Closed (moved)
extra-info-digest's sha256-digest isn't actually over the same data as the sha1-digest
View options
extra-info-digest's sha256-digest isn't actually over the same data as the sha1-digest
View options
Please review my pull request at:
https://github.com/torproject/torspec/pull/44
The extra-info-digest field of server descriptors was defined to contain either a SHA1, or a SHA1 and a SHA256 digest. These were both meant to be computed over the same data but due to an implementation error, the Tor network has been computing the digests over different data for a while. This is a lot easier to fix in the spec than in the code, and the error does not seem to cause any harm beyond being a little confusing (which this patch should help with).
A minor fix is also made to the SHA1 digest portion of the text. This is a typo fix and a clarification, and does not change the semantic meaning for that portion.