[tor-dev] Choosing a valid Circuit ID for an OR connection

Nick Mathewson nickm at freehaven.net
Tue Apr 14 20:52:17 UTC 2020 

On Tue, Apr 14, 2020 at 9:13 AM Eli Vakrat <eli at vakrat.com> wrote:
>
> Hello to the TOR dev team!
>
> My name is Eli, I'm a high school student from Israel and I'm currently trying to implement a TOR Client in Python.
> Currently, my project is configured so that the python client (OP) has its guard node set as my local machine (which is running a downloaded version of TOR). I do this for debugging purposes so that if I send a malformed cell as the implemented client, I can read the debug log that the OR generates and see what I did wrong.
>
> As I am writing this, I have successfully been able to make a v3 "in protocol" handshake by sending the proper VERSIONS and NETINFO cells that the OR has accepted.
>
> Right now, I am working on getting the CREATE cell to work (with the TAP handshake), and when I send the cell to the OR It sends a DESTROY cell with the following message in the debug log:
>
> Apr 14 12:24:51.166 [warn] Received create cell with unexpected circ_id 1. Closing.
>
> To my understanding, the problem here is that the circuit id I have chosen is not valid.
>
> I read from the tor spec that there is a range of acceptable circuit id's for each relay and it can be found in the long term 1024 bit RSA "signing key".
>
> My question to you all is, how can I extract that range for the circuit ID's (along with any other relevant information) from the signing key?
> In other words, what is the "signing key" made up of, and how can I get the information that its made of?
>
> The bottom line is I need to find out what valid circuit ID's I can send to OR's.
>
> I am having a lot of fun doing this project so far and I hope to hear back from anyone who has an answer :)

Hi!  This looks like a cool project.

So, it was only the earlier versions of Tor that chose circuit IDs
based on RSA keys.  In link protocol version 4 or higher (as
negotiated by the VERSIONS cell), you can use any circuit ID that
starts with a 1 bit:

   "In link protocol version 4 or higher, whichever node initiated the
   connection sets its MSB to 1, and whichever node didn't initiate the
   connection sets its MSB to 0."

Hoping this helps,
-- 
Nick

More information about the tor-dev mailing list