Skip to content

Key management backend

Clients need private keys to handle onion service authorization. These are associated with a single onion service, and possibly (#542 (closed)) associated with a single request.

Onion services need a private key (which can be offline) for the onion identity, and a set of private signing keys (one for each time period). Additionally, onion services need to manage a set of shorter-term private keys that they use to identify themselves to introduction points.

In general we want:

  • the ability to load keys from disk
  • the ability to generate keys automatically if they don't exist
  • the ability to generate appropriate keys and certificates offline, via CLI
  • not too much duplicated code.

We may want:

  • encrypted keys on disk (though probably not yet)
  • backward compatibility with Tor stored key and certificate formats

It would be very easy to over-engineer all of this!

(Eventually we'll need to deal with relays' and dirauths' keys too.)