Make IsValidHostname More Robust #24
|
@ -40,11 +40,9 @@ func GetTorV3Hostname(pub ed25519.PublicKey) string {
|
||||||
return strings.ToLower(serviceID)
|
return strings.ToLower(serviceID)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
// IsValidHostname returns true if the given address is a valid onion v3 address
|
// IsValidHostname returns true if the given address is a valid onion v3 address
|
||||||
func IsValidHostname(address string) bool {
|
func IsValidHostname(address string) bool {
|
||||||
if len(address) == V3HostnameLength {
|
if len(address) == V3HostnameLength {
|
||||||
data, err := base32.StdEncoding.DecodeString(strings.ToUpper(address))
|
data, err := base32.StdEncoding.DecodeString(strings.ToUpper(address))
|
||||||
if err == nil {
|
if err == nil {
|
||||||
pubkey := data[0:ed25519.PublicKeySize]
|
pubkey := data[0:ed25519.PublicKeySize]
|
||||||
|
@ -57,11 +55,11 @@ func IsValidHostname(address string) bool {
|
||||||
// result is the ed25519 identity element.
|
// result is the ed25519 identity element.
|
||||||
// l = order of the group (minus 1)
|
// l = order of the group (minus 1)
|
||||||
lBytes := []byte{236, 211, 245, 92, 26, 99, 18, 88, 214, 156, 247, 162, 222, 249, 222, 20, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 16}
|
lBytes := []byte{236, 211, 245, 92, 26, 99, 18, 88, 214, 156, 247, 162, 222, 249, 222, 20, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 16}
|
||||||
l,_ := edwards25519.NewScalar().SetCanonicalBytes(lBytes)
|
l, _ := edwards25519.NewScalar().SetCanonicalBytes(lBytes)
|
||||||
|
|
||||||
// construct a curve point from the public key
|
// construct a curve point from the public key
|
||||||
// if this fails then the hostname is invalid
|
// if this fails then the hostname is invalid
|
||||||
p,err := new(edwards25519.Point).SetBytes(pubkey)
|
p, err := new(edwards25519.Point).SetBytes(pubkey)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return false
|
return false
|
||||||
}
|
}
|
||||||
|
|
|
@ -30,63 +30,61 @@ func TestIsValidHostname(t *testing.T) {
|
||||||
}
|
}
|
||||||
|
|
||||||
// First we will construct a torsion point from our Valid Onion
|
// First we will construct a torsion point from our Valid Onion
|
||||||
pubKey,_ := torutil.PublicKeyFromV3OnionServiceID(openprivonion)
|
pubKey, _ := torutil.PublicKeyFromV3OnionServiceID(openprivonion)
|
||||||
pubKeyPoint,_ := new(edwards25519.Point).SetBytes(pubKey)
|
pubKeyPoint, _ := new(edwards25519.Point).SetBytes(pubKey)
|
||||||
torsionPubKeyBytes,_ := hex.DecodeString("26e8958fc2b227b045c3f489f2ef98f0d5dfac05d3c63339b13802886d53fc05")
|
torsionPubKeyBytes, _ := hex.DecodeString("26e8958fc2b227b045c3f489f2ef98f0d5dfac05d3c63339b13802886d53fc05")
|
||||||
torsionHostname,_ := torutil.PublicKeyFromV3OnionServiceID(GetTorV3Hostname(torsionPubKeyBytes))
|
torsionHostname, _ := torutil.PublicKeyFromV3OnionServiceID(GetTorV3Hostname(torsionPubKeyBytes))
|
||||||
torsionPoint,_ := new(edwards25519.Point).SetBytes(torsionHostname)
|
torsionPoint, _ := new(edwards25519.Point).SetBytes(torsionHostname)
|
||||||
malformedKey := new(edwards25519.Point).Add(pubKeyPoint, torsionPoint)
|
malformedKey := new(edwards25519.Point).Add(pubKeyPoint, torsionPoint)
|
||||||
|
|
||||||
t.Logf("testing: %v", GetTorV3Hostname(malformedKey.Bytes()))
|
t.Logf("testing: %v", GetTorV3Hostname(malformedKey.Bytes()))
|
||||||
if IsValidHostname( GetTorV3Hostname(malformedKey.Bytes())) == true {
|
if IsValidHostname(GetTorV3Hostname(malformedKey.Bytes())) == true {
|
||||||
t.Fatalf("torsion onion should not validate as a valid hostname")
|
t.Fatalf("torsion onion should not validate as a valid hostname")
|
||||||
}
|
}
|
||||||
|
|
||||||
// Testing a few torsion points taken from https://lists.torproject.org/pipermail/tor-dev/2017-April/012226.html
|
// Testing a few torsion points taken from https://lists.torproject.org/pipermail/tor-dev/2017-April/012226.html
|
||||||
torsionPubKey,_ := hex.DecodeString("0000000000000000000000000000000000000000000000000000000000000000")
|
torsionPubKey, _ := hex.DecodeString("0000000000000000000000000000000000000000000000000000000000000000")
|
||||||
t.Logf("testing: %v", GetTorV3Hostname(torsionPubKey))
|
t.Logf("testing: %v", GetTorV3Hostname(torsionPubKey))
|
||||||
if IsValidHostname( GetTorV3Hostname(torsionPubKey)) == true {
|
if IsValidHostname(GetTorV3Hostname(torsionPubKey)) == true {
|
||||||
t.Fatalf("torsion onion should not validate as a valid hostname")
|
t.Fatalf("torsion onion should not validate as a valid hostname")
|
||||||
}
|
}
|
||||||
|
|
||||||
torsionPubKey,_ = hex.DecodeString("26e8958fc2b227b045c3f489f2ef98f0d5dfac05d3c63339b13802886d53fc05")
|
torsionPubKey, _ = hex.DecodeString("26e8958fc2b227b045c3f489f2ef98f0d5dfac05d3c63339b13802886d53fc05")
|
||||||
t.Logf("testing: %v", GetTorV3Hostname(torsionPubKey))
|
t.Logf("testing: %v", GetTorV3Hostname(torsionPubKey))
|
||||||
if IsValidHostname( GetTorV3Hostname(torsionPubKey)) == true {
|
if IsValidHostname(GetTorV3Hostname(torsionPubKey)) == true {
|
||||||
t.Fatalf("torsion onion should not validate as a valid hostname")
|
t.Fatalf("torsion onion should not validate as a valid hostname")
|
||||||
}
|
}
|
||||||
|
|
||||||
torsionPubKey,_ = hex.DecodeString("c9fff3af0471c28e33e98c2043e44f779d0427b1e37c521a6bddc011ed1869af")
|
torsionPubKey, _ = hex.DecodeString("c9fff3af0471c28e33e98c2043e44f779d0427b1e37c521a6bddc011ed1869af")
|
||||||
t.Logf("testing: %v", GetTorV3Hostname(torsionPubKey))
|
t.Logf("testing: %v", GetTorV3Hostname(torsionPubKey))
|
||||||
if IsValidHostname( GetTorV3Hostname(torsionPubKey)) == true {
|
if IsValidHostname(GetTorV3Hostname(torsionPubKey)) == true {
|
||||||
t.Fatalf("torsion onion should not validate as a valid hostname")
|
t.Fatalf("torsion onion should not validate as a valid hostname")
|
||||||
}
|
}
|
||||||
|
|
||||||
torsionPubKey,_ = hex.DecodeString("f43e3a046db8749164c6e69b193f1e942c7452e7d888736f40b98093d814d5e7")
|
torsionPubKey, _ = hex.DecodeString("f43e3a046db8749164c6e69b193f1e942c7452e7d888736f40b98093d814d5e7")
|
||||||
t.Logf("testing: %v", GetTorV3Hostname(torsionPubKey))
|
t.Logf("testing: %v", GetTorV3Hostname(torsionPubKey))
|
||||||
if IsValidHostname( GetTorV3Hostname(torsionPubKey)) == true {
|
if IsValidHostname(GetTorV3Hostname(torsionPubKey)) == true {
|
||||||
t.Fatalf("torsion onion should not should validate as a valid hostname")
|
t.Fatalf("torsion onion should not should validate as a valid hostname")
|
||||||
}
|
}
|
||||||
|
|
||||||
torsionPubKey,_ = hex.DecodeString("300ef2e64e588e1df55b48e4da0416ffb64cc85d5b00af6463d5cc6c2b1c185e")
|
torsionPubKey, _ = hex.DecodeString("300ef2e64e588e1df55b48e4da0416ffb64cc85d5b00af6463d5cc6c2b1c185e")
|
||||||
t.Logf("testing: %v", GetTorV3Hostname(torsionPubKey))
|
t.Logf("testing: %v", GetTorV3Hostname(torsionPubKey))
|
||||||
if IsValidHostname( GetTorV3Hostname(torsionPubKey)) == true {
|
if IsValidHostname(GetTorV3Hostname(torsionPubKey)) == true {
|
||||||
t.Fatalf("torsion onion should not validate as a valid hostname")
|
t.Fatalf("torsion onion should not validate as a valid hostname")
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
// this should pass
|
// this should pass
|
||||||
// (also from https://lists.torproject.org/pipermail/tor-dev/2017-April/012230.html)
|
// (also from https://lists.torproject.org/pipermail/tor-dev/2017-April/012230.html)
|
||||||
validPubKey,_ := hex.DecodeString("4ba2e44760dff4c559ef3c38768c1c14a8a54740c782c8d70803e9d6e3ad8794")
|
validPubKey, _ := hex.DecodeString("4ba2e44760dff4c559ef3c38768c1c14a8a54740c782c8d70803e9d6e3ad8794")
|
||||||
t.Logf("testing: %v", GetTorV3Hostname(validPubKey))
|
t.Logf("testing: %v", GetTorV3Hostname(validPubKey))
|
||||||
if IsValidHostname( GetTorV3Hostname(validPubKey)) == false {
|
if IsValidHostname(GetTorV3Hostname(validPubKey)) == false {
|
||||||
t.Fatalf("valid onion should validate as a valid hostname")
|
t.Fatalf("valid onion should validate as a valid hostname")
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
// Finally test a completely invalid key...
|
// Finally test a completely invalid key...
|
||||||
badPubKey,_ := hex.DecodeString("e19c65de75c68cf3b7643ea732ba9eb1a3d20d6d57ba223c2ece1df66feb5af0")
|
badPubKey, _ := hex.DecodeString("e19c65de75c68cf3b7643ea732ba9eb1a3d20d6d57ba223c2ece1df66feb5af0")
|
||||||
t.Logf("testing: %v", GetTorV3Hostname(badPubKey))
|
t.Logf("testing: %v", GetTorV3Hostname(badPubKey))
|
||||||
if IsValidHostname( GetTorV3Hostname(badPubKey)) == true {
|
if IsValidHostname(GetTorV3Hostname(badPubKey)) == true {
|
||||||
t.Fatalf("invalid ed25519 point should not validate as a valid hostname")
|
t.Fatalf("invalid ed25519 point should not validate as a valid hostname")
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue