eliminate all but one use of `KeyMgr::get::<HsIdKeypair>()` (!2393) · Merge requests · The Tor Project / Core / Arti

amjoseph requested to merge amjoseph/arti:pr/arti/keymgr/use-keypairs-if-available into main Sep 07, 2024

First steps toward #1194 -- this is the low-hanging fruit and is useful even without support for externally signed certificates.

In this comment, @gabi-250 said

here are some of the things that will need to change:

we're going to need to make a number of changes outside of tor-keymgr too. We need to update tor-hsservice to support running without an hsid. Currently a bunch of different places assume the HsIdKeypair is present in one of the keystores (grep for keymgr.get::<HsIdKeypair>(...) callsites)

It turns out that only one of the (non-testcase) calls to KeyMgr::get::<HsIdKeypair>() needs the secret part of the key. This MR removes all the other calls. It does this by:

Teaching KeySpecifier about the relationship between a public key and its secret keypair
Adding a type-level pointer from a ToEncodableKey to the equivalent ToEncodableKey for its secret keypair (which, for secret keys, is itself)
Using (1) and (2) to allow KeyMgr::get() to successfully satisfy a query for a public key using a secret keypair from the KeyStore (if it contains one).

The remaining call is the one in tor_hsservice::publish which publishes a new descriptor -- dealing with that one will be the hard part of resolving #1194. My next task will be to draft a design doc for doing that, since (unlike this MR) it isn't obvious how to do it.

Best reviewed one commit at a time. The first commit is fairly trivial; it adds some missing From instances.

Edited Sep 07, 2024 by amjoseph

eliminate all but one use of `KeyMgr::get::<HsIdKeypair>()`

Merge request reports