1 /* Copyright (c) 2014, The Tor Project, Inc. */
2 /* See LICENSE for licensing information */
6 #define CHANNELTLS_PRIVATE
7 #define CONNECTION_PRIVATE
8 #define TOR_CHANNEL_INTERNAL_
11 #include "connection.h"
12 #include "connection_or.h"
13 #include "channeltls.h"
14 #include "link_handshake.h"
15 #include "scheduler.h"
19 var_cell_t
*mock_got_var_cell
= NULL
;
22 mock_write_var_cell(const var_cell_t
*vc
, or_connection_t
*conn
)
26 var_cell_t
*newcell
= var_cell_new(vc
->payload_len
);
27 memcpy(newcell
, vc
, sizeof(var_cell_t
));
28 memcpy(newcell
->payload
, vc
->payload
, vc
->payload_len
);
30 mock_got_var_cell
= newcell
;
33 mock_tls_cert_matches_key(const tor_tls_t
*tls
, const tor_x509_cert_t
*cert
)
36 (void) cert
; // XXXX look at this.
40 static int mock_send_netinfo_called
= 0;
42 mock_send_netinfo(or_connection_t
*conn
)
45 ++mock_send_netinfo_called
;// XXX check_this
49 static int mock_close_called
= 0;
51 mock_close_for_err(or_connection_t
*orconn
, int flush
)
58 static int mock_send_authenticate_called
= 0;
60 mock_send_authenticate(or_connection_t
*conn
, int type
)
64 ++mock_send_authenticate_called
;// XXX check_this
68 /* Test good certs cells */
70 test_link_handshake_certs_ok(void *arg
)
74 or_connection_t
*c1
= or_connection_new(CONN_TYPE_OR
, AF_INET
);
75 or_connection_t
*c2
= or_connection_new(CONN_TYPE_OR
, AF_INET
);
76 var_cell_t
*cell1
= NULL
, *cell2
= NULL
;
77 certs_cell_t
*cc1
= NULL
, *cc2
= NULL
;
78 channel_tls_t
*chan1
= NULL
, *chan2
= NULL
;
79 crypto_pk_t
*key1
= NULL
, *key2
= NULL
;
83 MOCK(tor_tls_cert_matches_key
, mock_tls_cert_matches_key
);
84 MOCK(connection_or_write_var_cell_to_buf
, mock_write_var_cell
);
85 MOCK(connection_or_send_netinfo
, mock_send_netinfo
);
87 key1
= pk_generate(2);
88 key2
= pk_generate(3);
90 /* We need to make sure that our TLS certificates are set up before we can
91 * actually generate a CERTS cell.
93 tt_int_op(tor_tls_context_init(TOR_TLS_CTX_IS_PUBLIC_SERVER
,
94 key1
, key2
, 86400), ==, 0);
96 c1
->base_
.state
= OR_CONN_STATE_OR_HANDSHAKING_V3
;
98 tt_int_op(connection_init_or_handshake_state(c1
, 1), ==, 0);
100 c2
->base_
.state
= OR_CONN_STATE_OR_HANDSHAKING_V3
;
102 tt_int_op(connection_init_or_handshake_state(c2
, 0), ==, 0);
104 tt_int_op(0, ==, connection_or_send_certs_cell(c1
));
105 tt_assert(mock_got_var_cell
);
106 cell1
= mock_got_var_cell
;
108 tt_int_op(0, ==, connection_or_send_certs_cell(c2
));
109 tt_assert(mock_got_var_cell
);
110 cell2
= mock_got_var_cell
;
112 tt_int_op(cell1
->command
, ==, CELL_CERTS
);
113 tt_int_op(cell1
->payload_len
, >, 1);
115 tt_int_op(cell2
->command
, ==, CELL_CERTS
);
116 tt_int_op(cell2
->payload_len
, >, 1);
118 tt_int_op(cell1
->payload_len
, ==,
119 certs_cell_parse(&cc1
, cell1
->payload
, cell1
->payload_len
));
120 tt_int_op(cell2
->payload_len
, ==,
121 certs_cell_parse(&cc2
, cell2
->payload
, cell2
->payload_len
));
123 tt_int_op(2, ==, cc1
->n_certs
);
124 tt_int_op(2, ==, cc2
->n_certs
);
126 tt_int_op(certs_cell_get_certs(cc1
, 0)->cert_type
, ==,
127 CERTTYPE_RSA1024_ID_AUTH
);
128 tt_int_op(certs_cell_get_certs(cc1
, 1)->cert_type
, ==,
129 CERTTYPE_RSA1024_ID_ID
);
131 tt_int_op(certs_cell_get_certs(cc2
, 0)->cert_type
, ==,
132 CERTTYPE_RSA1024_ID_LINK
);
133 tt_int_op(certs_cell_get_certs(cc2
, 1)->cert_type
, ==,
134 CERTTYPE_RSA1024_ID_ID
);
136 chan1
= tor_malloc_zero(sizeof(*chan1
));
137 channel_tls_common_init(chan1
);
140 c1
->base_
.address
= tor_strdup("C1");
141 c1
->tls
= tor_tls_new(-1, 0);
143 c1
->base_
.conn_array_index
= -1;
144 crypto_pk_get_digest(key2
, c1
->identity_digest
);
146 channel_tls_process_certs_cell(cell2
, chan1
);
148 tt_assert(c1
->handshake_state
->received_certs_cell
);
149 tt_assert(c1
->handshake_state
->auth_cert
== NULL
);
150 tt_assert(c1
->handshake_state
->id_cert
);
151 tt_assert(! tor_mem_is_zero(
152 (char*)c1
->handshake_state
->authenticated_peer_id
, 20));
154 chan2
= tor_malloc_zero(sizeof(*chan2
));
155 channel_tls_common_init(chan2
);
158 c2
->base_
.address
= tor_strdup("C2");
159 c2
->tls
= tor_tls_new(-1, 1);
161 c2
->base_
.conn_array_index
= -1;
162 crypto_pk_get_digest(key1
, c2
->identity_digest
);
164 channel_tls_process_certs_cell(cell1
, chan2
);
166 tt_assert(c2
->handshake_state
->received_certs_cell
);
167 tt_assert(c2
->handshake_state
->auth_cert
);
168 tt_assert(c2
->handshake_state
->id_cert
);
169 tt_assert(tor_mem_is_zero(
170 (char*)c2
->handshake_state
->authenticated_peer_id
, 20));
173 UNMOCK(tor_tls_cert_matches_key
);
174 UNMOCK(connection_or_write_var_cell_to_buf
);
175 UNMOCK(connection_or_send_netinfo
);
176 connection_free_(TO_CONN(c1
));
177 connection_free_(TO_CONN(c2
));
180 certs_cell_free(cc1
);
181 certs_cell_free(cc2
);
183 circuitmux_free(chan1
->base_
.cmux
);
186 circuitmux_free(chan2
->base_
.cmux
);
188 crypto_pk_free(key1
);
189 crypto_pk_free(key2
);
192 typedef struct certs_data_s
{
197 crypto_pk_t
*key1
, *key2
;
201 recv_certs_cleanup(const struct testcase_t
*test
, void *obj
)
204 certs_data_t
*d
= obj
;
205 UNMOCK(tor_tls_cert_matches_key
);
206 UNMOCK(connection_or_send_netinfo
);
207 UNMOCK(connection_or_close_for_error
);
211 certs_cell_free(d
->ccell
);
212 connection_free_(TO_CONN(d
->c
));
213 circuitmux_free(d
->chan
->base_
.cmux
);
215 crypto_pk_free(d
->key1
);
216 crypto_pk_free(d
->key2
);
223 recv_certs_setup(const struct testcase_t
*test
)
226 certs_data_t
*d
= tor_malloc_zero(sizeof(*d
));
227 certs_cell_cert_t
*ccc1
= NULL
;
228 certs_cell_cert_t
*ccc2
= NULL
;
231 d
->c
= or_connection_new(CONN_TYPE_OR
, AF_INET
);
232 d
->chan
= tor_malloc_zero(sizeof(*d
->chan
));
233 d
->c
->chan
= d
->chan
;
234 d
->c
->base_
.address
= tor_strdup("HaveAnAddress");
235 d
->c
->base_
.state
= OR_CONN_STATE_OR_HANDSHAKING_V3
;
236 d
->chan
->conn
= d
->c
;
237 tt_int_op(connection_init_or_handshake_state(d
->c
, 1), ==, 0);
238 d
->c
->link_proto
= 4;
240 d
->key1
= pk_generate(2);
241 d
->key2
= pk_generate(3);
243 tt_int_op(tor_tls_context_init(TOR_TLS_CTX_IS_PUBLIC_SERVER
,
244 d
->key1
, d
->key2
, 86400), ==, 0);
245 d
->ccell
= certs_cell_new();
246 ccc1
= certs_cell_cert_new();
247 certs_cell_add_certs(d
->ccell
, ccc1
);
248 ccc2
= certs_cell_cert_new();
249 certs_cell_add_certs(d
->ccell
, ccc2
);
250 d
->ccell
->n_certs
= 2;
254 const tor_x509_cert_t
*a
,*b
;
255 const uint8_t *enca
, *encb
;
257 tor_tls_get_my_certs(1, &a
, &b
);
258 tor_x509_cert_get_der(a
, &enca
, &lena
);
259 tor_x509_cert_get_der(b
, &encb
, &lenb
);
260 certs_cell_cert_setlen_body(ccc1
, lena
);
261 ccc1
->cert_len
= lena
;
262 certs_cell_cert_setlen_body(ccc2
, lenb
);
263 ccc2
->cert_len
= lenb
;
265 memcpy(certs_cell_cert_getarray_body(ccc1
), enca
, lena
);
266 memcpy(certs_cell_cert_getarray_body(ccc2
), encb
, lenb
);
268 d
->cell
= var_cell_new(4096);
269 d
->cell
->command
= CELL_CERTS
;
271 n
= certs_cell_encode(d
->cell
->payload
, 4096, d
->ccell
);
273 d
->cell
->payload_len
= n
;
275 MOCK(tor_tls_cert_matches_key
, mock_tls_cert_matches_key
);
276 MOCK(connection_or_send_netinfo
, mock_send_netinfo
);
277 MOCK(connection_or_close_for_error
, mock_close_for_err
);
279 tt_int_op(0, ==, d
->c
->handshake_state
->received_certs_cell
);
280 tt_int_op(0, ==, mock_send_authenticate_called
);
281 tt_int_op(0, ==, mock_send_netinfo_called
);
285 recv_certs_cleanup(test
, d
);
289 static struct testcase_setup_t setup_recv_certs
= {
290 .setup_fn
= recv_certs_setup
,
291 .cleanup_fn
= recv_certs_cleanup
295 test_link_handshake_recv_certs_ok(void *arg
)
297 certs_data_t
*d
= arg
;
298 channel_tls_process_certs_cell(d
->cell
, d
->chan
);
299 tt_int_op(0, ==, mock_close_called
);
300 tt_int_op(d
->c
->handshake_state
->authenticated
, ==, 1);
301 tt_int_op(d
->c
->handshake_state
->received_certs_cell
, ==, 1);
302 tt_assert(d
->c
->handshake_state
->id_cert
!= NULL
);
303 tt_assert(d
->c
->handshake_state
->auth_cert
== NULL
);
310 test_link_handshake_recv_certs_ok_server(void *arg
)
312 certs_data_t
*d
= arg
;
313 d
->c
->handshake_state
->started_here
= 0;
314 certs_cell_get_certs(d
->ccell
, 0)->cert_type
= 3;
315 certs_cell_get_certs(d
->ccell
, 1)->cert_type
= 2;
316 ssize_t n
= certs_cell_encode(d
->cell
->payload
, 2048, d
->ccell
);
318 d
->cell
->payload_len
= n
;
319 channel_tls_process_certs_cell(d
->cell
, d
->chan
);
320 tt_int_op(0, ==, mock_close_called
);
321 tt_int_op(d
->c
->handshake_state
->authenticated
, ==, 0);
322 tt_int_op(d
->c
->handshake_state
->received_certs_cell
, ==, 1);
323 tt_assert(d
->c
->handshake_state
->id_cert
!= NULL
);
324 tt_assert(d
->c
->handshake_state
->auth_cert
!= NULL
);
330 #define CERTS_FAIL(name, code) \
332 test_link_handshake_recv_certs_ ## name(void *arg) \
334 certs_data_t *d = arg; \
336 channel_tls_process_certs_cell(d->cell, d->chan); \
337 tt_int_op(1, ==, mock_close_called); \
338 tt_int_op(0, ==, mock_send_authenticate_called); \
339 tt_int_op(0, ==, mock_send_netinfo_called); \
344 CERTS_FAIL(badstate
, d
->c
->base_
.state
= OR_CONN_STATE_CONNECTING
)
345 CERTS_FAIL(badproto
, d
->c
->link_proto
= 2)
346 CERTS_FAIL(duplicate
, d
->c
->handshake_state
->received_certs_cell
= 1)
347 CERTS_FAIL(already_authenticated
,
348 d
->c
->handshake_state
->authenticated
= 1)
349 CERTS_FAIL(empty
, d
->cell
->payload_len
= 0)
350 CERTS_FAIL(bad_circid
, d
->cell
->circ_id
= 1)
351 CERTS_FAIL(truncated_1
, d
->cell
->payload
[0] = 5)
352 CERTS_FAIL(truncated_2
,
354 d
->cell
->payload_len
= 4;
355 memcpy(d
->cell
->payload
, "\x01\x01\x00\x05", 4);
357 CERTS_FAIL(truncated_3
,
359 d
->cell
->payload_len
= 7;
360 memcpy(d
->cell
->payload
, "\x01\x01\x00\x05""abc", 7);
362 #define REENCODE() do { \
363 ssize_t n = certs_cell_encode(d->cell->payload, 4096, d->ccell); \
364 tt_int_op(n, >, 0); \
365 d->cell->payload_len = n; \
370 certs_cell_cert_setlen_body(certs_cell_get_certs(d
->ccell
, 0), 3);
371 certs_cell_get_certs(d
->ccell
, 0)->cert_len
= 3;
374 CERTS_FAIL(both_link
,
376 certs_cell_get_certs(d
->ccell
, 0)->cert_type
= 1;
377 certs_cell_get_certs(d
->ccell
, 1)->cert_type
= 1;
380 CERTS_FAIL(both_id_rsa
,
382 certs_cell_get_certs(d
->ccell
, 0)->cert_type
= 2;
383 certs_cell_get_certs(d
->ccell
, 1)->cert_type
= 2;
386 CERTS_FAIL(both_auth
,
388 certs_cell_get_certs(d
->ccell
, 0)->cert_type
= 3;
389 certs_cell_get_certs(d
->ccell
, 1)->cert_type
= 3;
392 CERTS_FAIL(wrong_labels_1
,
394 certs_cell_get_certs(d
->ccell
, 0)->cert_type
= 2;
395 certs_cell_get_certs(d
->ccell
, 1)->cert_type
= 1;
398 CERTS_FAIL(wrong_labels_2
,
400 const tor_x509_cert_t
*a
;
401 const tor_x509_cert_t
*b
;
404 tor_tls_get_my_certs(1, &a
, &b
);
405 tor_x509_cert_get_der(a
, &enca
, &lena
);
406 certs_cell_cert_setlen_body(certs_cell_get_certs(d
->ccell
, 1), lena
);
407 memcpy(certs_cell_cert_getarray_body(certs_cell_get_certs(d
->ccell
, 1)),
409 certs_cell_get_certs(d
->ccell
, 1)->cert_len
= lena
;
412 CERTS_FAIL(wrong_labels_3
,
414 certs_cell_get_certs(d
->ccell
, 0)->cert_type
= 2;
415 certs_cell_get_certs(d
->ccell
, 1)->cert_type
= 3;
418 CERTS_FAIL(server_missing_certs
,
420 d
->c
->handshake_state
->started_here
= 0;
422 CERTS_FAIL(server_wrong_labels_1
,
424 d
->c
->handshake_state
->started_here
= 0;
425 certs_cell_get_certs(d
->ccell
, 0)->cert_type
= 2;
426 certs_cell_get_certs(d
->ccell
, 1)->cert_type
= 3;
431 test_link_handshake_send_authchallenge(void *arg
)
435 or_connection_t
*c1
= or_connection_new(CONN_TYPE_OR
, AF_INET
);
436 var_cell_t
*cell1
=NULL
, *cell2
=NULL
;
438 MOCK(connection_or_write_var_cell_to_buf
, mock_write_var_cell
);
440 tt_int_op(connection_init_or_handshake_state(c1
, 0), ==, 0);
441 c1
->base_
.state
= OR_CONN_STATE_OR_HANDSHAKING_V3
;
442 tt_assert(! mock_got_var_cell
);
443 tt_int_op(0, ==, connection_or_send_auth_challenge_cell(c1
));
444 cell1
= mock_got_var_cell
;
445 tt_int_op(0, ==, connection_or_send_auth_challenge_cell(c1
));
446 cell2
= mock_got_var_cell
;
447 tt_int_op(36, ==, cell1
->payload_len
);
448 tt_int_op(36, ==, cell2
->payload_len
);
449 tt_int_op(0, ==, cell1
->circ_id
);
450 tt_int_op(0, ==, cell2
->circ_id
);
451 tt_int_op(CELL_AUTH_CHALLENGE
, ==, cell1
->command
);
452 tt_int_op(CELL_AUTH_CHALLENGE
, ==, cell2
->command
);
454 tt_mem_op("\x00\x01\x00\x01", ==, cell1
->payload
+ 32, 4);
455 tt_mem_op("\x00\x01\x00\x01", ==, cell2
->payload
+ 32, 4);
456 tt_mem_op(cell1
->payload
, !=, cell2
->payload
, 32);
459 UNMOCK(connection_or_write_var_cell_to_buf
);
460 connection_free_(TO_CONN(c1
));
465 typedef struct authchallenge_data_s
{
469 } authchallenge_data_t
;
472 recv_authchallenge_cleanup(const struct testcase_t
*test
, void *obj
)
475 authchallenge_data_t
*d
= obj
;
477 UNMOCK(connection_or_send_netinfo
);
478 UNMOCK(connection_or_close_for_error
);
479 UNMOCK(connection_or_send_authenticate_cell
);
483 connection_free_(TO_CONN(d
->c
));
484 circuitmux_free(d
->chan
->base_
.cmux
);
492 recv_authchallenge_setup(const struct testcase_t
*test
)
495 authchallenge_data_t
*d
= tor_malloc_zero(sizeof(*d
));
496 d
->c
= or_connection_new(CONN_TYPE_OR
, AF_INET
);
497 d
->chan
= tor_malloc_zero(sizeof(*d
->chan
));
498 d
->c
->chan
= d
->chan
;
499 d
->c
->base_
.address
= tor_strdup("HaveAnAddress");
500 d
->c
->base_
.state
= OR_CONN_STATE_OR_HANDSHAKING_V3
;
501 d
->chan
->conn
= d
->c
;
502 tt_int_op(connection_init_or_handshake_state(d
->c
, 1), ==, 0);
503 d
->c
->link_proto
= 4;
504 d
->c
->handshake_state
->received_certs_cell
= 1;
505 d
->cell
= var_cell_new(128);
506 d
->cell
->payload_len
= 38;
507 d
->cell
->payload
[33] = 2;
508 d
->cell
->payload
[35] = 7;
509 d
->cell
->payload
[37] = 1;
510 d
->cell
->command
= CELL_AUTH_CHALLENGE
;
512 get_options_mutable()->ORPort_set
= 1;
514 MOCK(connection_or_close_for_error
, mock_close_for_err
);
515 MOCK(connection_or_send_netinfo
, mock_send_netinfo
);
516 MOCK(connection_or_send_authenticate_cell
, mock_send_authenticate
);
518 tt_int_op(0, ==, d
->c
->handshake_state
->received_auth_challenge
);
519 tt_int_op(0, ==, mock_send_authenticate_called
);
520 tt_int_op(0, ==, mock_send_netinfo_called
);
524 recv_authchallenge_cleanup(test
, d
);
528 static struct testcase_setup_t setup_recv_authchallenge
= {
529 .setup_fn
= recv_authchallenge_setup
,
530 .cleanup_fn
= recv_authchallenge_cleanup
534 test_link_handshake_recv_authchallenge_ok(void *arg
)
536 authchallenge_data_t
*d
= arg
;
538 channel_tls_process_auth_challenge_cell(d
->cell
, d
->chan
);
539 tt_int_op(0, ==, mock_close_called
);
540 tt_int_op(1, ==, d
->c
->handshake_state
->received_auth_challenge
);
541 tt_int_op(1, ==, mock_send_authenticate_called
);
542 tt_int_op(1, ==, mock_send_netinfo_called
);
548 test_link_handshake_recv_authchallenge_ok_noserver(void *arg
)
550 authchallenge_data_t
*d
= arg
;
551 get_options_mutable()->ORPort_set
= 0;
553 channel_tls_process_auth_challenge_cell(d
->cell
, d
->chan
);
554 tt_int_op(0, ==, mock_close_called
);
555 tt_int_op(1, ==, d
->c
->handshake_state
->received_auth_challenge
);
556 tt_int_op(0, ==, mock_send_authenticate_called
);
557 tt_int_op(0, ==, mock_send_netinfo_called
);
563 test_link_handshake_recv_authchallenge_ok_unrecognized(void *arg
)
565 authchallenge_data_t
*d
= arg
;
566 d
->cell
->payload
[37] = 99;
568 channel_tls_process_auth_challenge_cell(d
->cell
, d
->chan
);
569 tt_int_op(0, ==, mock_close_called
);
570 tt_int_op(1, ==, d
->c
->handshake_state
->received_auth_challenge
);
571 tt_int_op(0, ==, mock_send_authenticate_called
);
572 tt_int_op(1, ==, mock_send_netinfo_called
);
577 #define AUTHCHALLENGE_FAIL(name, code) \
579 test_link_handshake_recv_authchallenge_ ## name(void *arg) \
581 authchallenge_data_t *d = arg; \
583 channel_tls_process_auth_challenge_cell(d->cell, d->chan); \
584 tt_int_op(1, ==, mock_close_called); \
585 tt_int_op(0, ==, mock_send_authenticate_called); \
586 tt_int_op(0, ==, mock_send_netinfo_called); \
591 AUTHCHALLENGE_FAIL(badstate
,
592 d
->c
->base_
.state
= OR_CONN_STATE_CONNECTING
)
593 AUTHCHALLENGE_FAIL(badproto
,
594 d
->c
->link_proto
= 2)
595 AUTHCHALLENGE_FAIL(as_server
,
596 d
->c
->handshake_state
->started_here
= 0;)
597 AUTHCHALLENGE_FAIL(duplicate
,
598 d
->c
->handshake_state
->received_auth_challenge
= 1)
599 AUTHCHALLENGE_FAIL(nocerts
,
600 d
->c
->handshake_state
->received_certs_cell
= 0)
601 AUTHCHALLENGE_FAIL(tooshort
,
602 d
->cell
->payload_len
= 33)
603 AUTHCHALLENGE_FAIL(truncated
,
604 d
->cell
->payload_len
= 34)
605 AUTHCHALLENGE_FAIL(nonzero_circid
,
606 d
->cell
->circ_id
= 1337)
608 static tor_x509_cert_t
*mock_peer_cert
= NULL
;
609 static tor_x509_cert_t
*
610 mock_get_peer_cert(tor_tls_t
*tls
)
613 return mock_peer_cert
;
617 mock_get_tlssecrets(tor_tls_t
*tls
, uint8_t *secrets_out
)
620 memcpy(secrets_out
, "int getRandomNumber(){return 4;}", 32);
625 mock_set_circid_type(channel_t
*chan
,
626 crypto_pk_t
*identity_rcvd
,
627 int consider_identity
)
630 (void) identity_rcvd
;
631 (void) consider_identity
;
634 typedef struct authenticate_data_s
{
635 or_connection_t
*c1
, *c2
;
636 channel_tls_t
*chan2
;
638 crypto_pk_t
*key1
, *key2
;
639 } authenticate_data_t
;
642 authenticate_data_cleanup(const struct testcase_t
*test
, void *arg
)
645 UNMOCK(connection_or_write_var_cell_to_buf
);
646 UNMOCK(tor_tls_get_peer_cert
);
647 UNMOCK(tor_tls_get_tlssecrets
);
648 UNMOCK(connection_or_close_for_error
);
649 UNMOCK(channel_set_circid_type
);
650 authenticate_data_t
*d
= arg
;
653 connection_free_(TO_CONN(d
->c1
));
654 connection_free_(TO_CONN(d
->c2
));
655 circuitmux_free(d
->chan2
->base_
.cmux
);
657 crypto_pk_free(d
->key1
);
658 crypto_pk_free(d
->key2
);
661 mock_peer_cert
= NULL
;
667 authenticate_data_setup(const struct testcase_t
*test
)
669 authenticate_data_t
*d
= tor_malloc_zero(sizeof(*d
));
673 MOCK(connection_or_write_var_cell_to_buf
, mock_write_var_cell
);
674 MOCK(tor_tls_get_peer_cert
, mock_get_peer_cert
);
675 MOCK(tor_tls_get_tlssecrets
, mock_get_tlssecrets
);
676 MOCK(connection_or_close_for_error
, mock_close_for_err
);
677 MOCK(channel_set_circid_type
, mock_set_circid_type
);
678 d
->c1
= or_connection_new(CONN_TYPE_OR
, AF_INET
);
679 d
->c2
= or_connection_new(CONN_TYPE_OR
, AF_INET
);
681 d
->key1
= pk_generate(2);
682 d
->key2
= pk_generate(3);
683 tt_int_op(tor_tls_context_init(TOR_TLS_CTX_IS_PUBLIC_SERVER
,
684 d
->key1
, d
->key2
, 86400), ==, 0);
686 d
->c1
->base_
.state
= OR_CONN_STATE_OR_HANDSHAKING_V3
;
687 d
->c1
->link_proto
= 3;
688 tt_int_op(connection_init_or_handshake_state(d
->c1
, 1), ==, 0);
690 d
->c2
->base_
.state
= OR_CONN_STATE_OR_HANDSHAKING_V3
;
691 d
->c2
->link_proto
= 3;
692 tt_int_op(connection_init_or_handshake_state(d
->c2
, 0), ==, 0);
693 var_cell_t
*cell
= var_cell_new(16);
694 cell
->command
= CELL_CERTS
;
695 or_handshake_state_record_var_cell(d
->c1
, d
->c1
->handshake_state
, cell
, 1);
696 or_handshake_state_record_var_cell(d
->c2
, d
->c2
->handshake_state
, cell
, 0);
697 memset(cell
->payload
, 0xf0, 16);
698 or_handshake_state_record_var_cell(d
->c1
, d
->c1
->handshake_state
, cell
, 0);
699 or_handshake_state_record_var_cell(d
->c2
, d
->c2
->handshake_state
, cell
, 1);
702 d
->chan2
= tor_malloc_zero(sizeof(*d
->chan2
));
703 channel_tls_common_init(d
->chan2
);
704 d
->c2
->chan
= d
->chan2
;
705 d
->chan2
->conn
= d
->c2
;
706 d
->c2
->base_
.address
= tor_strdup("C2");
707 d
->c2
->tls
= tor_tls_new(-1, 1);
708 d
->c2
->handshake_state
->received_certs_cell
= 1;
710 const tor_x509_cert_t
*id_cert
=NULL
, *link_cert
=NULL
, *auth_cert
=NULL
;
711 tt_assert(! tor_tls_get_my_certs(1, &link_cert
, &id_cert
));
715 tor_x509_cert_get_der(id_cert
, &der
, &sz
);
716 d
->c1
->handshake_state
->id_cert
= tor_x509_cert_decode(der
, sz
);
717 d
->c2
->handshake_state
->id_cert
= tor_x509_cert_decode(der
, sz
);
719 tor_x509_cert_get_der(link_cert
, &der
, &sz
);
720 mock_peer_cert
= tor_x509_cert_decode(der
, sz
);
721 tt_assert(mock_peer_cert
);
722 tt_assert(! tor_tls_get_my_certs(0, &auth_cert
, &id_cert
));
723 tor_x509_cert_get_der(auth_cert
, &der
, &sz
);
724 d
->c2
->handshake_state
->auth_cert
= tor_x509_cert_decode(der
, sz
);
726 /* Make an authenticate cell ... */
727 tt_int_op(0, ==, connection_or_send_authenticate_cell(d
->c1
,
728 AUTHTYPE_RSA_SHA256_TLSSECRET
));
729 tt_assert(mock_got_var_cell
);
730 d
->cell
= mock_got_var_cell
;
731 mock_got_var_cell
= NULL
;
735 authenticate_data_cleanup(test
, d
);
739 static struct testcase_setup_t setup_authenticate
= {
740 .setup_fn
= authenticate_data_setup
,
741 .cleanup_fn
= authenticate_data_cleanup
745 test_link_handshake_auth_cell(void *arg
)
747 authenticate_data_t
*d
= arg
;
748 auth1_t
*auth1
= NULL
;
749 crypto_pk_t
*auth_pubkey
= NULL
;
751 /* Is the cell well-formed on the outer layer? */
752 tt_int_op(d
->cell
->command
, ==, CELL_AUTHENTICATE
);
753 tt_int_op(d
->cell
->payload
[0], ==, 0);
754 tt_int_op(d
->cell
->payload
[1], ==, 1);
755 tt_int_op(ntohs(get_uint16(d
->cell
->payload
+ 2)), ==,
756 d
->cell
->payload_len
- 4);
758 /* Check it out for plausibility... */
761 tt_int_op(d
->cell
->payload_len
-4, ==, auth1_parse(&auth1
,
763 d
->cell
->payload_len
- 4, &ctx
));
766 tt_mem_op(auth1
->type
, ==, "AUTH0001", 8);
767 tt_mem_op(auth1
->tlssecrets
, ==, "int getRandomNumber(){return 4;}", 32);
768 tt_int_op(auth1_getlen_sig(auth1
), >, 120);
770 /* Is the signature okay? */
774 auth_pubkey
= tor_tls_cert_get_key(d
->c2
->handshake_state
->auth_cert
);
775 int n
= crypto_pk_public_checksig(
777 (char*)sig
, sizeof(sig
), (char*)auth1_getarray_sig(auth1
),
778 auth1_getlen_sig(auth1
));
779 tt_int_op(n
, ==, 32);
780 const uint8_t *start
= d
->cell
->payload
+4, *end
= auth1
->end_of_signed
;
781 crypto_digest256((char*)digest
,
782 (const char*)start
, end
-start
, DIGEST_SHA256
);
783 tt_mem_op(sig
, ==, digest
, 32);
785 /* Then feed it to c2. */
786 tt_int_op(d
->c2
->handshake_state
->authenticated
, ==, 0);
787 channel_tls_process_authenticate_cell(d
->cell
, d
->chan2
);
788 tt_int_op(mock_close_called
, ==, 0);
789 tt_int_op(d
->c2
->handshake_state
->authenticated
, ==, 1);
793 crypto_pk_free(auth_pubkey
);
796 #define AUTHENTICATE_FAIL(name, code) \
798 test_link_handshake_auth_ ## name(void *arg) \
800 authenticate_data_t *d = arg; \
802 tt_int_op(d->c2->handshake_state->authenticated, ==, 0); \
803 channel_tls_process_authenticate_cell(d->cell, d->chan2); \
804 tt_int_op(mock_close_called, ==, 1); \
805 tt_int_op(d->c2->handshake_state->authenticated, ==, 0); \
810 AUTHENTICATE_FAIL(badstate
,
811 d
->c2
->base_
.state
= OR_CONN_STATE_CONNECTING
)
812 AUTHENTICATE_FAIL(badproto
,
813 d
->c2
->link_proto
= 2)
814 AUTHENTICATE_FAIL(atclient
,
815 d
->c2
->handshake_state
->started_here
= 1)
816 AUTHENTICATE_FAIL(duplicate
,
817 d
->c2
->handshake_state
->received_authenticate
= 1)
819 test_link_handshake_auth_already_authenticated(void *arg
)
821 authenticate_data_t
*d
= arg
;
822 d
->c2
->handshake_state
->authenticated
= 1;
823 channel_tls_process_authenticate_cell(d
->cell
, d
->chan2
);
824 tt_int_op(mock_close_called
, ==, 1);
825 tt_int_op(d
->c2
->handshake_state
->authenticated
, ==, 1);
829 AUTHENTICATE_FAIL(nocerts
,
830 d
->c2
->handshake_state
->received_certs_cell
= 0)
831 AUTHENTICATE_FAIL(noidcert
,
832 tor_x509_cert_free(d
->c2
->handshake_state
->id_cert
);
833 d
->c2
->handshake_state
->id_cert
= NULL
)
834 AUTHENTICATE_FAIL(noauthcert
,
835 tor_x509_cert_free(d
->c2
->handshake_state
->auth_cert
);
836 d
->c2
->handshake_state
->auth_cert
= NULL
)
837 AUTHENTICATE_FAIL(tooshort
,
838 d
->cell
->payload_len
= 3)
839 AUTHENTICATE_FAIL(badtype
,
840 d
->cell
->payload
[0] = 0xff)
841 AUTHENTICATE_FAIL(truncated_1
,
842 d
->cell
->payload
[2]++)
843 AUTHENTICATE_FAIL(truncated_2
,
844 d
->cell
->payload
[3]++)
845 AUTHENTICATE_FAIL(tooshort_1
,
846 tt_int_op(d
->cell
->payload_len
, >=, 260);
847 d
->cell
->payload
[2] -= 1;
848 d
->cell
->payload_len
-= 256;)
849 AUTHENTICATE_FAIL(badcontent
,
850 d
->cell
->payload
[10] ^= 0xff)
851 AUTHENTICATE_FAIL(badsig_1
,
852 d
->cell
->payload
[d
->cell
->payload_len
- 5] ^= 0xff)
854 #define TEST(name, flags) \
855 { #name , test_link_handshake_ ## name, (flags), NULL, NULL }
857 #define TEST_RCV_AUTHCHALLENGE(name) \
858 { "recv_authchallenge/" #name , \
859 test_link_handshake_recv_authchallenge_ ## name, TT_FORK, \
860 &setup_recv_authchallenge, NULL }
862 #define TEST_RCV_CERTS(name) \
863 { "recv_certs/" #name , \
864 test_link_handshake_recv_certs_ ## name, TT_FORK, \
865 &setup_recv_certs, NULL }
867 #define TEST_AUTHENTICATE(name) \
868 { "authenticate/" #name , test_link_handshake_auth_ ## name, TT_FORK, \
869 &setup_authenticate, NULL }
871 struct testcase_t link_handshake_tests
[] = {
872 TEST(certs_ok
, TT_FORK
),
873 //TEST(certs_bad, TT_FORK),
875 TEST_RCV_CERTS(ok_server
),
876 TEST_RCV_CERTS(badstate
),
877 TEST_RCV_CERTS(badproto
),
878 TEST_RCV_CERTS(duplicate
),
879 TEST_RCV_CERTS(already_authenticated
),
880 TEST_RCV_CERTS(empty
),
881 TEST_RCV_CERTS(bad_circid
),
882 TEST_RCV_CERTS(truncated_1
),
883 TEST_RCV_CERTS(truncated_2
),
884 TEST_RCV_CERTS(truncated_3
),
885 TEST_RCV_CERTS(not_x509
),
886 TEST_RCV_CERTS(both_link
),
887 TEST_RCV_CERTS(both_id_rsa
),
888 TEST_RCV_CERTS(both_auth
),
889 TEST_RCV_CERTS(wrong_labels_1
),
890 TEST_RCV_CERTS(wrong_labels_2
),
891 TEST_RCV_CERTS(wrong_labels_3
),
892 TEST_RCV_CERTS(server_missing_certs
),
893 TEST_RCV_CERTS(server_wrong_labels_1
),
895 TEST(send_authchallenge
, TT_FORK
),
896 TEST_RCV_AUTHCHALLENGE(ok
),
897 TEST_RCV_AUTHCHALLENGE(ok_noserver
),
898 TEST_RCV_AUTHCHALLENGE(ok_unrecognized
),
899 TEST_RCV_AUTHCHALLENGE(badstate
),
900 TEST_RCV_AUTHCHALLENGE(badproto
),
901 TEST_RCV_AUTHCHALLENGE(as_server
),
902 TEST_RCV_AUTHCHALLENGE(duplicate
),
903 TEST_RCV_AUTHCHALLENGE(nocerts
),
904 TEST_RCV_AUTHCHALLENGE(tooshort
),
905 TEST_RCV_AUTHCHALLENGE(truncated
),
906 TEST_RCV_AUTHCHALLENGE(nonzero_circid
),
908 TEST_AUTHENTICATE(cell
),
909 TEST_AUTHENTICATE(badstate
),
910 TEST_AUTHENTICATE(badproto
),
911 TEST_AUTHENTICATE(atclient
),
912 TEST_AUTHENTICATE(duplicate
),
913 TEST_AUTHENTICATE(already_authenticated
),
914 TEST_AUTHENTICATE(nocerts
),
915 TEST_AUTHENTICATE(noidcert
),
916 TEST_AUTHENTICATE(noauthcert
),
917 TEST_AUTHENTICATE(tooshort
),
918 TEST_AUTHENTICATE(badtype
),
919 TEST_AUTHENTICATE(truncated_1
),
920 TEST_AUTHENTICATE(truncated_2
),
921 TEST_AUTHENTICATE(tooshort_1
),
922 TEST_AUTHENTICATE(badcontent
),
923 TEST_AUTHENTICATE(badsig_1
),
924 //TEST_AUTHENTICATE(),