commit f3af021241b6a504af1090bc10021a793280079f Author: Damian Johnson atagar@torproject.org Date: Tue Mar 28 17:16:51 2017 +0200
Drop Ed25519 identity key check
This always evaluates to 'true'. We construct 'certificate' with our ed25519_master_key then checks if it matches our ed25519_master_key. The _parse_certificate() function doesn't do anything to the key so this is always true. --- stem/descriptor/server_descriptor.py | 3 --- 1 file changed, 3 deletions(-)
diff --git a/stem/descriptor/server_descriptor.py b/stem/descriptor/server_descriptor.py index 9c44256..d309f11 100644 --- a/stem/descriptor/server_descriptor.py +++ b/stem/descriptor/server_descriptor.py @@ -769,9 +769,6 @@ class RelayDescriptor(ServerDescriptor): if stem.prereq._is_pynacl_available() and self.ed25519_certificate: self.certificate = _parse_certificate(_bytes_for_block(self.ed25519_certificate), self.ed25519_master_key, validate)
- if self.certificate.identity_key != self.ed25519_master_key: - raise ValueError('master-key-ed25519 does not match ed25519 certificate identity key') - self.certificate.verify_descriptor_signature(raw_contents, self.ed25519_signature)
@lru_cache()
tor-commits@lists.torproject.org
-
atagar@torproject.org