[tor-bugs] #16035 [Tor]: Implement proposal 244: RFC5705 for exporting key material in tls handshake
Tor Bug Tracker & Wiki
blackhole at torproject.org
Fri May 15 16:05:08 UTC 2015
#16035: Implement proposal 244: RFC5705 for exporting key material in tls handshake
--------------------+------------------------------------
Reporter: nickm | Owner:
Type: defect | Status: new
Priority: normal | Milestone: Tor: 0.2.7.x-final
Component: Tor | Version:
Keywords: | Actual Points:
Parent ID: #15055 | Points:
--------------------+------------------------------------
From the proposal:
{{{ We use AUTHENTICATE cells to bind the connection-initiator's Tor
identity to a TLS session. Our current type of authentication
("RSA-SHA256-TLSSecret", see tor-spec.txt section 4.4) does this by
signing a document that includes an HMAC of client_random and
server_random, using the TLS master secret as a secret key.
There is a more standard way to get at this information, by using the
facility defined in RFC5705. Further, it is likely to continue to.
work with more TLS libraries, including TLS libraries like OpenSSL 1.1
that make master secrets and session data opaque.
}}}
This is easy, and easily done as part of #15055
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/16035>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list