[tor-commits] [stem/master] Drop server descriptor ed25519_certificate attribute

atagar at torproject.org atagar at torproject.org
Mon Feb 10 03:14:50 UTC 2020 

commit 1341bf84d05cea07ae59e995a2cb52a23e58d773
Author: Damian Johnson <atagar at torproject.org>
Date:   Thu Feb 6 15:22:28 2020 -0800

    Drop server descriptor ed25519_certificate attribute
    
    We deprecated this attribute in favor of their parsed 'certificate'. Anyone
    using 'my_descriptor.ed25519_certificate' can replace it with
    'my_descriptor.certificate.encoded' to do the same.
---
 stem/descriptor/certificate.py            |  5 ++++-
 stem/descriptor/server_descriptor.py      | 23 ++++-------------------
 test/unit/descriptor/server_descriptor.py |  3 ---
 3 files changed, 8 insertions(+), 23 deletions(-)

diff --git a/stem/descriptor/certificate.py b/stem/descriptor/certificate.py
index c391d466..950fcf6b 100644
--- a/stem/descriptor/certificate.py
+++ b/stem/descriptor/certificate.py
@@ -59,7 +59,6 @@ import hashlib
 import re
 
 import stem.descriptor.hidden_service
-import stem.descriptor.server_descriptor
 import stem.prereq
 import stem.util
 import stem.util.enum
@@ -377,6 +376,8 @@ class Ed25519CertificateV1(Ed25519Certificate):
       * **ImportError** if cryptography module or ed25519 support unavailable
     """
 
+    import stem.descriptor.server_descriptor
+
     if not stem.prereq.is_crypto_available(ed25519 = True):
       raise ImportError('Certificate validation requires the cryptography module and ed25519 support')
 
@@ -407,6 +408,8 @@ class Ed25519CertificateV1(Ed25519Certificate):
     the descriptor that's signed.
     """
 
+    import stem.descriptor.server_descriptor
+
     if isinstance(descriptor, stem.descriptor.server_descriptor.RelayDescriptor):
       prefix = SIG_PREFIX_SERVER_DESC
       regex = b'(.+router-sig-ed25519 )'
diff --git a/stem/descriptor/server_descriptor.py b/stem/descriptor/server_descriptor.py
index 5236c4db..4a54e42f 100644
--- a/stem/descriptor/server_descriptor.py
+++ b/stem/descriptor/server_descriptor.py
@@ -51,7 +51,6 @@ import functools
 import hashlib
 import re
 
-import stem.descriptor.certificate
 import stem.descriptor.extrainfo_descriptor
 import stem.exit_policy
 import stem.prereq
@@ -61,6 +60,7 @@ import stem.util.str_tools
 import stem.util.tor_tools
 import stem.version
 
+from stem.descriptor.certificate import Ed25519Certificate
 from stem.descriptor.router_status_entry import RouterStatusEntryV3
 
 from stem.descriptor import (
@@ -394,15 +394,7 @@ def _parse_exit_policy(descriptor, entries):
     del descriptor._unparsed_exit_policy
 
 
-def _parse_identity_ed25519_line(descriptor, entries):
-  # TODO: replace this with Ed25519Certificate._from_descriptor() in stem 2.x
-
-  _parse_key_block('identity-ed25519', 'ed25519_certificate', 'ED25519 CERT')(descriptor, entries)
-
-  if descriptor.ed25519_certificate:
-    descriptor.certificate = stem.descriptor.certificate.Ed25519Certificate.from_base64(descriptor.ed25519_certificate)
-
-
+_parse_identity_ed25519_line = Ed25519Certificate._from_descriptor('identity-ed25519', 'certificate')
 _parse_master_key_ed25519_line = _parse_simple_line('master-key-ed25519', 'ed25519_master_key')
 _parse_master_key_ed25519_for_hash_line = _parse_simple_line('master-key-ed25519', 'ed25519_certificate_hash')
 _parse_contact_line = _parse_bytes_line('contact', 'contact')
@@ -717,7 +709,6 @@ class RelayDescriptor(ServerDescriptor):
   <https://gitweb.torproject.org/torspec.git/tree/dir-spec.txt>`_)
 
   :var stem.certificate.Ed25519Certificate certificate: ed25519 certificate
-  :var str ed25519_certificate: base64 encoded ed25519 certificate
   :var str ed25519_master_key: base64 encoded master key for our ed25519 certificate
   :var str ed25519_signature: signature of this document using ed25519
 
@@ -731,7 +722,7 @@ class RelayDescriptor(ServerDescriptor):
   **\\*** attribute is required when we're parsed with validation
 
   .. versionchanged:: 1.5.0
-     Added the ed25519_certificate, ed25519_master_key, ed25519_signature,
+     Added the ed25519_master_key, ed25519_signature,
      onion_key_crosscert, ntor_onion_key_crosscert, and
      ntor_onion_key_crosscert_sign attributes.
 
@@ -743,11 +734,6 @@ class RelayDescriptor(ServerDescriptor):
   .. versionchanged:: 1.6.0
      Added the certificate attribute.
 
-  .. deprecated:: 1.6.0
-     Our **ed25519_certificate** is deprecated in favor of our new
-     **certificate** attribute. The base64 encoded certificate is available via
-     the certificate's **encoded** attribute.
-
   .. versionchanged:: 1.6.0
      Added the **skip_crypto_validation** constructor argument.
   """
@@ -756,7 +742,6 @@ class RelayDescriptor(ServerDescriptor):
 
   ATTRIBUTES = dict(ServerDescriptor.ATTRIBUTES, **{
     'certificate': (None, _parse_identity_ed25519_line),
-    'ed25519_certificate': (None, _parse_identity_ed25519_line),
     'ed25519_master_key': (None, _parse_master_key_ed25519_line),
     'ed25519_signature': (None, _parse_router_sig_ed25519_line),
 
@@ -928,7 +913,7 @@ class RelayDescriptor(ServerDescriptor):
   def _check_constraints(self, entries):
     super(RelayDescriptor, self)._check_constraints(entries)
 
-    if self.ed25519_certificate:
+    if self.certificate:
       if not self.onion_key_crosscert:
         raise ValueError("Descriptor must have a 'onion-key-crosscert' when identity-ed25519 is present")
       elif not self.ed25519_signature:
diff --git a/test/unit/descriptor/server_descriptor.py b/test/unit/descriptor/server_descriptor.py
index ab419575..55b1ac42 100644
--- a/test/unit/descriptor/server_descriptor.py
+++ b/test/unit/descriptor/server_descriptor.py
@@ -116,7 +116,6 @@ Qlx9HNCqCY877ztFRC624ja2ql6A2hBcuoYMbkHjcQ4=
     self.assertEqual(None, desc.socks_port)
     self.assertEqual(None, desc.dir_port)
     self.assertEqual(None, desc.certificate)
-    self.assertEqual(None, desc.ed25519_certificate)
     self.assertEqual(None, desc.ed25519_master_key)
     self.assertEqual(None, desc.ed25519_signature)
     self.assertEqual(b'Tor 0.2.1.30 on Linux x86_64', desc.platform)
@@ -374,7 +373,6 @@ Qlx9HNCqCY877ztFRC624ja2ql6A2hBcuoYMbkHjcQ4=
     self.assertEqual(9001, desc.or_port)
     self.assertEqual(None, desc.socks_port)
     self.assertEqual(443, desc.dir_port)
-    self.assertTrue('bWPo2fIzo3uOywfoM' in desc.ed25519_certificate)
     self.assertEqual('Z6a1UabSK+N21j6NnyM6N7jssH6DK68qa6W5uB4QpGQ', desc.ed25519_master_key)
     self.assertEqual('w+cKNZTlL7vz/4WgYdFUblzJy3VdTw0mfFK4N3SPFCt20fNKt9SgiZ5V/2ai3kgGsc6oCsyUesSiYtPcTXMLCw', desc.ed25519_signature)
     self.assertEqual(b'Tor 0.2.7.2-alpha-dev on Linux', desc.platform)
@@ -428,7 +426,6 @@ Qlx9HNCqCY877ztFRC624ja2ql6A2hBcuoYMbkHjcQ4=
     self.assertEqual('ChandlerObfs11', desc.nickname)
     self.assertEqual('678912ABD7398DF8EFC8FA2BC7DEF610710360C4', desc.fingerprint)
     self.assertEqual('10.162.85.172', desc.address)
-    self.assertFalse(hasattr(desc, 'ed25519_certificate'))
     self.assertEqual('lgIuiAJCoXPRwWoHgG4ZAoKtmrv47aPr4AsbmESj8AA', desc.ed25519_certificate_hash)
     self.assertEqual('OB/fqLD8lYmjti09R+xXH/D4S2qlizxdZqtudnsunxE', desc.router_digest_sha256)
     self.assertEqual('@type bridge-server-descriptor 1.0', str(desc.type_annotation()))

More information about the tor-commits mailing list