[tor-bugs] #18875 [Metrics/metrics-lib]: Consider replacing RelayNetworkStatusVote's getDirectorySignatures() with getDirectorySignature()

Tor Bug Tracker & Wiki blackhole at torproject.org
Mon Jul 4 16:15:15 UTC 2016 

#18875: Consider replacing RelayNetworkStatusVote's getDirectorySignatures() with
getDirectorySignature()
---------------------------------+------------------------------
 Reporter:  karsten              |          Owner:  karsten
     Type:  enhancement          |         Status:  needs_review
 Priority:  Medium               |      Milestone:
Component:  Metrics/metrics-lib  |        Version:
 Severity:  Normal               |     Resolution:
 Keywords:                       |  Actual Points:
Parent ID:  #19398               |         Points:
 Reviewer:                       |        Sponsor:
---------------------------------+------------------------------

Comment (by karsten):

 Replying to [comment:8 iwakeh]:
 > Assuming we don't verify the algorithm strings then your implementation
 is fine.

 Great!  Thanks for looking!

 > I have another question:
 > The [https://gitweb.torproject.org/torspec.git/tree/dir-spec.txt#n2044
 dir-spec, line 2044ff] states that currently there can be two types of
 algorithms.  With the reasoning above (comment:3) won't there be the
 situation that some provide sha1, some sha256, others both? If so, the
 signing key digest would be null for the non-default version, even though
 there is a signing key, i.e. collector/metrics-lib only provides the
 [https://gitweb.torproject.org/user/karsten/metrics-
 lib.git/tree/src/org/torproject/descriptor/impl/RelayNetworkStatusVoteImpl.java?h=task-18875&id=9a25bac82726e567bc1885d7d431b652d9217a84#n610
 signing key digest] of the default algorithm, is that intended?

 Huh, very good point.  And now that I look closer at the
 `getSigningKeyDigest()` method, I'd say let's deprecate and later remove
 it.  It's a convenience method that, however, makes the implicit
 assumption on the descriptor that there's at least one signature made with
 "sha1".  We're not making any data inaccessible by taking out that method,
 but we're removing a possible source of confusion.  Please take another
 look at [https://gitweb.torproject.org/user/karsten/metrics-
 lib.git/log/?h=task-18875 my updated branch].  Thanks!

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18875#comment:9>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list