rend-spec says to use blinded-public-key in place of N_hs_subcred
When decrypting the 1st desc layer the spec says the following:
The encryption keys and format for the first layer of encryption are generated as specified in
[HS-DESC-ENCRYPTION-KEYS] with customization parameters:
SECRET_DATA = blinded-public-key
STRING_CONSTANT = "hsdir-superencrypted-data"
But blinded-public-key isn't confidential (it's HSDir-known). This made me look further because it would jeopardize the protection provided by the 1st encryption layer. Arti seems to use N_hs_subcred
to decrypt that layer.
Can someone with better knowledge of rend-spec and its implementations confirm whether blinded-public-key
should be substituted by N_hs_subcred
?
I'm making this issue confidential for now as if I understood the spec right, and arti code wrong, it's double-plus-ungood. Feel free to make public if the spec is the issue, and not the implementations.