Tor could ship with a tool to offline generate all the various keys, encrypt and sign with them, for debug, test, and use with other apps that tie to tor. And a tool to translate strings between different encodings in use. Or at least provide howto and links in the docs to third party tools that users could use for key ops and translation. Since those howto topics appear on the lists now and then. We here might code up openssl, python functions, etc on the fly. However beginning users are typically looking for simple purpose dedicated tools, or example docs using prebuilt tools off the net. This tends to apply to budding application development in onionland, developing things that look at and use tor, etc.
On 15 Feb (19:02:22), grarpamp wrote:
Tor could ship with a tool to offline generate all the various keys, encrypt and sign with them, for debug, test, and use with other apps that tie to tor. And a tool to translate strings between different encodings in use. Or at least provide howto and links in the docs to third party tools that users could use for key ops and translation. Since those howto topics appear on the lists now and then. We here might code up openssl, python functions, etc on the fly. However beginning users are typically looking for simple purpose dedicated tools, or example docs using prebuilt tools off the net. This tends to apply to budding application development in onionland, developing things that look at and use tor, etc.
https://trac.torproject.org/projects/tor/ticket/18098
If anyone is looking for a side project ^ :).
Thanks! David
tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
David Goulet:
On 15 Feb (19:02:22), grarpamp wrote:
Tor could ship with a tool to offline generate all the various keys, encrypt and sign with them, for debug, test, and use with other apps that tie to tor. And a tool to translate strings between different encodings in use. Or at least provide howto and links in the docs to third party tools that users could use for key ops and translation. Since those howto topics appear on the lists now and then. We here might code up openssl, python functions, etc on the fly. However beginning users are typically looking for simple purpose dedicated tools, or example docs using prebuilt tools off the net. This tends to apply to budding application development in onionland, developing things that look at and use tor, etc.
https://trac.torproject.org/projects/tor/ticket/18098
If anyone is looking for a side project ^ :).
Thanks! David
tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
I can take a shot at it if people are okay with it being written in Go. I'm not sure if Yawning would be willing to do a review of the code, as I know Yawning does Go stuff. I would need to build this functionality in a project I'm working on anyways.
I'll be a little busy for the next week or so, but I should have a bit of time to work on this after that.
On Thu, 16 Feb 2017 16:59:00 +0000 Vi Grey vigrey@riseup.net wrote:
I can take a shot at it if people are okay with it being written in Go. I'm not sure if Yawning would be willing to do a review of the code, as I know Yawning does Go stuff. I would need to build this functionality in a project I'm working on anyways.
This sort of tooling should (IMO) ideally be written in C, like `tor-gencert`. Don't let my opinion here stop you or anything, and it's just my opinion and does not reflect that of anyone else.
Regards,
Date: Thu, 16 Feb 2017 08:28:42 -0500 From: David Goulet dgoulet@ev0ke.net
On 15 Feb (19:02:22), grarpamp wrote:
Tor could ship with a tool to offline generate all the various keys, encrypt and sign with them, for debug, test, and use with other apps that tie to tor.
https://trac.torproject.org/projects/tor/ticket/18098
If anyone is looking for a side project ^ :).
For ucspi-onion, I wrote a little essentially standalone (requires basically only OpenSSL libcrypto beyond POSIX) oniongen1(1) utility to generate an onion service private key and .onion address:
https://mumble.net/~campbell/hg/ucspi-onion/oniongen1.c https://mumble.net/~campbell/hg/ucspi-onion/oniongen1.1
This supports only RSA1024 keys at the moment, because (a) it's not clear to me that the file formats and ADD_ONION syntax for prop224 keys and .onion addresses are nailed down yet, and (b) it seems that there will necessarily be more work involved with blinded ephemeral keys for prop224 onion services, but I haven't read prop224 closely enough to know what the operational details are.