Home Explore Help
Sign In
iang
/
walkingonions
1
0
Fork 0
Files Issues 0 Pull Requests 0
Browse Source

Don't make signature verification a method of the object being verified

That approach opens a door to someone pickling a totally different class
with a bad verify method, and things of that nature.
Ian Goldberg 4 years ago
parent
9dab25df18
commit
55ec599c8e
3 changed files with 14 additions and 12 deletions
Split View Show Diff Stats
  1. 1 1
      client.py
  2. 11 9
      dirauth.py
  3. 2 2
      relay.py

+ 1 - 1
client.py
View File 

@@ -109,7 +109,7 @@ if __name__ == '__main__':
 
     # Tick the epoch
 
     network.thenetwork.nextepoch()
 
 
-    dirauth.DirAuth.consensus.verify(network.thenetwork.dirauthkeys())
 
+    dirauth.verify_consensus(dirauth.DirAuth.consensus, network.thenetwork.dirauthkeys())
 
 
     print('ticked; epoch=', network.thenetwork.getepoch())

+ 11 - 9
dirauth.py
View File 

@@ -37,9 +37,10 @@ class RelayDescriptor:
 
         signed = signingkey.sign(serialized.encode("ascii"))
 
         self.descdict["sig"] = signed.signature
 
 
-    def verify(self):
 
-        serialized = self.__str__(False)
 
-        self.descdict["idkey"].verify(serialized.encode("ascii"), self.descdict["sig"])
 
+
 
+def verify_relaydesc(desc):
 
+    serialized = desc.__str__(False)
 
+    desc.descdict["idkey"].verify(serialized.encode("ascii"), desc.descdict["sig"])
 
 
 
 # A consensus is a dict containing:
 
@@ -81,12 +82,13 @@ class Consensus:
 
             self.consdict['sigs'].extend([None] * (index+1-len(self.consdict['sigs'])))
 
         self.consdict['sigs'][index] = signed.signature
 
 
-    def verify(self, verifkeylist):
 
-        """Use the given list of verification keys to check the
 
-        signatures on the consensus."""
 
-        serialized = self.__str__(False)
 
-        for i, vk in enumerate(verifkeylist):
 
-            vk.verify(serialized.encode("ascii"), self.consdict['sigs'][i])
 
+
 
+def verify_consensus(consensus, verifkeylist):
 
+    """Use the given list of verification keys to check the
 
+    signatures on the consensus."""
 
+    serialized = consensus.__str__(False)
 
+    for i, vk in enumerate(verifkeylist):
 
+        vk.verify(serialized.encode("ascii"), consensus.consdict['sigs'][i])
 
 
 
 class DirAuthNetMsg(network.NetMsg):

+ 2 - 2
relay.py
View File 

@@ -266,7 +266,7 @@ class Relay(network.Server):
 
         descdict["flags"] = self.flags
 
         desc = dirauth.RelayDescriptor(descdict)
 
         desc.sign(self.idkey)
 
-        desc.verify()
 
+        dirauth.verify_relaydesc(desc)
 
 
         if upload:
 
             descmsg = dirauth.DirAuthUploadDescMsg(desc)
 
@@ -336,7 +336,7 @@ if __name__ == '__main__':
 
     # Tick the epoch
 
     network.thenetwork.nextepoch()
 
 
-    dirauth.DirAuth.consensus.verify(network.thenetwork.dirauthkeys())
 
+    dirauth.verify_consensus(dirauth.DirAuth.consensus, network.thenetwork.dirauthkeys())
 
 
     print('ticked; epoch=', network.thenetwork.getepoch())