keymgr: Write a registry sketch.
This comment will form the basis for the protocol name registry.
This commit is contained in:
parent
4b72da73b3
commit
1e002b14c9
|
@ -16,9 +16,56 @@ use std::path::PathBuf;
|
|||
use std::sync::Arc;
|
||||
|
||||
/// The algorithm string for x25519 SSH keys.
|
||||
//
|
||||
///
|
||||
// TODO HSS: start a protocol name registry in the torspec repo and document the usage and purpose
|
||||
// of this "protocol" name.
|
||||
// of this "protocol" name:
|
||||
//
|
||||
// ### Assigned Additional Algorithm Names
|
||||
//
|
||||
// #### Registration Procedure(s)
|
||||
//
|
||||
// TODO
|
||||
//
|
||||
// #### NOTE
|
||||
//
|
||||
// The algorithm names MUST meet the criteria for additional algorithm names described in [RFC4251
|
||||
// § 6].
|
||||
//
|
||||
// We reserve the following custom OpenSSH key types:
|
||||
//
|
||||
// +---------------------------+--------------------+---------------------+------------------------+
|
||||
// | Public Key Algorithm Name | Public Key Format | Private Key Format | Purpose |
|
||||
// |---------------------------|--------------------|---------------------|------------------------|
|
||||
// | x25519@torproject.org | [TODO link to spec | [TODO link to spec | Arti keystore storage |
|
||||
// | | describing the key | describing the key | format |
|
||||
// | | format] | format] | |
|
||||
// | | | | |
|
||||
// +---------------------------+--------------------+---------------------+------------------------+
|
||||
//
|
||||
// [RFC4251 § 6]: https://www.rfc-editor.org/rfc/rfc4251.html#section-6
|
||||
//
|
||||
// <The following will go in the document that describes the x25519@torproject.org key format>
|
||||
//
|
||||
// # x25519@torproject.org OpenSSH Keys
|
||||
//
|
||||
// ## Introduction
|
||||
//
|
||||
// X25519 keys do not have a predefined SSH key algorithm name in [IANA's Secure Shell(SSH)
|
||||
// Protocol Parameters], so in order to be able to store this type of key in OpenSSH format,
|
||||
// we need to define a custom OpenSSH key type.
|
||||
//
|
||||
// ## Key Format
|
||||
//
|
||||
// An x25519@torproject.org public key file is encoded in the format specified in
|
||||
// [RFC4716 § 3.4].
|
||||
//
|
||||
// Private keys use the format specified in [PROTOCOL.key].
|
||||
//
|
||||
// TODO: flesh out the RFC and write down a concrete example for clarity.
|
||||
//
|
||||
// [IANA's Secure Shell(SSH) Protocol Parameters]: https://www.iana.org/assignments/ssh-parameters/ssh-parameters.xhtml#ssh-parameters-19
|
||||
// [RFC4716 § 3.4]: https://datatracker.ietf.org/doc/html/rfc4716#section-3.4
|
||||
// [PROTOCOL.key]: https://cvsweb.openbsd.org/src/usr.bin/ssh/PROTOCOL.key?annotate=HEAD
|
||||
pub(crate) const X25519_ALGORITHM_NAME: &str = "x25519@torproject.org";
|
||||
|
||||
/// An unparsed OpenSSH key.
|
||||
|
|
Loading…
Reference in New Issue