[tor-commits] [stem/master] Assert decrypted inner/outer layer content
atagar at torproject.org
atagar at torproject.org
Sun Oct 6 02:07:34 UTC 2019
commit b19ea50c1791539783b5eaa61208e60ad01c2fea
Author: Damian Johnson <atagar at torproject.org>
Date: Tue Oct 1 15:47:51 2019 -0700
Assert decrypted inner/outer layer content
No parsing yet, just basic assertions that we decrypt content properly. Aside
from decryption coverage I'm beginning with this because we'll be able to use
this data for parsing unit tests.
Aside from decryption test coverage this gives me inner/outer layer test data
I'll be able to use for parsing assertions.
---
stem/descriptor/hidden_service.py | 5 +-
.../descriptor/data/hidden_service_v3_inner_layer | 89 +++++++++++++++++++++
.../descriptor/data/hidden_service_v3_outer_layer | Bin 0 -> 10000 bytes
test/unit/descriptor/hidden_service_v3.py | 8 +-
4 files changed, 100 insertions(+), 2 deletions(-)
diff --git a/stem/descriptor/hidden_service.py b/stem/descriptor/hidden_service.py
index 33806ce5..075625c6 100644
--- a/stem/descriptor/hidden_service.py
+++ b/stem/descriptor/hidden_service.py
@@ -554,7 +554,7 @@ class HiddenServiceDescriptorV3(BaseHiddenServiceDescriptor):
# progress. This will probably become something like "body()" which decrypts
# and parses the internal descriptor content.
- def _decrypt(self, onion_address):
+ def _decrypt(self, onion_address, outer_layer = False):
cert_lines = self.signing_cert.split('\n')
desc_signing_cert = stem.descriptor.certificate.Ed25519Certificate.parse(''.join(cert_lines[1:-1]))
@@ -577,6 +577,9 @@ class HiddenServiceDescriptorV3(BaseHiddenServiceDescriptor):
outter_layer_plaintext = stem.descriptor.hsv3_crypto.decrypt_outter_layer(self.superencrypted, self.revision_counter, identity_public_key_bytes, blinded_key_bytes, subcredential_bytes)
+ if outer_layer:
+ return outter_layer_plaintext
+
# ATAGAR XXX this parsing function is a hack. need to replace it with some stem parsing.
inner_layer_ciphertext = stem.descriptor.hsv3_crypto.parse_superencrypted_plaintext(outter_layer_plaintext)
diff --git a/test/unit/descriptor/data/hidden_service_v3_inner_layer b/test/unit/descriptor/data/hidden_service_v3_inner_layer
new file mode 100644
index 00000000..5c87c0f7
--- /dev/null
+++ b/test/unit/descriptor/data/hidden_service_v3_inner_layer
@@ -0,0 +1,89 @@
+create2-formats 2
+intro-auth-required ed25519
+single-onion-service
+introduction-point AgIUQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0MABgECAwQjKQ==
+onion-key ntor AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
+auth-key
+-----BEGIN ED25519 CERT-----
+AQkABl60ARIg+8ID2l9EFNrp3qf08I9d9Bu+gWSU6GGqn53hKVTqAQAgBACS5oD6
+V1UufUhMnSo+20b7wHblTqkLd7uE4+bVZX1SoQF2F6rF7XAR4Av1rqhp++dOn6Yc
+mwOqTOk+b9oHm5ExVFnGH7ydn3TdHAAI9wZcws4ss79meXrB/ZEAkH2Pnw0=
+-----END ED25519 CERT-----
+enc-key ntor AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
+enc-key-cert
+-----BEGIN ED25519 CERT-----
+AQsABqUQAX1ZvjPt5IfeQ4qjcopk0JIh/YtWhOeYZkL1UzxKlwqIAQAgBACS5oD6
+V1UufUhMnSo+20b7wHblTqkLd7uE4+bVZX1SobXTTrsUe/Xl+AH4oLj5Xrt+1M/r
+ZHcUIWtuPgLtrkWl+al5QB3pKLgARtpAEouuqjrVgm+YX14QUofeiQUvFgQ=
+-----END ED25519 CERT-----
+introduction-point AgIUQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0MBEiYAAAAAAAAAAAAAAAAAAAEjKQ==
+onion-key ntor AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
+auth-key
+-----BEGIN ED25519 CERT-----
+AQkABl60AZOscXiUe8VefcJsgzY/UbSANPDjGu6gnvc5377u9nqhAQAgBACS5oD6
+V1UufUhMnSo+20b7wHblTqkLd7uE4+bVZX1SoUhWakSHcEE8Nv+i7qW8zhm/qfus
+YpERdNByhb/3qhXbxLIzChP70n7oe8Jml0Haq0F+6PlbJBQitGoTWJFLGAA=
+-----END ED25519 CERT-----
+enc-key ntor AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
+enc-key-cert
+-----BEGIN ED25519 CERT-----
+AQsABqUQAY4807i5FIp0Vm62Dfb3P+qYWfupxKJYvhohwaZpV2vLAQAgBACS5oD6
+V1UufUhMnSo+20b7wHblTqkLd7uE4+bVZX1SoXBJ1gsXH7NPxct0ACiqbX2Fy05M
+acKfJBgWwVCA3MFaJEhwxuNgQ1KdoIl6E2IURnGOIrccAOkx7b8zSsXPbAM=
+-----END ED25519 CERT-----
+introduction-point AgIUQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0MABgMCAQQjKQ==
+onion-key ntor AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
+auth-key
+-----BEGIN ED25519 CERT-----
+AQkABl60AbxIKMU6fXXSXVfbTwH0YaBThkdH5PUYYllgb5EfQSiPAQAgBACS5oD6
+V1UufUhMnSo+20b7wHblTqkLd7uE4+bVZX1SoS+xSpN1Uk5+v+W/i9AHLj6o6YUB
+EVQdxnN3A/N3PDdXajGDOxtXzTvr/Xtr8cirOCI5InH6rQcxPzOiZVpd5wQ=
+-----END ED25519 CERT-----
+enc-key ntor AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
+enc-key-cert
+-----BEGIN ED25519 CERT-----
+AQsABqUQAf/BK3icOEN4Ajh6RUrWLabS7PfZDvVXXUOz4BZUCv6tAQAgBACS5oD6
+V1UufUhMnSo+20b7wHblTqkLd7uE4+bVZX1SoXyIM4yf4yV2+u9IzIgUw9fGXsiF
+z2E0Ch2LSM0gWwUpm8wkEVAa/nbXXH3vNDpwe+QBXodM7yZuBMv6kfeEGw4=
+-----END ED25519 CERT-----
+legacy-key
+-----BEGIN RSA PUBLIC KEY-----
+MIGJAoGBALKowzZN8UZXm1UFNVpvEtWWfzXjqcNq8h1HqrvwMJQyHxl/OSSH0tuX
+U1fhFT4CasJkw+rbX8SMhHFFDJF2A9glUt2n3p4Z5icTOYySq9eKzBe8OD+1eqyP
+Il5iygcxBYNOkIt+NijgrWiXWyDxUizjBB6rmiDpBJ2aEGjPszKpAgMBAAE=
+-----END RSA PUBLIC KEY-----
+legacy-key-cert
+-----BEGIN CROSSCERT-----
+kuaA+ldVLn1ITJ0qPttG+8B25U6pC3e7hOPm1WV9UqEABl60gKqbazI7Gv7g/C0R
+SiWTMuwDDgsGhnidJuLbDvGb7UyogT6tqt/qE53hfLK1uvpcRd3coFjVJab7yEUL
+CuW9mglk+uQO/gLJNfCpvvGmOitSyA0+arpWzqJ33UIBFMhNJC4c2Tc7jGw976GD
+kjHWf9h49yGEAUuEATBugKgBv7ix
+-----END CROSSCERT-----
+introduction-point AgIUQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0MABgUGBwgjKQ==
+onion-key ntor AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
+auth-key
+-----BEGIN ED25519 CERT-----
+AQkABl60Acq8QW8O7ONgImfilmjrEIeISkZmGuedsdkZucakUBZbAQAgBACS5oD6
+V1UufUhMnSo+20b7wHblTqkLd7uE4+bVZX1Soded2A7SaJOyvI2FBNvljCNgl5T/
+eLNpci4yTizyDv2A0/QB4SyaZ2+SOM/uQn3DKKyhUwwNuaD/sSuUI25gkgY=
+-----END ED25519 CERT-----
+enc-key ntor AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
+enc-key-cert
+-----BEGIN ED25519 CERT-----
+AQsABqUQARe6uX12UazJAo5Qt2iP0rJ29hq/GEEi28dAsKqCOHa6AQAgBACS5oD6
+V1UufUhMnSo+20b7wHblTqkLd7uE4+bVZX1SoY1XfpJjLTI3tJwIrFM/JFP3XbVF
+CtwFlIHgSS1/M9Rr+eznM17+5hd+0SHL4/+WV5ukxyPOWIL6X1z+KPg4hA0=
+-----END ED25519 CERT-----
+legacy-key
+-----BEGIN RSA PUBLIC KEY-----
+MIGJAoGBAMO3ZXrcA+PclKppGCh9TOG0H6mubTAgji4fLF87GelggQs5bnPdQeaS
+v4HgP42J/mMinSLpbg5LhL5gd7AqwOxe9cpEhbvwrM63ot7gkj2tJqs2PLlokqSx
+ZBEAssKbE/8F2iVoEWoXd8g8Pn5nG7wRKDGGQRAjintrBSncTvfRAgMBAAE=
+-----END RSA PUBLIC KEY-----
+legacy-key-cert
+-----BEGIN CROSSCERT-----
+kuaA+ldVLn1ITJ0qPttG+8B25U6pC3e7hOPm1WV9UqEABl60gH1LLE5C2kl5BBpb
+E2Ajh6kJuf2fXMW7csYYNtPACZjFoG+kb16fh7y9L2pLuBFNKpkVDMsiQVcdwWWg
+Nu6qpGj1vHDR1XUM7ocoXB3QMVXCIxvA9b8k3q7KFvXgImi9GZ7l1/K+emm58MYM
+CxhNKazjiFgXjbs9kf+S9HxaF/Yw
+-----END CROSSCERT-----
diff --git a/test/unit/descriptor/data/hidden_service_v3_outer_layer b/test/unit/descriptor/data/hidden_service_v3_outer_layer
new file mode 100644
index 00000000..82a7dbe7
Binary files /dev/null and b/test/unit/descriptor/data/hidden_service_v3_outer_layer differ
diff --git a/test/unit/descriptor/hidden_service_v3.py b/test/unit/descriptor/hidden_service_v3.py
index 7efa1aad..fc4b57dc 100644
--- a/test/unit/descriptor/hidden_service_v3.py
+++ b/test/unit/descriptor/hidden_service_v3.py
@@ -23,6 +23,8 @@ from test.unit.descriptor import (
expect_invalid_attr = functools.partial(base_expect_invalid_attr, HiddenServiceDescriptorV3, 'version', 3)
expect_invalid_attr_for_text = functools.partial(base_expect_invalid_attr_for_text, HiddenServiceDescriptorV3, 'version', 3)
+HS_ADDRESS = 'sltib6sxkuxh2scmtuvd5w2g7pahnzkovefxpo4e4ptnkzl5kkq5h2ad.onion'
+
EXPECTED_SIGNING_CERT = """\
-----BEGIN ED25519 CERT-----
AQgABl5/AZLmgPpXVS59SEydKj7bRvvAduVOqQt3u4Tj5tVlfVKhAQAgBABUhpfe
@@ -51,7 +53,11 @@ class TestHiddenServiceDescriptorV3(unittest.TestCase):
self.assertEqual('aglChCQF+lbzKgyxJJTpYGVShV/GMDRJ4+cRGCp+a2y/yX/tLSh7hzqI7rVZrUoGj74Xr1CLMYO3fXYCS+DPDQ', desc.signature)
if stem.prereq.is_crypto_available(ed25519 = True) and stem.descriptor.hsv3_crypto.SHA3_AVAILABLE:
- desc._decrypt('sltib6sxkuxh2scmtuvd5w2g7pahnzkovefxpo4e4ptnkzl5kkq5h2ad.onion')
+ with open(get_resource('hidden_service_v3_outer_layer'), 'rb') as outer_layer_file:
+ self.assertEqual(outer_layer_file.read(), desc._decrypt(HS_ADDRESS, outer_layer = True))
+
+ with open(get_resource('hidden_service_v3_inner_layer'), 'rb') as outer_layer_file:
+ self.assertEqual(outer_layer_file.read(), desc._decrypt(HS_ADDRESS, outer_layer = False))
def test_required_fields(self):
"""
More information about the tor-commits
mailing list