Permalink
Browse files

Remove scripts/gen_keys.js and rename public key.

Fixes #38
  • Loading branch information...
1 parent 7c83dc5 commit 713a89afee06887b581a2290a5036e9abfc51118 @callahad callahad committed Jun 19, 2012
Showing with 10 additions and 57 deletions.
  1. +9 −6 docs/OPS_NOTES.md
  2. +0 −50 scripts/gen_keys.js
  3. +1 −1 server/lib/keypair_store.js
View
15 docs/OPS_NOTES.md
@@ -26,13 +26,14 @@ Public Key
BigTent must have a public key. There are several ways to achieve this:
- Use the environment variables `PUBLIC_KEY`.
-- Use `scripts/gen_keys.js` to create `server_secret_key.json` and
- `server_public_key.json` in `server/var/`.
-- Do nothing and let the server generate its own "ephemeral keys," which
- will change on each restart.
-
-In practise, you'll want stable keys that match your certifier.
+- Use `./node_modules/jwcrypto/bin/generate-keypair` to create
+ `key.publickey` and `key.secretkey`. These should be stored with the
+ BrowserID Certifier, as defined in its configuration, and a copy of the
+ public key should be placed in BigTent's `server/var/` directory.
+- Do nothing and let the server generate its own "ephemeral keys," which will
+ change on each restart.
+In practice, you'll want stable keys that match your certifier.
API Keys: Windows Live (Hotmail)
--------------------------------
@@ -45,6 +46,8 @@ thus requires an API key. This means two things:
Real keys are managed by Ops.
+To reiterate, neither Google nor Yahoo require API keys.
+
External Requests
-----------------
View
50 scripts/gen_keys.js
@@ -1,50 +0,0 @@
-#!/usr/bin/env node
-/* This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
-
-/* scripts/gen_keys.js creates public and private keys suitable for
- key signing by Persona Identity Providers (IdPs).
-
- Usage:
- scripts/gen_keys.js
-
- Will create a new keypair at
- var/server_public_key.json
- var/server_secret_key.json
-
- If these files already exist, this script will show an error message
- and exit. You must remove both keys if you want to generate a new
- keypair.
-*/
-const path = require('path');
-// ./server is our current working directory
-process.chdir(path.join(path.dirname(__dirname), 'server'));
-
-const jwk = require("jwcrypto/jwk"),
- store = require('../server/lib/keypair_store'),
- util = require('util');
-
-var error_remove_keypair = function () {
- console.error("Old keypair detected, you must remove these files to generate new ones.");
- console.log("Usage: gen_keys.js\n\nWill create a new keypair under var.");
- process.exit(1);
-};
-
-store.files_exist(function (exists) {
- if (exists) {
- error_remove_keypair();
- } else {
- // generate a fresh 1024 bit RSA key
- var keypair = jwk.KeyPair.generate('RS', 256);
- store.write_files(keypair, function (err) {
- console.error("Problem writing public key, existing");
- console.error(err);
- process.exist(2);
- }, function (err) {
- console.error("Problem writing secret key, existing");
- console.error(err);
- process.exist(3);
- });
- }
-});
View
2 server/lib/keypair_store.js
@@ -8,7 +8,7 @@ path = require('path'),
util = require('util');
const
-PUBLIC_KEY_FILENAME = 'server_public_key.json';
+PUBLIC_KEY_FILENAME = 'key.publickey';
var
pub_key_filename = util.format('var/%s', PUBLIC_KEY_FILENAME);

0 comments on commit 713a89a

Please sign in to comment.