+++ /dev/null
-Content-type: text/html
-
-<HTML><HEAD><TITLE>Manpage of IPSEC_RSASIGKEY</TITLE>
-</HEAD><BODY>
-<H1>IPSEC_RSASIGKEY</H1>
-Section: Maintenance Commands (8)<BR>Updated: 22 July 2001<BR><A HREF="#index">Index</A>
-<A HREF="http://localhost/cgi-bin/man/man2html">Return to Main Contents</A><HR>
-
-
-<A NAME="lbAB"> </A>
-<H2>NAME</H2>
-
-ipsec rsasigkey - generate RSA signature key
-<A NAME="lbAC"> </A>
-<H2>SYNOPSIS</H2>
-
-<B>ipsec</B>
-
-<B>rsasigkey</B>
-
-[
-<B>--verbose</B>
-
-] [
-<B>--random</B>
-
-filename
-]
-<B>\</B>
-
-<BR>
-
- [
-<B>--rounds</B>
-
-nr
-] [
-<B>--hostname</B>
-
-host ] [
-<B>--noopt</B>
-
-] nbits
-<BR>
-
-<B>ipsec</B>
-
-<B>rsasigkey</B>
-
-[
-<B>--verbose</B>
-
-] [
-<B>--hostname</B>
-
-host ]
-<B>\</B>
-
-<BR>
-
-
-[
-<B>--noopt</B>
-
-]
-<B>--oldkey</B>
-
-file
-<A NAME="lbAD"> </A>
-<H2>DESCRIPTION</H2>
-
-<I>Rsasigkey</I>
-
-generates an RSA public/private key pair,
-suitable for digital signatures,
-of (exactly)
-<I>nbits</I>
-
-bits (that is, two primes each of exactly
-<I>nbits</I>/2
-
-bits,
-and related numbers)
-and emits it on standard output as ASCII (mostly hex) data.
-<I>nbits</I>
-
-must be a multiple of 16.
-<P>
-
-The public exponent is forced to the value
-<B>3</B>,
-
-which has important speed advantages for signature checking.
-Beware that the resulting keys have known weaknesses as encryption keys
-<I>and should not be used for that purpose</I>.
-<P>
-
-The
-<B>--verbose</B>
-
-option makes
-<I>rsasigkey</I>
-
-give a running commentary on standard error.
-By default, it works in silence until it is ready to generate output.
-<P>
-
-The
-<B>--random</B>
-
-option specifies a source for random bits.
-The default is
-<I>/dev/random</I>
-
-(see
-<I><A HREF="random.4.html">random</A></I>(4)).
-
-Normally,
-<I>rsasigkey</I>
-
-reads exactly
-<I>nbits</I>
-
-random bits from the source;
-in extremely-rare circumstances it may need more.
-<P>
-
-The
-<B>--rounds</B>
-
-option specifies the number of rounds to be done by the
-<I>mpz_probab_prime_p</I>
-
-probabilistic primality checker.
-The default, 30, is fairly rigorous and should not normally
-have to be overridden.
-<P>
-
-The
-<B>--hostname</B>
-
-option specifies what host name to use in
-the first line of the output (see below);
-the default is what
-<I><A HREF="gethostname.2.html">gethostname</A></I>(2)
-
-returns.
-<P>
-
-The
-<B>--noopt</B>
-
-option suppresses an optimization of the private key
-(to be precise, setting of the decryption exponent to
-<B>lcm(p-1,q-1)</B>
-
-rather than
-<B>(p-1)*(q-1)</B>)
-
-which speeds up operations on it slightly
-but can cause it to flunk a validity check in old RSA implementations
-(notably, obsolete versions of
-<I><A HREF="ipsec_pluto.8.html">ipsec_pluto</A></I>(8)).
-
-<P>
-
-The
-<B>--oldkey</B>
-
-option specifies that rather than generate a new key,
-<I>rsasigkey</I>
-
-should read an old key from the
-<I>file</I>
-
-(the name
-<B>-</B>
-
-means ``standard input'')
-and use that to generate its output.
-Input lines which do not look like
-<I>rsasigkey</I>
-
-output are silently ignored.
-This permits updating old keys to the current format.
-<P>
-
-The output format looks like this (with long numbers trimmed down
-for clarity):
-<P>
-
-
-<PRE>
- # RSA 2048 bits xy.example.com Sat Apr 15 13:53:22 2000
- # for signatures only, UNSAFE FOR ENCRYPTION
- #pubkey=0sAQOF8tZ2NZt...Y1P+buFuFn/
- Modulus: 0xcc2a86fcf440...cf1011abb82d1
- PublicExponent: 0x03
- # everything after this point is secret
- PrivateExponent: 0x881c59fdf8...ab05c8c77d23
- Prime1: 0xf49fd1f779...46504c7bf3
- Prime2: 0xd5a9108453...321d43cb2b
- Exponent1: 0xa31536a4fb...536d98adda7f7
- Exponent2: 0x8e70b5ad8d...9142168d7dcc7
- Coefficient: 0xafb761d001...0c13e98d98
-</PRE>
-
-<P>
-
-The first (comment) line,
-indicating the nature and date of the key,
-and giving a host name,
-is used by
-<I><A HREF="ipsec_showhostkey.8.html">ipsec_showhostkey</A></I>(8)
-
-when generating some forms of key output.
-<P>
-
-The commented-out
-<B>pubkey=</B>
-
-line contains the public key---the public exponent and the modulus---combined
-in approximately RFC 2537 format
-(the one deviation is that the combined value is given with a
-<B>0s</B>
-
-prefix, rather than in unadorned base-64),
-suitable for use in the
-<I>ipsec.conf</I>
-
-file.
-<P>
-
-The
-<B>Modulus</B>,
-
-<B>PublicExponent</B>,
-
-and
-<B>PrivateExponent</B>
-
-lines give the basic signing and verification data.
-<P>
-
-The
-<B>Prime1</B>
-
-and
-<B>Prime2</B>
-
-lines give the primes themselves (aka
-<I>p</I>
-
-and
-<I>q</I>),
-
-largest first.
-The
-<B>Exponent1</B>
-
-and
-<B>Exponent2</B>
-
-lines give
-the private exponent mod
-<I>p-1</I>
-
-and
-<I>q-1</I>
-
-respectively.
-The
-<B>Coefficient</B>
-
-line gives the Chinese Remainder Theorem coefficient,
-which is the inverse of
-<I>q</I>,
-
-mod
-<I>p</I>.
-
-These additional numbers (which must all be kept as secret as the
-private exponent) are precomputed aids to rapid signature generation.
-<P>
-
-No attempt is made to break long lines.
-<P>
-
-The US patent on the RSA algorithm expired 20 Sept 2000.
-<A NAME="lbAE"> </A>
-<H2>EXAMPLES</H2>
-
-<DL COMPACT>
-<DT><B>ipsec rsasigkey --verbose 2192 >mykey</B>
-
-<DD>
-generates a 2192-bit signature key and puts it in the file
-<I>mykey</I>,
-
-with running commentary on standard error.
-The file contents can be inserted verbatim into a suitable entry in the
-<I>ipsec.secrets</I>
-
-file (see
-<I><A HREF="ipsec.secrets.5.html">ipsec.secrets</A></I>(5)),
-
-and the public key can then be extracted and edited into the
-<I>ipsec.conf</I>
-
-file (see
-<I><A HREF="ipsec.conf.5.html">ipsec.conf</A></I>(5)).
-
-<DT><B>ipsec rsasigkey --verbose --oldkey oldie >latest</B>
-
-<DD>
-takes the old signature key from file
-<I>oldie</I>
-
-and puts a version in the current format into the file
-<I>latest</I>,
-
-with running commentary on standard error.
-</DL>
-<A NAME="lbAF"> </A>
-<H2>FILES</H2>
-
-/dev/random
-<A NAME="lbAG"> </A>
-<H2>SEE ALSO</H2>
-
-<A HREF="random.4.html">random</A>(4), <A HREF="ipsec_showhostkey.8.html">ipsec_showhostkey</A>(8)
-<BR>
-
-<I>Applied Cryptography</I>, 2nd. ed., by Bruce Schneier, Wiley 1996.
-<BR>
-
-RFCs 2537, 2313.
-<BR>
-
-<I>GNU MP, the GNU multiple precision arithmetic library, edition 2.0.2</I>,
-by Torbj Granlund.
-<A NAME="lbAH"> </A>
-<H2>HISTORY</H2>
-
-Written for the Linux FreeS/WAN project
-<<A HREF="http://www.freeswan.org">http://www.freeswan.org</A>>
-by Henry Spencer.
-<A NAME="lbAI"> </A>
-<H2>BUGS</H2>
-
-There is an internal limit on
-<I>nbits</I>,
-
-currently 20000.
-<P>
-
-<I>Rsasigkey</I>'s
-
-run time is difficult to predict,
-since
-<I>/dev/random</I>
-
-output can be arbitrarily delayed if
-the system's entropy pool is low on randomness,
-and the time taken by the search for primes is also somewhat unpredictable.
-A reasonably typical time for a 1024-bit key on a quiet 200MHz Pentium MMX
-with plenty of randomness available is 20 seconds,
-almost all of it in the prime searches.
-Generating a 2192-bit key on the same system usually takes several minutes.
-A 4096-bit key took an hour and a half of CPU time.
-<P>
-
-The
-<B>--oldkey</B>
-
-option does not check its input format as rigorously as it might.
-Corrupted
-<I>rsasigkey</I>
-
-output may confuse it.
-<P>
-
-<HR>
-<A NAME="index"> </A><H2>Index</H2>
-<DL>
-<DT><A HREF="#lbAB">NAME</A><DD>
-<DT><A HREF="#lbAC">SYNOPSIS</A><DD>
-<DT><A HREF="#lbAD">DESCRIPTION</A><DD>
-<DT><A HREF="#lbAE">EXAMPLES</A><DD>
-<DT><A HREF="#lbAF">FILES</A><DD>
-<DT><A HREF="#lbAG">SEE ALSO</A><DD>
-<DT><A HREF="#lbAH">HISTORY</A><DD>
-<DT><A HREF="#lbAI">BUGS</A><DD>
-</DL>
-<HR>
-This document was created by
-<A HREF="http://localhost/cgi-bin/man/man2html">man2html</A>,
-using the manual pages.<BR>
-Time: 21:40:18 GMT, November 11, 2003
-</BODY>
-</HTML>
projects / thirdparty / strongswan.git / blobdiff