search

novitski / bitcoinj

Automatically exported from code.google.com/p/bitcoinj
Apache License 2.0
0 stars 0 forks source link

Add a Tor mode #499

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago 
Configuring bitcoinj use Tor is now easy, but it won't automatically detect and 
use Tor if it's running. If Tor is running, probably you want apps to use it, 
so we should probe the local SOCKS ports used by the default Tor setup and use 
them if available (and if Tor mode is on).

Original issue reported on code.google.com by hearn@google.com on 14 Dec 2013 at 11:07

GoogleCodeExporter commented 9 years ago 
Actually the best way to do this would be to use Orchid, a pure-Java Tor client 
implementation. That way users don't have to download or install Tor and it'd 
work out of the box on Android. This should be a very quick project (~1 or 2 
days assuming Orchid works well).

Original comment by mh.in.en...@gmail.com on 15 Jan 2014 at 6:35

GoogleCodeExporter commented 9 years ago 
That was easy. I checked in a few tweaks to the BlockingClient[Manager] classes 
to make it work with Orchid and now I have a wallet that connects via Tor with 
no other software running.

To use, grab my Orchid fork here:

https://github.com/mikehearn/Orchid

(it only has a single 1-liner method added), compile it using ant. 
Unfortunately there is no Maven build and it's not in Maven Central.

Add the JAR to your classpath. Then include the following code into your app:

    private TorClient initTor() throws Exception {
        // Oracle actually got permission to enable AES256 everywhere years ago anyway, they just didn't get around to
        // actually doing so yet!
        disableStupidExportControls();
        TorClient tor = new TorClient();
        tor.addInitializationListener(new TorInitializationListener() {
            @Override
            public void initializationProgress(String message, int percent) {
                System.out.println(">>> [ " + percent + "% ]: " + message);
            }

            @Override
            public void initializationCompleted() {
                System.out.println("Tor is ready to go!");
            }
        });
        tor.start();
        return tor;
    }

    private void disableStupidExportControls() throws Exception {
        Field gate = Class.forName("javax.crypto.JceSecurity").getDeclaredField("isRestricted");
        gate.setAccessible(true);
        gate.setBoolean(null, false);
        final Field allPerm = Class.forName("javax.crypto.CryptoAllPermission").getDeclaredField("INSTANCE");
        allPerm.setAccessible(true);
        Object accessAllAreasCard = allPerm.get(null);
        final Constructor<?> constructor = Class.forName("javax.crypto.CryptoPermissions").getDeclaredConstructor();
        constructor.setAccessible(true);
        Object coll = constructor.newInstance();
        Method addPerm = Class.forName("javax.crypto.CryptoPermissions").getDeclaredMethod("add", java.security.Permission.class);
        addPerm.setAccessible(true);
        addPerm.invoke(coll, accessAllAreasCard);
        Field defaultPolicy = Class.forName("javax.crypto.JceSecurity").getDeclaredField("defaultPolicy");
        defaultPolicy.setAccessible(true);
        defaultPolicy.set(null, coll);
    }

....

        TorClient tor = initTor();
        bitcoin = new WalletAppKit(params, OSUtils.APP_DIR, "main") {
            @Override
            protected PeerGroup createPeerGroup() {
                final BlockingClientManager manager = new BlockingClientManager(tor.getSocketFactory());
                manager.setConnectTimeoutMillis(20000);
                PeerGroup group = new PeerGroup(params, vChain, manager);
                group.setConnectTimeoutMillis(20000);
                return group;
            }
        };

I didn't try it on Android, but Orchid has references to Android in the code so 
I assume it would work (obviously the export control stuff is irrelevant there).

Original comment by hearn@google.com on 15 Jan 2014 at 11:17

GoogleCodeExporter commented 9 years ago 
Nice job on the Tor integration, I've done a test implementation and it works 
smoothly.

However, I've run into an issue when the seed nodes are hosted on tor hidden 
services (.onion hostname).

Getting this error:

E/DnsDiscovery﹕ [PeerGroup] Failed to look up DNS seeds from host.onion: 
java.net.UnknownHostException: Unable to resolve host "host.onion": No address 
associated with hostname

Original comment by eag...@gmail.com on 20 Mar 2014 at 5:28

GoogleCodeExporter commented 9 years ago 
Tor isn't really integrated yet, devrandom is working on that. DNS seed queries 
aren't routed via Tor yet, which is why you get that error. He's written a 
TorDnsDiscovery class that uses RESOLVE cells to randomly chosen exits.

I'm hoping we'll have Tor integrated way more tightly by the next release.

Original comment by mh.in.en...@gmail.com on 20 Mar 2014 at 5:34

GoogleCodeExporter commented 9 years ago 
OK, Tor integration is merged! There are some caveats though. It's not on by 
default for now until we have lots more testing. Orchid is large and we already 
know about some bugs and things that need tweaking:

https://groups.google.com/forum/#!topic/bitcoinj/XlL5jJs9ur8

Getting to the point where it can be enabled by default (if we ever do that at 
the library level) now boils down to testing and finding / squashing bugs in 
Orchid. So I'm marking this issue as resolved.

Original comment by mh.in.en...@gmail.com on 27 Apr 2014 at 5:09