[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #16944 [Tor]: We need a "never make or load an online master key" option

#16944: We need a "never make or load an online master key" option
-------------------------+-------------------------------------------------
     Reporter:  nickm    |      Owner:
         Type:           |     Status:  needs_review
  enhancement            |  Milestone:  Tor: 0.2.7.x-final
     Priority:  normal   |    Version:
    Component:  Tor      |   Keywords:  PostFreeze027 TorCoreTeam201509
   Resolution:           |  ed25519
Actual Points:           |  Parent ID:
       Points:           |
-------------------------+-------------------------------------------------

Comment (by s7r):

 OK, test passed.

 1. No ed25519 key files in $datadirectory/keys:
 {{{
 Sep 01 18:27:01.000 [warn] No key found in
 /root/torsrc/data/keys/ed25519_master_id_secret_key or
 /root/torsrc/data/keys/ed25519_master_id_public_key.
 Sep 01 18:27:01.000 [warn] Can't load master identity key;
 OfflineMasterKey is set.
 Sep 01 18:27:01.000 [err] Error initializing keys; exiting
 }}}

 2. Only valid cert and medium term signing key:
 {{{
 Sep 01 18:28:37.000 [warn] No key found in
 /root/torsrc/data/keys/ed25519_master_id_secret_key or
 /root/torsrc/data/keys/ed25519_master_id_public_key.
 Sep 01 18:28:37.000 [warn] Master public key was absent; inferring from
 public key in signing certificate and saving to disk.
 }}}

 3. Expired cert and medium term signing key:
 {{{
 Sep 01 18:31:41.000 [notice] It looks like I need to generate and sign a
 new medium-term signing key, because the one I have is expired. To do
 that, I need to load the permanent master identity key.
 Sep 01 18:31:41.000 [warn] No key found in
 /root/torsrc/data/keys/ed25519_master_id_secret_key or
 /root/torsrc/data/keys/ed25519_master_id_public_key.
 Sep 01 18:31:41.000 [warn] Can't load master identity key;
 OfflineMasterKey is set.
 Sep 01 18:31:41.000 [err] Error initializing keys; exiting
 }}}

 All good. Someone could have a look at the code so we can safely merge
 this.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/16944#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs