/* -*- Mode: Text -*- */
autogen definitions options;
#include copyright.def
#include homerc.def
#include autogen-version.def
prog-name = "ntp-keygen";
prog-title = "Create a NTP host key";
package = ntp;
test-main;
include = '#include <stdlib.h>';
#include version.def
flag = {
value = c;
name = certificate;
arg-type = string;
arg-name = scheme;
ifdef = OPENSSL;
descrip = "certificate scheme";
doc = <<- _EndOfDoc_
scheme is one of
RSA-MD2, RSA-MD5, RSA-SHA, RSA-SHA1, RSA-MDC2, RSA-RIPEMD160,
DSA-SHA, or DSA-SHA1.
Select the certificate message digest/signature encryption scheme.
Note that RSA schemes must be used with a RSA sign key and DSA
schemes must be used with a DSA sign key. The default without
this option is RSA-MD5.
_EndOfDoc_;
};
#include debug-opt.def
flag = {
value = e;
name = id-key;
ifdef = OPENSSL;
descrip = "Write IFF or GQ identity keys";
doc = <<- _EndOfDoc_
Write the IFF or GQ client keys to the standard output. This is
intended for automatic key distribution by mail.
_EndOfDoc_;
};
flag = {
value = G;
name = gq-params;
ifdef = OPENSSL;
descrip = "Generate GQ parameters and keys";
doc = <<- _EndOfDoc_
Generate parameters and keys for the GQ identification scheme,
obsoleting any that may exist.
_EndOfDoc_;
};
flag = {
value = H;
name = host-key;
ifdef = OPENSSL;
descrip = "generate RSA host key";
doc = <<- _EndOfDoc_
Generate new host keys, obsoleting any that may exist.
_EndOfDoc_;
};
flag = {
value = I;
name = iffkey;
ifdef = OPENSSL;
descrip = "generate IFF parameters";
doc = <<- _EndOfDoc_
Generate parameters for the IFF identification scheme, obsoleting
any that may exist.
_EndOfDoc_;
};
flag = {
value = i;
name = issuer-name;
ifdef = OPENSSL;
arg-type = string;
arg-name = issuer-name;
descrip = "set issuer name";
doc = <<- _EndOfDoc_
Set the suject name to name. This is used as the subject field
in certificates and in the file name for host and sign keys.
_EndOfDoc_;
};
flag = {
value = M;
name = md5key;
descrip = "generate MD5 keys";
doc = <<- _EndOfDoc_
Generate MD5 keys, obsoleting any that may exist.
_EndOfDoc_;
};
flag = {
value = m;
name = modulus;
arg-type = number;
arg-name = modulus;
arg-range = '256->2048';
ifdef = OPENSSL;
descrip = "modulus";
doc = <<- _EndOfDoc_
The number of bits in the prime modulus. The default is 512.
_EndOfDoc_;
};
flag = {
value = P;
name = pvt-cert;
ifdef = OPENSSL;
descrip = "generate PC private certificate";
doc = <<- _EndOfDoc_
Generate a private certificate. By default, the program generates
public certificates.
_EndOfDoc_;
};
flag = {
value = p;
name = pvt-passwd;
ifdef = OPENSSL;
arg-type = string;
arg-name = passwd;
descrip = "output private password";
doc = <<- _EndOfDoc_
Encrypt generated files containing private data with the specified
password and the DES-CBC algorithm.
_EndOfDoc_;
};
flag = {
value = q;
name = get-pvt-passwd;
ifdef = OPENSSL;
arg-type = string;
arg-name = passwd;
descrip = "input private password";
doc = <<- _EndOfDoc_
Set the password for reading files to the specified password.
_EndOfDoc_;
};
flag = {
value = S;
name = sign-key;
arg-type = string;
arg-name = sign;
ifdef = OPENSSL;
descrip = "generate sign key (RSA or DSA)";
doc = <<- _EndOfDoc_
Generate a new sign key of the designated type, obsoleting any
that may exist. By default, the program uses the host key as the
sign key.
_EndOfDoc_;
};
flag = {
value = s;
name = subject-name;
arg-type = string;
arg-name = host;
ifdef = OPENSSL;
descrip = "set subject name";
doc = <<- _EndOfDoc_
Set the issuer name to name. This is used for the issuer field
in certificates and in the file name for identity files.
_EndOfDoc_;
};
flag = {
value = T;
name = trusted-cert;
ifdef = OPENSSL;
descrip = "trusted certificate (TC scheme)";
doc = <<- _EndOfDoc_
Generate a trusted certificate. By default, the program generates
a non-trusted certificate.
_EndOfDoc_;
};
flag = {
value = V;
name = mv-params;
arg-type = number;
arg-name = num;
ifdef = OPENSSL;
descrip = "generate <num> MV parameters";
doc = <<- _EndOfDoc_
Generate parameters and keys for the Mu-Varadharajan (MV)
identification scheme.
_EndOfDoc_;
};
flag = {
value = v;
name = mv-keys;
arg-type = number;
arg-name = num;
ifdef = OPENSSL;
descrip = "update <num> MV keys";
};
detail = <<- _EODetail_
If there is no new host key, look for an existing one.
If one is not found, create it.
_EODetail_;
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>