search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Remove unused function: dns_randfn_() in dns.c.
[tor.git] / src / test / test_routerkeys.c
blob727fa5660f8d27b8f8dca33188ec4e44670c4fb0
1 /* Copyright (c) 2001-2004, Roger Dingledine.
2 * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
3 * Copyright (c) 2007-2019, The Tor Project, Inc. */
4 /* See LICENSE for licensing information */
5
6 #include "orconfig.h"
7 #define ROUTER_PRIVATE
8 #include "core/or/or.h"
9 #include "app/config/config.h"
10 #include "feature/relay/router.h"
11 #include "feature/relay/routerkeys.h"
12 #include "lib/crypt_ops/crypto_cipher.h"
13 #include "lib/crypt_ops/crypto_format.h"
14 #include "feature/keymgt/loadkey.h"
15 #include "feature/nodelist/torcert.h"
16 #include "test/test.h"
17
18 #ifdef _WIN32
19 /* For mkdir() */
20 #include <direct.h>
21 #endif
22
23 #ifdef HAVE_UNISTD_H
24 #include <unistd.h>
25 #endif
26 #ifdef HAVE_SYS_STAT_H
27 #include <sys/stat.h>
28 #endif
29
30 static void
31 test_routerkeys_write_fingerprint(void *arg)
32 {
33 crypto_pk_t *key = pk_generate(2);
34 or_options_t *options = get_options_mutable();
35 const char *ddir = get_fname("write_fingerprint");
36 char *cp = NULL, *cp2 = NULL;
37 char fp[FINGERPRINT_LEN+1];
38
39 (void)arg;
40
41 tt_assert(key);
42
43 options->ORPort_set = 1; /* So that we can get the server ID key */
44 tor_free(options->DataDirectory);
45 options->DataDirectory = tor_strdup(ddir);
46 options->Nickname = tor_strdup("haflinger");
47 set_server_identity_key(key);
48 set_client_identity_key(crypto_pk_dup_key(key));
49
50 tt_int_op(0, OP_EQ, check_private_dir(ddir, CPD_CREATE, NULL));
51 tt_int_op(crypto_pk_cmp_keys(get_server_identity_key(),key),OP_EQ,0);
52
53 /* Write fingerprint file */
54 tt_int_op(0, OP_EQ, router_write_fingerprint(0));
55 cp = read_file_to_str(get_fname("write_fingerprint/fingerprint"),
56 0, NULL);
57 crypto_pk_get_fingerprint(key, fp, 0);
58 tor_asprintf(&cp2, "haflinger %s\n", fp);
59 tt_str_op(cp, OP_EQ, cp2);
60 tor_free(cp);
61 tor_free(cp2);
62
63 /* Write hashed-fingerprint file */
64 tt_int_op(0, OP_EQ, router_write_fingerprint(1));
65 cp = read_file_to_str(get_fname("write_fingerprint/hashed-fingerprint"),
66 0, NULL);
67 crypto_pk_get_hashed_fingerprint(key, fp);
68 tor_asprintf(&cp2, "haflinger %s\n", fp);
69 tt_str_op(cp, OP_EQ, cp2);
70 tor_free(cp);
71 tor_free(cp2);
72
73 /* Replace outdated file */
74 write_str_to_file(get_fname("write_fingerprint/hashed-fingerprint"),
75 "junk goes here", 0);
76 tt_int_op(0, OP_EQ, router_write_fingerprint(1));
77 cp = read_file_to_str(get_fname("write_fingerprint/hashed-fingerprint"),
78 0, NULL);
79 crypto_pk_get_hashed_fingerprint(key, fp);
80 tor_asprintf(&cp2, "haflinger %s\n", fp);
81 tt_str_op(cp, OP_EQ, cp2);
82 tor_free(cp);
83 tor_free(cp2);
84
85 done:
86 crypto_pk_free(key);
87 set_client_identity_key(NULL);
88 tor_free(cp);
89 tor_free(cp2);
90 }
91
92 static void
93 test_routerkeys_ed_certs(void *args)
94 {
95 (void)args;
96 ed25519_keypair_t kp1, kp2;
97 tor_cert_t *cert[2] = {NULL, NULL}, *nocert = NULL;
98 tor_cert_t *parsed_cert[2] = {NULL, NULL};
99 time_t now = 1412094534;
100 uint8_t *junk = NULL;
101 char *base64 = NULL;
102
103 tt_int_op(0,OP_EQ,ed25519_keypair_generate(&kp1, 0));
104 tt_int_op(0,OP_EQ,ed25519_keypair_generate(&kp2, 0));
105
106 for (int i = 0; i <= 1; ++i) {
107 uint32_t flags = i ? CERT_FLAG_INCLUDE_SIGNING_KEY : 0;
108
109 cert[i] = tor_cert_create(&kp1, 5, &kp2.pubkey, now, 10000, flags);
110 tt_assert(cert[i]);
111
112 tt_uint_op(cert[i]->sig_bad, OP_EQ, 0);
113 tt_uint_op(cert[i]->sig_ok, OP_EQ, 1);
114 tt_uint_op(cert[i]->cert_expired, OP_EQ, 0);
115 tt_uint_op(cert[i]->cert_valid, OP_EQ, 1);
116 tt_int_op(cert[i]->cert_type, OP_EQ, 5);
117 tt_mem_op(cert[i]->signed_key.pubkey, OP_EQ, &kp2.pubkey.pubkey, 32);
118 tt_mem_op(cert[i]->signing_key.pubkey, OP_EQ, &kp1.pubkey.pubkey, 32);
119 tt_int_op(cert[i]->signing_key_included, OP_EQ, i);
120
121 tt_assert(cert[i]->encoded);
122 tt_int_op(cert[i]->encoded_len, OP_EQ, 104 + 36 * i);
123 tt_int_op(cert[i]->encoded[0], OP_EQ, 1);
124 tt_int_op(cert[i]->encoded[1], OP_EQ, 5);
125
126 parsed_cert[i] = tor_cert_parse(cert[i]->encoded, cert[i]->encoded_len);
127 tt_assert(parsed_cert[i]);
128 tt_int_op(cert[i]->encoded_len, OP_EQ, parsed_cert[i]->encoded_len);
129 tt_mem_op(cert[i]->encoded, OP_EQ, parsed_cert[i]->encoded,
130 cert[i]->encoded_len);
131 tt_uint_op(parsed_cert[i]->sig_bad, OP_EQ, 0);
132 tt_uint_op(parsed_cert[i]->sig_ok, OP_EQ, 0);
133 tt_uint_op(parsed_cert[i]->cert_expired, OP_EQ, 0);
134 tt_uint_op(parsed_cert[i]->cert_valid, OP_EQ, 0);
135
136 /* Expired */
137 tt_int_op(tor_cert_checksig(parsed_cert[i], &kp1.pubkey, now + 30000),
138 OP_LT, 0);
139 tt_uint_op(parsed_cert[i]->cert_expired, OP_EQ, 1);
140 parsed_cert[i]->cert_expired = 0;
141
142 /* Wrong key */
143 tt_int_op(tor_cert_checksig(parsed_cert[i], &kp2.pubkey, now), OP_LT, 0);
144 tt_uint_op(parsed_cert[i]->sig_bad, OP_EQ, 1);
145 parsed_cert[i]->sig_bad = 0;
146
147 /* Missing key */
148 int ok = tor_cert_checksig(parsed_cert[i], NULL, now);
149 tt_int_op(ok < 0, OP_EQ, i == 0);
150 tt_uint_op(parsed_cert[i]->sig_bad, OP_EQ, 0);
151 tt_assert(parsed_cert[i]->sig_ok == (i != 0));
152 tt_assert(parsed_cert[i]->cert_valid == (i != 0));
153 parsed_cert[i]->sig_bad = 0;
154 parsed_cert[i]->sig_ok = 0;
155 parsed_cert[i]->cert_valid = 0;
156
157 /* Right key */
158 tt_int_op(tor_cert_checksig(parsed_cert[i], &kp1.pubkey, now), OP_EQ, 0);
159 tt_uint_op(parsed_cert[i]->sig_bad, OP_EQ, 0);
160 tt_uint_op(parsed_cert[i]->sig_ok, OP_EQ, 1);
161 tt_uint_op(parsed_cert[i]->cert_expired, OP_EQ, 0);
162 tt_uint_op(parsed_cert[i]->cert_valid, OP_EQ, 1);
163 }
164
165 /* Now try some junky certs. */
166 /* - Truncated */
167 nocert = tor_cert_parse(cert[0]->encoded, cert[0]->encoded_len-1);
168 tt_ptr_op(NULL, OP_EQ, nocert);
169
170 /* - First byte modified */
171 cert[0]->encoded[0] = 99;
172 nocert = tor_cert_parse(cert[0]->encoded, cert[0]->encoded_len);
173 tt_ptr_op(NULL, OP_EQ, nocert);
174 cert[0]->encoded[0] = 1;
175
176 /* - Extra byte at the end*/
177 junk = tor_malloc_zero(cert[0]->encoded_len + 1);
178 memcpy(junk, cert[0]->encoded, cert[0]->encoded_len);
179 nocert = tor_cert_parse(junk, cert[0]->encoded_len+1);
180 tt_ptr_op(NULL, OP_EQ, nocert);
181
182 /* - Multiple signing key instances */
183 tor_free(junk);
184 junk = tor_malloc_zero(104 + 36 * 2);
185 junk[0] = 1; /* version */
186 junk[1] = 5; /* cert type */
187 junk[6] = 1; /* key type */
188 junk[39] = 2; /* n_extensions */
189 junk[41] = 32; /* extlen */
190 junk[42] = 4; /* exttype */
191 junk[77] = 32; /* extlen */
192 junk[78] = 4; /* exttype */
193 nocert = tor_cert_parse(junk, 104 + 36 * 2);
194 tt_ptr_op(NULL, OP_EQ, nocert);
195
196 done:
197 tor_cert_free(cert[0]);
198 tor_cert_free(cert[1]);
199 tor_cert_free(parsed_cert[0]);
200 tor_cert_free(parsed_cert[1]);
201 tor_cert_free(nocert);
202 tor_free(junk);
203 tor_free(base64);
204 }
205
206 static void
207 test_routerkeys_ed_key_create(void *arg)
208 {
209 (void)arg;
210 tor_cert_t *cert = NULL;
211 ed25519_keypair_t *kp1 = NULL, *kp2 = NULL;
212 time_t now = time(NULL);
213
214 /* This is a simple alias for 'make a new keypair' */
215 kp1 = ed_key_new(NULL, 0, 0, 0, 0, &cert);
216 tt_assert(kp1);
217
218 /* Create a new certificate signed by kp1. */
219 kp2 = ed_key_new(kp1, INIT_ED_KEY_NEEDCERT, now, 3600, 4, &cert);
220 tt_assert(kp2);
221 tt_assert(cert);
222 tt_mem_op(&cert->signed_key, OP_EQ, &kp2->pubkey,
223 sizeof(ed25519_public_key_t));
224 tt_assert(! cert->signing_key_included);
225
226 tt_int_op(cert->valid_until, OP_GE, now);
227 tt_int_op(cert->valid_until, OP_LE, now+7200);
228
229 /* Create a new key-including certificate signed by kp1 */
230 ed25519_keypair_free(kp2);
231 tor_cert_free(cert);
232 cert = NULL; kp2 = NULL;
233 kp2 = ed_key_new(kp1, (INIT_ED_KEY_NEEDCERT|
234 INIT_ED_KEY_INCLUDE_SIGNING_KEY_IN_CERT),
235 now, 3600, 4, &cert);
236 tt_assert(kp2);
237 tt_assert(cert);
238 tt_assert(cert->signing_key_included);
239 tt_mem_op(&cert->signed_key, OP_EQ, &kp2->pubkey,
240 sizeof(ed25519_public_key_t));
241 tt_mem_op(&cert->signing_key, OP_EQ, &kp1->pubkey,
242 sizeof(ed25519_public_key_t));
243
244 done:
245 ed25519_keypair_free(kp1);
246 ed25519_keypair_free(kp2);
247 tor_cert_free(cert);
248 }
249
250 static void
251 test_routerkeys_ed_key_init_basic(void *arg)
252 {
253 (void) arg;
254
255 tor_cert_t *cert = NULL, *cert2 = NULL;
256 ed25519_keypair_t *kp1 = NULL, *kp2 = NULL, *kp3 = NULL;
257 time_t now = time(NULL);
258 char *fname1 = tor_strdup(get_fname("test_ed_key_1"));
259 char *fname2 = tor_strdup(get_fname("test_ed_key_2"));
260 struct stat st;
261
262 unlink(fname1);
263 unlink(fname2);
264
265 /* Fail to load a key that isn't there. */
266 kp1 = ed_key_init_from_file(fname1, 0, LOG_INFO, NULL, now, 0, 7, &cert,
267 NULL);
268 tt_assert(kp1 == NULL);
269 tt_assert(cert == NULL);
270
271 /* Create the key if requested to do so. */
272 kp1 = ed_key_init_from_file(fname1, INIT_ED_KEY_CREATE, LOG_INFO,
273 NULL, now, 0, 7, &cert, NULL);
274 tt_assert(kp1 != NULL);
275 tt_assert(cert == NULL);
276 tt_int_op(stat(get_fname("test_ed_key_1_cert"), &st), OP_LT, 0);
277 tt_int_op(stat(get_fname("test_ed_key_1_secret_key"), &st), OP_EQ, 0);
278
279 /* Fail to load if we say we need a cert */
280 kp2 = ed_key_init_from_file(fname1, INIT_ED_KEY_NEEDCERT, LOG_INFO,
281 NULL, now, 0, 7, &cert, NULL);
282 tt_assert(kp2 == NULL);
283
284 /* Fail to load if we say the wrong key type */
285 kp2 = ed_key_init_from_file(fname1, 0, LOG_INFO,
286 NULL, now, 0, 6, &cert, NULL);
287 tt_assert(kp2 == NULL);
288
289 /* Load successfully if we're not picky, whether we say "create" or not. */
290 kp2 = ed_key_init_from_file(fname1, INIT_ED_KEY_CREATE, LOG_INFO,
291 NULL, now, 0, 7, &cert, NULL);
292 tt_assert(kp2 != NULL);
293 tt_assert(cert == NULL);
294 tt_mem_op(kp1, OP_EQ, kp2, sizeof(*kp1));
295 ed25519_keypair_free(kp2); kp2 = NULL;
296
297 kp2 = ed_key_init_from_file(fname1, 0, LOG_INFO,
298 NULL, now, 0, 7, &cert, NULL);
299 tt_assert(kp2 != NULL);
300 tt_assert(cert == NULL);
301 tt_mem_op(kp1, OP_EQ, kp2, sizeof(*kp1));
302 ed25519_keypair_free(kp2); kp2 = NULL;
303
304 /* Now create a key with a cert. */
305 kp2 = ed_key_init_from_file(fname2, (INIT_ED_KEY_CREATE|
306 INIT_ED_KEY_NEEDCERT),
307 LOG_INFO, kp1, now, 7200, 7, &cert, NULL);
308 tt_assert(kp2 != NULL);
309 tt_assert(cert != NULL);
310 tt_mem_op(kp1, OP_NE, kp2, sizeof(*kp1));
311 tt_int_op(stat(get_fname("test_ed_key_2_cert"), &st), OP_EQ, 0);
312 tt_int_op(stat(get_fname("test_ed_key_2_secret_key"), &st), OP_EQ, 0);
313
314 tt_assert(cert->cert_valid == 1);
315 tt_mem_op(&cert->signed_key, OP_EQ, &kp2->pubkey, 32);
316
317 /* Now verify we can load the cert... */
318 kp3 = ed_key_init_from_file(fname2, (INIT_ED_KEY_CREATE|
319 INIT_ED_KEY_NEEDCERT),
320 LOG_INFO, kp1, now, 7200, 7, &cert2, NULL);
321 tt_mem_op(kp2, OP_EQ, kp3, sizeof(*kp2));
322 tt_mem_op(cert2->encoded, OP_EQ, cert->encoded, cert->encoded_len);
323 ed25519_keypair_free(kp3); kp3 = NULL;
324 tor_cert_free(cert2); cert2 = NULL;
325
326 /* ... even without create... */
327 kp3 = ed_key_init_from_file(fname2, INIT_ED_KEY_NEEDCERT,
328 LOG_INFO, kp1, now, 7200, 7, &cert2, NULL);
329 tt_mem_op(kp2, OP_EQ, kp3, sizeof(*kp2));
330 tt_mem_op(cert2->encoded, OP_EQ, cert->encoded, cert->encoded_len);
331 ed25519_keypair_free(kp3); kp3 = NULL;
332 tor_cert_free(cert2); cert2 = NULL;
333
334 /* ... but that we don't crash or anything if we say we don't want it. */
335 kp3 = ed_key_init_from_file(fname2, INIT_ED_KEY_NEEDCERT,
336 LOG_INFO, kp1, now, 7200, 7, NULL, NULL);
337 tt_mem_op(kp2, OP_EQ, kp3, sizeof(*kp2));
338 ed25519_keypair_free(kp3); kp3 = NULL;
339
340 /* Fail if we're told the wrong signing key */
341 kp3 = ed_key_init_from_file(fname2, INIT_ED_KEY_NEEDCERT,
342 LOG_INFO, kp2, now, 7200, 7, &cert2, NULL);
343 tt_assert(kp3 == NULL);
344 tt_assert(cert2 == NULL);
345
346 done:
347 ed25519_keypair_free(kp1);
348 ed25519_keypair_free(kp2);
349 ed25519_keypair_free(kp3);
350 tor_cert_free(cert);
351 tor_cert_free(cert2);
352 tor_free(fname1);
353 tor_free(fname2);
354 }
355
356 static void
357 test_routerkeys_ed_key_init_split(void *arg)
358 {
359 (void) arg;
360
361 tor_cert_t *cert = NULL;
362 ed25519_keypair_t *kp1 = NULL, *kp2 = NULL;
363 time_t now = time(NULL);
364 char *fname1 = tor_strdup(get_fname("test_ed_key_3"));
365 char *fname2 = tor_strdup(get_fname("test_ed_key_4"));
366 struct stat st;
367 const uint32_t flags = INIT_ED_KEY_SPLIT|INIT_ED_KEY_MISSING_SECRET_OK;
368
369 unlink(fname1);
370 unlink(fname2);
371
372 /* Can't load key that isn't there. */
373 kp1 = ed_key_init_from_file(fname1, flags, LOG_INFO, NULL, now, 0, 7, &cert,
374 NULL);
375 tt_assert(kp1 == NULL);
376 tt_assert(cert == NULL);
377
378 /* Create a split key */
379 kp1 = ed_key_init_from_file(fname1, flags|INIT_ED_KEY_CREATE,
380 LOG_INFO, NULL, now, 0, 7, &cert, NULL);
381 tt_assert(kp1 != NULL);
382 tt_assert(cert == NULL);
383 tt_int_op(stat(get_fname("test_ed_key_3_cert"), &st), OP_LT, 0);
384 tt_int_op(stat(get_fname("test_ed_key_3_secret_key"), &st), OP_EQ, 0);
385 tt_int_op(stat(get_fname("test_ed_key_3_public_key"), &st), OP_EQ, 0);
386
387 /* Load it. */
388 kp2 = ed_key_init_from_file(fname1, flags|INIT_ED_KEY_CREATE,
389 LOG_INFO, NULL, now, 0, 7, &cert, NULL);
390 tt_assert(kp2 != NULL);
391 tt_assert(cert == NULL);
392 tt_mem_op(kp1, OP_EQ, kp2, sizeof(*kp2));
393 ed25519_keypair_free(kp2); kp2 = NULL;
394
395 /* Okay, try killing the secret key and loading it. */
396 unlink(get_fname("test_ed_key_3_secret_key"));
397 kp2 = ed_key_init_from_file(fname1, flags,
398 LOG_INFO, NULL, now, 0, 7, &cert, NULL);
399 tt_assert(kp2 != NULL);
400 tt_assert(cert == NULL);
401 tt_mem_op(&kp1->pubkey, OP_EQ, &kp2->pubkey, sizeof(kp2->pubkey));
402 tt_assert(tor_mem_is_zero((char*)kp2->seckey.seckey,
403 sizeof(kp2->seckey.seckey)));
404 ed25519_keypair_free(kp2); kp2 = NULL;
405
406 /* Even when we're told to "create", don't create if there's a public key */
407 kp2 = ed_key_init_from_file(fname1, flags|INIT_ED_KEY_CREATE,
408 LOG_INFO, NULL, now, 0, 7, &cert, NULL);
409 tt_assert(kp2 != NULL);
410 tt_assert(cert == NULL);
411 tt_mem_op(&kp1->pubkey, OP_EQ, &kp2->pubkey, sizeof(kp2->pubkey));
412 tt_assert(tor_mem_is_zero((char*)kp2->seckey.seckey,
413 sizeof(kp2->seckey.seckey)));
414 ed25519_keypair_free(kp2); kp2 = NULL;
415
416 /* Make sure we fail on a tag mismatch, though */
417 kp2 = ed_key_init_from_file(fname1, flags,
418 LOG_INFO, NULL, now, 0, 99, &cert, NULL);
419 tt_assert(kp2 == NULL);
420
421 done:
422 ed25519_keypair_free(kp1);
423 ed25519_keypair_free(kp2);
424 tor_cert_free(cert);
425 tor_free(fname1);
426 tor_free(fname2);
427 }
428
429 static void
430 test_routerkeys_ed_keys_init_all(void *arg)
431 {
432 (void)arg;
433 char *dir = tor_strdup(get_fname("test_ed_keys_init_all"));
434 char *keydir = tor_strdup(get_fname("test_ed_keys_init_all/KEYS"));
435 or_options_t *options = tor_malloc_zero(sizeof(or_options_t));
436 time_t now = time(NULL);
437 ed25519_public_key_t id;
438 ed25519_keypair_t sign, auth;
439 tor_cert_t *link_cert = NULL;
440
441 get_options_mutable()->ORPort_set = 1;
442
443 crypto_pk_t *rsa = pk_generate(0);
444
445 set_server_identity_key(rsa);
446 set_client_identity_key(rsa);
447
448 router_initialize_tls_context();
449
450 options->SigningKeyLifetime = 30*86400;
451 options->TestingAuthKeyLifetime = 2*86400;
452 options->TestingLinkCertLifetime = 2*86400;
453 options->TestingSigningKeySlop = 2*86400;
454 options->TestingAuthKeySlop = 2*3600;
455 options->TestingLinkKeySlop = 2*3600;
456
457 #ifdef _WIN32
458 mkdir(dir);
459 mkdir(keydir);
460 #else
461 mkdir(dir, 0700);
462 mkdir(keydir, 0700);
463 #endif /* defined(_WIN32) */
464
465 options->DataDirectory = dir;
466 options->KeyDirectory = keydir;
467
468 tt_int_op(1, OP_EQ, load_ed_keys(options, now));
469 tt_int_op(0, OP_EQ, generate_ed_link_cert(options, now, 0));
470 tt_assert(get_master_identity_key());
471 tt_assert(get_master_identity_key());
472 tt_assert(get_master_signing_keypair());
473 tt_assert(get_current_auth_keypair());
474 tt_assert(get_master_signing_key_cert());
475 tt_assert(get_current_link_cert_cert());
476 tt_assert(get_current_auth_key_cert());
477 memcpy(&id, get_master_identity_key(), sizeof(id));
478 memcpy(&sign, get_master_signing_keypair(), sizeof(sign));
479 memcpy(&auth, get_current_auth_keypair(), sizeof(auth));
480 link_cert = tor_cert_dup(get_current_link_cert_cert());
481
482 /* Call load_ed_keys again, but nothing has changed. */
483 tt_int_op(0, OP_EQ, load_ed_keys(options, now));
484 tt_int_op(0, OP_EQ, generate_ed_link_cert(options, now, 0));
485 tt_mem_op(&id, OP_EQ, get_master_identity_key(), sizeof(id));
486 tt_mem_op(&sign, OP_EQ, get_master_signing_keypair(), sizeof(sign));
487 tt_mem_op(&auth, OP_EQ, get_current_auth_keypair(), sizeof(auth));
488 tt_assert(tor_cert_eq(link_cert, get_current_link_cert_cert()));
489
490 /* Force a reload: we make new link/auth keys. */
491 routerkeys_free_all();
492 tt_int_op(1, OP_EQ, load_ed_keys(options, now));
493 tt_int_op(0, OP_EQ, generate_ed_link_cert(options, now, 0));
494 tt_mem_op(&id, OP_EQ, get_master_identity_key(), sizeof(id));
495 tt_mem_op(&sign, OP_EQ, get_master_signing_keypair(), sizeof(sign));
496 tt_assert(tor_cert_eq(link_cert, get_current_link_cert_cert()));
497 tt_mem_op(&auth, OP_NE, get_current_auth_keypair(), sizeof(auth));
498 tt_assert(get_master_signing_key_cert());
499 tt_assert(get_current_link_cert_cert());
500 tt_assert(get_current_auth_key_cert());
501 tor_cert_free(link_cert);
502 link_cert = tor_cert_dup(get_current_link_cert_cert());
503 memcpy(&auth, get_current_auth_keypair(), sizeof(auth));
504
505 /* Force a link/auth-key regeneration by advancing time. */
506 tt_int_op(0, OP_EQ, load_ed_keys(options, now+3*86400));
507 tt_int_op(0, OP_EQ, generate_ed_link_cert(options, now+3*86400, 0));
508 tt_mem_op(&id, OP_EQ, get_master_identity_key(), sizeof(id));
509 tt_mem_op(&sign, OP_EQ, get_master_signing_keypair(), sizeof(sign));
510 tt_assert(! tor_cert_eq(link_cert, get_current_link_cert_cert()));
511 tt_mem_op(&auth, OP_NE, get_current_auth_keypair(), sizeof(auth));
512 tt_assert(get_master_signing_key_cert());
513 tt_assert(get_current_link_cert_cert());
514 tt_assert(get_current_auth_key_cert());
515 tor_cert_free(link_cert);
516 link_cert = tor_cert_dup(get_current_link_cert_cert());
517 memcpy(&auth, get_current_auth_keypair(), sizeof(auth));
518
519 /* Force a signing-key regeneration by advancing time. */
520 tt_int_op(1, OP_EQ, load_ed_keys(options, now+100*86400));
521 tt_int_op(0, OP_EQ, generate_ed_link_cert(options, now+100*86400, 0));
522 tt_mem_op(&id, OP_EQ, get_master_identity_key(), sizeof(id));
523 tt_mem_op(&sign, OP_NE, get_master_signing_keypair(), sizeof(sign));
524 tt_assert(! tor_cert_eq(link_cert, get_current_link_cert_cert()));
525 tt_mem_op(&auth, OP_NE, get_current_auth_keypair(), sizeof(auth));
526 tt_assert(get_master_signing_key_cert());
527 tt_assert(get_current_link_cert_cert());
528 tt_assert(get_current_auth_key_cert());
529 memcpy(&sign, get_master_signing_keypair(), sizeof(sign));
530 tor_cert_free(link_cert);
531 link_cert = tor_cert_dup(get_current_link_cert_cert());
532 memcpy(&auth, get_current_auth_keypair(), sizeof(auth));
533
534 /* Demonstrate that we can start up with no secret identity key */
535 routerkeys_free_all();
536 unlink(get_fname("test_ed_keys_init_all/KEYS/"
537 "ed25519_master_id_secret_key"));
538 tt_int_op(1, OP_EQ, load_ed_keys(options, now));
539 tt_int_op(0, OP_EQ, generate_ed_link_cert(options, now, 0));
540 tt_mem_op(&id, OP_EQ, get_master_identity_key(), sizeof(id));
541 tt_mem_op(&sign, OP_EQ, get_master_signing_keypair(), sizeof(sign));
542 tt_assert(! tor_cert_eq(link_cert, get_current_link_cert_cert()));
543 tt_mem_op(&auth, OP_NE, get_current_auth_keypair(), sizeof(auth));
544 tt_assert(get_master_signing_key_cert());
545 tt_assert(get_current_link_cert_cert());
546 tt_assert(get_current_auth_key_cert());
547
548 /* But we're in trouble if we have no id key and our signing key has
549 expired. */
550 log_global_min_severity_ = LOG_ERR; /* Suppress warnings.
551 * XXX (better way to do this)? */
552 routerkeys_free_all();
553 tt_int_op(-1, OP_EQ, load_ed_keys(options, now+200*86400));
554
555 done:
556 tor_free(dir);
557 tor_free(keydir);
558 tor_free(options);
559 tor_cert_free(link_cert);
560 routerkeys_free_all();
561 }
562
563 static void
564 test_routerkeys_cross_certify_ntor(void *args)
565 {
566 (void) args;
567
568 tor_cert_t *cert = NULL;
569 curve25519_keypair_t onion_keys;
570 ed25519_public_key_t master_key;
571 ed25519_public_key_t onion_check_key;
572 time_t now = time(NULL);
573 int sign;
574
575 tt_int_op(0, OP_EQ, ed25519_public_from_base64(&master_key,
576 "IamwritingthesetestsOnARainyAfternoonin2014"));
577 tt_int_op(0, OP_EQ, curve25519_keypair_generate(&onion_keys, 0));
578 cert = make_ntor_onion_key_crosscert(&onion_keys,
579 &master_key,
580 now, 10000,
581 &sign);
582 tt_assert(cert);
583 tt_assert(sign == 0 || sign == 1);
584 tt_int_op(cert->cert_type, OP_EQ, CERT_TYPE_ONION_ID);
585 tt_int_op(1, OP_EQ, ed25519_pubkey_eq(&cert->signed_key, &master_key));
586 tt_int_op(0, OP_EQ, ed25519_public_key_from_curve25519_public_key(
587 &onion_check_key, &onion_keys.pubkey, sign));
588 tt_int_op(0, OP_EQ, tor_cert_checksig(cert, &onion_check_key, now));
589
590 done:
591 tor_cert_free(cert);
592 }
593
594 static void
595 test_routerkeys_cross_certify_tap(void *args)
596 {
597 (void)args;
598 uint8_t *cc = NULL;
599 int cc_len;
600 ed25519_public_key_t master_key;
601 crypto_pk_t *onion_key = pk_generate(2), *id_key = pk_generate(1);
602 char digest[20];
603 char buf[128];
604 int n;
605
606 tt_int_op(0, OP_EQ, ed25519_public_from_base64(&master_key,
607 "IAlreadyWroteTestsForRouterdescsUsingTheseX"));
608
609 cc = make_tap_onion_key_crosscert(onion_key,
610 &master_key,
611 id_key, &cc_len);
612 tt_assert(cc);
613 tt_assert(cc_len);
614
615 n = crypto_pk_public_checksig(onion_key, buf, sizeof(buf),
616 (char*)cc, cc_len);
617 tt_int_op(n,OP_GT,0);
618 tt_int_op(n,OP_EQ,52);
619
620 crypto_pk_get_digest(id_key, digest);
621 tt_mem_op(buf,OP_EQ,digest,20);
622 tt_mem_op(buf+20,OP_EQ,master_key.pubkey,32);
623
624 tt_int_op(0, OP_EQ, check_tap_onion_key_crosscert(cc, cc_len,
625 onion_key, &master_key, (uint8_t*)digest));
626
627 done:
628 tor_free(cc);
629 crypto_pk_free(id_key);
630 crypto_pk_free(onion_key);
631 }
632
633 static void
634 test_routerkeys_rsa_ed_crosscert(void *arg)
635 {
636 (void)arg;
637 ed25519_public_key_t ed;
638 crypto_pk_t *rsa = pk_generate(2);
639
640 uint8_t *cc = NULL;
641 ssize_t cc_len;
642 time_t expires_in = 1470846177;
643
644 tt_int_op(0, OP_EQ, ed25519_public_from_base64(&ed,
645 "ThisStringCanContainAnythingSoNoKeyHereNowX"));
646 cc_len = tor_make_rsa_ed25519_crosscert(&ed, rsa, expires_in, &cc);
647
648 tt_int_op(cc_len, OP_GT, 0);
649 tt_int_op(cc_len, OP_GT, 37); /* key, expires, siglen */
650 tt_mem_op(cc, OP_EQ, ed.pubkey, 32);
651 time_t expires_out = 3600 * ntohl(get_uint32(cc+32));
652 tt_int_op(expires_out, OP_GE, expires_in);
653 tt_int_op(expires_out, OP_LE, expires_in + 3600);
654
655 tt_int_op(cc_len, OP_EQ, 37 + get_uint8(cc+36));
656
657 tt_int_op(0, OP_EQ, rsa_ed25519_crosscert_check(cc, cc_len, rsa, &ed,
658 expires_in - 10));
659
660 /* Now try after it has expired */
661 tt_int_op(-4, OP_EQ, rsa_ed25519_crosscert_check(cc, cc_len, rsa, &ed,
662 expires_out + 1));
663
664 /* Truncated object */
665 tt_int_op(-2, OP_EQ, rsa_ed25519_crosscert_check(cc, cc_len - 2, rsa, &ed,
666 expires_in - 10));
667
668 /* Key not as expected */
669 cc[0] ^= 3;
670 tt_int_op(-3, OP_EQ, rsa_ed25519_crosscert_check(cc, cc_len, rsa, &ed,
671 expires_in - 10));
672 cc[0] ^= 3;
673
674 /* Bad signature */
675 cc[40] ^= 3;
676 tt_int_op(-5, OP_EQ, rsa_ed25519_crosscert_check(cc, cc_len, rsa, &ed,
677 expires_in - 10));
678 cc[40] ^= 3;
679
680 /* Signature of wrong data */
681 cc[0] ^= 3;
682 ed.pubkey[0] ^= 3;
683 tt_int_op(-6, OP_EQ, rsa_ed25519_crosscert_check(cc, cc_len, rsa, &ed,
684 expires_in - 10));
685 cc[0] ^= 3;
686 ed.pubkey[0] ^= 3;
687
688 done:
689 crypto_pk_free(rsa);
690 tor_free(cc);
691 }
692
693 #define TEST(name, flags) \
694 { #name , test_routerkeys_ ## name, (flags), NULL, NULL }
695
696 struct testcase_t routerkeys_tests[] = {
697 TEST(write_fingerprint, TT_FORK),
698 TEST(ed_certs, TT_FORK),
699 TEST(ed_key_create, TT_FORK),
700 TEST(ed_key_init_basic, TT_FORK),
701 TEST(ed_key_init_split, TT_FORK),
702 TEST(ed_keys_init_all, TT_FORK),
703 TEST(cross_certify_ntor, 0),
704 TEST(cross_certify_tap, 0),
705 TEST(rsa_ed_crosscert, 0),
706 END_OF_TESTCASES
707 };
The Onion Router