[tor-dev] displaying an ed25519 signing key's expiry date

nusenu nusenu at openmailbox.org
Thu Nov 19 15:39:34 UTC 2015


>>>> How can a tor relay op display a given signing key's expiry date?  
>>>>>   
>>> I don't think there is an option for this.  
>>
>> filed a ticket for it:
>> https://trac.torproject.org/projects/tor/ticket/17639
>>
>>
>> Is there a custom openssl command to display the expiry date until
>> this gets implemented in tor?
> 
> No.  The on disk Ed25519 key format is custom to Tor, and the code
> doesn't use OpenSSL for any of the Ed25519 operations anyway.
> 
> Someone that wants to work on this should find the relevant data
> formats documented in prop 220.

The spec [1] does not mention the first 32 bytes (== ed25519v1-cert:
type4 ==) but after them it is fine.

if anyone else needs a quick'n dirty solution:
python
import time
f = open('ed25519_signing_cert','rb')
x = f.read()
time.ctime(int(x[35:38].encode('hex'),16)*3600)
'Sat Dec 19 02:00:00 2015'




[1]
https://gitweb.torproject.org/torspec.git/tree/proposals/220-ecc-id-keys.txt#n72



More information about the tor-dev mailing list