keymgr: update help and documentation

diff --git a/doc/man_keymgr.rst b/doc/man_keymgr.rst
index eee063d6908b842c3624055ee6ecb27955e7bc28..fbde238ca86e43b6b6ad03af1057fa5e9d095e3c 100644 (file)
--- a/doc/man_keymgr.rst
+++ b/doc/man_keymgr.rst
@@ -199,7 +199,8 @@ Commands related to Offline KSK feature
 Generate arguments
 ..................
 
-Arguments are separated by space, each of them is in format 'name=value'.
+Arguments are separated by space, each of them is in format 'name=value'. A *(bool)* argument
+accepts values **yes** or **no**. If the value is omitted, it's interpreted as **yes**.
 
 **algorithm**
   Either an algorithm number (e.g. 14) or :ref:`algorithm name<policy_algorithm>`
@@ -209,19 +210,19 @@ Arguments are separated by space, each of them is in format 'name=value'.
   Key length in bits.
 
 **ksk**
-  If set to **yes**, the key will be used for signing DNSKEY rrset. The generated key will also
+  *(bool)* The key will be used for signing DNSKEY rrset. The generated key will also
   have the Secure Entry Point flag set to 1.
 
 **zsk**
-  If set to **yes**, the key will be used for signing zone (except DNSKEY rrset). This flag can
+  *(bool)* The key will be used for signing zone (except DNSKEY rrset). This flag can
   be set concurrently with the **ksk** flag (for a CSK key).
 
 **sep**
-  Overrides the standard setting of the Secure Entry Point flag.
+  *(bool)* Overrides the standard setting of the Secure Entry Point flag.
 
 **for-later**
-  Pre-generating a key for later use. Once a new key ought to be generated, this one will be
-  used instead if the **ksk** and **zsk** flags are matching. This argument has no parameter.
+  *(bool)* The key will be determined for later use. It means once a new key ought
+  to be generated, this one will be used instead if the key type and algorithm match.
 
 The following arguments are timestamps of key lifetime (see :ref:`DNSSEC Key states`):
 

diff --git a/src/utils/keymgr/main.c b/src/utils/keymgr/main.c
index e5e71055385e79a670c86e9f0b37d74c3dab84a5..51d70579621e2bd6a38c681dc46b7d769533a47b 100644 (file)
--- a/src/utils/keymgr/main.c
+++ b/src/utils/keymgr/main.c
@@ -109,12 +109,14 @@ static void print_help(void)
               "  [id=|keytag=] prefix.\n"
               "\n"
               "Key attributes:\n"
-              "  algorithm  The key cryptographic algorithm: either name (e.g. RSASHA256) or\n"
-              "             number.\n"
+              "  algorithm  The key cryptographic algorithm: either name (e.g. RSASHA256) or number.\n"
               "  size       The key size in bits.\n"
-              "  ksk        Whether the generated/imported key shall be Key Signing Key.\n"
-              "  created/publish/ready/active/retire/remove  The timestamp of the key\n"
-              "             lifetime event (e.g. published=+1d active=1499770874)\n",
+              "  ksk        The key is KSK.\n"
+              "  zsk        The key is ZSK.\n"
+              "  sep        Overrides the standard setting of SEP.\n"
+              "  for-later  The key is for later use.\n"
+              "  created/publish/ready/active/retire/remove/pre_active/post_active/retire_active/revoke"
+              "             The timestamp of the key lifetime event (e.g. published=+1d active=1499770874)\n",
               PROGRAM_NAME, PROGRAM_NAME, PROGRAM_NAME, PROGRAM_NAME, CONF_DEFAULT_FILE,
               CONF_DEFAULT_DBDIR);
 }