Line data Source code
1 : /* Copyright (c) 2017-2021, The Tor Project, Inc. */
2 : /* See LICENSE for licensing information */
3 :
4 : /**
5 : * \file test_hs_ntor.c
6 : * \brief Test hidden service ntor functionality.
7 : */
8 :
9 : #include "test/test.h"
10 : #include "test/test_helpers.h"
11 : #include "test/log_test_helpers.h"
12 : #include "lib/crypt_ops/crypto_curve25519.h"
13 : #include "lib/crypt_ops/crypto_ed25519.h"
14 :
15 : #include "core/crypto/hs_ntor.h"
16 :
17 : /* Test the HS ntor handshake. Simulate the sending of an encrypted INTRODUCE1
18 : * cell, and verify the proper derivation of decryption keys on the other end.
19 : * Then simulate the sending of an authenticated RENDEZVOUS1 cell and verify
20 : * the proper verification on the other end. */
21 : static void
22 1 : test_hs_ntor(void *arg)
23 : {
24 1 : int retval;
25 :
26 1 : hs_subcredential_t subcredential;
27 :
28 1 : ed25519_keypair_t service_intro_auth_keypair;
29 1 : curve25519_keypair_t service_intro_enc_keypair;
30 1 : curve25519_keypair_t service_ephemeral_rend_keypair;
31 :
32 1 : curve25519_keypair_t client_ephemeral_enc_keypair;
33 :
34 1 : hs_ntor_intro_cell_keys_t client_hs_ntor_intro_cell_keys;
35 1 : hs_ntor_intro_cell_keys_t service_hs_ntor_intro_cell_keys;
36 :
37 1 : hs_ntor_rend_cell_keys_t service_hs_ntor_rend_cell_keys;
38 1 : hs_ntor_rend_cell_keys_t client_hs_ntor_rend_cell_keys;
39 :
40 1 : (void) arg;
41 :
42 : /* Generate fake data for this unittest */
43 : {
44 : /* Generate fake subcredential */
45 1 : memset(subcredential.subcred, 'Z', DIGEST256_LEN);
46 :
47 : /* service */
48 1 : curve25519_keypair_generate(&service_intro_enc_keypair, 0);
49 1 : ed25519_keypair_generate(&service_intro_auth_keypair, 0);
50 1 : curve25519_keypair_generate(&service_ephemeral_rend_keypair, 0);
51 : /* client */
52 1 : curve25519_keypair_generate(&client_ephemeral_enc_keypair, 0);
53 : }
54 :
55 : /* Client: Simulate the sending of an encrypted INTRODUCE1 cell */
56 1 : retval =
57 1 : hs_ntor_client_get_introduce1_keys(&service_intro_auth_keypair.pubkey,
58 : &service_intro_enc_keypair.pubkey,
59 : &client_ephemeral_enc_keypair,
60 : &subcredential,
61 : &client_hs_ntor_intro_cell_keys);
62 1 : tt_int_op(retval, OP_EQ, 0);
63 :
64 : /* Service: Simulate the decryption of the received INTRODUCE1 */
65 1 : retval =
66 1 : hs_ntor_service_get_introduce1_keys(&service_intro_auth_keypair.pubkey,
67 : &service_intro_enc_keypair,
68 : &client_ephemeral_enc_keypair.pubkey,
69 : &subcredential,
70 : &service_hs_ntor_intro_cell_keys);
71 1 : tt_int_op(retval, OP_EQ, 0);
72 :
73 : /* Test that the INTRODUCE1 encryption/mac keys match! */
74 1 : tt_mem_op(client_hs_ntor_intro_cell_keys.enc_key, OP_EQ,
75 : service_hs_ntor_intro_cell_keys.enc_key,
76 1 : CIPHER256_KEY_LEN);
77 1 : tt_mem_op(client_hs_ntor_intro_cell_keys.mac_key, OP_EQ,
78 : service_hs_ntor_intro_cell_keys.mac_key,
79 1 : DIGEST256_LEN);
80 :
81 : /* Service: Simulate creation of RENDEZVOUS1 key material. */
82 1 : retval =
83 1 : hs_ntor_service_get_rendezvous1_keys(&service_intro_auth_keypair.pubkey,
84 : &service_intro_enc_keypair,
85 : &service_ephemeral_rend_keypair,
86 : &client_ephemeral_enc_keypair.pubkey,
87 : &service_hs_ntor_rend_cell_keys);
88 1 : tt_int_op(retval, OP_EQ, 0);
89 :
90 : /* Client: Simulate the verification of a received RENDEZVOUS1 cell */
91 1 : retval =
92 1 : hs_ntor_client_get_rendezvous1_keys(&service_intro_auth_keypair.pubkey,
93 : &client_ephemeral_enc_keypair,
94 : &service_intro_enc_keypair.pubkey,
95 : &service_ephemeral_rend_keypair.pubkey,
96 : &client_hs_ntor_rend_cell_keys);
97 1 : tt_int_op(retval, OP_EQ, 0);
98 :
99 : /* Test that the RENDEZVOUS1 key material match! */
100 1 : tt_mem_op(client_hs_ntor_rend_cell_keys.rend_cell_auth_mac, OP_EQ,
101 : service_hs_ntor_rend_cell_keys.rend_cell_auth_mac,
102 1 : DIGEST256_LEN);
103 1 : tt_mem_op(client_hs_ntor_rend_cell_keys.ntor_key_seed, OP_EQ,
104 : service_hs_ntor_rend_cell_keys.ntor_key_seed,
105 1 : DIGEST256_LEN);
106 1 : done:
107 1 : ;
108 1 : }
109 :
110 : struct testcase_t hs_ntor_tests[] = {
111 : { "hs_ntor", test_hs_ntor, TT_FORK,
112 : NULL, NULL },
113 :
114 : END_OF_TESTCASES
115 : };
|
