mirror of
https://github.com/zeromq/libzmq.git
synced 2025-01-19 00:46:05 +01:00
Clarified use of secret/public keys
This commit is contained in:
parent
09426ff308
commit
87718c6102
@ -624,8 +624,9 @@ linkzmq:zmq_curve[7]. A value of '1' means the socket will act as
|
|||||||
CURVE server. A value of '0' means the socket will not act as CURVE
|
CURVE server. A value of '0' means the socket will not act as CURVE
|
||||||
server, and its security role then depends on other option settings.
|
server, and its security role then depends on other option settings.
|
||||||
Setting this to '0' shall reset the socket security to NULL. When you
|
Setting this to '0' shall reset the socket security to NULL. When you
|
||||||
set this you must also set both the public and secret keys using the
|
set this you must also set the server's secret key using the
|
||||||
ZMQ_CURVE_PUBLICKEY and ZMQ_CURVE_SECRETKEY options.
|
ZMQ_CURVE_SECRETKEY option. A server socket does not need to know
|
||||||
|
its own public key.
|
||||||
|
|
||||||
[horizontal]
|
[horizontal]
|
||||||
Option value type:: int
|
Option value type:: int
|
||||||
@ -637,14 +638,11 @@ Applicable socket types:: all, when using TCP transport
|
|||||||
ZMQ_CURVE_PUBLICKEY: Set CURVE public key
|
ZMQ_CURVE_PUBLICKEY: Set CURVE public key
|
||||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
|
||||||
Sets the socket's long term public key. You must set this on both CURVE
|
Sets the socket's long term public key. You must set this on CURVE client
|
||||||
client and server sockets, see linkzmq:zmq_curve[7]. You can provide the
|
sockets, see linkzmq:zmq_curve[7]. You can provide the key as 32 binary
|
||||||
key as 32 binary bytes, or as a 40-character string encoded in the Z85
|
bytes, or as a 40-character string encoded in the Z85 encoding format.
|
||||||
encoding format. For servers, the public key must be persisted and
|
The public key must always be used with the matching secret key. To
|
||||||
shared through some unspecified but secure mechanism to clients. The
|
generate a public/secret key pair, use linkzmq:zmq_curve_keypair[3].
|
||||||
public key must always be used with the matching secret key generated
|
|
||||||
at the same time. To generate a public/secret key pair, use the
|
|
||||||
tools/curve_keygen tool.
|
|
||||||
|
|
||||||
[horizontal]
|
[horizontal]
|
||||||
Option value type:: binary data or Z85 text string
|
Option value type:: binary data or Z85 text string
|
||||||
@ -659,7 +657,8 @@ ZMQ_CURVE_SECRETKEY: Set CURVE secret key
|
|||||||
Sets the socket's long term secret key. You must set this on both CURVE
|
Sets the socket's long term secret key. You must set this on both CURVE
|
||||||
client and server sockets, see linkzmq:zmq_curve[7]. You can provide the
|
client and server sockets, see linkzmq:zmq_curve[7]. You can provide the
|
||||||
key as 32 binary bytes, or as a 40-character string encoded in the Z85
|
key as 32 binary bytes, or as a 40-character string encoded in the Z85
|
||||||
encoding format.
|
encoding format. To generate a public/secret key pair, use
|
||||||
|
linkzmq:zmq_curve_keypair[3].
|
||||||
|
|
||||||
[horizontal]
|
[horizontal]
|
||||||
Option value type:: binary data or Z85 text string
|
Option value type:: binary data or Z85 text string
|
||||||
@ -674,7 +673,7 @@ ZMQ_CURVE_SERVERKEY: Set CURVE server key
|
|||||||
Sets the socket's long term server key. You must set this on CURVE client
|
Sets the socket's long term server key. You must set this on CURVE client
|
||||||
sockets, see linkzmq:zmq_curve[7]. You can provide the key as 32 binary
|
sockets, see linkzmq:zmq_curve[7]. You can provide the key as 32 binary
|
||||||
bytes, or as a 40-character string encoded in the Z85 encoding format.
|
bytes, or as a 40-character string encoded in the Z85 encoding format.
|
||||||
This key must be the same as the public key set on the server socket.
|
This key must have been generated together with the server's secret key.
|
||||||
|
|
||||||
[horizontal]
|
[horizontal]
|
||||||
Option value type:: binary data or Z85 text string
|
Option value type:: binary data or Z85 text string
|
||||||
|
Loading…
x
Reference in New Issue
Block a user