1 /* Copyright (c) 2017, The Tor Project, Inc. */
2 /* See LICENSE for licensing information */
6 * \brief Test hidden service ntor functionality.
10 #include "test_helpers.h"
11 #include "log_test_helpers.h"
15 /* Test the HS ntor handshake. Simulate the sending of an encrypted INTRODUCE1
16 * cell, and verify the proper derivation of decryption keys on the other end.
17 * Then simulate the sending of an authenticated RENDEZVOUS1 cell and verify
18 * the proper verification on the other end. */
20 test_hs_ntor(void *arg
)
24 uint8_t subcredential
[DIGEST256_LEN
];
26 ed25519_keypair_t service_intro_auth_keypair
;
27 curve25519_keypair_t service_intro_enc_keypair
;
28 curve25519_keypair_t service_ephemeral_rend_keypair
;
30 curve25519_keypair_t client_ephemeral_enc_keypair
;
32 hs_ntor_intro_cell_keys_t client_hs_ntor_intro_cell_keys
;
33 hs_ntor_intro_cell_keys_t service_hs_ntor_intro_cell_keys
;
35 hs_ntor_rend_cell_keys_t service_hs_ntor_rend_cell_keys
;
36 hs_ntor_rend_cell_keys_t client_hs_ntor_rend_cell_keys
;
40 /* Generate fake data for this unittest */
42 /* Generate fake subcredential */
43 memset(subcredential
, 'Z', DIGEST256_LEN
);
46 curve25519_keypair_generate(&service_intro_enc_keypair
, 0);
47 ed25519_keypair_generate(&service_intro_auth_keypair
, 0);
48 curve25519_keypair_generate(&service_ephemeral_rend_keypair
, 0);
50 curve25519_keypair_generate(&client_ephemeral_enc_keypair
, 0);
53 /* Client: Simulate the sending of an encrypted INTRODUCE1 cell */
55 hs_ntor_client_get_introduce1_keys(&service_intro_auth_keypair
.pubkey
,
56 &service_intro_enc_keypair
.pubkey
,
57 &client_ephemeral_enc_keypair
,
59 &client_hs_ntor_intro_cell_keys
);
60 tt_int_op(retval
, OP_EQ
, 0);
62 /* Service: Simulate the decryption of the received INTRODUCE1 */
64 hs_ntor_service_get_introduce1_keys(&service_intro_auth_keypair
.pubkey
,
65 &service_intro_enc_keypair
,
66 &client_ephemeral_enc_keypair
.pubkey
,
68 &service_hs_ntor_intro_cell_keys
);
69 tt_int_op(retval
, OP_EQ
, 0);
71 /* Test that the INTRODUCE1 encryption/mac keys match! */
72 tt_mem_op(client_hs_ntor_intro_cell_keys
.enc_key
, OP_EQ
,
73 service_hs_ntor_intro_cell_keys
.enc_key
,
75 tt_mem_op(client_hs_ntor_intro_cell_keys
.mac_key
, OP_EQ
,
76 service_hs_ntor_intro_cell_keys
.mac_key
,
79 /* Service: Simulate creation of RENDEZVOUS1 key material. */
81 hs_ntor_service_get_rendezvous1_keys(&service_intro_auth_keypair
.pubkey
,
82 &service_intro_enc_keypair
,
83 &service_ephemeral_rend_keypair
,
84 &client_ephemeral_enc_keypair
.pubkey
,
85 &service_hs_ntor_rend_cell_keys
);
86 tt_int_op(retval
, OP_EQ
, 0);
88 /* Client: Simulate the verification of a received RENDEZVOUS1 cell */
90 hs_ntor_client_get_rendezvous1_keys(&service_intro_auth_keypair
.pubkey
,
91 &client_ephemeral_enc_keypair
,
92 &service_intro_enc_keypair
.pubkey
,
93 &service_ephemeral_rend_keypair
.pubkey
,
94 &client_hs_ntor_rend_cell_keys
);
95 tt_int_op(retval
, OP_EQ
, 0);
97 /* Test that the RENDEZVOUS1 key material match! */
98 tt_mem_op(client_hs_ntor_rend_cell_keys
.rend_cell_auth_mac
, OP_EQ
,
99 service_hs_ntor_rend_cell_keys
.rend_cell_auth_mac
,
101 tt_mem_op(client_hs_ntor_rend_cell_keys
.ntor_key_seed
, OP_EQ
,
102 service_hs_ntor_rend_cell_keys
.ntor_key_seed
,
108 struct testcase_t hs_ntor_tests
[] = {
109 { "hs_ntor", test_hs_ntor
, TT_FORK
,