libricochet-go/utils/tor.go

package utils

import (
	"crypto/sha1"
	"crypto/sha512"
	"encoding/base32"
	"encoding/base64"
	"golang.org/x/crypto/ed25519"
	"golang.org/x/crypto/sha3"
	"strings"
)

// GetTorHostname takes a []byte contained a DER-encoded RSA public key
// and returns the first 16 bytes of the base32 encoded sha1 hash of the key.
// This is the onion hostname of the tor service represented by the public key.
func GetTorHostname(publicKeyBytes []byte) string {
	h := sha1.New()
	h.Write(publicKeyBytes)
	sha1bytes := h.Sum(nil)

	data := base32.StdEncoding.EncodeToString(sha1bytes)
	return strings.ToLower(data[0:16])
}

// Expand ed25519.PrivateKey to (a || RH) form, return base64
func expandKey(pri ed25519.PrivateKey) string {
	h := sha512.Sum512(pri[:32])
	// Set bits so that h[:32] is private scalar "a"
	h[0] &= 248
	h[31] &= 127
	h[31] |= 64
	// Since h[32:] is RH, h is now (a || RH)
	return base64.StdEncoding.EncodeToString(h[:])
}

// Hidden service version
const version = byte(0x03)

// Salt used to create checkdigits
const salt = ".onion checksum"

func getCheckdigits(pub ed25519.PublicKey) []byte {
	// Calculate checksum sha3(".onion checksum" || publicKey || version)
	checkstr := []byte(salt)
	checkstr = append(checkstr, pub...)
	checkstr = append(checkstr, version)
	checksum := sha3.Sum256(checkstr)
	return checksum[:2]
}

func GetTorV3Hostname(pub ed25519.PublicKey) string {
	// Construct onion address base32(publicKey || checkdigits || version)
	checkdigits := getCheckdigits(pub)
	combined := pub[:]
	combined = append(combined, checkdigits...)
	combined = append(combined, version)
	serviceID := base32.StdEncoding.EncodeToString(combined)
	return strings.ToLower(serviceID)
}
Refactor GoRicochet * New Service Interface * Server functionality * 90% Code Coverage * Regression Testing of Protocol Compliance 2016-06-27 01:56:23 +00:00			`package utils`

			`import (`
			`"crypto/sha1"`
v3 onions 2018-09-22 20:12:08 +00:00			`"crypto/sha512"`
Refactor GoRicochet * New Service Interface * Server functionality * 90% Code Coverage * Regression Testing of Protocol Compliance 2016-06-27 01:56:23 +00:00			`"encoding/base32"`
v3 onions 2018-09-22 20:12:08 +00:00			`"encoding/base64"`
			`"golang.org/x/crypto/ed25519"`
			`"golang.org/x/crypto/sha3"`
Refactor GoRicochet * New Service Interface * Server functionality * 90% Code Coverage * Regression Testing of Protocol Compliance 2016-06-27 01:56:23 +00:00			`"strings"`
			`)`

			`// GetTorHostname takes a []byte contained a DER-encoded RSA public key`
			`// and returns the first 16 bytes of the base32 encoded sha1 hash of the key.`
			`// This is the onion hostname of the tor service represented by the public key.`
			`func GetTorHostname(publicKeyBytes []byte) string {`
			`h := sha1.New()`
			`h.Write(publicKeyBytes)`
			`sha1bytes := h.Sum(nil)`

			`data := base32.StdEncoding.EncodeToString(sha1bytes)`
			`return strings.ToLower(data[0:16])`
			`}`
v3 onions 2018-09-22 20:12:08 +00:00
			`// Expand ed25519.PrivateKey to (a \|\| RH) form, return base64`
			`func expandKey(pri ed25519.PrivateKey) string {`
			`h := sha512.Sum512(pri[:32])`
			`// Set bits so that h[:32] is private scalar "a"`
			`h[0] &= 248`
			`h[31] &= 127`
			`h[31] \|= 64`
			`// Since h[32:] is RH, h is now (a \|\| RH)`
			`return base64.StdEncoding.EncodeToString(h[:])`
			`}`

			`// Hidden service version`
			`const version = byte(0x03)`

			`// Salt used to create checkdigits`
			`const salt = ".onion checksum"`

			`func getCheckdigits(pub ed25519.PublicKey) []byte {`
			`// Calculate checksum sha3(".onion checksum" \|\| publicKey \|\| version)`
			`checkstr := []byte(salt)`
			`checkstr = append(checkstr, pub...)`
			`checkstr = append(checkstr, version)`
			`checksum := sha3.Sum256(checkstr)`
			`return checksum[:2]`
			`}`

			`func GetTorV3Hostname(pub ed25519.PublicKey) string {`
			`// Construct onion address base32(publicKey \|\| checkdigits \|\| version)`
			`checkdigits := getCheckdigits(pub)`
			`combined := pub[:]`
			`combined = append(combined, checkdigits...)`
			`combined = append(combined, version)`
			`serviceID := base32.StdEncoding.EncodeToString(combined)`
			`return strings.ToLower(serviceID)`
			`}`