[tor-commits] [stem/master] Python3 support for server descriptor signing
atagar at torproject.org
atagar at torproject.org
Wed Jun 21 17:10:44 UTC 2017
commit 78eaa445c9344b878e55c3e114f73358faa8d008
Author: Damian Johnson <atagar at torproject.org>
Date: Wed Jun 21 08:51:24 2017 -0700
Python3 support for server descriptor signing
While writing it I consciously didn't invest effort into making it compatible.
Now that we've got it working fixing that. Most interesting issue was...
======================================================================
ERROR: test_descriptor_signing
----------------------------------------------------------------------
Traceback (most recent call last):
File "/home/atagar/Desktop/stem/test/require.py", line 58, in wrapped
return func(self, *args, **kwargs)
File "/home/atagar/Desktop/stem/test/unit/descriptor/server_descriptor.py", line 260, in test_descriptor_signing
RelayDescriptor.create(sign = True)
File "/home/atagar/Desktop/stem/stem/descriptor/server_descriptor.py", line 873, in create
return cls(cls.content(attr, exclude, sign, private_signing_key), validate = validate, skip_crypto_validation = not sign)
File "/home/atagar/Desktop/stem/stem/descriptor/server_descriptor.py", line 865, in content
signature = base64.b64encode(private_signing_key.sign(content, padding.PKCS1v15(), hashes.SHA1()))
File "/usr/local/lib/python3.2/dist-packages/cryptography/hazmat/backends/openssl/rsa.py", line 463, in sign
algorithm, self, data
File "/usr/local/lib/python3.2/dist-packages/cryptography/hazmat/backends/openssl/rsa.py", line 199, in _rsa_sig_sign
backend.openssl_assert(res > 0)
TypeError: unorderable types: NoneType() > int()
----------------------------------------------------------------------
This was due to one of our no_op mocks.
---
stem/descriptor/__init__.py | 2 +-
stem/descriptor/server_descriptor.py | 8 ++++----
2 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/stem/descriptor/__init__.py b/stem/descriptor/__init__.py
index 96cf0b4..bf336fb 100644
--- a/stem/descriptor/__init__.py
+++ b/stem/descriptor/__init__.py
@@ -391,7 +391,7 @@ def _descriptor_content(attr = None, exclude = (), sign = False, header_template
if keyword in exclude:
continue
- value = attr.pop(keyword, value)
+ value = stem.util.str_tools._to_unicode(attr.pop(keyword, value))
if value is None:
continue
diff --git a/stem/descriptor/server_descriptor.py b/stem/descriptor/server_descriptor.py
index 4e55ee2..2c7258a 100644
--- a/stem/descriptor/server_descriptor.py
+++ b/stem/descriptor/server_descriptor.py
@@ -847,7 +847,7 @@ class RelayDescriptor(ServerDescriptor):
# ewww.
def no_op(*args, **kwargs):
- pass
+ return 1
private_signing_key._backend._lib.EVP_PKEY_CTX_set_signature_md = no_op
private_signing_key._backend.openssl_assert = no_op
@@ -855,15 +855,15 @@ class RelayDescriptor(ServerDescriptor):
# create descriptor content without the router-signature, then
# appending the content signature
- attr['signing-key'] = '\n' + private_signing_key.public_key().public_bytes(
+ attr['signing-key'] = b'\n' + private_signing_key.public_key().public_bytes(
encoding = serialization.Encoding.PEM,
format = serialization.PublicFormat.PKCS1,
).strip()
- content = _descriptor_content(attr, exclude, sign, RELAY_SERVER_HEADER) + '\nrouter-signature\n'
+ content = _descriptor_content(attr, exclude, sign, RELAY_SERVER_HEADER) + b'\nrouter-signature\n'
signature = base64.b64encode(private_signing_key.sign(content, padding.PKCS1v15(), hashes.SHA1()))
- return content + '\n'.join(['-----BEGIN SIGNATURE-----'] + stem.util.str_tools._split_by_length(signature, 64) + ['-----END SIGNATURE-----\n'])
+ return content + b'\n'.join([b'-----BEGIN SIGNATURE-----'] + stem.util.str_tools._split_by_length(signature, 64) + [b'-----END SIGNATURE-----\n'])
else:
return _descriptor_content(attr, exclude, sign, RELAY_SERVER_HEADER, RELAY_SERVER_FOOTER)
More information about the tor-commits
mailing list