Expand description
Key manipulation functions for use with public keys.
Tor does some interesting and not-standard things with its curve25519 and ed25519 keys, for several reasons.
In order to prove ownership of a curve25519 private key, Tor
converts it into an ed25519 key, and then uses that ed25519 key to
sign its identity key. We implement this conversion with
convert_curve25519_to_ed25519_public and
convert_curve25519_to_ed25519_private.
In Tor’s v3 onion service design, Tor uses a key blinding
algorithm to derive a publicly known Ed25519 key from a different
Ed25519 key used as the .onion address. This algorithm allows
directories to validate the signatures on onion service
descriptors, without knowing which services they represent. We
implement this blinding operation via blind_pubkey.
§TODO
Recommend more standardized ways to do these things.
Enums§
- Blinding
Error - An error occurred during a key-blinding operation.
Functions§
- blind_
keypair hsv3-service - Blind the ed25519 secret key
skusing the blinding factorh, and return the blinded secret key. - blind_
pubkey hsv3-client - Blind the ed25519 public key
pkusing the blinding factorh, and return the blinded public key. - clamp_
blinding_ 🔒factor hsv3-clientorhsv3-service - Helper: clamp a blinding factor and use it to compute a blinding factor.
- convert_
curve25519_ to_ ed25519_ private cvt-x25519 - Convert a curve25519 private key to an ed25519 private key (and give a sign bit) to use with it, for use in ntor key cross-certification.
- convert_
curve25519_ to_ ed25519_ public - Convert a curve25519 public key (with sign bit) to an ed25519 public key, for use in ntor key cross-certification.
- convert_
ed25519_ to_ curve25519_ private Deprecated cvt-x25519 - Convert an ed25519 private key to a curve25519 private key.