zolagonano
commented
2 years ago I tested it and it's working just fine.
Closed zolagonano closed 2 years ago
zolagonano
commented
2 years ago I tested it and it's working just fine.
canewsin
commented
2 years ago Ok, Some pit holes here I think removing rsa breaks functionality of verifying data signed by unpatched clients. Also signing with v3 keys are can't verifiable by unpatched clients.
zolagonano
commented
2 years ago Ok, Some pit holes here I think removing rsa breaks functionality of verifying data signed by unpatched clients. Also signing with v3 keys are can't verifiable by unpatched clients.
But, the unpatched clients cannot even connect to the Tor network because The Tor project has stopped the support of Onion Service V2 (which needed RSA). There is no need for verifying unpatched clients because there is no client with Onion Service V2.
Also, The RSA in dependencies is just used by CryptRsa which doesn't have anything to do with signing/verifying data, sslcrypto (which is used to encrypt connections with SSL-TLS) has its own RSA in the lib directory, so it doesn't need that dependency.
Onion Service V2 depreciation timeline: https://blog.torproject.org/v2-deprecation-timeline/
zolagonano
commented
2 years ago I don't know what data do you mean, if you mean sites data(like contect.json, index.html, etc) those are signed by ECDSA, not RSA.
canewsin
commented
2 years ago More than half of clients are using older version of ZeroNet, just an estimation. Tor even though stopped supporting v2, there are tor clients running v2(din't find the data, how many as of now), this is the reason for Zero Tor v2 Connections are available to communicate till today, lets take some stats from zerolink.ml for example, when i see the active connections for it, there are 100 active onion connections, out of those 20-30% are v3 connections remaining are all v2 conns.
zolagonano
commented
2 years ago More than half of clients are using older version of ZeroNet, just an estimation. Tor even though stopped supporting v2, there are tor clients running v2(din't find the data, how many as of now), this is the reason for Zero Tor v2 Connections are available to communicate till today, lets take some stats from zerolink.ml for example, when i see the active connections for it, there are 100 active onion connections, out of those 20-30% are v3 connections remaining are all v2 conns.
New tor clients cannot connect to Onion V2 anymore.
My tor logs when I want to connect into onion v2 domains:
Tried to connect to a v2 onion address, but this version of Tor no longer supports them. Please encourage the site operator to upgrade. For more information see https://blog.torproject.org/v2-deprecation-timeline.But you're right, someone might use this fork with an older version of Tor, i'll bring RSA support back to the CryptTor.
canewsin
commented
2 years ago I will suggest you one thing, create a new branch with above changes, create a pr with that, in future we don't need to rework it and pr can be simply merged.
canewsin
commented
2 years ago while working on adding/remove features, always prefer to create new branch while making prs.
Tor doesn't support Onion domains V2 anymore, so there was no need for RSA being in dependencies and supporting Onion V2 in CryptRsa. So, I removed support of Onion V2 and renamed CryptRsa into CryptTor. Also, I Moved CryptEd25519 into libraries.
Edit: I had to replace CryptRsa with CryptTor in some plugins, so I opened another PR in ZeroNetX/Zeronet-Plugins (https://github.com/ZeroNetX/ZeroNet-Plugins/pull/1).