Home Explore Help
Sign In
piros
/
tor
3
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Add fixed string and nonce to prop 176 at suggestion from agl

Nick Mathewson 14 years ago
parent
400a5a7ddd
commit
0a69355794
1 changed files with 3 additions and 1 deletions
Unified View Show Diff Stats
  1. 3 1
      doc/spec/proposals/176-revising-handshake.txt

+ 3 - 1
doc/spec/proposals/176-revising-handshake.txt
View File 

@@ -358,13 +358,14 @@ Supersedes: 169
 
    cell.  If AuthType is 1 (meaning "RSA-SHA256-TLSSecret"), then the
 
    cell.  If AuthType is 1 (meaning "RSA-SHA256-TLSSecret"), then the
 
    Authentication contains the following:
 
    Authentication contains the following:
 
 
 
+       Type: The characters "AUTH0001" [8 octets]
 
        CID: A SHA256 hash of the client's RSA1024 identity key [32 octets]
 
        CID: A SHA256 hash of the client's RSA1024 identity key [32 octets]
 
        SID: A SHA256 hash of the server's RSA1024 identity key [32 octets]
 
        SID: A SHA256 hash of the server's RSA1024 identity key [32 octets]
 
        SLOG: A SHA256 hash of all bytes sent from the server to the client
 
        SLOG: A SHA256 hash of all bytes sent from the server to the client
 
          as part of the negotiation up to and including the
 
          as part of the negotiation up to and including the
 
          AUTH_CHALLENGE cell; that is, the VERSIONS cell,
 
          AUTH_CHALLENGE cell; that is, the VERSIONS cell,
 
          the CERT cell, and the AUTH_CHALLENGE cell. [32 octets]
 
          the CERT cell, and the AUTH_CHALLENGE cell. [32 octets]
 
-       CLOG: A SHA256 hash of all byte sent from the client to the
 
+       CLOG: A SHA256 hash of all bytes sent from the client to the
 
          server as part of the negotiation so far; that is, the
 
          server as part of the negotiation so far; that is, the
 
          VERSIONS cell and the CERT cell. [32 octets]
 
          VERSIONS cell and the CERT cell. [32 octets]
 
        SCERT: A SHA256 hash of the server's TLS link
 
        SCERT: A SHA256 hash of the server's TLS link
 
@@ -377,6 +378,7 @@ Supersedes: 169
 
              "Tor V3 handshake TLS cross-certification"
 
              "Tor V3 handshake TLS cross-certification"
 
           [32 octets]
 
           [32 octets]
 
        TIME: The time of day in seconds since the POSIX epoch. [8 octets]
 
        TIME: The time of day in seconds since the POSIX epoch. [8 octets]
 
+       NONCE: A 16 byte value, randomly chosen by the client [16 octets]
 
        SIG: A signature of a SHA256 hash of all the previous fields
 
        SIG: A signature of a SHA256 hash of all the previous fields
 
          using the client's "Authenticate" key as presented.  (As
 
          using the client's "Authenticate" key as presented.  (As
 
          always in Tor, we use OAEP-MGF1 padding; see tor-spec.txt
 
          always in Tor, we use OAEP-MGF1 padding; see tor-spec.txt