remove client-side dependency on CSR.py

2026-01-26 07:41:33 +03:00 · 2012-07-16 15:11:10 -07:00
parent e70424dd4a
commit ac0defac00
3 changed files with 22 additions and 23 deletions
--- a/client-webserver/CSR.py
+++ b/client-webserver/CSR.py
@@ -1 +0,0 @@
-../server-ca/CSR.py
--- a/client-webserver/client.py
+++ b/client-webserver/client.py
@@ -1,10 +1,10 @@
 #!/usr/bin/env python

 from chocolate_protocol_pb2 import chocolatemessage
-import CSR
-from CSR import M2Crypto
+import M2Crypto
 import urllib2, os, sys, time, random, sys, hashlib, hashcash
-# CSR.py here should be a symlink to ../server-ca/CSR.py
+# It is OK to use the upstream M2Crypto here instead of our modified
+# version.
 # hashcash.py here should be a symlink to ../server-ca/hashcash.py

 difficulty = 20
@@ -32,6 +32,24 @@ else:

 cert_file = "cert.pem"     # we should use getopt to set all of these

+def sign(key, data):
+    """
+    Sign this data with this private key.  For client-side use.
+
+    @type key: str
+    @param key: PEM-encoded string of the private key.
+
+    @type data: str
+    @param data: The data to be signed. Will be hashed (sha256) prior to
+    signing.
+
+    @return: binary string of the signature
+    """
+    key = str(key)
+    data = str(data)
+    privkey = M2Crypto.RSA.load_key_string(key)
+    return privkey.sign(hashlib.sha256(data).digest(), 'sha256')
+
 def do(m):
    u = urllib2.urlopen(upstream, m.SerializeToString())
    return u.read()
@@ -50,7 +68,7 @@ def make_request(m, csr):
    m.request.clientpuzzle = hashcash.mint(server, difficulty)

 def sign(key, m):
-    m.request.sig = CSR.sign(key, ("(%d) (%s) (%s)" % (m.request.timestamp, m.request.recipient, m.request.csr)))
+    m.request.sig = sign(key, ("(%d) (%s) (%s)" % (m.request.timestamp, m.request.recipient, m.request.csr)))

 k=chocolatemessage()
 m=chocolatemessage()
--- a/server-ca/CSR.py
+++ b/server-ca/CSR.py
@@ -184,24 +184,6 @@ def verify(key, data, signature):
        return False
    return (res == 1) 

-def sign(key, data):
-    """
-    Sign this data with this private key.  For client-side use.
-
-    @type key: str
-    @param key: PEM-encoded string of the private key.
-
-    @type data: str
-    @param data: The data to be signed. Will be hashed (sha256) prior to
-    signing.
-
-    @return: binary string of the signature
-    """
-    key = str(key)
-    data = str(data)
-    privkey = M2Crypto.RSA.load_key_string(key)
-    return privkey.sign(hashlib.sha256(data).digest(), 'sha256')
-
 def encrypt(key, data):
    """
    Encrypt this data with this public key.