From dc78d89f4f6db1a8c5f95f312104f88cc79d9b33 Mon Sep 17 00:00:00 2001 From: Jussi Kukkonen Date: Mon, 22 Jun 2020 13:59:36 +0300 Subject: [PATCH] Update Tutorial on dependency installation * Remove reference to deprecated settings * Mention that the tutorial expects the dependencies and link to instructions Signed-off-by: Jussi Kukkonen --- docs/TUTORIAL.md | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/docs/TUTORIAL.md b/docs/TUTORIAL.md index 59e54622..9d217eeb 100644 --- a/docs/TUTORIAL.md +++ b/docs/TUTORIAL.md @@ -65,15 +65,17 @@ updates. The repository tool supports multiple public-key algorithms, such as [RSA](https://en.wikipedia.org/wiki/RSA_%28cryptosystem%29) and [Ed25519](https://ed25519.cr.yp.to/), and multiple cryptography libraries. -Which cryptography library to use is determined by the default, or user modified, -settings in [settings.py](../tuf/settings.py). Using [RSA-PSS](https://tools.ietf.org/html/rfc8017#section-8.1) or [ECDSA](https://en.wikipedia.org/wiki/Elliptic_Curve_Digital_Signature_Algorithm) signatures requires the [cryptography](https://cryptography.io/) library. If generation of Ed25519 signatures is needed -[PyNaCl](https://github.com/pyca/pynacl) library should be installed. -Ed25519 and ECDSA keys are stored in JSON format and RSA keys are stored in PEM +[PyNaCl](https://github.com/pyca/pynacl) library should be installed. This +tutorial assumes both dependencies are installed: refer to +[Installation Instructions](INSTALLATION.rst#install-with-more-cryptographic-flexibility) +for details. + +The Ed25519 and ECDSA keys are stored in JSON format and RSA keys are stored in PEM format. Private keys are encrypted and passphrase-protected (strengthened with PBKDF2-HMAC-SHA256.) Generating, importing, and loading cryptographic key files can be done with functions available in the repository tool. @@ -82,7 +84,6 @@ To start, a public and private RSA key pair is generated with the `generate_and_write_rsa_keypair()` function. The keys generated next are needed to sign the repository metadata files created in upcoming sub-sections. - Note: In the instructions below, lines that start with `>>>` denote commands that should be entered by the reader, `#` begins the start of a comment, and text without prepended symbols is the output of a command.