Main Page Namespace List Class Hierarchy Alphabetical List Compound List File List Namespace Members Compound Members Related Pages

verify_private_keys

verify_private_keys reads in private keys and their corresponding shares and checks whether they are consistent.

The following command-line options are recognized:

-c <config_file> The configuration file for this program.
-s <section> The relevant section of the configuration file. If not provided, the default section will be used.

The configuration file must be in OpenSSL's CONF format and should define the following fields:

nhosts The number of servers in the quorum system.
nfaults The number of faults to tolerate.
private_key_file The PEM file containing the RSA private key.
private_key_passwd The password for private_key_file [optional]
public_eg_key_file The file containing the ElGamal public key.
private_eg_key_file The file containing the ElGamal private key.
output_directory The directory in which share files will be stored.

Here is an example of a relevant section in a configuration file:

 [ verify_keys ]
 nhosts  = 4
 nfaults = 1

 public_dir  = /etc/CODEX/pubkeys
 private_dir = /etc/CODEX/privkeys

 private_key_file    = ${private_dir}/service.private.pem
 private_key_passwd  = foobar
 public_eg_key_file  = ${public_dir}/service.eg.pub
 private_eg_key_file = ${private_dir}/service.eg.priv
 output_directory    = ${private_dir}

The command-line option -s verify_keys would then be supplied to specify that this is the section to load. Note that these configuration options are the same as for split_private_keys, and the same configuration file may be used for both.

Generated on Wed Jun 2 16:32:57 2004 for COrnell Data EXchange (CODEX) by

1.2.18