commit 3ff6435527b296ca0bafde2ea3989cc043507e07 Author: Damian Johnson atagar@torproject.org Date: Wed Mar 29 18:28:39 2017 +0200
Fix key validation crypto
Took some head scratching but figured out what I was buggering up. We should be validating the certificate bytes here, not the descriptor. --- stem/descriptor/certificate.py | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-)
diff --git a/stem/descriptor/certificate.py b/stem/descriptor/certificate.py index 8888554..e29a079 100644 --- a/stem/descriptor/certificate.py +++ b/stem/descriptor/certificate.py @@ -208,20 +208,21 @@ class Ed25519CertificateV1(Ed25519Certificate): from nacl.exceptions import BadSignatureError
descriptor_content = server_descriptor.get_bytes() - signing_key = server_descriptor.ed25519_master_key + signing_key = None
- if not signing_key: + if server_descriptor.ed25519_master_key: + signing_key = nacl.signing.VerifyKey(server_descriptor.ed25519_master_key + '=', encoder = nacl.encoding.Base64Encoder) + else: for extension in self.extensions: if extension.type == ExtensionType.HAS_SIGNING_KEY: - signing_key = extension.data + signing_key = nacl.signing.VerifyKey(extension.data) break
if not signing_key: raise ValueError('Server descriptor missing an ed25519 signing key')
try: - verify_key = nacl.signing.VerifyKey(signing_key + '=', encoder = nacl.encoding.Base64Encoder) - verify_key.verify(descriptor_content[:-ED25519_SIGNATURE_LENGTH], self.signature) + signing_key.verify(base64.b64decode(self.encoded)[:-ED25519_SIGNATURE_LENGTH], self.signature) except BadSignatureError as exc: raise ValueError('Ed25519KeyCertificate signing key is invalid (%s)' % exc)