commit 6052e22b08f65d34a8cdea466482c5294b6c6d11 Author: Karsten Loesing karsten.loesing@gmx.net Date: Sun Jun 4 22:58:31 2017 +0200
Don't compute bridge descriptor digests.
These calls will fail for computing bridge descriptor digests, because there are no `-----END SIGNATURE-----` lines in sanitized bridge descriptors. --- .../descriptor/impl/ExtraInfoDescriptorImpl.java | 4 --- .../impl/RelayExtraInfoDescriptorImpl.java | 4 +++ .../descriptor/impl/RelayServerDescriptorImpl.java | 4 +++ .../descriptor/impl/ServerDescriptorImpl.java | 4 --- .../impl/ExtraInfoDescriptorImplTest.java | 22 +++++++++++++++ .../descriptor/impl/ServerDescriptorImplTest.java | 31 ++++++++++++++++++++++ 6 files changed, 61 insertions(+), 8 deletions(-)
diff --git a/src/main/java/org/torproject/descriptor/impl/ExtraInfoDescriptorImpl.java b/src/main/java/org/torproject/descriptor/impl/ExtraInfoDescriptorImpl.java index b4c3a0b..0d67af9 100644 --- a/src/main/java/org/torproject/descriptor/impl/ExtraInfoDescriptorImpl.java +++ b/src/main/java/org/torproject/descriptor/impl/ExtraInfoDescriptorImpl.java @@ -39,10 +39,6 @@ public abstract class ExtraInfoDescriptorImpl extends DescriptorImpl super(descriptorBytes, offsetAndLimit, failUnrecognizedDescriptorLines, false); this.parseDescriptorBytes(); - this.calculateDigestSha1Hex(Key.EXTRA_INFO.keyword + SP, - NL + Key.ROUTER_SIGNATURE.keyword + NL); - this.calculateDigestSha256Base64(Key.EXTRA_INFO.keyword + SP, - NL + "-----END SIGNATURE-----" + NL); this.checkExactlyOnceKeys(exactlyOnceKeys); Set<Key> dirreqStatsKeys = EnumSet.of( Key.DIRREQ_STATS_END, Key.DIRREQ_V2_IPS, Key.DIRREQ_V3_IPS, diff --git a/src/main/java/org/torproject/descriptor/impl/RelayExtraInfoDescriptorImpl.java b/src/main/java/org/torproject/descriptor/impl/RelayExtraInfoDescriptorImpl.java index 37bdc21..92cff65 100644 --- a/src/main/java/org/torproject/descriptor/impl/RelayExtraInfoDescriptorImpl.java +++ b/src/main/java/org/torproject/descriptor/impl/RelayExtraInfoDescriptorImpl.java @@ -13,6 +13,10 @@ public class RelayExtraInfoDescriptorImpl int[] offsetAndLimit, boolean failUnrecognizedDescriptorLines) throws DescriptorParseException { super(descriptorBytes, offsetAndLimit, failUnrecognizedDescriptorLines); + this.calculateDigestSha1Hex(Key.EXTRA_INFO.keyword + SP, + NL + Key.ROUTER_SIGNATURE.keyword + NL); + this.calculateDigestSha256Base64(Key.EXTRA_INFO.keyword + SP, + NL + "-----END SIGNATURE-----" + NL); } }
diff --git a/src/main/java/org/torproject/descriptor/impl/RelayServerDescriptorImpl.java b/src/main/java/org/torproject/descriptor/impl/RelayServerDescriptorImpl.java index b1d3f47..4ccb35a 100644 --- a/src/main/java/org/torproject/descriptor/impl/RelayServerDescriptorImpl.java +++ b/src/main/java/org/torproject/descriptor/impl/RelayServerDescriptorImpl.java @@ -13,6 +13,10 @@ public class RelayServerDescriptorImpl extends ServerDescriptorImpl int[] offsetAndLength, boolean failUnrecognizedDescriptorLines) throws DescriptorParseException { super(descriptorBytes, offsetAndLength, failUnrecognizedDescriptorLines); + this.calculateDigestSha1Hex(Key.ROUTER.keyword + SP, + NL + Key.ROUTER_SIGNATURE.keyword + NL); + this.calculateDigestSha256Base64(Key.ROUTER.keyword + SP, + NL + "-----END SIGNATURE-----" + NL); } }
diff --git a/src/main/java/org/torproject/descriptor/impl/ServerDescriptorImpl.java b/src/main/java/org/torproject/descriptor/impl/ServerDescriptorImpl.java index a4cf25e..428b2f0 100644 --- a/src/main/java/org/torproject/descriptor/impl/ServerDescriptorImpl.java +++ b/src/main/java/org/torproject/descriptor/impl/ServerDescriptorImpl.java @@ -40,10 +40,6 @@ public abstract class ServerDescriptorImpl extends DescriptorImpl super(descriptorBytes, offsetAndLength, failUnrecognizedDescriptorLines, false); this.parseDescriptorBytes(); - this.calculateDigestSha1Hex(Key.ROUTER.keyword + SP, - NL + Key.ROUTER_SIGNATURE.keyword + NL); - this.calculateDigestSha256Base64(Key.ROUTER.keyword + SP, - NL + "-----END SIGNATURE-----" + NL); this.checkExactlyOnceKeys(exactlyOnce); this.checkAtMostOnceKeys(atMostOnce); this.checkFirstKey(Key.ROUTER); diff --git a/src/test/java/org/torproject/descriptor/impl/ExtraInfoDescriptorImplTest.java b/src/test/java/org/torproject/descriptor/impl/ExtraInfoDescriptorImplTest.java index c47c873..b745b07 100644 --- a/src/test/java/org/torproject/descriptor/impl/ExtraInfoDescriptorImplTest.java +++ b/src/test/java/org/torproject/descriptor/impl/ExtraInfoDescriptorImplTest.java @@ -2166,5 +2166,27 @@ public class ExtraInfoDescriptorImplTest { assertEquals("TvrqpjI7OmCtwGwair/NHUxg5ROVVQYz6/EDyXsDHR4", descriptor.getDigestSha256Base64()); } + + @Test() + public void testExtraInfoDigestsNoRouterDigestLines() + throws DescriptorParseException { + byte[] descriptorBytes = ("extra-info idideditheconfig " + + "DC28749EC9E26E61DE492E46CD830379E9931B09\n" + + "master-key-ed25519 " + + "38FzmOIE6Mm85Ytx0MhFM6X9EuxWRUgb6HjyMGuO2AU\n" + + "published 2015-12-03 13:23:19\n" + + "write-history 2015-12-03 09:59:32 (14400 s) 53913600,52992000," + + "53222400,53222400,53452800,53222400\n" + + "read-history 2015-12-03 09:59:32 (14400 s) 61056000,60364800," + + "60364800,60134400,60595200,60364800\n" + + "geoip-db-digest 5BF366AD4A0572D82A1A0F6628AF8EF7725E3AB9\n" + + "geoip6-db-digest 212DE17D5A368DCAFA19B95F168BFFA101145A93\n") + .getBytes(); + BridgeExtraInfoDescriptor descriptor = + new BridgeExtraInfoDescriptorImpl(descriptorBytes, + new int[] { 0, descriptorBytes.length }, true); + assertNull(descriptor.getDigestSha1Hex()); + assertNull(descriptor.getDigestSha256Base64()); + } }
diff --git a/src/test/java/org/torproject/descriptor/impl/ServerDescriptorImplTest.java b/src/test/java/org/torproject/descriptor/impl/ServerDescriptorImplTest.java index 71ce810..7a765d4 100644 --- a/src/test/java/org/torproject/descriptor/impl/ServerDescriptorImplTest.java +++ b/src/test/java/org/torproject/descriptor/impl/ServerDescriptorImplTest.java @@ -10,6 +10,7 @@ import static org.junit.Assert.assertNull; import static org.junit.Assert.assertTrue;
import org.torproject.descriptor.BandwidthHistory; +import org.torproject.descriptor.BridgeServerDescriptor; import org.torproject.descriptor.DescriptorParseException; import org.torproject.descriptor.ServerDescriptor;
@@ -493,6 +494,10 @@ public class ServerDescriptorImplTest { assertFalse(descriptor.getCachesExtraInfo()); assertFalse(descriptor.getAllowSingleHopExits()); assertTrue(descriptor.getUnrecognizedLines().isEmpty()); + assertEquals("a9635dd801ad98dac43aff49baa2dbbaf050222d", + descriptor.getDigestSha1Hex()); + assertEquals("kvdJKQ6R9i8x1nDqJZ34JFWsu6TquLqQy54nheSWrOY", + descriptor.getDigestSha256Base64()); }
@Test(expected = DescriptorParseException.class) @@ -1718,5 +1723,31 @@ public class ServerDescriptorImplTest { NTOR_ONION_KEY_CROSSCERT_LINES + "\n" + NTOR_ONION_KEY_CROSSCERT_LINES); } + + @Test() + public void testBridgeDescriptorDigestsRouterDigestLines() + throws DescriptorParseException { + DescriptorBuilder db = new DescriptorBuilder(); + String digestSha1Hex = "A9635DD801AD98DAC43AFF49BAA2DBBAF050222D"; + String digestSha256Base64 = "kvdJKQ6R9i8x1nDqJZ34JFWsu6TquLqQy54nheSWrOY"; + db.routerSignatureLines = "router-digest-sha256 " + digestSha256Base64 + + "\nrouter-digest " + digestSha1Hex; + byte[] descriptorBytes = db.buildDescriptorBytes(); + BridgeServerDescriptor descriptor = new BridgeServerDescriptorImpl( + descriptorBytes, new int[] { 0, descriptorBytes.length }, true); + assertEquals(digestSha1Hex, descriptor.getDigestSha1Hex()); + assertEquals(digestSha256Base64, descriptor.getDigestSha256Base64()); + } + + @Test() + public void testBridgeDescriptorDigestsNoRouterDigestLines() + throws DescriptorParseException { + DescriptorBuilder db = new DescriptorBuilder(); + byte[] descriptorBytes = db.buildDescriptorBytes(); + BridgeServerDescriptor descriptor = new BridgeServerDescriptorImpl( + descriptorBytes, new int[] { 0, descriptorBytes.length }, true); + assertNull(descriptor.getDigestSha1Hex()); + assertNull(descriptor.getDigestSha256Base64()); + } }