Generate one or more key-pairs in the crypto token.

Generate Key

Column

Description

New Key Alias

Provide the name of the new key to generate.

Key Algorithm

Algorithm for the key to generate. The key can be generated as type asymmetric (key-pair) or symmetric (secret key), and either key type is determined by the key algorithm specified.

For example, if RSA is specified as Key Algorithm, an asymmetric key (key-pair) is generated, and specifying AES generates a symmetric key (secret key).

By default, key algorithms can be selected from a drop-down list with the common options (RSA, DSA, ECDSA, and AES).

To manually specify another value, click >.

Examples of valid values:

  • RSA
  • ECDSA
  • AES

(varning) If generating a symmetric (secret) key and the specified key algorithm name is not present in the predefined list of known secret key algorithms, the key algorithm name must be specified with the prefix "SEC:", for example: SEC:Blowfish. Currently, the secret key list contains the algorithms AES and DES.

If using the P11NGCryptoToken, the algorithm name can be specified as a long or hexadecimal constant value. For more information, see Secret Key generation in P11NGCryptoToken.

Key Specification

Key specifications for the key to generate.

By default, the key specification can be selected from a drop-down list with common values, depending on the key algorithm selected.

To manually specify another value, click >.

Note that some key specifications presented might not be supported by the crypto token being used.

For RSA and DSA, this is the key length and is specified as a number. Additionally, for RSA it is possible to use a different exponent by suffixing the number with "exp" followed by the exponent in decimal or prefixed with "0x" for hexadecimal. The default value for the exponent is 65537.

For ECDSA, use the name of the curve.

Examples:

  • 2048
  • 2048 exp 0x10001
  • secp256r1
  • 128
  • 168
  • 64

Actions

Action

Description

+ (plus)

Click the + (plus) button to add additional row(s) in order to generate multiple keys at the same time.

To add more than one row at a time change the value of the text field from "1" to the number of rows to add before clicking the + (plus) button.

The additional rows gets populated with the same key algorithm and key specification as the previous row and if a key alias has been specified then the following rows will have the same alias but with the numeric suffix increased by one for each row.

- (minus)

Click the - (minus) button to remove the last row (if more than one row has been added).

Generate

Generate each key as specified.

Cancel

Returns to the previous page.