Home Explore Help
Sign In
sengler
/
tor-parallel-relay-conn
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 99beed152e
Branches Tags
tor-parallel...
/
src
/
test
/
hs_test_helpers.c

hs_test_helpers.c 10 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282 
  1. /* Copyright (c) 2017-2018, The Tor Project, Inc. */
    2. 

  2. /* See LICENSE for licensing information */
    3. 

  3. 

  4. #include "core/or/or.h"
    5. 

  5. #include "lib/crypt_ops/crypto_ed25519.h"
    6. 

  6. #include "test/test.h"
    7. 

  7. #include "feature/nodelist/torcert.h"
    8. 

  8. 

  9. #include "feature/hs/hs_common.h"
    10. 

  10. #include "test/hs_test_helpers.h"
    11. 

  11. 

  12. hs_desc_intro_point_t *
    13. 

  13. hs_helper_build_intro_point(const ed25519_keypair_t *signing_kp, time_t now,
    14. 

  14.                             const char *addr, int legacy)
    15. 

  15. {
    16. 

  16.   int ret;
    17. 

  17.   ed25519_keypair_t auth_kp;
    18. 

  18.   hs_desc_intro_point_t *intro_point = NULL;
    19. 

  19.   hs_desc_intro_point_t *ip = hs_desc_intro_point_new();
    20. 

  20. 

  21.   /* For a usable intro point we need at least two link specifiers: One legacy
    22. 

  22.    * keyid and one ipv4 */
    23. 

  23.   {
    24. 

  24.     hs_desc_link_specifier_t *ls_legacy = tor_malloc_zero(sizeof(*ls_legacy));
    25. 

  25.     hs_desc_link_specifier_t *ls_v4 = tor_malloc_zero(sizeof(*ls_v4));
    26. 

  26.     ls_legacy->type = LS_LEGACY_ID;
    27. 

  27.     memcpy(ls_legacy->u.legacy_id, "0299F268FCA9D55CD157976D39AE92B4B455B3A8",
    28. 

  28.            DIGEST_LEN);
    29. 

  29.     ls_v4->u.ap.port = 9001;
    30. 

  30.     int family = tor_addr_parse(&ls_v4->u.ap.addr, addr);
    31. 

  31.     switch (family) {
    32. 

  32.     case AF_INET:
    33. 

  33.           ls_v4->type = LS_IPV4;
    34. 

  34.           break;
    35. 

  35.         case AF_INET6:
    36. 

  36.           ls_v4->type = LS_IPV6;
    37. 

  37.           break;
    38. 

  38.         default:
    39. 

  39.           /* Stop the test, not suppose to have an error. */
    40. 

  40.           tt_int_op(family, OP_EQ, AF_INET);
    41. 

  41.     }
    42. 

  42.     smartlist_add(ip->link_specifiers, ls_legacy);
    43. 

  43.     smartlist_add(ip->link_specifiers, ls_v4);
    44. 

  44.   }
    45. 

  45. 

  46.   ret = ed25519_keypair_generate(&auth_kp, 0);
    47. 

  47.   tt_int_op(ret, ==, 0);
    48. 

  48.   ip->auth_key_cert = tor_cert_create(signing_kp, CERT_TYPE_AUTH_HS_IP_KEY,
    49. 

  49.                                       &auth_kp.pubkey, now,
    50. 

  50.                                       HS_DESC_CERT_LIFETIME,
    51. 

  51.                                       CERT_FLAG_INCLUDE_SIGNING_KEY);
    52. 

  52.   tt_assert(ip->auth_key_cert);
    53. 

  53. 

  54.   if (legacy) {
    55. 

  55.     ip->legacy.key = crypto_pk_new();
    56. 

  56.     tt_assert(ip->legacy.key);
    57. 

  57.     ret = crypto_pk_generate_key(ip->legacy.key);
    58. 

  58.     tt_int_op(ret, ==, 0);
    59. 

  59.     ssize_t cert_len = tor_make_rsa_ed25519_crosscert(
    60. 

  60.                                     &signing_kp->pubkey, ip->legacy.key,
    61. 

  61.                                     now + HS_DESC_CERT_LIFETIME,
    62. 

  62.                                     &ip->legacy.cert.encoded);
    63. 

  63.     tt_assert(ip->legacy.cert.encoded);
    64. 

  64.     tt_u64_op(cert_len, OP_GT, 0);
    65. 

  65.     ip->legacy.cert.len = cert_len;
    66. 

  66.   }
    67. 

  67. 

  68.   /* Encryption key. */
    69. 

  69.   {
    70. 

  70.     int signbit;
    71. 

  71.     curve25519_keypair_t curve25519_kp;
    72. 

  72.     ed25519_keypair_t ed25519_kp;
    73. 

  73.     tor_cert_t *cross_cert;
    74. 

  74. 

  75.     ret = curve25519_keypair_generate(&curve25519_kp, 0);
    76. 

  76.     tt_int_op(ret, ==, 0);
    77. 

  77.     ed25519_keypair_from_curve25519_keypair(&ed25519_kp, &signbit,
    78. 

  78.                                             &curve25519_kp);
    79. 

  79.     cross_cert = tor_cert_create(signing_kp, CERT_TYPE_CROSS_HS_IP_KEYS,
    80. 

  80.                                  &ed25519_kp.pubkey, time(NULL),
    81. 

  81.                                  HS_DESC_CERT_LIFETIME,
    82. 

  82.                                  CERT_FLAG_INCLUDE_SIGNING_KEY);
    83. 

  83.     tt_assert(cross_cert);
    84. 

  84.     ip->enc_key_cert = cross_cert;
    85. 

  85.   }
    86. 

  86. 

  87.   intro_point = ip;
    88. 

  88.  done:
    89. 

  89.   if (intro_point == NULL)
    90. 

  90.     tor_free(ip);
    91. 

  91. 

  92.   return intro_point;
    93. 

  93. }
    94. 

  94. 

  95. /* Return a valid hs_descriptor_t object. If no_ip is set, no introduction
    96. 

  96.  * points are added. */
    97. 

  97. static hs_descriptor_t *
    98. 

  98. hs_helper_build_hs_desc_impl(unsigned int no_ip,
    99. 

  99.                              const ed25519_keypair_t *signing_kp)
    100. 

  100. {
    101. 

  101.   time_t now = approx_time();
    102. 

  102.   ed25519_keypair_t blinded_kp;
    103. 

  103.   hs_descriptor_t *descp = NULL, *desc = tor_malloc_zero(sizeof(*desc));
    104. 

  104. 

  105.   desc->plaintext_data.version = HS_DESC_SUPPORTED_FORMAT_VERSION_MAX;
    106. 

  106. 

  107.   /* Copy only the public key into the descriptor. */
    108. 

  108.   memcpy(&desc->plaintext_data.signing_pubkey, &signing_kp->pubkey,
    109. 

  109.          sizeof(ed25519_public_key_t));
    110. 

  110. 

  111.   uint64_t current_time_period = hs_get_time_period_num(0);
    112. 

  112.   hs_build_blinded_keypair(signing_kp, NULL, 0,
    113. 

  113.                            current_time_period, &blinded_kp);
    114. 

  114.   /* Copy only the public key into the descriptor. */
    115. 

  115.   memcpy(&desc->plaintext_data.blinded_pubkey, &blinded_kp.pubkey,
    116. 

  116.          sizeof(ed25519_public_key_t));
    117. 

  117. 

  118.   desc->plaintext_data.signing_key_cert =
    119. 

  119.     tor_cert_create(&blinded_kp, CERT_TYPE_SIGNING_HS_DESC,
    120. 

  120.                     &signing_kp->pubkey, now, 3600,
    121. 

  121.                     CERT_FLAG_INCLUDE_SIGNING_KEY);
    122. 

  122.   tt_assert(desc->plaintext_data.signing_key_cert);
    123. 

  123.   desc->plaintext_data.revision_counter = 42;
    124. 

  124.   desc->plaintext_data.lifetime_sec = 3 * 60 * 60;
    125. 

  125. 

  126.   hs_get_subcredential(&signing_kp->pubkey, &blinded_kp.pubkey,
    127. 

  127.                     desc->subcredential);
    128. 

  128. 

  129.   /* Setup encrypted data section. */
    130. 

  130.   desc->encrypted_data.create2_ntor = 1;
    131. 

  131.   desc->encrypted_data.intro_auth_types = smartlist_new();
    132. 

  132.   desc->encrypted_data.single_onion_service = 1;
    133. 

  133.   smartlist_add(desc->encrypted_data.intro_auth_types, tor_strdup("ed25519"));
    134. 

  134.   desc->encrypted_data.intro_points = smartlist_new();
    135. 

  135.   if (!no_ip) {
    136. 

  136.     /* Add four intro points. */
    137. 

  137.     smartlist_add(desc->encrypted_data.intro_points,
    138. 

  138.               hs_helper_build_intro_point(signing_kp, now, "1.2.3.4", 0));
    139. 

  139.     smartlist_add(desc->encrypted_data.intro_points,
    140. 

  140.               hs_helper_build_intro_point(signing_kp, now, "[2600::1]", 0));
    141. 

  141.     smartlist_add(desc->encrypted_data.intro_points,
    142. 

  142.               hs_helper_build_intro_point(signing_kp, now, "3.2.1.4", 1));
    143. 

  143.     smartlist_add(desc->encrypted_data.intro_points,
    144. 

  144.               hs_helper_build_intro_point(signing_kp, now, "5.6.7.8", 1));
    145. 

  145.   }
    146. 

  146. 

  147.   descp = desc;
    148. 

  148.  done:
    149. 

  149.   if (descp == NULL)
    150. 

  150.     tor_free(desc);
    151. 

  151. 

  152.   return descp;
    153. 

  153. }
    154. 

  154. 

  155. /** Helper function to get the HS subcredential using the identity keypair of
    156. 

  156.  *  an HS. Used to decrypt descriptors in unittests. */
    157. 

  157. void
    158. 

  158. hs_helper_get_subcred_from_identity_keypair(ed25519_keypair_t *signing_kp,
    159. 

  159.                                             uint8_t *subcred_out)
    160. 

  160. {
    161. 

  161.   ed25519_keypair_t blinded_kp;
    162. 

  162.   uint64_t current_time_period = hs_get_time_period_num(approx_time());
    163. 

  163.   hs_build_blinded_keypair(signing_kp, NULL, 0,
    164. 

  164.                            current_time_period, &blinded_kp);
    165. 

  165. 

  166.   hs_get_subcredential(&signing_kp->pubkey, &blinded_kp.pubkey,
    167. 

  167.                        subcred_out);
    168. 

  168. }
    169. 

  169. 

  170. /* Build a descriptor with introduction points. */
    171. 

  171. hs_descriptor_t *
    172. 

  172. hs_helper_build_hs_desc_with_ip(const ed25519_keypair_t *signing_kp)
    173. 

  173. {
    174. 

  174.   return hs_helper_build_hs_desc_impl(0, signing_kp);
    175. 

  175. }
    176. 

  176. 

  177. /* Build a descriptor without any introduction points. */
    178. 

  178. hs_descriptor_t *
    179. 

  179. hs_helper_build_hs_desc_no_ip(const ed25519_keypair_t *signing_kp)
    180. 

  180. {
    181. 

  181.   return hs_helper_build_hs_desc_impl(1, signing_kp);
    182. 

  182. }
    183. 

  183. 

  184. void
    185. 

  185. hs_helper_desc_equal(const hs_descriptor_t *desc1,
    186. 

  186.                      const hs_descriptor_t *desc2)
    187. 

  187. {
    188. 

  188.   char *addr1 = NULL, *addr2 = NULL;
    189. 

  189.   /* Plaintext data section. */
    190. 

  190.   tt_int_op(desc1->plaintext_data.version, OP_EQ,
    191. 

  191.             desc2->plaintext_data.version);
    192. 

  192.   tt_uint_op(desc1->plaintext_data.lifetime_sec, OP_EQ,
    193. 

  193.              desc2->plaintext_data.lifetime_sec);
    194. 

  194.   tt_assert(tor_cert_eq(desc1->plaintext_data.signing_key_cert,
    195. 

  195.                         desc2->plaintext_data.signing_key_cert));
    196. 

  196.   tt_mem_op(desc1->plaintext_data.signing_pubkey.pubkey, OP_EQ,
    197. 

  197.             desc2->plaintext_data.signing_pubkey.pubkey,
    198. 

  198.             ED25519_PUBKEY_LEN);
    199. 

  199.   tt_mem_op(desc1->plaintext_data.blinded_pubkey.pubkey, OP_EQ,
    200. 

  200.             desc2->plaintext_data.blinded_pubkey.pubkey,
    201. 

  201.             ED25519_PUBKEY_LEN);
    202. 

  202.   tt_u64_op(desc1->plaintext_data.revision_counter, ==,
    203. 

  203.             desc2->plaintext_data.revision_counter);
    204. 

  204. 

  205.   /* NOTE: We can't compare the encrypted blob because when encoding the
    206. 

  206.    * descriptor, the object is immutable thus we don't update it with the
    207. 

  207.    * encrypted blob. As contrast to the decoding process where we populate a
    208. 

  208.    * descriptor object. */
    209. 

  209. 

  210.   /* Encrypted data section. */
    211. 

  211.   tt_uint_op(desc1->encrypted_data.create2_ntor, ==,
    212. 

  212.              desc2->encrypted_data.create2_ntor);
    213. 

  213. 

  214.   /* Authentication type. */
    215. 

  215.   tt_int_op(!!desc1->encrypted_data.intro_auth_types, ==,
    216. 

  216.             !!desc2->encrypted_data.intro_auth_types);
    217. 

  217.   if (desc1->encrypted_data.intro_auth_types &&
    218. 

  218.       desc2->encrypted_data.intro_auth_types) {
    219. 

  219.     tt_int_op(smartlist_len(desc1->encrypted_data.intro_auth_types), ==,
    220. 

  220.               smartlist_len(desc2->encrypted_data.intro_auth_types));
    221. 

  221.     for (int i = 0;
    222. 

  222.          i < smartlist_len(desc1->encrypted_data.intro_auth_types);
    223. 

  223.          i++) {
    224. 

  224.       tt_str_op(smartlist_get(desc1->encrypted_data.intro_auth_types, i),OP_EQ,
    225. 

  225.                 smartlist_get(desc2->encrypted_data.intro_auth_types, i));
    226. 

  226.     }
    227. 

  227.   }
    228. 

  228. 

  229.   /* Introduction points. */
    230. 

  230.   {
    231. 

  231.     tt_assert(desc1->encrypted_data.intro_points);
    232. 

  232.     tt_assert(desc2->encrypted_data.intro_points);
    233. 

  233.     tt_int_op(smartlist_len(desc1->encrypted_data.intro_points), ==,
    234. 

  234.               smartlist_len(desc2->encrypted_data.intro_points));
    235. 

  235.     for (int i=0; i < smartlist_len(desc1->encrypted_data.intro_points); i++) {
    236. 

  236.       hs_desc_intro_point_t *ip1 = smartlist_get(desc1->encrypted_data
    237. 

  237.                                                  .intro_points, i),
    238. 

  238.                             *ip2 = smartlist_get(desc2->encrypted_data
    239. 

  239.                                                  .intro_points, i);
    240. 

  240.       tt_assert(tor_cert_eq(ip1->auth_key_cert, ip2->auth_key_cert));
    241. 

  241.       if (ip1->legacy.key) {
    242. 

  242.         tt_int_op(crypto_pk_cmp_keys(ip1->legacy.key, ip2->legacy.key),
    243. 

  243.                   OP_EQ, 0);
    244. 

  244.       } else {
    245. 

  245.         tt_mem_op(&ip1->enc_key, OP_EQ, &ip2->enc_key, CURVE25519_PUBKEY_LEN);
    246. 

  246.       }
    247. 

  247. 

  248.       tt_int_op(smartlist_len(ip1->link_specifiers), ==,
    249. 

  249.                 smartlist_len(ip2->link_specifiers));
    250. 

  250.       for (int j = 0; j < smartlist_len(ip1->link_specifiers); j++) {
    251. 

  251.         hs_desc_link_specifier_t *ls1 = smartlist_get(ip1->link_specifiers, j),
    252. 

  252.                                  *ls2 = smartlist_get(ip2->link_specifiers, j);
    253. 

  253.         tt_int_op(ls1->type, ==, ls2->type);
    254. 

  254.         switch (ls1->type) {
    255. 

  255.           case LS_IPV4:
    256. 

  256.           case LS_IPV6:
    257. 

  257.             {
    258. 

  258.               addr1 = tor_addr_to_str_dup(&ls1->u.ap.addr);
    259. 

  259.               addr2 = tor_addr_to_str_dup(&ls2->u.ap.addr);
    260. 

  260.               tt_str_op(addr1, OP_EQ, addr2);
    261. 

  261.               tor_free(addr1);
    262. 

  262.               tor_free(addr2);
    263. 

  263.               tt_int_op(ls1->u.ap.port, ==, ls2->u.ap.port);
    264. 

  264.             }
    265. 

  265.             break;
    266. 

  266.           case LS_LEGACY_ID:
    267. 

  267.             tt_mem_op(ls1->u.legacy_id, OP_EQ, ls2->u.legacy_id,
    268. 

  268.                       sizeof(ls1->u.legacy_id));
    269. 

  269.             break;
    270. 

  270.           default:
    271. 

  271.             /* Unknown type, caught it and print its value. */
    272. 

  272.             tt_int_op(ls1->type, OP_EQ, -1);
    273. 

  273.         }
    274. 

  274.       }
    275. 

  275.     }
    276. 

  276.   }
    277. 

  277. 

  278.  done:
    279. 

  279.   tor_free(addr1);
    280. 

  280.   tor_free(addr2);
    281. 

  281. }
    282. 

  282.