1 use tor_cert::rsa::RsaCrosscert;
2 use tor_cert::{Ed25519Cert, KeyType};
3 use tor_checkable::{ExternallySigned, SelfSigned, Timebound};
4 
5 use std::time::{Duration, SystemTime};
6 
7 use hex_literal::hex;
8 
9 #[test]
test_valid_ed()10 fn test_valid_ed() {
11     use tor_llcrypto::pk::ed25519::PublicKey;
12     // These are taken from a CERTS cell in a chutney network.
13     let signing_key = hex!("F82294B866A31F01FC5D0DA8572850A9B929545C3266558D7D2316E3B74172B0");
14     let identity_key = hex!("DCB604DB2034B00FD16986D4ADB9D16B21CB4E4457A33DEC0F538903683E96E9");
15     let signing_key = PublicKey::from_bytes(&signing_key[..]).unwrap();
16     let identity_key = PublicKey::from_bytes(&identity_key[..]).unwrap();
17 
18     let notional_time = SystemTime::UNIX_EPOCH + Duration::new(1601000000, 0);
19 
20     // signing cert signed with signing key, type 4, one extension.
21     let c = hex!(
22         "01 04 0006CC2A 01
23          F82294B866A31F01FC5D0DA8572850A9B929545C3266558D7D2316E3B74172B0
24          01 0020 04 00
25          DCB604DB2034B00FD16986D4ADB9D16B21CB4E4457A33DEC0F538903683E96E9
26          FF1A5203FA27F86EF7528D89A0845D2520166E340754FFEA2AAE0F612B7CE5DA
27          094A0236CDAC45034B0B6842C18E7F6B51B93A3CF7E60663B8AD061C30A62602"
28     );
29     let cert = Ed25519Cert::decode(&c[..]).unwrap();
30     assert_eq!(cert.peek_cert_type(), 4.into());
31     assert_eq!(cert.peek_subject_key().as_ed25519(), Some(&signing_key));
32     let cert = cert
33         .check_key(&None)
34         .unwrap()
35         .check_signature()
36         .unwrap()
37         .check_valid_at(&notional_time)
38         .unwrap();
39 
40     assert_eq!(cert.subject_key().key_type(), KeyType::ED25519_KEY);
41     assert_eq!(cert.subject_key().as_ed25519(), Some(&signing_key));
42     assert_eq!(cert.signing_key().unwrap(), &identity_key);
43     assert_eq!(cert.cert_type(), 4.into());
44     assert_eq!(
45         cert.expiry(),
46         SystemTime::UNIX_EPOCH + Duration::new(0x6cc2a * 3600, 0)
47     );
48 
49     // link cert signed with signing key, type 5, no extensions.
50     let c = hex!(
51         "01 05 0006C98A 03
52          B4FD606B64E4CBD466B8D76CB131069BAE6F3AA1878857C9F624E31D77A799B8
53          00
54          7173E5F8068431D0D3F5EE16B4C9FFD59DF373E152A87281BAE744AA5FCF7217
55          1BF4B27C4E8FC1C6A9FC5CA11058BC49647063D7903CFD9F512F89099B27BC0C"
56     );
57     let tls_cert_digest = hex!("B4FD606B64E4CBD466B8D76CB131069BAE6F3AA1878857C9F624E31D77A799B8");
58     let cert = Ed25519Cert::decode(&c[..]).unwrap();
59     assert_eq!(cert.peek_cert_type(), 5.into());
60     assert_eq!(cert.peek_subject_key().as_bytes(), &tls_cert_digest[..]);
61     let cert = cert
62         .check_key(&Some(signing_key))
63         .unwrap()
64         .check_signature()
65         .unwrap()
66         .check_valid_at(&notional_time)
67         .unwrap();
68     assert_eq!(cert.subject_key().key_type(), KeyType::SHA256_OF_X509);
69     assert_eq!(cert.subject_key().as_bytes(), &tls_cert_digest[..]);
70     assert_eq!(cert.subject_key().as_ed25519(), None);
71     assert_eq!(cert.signing_key().unwrap(), &signing_key);
72     assert_eq!(cert.cert_type(), 5.into());
73     assert_eq!(
74         cert.expiry(),
75         SystemTime::UNIX_EPOCH + Duration::new(0x6c98a * 3600, 0)
76     );
77 }
78 
79 #[test]
test_valid_rsa_cc()80 fn test_valid_rsa_cc() {
81     let notional_time = SystemTime::UNIX_EPOCH + Duration::new(1601000000, 0);
82     let pk = hex!("30818902818100d38b1e6ceb946e0db0751f4cbace3dcb9688b6c25304227b4710c35afb73627e50500f5913e158b621802612d1c75827003703338375237552eb3cd3c12f6ab3604e60c1a2d26bb1fbad206ff023969a90909d6a65a5458a5312c26ebd3a3dad30302d4515cdcd264146ac18e6fc60a04bd3ec327f04294d96ba5aa25b464c3f0203010001");
83     let pk = tor_llcrypto::pk::rsa::PublicKey::from_der(&pk[..]).unwrap();
84 
85     let wrong_pk = hex!("30818902818100d38b1e6ceb946e0db0751f4cbace3dcb9688b6c25304227b4710c35afb73627e50500f5913e158b621802612d1c75827003703338375237552eb3cd3c12f6ab3604e60c1a2d26bb1fbad206ff023969a90909d6a65a5458a5312c26ebd6a3dad30302d4515cdcd264146ac18e6fc60a04bd3ec327f04294d96ba5aa25b464c3f0203010001");
86     let wrong_pk = tor_llcrypto::pk::rsa::PublicKey::from_der(&wrong_pk[..]).unwrap();
87 
88     let ed_identity = hex!("DCB604DB2034B00FD16986D4ADB9D16B21CB4E4457A33DEC0F538903683E96E9");
89     let ed_identity = tor_llcrypto::pk::ed25519::PublicKey::from_bytes(&ed_identity[..]).unwrap();
90 
91     let c = hex!(
92         "DCB604DB2034B00FD16986D4ADB9D16B21CB4E4457A33DEC0F538903683E96E9
93          0006DA3A 80
94          5CF6006F9179066534DE6B45AD47A5C469063EE462762723396DC9F25452A0A5
95          2DA3F5087DD239F2A311F6B0D4DFEFF4ABD089DC3D0237A0ABAB19EB2045B91C
96          DCAF04BE0A72D548A27BF2E77BD876ECFE5E1BE622350DA6BF31F6E306ED8964
97          88DD5B39409B23FC3EB7B2C9F7328EB18DA36D54D80575899EA6507CCBFCDF1F"
98     );
99     let cert = RsaCrosscert::decode(&c[..]).unwrap();
100 
101     // This returns correct for all keys.
102     assert!(cert.key_is_correct(&pk).is_ok());
103     assert!(cert.key_is_correct(&wrong_pk).is_ok());
104 
105     // But it isn't well-signed with the wrong pk.
106     assert!(cert.is_well_signed(&wrong_pk).is_err());
107 
108     let cert = cert
109         .check_signature(&pk)
110         .unwrap()
111         .check_valid_at(&notional_time)
112         .unwrap();
113     assert!(cert.subject_key_matches(&ed_identity));
114 }
115