如何从java中的公钥生成tor服务洋葱地址? [英] How to generate a tor service onion address from the public key in java?

问题描述

我正在尝试生成从公钥生成的洋葱地址.

I am trying to generate the onion address that is generated from a public key.

如果以下行被添加到上一篇，紧接在privateKeyEncoded

If the following line is added to the code in a previous post, just after privateKeyEncoded

String publicKeyEncoded = encoder.encodeToString(publicKey.getEncoded());

当我将privateKeyEncoded放入/var/lib/tor/hidden_​​service/private_key时，保存publicKeyEncoded并启动tor服务，创建一个新的洋葱地址.我正在尝试获取与 Tor 服务相同的洋葱地址，以及从 publicKeyEncoded 创建的洋葱地址.使用此代码

When I put the privateKeyEncoded into the /var/lib/tor/hidden_service/private_key, save the publicKeyEncoded and start the tor service, a new onion address is created. I am trying to get the same onion address as the tor service and from one created from the publicKeyEncoded. Using this code

import org.apache.commons.codec.binary.Base32;
import org.apache.commons.codec.binary.Base64;

//base64 string from the public key created
String publicKeyTest = "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCMnFkJTMZ2ZxnqLwCiB/EWHjsHbnC+sKEIrGbyOTYiTl3LygsekAX6LhgcllscLUFqSKlMRB3jRB0GAPrIc73E/hTnmWBtF8NT8DhZzl06LZ1BtNjfON1pHm87STMAayiSaXPmSOwIqOA89aJPcA9m4v4IhtjYSFXmCAsE4RqoAwIDAQAB";
//the onion address the tor service gives when the private key is used
String onionAddressTest = "qqkhrc4men3fiqyl";

byte[] publicKeyDecoded = Base64.decodeBase64(publicKeyTest);
MessageDigest messageDigest = MessageDigest.getInstance("SHA-1");
byte[] sha1hash = messageDigest.digest(publicKeyDecoded);
int numberOfCharacters = 10;
byte[] reducedHash = new byte[numberOfCharacters];
for(int i = 0; i < numberOfCharacters; i++) {
    reducedHash[i] = sha1hash[i];
}
Base32 base32encoder = new Base32();
String onionAddress = base32encoder.encodeAsString(reducedHash).toLowerCase();
System.out.println(onionAddress);  // but this gives "7j3iz4of464hje2e"

我尝试使用 spongycastle 来复制我的转换，但得到了相同的答案.这让我觉得我生成公钥的方式有问题，或者我从 base64 的初始转换有问题.

I've tried using spongycastle to replicate my conversion but get the same answer. Which makes me think there's something wrong with how I generate the public key or there's something wrong in my initial conversion from base64.

给定公钥(publicKeyTest)，如何使用java获取洋葱地址(onionAddressTest)?

Given the public key (publicKeyTest) how can you get the onion address (onionAddressTest) using java?

推荐答案

根据this和这个你需要仅散列从 X.509 SubjectPublicKeyInfo 编码的偏移量 22 开始的部分，Java 使用的将其称为X.509"，OpenSSL 将其称为PUBKEY".我在这方面找不到任何实际的 Tor 文档，但我认为这正是 RSA-1024 密钥的 SPKI 格式的算法相关数据的开始，这绝非偶然:

According to this and this you need to hash only the part starting at offset 22 of the X.509 SubjectPublicKeyInfo encoding used by Java which calls it 'X.509' and by OpenSSL which calls it 'PUBKEY'. I can't find any actual Tor doc on this, but I don't believe it can be accidental that this is exactly the beginning of the algorithm-dependent data in SPKI format for an RSA-1024 key:

$ openssl asn1parse -i <49833260.b64
    0:d=0  hl=3 l= 159 cons: SEQUENCE
    3:d=1  hl=2 l=  13 cons:  SEQUENCE
    5:d=2  hl=2 l=   9 prim:   OBJECT            :rsaEncryption
   16:d=2  hl=2 l=   0 prim:   NULL
   18:d=1  hl=3 l= 141 prim:  BIT STRING
# 18 +3 for DER tag+len +1 for unusedbitcount in BITSTRING = 22
# and the content beginning at 22 is:
$ openssl asn1parse -i -strparse 22 <49833260.b64
    0:d=0  hl=3 l= 137 cons: SEQUENCE
    3:d=1  hl=3 l= 129 prim:  INTEGER           :8C9C59094CC6766719EA2F00A207F11
61E3B076E70BEB0A108AC66F23936224E5DCBCA0B1E9005FA2E181C965B1C2D416A48A94C441DE34
41D0600FAC873BDC4FE14E799606D17C353F03859CE5D3A2D9D41B4D8DF38DD691E6F3B4933006B2
8926973E648EC08A8E03CF5A24F700F66E2FE0886D8D84855E6080B04E11AA803
  135:d=1  hl=2 l=   3 prim:  INTEGER           :010001
# which is (exactly) the RSAPublicKey structure from PKCS1

因此，要在 Java 中执行此操作，您可以假设使用 RSA-1024，或者使用 BouncyCastle(我假设，但尚未测试过，spongycastle)您实际上可以正确解析 ASN.1:

So to do this in Java you can just assume RSA-1024, or with BouncyCastle (and I assume, but haven't tested, spongycastle as well) you can actually parse the ASN.1 properly:

<代码>字节[] pubkeyder = Base64.decode( MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCMnFkJTMZ2ZxnqLwCiB/EWHjsHbnC + sKEIrGbyOTYiTl3LygsekAX6LhgcllscLUFqSKlMRB3jRB0GAPrIc73E/hTnmWBtF8NT8DhZzl06LZ1BtNjfON1pHm87STMAayiSaXPmSOwIqOA89aJPcA9m4v4IhtjYSFXmCAsE4RqoAwIDAQAB");MessageDigest sha1 = MessageDigest.getInstance("SHA1");//方法一byte[] x1 = sha1.digest (Arrays.copyOfRange(pubkeyder, 22, pubkeyder.length));System.out.println (new String(b32enc(Arrays.copyOf(x1,10))).toLowerCase());//方法二byte[] x2 = sha1.digest (SubjectPublicKeyInfo.getInstance(pubkeyder).getPublicKeyData().getOc​​tets());System.out.println (new String(b32enc(Arrays.copyOf(x2,10))).toLowerCase());->qqkhrc4men3fiqylqqkhrc4men3fiqyl

这篇关于如何从java中的公钥生成tor服务洋葱地址?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！