March 2017 - tor-commits - lists.torproject.org

[torbirdy/master] Update changelog for Bug 6958
by sukhbir＠torproject.org 29 Mar '17

29 Mar '17

commit 615a5b89d91f8b48d32c85372dc6d78de42d89f6 Author: Sukhbir Singh <sukhbir(a)torproject.org> Date: Thu Mar 30 00:35:58 2017 -0400 Update changelog for Bug 6958 --- ChangeLog | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ChangeLog b/ChangeLog index 6787b69..7ef279e 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,7 +1,7 @@ 0.2.2, * Bug 20751: Enforce stronger ciphers in TorBirdy - * Bug 16935, 19971: Add support for already torified keyserver communication - using modern GnuPG + * Bug 6958, 16935, 19971: Add support for already torified keyserver + communication using modern GnuPG * Update default keyserver to OnionBalance hidden service pool 0.2.1, 30 Nov 2016

1 0

[stem/master] Revised basic Ed25519Certificate parsing
by atagar＠torproject.org 29 Mar '17

29 Mar '17

commit 90834c9b437bf099f016f30a190f7eb8e125f013 Author: Damian Johnson <atagar(a)torproject.org> Date: Sun Mar 26 13:41:43 2017 +0200 Revised basic Ed25519Certificate parsing The present parser is good but retooling it to... * Not require pynacl for basic certificate parsing (like the cryptography module that's only necessary if the user wants validation). * Be more ameanable to future versions by extending a common Ed25519Certificate base class. * Use an enumeration for the certificate type. * Use a datetime object for the expiration time. * Add additional tests and clarify the exception messages a bit. Far from done. Just handling a handful of the basic attributes. Still needs to fold in extensions and of course validation. Leaving the prior implementation around to help with that. --- stem/descriptor/certificate.py | 132 ++++++++++++++++++++++++++++++++++-- test/settings.cfg | 2 +- test/unit/descriptor/certificate.py | 67 ++++++++++++++++++ 3 files changed, 194 insertions(+), 7 deletions(-) diff --git a/stem/descriptor/certificate.py b/stem/descriptor/certificate.py index 191e87e..f9fb6ec 100644 --- a/stem/descriptor/certificate.py +++ b/stem/descriptor/certificate.py @@ -2,17 +2,138 @@ # See LICENSE for licensing information """ -Parsing for Tor Ed25519 certificates, which is used to validate the key used to -sign server descriptors. +Parsing for Tor Ed25519 certificates, which are used to validate the key used +to sign server descriptors. -Certificates can optionally contain CertificateExtension objects depending on -their type and purpose. Currently Ed25519KeyCertificate certificates will -contain one SignedWithEd25519KeyCertificateExtension. +.. versionadded:: 1.6.0 **Module Overview:** :: + Ed25519Certificate - Ed25519 signing key certificate + +- parse - reads base64 encoded certificate data + +.. data:: CertType (enum) + + Purpose of Ed25519 certificate. As new certificate versions are added this + enumeration will expand. + + ============== =========== + CertType Description + ============== =========== + **SIGNING** signing a signing key with an identity key + **LINK_CERT** TLS link certificate signed with ed25519 signing key + **AUTH** authentication key signed with ed25519 signing key + ============== =========== +""" + +import base64 +import datetime + +from stem.util import enum + +ED25519_HEADER_LENGTH = 40 +ED25519_SIGNATURE_LENGTH = 64 + +CertType = enum.UppercaseEnum('SIGNING', 'LINK_CERT', 'AUTH') + + +class Ed25519Certificate(object): + """ + Base class for an Ed25519 certificate. + + :var int version: certificate format version + :var str encoded: base64 encoded ed25519 certificate + """ + + def __init__(self, version, encoded): + self.version = version + self.encoded = encoded + + @staticmethod + def parse(content): + """ + Parses the given base64 encoded data as an Ed25519 certificate. + + :param str content: base64 encoded certificate + + :returns: :class:`~stem.descriptor.certificate.Ed25519Certificate` subclsss + for the given certificate + + :raises: **ValueError** if content is malformed + """ + + try: + decoded = base64.b64decode(content) + + if not decoded: + raise TypeError('empty') + except TypeError as exc: + raise ValueError("Ed25519 certificate wasn't propoerly base64 encoded (%s):\n%s" % (exc, content)) + + version = stem.util.str_tools._to_int(decoded[0]) + + if version == 1: + return Ed25519CertificateV1(version, content, decoded) + else: + raise ValueError('Ed25519 certificate is version %i. Parser presently only supports version 1.' % version) + + +class Ed25519CertificateV1(Ed25519Certificate): + """ + Version 1 Ed25519 certificate, which are used for signing tor server + descriptors. + + :var CertType cert_type: certificate purpose + :var datetime expiration: expiration of the certificate + :var int key_type: format of the key + :var bytes key: key content + """ + + def __init__(self, version, encoded, decoded): + super(Ed25519CertificateV1, self).__init__(version, encoded) + + if len(decoded) < ED25519_HEADER_LENGTH + ED25519_SIGNATURE_LENGTH: + raise ValueError('Ed25519 certificate was %i bytes, but should be at least %i' % (len(decoded), ED25519_HEADER_LENGTH + ED25519_SIGNATURE_LENGTH)) + + cert_type = stem.util.str_tools._to_int(decoded[1]) + + if cert_type in (0, 1, 2, 3): + raise ValueError('Ed25519 certificate cannot have a type of %i. This is reserved to avoid conflicts with tor CERTS cells.' % cert_type) + elif cert_type == 4: + self.cert_type = CertType.SIGNING + elif cert_type == 5: + self.cert_type = CertType.LINK_CERT + elif cert_type == 6: + self.cert_type = CertType.AUTH + elif cert_type == 7: + raise ValueError('Ed25519 certificate cannot have a type of 7. This is reserved for RSA identity cross-certification.') + else: + raise ValueError("BUG: Ed25519 certificate type is decoded from one byte. It shouldn't be possible to have a value of %i." % cert_type) + + # expiration time is in hours since epoch + self.expiration = datetime.datetime.fromtimestamp(stem.util.str_tools._to_int(decoded[2:6]) * 60 * 60) + + self.key_type = stem.util.str_tools._to_int(decoded[6]) + self.key = decoded[7:39] + + + + + + + + + + + + +""" +Certificates can optionally contain CertificateExtension objects depending on +their type and purpose. Currently Ed25519KeyCertificate certificates will +contain one SignedWithEd25519KeyCertificateExtension. + Certificate - Tor Certificate +- Ed25519KeyCertificate - Certificate for Ed25519 signing key +- verify_descriptor_signature - verify a relay descriptor against a signature @@ -21,7 +142,6 @@ contain one SignedWithEd25519KeyCertificateExtension. +- SignedWithEd25519KeyCertificateExtension - Ed25519 signing key extension """ -import base64 import binascii import hashlib import time diff --git a/test/settings.cfg b/test/settings.cfg index c953773..1d011f9 100644 --- a/test/settings.cfg +++ b/test/settings.cfg @@ -194,7 +194,7 @@ test.unit_tests |test.unit.descriptor.networkstatus.document_v3.TestNetworkStatusDocument |test.unit.descriptor.networkstatus.bridge_document.TestBridgeNetworkStatusDocument |test.unit.descriptor.hidden_service_descriptor.TestHiddenServiceDescriptor -|test.unit.descriptor.certificate.TestCertificate +|test.unit.descriptor.certificate.TestEd25519Certificate |test.unit.exit_policy.rule.TestExitPolicyRule |test.unit.exit_policy.policy.TestExitPolicy |test.unit.version.TestVersion diff --git a/test/unit/descriptor/certificate.py b/test/unit/descriptor/certificate.py index 2f2f728..5297579 100644 --- a/test/unit/descriptor/certificate.py +++ b/test/unit/descriptor/certificate.py @@ -2,12 +2,79 @@ Unit tests for stem.descriptor.certificate. """ +import base64 +import datetime +import re import unittest import stem.descriptor.certificate import stem.prereq import test.runner +from stem.descriptor.certificate import ED25519_SIGNATURE_LENGTH, CertType, Ed25519Certificate, Ed25519CertificateV1 + +ED25519_CERT = """ +AQQABhtZAaW2GoBED1IjY3A6f6GNqBEl5A83fD2Za9upGke51JGqAQAgBABnprVR +ptIr43bWPo2fIzo3uOywfoMrryprpbm4HhCkZMaO064LP+1KNuLvlc8sGG8lTjx1 +g4k3ELuWYgHYWU5rAia7nl4gUfBZOEfHAfKES7l3d63dBEjEX98Ljhdp2w4= +""".strip() + + +def certificate(version = 1, cert_type = 4): + return base64.b64encode(''.join([ + chr(version), + chr(cert_type), + b'\x00' * 4, # expiration date, leaving this as the epoch + b'\x01', # key type + b'\x03' * 32, # key + b'\x00' + b'\x00' * ED25519_SIGNATURE_LENGTH])) + + +class TestEd25519Certificate(unittest.TestCase): + def assert_raises(self, parse_arg, exc_msg): + self.assertRaisesRegexp(ValueError, re.escape(exc_msg), Ed25519Certificate.parse, parse_arg) + + def test_basic_parsing(self): + cert_bytes = certificate() + cert = Ed25519Certificate.parse(cert_bytes) + + self.assertEqual(Ed25519CertificateV1, type(cert)) + self.assertEqual(1, cert.version) + self.assertEqual(cert_bytes, cert.encoded) + self.assertEqual(CertType.SIGNING, cert.cert_type) + self.assertEqual(datetime.datetime(1970, 1, 1, 1, 0), cert.expiration) + self.assertEqual(1, cert.key_type) + self.assertEqual(b'\x03' * 32, cert.key) + + def test_with_real_cert(self): + cert = Ed25519Certificate.parse(ED25519_CERT) + + self.assertEqual(Ed25519CertificateV1, type(cert)) + self.assertEqual(1, cert.version) + self.assertEqual(ED25519_CERT, cert.encoded) + self.assertEqual(CertType.SIGNING, cert.cert_type) + self.assertEqual(datetime.datetime(2015, 8, 28, 19, 0), cert.expiration) + self.assertEqual(1, cert.key_type) + self.assertEqual('\xa5\xb6\x1a\x80D\x0fR#cp:\x7f\xa1\x8d\xa8\x11%\xe4\x0f7|=\x99k\xdb\xa9\x1aG\xb9\xd4\x91\xaa', cert.key) + + def test_non_base64(self): + self.assert_raises('\x02\x0323\x04', "Ed25519 certificate wasn't propoerly base64 encoded (Incorrect padding):") + + def test_too_short(self): + self.assert_raises('', "Ed25519 certificate wasn't propoerly base64 encoded (empty):") + self.assert_raises('AQQABhtZAaW2GoBED1IjY3A6', 'Ed25519 certificate was 18 bytes, but should be at least 104') + + def test_with_invalid_version(self): + self.assert_raises(certificate(version = 2), 'Ed25519 certificate is version 2. Parser presently only supports version 1.') + + def test_with_invalid_cert_type(self): + self.assert_raises(certificate(cert_type = 0), 'Ed25519 certificate cannot have a type of 0. This is reserved to avoid conflicts with tor CERTS cells.') + self.assert_raises(certificate(cert_type = 7), 'Ed25519 certificate cannot have a type of 7. This is reserved for RSA identity cross-certification.') + + + + + class TestCertificate(unittest.TestCase): def test_with_invalid_version(self):

1 0

[stem/master] Add an is_expired() method to certificates
by atagar＠torproject.org 29 Mar '17

29 Mar '17

commit 43e239fad888eb213b0cb22dbff3b34b55fc64f8 Author: Damian Johnson <atagar(a)torproject.org> Date: Sun Mar 26 17:49:07 2017 +0200 Add an is_expired() method to certificates Method to check if the certificate is presently expired or not. We should *not* consider a certificate to be invalid because it's expired. Stem is used to parse past descriptors just as well as current ones. Good thing to be able to easily check but doesn't belong in a validate() function. --- stem/descriptor/certificate.py | 10 ++++++++++ test/unit/descriptor/certificate.py | 1 + 2 files changed, 11 insertions(+) diff --git a/stem/descriptor/certificate.py b/stem/descriptor/certificate.py index 094667d..5d60458 100644 --- a/stem/descriptor/certificate.py +++ b/stem/descriptor/certificate.py @@ -177,6 +177,16 @@ class Ed25519CertificateV1(Ed25519Certificate): if remaining_data: raise ValueError('Ed25519 certificate had %i bytes of unused extension data' % len(remaining_data)) + def is_expired(self): + """ + Checks if this certificate is presently expired or not. + + :returns: **True** if the certificate has expired, **False** otherwise + """ + + return datetime.datetime.now() > self.expiration + + class Ed25519Extension(collections.namedtuple('Ed25519Extension', ['type', 'flags', 'flag_int', 'data'])): """ diff --git a/test/unit/descriptor/certificate.py b/test/unit/descriptor/certificate.py index 1444a10..57f6643 100644 --- a/test/unit/descriptor/certificate.py +++ b/test/unit/descriptor/certificate.py @@ -59,6 +59,7 @@ class TestEd25519Certificate(unittest.TestCase): ], cert.extensions) self.assertEqual(ExtensionType.HAS_SIGNING_KEY, cert.extensions[0].type) + self.assertTrue(cert.is_expired()) def test_with_real_cert(self): cert = Ed25519Certificate.parse(ED25519_CERT)

1 0

[stem/master] Link to the spec for Ed25519 certs
by atagar＠torproject.org 29 Mar '17

29 Mar '17

commit b50a4c2082254608f2c83203d0d141a8432c26d0 Author: Damian Johnson <atagar(a)torproject.org> Date: Sun Mar 26 16:47:38 2017 +0200 Link to the spec for Ed25519 certs Link provided in the prior change was good, but better to link to the current specification rather than the proposal that created it. --- stem/descriptor/certificate.py | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/stem/descriptor/certificate.py b/stem/descriptor/certificate.py index e1d75bb..aacf67f 100644 --- a/stem/descriptor/certificate.py +++ b/stem/descriptor/certificate.py @@ -2,8 +2,9 @@ # See LICENSE for licensing information """ -Parsing for Tor Ed25519 certificates, which are used to validate the key used -to sign server descriptors. +Parsing for `Tor Ed25519 certificates +<https://gitweb.torproject.org/torspec.git/tree/cert-spec.txt>`_, which are +used to validate the key used to sign server descriptors. .. versionadded:: 1.6.0

1 0

[stem/master] Fix key validation crypto
by atagar＠torproject.org 29 Mar '17

29 Mar '17

commit 3ff6435527b296ca0bafde2ea3989cc043507e07 Author: Damian Johnson <atagar(a)torproject.org> Date: Wed Mar 29 18:28:39 2017 +0200 Fix key validation crypto Took some head scratching but figured out what I was buggering up. We should be validating the certificate bytes here, not the descriptor. --- stem/descriptor/certificate.py | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/stem/descriptor/certificate.py b/stem/descriptor/certificate.py index 8888554..e29a079 100644 --- a/stem/descriptor/certificate.py +++ b/stem/descriptor/certificate.py @@ -208,20 +208,21 @@ class Ed25519CertificateV1(Ed25519Certificate): from nacl.exceptions import BadSignatureError descriptor_content = server_descriptor.get_bytes() - signing_key = server_descriptor.ed25519_master_key + signing_key = None - if not signing_key: + if server_descriptor.ed25519_master_key: + signing_key = nacl.signing.VerifyKey(server_descriptor.ed25519_master_key + '=', encoder = nacl.encoding.Base64Encoder) + else: for extension in self.extensions: if extension.type == ExtensionType.HAS_SIGNING_KEY: - signing_key = extension.data + signing_key = nacl.signing.VerifyKey(extension.data) break if not signing_key: raise ValueError('Server descriptor missing an ed25519 signing key') try: - verify_key = nacl.signing.VerifyKey(signing_key + '=', encoder = nacl.encoding.Base64Encoder) - verify_key.verify(descriptor_content[:-ED25519_SIGNATURE_LENGTH], self.signature) + signing_key.verify(base64.b64decode(self.encoded)[:-ED25519_SIGNATURE_LENGTH], self.signature) except BadSignatureError as exc: raise ValueError('Ed25519KeyCertificate signing key is invalid (%s)' % exc)

1 0

[stem/master] Drop Ed25519 identity key check
by atagar＠torproject.org 29 Mar '17

29 Mar '17

commit f3af021241b6a504af1090bc10021a793280079f Author: Damian Johnson <atagar(a)torproject.org> Date: Tue Mar 28 17:16:51 2017 +0200 Drop Ed25519 identity key check This always evaluates to 'true'. We construct 'certificate' with our ed25519_master_key then checks if it matches our ed25519_master_key. The _parse_certificate() function doesn't do anything to the key so this is always true. --- stem/descriptor/server_descriptor.py | 3 --- 1 file changed, 3 deletions(-) diff --git a/stem/descriptor/server_descriptor.py b/stem/descriptor/server_descriptor.py index 9c44256..d309f11 100644 --- a/stem/descriptor/server_descriptor.py +++ b/stem/descriptor/server_descriptor.py @@ -769,9 +769,6 @@ class RelayDescriptor(ServerDescriptor): if stem.prereq._is_pynacl_available() and self.ed25519_certificate: self.certificate = _parse_certificate(_bytes_for_block(self.ed25519_certificate), self.ed25519_master_key, validate) - if self.certificate.identity_key != self.ed25519_master_key: - raise ValueError('master-key-ed25519 does not match ed25519 certificate identity key') - self.certificate.verify_descriptor_signature(raw_contents, self.ed25519_signature) @lru_cache()

1 0

[stem/master] Shorter attribute name for cert and extension types
by atagar＠torproject.org 29 Mar '17

29 Mar '17

commit 2a656032d0f755191b1da3272e8dd2bf7ed7414b Author: Damian Johnson <atagar(a)torproject.org> Date: Sun Mar 26 17:08:45 2017 +0200 Shorter attribute name for cert and extension types I was avoiding calling them 'type' because it's a builtin function, but meh. Calling it 'cert_type' and 'extension_type' is clearly redundant. --- stem/descriptor/certificate.py | 14 +++++++------- test/unit/descriptor/certificate.py | 12 ++++++------ 2 files changed, 13 insertions(+), 13 deletions(-) diff --git a/stem/descriptor/certificate.py b/stem/descriptor/certificate.py index e513dac..094667d 100644 --- a/stem/descriptor/certificate.py +++ b/stem/descriptor/certificate.py @@ -110,7 +110,7 @@ class Ed25519CertificateV1(Ed25519Certificate): Version 1 Ed25519 certificate, which are used for signing tor server descriptors. - :var CertType cert_type: certificate purpose + :var CertType type: certificate purpose :var datetime expiration: expiration of the certificate :var int key_type: format of the key :var bytes key: key content @@ -129,18 +129,18 @@ class Ed25519CertificateV1(Ed25519Certificate): if cert_type in (0, 1, 2, 3): raise ValueError('Ed25519 certificate cannot have a type of %i. This is reserved to avoid conflicts with tor CERTS cells.' % cert_type) elif cert_type == 4: - self.cert_type = CertType.SIGNING + self.type = CertType.SIGNING elif cert_type == 5: - self.cert_type = CertType.LINK_CERT + self.type = CertType.LINK_CERT elif cert_type == 6: - self.cert_type = CertType.AUTH + self.type = CertType.AUTH elif cert_type == 7: raise ValueError('Ed25519 certificate cannot have a type of 7. This is reserved for RSA identity cross-certification.') else: raise ValueError("BUG: Ed25519 certificate type is decoded from one byte. It shouldn't be possible to have a value of %i." % cert_type) # expiration time is in hours since epoch - self.expiration = datetime.datetime.fromtimestamp(stem.util.str_tools._to_int(decoded[2:6]) * 60 * 60) + self.expiration = datetime.datetime.fromtimestamp(stem.util.str_tools._to_int(decoded[2:6]) * 3600) self.key_type = stem.util.str_tools._to_int(decoded[6]) self.key = decoded[7:39] @@ -178,11 +178,11 @@ class Ed25519CertificateV1(Ed25519Certificate): raise ValueError('Ed25519 certificate had %i bytes of unused extension data' % len(remaining_data)) -class Ed25519Extension(collections.namedtuple('Ed25519Extension', ['extension_type', 'flags', 'flag_int', 'data'])): +class Ed25519Extension(collections.namedtuple('Ed25519Extension', ['type', 'flags', 'flag_int', 'data'])): """ Extension within an Ed25519 certificate. - :var int extension_type: extension type + :var int type: extension type :var list flags: extension attribute flags :var int flag_int: integer encoding of the extension attribute flags :var bytes data: data the extension concerns diff --git a/test/unit/descriptor/certificate.py b/test/unit/descriptor/certificate.py index 9c1ef10..1444a10 100644 --- a/test/unit/descriptor/certificate.py +++ b/test/unit/descriptor/certificate.py @@ -47,18 +47,18 @@ class TestEd25519Certificate(unittest.TestCase): self.assertEqual(Ed25519CertificateV1, type(cert)) self.assertEqual(1, cert.version) self.assertEqual(cert_bytes, cert.encoded) - self.assertEqual(CertType.SIGNING, cert.cert_type) + self.assertEqual(CertType.SIGNING, cert.type) self.assertEqual(datetime.datetime(1970, 1, 1, 1, 0), cert.expiration) self.assertEqual(1, cert.key_type) self.assertEqual(b'\x03' * 32, cert.key) self.assertEqual(b'\x01' * ED25519_SIGNATURE_LENGTH, cert.signature) self.assertEqual([ - Ed25519Extension(extension_type = 4, flags = [ExtensionFlag.AFFECTS_VALIDATION, ExtensionFlag.UNKNOWN], flag_int = 7, data = b'\x15\x12'), - Ed25519Extension(extension_type = 5, flags = [ExtensionFlag.UNKNOWN], flag_int = 4, data = b''), + Ed25519Extension(type = 4, flags = [ExtensionFlag.AFFECTS_VALIDATION, ExtensionFlag.UNKNOWN], flag_int = 7, data = b'\x15\x12'), + Ed25519Extension(type = 5, flags = [ExtensionFlag.UNKNOWN], flag_int = 4, data = b''), ], cert.extensions) - self.assertEqual(ExtensionType.HAS_SIGNING_KEY, cert.extensions[0].extension_type) + self.assertEqual(ExtensionType.HAS_SIGNING_KEY, cert.extensions[0].type) def test_with_real_cert(self): cert = Ed25519Certificate.parse(ED25519_CERT) @@ -66,11 +66,11 @@ class TestEd25519Certificate(unittest.TestCase): self.assertEqual(Ed25519CertificateV1, type(cert)) self.assertEqual(1, cert.version) self.assertEqual(ED25519_CERT, cert.encoded) - self.assertEqual(CertType.SIGNING, cert.cert_type) + self.assertEqual(CertType.SIGNING, cert.type) self.assertEqual(datetime.datetime(2015, 8, 28, 19, 0), cert.expiration) self.assertEqual(1, cert.key_type) self.assertEqual(EXPECTED_CERT_KEY, cert.key) - self.assertEqual([Ed25519Extension(extension_type = 4, flags = [], flag_int = 0, data = EXPECTED_EXTENSION_DATA)], cert.extensions) + self.assertEqual([Ed25519Extension(type = 4, flags = [], flag_int = 0, data = EXPECTED_EXTENSION_DATA)], cert.extensions) self.assertEqual(EXPECTED_SIGNATURE, cert.signature) def test_non_base64(self):

1 0

[stem/master] Strip header and footer from parsed certificate
by atagar＠torproject.org 29 Mar '17

29 Mar '17

commit f95959591e3e5ac393ded9e31b020e2748599b41 Author: Damian Johnson <atagar(a)torproject.org> Date: Tue Mar 28 20:03:48 2017 +0200 Strip header and footer from parsed certificate Oops, forgot to drop the '-----BEGIN ED25519 CERT-----' wrapper. Caught thanks to our server descriptor unit tests. They still fail if you have pynacl because I don't have the crypto bits right yet, but progress! --- stem/descriptor/certificate.py | 2 +- stem/descriptor/server_descriptor.py | 7 ++++++- test/unit/descriptor/server_descriptor.py | 17 +++++++++++++++++ 3 files changed, 24 insertions(+), 2 deletions(-) diff --git a/stem/descriptor/certificate.py b/stem/descriptor/certificate.py index eafa51e..8888554 100644 --- a/stem/descriptor/certificate.py +++ b/stem/descriptor/certificate.py @@ -187,7 +187,7 @@ class Ed25519CertificateV1(Ed25519Certificate): return datetime.datetime.now() > self.expiration - def verify(self, server_descriptor): + def validate(self, server_descriptor): """ Validates our signing key and that the given descriptor content matches its Ed25519 signature. diff --git a/stem/descriptor/server_descriptor.py b/stem/descriptor/server_descriptor.py index 2501b0e..35b1303 100644 --- a/stem/descriptor/server_descriptor.py +++ b/stem/descriptor/server_descriptor.py @@ -391,7 +391,12 @@ def _parse_exit_policy(descriptor, entries): def _parse_identity_ed25519_line(descriptor, entries): _parse_key_block('identity-ed25519', 'ed25519_certificate', 'ED25519 CERT')(descriptor, entries) - descriptor.certificate = stem.descriptor.certificate.Ed25519Certificate.parse(descriptor.ed25519_certificate) + + if descriptor.ed25519_certificate: + cert_lines = descriptor.ed25519_certificate.split('\n') + + if cert_lines[0] == '-----BEGIN ED25519 CERT-----' and cert_lines[-1] == '-----END ED25519 CERT-----': + descriptor.certificate = stem.descriptor.certificate.Ed25519Certificate.parse(''.join(cert_lines[1:-1])) _parse_master_key_ed25519_line = _parse_simple_line('master-key-ed25519', 'ed25519_master_key') diff --git a/test/unit/descriptor/server_descriptor.py b/test/unit/descriptor/server_descriptor.py index b48f3a6..5a1d94f 100644 --- a/test/unit/descriptor/server_descriptor.py +++ b/test/unit/descriptor/server_descriptor.py @@ -16,6 +16,7 @@ import stem.version import stem.util.str_tools from stem.util import str_type +from stem.descriptor.certificate import CertType, ExtensionType from stem.descriptor.server_descriptor import RelayDescriptor, BridgeDescriptor from test.mocking import ( @@ -110,6 +111,7 @@ Qlx9HNCqCY877ztFRC624ja2ql6A2hBcuoYMbkHjcQ4= self.assertEqual(9001, desc.or_port) self.assertEqual(None, desc.socks_port) self.assertEqual(None, desc.dir_port) + self.assertEqual(None, desc.certificate) self.assertEqual(None, desc.ed25519_certificate) self.assertEqual(None, desc.ed25519_master_key) self.assertEqual(None, desc.ed25519_signature) @@ -263,6 +265,21 @@ Qlx9HNCqCY877ztFRC624ja2ql6A2hBcuoYMbkHjcQ4= '$EC116BCB80565A408CE67F8EC3FE3B0B02C3A065', ]) + self.assertEqual(1, desc.certificate.version) + self.assertEqual(CertType.SIGNING, desc.certificate.type) + self.assertEqual(datetime.datetime(2015, 8, 28, 19, 0, 0), desc.certificate.expiration) + self.assertEqual(1, desc.certificate.key_type) + self.assertTrue(desc.certificate.key.startswith('\xa5\xb6\x1a\x80D\x0f')) + self.assertTrue(desc.certificate.signature.startswith('\xc6\x8e\xd3\xae\x0b')) + self.assertEqual(1, len(desc.certificate.extensions)) + self.assertTrue('bWPo2fIzo3uOywfoM' in desc.certificate.encoded) + + extension = desc.certificate.extensions[0] + self.assertEqual(ExtensionType.HAS_SIGNING_KEY, extension.type) + self.assertEqual([], extension.flags) + self.assertEqual(0, extension.flag_int) + self.assertTrue(extension.data.startswith('g\xa6\xb5Q\xa6\xd2')) + self.assertEqual('destiny', desc.nickname) self.assertEqual('F65E0196C94DFFF48AFBF2F5F9E3E19AAE583FD0', desc.fingerprint) self.assertEqual('94.242.246.23', desc.address)

1 0

[stem/master] Validate server descriptor using Ed25519 certificate
by atagar＠torproject.org 29 Mar '17

29 Mar '17

commit 905b6217cb57b3952222719d05b4249d29663174 Author: Damian Johnson <atagar(a)torproject.org> Date: Tue Mar 28 17:56:40 2017 +0200 Validate server descriptor using Ed25519 certificate Finally integrating the cryptographic descriptor validation. Not sure if it works or not but looks like it should be equivialent to what we had. Needs tests though. --- stem/descriptor/certificate.py | 52 ++++++++++++++++++++++++++++++++++++ stem/descriptor/server_descriptor.py | 33 ++++++++++++++--------- 2 files changed, 73 insertions(+), 12 deletions(-) diff --git a/stem/descriptor/certificate.py b/stem/descriptor/certificate.py index 5d60458..eafa51e 100644 --- a/stem/descriptor/certificate.py +++ b/stem/descriptor/certificate.py @@ -58,6 +58,7 @@ from stem.util import enum ED25519_HEADER_LENGTH = 40 ED25519_SIGNATURE_LENGTH = 64 +ED25519_ROUTER_SIGNATURE_PREFIX = b'Tor router descriptor signature v1' CertType = enum.UppercaseEnum('SIGNING', 'LINK_CERT', 'AUTH') ExtensionType = enum.Enum(('HAS_SIGNING_KEY', 4),) @@ -186,6 +187,57 @@ class Ed25519CertificateV1(Ed25519Certificate): return datetime.datetime.now() > self.expiration + def verify(self, server_descriptor): + """ + Validates our signing key and that the given descriptor content matches its + Ed25519 signature. + + :param stem.descriptor.server_descriptor.Ed25519 server_descriptor: relay + server descriptor to validate + + :raises: + * **ValueError** if signing key or descriptor are invalid + * **ImportError** if pynacl module is unavailable + """ + + if not stem.prereq._is_pynacl_available(): + raise ImportError('Certificate validation requires the pynacl module') + + import nacl.signing + import nacl.encoding + from nacl.exceptions import BadSignatureError + + descriptor_content = server_descriptor.get_bytes() + signing_key = server_descriptor.ed25519_master_key + + if not signing_key: + for extension in self.extensions: + if extension.type == ExtensionType.HAS_SIGNING_KEY: + signing_key = extension.data + break + + if not signing_key: + raise ValueError('Server descriptor missing an ed25519 signing key') + + try: + verify_key = nacl.signing.VerifyKey(signing_key + '=', encoder = nacl.encoding.Base64Encoder) + verify_key.verify(descriptor_content[:-ED25519_SIGNATURE_LENGTH], self.signature) + except BadSignatureError as exc: + raise ValueError('Ed25519KeyCertificate signing key is invalid (%s)' % exc) + + # ed25519 signature validates descriptor content up until the signature itself + + signed_content = descriptor_content[:descriptor_content.index(b'router-sig-ed25519 ') + 19] + descriptor_sha256_digest = hashlib.sha256(ED25519_ROUTER_SIGNATURE_PREFIX + signed_content).digest() + + missing_padding = len(server_descriptor.ed25519_signature) % 4 + signature_bytes = base64.b64decode(stem.util.str_tools._to_bytes(server_descriptor.ed25519_signature) + b'=' * missing_padding) + + try: + verify_key = nacl.signing.VerifyKey(self.key) + verify_key.verify(descriptor_sha256_digest, signature_bytes) + except BadSignatureError as exc: + raise ValueError('Descriptor Ed25519 certificate signature invalid (%s)' % exc) class Ed25519Extension(collections.namedtuple('Ed25519Extension', ['type', 'flags', 'flag_int', 'data'])): diff --git a/stem/descriptor/server_descriptor.py b/stem/descriptor/server_descriptor.py index d309f11..2501b0e 100644 --- a/stem/descriptor/server_descriptor.py +++ b/stem/descriptor/server_descriptor.py @@ -37,6 +37,7 @@ import functools import hashlib import re +import stem.descriptor.certificate import stem.descriptor.extrainfo_descriptor import stem.exit_policy import stem.prereq @@ -64,8 +65,6 @@ from stem.descriptor import ( _parse_key_block, ) -from stem.descriptor.certificate import _parse_certificate - try: # added in python 3.2 from functools import lru_cache @@ -390,7 +389,11 @@ def _parse_exit_policy(descriptor, entries): del descriptor._unparsed_exit_policy -_parse_identity_ed25519_line = _parse_key_block('identity-ed25519', 'ed25519_certificate', 'ED25519 CERT') +def _parse_identity_ed25519_line(descriptor, entries): + _parse_key_block('identity-ed25519', 'ed25519_certificate', 'ED25519 CERT')(descriptor, entries) + descriptor.certificate = stem.descriptor.certificate.Ed25519Certificate.parse(descriptor.ed25519_certificate) + + _parse_master_key_ed25519_line = _parse_simple_line('master-key-ed25519', 'ed25519_master_key') _parse_master_key_ed25519_for_hash_line = _parse_simple_line('master-key-ed25519', 'ed25519_certificate_hash') _parse_contact_line = _parse_bytes_line('contact', 'contact') @@ -696,6 +699,7 @@ class RelayDescriptor(ServerDescriptor): Server descriptor (`descriptor specification <https://gitweb.torproject.org/torspec.git/tree/dir-spec.txt>`_) + :var stem.certificate.Ed25519Certificate certificate: ed25519 certificate :var str ed25519_certificate: base64 encoded ed25519 certificate :var str ed25519_master_key: base64 encoded master key for our ed25519 certificate :var str ed25519_signature: signature of this document using ed25519 @@ -718,9 +722,18 @@ class RelayDescriptor(ServerDescriptor): Moved from the deprecated `pycrypto <https://www.dlitz.net/software/pycrypto/>`_ module to `cryptography <https://pypi.python.org/pypi/cryptography>`_ for validating signatures. + + .. versionchanged:: 1.6.0 + Added the certificate attribute. + + .. deprecated:: 1.6.0 + Our **ed25519_certificate** is deprecated in favor of our new + **certificate** attribute. The base64 encoded certificate is available via + the certificate's **encoded** attribute. """ ATTRIBUTES = dict(ServerDescriptor.ATTRIBUTES, **{ + 'certificate': (None, _parse_identity_ed25519_line), 'ed25519_certificate': (None, _parse_identity_ed25519_line), 'ed25519_master_key': (None, _parse_master_key_ed25519_line), 'ed25519_signature': (None, _parse_router_sig_ed25519_line), @@ -766,10 +779,8 @@ class RelayDescriptor(ServerDescriptor): if onion_key_crosscert_digest != self.onion_key_crosscert_digest(): raise ValueError('Decrypted onion-key-crosscert digest does not match local digest (calculated: %s, local: %s)' % (onion_key_crosscert_digest, self.onion_key_crosscert_digest())) - if stem.prereq._is_pynacl_available() and self.ed25519_certificate: - self.certificate = _parse_certificate(_bytes_for_block(self.ed25519_certificate), self.ed25519_master_key, validate) - - self.certificate.verify_descriptor_signature(raw_contents, self.ed25519_signature) + if stem.prereq._is_pynacl_available() and self.certificate: + self.certificate.validate(self) @lru_cache() def digest(self): @@ -786,12 +797,10 @@ class RelayDescriptor(ServerDescriptor): @lru_cache() def onion_key_crosscert_digest(self): """ - Provides the digest of the onion-key-crosscert data consisting of the following: - - 1. SHA1 digest of the RSA identity key - 2. the ed25519 identity key + Provides the digest of the onion-key-crosscert data. This consists of the + RSA identity key sha1 and ed25519 identity key. - :returns: the digest encoded in uppercase hex + :returns: **unicode** digest encoded in uppercase hex :raises: ValueError if the digest cannot be calculated """

1 0

[stem/master] Add an ExtensionType enum
by atagar＠torproject.org 29 Mar '17

29 Mar '17

commit 0a491e031f5ae5a9d0ab939ccff252589596625a Author: Damian Johnson <atagar(a)torproject.org> Date: Sun Mar 26 17:00:08 2017 +0200 Add an ExtensionType enum Enumeration of extension types (presently there's just one) to make comparisions nicer... if extension_type == ExtensionType.HAS_SIGNING_KEY: ... Rather than comparing with '4'. --- stem/descriptor/certificate.py | 11 +++++++++++ test/unit/descriptor/certificate.py | 4 +++- 2 files changed, 14 insertions(+), 1 deletion(-) diff --git a/stem/descriptor/certificate.py b/stem/descriptor/certificate.py index aacf67f..e513dac 100644 --- a/stem/descriptor/certificate.py +++ b/stem/descriptor/certificate.py @@ -28,6 +28,16 @@ used to validate the key used to sign server descriptors. **AUTH** authentication key signed with ed25519 signing key ============== =========== +.. data::ExtensionType (enum) + + Recognized exception types. + + ==================== =========== + ExtensionType Description + ==================== =========== + HAS_SIGNING_KEY includes key used to sign the certificate + ==================== =========== + .. data::ExtensionFlag (enum) Flags that can be assigned to Ed25519 certificate extensions. @@ -50,6 +60,7 @@ ED25519_HEADER_LENGTH = 40 ED25519_SIGNATURE_LENGTH = 64 CertType = enum.UppercaseEnum('SIGNING', 'LINK_CERT', 'AUTH') +ExtensionType = enum.Enum(('HAS_SIGNING_KEY', 4),) ExtensionFlag = enum.UppercaseEnum('AFFECTS_VALIDATION', 'UNKNOWN') diff --git a/test/unit/descriptor/certificate.py b/test/unit/descriptor/certificate.py index 5728711..9c1ef10 100644 --- a/test/unit/descriptor/certificate.py +++ b/test/unit/descriptor/certificate.py @@ -11,7 +11,7 @@ import stem.descriptor.certificate import stem.prereq import test.runner -from stem.descriptor.certificate import ED25519_SIGNATURE_LENGTH, CertType, ExtensionFlag, Ed25519Certificate, Ed25519CertificateV1, Ed25519Extension +from stem.descriptor.certificate import ED25519_SIGNATURE_LENGTH, CertType, ExtensionType, ExtensionFlag, Ed25519Certificate, Ed25519CertificateV1, Ed25519Extension ED25519_CERT = """ AQQABhtZAaW2GoBED1IjY3A6f6GNqBEl5A83fD2Za9upGke51JGqAQAgBABnprVR @@ -58,6 +58,8 @@ class TestEd25519Certificate(unittest.TestCase): Ed25519Extension(extension_type = 5, flags = [ExtensionFlag.UNKNOWN], flag_int = 4, data = b''), ], cert.extensions) + self.assertEqual(ExtensionType.HAS_SIGNING_KEY, cert.extensions[0].extension_type) + def test_with_real_cert(self): cert = Ed25519Certificate.parse(ED25519_CERT)

1 0