bupstash-keyfiles
SYNOPSIS
Overview of the bupstash key format.
DESCRIPTION
Bupstash key files are PEM encoded with one of the following tags:
- BUPSTASH KEY
- BUPSTASH SUB KEY
The binary data after decoding the PEM data consists of bare key structures, described below.
Binary encoding of keys:
type PrimaryKey {
id: Data<16>,
rollsum_key: Data<32>,
data_hash_key_part_1: Data<32>,
data_hash_key_part_2: Data<32>,
data_pk: Data<32>,
data_sk: Data<32>,
data_psk: Data<32>,
idx_hash_key_part_1: Data<32>,
idx_hash_key_part_2: Data<32>,
idx_pk: Data<32>,
idx_sk: Data<32>,
idx_psk: Data<32>,
metadata_pk: Data<32>,
metadata_sk: Data<32>,
metadata_psk: Data<32>,
}
type SubKey {
id: Data<16>,
primary_key_id: Data<16>,
rollsum_key: Option<Data<32>>,
data_hash_key_part_1: Option<Data<32>>,
data_hash_key_part_2: Option<Data<32>>,
data_pk: Option<Data<32>>,
data_sk: Option<Data<32>>,
data_psk: Option<Data<32>>,
idx_hash_key_part_1: Option<Data<32>>,
idx_hash_key_part_2: Option<Data<32>>,
idx_pk: Option<Data<32>>,
idx_sk: Option<Data<32>>,
idx_psk: Option<Data<32>>,
metadata_pk: Option<Data<32>>,
metadata_sk: Option<Data<32>>,
metadata_psk: Option<Data<32>>,
}
type Key (PrimaryKey | SubKey)
EXAMPLE
$ bupstash new-key -o bupstash.key
$ cat bupstash.key
# This file contains a cryptographic key used by 'bupstash' to encrypt and decrypt data.
#
# key-id=55f32e9db43a1fa3cf65bb3705230898
-----BEGIN BUPSTASH KEY-----
AFXzLp20Oh+jz2W7NwUjCJgS7VhqV37771UhSRo7LZUIxJCbEZkm27AcYylSL5T2
bxAE4g0rukxRhloPqWT+s1Yr2cPNEHymMzJzm+V4QiDMzE4K4k548bsrMoQMGXc8
LRpNiqVzwRRvibkdf9RdnyYPQ5IlvQN395YJVCfiD6nEOY90plDH20UgiGiNLRYK
xH+MfIoFA1X59UFdto0B/CJW9R98OgQeJNP91NQloFA17mbzhqUvwnHDjatzkxht
CJWScQm6PTwEFEYRSzLTWgpFXjnpF09quzZenw/jEn6nPAyjb11u+Ohe7pkfxacv
QZ5qhBMqJ7+H3VpvOLW7mTmXL3T6gB5W7u2Lg6Y/AwkE
-----END BUPSTASH KEY-----
SEE ALSO
bupstash