[tor-dev] displaying an ed25519 signing key's expiry date
nusenu
nusenu at openmailbox.org
Thu Nov 19 15:39:34 UTC 2015
>>>> How can a tor relay op display a given signing key's expiry date?
>>>>>
>>> I don't think there is an option for this.
>>
>> filed a ticket for it:
>> https://trac.torproject.org/projects/tor/ticket/17639
>>
>>
>> Is there a custom openssl command to display the expiry date until
>> this gets implemented in tor?
>
> No. The on disk Ed25519 key format is custom to Tor, and the code
> doesn't use OpenSSL for any of the Ed25519 operations anyway.
>
> Someone that wants to work on this should find the relevant data
> formats documented in prop 220.
The spec [1] does not mention the first 32 bytes (== ed25519v1-cert:
type4 ==) but after them it is fine.
if anyone else needs a quick'n dirty solution:
python
import time
f = open('ed25519_signing_cert','rb')
x = f.read()
time.ctime(int(x[35:38].encode('hex'),16)*3600)
'Sat Dec 19 02:00:00 2015'
[1]
https://gitweb.torproject.org/torspec.git/tree/proposals/220-ecc-id-keys.txt#n72
More information about the tor-dev
mailing list