[tripe] / keys / tripe-keys.conf.5.in

.\" -*-nroff-*-
.\".
.\" Manual for the key-management configuration files
.\"
.\" (c) 2008 Straylight/Edgeware
.\"
.
.\"----- Licensing notice ---------------------------------------------------
.\"
.\" This file is part of Trivial IP Encryption (TrIPE).
.\"
.\" TrIPE is free software; you can redistribute it and/or modify
.\" it under the terms of the GNU General Public License as published by
.\" the Free Software Foundation; either version 2 of the License, or
.\" (at your option) any later version.
.\"
.\" TrIPE is distributed in the hope that it will be useful,
.\" but WITHOUT ANY WARRANTY; without even the implied warranty of
.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
.\" GNU General Public License for more details.
.\"
.\" You should have received a copy of the GNU General Public License
.\" along with TrIPE; if not, write to the Free Software Foundation,
.\" Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
.
.\"--------------------------------------------------------------------------
.so ../common/defs.man \" @@@PRE@@@
.
.\"--------------------------------------------------------------------------
.TH tripe-keys.conf 5tripe "14 September 2005" "Straylight/Edgeware" "TrIPE: Trivial IP Encryption"
.
.\"--------------------------------------------------------------------------
.SH "NAME"
.
tripe-keys.conf \- configuration file format for tripe-keys
.
.\"--------------------------------------------------------------------------
.SH "DESCRIPTION"
.
The
.B tripe-keys.master
or
.B tripe-keys.conf
file is a simple line-based configuration file read by
.BR tripe-keys (1).
Lines may be empty (consist only of whitespace), be comments (first
non-whitespace character is
.RB ` # ')
or have the form
.IP
.I name
.RB [ = ]
.I value
.PP
A
.I name
consists of alphanumeric characters and hyphens.  Values may contain
substitutions, of the form
.BI ${ name } \fR,
which are replaced by the value assigned to
.IR name .
Many
.IR name s
have significance to the
.B tripe-keys
program: these are described below.  Many have sensible defaults.
.SS "The tripe-keys.master file"
The client configuration file is built by applying substitutions to the
.B tripe-keys.master
file.  The following tokens are substituted:
.TP
.B @MASTER-SEQUENCE@
The sequence number of the most recently-added signing key.
.TP
.B @HK-MASTER@
The fingerprint of the signing key identified by
.BR @MASTER-SEQUENCE@ .
.SS "Master repository parameters"
.TP
.I base-url
The base URL of the key repository (usually with a trailing
.RB ` / ').
Typically, this will be something like
.RB http://www.distorted.org.uk/vpn/ .
No default.
.TP
.I repos-base
The basename for the repository archive.  Default is
.BR tripe-keys.tar.gz .
.TP
.I sig-base
The basename template for repository signatures.  Default is
.BR tripe-keys.sig-<SEQ> .
The
.RB ` <SEQ> '
portion, if any, is replaced by the sequence number of the key which
made the signature.
.TP
.I repos-url
The URL for the key repository tarball.  Default is the concatenation of
.I base-url
and
.IR repos-base .
.TP
.I sig-url
The URL template for key repository signatures.  Default is the
concatenation of
.I base-url
and
.IR sig-base .
.TP
.I master-sequence
The sequence number of the master authority's current signing key.  No
default.  Usually set up automatically.
.TP
.I master-keygen-flags
Additional options for generating master keys.  Default is
.RB ` -l '.
.TP
.I hk-master
The fingerprint of the current master signing key.  No default.  Usually
set up automatically.
.TP
.I upload-hook
A shell command to run by
.B tripe-keys upload
after it has successfully written the
.I repos-file
and
.IR sig-file s.
Default is
.B ": run upload hook"
which does nothing.
.SS "Crypto parameters"
.TP
.I kx
Key-exchange algorithm to use.  Either
.B dh
(integer Diffie-Hellman)
or
.B ec
(elliptic curves).  The default is
.BR dh .
.ne 7
.TP
.I kx-param
Options to pass to
.B "key add"
when generating the parameters key.  Default depends on
.I kx
as follows.
.TS
center;
| ci | ci |
| lb | lb |.
_
kx	kx-param
_
dh	\-LS \-b3072 \-B256
ec	\-Cnist-p256
_
.TE
.TP
.I kx-expire
Expiry time for generated keys.  Default is
.BR "now + 1 year" .
.TP
.I hash
Hashing algorithm to use.  Default is
.BR sha256 .
.TP
.I mac
Message authentication algorithm to use.  Default is
.IB hash -hmac/ halfhashlen \fR,
where
.I halfhashlen
is half of
.IR hash 's
output length.
.TP
.I mgf
Mask-generation algorithm to use.  Default is
.IB hash -mgf \fR.
This is probably a good choice.
.TP
.I cipher
Symmetric encryption scheme to use.  Default is
.BR rijndael-cbc .
.TP
.I sig
Signature scheme to use.  Must be one of those recognized by
.BR catsign (1).
Default is
.B dsa
if
.I kx
is
.BR dh ,
or
.B ecdsa
if
.I kx
is
.BR ec .
.ne 10
.TP
.I sig-genalg
Key-generation algorithm for signing key.  Default depends on
.I sig
as follows.
.TS
center;
| ci | ci |
| lb | lb |.
_
sig	sig-genalg
_
kcdsa	dh
dsa	dsa
rsapcs1	rsa
rsapss	rsa
ecdsa	ec
eckcdsa	ec
_
.TE
.ne 8
.TP
.I sig-param
Signature-key generation parameters.  Default depends on
.I sig-genalg
as follows.
.TS
center;
| ci | ci |
| lb | lb |.
_
sig-genalg	sig-param
_
dh	\-LS \-b3072 \-B256
dsa	\-b3072 \-B256
rsa	\-b3072
ec	\-Cnist-p256
_
.TE
.TP
.I sig-hash
Hash function to use for making signatures.  Default is
.IR hash .
.TP
.I sig-fresh
Oldest time we should consider a signed archive to be fresh.  Default is
.BR always ,
meaning that all signatures are fresh.
.TP
.I sig-expire
Expiry time for master signing key.  Default is
.BR forever .
.TP
.I fingerprint-hash
Hash function to use for key fingerprinting.  Default is
.IR hash .
.SS "Master maintenance parameters"
.TP
.I base-dir
Local base directory for the repository files.  This probably ought to
end in a
.RB ` / '
character.  Unexpected files in this directory will be removed by the
.B tripe-keys upload
command.  No default.
.TP
.I repos-file
Filename for local repository tarball.  Default is the concatenation of
.I base-dir
and
.IB repos-base .
.TP
.I sig-file
Template for repository signatures.  Default is the concatenation of
.I base-dir
and
.IR sig-base .
.TP
.I conf-file
Filename for local repository configuration file.  Default is
.IB basedir /tripe-keys.conf \fR.
.TP
.I kx-warn-days
The
.B "tripe-keys check"
command will warn about keys which will in less than
.I kx-warn-days
days.  Default is 28.
.
.\"--------------------------------------------------------------------------
.SH "SEE ALSO"
.
.BR tripe (8),
.BR tripe\-keys (8).
.
.\"--------------------------------------------------------------------------
.SH "AUTHOR"
.
Mark Wooding, <mdw@distorted.org.uk>
.
.\"----- That's all, folks --------------------------------------------------
Commit	Line	Data
060ca767	1	.\" --nroff--
060ca767	2	.\".
fc916a09 MW	3	.\" Manual for the key-management configuration files
	4	.\"
	5	.\" (c) 2008 Straylight/Edgeware
	6	.\"
	7	.
	8	.\"----- Licensing notice ---------------------------------------------------
	9	.\"
	10	.\" This file is part of Trivial IP Encryption (TrIPE).
	11	.\"
	12	.\" TrIPE is free software; you can redistribute it and/or modify
	13	.\" it under the terms of the GNU General Public License as published by
	14	.\" the Free Software Foundation; either version 2 of the License, or
	15	.\" (at your option) any later version.
	16	.\"
	17	.\" TrIPE is distributed in the hope that it will be useful,
	18	.\" but WITHOUT ANY WARRANTY; without even the implied warranty of
	19	.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	20	.\" GNU General Public License for more details.
	21	.\"
	22	.\" You should have received a copy of the GNU General Public License
	23	.\" along with TrIPE; if not, write to the Free Software Foundation,
	24	.\" Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
	25	.
	26	.\"--------------------------------------------------------------------------
e99aedcf	27	.so ../common/defs.man \" @@@PRE@@@
fc916a09 MW	28	.
fc916a09 MW	29	.\"--------------------------------------------------------------------------
0647ba7c	30	.TH tripe-keys.conf 5tripe "14 September 2005" "Straylight/Edgeware" "TrIPE: Trivial IP Encryption"
fc916a09 MW	31	.
fc916a09 MW	32	.\"--------------------------------------------------------------------------
060ca767	33	.SH "NAME"
fc916a09	34	.
060ca767	35	tripe-keys.conf \- configuration file format for tripe-keys
fc916a09 MW	36	.
fc916a09 MW	37	.\"--------------------------------------------------------------------------
060ca767	38	.SH "DESCRIPTION"
fc916a09	39	.
060ca767	40	The
	41	.B tripe-keys.master
	42	or
	43	.B tripe-keys.conf
	44	file is a simple line-based configuration file read by
	45	.BR tripe-keys (1).
	46	Lines may be empty (consist only of whitespace), be comments (first
	47	non-whitespace character is
	48	.RB ` # ')
	49	or have the form
	50	.IP
	51	.I name
	52	.RB [ = ]
	53	.I value
	54	.PP
	55	A
	56	.I name
	57	consists of alphanumeric characters and hyphens. Values may contain
	58	substitutions, of the form
	59	.BI ${ name } \fR,
	60	which are replaced by the value assigned to
	61	.IR name .
e04c2d50	62	Many
060ca767	63	.IR name s
	64	have significance to the
	65	.B tripe-keys
	66	program: these are described below. Many have sensible defaults.
	67	.SS "The tripe-keys.master file"
	68	The client configuration file is built by applying substitutions to the
	69	.B tripe-keys.master
	70	file. The following tokens are substituted:
	71	.TP
	72	.B @MASTER-SEQUENCE@
	73	The sequence number of the most recently-added signing key.
	74	.TP
	75	.B @HK-MASTER@
	76	The fingerprint of the signing key identified by
	77	.BR @MASTER-SEQUENCE@ .
	78	.SS "Master repository parameters"
	79	.TP
	80	.I base-url
	81	The base URL of the key repository (usually with a trailing
	82	.RB ` / ').
	83	Typically, this will be something like
	84	.RB http://www.distorted.org.uk/vpn/ .
	85	No default.
	86	.TP
	87	.I repos-base
	88	The basename for the repository archive. Default is
	89	.BR tripe-keys.tar.gz .
	90	.TP
	91	.I sig-base
	92	The basename template for repository signatures. Default is
	93	.BR tripe-keys.sig-<SEQ> .
	94	The
	95	.RB ` <SEQ> '
	96	portion, if any, is replaced by the sequence number of the key which
	97	made the signature.
	98	.TP
	99	.I repos-url
	100	The URL for the key repository tarball. Default is the concatenation of
	101	.I base-url
	102	and
	103	.IR repos-base .
	104	.TP
	105	.I sig-url
	106	The URL template for key repository signatures. Default is the
	107	concatenation of
bdbd9326	108	.I base-url
060ca767	109	and
	110	.IR sig-base .
	111	.TP
	112	.I master-sequence
	113	The sequence number of the master authority's current signing key. No
	114	default. Usually set up automatically.
	115	.TP
7858dfa0 MW	116	.I master-keygen-flags
	117	Additional options for generating master keys. Default is
	118	.RB ` -l '.
	119	.TP
060ca767	120	.I hk-master
	121	The fingerprint of the current master signing key. No default. Usually
	122	set up automatically.
b14ccd2f MW	123	.TP
	124	.I upload-hook
	125	A shell command to run by
	126	.B tripe-keys upload
	127	after it has successfully written the
	128	.I repos-file
	129	and
	130	.IR sig-file s.
	131	Default is
	132	.B ": run upload hook"
	133	which does nothing.
060ca767	134	.SS "Crypto parameters"
	135	.TP
	136	.I kx
	137	Key-exchange algorithm to use. Either
e04c2d50	138	.B dh
060ca767	139	(integer Diffie-Hellman)
	140	or
	141	.B ec
	142	(elliptic curves). The default is
	143	.BR dh .
f274f202	144	.ne 7
060ca767	145	.TP
	146	.I kx-param
	147	Options to pass to
	148	.B "key add"
	149	when generating the parameters key. Default depends on
	150	.I kx
	151	as follows.
	152	.TS
	153	center;
	154	\| ci \| ci \|
	155	\| lb \| lb \|.
	156	_
	157	kx kx-param
	158	_
ca3aaaeb	159	dh \-LS \-b3072 \-B256
060ca767	160	ec \-Cnist-p256
	161	_
	162	.TE
	163	.TP
	164	.I kx-expire
	165	Expiry time for generated keys. Default is
ca3aaaeb	166	.BR "now + 1 year" .
060ca767	167	.TP
	168	.I hash
	169	Hashing algorithm to use. Default is
	170	.BR sha256 .
	171	.TP
	172	.I mac
	173	Message authentication algorithm to use. Default is
	174	.IB hash -hmac/ halfhashlen \fR,
	175	where
	176	.I halfhashlen
	177	is half of
	178	.IR hash 's
	179	output length.
	180	.TP
	181	.I mgf
	182	Mask-generation algorithm to use. Default is
	183	.IB hash -mgf \fR.
	184	This is probably a good choice.
	185	.TP
	186	.I cipher
	187	Symmetric encryption scheme to use. Default is
b4303459	188	.BR rijndael-cbc .
060ca767	189	.TP
	190	.I sig
	191	Signature scheme to use. Must be one of those recognized by
	192	.BR catsign (1).
	193	Default is
	194	.B dsa
	195	if
	196	.I kx
	197	is
	198	.BR dh ,
	199	or
	200	.B ecdsa
	201	if
	202	.I kx
	203	is
	204	.BR ec .
f274f202	205	.ne 10
060ca767	206	.TP
060ca767	207	.I sig-genalg
e04c2d50	208	Key-generation algorithm for signing key. Default depends on
060ca767	209	.I sig
	210	as follows.
	211	.TS
	212	center;
	213	\| ci \| ci \|
	214	\| lb \| lb \|.
	215	_
	216	sig sig-genalg
	217	_
	218	kcdsa dh
	219	dsa dsa
	220	rsapcs1 rsa
	221	rsapss rsa
	222	ecdsa ec
	223	eckcdsa ec
	224	_
	225	.TE
f274f202	226	.ne 8
060ca767	227	.TP
	228	.I sig-param
	229	Signature-key generation parameters. Default depends on
	230	.I sig-genalg
	231	as follows.
	232	.TS
	233	center;
	234	\| ci \| ci \|
	235	\| lb \| lb \|.
	236	_
	237	sig-genalg sig-param
	238	_
ca3aaaeb MW	239	dh \-LS \-b3072 \-B256
	240	dsa \-b3072 \-B256
	241	rsa \-b3072
060ca767	242	ec \-Cnist-p256
	243	_
	244	.TE
	245	.TP
	246	.I sig-hash
	247	Hash function to use for making signatures. Default is
	248	.IR hash .
	249	.TP
	250	.I sig-fresh
	251	Oldest time we should consider a signed archive to be fresh. Default is
	252	.BR always ,
	253	meaning that all signatures are fresh.
	254	.TP
	255	.I sig-expire
	256	Expiry time for master signing key. Default is
	257	.BR forever .
	258	.TP
	259	.I fingerprint-hash
	260	Hash function to use for key fingerprinting. Default is
	261	.IR hash .
	262	.SS "Master maintenance parameters"
	263	.TP
	264	.I base-dir
	265	Local base directory for the repository files. This probably ought to
	266	end in a
	267	.RB ` / '
838e5ce7 MW	268	character. Unexpected files in this directory will be removed by the
	269	.B tripe-keys upload
	270	command. No default.
060ca767	271	.TP
	272	.I repos-file
	273	Filename for local repository tarball. Default is the concatenation of
	274	.I base-dir
	275	and
	276	.IB repos-base .
	277	.TP
	278	.I sig-file
ca3aaaeb	279	Template for repository signatures. Default is the concatenation of
060ca767	280	.I base-dir
	281	and
	282	.IR sig-base .
	283	.TP
	284	.I conf-file
	285	Filename for local repository configuration file. Default is
	286	.IB basedir /tripe-keys.conf \fR.
c2f28e4b MW	287	.TP
	288	.I kx-warn-days
	289	The
	290	.B "tripe-keys check"
	291	command will warn about keys which will in less than
	292	.I kx-warn-days
	293	days. Default is 28.
fc916a09 MW	294	.
fc916a09 MW	295	.\"--------------------------------------------------------------------------
060ca767	296	.SH "SEE ALSO"
fc916a09	297	.
060ca767	298	.BR tripe (8),
060ca767	299	.BR tripe\-keys (8).
fc916a09 MW	300	.
fc916a09 MW	301	.\"--------------------------------------------------------------------------
060ca767	302	.SH "AUTHOR"
fc916a09	303	.
060ca767	304	Mark Wooding, <mdw@distorted.org.uk>
fc916a09 MW	305	.
fc916a09 MW	306	.\"----- That's all, folks --------------------------------------------------