[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #5810 [Stem]: Implement verification of server descriptor



#5810: Implement verification of server descriptor
-------------------------+--------------------------------------------------
 Reporter:  reganeet     |          Owner:  reganeet
     Type:  enhancement  |         Status:  new     
 Priority:  normal       |      Milestone:          
Component:  Stem         |        Version:          
 Keywords:               |         Parent:          
   Points:               |   Actualpoints:          
-------------------------+--------------------------------------------------

Comment(by reganeet):

 Thanks Damian. It turns out the M2Crypto package downloaded from their
 website does not work with Ubuntu, but the distribution in Ubuntu's
 repository is good.

 However, after playing with it for several hours, I found out that
 M2Crypto only support PEM format keys in X.509 standard but not in PKCS,
 and the public keys in server descriptors are encoded in PKCS. They have
 slightly different headers: X.509 keys starts with "-----BEGIN PUBLIC
 KEY-----", while PKCS keys starts with "-----BEGIN RSA PUBLIC KEY-----".
 The content is also represented in different ways, so simply changing the
 header won't work [1].

 {{{
 >> from M2Crypto import RSA, BIO
 >> bio = BIO.MemoryBuffer(descriptor.signing_key)
 >> rsa = RSA.load_pub_key_bio(bio)
 M2Crypto.RSA.RSAError: no start line
 }}}

 I'm looking for a substitute of M2Crypto now.

 [1] http://www.cryptosys.net/pki/rsakeyformats.html

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/5810#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs