def sign_desc(self, body): idx = body.rfind("\nrouter-sig-ed25519 ") if idx >= 0: self.ED_CERT signed_part = body[:idx + len("\nrouter-sig-ed25519 ")] signed_part = "Tor router descriptor signature v1" + signed_part digest = hashlib.sha256(signed_part).digest() ed_sig = ed25519_exts_ref.signatureWithESK(digest, self.ed_signing_sk, self.ed_signing_pk) body = body.replace(MAGIC2, base64.b64encode(ed_sig).replace("=", "")) idx = body.rindex("\nrouter-signature") end_of_sig = body.index("\n", idx + 1) signed_part = body[:end_of_sig + 1] digest = hashlib.sha1(signed_part).digest() assert len(digest) == 20 rsasig = rsa_sign(digest, self.rsa_id) body = body.replace(MAGIC1, objwrap("SIGNATURE", b64(rsasig))) return body
def sign_desc(self, body): idx = body.rfind("\nrouter-sig-ed25519 ") if idx >= 0: self.ED_CERT signed_part = body[:idx+len("\nrouter-sig-ed25519 ")] signed_part = "Tor router descriptor signature v1" + signed_part digest = hashlib.sha256(signed_part).digest() ed_sig = ed25519_exts_ref.signatureWithESK(digest, self.ed_signing_sk, self.ed_signing_pk) body = body.replace(MAGIC2, base64.b64encode(ed_sig).replace("=","")) idx = body.rindex("\nrouter-signature") end_of_sig = body.index("\n", idx+1) signed_part = body[:end_of_sig+1] digest = hashlib.sha1(signed_part).digest() assert len(digest) == 20 rsasig = rsa_sign(digest, self.rsa_id) body = body.replace(MAGIC1, objwrap("SIGNATURE", b64(rsasig))) return body
def makeEdSigningKeyCert(sk_master, pk_master, pk_signing, date, includeSigning=False, certType=1): assert len(pk_signing) == len(pk_master) == 32 expiration = struct.pack("!L", date//3600) if includeSigning: extensions = "\x01\x00\x20\x04\x00%s"%(pk_master) else: extensions = "\x00" signed = "\x01%s%s\x01%s%s" % ( chr(certType), expiration, pk_signing, extensions) signature = ed25519_exts_ref.signatureWithESK(signed, sk_master, pk_master) assert len(signature) == 64 return signed+signature