1: /* -*- Mode: Text -*- */
2:
3: autogen definitions options;
4:
5: #include copyright.def
6: #include homerc.def
7: #include autogen-version.def
8:
9: prog-name = "ntp-keygen";
10: prog-title = "Create a NTP host key";
11: package = ntp;
12:
13: test-main;
14:
15: include = '#include <stdlib.h>';
16: #include version.def
17:
18: flag = {
19: value = c;
20: name = certificate;
21: arg-type = string;
22: arg-name = scheme;
23: ifdef = OPENSSL;
24: descrip = "certificate scheme";
25: doc = <<- _EndOfDoc_
26: scheme is one of
27: RSA-MD2, RSA-MD5, RSA-SHA, RSA-SHA1, RSA-MDC2, RSA-RIPEMD160,
28: DSA-SHA, or DSA-SHA1.
29:
30: Select the certificate message digest/signature encryption scheme.
31: Note that RSA schemes must be used with a RSA sign key and DSA
32: schemes must be used with a DSA sign key. The default without
33: this option is RSA-MD5.
34: _EndOfDoc_;
35: };
36:
37: #include debug-opt.def
38:
39: flag = {
40: value = e;
41: name = id-key;
42: ifdef = OPENSSL;
43: descrip = "Write IFF or GQ identity keys";
44: doc = <<- _EndOfDoc_
45: Write the IFF or GQ client keys to the standard output. This is
46: intended for automatic key distribution by mail.
47: _EndOfDoc_;
48: };
49:
50: flag = {
51: value = G;
52: name = gq-params;
53: ifdef = OPENSSL;
54: descrip = "Generate GQ parameters and keys";
55: doc = <<- _EndOfDoc_
56: Generate parameters and keys for the GQ identification scheme,
57: obsoleting any that may exist.
58: _EndOfDoc_;
59: };
60:
61: flag = {
62: value = H;
63: name = host-key;
64: ifdef = OPENSSL;
65: descrip = "generate RSA host key";
66: doc = <<- _EndOfDoc_
67: Generate new host keys, obsoleting any that may exist.
68: _EndOfDoc_;
69: };
70:
71: flag = {
72: value = I;
73: name = iffkey;
74: ifdef = OPENSSL;
75: descrip = "generate IFF parameters";
76: doc = <<- _EndOfDoc_
77: Generate parameters for the IFF identification scheme, obsoleting
78: any that may exist.
79: _EndOfDoc_;
80: };
81:
82: flag = {
83: value = i;
84: name = issuer-name;
85: ifdef = OPENSSL;
86: arg-type = string;
87: arg-name = issuer-name;
88: descrip = "set issuer name";
89: doc = <<- _EndOfDoc_
90: Set the suject name to name. This is used as the subject field
91: in certificates and in the file name for host and sign keys.
92: _EndOfDoc_;
93: };
94:
95: flag = {
96: value = M;
97: name = md5key;
98: descrip = "generate MD5 keys";
99: doc = <<- _EndOfDoc_
100: Generate MD5 keys, obsoleting any that may exist.
101: _EndOfDoc_;
102: };
103:
104: flag = {
105: value = m;
106: name = modulus;
107: arg-type = number;
108: arg-name = modulus;
109: arg-range = '256->2048';
110: ifdef = OPENSSL;
111: descrip = "modulus";
112: doc = <<- _EndOfDoc_
113: The number of bits in the prime modulus. The default is 512.
114: _EndOfDoc_;
115: };
116:
117: flag = {
118: value = P;
119: name = pvt-cert;
120: ifdef = OPENSSL;
121: descrip = "generate PC private certificate";
122: doc = <<- _EndOfDoc_
123: Generate a private certificate. By default, the program generates
124: public certificates.
125: _EndOfDoc_;
126: };
127:
128: flag = {
129: value = p;
130: name = pvt-passwd;
131: ifdef = OPENSSL;
132: arg-type = string;
133: arg-name = passwd;
134: descrip = "output private password";
135: doc = <<- _EndOfDoc_
136: Encrypt generated files containing private data with the specified
137: password and the DES-CBC algorithm.
138: _EndOfDoc_;
139: };
140:
141: flag = {
142: value = q;
143: name = get-pvt-passwd;
144: ifdef = OPENSSL;
145: arg-type = string;
146: arg-name = passwd;
147: descrip = "input private password";
148: doc = <<- _EndOfDoc_
149: Set the password for reading files to the specified password.
150: _EndOfDoc_;
151: };
152:
153: flag = {
154: value = S;
155: name = sign-key;
156: arg-type = string;
157: arg-name = sign;
158: ifdef = OPENSSL;
159: descrip = "generate sign key (RSA or DSA)";
160: doc = <<- _EndOfDoc_
161: Generate a new sign key of the designated type, obsoleting any
162: that may exist. By default, the program uses the host key as the
163: sign key.
164: _EndOfDoc_;
165: };
166:
167: flag = {
168: value = s;
169: name = subject-name;
170: arg-type = string;
171: arg-name = host;
172: ifdef = OPENSSL;
173: descrip = "set subject name";
174: doc = <<- _EndOfDoc_
175: Set the issuer name to name. This is used for the issuer field
176: in certificates and in the file name for identity files.
177: _EndOfDoc_;
178: };
179:
180: flag = {
181: value = T;
182: name = trusted-cert;
183: ifdef = OPENSSL;
184: descrip = "trusted certificate (TC scheme)";
185: doc = <<- _EndOfDoc_
186: Generate a trusted certificate. By default, the program generates
187: a non-trusted certificate.
188: _EndOfDoc_;
189: };
190:
191: flag = {
192: value = V;
193: name = mv-params;
194: arg-type = number;
195: arg-name = num;
196: ifdef = OPENSSL;
197: descrip = "generate <num> MV parameters";
198: doc = <<- _EndOfDoc_
199: Generate parameters and keys for the Mu-Varadharajan (MV)
200: identification scheme.
201: _EndOfDoc_;
202: };
203:
204: flag = {
205: value = v;
206: name = mv-keys;
207: arg-type = number;
208: arg-name = num;
209: ifdef = OPENSSL;
210: descrip = "update <num> MV keys";
211: };
212:
213: detail = <<- _EODetail_
214: If there is no new host key, look for an existing one.
215: If one is not found, create it.
216: _EODetail_;
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>