[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-commits] [stem/master] Stylistic check adjustments



commit 461394f2c3527d3a510d3b5cb71f041dcba98fdf
Author: Damian Johnson <atagar@xxxxxxxxxxxxxx>
Date:   Thu Sep 12 16:25:46 2019 -0700

    Stylistic check adjustments
    
    Quick handful of corrections so our stylistic checks once again pass...
    
    STATIC CHECKS
    * /home/atagar/Desktop/stem/test/unit/descriptor/hidden_service_v3.py
      line 48   - use single rather than double quotes     | onion_address="sltib6sxkuxh2scmtuvd5w2g7pahnzkovefxpo4e4ptnkzl5kkq5h2ad.onion"))
    
    * /home/atagar/Desktop/stem/stem/descriptor/certificate.py
      line 77   - use single rather than double quotes     | "HS_V3_DESC_SIGNING_KEY", "HS_V3_INTRO_POINT_AUTH_KEY", "HS_V3_INTRO_POINT_ENC_KEY")
      line 165  - E261 at least two spaces before inline comment | elif cert_type == 8: # see rend-spec-v3.txt appendix E for these defintions
      line 172  - use single rather than double quotes     | raise ValueError("Ed25519 certificate type is an unknown value %i." % cert_type)
      line 311  - W391 blank line at end of file
    
    * /home/atagar/Desktop/stem/stem/prereq.py
      line 142  - 'cryptography.hazmat.primitives.asymmetric.ed25519.Ed25519PublicKey' imported but unused | from cryptography.hazmat.primitives.asymmetric.ed25519 import Ed25519PublicKey
    
    * /home/atagar/Desktop/stem/stem/descriptor/hsv3_crypto.py
      line 19   - use single rather than double quotes     | CHECKSUM_CONSTANT = b".onion checksum"
      line 21   - E302 expected 2 blank lines, found 1     | def decode_address(onion_address_str):
      line 38   - use single rather than double quotes     | if (len(onion_address_str) != 56 + len(".onion")):
      line 39   - use single rather than double quotes     | raise ValueError("Wrong address length")
      line 54   - use single rather than double quotes     | my_checksum_body = b"%s%s%s" % (CHECKSUM_CONSTANT, pubkey, bytes([version]))
      line 58   - use single rather than double quotes     | raise ValueError("Bad checksum")
      line 62   - E305 expected 2 blank lines after class or function definition, found 1 | """
      line 81   - E302 expected 2 blank lines, found 0     | def get_subcredential(public_identity_key, blinded_key):
      line 82   - use single rather than double quotes     | cred_bytes_constant = "credential".encode()
      line 83   - use single rather than double quotes     | subcred_bytes_constant = "subcredential".encode()
      line 85   - use single rather than double quotes     | credential = hashlib.sha3_256(b"%s%s" % (cred_bytes_constant, public_identity_key)).digest()
      line 86   - use single rather than double quotes     | subcredential = hashlib.sha3_256(b"%s%s%s" % (subcred_bytes_constant, credential, blinded_key)).digest()
      line 88   - use single rather than double quotes     | print("public_identity_key: %s" % (public_identity_key.hex()))
      line 89   - use single rather than double quotes     | print("credential: %s" % (credential.hex()))
      line 90   - use single rather than double quotes     | print("blinded_key: %s" % (blinded_key.hex()))
      line 91   - use single rather than double quotes     | print("subcredential: %s" % (subcredential.hex()))
      line 93   - use single rather than double quotes     | print("===")
      line 97   - E305 expected 2 blank lines after class or function definition, found 1 | """
      line 131  - E302 expected 2 blank lines, found 1     | def _ciphertext_mac_is_valid(key, salt, ciphertext, mac):
      line 142  - use single rather than double quotes     | my_mac_body = b"%s%s%s%s%s" % (key_len, key, salt_len, salt, ciphertext)
      line 145  - use single rather than double quotes     | print("===")
      line 146  - use single rather than double quotes     | print("my mac: %s" % my_mac.hex())
      line 147  - use single rather than double quotes     | print("their mac: %s" % mac.hex())
      line 152  - E302 expected 2 blank lines, found 1     | def _decrypt_descriptor_layer(ciphertext_blob_b64, revision_counter,
      line 162  - use single rather than double quotes     | raise ValueError("bad encrypted blob")
      line 168  - use single rather than double quotes     | print("encrypted blob lenth :%s" % len(ciphertext_blob))
      line 169  - use single rather than double quotes     | print("salt: %s" % salt.hex())
      line 170  - use single rather than double quotes     | print("ciphertext length: %s" % len(ciphertext))
      line 171  - use single rather than double quotes     | print("mac: %s" % mac.hex())
      line 172  - use single rather than double quotes     | print("===")
      line 176  - use single rather than double quotes     | secret_input = b"%s%s%s" % (secret_data, subcredential, rev_counter_int_8)
      line 179  - use single rather than double quotes     | print("secret_data (%d): %s" % (len(secret_data), secret_data.hex()))
      line 180  - use single rather than double quotes     | print("subcredential (%d): %s" % (len(subcredential), subcredential.hex()))
      line 181  - use single rather than double quotes     | print("rev counter int 8 (%d): %s" % (len(rev_counter_int_8), rev_counter_int_8.hex()))
      line 182  - use single rather than double quotes     | print("secret_input (%s): %s" % (len(secret_input), secret_input.hex()))
      line 183  - use single rather than double quotes     | print("===")
      line 185  - use single rather than double quotes     | kdf = hashlib.shake_256(b"%s%s%s" % (secret_input, salt, string_constant))
      line 186  - E226 missing whitespace around arithmetic operator | keys = kdf.digest(S_KEY_LEN+S_IV_LEN+MAC_KEY_LEN)
      line 189  - E226 missing whitespace around arithmetic operator | secret_iv = keys[S_KEY_LEN:S_KEY_LEN+S_IV_LEN]
      line 190  - E226 missing whitespace around arithmetic operator | mac_key = keys[S_KEY_LEN+S_IV_LEN:]
      line 192  - use single rather than double quotes     | print("secret_key: %s" % secret_key.hex())
      line 193  - use single rather than double quotes     | print("secret_iv: %s" % secret_iv.hex())
      line 194  - use single rather than double quotes     | print("mac_key: %s" % mac_key.hex())
      line 203  - use single rather than double quotes     | raise ValueError("Bad MAC!!!")
      line 207  - E302 expected 2 blank lines, found 1     | def decrypt_outter_layer(superencrypted_blob_b64, revision_counter,
      line 208  - E128 continuation line under-indented for visual indent | public_identity_key, blinded_key, subcredential):
      line 210  - use single rather than double quotes     | string_constant = b"hsdir-superencrypted-data"
      line 218  - use single rather than double quotes     | print("====== Decrypting outter layer =======")
      line 221  - E128 continuation line under-indented for visual indent | public_identity_key, subcredential,
      line 222  - E128 continuation line under-indented for visual indent | secret_data, string_constant)
      line 224  - E302 expected 2 blank lines, found 1     | def decrypt_inner_layer(encrypted_blob_b64, revision_counter,
      line 227  - use single rather than double quotes     | string_constant = b"hsdir-encrypted-data"
      line 229  - use single rather than double quotes     | print("====== Decrypting inner layer =======")
      line 235  - E302 expected 2 blank lines, found 1     | def parse_superencrypted_plaintext(outter_layer_plaintext):
      line 237  - 're' imported but unused                 | import re
      line 248  - W391 blank line at end of file
    
    * /home/atagar/Desktop/stem/stem/descriptor/hidden_service.py
      line 563  - use single rather than double quotes     | raise ValueError("Onion address is required to decrypt v3 hidden service descriptors")
      line 571  - local variable 'plaintext' is assigned to but never used | plaintext = self.decrypt_descriptor(desc_signing_cert)
      line 587  - E266 too many leading '#' for block comment | ####################################### Do the decryption ###################################
      line 590  - E128 continuation line under-indented for visual indent | identity_public_key_bytes, blinded_key_bytes, subcredential_bytes)
      line 595  - E222 multiple spaces after operator      | inner_layer_plaintext =  stem.descriptor.hsv3_crypto.decrypt_inner_layer(inner_layer_ciphertext, self.revision_counter,
      line 596  - E128 continuation line under-indented for visual indent | identity_public_key_bytes, blinded_key_bytes, subcredential_bytes)
      line 602  - E305 expected 2 blank lines after class or function definition, found 1 | HiddenServiceDescriptor = HiddenServiceDescriptorV2
---
 stem/descriptor/certificate.py            |  18 ++--
 stem/descriptor/hidden_service.py         |  13 ++-
 stem/descriptor/hsv3_crypto.py            | 133 +++++++++++++++---------------
 test/settings.cfg                         |   1 +
 test/unit/descriptor/hidden_service_v3.py |   2 +-
 5 files changed, 87 insertions(+), 80 deletions(-)

diff --git a/stem/descriptor/certificate.py b/stem/descriptor/certificate.py
index 470fa623..cdde0c24 100644
--- a/stem/descriptor/certificate.py
+++ b/stem/descriptor/certificate.py
@@ -73,8 +73,15 @@ ED25519_HEADER_LENGTH = 40
 ED25519_SIGNATURE_LENGTH = 64
 ED25519_ROUTER_SIGNATURE_PREFIX = b'Tor router descriptor signature v1'
 
-CertType = stem.util.enum.UppercaseEnum('SIGNING', 'LINK_CERT', 'AUTH',
-                                        "HS_V3_DESC_SIGNING_KEY", "HS_V3_INTRO_POINT_AUTH_KEY", "HS_V3_INTRO_POINT_ENC_KEY")
+CertType = stem.util.enum.UppercaseEnum(
+  'SIGNING',
+  'LINK_CERT',
+  'AUTH',
+  'HS_V3_DESC_SIGNING_KEY',
+  'HS_V3_INTRO_POINT_AUTH_KEY',
+  'HS_V3_INTRO_POINT_ENC_KEY',
+)
+
 ExtensionType = stem.util.enum.Enum(('HAS_SIGNING_KEY', 4),)
 ExtensionFlag = stem.util.enum.UppercaseEnum('AFFECTS_VALIDATION', 'UNKNOWN')
 
@@ -162,14 +169,15 @@ class Ed25519CertificateV1(Ed25519Certificate):
       self.type = CertType.AUTH
     elif cert_type == 7:
       raise ValueError('Ed25519 certificate cannot have a type of 7. This is reserved for RSA identity cross-certification.')
-    elif cert_type == 8: # see rend-spec-v3.txt appendix E for these defintions
+    elif cert_type == 8:
+      # see rend-spec-v3.txt appendix E for these defintions
       self.type = CertType.HS_V3_DESC_SIGNING_KEY
     elif cert_type == 9:
       self.type = CertType.HS_V3_INTRO_POINT_AUTH_KEY
     elif cert_type == 0x0B:
       self.type = CertType.HS_V3_INTRO_POINT_ENC_KEY
     else:
-      raise ValueError("Ed25519 certificate type is an unknown value %i." % cert_type)
+      raise ValueError('Ed25519 certificate type %i is unrecognized' % cert_type)
 
     # expiration time is in hours since epoch
     try:
@@ -307,5 +315,3 @@ class Ed25519CertificateV1(Ed25519Certificate):
       raise ValueError('Signing key extension has malformed key')
 
     return signing_key_extension.data
-
-
diff --git a/stem/descriptor/hidden_service.py b/stem/descriptor/hidden_service.py
index 9e6de0d9..83aff8b8 100644
--- a/stem/descriptor/hidden_service.py
+++ b/stem/descriptor/hidden_service.py
@@ -560,7 +560,7 @@ class HiddenServiceDescriptorV3(BaseHiddenServiceDescriptor):
 
     if not skip_crypto_validation and stem.prereq.is_crypto_available():
       if self.onion_address is None:
-        raise ValueError("Onion address is required to decrypt v3 hidden service descriptors")
+        raise ValueError('Onion address is required to decrypt v3 hidden service descriptors')
 
       # ATAGAR XXX need to do this cert extraction in the parsing handler
       assert(self.signing_cert)
@@ -568,7 +568,7 @@ class HiddenServiceDescriptorV3(BaseHiddenServiceDescriptor):
       assert(cert_lines[0] == '-----BEGIN ED25519 CERT-----' and cert_lines[-1] == '-----END ED25519 CERT-----')
 
       desc_signing_cert = stem.descriptor.certificate.Ed25519Certificate.parse(''.join(cert_lines[1:-1]))
-      plaintext = self.decrypt_descriptor(desc_signing_cert)
+      self.plaintext = self.decrypt_descriptor(desc_signing_cert)
 
   def decrypt_descriptor(self, desc_signing_cert):
     # Get crypto material.
@@ -584,19 +584,16 @@ class HiddenServiceDescriptorV3(BaseHiddenServiceDescriptor):
 
     subcredential_bytes = stem.descriptor.hsv3_crypto.get_subcredential(identity_public_key_bytes, blinded_key_bytes)
 
-    ####################################### Do the decryption ###################################
-
-    outter_layer_plaintext = stem.descriptor.hsv3_crypto.decrypt_outter_layer(self.superencrypted, self.revision_counter,
-                                                              identity_public_key_bytes, blinded_key_bytes, subcredential_bytes)
+    outter_layer_plaintext = stem.descriptor.hsv3_crypto.decrypt_outter_layer(self.superencrypted, self.revision_counter, identity_public_key_bytes, blinded_key_bytes, subcredential_bytes)
 
     # ATAGAR XXX this parsing function is a hack. need to replace it with some stem parsing.
     inner_layer_ciphertext = stem.descriptor.hsv3_crypto.parse_superencrypted_plaintext(outter_layer_plaintext)
 
-    inner_layer_plaintext =  stem.descriptor.hsv3_crypto.decrypt_inner_layer(inner_layer_ciphertext, self.revision_counter,
-                                                              identity_public_key_bytes, blinded_key_bytes, subcredential_bytes)
+    inner_layer_plaintext = stem.descriptor.hsv3_crypto.decrypt_inner_layer(inner_layer_ciphertext, self.revision_counter, identity_public_key_bytes, blinded_key_bytes, subcredential_bytes)
 
     print(inner_layer_plaintext)
 
+
 # TODO: drop this alias in stem 2.x
 
 HiddenServiceDescriptor = HiddenServiceDescriptorV2
diff --git a/stem/descriptor/hsv3_crypto.py b/stem/descriptor/hsv3_crypto.py
index c3f1feb0..c83165ed 100644
--- a/stem/descriptor/hsv3_crypto.py
+++ b/stem/descriptor/hsv3_crypto.py
@@ -6,24 +6,25 @@ import stem.prereq
 """
 Onion addresses
 
-     onion_address = base32(PUBKEY | CHECKSUM | VERSION) + ".onion"
-     CHECKSUM = H(".onion checksum" | PUBKEY | VERSION)[:2]
+     onion_address = base32(PUBKEY | CHECKSUM | VERSION) + '.onion'
+     CHECKSUM = H('.onion checksum' | PUBKEY | VERSION)[:2]
 
        - PUBKEY is the 32 bytes ed25519 master pubkey of the hidden service.
        - VERSION is an one byte version field (default value '\x03')
-       - ".onion checksum" is a constant string
+       - '.onion checksum' is a constant string
        - CHECKSUM is truncated to two bytes before inserting it in onion_address
 
 """
 
-CHECKSUM_CONSTANT = b".onion checksum"
+CHECKSUM_CONSTANT = b'.onion checksum'
+
 
 def decode_address(onion_address_str):
     """
     Parse onion_address_str and return the pubkey.
 
-         onion_address = base32(PUBKEY | CHECKSUM | VERSION) + ".onion"
-         CHECKSUM = H(".onion checksum" | PUBKEY | VERSION)[:2]
+         onion_address = base32(PUBKEY | CHECKSUM | VERSION) + '.onion'
+         CHECKSUM = H('.onion checksum' | PUBKEY | VERSION)[:2]
 
     :return: Ed25519PublicKey
 
@@ -35,8 +36,8 @@ def decode_address(onion_address_str):
 
     from cryptography.hazmat.primitives.asymmetric.ed25519 import Ed25519PublicKey
 
-    if (len(onion_address_str) != 56 + len(".onion")):
-        raise ValueError("Wrong address length")
+    if (len(onion_address_str) != 56 + len('.onion')):
+        raise ValueError('Wrong address length')
 
     # drop the '.onion'
     onion_address = onion_address_str[:56]
@@ -51,21 +52,22 @@ def decode_address(onion_address_str):
     version = onion_address[34]
 
     # Do checksum validation
-    my_checksum_body = b"%s%s%s" % (CHECKSUM_CONSTANT, pubkey, bytes([version]))
+    my_checksum_body = b'%s%s%s' % (CHECKSUM_CONSTANT, pubkey, bytes([version]))
     my_checksum = hashlib.sha3_256(my_checksum_body).digest()
 
     if (checksum != my_checksum[:2]):
-        raise ValueError("Bad checksum")
+        raise ValueError('Bad checksum')
 
     return Ed25519PublicKey.from_public_bytes(pubkey)
 
+
 """
 Blinded key stuff
 
    Now wrt SRVs, if a client is in the time segment between a new time period
-   and a new SRV (i.e. the segments drawn with "-") it uses the current SRV,
+   and a new SRV (i.e. the segments drawn with '-') it uses the current SRV,
    else if the client is in a time segment between a new SRV and a new time
-   period (i.e. the segments drawn with "="), it uses the previous SRV.
+   period (i.e. the segments drawn with '='), it uses the previous SRV.
 """
 
 pass
@@ -73,27 +75,30 @@ pass
 """
 Subcredential:
 
-       subcredential = H("subcredential" | credential | blinded-public-key
-       credential = H("credential" | public-identity-key)
+       subcredential = H('subcredential' | credential | blinded-public-key
+       credential = H('credential' | public-identity-key)
 
 Both keys are in bytes
 """
+
+
 def get_subcredential(public_identity_key, blinded_key):
-    cred_bytes_constant = "credential".encode()
-    subcred_bytes_constant = "subcredential".encode()
+    cred_bytes_constant = 'credential'.encode()
+    subcred_bytes_constant = 'subcredential'.encode()
 
-    credential = hashlib.sha3_256(b"%s%s" % (cred_bytes_constant, public_identity_key)).digest()
-    subcredential = hashlib.sha3_256(b"%s%s%s" % (subcred_bytes_constant, credential, blinded_key)).digest()
+    credential = hashlib.sha3_256(b'%s%s' % (cred_bytes_constant, public_identity_key)).digest()
+    subcredential = hashlib.sha3_256(b'%s%s%s' % (subcred_bytes_constant, credential, blinded_key)).digest()
 
-    print("public_identity_key: %s" % (public_identity_key.hex()))
-    print("credential: %s" % (credential.hex()))
-    print("blinded_key: %s" % (blinded_key.hex()))
-    print("subcredential: %s" % (subcredential.hex()))
+    print('public_identity_key: %s' % (public_identity_key.hex()))
+    print('credential: %s' % (credential.hex()))
+    print('blinded_key: %s' % (blinded_key.hex()))
+    print('subcredential: %s' % (subcredential.hex()))
 
-    print("===")
+    print('===')
 
     return subcredential
 
+
 """
 Basic descriptor logic:
 
@@ -114,11 +119,11 @@ Layer data:
 
  2.5.1.1. First layer encryption logic
      SECRET_DATA = blinded-public-key
-     STRING_CONSTANT = "hsdir-superencrypted-data"
+     STRING_CONSTANT = 'hsdir-superencrypted-data'
 
  2.5.2.1. Second layer encryption keys
      SECRET_DATA = blinded-public-key | descriptor_cookie
-     STRING_CONSTANT = "hsdir-encrypted-data"
+     STRING_CONSTANT = 'hsdir-encrypted-data'
 """
 
 SALT_LEN = 16
@@ -128,6 +133,7 @@ S_KEY_LEN = 32
 S_IV_LEN = 16
 MAC_KEY_LEN = 32
 
+
 def _ciphertext_mac_is_valid(key, salt, ciphertext, mac):
     """
     Instantiate MAC(key=k, message=m) with H(k_len | k | m), where k_len is
@@ -135,20 +141,22 @@ def _ciphertext_mac_is_valid(key, salt, ciphertext, mac):
 
     XXX spec:   H(mac_key_len | mac_key | salt_len | salt | encrypted)
     """
+
     # Construct our own MAC first
     key_len = len(key).to_bytes(8, 'big')
     salt_len = len(salt).to_bytes(8, 'big')
 
-    my_mac_body = b"%s%s%s%s%s" % (key_len, key, salt_len, salt, ciphertext)
+    my_mac_body = b'%s%s%s%s%s' % (key_len, key, salt_len, salt, ciphertext)
     my_mac = hashlib.sha3_256(my_mac_body).digest()
 
-    print("===")
-    print("my mac: %s" % my_mac.hex())
-    print("their mac: %s" % mac.hex())
+    print('===')
+    print('my mac: %s' % my_mac.hex())
+    print('their mac: %s' % mac.hex())
 
     # Compare the two MACs
     return my_mac == mac
 
+
 def _decrypt_descriptor_layer(ciphertext_blob_b64, revision_counter,
                               public_identity_key, subcredential,
                               secret_data, string_constant):
@@ -159,39 +167,39 @@ def _decrypt_descriptor_layer(ciphertext_blob_b64, revision_counter,
     ciphertext_blob = base64.b64decode(ciphertext_blob_b64)
 
     if (len(ciphertext_blob) < SALT_LEN + MAC_LEN):
-        raise ValueError("bad encrypted blob")
+        raise ValueError('bad encrypted blob')
 
     salt = ciphertext_blob[:16]
     ciphertext = ciphertext_blob[16:-32]
     mac = ciphertext_blob[-32:]
 
-    print("encrypted blob lenth :%s" % len(ciphertext_blob))
-    print("salt: %s" % salt.hex())
-    print("ciphertext length: %s" % len(ciphertext))
-    print("mac: %s" % mac.hex())
-    print("===")
+    print('encrypted blob lenth :%s' % len(ciphertext_blob))
+    print('salt: %s' % salt.hex())
+    print('ciphertext length: %s' % len(ciphertext))
+    print('mac: %s' % mac.hex())
+    print('===')
 
     # INT_8(revision_counter)
     rev_counter_int_8 = revision_counter.to_bytes(8, 'big')
-    secret_input = b"%s%s%s" % (secret_data, subcredential, rev_counter_int_8)
+    secret_input = b'%s%s%s' % (secret_data, subcredential, rev_counter_int_8)
     secret_input = secret_input
 
-    print("secret_data (%d): %s" % (len(secret_data), secret_data.hex()))
-    print("subcredential (%d): %s" % (len(subcredential), subcredential.hex()))
-    print("rev counter int 8 (%d): %s" % (len(rev_counter_int_8), rev_counter_int_8.hex()))
-    print("secret_input (%s): %s" % (len(secret_input), secret_input.hex()))
-    print("===")
+    print('secret_data (%d): %s' % (len(secret_data), secret_data.hex()))
+    print('subcredential (%d): %s' % (len(subcredential), subcredential.hex()))
+    print('rev counter int 8 (%d): %s' % (len(rev_counter_int_8), rev_counter_int_8.hex()))
+    print('secret_input (%s): %s' % (len(secret_input), secret_input.hex()))
+    print('===')
 
-    kdf = hashlib.shake_256(b"%s%s%s" % (secret_input, salt, string_constant))
-    keys = kdf.digest(S_KEY_LEN+S_IV_LEN+MAC_KEY_LEN)
+    kdf = hashlib.shake_256(b'%s%s%s' % (secret_input, salt, string_constant))
+    keys = kdf.digest(S_KEY_LEN + S_IV_LEN + MAC_KEY_LEN)
 
     secret_key = keys[:S_KEY_LEN]
-    secret_iv = keys[S_KEY_LEN:S_KEY_LEN+S_IV_LEN]
-    mac_key = keys[S_KEY_LEN+S_IV_LEN:]
+    secret_iv = keys[S_KEY_LEN:S_KEY_LEN + S_IV_LEN]
+    mac_key = keys[S_KEY_LEN + S_IV_LEN:]
 
-    print("secret_key: %s" % secret_key.hex())
-    print("secret_iv: %s" % secret_iv.hex())
-    print("mac_key: %s" % mac_key.hex())
+    print('secret_key: %s' % secret_key.hex())
+    print('secret_iv: %s' % secret_iv.hex())
+    print('mac_key: %s' % mac_key.hex())
 
     # Now time to decrypt descriptor
     cipher = Cipher(algorithms.AES(secret_key), modes.CTR(secret_iv), default_backend())
@@ -200,14 +208,14 @@ def _decrypt_descriptor_layer(ciphertext_blob_b64, revision_counter,
 
     # validate mac (the mac validates the two fields before the mac)
     if not _ciphertext_mac_is_valid(mac_key, salt, ciphertext, mac):
-        raise ValueError("Bad MAC!!!")
+        raise ValueError('Bad MAC!!!')
 
     return decrypted
 
-def decrypt_outter_layer(superencrypted_blob_b64, revision_counter,
-                        public_identity_key, blinded_key, subcredential):
+
+def decrypt_outter_layer(superencrypted_blob_b64, revision_counter, public_identity_key, blinded_key, subcredential):
     secret_data = blinded_key
-    string_constant = b"hsdir-superencrypted-data"
+    string_constant = b'hsdir-superencrypted-data'
 
     # XXX Remove the BEGIN MESSSAGE around the thing
     superencrypted_blob_b64_lines = superencrypted_blob_b64.split('\n')
@@ -215,26 +223,22 @@ def decrypt_outter_layer(superencrypted_blob_b64, revision_counter,
     assert(superencrypted_blob_b64_lines[-1] == '-----END MESSAGE-----')
     superencrypted_blob_b64 = ''.join(superencrypted_blob_b64_lines[1:-1])
 
-    print("====== Decrypting outter layer =======")
+    print('====== Decrypting outter layer =======')
 
-    return _decrypt_descriptor_layer(superencrypted_blob_b64, revision_counter,
-                              public_identity_key, subcredential,
-                              secret_data, string_constant)
+    return _decrypt_descriptor_layer(superencrypted_blob_b64, revision_counter, public_identity_key, subcredential, secret_data, string_constant)
 
-def decrypt_inner_layer(encrypted_blob_b64, revision_counter,
-                        public_identity_key, blinded_key, subcredential):
+
+def decrypt_inner_layer(encrypted_blob_b64, revision_counter, public_identity_key, blinded_key, subcredential):
     secret_data = blinded_key
-    string_constant = b"hsdir-encrypted-data"
+    string_constant = b'hsdir-encrypted-data'
+
+    print('====== Decrypting inner layer =======')
 
-    print("====== Decrypting inner layer =======")
+    return _decrypt_descriptor_layer(encrypted_blob_b64, revision_counter, public_identity_key, subcredential, secret_data, string_constant)
 
-    return _decrypt_descriptor_layer(encrypted_blob_b64, revision_counter,
-                                     public_identity_key, subcredential,
-                                     secret_data, string_constant)
 
 def parse_superencrypted_plaintext(outter_layer_plaintext):
     """Super hacky function to parse the superencrypted plaintext. This will need to be replaced by proper stem code."""
-    import re
 
     START_CONSTANT = b'-----BEGIN MESSAGE-----\n'
     END_CONSTANT = b'\n-----END MESSAGE-----'
@@ -245,4 +249,3 @@ def parse_superencrypted_plaintext(outter_layer_plaintext):
     start = start + len(START_CONSTANT)
 
     return outter_layer_plaintext[start:end]
-
diff --git a/test/settings.cfg b/test/settings.cfg
index 1b971bb4..7e42b3af 100644
--- a/test/settings.cfg
+++ b/test/settings.cfg
@@ -207,6 +207,7 @@ pyflakes.ignore stem/prereq.py => 'cryptography.hazmat.primitives.serialization.
 pyflakes.ignore stem/prereq.py => 'cryptography.hazmat.primitives.ciphers.modes' imported but unused
 pyflakes.ignore stem/prereq.py => 'cryptography.hazmat.primitives.ciphers.Cipher' imported but unused
 pyflakes.ignore stem/prereq.py => 'cryptography.hazmat.primitives.ciphers.algorithms' imported but unused
+pyflakes.ignore stem/prereq.py => 'cryptography.hazmat.primitives.asymmetric.ed25519.Ed25519PublicKey' imported but unused
 pyflakes.ignore stem/prereq.py => 'lzma' imported but unused
 pyflakes.ignore stem/client/datatype.py => redefinition of unused 'pop' from *
 pyflakes.ignore stem/descriptor/hidden_service_descriptor.py => 'stem.descriptor.hidden_service.*' imported but unused
diff --git a/test/unit/descriptor/hidden_service_v3.py b/test/unit/descriptor/hidden_service_v3.py
index 4fdc72bd..98de246e 100644
--- a/test/unit/descriptor/hidden_service_v3.py
+++ b/test/unit/descriptor/hidden_service_v3.py
@@ -45,7 +45,7 @@ class TestHiddenServiceDescriptorV3(unittest.TestCase):
 
     with open(get_resource('hidden_service_v3_test'), 'rb') as descriptor_file:
       desc = next(stem.descriptor.parse_file(descriptor_file, 'hidden-service-descriptor-3 1.0', validate = True,
-                  onion_address="sltib6sxkuxh2scmtuvd5w2g7pahnzkovefxpo4e4ptnkzl5kkq5h2ad.onion"))
+                  onion_address = 'sltib6sxkuxh2scmtuvd5w2g7pahnzkovefxpo4e4ptnkzl5kkq5h2ad.onion'))
 
     self.assertEqual(3, desc.version)
     self.assertEqual(180, desc.lifetime)



_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits