test_hs_ntor_cl.c 8.8 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255
  1. /* Copyright (c) 2017, The Tor Project, Inc. */
  2. /* See LICENSE for licensing information */
  3. /** This is a wrapper over the little-t-tor HS ntor functions. The wrapper is
  4. * used by src/test/hs_ntor_ref.py to conduct the HS ntor integration
  5. * tests.
  6. *
  7. * The logic of this wrapper is basically copied from src/test/test_ntor_cl.c
  8. */
  9. #include "orconfig.h"
  10. #include <stdio.h>
  11. #include <stdlib.h>
  12. #define ONION_NTOR_PRIVATE
  13. #include "or.h"
  14. #include "util.h"
  15. #include "compat.h"
  16. #include "crypto.h"
  17. #include "crypto_curve25519.h"
  18. #include "hs_ntor.h"
  19. #include "onion_ntor.h"
  20. #define N_ARGS(n) STMT_BEGIN { \
  21. if (argc < (n)) { \
  22. fprintf(stderr, "%s needs %d arguments.\n",argv[1],n); \
  23. return 1; \
  24. } \
  25. } STMT_END
  26. #define BASE16(idx, var, n) STMT_BEGIN { \
  27. const char *s = argv[(idx)]; \
  28. if (base16_decode((char*)var, n, s, strlen(s)) < (int)n ) { \
  29. fprintf(stderr, "couldn't decode argument %d (%s)\n",idx,s); \
  30. return 1; \
  31. } \
  32. } STMT_END
  33. #define INT(idx, var) STMT_BEGIN { \
  34. var = atoi(argv[(idx)]); \
  35. if (var <= 0) { \
  36. fprintf(stderr, "bad integer argument %d (%s)\n",idx,argv[(idx)]); \
  37. } \
  38. } STMT_END
  39. /** The first part of the HS ntor protocol. The client-side computes all
  40. necessary key material and sends the appropriate message to the service. */
  41. static int
  42. client1(int argc, char **argv)
  43. {
  44. int retval;
  45. /* Inputs */
  46. curve25519_public_key_t intro_enc_pubkey;
  47. ed25519_public_key_t intro_auth_pubkey;
  48. curve25519_keypair_t client_ephemeral_enc_keypair;
  49. uint8_t subcredential[DIGEST256_LEN];
  50. /* Output */
  51. hs_ntor_intro_cell_keys_t hs_ntor_intro_cell_keys;
  52. char buf[256];
  53. N_ARGS(6);
  54. BASE16(2, intro_auth_pubkey.pubkey, ED25519_PUBKEY_LEN);
  55. BASE16(3, intro_enc_pubkey.public_key, CURVE25519_PUBKEY_LEN);
  56. BASE16(4, client_ephemeral_enc_keypair.seckey.secret_key,
  57. CURVE25519_SECKEY_LEN);
  58. BASE16(5, subcredential, DIGEST256_LEN);
  59. /* Generate keypair */
  60. curve25519_public_key_generate(&client_ephemeral_enc_keypair.pubkey,
  61. &client_ephemeral_enc_keypair.seckey);
  62. retval = hs_ntor_client_get_introduce1_keys(&intro_auth_pubkey,
  63. &intro_enc_pubkey,
  64. &client_ephemeral_enc_keypair,
  65. subcredential,
  66. &hs_ntor_intro_cell_keys);
  67. if (retval < 0) {
  68. goto done;
  69. }
  70. /* Send ENC_KEY */
  71. base16_encode(buf, sizeof(buf),
  72. (const char*)hs_ntor_intro_cell_keys.enc_key,
  73. sizeof(hs_ntor_intro_cell_keys.enc_key));
  74. printf("%s\n", buf);
  75. /* Send MAC_KEY */
  76. base16_encode(buf, sizeof(buf),
  77. (const char*)hs_ntor_intro_cell_keys.mac_key,
  78. sizeof(hs_ntor_intro_cell_keys.mac_key));
  79. printf("%s\n", buf);
  80. done:
  81. return retval;
  82. }
  83. /** The second part of the HS ntor protocol. The service-side computes all
  84. necessary key material and sends the appropriate message to the client */
  85. static int
  86. server1(int argc, char **argv)
  87. {
  88. int retval;
  89. /* Inputs */
  90. curve25519_keypair_t intro_enc_keypair;
  91. ed25519_public_key_t intro_auth_pubkey;
  92. curve25519_public_key_t client_ephemeral_enc_pubkey;
  93. uint8_t subcredential[DIGEST256_LEN];
  94. /* Output */
  95. hs_ntor_intro_cell_keys_t hs_ntor_intro_cell_keys;
  96. hs_ntor_rend_cell_keys_t hs_ntor_rend_cell_keys;
  97. curve25519_keypair_t service_ephemeral_rend_keypair;
  98. char buf[256];
  99. N_ARGS(6);
  100. BASE16(2, intro_auth_pubkey.pubkey, ED25519_PUBKEY_LEN);
  101. BASE16(3, intro_enc_keypair.seckey.secret_key, CURVE25519_SECKEY_LEN);
  102. BASE16(4, client_ephemeral_enc_pubkey.public_key, CURVE25519_PUBKEY_LEN);
  103. BASE16(5, subcredential, DIGEST256_LEN);
  104. /* Generate keypair */
  105. curve25519_public_key_generate(&intro_enc_keypair.pubkey,
  106. &intro_enc_keypair.seckey);
  107. curve25519_keypair_generate(&service_ephemeral_rend_keypair, 0);
  108. /* Get INTRODUCE1 keys */
  109. retval = hs_ntor_service_get_introduce1_keys(&intro_auth_pubkey,
  110. &intro_enc_keypair,
  111. &client_ephemeral_enc_pubkey,
  112. subcredential,
  113. &hs_ntor_intro_cell_keys);
  114. if (retval < 0) {
  115. goto done;
  116. }
  117. /* Get RENDEZVOUS1 keys */
  118. retval = hs_ntor_service_get_rendezvous1_keys(&intro_auth_pubkey,
  119. &intro_enc_keypair,
  120. &service_ephemeral_rend_keypair,
  121. &client_ephemeral_enc_pubkey,
  122. &hs_ntor_rend_cell_keys);
  123. if (retval < 0) {
  124. goto done;
  125. }
  126. /* Send ENC_KEY */
  127. base16_encode(buf, sizeof(buf),
  128. (const char*)hs_ntor_intro_cell_keys.enc_key,
  129. sizeof(hs_ntor_intro_cell_keys.enc_key));
  130. printf("%s\n", buf);
  131. /* Send MAC_KEY */
  132. base16_encode(buf, sizeof(buf),
  133. (const char*)hs_ntor_intro_cell_keys.mac_key,
  134. sizeof(hs_ntor_intro_cell_keys.mac_key));
  135. printf("%s\n", buf);
  136. /* Send AUTH_MAC */
  137. base16_encode(buf, sizeof(buf),
  138. (const char*)hs_ntor_rend_cell_keys.rend_cell_auth_mac,
  139. sizeof(hs_ntor_rend_cell_keys.rend_cell_auth_mac));
  140. printf("%s\n", buf);
  141. /* Send NTOR_KEY_SEED */
  142. base16_encode(buf, sizeof(buf),
  143. (const char*)hs_ntor_rend_cell_keys.ntor_key_seed,
  144. sizeof(hs_ntor_rend_cell_keys.ntor_key_seed));
  145. printf("%s\n", buf);
  146. /* Send service ephemeral pubkey (Y) */
  147. base16_encode(buf, sizeof(buf),
  148. (const char*)service_ephemeral_rend_keypair.pubkey.public_key,
  149. sizeof(service_ephemeral_rend_keypair.pubkey.public_key));
  150. printf("%s\n", buf);
  151. done:
  152. return retval;
  153. }
  154. /** The final step of the ntor protocol, the client computes and returns the
  155. * rendezvous key material. */
  156. static int
  157. client2(int argc, char **argv)
  158. {
  159. int retval;
  160. /* Inputs */
  161. curve25519_public_key_t intro_enc_pubkey;
  162. ed25519_public_key_t intro_auth_pubkey;
  163. curve25519_keypair_t client_ephemeral_enc_keypair;
  164. curve25519_public_key_t service_ephemeral_rend_pubkey;
  165. uint8_t subcredential[DIGEST256_LEN];
  166. /* Output */
  167. hs_ntor_rend_cell_keys_t hs_ntor_rend_cell_keys;
  168. char buf[256];
  169. N_ARGS(7);
  170. BASE16(2, intro_auth_pubkey.pubkey, ED25519_PUBKEY_LEN);
  171. BASE16(3, client_ephemeral_enc_keypair.seckey.secret_key,
  172. CURVE25519_SECKEY_LEN);
  173. BASE16(4, intro_enc_pubkey.public_key, CURVE25519_PUBKEY_LEN);
  174. BASE16(5, service_ephemeral_rend_pubkey.public_key, CURVE25519_PUBKEY_LEN);
  175. BASE16(6, subcredential, DIGEST256_LEN);
  176. /* Generate keypair */
  177. curve25519_public_key_generate(&client_ephemeral_enc_keypair.pubkey,
  178. &client_ephemeral_enc_keypair.seckey);
  179. /* Get RENDEZVOUS1 keys */
  180. retval = hs_ntor_client_get_rendezvous1_keys(&intro_auth_pubkey,
  181. &client_ephemeral_enc_keypair,
  182. &intro_enc_pubkey,
  183. &service_ephemeral_rend_pubkey,
  184. &hs_ntor_rend_cell_keys);
  185. if (retval < 0) {
  186. goto done;
  187. }
  188. /* Send AUTH_MAC */
  189. base16_encode(buf, sizeof(buf),
  190. (const char*)hs_ntor_rend_cell_keys.rend_cell_auth_mac,
  191. sizeof(hs_ntor_rend_cell_keys.rend_cell_auth_mac));
  192. printf("%s\n", buf);
  193. /* Send NTOR_KEY_SEED */
  194. base16_encode(buf, sizeof(buf),
  195. (const char*)hs_ntor_rend_cell_keys.ntor_key_seed,
  196. sizeof(hs_ntor_rend_cell_keys.ntor_key_seed));
  197. printf("%s\n", buf);
  198. done:
  199. return 1;
  200. }
  201. /** Perform a different part of the protocol depdning on the argv used. */
  202. int
  203. main(int argc, char **argv)
  204. {
  205. if (argc < 2) {
  206. fprintf(stderr, "I need arguments. Read source for more info.\n");
  207. return 1;
  208. }
  209. curve25519_init();
  210. if (!strcmp(argv[1], "client1")) {
  211. return client1(argc, argv);
  212. } else if (!strcmp(argv[1], "server1")) {
  213. return server1(argc, argv);
  214. } else if (!strcmp(argv[1], "client2")) {
  215. return client2(argc, argv);
  216. } else {
  217. fprintf(stderr, "What's a %s?\n", argv[1]);
  218. return 1;
  219. }
  220. }