[tor-commits] [stem/master] SHA3 requires python 3.6 or pysha3

atagar at torproject.org atagar at torproject.org
Sun Oct 6 02:07:34 UTC 2019


commit 9e3d08e9b64d73c38c4e3d0735b739d78eaa0059
Author: Damian Johnson <atagar at torproject.org>
Date:   Sun Sep 22 14:39:48 2019 -0700

    SHA3 requires python 3.6 or pysha3
    
    Hashlib's sha3_256() method was only recently added in python 3.6...
    
      https://docs.python.org/3/library/hashlib.html
    
      ======================================================================
      ERROR: test_for_decrypt
      ----------------------------------------------------------------------
      Traceback (most recent call last):
        File "/home/atagar/Desktop/stem/test/unit/descriptor/hidden_service_v3.py", line 53, in test_for_decrypt
          desc._decrypt('sltib6sxkuxh2scmtuvd5w2g7pahnzkovefxpo4e4ptnkzl5kkq5h2ad.onion')
        File "/home/atagar/Desktop/stem/stem/descriptor/hidden_service.py", line 576, in _decrypt
          identity_public_key = stem.descriptor.hsv3_crypto.decode_address(onion_address)
        File "/home/atagar/Desktop/stem/stem/descriptor/hsv3_crypto.py", line 55, in decode_address
          my_checksum = hashlib.sha3_256(my_checksum_body).digest()
      AttributeError: 'module' object has no attribute 'sha3_256'
    
      ----------------------------------------------------------------------
    
    If unavailable then falling back to pysha3, and if that's unavailable as well
    we'll need to raise an ImportError.
---
 stem/descriptor/hsv3_crypto.py            | 27 +++++++++++++++++++++++++++
 test/unit/descriptor/hidden_service_v3.py |  4 ++++
 2 files changed, 31 insertions(+)

diff --git a/stem/descriptor/hsv3_crypto.py b/stem/descriptor/hsv3_crypto.py
index 2e5288a1..a12ce52b 100644
--- a/stem/descriptor/hsv3_crypto.py
+++ b/stem/descriptor/hsv3_crypto.py
@@ -3,6 +3,22 @@ import hashlib
 
 import stem.prereq
 
+# SHA3 requires Python 3.6+ *or* the pysha3 module...
+#
+#   https://github.com/tiran/pysha3
+#
+# If pysha3 is present then importing sha3 will monkey patch the methods we
+# want onto hashlib.
+
+if not hasattr(hashlib, 'sha3_256') or not hasattr(hashlib, 'shake_256'):
+  try:
+    import sha3
+  except ImportError:
+    pass
+
+SHA3_AVAILABLE = hasattr(hashlib, 'sha3_256') and hasattr(hashlib, 'shake_256')
+SHA3_ERROR_MSG = '%s requires python 3.6+ or the pysha3 module (https://pypi.org/project/pysha3/)'
+
 """
 Onion addresses
 
@@ -32,6 +48,8 @@ def decode_address(onion_address_str):
 
   if not stem.prereq.is_crypto_available(ed25519 = True):
     raise ImportError('Onion address decoding requires cryptography version 2.6')
+  elif not SHA3_AVAILABLE:
+    raise ImportError(SHA3_ERROR_MSG % 'Onion address decoding')
 
   from cryptography.hazmat.primitives.asymmetric.ed25519 import Ed25519PublicKey
 
@@ -82,6 +100,9 @@ Both keys are in bytes
 
 
 def get_subcredential(public_identity_key, blinded_key):
+  if not SHA3_AVAILABLE:
+    raise ImportError(SHA3_ERROR_MSG % 'Hidden service subcredentials')
+
   cred_bytes_constant = 'credential'.encode()
   subcred_bytes_constant = 'subcredential'.encode()
 
@@ -141,6 +162,9 @@ def _ciphertext_mac_is_valid(key, salt, ciphertext, mac):
   XXX spec:   H(mac_key_len | mac_key | salt_len | salt | encrypted)
   """
 
+  if not SHA3_AVAILABLE:
+    raise ImportError(SHA3_ERROR_MSG % 'Hidden service validation')
+
   # Construct our own MAC first
   key_len = len(key).to_bytes(8, 'big')
   salt_len = len(salt).to_bytes(8, 'big')
@@ -157,6 +181,9 @@ def _ciphertext_mac_is_valid(key, salt, ciphertext, mac):
 
 
 def _decrypt_descriptor_layer(ciphertext_blob_b64, revision_counter, public_identity_key, subcredential, secret_data, string_constant):
+  if not SHA3_AVAILABLE:
+    raise ImportError(SHA3_ERROR_MSG % 'Hidden service descriptor decryption')
+
   from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
   from cryptography.hazmat.backends import default_backend
 
diff --git a/test/unit/descriptor/hidden_service_v3.py b/test/unit/descriptor/hidden_service_v3.py
index ac2f8ea7..d800b46f 100644
--- a/test/unit/descriptor/hidden_service_v3.py
+++ b/test/unit/descriptor/hidden_service_v3.py
@@ -6,6 +6,7 @@ import functools
 import unittest
 
 import stem.descriptor
+import stem.descriptor.hsv3_crypto
 import stem.prereq
 
 from stem.descriptor.hidden_service import (
@@ -42,6 +43,9 @@ class TestHiddenServiceDescriptorV3(unittest.TestCase):
     if not stem.prereq.is_crypto_available(ed25519 = True):
       self.skipTest('(requires cryptography v2.6)')
       return
+    elif not stem.descriptor.hsv3_crypto.SHA3_AVAILABLE:
+      self.skipTest('(requires python 3.6 or pysha3)')
+      return
 
     with open(get_resource('hidden_service_v3_test'), 'rb') as descriptor_file:
       desc = next(stem.descriptor.parse_file(descriptor_file, 'hidden-service-descriptor-3 1.0', validate = True))





More information about the tor-commits mailing list