Rechercher une page de manuel
pkcs11-keygen
Langue: en
Version: Sep 18, 2009 (fedora - 01/12/10)
Section: 8 (Commandes administrateur)
NAME
pkcs11-keygen - generate RSA keys on a PKCS#11 deviceSYNOPSIS
- pkcs11-keygen [-P] [-m module] [-s slot] [-e] {-b keysize} {-l label} [-i id] [-p PIN]
DESCRIPTION
pkcs11-keygen
- causes a PKCS#11 device to generate a new RSA key pair with the specified label and with keysize bits of modulus.
ARGUMENTS
-P
- Set the new private key to be non-sensitive and extractable. The allows the private key data to be read from the PKCS#11 device. The default is for private keys to be sensitive and non-extractable.
-m module
- Specify the PKCS#11 provider module. This must be the full path to a shared library object implementing the PKCS#11 API for the device.
-s slot
- Open the session with the given PKCS#11 slot. The default is slot 0.
-e
- Use a large exponent.
-b keysize
- Create the key pair with keysize bits of modulus.
-l label
- Create key objects with the given label. This name must be unique.
-i id
- Create key objects with id. The id is either an unsigned short 2 byte or an unsigned long 4 byte number.
-p PIN
- Specify the PIN for the device. If no PIN is provided on the command line, pkcs11-keygen will prompt for it.
SEE ALSO
pkcs11-list(3), pkcs11-destroy(3), dnssec-keyfromlabel(3),
CAVEAT
Some PKCS#11 providers crash with big public exponent.
AUTHOR
Internet Systems Consortium
COPYRIGHT
Copyright © 2009 Internet Systems Consortium, Inc. ("ISC")Contenus ©2006-2024 Benjamin Poulain
Design ©2006-2024 Maxime Vantorre