# This is a combination of 2 commits.

# The first commit's message is:

Regenerate ed25519 keys when they will expire soon.

Also, have testing-level options to set the lifetimes and
expiration-tolerances of all key types, plus a non-testing-level
option to set the lifetime of any auto-generated signing key.

# The 2nd commit message will be skipped:

#	fixup! Regenerate ed25519 keys when they will expire soon.

src/or/config.c

@@ -298,6 +298,7 @@ static config_var_t option_vars_[] = {
   VAR("ServerTransportPlugin",   LINELIST, ServerTransportPlugin,  NULL),
   V(ServerTransportListenAddr,   LINELIST, NULL),
   V(ServerTransportOptions,      LINELIST, NULL),
+  V(SigningKeyLifetime,          INTERVAL, "30 days"),
   V(Socks4Proxy,                 STRING,   NULL),
   V(Socks5Proxy,                 STRING,   NULL),
   V(Socks5ProxyUsername,         STRING,   NULL),
@@ -356,6 +357,13 @@ static config_var_t option_vars_[] = {
   V(TestingTorNetwork,           BOOL,     "0"),
   V(TestingMinExitFlagThreshold, MEMUNIT,  "0"),
   V(TestingMinFastFlagThreshold, MEMUNIT,  "0"),
+
+  V(TestingLinkKeyLifetime,          INTERVAL, "2 days"),
+  V(TestingAuthKeyLifetime,          INTERVAL, "2 days"),
+  V(TestingLinkKeySlop,              INTERVAL, "3 hours"),
+  V(TestingAuthKeySlop,              INTERVAL, "3 hours"),
+  V(TestingSigningKeySlop,           INTERVAL, "1 day"),
+
   V(OptimisticData,              AUTOBOOL, "auto"),
   V(PortForwarding,              BOOL,     "0"),
   V(PortForwardingHelper,        FILENAME, "tor-fw-helper"),
@@ -3625,8 +3633,20 @@ options_validate(or_options_t *old_options, or_options_t *options,
   CHECK_DEFAULT(TestingDescriptorMaxDownloadTries);
   CHECK_DEFAULT(TestingMicrodescMaxDownloadTries);
   CHECK_DEFAULT(TestingCertMaxDownloadTries);
+  CHECK_DEFAULT(TestingAuthKeyLifetime);
+  CHECK_DEFAULT(TestingLinkKeyLifetime);
+  CHECK_DEFAULT(TestingSigningKeySlop);
+  CHECK_DEFAULT(TestingAuthKeySlop);
+  CHECK_DEFAULT(TestingLinkKeySlop);
 #undef CHECK_DEFAULT
 
+  if (options->SigningKeyLifetime < options->TestingSigningKeySlop*2)
+    REJECT("SigningKeyLifetime is too short.");
+  if (options->TestingLinkKeyLifetime < options->TestingAuthKeySlop*2)
+    REJECT("LinkKeyLifetime is too short.");
+  if (options->TestingAuthKeyLifetime < options->TestingLinkKeySlop*2)
+    REJECT("AuthKeyLifetime is too short.");
+
   if (options->TestingV3AuthInitialVotingInterval
       < MIN_VOTE_INTERVAL_TESTING_INITIAL) {
     REJECT("TestingV3AuthInitialVotingInterval is insanely low.");

src/or/main.c

@@ -134,6 +134,8 @@ time_t time_of_process_start = 0;
 long stats_n_seconds_working = 0;
 /** When do we next launch DNS wildcarding checks? */
 static time_t time_to_check_for_correct_dns = 0;
+/** When do we next make sure our Ed25519 keys aren't about to expire? */
+static time_t time_to_check_ed_keys = 0;
 
 /** How often will we honor SIGNEWNYM requests? */
 #define MAX_SIGNEWNYM_RATE 10
@@ -1280,6 +1282,17 @@ run_scheduled_events(time_t now)
       router_upload_dir_desc_to_dirservers(0);
   }
 
+  if (is_server && time_to_check_ed_keys < now) {
+    if (should_make_new_ed_keys(options, now)) {
+      if (load_ed_keys(options, now) < 0) {
+        log_err(LD_OR, "Unable to update Ed25519 keys!  Exiting.");
+        tor_cleanup();
+        exit(0);
+      }
+    }
+    time_to_check_ed_keys = now + 30;
+  }
+
   if (!should_delay_dir_fetches(options, NULL) &&
       time_to_try_getting_descriptors < now) {
     update_all_descriptor_downloads(now);

src/or/or.h

@@ -4261,6 +4261,21 @@ typedef struct {
    * XXXX Eventually, the default will be 0. */
   int ExitRelay;
 
+
+  /** For how long (seconds) do we declare our singning keys to be valid? */
+  int SigningKeyLifetime;
+  /** For how long (seconds) do we declare our link keys to be valid? */
+  int TestingLinkKeyLifetime;
+  /** For how long (seconds) do we declare our auth keys to be valid? */
+  int TestingAuthKeyLifetime;
+
+  /** How long before signing keys expire will we try to make a new one? */
+  int TestingSigningKeySlop;
+  /** How long before link keys expire will we try to make a new one? */
+  int TestingLinkKeySlop;
+  /** How long before auth keys expire will we try to make a new one? */
+  int TestingAuthKeySlop;
+
 } or_options_t;
 
 /** Persistent state for an onion router, as saved to disk. */

src/or/routerkeys.c

@@ -306,9 +306,6 @@ load_ed_keys(const or_options_t *options, time_t now)
 
   /* XXXX support encrypted identity keys fully */
 
-  /* XXXX use options. */
-  (void) options;
-
   /* First try to get the signing key to see how it is. */
   if (master_signing_key) {
     check_signing_cert = signing_key_cert;
@@ -329,7 +326,7 @@ load_ed_keys(const or_options_t *options, time_t now)
     EXPIRES_SOON(check_signing_cert, 0);
   const int want_new_signing_key =
     need_new_signing_key ||
-    EXPIRES_SOON(check_signing_cert, 86400/*???*/);
+    EXPIRES_SOON(check_signing_cert, options->TestingSigningKeySlop);
 
   {
     uint32_t flags =
@@ -365,7 +362,7 @@ load_ed_keys(const or_options_t *options, time_t now)
                options_get_datadir_fname2(options, "keys", "ed25519_signing"),
                                  flags, LOG_WARN,
                                  sign_signing_key_with_id, now,
-                                 30*86400/*XXX option*/,
+                                 options->SigningKeyLifetime,
                                  CERT_TYPE_ID_SIGNING, &sign_cert);
     if (!sign)
       FAIL("Missing signing key");
@@ -383,18 +380,22 @@ load_ed_keys(const or_options_t *options, time_t now)
    * it, if we loaded it in the first place. */
   memwipe(id->seckey.seckey, 0, sizeof(id->seckey));
 
-  if (!current_link_key || EXPIRES_SOON(link_key_cert, 7200/*???*/)) {
+  if (!current_link_key ||
+      EXPIRES_SOON(link_key_cert, options->TestingLinkKeySlop)) {
     link = ed_key_new(use_signing, INIT_ED_KEY_NEEDCERT,
-                      now, 2*86400/*XXX option??*/,
+                      now,
+                      options->TestingLinkKeyLifetime,
                       CERT_TYPE_SIGNING_LINK, &link_cert);
 
     if (!link)
       FAIL("Can't create link key");
   }
 
-  if (!current_auth_key || EXPIRES_SOON(auth_key_cert, 7200)/*???*/) {
+  if (!current_auth_key ||
+      EXPIRES_SOON(auth_key_cert, options->TestingAuthKeySlop)) {
     auth = ed_key_new(use_signing, INIT_ED_KEY_NEEDCERT,
-                      now, 2*86400/*XXX option??*/,
+                      now,
+                      options->TestingAuthKeyLifetime,
                       CERT_TYPE_SIGNING_AUTH, &auth_cert);
 
     if (!auth)
@@ -434,9 +435,22 @@ load_ed_keys(const or_options_t *options, time_t now)
 #undef FAIL
 #undef SET_KEY
 #undef SET_CERT
-#undef EXPIRES_SOON
 }
 
+int
+should_make_new_ed_keys(const or_options_t *options, const time_t now)
+{
+  return (!master_identity_key ||
+          !master_signing_key ||
+          !current_link_key ||
+          !current_auth_key ||
+          EXPIRES_SOON(signing_key_cert, options->TestingSigningKeySlop) ||
+          EXPIRES_SOON(link_key_cert, options->TestingLinkKeySlop) ||
+          EXPIRES_SOON(auth_key_cert, options->TestingAuthKeySlop));
+}
+
+#undef EXPIRES_SOON
+
 const ed25519_public_key_t *
 get_master_identity_key(void)
 {

src/or/routerkeys.h

@@ -55,6 +55,8 @@ int check_tap_onion_key_crosscert(const uint8_t *crosscert,
                                   const uint8_t *rsa_id_digest);
 
 int load_ed_keys(const or_options_t *options, time_t now);
+int should_make_new_ed_keys(const or_options_t *options, const time_t now);
+
 void routerkeys_free_all(void);
 
 #endif

src/test/test_routerkeys.c

@@ -419,6 +419,13 @@ test_routerkeys_ed_keys_init_all(void *arg)
   ed25519_keypair_t sign, link, auth;
   //  tor_cert_t *cert_is, *cert_sl, *cert_auth;
 
+  options->SigningKeyLifetime = 30*86400;
+  options->TestingAuthKeyLifetime = 2*86400;
+  options->TestingLinkKeyLifetime = 2*86400;
+  options->TestingSigningKeySlop = 2*86400;
+  options->TestingAuthKeySlop = 2*3600;
+  options->TestingLinkKeySlop = 2*3600;
+
 #ifdef _WIN32
   mkdir(dir);
   mkdir(get_fname("test_ed_keys_init_all/keys"));