[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-commits] [stem/master] Strip cert header/footer in Ed25519Certificate.parse()



commit 5b6cbad9892f7eba6e970e0f063864817d944cab
Author: Damian Johnson <atagar@xxxxxxxxxxxxxx>
Date:   Wed Oct 2 13:39:38 2019 -0700

    Strip cert header/footer in Ed25519Certificate.parse()
    
    Both server and hidden service descriptors do this stripping. On reflection
    this is cleaner if Ed25519Certificate.parse() normalizes instead.
---
 stem/descriptor/certificate.py       | 9 +++++++--
 stem/descriptor/hidden_service.py    | 3 +--
 stem/descriptor/server_descriptor.py | 5 +----
 test/unit/descriptor/certificate.py  | 2 +-
 4 files changed, 10 insertions(+), 9 deletions(-)

diff --git a/stem/descriptor/certificate.py b/stem/descriptor/certificate.py
index e3e41ca4..01238182 100644
--- a/stem/descriptor/certificate.py
+++ b/stem/descriptor/certificate.py
@@ -112,7 +112,7 @@ class Ed25519Certificate(object):
   Base class for an Ed25519 certificate.
 
   :var int version: certificate format version
-  :var str encoded: base64 encoded ed25519 certificate
+  :var unicode encoded: base64 encoded ed25519 certificate
   """
 
   def __init__(self, version, encoded):
@@ -132,8 +132,13 @@ class Ed25519Certificate(object):
     :raises: **ValueError** if content is malformed
     """
 
+    content = stem.util.str_tools._to_unicode(content)
+
+    if content.startswith('-----BEGIN ED25519 CERT-----\n') and content.endswith('\n-----END ED25519 CERT-----'):
+      content = content[29:-27]
+
     try:
-      decoded = base64.b64decode(stem.util.str_tools._to_bytes(content))
+      decoded = base64.b64decode(content)
 
       if not decoded:
         raise TypeError('empty')
diff --git a/stem/descriptor/hidden_service.py b/stem/descriptor/hidden_service.py
index b1644f81..29fc838a 100644
--- a/stem/descriptor/hidden_service.py
+++ b/stem/descriptor/hidden_service.py
@@ -562,8 +562,7 @@ class HiddenServiceDescriptorV3(BaseHiddenServiceDescriptor):
     elif not stem.prereq._is_sha3_available():
       raise ImportError('Hidden service descriptor decryption requires python 3.6+ or the pysha3 module (https://pypi.org/project/pysha3/)')
 
-    cert_lines = self.signing_cert.split('\n')
-    desc_signing_cert = stem.descriptor.certificate.Ed25519Certificate.parse(''.join(cert_lines[1:-1]))
+    desc_signing_cert = stem.descriptor.certificate.Ed25519Certificate.parse(self.signing_cert)
 
     for extension in desc_signing_cert.extensions:
       if extension.type == ExtensionType.HAS_SIGNING_KEY:
diff --git a/stem/descriptor/server_descriptor.py b/stem/descriptor/server_descriptor.py
index 7eaf6e93..71f3a803 100644
--- a/stem/descriptor/server_descriptor.py
+++ b/stem/descriptor/server_descriptor.py
@@ -404,10 +404,7 @@ def _parse_identity_ed25519_line(descriptor, entries):
   _parse_key_block('identity-ed25519', 'ed25519_certificate', 'ED25519 CERT')(descriptor, entries)
 
   if descriptor.ed25519_certificate:
-    cert_lines = descriptor.ed25519_certificate.split('\n')
-
-    if cert_lines[0] == '-----BEGIN ED25519 CERT-----' and cert_lines[-1] == '-----END ED25519 CERT-----':
-      descriptor.certificate = stem.descriptor.certificate.Ed25519Certificate.parse(''.join(cert_lines[1:-1]))
+    descriptor.certificate = stem.descriptor.certificate.Ed25519Certificate.parse(descriptor.ed25519_certificate)
 
 
 _parse_master_key_ed25519_line = _parse_simple_line('master-key-ed25519', 'ed25519_master_key')
diff --git a/test/unit/descriptor/certificate.py b/test/unit/descriptor/certificate.py
index ca0a626e..51960525 100644
--- a/test/unit/descriptor/certificate.py
+++ b/test/unit/descriptor/certificate.py
@@ -58,7 +58,7 @@ class TestEd25519Certificate(unittest.TestCase):
 
     self.assertEqual(Ed25519CertificateV1, type(cert))
     self.assertEqual(1, cert.version)
-    self.assertEqual(cert_bytes, cert.encoded)
+    self.assertEqual(stem.util.str_tools._to_unicode(cert_bytes), cert.encoded)
     self.assertEqual(CertType.SIGNING, cert.type)
     self.assertEqual(datetime.datetime(1970, 1, 1, 0, 0), cert.expiration)
     self.assertEqual(1, cert.key_type)



_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits