def validate(self, lines, contents): direc = self['Directory'] if direc['Version'] != "0.2": raise ConfigError("Unrecognized directory version") if direc['Published'] > time.time() + 600: raise ConfigError("Directory published in the future") if direc['Valid-Until'] <= direc['Valid-After']: raise ConfigError("Directory is never valid") sig = self['Signature'] identityKey = sig['DirectoryIdentity'] identityBytes = identityKey.get_modulus_bytes() if not (MIN_IDENTITY_BYTES <= identityBytes <= MAX_IDENTITY_BYTES): raise ConfigError("Invalid length on identity key") # Now, at last, we check the digest if self.expectedDigest != sig['DirectoryDigest']: raise ConfigError("Invalid digest") try: signedDigest = pk_check_signature(sig['DirectorySignature'], identityKey) except CryptoError: raise ConfigError("Invalid signature") if self.expectedDigest != signedDigest: raise ConfigError("Signed digest was incorrect")
def validate(self, lines, contents): #### # Check 'Server' section. server = self['Server'] if server['Descriptor-Version'] != '0.2': raise ConfigError("Unrecognized descriptor version %r" % server['Descriptor-Version']) #### # Check the digest of file digest = getServerInfoDigest(contents) if digest != server['Digest']: raise ConfigError("Invalid digest") # Have we already validated this particular ServerInfo? if (self._validatedDigests and self._validatedDigests.has_key(digest)): self._isValidated = 1 return # Validate the rest of the server section. identityKey = server['Identity'] identityBytes = identityKey.get_modulus_bytes() if not (MIN_IDENTITY_BYTES <= identityBytes <= MAX_IDENTITY_BYTES): raise ConfigError("Invalid length on identity key") if server['Published'] > time.time() + 600: raise ConfigError("Server published in the future") if server['Valid-Until'] <= server['Valid-After']: raise ConfigError("Server is never valid") if server['Contact'] and len(server['Contact']) > MAX_CONTACT: raise ConfigError("Contact too long") if server['Comments'] and len(server['Comments']) > MAX_COMMENTS: raise ConfigError("Comments too long") if server['Contact-Fingerprint'] and \ len(server['Contact-Fingerprint']) > MAX_FINGERPRINT: raise ConfigError("Contact-Fingerprint too long") packetKeyBytes = server['Packet-Key'].get_modulus_bytes() if packetKeyBytes != PACKET_KEY_BYTES: raise ConfigError("Invalid length on packet key") #### # Check signature try: signedDigest = pk_check_signature(server['Signature'], identityKey) except CryptoError: raise ConfigError("Invalid signature") if digest != signedDigest: raise ConfigError("Signed digest is incorrect") ## Incoming/MMTP section inMMTP = self['Incoming/MMTP'] if inMMTP: if inMMTP['Version'] != '0.1': raise ConfigError("Unrecognized MMTP descriptor version %s" % inMMTP['Version']) ## Outgoing/MMTP section outMMTP = self['Outgoing/MMTP'] if outMMTP: if outMMTP['Version'] != '0.1': raise ConfigError("Unrecognized MMTP descriptor version %s" % inMMTP['Version']) # FFFF When a better client module system exists, check the # FFFF module descriptors. self._isValidated = 1
def validate(self, lines, contents): #### # Check 'Server' section. server = self['Server'] if server['Descriptor-Version'] != '0.2': raise ConfigError("Unrecognized descriptor version %r" % server['Descriptor-Version']) #### # Check the digest of file digest = getServerInfoDigest(contents) if digest != server['Digest']: raise ConfigError("Invalid digest") # Have we already validated this particular ServerInfo? if (self._validatedDigests and self._validatedDigests.has_key(digest)): self._isValidated = 1 return # Validate the rest of the server section. identityKey = server['Identity'] identityBytes = identityKey.get_modulus_bytes() if not (MIN_IDENTITY_BYTES <= identityBytes <= MAX_IDENTITY_BYTES): raise ConfigError("Invalid length on identity key") if server['Published'] > time.time() + 600: raise ConfigError("Server published in the future") if server['Valid-Until'] <= server['Valid-After']: raise ConfigError("Server is never valid") if server['Contact'] and len(server['Contact']) > MAX_CONTACT: raise ConfigError("Contact too long") if server['Comments'] and len(server['Comments']) > MAX_COMMENTS: raise ConfigError("Comments too long") if server['Contact-Fingerprint'] and \ len(server['Contact-Fingerprint']) > MAX_FINGERPRINT: raise ConfigError("Contact-Fingerprint too long") packetKeyBytes = server['Packet-Key'].get_modulus_bytes() if packetKeyBytes != PACKET_KEY_BYTES: raise ConfigError("Invalid length on packet key") #### # Check signature try: signedDigest = pk_check_signature(server['Signature'], identityKey) except CryptoError: raise ConfigError("Invalid signature") if digest != signedDigest: raise ConfigError("Signed digest is incorrect") ## Incoming/MMTP section inMMTP = self['Incoming/MMTP'] if inMMTP: if inMMTP['Version'] != '0.1': raise ConfigError("Unrecognized MMTP descriptor version %s"% inMMTP['Version']) ## Outgoing/MMTP section outMMTP = self['Outgoing/MMTP'] if outMMTP: if outMMTP['Version'] != '0.1': raise ConfigError("Unrecognized MMTP descriptor version %s"% inMMTP['Version']) # FFFF When a better client module system exists, check the # FFFF module descriptors. self._isValidated = 1