Hi Karsten & Damian,
I've been trying to port function determineKeyHash() from VerifyDescriptors.java to stem, and it turned out to be more complicated than I thought due to my unfamiliarity to many cryptography terms and standards. I finally figured out a way to do it by using a light-weighted library called Python-RSA, and it solved my problem in no more than 5 lines of code. I realized that I should get better understanding of some basic stuff before I move on.
Here's the python code that verifies the key hash:
import rsa, hashlib pubkey = rsa.PublicKey.load_pkcs1(desc.signing_key) der_encoded = pubkey.save_pkcs1(format = "DER") hashlib.sha1(der_encoded).hexdigest() == desc.fingerprint.lower()
True
1. Specs says signing key is "a public key in PEM format" [1], but what standard does it use? I tried to use M2Crypto, a Python wrapper for OpenSSL, to import this key, but failed. Then I found out that OpenSSL uses X.509 for its public keys, thus M2Crypto only supports X.509 public keys. Then I looked at the Java code for determineKeyHash() and it suggests that the key uses PKCS standard. It seems that PKCS#1 is the final answer, but the javadoc page of PEMReader in BouncyCastle says it can read "OpenSSL PEM encoded streams containing X509 certificates, PKCS8 encoded keys and PKCS7 objects" [2]. So is it PKCS#1 or PKCS#8? And what's the difference?
2. Specs says fingerprint is "a HASH_LEN-byte of asn1 encoded public key, encoded in hex" [1]. But to me, it seems to be "a SHA1 digest of DER encoded public key, encoded in hex". Specifically, is it necessary to specify the length of fingerprint? And ASN1 is a standard with several possible encoding rules, do we always use DER?
I know that's a lot of questions...thanks!
Best, Beck
PS. Are you guys getting email updates from ticket #5810? I'm doubting that you two are not actually CCed since no one is replying... PSS. Do we need to keep Ravi in this conversation? PSSS. Should I wrap up my email to 78 words per line?
[1]. https://gitweb.torproject.org/torspec.git?a=blob_plain;hb=HEAD;f=dir-spec.tx... [2]. http://www.bouncycastle.org/docs/pkixdocs1.5on/org/bouncycastle/openssl/PEMR...