commit bc00378d8ea8fd5b6d562d203d1b2e641891f8fa Author: Damian Johnson atagar@torproject.org Date: Tue Oct 15 13:59:53 2019 -0700
Drop certified_ed25519_key()
This helper was just a one line alias. --- stem/descriptor/certificate.py | 17 ----------------- stem/descriptor/hidden_service.py | 9 +++++++-- 2 files changed, 7 insertions(+), 19 deletions(-)
diff --git a/stem/descriptor/certificate.py b/stem/descriptor/certificate.py index 4ae999ed..514f3155 100644 --- a/stem/descriptor/certificate.py +++ b/stem/descriptor/certificate.py @@ -254,23 +254,6 @@ class Ed25519CertificateV1(Ed25519Certificate):
return datetime.datetime.now() > self.expiration
- def certified_ed25519_key(self): - """ - Provide this certificate's certified ed25519 key (the one that got signed) - - :returns: **Ed25519PublicKey** - - :raises: **ValueError** if it's not an ed25519 cert - """ - from cryptography.hazmat.primitives.asymmetric.ed25519 import Ed25519PublicKey - - # Make sure it's an ed25519 cert - if (self.key_type != 1): - raise ValueError('Certificate is not an ed25519 cert (%d)' % self.key_type) - - ed_key = Ed25519PublicKey.from_public_bytes(self.key) - return ed_key - def signing_key(self): """ Provides this certificate's signing key. diff --git a/stem/descriptor/hidden_service.py b/stem/descriptor/hidden_service.py index daae516b..7c279629 100644 --- a/stem/descriptor/hidden_service.py +++ b/stem/descriptor/hidden_service.py @@ -187,6 +187,8 @@ class IntroductionPointV3(object): descriptor_signing_key is provided. """
+ from cryptography.hazmat.primitives.asymmetric.ed25519 import Ed25519PublicKey + # if not link_specifiers or not onion_key or not enc_key: # raise ValueError('Introduction point missing essential keys')
@@ -195,7 +197,7 @@ class IntroductionPointV3(object):
# If we have an auth key cert but not an auth key, extract the key if auth_key_cert and not auth_key: - auth_key = auth_key_cert.certified_ed25519_key() + auth_key = Ed25519PublicKey.from_public_bytes(auth_key_cert.key)
self.link_specifiers = link_specifiers self.onion_key = enc_key @@ -1058,9 +1060,12 @@ class HiddenServiceDescriptorV3(BaseHiddenServiceDescriptor): from cryptography.hazmat.backends.openssl.backend import backend
if backend.x25519_supported() and self.signing_cert: + from cryptography.hazmat.primitives.asymmetric.ed25519 import Ed25519PublicKey + # Verify the signature! # First compute the body that was signed - descriptor_signing_key = self.signing_cert.certified_ed25519_key() + + descriptor_signing_key = Ed25519PublicKey.from_public_bytes(self.signing_cert.key) descriptor_body = raw_contents.split(b'signature')[0] # everything before the signature signature_body = b'Tor onion service descriptor sig v3' + descriptor_body