From 10f4c46e50478e7620f3c23413ddd292d883e8ca Mon Sep 17 00:00:00 2001
From: Suphanat Chunhapanya <haxx.pop@gmail.com>
Date: Fri, 13 Apr 2018 04:56:17 +0700
Subject: [PATCH] test: Build an HSv3 descriptor with authorized client

Signed-off-by: David Goulet <dgoulet@torproject.org>
---
 src/lib/crypt_ops/crypto_rand.c |  4 +-
 src/lib/crypt_ops/crypto_rand.h |  2 +-
 src/test/test_hs_descriptor.c   | 70 +++++++++++++++++++++++++++++++++
 3 files changed, 73 insertions(+), 3 deletions(-)

diff --git a/src/lib/crypt_ops/crypto_rand.c b/src/lib/crypt_ops/crypto_rand.c
index fb9d0c2c6c..554777cf58 100644
--- a/src/lib/crypt_ops/crypto_rand.c
+++ b/src/lib/crypt_ops/crypto_rand.c
@@ -319,8 +319,8 @@ crypto_strongest_rand_raw(uint8_t *out, size_t out_len)
  * Try to get <b>out_len</b> bytes of the strongest entropy we can generate,
  * storing it into <b>out</b>.
  **/
-void
-crypto_strongest_rand(uint8_t *out, size_t out_len)
+MOCK_IMPL(void,
+crypto_strongest_rand,(uint8_t *out, size_t out_len))
 {
 #define DLEN SHA512_DIGEST_LENGTH
   /* We're going to hash DLEN bytes from the system RNG together with some
diff --git a/src/lib/crypt_ops/crypto_rand.h b/src/lib/crypt_ops/crypto_rand.h
index 938f11909e..25bcfa1f1c 100644
--- a/src/lib/crypt_ops/crypto_rand.h
+++ b/src/lib/crypt_ops/crypto_rand.h
@@ -21,7 +21,7 @@
 int crypto_seed_rng(void) ATTR_WUR;
 MOCK_DECL(void,crypto_rand,(char *to, size_t n));
 void crypto_rand_unmocked(char *to, size_t n);
-void crypto_strongest_rand(uint8_t *out, size_t out_len);
+MOCK_DECL(void,crypto_strongest_rand,(uint8_t *out, size_t out_len));
 int crypto_rand_int(unsigned int max);
 int crypto_rand_int_range(unsigned int min, unsigned int max);
 uint64_t crypto_rand_uint64_range(uint64_t min, uint64_t max);
diff --git a/src/test/test_hs_descriptor.c b/src/test/test_hs_descriptor.c
index 9a7e66eaea..9191b74d9d 100644
--- a/src/test/test_hs_descriptor.c
+++ b/src/test/test_hs_descriptor.c
@@ -30,6 +30,13 @@ DISABLE_GCC_WARNING(overlength-strings)
 #include "test_hs_descriptor.inc"
 ENABLE_GCC_WARNING(overlength-strings)
 
+/* Mock function to fill all bytes with 1 */
+static void
+mock_crypto_strongest_rand(uint8_t *out, size_t out_len)
+{
+  memset(out, 1, out_len);
+}
+
 /* Test certificate encoding put in a descriptor. */
 static void
 test_cert_encoding(void *arg)
@@ -764,6 +771,67 @@ test_desc_signature(void *arg)
   tor_free(data);
 }
 
+static void
+test_build_authorized_client(void *arg)
+{
+  int ret;
+  hs_desc_authorized_client_t *desc_client = NULL;
+  uint8_t descriptor_cookie[HS_DESC_DESCRIPTOR_COOKIE_LEN];
+  curve25519_secret_key_t auth_ephemeral_sk;
+  curve25519_secret_key_t client_sk;
+  curve25519_public_key_t client_pk;
+  const char ephemeral_sk_b16[] =
+    "d023b674d993a5c8446bd2ca97e9961149b3c0e88c7dc14e8777744dd3468d6a";
+  const char descriptor_cookie_b16[] =
+    "07d087f1d8c68393721f6e70316d3b29";
+  const char client_pubkey_b16[] =
+    "8c1298fa6050e372f8598f6deca32e27b0ad457741422c2629ebb132cf7fae37";
+  char *mem_op_hex_tmp=NULL;
+
+  (void) arg;
+
+  ret = curve25519_secret_key_generate(&auth_ephemeral_sk, 0);
+  tt_int_op(ret, OP_EQ, 0);
+
+  ret = curve25519_secret_key_generate(&client_sk, 0);
+  tt_int_op(ret, OP_EQ, 0);
+  curve25519_public_key_generate(&client_pk, &client_sk);
+
+  desc_client = tor_malloc_zero(sizeof(hs_desc_authorized_client_t));
+
+  base16_decode((char *) &auth_ephemeral_sk,
+                sizeof(auth_ephemeral_sk),
+                ephemeral_sk_b16,
+                strlen(ephemeral_sk_b16));
+
+  base16_decode((char *) descriptor_cookie,
+                sizeof(descriptor_cookie),
+                descriptor_cookie_b16,
+                strlen(descriptor_cookie_b16));
+
+  base16_decode((char *) &client_pk,
+                sizeof(client_pk),
+                client_pubkey_b16,
+                strlen(client_pubkey_b16));
+
+  MOCK(crypto_strongest_rand, mock_crypto_strongest_rand);
+
+  hs_desc_build_authorized_client(&client_pk, &auth_ephemeral_sk,
+                               descriptor_cookie, desc_client);
+
+  test_memeq_hex((char *) desc_client->client_id,
+                 "b514ef67192cad5f");
+  test_memeq_hex((char *) desc_client->iv,
+                "01010101010101010101010101010101");
+  test_memeq_hex((char *) desc_client->encrypted_cookie,
+                "46860a9df37b9f6d708E0D7E730C10C1");
+
+ done:
+  tor_free(desc_client);
+  tor_free(mem_op_hex_tmp);
+  UNMOCK(crypto_strongest_rand);
+}
+
 /* bad desc auth type */
 static const char bad_superencrypted_text1[] = "desc-auth-type scoobysnack\n"
   "desc-auth-ephemeral-key A/O8DVtnUheb3r1JqoB8uJB7wxXL1XJX3eny4yB+eFA=\n"
@@ -891,6 +959,8 @@ struct testcase_t hs_descriptor[] = {
     NULL, NULL },
   { "desc_signature", test_desc_signature, TT_FORK,
     NULL, NULL },
+  { "build_authorized_client", test_build_authorized_client, TT_FORK,
+    NULL, NULL },
 
   { "parse_hs_desc_superencrypted", test_parse_hs_desc_superencrypted,
     TT_FORK, NULL, NULL },