resolver (resolver closure)
random (randomsrc closure)
key-cache (privcache closure)
- local-key (rsaprivkey closure): Deprecated; use key-cache instead.
+ local-key (sigprivkey closure): Deprecated; use key-cache instead.
address (string list): optional, DNS name(s) used to find our peer;
address literals are supported too if enclosed in `[' `]'.
port (integer): mandatory if 'address' is specified: the port used
to contact our peer
peer-keys (string): path (prefix) for peer public key set file(s);
see README.make-secnet-sites re `pub' etc.
- key (rsapubkey closure): our peer's public key (obsolete)
+ key (sigpubkey closure): our peer's public key (obsolete)
transform (transform closure): how to mangle packets sent between sites
dh (dh closure)
hash (hash closure): used for keys whose algorithm (or public
Defines:
sigscheme algorithm 00 "rsa1"
- rsa-private (closure => rsaprivkey closure)
- rsa-public (closure => rsapubkey closure)
+ rsa-private (closure => sigprivkey closure)
+ rsa-public (closure => sigpubkey closure)
rsa1 sigscheme algorithm:
private key: SSH private key file, version 1, no password
Note that this uses a big-endian variant of the Serpent block cipher
(which is not compatible with most other Serpent implementations).
.SS rsa-private
-\fBrsa-private(\fIPATH\fB\fR[, \fICHECK\fR]\fB)\fR => \fIrsaprivkey closure\fR
+\fBrsa-private(\fIPATH\fB\fR[, \fICHECK\fR]\fB)\fR => \fIsigprivkey closure\fR
.TP
.I PATH
String.
If \fBtrue\fR (the default) then check that the key is valid.
.SS rsa-public
-\fBrsa-public(\fIKEY\fB, \fIMODULUS\fB)\fR => \fIrsapubkey closure\fR
+\fBrsa-public(\fIKEY\fB, \fIMODULUS\fB)\fR => \fIsigpubkey closure\fR
.TP
.I KEY
String.
A \fIrandomsource closure\fR.
.TP
.B local-key
-An \fIrsaprivkey closure\fR.
+An \fIsigprivkey closure\fR.
The key used to prove our identity to the peer.
.TP
.B address
The port to contact the peer.
.TP
.B key
-An \fIrsapubkey closure\fR.
+An \fIsigpubkey closure\fR.
The key used to verify the peer's identity.
.TP
.B transform