public
/
libsxmp
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
master
v0.4.xx
v0.5.xx
v0.4.4
v0.4.2
v0.4.0
v0.2.1
v0.2.0
v0.4.3
v0.1.0
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'a01dd93bb8'
${ noResults }
libsxmp/doc/sxtkey.txt

55 lines
2.3 KiB
Plaintext
Raw Blame History

I. SXT key container description
-----------------------------
1. Private keys store description
The following format used to store a private key:
(<key-type> "<base64 encoded key data>")
Where:
- key-type is a type of the key:
* ppkp-ed25519
- base64 is an encoded private key it self consists of:
<MAGIC VERSION SIGN><8bit flags><key-type><cipher-name><kdf-name><kdf-opts><public-key><private-key-data>
NOTE:
Each key may contain a 64bit special hash, but this is an optional one.
Key also might be encrypted with password key i.e. password thus private-key-data might be encrypted,
might not.
* MAGIC VERSION SIGN is just a data points to the container version used, for the first one this is: 0xbeef0101
* 8bit flags contains the following ones:
- (1 << 1) - if set - there are hash within the key
- (1 << 2) - if set - key is encrypted and require a password key to decrypt
* key-type - is the same key-type as it pointed above
* cipher-name and kdf-name is a plain text name of kdf and cipher used to encrypt the key, or "none" if key isn't
encrypted
* kdf-opts is an options for kdf (in case of bcrypt this is a salt and passes number)
* public-key is a public key
* private-key-data - this is a data contains all private key information (this data might be encrypted),
this area contains:
<32bit random><32bit random><public-key><private-key><64bit hash><8bit zero padding>
At the moment of this document creation i'm planning to support ed25519 keys only.
II. SXT keys management tools
-----------------------------
1. Key generation
To generate a key a special tool exists: sxtkeygen
> sxtkeygen --type <type> --name <name> --passphrase --path <file prefix=""> --hash <64bit hash>
* type will ed25519 (others doesn't supported yet) - it's required value
* name is optional will defaults to <type> if not pointed
* passphrase is optional, if pointed will required to input a passphrase
to encrypt the key (taptap in the terminal)
* path is optional, points to the path where public/private keys files
will located, defaults to the current working directory.
* hash is an optional - set it if you want to store an additional hash within the key
i.e. the output will be two ones:
<path>/<name||type>.pub # public key
<path>/<name||type>.ppkp # private key
Reference in New Issue View Git Blame Copy Permalink