[tor-bugs] #16679 [Tor]: Ed25519 --keygen won't work
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Jul 29 08:58:01 UTC 2015
#16679: Ed25519 --keygen won't work
------------------------+-----------------------------------
Reporter: s7r | Owner:
Type: defect | Status: new
Priority: normal | Milestone: Tor: 0.2.7.x-final
Component: Tor | Version: Tor: 0.2.7.2-alpha
Resolution: | Keywords: ed25519 identity keys
Actual Points: | Parent ID:
Points: |
------------------------+-----------------------------------
Comment (by s7r):
Even this error makes it look like the process fails to generate keys, it
actually generates a master ID key, signing key and key-cert in
$HOME/.tor/keys.
We should configure it that it would save the master id key to working
directory (where the command is run) and not in $HOME/.tor/keys, unless
otherwise specified via --datadirectory argument.
Secondly, why does it also generate automatically a signing key and key-
cert? With what validity period, since it never asks? I assume it is just
using the defaults of 30 days.
When --keygen command is run manually, Tor should just create an ed25519
master ID key. Signing key and key-cert should be generated with a second
command, which would require the master ID key and a SigningKeyLifetime
argument. When the master ID key is in /datadirectory/keys, it is not
password protected and Tor service is started, then Tor can automatically
create a signing key and key-cert with the validity period in torrc's
SigningKeyLifetime (30 days unless specified otherwise).
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/16679#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list