diff options
author | Ian Jackson <ijackson@chiark.greenend.org.uk> | 2023-02-06 12:25:55 +0000 |
---|---|---|
committer | Ian Jackson <ijackson@chiark.greenend.org.uk> | 2023-02-06 12:25:55 +0000 |
commit | 5c6b282e57f866a1341eb705cb21507fcbfcc543 (patch) | |
tree | fa8afae346a08b01711f6304c73c910566c31df6 /rend-spec-v3.txt | |
parent | ca400dc9f82f8e644d8c3b834a80a41a68748880 (diff) | |
download | torspec-5c6b282e57f866a1341eb705cb21507fcbfcc543.tar.gz torspec-5c6b282e57f866a1341eb705cb21507fcbfcc543.zip |
Call the key in desc-auth-ephemeral-key, KP_hs_desc_ephem
Proposed by @nickm in
https://gitlab.torproject.org/tpo/core/arti/-/merge_requests/999/diffs#50f9790ab3f0a65f7ac3e4f413c84f51fae1f855_0_26
(I think the spec is not 100% clear that hs_y and hs_Y are *this* key,
rather than some other possible ephemeral keypair the HS might have,
so please would the reviewer check that this is actually true.)
Diffstat (limited to 'rend-spec-v3.txt')
-rw-r--r-- | rend-spec-v3.txt | 6 |
1 files changed, 2 insertions, 4 deletions
diff --git a/rend-spec-v3.txt b/rend-spec-v3.txt index a8ac264..afc2a46 100644 --- a/rend-spec-v3.txt +++ b/rend-spec-v3.txt @@ -1208,7 +1208,7 @@ Table of contents: If client authorization is disabled, the value here should be "x25519". - "desc-auth-ephemeral-key" SP key NL + "desc-auth-ephemeral-key" SP KP_hs_desc_ephem NL [Exactly once] @@ -1239,13 +1239,11 @@ Table of contents: client_x = private x25519 key of authorized client client_X = public x25519 key of authorized client - hs_y = private key of ephemeral x25519 keypair of hidden service - hs_Y = public key of ephemeral x25519 keypair of hidden service descriptor_cookie = descriptor cookie used to encrypt the descriptor And here is what the hidden service computes: - SECRET_SEED = x25519(hs_y, client_X) + SECRET_SEED = x25519(KS_hs_desc_ephem, client_X) KEYS = KDF(N_hs_subcred | SECRET_SEED, 40) CLIENT-ID = fist 8 bytes of KEYS COOKIE-KEY = last 32 bytes of KEYS |