Cloak/internal/multiplex/obfs.go

package multiplex

import (
	"crypto/rand"
	"crypto/sha1"
	"encoding/binary"
	"errors"
)

type Obfser func(*Frame) ([]byte, error)
type Deobfser func([]byte) (*Frame, error)

var u32 = binary.BigEndian.Uint32
var putU32 = binary.BigEndian.PutUint32

const headerLen = 12

func genXorKey(key, salt []byte) []byte {
	h := sha1.New()
	h.Write(append(key, salt...))
	return h.Sum(nil)[:12]
}

func xor(a []byte, b []byte) {
	for i := range a {
		a[i] ^= b[i]
	}
}

func MakeObfs(key []byte, algo Crypto) Obfser {
	obfs := func(f *Frame) ([]byte, error) {
		// header: [StreamID 4 bytes][Seq 4 bytes][Closing 1 byte][random 3 bytes]
		header := make([]byte, headerLen)
		putU32(header[0:4], f.StreamID)
		putU32(header[4:8], f.Seq)
		header[8] = f.Closing
		rand.Read(header[9:12])

		encryptedPayload, err := algo.encrypt(f.Payload, header)
		if err != nil {
			return nil, err
		}

		cKey := make([]byte, len(key))
		copy(cKey, key)
		salt := encryptedPayload[len(encryptedPayload)-16:]
		xorKey := genXorKey(cKey, salt)
		xor(header, xorKey)

		// Composing final obfsed message
		// We don't use util.AddRecordLayer here to avoid unnecessary malloc
		// TODO: allocate this in the beginning and do everything in place
		obfsed := make([]byte, 5+headerLen+len(encryptedPayload))
		obfsed[0] = 0x17
		obfsed[1] = 0x03
		obfsed[2] = 0x03
		binary.BigEndian.PutUint16(obfsed[3:5], uint16(headerLen+len(encryptedPayload)))
		copy(obfsed[5:5+headerLen], header)
		copy(obfsed[5+headerLen:], encryptedPayload)
		// obfsed: [record layer 5 bytes][obfsedheader 12 bytes][payload]
		return obfsed, nil
	}
	return obfs
}

func MakeDeobfs(key []byte, algo Crypto) Deobfser {
	deobfs := func(in []byte) (*Frame, error) {
		if len(in) < 5+headerLen+16 {
			return nil, errors.New("Input cannot be shorter than 33 bytes")
		}
		peeled := in[5:]

		header := peeled[0:12]
		payload := peeled[12:]
		salt := peeled[len(peeled)-16:]

		cKey := make([]byte, len(key))
		copy(cKey, key)
		xorKey := genXorKey(cKey, salt)
		xor(header, xorKey)

		streamID := u32(header[0:4])
		seq := u32(header[4:8])
		closing := header[8]

		decryptedPayload, err := algo.decrypt(payload, header)
		if err != nil {
			return nil, err
		}

		outputPayload := make([]byte, len(decryptedPayload))
		copy(outputPayload, decryptedPayload)

		ret := &Frame{
			StreamID: streamID,
			Seq:      seq,
			Closing:  closing,
			Payload:  outputPayload,
		}
		return ret, nil
	}
	return deobfs
}
Refactor MakeObfs and MakeDeobfs 2018-12-09 23:45:06 +00:00			`package multiplex`
Untested client 2018-10-07 17:09:45 +00:00
			`import (`
Redo the header obfuscation. Fix hiccups caused by short packets 2019-01-06 01:40:27 +00:00			`"crypto/rand"`
			`"crypto/sha1"`
Untested client 2018-10-07 17:09:45 +00:00			`"encoding/binary"`
Refactor MakeObfs and MakeDeobfs 2018-12-09 23:45:06 +00:00			`"errors"`
Untested client 2018-10-07 17:09:45 +00:00			`)`

Refactor MakeObfs and MakeDeobfs 2018-12-09 23:45:06 +00:00			`type Obfser func(*Frame) ([]byte, error)`
			`type Deobfser func([]byte) (*Frame, error)`

Redo the header obfuscation. Fix hiccups caused by short packets 2019-01-06 01:40:27 +00:00			`var u32 = binary.BigEndian.Uint32`
Improve the security of header obfuscation 2019-06-14 09:48:59 +00:00			`var putU32 = binary.BigEndian.PutUint32`
Redo the header obfuscation. Fix hiccups caused by short packets 2019-01-06 01:40:27 +00:00
Change the stream header format and reduce overhead 2019-01-13 21:28:57 +00:00			`const headerLen = 12`

Improve the security of header obfuscation 2019-06-14 09:48:59 +00:00			`func genXorKey(key, salt []byte) []byte {`
Redo the header obfuscation. Fix hiccups caused by short packets 2019-01-06 01:40:27 +00:00			`h := sha1.New()`
Improve the security of header obfuscation 2019-06-14 09:48:59 +00:00			`h.Write(append(key, salt...))`
			`return h.Sum(nil)[:12]`
			`}`

			`func xor(a []byte, b []byte) {`
			`for i := range a {`
			`a[i] ^= b[i]`
			`}`
Untested client 2018-10-07 17:09:45 +00:00			`}`

Add optional encryption 2019-06-09 11:05:41 +00:00			`func MakeObfs(key []byte, algo Crypto) Obfser {`
Refactor MakeObfs and MakeDeobfs 2018-12-09 23:45:06 +00:00			`obfs := func(f *Frame) ([]byte, error) {`
Improve the security of header obfuscation 2019-06-14 09:48:59 +00:00			`// header: [StreamID 4 bytes][Seq 4 bytes][Closing 1 byte][random 3 bytes]`
			`header := make([]byte, headerLen)`
			`putU32(header[0:4], f.StreamID)`
			`putU32(header[4:8], f.Seq)`
			`header[8] = f.Closing`
			`rand.Read(header[9:12])`

			`encryptedPayload, err := algo.encrypt(f.Payload, header)`
Use AES-GCM instead of CTR 2019-06-09 14:03:28 +00:00			`if err != nil {`
			`return nil, err`
			`}`
Add optional encryption 2019-06-09 11:05:41 +00:00
Solve a data race 2019-06-15 01:52:46 +00:00			`cKey := make([]byte, len(key))`
			`copy(cKey, key)`
Improve the security of header obfuscation 2019-06-14 09:48:59 +00:00			`salt := encryptedPayload[len(encryptedPayload)-16:]`
Solve a data race 2019-06-15 01:52:46 +00:00			`xorKey := genXorKey(cKey, salt)`
Improve the security of header obfuscation 2019-06-14 09:48:59 +00:00			`xor(header, xorKey)`

optimisations 2018-10-20 16:03:39 +00:00			`// Composing final obfsed message`
			`// We don't use util.AddRecordLayer here to avoid unnecessary malloc`
Support Chaha20-Poly1305 2019-06-14 10:26:26 +00:00			`// TODO: allocate this in the beginning and do everything in place`
Add optional encryption 2019-06-09 11:05:41 +00:00			`obfsed := make([]byte, 5+headerLen+len(encryptedPayload))`
optimisations 2018-10-20 16:03:39 +00:00			`obfsed[0] = 0x17`
			`obfsed[1] = 0x03`
			`obfsed[2] = 0x03`
Add optional encryption 2019-06-09 11:05:41 +00:00			`binary.BigEndian.PutUint16(obfsed[3:5], uint16(headerLen+len(encryptedPayload)))`
Improve the security of header obfuscation 2019-06-14 09:48:59 +00:00			`copy(obfsed[5:5+headerLen], header)`
Add optional encryption 2019-06-09 11:05:41 +00:00			`copy(obfsed[5+headerLen:], encryptedPayload)`
Improve the security of header obfuscation 2019-06-14 09:48:59 +00:00			`// obfsed: [record layer 5 bytes][obfsedheader 12 bytes][payload]`
Refactor MakeObfs and MakeDeobfs 2018-12-09 23:45:06 +00:00			`return obfsed, nil`
Untested client 2018-10-07 17:09:45 +00:00			`}`
			`return obfs`
			`}`

Add optional encryption 2019-06-09 11:05:41 +00:00			`func MakeDeobfs(key []byte, algo Crypto) Deobfser {`
Refactor MakeObfs and MakeDeobfs 2018-12-09 23:45:06 +00:00			`deobfs := func(in []byte) (*Frame, error) {`
Improve the security of header obfuscation 2019-06-14 09:48:59 +00:00			`if len(in) < 5+headerLen+16 {`
			`return nil, errors.New("Input cannot be shorter than 33 bytes")`
Refactor MakeObfs and MakeDeobfs 2018-12-09 23:45:06 +00:00			`}`
optimisations 2018-10-20 16:03:39 +00:00			`peeled := in[5:]`
Improve the security of header obfuscation 2019-06-14 09:48:59 +00:00
			`header := peeled[0:12]`
			`payload := peeled[12:]`
			`salt := peeled[len(peeled)-16:]`

Solve a data race 2019-06-15 01:52:46 +00:00			`cKey := make([]byte, len(key))`
			`copy(cKey, key)`
			`xorKey := genXorKey(cKey, salt)`
Improve the security of header obfuscation 2019-06-14 09:48:59 +00:00			`xor(header, xorKey)`

			`streamID := u32(header[0:4])`
			`seq := u32(header[4:8])`
			`closing := header[8]`

			`decryptedPayload, err := algo.decrypt(payload, header)`
Use AES-GCM instead of CTR 2019-06-09 14:03:28 +00:00			`if err != nil {`
			`return nil, err`
			`}`
Add optional encryption 2019-06-09 11:05:41 +00:00
I just did a joint and I need to commit before things go wrong 2019-06-14 12:28:14 +00:00			`outputPayload := make([]byte, len(decryptedPayload))`
			`copy(outputPayload, decryptedPayload)`

Refactor MakeObfs and MakeDeobfs 2018-12-09 23:45:06 +00:00			`ret := &Frame{`
Stream closing is now ordered 2018-10-27 22:35:46 +00:00			`StreamID: streamID,`
			`Seq: seq,`
			`Closing: closing,`
I just did a joint and I need to commit before things go wrong 2019-06-14 12:28:14 +00:00			`Payload: outputPayload,`
Untested client 2018-10-07 17:09:45 +00:00			`}`
Refactor MakeObfs and MakeDeobfs 2018-12-09 23:45:06 +00:00			`return ret, nil`
Untested client 2018-10-07 17:09:45 +00:00			`}`
			`return deobfs`
			`}`