[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-bugs] #20287 [Metrics/CollecTor]: digest computation for names of vote files in CollecTor's file protocol and code differs
#20287: digest computation for names of vote files in CollecTor's file protocol and
code differs
-----------------------------------+-----------------------------
Reporter: iwakeh | Owner:
Type: defect | Status: new
Priority: High | Milestone: CollecTor 1.1.0
Component: Metrics/CollecTor | Version:
Severity: Normal | Keywords:
Actual Points: | Parent ID:
Points: | Reviewer:
Sponsor: |
-----------------------------------+-----------------------------
It seems that
[https://gitweb.torproject.org/collector.git/tree/src/main/resources/docs/PROTOCOL#n202
section 4.3.3] of the protocol doesn't coincide with CollecTor's code.
The section reads:
{{{
4.3.3
'votes' contains files named
year DASH month DASH day DASH hour DASH minute DASH second
DASH VOTE DASH fingerprint DASH digest
Where VOTE is the string "vote" and all time related
values are derived from the valid-after dates. 'fingerprint'
is the fingerprint of the authority and 'digest' is the SHA1
digest of the authority's medium term signing key.
}}}
But the code for creating the digest calculates a digest for the
descriptor bytes from the start of the vote to the 'directory-signature '
(incl.).
(cf.
[https://gitweb.torproject.org/collector.git/tree/src/main/java/org/torproject/collector/relaydescs/RelayDescriptorParser.java#n204
here]).
{{{
#!java
...
String ascii = new String(data, "US-ASCII");
String startToken = "network-status-version ";
String sigToken = "directory-signature ";
int start = ascii.indexOf(startToken);
int sig = ascii.indexOf(sigToken);
if (start >= 0 && sig >= 0 && sig > start) {
sig += sigToken.length();
byte[] forDigest = new byte[sig - start];
System.arraycopy(data, start, forDigest, 0, sig - start);
String digest = DigestUtils.shaHex(forDigest).toUpperCase();
if (this.aw != null) {
this.aw.storeVote(data, validAfter, dirSource, digest,
serverDescriptorDigests);
...
}}}
Which is correct?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/20287>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs