Login or Register to Ask a Question and Join Our Community

Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

rskeygen(1) [debian man page]

rskeygen(1)						      General Commands Manual						       rskeygen(1)

NAME

       rskeygen - generate private key pairs for TI graphing calculators

SYNOPSIS

       rskeygen [ --secure ] [ --ti ] [ --length nbytes ]

DESCRIPTION

       rskeygen  generates application and OS signing keys for the Texas Instruments TI-73, TI-83 Plus, TI-84 Plus, TI-89, and TI-92 Plus graphing
       calculators.  These keys consist of two prime numbers p and q as well as their product n.  Current calculator models impose a limit of  512
       bits  (64  bytes)  on the size of n, so p and q are generally about 256 bits each.  As of this writing this means factoring n is beyond the
       reach of most people, though this will undoubtedly change in the future.

       The keys generated by rskeygen are not very useful at the moment, because in order for an application or OS to be accepted by the  calcula-
       tor,  the  key  used  to sign it must itself be signed using the calculator's own (possibly unique) private key, which is only known to TI.
       Nevertheless, rskeygen is provided in the hope that it can be useful, both for testing and for devising	new  signature	schemes  based	on
       TI's.

   OPTIONS
       --secure
	      Attempt  to  generate  a	``secure''  key using the system's entropy pool, /dev/random (see random(4).)  The actual security is thus
	      dependent on your system's implementation of /dev/random.

	      Without --secure, the keys are generated based on the current time and process ID, which is not secure in the slightest.

       --ti   Generate keys which are palatable to TI's official app signing programs.	This forces p to be congruent to 3 and q to  7	modulo	8.
	      This option is not necessary when using rabbitsign(1), nor is it necessary for the calculator to validate signatures properly.

       --length nbytes
	      Specify  the length in bytes of the modulus n; p and q are each calculated to be approximately half this length.	This should not be
	      greater than 64 for current calculators, and must be less than 256 in any event due to a limitation of the key file format.

SEE ALSO

       rabbitsign(1), packxxk(1)

AUTHOR

       Benjamin Moody <floppusmaximus@users.sf.net>

RabbitSign 2.0							     July 2009							       rskeygen(1)

Check Out this Related Man Page

PKI --GEN(1)							    strongSwan							      PKI --GEN(1)

NAME

       pki --gen - Generate a new RSA or ECDSA private key

SYNOPSIS

       pki --gen [--type type] [--size bits] [--safe-primes] [--shares n] [--threshold l] [--outform encoding] [--debug level]

       pki --gen --options file

       pki --gen -h | --help

DESCRIPTION

       This sub-command of pki(1) is used to generate a new RSA or ECDSA private key.

OPTIONS

       -h, --help
	      Print usage information with a summary of the available options.

       -v, --debug level
	      Set debug level, default: 1.

       -+, --options file
	      Read command line options from file.

       -t, --type type
	      Type of key to generate. Either rsa or ecdsa, defaults to rsa.

       -s, --size bits
	      Key  length  in bits. Defaults to 2048 for rsa and 384 for ecdsa.  For ecdsa only three values are currently supported: 256, 384 and
	      521.

       -p, --safe-primes
	      Generate RSA safe primes.

       -f, --outform encoding
	      Encoding of the generated private key. Either der (ASN.1 DER) or pem (Base64 PEM), defaults to der.

   RSA Threshold Cryptography
       -n, --shares <n>
	      Number of private RSA key shares.

       -l, --threshold <l>
	      Minimum number of participating RSA key shares.

PROBLEMS ON HOSTS WITH LOW ENTROPY

       If the gmp plugin is used to generate RSA private keys the key material is read from /dev/random (via the random  plugin).  Therefore,  the
       command	may block if the system's entropy pool is empty.  To avoid this, either use a hardware random number generator to feed /dev/random
       or use OpenSSL (via the openssl plugin or the command line) which is not as strict in regards to the quality of the key material (it  reads
       from  /dev/urandom  if  necessary).  It is also possible to configure the devices used by the random plugin in strongswan.conf(5).  Setting
       libstrongswan.plugins.random.random to /dev/urandom forces the plugin to treat bytes read from /dev/urandom as high grade random data, thus
       avoiding the blocking. Of course, this doesn't change the fact that the key material generated this way is of lower quality.

EXAMPLES

       pki --gen --size 3072 > rsa_key.der
	      Generates a 3072-bit RSA private key.

       pki --gen --type ecdsa --size 256 > ecdsa_key.der
	      Generates a 256-bit ECDSA private key.

SEE ALSO

       pki(1)

5.1.1								    2013-07-31							      PKI --GEN(1)
Man Page