Syntax
bootgen -image test.bif -generate_keys <rsa|pem|obfuscatedkey|lms-shake256>Description
This option generates keys for authentication and obfuscated key used for encryption.
Note: For more information
on generating encryption keys, see Key Generation.
Authentication Key Generation Example
Authentication key generation example. This example generates the authentication keys in the paths specified in the BIF file.
bootgen -image test.bif -generate_keys rsaExamples
image:
{
[ppkfile] <path/ppkgenfile.txt>
[pskfile] <path/pskgenfile.txt>
[spkfile] <path/spkgenfile.txt>
[sskfile] <path/sskgenfile.txt>
}LMS
{
lms_key_params
{
primary {lms_shake256_h5_w2}
secondary {lms_shake256_h5_w2}
}
[ppkfile] <path/ppkgenfile.txt>
[pskfile] <path/pskgenfile.txt>
[spkfile] <path/spkgenfile.txt>
[sskfile] <path/sskgenfile.txt>
} HSS
image:
{
lms_key_params
{
primary {lms_shake256_h15_w2, lms_shake256_h15_w2}
secondary {lms_shake256_h15_w2, lms_shake256_h15_w2}
}
[ppkfile] <path/ppkgenfile.txt>
[pskfile] <path/pskgenfile.txt>
[spkfile] <path/spkgenfile.txt>
[sskfile] <path/sskgenfile.txt>
}
Note: Here h and w are parameters that you need to specify in the
BIF. Even for hss, use the -generate_keys lms flag while generating keys.
The key files are generated in the paths mentioned above, and you can use both for lms and hss both.
Obfuscated Key Generation Example
This example generates the obfuscated in the same path as that of the familykey.txt.
Command:
bootgen -image test.bif -generate_keys obfuscatedkeyThe Sample BIF file is shown in the following example:
image:
{
[aeskeyfile] aes.nky
[bh_key_iv] bhkeyiv.txt
[familykey] familykey.txt
}Arguments
- rsa
- pem
- obfuscated
- lms-shake256