error code KErrArgument.
+</codeblock>
+<p><b>Displaying information about a specific private key </b> </p>
+<p>It is possible to display information about a specific key whose label
+is known. This is useful, for instance, when the key store contains a significant
+amount of keys and only a particular store's keys are required. For example,
+to display information about a key with label “rsa1”, you can issue the command: </p>
+<codeblock id="GUID-C954576F-3E5D-52C7-9A67-795B4758769C" xml:space="preserve">keytool –list rsa1 -d</codeblock>
+<p>Remember that labels are case sensitive. The output should be similar to: </p>
+<codeblock id="GUID-E68F9B25-44F1-5263-A1AE-667129A73C03" xml:space="preserve">Symbian OS KeyStore Manipulation Tool
+Copyright (c) 2004-2009 Nokia Corporation and/or its subsidiary(-ies).  All rights reserved.
+    Algorithm: RSA    Size: 512 bits
+    Usage: Pkcs15 Sign     Code: 0x4
+    Owner: 0x101f7e95
+    User: 0x101f7e95
+    Access Flags: Extractable
+    ID: …
+    Label: rsa1
+    Native: Yes
+    Start Date: not set     End Data: not set
+</codeblock>
+<p>If no key in the key store corresponds to the given label, the following
+error will occur: </p>
+<codeblock id="GUID-28F8EA88-1F84-505B-8863-977A8FDA0632" xml:space="preserve">Symbian OS KeyStore Manipulation Tool
+Copyright (c) 2004-2009 Nokia Corporation and/or its subsidiary(-ies).  All rights reserved.
+Cannot find the specified key.
+</codeblock>
+<p><b>Wildcards </b> </p>
+<p>The list commands supports wildcards (“*” and “?”) on key labels. For instance
+the following command lists information about all keys whose label contains
+the string “dsa”: </p>
+<p><userinput>c:\&gt;keytool –l *dsa*</userinput> </p>
+<table id="GUID-6B2F1F3B-A301-5D0A-923A-CA6D9B04A1C1">
+<tgroup cols="3"><colspec colname="col0"/><colspec colname="col1"/><colspec colname="col2"/>
+<thead>
+<row>
+<entry>Internal name</entry>
+<entry>Algorithm</entry>
+<entry>Key size</entry>
+</row>
+</thead>
+<tbody>
+<row>
+<entry><p> <codeph>ECipherDES_CBC</codeph>  </p> </entry>
+<entry><p> <codeph>DES</codeph>  </p> </entry>
+<entry><p> <codeph>64 bits</codeph>  </p> </entry>
+</row>
+<row>
+<entry><p> <codeph>ECipher3DES_CBC</codeph>  </p> </entry>
+<entry><p> <codeph>Triple DES</codeph>  </p> </entry>
+<entry><p> <codeph>192 bits</codeph>  </p> </entry>
+</row>
+<row>
+<entry><p> <codeph>ECipherRC2_CBC_40</codeph>  </p> </entry>
+<entry><p> <codeph>RC2</codeph>  </p> </entry>
+<entry><p> <codeph>Effective key length 1024 bits</codeph>  </p> </entry>
+</row>
+<row>
+<entry><p> <codeph>ECipherRC2_CBC_128</codeph>  </p> </entry>
+<entry><p> <codeph>RC2</codeph>  </p> </entry>
+<entry><p> <codeph>Effective key length 1024 bits</codeph>  </p> </entry>
+</row>
+<row>
+<entry><p> <codeph>ECipherRC2_CBC_40_16</codeph>  </p> </entry>
+<entry><p> <codeph>RC2</codeph>  </p> </entry>
+<entry><p> <codeph>Effective key length 128 bits</codeph>  </p> </entry>
+</row>
+<row>
+<entry><p> <codeph>ECipherRC2_CBC_128_16</codeph>  </p> </entry>
+<entry><p> <codeph>RC2</codeph>  </p> </entry>
+<entry><p> <codeph>Effective key length 128 bits</codeph>  </p> </entry>
+</row>
+</tbody>
+</tgroup>
+</table></conbody><related-links>
+<link href="GUID-E90A22C7-0AD7-55C4-83BB-165E1AA1E296.dita"><linktext>Removing
+Keys</linktext></link>
 </related-links></concept>
\ No newline at end of file