manpagez: man pages & more
info gnupg
Home | html | info | man

File: gnupg.info,  Node: Agent GENKEY,  Next: Agent IMPORT,  Prev: Agent PKSIGN,  Up: Agent Protocol

2.6.3 Generating a Key
----------------------

This is used to create a new keypair and store the secret key inside the
active PSE -- which is in most cases a Soft-PSE. A not-yet-defined
option allows choosing the storage location.  To get the secret key out
of the PSE, a special export tool has to be used.

        GENKEY [--no-protection] [--preset] []

   Invokes the key generation process and the server will then inquire
on the generation parameters, like:

        S: INQUIRE KEYPARM
        C: D (genkey (rsa (nbits  1024)))
        C: END

   The format of the key parameters which depends on the algorithm is of
the form:

         (genkey
           (algo
             (parameter_name_1 ....)
               ....
             (parameter_name_n ....)))

   If everything succeeds, the server returns the *public key* in a SPKI
like S-Expression like this:

          (public-key
            (rsa
      	 (n )
      	 (e )))

   Here is an example session:
        C: GENKEY
        S: INQUIRE KEYPARM
        C: D (genkey (rsa (nbits  1024)))
        C: END
        S: D (public-key
        S: D   (rsa (n 326487324683264) (e 10001)))
        S  OK key created

   The '--no-protection' option may be used to prevent prompting for a
passphrase to protect the secret key while leaving the secret key
unprotected.  The '--preset' option may be used to add the passphrase to
the cache using the default cache parameters.

   The '--inq-passwd' option may be used to create the key with a
supplied passphrase.  When used the agent does an inquiry with the
keyword 'NEWPASSWD' to retrieve that passphrase.  This option takes
precedence over '--no-protection'; however if the client sends a empty
(zero-length) passphrase, this is identical to '--no-protection'.

© manpagez.com 2000-2024
Individual documents may contain additional copyright information.