commit 61a342cafd8d7f75491db6a2728a8b1eb3bde85a Author: Damian Johnson atagar@torproject.org Date: Thu Oct 3 16:27:59 2019 -0700
Drop public_identity_key decyption argument
Turns out it's not used at all within the helper. --- stem/descriptor/hidden_service.py | 4 ++-- stem/descriptor/hsv3_crypto.py | 11 +++++------ 2 files changed, 7 insertions(+), 8 deletions(-)
diff --git a/stem/descriptor/hidden_service.py b/stem/descriptor/hidden_service.py index a20d853a..314e623a 100644 --- a/stem/descriptor/hidden_service.py +++ b/stem/descriptor/hidden_service.py @@ -607,14 +607,14 @@ class HiddenServiceDescriptorV3(BaseHiddenServiceDescriptor): credential = hashlib.sha3_256(b'credential%s' % (identity_public_key)).digest() subcredential = hashlib.sha3_256(b'subcredential%s%s' % (credential, blinded_key)).digest()
- outter_layer_plaintext = stem.descriptor.hsv3_crypto.decrypt_outter_layer(self.superencrypted, self.revision_counter, identity_public_key, blinded_key, subcredential) + outter_layer_plaintext = stem.descriptor.hsv3_crypto.decrypt_outter_layer(self.superencrypted, self.revision_counter, blinded_key, subcredential)
if outer_layer: return outter_layer_plaintext
inner_layer_ciphertext = OuterLayer(outter_layer_plaintext).encrypted
- inner_layer_plaintext = stem.descriptor.hsv3_crypto.decrypt_inner_layer(inner_layer_ciphertext, self.revision_counter, identity_public_key, blinded_key, subcredential) + inner_layer_plaintext = stem.descriptor.hsv3_crypto.decrypt_inner_layer(inner_layer_ciphertext, self.revision_counter, blinded_key, subcredential)
return inner_layer_plaintext
diff --git a/stem/descriptor/hsv3_crypto.py b/stem/descriptor/hsv3_crypto.py index 078d71b4..9acb5242 100644 --- a/stem/descriptor/hsv3_crypto.py +++ b/stem/descriptor/hsv3_crypto.py @@ -80,7 +80,7 @@ def _ciphertext_mac_is_valid(key, salt, ciphertext, mac): return my_mac == mac
-def _decrypt_descriptor_layer(ciphertext_blob_b64, revision_counter, public_identity_key, subcredential, secret_data, string_constant): +def _decrypt_descriptor_layer(ciphertext_blob_b64, revision_counter, subcredential, secret_data, string_constant): from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes from cryptography.hazmat.backends import default_backend
@@ -100,7 +100,6 @@ def _decrypt_descriptor_layer(ciphertext_blob_b64, revision_counter, public_iden # INT_8(revision_counter) rev_counter_int_8 = struct.pack('>Q', revision_counter) secret_input = b'%s%s%s' % (secret_data, subcredential, rev_counter_int_8) - secret_input = secret_input
kdf = hashlib.shake_256(b'%s%s%s' % (secret_input, salt, string_constant)) keys = kdf.digest(S_KEY_LEN + S_IV_LEN + MAC_KEY_LEN) @@ -121,9 +120,9 @@ def _decrypt_descriptor_layer(ciphertext_blob_b64, revision_counter, public_iden return decrypted
-def decrypt_outter_layer(superencrypted_blob_b64, revision_counter, public_identity_key, blinded_key, subcredential): - return _decrypt_descriptor_layer(superencrypted_blob_b64, revision_counter, public_identity_key, subcredential, blinded_key, b'hsdir-superencrypted-data') +def decrypt_outter_layer(superencrypted_blob_b64, revision_counter, blinded_key, subcredential): + return _decrypt_descriptor_layer(superencrypted_blob_b64, revision_counter, subcredential, blinded_key, b'hsdir-superencrypted-data')
-def decrypt_inner_layer(encrypted_blob_b64, revision_counter, public_identity_key, blinded_key, subcredential): - return _decrypt_descriptor_layer(encrypted_blob_b64, revision_counter, public_identity_key, subcredential, blinded_key, b'hsdir-encrypted-data') +def decrypt_inner_layer(encrypted_blob_b64, revision_counter, blinded_key, subcredential): + return _decrypt_descriptor_layer(encrypted_blob_b64, revision_counter, subcredential, blinded_key, b'hsdir-encrypted-data')