[tor-bugs] #18875 [Metrics/metrics-lib]: Consider replacing RelayNetworkStatusVote's getDirectorySignatures() with getDirectorySignature()

[Tor Bug Tracker & Wiki]

#18875: Consider replacing RelayNetworkStatusVote's getDirectorySignatures() with
getDirectorySignature()
---------------------------------+-------------------------
 Reporter:  karsten              |          Owner:  karsten
     Type:  enhancement          |         Status:  new
 Priority:  Medium               |      Milestone:
Component:  Metrics/metrics-lib  |        Version:
 Severity:  Normal               |     Resolution:
 Keywords:                       |  Actual Points:
Parent ID:                       |         Points:
 Reviewer:                       |        Sponsor:
---------------------------------+-------------------------

Comment (by teor):

 I think the underlying question here is:
 "What will happen when we stop using SHA1/RSA_PKCS1_PADDING for our
 consensus digests?"

 I would imagine we'll have to sign both SHA1/RSA_PKCS1_PADDING and
 SHA256/ED25519(?) for a while.

 I also have a related question:
 What is the "String" key in the current metrics-lib
 getDirectorySignatures() map?
 How does it handle signatures from legacy keys?

 I'd suggest passing the algorithm / identity / signing key digest to the
 function (if they're not already implicit as part of the
 RelayNetworkStatusVote object).
 That way, you can return the appropriate signature.
 Perhaps it's worth having a form of the function with sensible defaults,
 like `getDirectorySignatureSHA1RSA()`, which would get the SHA1/RSA
 signature from the most recent signing key for that authority.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18875#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online