From 43c442ad20da9e0e6d4403a22177d482389b13cb Mon Sep 17 00:00:00 2001 From: Abel Luck Date: Wed, 10 Sep 2025 14:06:28 +0200 Subject: [PATCH] Update obfs4 e2e test to include new ED25519 Tor format and RSA hashed fingerprint outputs --- e2e-tests/obfs4/main.tf | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) diff --git a/e2e-tests/obfs4/main.tf b/e2e-tests/obfs4/main.tf index 08a3d97..01e21b5 100644 --- a/e2e-tests/obfs4/main.tf +++ b/e2e-tests/obfs4/main.tf @@ -26,6 +26,13 @@ resource "tor_obfs4_state" "bridge" { ed25519_identity_private_key = tor_relay_identity_ed25519.bridge.private_key_pem } +# Alternative: obfs4 state could also use Tor format keys (demonstration only) +# resource "tor_obfs4_state" "bridge_alt" { +# rsa_identity_private_key = tor_relay_identity_rsa.bridge.private_key_pem +# ed25519_identity_private_key = tor_relay_identity_ed25519.bridge.private_key_pem +# # Note: private_key_tor could be used here as well for ed25519 keys +# } + # Generate bridge line for client distribution data "tor_obfs4_bridge_line" "bridge" { ip_address = "203.0.113.1" @@ -46,11 +53,27 @@ output "rsa_fingerprint_sha256" { value = tor_relay_identity_rsa.bridge.public_key_fingerprint_sha256 } +output "rsa_fingerprint_sha1_hashed" { + description = "RSA identity fingerprint (SHA1) hashed for privacy" + value = tor_relay_identity_rsa.bridge.public_key_fingerprint_sha1_hashed +} + output "ed25519_fingerprint_sha256" { description = "Ed25519 identity fingerprint (SHA256)" value = tor_relay_identity_ed25519.bridge.public_key_fingerprint_sha256 } +output "ed25519_private_key_tor" { + description = "Ed25519 private key in Tor binary format (base64)" + value = tor_relay_identity_ed25519.bridge.private_key_tor + sensitive = true +} + +output "ed25519_public_key_tor" { + description = "Ed25519 public key in Tor binary format (base64)" + value = tor_relay_identity_ed25519.bridge.public_key_tor +} + output "obfs4_certificate" { description = "obfs4 certificate for bridge line" value = tor_obfs4_state.bridge.certificate