diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2017-08-05 20:08:31 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2017-08-05 20:08:31 +0200 |
commit | e2bd64a7068f0969f002cff1d1db87a7793a8795 (patch) | |
tree | afe216b1ae032b2b99c897fab4fe856d369a1ee4 | |
parent | 8bd458cce72b206e9648c86175d332cd578d76b3 (diff) | |
download | gnutls-e2bd64a7068f0969f002cff1d1db87a7793a8795.tar.gz |
certtool: improved documentation on --provable option
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
-rw-r--r-- | src/certtool-args.def | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/src/certtool-args.def b/src/certtool-args.def index fcb895e829..bc1bf5f5da 100644 --- a/src/certtool-args.def +++ b/src/certtool-args.def @@ -224,7 +224,14 @@ flag = { flag = { name = provable; descrip = "Generate a private key or parameters from a seed using a provable method"; - doc = "This will use the FIPS-186-4 algorithms (i.e., Shawe-Taylor) for provable key generation. When specified the private keys or parameters will be generated from a seed, and can be proven to be correctly generated from the seed. You may specify --seed or allow GnuTLS to generate one (recommended). This option can be combined with --generate-privkey or --generate-dh-params."; + doc = "This will use the FIPS-186-4 algorithms (i.e., Shawe-Taylor) for provable key generation. +When specified the private keys or parameters will be generated from a seed, and can be +later validated with --verify-provable-privkey to be correctly generated from the seed. You may +specify --seed or allow GnuTLS to generate one (recommended). This option can be combined with +--generate-privkey or --generate-dh-params. + +That option applies to RSA and DSA keys. On the DSA keys the PQG parameters +are generated using the seed, and on RSA the two primes."; }; flag = { |