[tor-talk] Validating the DA authority document
Gary Chapman
garychapman72 at gmail.com
Sun Feb 23 04:30:52 UTC 2020
Hi community,
I've tried reading the TOR docs, but I can't seem to wrap my head around
how the authority document works (as regards signature validation) ... I've
gotten circuit building working in a standalone c# library, but I'm
struggling with validating the directory.
For clarity, the document I am referring to, is the following :
http://193.23.244.244/tor/keys/authority.z
I've tried verifying various areas of the document ...
With various line endings CRLF/LFCR/LF/CR
With various signature algorithms SHA1withRSA / SHA256withRSA / etc
With both of the footer signatures
I am using the "dir identity" RSA key at the top of the document as the
reference key to verify against - I'm assuming this is correct, it's the
only thing I can find that looks like the top level key.
Unfortunately, no matter what I try, I just get a signature mismatch every
time and I'm running out of sensible permutations. Clearly I'm missing
something.
Could some kind soul please point me in the right direction?
As I say, I've poured through the TOR specs but I've been unable to locate
a clear description that resolves all of the question marks. I'd check the
source, but... again... that's some pretty dense code to make sense of : /
Could someone please describe the process, and make an old man very happy?
Many thanks
Gary Chapman (UK)
More information about the tor-talk
mailing list