aboutsummaryrefslogtreecommitdiff
path: root/spec/tor-spec/negotiating-channels.md
diff options
context:
space:
mode:
Diffstat (limited to 'spec/tor-spec/negotiating-channels.md')
-rw-r--r--spec/tor-spec/negotiating-channels.md48
1 files changed, 24 insertions, 24 deletions
diff --git a/spec/tor-spec/negotiating-channels.md b/spec/tor-spec/negotiating-channels.md
index 1184fd8..1ab3721 100644
--- a/spec/tor-spec/negotiating-channels.md
+++ b/spec/tor-spec/negotiating-channels.md
@@ -321,34 +321,34 @@ cell, and authenticated the responder.
If AuthType is 1 (meaning "RSA-SHA256-TLSSecret"), then the
Authentication field of the AUTHENTICATE cell contains the following:
-* TYPE: The characters "AUTH0001" [8 octets]
-* CID: A SHA256 hash of the initiator's RSA1024 identity key [32 octets]
-* SID: A SHA256 hash of the responder's RSA1024 identity key [32 octets]
+* TYPE: The characters "AUTH0001" \[8 octets\]
+* CID: A SHA256 hash of the initiator's RSA1024 identity key \[32 octets\]
+* SID: A SHA256 hash of the responder's RSA1024 identity key \[32 octets\]
* SLOG: A SHA256 hash of all bytes sent from the responder to the
initiator as part of the negotiation up to and including the
AUTH_CHALLENGE cell; that is, the VERSIONS cell, the CERTS cell,
- the AUTH_CHALLENGE cell, and any padding cells. [32 octets]
+ the AUTH_CHALLENGE cell, and any padding cells. \[32 octets\]
* CLOG: A SHA256 hash of all bytes sent from the initiator to the
responder as part of the negotiation so far; that is, the
- VERSIONS cell and the CERTS cell and any padding cells. [32
- octets]
-* SCERT: A SHA256 hash of the responder's TLS link certificate. [32
- octets]
+ VERSIONS cell and the CERTS cell and any padding cells. \[32
+ octets\]
+* SCERT: A SHA256 hash of the responder's TLS link certificate. \[32
+ octets\]
* TLSSECRETS: A SHA256 HMAC, using the TLS master secret as the
secret key, of the following:
- client_random, as sent in the TLS Client Hello
- server_random, as sent in the TLS Server Hello
- the NUL terminated ASCII string:
"Tor V3 handshake TLS cross-certification"
- [32 octets]
+ \[32 octets\]
* RAND: A 24 byte value, randomly chosen by the initiator. (In an
imitation of SSL3's gmt_unix_time field, older versions of Tor
sent an 8-byte timestamp as the first 8 bytes of this field;
- new implementations should not do that.) [24 octets]
+ new implementations should not do that.) \[24 octets\]
* SIG: A signature of a SHA256 hash of all the previous fields
using the initiator's "Authenticate" key as presented. (As
always in Tor, we use OAEP-MGF1 padding; see [Ciphers](./preliminaries.md#ciphers))
- [variable length]
+ \[variable length\]
To check the AUTHENTICATE cell, a responder checks that all fields
from TYPE through TLSSECRETS contain their unique
@@ -370,31 +370,31 @@ Authentication field of the AuthType cell is as below:
Modified values and new fields below are marked with asterisks.
-* TYPE: The characters "AUTH0003" [8 octets]
-* CID: A SHA256 hash of the initiator's RSA1024 identity key [32 octets]
-* SID: A SHA256 hash of the responder's RSA1024 identity key [32 octets]
-* CID_ED: The initiator's Ed25519 identity key [32 octets]
-* SID_ED: The responder's Ed25519 identity key, or all-zero. [32 octets]
+* TYPE: The characters "AUTH0003" \[8 octets\]
+* CID: A SHA256 hash of the initiator's RSA1024 identity key \[32 octets\]
+* SID: A SHA256 hash of the responder's RSA1024 identity key \[32 octets\]
+* CID_ED: The initiator's Ed25519 identity key \[32 octets\]
+* SID_ED: The responder's Ed25519 identity key, or all-zero. \[32 octets\]
* SLOG: A SHA256 hash of all bytes sent from the responder to the
initiator as part of the negotiation up to and including the
AUTH_CHALLENGE cell; that is, the VERSIONS cell, the CERTS cell,
- the AUTH_CHALLENGE cell, and any padding cells. [32 octets]
+ the AUTH_CHALLENGE cell, and any padding cells. \[32 octets\]
* CLOG: A SHA256 hash of all bytes sent from the initiator to the
responder as part of the negotiation so far; that is, the
- VERSIONS cell and the CERTS cell and any padding cells. [32
- octets]
-* SCERT: A SHA256 hash of the responder's TLS link certificate. [32
- octets]
+ VERSIONS cell and the CERTS cell and any padding cells. \[32
+ octets\]
+* SCERT: A SHA256 hash of the responder's TLS link certificate. \[32
+ octets\]
* TLSSECRETS: The output of an RFC5705 Exporter function on the
TLS session, using as its inputs:
- The label string "EXPORTER FOR TOR TLS CLIENT BINDING AUTH0003"
- The context value equal to the initiator's Ed25519 identity key.
- The length 32.
- [32 octets]
-* RAND: A 24 byte value, randomly chosen by the initiator. [24 octets]
+ \[32 octets\]
+* RAND: A 24 byte value, randomly chosen by the initiator. \[24 octets\]
* SIG: A signature of all previous fields using the initiator's
Ed25519 authentication key (as in the cert with CertType 6).
- [variable length]
+ \[variable length\]
To check the AUTHENTICATE cell, a responder checks that all fields
from TYPE through TLSSECRETS contain their unique
7apu2bq3rhoylwmucxizk54afw5jyda7pho4j5zdcqpwkufke7zdzwad.onion