1 Content-type: text/html
3 <HTML><HEAD><TITLE>Manpage of IPSEC_RSASIGKEY</TITLE>
5 <H1>IPSEC_RSASIGKEY</H1>
6 Section: Maintenance Commands (8)<BR>Updated: 14 May 2001<BR><A HREF="#index">Index</A>
7 <A HREF="http://localhost/cgi-bin/man/man2html">Return to Main Contents</A><HR>
10 <A NAME="lbAB"> </A>
13 ipsec rsasigkey - generate RSA signature key
14 <A NAME="lbAC"> </A>
69 <A NAME="lbAD"> </A>
74 generates an RSA public/private key pair,
75 suitable for digital signatures,
79 bits (that is, two primes each of exactly
84 and emits it on standard output as ASCII (mostly hex) data.
87 must be a multiple of 16.
90 The public exponent is forced to the value
93 which has important speed advantages for signature checking.
94 Beware that the resulting keys have known weaknesses as encryption keys
95 <I>and should not be used for that purpose</I>.
104 give a running commentary on standard error.
105 By default, it works in silence until it is ready to generate output.
111 option specifies a source for random bits.
116 <I><A HREF="random.4.html">random</A></I>(4)).
124 random bits from the source;
125 in extremely-rare circumstances it may need more.
131 option specifies the number of rounds to be done by the
132 <I>mpz_probab_prime_p</I>
134 probabilistic primality checker.
135 The default, 30, is fairly rigorous and should not normally
136 have to be overridden.
142 option specifies what host name to use in
143 the first line of the output (see below);
145 <I><A HREF="gethostname.2.html">gethostname</A></I>(2)
153 option suppresses an optimization of the private key
154 (to be precise, setting of the decryption exponent to
160 which speeds up operations on it slightly
161 but can cause it to flunk a validity check in old RSA implementations
162 (notably, obsolete versions of
163 <I><A HREF="ipsec_pluto.8.html">ipsec_pluto</A></I>(8)).
170 option specifies that rather than generate a new key,
173 should read an old key from the
179 means ``standard input'')
180 and use that to generate its output.
181 Input lines which do not look like
184 output are silently ignored.
185 This permits updating old keys to the current format.
188 The output format looks like this (with long numbers trimmed down
194 # RSA 2048 bits xy.example.com Sat Apr 15 13:53:22 2000
195 # for signatures only, UNSAFE FOR ENCRYPTION
196 #pubkey=0sAQOF8tZ2NZt...Y1P+buFuFn/
197 #IN KEY 0x4200 4 1 AQOF8tZ2NZt...Y1P+buFuFn/
198 # (0x4200 = auth-only host-level, 4 = IPSec, 1 = RSA)
199 Modulus: 0xcc2a86fcf440...cf1011abb82d1
201 # everything after this point is secret
202 PrivateExponent: 0x881c59fdf8...ab05c8c77d23
203 Prime1: 0xf49fd1f779...46504c7bf3
204 Prime2: 0xd5a9108453...321d43cb2b
205 Exponent1: 0xa31536a4fb...536d98adda7f7
206 Exponent2: 0x8e70b5ad8d...9142168d7dcc7
207 Coefficient: 0xafb761d001...0c13e98d98
212 The first (comment) line,
213 indicating the nature and date of the key,
214 and giving a host name,
216 <I><A HREF="ipsec_showhostkey.8.html">ipsec_showhostkey</A></I>(8)
218 when generating some forms of key output.
224 line contains the public key---the public exponent and the modulus---combined
225 in approximately RFC 2537 format
226 (the one deviation is that the combined value is given with a
229 prefix, rather than in unadorned base-64),
230 suitable for use in the
239 line contains the public key in
242 RFC 2537 format (except for the lack of a name on the front),
243 suitable for use in DNS zone files.
244 The flags, algorithm, and protocol fields are given numerically,
245 with an accompanying explanation,
246 because some incomplete early implementations of the KEY
247 record (e.g., BIND 8.2.2-P5) don't support more mnemonic syntax.
253 <B>PublicExponent</B>,
256 <B>PrivateExponent</B>
258 lines give the basic signing and verification data.
267 lines give the primes themselves (aka
281 the private exponent mod
291 line gives the Chinese Remainder Theorem coefficient,
292 which is the inverse of
298 These additional numbers (which must all be kept as secret as the
299 private exponent) are precomputed aids to rapid signature generation.
302 No attempt is made to break long lines.
305 The US patent on the RSA algorithm expired 20 Sept 2000.
306 <A NAME="lbAE"> </A>
310 <DT><B>ipsec rsasigkey --verbose 2048 >mykey</B>
313 generates a 2048-bit signature key and puts it in the file
316 with running commentary on standard error.
317 The file contents can be inserted verbatim into a suitable entry in the
321 <I><A HREF="ipsec.secrets.5.html">ipsec.secrets</A></I>(5)),
323 and the public key can then be extracted and edited into the
327 <I><A HREF="ipsec.conf.5.html">ipsec.conf</A></I>(5)).
329 <DT><B>ipsec rsasigkey --verbose --oldkey oldie >latest</B>
332 takes the old signature key from file
335 and puts a version in the current format into the file
338 with running commentary on standard error.
340 <A NAME="lbAF"> </A>
344 <A NAME="lbAG"> </A>
347 <A HREF="random.4.html">random</A>(4), <A HREF="ipsec_showhostkey.8.html">ipsec_showhostkey</A>(8)
350 <I>Applied Cryptography</I>, 2nd. ed., by Bruce Schneier, Wiley 1996.
356 <I>GNU MP, the GNU multiple precision arithmetic library, edition 2.0.2</I>,
358 <A NAME="lbAH"> </A>
361 Written for the Linux FreeS/WAN project
362 <<A HREF="http://www.freeswan.org">http://www.freeswan.org</A>>
364 <A NAME="lbAI"> </A>
367 There is an internal limit on
375 run time is difficult to predict,
379 output can be arbitrarily delayed if
380 the system's entropy pool is low on randomness,
381 and the time taken by the search for primes is also somewhat unpredictable.
382 A reasonably typical time for a 1024-bit key on a quiet 200MHz Pentium MMX
383 with plenty of randomness available is 20 seconds,
384 almost all of it in the prime searches;
385 generating a 2048-bit key on the same system usually takes several minutes.
391 option does not check its input format as rigorously as it might.
395 output may confuse it.
399 <A NAME="index"> </A><H2>Index</H2>
401 <DT><A HREF="#lbAB">NAME</A><DD>
402 <DT><A HREF="#lbAC">SYNOPSIS</A><DD>
403 <DT><A HREF="#lbAD">DESCRIPTION</A><DD>
404 <DT><A HREF="#lbAE">EXAMPLES</A><DD>
405 <DT><A HREF="#lbAF">FILES</A><DD>
406 <DT><A HREF="#lbAG">SEE ALSO</A><DD>
407 <DT><A HREF="#lbAH">HISTORY</A><DD>
408 <DT><A HREF="#lbAI">BUGS</A><DD>
411 This document was created by
412 <A HREF="http://localhost/cgi-bin/man/man2html">man2html</A>,
413 using the manual pages.<BR>
414 Time: 05:09:32 GMT, June 19, 2001