[tor-bugs] #12498 [Tor]: Implement ed25519 identity keys (prop 220)

Tor Bug Tracker & Wiki blackhole at torproject.org
Thu May 28 14:07:13 UTC 2015


#12498: Implement ed25519 identity keys (prop 220)
-------------------------+-------------------------------------------------
     Reporter:  asn      |      Owner:  nickm
         Type:  task     |     Status:  needs_review
     Priority:  major    |  Milestone:  Tor: 0.2.7.x-final
    Component:  Tor      |    Version:  Tor: 0.2.7
   Resolution:           |   Keywords:  026-triaged-1, 027-triaged-1-in,
Actual Points:           |  SponsorU
       Points:  large    |  Parent ID:  #15054
-------------------------+-------------------------------------------------

Comment (by nickm):

 Replying to [comment:26 asn]:
 > Hello, here is a small code review of the current
 `12498_ed25519_keys_v5` branch up to `b52da5b`. I might get to the rest of
 the branch but not sure if it's going to happen RSN.
 >
 > - I think there is a memleak when parsing identity lines on
 microdescriptors. The code seems to allow multiple such identity lines,
 but then for each one we do
 >
 > {{{
 > md->ed25519_identity_pkey = tor_memdup(&k, sizeof(k));
 > }}}
 >   without first cleaning the previously memdup'ed memory. Why would
 multiple `id ed25519` lines be allowed?

 Should be fixed in e58e44cbe3822508e185e3c13af4013df97ead71

 > - I'm not sure what this 'tag' thing is on `ed_key_init_from_file()`. I
 don't see it explained anywhere.
 >

 It's documented for crypto_read/write_tagged_contents_to/from_file

 > - `ed25519_cert_encoded_len()` can return -1 but it's retval is never
 checked. I think that's OK because all its input is generated by us, but
 might as well mention it here.
 >

 8bff91adbdb5e9af9e1152cecc30a34c6af8a5e2  should fix this.


 > - Comment typo "not just and" at:

 19ed5341751e09c2ecbe0757641376e096e0d0d3 should fix this.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/12498#comment:27>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list