test_routerkeys.c 21 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631
  1. /* Copyright (c) 2001-2004, Roger Dingledine.
  2. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
  3. * Copyright (c) 2007-2016, The Tor Project, Inc. */
  4. /* See LICENSE for licensing information */
  5. #include "orconfig.h"
  6. #define ROUTER_PRIVATE
  7. #include "or.h"
  8. #include "config.h"
  9. #include "router.h"
  10. #include "routerkeys.h"
  11. #include "util.h"
  12. #include "crypto.h"
  13. #include "torcert.h"
  14. #include "test.h"
  15. #ifdef _WIN32
  16. /* For mkdir() */
  17. #include <direct.h>
  18. #endif
  19. static void
  20. test_routerkeys_write_fingerprint(void *arg)
  21. {
  22. crypto_pk_t *key = pk_generate(2);
  23. or_options_t *options = get_options_mutable();
  24. const char *ddir = get_fname("write_fingerprint");
  25. char *cp = NULL, *cp2 = NULL;
  26. char fp[FINGERPRINT_LEN+1];
  27. (void)arg;
  28. tt_assert(key);
  29. options->ORPort_set = 1; /* So that we can get the server ID key */
  30. tor_free(options->DataDirectory);
  31. options->DataDirectory = tor_strdup(ddir);
  32. options->Nickname = tor_strdup("haflinger");
  33. set_server_identity_key(key);
  34. set_client_identity_key(crypto_pk_dup_key(key));
  35. tt_int_op(0, OP_EQ, check_private_dir(ddir, CPD_CREATE, NULL));
  36. tt_int_op(crypto_pk_cmp_keys(get_server_identity_key(),key),OP_EQ,0);
  37. /* Write fingerprint file */
  38. tt_int_op(0, OP_EQ, router_write_fingerprint(0));
  39. cp = read_file_to_str(get_fname("write_fingerprint/fingerprint"),
  40. 0, NULL);
  41. crypto_pk_get_fingerprint(key, fp, 0);
  42. tor_asprintf(&cp2, "haflinger %s\n", fp);
  43. tt_str_op(cp, OP_EQ, cp2);
  44. tor_free(cp);
  45. tor_free(cp2);
  46. /* Write hashed-fingerprint file */
  47. tt_int_op(0, OP_EQ, router_write_fingerprint(1));
  48. cp = read_file_to_str(get_fname("write_fingerprint/hashed-fingerprint"),
  49. 0, NULL);
  50. crypto_pk_get_hashed_fingerprint(key, fp);
  51. tor_asprintf(&cp2, "haflinger %s\n", fp);
  52. tt_str_op(cp, OP_EQ, cp2);
  53. tor_free(cp);
  54. tor_free(cp2);
  55. /* Replace outdated file */
  56. write_str_to_file(get_fname("write_fingerprint/hashed-fingerprint"),
  57. "junk goes here", 0);
  58. tt_int_op(0, OP_EQ, router_write_fingerprint(1));
  59. cp = read_file_to_str(get_fname("write_fingerprint/hashed-fingerprint"),
  60. 0, NULL);
  61. crypto_pk_get_hashed_fingerprint(key, fp);
  62. tor_asprintf(&cp2, "haflinger %s\n", fp);
  63. tt_str_op(cp, OP_EQ, cp2);
  64. tor_free(cp);
  65. tor_free(cp2);
  66. done:
  67. crypto_pk_free(key);
  68. set_client_identity_key(NULL);
  69. tor_free(cp);
  70. tor_free(cp2);
  71. }
  72. static void
  73. test_routerkeys_ed_certs(void *args)
  74. {
  75. (void)args;
  76. ed25519_keypair_t kp1, kp2;
  77. tor_cert_t *cert[2] = {NULL, NULL}, *nocert = NULL;
  78. tor_cert_t *parsed_cert[2] = {NULL, NULL};
  79. time_t now = 1412094534;
  80. uint8_t *junk = NULL;
  81. char *base64 = NULL;
  82. tt_int_op(0,==,ed25519_keypair_generate(&kp1, 0));
  83. tt_int_op(0,==,ed25519_keypair_generate(&kp2, 0));
  84. for (int i = 0; i <= 1; ++i) {
  85. uint32_t flags = i ? CERT_FLAG_INCLUDE_SIGNING_KEY : 0;
  86. cert[i] = tor_cert_create(&kp1, 5, &kp2.pubkey, now, 10000, flags);
  87. tt_assert(cert[i]);
  88. tt_assert(cert[i]->sig_bad == 0);
  89. tt_assert(cert[i]->sig_ok == 1);
  90. tt_assert(cert[i]->cert_expired == 0);
  91. tt_assert(cert[i]->cert_valid == 1);
  92. tt_int_op(cert[i]->cert_type, ==, 5);
  93. tt_mem_op(cert[i]->signed_key.pubkey, ==, &kp2.pubkey.pubkey, 32);
  94. tt_mem_op(cert[i]->signing_key.pubkey, ==, &kp1.pubkey.pubkey, 32);
  95. tt_int_op(cert[i]->signing_key_included, ==, i);
  96. tt_assert(cert[i]->encoded);
  97. tt_int_op(cert[i]->encoded_len, ==, 104 + 36 * i);
  98. tt_int_op(cert[i]->encoded[0], ==, 1);
  99. tt_int_op(cert[i]->encoded[1], ==, 5);
  100. parsed_cert[i] = tor_cert_parse(cert[i]->encoded, cert[i]->encoded_len);
  101. tt_assert(parsed_cert[i]);
  102. tt_int_op(cert[i]->encoded_len, ==, parsed_cert[i]->encoded_len);
  103. tt_mem_op(cert[i]->encoded, ==, parsed_cert[i]->encoded,
  104. cert[i]->encoded_len);
  105. tt_assert(parsed_cert[i]->sig_bad == 0);
  106. tt_assert(parsed_cert[i]->sig_ok == 0);
  107. tt_assert(parsed_cert[i]->cert_expired == 0);
  108. tt_assert(parsed_cert[i]->cert_valid == 0);
  109. /* Expired */
  110. tt_int_op(tor_cert_checksig(parsed_cert[i], &kp1.pubkey, now + 30000),
  111. <, 0);
  112. tt_assert(parsed_cert[i]->cert_expired == 1);
  113. parsed_cert[i]->cert_expired = 0;
  114. /* Wrong key */
  115. tt_int_op(tor_cert_checksig(parsed_cert[i], &kp2.pubkey, now), <, 0);
  116. tt_assert(parsed_cert[i]->sig_bad== 1);
  117. parsed_cert[i]->sig_bad = 0;
  118. /* Missing key */
  119. int ok = tor_cert_checksig(parsed_cert[i], NULL, now);
  120. tt_int_op(ok < 0, ==, i == 0);
  121. tt_assert(parsed_cert[i]->sig_bad == 0);
  122. tt_assert(parsed_cert[i]->sig_ok == (i != 0));
  123. tt_assert(parsed_cert[i]->cert_valid == (i != 0));
  124. parsed_cert[i]->sig_bad = 0;
  125. parsed_cert[i]->sig_ok = 0;
  126. parsed_cert[i]->cert_valid = 0;
  127. /* Right key */
  128. tt_int_op(tor_cert_checksig(parsed_cert[i], &kp1.pubkey, now), ==, 0);
  129. tt_assert(parsed_cert[i]->sig_bad == 0);
  130. tt_assert(parsed_cert[i]->sig_ok == 1);
  131. tt_assert(parsed_cert[i]->cert_expired == 0);
  132. tt_assert(parsed_cert[i]->cert_valid == 1);
  133. }
  134. /* Now try some junky certs. */
  135. /* - Truncated */
  136. nocert = tor_cert_parse(cert[0]->encoded, cert[0]->encoded_len-1);
  137. tt_ptr_op(NULL, ==, nocert);
  138. /* - First byte modified */
  139. cert[0]->encoded[0] = 99;
  140. nocert = tor_cert_parse(cert[0]->encoded, cert[0]->encoded_len);
  141. tt_ptr_op(NULL, ==, nocert);
  142. cert[0]->encoded[0] = 1;
  143. /* - Extra byte at the end*/
  144. junk = tor_malloc_zero(cert[0]->encoded_len + 1);
  145. memcpy(junk, cert[0]->encoded, cert[0]->encoded_len);
  146. nocert = tor_cert_parse(junk, cert[0]->encoded_len+1);
  147. tt_ptr_op(NULL, ==, nocert);
  148. /* - Multiple signing key instances */
  149. tor_free(junk);
  150. junk = tor_malloc_zero(104 + 36 * 2);
  151. junk[0] = 1; /* version */
  152. junk[1] = 5; /* cert type */
  153. junk[6] = 1; /* key type */
  154. junk[39] = 2; /* n_extensions */
  155. junk[41] = 32; /* extlen */
  156. junk[42] = 4; /* exttype */
  157. junk[77] = 32; /* extlen */
  158. junk[78] = 4; /* exttype */
  159. nocert = tor_cert_parse(junk, 104 + 36 * 2);
  160. tt_ptr_op(NULL, ==, nocert);
  161. done:
  162. tor_cert_free(cert[0]);
  163. tor_cert_free(cert[1]);
  164. tor_cert_free(parsed_cert[0]);
  165. tor_cert_free(parsed_cert[1]);
  166. tor_cert_free(nocert);
  167. tor_free(junk);
  168. tor_free(base64);
  169. }
  170. static void
  171. test_routerkeys_ed_key_create(void *arg)
  172. {
  173. (void)arg;
  174. tor_cert_t *cert = NULL;
  175. ed25519_keypair_t *kp1 = NULL, *kp2 = NULL;
  176. time_t now = time(NULL);
  177. /* This is a simple alias for 'make a new keypair' */
  178. kp1 = ed_key_new(NULL, 0, 0, 0, 0, &cert);
  179. tt_assert(kp1);
  180. /* Create a new certificate signed by kp1. */
  181. kp2 = ed_key_new(kp1, INIT_ED_KEY_NEEDCERT, now, 3600, 4, &cert);
  182. tt_assert(kp2);
  183. tt_assert(cert);
  184. tt_mem_op(&cert->signed_key, ==, &kp2->pubkey, sizeof(ed25519_public_key_t));
  185. tt_assert(! cert->signing_key_included);
  186. tt_int_op(cert->valid_until, >=, now);
  187. tt_int_op(cert->valid_until, <=, now+7200);
  188. /* Create a new key-including certificate signed by kp1 */
  189. ed25519_keypair_free(kp2);
  190. tor_cert_free(cert);
  191. cert = NULL; kp2 = NULL;
  192. kp2 = ed_key_new(kp1, (INIT_ED_KEY_NEEDCERT|
  193. INIT_ED_KEY_INCLUDE_SIGNING_KEY_IN_CERT),
  194. now, 3600, 4, &cert);
  195. tt_assert(kp2);
  196. tt_assert(cert);
  197. tt_assert(cert->signing_key_included);
  198. tt_mem_op(&cert->signed_key, ==, &kp2->pubkey, sizeof(ed25519_public_key_t));
  199. tt_mem_op(&cert->signing_key, ==, &kp1->pubkey,sizeof(ed25519_public_key_t));
  200. done:
  201. ed25519_keypair_free(kp1);
  202. ed25519_keypair_free(kp2);
  203. tor_cert_free(cert);
  204. }
  205. static void
  206. test_routerkeys_ed_key_init_basic(void *arg)
  207. {
  208. (void) arg;
  209. tor_cert_t *cert = NULL, *cert2 = NULL;
  210. ed25519_keypair_t *kp1 = NULL, *kp2 = NULL, *kp3 = NULL;
  211. time_t now = time(NULL);
  212. char *fname1 = tor_strdup(get_fname("test_ed_key_1"));
  213. char *fname2 = tor_strdup(get_fname("test_ed_key_2"));
  214. struct stat st;
  215. unlink(fname1);
  216. unlink(fname2);
  217. /* Fail to load a key that isn't there. */
  218. kp1 = ed_key_init_from_file(fname1, 0, LOG_INFO, NULL, now, 0, 7, &cert);
  219. tt_assert(kp1 == NULL);
  220. tt_assert(cert == NULL);
  221. /* Create the key if requested to do so. */
  222. kp1 = ed_key_init_from_file(fname1, INIT_ED_KEY_CREATE, LOG_INFO,
  223. NULL, now, 0, 7, &cert);
  224. tt_assert(kp1 != NULL);
  225. tt_assert(cert == NULL);
  226. tt_int_op(stat(get_fname("test_ed_key_1_cert"), &st), <, 0);
  227. tt_int_op(stat(get_fname("test_ed_key_1_secret_key"), &st), ==, 0);
  228. /* Fail to load if we say we need a cert */
  229. kp2 = ed_key_init_from_file(fname1, INIT_ED_KEY_NEEDCERT, LOG_INFO,
  230. NULL, now, 0, 7, &cert);
  231. tt_assert(kp2 == NULL);
  232. /* Fail to load if we say the wrong key type */
  233. kp2 = ed_key_init_from_file(fname1, 0, LOG_INFO,
  234. NULL, now, 0, 6, &cert);
  235. tt_assert(kp2 == NULL);
  236. /* Load successfully if we're not picky, whether we say "create" or not. */
  237. kp2 = ed_key_init_from_file(fname1, INIT_ED_KEY_CREATE, LOG_INFO,
  238. NULL, now, 0, 7, &cert);
  239. tt_assert(kp2 != NULL);
  240. tt_assert(cert == NULL);
  241. tt_mem_op(kp1, ==, kp2, sizeof(*kp1));
  242. ed25519_keypair_free(kp2); kp2 = NULL;
  243. kp2 = ed_key_init_from_file(fname1, 0, LOG_INFO,
  244. NULL, now, 0, 7, &cert);
  245. tt_assert(kp2 != NULL);
  246. tt_assert(cert == NULL);
  247. tt_mem_op(kp1, ==, kp2, sizeof(*kp1));
  248. ed25519_keypair_free(kp2); kp2 = NULL;
  249. /* Now create a key with a cert. */
  250. kp2 = ed_key_init_from_file(fname2, (INIT_ED_KEY_CREATE|
  251. INIT_ED_KEY_NEEDCERT),
  252. LOG_INFO, kp1, now, 7200, 7, &cert);
  253. tt_assert(kp2 != NULL);
  254. tt_assert(cert != NULL);
  255. tt_mem_op(kp1, !=, kp2, sizeof(*kp1));
  256. tt_int_op(stat(get_fname("test_ed_key_2_cert"), &st), ==, 0);
  257. tt_int_op(stat(get_fname("test_ed_key_2_secret_key"), &st), ==, 0);
  258. tt_assert(cert->cert_valid == 1);
  259. tt_mem_op(&cert->signed_key, ==, &kp2->pubkey, 32);
  260. /* Now verify we can load the cert... */
  261. kp3 = ed_key_init_from_file(fname2, (INIT_ED_KEY_CREATE|
  262. INIT_ED_KEY_NEEDCERT),
  263. LOG_INFO, kp1, now, 7200, 7, &cert2);
  264. tt_mem_op(kp2, ==, kp3, sizeof(*kp2));
  265. tt_mem_op(cert2->encoded, ==, cert->encoded, cert->encoded_len);
  266. ed25519_keypair_free(kp3); kp3 = NULL;
  267. tor_cert_free(cert2); cert2 = NULL;
  268. /* ... even without create... */
  269. kp3 = ed_key_init_from_file(fname2, INIT_ED_KEY_NEEDCERT,
  270. LOG_INFO, kp1, now, 7200, 7, &cert2);
  271. tt_mem_op(kp2, ==, kp3, sizeof(*kp2));
  272. tt_mem_op(cert2->encoded, ==, cert->encoded, cert->encoded_len);
  273. ed25519_keypair_free(kp3); kp3 = NULL;
  274. tor_cert_free(cert2); cert2 = NULL;
  275. /* ... but that we don't crash or anything if we say we don't want it. */
  276. kp3 = ed_key_init_from_file(fname2, INIT_ED_KEY_NEEDCERT,
  277. LOG_INFO, kp1, now, 7200, 7, NULL);
  278. tt_mem_op(kp2, ==, kp3, sizeof(*kp2));
  279. ed25519_keypair_free(kp3); kp3 = NULL;
  280. /* Fail if we're told the wrong signing key */
  281. kp3 = ed_key_init_from_file(fname2, INIT_ED_KEY_NEEDCERT,
  282. LOG_INFO, kp2, now, 7200, 7, &cert2);
  283. tt_assert(kp3 == NULL);
  284. tt_assert(cert2 == NULL);
  285. done:
  286. ed25519_keypair_free(kp1);
  287. ed25519_keypair_free(kp2);
  288. ed25519_keypair_free(kp3);
  289. tor_cert_free(cert);
  290. tor_cert_free(cert2);
  291. tor_free(fname1);
  292. tor_free(fname2);
  293. }
  294. static void
  295. test_routerkeys_ed_key_init_split(void *arg)
  296. {
  297. (void) arg;
  298. tor_cert_t *cert = NULL;
  299. ed25519_keypair_t *kp1 = NULL, *kp2 = NULL;
  300. time_t now = time(NULL);
  301. char *fname1 = tor_strdup(get_fname("test_ed_key_3"));
  302. char *fname2 = tor_strdup(get_fname("test_ed_key_4"));
  303. struct stat st;
  304. const uint32_t flags = INIT_ED_KEY_SPLIT|INIT_ED_KEY_MISSING_SECRET_OK;
  305. unlink(fname1);
  306. unlink(fname2);
  307. /* Can't load key that isn't there. */
  308. kp1 = ed_key_init_from_file(fname1, flags, LOG_INFO, NULL, now, 0, 7, &cert);
  309. tt_assert(kp1 == NULL);
  310. tt_assert(cert == NULL);
  311. /* Create a split key */
  312. kp1 = ed_key_init_from_file(fname1, flags|INIT_ED_KEY_CREATE,
  313. LOG_INFO, NULL, now, 0, 7, &cert);
  314. tt_assert(kp1 != NULL);
  315. tt_assert(cert == NULL);
  316. tt_int_op(stat(get_fname("test_ed_key_3_cert"), &st), <, 0);
  317. tt_int_op(stat(get_fname("test_ed_key_3_secret_key"), &st), ==, 0);
  318. tt_int_op(stat(get_fname("test_ed_key_3_public_key"), &st), ==, 0);
  319. /* Load it. */
  320. kp2 = ed_key_init_from_file(fname1, flags|INIT_ED_KEY_CREATE,
  321. LOG_INFO, NULL, now, 0, 7, &cert);
  322. tt_assert(kp2 != NULL);
  323. tt_assert(cert == NULL);
  324. tt_mem_op(kp1, ==, kp2, sizeof(*kp2));
  325. ed25519_keypair_free(kp2); kp2 = NULL;
  326. /* Okay, try killing the secret key and loading it. */
  327. unlink(get_fname("test_ed_key_3_secret_key"));
  328. kp2 = ed_key_init_from_file(fname1, flags,
  329. LOG_INFO, NULL, now, 0, 7, &cert);
  330. tt_assert(kp2 != NULL);
  331. tt_assert(cert == NULL);
  332. tt_mem_op(&kp1->pubkey, ==, &kp2->pubkey, sizeof(kp2->pubkey));
  333. tt_assert(tor_mem_is_zero((char*)kp2->seckey.seckey,
  334. sizeof(kp2->seckey.seckey)));
  335. ed25519_keypair_free(kp2); kp2 = NULL;
  336. /* Even when we're told to "create", don't create if there's a public key */
  337. kp2 = ed_key_init_from_file(fname1, flags|INIT_ED_KEY_CREATE,
  338. LOG_INFO, NULL, now, 0, 7, &cert);
  339. tt_assert(kp2 != NULL);
  340. tt_assert(cert == NULL);
  341. tt_mem_op(&kp1->pubkey, ==, &kp2->pubkey, sizeof(kp2->pubkey));
  342. tt_assert(tor_mem_is_zero((char*)kp2->seckey.seckey,
  343. sizeof(kp2->seckey.seckey)));
  344. ed25519_keypair_free(kp2); kp2 = NULL;
  345. /* Make sure we fail on a tag mismatch, though */
  346. kp2 = ed_key_init_from_file(fname1, flags,
  347. LOG_INFO, NULL, now, 0, 99, &cert);
  348. tt_assert(kp2 == NULL);
  349. done:
  350. ed25519_keypair_free(kp1);
  351. ed25519_keypair_free(kp2);
  352. tor_cert_free(cert);
  353. tor_free(fname1);
  354. tor_free(fname2);
  355. }
  356. static void
  357. test_routerkeys_ed_keys_init_all(void *arg)
  358. {
  359. (void)arg;
  360. char *dir = tor_strdup(get_fname("test_ed_keys_init_all"));
  361. or_options_t *options = tor_malloc_zero(sizeof(or_options_t));
  362. time_t now = time(NULL);
  363. ed25519_public_key_t id;
  364. ed25519_keypair_t sign, auth;
  365. tor_cert_t *link_cert = NULL;
  366. get_options_mutable()->ORPort_set = 1;
  367. crypto_pk_t *rsa = pk_generate(0);
  368. set_server_identity_key(rsa);
  369. set_client_identity_key(rsa);
  370. router_initialize_tls_context();
  371. options->SigningKeyLifetime = 30*86400;
  372. options->TestingAuthKeyLifetime = 2*86400;
  373. options->TestingLinkCertLifetime = 2*86400;
  374. options->TestingSigningKeySlop = 2*86400;
  375. options->TestingAuthKeySlop = 2*3600;
  376. options->TestingLinkKeySlop = 2*3600;
  377. #ifdef _WIN32
  378. mkdir(dir);
  379. mkdir(get_fname("test_ed_keys_init_all/keys"));
  380. #else
  381. mkdir(dir, 0700);
  382. mkdir(get_fname("test_ed_keys_init_all/keys"), 0700);
  383. #endif
  384. options->DataDirectory = dir;
  385. tt_int_op(0, ==, load_ed_keys(options, now));
  386. tt_int_op(0, ==, generate_ed_link_cert(options, now));
  387. tt_assert(get_master_identity_key());
  388. tt_assert(get_master_identity_key());
  389. tt_assert(get_master_signing_keypair());
  390. tt_assert(get_current_auth_keypair());
  391. tt_assert(get_master_signing_key_cert());
  392. tt_assert(get_current_link_cert_cert());
  393. tt_assert(get_current_auth_key_cert());
  394. memcpy(&id, get_master_identity_key(), sizeof(id));
  395. memcpy(&sign, get_master_signing_keypair(), sizeof(sign));
  396. memcpy(&auth, get_current_auth_keypair(), sizeof(auth));
  397. link_cert = tor_cert_dup(get_current_link_cert_cert());
  398. /* Call load_ed_keys again, but nothing has changed. */
  399. tt_int_op(0, ==, load_ed_keys(options, now));
  400. tt_int_op(0, ==, generate_ed_link_cert(options, now));
  401. tt_mem_op(&id, ==, get_master_identity_key(), sizeof(id));
  402. tt_mem_op(&sign, ==, get_master_signing_keypair(), sizeof(sign));
  403. tt_mem_op(&auth, ==, get_current_auth_keypair(), sizeof(auth));
  404. tt_assert(tor_cert_eq(link_cert, get_current_link_cert_cert()));
  405. /* Force a reload: we make new link/auth keys. */
  406. routerkeys_free_all();
  407. tt_int_op(0, ==, load_ed_keys(options, now));
  408. tt_int_op(0, ==, generate_ed_link_cert(options, now));
  409. tt_mem_op(&id, ==, get_master_identity_key(), sizeof(id));
  410. tt_mem_op(&sign, ==, get_master_signing_keypair(), sizeof(sign));
  411. tt_assert(tor_cert_eq(link_cert, get_current_link_cert_cert()));
  412. tt_mem_op(&auth, !=, get_current_auth_keypair(), sizeof(auth));
  413. tt_assert(get_master_signing_key_cert());
  414. tt_assert(get_current_link_cert_cert());
  415. tt_assert(get_current_auth_key_cert());
  416. tor_cert_free(link_cert);
  417. link_cert = tor_cert_dup(get_current_link_cert_cert());
  418. memcpy(&auth, get_current_auth_keypair(), sizeof(auth));
  419. /* Force a link/auth-key regeneration by advancing time. */
  420. tt_int_op(0, ==, load_ed_keys(options, now+3*86400));
  421. tt_int_op(0, ==, generate_ed_link_cert(options, now+3*86400));
  422. tt_mem_op(&id, ==, get_master_identity_key(), sizeof(id));
  423. tt_mem_op(&sign, ==, get_master_signing_keypair(), sizeof(sign));
  424. tt_assert(! tor_cert_eq(link_cert, get_current_link_cert_cert()));
  425. tt_mem_op(&auth, !=, get_current_auth_keypair(), sizeof(auth));
  426. tt_assert(get_master_signing_key_cert());
  427. tt_assert(get_current_link_cert_cert());
  428. tt_assert(get_current_auth_key_cert());
  429. tor_cert_free(link_cert);
  430. link_cert = tor_cert_dup(get_current_link_cert_cert());
  431. memcpy(&auth, get_current_auth_keypair(), sizeof(auth));
  432. /* Force a signing-key regeneration by advancing time. */
  433. tt_int_op(0, ==, load_ed_keys(options, now+100*86400));
  434. tt_int_op(0, ==, generate_ed_link_cert(options, now+100*86400));
  435. tt_mem_op(&id, ==, get_master_identity_key(), sizeof(id));
  436. tt_mem_op(&sign, !=, get_master_signing_keypair(), sizeof(sign));
  437. tt_assert(! tor_cert_eq(link_cert, get_current_link_cert_cert()));
  438. tt_mem_op(&auth, !=, get_current_auth_keypair(), sizeof(auth));
  439. tt_assert(get_master_signing_key_cert());
  440. tt_assert(get_current_link_cert_cert());
  441. tt_assert(get_current_auth_key_cert());
  442. memcpy(&sign, get_master_signing_keypair(), sizeof(sign));
  443. tor_cert_free(link_cert);
  444. link_cert = tor_cert_dup(get_current_link_cert_cert());
  445. memcpy(&auth, get_current_auth_keypair(), sizeof(auth));
  446. /* Demonstrate that we can start up with no secret identity key */
  447. routerkeys_free_all();
  448. unlink(get_fname("test_ed_keys_init_all/keys/"
  449. "ed25519_master_id_secret_key"));
  450. tt_int_op(0, ==, load_ed_keys(options, now));
  451. tt_int_op(0, ==, generate_ed_link_cert(options, now));
  452. tt_mem_op(&id, ==, get_master_identity_key(), sizeof(id));
  453. tt_mem_op(&sign, ==, get_master_signing_keypair(), sizeof(sign));
  454. tt_assert(! tor_cert_eq(link_cert, get_current_link_cert_cert()));
  455. tt_mem_op(&auth, !=, get_current_auth_keypair(), sizeof(auth));
  456. tt_assert(get_master_signing_key_cert());
  457. tt_assert(get_current_link_cert_cert());
  458. tt_assert(get_current_auth_key_cert());
  459. /* But we're in trouble if we have no id key and our signing key has
  460. expired. */
  461. log_global_min_severity_ = LOG_ERR; /* Suppress warnings.
  462. * XXX (better way to do this)? */
  463. routerkeys_free_all();
  464. tt_int_op(-1, ==, load_ed_keys(options, now+200*86400));
  465. done:
  466. tor_free(dir);
  467. tor_free(options);
  468. tor_cert_free(link_cert);
  469. routerkeys_free_all();
  470. }
  471. static void
  472. test_routerkeys_cross_certify_ntor(void *args)
  473. {
  474. (void) args;
  475. tor_cert_t *cert = NULL;
  476. curve25519_keypair_t onion_keys;
  477. ed25519_public_key_t master_key;
  478. ed25519_public_key_t onion_check_key;
  479. time_t now = time(NULL);
  480. int sign;
  481. tt_int_op(0, ==, ed25519_public_from_base64(&master_key,
  482. "IamwritingthesetestsOnARainyAfternoonin2014"));
  483. tt_int_op(0, ==, curve25519_keypair_generate(&onion_keys, 0));
  484. cert = make_ntor_onion_key_crosscert(&onion_keys,
  485. &master_key,
  486. now, 10000,
  487. &sign);
  488. tt_assert(cert);
  489. tt_assert(sign == 0 || sign == 1);
  490. tt_int_op(cert->cert_type, ==, CERT_TYPE_ONION_ID);
  491. tt_int_op(1, ==, ed25519_pubkey_eq(&cert->signed_key, &master_key));
  492. tt_int_op(0, ==, ed25519_public_key_from_curve25519_public_key(
  493. &onion_check_key, &onion_keys.pubkey, sign));
  494. tt_int_op(0, ==, tor_cert_checksig(cert, &onion_check_key, now));
  495. done:
  496. tor_cert_free(cert);
  497. }
  498. static void
  499. test_routerkeys_cross_certify_tap(void *args)
  500. {
  501. (void)args;
  502. uint8_t *cc = NULL;
  503. int cc_len;
  504. ed25519_public_key_t master_key;
  505. crypto_pk_t *onion_key = pk_generate(2), *id_key = pk_generate(1);
  506. char digest[20];
  507. char buf[128];
  508. int n;
  509. tt_int_op(0, ==, ed25519_public_from_base64(&master_key,
  510. "IAlreadyWroteTestsForRouterdescsUsingTheseX"));
  511. cc = make_tap_onion_key_crosscert(onion_key,
  512. &master_key,
  513. id_key, &cc_len);
  514. tt_assert(cc);
  515. tt_assert(cc_len);
  516. n = crypto_pk_public_checksig(onion_key, buf, sizeof(buf),
  517. (char*)cc, cc_len);
  518. tt_int_op(n,>,0);
  519. tt_int_op(n,==,52);
  520. crypto_pk_get_digest(id_key, digest);
  521. tt_mem_op(buf,==,digest,20);
  522. tt_mem_op(buf+20,==,master_key.pubkey,32);
  523. tt_int_op(0, ==, check_tap_onion_key_crosscert(cc, cc_len,
  524. onion_key, &master_key, (uint8_t*)digest));
  525. done:
  526. tor_free(cc);
  527. crypto_pk_free(id_key);
  528. crypto_pk_free(onion_key);
  529. }
  530. #define TEST(name, flags) \
  531. { #name , test_routerkeys_ ## name, (flags), NULL, NULL }
  532. struct testcase_t routerkeys_tests[] = {
  533. TEST(write_fingerprint, TT_FORK),
  534. TEST(ed_certs, TT_FORK),
  535. TEST(ed_key_create, TT_FORK),
  536. TEST(ed_key_init_basic, TT_FORK),
  537. TEST(ed_key_init_split, TT_FORK),
  538. TEST(ed_keys_init_all, TT_FORK),
  539. TEST(cross_certify_ntor, 0),
  540. TEST(cross_certify_tap, 0),
  541. END_OF_TESTCASES
  542. };