commit df3891b83c3068c07913eeb79ab3e01d427af83a Author: Damian Johnson atagar@torproject.org Date: Mon Jun 19 11:49:14 2017 -0700
Signed content includes 'router-signature\n'
Including our 'router-signature' within the content we sign as per the dir-spec...
The "SIGNATURE" object contains a signature of the PKCS1-padded hash of the entire server descriptor, taken from the beginning of the "router" line, through the newline after the "router-signature" line. --- stem/descriptor/server_descriptor.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/stem/descriptor/server_descriptor.py b/stem/descriptor/server_descriptor.py index 8bafda5..724684d 100644 --- a/stem/descriptor/server_descriptor.py +++ b/stem/descriptor/server_descriptor.py @@ -879,10 +879,10 @@ class RelayDescriptor(ServerDescriptor):
signing_key = _generate_signing_key() attr['signing-key'] = signing_key.descriptor_signing_key - content = _descriptor_content(attr, exclude, sign, RELAY_SERVER_HEADER) + content = _descriptor_content(attr, exclude, sign, RELAY_SERVER_HEADER) + '\nrouter-signature\n'
signature = _generate_signature(content, signing_key) - content = '\n'.join([content, 'router-signature', '-----BEGIN SIGNATURE-----'] + stem.util.str_tools._split_by_length(signature, 64) + ['-----END SIGNATURE-----']) + content = '\n'.join([content + '-----BEGIN SIGNATURE-----'] + stem.util.str_tools._split_by_length(signature, 64) + ['-----END SIGNATURE-----']) + '\n'
return content else: