diff options
Diffstat (limited to 'spec')
-rw-r--r-- | spec/SUMMARY.md | 2 | ||||
-rw-r--r-- | spec/cert-spec.md | 2 | ||||
-rw-r--r-- | spec/rend-spec/encrypting-user-data.md | 7 | ||||
-rw-r--r-- | spec/rend-spec/introduction-protocol.md | 4 | ||||
-rw-r--r-- | spec/rend-spec/test-vectors.md (renamed from spec/rend-spec/text-vectors.md) | 2 |
5 files changed, 13 insertions, 4 deletions
diff --git a/spec/SUMMARY.md b/spec/SUMMARY.md index ade9586..70fa46a 100644 --- a/spec/SUMMARY.md +++ b/spec/SUMMARY.md @@ -127,7 +127,7 @@ - [Appendix F: Hidden service directory format \[HIDSERVDIR-FORMAT\]](./rend-spec/fs-contents.md) - [Appendix G: Managing authorized client data \[CLIENT-AUTH-MGMT\]](./rend-spec/client-authorization.md) - [Appendix F: Two methods for managing revision counters.](./rend-spec/revision-counter-mgt.md) - - [Appendix G: Text vectors](./rend-spec/text-vectors.md) + - [Appendix G: Test vectors](./rend-spec/test-vectors.md) - [`Proof of Work for onion service introduction`](./hspow-spec/index.md) - [Motivation](./hspow-spec/motivation.md) - [Common protocol](./hspow-spec/common-protocol.md) diff --git a/spec/cert-spec.md b/spec/cert-spec.md index 873c258..98aeffa 100644 --- a/spec/cert-spec.md +++ b/spec/cert-spec.md @@ -57,7 +57,7 @@ These representation for this certificate is: | - `ExtType` | 1 | [Type of extension](#list-ext-types)| | - `ExtFlags` | 1 | Control interpretation of extension | | - `ExtData` | `ExtLen` | Encoded extension body | -| SIGNATURE | 64 | Signature of all previous fields | +| `SIGNATURE` | 64 | Signature of all previous fields | The `VERSION` field holds the value `[01]`. diff --git a/spec/rend-spec/encrypting-user-data.md b/spec/rend-spec/encrypting-user-data.md index 460f71e..fdf1a30 100644 --- a/spec/rend-spec/encrypting-user-data.md +++ b/spec/rend-spec/encrypting-user-data.md @@ -10,3 +10,10 @@ Tor relay encryption protocol, applying encryption with these keys before other encryption, and decrypting with these keys before other decryption. The client encrypts with Kf and decrypts with Kb; the service host does the opposite. + +As mentioned +[previously](./introduction-protocol.md#INTRO-HANDSHAKE-REQS), +these keys are used the same as for +[regular relay cell encryption](../tor-spec/routing-relay-cells.md), +except that instead of using AES-128 and SHA1, +both parties use AES-256 and SHA3-256. diff --git a/spec/rend-spec/introduction-protocol.md b/spec/rend-spec/introduction-protocol.md index 43c5638..0181dd2 100644 --- a/spec/rend-spec/introduction-protocol.md +++ b/spec/rend-spec/introduction-protocol.md @@ -696,7 +696,9 @@ HANDSHAKE_INFO element (see \[JOIN_REND\]). The hidden service host now also knows the keys generated by the handshake, which it will use to encrypt and authenticate data end-to-end between the client and the server. These keys are as -computed in tor-spec.txt section 5.1.4, except that instead of using +computed with the +[ntor handshake](../tor-spec/create-created-cells.html#ntor), +except that instead of using AES-128 and SHA1 for this hop, we use AES-256 and SHA3-256. <a id="rend-spec-v3.txt-3.4"></a> diff --git a/spec/rend-spec/text-vectors.md b/spec/rend-spec/test-vectors.md index eadaee2..d77049e 100644 --- a/spec/rend-spec/text-vectors.md +++ b/spec/rend-spec/test-vectors.md @@ -1,6 +1,6 @@ <a id="rend-spec-v3.txt-G"></a> -# Appendix G: Text vectors +# Appendix G: Test vectors G.1. Test vectors for hs-ntor / NTOR-WITH-EXTRA-DATA |