Beispiel #1
0
    def sign_desc(self, body):
        idx = body.rfind("\nrouter-sig-ed25519 ")
        if idx >= 0:
            self.ED_CERT
            signed_part = body[:idx + len("\nrouter-sig-ed25519 ")]
            signed_part = "Tor router descriptor signature v1" + signed_part
            digest = hashlib.sha256(signed_part).digest()
            ed_sig = ed25519_exts_ref.signatureWithESK(digest,
                                                       self.ed_signing_sk,
                                                       self.ed_signing_pk)

            body = body.replace(MAGIC2,
                                base64.b64encode(ed_sig).replace("=", ""))

        idx = body.rindex("\nrouter-signature")
        end_of_sig = body.index("\n", idx + 1)

        signed_part = body[:end_of_sig + 1]

        digest = hashlib.sha1(signed_part).digest()
        assert len(digest) == 20

        rsasig = rsa_sign(digest, self.rsa_id)

        body = body.replace(MAGIC1, objwrap("SIGNATURE", b64(rsasig)))

        return body
Beispiel #2
0
    def sign_desc(self, body):
        idx = body.rfind("\nrouter-sig-ed25519 ")
        if idx >= 0:
            self.ED_CERT
            signed_part = body[:idx+len("\nrouter-sig-ed25519 ")]
            signed_part = "Tor router descriptor signature v1" + signed_part
            digest = hashlib.sha256(signed_part).digest()
            ed_sig = ed25519_exts_ref.signatureWithESK(digest,
                                      self.ed_signing_sk, self.ed_signing_pk)

            body = body.replace(MAGIC2, base64.b64encode(ed_sig).replace("=",""))

        idx = body.rindex("\nrouter-signature")
        end_of_sig = body.index("\n", idx+1)

        signed_part = body[:end_of_sig+1]

        digest = hashlib.sha1(signed_part).digest()
        assert len(digest) == 20

        rsasig = rsa_sign(digest, self.rsa_id)

        body = body.replace(MAGIC1, objwrap("SIGNATURE", b64(rsasig)))

        return body
Beispiel #3
0
def makeEdSigningKeyCert(sk_master, pk_master, pk_signing, date,
                         includeSigning=False, certType=1):
    assert len(pk_signing) == len(pk_master) == 32
    expiration = struct.pack("!L", date//3600)
    if includeSigning:
        extensions = "\x01\x00\x20\x04\x00%s"%(pk_master)
    else:
        extensions = "\x00"
    signed = "\x01%s%s\x01%s%s" % (
        chr(certType), expiration, pk_signing, extensions)
    signature = ed25519_exts_ref.signatureWithESK(signed, sk_master, pk_master)
    assert len(signature) == 64
    return signed+signature
Beispiel #4
0
def makeEdSigningKeyCert(sk_master, pk_master, pk_signing, date,
                         includeSigning=False, certType=1):
    assert len(pk_signing) == len(pk_master) == 32
    expiration = struct.pack("!L", date//3600)
    if includeSigning:
        extensions = "\x01\x00\x20\x04\x00%s"%(pk_master)
    else:
        extensions = "\x00"
    signed = "\x01%s%s\x01%s%s" % (
        chr(certType), expiration, pk_signing, extensions)
    signature = ed25519_exts_ref.signatureWithESK(signed, sk_master, pk_master)
    assert len(signature) == 64
    return signed+signature