HorizonStackSoftware/optima
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity

switch to PKCS#8 key format for Bun compatibility

Browse Source
This commit is contained in:
Jackson Roberts
2026-02-25 22:14:19 -06:00
parent 05bab2c90f
commit 49faf97c9b
4 changed files with 105 additions and 57 deletions
Download Patch File Download Diff File Expand all files Collapse all files
utils/genProductionKeys.ts
+16 -11
View File
@@ -1,4 +1,4 @@
import keypair from "keypair";
import crypto from "crypto";
import { mkdirSync } from "fs";
const outputDir = "production-keys";
@@ -19,14 +19,18 @@ const generatedKeys: Record<string, { private: string; public: string }> = {};
for (const name of keyFiles) {
console.log(`Generating '${name}' key pair (4096-bit RSA)...`);
const keys = keypair({ bits: 4096 });
generatedKeys[name] = keys;
const { privateKey, publicKey } = crypto.generateKeyPairSync("rsa", {
modulusLength: 4096,
privateKeyEncoding: { type: "pkcs8", format: "pem" },
publicKeyEncoding: { type: "spki", format: "pem" },
});
generatedKeys[name] = { private: privateKey, public: publicKey };
const privPath = `${outputDir}/${name}.key`;
const pubPath = `${outputDir}/${name}.pub`;
await Bun.write(privPath, keys.private);
await Bun.write(pubPath, keys.public);
await Bun.write(privPath, privateKey);
await Bun.write(pubPath, publicKey);
console.log(`${privPath}`);
console.log(`${pubPath}`);
@@ -38,14 +42,15 @@ const toBase64 = (str: string) => Buffer.from(str).toString("base64");
const secretYaml = `apiVersion: v1
kind: Secret
metadata:
name: optima-keys
name: optima-keys-secret
namespace: optima
type: Opaque
data:
accessToken.key: ${toBase64(generatedKeys["accessToken"].private)}
refreshToken.key: ${toBase64(generatedKeys["refreshToken"].private)}
permissions.key: ${toBase64(generatedKeys["permissions"].private)}
secureValues.key: ${toBase64(generatedKeys["secureValues"].private)}
secureValues.pub: ${toBase64(generatedKeys["secureValues"].public)}
ACCESS_TOKEN_PRIVATE_KEY: ${toBase64(generatedKeys["accessToken"].private)}
REFRESH_TOKEN_PRIVATE_KEY: ${toBase64(generatedKeys["refreshToken"].private)}
PERMISSIONS_PRIVATE_KEY: ${toBase64(generatedKeys["permissions"].private)}
SECURE_VALUES_PRIVATE_KEY: ${toBase64(generatedKeys["secureValues"].private)}
SECURE_VALUES_PUBLIC_KEY: ${toBase64(generatedKeys["secureValues"].public)}
`;
const secretPath = `${outputDir}/optima-keys-secret.yaml`;