util

Details

Crypto utility functions. Includes:

• Constant time string comparisons
• Wrappers around encryption/decryption operations
• The “recognized” check for incoming cells
• A couple methods for verifying TLS certificate properties (signatures and times)

crypto.util.constantStrEqual(str1, str2)

Do a constant-time comparison of str1 and str2, returning True if they are equal, False otherwise.

Use built-in hmac.compare_digest if it’s available, otherwise custom constant-time comparison.

Parameters:

• str1 (str) – first string to compare
• str2 (str) – second string to compare

Returns:

bool True if str1 == str2, False otherwise

crypto.util.constantStrAllZero(s)

Check if s consists of all zero bytes.

Parameters:s (str) – string to check Returns:bool True if s contains all zero bytes, False otherwise

crypto.util.makeAES128CTRCipher(key, initial_value=0)

Create and return a new AES128-CTR cipher instance.

Parameters:

• key (str) – key to use for this cipher
• initial_value – initial_value to use

Returns:

Crypto.Cipher.AES.AES

crypto.util.makeHMACSHA256(msg, key)

Make a new HMAC-SHA256 with msg and key and return digest byte string.

Parameters:

• msg (str) – msg
• key (str) – key to use

Returns:

str HMAC digest

crypto.util.makePayloadWithDigest(payload, digest='\x00\x00\x00\x00')

Make a new payload with digest inserted in the correct position.

Parameters:

• payload (str) – payload in which to insert digest
• digest (str) – digest to insert

Returns:

str payload with digest inserted into correct position

crypto.util.encryptCellToTarget(cell, crypt_path, target=2, early=False)

Encrypt cell to the target relay in crypt_path and update the appropriate forward digest.

Parameters:

• cell (cell) – cell to encrypt
• crypt_path (list) – list of RelayCrypto instances available for encryption
• target (int) – target node to encrypt to
• early (bool) – if True, use a RELAY_EARLY cmd instead of a RELAY cmd

Returns:

oppy.cell.fixedlen.EncryptedCell

crypto.util.cellRecognized(payload, relay_crypto)

Return True if this payload is recognized.

Note

See tor-spec Section 6.1 for details about what it means for a cell to be recognized.

Parameters:

• payload (str) – payload to check if recognized
• relay_crypto (oppy.crypto.relaycrypto.RelayCrypto) – RelayCrypto instance to use for checking if payload is recognized

Returns:

bool True if this payload is recognized, False otherwise

crypto.util.decryptCellUntilRecognized(cell, crypt_path, origin=2)

Decrypt cell until it is recognized or we’ve tried all RelayCrypto’s in crypt_path.

Attempt to decrypt the cell one hop at a time. Stop if the cell is recognized. Raise an exception if the cell is not recognized at all.

Parameters:

• cell (cell) – cell to decrypt
• oppy.crypto.relaycrypto.RelayCrypto crypt_path (list,) – list of RelayCrypto instances to use for decryption
• origin (int) – the originating hop we think this cell came from

Returns:

the concrete RelayCell type of this decrypted cell

crypto.util.verifyCertSig(id_cert, cert_to_verify, algo='sha1')

Verify that the SSL certificate id_cert has signed the TLS cert cert_to_verify.

Parameters:

• id_cert (OpenSSL.crypto.X509) – Identification Certificate
• cert_to_verify (OpenSSL.crypto.X509) – certificate to verify signature on
• algo (str) – algorithm to use for certificate verification

Returns:

bool True if the signature of cert_to_verify can be verified from id_cert, False otherwise

crypto.util.validCertTime(cert)

Verify that TLS certificate cert‘s time is not earlier than cert.notBefore and not later than cert.notAfter.

Parameters:cert (OpenSSL.crypto.X509) – TLS Certificate to verify times of Returns:bool True if cert.notBefore < now < cert.notAfter, False otherwise