From 19cf074f4d8e209af35c1829626738b3b924cb65 Mon Sep 17 00:00:00 2001 From: "J. Ryan Stinnett" Date: Sun, 4 Dec 2016 20:30:26 -0600 Subject: [PATCH] hs: Remove private keys from hs_desc_plaintext_data_t. Since both the client and service will use that data structure to store the descriptor decoded data, only the public keys are common to both. Fixes #20572. Signed-off-by: David Goulet --- src/or/hs_cache.c | 2 +- src/or/hs_descriptor.c | 64 +++++++++++++----------- src/or/hs_descriptor.h | 11 +++-- src/test/test_hs_cache.c | 93 +++++++++++++++++++++-------------- src/test/test_hs_descriptor.c | 79 +++++++++++++++++------------ 5 files changed, 146 insertions(+), 103 deletions(-) diff --git a/src/or/hs_cache.c b/src/or/hs_cache.c index b7ff979e5..e5bd0e49a 100644 --- a/src/or/hs_cache.c +++ b/src/or/hs_cache.c @@ -86,7 +86,7 @@ cache_dir_desc_new(const char *desc) } /* The blinded pubkey is the indexed key. */ - dir_desc->key = dir_desc->plaintext_data->blinded_kp.pubkey.pubkey; + dir_desc->key = dir_desc->plaintext_data->blinded_pubkey.pubkey; dir_desc->created_ts = time(NULL); return dir_desc; diff --git a/src/or/hs_descriptor.c b/src/or/hs_descriptor.c index 37aa1d745..00d10757e 100644 --- a/src/or/hs_descriptor.c +++ b/src/or/hs_descriptor.c @@ -219,7 +219,7 @@ encode_link_specifiers(const smartlist_t *specs) /* Encode an introduction point encryption key and return a newly allocated * string with it. On failure, return NULL. */ static char * -encode_enc_key(const ed25519_keypair_t *sig_key, +encode_enc_key(const ed25519_public_key_t *sig_key, const hs_desc_intro_point_t *ip) { char *encoded = NULL; @@ -237,8 +237,7 @@ encode_enc_key(const ed25519_keypair_t *sig_key, uint8_t *cert_data = NULL; /* Create cross certification cert. */ - cert_len = tor_make_rsa_ed25519_crosscert(&sig_key->pubkey, - ip->enc_key.legacy, + cert_len = tor_make_rsa_ed25519_crosscert(sig_key, ip->enc_key.legacy, now + HS_DESC_CERT_LIFETIME, &cert_data); if (cert_len < 0) { @@ -282,7 +281,7 @@ encode_enc_key(const ed25519_keypair_t *sig_key, } tor_cert_t *cross_cert = tor_cert_create(&curve_kp, CERT_TYPE_CROSS_HS_IP_KEYS, - &sig_key->pubkey, now, + sig_key, now, HS_DESC_CERT_LIFETIME, CERT_FLAG_INCLUDE_SIGNING_KEY); memwipe(&curve_kp, 0, sizeof(curve_kp)); @@ -318,7 +317,7 @@ encode_enc_key(const ed25519_keypair_t *sig_key, /* Encode an introduction point object and return a newly allocated string * with it. On failure, return NULL. */ static char * -encode_intro_point(const ed25519_keypair_t *sig_key, +encode_intro_point(const ed25519_public_key_t *sig_key, const hs_desc_intro_point_t *ip) { char *encoded_ip = NULL; @@ -377,9 +376,9 @@ build_secret_input(const hs_descriptor_t *desc, uint8_t *dst, size_t dstlen) /* XXX use the destination length as the memcpy length */ /* Copy blinded public key. */ - memcpy(dst, desc->plaintext_data.blinded_kp.pubkey.pubkey, - sizeof(desc->plaintext_data.blinded_kp.pubkey.pubkey)); - offset += sizeof(desc->plaintext_data.blinded_kp.pubkey.pubkey); + memcpy(dst, desc->plaintext_data.blinded_pubkey.pubkey, + sizeof(desc->plaintext_data.blinded_pubkey.pubkey)); + offset += sizeof(desc->plaintext_data.blinded_pubkey.pubkey); /* Copy subcredential. */ memcpy(dst + offset, desc->subcredential, sizeof(desc->subcredential)); offset += sizeof(desc->subcredential); @@ -665,7 +664,7 @@ encode_encrypted_data(const hs_descriptor_t *desc, /* Build the introduction point(s) section. */ SMARTLIST_FOREACH_BEGIN(desc->encrypted_data.intro_points, const hs_desc_intro_point_t *, ip) { - char *encoded_ip = encode_intro_point(&desc->plaintext_data.signing_kp, + char *encoded_ip = encode_intro_point(&desc->plaintext_data.signing_pubkey, ip); if (encoded_ip == NULL) { log_err(LD_BUG, "HS desc intro point is malformed."); @@ -710,7 +709,8 @@ encode_encrypted_data(const hs_descriptor_t *desc, * newly allocated string of the encoded descriptor. On error, -1 is returned * and encoded_out is untouched. */ static int -desc_encode_v3(const hs_descriptor_t *desc, char **encoded_out) +desc_encode_v3(const hs_descriptor_t *desc, + const ed25519_keypair_t *signing_kp, char **encoded_out) { int ret = -1; char *encoded_str = NULL; @@ -718,6 +718,7 @@ desc_encode_v3(const hs_descriptor_t *desc, char **encoded_out) smartlist_t *lines = smartlist_new(); tor_assert(desc); + tor_assert(signing_kp); tor_assert(encoded_out); tor_assert(desc->plaintext_data.version == 3); @@ -732,7 +733,7 @@ desc_encode_v3(const hs_descriptor_t *desc, char **encoded_out) goto err; } if (tor_cert_encode_ed22519(desc->plaintext_data.signing_key_cert, - &encoded_cert) < 0) { + &encoded_cert) < 0) { /* The function will print error logs. */ goto err; } @@ -775,8 +776,7 @@ desc_encode_v3(const hs_descriptor_t *desc, char **encoded_out) char ed_sig_b64[ED25519_SIG_BASE64_LEN + 1]; if (ed25519_sign_prefixed(&sig, (const uint8_t *) encoded_str, encoded_len, - str_desc_sig_prefix, - &desc->plaintext_data.signing_kp) < 0) { + str_desc_sig_prefix, signing_kp) < 0) { log_warn(LD_BUG, "Can't sign encoded HS descriptor!"); tor_free(encoded_str); goto err; @@ -1365,7 +1365,8 @@ decode_intro_points(const hs_descriptor_t *desc, /* Return 1 iff the given base64 encoded signature in b64_sig from the encoded * descriptor in encoded_desc validates the descriptor content. */ STATIC int -desc_sig_is_valid(const char *b64_sig, const ed25519_keypair_t *signing_kp, +desc_sig_is_valid(const char *b64_sig, + const ed25519_public_key_t *signing_pubkey, const char *encoded_desc, size_t encoded_len) { int ret = 0; @@ -1373,7 +1374,7 @@ desc_sig_is_valid(const char *b64_sig, const ed25519_keypair_t *signing_kp, const char *sig_start; tor_assert(b64_sig); - tor_assert(signing_kp); + tor_assert(signing_pubkey); tor_assert(encoded_desc); /* Verifying nothing won't end well :). */ tor_assert(encoded_len > 0); @@ -1408,7 +1409,7 @@ desc_sig_is_valid(const char *b64_sig, const ed25519_keypair_t *signing_kp, (const uint8_t *) encoded_desc, sig_start - encoded_desc, str_desc_sig_prefix, - &signing_kp->pubkey) != 0) { + signing_pubkey) != 0) { log_warn(LD_REND, "Invalid signature on service descriptor"); goto err; } @@ -1474,10 +1475,10 @@ desc_decode_plaintext_v3(smartlist_t *tokens, goto err; } - /* Copy the public keys into signing_kp and blinded_kp */ - memcpy(&desc->signing_kp.pubkey, &desc->signing_key_cert->signed_key, + /* Copy the public keys into signing_pubkey and blinded_pubkey */ + memcpy(&desc->signing_pubkey, &desc->signing_key_cert->signed_key, sizeof(ed25519_public_key_t)); - memcpy(&desc->blinded_kp.pubkey, &desc->signing_key_cert->signing_key, + memcpy(&desc->blinded_pubkey, &desc->signing_key_cert->signing_key, sizeof(ed25519_public_key_t)); /* Extract revision counter value. */ @@ -1511,7 +1512,7 @@ desc_decode_plaintext_v3(smartlist_t *tokens, tok = find_by_keyword(tokens, R3_SIGNATURE); tor_assert(tok->n_args == 1); /* First arg here is the actual encoded signature. */ - if (!desc_sig_is_valid(tok->args[0], &desc->signing_kp, + if (!desc_sig_is_valid(tok->args[0], &desc->signing_pubkey, encoded_desc, encoded_len)) { goto err; } @@ -1806,41 +1807,46 @@ hs_desc_decode_descriptor(const char *encoded, return ret; } -/* Table of encode function version specific. The function are indexed by the +/* Table of encode function version specific. The functions are indexed by the * version number so v3 callback is at index 3 in the array. */ static int (*encode_handlers[])( const hs_descriptor_t *desc, + const ed25519_keypair_t *signing_kp, char **encoded_out) = { /* v0 */ NULL, /* v1 */ NULL, /* v2 */ NULL, desc_encode_v3, }; -/* Encode the given descriptor desc. On success, encoded_out points to a newly - * allocated NUL terminated string that contains the encoded descriptor as a - * string. +/* Encode the given descriptor desc including signing with the given key pair + * signing_kp. On success, encoded_out points to a newly allocated NUL + * terminated string that contains the encoded descriptor as a string. * * Return 0 on success and encoded_out is a valid pointer. On error, -1 is * returned and encoded_out is set to NULL. */ int -hs_desc_encode_descriptor(const hs_descriptor_t *desc, char **encoded_out) +hs_desc_encode_descriptor(const hs_descriptor_t *desc, + const ed25519_keypair_t *signing_kp, + char **encoded_out) { int ret = -1; + uint32_t version; tor_assert(desc); tor_assert(encoded_out); /* Make sure we support the version of the descriptor format. */ - if (!hs_desc_is_supported_version(desc->plaintext_data.version)) { + version = desc->plaintext_data.version; + if (!hs_desc_is_supported_version(version)) { goto err; } /* Extra precaution. Having no handler for the supported version should * never happened else we forgot to add it but we bumped the version. */ - tor_assert(ARRAY_LENGTH(encode_handlers) >= desc->plaintext_data.version); - tor_assert(encode_handlers[desc->plaintext_data.version]); + tor_assert(ARRAY_LENGTH(encode_handlers) >= version); + tor_assert(encode_handlers[version]); - ret = encode_handlers[desc->plaintext_data.version](desc, encoded_out); + ret = encode_handlers[version](desc, signing_kp, encoded_out); if (ret < 0) { goto err; } diff --git a/src/or/hs_descriptor.h b/src/or/hs_descriptor.h index 083d35386..a6fe96ad9 100644 --- a/src/or/hs_descriptor.h +++ b/src/or/hs_descriptor.h @@ -148,13 +148,13 @@ typedef struct hs_desc_plaintext_data_t { * replica which is signed by the blinded public key for that replica. */ tor_cert_t *signing_key_cert; - /* Signing keypair which is used to sign the descriptor. Same public key + /* Signing public key which is used to sign the descriptor. Same public key * as in the signing key certificate. */ - ed25519_keypair_t signing_kp; + ed25519_public_key_t signing_pubkey; - /* Blinded keypair used for this descriptor derived from the master + /* Blinded public key used for this descriptor derived from the master * identity key and generated for a specific replica number. */ - ed25519_keypair_t blinded_kp; + ed25519_public_key_t blinded_pubkey; /* Revision counter is incremented at each upload, regardless of whether * the descriptor has changed. This avoids leaking whether the descriptor @@ -201,6 +201,7 @@ void hs_desc_plaintext_data_free(hs_desc_plaintext_data_t *desc); void hs_desc_encrypted_data_free(hs_desc_encrypted_data_t *desc); int hs_desc_encode_descriptor(const hs_descriptor_t *desc, + const ed25519_keypair_t *signing_kp, char **encoded_out); int hs_desc_decode_descriptor(const char *encoded, @@ -232,7 +233,7 @@ STATIC int encrypted_data_length_is_valid(size_t len); STATIC int cert_is_valid(tor_cert_t *cert, uint8_t type, const char *log_obj_type); STATIC int desc_sig_is_valid(const char *b64_sig, - const ed25519_keypair_t *signing_kp, + const ed25519_public_key_t *signing_pubkey, const char *encoded_desc, size_t encoded_len); STATIC void desc_intro_point_free(hs_desc_intro_point_t *ip); #endif /* HS_DESCRIPTOR_PRIVATE */ diff --git a/src/test/test_hs_cache.c b/src/test/test_hs_cache.c index e7deec2e2..64391a7c2 100644 --- a/src/test/test_hs_cache.c +++ b/src/test/test_hs_cache.c @@ -66,27 +66,27 @@ helper_build_intro_point(const ed25519_keypair_t *blinded_kp, /* Return a valid hs_descriptor_t object. */ static hs_descriptor_t * helper_build_hs_desc(uint64_t revision_counter, uint32_t lifetime, - ed25519_keypair_t *blinded_kp) + ed25519_public_key_t *signing_pubkey) { int ret; + ed25519_keypair_t blinded_kp; hs_descriptor_t *descp = NULL, *desc = tor_malloc_zero(sizeof(*desc)); desc->plaintext_data.version = HS_DESC_SUPPORTED_FORMAT_VERSION_MAX; - ret = ed25519_keypair_generate(&desc->plaintext_data.signing_kp, 0); + + /* Copy only the public key into the descriptor. */ + memcpy(&desc->plaintext_data.signing_pubkey, signing_pubkey, + sizeof(ed25519_public_key_t)); + + ret = ed25519_keypair_generate(&blinded_kp, 0); tt_int_op(ret, ==, 0); - if (blinded_kp) { - memcpy(&desc->plaintext_data.blinded_kp, blinded_kp, - sizeof(ed25519_keypair_t)); - } else { - ret = ed25519_keypair_generate(&desc->plaintext_data.blinded_kp, 0); - tt_int_op(ret, ==, 0); - } + /* Copy only the public key into the descriptor. */ + memcpy(&desc->plaintext_data.blinded_pubkey, &blinded_kp.pubkey, + sizeof(ed25519_public_key_t)); desc->plaintext_data.signing_key_cert = - tor_cert_create(&desc->plaintext_data.blinded_kp, - CERT_TYPE_SIGNING_HS_DESC, - &desc->plaintext_data.signing_kp.pubkey, time(NULL), - 3600, CERT_FLAG_INCLUDE_SIGNING_KEY); + tor_cert_create(&blinded_kp, CERT_TYPE_SIGNING_HS_DESC, signing_pubkey, + time(NULL), 3600, CERT_FLAG_INCLUDE_SIGNING_KEY); tt_assert(desc->plaintext_data.signing_key_cert); desc->plaintext_data.revision_counter = revision_counter; desc->plaintext_data.lifetime_sec = lifetime; @@ -98,8 +98,7 @@ helper_build_hs_desc(uint64_t revision_counter, uint32_t lifetime, desc->encrypted_data.intro_points = smartlist_new(); /* Add an intro point. */ smartlist_add(desc->encrypted_data.intro_points, - helper_build_intro_point(&desc->plaintext_data.blinded_kp, - "1.2.3.4")); + helper_build_intro_point(&blinded_kp, "1.2.3.4")); descp = desc; done: @@ -109,12 +108,11 @@ helper_build_hs_desc(uint64_t revision_counter, uint32_t lifetime, /* Static variable used to encoded the HSDir query. */ static char query_b64[256]; -/* Build an HSDir query using a ed25519 keypair. */ +/* Build an HSDir query using a ed25519 public key. */ static const char * helper_get_hsdir_query(const hs_descriptor_t *desc) { - ed25519_public_to_base64(query_b64, - &desc->plaintext_data.blinded_kp.pubkey); + ed25519_public_to_base64(query_b64, &desc->plaintext_data.blinded_pubkey); return query_b64; } @@ -132,17 +130,20 @@ test_directory(void *arg) { int ret; size_t oom_size; - char *desc1_str=NULL; + char *desc1_str = NULL; const char *desc_out; - hs_descriptor_t *desc1; + ed25519_keypair_t signing_kp1; + hs_descriptor_t *desc1 = NULL; (void) arg; init_test(); /* Generate a valid descriptor with normal values. */ - desc1 = helper_build_hs_desc(42, 3 * 60 * 60, NULL); + ret = ed25519_keypair_generate(&signing_kp1, 0); + tt_int_op(ret, ==, 0); + desc1 = helper_build_hs_desc(42, 3 * 60 * 60, &signing_kp1.pubkey); tt_assert(desc1); - ret = hs_desc_encode_descriptor(desc1, &desc1_str); + ret = hs_desc_encode_descriptor(desc1, &signing_kp1, &desc1_str); tt_int_op(ret, OP_EQ, 0); /* Very first basic test, should be able to be stored, survive a @@ -170,10 +171,14 @@ test_directory(void *arg) /* Store two descriptors and remove the expiring one only. */ { - hs_descriptor_t *desc_zero_lifetime = helper_build_hs_desc(1, 0, NULL); + ed25519_keypair_t signing_kp_zero; + ret = ed25519_keypair_generate(&signing_kp_zero, 0); + tt_int_op(ret, ==, 0); + hs_descriptor_t *desc_zero_lifetime; + desc_zero_lifetime = helper_build_hs_desc(1, 0, &signing_kp_zero.pubkey); tt_assert(desc_zero_lifetime); char *desc_zero_lifetime_str; - ret = hs_desc_encode_descriptor(desc_zero_lifetime, + ret = hs_desc_encode_descriptor(desc_zero_lifetime, &signing_kp_zero, &desc_zero_lifetime_str); tt_int_op(ret, OP_EQ, 0); @@ -225,7 +230,7 @@ test_directory(void *arg) tt_int_op(ret, OP_EQ, 1); /* Bump revision counter. */ desc1->plaintext_data.revision_counter++; - ret = hs_desc_encode_descriptor(desc1, &new_desc_str); + ret = hs_desc_encode_descriptor(desc1, &signing_kp1, &new_desc_str); tt_int_op(ret, OP_EQ, 0); ret = hs_cache_store_as_dir(new_desc_str); tt_int_op(ret, OP_EQ, 0); @@ -248,15 +253,18 @@ test_clean_as_dir(void *arg) char *desc1_str = NULL; time_t now = time(NULL); hs_descriptor_t *desc1 = NULL; + ed25519_keypair_t signing_kp1; (void) arg; init_test(); /* Generate a valid descriptor with values. */ - desc1 = helper_build_hs_desc(42, 3 * 60 * 60, NULL); + ret = ed25519_keypair_generate(&signing_kp1, 0); + tt_int_op(ret, ==, 0); + desc1 = helper_build_hs_desc(42, 3 * 60 * 60, &signing_kp1.pubkey); tt_assert(desc1); - ret = hs_desc_encode_descriptor(desc1, &desc1_str); + ret = hs_desc_encode_descriptor(desc1, &signing_kp1, &desc1_str); tt_int_op(ret, OP_EQ, 0); ret = hs_cache_store_as_dir(desc1_str); tt_int_op(ret, OP_EQ, 0); @@ -343,7 +351,7 @@ static void test_upload_and_download_hs_desc(void *arg) { int retval; - hs_descriptor_t *published_desc; + hs_descriptor_t *published_desc = NULL; char *published_desc_str = NULL; char *received_desc_str = NULL; @@ -355,9 +363,13 @@ test_upload_and_download_hs_desc(void *arg) /* Generate a valid descriptor with normal values. */ { - published_desc = helper_build_hs_desc(42, 3 * 60 * 60, NULL); + ed25519_keypair_t signing_kp; + retval = ed25519_keypair_generate(&signing_kp, 0); + tt_int_op(retval, ==, 0); + published_desc = helper_build_hs_desc(42, 3 * 60 * 60, &signing_kp.pubkey); tt_assert(published_desc); - retval = hs_desc_encode_descriptor(published_desc, &published_desc_str); + retval = hs_desc_encode_descriptor(published_desc, &signing_kp, + &published_desc_str); tt_int_op(retval, OP_EQ, 0); } @@ -370,7 +382,7 @@ test_upload_and_download_hs_desc(void *arg) /* Simulate a fetch of the previously published descriptor */ { const ed25519_public_key_t *blinded_key; - blinded_key = &published_desc->plaintext_data.blinded_kp.pubkey; + blinded_key = &published_desc->plaintext_data.blinded_pubkey; received_desc_str = helper_fetch_desc_from_hsdir(blinded_key); } @@ -391,7 +403,9 @@ test_hsdir_revision_counter_check(void *arg) { int retval; - hs_descriptor_t *published_desc; + ed25519_keypair_t signing_kp; + + hs_descriptor_t *published_desc = NULL; char *published_desc_str = NULL; char *received_desc_str = NULL; @@ -404,9 +418,13 @@ test_hsdir_revision_counter_check(void *arg) /* Generate a valid descriptor with normal values. */ { - published_desc = helper_build_hs_desc(1312, 3 * 60 * 60, NULL); + retval = ed25519_keypair_generate(&signing_kp, 0); + tt_int_op(retval, ==, 0); + published_desc = helper_build_hs_desc(1312, 3 * 60 * 60, + &signing_kp.pubkey); tt_assert(published_desc); - retval = hs_desc_encode_descriptor(published_desc, &published_desc_str); + retval = hs_desc_encode_descriptor(published_desc, &signing_kp, + &published_desc_str); tt_int_op(retval, OP_EQ, 0); } @@ -426,7 +444,7 @@ test_hsdir_revision_counter_check(void *arg) { const ed25519_public_key_t *blinded_key; - blinded_key = &published_desc->plaintext_data.blinded_kp.pubkey; + blinded_key = &published_desc->plaintext_data.blinded_pubkey; received_desc_str = helper_fetch_desc_from_hsdir(blinded_key); retval = hs_desc_decode_descriptor(received_desc_str,NULL, &received_desc); @@ -445,7 +463,8 @@ test_hsdir_revision_counter_check(void *arg) { published_desc->plaintext_data.revision_counter = 1313; tor_free(published_desc_str); - retval = hs_desc_encode_descriptor(published_desc, &published_desc_str); + retval = hs_desc_encode_descriptor(published_desc, &signing_kp, + &published_desc_str); tt_int_op(retval, OP_EQ, 0); retval = handle_post_hs_descriptor("/tor/hs/3/publish",published_desc_str); @@ -457,7 +476,7 @@ test_hsdir_revision_counter_check(void *arg) { const ed25519_public_key_t *blinded_key; - blinded_key = &published_desc->plaintext_data.blinded_kp.pubkey; + blinded_key = &published_desc->plaintext_data.blinded_pubkey; received_desc_str = helper_fetch_desc_from_hsdir(blinded_key); retval = hs_desc_decode_descriptor(received_desc_str,NULL, &received_desc); diff --git a/src/test/test_hs_descriptor.c b/src/test/test_hs_descriptor.c index 3f588dfca..360334201 100644 --- a/src/test/test_hs_descriptor.c +++ b/src/test/test_hs_descriptor.c @@ -77,24 +77,28 @@ helper_build_intro_point(const ed25519_keypair_t *blinded_kp, time_t now, /* Return a valid hs_descriptor_t object. If no_ip is set, no introduction * points are added. */ static hs_descriptor_t * -helper_build_hs_desc(unsigned int no_ip) +helper_build_hs_desc(unsigned int no_ip, ed25519_public_key_t *signing_pubkey) { int ret; time_t now = time(NULL); + ed25519_keypair_t blinded_kp; hs_descriptor_t *descp = NULL, *desc = tor_malloc_zero(sizeof(*desc)); desc->plaintext_data.version = HS_DESC_SUPPORTED_FORMAT_VERSION_MAX; - ret = ed25519_keypair_generate(&desc->plaintext_data.signing_kp, 0); - tt_int_op(ret, ==, 0); - ret = ed25519_keypair_generate(&desc->plaintext_data.blinded_kp, 0); + + /* Copy only the public key into the descriptor. */ + memcpy(&desc->plaintext_data.signing_pubkey, signing_pubkey, + sizeof(ed25519_public_key_t)); + + ret = ed25519_keypair_generate(&blinded_kp, 0); tt_int_op(ret, ==, 0); + /* Copy only the public key into the descriptor. */ + memcpy(&desc->plaintext_data.blinded_pubkey, &blinded_kp.pubkey, + sizeof(ed25519_public_key_t)); desc->plaintext_data.signing_key_cert = - tor_cert_create(&desc->plaintext_data.blinded_kp, - CERT_TYPE_SIGNING_HS_DESC, - &desc->plaintext_data.signing_kp.pubkey, now, - 3600, - CERT_FLAG_INCLUDE_SIGNING_KEY); + tor_cert_create(&blinded_kp, CERT_TYPE_SIGNING_HS_DESC, signing_pubkey, + now, 3600, CERT_FLAG_INCLUDE_SIGNING_KEY); tt_assert(desc->plaintext_data.signing_key_cert); desc->plaintext_data.revision_counter = 42; desc->plaintext_data.lifetime_sec = 3 * 60 * 60; @@ -108,17 +112,13 @@ helper_build_hs_desc(unsigned int no_ip) if (!no_ip) { /* Add four intro points. */ smartlist_add(desc->encrypted_data.intro_points, - helper_build_intro_point(&desc->plaintext_data.blinded_kp, now, - "1.2.3.4", 0)); + helper_build_intro_point(&blinded_kp, now, "1.2.3.4", 0)); smartlist_add(desc->encrypted_data.intro_points, - helper_build_intro_point(&desc->plaintext_data.blinded_kp, now, - "[2600::1]", 0)); + helper_build_intro_point(&blinded_kp, now, "[2600::1]", 0)); smartlist_add(desc->encrypted_data.intro_points, - helper_build_intro_point(&desc->plaintext_data.blinded_kp, now, - "3.2.1.4", 1)); + helper_build_intro_point(&blinded_kp, now, "3.2.1.4", 1)); smartlist_add(desc->encrypted_data.intro_points, - helper_build_intro_point(&desc->plaintext_data.blinded_kp, now, - "", 1)); + helper_build_intro_point(&blinded_kp, now, "", 1)); } descp = desc; @@ -138,11 +138,11 @@ helper_compare_hs_desc(const hs_descriptor_t *desc1, desc2->plaintext_data.lifetime_sec); tt_assert(tor_cert_eq(desc1->plaintext_data.signing_key_cert, desc2->plaintext_data.signing_key_cert)); - tt_mem_op(desc1->plaintext_data.signing_kp.pubkey.pubkey, OP_EQ, - desc2->plaintext_data.signing_kp.pubkey.pubkey, + tt_mem_op(desc1->plaintext_data.signing_pubkey.pubkey, OP_EQ, + desc2->plaintext_data.signing_pubkey.pubkey, ED25519_PUBKEY_LEN); - tt_mem_op(desc1->plaintext_data.blinded_kp.pubkey.pubkey, OP_EQ, - desc2->plaintext_data.blinded_kp.pubkey.pubkey, + tt_mem_op(desc1->plaintext_data.blinded_pubkey.pubkey, OP_EQ, + desc2->plaintext_data.blinded_pubkey.pubkey, ED25519_PUBKEY_LEN); tt_u64_op(desc1->plaintext_data.revision_counter, ==, desc2->plaintext_data.revision_counter); @@ -481,11 +481,15 @@ test_encode_descriptor(void *arg) { int ret; char *encoded = NULL; - hs_descriptor_t *desc = helper_build_hs_desc(0); + ed25519_keypair_t signing_kp; + hs_descriptor_t *desc = NULL; (void) arg; - ret = hs_desc_encode_descriptor(desc, &encoded); + ret = ed25519_keypair_generate(&signing_kp, 0); + tt_int_op(ret, ==, 0); + desc = helper_build_hs_desc(0, &signing_kp.pubkey); + ret = hs_desc_encode_descriptor(desc, &signing_kp, &encoded); tt_int_op(ret, ==, 0); tt_assert(encoded); @@ -499,17 +503,22 @@ test_decode_descriptor(void *arg) { int ret; char *encoded = NULL; - hs_descriptor_t *desc = helper_build_hs_desc(0); + ed25519_keypair_t signing_kp; + hs_descriptor_t *desc = NULL; hs_descriptor_t *decoded = NULL; hs_descriptor_t *desc_no_ip = NULL; (void) arg; + ret = ed25519_keypair_generate(&signing_kp, 0); + tt_int_op(ret, ==, 0); + desc = helper_build_hs_desc(0, &signing_kp.pubkey); + /* Give some bad stuff to the decoding function. */ ret = hs_desc_decode_descriptor("hladfjlkjadf", NULL, &decoded); tt_int_op(ret, OP_EQ, -1); - ret = hs_desc_encode_descriptor(desc, &encoded); + ret = hs_desc_encode_descriptor(desc, &signing_kp, &encoded); tt_int_op(ret, ==, 0); tt_assert(encoded); @@ -521,10 +530,13 @@ test_decode_descriptor(void *arg) /* Decode a descriptor with _no_ introduction points. */ { - desc_no_ip = helper_build_hs_desc(1); + ed25519_keypair_t signing_kp_no_ip; + ret = ed25519_keypair_generate(&signing_kp_no_ip, 0); + tt_int_op(ret, ==, 0); + desc_no_ip = helper_build_hs_desc(1, &signing_kp_no_ip.pubkey); tt_assert(desc_no_ip); tor_free(encoded); - ret = hs_desc_encode_descriptor(desc_no_ip, &encoded); + ret = hs_desc_encode_descriptor(desc_no_ip, &signing_kp_no_ip, &encoded); tt_int_op(ret, ==, 0); tt_assert(encoded); hs_descriptor_free(decoded); @@ -599,6 +611,7 @@ test_decode_intro_point(void *arg) char *encoded_ip = NULL; size_t len_out; hs_desc_intro_point_t *ip = NULL; + ed25519_keypair_t signing_kp; hs_descriptor_t *desc = NULL; (void) arg; @@ -647,7 +660,9 @@ test_decode_intro_point(void *arg) /* Start by testing the "decode all intro points" function. */ { char *line; - desc = helper_build_hs_desc(0); + ret = ed25519_keypair_generate(&signing_kp, 0); + tt_int_op(ret, ==, 0); + desc = helper_build_hs_desc(0, &signing_kp.pubkey); tt_assert(desc); /* Only try to decode an incomplete introduction point section. */ tor_asprintf(&line, "\n%s", intro_point); @@ -674,7 +689,9 @@ test_decode_intro_point(void *arg) /* Try to decode a junk string. */ { hs_descriptor_free(desc); - desc = helper_build_hs_desc(0); + ret = ed25519_keypair_generate(&signing_kp, 0); + tt_int_op(ret, ==, 0); + desc = helper_build_hs_desc(0, &signing_kp.pubkey); const char *junk = "this is not a descriptor"; ip = decode_introduction_point(desc, junk); tt_assert(!ip); @@ -977,10 +994,10 @@ test_desc_signature(void *arg) tt_int_op(ret, ==, 0); /* Build the descriptor that should be valid. */ tor_asprintf(&desc, "%ssignature %s\n", data, sig_b64); - ret = desc_sig_is_valid(sig_b64, &kp, desc, strlen(desc)); + ret = desc_sig_is_valid(sig_b64, &kp.pubkey, desc, strlen(desc)); tt_int_op(ret, ==, 1); /* Junk signature. */ - ret = desc_sig_is_valid("JUNK", &kp, desc, strlen(desc)); + ret = desc_sig_is_valid("JUNK", &kp.pubkey, desc, strlen(desc)); tt_int_op(ret, ==, 0); done: