commit 9e3d08e9b64d73c38c4e3d0735b739d78eaa0059 Author: Damian Johnson <atagar@torproject.org> Date: Sun Sep 22 14:39:48 2019 -0700 SHA3 requires python 3.6 or pysha3 Hashlib's sha3_256() method was only recently added in python 3.6... https://docs.python.org/3/library/hashlib.html ====================================================================== ERROR: test_for_decrypt ---------------------------------------------------------------------- Traceback (most recent call last): File "/home/atagar/Desktop/stem/test/unit/descriptor/hidden_service_v3.py", line 53, in test_for_decrypt desc._decrypt('sltib6sxkuxh2scmtuvd5w2g7pahnzkovefxpo4e4ptnkzl5kkq5h2ad.onion') File "/home/atagar/Desktop/stem/stem/descriptor/hidden_service.py", line 576, in _decrypt identity_public_key = stem.descriptor.hsv3_crypto.decode_address(onion_address) File "/home/atagar/Desktop/stem/stem/descriptor/hsv3_crypto.py", line 55, in decode_address my_checksum = hashlib.sha3_256(my_checksum_body).digest() AttributeError: 'module' object has no attribute 'sha3_256' ---------------------------------------------------------------------- If unavailable then falling back to pysha3, and if that's unavailable as well we'll need to raise an ImportError. --- stem/descriptor/hsv3_crypto.py | 27 +++++++++++++++++++++++++++ test/unit/descriptor/hidden_service_v3.py | 4 ++++ 2 files changed, 31 insertions(+) diff --git a/stem/descriptor/hsv3_crypto.py b/stem/descriptor/hsv3_crypto.py index 2e5288a1..a12ce52b 100644 --- a/stem/descriptor/hsv3_crypto.py +++ b/stem/descriptor/hsv3_crypto.py @@ -3,6 +3,22 @@ import hashlib import stem.prereq +# SHA3 requires Python 3.6+ *or* the pysha3 module... +# +# https://github.com/tiran/pysha3 +# +# If pysha3 is present then importing sha3 will monkey patch the methods we +# want onto hashlib. + +if not hasattr(hashlib, 'sha3_256') or not hasattr(hashlib, 'shake_256'): + try: + import sha3 + except ImportError: + pass + +SHA3_AVAILABLE = hasattr(hashlib, 'sha3_256') and hasattr(hashlib, 'shake_256') +SHA3_ERROR_MSG = '%s requires python 3.6+ or the pysha3 module (https://pypi.org/project/pysha3/)' + """ Onion addresses @@ -32,6 +48,8 @@ def decode_address(onion_address_str): if not stem.prereq.is_crypto_available(ed25519 = True): raise ImportError('Onion address decoding requires cryptography version 2.6') + elif not SHA3_AVAILABLE: + raise ImportError(SHA3_ERROR_MSG % 'Onion address decoding') from cryptography.hazmat.primitives.asymmetric.ed25519 import Ed25519PublicKey @@ -82,6 +100,9 @@ Both keys are in bytes def get_subcredential(public_identity_key, blinded_key): + if not SHA3_AVAILABLE: + raise ImportError(SHA3_ERROR_MSG % 'Hidden service subcredentials') + cred_bytes_constant = 'credential'.encode() subcred_bytes_constant = 'subcredential'.encode() @@ -141,6 +162,9 @@ def _ciphertext_mac_is_valid(key, salt, ciphertext, mac): XXX spec: H(mac_key_len | mac_key | salt_len | salt | encrypted) """ + if not SHA3_AVAILABLE: + raise ImportError(SHA3_ERROR_MSG % 'Hidden service validation') + # Construct our own MAC first key_len = len(key).to_bytes(8, 'big') salt_len = len(salt).to_bytes(8, 'big') @@ -157,6 +181,9 @@ def _ciphertext_mac_is_valid(key, salt, ciphertext, mac): def _decrypt_descriptor_layer(ciphertext_blob_b64, revision_counter, public_identity_key, subcredential, secret_data, string_constant): + if not SHA3_AVAILABLE: + raise ImportError(SHA3_ERROR_MSG % 'Hidden service descriptor decryption') + from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes from cryptography.hazmat.backends import default_backend diff --git a/test/unit/descriptor/hidden_service_v3.py b/test/unit/descriptor/hidden_service_v3.py index ac2f8ea7..d800b46f 100644 --- a/test/unit/descriptor/hidden_service_v3.py +++ b/test/unit/descriptor/hidden_service_v3.py @@ -6,6 +6,7 @@ import functools import unittest import stem.descriptor +import stem.descriptor.hsv3_crypto import stem.prereq from stem.descriptor.hidden_service import ( @@ -42,6 +43,9 @@ class TestHiddenServiceDescriptorV3(unittest.TestCase): if not stem.prereq.is_crypto_available(ed25519 = True): self.skipTest('(requires cryptography v2.6)') return + elif not stem.descriptor.hsv3_crypto.SHA3_AVAILABLE: + self.skipTest('(requires python 3.6 or pysha3)') + return with open(get_resource('hidden_service_v3_test'), 'rb') as descriptor_file: desc = next(stem.descriptor.parse_file(descriptor_file, 'hidden-service-descriptor-3 1.0', validate = True))