[tor-bugs] #5810 [Stem]: Implement verification of server descriptor
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Sun May 20 12:50:51 UTC 2012
#5810: Implement verification of server descriptor
-------------------------+--------------------------------------------------
Reporter: reganeet | Owner: reganeet
Type: enhancement | Status: new
Priority: normal | Milestone:
Component: Stem | Version:
Keywords: | Parent:
Points: | Actualpoints:
-------------------------+--------------------------------------------------
Comment(by reganeet):
> Fantastic! Should we move forward with code reviewing and merging this
part? It should probably have a unit test or two.
Sure. Do you want me to write the unit tests?
I've also renamed is_valid() to validate(), and instead of returning a
boolean, it raises a ValueError if the validation fails, since we MUST
perform this validation before accepting a descriptor. Do you think this
makes sense?
I cracked the Java crypto library code today, and printed out everything
in the decryption process to find what was wrong. It seems that python-rsa
uses a different way (maybe non-standard) to transform between octet
strings and integers and incompatible with our signature. Things got much
more subtle here, and I'm afraid I can't go on. If anyone else would like
to continue this work, I'm more than happy to share what I've got with
him.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/5810#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list