#25277 closed defect (wontfix)

Summarise the format of v3 hidden service addresses in the Tor man page

Reported by: ageisp0lis Owned by: traumschule
Priority: Medium Milestone: Tor: unspecified
Component: Core Tor/Tor Version: Tor: 0.3.2.1-alpha
Severity: Normal Keywords: prop224, tor-hs, tor-doc, 034-triage-20180328, 034-removed-20180328
Cc: dgoulet, nickm, asn, arma Actual Points:
Parent ID: Points: 0.1
Reviewer: Sponsor:

Description (last modified by teor)

We have regexes for v1 v3:

^[a-z2-7]{56}\.onion$

where the last digit is always "d".

and v2:

^[a-z2-7]{16}\.onion$

What do the new addresses look like, do they have the same characters and just 56 of them? This should be in the manual, which says:

Valid onion addresses contain 16 characters in a-z2-7 plus ".onion", and valid auth cookies contain 22 characters in A-Za-z0-9+/.

Child Tickets

Change History (14)

comment:1 Changed 20 months ago by arma

Where are you hoping we'll publish it?

I'm guessing this ticket shouldn't be in the website component, but I can't guess what you have in mind enough to pick a better component for it.

comment:2 in reply to:  description ; Changed 20 months ago by arma

We have regexes for v1:

^[a-z2-7]{40}\.onion$

Also, what is this? 40-character onion addresses?

comment:3 in reply to:  2 Changed 20 months ago by ageisp0lis

SReplying to arma:

We have regexes for v1:

^[a-z2-7]{40}\.onion$

Also, what is this? 40-character onion addresses?

Sorry for the confusion! That was from some of @alecmuffet's code which is supposed to match both v2 and v3 (40 + 16). My bad.

comment:4 Changed 20 months ago by arma

But still: Where are you hoping we'll publish it?

This doesn't seem like it belongs in the website component.

comment:5 Changed 20 months ago by ageisp0lis

@arma: The manual at https://www.torproject.org/docs/tor-manual.html.en of course. Under HidServAuth, it reads:

Valid onion addresses contain 16 characters in a-z2-7 plus ".onion", and valid auth cookies contain 22 characters in A-Za-z0-9+/.

The regex for the HidServAuth cookie was valuable information to validate setups when I was with SecureDrop and we were using stealth authentication. (looking forward to seeing that land in v3, btw)

Last edited 20 months ago by ageisp0lis (previous) (diff)

comment:6 Changed 20 months ago by pastly

Just dropping by to mention that not all combinations of 56-characters long strings of base 32 text are valid v3 onions.

So you can know that it definitely is NOT an onion service name if it doesn't match a simple regex. But you can't know if it definitely IS an onion service name with just regex.

Put simply, a v3 onion address is (1) a 32-byte (not bit) public key, (2) a checksum, and (3) a version all encoded together (in that order) in base32. The version is always 3 (or 'd' in base32), thus they always end in 'd'. In addition, the checksum must work out.

https://gitweb.torproject.org/torspec.git/tree/rend-spec-v3.txt#n2012 (Section 6 ONIONADDRESS)

comment:7 Changed 20 months ago by teor

Component: WebpagesCore Tor/Tor
Description: modified (diff)
Keywords: prop224 tor-hs tor-doc added; hidden services v3 next-generation regex removed
Milestone: Tor: 0.3.4.x-final
Points: 0.1
Summary: Publish regex for v3 hidden servicesSummarise the format of v3 hidden service addresses in the Tor man page
Type: enhancementdefect
Version: Tor: unspecifiedTor: 0.3.2.1-alpha

The manual is generated from the tor source repository at tor/doc/tor.1.txt.
Then it's placed on the website.

Would you like to create a patch?
Otherwise, someone else will get to it eventually.

comment:8 Changed 19 months ago by nickm

Keywords: 034-triage-20180328 added

comment:9 Changed 19 months ago by nickm

Keywords: 034-removed-20180328 added

Per our triage process, these tickets are pending removal from 0.3.4.

comment:10 Changed 19 months ago by nickm

Milestone: Tor: 0.3.4.x-finalTor: unspecified

These tickets, tagged with 034-removed-*, are no longer in-scope for 0.3.4. We can reconsider any of them, if time permits.

comment:11 Changed 17 months ago by cypherpunks

regex for v3 ^[a-z2-7]{55}d\.onion$

comment:12 Changed 13 months ago by traumschule

Owner: set to traumschule
Status: newassigned

Created #27680 for the website part. Can give both a try, feel free to jump in.

comment:13 Changed 13 months ago by traumschule

Status: assignednew

Will not work on it, there already is doc/HiddenServiceNames.

comment:14 Changed 13 months ago by traumschule

Resolution: wontfix
Status: newclosed

wild guess

Note: See TracTickets for help on using tickets.