2019-01-16 18:33:22 +01:00
|
|
|
/* Copyright (c) 2016-2019, The Tor Project, Inc. */
|
2016-03-15 19:18:03 +01:00
|
|
|
/* See LICENSE for licensing information */
|
|
|
|
|
|
|
|
/**
|
|
|
|
* \file test_hs_descriptor.c
|
|
|
|
* \brief Test hidden service descriptor encoding and decoding.
|
|
|
|
*/
|
|
|
|
|
|
|
|
#define HS_DESCRIPTOR_PRIVATE
|
|
|
|
|
2018-06-21 18:47:11 +02:00
|
|
|
#include "lib/crypt_ops/crypto_ed25519.h"
|
2018-07-01 19:04:21 +02:00
|
|
|
#include "lib/crypt_ops/crypto_format.h"
|
2018-06-21 18:47:11 +02:00
|
|
|
#include "lib/crypt_ops/crypto_digest.h"
|
|
|
|
#include "lib/crypt_ops/crypto_rand.h"
|
2018-06-20 15:35:05 +02:00
|
|
|
#include "trunnel/ed25519_cert.h"
|
2018-07-05 22:34:59 +02:00
|
|
|
#include "core/or/or.h"
|
|
|
|
#include "feature/hs/hs_descriptor.h"
|
2018-06-20 15:35:05 +02:00
|
|
|
#include "test/test.h"
|
2018-07-05 22:34:59 +02:00
|
|
|
#include "feature/nodelist/torcert.h"
|
2016-03-15 19:18:03 +01:00
|
|
|
|
2018-06-20 15:35:05 +02:00
|
|
|
#include "test/hs_test_helpers.h"
|
|
|
|
#include "test/test_helpers.h"
|
|
|
|
#include "test/log_test_helpers.h"
|
2017-02-14 16:36:00 +01:00
|
|
|
|
2017-08-17 22:12:59 +02:00
|
|
|
#ifdef HAVE_CFLAG_WOVERLENGTH_STRINGS
|
|
|
|
DISABLE_GCC_WARNING(overlength-strings)
|
|
|
|
/* We allow huge string constants in the unit tests, but not in the code
|
|
|
|
* at large. */
|
|
|
|
#endif
|
|
|
|
#include "test_hs_descriptor.inc"
|
|
|
|
ENABLE_GCC_WARNING(overlength-strings)
|
|
|
|
|
2018-04-12 23:56:17 +02:00
|
|
|
/* Mock function to fill all bytes with 1 */
|
|
|
|
static void
|
|
|
|
mock_crypto_strongest_rand(uint8_t *out, size_t out_len)
|
|
|
|
{
|
|
|
|
memset(out, 1, out_len);
|
|
|
|
}
|
|
|
|
|
2016-03-15 19:18:03 +01:00
|
|
|
/* Test certificate encoding put in a descriptor. */
|
|
|
|
static void
|
|
|
|
test_cert_encoding(void *arg)
|
|
|
|
{
|
|
|
|
int ret;
|
|
|
|
char *encoded = NULL;
|
|
|
|
time_t now = time(NULL);
|
|
|
|
ed25519_keypair_t kp;
|
|
|
|
ed25519_public_key_t signed_key;
|
|
|
|
ed25519_secret_key_t secret_key;
|
|
|
|
tor_cert_t *cert = NULL;
|
|
|
|
|
|
|
|
(void) arg;
|
|
|
|
|
|
|
|
ret = ed25519_keypair_generate(&kp, 0);
|
|
|
|
tt_int_op(ret, == , 0);
|
|
|
|
ret = ed25519_secret_key_generate(&secret_key, 0);
|
|
|
|
tt_int_op(ret, == , 0);
|
|
|
|
ret = ed25519_public_key_generate(&signed_key, &secret_key);
|
|
|
|
tt_int_op(ret, == , 0);
|
|
|
|
|
|
|
|
cert = tor_cert_create(&kp, CERT_TYPE_SIGNING_AUTH, &signed_key,
|
|
|
|
now, 3600 * 2, CERT_FLAG_INCLUDE_SIGNING_KEY);
|
|
|
|
tt_assert(cert);
|
|
|
|
|
|
|
|
/* Test the certificate encoding function. */
|
2016-11-10 02:01:26 +01:00
|
|
|
ret = tor_cert_encode_ed22519(cert, &encoded);
|
2017-06-05 16:23:02 +02:00
|
|
|
tt_int_op(ret, OP_EQ, 0);
|
2016-03-15 19:18:03 +01:00
|
|
|
|
|
|
|
/* Validated the certificate string. */
|
|
|
|
{
|
|
|
|
char *end, *pos = encoded;
|
|
|
|
char *b64_cert, buf[256];
|
|
|
|
size_t b64_cert_len;
|
|
|
|
tor_cert_t *parsed_cert;
|
|
|
|
|
2017-06-05 16:23:02 +02:00
|
|
|
tt_int_op(strcmpstart(pos, "-----BEGIN ED25519 CERT-----\n"), OP_EQ, 0);
|
2016-03-15 19:18:03 +01:00
|
|
|
pos += strlen("-----BEGIN ED25519 CERT-----\n");
|
|
|
|
|
|
|
|
/* Isolate the base64 encoded certificate and try to decode it. */
|
|
|
|
end = strstr(pos, "-----END ED25519 CERT-----");
|
|
|
|
tt_assert(end);
|
|
|
|
b64_cert = pos;
|
|
|
|
b64_cert_len = end - pos;
|
|
|
|
ret = base64_decode(buf, sizeof(buf), b64_cert, b64_cert_len);
|
2017-06-05 16:23:02 +02:00
|
|
|
tt_int_op(ret, OP_GT, 0);
|
2016-03-15 19:18:03 +01:00
|
|
|
/* Parseable? */
|
|
|
|
parsed_cert = tor_cert_parse((uint8_t *) buf, ret);
|
|
|
|
tt_assert(parsed_cert);
|
|
|
|
/* Signature is valid? */
|
|
|
|
ret = tor_cert_checksig(parsed_cert, &kp.pubkey, now + 10);
|
2017-06-05 16:23:02 +02:00
|
|
|
tt_int_op(ret, OP_EQ, 0);
|
2016-03-15 19:18:03 +01:00
|
|
|
ret = tor_cert_eq(cert, parsed_cert);
|
2017-06-05 16:23:02 +02:00
|
|
|
tt_int_op(ret, OP_EQ, 1);
|
2016-03-15 19:18:03 +01:00
|
|
|
/* The cert did have the signing key? */
|
|
|
|
ret= ed25519_pubkey_eq(&parsed_cert->signing_key, &kp.pubkey);
|
2017-06-05 16:23:02 +02:00
|
|
|
tt_int_op(ret, OP_EQ, 1);
|
2016-03-15 19:18:03 +01:00
|
|
|
tor_cert_free(parsed_cert);
|
|
|
|
|
|
|
|
/* Get to the end part of the certificate. */
|
|
|
|
pos += b64_cert_len;
|
2017-06-05 16:23:02 +02:00
|
|
|
tt_int_op(strcmpstart(pos, "-----END ED25519 CERT-----"), OP_EQ, 0);
|
2016-03-15 19:18:03 +01:00
|
|
|
pos += strlen("-----END ED25519 CERT-----");
|
2017-09-12 23:20:09 +02:00
|
|
|
tt_str_op(pos, OP_EQ, "");
|
2016-03-15 19:18:03 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
done:
|
|
|
|
tor_cert_free(cert);
|
2016-11-04 19:00:08 +01:00
|
|
|
tor_free(encoded);
|
2016-03-15 19:18:03 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
/* Test the descriptor padding. */
|
|
|
|
static void
|
|
|
|
test_descriptor_padding(void *arg)
|
|
|
|
{
|
|
|
|
char *plaintext;
|
|
|
|
size_t plaintext_len, padded_len;
|
|
|
|
uint8_t *padded_plaintext = NULL;
|
|
|
|
|
|
|
|
/* Example: if l = 129, the ceiled division gives 2 and then multiplied by 128
|
|
|
|
* to give 256. With l = 127, ceiled division gives 1 then times 128. */
|
|
|
|
#define PADDING_EXPECTED_LEN(l) \
|
2017-02-24 11:44:34 +01:00
|
|
|
CEIL_DIV(l, HS_DESC_SUPERENC_PLAINTEXT_PAD_MULTIPLE) * \
|
|
|
|
HS_DESC_SUPERENC_PLAINTEXT_PAD_MULTIPLE
|
2016-03-15 19:18:03 +01:00
|
|
|
|
|
|
|
(void) arg;
|
|
|
|
|
|
|
|
{ /* test #1: no padding */
|
2017-02-24 11:44:34 +01:00
|
|
|
plaintext_len = HS_DESC_SUPERENC_PLAINTEXT_PAD_MULTIPLE;
|
2016-03-15 19:18:03 +01:00
|
|
|
plaintext = tor_malloc(plaintext_len);
|
|
|
|
padded_len = build_plaintext_padding(plaintext, plaintext_len,
|
|
|
|
&padded_plaintext);
|
|
|
|
tt_assert(padded_plaintext);
|
|
|
|
tor_free(plaintext);
|
|
|
|
/* Make sure our padding has been zeroed. */
|
|
|
|
tt_int_op(tor_mem_is_zero((char *) padded_plaintext + plaintext_len,
|
|
|
|
padded_len - plaintext_len), OP_EQ, 1);
|
|
|
|
tor_free(padded_plaintext);
|
|
|
|
/* Never never have a padded length smaller than the plaintext. */
|
|
|
|
tt_int_op(padded_len, OP_GE, plaintext_len);
|
|
|
|
tt_int_op(padded_len, OP_EQ, PADDING_EXPECTED_LEN(plaintext_len));
|
|
|
|
}
|
|
|
|
|
|
|
|
{ /* test #2: one byte padding? */
|
2017-02-24 11:44:34 +01:00
|
|
|
plaintext_len = HS_DESC_SUPERENC_PLAINTEXT_PAD_MULTIPLE - 1;
|
2016-03-15 19:18:03 +01:00
|
|
|
plaintext = tor_malloc(plaintext_len);
|
|
|
|
padded_plaintext = NULL;
|
|
|
|
padded_len = build_plaintext_padding(plaintext, plaintext_len,
|
|
|
|
&padded_plaintext);
|
|
|
|
tt_assert(padded_plaintext);
|
|
|
|
tor_free(plaintext);
|
|
|
|
/* Make sure our padding has been zeroed. */
|
|
|
|
tt_int_op(tor_mem_is_zero((char *) padded_plaintext + plaintext_len,
|
|
|
|
padded_len - plaintext_len), OP_EQ, 1);
|
|
|
|
tor_free(padded_plaintext);
|
|
|
|
/* Never never have a padded length smaller than the plaintext. */
|
|
|
|
tt_int_op(padded_len, OP_GE, plaintext_len);
|
|
|
|
tt_int_op(padded_len, OP_EQ, PADDING_EXPECTED_LEN(plaintext_len));
|
|
|
|
}
|
|
|
|
|
|
|
|
{ /* test #3: Lots more bytes of padding? */
|
2017-02-24 11:44:34 +01:00
|
|
|
plaintext_len = HS_DESC_SUPERENC_PLAINTEXT_PAD_MULTIPLE + 1;
|
2016-03-15 19:18:03 +01:00
|
|
|
plaintext = tor_malloc(plaintext_len);
|
|
|
|
padded_plaintext = NULL;
|
|
|
|
padded_len = build_plaintext_padding(plaintext, plaintext_len,
|
|
|
|
&padded_plaintext);
|
|
|
|
tt_assert(padded_plaintext);
|
|
|
|
tor_free(plaintext);
|
|
|
|
/* Make sure our padding has been zeroed. */
|
|
|
|
tt_int_op(tor_mem_is_zero((char *) padded_plaintext + plaintext_len,
|
|
|
|
padded_len - plaintext_len), OP_EQ, 1);
|
|
|
|
tor_free(padded_plaintext);
|
|
|
|
/* Never never have a padded length smaller than the plaintext. */
|
|
|
|
tt_int_op(padded_len, OP_GE, plaintext_len);
|
|
|
|
tt_int_op(padded_len, OP_EQ, PADDING_EXPECTED_LEN(plaintext_len));
|
|
|
|
}
|
|
|
|
|
|
|
|
done:
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
static void
|
|
|
|
test_link_specifier(void *arg)
|
|
|
|
{
|
|
|
|
ssize_t ret;
|
|
|
|
hs_desc_link_specifier_t spec;
|
|
|
|
smartlist_t *link_specifiers = smartlist_new();
|
2018-06-23 12:39:20 +02:00
|
|
|
char buf[256];
|
|
|
|
char *b64 = NULL;
|
|
|
|
link_specifier_t *ls = NULL;
|
2016-03-15 19:18:03 +01:00
|
|
|
|
|
|
|
(void) arg;
|
|
|
|
|
|
|
|
/* Always this port. */
|
|
|
|
spec.u.ap.port = 42;
|
|
|
|
smartlist_add(link_specifiers, &spec);
|
|
|
|
|
|
|
|
/* Test IPv4 for starter. */
|
|
|
|
{
|
|
|
|
uint32_t ipv4;
|
|
|
|
|
|
|
|
spec.type = LS_IPV4;
|
|
|
|
ret = tor_addr_parse(&spec.u.ap.addr, "1.2.3.4");
|
2017-06-05 16:23:02 +02:00
|
|
|
tt_int_op(ret, OP_EQ, AF_INET);
|
2016-03-15 19:18:03 +01:00
|
|
|
b64 = encode_link_specifiers(link_specifiers);
|
|
|
|
tt_assert(b64);
|
|
|
|
|
|
|
|
/* Decode it and validate the format. */
|
|
|
|
ret = base64_decode(buf, sizeof(buf), b64, strlen(b64));
|
2017-06-05 16:23:02 +02:00
|
|
|
tt_int_op(ret, OP_GT, 0);
|
2016-03-15 19:18:03 +01:00
|
|
|
/* First byte is the number of link specifier. */
|
2017-06-05 16:23:02 +02:00
|
|
|
tt_int_op(get_uint8(buf), OP_EQ, 1);
|
2016-03-15 19:18:03 +01:00
|
|
|
ret = link_specifier_parse(&ls, (uint8_t *) buf + 1, ret - 1);
|
2017-06-05 16:23:02 +02:00
|
|
|
tt_int_op(ret, OP_EQ, 8);
|
2016-03-15 19:18:03 +01:00
|
|
|
/* Should be 2 bytes for port and 4 bytes for IPv4. */
|
2017-06-05 16:23:02 +02:00
|
|
|
tt_int_op(link_specifier_get_ls_len(ls), OP_EQ, 6);
|
2016-03-15 19:18:03 +01:00
|
|
|
ipv4 = link_specifier_get_un_ipv4_addr(ls);
|
2017-06-05 16:23:02 +02:00
|
|
|
tt_int_op(tor_addr_to_ipv4h(&spec.u.ap.addr), OP_EQ, ipv4);
|
|
|
|
tt_int_op(link_specifier_get_un_ipv4_port(ls), OP_EQ, spec.u.ap.port);
|
2016-03-15 19:18:03 +01:00
|
|
|
|
|
|
|
link_specifier_free(ls);
|
2018-06-29 19:48:36 +02:00
|
|
|
ls = NULL;
|
2016-03-15 19:18:03 +01:00
|
|
|
tor_free(b64);
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Test IPv6. */
|
|
|
|
{
|
|
|
|
uint8_t ipv6[16];
|
|
|
|
|
|
|
|
spec.type = LS_IPV6;
|
|
|
|
ret = tor_addr_parse(&spec.u.ap.addr, "[1:2:3:4::]");
|
2017-06-05 16:23:02 +02:00
|
|
|
tt_int_op(ret, OP_EQ, AF_INET6);
|
2016-03-15 19:18:03 +01:00
|
|
|
b64 = encode_link_specifiers(link_specifiers);
|
|
|
|
tt_assert(b64);
|
|
|
|
|
|
|
|
/* Decode it and validate the format. */
|
|
|
|
ret = base64_decode(buf, sizeof(buf), b64, strlen(b64));
|
2017-06-05 16:23:02 +02:00
|
|
|
tt_int_op(ret, OP_GT, 0);
|
2016-03-15 19:18:03 +01:00
|
|
|
/* First byte is the number of link specifier. */
|
2017-06-05 16:23:02 +02:00
|
|
|
tt_int_op(get_uint8(buf), OP_EQ, 1);
|
2016-03-15 19:18:03 +01:00
|
|
|
ret = link_specifier_parse(&ls, (uint8_t *) buf + 1, ret - 1);
|
2017-06-05 16:23:02 +02:00
|
|
|
tt_int_op(ret, OP_EQ, 20);
|
2016-03-15 19:18:03 +01:00
|
|
|
/* Should be 2 bytes for port and 16 bytes for IPv6. */
|
2017-06-05 16:23:02 +02:00
|
|
|
tt_int_op(link_specifier_get_ls_len(ls), OP_EQ, 18);
|
2016-03-15 19:18:03 +01:00
|
|
|
for (unsigned int i = 0; i < sizeof(ipv6); i++) {
|
|
|
|
ipv6[i] = link_specifier_get_un_ipv6_addr(ls, i);
|
|
|
|
}
|
2017-06-05 16:38:20 +02:00
|
|
|
tt_mem_op(tor_addr_to_in6_addr8(&spec.u.ap.addr), OP_EQ, ipv6,
|
|
|
|
sizeof(ipv6));
|
2017-06-05 16:23:02 +02:00
|
|
|
tt_int_op(link_specifier_get_un_ipv6_port(ls), OP_EQ, spec.u.ap.port);
|
2016-03-15 19:18:03 +01:00
|
|
|
|
|
|
|
link_specifier_free(ls);
|
2018-06-29 19:48:36 +02:00
|
|
|
ls = NULL;
|
2016-03-15 19:18:03 +01:00
|
|
|
tor_free(b64);
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Test legacy. */
|
|
|
|
{
|
|
|
|
uint8_t *id;
|
|
|
|
|
|
|
|
spec.type = LS_LEGACY_ID;
|
|
|
|
memset(spec.u.legacy_id, 'Y', sizeof(spec.u.legacy_id));
|
|
|
|
b64 = encode_link_specifiers(link_specifiers);
|
|
|
|
tt_assert(b64);
|
|
|
|
|
|
|
|
/* Decode it and validate the format. */
|
|
|
|
ret = base64_decode(buf, sizeof(buf), b64, strlen(b64));
|
2017-06-05 16:23:02 +02:00
|
|
|
tt_int_op(ret, OP_GT, 0);
|
2016-03-15 19:18:03 +01:00
|
|
|
/* First byte is the number of link specifier. */
|
2017-06-05 16:23:02 +02:00
|
|
|
tt_int_op(get_uint8(buf), OP_EQ, 1);
|
2016-03-15 19:18:03 +01:00
|
|
|
ret = link_specifier_parse(&ls, (uint8_t *) buf + 1, ret - 1);
|
|
|
|
/* 20 bytes digest + 1 byte type + 1 byte len. */
|
2017-06-05 16:23:02 +02:00
|
|
|
tt_int_op(ret, OP_EQ, 22);
|
2016-03-15 19:18:03 +01:00
|
|
|
tt_int_op(link_specifier_getlen_un_legacy_id(ls), OP_EQ, DIGEST_LEN);
|
|
|
|
/* Digest length is 20 bytes. */
|
|
|
|
tt_int_op(link_specifier_get_ls_len(ls), OP_EQ, DIGEST_LEN);
|
|
|
|
id = link_specifier_getarray_un_legacy_id(ls);
|
|
|
|
tt_mem_op(spec.u.legacy_id, OP_EQ, id, DIGEST_LEN);
|
|
|
|
|
|
|
|
link_specifier_free(ls);
|
2018-06-29 19:48:36 +02:00
|
|
|
ls = NULL;
|
2016-03-15 19:18:03 +01:00
|
|
|
tor_free(b64);
|
|
|
|
}
|
|
|
|
|
|
|
|
done:
|
2018-06-23 12:39:20 +02:00
|
|
|
link_specifier_free(ls);
|
|
|
|
tor_free(b64);
|
2016-11-04 19:35:15 +01:00
|
|
|
smartlist_free(link_specifiers);
|
2016-03-15 19:18:03 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
static void
|
|
|
|
test_encode_descriptor(void *arg)
|
|
|
|
{
|
|
|
|
int ret;
|
2016-12-05 03:30:26 +01:00
|
|
|
ed25519_keypair_t signing_kp;
|
|
|
|
hs_descriptor_t *desc = NULL;
|
2016-03-15 19:18:03 +01:00
|
|
|
|
|
|
|
(void) arg;
|
|
|
|
|
2016-12-05 03:30:26 +01:00
|
|
|
ret = ed25519_keypair_generate(&signing_kp, 0);
|
2017-06-05 16:23:02 +02:00
|
|
|
tt_int_op(ret, OP_EQ, 0);
|
2017-04-07 16:28:57 +02:00
|
|
|
desc = hs_helper_build_hs_desc_with_ip(&signing_kp);
|
2016-03-15 19:18:03 +01:00
|
|
|
|
2018-04-14 12:50:07 +02:00
|
|
|
{
|
|
|
|
char *encoded = NULL;
|
|
|
|
ret = hs_desc_encode_descriptor(desc, &signing_kp, NULL, &encoded);
|
|
|
|
tt_int_op(ret, OP_EQ, 0);
|
|
|
|
tt_assert(encoded);
|
|
|
|
|
|
|
|
tor_free(encoded);
|
|
|
|
}
|
|
|
|
|
|
|
|
{
|
|
|
|
char *encoded = NULL;
|
|
|
|
uint8_t descriptor_cookie[HS_DESC_DESCRIPTOR_COOKIE_LEN];
|
|
|
|
|
|
|
|
crypto_strongest_rand(descriptor_cookie, sizeof(descriptor_cookie));
|
|
|
|
|
|
|
|
ret = hs_desc_encode_descriptor(desc, &signing_kp,
|
|
|
|
descriptor_cookie, &encoded);
|
|
|
|
tt_int_op(ret, OP_EQ, 0);
|
|
|
|
tt_assert(encoded);
|
|
|
|
|
|
|
|
tor_free(encoded);
|
|
|
|
}
|
2016-03-15 19:18:03 +01:00
|
|
|
done:
|
|
|
|
hs_descriptor_free(desc);
|
|
|
|
}
|
|
|
|
|
|
|
|
static void
|
|
|
|
test_decode_descriptor(void *arg)
|
|
|
|
{
|
|
|
|
int ret;
|
2018-04-21 20:13:50 +02:00
|
|
|
int i;
|
2016-03-15 19:18:03 +01:00
|
|
|
char *encoded = NULL;
|
2016-12-05 03:30:26 +01:00
|
|
|
ed25519_keypair_t signing_kp;
|
|
|
|
hs_descriptor_t *desc = NULL;
|
2016-03-15 19:18:03 +01:00
|
|
|
hs_descriptor_t *decoded = NULL;
|
2016-11-04 19:27:45 +01:00
|
|
|
hs_descriptor_t *desc_no_ip = NULL;
|
2017-06-01 14:11:03 +02:00
|
|
|
uint8_t subcredential[DIGEST256_LEN];
|
2016-03-15 19:18:03 +01:00
|
|
|
|
|
|
|
(void) arg;
|
|
|
|
|
2016-12-05 03:30:26 +01:00
|
|
|
ret = ed25519_keypair_generate(&signing_kp, 0);
|
2017-06-05 16:23:02 +02:00
|
|
|
tt_int_op(ret, OP_EQ, 0);
|
2017-04-07 16:28:57 +02:00
|
|
|
desc = hs_helper_build_hs_desc_with_ip(&signing_kp);
|
2016-12-05 03:30:26 +01:00
|
|
|
|
2017-06-01 14:11:03 +02:00
|
|
|
hs_helper_get_subcred_from_identity_keypair(&signing_kp,
|
|
|
|
subcredential);
|
|
|
|
|
2016-03-15 19:18:03 +01:00
|
|
|
/* Give some bad stuff to the decoding function. */
|
2018-04-19 17:44:17 +02:00
|
|
|
ret = hs_desc_decode_descriptor("hladfjlkjadf", subcredential,
|
|
|
|
NULL, &decoded);
|
2016-03-15 19:18:03 +01:00
|
|
|
tt_int_op(ret, OP_EQ, -1);
|
|
|
|
|
2018-04-13 23:04:31 +02:00
|
|
|
ret = hs_desc_encode_descriptor(desc, &signing_kp, NULL, &encoded);
|
2017-06-05 16:23:02 +02:00
|
|
|
tt_int_op(ret, OP_EQ, 0);
|
2016-03-15 19:18:03 +01:00
|
|
|
tt_assert(encoded);
|
|
|
|
|
2018-04-19 17:44:17 +02:00
|
|
|
ret = hs_desc_decode_descriptor(encoded, subcredential, NULL, &decoded);
|
2017-06-05 16:23:02 +02:00
|
|
|
tt_int_op(ret, OP_EQ, 0);
|
2016-03-15 19:18:03 +01:00
|
|
|
tt_assert(decoded);
|
|
|
|
|
2017-04-07 16:28:57 +02:00
|
|
|
hs_helper_desc_equal(desc, decoded);
|
2016-03-15 19:18:03 +01:00
|
|
|
|
|
|
|
/* Decode a descriptor with _no_ introduction points. */
|
|
|
|
{
|
2016-12-05 03:30:26 +01:00
|
|
|
ed25519_keypair_t signing_kp_no_ip;
|
|
|
|
ret = ed25519_keypair_generate(&signing_kp_no_ip, 0);
|
2017-06-05 16:23:02 +02:00
|
|
|
tt_int_op(ret, OP_EQ, 0);
|
2017-06-01 14:11:03 +02:00
|
|
|
hs_helper_get_subcred_from_identity_keypair(&signing_kp_no_ip,
|
|
|
|
subcredential);
|
2017-04-07 16:28:57 +02:00
|
|
|
desc_no_ip = hs_helper_build_hs_desc_no_ip(&signing_kp_no_ip);
|
2016-03-15 19:18:03 +01:00
|
|
|
tt_assert(desc_no_ip);
|
|
|
|
tor_free(encoded);
|
2018-04-13 23:04:31 +02:00
|
|
|
ret = hs_desc_encode_descriptor(desc_no_ip, &signing_kp_no_ip,
|
|
|
|
NULL, &encoded);
|
2017-06-05 16:23:02 +02:00
|
|
|
tt_int_op(ret, OP_EQ, 0);
|
2016-03-15 19:18:03 +01:00
|
|
|
tt_assert(encoded);
|
|
|
|
hs_descriptor_free(decoded);
|
2018-04-19 17:44:17 +02:00
|
|
|
ret = hs_desc_decode_descriptor(encoded, subcredential, NULL, &decoded);
|
2017-06-05 16:23:02 +02:00
|
|
|
tt_int_op(ret, OP_EQ, 0);
|
2016-03-15 19:18:03 +01:00
|
|
|
tt_assert(decoded);
|
|
|
|
}
|
|
|
|
|
2018-04-21 20:13:50 +02:00
|
|
|
/* Decode a descriptor with auth clients. */
|
|
|
|
{
|
|
|
|
uint8_t descriptor_cookie[HS_DESC_DESCRIPTOR_COOKIE_LEN];
|
|
|
|
curve25519_keypair_t auth_ephemeral_kp;
|
|
|
|
curve25519_keypair_t client_kp, invalid_client_kp;
|
|
|
|
smartlist_t *clients;
|
|
|
|
hs_desc_authorized_client_t *client, *fake_client;
|
|
|
|
client = tor_malloc_zero(sizeof(hs_desc_authorized_client_t));
|
|
|
|
|
|
|
|
/* Prepare all the keys needed to build the auth client. */
|
|
|
|
curve25519_keypair_generate(&auth_ephemeral_kp, 0);
|
|
|
|
curve25519_keypair_generate(&client_kp, 0);
|
|
|
|
curve25519_keypair_generate(&invalid_client_kp, 0);
|
|
|
|
crypto_strongest_rand(descriptor_cookie, HS_DESC_DESCRIPTOR_COOKIE_LEN);
|
|
|
|
|
|
|
|
memcpy(&desc->superencrypted_data.auth_ephemeral_pubkey,
|
|
|
|
&auth_ephemeral_kp.pubkey, CURVE25519_PUBKEY_LEN);
|
|
|
|
|
2018-09-06 15:07:27 +02:00
|
|
|
hs_helper_get_subcred_from_identity_keypair(&signing_kp,
|
|
|
|
subcredential);
|
|
|
|
|
2018-04-21 20:13:50 +02:00
|
|
|
/* Build and add the auth client to the descriptor. */
|
|
|
|
clients = desc->superencrypted_data.clients;
|
|
|
|
if (!clients) {
|
|
|
|
clients = smartlist_new();
|
|
|
|
}
|
2018-09-06 15:07:27 +02:00
|
|
|
hs_desc_build_authorized_client(subcredential,
|
|
|
|
&client_kp.pubkey,
|
2018-04-21 20:13:50 +02:00
|
|
|
&auth_ephemeral_kp.seckey,
|
|
|
|
descriptor_cookie, client);
|
|
|
|
smartlist_add(clients, client);
|
|
|
|
|
|
|
|
/* We need to add fake auth clients here. */
|
|
|
|
for (i=0; i < 15; ++i) {
|
2018-09-05 19:37:37 +02:00
|
|
|
fake_client = hs_desc_build_fake_authorized_client();
|
2018-04-21 20:13:50 +02:00
|
|
|
smartlist_add(clients, fake_client);
|
|
|
|
}
|
|
|
|
desc->superencrypted_data.clients = clients;
|
|
|
|
|
|
|
|
/* Test the encoding/decoding in the following lines. */
|
|
|
|
tor_free(encoded);
|
|
|
|
ret = hs_desc_encode_descriptor(desc, &signing_kp,
|
|
|
|
descriptor_cookie, &encoded);
|
|
|
|
tt_int_op(ret, OP_EQ, 0);
|
|
|
|
tt_assert(encoded);
|
|
|
|
|
|
|
|
/* If we do not have the client secret key, the decoding must fail. */
|
|
|
|
hs_descriptor_free(decoded);
|
|
|
|
ret = hs_desc_decode_descriptor(encoded, subcredential,
|
|
|
|
NULL, &decoded);
|
|
|
|
tt_int_op(ret, OP_LT, 0);
|
|
|
|
tt_assert(!decoded);
|
|
|
|
|
|
|
|
/* If we have an invalid client secret key, the decoding must fail. */
|
|
|
|
hs_descriptor_free(decoded);
|
|
|
|
ret = hs_desc_decode_descriptor(encoded, subcredential,
|
|
|
|
&invalid_client_kp.seckey, &decoded);
|
|
|
|
tt_int_op(ret, OP_LT, 0);
|
|
|
|
tt_assert(!decoded);
|
|
|
|
|
|
|
|
/* If we have the client secret key, the decoding must succeed and the
|
|
|
|
* decoded descriptor must be correct. */
|
|
|
|
ret = hs_desc_decode_descriptor(encoded, subcredential,
|
|
|
|
&client_kp.seckey, &decoded);
|
|
|
|
tt_int_op(ret, OP_EQ, 0);
|
|
|
|
tt_assert(decoded);
|
|
|
|
|
|
|
|
hs_helper_desc_equal(desc, decoded);
|
|
|
|
}
|
|
|
|
|
2016-03-15 19:18:03 +01:00
|
|
|
done:
|
|
|
|
hs_descriptor_free(desc);
|
2016-11-04 19:27:45 +01:00
|
|
|
hs_descriptor_free(desc_no_ip);
|
2016-03-15 19:18:03 +01:00
|
|
|
hs_descriptor_free(decoded);
|
|
|
|
tor_free(encoded);
|
|
|
|
}
|
|
|
|
|
|
|
|
static void
|
|
|
|
test_supported_version(void *arg)
|
|
|
|
{
|
|
|
|
int ret;
|
|
|
|
|
|
|
|
(void) arg;
|
|
|
|
|
|
|
|
/* Unsupported. */
|
|
|
|
ret = hs_desc_is_supported_version(42);
|
|
|
|
tt_int_op(ret, OP_EQ, 0);
|
|
|
|
/* To early. */
|
|
|
|
ret = hs_desc_is_supported_version(HS_DESC_SUPPORTED_FORMAT_VERSION_MIN - 1);
|
|
|
|
tt_int_op(ret, OP_EQ, 0);
|
|
|
|
/* One too new. */
|
|
|
|
ret = hs_desc_is_supported_version(HS_DESC_SUPPORTED_FORMAT_VERSION_MAX + 1);
|
|
|
|
tt_int_op(ret, OP_EQ, 0);
|
|
|
|
/* Valid version. */
|
|
|
|
ret = hs_desc_is_supported_version(3);
|
|
|
|
tt_int_op(ret, OP_EQ, 1);
|
|
|
|
|
|
|
|
done:
|
|
|
|
;
|
|
|
|
}
|
|
|
|
|
|
|
|
static void
|
|
|
|
test_encrypted_data_len(void *arg)
|
|
|
|
{
|
|
|
|
int ret;
|
|
|
|
size_t value;
|
|
|
|
|
|
|
|
(void) arg;
|
|
|
|
|
|
|
|
/* No length, error. */
|
|
|
|
ret = encrypted_data_length_is_valid(0);
|
|
|
|
tt_int_op(ret, OP_EQ, 0);
|
|
|
|
/* Valid value. */
|
2017-02-08 13:22:22 +01:00
|
|
|
value = HS_DESC_ENCRYPTED_SALT_LEN + DIGEST256_LEN + 1;
|
2016-03-15 19:18:03 +01:00
|
|
|
ret = encrypted_data_length_is_valid(value);
|
|
|
|
tt_int_op(ret, OP_EQ, 1);
|
|
|
|
|
|
|
|
done:
|
|
|
|
;
|
|
|
|
}
|
|
|
|
|
|
|
|
static void
|
2017-04-07 16:57:27 +02:00
|
|
|
test_decode_invalid_intro_point(void *arg)
|
2016-03-15 19:18:03 +01:00
|
|
|
{
|
|
|
|
int ret;
|
|
|
|
char *encoded_ip = NULL;
|
|
|
|
size_t len_out;
|
2016-11-04 19:21:53 +01:00
|
|
|
hs_desc_intro_point_t *ip = NULL;
|
2016-12-05 03:30:26 +01:00
|
|
|
ed25519_keypair_t signing_kp;
|
2016-03-15 19:18:03 +01:00
|
|
|
hs_descriptor_t *desc = NULL;
|
|
|
|
|
|
|
|
(void) arg;
|
|
|
|
|
2018-01-24 09:55:15 +01:00
|
|
|
/* Separate pieces of a valid encoded introduction point. */
|
2016-03-15 19:18:03 +01:00
|
|
|
const char *intro_point =
|
|
|
|
"introduction-point AQIUMDI5OUYyNjhGQ0E5RDU1Q0QxNTc=";
|
|
|
|
const char *auth_key =
|
|
|
|
"auth-key\n"
|
|
|
|
"-----BEGIN ED25519 CERT-----\n"
|
|
|
|
"AQkACOhAAQW8ltYZMIWpyrfyE/b4Iyi8CNybCwYs6ADk7XfBaxsFAQAgBAD3/BE4\n"
|
|
|
|
"XojGE/N2bW/wgnS9r2qlrkydGyuCKIGayYx3haZ39LD4ZTmSMRxwmplMAqzG/XNP\n"
|
|
|
|
"0Kkpg4p2/VnLFJRdU1SMFo1lgQ4P0bqw7Tgx200fulZ4KUM5z5V7m+a/mgY=\n"
|
|
|
|
"-----END ED25519 CERT-----";
|
|
|
|
const char *enc_key =
|
|
|
|
"enc-key ntor bpZKLsuhxP6woDQ3yVyjm5gUKSk7RjfAijT2qrzbQk0=";
|
|
|
|
const char *enc_key_cert =
|
2017-02-10 20:24:54 +01:00
|
|
|
"enc-key-cert\n"
|
2016-03-15 19:18:03 +01:00
|
|
|
"-----BEGIN ED25519 CERT-----\n"
|
|
|
|
"AQsACOhZAUpNvCZ1aJaaR49lS6MCdsVkhVGVrRqoj0Y2T4SzroAtAQAgBABFOcGg\n"
|
|
|
|
"lbTt1DF5nKTE/gU3Fr8ZtlCIOhu1A+F5LM7fqCUupfesg0KTHwyIZOYQbJuM5/he\n"
|
|
|
|
"/jDNyLy9woPJdjkxywaY2RPUxGjLYtMQV0E8PUxWyICV+7y52fTCYaKpYQw=\n"
|
|
|
|
"-----END ED25519 CERT-----";
|
|
|
|
|
|
|
|
/* Try to decode a junk string. */
|
|
|
|
{
|
|
|
|
hs_descriptor_free(desc);
|
2016-12-27 16:20:13 +01:00
|
|
|
desc = NULL;
|
2016-12-05 03:30:26 +01:00
|
|
|
ret = ed25519_keypair_generate(&signing_kp, 0);
|
2017-06-05 16:23:02 +02:00
|
|
|
tt_int_op(ret, OP_EQ, 0);
|
2017-04-07 16:28:57 +02:00
|
|
|
desc = hs_helper_build_hs_desc_with_ip(&signing_kp);
|
2016-03-15 19:18:03 +01:00
|
|
|
const char *junk = "this is not a descriptor";
|
|
|
|
ip = decode_introduction_point(desc, junk);
|
2017-08-24 21:55:27 +02:00
|
|
|
tt_ptr_op(ip, OP_EQ, NULL);
|
2017-07-20 17:34:32 +02:00
|
|
|
hs_desc_intro_point_free(ip);
|
2016-11-04 19:21:53 +01:00
|
|
|
ip = NULL;
|
2016-03-15 19:18:03 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
/* Invalid link specifiers. */
|
|
|
|
{
|
|
|
|
smartlist_t *lines = smartlist_new();
|
|
|
|
const char *bad_line = "introduction-point blah";
|
|
|
|
smartlist_add(lines, (char *) bad_line);
|
|
|
|
smartlist_add(lines, (char *) auth_key);
|
|
|
|
smartlist_add(lines, (char *) enc_key);
|
|
|
|
smartlist_add(lines, (char *) enc_key_cert);
|
|
|
|
encoded_ip = smartlist_join_strings(lines, "\n", 0, &len_out);
|
|
|
|
tt_assert(encoded_ip);
|
|
|
|
ip = decode_introduction_point(desc, encoded_ip);
|
2017-08-24 21:55:27 +02:00
|
|
|
tt_ptr_op(ip, OP_EQ, NULL);
|
2016-03-15 19:18:03 +01:00
|
|
|
tor_free(encoded_ip);
|
|
|
|
smartlist_free(lines);
|
2017-07-20 17:34:32 +02:00
|
|
|
hs_desc_intro_point_free(ip);
|
2016-11-04 19:21:53 +01:00
|
|
|
ip = NULL;
|
2016-03-15 19:18:03 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
/* Invalid auth key type. */
|
|
|
|
{
|
|
|
|
smartlist_t *lines = smartlist_new();
|
|
|
|
/* Try to put a valid object that our tokenize function will be able to
|
|
|
|
* parse but that has nothing to do with the auth_key. */
|
|
|
|
const char *bad_line =
|
|
|
|
"auth-key\n"
|
|
|
|
"-----BEGIN UNICORN CERT-----\n"
|
|
|
|
"MIGJAoGBAO4bATcW8kW4h6RQQAKEgg+aXCpF4JwbcO6vGZtzXTDB+HdPVQzwqkbh\n"
|
|
|
|
"XzFM6VGArhYw4m31wcP1Z7IwULir7UMnAFd7Zi62aYfU6l+Y1yAoZ1wzu1XBaAMK\n"
|
|
|
|
"ejpwQinW9nzJn7c2f69fVke3pkhxpNdUZ+vplSA/l9iY+y+v+415AgMBAAE=\n"
|
|
|
|
"-----END UNICORN CERT-----";
|
|
|
|
/* Build intro point text. */
|
|
|
|
smartlist_add(lines, (char *) intro_point);
|
|
|
|
smartlist_add(lines, (char *) bad_line);
|
|
|
|
smartlist_add(lines, (char *) enc_key);
|
|
|
|
smartlist_add(lines, (char *) enc_key_cert);
|
|
|
|
encoded_ip = smartlist_join_strings(lines, "\n", 0, &len_out);
|
|
|
|
tt_assert(encoded_ip);
|
|
|
|
ip = decode_introduction_point(desc, encoded_ip);
|
2017-08-24 21:55:27 +02:00
|
|
|
tt_ptr_op(ip, OP_EQ, NULL);
|
2016-03-15 19:18:03 +01:00
|
|
|
tor_free(encoded_ip);
|
|
|
|
smartlist_free(lines);
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Invalid enc-key. */
|
|
|
|
{
|
|
|
|
smartlist_t *lines = smartlist_new();
|
|
|
|
const char *bad_line =
|
|
|
|
"enc-key unicorn bpZKLsuhxP6woDQ3yVyjm5gUKSk7RjfAijT2qrzbQk0=";
|
|
|
|
/* Build intro point text. */
|
|
|
|
smartlist_add(lines, (char *) intro_point);
|
|
|
|
smartlist_add(lines, (char *) auth_key);
|
|
|
|
smartlist_add(lines, (char *) bad_line);
|
|
|
|
smartlist_add(lines, (char *) enc_key_cert);
|
|
|
|
encoded_ip = smartlist_join_strings(lines, "\n", 0, &len_out);
|
|
|
|
tt_assert(encoded_ip);
|
|
|
|
ip = decode_introduction_point(desc, encoded_ip);
|
2017-08-24 21:55:27 +02:00
|
|
|
tt_ptr_op(ip, OP_EQ, NULL);
|
2016-03-15 19:18:03 +01:00
|
|
|
tor_free(encoded_ip);
|
|
|
|
smartlist_free(lines);
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Invalid enc-key object. */
|
|
|
|
{
|
|
|
|
smartlist_t *lines = smartlist_new();
|
|
|
|
const char *bad_line = "enc-key ntor";
|
|
|
|
/* Build intro point text. */
|
|
|
|
smartlist_add(lines, (char *) intro_point);
|
|
|
|
smartlist_add(lines, (char *) auth_key);
|
|
|
|
smartlist_add(lines, (char *) bad_line);
|
|
|
|
smartlist_add(lines, (char *) enc_key_cert);
|
|
|
|
encoded_ip = smartlist_join_strings(lines, "\n", 0, &len_out);
|
|
|
|
tt_assert(encoded_ip);
|
|
|
|
ip = decode_introduction_point(desc, encoded_ip);
|
2017-08-24 21:55:27 +02:00
|
|
|
tt_ptr_op(ip, OP_EQ, NULL);
|
2016-03-15 19:18:03 +01:00
|
|
|
tor_free(encoded_ip);
|
|
|
|
smartlist_free(lines);
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Invalid enc-key base64 curv25519 key. */
|
|
|
|
{
|
|
|
|
smartlist_t *lines = smartlist_new();
|
|
|
|
const char *bad_line = "enc-key ntor blah===";
|
|
|
|
/* Build intro point text. */
|
|
|
|
smartlist_add(lines, (char *) intro_point);
|
|
|
|
smartlist_add(lines, (char *) auth_key);
|
|
|
|
smartlist_add(lines, (char *) bad_line);
|
|
|
|
smartlist_add(lines, (char *) enc_key_cert);
|
|
|
|
encoded_ip = smartlist_join_strings(lines, "\n", 0, &len_out);
|
|
|
|
tt_assert(encoded_ip);
|
|
|
|
ip = decode_introduction_point(desc, encoded_ip);
|
2017-08-24 21:55:27 +02:00
|
|
|
tt_ptr_op(ip, OP_EQ, NULL);
|
2016-03-15 19:18:03 +01:00
|
|
|
tor_free(encoded_ip);
|
|
|
|
smartlist_free(lines);
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Invalid enc-key invalid legacy. */
|
|
|
|
{
|
|
|
|
smartlist_t *lines = smartlist_new();
|
2017-04-07 16:57:27 +02:00
|
|
|
const char *bad_line = "legacy-key blah===";
|
2016-03-15 19:18:03 +01:00
|
|
|
/* Build intro point text. */
|
|
|
|
smartlist_add(lines, (char *) intro_point);
|
|
|
|
smartlist_add(lines, (char *) auth_key);
|
|
|
|
smartlist_add(lines, (char *) bad_line);
|
|
|
|
smartlist_add(lines, (char *) enc_key_cert);
|
|
|
|
encoded_ip = smartlist_join_strings(lines, "\n", 0, &len_out);
|
|
|
|
tt_assert(encoded_ip);
|
|
|
|
ip = decode_introduction_point(desc, encoded_ip);
|
2017-08-24 21:55:27 +02:00
|
|
|
tt_ptr_op(ip, OP_EQ, NULL);
|
2016-03-15 19:18:03 +01:00
|
|
|
tor_free(encoded_ip);
|
|
|
|
smartlist_free(lines);
|
|
|
|
}
|
|
|
|
|
|
|
|
done:
|
|
|
|
hs_descriptor_free(desc);
|
2017-07-20 17:34:32 +02:00
|
|
|
hs_desc_intro_point_free(ip);
|
2016-03-15 19:18:03 +01:00
|
|
|
}
|
|
|
|
|
2017-08-17 22:12:59 +02:00
|
|
|
/** Make sure we fail gracefully when decoding the bad desc from #23233. */
|
|
|
|
static void
|
|
|
|
test_decode_bad_signature(void *arg)
|
|
|
|
{
|
|
|
|
hs_desc_plaintext_data_t desc_plaintext;
|
|
|
|
int ret;
|
|
|
|
|
|
|
|
(void) arg;
|
|
|
|
|
2018-09-10 16:20:58 +02:00
|
|
|
memset(&desc_plaintext, 0, sizeof(desc_plaintext));
|
|
|
|
|
2017-08-17 22:12:59 +02:00
|
|
|
/* Update approx time to dodge cert expiration */
|
|
|
|
update_approx_time(1502661599);
|
|
|
|
|
2017-08-17 22:13:15 +02:00
|
|
|
setup_full_capture_of_logs(LOG_WARN);
|
2017-08-17 22:12:59 +02:00
|
|
|
ret = hs_desc_decode_plaintext(HS_DESC_BAD_SIG, &desc_plaintext);
|
|
|
|
tt_int_op(ret, OP_EQ, -1);
|
2017-08-17 22:13:15 +02:00
|
|
|
expect_log_msg_containing("Malformed signature line. Rejecting.");
|
|
|
|
teardown_capture_of_logs();
|
2017-08-17 22:12:59 +02:00
|
|
|
|
2017-08-24 22:21:44 +02:00
|
|
|
done:
|
2018-05-09 22:14:01 +02:00
|
|
|
hs_desc_plaintext_data_free_contents(&desc_plaintext);
|
2017-08-17 22:12:59 +02:00
|
|
|
}
|
|
|
|
|
2016-03-15 19:18:03 +01:00
|
|
|
static void
|
|
|
|
test_decode_plaintext(void *arg)
|
|
|
|
{
|
|
|
|
int ret;
|
|
|
|
hs_desc_plaintext_data_t desc_plaintext;
|
|
|
|
const char *bad_value = "unicorn";
|
|
|
|
|
|
|
|
(void) arg;
|
|
|
|
|
|
|
|
#define template \
|
|
|
|
"hs-descriptor %s\n" \
|
|
|
|
"descriptor-lifetime %s\n" \
|
|
|
|
"descriptor-signing-key-cert\n" \
|
|
|
|
"-----BEGIN ED25519 CERT-----\n" \
|
|
|
|
"AQgABjvPAQaG3g+dc6oV/oJV4ODAtkvx56uBnPtBT9mYVuHVOhn7AQAgBABUg3mQ\n" \
|
|
|
|
"myBr4bu5LCr53wUEbW2EXui01CbUgU7pfo9LvJG3AcXRojj6HlfsUs9BkzYzYdjF\n" \
|
|
|
|
"A69Apikgu0ewHYkFFASt7Il+gB3w6J8YstQJZT7dtbtl+doM7ug8B68Qdg8=\n" \
|
|
|
|
"-----END ED25519 CERT-----\n" \
|
|
|
|
"revision-counter %s\n" \
|
|
|
|
"encrypted\n" \
|
|
|
|
"-----BEGIN %s-----\n" \
|
|
|
|
"UNICORN\n" \
|
|
|
|
"-----END MESSAGE-----\n" \
|
2016-08-25 00:44:34 +02:00
|
|
|
"signature m20WJH5agqvwhq7QeuEZ1mYyPWQDO+eJOZUjLhAiKu8DbL17DsDfJE6kXbWy" \
|
|
|
|
"HimbNj2we0enV3cCOOAsmPOaAw\n"
|
2016-03-15 19:18:03 +01:00
|
|
|
|
|
|
|
/* Invalid version. */
|
|
|
|
{
|
|
|
|
char *plaintext;
|
|
|
|
tor_asprintf(&plaintext, template, bad_value, "180", "42", "MESSAGE");
|
|
|
|
ret = hs_desc_decode_plaintext(plaintext, &desc_plaintext);
|
|
|
|
tor_free(plaintext);
|
|
|
|
tt_int_op(ret, OP_EQ, -1);
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Missing fields. */
|
|
|
|
{
|
|
|
|
const char *plaintext = "hs-descriptor 3\n";
|
|
|
|
ret = hs_desc_decode_plaintext(plaintext, &desc_plaintext);
|
|
|
|
tt_int_op(ret, OP_EQ, -1);
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Max length. */
|
|
|
|
{
|
|
|
|
size_t big = 64000;
|
|
|
|
/* Must always be bigger than HS_DESC_MAX_LEN. */
|
2017-06-05 16:23:02 +02:00
|
|
|
tt_int_op(HS_DESC_MAX_LEN, OP_LT, big);
|
2016-03-15 19:18:03 +01:00
|
|
|
char *plaintext = tor_malloc_zero(big);
|
|
|
|
memset(plaintext, 'a', big);
|
2016-11-04 19:28:19 +01:00
|
|
|
plaintext[big - 1] = '\0';
|
2016-03-15 19:18:03 +01:00
|
|
|
ret = hs_desc_decode_plaintext(plaintext, &desc_plaintext);
|
|
|
|
tor_free(plaintext);
|
|
|
|
tt_int_op(ret, OP_EQ, -1);
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Bad lifetime value. */
|
|
|
|
{
|
|
|
|
char *plaintext;
|
|
|
|
tor_asprintf(&plaintext, template, "3", bad_value, "42", "MESSAGE");
|
|
|
|
ret = hs_desc_decode_plaintext(plaintext, &desc_plaintext);
|
2016-11-04 19:45:37 +01:00
|
|
|
tor_free(plaintext);
|
2016-03-15 19:18:03 +01:00
|
|
|
tt_int_op(ret, OP_EQ, -1);
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Huge lifetime value. */
|
|
|
|
{
|
|
|
|
char *plaintext;
|
|
|
|
tor_asprintf(&plaintext, template, "3", "7181615", "42", "MESSAGE");
|
|
|
|
ret = hs_desc_decode_plaintext(plaintext, &desc_plaintext);
|
2016-11-04 19:45:37 +01:00
|
|
|
tor_free(plaintext);
|
2016-03-15 19:18:03 +01:00
|
|
|
tt_int_op(ret, OP_EQ, -1);
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Invalid encrypted section. */
|
|
|
|
{
|
|
|
|
char *plaintext;
|
|
|
|
tor_asprintf(&plaintext, template, "3", "180", "42", bad_value);
|
|
|
|
ret = hs_desc_decode_plaintext(plaintext, &desc_plaintext);
|
2016-11-04 19:45:37 +01:00
|
|
|
tor_free(plaintext);
|
2016-03-15 19:18:03 +01:00
|
|
|
tt_int_op(ret, OP_EQ, -1);
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Invalid revision counter. */
|
|
|
|
{
|
|
|
|
char *plaintext;
|
|
|
|
tor_asprintf(&plaintext, template, "3", "180", bad_value, "MESSAGE");
|
|
|
|
ret = hs_desc_decode_plaintext(plaintext, &desc_plaintext);
|
2016-11-04 19:45:37 +01:00
|
|
|
tor_free(plaintext);
|
2016-03-15 19:18:03 +01:00
|
|
|
tt_int_op(ret, OP_EQ, -1);
|
|
|
|
}
|
|
|
|
|
|
|
|
done:
|
|
|
|
;
|
|
|
|
}
|
|
|
|
|
|
|
|
static void
|
|
|
|
test_validate_cert(void *arg)
|
|
|
|
{
|
|
|
|
int ret;
|
|
|
|
time_t now = time(NULL);
|
|
|
|
ed25519_keypair_t kp;
|
2016-11-04 19:21:53 +01:00
|
|
|
tor_cert_t *cert = NULL;
|
2016-03-15 19:18:03 +01:00
|
|
|
|
|
|
|
(void) arg;
|
|
|
|
|
|
|
|
ret = ed25519_keypair_generate(&kp, 0);
|
2017-06-05 16:23:02 +02:00
|
|
|
tt_int_op(ret, OP_EQ, 0);
|
2016-03-15 19:18:03 +01:00
|
|
|
|
2016-09-14 21:05:48 +02:00
|
|
|
/* Cert of type CERT_TYPE_AUTH_HS_IP_KEY. */
|
2016-11-04 19:21:53 +01:00
|
|
|
cert = tor_cert_create(&kp, CERT_TYPE_AUTH_HS_IP_KEY,
|
2016-03-15 19:18:03 +01:00
|
|
|
&kp.pubkey, now, 3600,
|
|
|
|
CERT_FLAG_INCLUDE_SIGNING_KEY);
|
|
|
|
tt_assert(cert);
|
|
|
|
/* Test with empty certificate. */
|
2016-09-14 21:05:48 +02:00
|
|
|
ret = cert_is_valid(NULL, CERT_TYPE_AUTH_HS_IP_KEY, "unicorn");
|
2016-03-15 19:18:03 +01:00
|
|
|
tt_int_op(ret, OP_EQ, 0);
|
|
|
|
/* Test with a bad type. */
|
2016-09-14 21:05:48 +02:00
|
|
|
ret = cert_is_valid(cert, CERT_TYPE_SIGNING_HS_DESC, "unicorn");
|
2016-03-15 19:18:03 +01:00
|
|
|
tt_int_op(ret, OP_EQ, 0);
|
|
|
|
/* Normal validation. */
|
2016-09-14 21:05:48 +02:00
|
|
|
ret = cert_is_valid(cert, CERT_TYPE_AUTH_HS_IP_KEY, "unicorn");
|
2016-03-15 19:18:03 +01:00
|
|
|
tt_int_op(ret, OP_EQ, 1);
|
|
|
|
/* Break signing key so signature verification will fails. */
|
|
|
|
memset(&cert->signing_key, 0, sizeof(cert->signing_key));
|
2016-09-14 21:05:48 +02:00
|
|
|
ret = cert_is_valid(cert, CERT_TYPE_AUTH_HS_IP_KEY, "unicorn");
|
2016-03-15 19:18:03 +01:00
|
|
|
tt_int_op(ret, OP_EQ, 0);
|
|
|
|
tor_cert_free(cert);
|
|
|
|
|
|
|
|
/* Try a cert without including the signing key. */
|
2016-11-04 19:00:08 +01:00
|
|
|
cert = tor_cert_create(&kp, CERT_TYPE_AUTH_HS_IP_KEY, &kp.pubkey, now,
|
|
|
|
3600, 0);
|
2016-03-15 19:18:03 +01:00
|
|
|
tt_assert(cert);
|
|
|
|
/* Test with a bad type. */
|
2016-09-14 21:05:48 +02:00
|
|
|
ret = cert_is_valid(cert, CERT_TYPE_AUTH_HS_IP_KEY, "unicorn");
|
2016-03-15 19:18:03 +01:00
|
|
|
tt_int_op(ret, OP_EQ, 0);
|
|
|
|
|
|
|
|
done:
|
2016-11-04 19:21:53 +01:00
|
|
|
tor_cert_free(cert);
|
2016-03-15 19:18:03 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
static void
|
|
|
|
test_desc_signature(void *arg)
|
|
|
|
{
|
|
|
|
int ret;
|
2016-11-04 20:24:30 +01:00
|
|
|
char *data = NULL, *desc = NULL;
|
2016-03-15 19:18:03 +01:00
|
|
|
char sig_b64[ED25519_SIG_BASE64_LEN + 1];
|
|
|
|
ed25519_keypair_t kp;
|
|
|
|
ed25519_signature_t sig;
|
|
|
|
|
|
|
|
(void) arg;
|
|
|
|
|
|
|
|
ed25519_keypair_generate(&kp, 0);
|
|
|
|
/* Setup a phoony descriptor but with a valid signature token that is the
|
|
|
|
* signature is verifiable. */
|
|
|
|
tor_asprintf(&data, "This is a signed descriptor\n");
|
|
|
|
ret = ed25519_sign_prefixed(&sig, (const uint8_t *) data, strlen(data),
|
|
|
|
"Tor onion service descriptor sig v3", &kp);
|
2017-06-05 16:23:02 +02:00
|
|
|
tt_int_op(ret, OP_EQ, 0);
|
2016-03-15 19:18:03 +01:00
|
|
|
ret = ed25519_signature_to_base64(sig_b64, &sig);
|
2017-06-05 16:23:02 +02:00
|
|
|
tt_int_op(ret, OP_EQ, 0);
|
2016-03-15 19:18:03 +01:00
|
|
|
/* Build the descriptor that should be valid. */
|
|
|
|
tor_asprintf(&desc, "%ssignature %s\n", data, sig_b64);
|
2016-12-05 03:30:26 +01:00
|
|
|
ret = desc_sig_is_valid(sig_b64, &kp.pubkey, desc, strlen(desc));
|
2017-06-05 16:23:02 +02:00
|
|
|
tt_int_op(ret, OP_EQ, 1);
|
2016-03-15 19:18:03 +01:00
|
|
|
/* Junk signature. */
|
2016-12-05 03:30:26 +01:00
|
|
|
ret = desc_sig_is_valid("JUNK", &kp.pubkey, desc, strlen(desc));
|
2017-06-05 16:23:02 +02:00
|
|
|
tt_int_op(ret, OP_EQ, 0);
|
2016-03-15 19:18:03 +01:00
|
|
|
|
|
|
|
done:
|
|
|
|
tor_free(desc);
|
|
|
|
tor_free(data);
|
|
|
|
}
|
|
|
|
|
2018-04-12 23:56:17 +02:00
|
|
|
static void
|
|
|
|
test_build_authorized_client(void *arg)
|
|
|
|
{
|
|
|
|
int ret;
|
|
|
|
hs_desc_authorized_client_t *desc_client = NULL;
|
|
|
|
uint8_t descriptor_cookie[HS_DESC_DESCRIPTOR_COOKIE_LEN];
|
|
|
|
curve25519_secret_key_t auth_ephemeral_sk;
|
2018-05-21 19:01:52 +02:00
|
|
|
curve25519_secret_key_t client_auth_sk;
|
2018-05-21 19:09:40 +02:00
|
|
|
curve25519_public_key_t client_auth_pk;
|
2018-04-12 23:56:17 +02:00
|
|
|
const char ephemeral_sk_b16[] =
|
|
|
|
"d023b674d993a5c8446bd2ca97e9961149b3c0e88c7dc14e8777744dd3468d6a";
|
|
|
|
const char descriptor_cookie_b16[] =
|
|
|
|
"07d087f1d8c68393721f6e70316d3b29";
|
|
|
|
const char client_pubkey_b16[] =
|
|
|
|
"8c1298fa6050e372f8598f6deca32e27b0ad457741422c2629ebb132cf7fae37";
|
2018-09-06 15:07:27 +02:00
|
|
|
uint8_t subcredential[DIGEST256_LEN];
|
2018-04-12 23:56:17 +02:00
|
|
|
char *mem_op_hex_tmp=NULL;
|
|
|
|
|
|
|
|
(void) arg;
|
|
|
|
|
|
|
|
ret = curve25519_secret_key_generate(&auth_ephemeral_sk, 0);
|
|
|
|
tt_int_op(ret, OP_EQ, 0);
|
|
|
|
|
2018-05-21 19:01:52 +02:00
|
|
|
ret = curve25519_secret_key_generate(&client_auth_sk, 0);
|
2018-04-12 23:56:17 +02:00
|
|
|
tt_int_op(ret, OP_EQ, 0);
|
2018-05-21 19:09:40 +02:00
|
|
|
curve25519_public_key_generate(&client_auth_pk, &client_auth_sk);
|
2018-04-12 23:56:17 +02:00
|
|
|
|
2018-09-06 15:07:27 +02:00
|
|
|
memset(subcredential, 42, sizeof(subcredential));
|
|
|
|
|
2018-04-12 23:56:17 +02:00
|
|
|
desc_client = tor_malloc_zero(sizeof(hs_desc_authorized_client_t));
|
|
|
|
|
|
|
|
base16_decode((char *) &auth_ephemeral_sk,
|
|
|
|
sizeof(auth_ephemeral_sk),
|
|
|
|
ephemeral_sk_b16,
|
|
|
|
strlen(ephemeral_sk_b16));
|
|
|
|
|
|
|
|
base16_decode((char *) descriptor_cookie,
|
|
|
|
sizeof(descriptor_cookie),
|
|
|
|
descriptor_cookie_b16,
|
|
|
|
strlen(descriptor_cookie_b16));
|
|
|
|
|
2018-05-21 19:09:40 +02:00
|
|
|
base16_decode((char *) &client_auth_pk,
|
|
|
|
sizeof(client_auth_pk),
|
2018-04-12 23:56:17 +02:00
|
|
|
client_pubkey_b16,
|
|
|
|
strlen(client_pubkey_b16));
|
|
|
|
|
2018-09-18 18:40:18 +02:00
|
|
|
MOCK(crypto_strongest_rand_, mock_crypto_strongest_rand);
|
2018-04-12 23:56:17 +02:00
|
|
|
|
2018-09-06 15:07:27 +02:00
|
|
|
hs_desc_build_authorized_client(subcredential,
|
|
|
|
&client_auth_pk, &auth_ephemeral_sk,
|
2018-05-21 19:09:40 +02:00
|
|
|
descriptor_cookie, desc_client);
|
2018-04-12 23:56:17 +02:00
|
|
|
|
|
|
|
test_memeq_hex((char *) desc_client->client_id,
|
2018-09-06 15:07:27 +02:00
|
|
|
"EC19B7FF4D2DDA13");
|
2018-04-12 23:56:17 +02:00
|
|
|
test_memeq_hex((char *) desc_client->iv,
|
|
|
|
"01010101010101010101010101010101");
|
|
|
|
test_memeq_hex((char *) desc_client->encrypted_cookie,
|
2018-09-06 15:07:27 +02:00
|
|
|
"B21222BE13F385F355BD07B2381F9F29");
|
2018-04-12 23:56:17 +02:00
|
|
|
|
|
|
|
done:
|
|
|
|
tor_free(desc_client);
|
|
|
|
tor_free(mem_op_hex_tmp);
|
2018-09-18 18:40:18 +02:00
|
|
|
UNMOCK(crypto_strongest_rand_);
|
2018-04-12 23:56:17 +02:00
|
|
|
}
|
|
|
|
|
2016-03-15 19:18:03 +01:00
|
|
|
struct testcase_t hs_descriptor[] = {
|
|
|
|
/* Encoding tests. */
|
|
|
|
{ "cert_encoding", test_cert_encoding, TT_FORK,
|
|
|
|
NULL, NULL },
|
|
|
|
{ "link_specifier", test_link_specifier, TT_FORK,
|
|
|
|
NULL, NULL },
|
|
|
|
{ "encode_descriptor", test_encode_descriptor, TT_FORK,
|
|
|
|
NULL, NULL },
|
|
|
|
{ "descriptor_padding", test_descriptor_padding, TT_FORK,
|
|
|
|
NULL, NULL },
|
|
|
|
|
|
|
|
/* Decoding tests. */
|
|
|
|
{ "decode_descriptor", test_decode_descriptor, TT_FORK,
|
|
|
|
NULL, NULL },
|
|
|
|
{ "encrypted_data_len", test_encrypted_data_len, TT_FORK,
|
|
|
|
NULL, NULL },
|
2017-04-07 16:57:27 +02:00
|
|
|
{ "decode_invalid_intro_point", test_decode_invalid_intro_point, TT_FORK,
|
2016-03-15 19:18:03 +01:00
|
|
|
NULL, NULL },
|
|
|
|
{ "decode_plaintext", test_decode_plaintext, TT_FORK,
|
|
|
|
NULL, NULL },
|
2017-08-17 22:12:59 +02:00
|
|
|
{ "decode_bad_signature", test_decode_bad_signature, TT_FORK,
|
|
|
|
NULL, NULL },
|
2016-03-15 19:18:03 +01:00
|
|
|
|
|
|
|
/* Misc. */
|
|
|
|
{ "version", test_supported_version, TT_FORK,
|
|
|
|
NULL, NULL },
|
|
|
|
{ "validate_cert", test_validate_cert, TT_FORK,
|
|
|
|
NULL, NULL },
|
|
|
|
{ "desc_signature", test_desc_signature, TT_FORK,
|
|
|
|
NULL, NULL },
|
2018-04-12 23:56:17 +02:00
|
|
|
{ "build_authorized_client", test_build_authorized_client, TT_FORK,
|
|
|
|
NULL, NULL },
|
2016-03-15 19:18:03 +01:00
|
|
|
|
|
|
|
END_OF_TESTCASES
|
|
|
|
};
|