Skip to content

GitLab

Trac
Trac

GitLab is used only for code review, issue tracking and project management. Canonical locations for source code are still https://gitweb.torproject.org/ https://git.torproject.org/ and git-rw.torproject.org.

Closed (moved)
Opened by naif@naif

Load Tor Hidden Service Key via Tor Control Protocol

Rationale

All the applications embedding Tor binaries (TorChat, APAF Framework, GlobaLeaks) that use Tor Hidden Service have to setup a Tor Hidden Service.

Currently Tor Hidden Services are created automatically by Tor into the Tor HiddenServiceDir configuration directive, by creating two files:

  • private key
  • file containing the hostname

This method of activation/configuration of Tor HS data is not particularly application integration friendly because:

  • It require Filesystem operations just to know the hostname of a TorHS
  • Make difficult to protect the Tor HS Private Key (Use need filesystem encryption rather than just application-level encryption to preserve this private data)

This feature enhancement propose to let the creation of a Tor Hidden Service by loading the required files and configuration via Tor Control Protocol.

That way Python application via TorCtl/TxTorCon would be able to create and setup TorHS by loading the Private Key dynamically on-boot.

The applications that way would be able to store in an application database all the information to write-from-scratch Tor configuration and Tor HS data.

The application database maybe encrypted, to protect the Tor HS private key and prevent Tor HS hijacking in case of computer seizure.

To upload designs, you'll need to enable LFS and have admin enable hashed storage. More information