[tor-commits] [stem/master] Fix checksum validation

atagar at torproject.org atagar at torproject.org
Sun Oct 6 02:07:34 UTC 2019 

commit a4224b63af07f196f75397a562416153357b5831
Author: Damian Johnson <atagar at torproject.org>
Date:   Mon Sep 23 13:12:50 2019 -0700

    Fix checksum validation
    
    Figured it out. Python3 indexing into a byte array provides an int, whereas
    python2 gives a str. Using a range to both simplify and normalize this...
    
      Python 2.7:
    
        >>> version_str = b'\x03'
    
        >>> version_str[0]
        '\x03'
    
        >>> version_str[0:1]
        '\x03'
    
        >>> bytes([version_str[0]])
        "['\\x03']"
    
      Python 3.5:
    
        >>> version_str = b'\x03'
    
        >>> version_str[0]
        3
    
        >>> version_str[0:1]
        b'\x03'
    
        >>> bytes([version_str[0]])
        b'\x03'
---
 stem/descriptor/certificate.py |  2 +-
 stem/descriptor/hsv3_crypto.py | 15 ++++-----------
 2 files changed, 5 insertions(+), 12 deletions(-)

diff --git a/stem/descriptor/certificate.py b/stem/descriptor/certificate.py
index 2293a7a3..e9196319 100644
--- a/stem/descriptor/certificate.py
+++ b/stem/descriptor/certificate.py
@@ -250,7 +250,7 @@ class Ed25519CertificateV1(Ed25519Certificate):
     Validates our signing key and that the given descriptor content matches its
     Ed25519 signature.
 
-    :param stem.descriptor.server_descriptor.Ed25519 server_descriptor: relay
+    :param stem.descriptor.server_descriptor.RelayDescriptor server_descriptor: relay
       server descriptor to validate
 
     :raises:
diff --git a/stem/descriptor/hsv3_crypto.py b/stem/descriptor/hsv3_crypto.py
index 2eb340ba..5439771a 100644
--- a/stem/descriptor/hsv3_crypto.py
+++ b/stem/descriptor/hsv3_crypto.py
@@ -68,21 +68,14 @@ def decode_address(onion_address_str):
   # extract pieces of information
   pubkey = onion_address[:32]
   checksum = onion_address[32:34]
-  version = onion_address[34]
+  version = onion_address[34:35]
 
   # Do checksum validation
-  my_checksum_body = b'%s%s%s' % (CHECKSUM_CONSTANT, pubkey, bytes([version]))
+  my_checksum_body = b'%s%s%s' % (CHECKSUM_CONSTANT, pubkey, version)
   my_checksum = hashlib.sha3_256(my_checksum_body).digest()
 
-  # TODO: the following causes our unit test to break for me...
-  #
-  #    ValueError: Bad checksum (expected d3e8 but was c658fff6a9b3ba2e151d237641e9b50c74a93dc33a3dc149136b4e402ed79800)
-  #
-  # Skipping checksum validation while working on getting the rest of this
-  # module productionized.
-
-  # if (checksum != my_checksum[:2]):
-  #   raise ValueError('Bad checksum (expected %s but was %s)' % (binascii.hexlify(checksum), binascii.hexlify(my_checksum)))
+  if (checksum != my_checksum[:2]):
+    raise ValueError('Bad checksum (expected %s but was %s)' % (binascii.hexlify(checksum), binascii.hexlify(my_checksum[:2])))
 
   return Ed25519PublicKey.from_public_bytes(pubkey)

More information about the tor-commits mailing list