[tor-bugs] #16229 [Stem]: Teach Stem to understand post-prop220 descriptors
Tor Bug Tracker & Wiki
blackhole at torproject.org
Thu May 28 21:16:23 UTC 2015
#16229: Teach Stem to understand post-prop220 descriptors
-------------------------------------------------+-------------------------
Reporter: isis | Owner: atagar
Type: defect | Status: new
Priority: normal | Milestone:
Component: Stem | Version:
Keywords: prop220, ed25519, bridgedb-parsers, | Actual Points:
crypto, python | Points:
Parent ID: |
-------------------------------------------------+-------------------------
For proposal !#220 (#12498), Ed25519-SHA-512 router identity and signing
keys were added for relays (and soon for bridges?).
* The Ed25519 identity key may be optionally kept offline, and it is
used to sign the Ed25519 signing key.
* The Ed25519 signing key is used to sign everything the normal RSA-
based router `signing-key` would sign.
All Ed25519 keys are kept in a ''very'' strange certificate (it uses
OpenSSL certificate extensions to store the Ed25519 key, among other
weirdish things). We'll probably want to reference both §2 of proposal
!#220, and probably the code from #12498, to ensure that we're parsing it
correctly. This certificate will mean it'll a bit of a PITA to parse in
Python, but, personally, I rather masochistically enjoy wrangling with
PyOpenSSL's brutish, kludgey internals and am more than willing to help
with this part.
They also cross-certify the normal RSA-based identity keys. From proposal
!#220:
{{{
Note that these keys cross-certify as follows: the ed25519 identity
key signs the ed25519 signing key in the certificate. The ed25519
signing key signs itself and the ed25519 identity key and the RSA
identity key as part of signing the descriptor. And the RSA identity
key also signs all three keys as part of signing the descriptor.
}}}
These new keys and their related fields will be appearing in ''both'' the
`@type [bridge-]server-descriptor`s and the `@type [bridge-]extrainfo`
descriptors, for routers running Tor>=0.2.7.x (0.2.7.1??), and so Stem's
parsers for both types of descriptor will need to take these things into
account.
We'll also need to decide if it is permissible to bring in a Python
dependency to Stem. If so, there are two good Python Ed25519 modules (to
my current knowledge):
1. [https://pypi.python.org/pypi/ed25519/ Brian Warner's Python
extension which wraps the SUPERCOP Ed25519 reference code]:
|| '''Caveats''' || '''Benefits''' ||
|| It has some type/encoding conversions which don't look quite fool-
proof. || More Pythonic interface. ||
|| It also would be somewhat impossible to dig into the internals of it
(from Stem's code) should we need to do something weird (we might), since
the internals are buried in the underlying C code. || Faster. ||
|| Very little documentation. || Has tests. ||
|| No interface for taking advantage of Ed25519 batch signature
verification. || Has a notion of string prefixes for signed messages
(which would come in particularly handy for Tor's case). ||
2. [http://ed25519.cr.yp.to/python/ed25519.py djb's pure-Python
reference version]:
|| '''Caveats''' || '''Benefits''' ||
|| Slower. || More malleable. ||
|| Rather "academic" code… entirely undocumented. Also, ''"Unittests?
What's a unittest?"'' || It's quite clear what the code is doing, even
without documentation. ||
|| Completely duck-typed; we'd have to be careful what we pass to its
functions. || ||
|| Rather poor exception raising/handling. We'd likely have to to `except
Exception as error` and then parse the message to figure out where
something went wrong. || ||
|| No interface for taking advantage of Ed25519 batch signature
verification. || Has some functions for low-level point and curve
operations. ||
Despite the above caveats and benefits, on a cursory reading of both, the
latter looks of better use for parsing-only (i.e. not for signing or key
creation).
'''Related Tickets:''' #12498 #15055 #16227
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/16229>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list