[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-talk] Validating the DA authority document



Hi community,

I've tried reading the TOR docs, but I can't seem to wrap my head around
how the authority document works (as regards signature validation) ... I've
gotten circuit building working in a standalone c# library, but I'm
struggling with validating the directory.

For clarity, the document I am referring to, is the following :
http://193.23.244.244/tor/keys/authority.z

I've tried verifying various areas of the document ...
With various line endings CRLF/LFCR/LF/CR
With various signature algorithms SHA1withRSA / SHA256withRSA / etc
With both of the footer signatures

I am using the "dir identity" RSA key at the top of the document as the
reference key to verify against - I'm assuming this is correct, it's the
only thing I can find that looks like the top level key.

Unfortunately, no matter what I try, I just get a signature mismatch every
time and I'm running out of sensible permutations.  Clearly I'm missing
something.

Could some kind soul please point me in the right direction?

As I say, I've poured through the TOR specs but I've been unable to locate
a clear description that resolves all of the question marks.  I'd check the
source, but... again... that's some pretty dense code to make sense of : /

Could someone please describe the process, and make an old man very happy?

Many thanks

Gary Chapman (UK)
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk