Opened 5 years ago

Closed 5 years ago

#16359 closed enhancement (implemented)

Add new ed25519-related lines to sanitized bridge descriptors

Reported by: karsten Owned by:
Priority: High Milestone:
Component: Metrics/CollecTor Version:
Severity: Keywords:
Cc: nickm, isis, atagar Actual Points:
Parent ID: Points:
Reviewer: Sponsor:


Recent Tor bridges include ed25519-related lines in their server descriptors and extra-info descriptors. We need to sanitize them in a way that doesn't leak the new ed25519 bridge identity. See also some discussion about this on tor-dev@.

I just finished writing some possible sanitizing code for this and would appreciate a quick review of the new parsing code there.

Also, here are two sanitized bridge descriptors as samples:

@type bridge-server-descriptor 1.1
router hatak2 89 0 0
or-address [fd9f:2e19:3bcf::d4:b0b5]:89
master-key-ed25519 vtKSwo5ic01Lmd1bkRZ64Pn+3p6463SWo59mUobgw1w
platform Tor on Linux
protocols Link 1 2 Circuit 1
published 2015-06-12 07:32:33
fingerprint FEC3 88B2 464F 8A84 AF02 CB76 3B10 7F71 2750 B3A9
uptime 208681
bandwidth 14971520 104857600 153167
extra-info-digest 64ED1D6F4851BEC31A1FB0F98BBA18F5ADAD6041 KCnzQ4dTAV+KqwyFYPOlJ9UwYW0vE3wzanHmQ0C1SnI
contact somebody
ntor-onion-key 7aW+CYWazyD6+g4oZTLZ5UgjashXriSyuCrc9MnwYEA=
reject *:*
router-digest-sha256 4TfyBALOAWmuLv3Ag5JvLsrXwraNsfxswCnGvVkbPQA
router-digest C3140734BF6DEC26895456427D793E2ED8BC6F4B
@type bridge-extra-info 1.3
extra-info hatak2 FEC388B2464F8A84AF02CB763B107F712750B3A9
master-key-ed25519 vtKSwo5ic01Lmd1bkRZ64Pn+3p6463SWo59mUobgw1w
published 2015-06-12 07:32:33
write-history 2015-06-12 06:25:25 (14400 s) 412672,518144,427008,678912,39168000,422912
read-history 2015-06-12 06:25:25 (14400 s) 4737024,6061056,4524032,5554176,42741760,4158464
dirreq-write-history 2015-06-11 21:30:09 (14400 s) 31744,0,0,0,0,0
dirreq-read-history 2015-06-11 21:30:09 (14400 s) 5120,0,0,0,0,0
geoip-db-digest 0A1F9C09E08F6F2490E8880664D4E863D1680A12
geoip6-db-digest A6E9B5DE6F887315749B29F9C9F698215BE5240A
dirreq-stats-end 2015-06-11 21:30:16 (86400 s)
dirreq-v3-resp ok=0,not-enough-sigs=0,unavailable=0,not-found=0,not-modified=0,busy=0
dirreq-v3-direct-dl complete=0,timeout=0,running=0
dirreq-v3-tunneled-dl complete=0,timeout=0,running=0
transport fte
transport obfs4
transport websocket
bridge-stats-end 2015-06-11 21:34:31 (86400 s)
bridge-ip-versions v4=0,v6=0
router-digest-sha256 KCnzQ4dTAV+KqwyFYPOlJ9UwYW0vE3wzanHmQ0C1SnI
router-digest 64ED1D6F4851BEC31A1FB0F98BBA18F5ADAD6041

New/updated lines are:

  • @type lines contain updated minor version numbers because of additional lines.
  • master-key-ed25519 in both server descriptors and extra-info descriptors, containing SHA256 digests of keys. Note that extra-info descriptors produced by Tor don't (yet) contain such lines.
  • extra-info-digest in server descriptors now contains two digests matching the digests in the router-digest and router-digest-sha256 lines in extra-info descriptors.
  • router-digest-sha256 contains the SHA256 of SHA256 of full descriptor contents including signatures.

Anything else I'm missing?

Child Tickets

Change History (1)

comment:1 Changed 5 years ago by karsten

Resolution: implemented
Status: newclosed

This code is now running and producing sanitized bridge descriptors for Hopefully it doesn't break anything. Closing.

Note: See TracTickets for help on using tickets.