[tor-dev] Prop224 oppurtunity: keygen, crypt, sign, encoding tools
Taylor R Campbell
campbell+tor-dev at mumble.net
Fri Feb 17 07:54:43 UTC 2017
> Date: Thu, 16 Feb 2017 08:28:42 -0500
> From: David Goulet <dgoulet at ev0ke.net>
>
> On 15 Feb (19:02:22), grarpamp wrote:
> > Tor could ship with a tool to offline generate all the
> > various keys, encrypt and sign with them, for debug, test, and
> > use with other apps that tie to tor.
>
> https://trac.torproject.org/projects/tor/ticket/18098
>
> If anyone is looking for a side project ^ :).
For ucspi-onion, I wrote a little essentially standalone (requires
basically only OpenSSL libcrypto beyond POSIX) oniongen1(1) utility to
generate an onion service private key and .onion address:
https://mumble.net/~campbell/hg/ucspi-onion/oniongen1.c
https://mumble.net/~campbell/hg/ucspi-onion/oniongen1.1
This supports only RSA1024 keys at the moment, because (a) it's not
clear to me that the file formats and ADD_ONION syntax for prop224
keys and .onion addresses are nailed down yet, and (b) it seems that
there will necessarily be more work involved with blinded ephemeral
keys for prop224 onion services, but I haven't read prop224 closely
enough to know what the operational details are.
More information about the tor-dev
mailing list