如何从java中的公钥生成tor服务洋葱地址?

时间:2018-04-14 15:47:41

标签: java tor

我正在尝试生成从公钥生成的洋葱地址。

如果以下行添加到previous post中的代码中,就在 privateKeyEncoded 之后

String publicKeyEncoded = encoder.encodeToString(publicKey.getEncoded());

当我将 privateKeyEncoded 放入 / var / lib / tor / hidden_​​service / private_key 时,保存 publicKeyEncoded 并启动tor服务,创建一个新的洋葱地址。我试图获得与tor服务相同的洋葱地址以及从 publicKeyEncoded 创建的洋葱地址。使用此代码

import org.apache.commons.codec.binary.Base32;
import org.apache.commons.codec.binary.Base64;

//base64 string from the public key created
String publicKeyTest = "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCMnFkJTMZ2ZxnqLwCiB/EWHjsHbnC+sKEIrGbyOTYiTl3LygsekAX6LhgcllscLUFqSKlMRB3jRB0GAPrIc73E/hTnmWBtF8NT8DhZzl06LZ1BtNjfON1pHm87STMAayiSaXPmSOwIqOA89aJPcA9m4v4IhtjYSFXmCAsE4RqoAwIDAQAB";
//the onion address the tor service gives when the private key is used
String onionAddressTest = "qqkhrc4men3fiqyl";

byte[] publicKeyDecoded = Base64.decodeBase64(publicKeyTest);
MessageDigest messageDigest = MessageDigest.getInstance("SHA-1");
byte[] sha1hash = messageDigest.digest(publicKeyDecoded);
int numberOfCharacters = 10;
byte[] reducedHash = new byte[numberOfCharacters];
for(int i = 0; i < numberOfCharacters; i++) {
    reducedHash[i] = sha1hash[i];
}
Base32 base32encoder = new Base32();
String onionAddress = base32encoder.encodeAsString(reducedHash).toLowerCase();
System.out.println(onionAddress);  // but this gives "7j3iz4of464hje2e"

我已尝试使用spongycastle复制我的转化但得到相同的答案。这让我觉得我生成公钥的方式有问题,或者我从base64初始转换时出现了问题。

给定公钥( publicKeyTest )如何使用java获取洋葱地址( onionAddressTest )?

1 个答案:

答案 0 :(得分:2)

根据thisthis,您需要仅散列从Java调用它的X.509 SubjectPublicKeyInfo编码的偏移22 的部分&#39 ; X.509&#39;并通过OpenSSL称之为“PUBKEY&#39;”。我无法在此找到任何实际的Tor文档,但我不相信这可能是偶然的,这恰好是SPKI格式的RSA-1024密钥的算法相关数据的开始:

$ openssl asn1parse -i <49833260.b64
    0:d=0  hl=3 l= 159 cons: SEQUENCE
    3:d=1  hl=2 l=  13 cons:  SEQUENCE
    5:d=2  hl=2 l=   9 prim:   OBJECT            :rsaEncryption
   16:d=2  hl=2 l=   0 prim:   NULL
   18:d=1  hl=3 l= 141 prim:  BIT STRING
# 18 +3 for DER tag+len +1 for unusedbitcount in BITSTRING = 22
# and the content beginning at 22 is:
$ openssl asn1parse -i -strparse 22 <49833260.b64
    0:d=0  hl=3 l= 137 cons: SEQUENCE
    3:d=1  hl=3 l= 129 prim:  INTEGER           :8C9C59094CC6766719EA2F00A207F11
61E3B076E70BEB0A108AC66F23936224E5DCBCA0B1E9005FA2E181C965B1C2D416A48A94C441DE34
41D0600FAC873BDC4FE14E799606D17C353F03859CE5D3A2D9D41B4D8DF38DD691E6F3B4933006B2
8926973E648EC08A8E03CF5A24F700F66E2FE0886D8D84855E6080B04E11AA803
  135:d=1  hl=2 l=   3 prim:  INTEGER           :010001
# which is (exactly) the RSAPublicKey structure from PKCS1

所以要用Java做这个,你可以假设RSA-1024,或者用BouncyCastle(我假设,但是还没有经过测试,spongycastle)你可以正确地解析ASN.1:

byte[] pubkeyder = Base64.decode("MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCMnFkJTMZ2ZxnqLwCiB/EWHjsHbnC+sKEIrGbyOTYiTl3LygsekAX6LhgcllscLUFqSKlMRB3jRB0GAPrIc73E/hTnmWBtF8NT8DhZzl06LZ1BtNjfON1pHm87STMAayiSaXPmSOwIqOA89aJPcA9m4v4IhtjYSFXmCAsE4RqoAwIDAQAB");
MessageDigest sha1 = MessageDigest.getInstance("SHA1");
// method 1
byte[] x1 = sha1.digest (Arrays.copyOfRange(pubkeyder, 22, pubkeyder.length));
System.out.println (new String(b32enc(Arrays.copyOf(x1,10))).toLowerCase());
// method 2
byte[] x2 = sha1.digest (SubjectPublicKeyInfo.getInstance(pubkeyder).getPublicKeyData().getOctets());
System.out.println (new String(b32enc(Arrays.copyOf(x2,10))).toLowerCase());
-> 
qqkhrc4men3fiqyl
qqkhrc4men3fiqyl