[tor-commits] [stem/master] Move sig header/footer into _generate_signature()
atagar at torproject.org
atagar at torproject.org
Tue Jun 20 16:17:12 UTC 2017
commit 7a3031f2e4d0922d497ad5ce693de1cfb0daf157
Author: Damian Johnson <atagar at torproject.org>
Date: Mon Jun 19 12:15:23 2017 -0700
Move sig header/footer into _generate_signature()
Minor simplification to make this cleaner.
---
stem/descriptor/server_descriptor.py | 16 ++++++++--------
1 file changed, 8 insertions(+), 8 deletions(-)
diff --git a/stem/descriptor/server_descriptor.py b/stem/descriptor/server_descriptor.py
index 03008ac..2ff42e7 100644
--- a/stem/descriptor/server_descriptor.py
+++ b/stem/descriptor/server_descriptor.py
@@ -245,7 +245,9 @@ def _generate_signing_key():
def _generate_signature(content, signing_key):
"""
- Creates the 'router-signature' for the given descriptor content.
+ Creates the 'router-signature' signature block (excluding the
+ 'router-signature\n' prefix since that should be part of the
+ signed content).
"""
from cryptography.hazmat.primitives import hashes
@@ -257,7 +259,8 @@ def _generate_signature(content, signing_key):
digest = DIGEST_TYPE_INFO + (DIGEST_PADDING * (125 - len(digest))) + DIGEST_SEPARATOR + digest
padding = padding.PSS(mgf = padding.MGF1(hashes.SHA256()), salt_length = padding.PSS.MAX_LENGTH)
- return base64.b64encode(signing_key.private.sign(digest, padding, hashes.SHA256()))
+ signature = base64.b64encode(signing_key.private.sign(digest, padding, hashes.SHA256()))
+ return '-----BEGIN SIGNATURE-----\n' + '\n'.join(stem.util.str_tools._split_by_length(signature, 64)) + '\n-----END SIGNATURE-----\n'
def _parse_router_line(descriptor, entries):
@@ -878,17 +881,14 @@ class RelayDescriptor(ServerDescriptor):
if attr is None:
attr = {}
- # create descriptor content without the router-signature line, then
- # appending the signature
+ # create descriptor content without the router-signature, then
+ # appending the content signature
signing_key = _generate_signing_key()
attr['signing-key'] = signing_key.descriptor_signing_key
content = _descriptor_content(attr, exclude, sign, RELAY_SERVER_HEADER) + '\nrouter-signature\n'
- signature = _generate_signature(content, signing_key)
- content = '\n'.join([content + '-----BEGIN SIGNATURE-----'] + stem.util.str_tools._split_by_length(signature, 64) + ['-----END SIGNATURE-----']) + '\n'
-
- return content
+ return content + _generate_signature(content, signing_key)
else:
return _descriptor_content(attr, exclude, sign, RELAY_SERVER_HEADER, RELAY_SERVER_FOOTER)
More information about the tor-commits
mailing list