Workers Key Generation Page

Signer

Specifies the name of the worker. Click the link to view the worker's page.

Old Key Alias

Specifies the name of the current key (if any).

This is stored in the configuration as the DEFAULTKEY property.

Key Algorithm

Specifies the name of the key algorithm to use for the new key.

By default, key algorithms can be selected from a drop-down list with the common options (RSA, ECDSA, and AES).

To manually specify another value, click >.

The value will be preselected with the value of the KEYALG property specified in the worker.

When generating a symmetric (secret) key and the specified key algorithm name is not present in the predefined list of known secret key algorithms, the key algorithm name must be specified with the prefix "SEC:", for example: SEC:Blowfish. Currently, the secret key list contains the algorithms AES and DES.

If the worker references the P11NGCryptoToken, the algorithm name can be specified as a long or hexadecimal constant value. For more information, see Secret Key generation in P11NGCryptoToken.

Key Specification

Specifies the parameters for the key generation process.

By default, the key specification can be selected from a drop-down list with common values, depending on the key algorithm selected.

To manually specify another value, click >.

Some key specifications presented might not be supported by the crypto token being used.

For RSA, the value is the key length. For ECDSA, the value is the name of the curve.

Examples: 2048, 3072, secp256r1.

The value is already set if the worker has a KEYSPEC property specified.

New Key Alias

Specifies the name for the new key to generate.

Generate

Performs the key generation for each selected worker.

The result of the key generation is written out in the Result column.

If all key generations was successful the page is automatically switched back to the previous otherwise the page remains and the user has the ability to try again.

Cancel

Returns to the previous page.