-
Notifications
You must be signed in to change notification settings - Fork 116
/
tor.go
91 lines (80 loc) · 2.51 KB
/
tor.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
package main
import (
"context"
"crypto/ed25519"
"crypto/rand"
"crypto/x509"
"encoding/pem"
"fmt"
"io/ioutil"
"net/http"
"time"
"github.com/clementauger/tor-prebuilt/embedded"
"github.com/cretz/bine/tor"
"github.com/cretz/bine/torutil"
tued25519 "github.com/cretz/bine/torutil/ed25519"
"github.com/knadh/niltalk/store"
)
func getOrCreatePK(store store.Store) (privateKey ed25519.PrivateKey, err error) {
key := "onionkey"
d, err := store.Get(key)
if len(d) == 0 || err != nil {
_, privateKey, err = ed25519.GenerateKey(rand.Reader)
if err != nil {
return nil, err
}
var x509Encoded []byte
x509Encoded, err = x509.MarshalPKCS8PrivateKey(privateKey)
if err != nil {
return nil, err
}
pemEncoded := pem.EncodeToMemory(&pem.Block{Type: "ED25519 PRIVATE KEY", Bytes: x509Encoded})
err = store.Set(key, pemEncoded)
} else {
block, _ := pem.Decode(d)
x509Encoded := block.Bytes
var tPk interface{}
tPk, err = x509.ParsePKCS8PrivateKey(x509Encoded)
if err != nil {
return nil, err
}
if x, ok := tPk.(ed25519.PrivateKey); ok {
privateKey = x
} else {
err = fmt.Errorf("invalid key type %T wanted ed25519.PrivateKey", tPk)
}
}
return privateKey, err
}
type torServer struct {
Handler http.Handler
// PrivateKey path to a pem encoded ed25519 private key
PrivateKey ed25519.PrivateKey
}
func onionAddr(pk ed25519.PrivateKey) string {
return torutil.OnionServiceIDFromV3PublicKey(tued25519.PublicKey([]byte(pk.Public().(ed25519.PublicKey))))
}
func (ts *torServer) ListenAndServe() error {
d, err := ioutil.TempDir("", "")
if err != nil {
return err
}
// Start tor with default config (can set start conf's DebugWriter to os.Stdout for debug logs)
// fmt.Println("Starting and registering onion service, please wait a couple of minutes...")
t, err := tor.Start(nil, &tor.StartConf{TempDataDirBase: d, ProcessCreator: embedded.NewCreator(), NoHush: true})
if err != nil {
return fmt.Errorf("unable to start Tor: %v", err)
}
defer t.Close()
// Wait at most a few minutes to publish the service
listenCtx, listenCancel := context.WithTimeout(context.Background(), 3*time.Minute)
defer listenCancel()
// Create a v3 onion service to listen on any port but show as 80
onion, err := t.Listen(listenCtx, &tor.ListenConf{Key: ts.PrivateKey, Version3: true, RemotePorts: []int{80}})
if err != nil {
return fmt.Errorf("unable to create onion service: %v", err)
}
defer onion.Close()
// fmt.Printf("server listening at http://%v.onion\n", onion.ID)
return http.Serve(onion, ts.Handler)
}