test_hs_ntor_cl.c 9.0 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259
  1. /* Copyright (c) 2017-2019, The Tor Project, Inc. */
  2. /* See LICENSE for licensing information */
  3. /** This is a wrapper over the little-t-tor HS ntor functions. The wrapper is
  4. * used by src/test/hs_ntor_ref.py to conduct the HS ntor integration
  5. * tests.
  6. *
  7. * The logic of this wrapper is basically copied from src/test/test_ntor_cl.c
  8. */
  9. #include "orconfig.h"
  10. #include <stdio.h>
  11. #include <stdlib.h>
  12. #define ONION_NTOR_PRIVATE
  13. #include "core/or/or.h"
  14. #include "lib/crypt_ops/crypto_cipher.h"
  15. #include "lib/crypt_ops/crypto_curve25519.h"
  16. #include "lib/crypt_ops/crypto_ed25519.h"
  17. #include "lib/crypt_ops/crypto_format.h"
  18. #include "lib/crypt_ops/crypto_init.h"
  19. #include "core/crypto/hs_ntor.h"
  20. #include "core/crypto/onion_ntor.h"
  21. #define N_ARGS(n) STMT_BEGIN { \
  22. if (argc < (n)) { \
  23. fprintf(stderr, "%s needs %d arguments.\n",argv[1],n); \
  24. return 1; \
  25. } \
  26. } STMT_END
  27. #define BASE16(idx, var, n) STMT_BEGIN { \
  28. const char *s = argv[(idx)]; \
  29. if (base16_decode((char*)var, n, s, strlen(s)) < (int)n ) { \
  30. fprintf(stderr, "couldn't decode argument %d (%s)\n",idx,s); \
  31. return 1; \
  32. } \
  33. } STMT_END
  34. #define INT(idx, var) STMT_BEGIN { \
  35. var = atoi(argv[(idx)]); \
  36. if (var <= 0) { \
  37. fprintf(stderr, "bad integer argument %d (%s)\n",idx,argv[(idx)]); \
  38. } \
  39. } STMT_END
  40. /** The first part of the HS ntor protocol. The client-side computes all
  41. necessary key material and sends the appropriate message to the service. */
  42. static int
  43. client1(int argc, char **argv)
  44. {
  45. int retval;
  46. /* Inputs */
  47. curve25519_public_key_t intro_enc_pubkey;
  48. ed25519_public_key_t intro_auth_pubkey;
  49. curve25519_keypair_t client_ephemeral_enc_keypair;
  50. uint8_t subcredential[DIGEST256_LEN];
  51. /* Output */
  52. hs_ntor_intro_cell_keys_t hs_ntor_intro_cell_keys;
  53. char buf[256];
  54. N_ARGS(6);
  55. BASE16(2, intro_auth_pubkey.pubkey, ED25519_PUBKEY_LEN);
  56. BASE16(3, intro_enc_pubkey.public_key, CURVE25519_PUBKEY_LEN);
  57. BASE16(4, client_ephemeral_enc_keypair.seckey.secret_key,
  58. CURVE25519_SECKEY_LEN);
  59. BASE16(5, subcredential, DIGEST256_LEN);
  60. /* Generate keypair */
  61. curve25519_public_key_generate(&client_ephemeral_enc_keypair.pubkey,
  62. &client_ephemeral_enc_keypair.seckey);
  63. retval = hs_ntor_client_get_introduce1_keys(&intro_auth_pubkey,
  64. &intro_enc_pubkey,
  65. &client_ephemeral_enc_keypair,
  66. subcredential,
  67. &hs_ntor_intro_cell_keys);
  68. if (retval < 0) {
  69. goto done;
  70. }
  71. /* Send ENC_KEY */
  72. base16_encode(buf, sizeof(buf),
  73. (const char*)hs_ntor_intro_cell_keys.enc_key,
  74. sizeof(hs_ntor_intro_cell_keys.enc_key));
  75. printf("%s\n", buf);
  76. /* Send MAC_KEY */
  77. base16_encode(buf, sizeof(buf),
  78. (const char*)hs_ntor_intro_cell_keys.mac_key,
  79. sizeof(hs_ntor_intro_cell_keys.mac_key));
  80. printf("%s\n", buf);
  81. done:
  82. return retval;
  83. }
  84. /** The second part of the HS ntor protocol. The service-side computes all
  85. necessary key material and sends the appropriate message to the client */
  86. static int
  87. server1(int argc, char **argv)
  88. {
  89. int retval;
  90. /* Inputs */
  91. curve25519_keypair_t intro_enc_keypair;
  92. ed25519_public_key_t intro_auth_pubkey;
  93. curve25519_public_key_t client_ephemeral_enc_pubkey;
  94. uint8_t subcredential[DIGEST256_LEN];
  95. /* Output */
  96. hs_ntor_intro_cell_keys_t hs_ntor_intro_cell_keys;
  97. hs_ntor_rend_cell_keys_t hs_ntor_rend_cell_keys;
  98. curve25519_keypair_t service_ephemeral_rend_keypair;
  99. char buf[256];
  100. N_ARGS(6);
  101. BASE16(2, intro_auth_pubkey.pubkey, ED25519_PUBKEY_LEN);
  102. BASE16(3, intro_enc_keypair.seckey.secret_key, CURVE25519_SECKEY_LEN);
  103. BASE16(4, client_ephemeral_enc_pubkey.public_key, CURVE25519_PUBKEY_LEN);
  104. BASE16(5, subcredential, DIGEST256_LEN);
  105. /* Generate keypair */
  106. curve25519_public_key_generate(&intro_enc_keypair.pubkey,
  107. &intro_enc_keypair.seckey);
  108. curve25519_keypair_generate(&service_ephemeral_rend_keypair, 0);
  109. /* Get INTRODUCE1 keys */
  110. retval = hs_ntor_service_get_introduce1_keys(&intro_auth_pubkey,
  111. &intro_enc_keypair,
  112. &client_ephemeral_enc_pubkey,
  113. subcredential,
  114. &hs_ntor_intro_cell_keys);
  115. if (retval < 0) {
  116. goto done;
  117. }
  118. /* Get RENDEZVOUS1 keys */
  119. retval = hs_ntor_service_get_rendezvous1_keys(&intro_auth_pubkey,
  120. &intro_enc_keypair,
  121. &service_ephemeral_rend_keypair,
  122. &client_ephemeral_enc_pubkey,
  123. &hs_ntor_rend_cell_keys);
  124. if (retval < 0) {
  125. goto done;
  126. }
  127. /* Send ENC_KEY */
  128. base16_encode(buf, sizeof(buf),
  129. (const char*)hs_ntor_intro_cell_keys.enc_key,
  130. sizeof(hs_ntor_intro_cell_keys.enc_key));
  131. printf("%s\n", buf);
  132. /* Send MAC_KEY */
  133. base16_encode(buf, sizeof(buf),
  134. (const char*)hs_ntor_intro_cell_keys.mac_key,
  135. sizeof(hs_ntor_intro_cell_keys.mac_key));
  136. printf("%s\n", buf);
  137. /* Send AUTH_MAC */
  138. base16_encode(buf, sizeof(buf),
  139. (const char*)hs_ntor_rend_cell_keys.rend_cell_auth_mac,
  140. sizeof(hs_ntor_rend_cell_keys.rend_cell_auth_mac));
  141. printf("%s\n", buf);
  142. /* Send NTOR_KEY_SEED */
  143. base16_encode(buf, sizeof(buf),
  144. (const char*)hs_ntor_rend_cell_keys.ntor_key_seed,
  145. sizeof(hs_ntor_rend_cell_keys.ntor_key_seed));
  146. printf("%s\n", buf);
  147. /* Send service ephemeral pubkey (Y) */
  148. base16_encode(buf, sizeof(buf),
  149. (const char*)service_ephemeral_rend_keypair.pubkey.public_key,
  150. sizeof(service_ephemeral_rend_keypair.pubkey.public_key));
  151. printf("%s\n", buf);
  152. done:
  153. return retval;
  154. }
  155. /** The final step of the ntor protocol, the client computes and returns the
  156. * rendezvous key material. */
  157. static int
  158. client2(int argc, char **argv)
  159. {
  160. int retval;
  161. /* Inputs */
  162. curve25519_public_key_t intro_enc_pubkey;
  163. ed25519_public_key_t intro_auth_pubkey;
  164. curve25519_keypair_t client_ephemeral_enc_keypair;
  165. curve25519_public_key_t service_ephemeral_rend_pubkey;
  166. uint8_t subcredential[DIGEST256_LEN];
  167. /* Output */
  168. hs_ntor_rend_cell_keys_t hs_ntor_rend_cell_keys;
  169. char buf[256];
  170. N_ARGS(7);
  171. BASE16(2, intro_auth_pubkey.pubkey, ED25519_PUBKEY_LEN);
  172. BASE16(3, client_ephemeral_enc_keypair.seckey.secret_key,
  173. CURVE25519_SECKEY_LEN);
  174. BASE16(4, intro_enc_pubkey.public_key, CURVE25519_PUBKEY_LEN);
  175. BASE16(5, service_ephemeral_rend_pubkey.public_key, CURVE25519_PUBKEY_LEN);
  176. BASE16(6, subcredential, DIGEST256_LEN);
  177. /* Generate keypair */
  178. curve25519_public_key_generate(&client_ephemeral_enc_keypair.pubkey,
  179. &client_ephemeral_enc_keypair.seckey);
  180. /* Get RENDEZVOUS1 keys */
  181. retval = hs_ntor_client_get_rendezvous1_keys(&intro_auth_pubkey,
  182. &client_ephemeral_enc_keypair,
  183. &intro_enc_pubkey,
  184. &service_ephemeral_rend_pubkey,
  185. &hs_ntor_rend_cell_keys);
  186. if (retval < 0) {
  187. goto done;
  188. }
  189. /* Send AUTH_MAC */
  190. base16_encode(buf, sizeof(buf),
  191. (const char*)hs_ntor_rend_cell_keys.rend_cell_auth_mac,
  192. sizeof(hs_ntor_rend_cell_keys.rend_cell_auth_mac));
  193. printf("%s\n", buf);
  194. /* Send NTOR_KEY_SEED */
  195. base16_encode(buf, sizeof(buf),
  196. (const char*)hs_ntor_rend_cell_keys.ntor_key_seed,
  197. sizeof(hs_ntor_rend_cell_keys.ntor_key_seed));
  198. printf("%s\n", buf);
  199. done:
  200. return 1;
  201. }
  202. /** Perform a different part of the protocol depdning on the argv used. */
  203. int
  204. main(int argc, char **argv)
  205. {
  206. if (argc < 2) {
  207. fprintf(stderr, "I need arguments. Read source for more info.\n");
  208. return 1;
  209. }
  210. init_logging(1);
  211. curve25519_init();
  212. if (crypto_global_init(0, NULL, NULL) < 0)
  213. return 1;
  214. if (!strcmp(argv[1], "client1")) {
  215. return client1(argc, argv);
  216. } else if (!strcmp(argv[1], "server1")) {
  217. return server1(argc, argv);
  218. } else if (!strcmp(argv[1], "client2")) {
  219. return client2(argc, argv);
  220. } else {
  221. fprintf(stderr, "What's a %s?\n", argv[1]);
  222. return 1;
  223. }
  224. }