[tor-bugs] #22029 [Core Tor/Tor]: Allow ed25519 keys to be banned in the approved-routers file

Tor Bug Tracker & Wiki blackhole at torproject.org
Mon Feb 4 14:34:05 UTC 2019 

#22029: Allow ed25519 keys to be banned in the approved-routers file
-------------------------------------------------+-------------------------
 Reporter:  teor                                 |          Owner:  neel
     Type:  enhancement                          |         Status:
                                                 |  assigned
 Priority:  Medium                               |      Milestone:  Tor:
                                                 |  unspecified
Component:  Core Tor/Tor                         |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:  034-triage-20180328,                 |  Actual Points:
  034-removed-20180328                           |
Parent ID:                                       |         Points:  1
 Reviewer:                                       |        Sponsor:
-------------------------------------------------+-------------------------

Comment (by nickm):

 Replying to [comment:10 neel]:
 > The function `dirserv_load_fingerprint_file()` reads the file `approved-
 routers`. I have a few questions:
 >
 >  1. Should the ed25519 key in the `approved-routers` file be a
 base16-encoded key (similar to what we do right now with RSA
 fingerprints)?

 I think it should base64-encoded; that's how ed25519 keys are printed
 everywhere else in Tor.

 >  2. Would it be okay that if a ed25519 key was given, I check keypin
 hashtable to get the relay's corresponding RSA key and then add it to the
 list? I propose will be done with a new function that searches the ed25519
 keypin hash table for each entry until a matching ed25519 key is given,
 and then return a corresponding RSA key.

 I think it should just store the ed25519 keys, and look up by the ed25519
 key.

 > I am concerned with Point 2 however because of the O(n^2^) running time
 from needing to go through the list of all Tor relays. Another concern is
 that mapping ed25519 to RSA could mean we prolong the life of the RSA
 code.
 >
 > Would it be better to overhaul the relay data structures to be
 ed25519-first and then do this?

 I think that might be a good idea, but instead of being ed25519-only, we
 should make it handle both ed25519 _and_ RSA keys.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/22029#comment:11>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list