def validate(self, lines, contents):
direc = self['Directory']
if direc['Version'] != "0.2":
raise ConfigError("Unrecognized directory version")
if direc['Published'] > time.time() + 600:
raise ConfigError("Directory published in the future")
if direc['Valid-Until'] <= direc['Valid-After']:
raise ConfigError("Directory is never valid")
sig = self['Signature']
identityKey = sig['DirectoryIdentity']
identityBytes = identityKey.get_modulus_bytes()
if not (MIN_IDENTITY_BYTES <= identityBytes <= MAX_IDENTITY_BYTES):
raise ConfigError("Invalid length on identity key")
# Now, at last, we check the digest
if self.expectedDigest != sig['DirectoryDigest']:
raise ConfigError("Invalid digest")
try:
signedDigest = pk_check_signature(sig['DirectorySignature'],
identityKey)
except CryptoError:
raise ConfigError("Invalid signature")
if self.expectedDigest != signedDigest:
raise ConfigError("Signed digest was incorrect")
def validate(self, lines, contents):
direc = self['Directory']
if direc['Version'] != "0.2":
raise ConfigError("Unrecognized directory version")
if direc['Published'] > time.time() + 600:
raise ConfigError("Directory published in the future")
if direc['Valid-Until'] <= direc['Valid-After']:
raise ConfigError("Directory is never valid")
sig = self['Signature']
identityKey = sig['DirectoryIdentity']
identityBytes = identityKey.get_modulus_bytes()
if not (MIN_IDENTITY_BYTES <= identityBytes <= MAX_IDENTITY_BYTES):
raise ConfigError("Invalid length on identity key")
# Now, at last, we check the digest
if self.expectedDigest != sig['DirectoryDigest']:
raise ConfigError("Invalid digest")
try:
signedDigest = pk_check_signature(sig['DirectorySignature'],
identityKey)
except CryptoError:
raise ConfigError("Invalid signature")
if self.expectedDigest != signedDigest:
raise ConfigError("Signed digest was incorrect")
def validate(self, lines, contents):
####
# Check 'Server' section.
server = self['Server']
if server['Descriptor-Version'] != '0.2':
raise ConfigError("Unrecognized descriptor version %r" %
server['Descriptor-Version'])
####
# Check the digest of file
digest = getServerInfoDigest(contents)
if digest != server['Digest']:
raise ConfigError("Invalid digest")
# Have we already validated this particular ServerInfo?
if (self._validatedDigests and self._validatedDigests.has_key(digest)):
self._isValidated = 1
return
# Validate the rest of the server section.
identityKey = server['Identity']
identityBytes = identityKey.get_modulus_bytes()
if not (MIN_IDENTITY_BYTES <= identityBytes <= MAX_IDENTITY_BYTES):
raise ConfigError("Invalid length on identity key")
if server['Published'] > time.time() + 600:
raise ConfigError("Server published in the future")
if server['Valid-Until'] <= server['Valid-After']:
raise ConfigError("Server is never valid")
if server['Contact'] and len(server['Contact']) > MAX_CONTACT:
raise ConfigError("Contact too long")
if server['Comments'] and len(server['Comments']) > MAX_COMMENTS:
raise ConfigError("Comments too long")
if server['Contact-Fingerprint'] and \
len(server['Contact-Fingerprint']) > MAX_FINGERPRINT:
raise ConfigError("Contact-Fingerprint too long")
packetKeyBytes = server['Packet-Key'].get_modulus_bytes()
if packetKeyBytes != PACKET_KEY_BYTES:
raise ConfigError("Invalid length on packet key")
####
# Check signature
try:
signedDigest = pk_check_signature(server['Signature'], identityKey)
except CryptoError:
raise ConfigError("Invalid signature")
if digest != signedDigest:
raise ConfigError("Signed digest is incorrect")
## Incoming/MMTP section
inMMTP = self['Incoming/MMTP']
if inMMTP:
if inMMTP['Version'] != '0.1':
raise ConfigError("Unrecognized MMTP descriptor version %s" %
inMMTP['Version'])
## Outgoing/MMTP section
outMMTP = self['Outgoing/MMTP']
if outMMTP:
if outMMTP['Version'] != '0.1':
raise ConfigError("Unrecognized MMTP descriptor version %s" %
inMMTP['Version'])
# FFFF When a better client module system exists, check the
# FFFF module descriptors.
self._isValidated = 1
def validate(self, lines, contents):
####
# Check 'Server' section.
server = self['Server']
if server['Descriptor-Version'] != '0.2':
raise ConfigError("Unrecognized descriptor version %r" %
server['Descriptor-Version'])
####
# Check the digest of file
digest = getServerInfoDigest(contents)
if digest != server['Digest']:
raise ConfigError("Invalid digest")
# Have we already validated this particular ServerInfo?
if (self._validatedDigests and
self._validatedDigests.has_key(digest)):
self._isValidated = 1
return
# Validate the rest of the server section.
identityKey = server['Identity']
identityBytes = identityKey.get_modulus_bytes()
if not (MIN_IDENTITY_BYTES <= identityBytes <= MAX_IDENTITY_BYTES):
raise ConfigError("Invalid length on identity key")
if server['Published'] > time.time() + 600:
raise ConfigError("Server published in the future")
if server['Valid-Until'] <= server['Valid-After']:
raise ConfigError("Server is never valid")
if server['Contact'] and len(server['Contact']) > MAX_CONTACT:
raise ConfigError("Contact too long")
if server['Comments'] and len(server['Comments']) > MAX_COMMENTS:
raise ConfigError("Comments too long")
if server['Contact-Fingerprint'] and \
len(server['Contact-Fingerprint']) > MAX_FINGERPRINT:
raise ConfigError("Contact-Fingerprint too long")
packetKeyBytes = server['Packet-Key'].get_modulus_bytes()
if packetKeyBytes != PACKET_KEY_BYTES:
raise ConfigError("Invalid length on packet key")
####
# Check signature
try:
signedDigest = pk_check_signature(server['Signature'], identityKey)
except CryptoError:
raise ConfigError("Invalid signature")
if digest != signedDigest:
raise ConfigError("Signed digest is incorrect")
## Incoming/MMTP section
inMMTP = self['Incoming/MMTP']
if inMMTP:
if inMMTP['Version'] != '0.1':
raise ConfigError("Unrecognized MMTP descriptor version %s"%
inMMTP['Version'])
## Outgoing/MMTP section
outMMTP = self['Outgoing/MMTP']
if outMMTP:
if outMMTP['Version'] != '0.1':
raise ConfigError("Unrecognized MMTP descriptor version %s"%
inMMTP['Version'])
# FFFF When a better client module system exists, check the
# FFFF module descriptors.
self._isValidated = 1
