Addition of the PDK content and example code for Documentation_content according to Feature bug 1607 and bug 1608
<?xml version="1.0" encoding="utf-8"?>
<!-- Copyright (c) 2007-2010 Nokia Corporation and/or its subsidiary(-ies) All rights reserved. -->
<!-- This component and the accompanying materials are made available under the terms of the License
"Eclipse Public License v1.0" which accompanies this distribution,
and is available at the URL "http://www.eclipse.org/legal/epl-v10.html". -->
<!-- Initial Contributors:
Nokia Corporation - initial contribution.
Contributors:
-->
<!DOCTYPE reference
PUBLIC "-//OASIS//DTD DITA Reference//EN" "reference.dtd">
<reference id="GUID-C83D7112-0CF4-588D-8A0C-D27AB387F4D3" xml:lang="en"><title>certapp
Reference</title><shortdesc>The <codeph>certapp</codeph> tool is a PC command line utility
which converts certificate store files between text and binary formats, and
vice versa. </shortdesc><prolog><metadata><keywords/></metadata></prolog><refbody>
<refsyn><title>Syntax</title> <p><userinput>certapp <parmname>general_options</parmname> <cmdname>input_files
-out output_files</cmdname> </userinput> </p> <p>It is essential that you
specify at least one input file name and an output file name with <codeph>certapp</codeph>.
If you specify input files but do not specify any output file, the tool only
reads the input file data and displays the same. No output file is created
to hold the displayed data. </p> <p>The following sub-sections provide information
on specifying general options, and specifying input or output file arguments
as command-line arguments with <codeph>certapp</codeph>. </p> <p><b>General
options</b> </p> <p>The following table summarises the general options that
can be specified as command-line arguments: </p> <table id="GUID-2317E69A-A923-5A1E-8E81-197A6A012D62">
<tgroup cols="2"><colspec colname="col0"/><colspec colname="col1"/>
<tbody>
<row>
<entry><p> <b>Name</b> </p> </entry>
<entry><p> <b>Description</b> </p> </entry>
</row>
<row>
<entry><p> <codeph>-h</codeph> </p> </entry>
<entry><p>Displays the usage message. </p> </entry>
</row>
<row>
<entry><p> <codeph>--progress=filename</codeph> </p> </entry>
<entry><p>Saves progress output to a specified file. </p> </entry>
</row>
<row>
<entry><p> <codeph>--errors=filename</codeph> </p> </entry>
<entry><p>Saves error output to a specified file. </p> </entry>
</row>
<row>
<entry><p> <codeph>--verbose</codeph> </p> </entry>
<entry><p>Includes additional debug comments in output files. </p> </entry>
</row>
<row>
<entry><p> <codeph>--license</codeph> </p> </entry>
<entry><p>Displays license information. </p> </entry>
</row>
<row>
<entry><p> <codeph>--pemout</codeph> </p> </entry>
<entry><p>Displays certificates in PEM format. (The format is auto-detected
when reading.) </p> </entry>
</row>
<row>
<entry nameend="col1" namest="col0"><p> <b>Note:</b> If you do not specify
any file name with <codeph>--progress</codeph> or <codeph>--errors</codeph> options,
the respective outputs are written to default progress or error text files.
If the file names specified with the <codeph>errors</codeph> and <codeph>progress</codeph> options
are identical, their outputs are merged. </p> </entry>
</row>
</tbody>
</tgroup>
</table> <p><b>Input and output file arguments</b> </p> <p>In the <codeph>certapp</codeph> syntax,
the files specified before the <codeph>-out</codeph> argument are input files
while those after the argument are output files. You can use the <codeph>-in</codeph> option
to specify additional input files at the end of the command line. </p> <p>The
following table summarises the input and output file arguments that can be
specified at the command line: </p> <table id="GUID-B9761515-2EC2-513B-8141-72682F9891F3">
<tgroup cols="2"><colspec colname="col0"/><colspec colname="col1"/>
<tbody>
<row>
<entry><p> <b>Name</b> </p> </entry>
<entry><p> <b>Description</b> </p> </entry>
</row>
<row>
<entry><p> <codeph>--bswicertstore=filename</codeph> </p> </entry>
<entry><p>Specifies a binary SWI certificate store file. </p> </entry>
</row>
<row>
<entry><p> <codeph>--hswicertstore=filename</codeph> </p> </entry>
<entry><p>Specifies a human-readable SWI certificate store file. </p> </entry>
</row>
<row>
<entry><p> <codeph>--bfilecertstore=filename</codeph> </p> </entry>
<entry><p>Specifies a binary file of the file certificate store. </p> </entry>
</row>
<row>
<entry><p> <codeph>--hfilecertstore=filename</codeph> </p> </entry>
<entry><p>Specifies a human-readable file of the file certificate store. </p> </entry>
</row>
<row>
<entry><p> <codeph>--bcertclients=filename</codeph> </p> </entry>
<entry><p>Specifies a binary certificate clients file. </p> </entry>
</row>
<row>
<entry><p> <codeph>--hcertclients=filename</codeph> </p> </entry>
<entry><p>Specifies a human-readable certificate clients file. </p> </entry>
</row>
<row>
<entry><p> <codeph>--out</codeph> </p> </entry>
<entry><p>Files listed after <codeph>–out</codeph> are output files. </p> </entry>
</row>
<row>
<entry><p> <codeph>--in</codeph> </p> </entry>
<entry><p>Specifies input files listed in the command line. Files listed after
–in are input files. </p> <p> <b>Note:</b> <codeph>--in</codeph> is not required
when input files are specified before output files. It may be used to specify
additional input files after output files. </p> </entry>
</row>
<row>
<entry><p> <codeph>--chdir=dirname</codeph> </p> </entry>
<entry><p>Changes directory for the specified input or output files. </p> </entry>
</row>
</tbody>
</tgroup>
</table> <p>Consider the following while specifying input and output file
command-line arguments: </p> <ul>
<li id="GUID-8C36BA85-E4D3-5F96-8BC0-60991C11A085"><p>Information in file
certificate store and SWI certificate store files can depend on information
contained in the certificate client files. Therefore, all the certificate
client files are read before the other certificate store files. </p> </li>
<li id="GUID-5D3C1156-B924-5CA8-A28A-A88E4BDAF345"><p>You can use the <codeph>--chdir</codeph> option
to change to the current directory for reading or writing files. You can also
use this option to read input files from one directory and write all output
files to a different directory or to multiple directories. </p> </li>
</ul> <p> <b> Important:</b> Duplicate entries should not be included in certificate
store files. If duplicate entries are detected in a certificate store file,
then this is reported as a fatal error. </p> <p>For file certificate store
or SWI certificate store files, duplicates are determined by labels. For certificate
client files, duplicates are determined by the client application name (that
is, multiple client application names can map to a single UID, but not vice
versa). </p></refsyn>
<example><title>Example</title> <p>The following is an example for dumping
a SWI certificate store (<codeph>swicertstore.dat</codeph>) into human-readable
form (<codeph>swicertstore.txt</codeph>). The input files are <codeph>swicertstore.dat</codeph> and <codeph>certclients.dat</codeph> which
maps the application UIDs in the certificates to application description strings.
The <codeph>certclients.dat</codeph> file is provided as input so that the
tool can dump the certificate application-related metadata in the form of
text and not as a series of UIDs. </p> <codeblock id="GUID-1368ED7C-8D15-598F-9A46-6358C2631786" xml:space="preserve">certapp --bcertclients=certclients.dat --bswicertstore=swicertstore.dat --out
--hcertclients=certclients.txt --hswicertstore=swicertstore.txt</codeblock> </example>
</refbody><related-links>
<link href="GUID-04FB9E08-DDFE-53B1-B8E1-687A1AEC4286.dita"><linktext>Security
Tools Overview</linktext></link>
</related-links></reference>