Sign in to follow this  
deadserious

Calculating a Read-Only Secret

Recommended Posts

I am creating my own shared secrets and would like to calculate what the read-only secret would be for that ID without entering it into the GUI. I assumed it was a hash-base64 encode of the writable shared secret, but can't find the right hash, so probably am way off.

Can someone toss me a bone and share how the readonly key is calculated from the shared secret?

Share this post


Link to post
Share on other sites

The devs are over secretive to disclose internals as yet - but there is a way to generate RO keys from RW keys:


btsync --get-ro-secret <full-access-secret>

The process is different for standard secrets and custom/longer secrets so this is the best way to do it anyway.

Share this post


Link to post
Share on other sites

The devs are over secretive to disclose internals as yet - but there is a way to generate RO keys from RW keys:


btsync --get-ro-secret <full-access-secret>

The process is different for standard secrets and custom/longer secrets so this is the best way to do it anyway.

I don't believe this works on Windows. When I try I just get an error that BTSync is already running.

Share this post


Link to post
Share on other sites

Indeed. Try the linux binary under cygwin just for this or use a linux instance remotely. :)

Unfortunately the first isn't feasible for my usecase. The second might work as a temporary hack I guess. But that won't be workable long term for what I'm building.

Share this post


Link to post
Share on other sites

Can someone toss me a bone and share how the readonly key is calculated from the shared secret?

So far it appears that the Read only secret is the string "RONLY" followed by a 512 bit hash of something then urlencoded.

I'm having a hard time figuring out what that 512 bit hash is. I've tried hashing the original secret with SHA2 and SHA3. It might be multiple iterations, but so far I haven't figured out how many if it is. If anyone else has any input or findings, that would be great.

Share this post


Link to post
Share on other sites

It would be great if I could get an official response from the Sync team. Even if they aren't permitted to give out this info yet, I'd like to hear that they know about this request for help.

Still would love to get some help here.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Sign in to follow this