Drop v2 onion support
This commit is contained in:
@ -5,7 +5,7 @@ const DBUSER='hosting'; // Database user
|
||||
const DBPASS='MY_PASSWORD'; // Database password
|
||||
const DBNAME='hosting'; // Database
|
||||
const PERSISTENT=true; // Use persistent database conection true/false
|
||||
const DBVERSION=20; //database layout version
|
||||
const DBVERSION=21; //database layout version
|
||||
const CAPTCHA=1; // Captcha difficulty (0=off, 1=simple, 2=moderate, 3=extreme)
|
||||
const ADDRESS='dhosting4xxoydyaivckq7tsmtgi4wfs3flpeyitekkmqwu4v4r46syd.onion'; // our own address
|
||||
const CANONICAL_URL='https://hosting.danwin1210.me'; // our preferred domain for search engines
|
||||
@ -139,14 +139,6 @@ bindtextdomain('hosting', __DIR__.'/locale');
|
||||
bind_textdomain_codeset('hosting', 'UTF-8');
|
||||
textdomain('hosting');
|
||||
|
||||
function get_onion_v2($pkey) : string {
|
||||
$keyData = openssl_pkey_get_details($pkey);
|
||||
$pk = base64_decode(substr($keyData['key'], 27, -26));
|
||||
$skipped_first_22 = substr($pk, 22);
|
||||
$first_80_bits_of_sha1 = hex2bin(substr(sha1($skipped_first_22), 0, 20));
|
||||
return base32_encode($first_80_bits_of_sha1);
|
||||
}
|
||||
|
||||
function get_onion_v3(string $sk) : string {
|
||||
if(PHP_INT_SIZE === 4){
|
||||
$pk = ParagonIE_Sodium_Core32_Ed25519::sk_to_pk($sk);
|
||||
@ -420,47 +412,7 @@ function private_key_to_onion(string $priv_key) : array {
|
||||
$onion = '';
|
||||
$priv_key = trim($priv_key);
|
||||
$version = 0;
|
||||
if(($pkey = openssl_pkey_get_private($priv_key)) !== false){
|
||||
$version = 2;
|
||||
$details = openssl_pkey_get_details($pkey);
|
||||
if($details['type'] === OPENSSL_KEYTYPE_RSA){
|
||||
$p = gmp_init(bin2hex($details['rsa']['p']), 16);
|
||||
$q = gmp_init(bin2hex($details['rsa']['q']), 16);
|
||||
$n = gmp_init(bin2hex($details['rsa']['n']), 16);
|
||||
$d = gmp_init(bin2hex($details['rsa']['d']), 16);
|
||||
$dmp1 = gmp_init(bin2hex($details['rsa']['dmp1']), 16);
|
||||
$dmq1 = gmp_init(bin2hex($details['rsa']['dmq1']), 16);
|
||||
$iqmp = gmp_init(bin2hex($details['rsa']['iqmp']), 16);
|
||||
}
|
||||
if($details['type'] !== OPENSSL_KEYTYPE_RSA){
|
||||
$message = 'Error: private key is not an RSA key.';
|
||||
$ok = false;
|
||||
}elseif($details['bits'] !== 1024){
|
||||
$message = 'Error: private key not of bitsize 1024.';
|
||||
$ok = false;
|
||||
}elseif(gmp_prob_prime($p) === 0){
|
||||
$message = 'Error: p is not a prime';
|
||||
$ok = false;
|
||||
}elseif(gmp_prob_prime($q) === 0){
|
||||
$message = 'Error: q is not a prime';
|
||||
$ok = false;
|
||||
}elseif(gmp_cmp($n, gmp_mul($p, $q) ) !== 0){
|
||||
$message = 'Error: n does not equal p q';
|
||||
$ok = false;
|
||||
}elseif(gmp_cmp($dmp1, gmp_mod($d, gmp_sub($p, 1) ) ) !==0 ){
|
||||
$message = 'Error: dmp1 invalid';
|
||||
$ok = false;
|
||||
}elseif(gmp_cmp($dmq1, gmp_mod($d, gmp_sub($q, 1) ) ) !== 0){
|
||||
$message = 'Error: dmq1 invalid';
|
||||
$ok = false;
|
||||
}elseif(gmp_cmp($iqmp, gmp_invert($q, $p) ) !==0 ){
|
||||
$message = 'Error: iqmp not inverse of q';
|
||||
$ok = false;
|
||||
}else{
|
||||
$onion = get_onion_v2($pkey);
|
||||
}
|
||||
return ['ok' => $ok, 'message' => $message, 'onion' => $onion, 'version' => $version];
|
||||
} elseif(($priv = base64_decode($priv_key, true)) !== false){
|
||||
if(($priv = base64_decode($priv_key, true)) !== false){
|
||||
$version = 3;
|
||||
if( ! str_starts_with( $priv, '== ed25519v1-secret: type0 ==' . hex2bin( '000000' ) ) || strlen($priv) !== 96){
|
||||
$message = 'Error: v3 secret key invalid.';
|
||||
@ -478,11 +430,7 @@ function private_key_to_onion(string $priv_key) : array {
|
||||
function generate_new_onion(int $version = 3) : array {
|
||||
$priv_key = '';
|
||||
$onion = '';
|
||||
if($version === 2){
|
||||
$pkey = openssl_pkey_new(['private_key_bits' => 1024, 'private_key_type' => OPENSSL_KEYTYPE_RSA]);
|
||||
openssl_pkey_export($pkey, $priv_key);
|
||||
$onion = get_onion_v2($pkey);
|
||||
} else {
|
||||
if($version === 3){
|
||||
$seed = random_bytes(32);
|
||||
$sk = ed25519_seckey_expand($seed);
|
||||
$priv_key = base64_encode('== ed25519v1-secret: type0 ==' . hex2bin('000000') . $sk);
|
||||
|
||||
@ -68,7 +68,7 @@ if(isset($_POST['action']) && $_POST['action']==='add_onion'){
|
||||
}
|
||||
}else{
|
||||
$onion_version = 3;
|
||||
if(isset($_REQUEST['onion_type']) && in_array($_REQUEST['onion_type'], [2, 3])){
|
||||
if(isset($_REQUEST['onion_type']) && in_array($_REQUEST['onion_type'], [3])){
|
||||
$onion_version = $_REQUEST['onion_type'];
|
||||
}
|
||||
$check=$db->prepare('SELECT null FROM onions WHERE onion=?;');
|
||||
@ -210,9 +210,6 @@ if($count_onions<MAX_NUM_USER_ONIONS){
|
||||
echo '<label><input type="radio" name="onion_type" value="3"';
|
||||
echo (!isset($_POST['onion_type']) || $_POST['onion_type']==3) ? ' checked' : '';
|
||||
echo '>'._('Random v3 Address').'</label>';
|
||||
echo '<label><input type="radio" name="onion_type" value="2"';
|
||||
echo isset($_POST['onion_type']) && $_POST['onion_type']==2 ? ' checked' : '';
|
||||
echo '>'._('Random v2 Address').'</label>';
|
||||
echo '<label><input id="custom_onion" type="radio" name="onion_type" value="custom"';
|
||||
echo isset($_POST['onion_type']) && $_POST['onion_type']==='custom' ? ' checked' : '';
|
||||
echo '>'._('Custom private key');
|
||||
|
||||
@ -74,7 +74,7 @@ if($_SERVER['REQUEST_METHOD']==='POST'){
|
||||
}
|
||||
}
|
||||
}else{
|
||||
if(isset($_REQUEST['onion_type']) && in_array($_REQUEST['onion_type'], [2, 3])){
|
||||
if(isset($_REQUEST['onion_type']) && in_array($_REQUEST['onion_type'], [3])){
|
||||
$onion_version = $_REQUEST['onion_type'];
|
||||
}
|
||||
$check=$db->prepare('SELECT null FROM onions WHERE onion=?;');
|
||||
@ -148,7 +148,6 @@ foreach(PHP_VERSIONS as $key => $version){
|
||||
<tr><td colspan=2><label><input type="checkbox" name="autoindex" value="1"<?php echo $autoindex; ?>><?php echo _('Enable autoindex (listing of files)'); ?></label></td></tr>
|
||||
<tr><td colspan=2><?php echo _('Type of hidden service:'); ?><br>
|
||||
<label><input type="radio" name="onion_type" value="3"<?php echo (!isset($_POST['onion_type']) || $_POST['onion_type']==3) ? ' checked' : ''; ?>><?php echo _('Random v3 Address'); ?></label>
|
||||
<label><input type="radio" name="onion_type" value="2"<?php echo isset($_POST['onion_type']) && $_POST['onion_type']==2 ? ' checked' : ''; ?>><?php echo _('Random v2 Address'); ?></label>
|
||||
<label><input id="custom_onion" type="radio" name="onion_type" value="custom"<?php echo isset($_POST['onion_type']) && $_POST['onion_type']==='custom' ? ' checked' : ''; ?>><?php echo _('Custom private key'); ?>
|
||||
<textarea id="private_key" name="private_key" rows="5" cols="28">
|
||||
<?php echo isset($_REQUEST['private_key']) ? htmlspecialchars($_REQUEST['private_key']) : ''; ?>
|
||||
|
||||
@ -156,6 +156,9 @@ if(!$version){
|
||||
if($version<20){
|
||||
$db->exec("ALTER TABLE onions CHANGE max_streams max_streams tinyint(3) unsigned NOT NULL DEFAULT '6';");
|
||||
}
|
||||
if($version<21){
|
||||
$db->exec('UPDATE onions SET enabled=-1 WHERE version = 2;');
|
||||
}
|
||||
$stmt=$db->prepare("UPDATE settings SET value=? WHERE setting='version';");
|
||||
$stmt->execute([DBVERSION]);
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user