[tor-bugs] #22029 [Core Tor/Tor]: Allow ed25519 keys to be banned in the approved-routers file
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sun Feb 3 16:45:59 UTC 2019
#22029: Allow ed25519 keys to be banned in the approved-routers file
-------------------------------------------------+-------------------------
Reporter: teor | Owner: neel
Type: enhancement | Status:
| assigned
Priority: Medium | Milestone: Tor:
| unspecified
Component: Core Tor/Tor | Version:
Severity: Normal | Resolution:
Keywords: 034-triage-20180328, | Actual Points:
034-removed-20180328 |
Parent ID: | Points: 1
Reviewer: | Sponsor:
-------------------------------------------------+-------------------------
Comment (by neel):
The function `dirserv_load_fingerprint_file()` reads the file `approved-
routers`. I have a few questions:
1. Should the ed25519 key in the `approved-routers` file be a
base16-encoded key (similar to what we do right now with RSA
fingerprints)?
2. Would it be okay that if a ed25519 key was given, I check keypin
hashtable to get the relay's corresponding RSA key and then add it to the
list? I propose will be done with a new function that searches the ed25519
keypin hash table for each entry until a matching ed25519 key is given,
and then return a corresponding RSA key.
I am concerned with Point 2 however because of the O(n^2^) running time
from needing to go through the list of all Tor relays. Another concern is
that mapping ed25519 to RSA could mean we prolong the life of the RSA
code.
Would it be better to overhaul the relay data structures to be
ed25519-first and then do this?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/22029#comment:10>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list