blob: 49ef7772ed0c2a410c496988da3b65e3e4de63ed [file] [log] [blame]
Alexander Afanasyev151a8552014-04-11 00:54:43 -07001ndnsec-key-gen
2==============
3
Davide Pesaventob310efb2019-04-11 22:10:24 -04004Synopsis
5--------
Alexander Afanasyev151a8552014-04-11 00:54:43 -07006
Davide Pesavento102f0572024-06-22 15:00:06 -04007**ndnsec key-gen** [**-h**] [**-n**] [**-t** *type*]
Zhiyi Zhang4c68b6e2020-04-20 16:13:21 -07008[**-k** *keyidtype*\|\ **--keyid** *keyid*] *identity*
Alexander Afanasyev151a8552014-04-11 00:54:43 -07009
10Description
11-----------
12
Davide Pesavento102f0572024-06-22 15:00:06 -040013Generate a public/private key pair for the specified *identity* and set the newly generated
14public key as the identity's default key.
15Unless :option:`-n` is specified, the identity is also set as the user's default identity.
Alexander Afanasyev151a8552014-04-11 00:54:43 -070016
Davide Pesavento102f0572024-06-22 15:00:06 -040017This command will automatically create a signing request for the generated key.
18The signing request will be written to the standard output in Base64 encoding.
Alexander Afanasyev151a8552014-04-11 00:54:43 -070019
20Options
21-------
22
Davide Pesaventob310efb2019-04-11 22:10:24 -040023.. option:: -n, --not-default
Alexander Afanasyev151a8552014-04-11 00:54:43 -070024
Davide Pesaventob310efb2019-04-11 22:10:24 -040025 Do not set the identity as the user's default identity.
Alexander Afanasyev2a047eb2014-11-30 22:45:02 -080026
Davide Pesaventob310efb2019-04-11 22:10:24 -040027 Note that if no other identity/key/certificate exists, then the identity
28 will become the default regardless of this option.
Yingdi Yu7d8644a2014-12-01 22:55:49 -080029
Davide Pesaventob310efb2019-04-11 22:10:24 -040030.. option:: -t <type>, --type <type>
31
Davide Pesavento702467b2020-04-22 21:41:23 -040032 Type of key to generate. "r" for RSA, "e" for ECDSA (the default).
Davide Pesaventob310efb2019-04-11 22:10:24 -040033
34.. option:: -k <keyidtype>, --keyid-type <keyidtype>
35
Zhiyi Zhang4c68b6e2020-04-20 16:13:21 -070036 Type of KeyId for the generated key. "r" for a 64-bit random number (the default
Davide Pesavento102f0572024-06-22 15:00:06 -040037 unless :option:`--keyid` is specified), "h" for the SHA-256 of the public key.
Zhiyi Zhang4c68b6e2020-04-20 16:13:21 -070038
39.. option:: --keyid <keyid>
40
41 User-specified KeyId. Must be a non-empty generic name component.
Davide Pesaventob310efb2019-04-11 22:10:24 -040042
Davide Pesavento102f0572024-06-22 15:00:06 -040043Examples
44--------
Alexander Afanasyev151a8552014-04-11 00:54:43 -070045
Davide Pesavento102f0572024-06-22 15:00:06 -040046Generate a new default key for the identity ``/ndn/test/david``::
Alexander Afanasyev151a8552014-04-11 00:54:43 -070047
Davide Pesavento102f0572024-06-22 15:00:06 -040048 $ ndnsec key-gen /ndn/test/david
49 Bv0BNwcxCANuZG4IBHRlc3QIBWRhdmlkCANLRVkICLe4LjaLILlwCARzZWxmNggA
50 AAGQQSVMERQJGAECGQQANu6AFVswWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASc
51 RppJ1qQzCpTyjvsX33fW9/WxopTdoEwfMZENOC960YB7g/LMhWx10ws4benYxIO2
52 ELirW0NZ6Wu5VUuzfyjfFlIbAQMcIwchCANuZG4IBHRlc3QIBWRhdmlkCANLRVkI
53 CLe4LjaLILlw/QD9Jv0A/g8yMDI0MDYyMlQxODExMjH9AP8PMjA0NDA2MTdUMTgx
54 MTIxF0YwRAIgLJWFpcWrmaOuXW5W+im9al+7TinaEqodve+vrJ2VE5sCIHyrWB+5
55 g2bl11aVNycEnMvG8KRSJoHRvNkx7+6RV33s
56
57See Also
58--------
59
60:manpage:`ndnsec-cert-gen(1)`,
61:manpage:`ndnsec-sign-req(1)`