[tor-commits] [stem/master] Strip cert header/footer in Ed25519Certificate.parse()
atagar at torproject.org
atagar at torproject.org
Sun Oct 6 02:07:34 UTC 2019
commit 5b6cbad9892f7eba6e970e0f063864817d944cab
Author: Damian Johnson <atagar at torproject.org>
Date: Wed Oct 2 13:39:38 2019 -0700
Strip cert header/footer in Ed25519Certificate.parse()
Both server and hidden service descriptors do this stripping. On reflection
this is cleaner if Ed25519Certificate.parse() normalizes instead.
---
stem/descriptor/certificate.py | 9 +++++++--
stem/descriptor/hidden_service.py | 3 +--
stem/descriptor/server_descriptor.py | 5 +----
test/unit/descriptor/certificate.py | 2 +-
4 files changed, 10 insertions(+), 9 deletions(-)
diff --git a/stem/descriptor/certificate.py b/stem/descriptor/certificate.py
index e3e41ca4..01238182 100644
--- a/stem/descriptor/certificate.py
+++ b/stem/descriptor/certificate.py
@@ -112,7 +112,7 @@ class Ed25519Certificate(object):
Base class for an Ed25519 certificate.
:var int version: certificate format version
- :var str encoded: base64 encoded ed25519 certificate
+ :var unicode encoded: base64 encoded ed25519 certificate
"""
def __init__(self, version, encoded):
@@ -132,8 +132,13 @@ class Ed25519Certificate(object):
:raises: **ValueError** if content is malformed
"""
+ content = stem.util.str_tools._to_unicode(content)
+
+ if content.startswith('-----BEGIN ED25519 CERT-----\n') and content.endswith('\n-----END ED25519 CERT-----'):
+ content = content[29:-27]
+
try:
- decoded = base64.b64decode(stem.util.str_tools._to_bytes(content))
+ decoded = base64.b64decode(content)
if not decoded:
raise TypeError('empty')
diff --git a/stem/descriptor/hidden_service.py b/stem/descriptor/hidden_service.py
index b1644f81..29fc838a 100644
--- a/stem/descriptor/hidden_service.py
+++ b/stem/descriptor/hidden_service.py
@@ -562,8 +562,7 @@ class HiddenServiceDescriptorV3(BaseHiddenServiceDescriptor):
elif not stem.prereq._is_sha3_available():
raise ImportError('Hidden service descriptor decryption requires python 3.6+ or the pysha3 module (https://pypi.org/project/pysha3/)')
- cert_lines = self.signing_cert.split('\n')
- desc_signing_cert = stem.descriptor.certificate.Ed25519Certificate.parse(''.join(cert_lines[1:-1]))
+ desc_signing_cert = stem.descriptor.certificate.Ed25519Certificate.parse(self.signing_cert)
for extension in desc_signing_cert.extensions:
if extension.type == ExtensionType.HAS_SIGNING_KEY:
diff --git a/stem/descriptor/server_descriptor.py b/stem/descriptor/server_descriptor.py
index 7eaf6e93..71f3a803 100644
--- a/stem/descriptor/server_descriptor.py
+++ b/stem/descriptor/server_descriptor.py
@@ -404,10 +404,7 @@ def _parse_identity_ed25519_line(descriptor, entries):
_parse_key_block('identity-ed25519', 'ed25519_certificate', 'ED25519 CERT')(descriptor, entries)
if descriptor.ed25519_certificate:
- cert_lines = descriptor.ed25519_certificate.split('\n')
-
- if cert_lines[0] == '-----BEGIN ED25519 CERT-----' and cert_lines[-1] == '-----END ED25519 CERT-----':
- descriptor.certificate = stem.descriptor.certificate.Ed25519Certificate.parse(''.join(cert_lines[1:-1]))
+ descriptor.certificate = stem.descriptor.certificate.Ed25519Certificate.parse(descriptor.ed25519_certificate)
_parse_master_key_ed25519_line = _parse_simple_line('master-key-ed25519', 'ed25519_master_key')
diff --git a/test/unit/descriptor/certificate.py b/test/unit/descriptor/certificate.py
index ca0a626e..51960525 100644
--- a/test/unit/descriptor/certificate.py
+++ b/test/unit/descriptor/certificate.py
@@ -58,7 +58,7 @@ class TestEd25519Certificate(unittest.TestCase):
self.assertEqual(Ed25519CertificateV1, type(cert))
self.assertEqual(1, cert.version)
- self.assertEqual(cert_bytes, cert.encoded)
+ self.assertEqual(stem.util.str_tools._to_unicode(cert_bytes), cert.encoded)
self.assertEqual(CertType.SIGNING, cert.type)
self.assertEqual(datetime.datetime(1970, 1, 1, 0, 0), cert.expiration)
self.assertEqual(1, cert.key_type)
More information about the tor-commits
mailing list