oci/zeronet
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Clean up tor v3 patch (#115)

Browse source 
https://github.com/ZeroNetX/ZeroNet/pull/115
This commit is contained in:
Zola Gonano 2021-12-26 18:54:13 +00:00 committed by GitHub
parent 62f88a11a7
commit f2e1c2ad81
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 41 additions and 19 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

40
src/Crypt/CryptRsa.py → src/Crypt/CryptTor.py
View file

@ -4,14 +4,17 @@ import hashlib
def sign(data, privatekey): def sign(data, privatekey):
import rsa import rsa
from rsa import pkcs1 from rsa import pkcs1
from Crypt import CryptEd25519 from lib import Ed25519
## v3 = 88
## Onion Service V3
if len(privatekey) == 88: if len(privatekey) == 88:
prv_key = base64.b64decode(privatekey) prv_key = base64.b64decode(privatekey)
pub_key = CryptEd25519.publickey_unsafe(prv_key) pub_key = Ed25519.publickey_unsafe(prv_key)
sign = CryptEd25519.signature_unsafe(data, prv_key, pub_key) sign = Ed25519.signature_unsafe(data, prv_key, pub_key)
return sign return sign
## Onion Service V2
if "BEGIN RSA PRIVATE KEY" not in privatekey: if "BEGIN RSA PRIVATE KEY" not in privatekey:
privatekey = "-----BEGIN RSA PRIVATE KEY-----\n%s\n-----END RSA PRIVATE KEY-----" % privatekey privatekey = "-----BEGIN RSA PRIVATE KEY-----\n%s\n-----END RSA PRIVATE KEY-----" % privatekey
@ -22,44 +25,61 @@ def sign(data, privatekey):
def verify(data, publickey, sign): def verify(data, publickey, sign):
import rsa import rsa
from rsa import pkcs1 from rsa import pkcs1
from Crypt import CryptEd25519 from lib import Ed25519
## Onion Service V3
if len(publickey) == 32: if len(publickey) == 32:
try: try:
valid = CryptEd25519.checkvalid(sign, data, publickey) valid = Ed25519.checkvalid(sign, data, publickey)
valid = 'SHA-256' valid = 'SHA-256'
except Exception as err: except Exception as err:
print(err) print(err)
valid = False valid = False
return valid return valid
## Onion Service V2
pub = rsa.PublicKey.load_pkcs1(publickey, format="DER") pub = rsa.PublicKey.load_pkcs1(publickey, format="DER")
try: try:
valid = rsa.pkcs1.verify(data, sign, pub) valid = rsa.pkcs1.verify(data, sign, pub)
except pkcs1.VerificationError: except pkcs1.VerificationError:
valid = False valid = False
return valid return valid
def privatekeyToPublickey(privatekey): def privatekeyToPublickey(privatekey):
from Crypt import CryptEd25519
import rsa import rsa
from rsa import pkcs1 from rsa import pkcs1
from lib import Ed25519
## Onion Service V3
if len(privatekey) == 88: if len(privatekey) == 88:
prv_key = base64.b64decode(privatekey) prv_key = base64.b64decode(privatekey)
pub_key = CryptEd25519.publickey_unsafe(prv_key) pub_key = Ed25519.publickey_unsafe(prv_key)
return pub_key return pub_key
## Onion Service V2
if "BEGIN RSA PRIVATE KEY" not in privatekey: if "BEGIN RSA PRIVATE KEY" not in privatekey:
privatekey = "-----BEGIN RSA PRIVATE KEY-----\n%s\n-----END RSA PRIVATE KEY-----" % privatekey privatekey = "-----BEGIN RSA PRIVATE KEY-----\n%s\n-----END RSA PRIVATE KEY-----" % privatekey
priv = rsa.PrivateKey.load_pkcs1(privatekey) priv = rsa.PrivateKey.load_pkcs1(privatekey)
pub = rsa.PublicKey(priv.n, priv.e) pub = rsa.PublicKey(priv.n, priv.e)
return pub.save_pkcs1("DER") return pub.save_pkcs1("DER")
def publickeyToOnion(publickey): def publickeyToOnion(publickey):
from Crypt import CryptEd25519 from lib import Ed25519
## Onion Service V3
if len(publickey) == 32: if len(publickey) == 32:
addr = CryptEd25519.publickey_to_onionaddress(publickey)[:-6] addr = Ed25519.publickey_to_onionaddress(publickey)[:-6]
return addr return addr
## Onion Service V2
return base64.b32encode(hashlib.sha1(publickey).digest()[:10]).lower().decode("ascii") return base64.b32encode(hashlib.sha1(publickey).digest()[:10]).lower().decode("ascii")

12
src/Test/TestTor.py
View file

@ -4,7 +4,7 @@ import pytest
import mock import mock
from File import FileServer from File import FileServer
from Crypt import CryptRsa from Crypt import CryptTor
from Config import config from Config import config
@pytest.mark.usefixtures("resetSettings") @pytest.mark.usefixtures("resetSettings")
@ -34,17 +34,17 @@ class TestTor:
address = tor_manager.addOnion() address = tor_manager.addOnion()
# Sign # Sign
sign = CryptRsa.sign(b"hello", tor_manager.getPrivatekey(address)) sign = CryptTor.sign(b"hello", tor_manager.getPrivatekey(address))
assert len(sign) == 128 assert len(sign) == 128
# Verify # Verify
publickey = CryptRsa.privatekeyToPublickey(tor_manager.getPrivatekey(address)) publickey = CryptTor.privatekeyToPublickey(tor_manager.getPrivatekey(address))
assert len(publickey) == 140 assert len(publickey) == 140
assert CryptRsa.verify(b"hello", publickey, sign) assert CryptTor.verify(b"hello", publickey, sign)
assert not CryptRsa.verify(b"not hello", publickey, sign) assert not CryptTor.verify(b"not hello", publickey, sign)
# Pub to address # Pub to address
assert CryptRsa.publickeyToOnion(publickey) == address assert CryptTor.publickeyToOnion(publickey) == address
# Delete # Delete
tor_manager.delOnion(address) tor_manager.delOnion(address)

8
src/Tor/TorManager.py
View file

@ -12,8 +12,10 @@ import atexit
import gevent import gevent
from Config import config from Config import config
from Crypt import CryptEd25519
from Crypt import CryptRsa from lib import Ed25519
from Crypt import CryptTor
from Site import SiteManager from Site import SiteManager
import socks import socks
from gevent.lock import RLock from gevent.lock import RLock
@ -272,7 +274,7 @@ class TorManager(object):
return self.privatekeys[address] return self.privatekeys[address]
def getPublickey(self, address): def getPublickey(self, address):
return CryptRsa.privatekeyToPublickey(self.privatekeys[address]) return CryptTor.privatekeyToPublickey(self.privatekeys[address])
def getOnion(self, site_address): def getOnion(self, site_address):
if not self.enabled: if not self.enabled:

0
src/Crypt/CryptEd25519.py → src/lib/Ed25519.py
View file