Opened 9 months ago

Last modified 8 months ago

#27999 assigned enhancement

Allow for long-running signing operations

Reported by: ln5 Owned by: ln5
Priority: Medium Milestone: Tor: unspecified
Component: Core Tor/Tor Version:
Severity: Normal Keywords: TorHSM
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

In order to be able to put secret keys used for signing status documents on an HSM device, which may require a long time(*) to finish, we need to allow for router_get_dirobj_signature() to return something akin to EAGAIN and make its callers able to cope with that.

router_get_dirobj_signature() has only two callers, both with only one same caller (dirvote_act()) so that seems pretty contained. Question is if we should push this down a level to crypto_pk_private_sign() for other potential use cases than votes and consensuses only?

(*) Let's define "a long time" as anything taking more than 1/10 of a second.

Child Tickets

Change History (1)

comment:1 Changed 8 months ago by teor

Milestone: Tor: unspecified

These seem like long-term projects or features

Note: See TracTickets for help on using tickets.