1/* -*- Mode: Text -*- */ 2 3autogen definitions options; 4 5#include copyright.def 6#include homerc.def 7#include autogen-version.def 8 9prog-name = "ntp-keygen"; 10prog-title = "Create a NTP host key"; 11package = ntp; 12 13test-main; 14 15include = '#include <stdlib.h>'; 16#include version.def 17 18flag = { 19 value = c; 20 name = certificate; 21 arg-type = string; 22 arg-name = scheme; 23 ifdef = OPENSSL; 24 descrip = "certificate scheme"; 25 doc = <<- _EndOfDoc_ 26 scheme is one of 27 RSA-MD2, RSA-MD5, RSA-SHA, RSA-SHA1, RSA-MDC2, RSA-RIPEMD160, 28 DSA-SHA, or DSA-SHA1. 29 30 Select the certificate message digest/signature encryption scheme. 31 Note that RSA schemes must be used with a RSA sign key and DSA 32 schemes must be used with a DSA sign key. The default without 33 this option is RSA-MD5. 34 _EndOfDoc_; 35}; 36 37#include debug-opt.def 38 39flag = { 40 value = e; 41 name = id-key; 42 ifdef = OPENSSL; 43 descrip = "Write IFF or GQ identity keys"; 44 doc = <<- _EndOfDoc_ 45 Write the IFF or GQ client keys to the standard output. This is 46 intended for automatic key distribution by mail. 47 _EndOfDoc_; 48}; 49 50flag = { 51 value = G; 52 name = gq-params; 53 ifdef = OPENSSL; 54 descrip = "Generate GQ parameters and keys"; 55 doc = <<- _EndOfDoc_ 56 Generate parameters and keys for the GQ identification scheme, 57 obsoleting any that may exist. 58 _EndOfDoc_; 59}; 60 61flag = { 62 value = H; 63 name = host-key; 64 ifdef = OPENSSL; 65 descrip = "generate RSA host key"; 66 doc = <<- _EndOfDoc_ 67 Generate new host keys, obsoleting any that may exist. 68 _EndOfDoc_; 69}; 70 71flag = { 72 value = I; 73 name = iffkey; 74 ifdef = OPENSSL; 75 descrip = "generate IFF parameters"; 76 doc = <<- _EndOfDoc_ 77 Generate parameters for the IFF identification scheme, obsoleting 78 any that may exist. 79 _EndOfDoc_; 80}; 81 82flag = { 83 value = i; 84 name = issuer-name; 85 ifdef = OPENSSL; 86 arg-type = string; 87 arg-name = issuer-name; 88 descrip = "set issuer name"; 89 doc = <<- _EndOfDoc_ 90 Set the suject name to name. This is used as the subject field 91 in certificates and in the file name for host and sign keys. 92 _EndOfDoc_; 93}; 94 95flag = { 96 value = M; 97 name = md5key; 98 descrip = "generate MD5 keys"; 99 doc = <<- _EndOfDoc_ 100 Generate MD5 keys, obsoleting any that may exist. 101 _EndOfDoc_; 102}; 103 104flag = { 105 value = m; 106 name = modulus; 107 arg-type = number; 108 arg-name = modulus; 109 arg-range = '256->2048'; 110 ifdef = OPENSSL; 111 descrip = "modulus"; 112 doc = <<- _EndOfDoc_ 113 The number of bits in the prime modulus. The default is 512. 114 _EndOfDoc_; 115}; 116 117flag = { 118 value = P; 119 name = pvt-cert; 120 ifdef = OPENSSL; 121 descrip = "generate PC private certificate"; 122 doc = <<- _EndOfDoc_ 123 Generate a private certificate. By default, the program generates 124 public certificates. 125 _EndOfDoc_; 126}; 127 128flag = { 129 value = p; 130 name = pvt-passwd; 131 ifdef = OPENSSL; 132 arg-type = string; 133 arg-name = passwd; 134 descrip = "output private password"; 135 doc = <<- _EndOfDoc_ 136 Encrypt generated files containing private data with the specified 137 password and the DES-CBC algorithm. 138 _EndOfDoc_; 139}; 140 141flag = { 142 value = q; 143 name = get-pvt-passwd; 144 ifdef = OPENSSL; 145 arg-type = string; 146 arg-name = passwd; 147 descrip = "input private password"; 148 doc = <<- _EndOfDoc_ 149 Set the password for reading files to the specified password. 150 _EndOfDoc_; 151}; 152 153flag = { 154 value = S; 155 name = sign-key; 156 arg-type = string; 157 arg-name = sign; 158 ifdef = OPENSSL; 159 descrip = "generate sign key (RSA or DSA)"; 160 doc = <<- _EndOfDoc_ 161 Generate a new sign key of the designated type, obsoleting any 162 that may exist. By default, the program uses the host key as the 163 sign key. 164 _EndOfDoc_; 165}; 166 167flag = { 168 value = s; 169 name = subject-name; 170 arg-type = string; 171 arg-name = host; 172 ifdef = OPENSSL; 173 descrip = "set subject name"; 174 doc = <<- _EndOfDoc_ 175 Set the issuer name to name. This is used for the issuer field 176 in certificates and in the file name for identity files. 177 _EndOfDoc_; 178}; 179 180flag = { 181 value = T; 182 name = trusted-cert; 183 ifdef = OPENSSL; 184 descrip = "trusted certificate (TC scheme)"; 185 doc = <<- _EndOfDoc_ 186 Generate a trusted certificate. By default, the program generates 187 a non-trusted certificate. 188 _EndOfDoc_; 189}; 190 191flag = { 192 value = V; 193 name = mv-params; 194 arg-type = number; 195 arg-name = num; 196 ifdef = OPENSSL; 197 descrip = "generate <num> MV parameters"; 198 doc = <<- _EndOfDoc_ 199 Generate parameters and keys for the Mu-Varadharajan (MV) 200 identification scheme. 201 _EndOfDoc_; 202}; 203 204flag = { 205 value = v; 206 name = mv-keys; 207 arg-type = number; 208 arg-name = num; 209 ifdef = OPENSSL; 210 descrip = "update <num> MV keys"; 211}; 212 213detail = <<- _EODetail_ 214 If there is no new host key, look for an existing one. 215 If one is not found, create it. 216 _EODetail_; 217