aboutsummaryrefslogtreecommitdiff
path: root/src/or
diff options
context:
space:
mode:
authorNick Mathewson <nickm@torproject.org>2004-03-31 02:07:38 +0000
committerNick Mathewson <nickm@torproject.org>2004-03-31 02:07:38 +0000
commit6ea61d5e0dd7a5990ab2a5a8198cef425718f81f (patch)
tree7ed4d3dda872d0caa280242dfad8eda471f6d83c /src/or
parent670aeb6c8d894cb99a809fd7cc4f516cd0e54933 (diff)
downloadtor-6ea61d5e0dd7a5990ab2a5a8198cef425718f81f.tar
tor-6ea61d5e0dd7a5990ab2a5a8198cef425718f81f.tar.gz
Parse and generate service descriptors
svn:r1403
Diffstat (limited to 'src/or')
-rw-r--r--src/or/Makefile.am4
-rw-r--r--src/or/or.h14
-rw-r--r--src/or/rendcommon.c130
-rw-r--r--src/or/test.c36
4 files changed, 182 insertions, 2 deletions
diff --git a/src/or/Makefile.am b/src/or/Makefile.am
index 38aee6179..7568df7f3 100644
--- a/src/or/Makefile.am
+++ b/src/or/Makefile.am
@@ -5,14 +5,14 @@ noinst_PROGRAMS = test
bin_PROGRAMS = tor
tor_SOURCES = buffers.c circuit.c command.c connection.c \
- connection_or.c config.c dirserv.c \
+ connection_or.c config.c dirserv.c rendcommon.c \
onion.c router.c routerlist.c directory.c dns.c connection_edge.c \
rephist.c cpuworker.c main.c tor_main.c
tor_LDADD = ../common/libor.a
test_SOURCES = buffers.c circuit.c command.c connection.c \
- connection_or.c config.c dirserv.c \
+ connection_or.c config.c dirserv.c rendcommon.c \
onion.c router.c routerlist.c directory.c dns.c connection_edge.c \
rephist.c cpuworker.c main.c test.c
diff --git a/src/or/or.h b/src/or/or.h
index abdaf114d..14dbdb926 100644
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -972,6 +972,20 @@ void rep_hist_dump_stats(time_t now, int severity);
/* length of 'y' portion of 'y.onion' URL. */
#define REND_SERVICE_ID_LEN 16
+typedef struct rend_service_descriptor_t {
+ crypto_pk_env_t *pk;
+ time_t timestamp;
+ int n_intro_points;
+ char **intro_points;
+} rend_service_descriptor_t;
+
+void rend_service_descriptor_free(rend_service_descriptor_t *desc);
+int rend_encode_service_descriptor(rend_service_descriptor_t *desc,
+ crypto_pk_env_t *key,
+ char **str_out,
+ int *len_out);
+rend_service_descriptor_t *rend_parse_service_descriptor(const char *str, int len);
+
#endif
/*
diff --git a/src/or/rendcommon.c b/src/or/rendcommon.c
new file mode 100644
index 000000000..f1e1b0160
--- /dev/null
+++ b/src/or/rendcommon.c
@@ -0,0 +1,130 @@
+/* Copyright 2004 Roger Dingledine */
+/* See LICENSE for licensing information */
+/* $Id$ */
+
+#include "or.h"
+
+void rend_service_descriptor_free(rend_service_descriptor_t *desc)
+{
+ int i;
+ if (desc->pk)
+ crypto_free_pk_env(desc->pk);
+ if (desc->intro_points) {
+ for (i=0; i < desc->n_intro_points; ++i) {
+ tor_free(desc->intro_points[i]);
+ }
+ tor_free(desc->intro_points);
+ }
+ tor_free(desc);
+}
+
+int
+rend_encode_service_descriptor(rend_service_descriptor_t *desc,
+ crypto_pk_env_t *key,
+ char **str_out, int *len_out)
+{
+ char *buf, *cp, *ipoint;
+ int i, keylen, asn1len;
+ char digest[CRYPTO_SHA1_DIGEST_LEN];
+ keylen = crypto_pk_keysize(desc->pk);
+ buf = tor_malloc(keylen*2); /* XXXX */
+ asn1len = crypto_pk_asn1_encode(desc->pk, buf, keylen*2);
+ if (asn1len<0) {
+ tor_free(buf);
+ return -1;
+ }
+ *len_out = 2 + asn1len + 4 + 2 + keylen;
+ for (i = 0; i < desc->n_intro_points; ++i) {
+ *len_out += strlen(desc->intro_points[i]) + 1;
+ }
+ cp = *str_out = tor_malloc(*len_out);
+ set_uint16(cp, (uint16_t)asn1len);
+ cp += 2;
+ memcpy(cp, buf, asn1len);
+ tor_free(buf);
+ cp += asn1len;
+ set_uint32(cp, (uint32_t)desc->timestamp);
+ cp += 4;
+ set_uint16(cp, (uint16_t)desc->n_intro_points);
+ cp += 2;
+ for (i=0; i < desc->n_intro_points; ++i) {
+ ipoint = (char*)desc->intro_points[i];
+ strcpy(cp, ipoint);
+ cp += strlen(ipoint)+1;
+ }
+ i = crypto_SHA_digest(*str_out, cp-*str_out, digest);
+ if (i<0) {
+ tor_free(*str_out);
+ return -1;
+ }
+ i = crypto_pk_private_sign(key, digest, CRYPTO_SHA1_DIGEST_LEN, cp);
+ if (i<0) {
+ tor_free(*str_out);
+ return -1;
+ }
+ cp += i;
+ assert(*len_out == (cp-*str_out));
+ return 0;
+}
+
+
+rend_service_descriptor_t *rend_parse_service_descriptor(
+ const char *str, int len)
+{
+ rend_service_descriptor_t *result = NULL;
+ int keylen, asn1len, i;
+ const char *end, *cp, *eos;
+ char *signed_data=NULL;
+ char digest_expected[CRYPTO_SHA1_DIGEST_LEN];
+ result = tor_malloc_zero(sizeof(rend_service_descriptor_t));
+ cp = str;
+ end = str+len;
+ if (end-cp < 2) goto truncated;
+ asn1len = get_uint16(cp);
+ cp += 2;
+ if (end-cp < asn1len) goto truncated;
+ result->pk = crypto_pk_asn1_decode(cp, asn1len);
+ if (!result->pk) goto truncated;
+ cp += asn1len;
+ if (end-cp < 4) goto truncated;
+ result->timestamp = (time_t) get_uint32(cp);
+ cp += 4;
+ if (end-cp < 2) goto truncated;
+ result->n_intro_points = get_uint16(cp);
+ result->intro_points = tor_malloc_zero(sizeof(char*)*result->n_intro_points);
+ cp += 2;
+ for (i=0;i<result->n_intro_points;++i) {
+ if (end-cp < 2) goto truncated;
+ eos = (const char *)memchr(cp,'\0',end-cp);
+ if (!eos) goto truncated;
+ result->intro_points[i] = tor_strdup(cp);
+ cp = eos+1;
+ }
+ keylen = crypto_pk_keysize(result->pk);
+ if (end-cp != keylen) goto truncated;
+ if (crypto_SHA_digest(str, cp-str, digest_expected)<0) {
+ log_fn(LOG_WARN, "Error computing SHA1 digest.");
+ goto error;
+ }
+ signed_data = tor_malloc(keylen+1);
+ i = crypto_pk_public_checksig(result->pk, (char*)cp, end-cp, signed_data);
+ if (i<0) {
+ log_fn(LOG_WARN, "Invalid signature on service descriptor");
+ goto error;
+ }
+ if (i != CRYPTO_SHA1_DIGEST_LEN ||
+ memcmp(signed_data, digest_expected, CRYPTO_SHA1_DIGEST_LEN)) {
+ log_fn(LOG_WARN, "Mismatched signature on service descriptor");
+ goto error;
+ }
+ tor_free(signed_data);
+
+ return result;
+ truncated:
+ log_fn(LOG_WARN, "Truncated service descriptor");
+ error:
+ tor_free(signed_data);
+ rend_service_descriptor_free(result);
+ return NULL;
+}
+
diff --git a/src/or/test.c b/src/or/test.c
index e329e73c3..f845b157b 100644
--- a/src/or/test.c
+++ b/src/or/test.c
@@ -804,6 +804,40 @@ test_dir_format()
test_eq(0, is_recommended_version("a", ""));
}
+void test_rend_fns()
+{
+ rend_service_descriptor_t *d1, *d2;
+ char *encoded;
+ int len;
+ crypto_pk_env_t *pk1;
+ time_t now;
+ pk1 = crypto_new_pk_env(CRYPTO_PK_RSA);
+
+ test_assert(!crypto_pk_generate_key(pk1));
+ d1 = tor_malloc_zero(sizeof(rend_service_descriptor_t));
+ d1->pk = pk1;
+ now = time(NULL);
+ d1->timestamp = now;
+ d1->n_intro_points = 3;
+ d1->intro_points = tor_malloc(sizeof(char*)*3);
+ d1->intro_points[0] = tor_strdup("tom");
+ d1->intro_points[1] = tor_strdup("crow");
+ d1->intro_points[2] = tor_strdup("joel");
+ test_assert(! rend_encode_service_descriptor(d1, pk1, &encoded, &len));
+ d2 = rend_parse_service_descriptor(encoded, len);
+ test_assert(d2);
+
+ test_assert(!crypto_pk_cmp_keys(d1->pk, d2->pk));
+ test_eq(d2->timestamp, now);
+ test_eq(d2->n_intro_points, 3);
+ test_streq(d2->intro_points[0], "tom");
+ test_streq(d2->intro_points[1], "crow");
+ test_streq(d2->intro_points[2], "joel");
+
+ rend_service_descriptor_free(d1);
+ rend_service_descriptor_free(d2);
+}
+
int
main(int c, char**v){
#if 0
@@ -830,6 +864,8 @@ main(int c, char**v){
puts("\n========================= Directory Formats ===============");
// add_stream_log(LOG_DEBUG, NULL, stdout);
test_dir_format();
+ puts("\n========================= Rendezvous functionality ========");
+ test_rend_fns();
puts("");
if (have_failed)