[tor-commits] [stem/master] Make create_signing_key() a public method
atagar at torproject.org
atagar at torproject.org
Fri Jun 30 16:23:49 UTC 2017
commit 9c1bad1b9c7e51a5d0e449573cb57531cc81edd3
Author: Damian Johnson <atagar at torproject.org>
Date: Fri Jun 30 09:26:12 2017 -0700
Make create_signing_key() a public method
While swapping BridgeDB to use us for descriptor creation realized it would be
handy for this method to be public.
---
stem/descriptor/__init__.py | 5 ++++-
stem/descriptor/extrainfo_descriptor.py | 12 +++++++-----
stem/descriptor/server_descriptor.py | 12 +++++++-----
3 files changed, 18 insertions(+), 11 deletions(-)
diff --git a/stem/descriptor/__init__.py b/stem/descriptor/__init__.py
index 5f8d1ca..ac9367b 100644
--- a/stem/descriptor/__init__.py
+++ b/stem/descriptor/__init__.py
@@ -10,6 +10,7 @@ Package for parsing and processing descriptor data.
parse_file - Parses the descriptors in a file.
create - Creates a new custom descriptor.
+ create_signing_key - Cretes a signing key that can be used for creating descriptors.
Descriptor - Common parent for all descriptor file types.
|- get_path - location of the descriptor on disk if it came from a file
@@ -967,11 +968,13 @@ def _get_pseudo_pgp_block(remaining_contents):
return None
-def _signing_key(private_key = None):
+def create_signing_key(private_key = None):
"""
Serializes a signing key if we have one. Otherwise this creates a new signing
key we can use to create descriptors.
+ .. versionadded:: 1.6.0
+
:param cryptography.hazmat.backends.openssl.rsa._RSAPrivateKey private_key: private key
:returns: :class:`~stem.descriptor.__init__.SigningKey` that can be used to
diff --git a/stem/descriptor/extrainfo_descriptor.py b/stem/descriptor/extrainfo_descriptor.py
index 3b4e9a4..27a75db 100644
--- a/stem/descriptor/extrainfo_descriptor.py
+++ b/stem/descriptor/extrainfo_descriptor.py
@@ -80,6 +80,7 @@ from stem.descriptor import (
CRYPTO_BLOB,
PGP_BLOCK_END,
Descriptor,
+ create_signing_key,
_descriptor_content,
_read_until_keywords,
_descriptor_components,
@@ -89,7 +90,6 @@ from stem.descriptor import (
_parse_timestamp_line,
_parse_forty_character_hex,
_parse_key_block,
- _signing_key,
_append_router_signature,
)
@@ -975,20 +975,22 @@ class RelayExtraInfoDescriptor(ExtraInfoDescriptor):
})
@classmethod
- def content(cls, attr = None, exclude = (), sign = False, private_signing_key = None):
+ def content(cls, attr = None, exclude = (), sign = False, signing_key = None):
if sign:
if attr and 'router-signature' in attr:
raise ValueError('Cannot sign the descriptor if a router-signature has been provided')
- signing_key = _signing_key(private_signing_key)
+ if signing_key is None:
+ signing_key = create_signing_key()
+
content = _descriptor_content(attr, exclude, sign, RELAY_EXTRAINFO_HEADER) + b'\nrouter-signature\n'
return _append_router_signature(content, signing_key.private)
else:
return _descriptor_content(attr, exclude, sign, RELAY_EXTRAINFO_HEADER, RELAY_EXTRAINFO_FOOTER)
@classmethod
- def create(cls, attr = None, exclude = (), validate = True, sign = False, private_signing_key = None):
- return cls(cls.content(attr, exclude, sign, private_signing_key), validate = validate)
+ def create(cls, attr = None, exclude = (), validate = True, sign = False, signing_key = None):
+ return cls(cls.content(attr, exclude, sign, signing_key), validate = validate)
@lru_cache()
def digest(self):
diff --git a/stem/descriptor/server_descriptor.py b/stem/descriptor/server_descriptor.py
index 5826bb6..1a1687f 100644
--- a/stem/descriptor/server_descriptor.py
+++ b/stem/descriptor/server_descriptor.py
@@ -51,6 +51,7 @@ from stem.util import str_type
from stem.descriptor import (
PGP_BLOCK_END,
Descriptor,
+ create_signing_key,
_descriptor_content,
_descriptor_components,
_read_until_keywords,
@@ -64,7 +65,6 @@ from stem.descriptor import (
_parse_forty_character_hex,
_parse_protocol_line,
_parse_key_block,
- _signing_key,
_append_router_signature,
_random_ipv4_address,
_random_date,
@@ -801,7 +801,7 @@ class RelayDescriptor(ServerDescriptor):
self.certificate.validate(self)
@classmethod
- def content(cls, attr = None, exclude = (), sign = False, private_signing_key = None):
+ def content(cls, attr = None, exclude = (), sign = False, signing_key = None):
if attr is None:
attr = {}
@@ -820,7 +820,9 @@ class RelayDescriptor(ServerDescriptor):
elif attr and 'router-signature' in attr:
raise ValueError('Cannot sign the descriptor if a router-signature has been provided')
- signing_key = _signing_key(private_signing_key)
+ if signing_key is None:
+ signing_key = create_signing_key()
+
attr['signing-key'] = signing_key.public_digest
content = _descriptor_content(attr, exclude, sign, base_header) + b'\nrouter-signature\n'
@@ -831,8 +833,8 @@ class RelayDescriptor(ServerDescriptor):
))
@classmethod
- def create(cls, attr = None, exclude = (), validate = True, sign = False, private_signing_key = None):
- return cls(cls.content(attr, exclude, sign, private_signing_key), validate = validate, skip_crypto_validation = not sign)
+ def create(cls, attr = None, exclude = (), validate = True, sign = False, signing_key = None):
+ return cls(cls.content(attr, exclude, sign, signing_key), validate = validate, skip_crypto_validation = not sign)
@lru_cache()
def digest(self):
More information about the tor-commits
mailing list