commit 232ea426b50859fd5f981d312edf606c4380a682 Author: Karsten Loesing karsten.loesing@gmx.net Date: Mon May 29 14:25:11 2017 +0200
Fix bug in digest computation. --- CHANGELOG.md | 2 ++ .../org/torproject/descriptor/impl/DescriptorImpl.java | 16 ++++++++++++---- .../descriptor/impl/RelayNetworkStatusImplTest.java | 9 ++++++++- .../descriptor/impl/ServerDescriptorImplTest.java | 14 +++++++------- 4 files changed, 29 insertions(+), 12 deletions(-)
diff --git a/CHANGELOG.md b/CHANGELOG.md index 85c9be8..0cedcd1 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,6 +8,8 @@ - Fix a bug where Microdescriptor's getDigestSha256Base64() returns a hex string rather than a base64 string. - Move descriptor digest computation to DescriptorImpl. + - Fix a bug in digest computation by making sure that the + descriptor string actually contains the end token.
# Changes in version 1.7.0 - 2017-05-17 diff --git a/src/main/java/org/torproject/descriptor/impl/DescriptorImpl.java b/src/main/java/org/torproject/descriptor/impl/DescriptorImpl.java index d5d28c8..8c9c315 100644 --- a/src/main/java/org/torproject/descriptor/impl/DescriptorImpl.java +++ b/src/main/java/org/torproject/descriptor/impl/DescriptorImpl.java @@ -371,8 +371,12 @@ public abstract class DescriptorImpl implements Descriptor { String ascii = new String(this.rawDescriptorBytes, StandardCharsets.US_ASCII); int start = ascii.indexOf(startToken); - int end = (null == endToken) ? ascii.length() - : (ascii.indexOf(endToken) + endToken.length()); + int end = -1; + if (null == endToken) { + end = ascii.length(); + } else if (ascii.contains(endToken)) { + end = ascii.indexOf(endToken) + endToken.length(); + } if (start >= 0 && end >= 0 && end > start) { byte[] forDigest = new byte[end - start]; System.arraycopy(this.rawDescriptorBytes, start, forDigest, 0, @@ -408,8 +412,12 @@ public abstract class DescriptorImpl implements Descriptor { String ascii = new String(this.rawDescriptorBytes, StandardCharsets.US_ASCII); int start = ascii.indexOf(startToken); - int end = (null == endToken) ? ascii.length() - : (ascii.indexOf(endToken) + endToken.length()); + int end = -1; + if (null == endToken) { + end = ascii.length(); + } else if (ascii.contains(endToken)) { + end = ascii.indexOf(endToken) + endToken.length(); + } if (start >= 0 && end >= 0 && end > start) { byte[] forDigest = new byte[end - start]; System.arraycopy(this.rawDescriptorBytes, start, forDigest, 0, diff --git a/src/test/java/org/torproject/descriptor/impl/RelayNetworkStatusImplTest.java b/src/test/java/org/torproject/descriptor/impl/RelayNetworkStatusImplTest.java index d550d26..cccc6f7 100644 --- a/src/test/java/org/torproject/descriptor/impl/RelayNetworkStatusImplTest.java +++ b/src/test/java/org/torproject/descriptor/impl/RelayNetworkStatusImplTest.java @@ -24,8 +24,15 @@ public class RelayNetworkStatusImplTest { + "c6JWYUWZSPpW1uyjyLPUI/ikyyH7zmtR4MfhSeNdt2zSakojYNaPAgMBAAE=\n" + "-----END RSA PUBLIC KEY-----\n";
+ private static final String validFooter = "directory-signature dizum\n" + + "-----BEGIN SIGNATURE-----\n" + + "G62xrsrqpmJKSHP672o2Wv/5hdKmy+LoWwdQl/JvT7WN7VfdlfBpo5UgsxvIHGSF\n" + + "MGVROgjL1+EW4vezm5U0/Tz02CbCaw5Gs2hu4fviT0qKTV+QTP+l9a4SeY36a1qL\n" + + "TZiThjmOWg5C5ru2eOZKzst2wGW0WDPmsVRpWO7UMzs=\n" + + "-----END SIGNATURE-----\n"; + private static final String validStatus = - "@type network-status-2 1.0\n" + validHeader; + "@type network-status-2 1.0\n" + validHeader + validFooter;
@Test(expected = DescriptorParseException.class) public void testParseBrokenHeader() throws DescriptorParseException { diff --git a/src/test/java/org/torproject/descriptor/impl/ServerDescriptorImplTest.java b/src/test/java/org/torproject/descriptor/impl/ServerDescriptorImplTest.java index 4a84764..6cfb024 100644 --- a/src/test/java/org/torproject/descriptor/impl/ServerDescriptorImplTest.java +++ b/src/test/java/org/torproject/descriptor/impl/ServerDescriptorImplTest.java @@ -1027,14 +1027,14 @@ public class ServerDescriptorImplTest { descriptor.getExitPolicyLines()); }
- @Test() - public void testRouterSignatureOpt() - throws DescriptorParseException { - DescriptorBuilder.createWithRouterSignatureLines("opt " - + "router-signature\n" + @Test(expected = DescriptorParseException.class) + public void testEndSignatureFourDashes() throws DescriptorParseException { + DescriptorBuilder.createWithRouterSignatureLines("router-signature\n" + "-----BEGIN SIGNATURE-----\n" - + "crypto lines are ignored anyway\n" - + "-----END SIGNATURE-----"); + + "o4j+kH8UQfjBwepUnr99v0ebN8RpzHJ/lqYsTojXHy9kMr1RNI9IDeSzA7PSqT" + + "uV\n4PL8QsGtlfwthtIoZpB2srZeyN/mcpA9fa1JXUrt/UN9K/+32Cyaad7h0n" + + "HE6Xfb\njqpXDpnBpvk4zjmzjjKYnIsUWTnADmu0fo3xTRqXi7g=\n" + + "-----END SIGNATURE----"); }
@Test(expected = DescriptorParseException.class)