keymgr: Write a registry sketch.
This comment will form the basis for the protocol name registry.
This commit is contained in:
parent
4b72da73b3
commit
1e002b14c9
|
@ -16,9 +16,56 @@ use std::path::PathBuf;
|
||||||
use std::sync::Arc;
|
use std::sync::Arc;
|
||||||
|
|
||||||
/// The algorithm string for x25519 SSH keys.
|
/// The algorithm string for x25519 SSH keys.
|
||||||
//
|
///
|
||||||
// TODO HSS: start a protocol name registry in the torspec repo and document the usage and purpose
|
// TODO HSS: start a protocol name registry in the torspec repo and document the usage and purpose
|
||||||
// of this "protocol" name.
|
// of this "protocol" name:
|
||||||
|
//
|
||||||
|
// ### Assigned Additional Algorithm Names
|
||||||
|
//
|
||||||
|
// #### Registration Procedure(s)
|
||||||
|
//
|
||||||
|
// TODO
|
||||||
|
//
|
||||||
|
// #### NOTE
|
||||||
|
//
|
||||||
|
// The algorithm names MUST meet the criteria for additional algorithm names described in [RFC4251
|
||||||
|
// § 6].
|
||||||
|
//
|
||||||
|
// We reserve the following custom OpenSSH key types:
|
||||||
|
//
|
||||||
|
// +---------------------------+--------------------+---------------------+------------------------+
|
||||||
|
// | Public Key Algorithm Name | Public Key Format | Private Key Format | Purpose |
|
||||||
|
// |---------------------------|--------------------|---------------------|------------------------|
|
||||||
|
// | x25519@torproject.org | [TODO link to spec | [TODO link to spec | Arti keystore storage |
|
||||||
|
// | | describing the key | describing the key | format |
|
||||||
|
// | | format] | format] | |
|
||||||
|
// | | | | |
|
||||||
|
// +---------------------------+--------------------+---------------------+------------------------+
|
||||||
|
//
|
||||||
|
// [RFC4251 § 6]: https://www.rfc-editor.org/rfc/rfc4251.html#section-6
|
||||||
|
//
|
||||||
|
// <The following will go in the document that describes the x25519@torproject.org key format>
|
||||||
|
//
|
||||||
|
// # x25519@torproject.org OpenSSH Keys
|
||||||
|
//
|
||||||
|
// ## Introduction
|
||||||
|
//
|
||||||
|
// X25519 keys do not have a predefined SSH key algorithm name in [IANA's Secure Shell(SSH)
|
||||||
|
// Protocol Parameters], so in order to be able to store this type of key in OpenSSH format,
|
||||||
|
// we need to define a custom OpenSSH key type.
|
||||||
|
//
|
||||||
|
// ## Key Format
|
||||||
|
//
|
||||||
|
// An x25519@torproject.org public key file is encoded in the format specified in
|
||||||
|
// [RFC4716 § 3.4].
|
||||||
|
//
|
||||||
|
// Private keys use the format specified in [PROTOCOL.key].
|
||||||
|
//
|
||||||
|
// TODO: flesh out the RFC and write down a concrete example for clarity.
|
||||||
|
//
|
||||||
|
// [IANA's Secure Shell(SSH) Protocol Parameters]: https://www.iana.org/assignments/ssh-parameters/ssh-parameters.xhtml#ssh-parameters-19
|
||||||
|
// [RFC4716 § 3.4]: https://datatracker.ietf.org/doc/html/rfc4716#section-3.4
|
||||||
|
// [PROTOCOL.key]: https://cvsweb.openbsd.org/src/usr.bin/ssh/PROTOCOL.key?annotate=HEAD
|
||||||
pub(crate) const X25519_ALGORITHM_NAME: &str = "x25519@torproject.org";
|
pub(crate) const X25519_ALGORITHM_NAME: &str = "x25519@torproject.org";
|
||||||
|
|
||||||
/// An unparsed OpenSSH key.
|
/// An unparsed OpenSSH key.
|
||||||
|
|
Loading…
Reference in New Issue