-
Notifications
You must be signed in to change notification settings - Fork 7
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Security and Privacy #59
Commits on Apr 28, 2023
-
Network: clients don't report their addrs
Apparently, clients don't have to report their IP addresses.
Configuration menu - View commit details
-
Copy full SHA for b720c8a - Browse repository at this point
Copy the full SHA b720c8aView commit details -
Network: verify router's ip address
According to spec: Initiators SHOULD use "this OR's address" to make sure that they have connected to another OR at its canonical address.
Configuration menu - View commit details
-
Copy full SHA for 7bb789f - Browse repository at this point
Copy the full SHA 7bb789fView commit details -
Network: respect spec wrt generating NETINFO
According to spec: Clients SHOULD send "0" as their timestamp, to avoid fingerprinting.
Configuration menu - View commit details
-
Copy full SHA for 431ff31 - Browse repository at this point
Copy the full SHA 431ff31View commit details -
Network: verify guard certs with rsa fingerprint
According to spec: ``` To authenticate the responder as having a given RSA identity only, the initiator MUST check the following: * The CERTS cell contains exactly one CertType 1 "Link" certificate. * The CERTS cell contains exactly one CertType 2 "ID" certificate. * Both certificates have validAfter and validUntil dates that are not expired. * The certified key in the Link certificate matches the link key that was used to negotiate the TLS connection. * The certified key in the ID certificate is a 1024-bit RSA key. * The certified key in the ID certificate was used to sign both certificates. * The link certificate is correctly signed with the key in the ID certificate * The ID certificate is correctly self-signed. In both cases above, checking these conditions is sufficient to authenticate that the initiator is talking to the Tor node with the expected identity, as certified in the ID certificate(s). ```
Configuration menu - View commit details
-
Copy full SHA for be7fcdd - Browse repository at this point
Copy the full SHA be7fcddView commit details
Commits on May 2, 2023
-
Directory: fix broken directory-signature parsing
The previous implementation did not support the optional digest-algorithm property in the directory-signature object which is present in micro-consensus.
Configuration menu - View commit details
-
Copy full SHA for 2661fa6 - Browse repository at this point
Copy the full SHA 2661fa6View commit details -
Directory,Tests: validate consensus data
Making sure consensus data is signed by majority of trusted authorities is probably the most important security check in TOR which was missing from NOnion, this commit fixes that. This commit also fixes an issue with parsing directory signatures, adds digest calculation to NetworkStatus and changes networkstatus.json to use Indented formating to help with manual validation.
Configuration menu - View commit details
-
Copy full SHA for 8fbf698 - Browse repository at this point
Copy the full SHA 8fbf698View commit details -
Directory,Utility: EmbeddedResources for authDirs
This commit moves the auth_dirs.inc file to EmbeddedResource so end users don't have to carry the list around with their applications.
Configuration menu - View commit details
-
Copy full SHA for cda3837 - Browse repository at this point
Copy the full SHA cda3837View commit details -
Directory,Tests: remove janky pem reader
This commit removes janky pem reader code in favour of Bouncycastle's PemReader.
Configuration menu - View commit details
-
Copy full SHA for feee458 - Browse repository at this point
Copy the full SHA feee458View commit details