Command Line Interface
Quantum Origin provides a command line utility (QO-CLI) which can be used to generate calls and decrypt data received from the Quantum Origin RESTful API endpoints.
Firstly, we give an overview of the different commands available when using the QO-CLI. Then in the subsequent section we give a range of examples for each use case.
Note
The examples on this page use the UK server. You must use the server you were enrolled onto.
QO-CLI Commands
$ qo --help
Usage: qo [OPTIONS] [SUBCOMMAND]
Options:
Option |
Rules |
Description |
|---|---|---|
--version |
Display program version information and exit |
|
-h,--help |
Print this help message and exit |
|
-H,--help-all |
Display help for all commands & options |
|
--config |
TEXT |
Location of config.yml file |
-l,--log |
TEXT:
{trace,debug,info,
off,warn,err,critical}
|
Level of logging to use
|
Subcommands:
Subcommand |
Description |
|---|---|
keydecrypt, kd |
Decrypt a received key |
keygen, kg |
Generate a new key |
onboard, ob |
Perform onboarding |
randomness, rd |
Retrieve randomness from QO API |
usage, us |
Get usage into from QO |
$ qo keydecrypt --help
Decrypt a received key.
Usage: qo keydecrypt [OPTIONS]
Options:
Option |
Description |
|---|---|
-h, --help |
Print this help message and exit |
-t, --keytype |
TEXT:value. See below for supported types |
keyTypeSupported
-t,–keytype TEXT:value in {SPHINCS-SHAKE256-256S-SIMPLE,SPHINCS-SHAKE256-256F-ROBUST,SPHINCS-SHAKE256-192S-SIMPLE,SPHINCS-SHAKE256-256F-SIMPLE, SPHINCS-SHAKE256-128S-SIMPLE,SPHINCS-SHA256-192F-ROBUST,SPHINCS-SHA256-128S-ROBUST,SPHINCS-SHA256-128F-SIMPLE, SPHINCS-HARAKA-256S-SIMPLE,SPHINCS-HARAKA-256F-SIMPLE,SPHINCS-HARAKA-256F-ROBUST,SPHINCS-HARAKA-192S-ROBUST, SPHINCS-HARAKA-192F-ROBUST,SPHINCS-HARAKA-128S-SIMPLE,SPHINCS-HARAKA-128S-ROBUST,FALCON-1024,SPHINCS-HARAKA-192F-SIMPLE, FALCON-512,SPHINCS-SHA256-192F-SIMPLE,SPHINCS-HARAKA-256S-ROBUST,RAINBOW-V-COMPRESSED,RAINBOW-V-CIRCUMZENITHAL, RAINBOW-V-CLASSIC,RAINBOW-III-COMPRESSED,RAINBOW-III-CLASSIC,RAINBOW-I-CIRCUMZENITHAL,RAINBOW-I-CLASSIC,DILITHIUM5-AES, SPHINCS-SHA256-256S-ROBUST,DILITHIUM3-AES,DILITHIUM2-AES,DILITHIUM5,DILITHIUM3,SPHINCS-SHAKE256-128S-ROBUST, DILITHIUM2,SPHINCS-SHAKE256-128F-ROBUST,BIKE-L3,BIKE-L1,SPHINCS-SHA256-256S-SIMPLE,SPHINCS-SHA256-256F-SIMPLE, HQC-256,HQC-192,SPHINCS-SHAKE256-256S-ROBUST,HQC-128,SNTRUP-761,SNTRUP-653,NTRULPR-1277,SPHINCS-SHAKE256-192F-SIMPLE, NTRULPR-761,NTRU-HRSS-701,SPHINCS-SHAKE256-192S-ROBUST,NTRU-4096-821,SPHINCS-HARAKA-128F-ROBUST, NTRU-2048-677,NTRU-2048-509,SNTRUP-1277,KYBER768-90S,KYBER1024-90S,KYBER1024,NTRULPR-653,KYBER512-90S, KYBER512,SNTRUP-857,CLASSIC-MCELIECE-8192128F,CLASSIC-MCELIECE-6960119F,CLASSIC-MCELIECE-6960119, CLASSIC-MCELIECE-6688128F,CLASSIC-MCELIECE-460896,SPHINCS-SHA256-128S-SIMPLE,CLASSIC-MCELIECE-348864F, KYBER768,CLASSIC-MCELIECE-348864,LIGHTSABER,SPHINCS-SHAKE256-128F-SIMPLE,NTRULPR-857,FIRESABER,SABER, SPHINCS-SHA256-256F-ROBUST,EC-X25519,SPHINCS-SHA256-128F-ROBUST,CLASSIC-MCELIECE-460896F,EC-SECP521R1,EC-SECP384R1, EC-SECP256R1,EC-SECP256K1,EC-SECP224R1,EC-SECP224K1,EC-SECP192R1,CLASSIC-MCELIECE-6688128,EC-BP512R1,EC-BP384R1, CLASSIC-MCELIECE-8192128,EC-BP256R1,RAINBOW-I-COMPRESSED,RSA-4096,RSA-3072,SPHINCS-SHA256-192S-SIMPLE,SPHINCS-HARAKA-192S-SIMPLE, RSA-2048,SPHINCS-HARAKA-128F-SIMPLE,AES-256,EC-SECP192K1,AES-192, RAINBOW-III-CIRCUMZENITHAL,AES-128,SPHINCS-SHAKE256-192F-ROBUST,SPHINCS-SHA256-192S-ROBUST,RAND} OR {}
Using Supplied Response:
Option |
Rules |
Description |
|---|---|---|
-i, --inputfile |
TEXT:FILE Excludes:
--seedformat
--seed
--encryptedkeyformat
--encryptedkey
--counter
|
Fully qualified filename from where to read the keygen response.
|
-N, --nonceformat |
TEXT:{base64,hex}
Needs: --nonce
|
The format of the supplied --nonce value.
|
-n, --nonce |
TEXT REQUIRED as option
or as QO_NONCE env-var
|
The nonce that was used in the original request.
|
-K,
--sharedsecretformat
|
TEXT:{base64,hex}
Needs: --sharedsecret
|
The format of the supplied --sharedsecret value.
|
-k, --sharedsecret |
TEXT REQUIRED as option
or as QO_SECRET env-var
|
The sharedSecret value (as provided during onboarding) to be used to decrypt the response.
|
Output:
Option |
Rules |
Description |
|---|---|---|
-O,
--outputformat
|
TEXT:
{pem,base64,
hex,jwk,raw}
|
The format of the output.
|
-o, --outputfile |
TEXT |
Fully qualified filename of where to write the decrypted key.
|
Using Pre-parsed Response:
Option |
Rules |
Description |
|---|---|---|
-S, --seedformat |
TEXT:{base64,hex}
Needs: --seed
Needs: --encryptedkey
Excludes: --inputfile
|
The format of the supplied --seed value.
|
-s, --seed |
TEXT
Needs: --encryptedkey
Excludes: --inputfile
|
The seed value as received in the keygen response.
|
-E,
--encrypteddataformat
--encryptedkeyformat
|
TEXT:{base64,hex}
Needs: --seed
Needs: --encryptedkey
Excludes: --inputfile
|
The format of the supplied --encryptedkey/data value. * Options: base64, hex * Optional * Default: base64 |
-e,
--encrypteddata,
--encryptedkey
|
TEXT
Needs: --seed
Excludes: --inputfile
|
Encrypted value as received in the keygen response as “encrypted_data” (or “encrypted_key”).
|
-c, --counter |
UINT
Needs: --seed
Needs: --encryptedkey
Excludes: --inputfile
|
The starting counter value as received in the keygen response.
|
$ qo keygen --help
Generate a new key.
Usage: qo keygen [OPTIONS]
Options:
Option |
Description |
|---|---|
-h, --help |
Print this help message and exit |
Authentication:
Option |
Rules |
Description |
|---|---|---|
-c, --cert |
TEXT:FILE REQUIRED
or as QO_CERT env-var
|
Certificate to be used in the request
|
-z, --certkey |
TEXT:FILE REQUIRED
or as QO_KEY env-var
|
Certificates private key.
|
-A, --apikey |
TEXT
or as QO_API_KEY env-var
|
QO API Key, required for authentication with the API |
-C, --client_id |
TEXT
or as QO_CLIENT_ID env-var
|
Client ID of the onboarded user |
API:
Option |
Rules |
Description |
|---|---|---|
-u, --url |
TEXT:FILE REQUIRED
or as QO_URL as env-var
|
URL of the QO API |
Output:
Option |
Rules |
Description |
|---|---|---|
-O, --outputformat |
TEXT:
{pem,base64,hex,jwk,raw}
|
The format of the output.
|
-o, --outputfile |
TEXT |
Fully qualified filename of where to write the decrypted key.
|
KeyGen:
Usage: qo keygen [OPTIONS] [SUBCOMMAND]
Option |
Rules |
Description |
|---|---|---|
-t,--keytype |
TEXT |
Type of key requested.
|
-a, --keyalg |
TEXT
{AES,RSA,EC,CLASSICAL-MCELIECE
DILITHIUM, FALCON, HQC,
BIKE, NTRU-PRIME,SPHINCS}
|
Key generation algorithm requested.
|
-p, --keyparameters |
TEXT |
The key’s parameters as JSON.
|
supported parameters
-t option |
-a option |
-p option |
|---|---|---|
AES-128 |
AES |
{ \”size \”: 128} |
AES-192 |
AES |
{ \”size \”: 192} |
AES-256 |
AES |
{ \”size \”: 256} |
RSA-2048 |
RSA |
{ \”size \”: 2048} |
RSA-3072 |
RSA |
{ \”size \”: 3072} |
RSA-4096 |
RSA |
{ \”size \”: 4096} |
EC-BP256R1 |
EC |
{ \”curve \”: \”BP256r1 \” } |
EC-BP384R1 |
EC |
{ \”curve \”: \”BP384r1 \” } |
EC-BP512R1 |
EC |
{ \”curve \”: \”BP512r1 \” } |
EC-SECP192K1 |
EC |
{ \”curve \”: \”SecP192k1 \” } |
EC-SECP192R1 |
EC |
{ \”curve \”: \”SecP192r1 \” } |
EC-SECP224K1 |
EC |
{ \”curve \”: \”SecP224k1 \” } |
EC-SECP224R1 |
EC |
{ \”curve \”: \”SecP224r1 \” } |
EC-SECP256K1 |
EC |
{ \”curve \”: \”SecP256k1 \” } |
EC-SECP256R1 |
EC |
{ \”curve \”: \”SecP256k1 \” } |
EC-SECP384R1 |
EC |
{ \”curve \”: \”SecP284r1 \” } |
EC-SECP521R1 |
EC |
{ \”curve \”: \”SecP521r1 \” } |
EC-X25519 |
EC |
{ \”curve \”: \”X25519 \” } |
CLASSIC-MCELIECE-348864 |
CLASSIC-MCELIECE |
{ \”variant \”: \”CLASSIC-MCELIECE-348864 \”} |
CLASSIC-MCELIECE-348864F |
CLASSIC-MCELIECE |
{ \”variant \”: \”CLASSIC-MCELIECE-348864F \”} |
CLASSIC-MCELIECE-460896 |
CLASSIC-MCELIECE |
{ \”variant \”: \”CLASSIC-MCELIECE-460896 \”} |
CLASSIC-MCELIECE-460896F |
CLASSIC-MCELIECE |
{ \”variant \”: \”CLASSIC-MCELIECE-460896 \”} |
CLASSIC-MCELIECE-6688128 |
CLASSIC-MCELIECE |
{ \”variant \”: \”CLASSIC-MCELIECE-6688128 \”} |
CLASSIC-MCELIECE-6688128F |
CLASSIC-MCELIECE |
{ \”variant \”: \”CLASSIC-MCELIECE-6688128F \”} |
CLASSIC-MCELIECE-6960119 |
CLASSIC-MCELIECE |
{ \”variant \”: \”CLASSIC-MCELIECE-6960119 \”} |
CLASSIC-MCELIECE-6960119F |
CLASSIC-MCELIECE |
{ \”variant \”: \”CLASSIC-MCELIECE-690119F \”} |
CLASSIC-MCELIECE-8192128 |
CLASSIC-MCELIECE |
{ \”variant \”: \”CLASSIC-MCELIECE-8192128 \”} |
CLASSIC-MCELIECE-8192128F |
CLASSIC-MCELIECE |
{ \”variant \”: \”CLASSIC-MCELIECE-8192128F \”} |
KYBER512 |
KYBER |
{ \”variant \”: \”KYBER512 \” } |
KYBER512-90S |
KYBER |
{ \”variant \”: \”KYBER512-90S \” } |
KYBER1024 |
KYBER |
{ \”variant \”: \”KYBER1024 \” } |
KYBER1024-90S |
KYBER |
{ \”variant \”: \”KYBER1024-90S \” } |
KYBER768 |
KYBER |
{ \”variant \”: \”KYBER768 \” } |
KYBER768-90S |
KYBER |
{ \”variant \”: \”KYBER768-90S \” } |
NTRULPR-653 |
NTRU-PRIME |
{ \”variant \”: \”NTRULPR-653 \”} |
NTRULPR-761 |
NTRU-PRIME |
{ \”variant \”: \”NTRULPR-761 \”} |
NTRULPR-857 |
NTRU-PRIME |
{ \”variant \”: \”NTRULPR-857 \”} |
NTRULPR-1277 |
NTRU-PRIME |
{ \”variant \”: \”NTRULPR-1277 \”} |
HQC-128 |
HQC |
{ \”variant \”: \”HQC-128 \”} |
HQC-192 |
HQC |
{ \”variant \”: \”HQC-192 \”} |
HQC-256 |
HQC |
{ \”variant \”: \”HQC-256 \”} |
BIKE-L1 |
BIKE |
{ \”variant \”: \”BIKE-L1 \” } |
BIKE-L3 |
BIKE |
{ \”variant \”: \”BIKE-L3 \” } |
DILITHIUM2 |
DILITHIUM |
{ \”variant \”: \”DILITHIUM2 \” } |
DILITHIUM3 |
DILITHIUM |
{ \”variant \”: \”DILITHIUM3 \” } |
DILITHIUM5 |
DILITHIUM |
{ \”variant \”: \”DILITHIUM5 \” } |
DILITHIUM2-AES |
DILITHIUM |
{ \”variant \”: \”DILITHIUM2-AES \” } |
DILITHIUM3-AES |
DILITHIUM |
{ \”variant \”: \”DILITHIUM3-AES \” } |
DILITHIUM5-AES |
DILITHIUM |
{ \”variant \”: \”DILITHIUM5-AES \” } |
FALCON-512 |
FALCON |
{ \”variant \”: \”FALCON-512 \” } |
FALCON-1024 |
FALCON |
{ \”variant \”: \”FALCON-1024 \” } |
SPHINCS-HARAKA-128F-ROBUST |
SPHINCS |
{ \”variant \”: \”SPHINCS-HARAKA-128F-ROBUST \” } |
SPHINCS-HARAKA-128F-SIMPLE |
SPHINCS |
{ \”variant \”: \”SPHINCS-HARAKA-128F-SIMPLE \” } |
SPHINCS-HARAKA-128S-ROBUST |
SPHINCS |
{ \”variant \”: \”SPHINCS-HARAKA-128S-ROBUST \” } |
SPHINCS-HARAKA-128S-SIMPLE |
SPHINCS |
{ \”variant \”: \”SPHINCS-HARAKA-128S-SIMPLE \” } |
SPHINCS-HARAKA-192F-ROBUST |
SPHINCS |
{ \”variant \”: \”SPHINCS-HARAKA-192F-ROBUST \” } |
SPHINCS-HARAKA-192F-SIMPLE |
SPHINCS |
{ \”variant \”: \”SPHINCS-HARAKA-192F-SIMPLE \” } |
SPHINCS-HARAKA-192S-ROBUST |
SPHINCS |
{ \”variant \”: \”SPHINCS-HARAKA-192S-ROBUST \” } |
SPHINCS-HARAKA-192S-SIMPLE |
SPHINCS |
{ \”variant \”: \”SPHINCS-HARAKA-192S-SIMPLE \” } |
SPHINCS-HARAKA-256F-ROBUST |
SPHINCS |
{ \”variant \”: \”SPHINCS-HARAKA-256F-ROBUST \” } |
SPHINCS-HARAKA-256F-SIMPLE |
SPHINCS |
{ \”variant \”: \”SPHINCS-HARAKA-256F-SIMPLE \” } |
SPHINCS-HARAKA-256S-ROBUST |
SPHINCS |
{ \”variant \”: \”SPHINCS-HARAKA-256S-ROBUST \” } |
SPHINCS-HARAKA-256S-SIMPLE |
SPHINCS |
{ \”variant \”: \”SPHINCS-HARAKA-256S-SIMPLE \” } |
SPHINCS-SHA256-128F-ROBUST |
SPHINCS |
{ \”variant \”: \”SPHINCS-SHA256-128F-ROBUST \” } |
SPHINCS-SHA256-128F-SIMPLE |
SPHINCS |
{ \”variant \”: \”SPHINCS-SHA256-128F-SIMPLE \” } |
SPHINCS-SHA256-128S-ROBUST |
SPHINCS |
{ \”variant \”: \”SPHINCS-SHA256-128S-ROBUST \” } |
SPHINCS-SHA256-128S-SIMPLE |
SPHINCS |
{ \”variant \”: \”SPHINCS-SHA256-128S-SIMPLE \” } |
SPHINCS-SHA256-192F-ROBUST |
SPHINCS |
{ \”variant \”: \”SPHINCS-SHA256-192F-ROBUST \” } |
SPHINCS-SHA256-192F-SIMPLE |
SPHINCS |
{ \”variant \”: \”SPHINCS-SHA256-192F-SIMPLE \” } |
SPHINCS-SHA256-192S-ROBUST |
SPHINCS |
{ \”variant \”: \”SPHINCS-SHA256-192S-ROBUST \” } |
SPHINCS-SHA256-192S-SIMPLE |
SPHINCS |
{ \”variant \”: \”SPHINCS-SHA256-192S-SIMPLE \” } |
SPHINCS-SHA256-256F-ROBUST |
SPHINCS |
{ \”variant \”: \”SPHINCS-SHA256-256F-ROBUST \” } |
SPHINCS-SHA256-256F-SIMPLE |
SPHINCS |
{ \”variant \”: \”SPHINCS-SHA256-256F-SIMPLE \” } |
SPHINCS-SHA256-256S-ROBUST |
SPHINCS |
{ \”variant \”: \”SPHINCS-SHA256-256S-ROBUST \” } |
SPHINCS-SHA256-256S-SIMPLE |
SPHINCS |
{ \”variant \”: \”SPHINCS-SHA256-256S-SIMPLE \” } |
SPHINCS-SHAKE256-128F-ROBUST |
SPHINCS |
{ \”variant \”: \”SPHINCS-SHAKE256-128F-ROBUST \” } |
SPHINCS-SHAKE256-128F-SIMPLE |
SPHINCS |
{ \”variant \”: \”SPHINCS-SHAKE256-128F-SIMPLE \” } |
SPHINCS-SHAKE256-128S-ROBUST |
SPHINCS |
{ \”variant \”: \”SPHINCS-SHAKE256-128S-ROBUST \” } |
SPHINCS-SHAKE256-128S-SIMPLE |
SPHINCS |
{ \”variant \”: \”SPHINCS-SHAKE256-128S-SIMPLE \” } |
SPHINCS-SHAKE256-192F-ROBUST |
SPHINCS |
{ \”variant \”: \”SPHINCS-SHAKE256-192F-ROBUST \” } |
SPHINCS-SHAKE256-192F-SIMPLE |
SPHINCS |
{ \”variant \”: \”SPHINCS-SHAKE256-192F-SIMPLE \” } |
SPHINCS-SHAKE256-192S-ROBUST |
SPHINCS |
{ \”variant \”: \”SPHINCS-SHAKE256-192S-ROBUST \” } |
SPHINCS-SHAKE256-192S-SIMPLE |
SPHINCS |
{ \”variant \”: \”SPHINCS-SHAKE256-192S-SIMPLE \” } |
SPHINCS-SHAKE256-256F-ROBUST |
SPHINCS |
{ \”variant \”: \”SPHINCS-SHAKE256-256F-ROBUST \” } |
SPHINCS-SHAKE256-256F-SIMPLE |
SPHINCS |
{ \”variant \”: \”SPHINCS-SHAKE256-256F-SIMPLE \” } |
SPHINCS-SHAKE256-256S-ROBUST |
SPHINCS |
{ \”variant \”: \”SPHINCS-SHAKE256-256S-ROBUST \” } |
SPHINCS-SHAKE256-256S-SIMPLE |
SPHINCS |
{ \”variant \”: \”SPHINCS-SHAKE256-256S-SIMPLE \” } |
Decryption:
Subcommand |
Rules |
Description |
|---|---|---|
-N, --nonceformat |
TEXT:{base64,hex}
Needs: --nonce
|
The format of the supplied --nonce value.
|
-n, --nonce |
TEXT REQUIRED as option
or as QO_NONCE env-var.
|
The nonce that was used in the original request.
|
-K, --sharedsecretformat |
TEXT:{base64,hex}
Needs: --sharedsecret
|
The format of the supplied --sharedsecret value.
|
-k, --sharedsecret |
TEXT REQUIRED as option
or as QO_SECRET env-var
|
The sharedSecret value (as provided during onboarding) to be used to decrypt the response.
|
$ qo onboard --help
Perform onboarding
Usage: qo onboard [OPTIONS]
Options:
Option |
Rules |
Description |
|---|---|---|
-h, --help |
Print this help message and exit |
|
-u, --url |
TEXT REQUIRED
or QO_URL as env_var
|
URL of server to perform onboarding |
-a, --api-key |
TEXT REQUIRED |
The API key used in the header of the request |
-s, --secret |
TEXT REQUIRED |
Onboarding authentication secret |
$ qo randomness --help
Retrieve randomness from QO API
Usage: qo randomness [OPTIONS] [randSize]
- Positionals:
randSize [INT]: Number of bytes of randomness. Default = 128. Range = [1 - 2097152]
Options:
Option |
Description |
|---|---|
-h, --help |
Print this help message and exit |
Authentication:
Option |
Rules |
Description |
|---|---|---|
-c, --cert |
TEXT:FILE REQUIRED
or as QO_CERT env-var
|
Certificate to be used in the request
|
-z, --certkey |
TEXT:FILE REQUIRED
or as QO_KEY env-var
|
Certificates private key.
|
-A, --apikey |
TEXT
or as QO_API_KEY env-var
|
QO API Key, required for authentication with the API |
-C, --client_id |
TEXT
or as QO_CLIENT_ID env-var
|
Client ID of the onboarded user |
API:
Option |
Rules |
Description |
|---|---|---|
-u, --url |
TEXT:FILE REQUIRED
or as QO_URL as env-var
|
URL of the QO API |
Output:
Option |
Rules |
Description |
|---|---|---|
-O, --outputformat |
TEXT:
{pem,base64,
hex,jwk,raw}
|
The format of the output.
|
-o, --outputfile |
TEXT |
Fully qualified filename of where to write the decrypted key.
|
Decryption:
Subcommand |
Rules |
Description |
|---|---|---|
-N, --nonceformat |
TEXT:{base64,hex}
Needs: --nonce
|
The format of the supplied --nonce value.
|
-n, --nonce |
TEXT REQUIRED as option
or as QO_NONCE env-var.
|
The nonce that was used in the original request.
|
-K, --sharedsecretformat |
TEXT:{base64,hex}
Needs: --sharedsecret
|
The format of the supplied --sharedsecret value.
|
-k, --sharedsecret |
TEXT REQUIRED as option
or as QO_SECRET env-var.
|
The sharedSecret value (as provided during onboarding) to be used to decrypt the response.
|
QO-CLI Examples
Note
In the following sections we assume the QO-CLI binary installed on your machine can be executed via the command
./qo.
For the below examples one can generate the environment variables as follows, see QuickStart for help on ascertaining your <end-point-url>
$ export QO_URL=<end-point-url>
$ export QO_API_KEY=<your-api-key>
$ export QO_KEY=<your cert key.pem file>
$ export QO_CERT=<your cert.pem file>
$ export QO_SECRET=<your-shared-secret>
$ export QO_NONCE=<your-nonce>
Also we use the following config file
key_parameters:
nonce_format: base64
nonce: <your nonce>
key_type: AES-256
shared_secret_format: hex
shared_secret: <your-shared-secret-hex>
credentials:
certificate: <your certificate file>
private_key: <your private key file>
api_key: <your api key>
url: <end-point-url>
general:
logging: off
output_format: pem
output_filename: key.txt
Or alternatively
key_parameters:
nonce_format: base64
nonce: <your nonce>
key_algorithm: AES
key_parameters: '{ "size": 256 }'
shared_secret_format: hex
shared_secret: <your-shared-secret-hex>
credentials:
certificate: <your certificate file>
private_key: <your private key file>
api_key: <your api key>
url: <end-point-url>
general:
logging: off
output_format: pem
output_filename: key.txt
Examples - qo keygen
$ ./qo keygen --cert <your cert.pem file> --certkey <your key.pem file> --api-key <your-api-key> -a AES -p "{\"size\": 256}"
-u <end-point-url>/keygen -k <your-shared-secret> -K hex -o key.txt
$ ./qo keygen --cert <your cert.pem file> --certkey <your key.pem file> --api-key <your-api-key> -t AES-256
-u <end-point-url>/keygen -k <your-shared-secret> -K hex -o key.txt
$ ./qo keygen --cert <your cert.pem file> --certkey <your key.pem file> --api-key <your-api-key> -t AES-256
-u <end-point-url>/keygen -k <your-shared-secret> -K hex -o key.txt
$ ./qo keygen -t AES-256 -K hex -o key.txt
$ ./qo keygen --config configA.cfg
Examples - qo keydecrypt
$ ./qo keydecrypt -N hex -K hex -E hex -S hex -O hex -e <encrypted-data> -s <seed-data> -o decrypted.txt
$ echo -n '{"content_type":"SPHINCS-HARAKA-128F-ROBUST","counter":0,"encrypted_data":"ZS1MHBFdwmKdjt0KtMRyZiHen+s[...]eCQ9iWVZpGeN5oLn6DA==","seed":"/bLNQdryejWsXDS0dch0caTlCZH9tKab0/wPrIObYbUBXti2"}'
| ./qo keydecrypt -N hex -K hex -O pem -o decrypted.txt
Examples - qo onboard
$ ./qo onboard --api-key <your-api-key> --secret <your-secret> -u <end-point-url>
Examples - qo randomness
$ qo ra -K hex -o stdout -O hex -l 3
$ qo ra 32 -K hex -o stdout -O hex -l 3
QO-CLI Licenses and Credits
Please see the link QO-CLI - Licenses and Credits section on the legal page.