Make get-tor.py download Tor Browser signing key from keys.openpgp.org

3 files changed, 6 insertions, 5 deletions

diff --git a/cli/onionshare_cli/resources/torrc_template-snowflake b/cli/onionshare_cli/resources/torrc_template-snowflake
index 40a9ccbb..0ca1edae 100644
--- a/cli/onionshare_cli/resources/torrc_template-snowflake
+++ b/cli/onionshare_cli/resources/torrc_template-snowflake
@@ -1,3 +1,3 @@
 # Enable built-in snowflake bridge
-Bridge snowflake 192.0.2.3:80 2B280B23E1107BB62ABFC40DDCC8824814F80A72 fingerprint=2B280B23E1107BB62ABFC40DDCC8824814F80A72 url=https://snowflake-broker.torproject.net.global.prod.fastly.net/ front=cdn.sstatic.net ice=stun:stun.l.google.com:19302,stun:stun.antisip.com:3478,stun:stun.bluesip.net:3478,stun:stun.dus.net:3478,stun:stun.epygi.com:3478,stun:stun.sonetel.com:3478,stun:stun.uls.co.za:3478,stun:stun.voipgate.com:3478,stun:stun.voys.nl:3478 utls-imitate=hellorandomizedalpn
-Bridge snowflake 192.0.2.4:80 8838024498816A039FCBBAB14E6F40A0843051FA fingerprint=8838024498816A039FCBBAB14E6F40A0843051FA url=https://snowflake-broker.torproject.net.global.prod.fastly.net/ front=cdn.sstatic.net ice=stun:stun.l.google.com:19302,stun:stun.antisip.com:3478,stun:stun.bluesip.net:3478,stun:stun.dus.net:3478,stun:stun.epygi.com:3478,stun:stun.sonetel.net:3478,stun:stun.uls.co.za:3478,stun:stun.voipgate.com:3478,stun:stun.voys.nl:3478 utls-imitate=hellorandomizedalpn
+Bridge snowflake 192.0.2.3:80 2B280B23E1107BB62ABFC40DDCC8824814F80A72 fingerprint=2B280B23E1107BB62ABFC40DDCC8824814F80A72 url=https://snowflake-broker.torproject.net.global.prod.fastly.net/ front=foursquare.com ice=stun:stun.l.google.com:19302,stun:stun.antisip.com:3478,stun:stun.bluesip.net:3478,stun:stun.dus.net:3478,stun:stun.epygi.com:3478,stun:stun.sonetel.com:3478,stun:stun.uls.co.za:3478,stun:stun.voipgate.com:3478,stun:stun.voys.nl:3478 utls-imitate=hellorandomizedalpn
+Bridge snowflake 192.0.2.4:80 8838024498816A039FCBBAB14E6F40A0843051FA fingerprint=8838024498816A039FCBBAB14E6F40A0843051FA url=https://snowflake-broker.torproject.net.global.prod.fastly.net/ front=foursquare.com ice=stun:stun.l.google.com:19302,stun:stun.antisip.com:3478,stun:stun.bluesip.net:3478,stun:stun.dus.net:3478,stun:stun.epygi.com:3478,stun:stun.sonetel.net:3478,stun:stun.uls.co.za:3478,stun:stun.voipgate.com:3478,stun:stun.voys.nl:3478 utls-imitate=hellorandomizedalpn
diff --git a/desktop/scripts/get-tor.py b/desktop/scripts/get-tor.py
index 17ffec9d..977da76c 100644
--- a/desktop/scripts/get-tor.py
+++ b/desktop/scripts/get-tor.py
@@ -203,6 +203,9 @@ def get_tor_linux64(gpg, torkey, linux64_url, linux64_filename, expected_linux64
     # Verify signature
     sig_stream = open(tarball_sig_path, "rb")
     verified = gpg.verify_file(sig_stream, tarball_path)
+    print(verified)
+    print(verified.valid)
+    print(verified.pubkey_fingerprint)
     if not verified.valid or verified.pubkey_fingerprint != tor_dev_fingerprint:
         print("ERROR! The tarball verification with the signature failed!")
         sys.exit(-1)
@@ -322,9 +325,7 @@ def main(platform):
     ) = get_latest_tor_version_urls(platform)
     tmpdir = tempfile.TemporaryDirectory()
     gpg = gnupg.GPG(gnupghome=tmpdir.name)
-    torkey = gpg.import_keys_file(
-        os.path.join(root_path, "scripts", "kounek7zrdx745qydx6p59t9mqjpuhdf")
-    )
+    torkey = gpg.recv_keys("keys.openpgp.org", tor_dev_fingerprint)
     print(f"Imported Tor GPG key: {torkey.fingerprints}")
 
     if platform == "win32":
diff --git a/desktop/scripts/kounek7zrdx745qydx6p59t9mqjpuhdf b/desktop/scripts/kounek7zrdx745qydx6p59t9mqjpuhdf
deleted file mode 100644
index 8f4e9750..00000000
--- a/desktop/scripts/kounek7zrdx745qydx6p59t9mqjpuhdf
+++ /dev/null