Skip to content

digicert/onionmaker

Repository files navigation

Onion Maker

onionmaker is a utility to create CSRs for Tor v3 services. The CSRs generated by this utility are suitable for validation of Tor v3 Onion Domain Names according to Appendix B of the CA/Browser Forum Baseline Requirements.

Quickstart

  1. pip3 install onionmaker
  2. onionmaker ca_random_value [hidden_service_dir]

You may need to run step 2 as root depending on the access permissions of the private key file.

Usage

onionmaker requires two command line arguments:

Argument Description
ca_random_value The Random Value supplied the CA. It must be a string consisting of 32 alphanumeric characters.
hidden_service_dir The configuration directory for the Tor v3 Onion service. Default value is /var/lib/tor/hidden_service.

The utility will then create and sign a CSR with the specified private key, outputting the CSR to stdout.

Acknowledgements

This software bundles the orlp/ed25519 Ed25519 library for CSR signing. The distribution has been bundled unmodified except for omitting the Windows .dll binaries.`