diff options
Diffstat (limited to 'proposals/224-rend-spec-ng.txt')
-rw-r--r-- | proposals/224-rend-spec-ng.txt | 20 |
1 files changed, 11 insertions, 9 deletions
diff --git a/proposals/224-rend-spec-ng.txt b/proposals/224-rend-spec-ng.txt index 56ca69c..8945239 100644 --- a/proposals/224-rend-spec-ng.txt +++ b/proposals/224-rend-spec-ng.txt @@ -211,7 +211,7 @@ Table of contents: * Instantiate KDF with SHAKE-256. - * Instantiate MAC(key=k, message=m) with H(k_len || k || m), + * Instantiate MAC(key=k, message=m) with H(k_len | k | m), where k_len is htonll(len(k)). For legacy purposes, we specify compatibility with older versions of @@ -237,7 +237,8 @@ Table of contents: Link specifier types are as described in tor-spec.txt. Every set of link specifiers MUST include at minimum specifiers of type [00] - (TLS-over-TCP, IPv4) and [02] (legacy node identity). + (TLS-over-TCP, IPv4), [02] (legacy node identity) and [03] (ed25519 + identity key). We also incorporate Tor's circuit extension handshakes, as used in the CREATE2 and CREATED2 cells described in tor-spec.txt. In these @@ -781,9 +782,9 @@ Table of contents: for replicanum in 1...hsdir_n_replicas: hs_index(replicanum) = H("store-at-idx" | - blinded_public_key | - INT_8(replicanum) | - INT_8(period_num) ) + blinded_public_key | + INT_8(replicanum) | + INT_8(period_num) ) where blinded_public_key is specified in section [KEYBLIND], and period_num is calculated using the current consensus "valid-after" as specified in @@ -902,9 +903,10 @@ Table of contents: To do so, Tor clients and services use: - SRV = HMAC("shared-random-disaster", TIME_PERIOD_NUM) + SRV = H("shared-random-disaster" | INT_8(period_num)) - as the SRV for time period TIME_PERIOD_NUM. + where period_num is calculated as specified in [TIME-PERIODS] for the + wanted shared random value that could not be found originally. 2.3.2. Hidden services and changing shared random values @@ -1899,8 +1901,8 @@ Table of contents: version field and a basic checksum. All this information is then base32 encoded as shown below: - onion_address = base32(PUBKEY || CHECKSUM || VERSION) + ".onion" - CHECKSUM = H(".onion checksum" || PUBKEY || VERSION)[:2] + onion_address = base32(PUBKEY | CHECKSUM | VERSION) + ".onion" + CHECKSUM = H(".onion checksum" | PUBKEY | VERSION)[:2] where: - PUBKEY is the 32 bytes ed25519 master pubkey of the hidden service. |