commit 9c1bad1b9c7e51a5d0e449573cb57531cc81edd3 Author: Damian Johnson atagar@torproject.org Date: Fri Jun 30 09:26:12 2017 -0700
Make create_signing_key() a public method
While swapping BridgeDB to use us for descriptor creation realized it would be handy for this method to be public. --- stem/descriptor/__init__.py | 5 ++++- stem/descriptor/extrainfo_descriptor.py | 12 +++++++----- stem/descriptor/server_descriptor.py | 12 +++++++----- 3 files changed, 18 insertions(+), 11 deletions(-)
diff --git a/stem/descriptor/__init__.py b/stem/descriptor/__init__.py index 5f8d1ca..ac9367b 100644 --- a/stem/descriptor/__init__.py +++ b/stem/descriptor/__init__.py @@ -10,6 +10,7 @@ Package for parsing and processing descriptor data.
parse_file - Parses the descriptors in a file. create - Creates a new custom descriptor. + create_signing_key - Cretes a signing key that can be used for creating descriptors.
Descriptor - Common parent for all descriptor file types. |- get_path - location of the descriptor on disk if it came from a file @@ -967,11 +968,13 @@ def _get_pseudo_pgp_block(remaining_contents): return None
-def _signing_key(private_key = None): +def create_signing_key(private_key = None): """ Serializes a signing key if we have one. Otherwise this creates a new signing key we can use to create descriptors.
+ .. versionadded:: 1.6.0 + :param cryptography.hazmat.backends.openssl.rsa._RSAPrivateKey private_key: private key
:returns: :class:`~stem.descriptor.__init__.SigningKey` that can be used to diff --git a/stem/descriptor/extrainfo_descriptor.py b/stem/descriptor/extrainfo_descriptor.py index 3b4e9a4..27a75db 100644 --- a/stem/descriptor/extrainfo_descriptor.py +++ b/stem/descriptor/extrainfo_descriptor.py @@ -80,6 +80,7 @@ from stem.descriptor import ( CRYPTO_BLOB, PGP_BLOCK_END, Descriptor, + create_signing_key, _descriptor_content, _read_until_keywords, _descriptor_components, @@ -89,7 +90,6 @@ from stem.descriptor import ( _parse_timestamp_line, _parse_forty_character_hex, _parse_key_block, - _signing_key, _append_router_signature, )
@@ -975,20 +975,22 @@ class RelayExtraInfoDescriptor(ExtraInfoDescriptor): })
@classmethod - def content(cls, attr = None, exclude = (), sign = False, private_signing_key = None): + def content(cls, attr = None, exclude = (), sign = False, signing_key = None): if sign: if attr and 'router-signature' in attr: raise ValueError('Cannot sign the descriptor if a router-signature has been provided')
- signing_key = _signing_key(private_signing_key) + if signing_key is None: + signing_key = create_signing_key() + content = _descriptor_content(attr, exclude, sign, RELAY_EXTRAINFO_HEADER) + b'\nrouter-signature\n' return _append_router_signature(content, signing_key.private) else: return _descriptor_content(attr, exclude, sign, RELAY_EXTRAINFO_HEADER, RELAY_EXTRAINFO_FOOTER)
@classmethod - def create(cls, attr = None, exclude = (), validate = True, sign = False, private_signing_key = None): - return cls(cls.content(attr, exclude, sign, private_signing_key), validate = validate) + def create(cls, attr = None, exclude = (), validate = True, sign = False, signing_key = None): + return cls(cls.content(attr, exclude, sign, signing_key), validate = validate)
@lru_cache() def digest(self): diff --git a/stem/descriptor/server_descriptor.py b/stem/descriptor/server_descriptor.py index 5826bb6..1a1687f 100644 --- a/stem/descriptor/server_descriptor.py +++ b/stem/descriptor/server_descriptor.py @@ -51,6 +51,7 @@ from stem.util import str_type from stem.descriptor import ( PGP_BLOCK_END, Descriptor, + create_signing_key, _descriptor_content, _descriptor_components, _read_until_keywords, @@ -64,7 +65,6 @@ from stem.descriptor import ( _parse_forty_character_hex, _parse_protocol_line, _parse_key_block, - _signing_key, _append_router_signature, _random_ipv4_address, _random_date, @@ -801,7 +801,7 @@ class RelayDescriptor(ServerDescriptor): self.certificate.validate(self)
@classmethod - def content(cls, attr = None, exclude = (), sign = False, private_signing_key = None): + def content(cls, attr = None, exclude = (), sign = False, signing_key = None): if attr is None: attr = {}
@@ -820,7 +820,9 @@ class RelayDescriptor(ServerDescriptor): elif attr and 'router-signature' in attr: raise ValueError('Cannot sign the descriptor if a router-signature has been provided')
- signing_key = _signing_key(private_signing_key) + if signing_key is None: + signing_key = create_signing_key() + attr['signing-key'] = signing_key.public_digest
content = _descriptor_content(attr, exclude, sign, base_header) + b'\nrouter-signature\n' @@ -831,8 +833,8 @@ class RelayDescriptor(ServerDescriptor): ))
@classmethod - def create(cls, attr = None, exclude = (), validate = True, sign = False, private_signing_key = None): - return cls(cls.content(attr, exclude, sign, private_signing_key), validate = validate, skip_crypto_validation = not sign) + def create(cls, attr = None, exclude = (), validate = True, sign = False, signing_key = None): + return cls(cls.content(attr, exclude, sign, signing_key), validate = validate, skip_crypto_validation = not sign)
@lru_cache() def digest(self):