Last active
December 16, 2015 14:49
-
-
Save DonnchaC/5451637 to your computer and use it in GitHub Desktop.
This is a simple Python port of the Tor's code for generating hidden service descriptor id's. Haven't tested this snippet so there might be a syntax error or something
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python | |
from time import time | |
from base64 import b32encode, b32decode, b16decode | |
from hashlib import sha1 | |
from struct import pack, unpack | |
# When provided with a Tor hidden service 'service_id', this script should output | |
# the desc_id's which clients would request at the current time . | |
# Based on rend_compute_v2_desc_id() from rendcommon.c in Tor source code. | |
def compute_desc_ids(service_id_base32, max_replicas, time = int(time()), descriptor_cookie = ""): | |
desc_ids = [] | |
for replica in range(0, max_replicas): | |
desc_ids.append(rend_compute_v2_desc_id(service_id_base32, replica, time, descriptor_cookie)) | |
return desc_ids | |
# Returns base_32 encode desc_id - descriptor-id = H(permanent-id | H(time-period | descriptor-cookie | replica)) | |
def rend_compute_v2_desc_id(service_id_base32, replica, time, descriptor_cookie):# | |
service_id = b32decode(service_id_base32, 1) | |
time_period = get_time_period(time, 0, service_id) | |
secret_id_part = get_secret_id_part_bytes(time_period, descriptor_cookie, replica) | |
desc_id = rend_get_descriptor_id_bytes(service_id, secret_id_part) | |
return b32encode(desc_id).lower() | |
# Calculates time period - time-period = (current-time + permanent-id-byte * 86400 / 256) / 86400 | |
def get_time_period(time, deviation, service_id): | |
REND_TIME_PERIOD_V2_DESC_VALIDITY = 24 * 60 * 60 | |
return int(((time + ((unpack('B', service_id[0])[0] * REND_TIME_PERIOD_V2_DESC_VALIDITY) ) / 256) ) / REND_TIME_PERIOD_V2_DESC_VALIDITY + deviation) | |
# Calculate secret_id_part - secret-id-part = H(time-period | descriptor-cookie | replica) | |
def get_secret_id_part_bytes(time_period, descriptor_cookie, replica): | |
secret_id_part = sha1() | |
secret_id_part.update(pack('>I', time_period)[:4]); | |
if descriptor_cookie: | |
secret_id_part.update(descriptor_cookie) | |
secret_id_part.update('{0:02X}'.format(replica).decode('hex')) | |
return secret_id_part.digest() | |
def rend_get_descriptor_id_bytes(service_id, secret_id_part): | |
descriptor_id = sha1() | |
descriptor_id.update(service_id) | |
descriptor_id.update(secret_id_part) | |
return descriptor_id.digest() | |
def main(): | |
REPLICAS = 2 | |
onion_address = "idnxcnkne4qt76tg.onion" | |
service_id, tld = onion_address.split(".") | |
if tld == 'onion' and len(service_id) == 16 and service_id.isalnum(): | |
desc_ids = compute_desc_ids(service_id, REPLICAS) | |
print desc_ids | |
main() |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The OR identity_digest is just the base32 encoding of the SHA1 hash of the OR public identity key. Same hash as the OR fingerprint, just base32 encoded rather than the base16 encoding of the fingerprint.