[tor-commits] [stem/master] Drop Ed25519 identity key check

atagar at torproject.org atagar at torproject.org
Thu Mar 30 04:18:03 UTC 2017


commit f3af021241b6a504af1090bc10021a793280079f
Author: Damian Johnson <atagar at torproject.org>
Date:   Tue Mar 28 17:16:51 2017 +0200

    Drop Ed25519 identity key check
    
    This always evaluates to 'true'. We construct 'certificate' with our
    ed25519_master_key then checks if it matches our ed25519_master_key. The
    _parse_certificate() function doesn't do anything to the key so this is always
    true.
---
 stem/descriptor/server_descriptor.py | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/stem/descriptor/server_descriptor.py b/stem/descriptor/server_descriptor.py
index 9c44256..d309f11 100644
--- a/stem/descriptor/server_descriptor.py
+++ b/stem/descriptor/server_descriptor.py
@@ -769,9 +769,6 @@ class RelayDescriptor(ServerDescriptor):
       if stem.prereq._is_pynacl_available() and self.ed25519_certificate:
         self.certificate = _parse_certificate(_bytes_for_block(self.ed25519_certificate), self.ed25519_master_key, validate)
 
-        if self.certificate.identity_key != self.ed25519_master_key:
-          raise ValueError('master-key-ed25519 does not match ed25519 certificate identity key')
-
         self.certificate.verify_descriptor_signature(raw_contents, self.ed25519_signature)
 
   @lru_cache()





More information about the tor-commits mailing list