Implement verification of server descriptor
We need to implement is_valid() method of stem.descriptor.server_descriptor.RelayDescriptor ! , to do some verifications on the descriptor:
a contained fingerprint is actually a hash of the signing key and
a router signature was created using the signing key.
There's already Java code for doing this in metrics-tasks 2. However, the Java code is a standalone test, while stem's implementation is self-contained within the descriptor.
We need some ssl library to read the pem-format keys in descriptors, and M2Crypto seems to be the best choice 3. The problem with M2Crypto is that it requires SSL_v2 support from openssl, which is considered unsafe thus excluded from recent Ubuntu releases, and possibly Debian 4. I don't know how many people run Tor in Ubuntu, and whether we should let users responsible for having a complete openssl library. It seems quite hard to work this around on Ubuntu .