tor-relay-crypto: Temporarily comment out RelaySigningKeySpecifier. (!2527) · Merge requests · The Tor Project / Core / Arti

gabi-250 requested to merge gabi-250/arti:relaysign-specifier into main Oct 14, 2024

The RelaySigningKeySpecifier is currently defined as:

#[non_exhaustive]
#[derive(Deftly, PartialEq, Debug, Constructor)]
#[derive_deftly(KeySpecifier)]
#[deftly(prefix = "relay")]
#[deftly(role = "KP_relaysign_ed")]
#[deftly(summary = "Relay medium-term signing keypair")]
/// The key sepcifier of the relay medium-term signing key (RelaySigningKeypair)
pub struct RelaySigningKeySpecifier;

This means there can only be a single relaysign_ed key with an ArtiPath of the form relay/KP_relaysign_ed. This is a problem, because relays storing their identity key offline will want to generate a number of relaysign_ed keys ahead of time, so we need the keystores to be able to contain multiple such keys. We will need their ArtiPath to encode a variable component (for example, a timestamp).

We also need to teach KeyMgr to retrieve such keys (KeyMgr::get should return the first key that has a valid and timely certificate).

This will involve extending the KeySpecifier trait with a function for obtaining the KeySpecifier of the certificate of the key, if there is one.

For now, let's comment it out and rethink its ArtiPath as part of #1692 (closed).

tor-relay-crypto: Temporarily comment out RelaySigningKeySpecifier.

Merge request reports