[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] displaying an ed25519 signing key's expiry date

To: tor-dev@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-dev] displaying an ed25519 signing key's expiry date
From: nusenu <nusenu@xxxxxxxxxxxxxxx>
Date: Thu, 19 Nov 2015 15:39:34 +0000
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 19 Nov 2015 10:40:04 -0500
Dkim-signature: v=1; a=rsa-sha256; c=simple/simple; d=openmailbox.org; s=openmailbox; t=1447947590; bh=5ERtXxTUzf9B7qxLeub2c0alEp2W/IQyOwXhmQLetGI=; h=From:Subject:To:References:Date:In-Reply-To:From; b=UwFwKDOTJJM3hAcyo7xrqlRNl/4CTMRXr9SYmvEf7qhcEllaE8vMRlzOYUQdWRLDh z/+Jdg7yqbDtAsSv1OcLmJiey91RY/8ffGUkjFa1jJ/kn8f7wkOTvrqZfssueowbPL a5iwvOqT3RpjZ/Ey4r4DNMLgcXJU78Q1XWJOjYrc=
Dkim-signature: v=1; a=rsa-sha256; c=simple/simple; d=openmailbox.org; s=openmailbox; t=1447947580; bh=5ERtXxTUzf9B7qxLeub2c0alEp2W/IQyOwXhmQLetGI=; h=From:Subject:To:References:Date:In-Reply-To:From; b=F6rCGmaDejoS6d5u2lKGe9ftYv+07emleOBZx1ZaX7G6B2Ne+W+DXMUJOWzLdryOh 3BggfBM3M2QI0nyFOf8U6og1C1T+/sTs4x1p72u9k6A4A64XI8u1b/R/1i4q4wpVbB kcOEuVT+w5rYufU/fYa3IP99W6jT7qUlqDYe00Z8=
In-reply-to: <20151119121804.4e1e5016@xxxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-dev/>
List-help: <mailto:tor-dev-request@lists.torproject.org?subject=help>
List-id: discussion regarding Tor development <tor-dev.lists.torproject.org>
List-post: <mailto:tor-dev@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=unsubscribe>
References: <5646312E.9060504@xxxxxxxxxxxxxxx> <5648A6CB.5020306@xxxxxxxxxx> <564DB598.9010208@xxxxxxxxxxxxxxx> <20151119121804.4e1e5016@xxxxxxxxxxxxxxx>
Reply-to: tor-dev@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-dev" <tor-dev-bounces@xxxxxxxxxxxxxxxxxxxx>

>>>> How can a tor relay op display a given signing key's expiry date?  
>>>>>   
>>> I don't think there is an option for this.  
>>
>> filed a ticket for it:
>> https://trac.torproject.org/projects/tor/ticket/17639
>>
>>
>> Is there a custom openssl command to display the expiry date until
>> this gets implemented in tor?
> 
> No.  The on disk Ed25519 key format is custom to Tor, and the code
> doesn't use OpenSSL for any of the Ed25519 operations anyway.
> 
> Someone that wants to work on this should find the relevant data
> formats documented in prop 220.

The spec [1] does not mention the first 32 bytes (== ed25519v1-cert:
type4 ==) but after them it is fine.

if anyone else needs a quick'n dirty solution:
python
import time
f = open('ed25519_signing_cert','rb')
x = f.read()
time.ctime(int(x[35:38].encode('hex'),16)*3600)
'Sat Dec 19 02:00:00 2015'




[1]
https://gitweb.torproject.org/torspec.git/tree/proposals/220-ecc-id-keys.txt#n72

_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

References:
- [tor-dev] documentation for new offline master key functionality (--keygen is undocumented)
  - From: nusenu
- Re: [tor-dev] documentation for new offline master key functionality (--keygen is undocumented)
  - From: s7r
- Re: [tor-dev] displaying an ed25519 signing key's expiry date
  - From: nusenu
- Re: [tor-dev] displaying an ed25519 signing key's expiry date
  - From: Yawning Angel

Prev by Author: Re: [tor-dev] documentation for new offline master key functionality (--keygen is undocumented)
Next by Author: Re: [tor-dev] OfflineMasterKey / ansible-relayor
Previous by thread: Re: [tor-dev] displaying an ed25519 signing key's expiry date
Next by thread: [tor-dev] possible to run --keygen non-interactively?
Index(es):
- Author
- Thread