Load Tor Hidden Service Key via Tor Control Protocol
All the applications embedding Tor binaries (TorChat, APAF Framework, GlobaLeaks) that use Tor Hidden Service have to setup a Tor Hidden Service.
Currently Tor Hidden Services are created automatically by Tor into the Tor HiddenServiceDir configuration directive, by creating two files:
- private key
- file containing the hostname
This method of activation/configuration of Tor HS data is not particularly application integration friendly because:
- It require Filesystem operations just to know the hostname of a TorHS
- Make difficult to protect the Tor HS Private Key (Use need filesystem encryption rather than just application-level encryption to preserve this private data)
This feature enhancement propose to let the creation of a Tor Hidden Service by loading the required files and configuration via Tor Control Protocol.
That way Python application via TorCtl/TxTorCon would be able to create and setup TorHS by loading the Private Key dynamically on-boot.
The applications that way would be able to store in an application database all the information to write-from-scratch Tor configuration and Tor HS data.
The application database maybe encrypted, to protect the Tor HS private key and prevent Tor HS hijacking in case of computer seizure.