ExternalVendorCode/tahoe-lafs
1
0
Fork 0
mirror of https://github.com/tahoe-lafs/tahoe-lafs.git synced 2025-04-06 02:16:45 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Document converting key to DER-encoded urlsafe b64

Browse Source
This commit is contained in:
Christopher R. Wood 2024-05-30 15:44:21 -04:00
parent ed2e93582c
commit 692be000a8
1 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
docs/frontends/webapi.rst
View File

@ -449,7 +449,12 @@ Creating a New Directory
In addition, an optional "private-key=" argument is supported which, if given,
specifies the underlying signing key to be used when creating the directory.
This value must be a DER-encoded 2048-bit RSA private key in urlsafe base64
encoding. Because this key can be used to derive the write capability for the
encoding. (To convert an existing PEM-encoded RSA key file into the format
required, the following commands may be used -- assuming a modern UNIX-like
environment with common tools already installed:
``openssl rsa -in key.pem -outform der | base64 -w 0 -i - | tr '+/' '-_'``)
Because this key can be used to derive the write capability for the
associated directory, additional care should be taken to ensure that the key is
unique, that it is kept confidential, and that it was derived from an
appropriate (high-entropy) source of randomness. If this argument is omitted