rend-spec: Note that the subject key in enc-key-cert always has sign=0. (!240) · Merge requests · The Tor Project / Core / Tor Specifications

Nick Mathewson requested to merge nickm/torspec:arti_1221 into main Jan 16, 2024

This behavior is incorrect from the POV of preserving the key as a signing key, but it is what C Tor does. See setup_desc_intro_point, which has:

    ed25519_public_key_from_curve25519_public_key(&ed25519_pubkey,
                                                  &ip->enc_key_kp.pubkey,
                                                  0);

The "incorrectness" doesn't matter in practice: since we have the subject and signing keys inverted in this certificate, we never have to actually verify anything using this public key.

Found while investigating arti#1221 (closed).

rend-spec: Note that the subject key in enc-key-cert always has sign=0.

Merge request reports