[tor-bugs] #23748 [Core Tor/Tor]: inconsistent/redundant handling of hs_ed25519_public_key file

Tor Bug Tracker & Wiki blackhole at torproject.org
Tue Oct 3 13:06:11 UTC 2017


#23748: inconsistent/redundant handling of hs_ed25519_public_key file
------------------------------+-----------------------------
     Reporter:  cathugger     |      Owner:  (none)
         Type:  defect        |     Status:  new
     Priority:  Medium        |  Milestone:
    Component:  Core Tor/Tor  |    Version:  0.3.2.2-alpha
     Severity:  Normal        |   Keywords:  tor-hs, prop224
Actual Points:                |  Parent ID:
       Points:                |   Reviewer:
      Sponsor:                |
------------------------------+-----------------------------
 When creating directory for v3 onion services, tor generates 3 files:
 "hs_ed25519_secret_key" consisting 64 bytes expanded secret key,
 "hs_ed25519_public_key" consisting 32 bytes public key and "hostname"
 consisting base32 representation of public key plus checksum, version
 identifier and ".onion" suffix.
 When reading existing v3 onion service directory, however, tor reads only
 "hs_ed25519_secret_key" file, completely ignoring "hs_ed25519_public_key",
 even if it holds public key not matching secret key in
 "hs_ed25519_secret_key".
 This can lead to potentially confusing behavior, when
 hs_ed25519_secret_key is changed, tor subsequently generates new hostname,
 but hs_ed25519_public_key stays old.
 Either hs_ed25519_public_key should not be generated in the first place,
 as it's unnecessary and redundant, or it should be checked for
 correctness.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/23748>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list