Details
Crypto utility functions. Includes:
- Constant time string comparisons
- Wrappers around encryption/decryption operations
- The “recognized” check for incoming cells
- A couple methods for verifying TLS certificate properties (signatures and times)
Do a constant-time comparison of str1 and str2, returning True if they are equal, False otherwise.
Use built-in hmac.compare_digest if it’s available, otherwise custom constant-time comparison.
Parameters: |
|
---|---|
Returns: | bool True if str1 == str2, False otherwise |
Check if s consists of all zero bytes.
Parameters: | s (str) – string to check |
---|---|
Returns: | bool True if s contains all zero bytes, False otherwise |
Create and return a new AES128-CTR cipher instance.
Parameters: |
|
---|---|
Returns: | Crypto.Cipher.AES.AES |
Make a new HMAC-SHA256 with msg and key and return digest byte string.
Parameters: |
|
---|---|
Returns: | str HMAC digest |
Make a new payload with digest inserted in the correct position.
Parameters: |
|
---|---|
Returns: | str payload with digest inserted into correct position |
Encrypt cell to the target relay in crypt_path and update the appropriate forward digest.
Parameters: |
|
---|---|
Returns: | oppy.cell.fixedlen.EncryptedCell |
Return True if this payload is recognized.
Note
See tor-spec Section 6.1 for details about what it means for a cell to be recognized.
Parameters: |
|
---|---|
Returns: | bool True if this payload is recognized, False otherwise |
Decrypt cell until it is recognized or we’ve tried all RelayCrypto’s in crypt_path.
Attempt to decrypt the cell one hop at a time. Stop if the cell is recognized. Raise an exception if the cell is not recognized at all.
Parameters: |
|
---|---|
Returns: | the concrete RelayCell type of this decrypted cell |
Verify that the SSL certificate id_cert has signed the TLS cert cert_to_verify.
Parameters: |
|
---|---|
Returns: | bool True if the signature of cert_to_verify can be verified from id_cert, False otherwise |