commit 486a8d2e5c4724146d6647b7f69ffbd10adbfc1d Author: Damian Johnson atagar@torproject.org Date: Sat Aug 25 11:38:41 2018 -0700
Combine relay cell encrypting and packing
Cells are only ever encrypted to be sent. I'm not seeing a purpose in having an intermediate step here. Our Circuit's send() method is simpler if the encrypt() method provides us the payload to be sent rather than an intermediate class.
Are there any use cases where we want an 'encrypted cell' object? We can't do anything with it besides send it (if we made it) or decrypt it (if sent to us). Possible though I'm missing something.
Presently I'm only looking at our Circuit's send() method. Our RelayCell's usage informs the API it should have, so I'm not worrying about the cell module until that's settled. --- stem/client/__init__.py | 15 +++++++-------- stem/client/cell.py | 10 +++++----- 2 files changed, 12 insertions(+), 13 deletions(-)
diff --git a/stem/client/__init__.py b/stem/client/__init__.py index 0ee8cbf0..46a82428 100644 --- a/stem/client/__init__.py +++ b/stem/client/__init__.py @@ -233,16 +233,15 @@ class Circuit(object): """
with self.relay._orport_lock: - cell = stem.client.cell.RelayCell(self.id, command, data, stream_id = stream_id) - encrypted_cell, new_forward_digest, new_forward_key = cell.encrypt(self.forward_digest, self.forward_key) - - self.relay._orport.send(encrypted_cell.pack(self.relay.link_protocol)) + # Encrypt and send the cell. Our digest/key only updates if the cell is + # successfully sent.
- # Only recoding our new digest/key if the cell's successfully sent. If - # the above raises we should leave them alone. + cell = stem.client.cell.RelayCell(self.id, command, data, stream_id = stream_id) + payload, forward_digest, forward_key = cell.encrypt(self.relay.link_protocol, self.forward_digest, self.forward_key) + self.relay._orport.send(payload)
- self.forward_digest = new_forward_digest - self.forward_key = new_forward_key + self.forward_digest = forward_digest + self.forward_key = forward_key
reply = self.relay._orport.recv() reply_cells = [] diff --git a/stem/client/cell.py b/stem/client/cell.py index 48dbcf36..6587ebb5 100644 --- a/stem/client/cell.py +++ b/stem/client/cell.py @@ -654,7 +654,7 @@ class RelayCell(CircuitCell):
return new_cell, new_digest
- def encrypt(self, digest, encryptor, **kwargs): + def encrypt(self, link_protocol, digest, encryptor, **kwargs): """ Preps a cell payload, including calculating digest, and encrypts it, returning a new (RawRelayCell, digest, encryptor) tuple. @@ -666,6 +666,7 @@ class RelayCell(CircuitCell): (2) it would be a bit pointless to require method consumers to manually call both, for pedantry.
+ :param int link_protocol: link protocol version :param HASH digest: running digest held with the relay :param cryptography.hazmat.primitives.ciphers.CipherContext encryptor: running stream cipher encryptor held with the relay @@ -673,10 +674,9 @@ class RelayCell(CircuitCell): :param bool prep_cell: (optional, defaults to **True**) refer to :func:`~stem.client.cell.RelayCell.apply_digest`
- :returns: (:class:`~stem.client.cell.RawRelayCell`, HASH, CipherContext) + :returns: (bytes, HASH, CipherContext) tuple of object copies updated as follows: - * RawRelayCell: updated as specified in - :func:`~stem.client.cell.RelayCell.apply_digest`, then encrypted + * bytes: encrypted cell payload * digest: updated via digest.update(payload) * encryptor: updated via encryptor.update(payload_with_digest) """ @@ -686,7 +686,7 @@ class RelayCell(CircuitCell): encrypted_payload = new_encryptor.update(unencrypted_cell.pack_payload()) encrypted_cell = RawRelayCell(unencrypted_cell.circ_id, encrypted_payload)
- return encrypted_cell, new_digest, new_encryptor + return encrypted_cell.pack(link_protocol), new_digest, new_encryptor
def pack_payload(self, **kwargs): """
tor-commits@lists.torproject.org