commit 1402f448dd60cfebccee81d574b56afe46aa2b5e Author: Damian Johnson atagar@torproject.org Date: Wed Oct 2 14:42:53 2019 -0700
Drop get_subcredential() helper
This particular helper is just an alias for two lines. Too small to add clarity. --- stem/descriptor/hidden_service.py | 15 ++++++++++----- stem/descriptor/hsv3_crypto.py | 20 -------------------- 2 files changed, 10 insertions(+), 25 deletions(-)
diff --git a/stem/descriptor/hidden_service.py b/stem/descriptor/hidden_service.py index 29fc838a..dc282202 100644 --- a/stem/descriptor/hidden_service.py +++ b/stem/descriptor/hidden_service.py @@ -566,23 +566,28 @@ class HiddenServiceDescriptorV3(BaseHiddenServiceDescriptor):
for extension in desc_signing_cert.extensions: if extension.type == ExtensionType.HAS_SIGNING_KEY: - blinded_key_bytes = extension.data + blinded_key = extension.data break
- if not blinded_key_bytes: + if not blinded_key: raise ValueError('No signing key extension present')
identity_public_key = HiddenServiceDescriptorV3._public_key_from_address(onion_address) - subcredential_bytes = stem.descriptor.hsv3_crypto.get_subcredential(identity_public_key, blinded_key_bytes)
- outter_layer_plaintext = stem.descriptor.hsv3_crypto.decrypt_outter_layer(self.superencrypted, self.revision_counter, identity_public_key, blinded_key_bytes, subcredential_bytes) + # credential = H('credential' | public-identity-key) + # subcredential = H('subcredential' | credential | blinded-public-key) + + credential = hashlib.sha3_256(b'credential%s' % (identity_public_key)).digest() + subcredential = hashlib.sha3_256(b'subcredential%s%s' % (credential, blinded_key)).digest() + + outter_layer_plaintext = stem.descriptor.hsv3_crypto.decrypt_outter_layer(self.superencrypted, self.revision_counter, identity_public_key, blinded_key, subcredential)
if outer_layer: return outter_layer_plaintext
inner_layer_ciphertext = stem.descriptor.hsv3_crypto.parse_superencrypted_plaintext(outter_layer_plaintext)
- inner_layer_plaintext = stem.descriptor.hsv3_crypto.decrypt_inner_layer(inner_layer_ciphertext, self.revision_counter, identity_public_key, blinded_key_bytes, subcredential_bytes) + inner_layer_plaintext = stem.descriptor.hsv3_crypto.decrypt_inner_layer(inner_layer_ciphertext, self.revision_counter, identity_public_key, blinded_key, subcredential)
return inner_layer_plaintext
diff --git a/stem/descriptor/hsv3_crypto.py b/stem/descriptor/hsv3_crypto.py index e6e8c03e..2f9f2d66 100644 --- a/stem/descriptor/hsv3_crypto.py +++ b/stem/descriptor/hsv3_crypto.py @@ -27,26 +27,6 @@ Blinded key stuff pass
""" -Subcredential: - - subcredential = H('subcredential' | credential | blinded-public-key - credential = H('credential' | public-identity-key) - -Both keys are in bytes -""" - - -def get_subcredential(public_identity_key, blinded_key): - cred_bytes_constant = 'credential'.encode() - subcred_bytes_constant = 'subcredential'.encode() - - credential = hashlib.sha3_256(b'%s%s' % (cred_bytes_constant, public_identity_key)).digest() - subcredential = hashlib.sha3_256(b'%s%s%s' % (subcred_bytes_constant, credential, blinded_key)).digest() - - return subcredential - - -""" Basic descriptor logic:
SALT = 16 bytes from H(random), changes each time we rebuld the