[tor-dev] Tor's default behavior for ed25519 identities

s7r s7r at sky-ip.org
Tue Aug 11 15:32:03 UTC 2015


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Hi,

Things look good in ed25519_keygen - git-018082ef88b688e2.

I can confirm the last defect was fixed (now it saves to disk
ed25519_master_id_public_key if it only has ed25519_signing_cert -
valid and ed25519_signing_secret_key).

Log messages are fine, no longer saying 'bug' as far as I was able to
try it.

I see that the operations will have the same result as what I've
suggested, so it should be ok.

Can you please ensure that they are called on all signals? Currently,
in the last commit, these operations are not called when we send a
reload (HUP) signal (ed25519_master_id_public_key is not saved to disk
if missing, etc.).

On 8/10/2015 6:04 PM, Nick Mathewson wrote:
> Almost.  Here's what I think is going on:
> 
> 1) Load the secret signing key signing certificate.  If they are 
> absent, or expired, or if --keygen was called, we'll need to
> generate a new one.  If it's going to expire soon, we _want_ to
> generate a new one.
> 
> 2) If we need or want to generate a new signing key, load the
> master ID secret key. Otherwise, don't try.  If we try to load it
> and it's absent or encrypted, log a message.  If we need to
> generate a new signing key then exit on error; otherwise just
> warn.
> 
> 2b) If we fail to load the master ID secret key, and there were no 
> other keys in the keys directory, then generate a master ID secret
> key and save it.
> 
> 3) Load the master ID public key.  If we loaded a secret key, and
> it doesn't match, log and quit.  If it doesn't match the master ID
> public key in a certificate we loaded, log and quit.  If we have
> the public key from one of those other sources and the master ID
> public key file is missing, recreate it.
> 
> 4) At this point, if we need to generate a new signing key and
> cert, and we don't have a secret master ID key, exit.
> 
> 5) If we have a have a secret master ID key, and we need or want
> to generate a new signing key and cert, do so, and save them.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (MingW32)

iQEcBAEBCAAGBQJVyhVyAAoJEIN/pSyBJlsRzrAIAM8Jnfhtz687jqH3Dy/Z006J
luA6yHbP/csCk0VNLAu3FK64MaK1FZudfgb9sFoCv7xApZh1BSnIAbdtjz4cOusd
BJwEQU/XadAXuLiCj9/IKB34PX3oenNiCazA9RoAT4GvTesilZUc2PsAvUpC7cet
mMCZasyiHBp9wvcJnuM+3GZ5VUNqOD4q5afdAkq2ABq4rNbDz5x6upO6+sD87wry
BiUfQgA37JLCuIzFfYbrNfxjBiG5ig/CZDXsH44BINa24c2m4i2jZbqMGya9vh3G
RL6KG9k1Ap4vkUkPC9CrFT/bs0DRQKCHiMdyMn24thpT4nya6ACUR+RRQLumDzI=
=Qlku
-----END PGP SIGNATURE-----


More information about the tor-dev mailing list