diff options
| author | Iain R. Learmonth <irl@fsfe.org> | 2018-11-12 21:31:23 +0000 |
|---|---|---|
| committer | Iain R. Learmonth <irl@fsfe.org> | 2018-11-12 21:31:23 +0000 |
| commit | c2cc4dea16a3b90816e08380da0c7a8de54903e4 (patch) | |
| tree | 4f595f26fcd98156262d71bd4f9989a3ce63d157 /dir-spec.txt | |
| parent | 9d8c044057807abfd9407d2b23acf6b95b142c1d (diff) | |
| download | torspec-c2cc4dea16a3b90816e08380da0c7a8de54903e4.tar.gz torspec-c2cc4dea16a3b90816e08380da0c7a8de54903e4.zip | |
dir-spec: Make extra-info-digest reflect reality
The extra-info-digest field of server descriptors was defined to contain
either a SHA1, or a SHA1 and a SHA256 digest. These were both meant to
be computed over the same data but due to an implementation error, the
Tor network has been computing the digests over different data for a
while. This is a lot easier to fix in the spec than in the code, and
the error does not seem to cause any harm beyond being a little
confusing (which this patch should help with).
A minor fix is also made to the SHA1 digest portion of the text. This is
a typo fix and a clarification, and does not change the semantic meaning
for that portion.
Diffstat (limited to 'dir-spec.txt')
| -rw-r--r-- | dir-spec.txt | 18 |
1 files changed, 12 insertions, 6 deletions
diff --git a/dir-spec.txt b/dir-spec.txt index 8da28c4..f96fd64 100644 --- a/dir-spec.txt +++ b/dir-spec.txt @@ -701,17 +701,23 @@ [Versions before 0.2.0.1-alpha don't recognize this] - "extra-info-digest" SP sha1digest [SP sha256-digest] NL + "extra-info-digest" SP sha1-digest [SP sha256-digest] NL [At most once] - "sha1-digest" is a hex-encoded digest (using upper-case characters) of - the router's extra-info document, as signed in the router's extra-info - (that is, not including the signature). (If this field is absent, the - router is not uploading a corresponding extra-info document.) + "sha1-digest" is a hex-encoded SHA1 digest (using upper-case characters) + of the router's extra-info document, as signed in the router's + extra-info (that is, not including the signature). (If this field is + absent, the router is not uploading a corresponding extra-info + document.) "sha256-digest" is a base64-encoded SHA256 digest of the extra-info - document, computed over the same data. + document. Unlike the "sha1-digest", this digest is calculated over the + entire document, including the signature. This difference is due to + a long-lived bug in the tor implementation that it would be difficult + to roll out an incremental fix for, not a design choice. Future digest + algorithms specified should not include the signature in the data used + to compute the digest. [Versions before 0.2.7.2-alpha did not include a SHA256 digest.] [Versions before 0.2.0.1-alpha don't recognize this field at all.] |