Cloak/internal/server/auth.go

package server

import (
	"bytes"
	"crypto"
	"crypto/sha256"
	"encoding/binary"
	"log"

	"github.com/cbeuw/Cloak/internal/ecdh"
	"github.com/cbeuw/Cloak/internal/util"
)

// input ticket, return UID
func decryptSessionTicket(staticPv crypto.PrivateKey, ticket []byte) ([]byte, uint32, string, byte) {
	ephPub, _ := ecdh.Unmarshal(ticket[0:32])
	key := ecdh.GenerateSharedSecret(staticPv, ephPub)
	plain, err := util.AESGCMDecrypt(ticket[0:12], key, ticket[32:101])
	if err != nil {
		return nil, 0, "", 0x00
	}
	sessionID := binary.BigEndian.Uint32(plain[32:36])
	return plain[0:32], sessionID, string(bytes.Trim(plain[36:52], "\x00")), plain[52]
}

func validateRandom(random []byte, UID []byte, time int64) bool {
	t := make([]byte, 8)
	binary.BigEndian.PutUint64(t, uint64(time/(12*60*60)))
	rdm := random[0:16]
	preHash := make([]byte, 56)
	copy(preHash[0:32], UID)
	copy(preHash[32:40], t)
	copy(preHash[40:56], rdm)
	h := sha256.New()
	h.Write(preHash)
	return bytes.Equal(h.Sum(nil)[0:16], random[16:32])
}
func TouchStone(ch *ClientHello, sta *State) (isCK bool, UID []byte, sessionID uint32, proxyMethod string, encryptionMethod byte) {
	var random [32]byte
	copy(random[:], ch.random)

	sta.usedRandomM.Lock()
	used := sta.usedRandom[random]
	sta.usedRandom[random] = int(sta.Now().Unix())
	sta.usedRandomM.Unlock()

	if used != 0 {
		log.Println("Replay! Duplicate random")
		return
	}

	ticket := ch.extensions[[2]byte{0x00, 0x23}]
	if len(ticket) < 68 {
		return
	}
	UID, sessionID, proxyMethod, encryptionMethod = decryptSessionTicket(sta.staticPv, ticket)
	if len(UID) < 32 {
		return
	}
	isCK = validateRandom(ch.random, UID, sta.Now().Unix())
	if !isCK {
		return
	}

	return
}
Untested server 2018-10-09 15:07:54 +00:00			`package server`

			`import (`
			`"bytes"`
Use ECDH instead of ECIES 2018-10-14 19:32:54 +00:00			`"crypto"`
Untested server 2018-10-09 15:07:54 +00:00			`"crypto/sha256"`
			`"encoding/binary"`
			`"log"`
Use ECDH instead of ECIES 2018-10-14 19:32:54 +00:00
Remove ECDH as an external dependancy and include it as a internal package 2019-01-25 00:24:47 +00:00			`"github.com/cbeuw/Cloak/internal/ecdh"`
Use ECDH instead of ECIES 2018-10-14 19:32:54 +00:00			`"github.com/cbeuw/Cloak/internal/util"`
Untested server 2018-10-09 15:07:54 +00:00			`)`

QOS and user managing, bug fixes 2018-11-07 21:16:13 +00:00			`// input ticket, return UID`
Add optional encryption 2019-06-09 11:05:41 +00:00			`func decryptSessionTicket(staticPv crypto.PrivateKey, ticket []byte) ([]byte, uint32, string, byte) {`
Remove ECDH as an external dependancy and include it as a internal package 2019-01-25 00:24:47 +00:00			`ephPub, _ := ecdh.Unmarshal(ticket[0:32])`
			`key := ecdh.GenerateSharedSecret(staticPv, ephPub)`
Use AES-GCM instead of CTR 2019-06-09 14:03:28 +00:00			`plain, err := util.AESGCMDecrypt(ticket[0:12], key, ticket[32:101])`
			`if err != nil {`
			`return nil, 0, "", 0x00`
			`}`
Cloak 2: generalising cloak as a universal pluggable transport for arbitary proxies 2019-06-09 06:10:22 +00:00			`sessionID := binary.BigEndian.Uint32(plain[32:36])`
Add optional encryption 2019-06-09 11:05:41 +00:00			`return plain[0:32], sessionID, string(bytes.Trim(plain[36:52], "\x00")), plain[52]`
Untested server 2018-10-09 15:07:54 +00:00			`}`

QOS and user managing, bug fixes 2018-11-07 21:16:13 +00:00			`func validateRandom(random []byte, UID []byte, time int64) bool {`
Untested server 2018-10-09 15:07:54 +00:00			`t := make([]byte, 8)`
Use ECDH instead of ECIES 2018-10-14 19:32:54 +00:00			`binary.BigEndian.PutUint64(t, uint64(time/(126060)))`
			`rdm := random[0:16]`
Untested server 2018-10-09 15:07:54 +00:00			`preHash := make([]byte, 56)`
QOS and user managing, bug fixes 2018-11-07 21:16:13 +00:00			`copy(preHash[0:32], UID)`
Untested server 2018-10-09 15:07:54 +00:00			`copy(preHash[32:40], t)`
Use ECDH instead of ECIES 2018-10-14 19:32:54 +00:00			`copy(preHash[40:56], rdm)`
Untested server 2018-10-09 15:07:54 +00:00			`h := sha256.New()`
			`h.Write(preHash)`
			`return bytes.Equal(h.Sum(nil)[0:16], random[16:32])`
			`}`
Add optional encryption 2019-06-09 11:05:41 +00:00			`func TouchStone(ch ClientHello, sta State) (isCK bool, UID []byte, sessionID uint32, proxyMethod string, encryptionMethod byte) {`
Untested server 2018-10-09 15:07:54 +00:00			`var random [32]byte`
			`copy(random[:], ch.random)`
Remove reundancy and fix a race 2019-01-19 19:30:32 +00:00
			`sta.usedRandomM.Lock()`
			`used := sta.usedRandom[random]`
			`sta.usedRandom[random] = int(sta.Now().Unix())`
			`sta.usedRandomM.Unlock()`

Untested server 2018-10-09 15:07:54 +00:00			`if used != 0 {`
			`log.Println("Replay! Duplicate random")`
Add optional encryption 2019-06-09 11:05:41 +00:00			`return`
Untested server 2018-10-09 15:07:54 +00:00			`}`

drop aes encryption of headers 2018-10-20 20:41:01 +00:00			`ticket := ch.extensions[[2]byte{0x00, 0x23}]`
Fix a user input validation 2019-01-19 13:18:13 +00:00			`if len(ticket) < 68 {`
Add optional encryption 2019-06-09 11:05:41 +00:00			`return`
drop aes encryption of headers 2018-10-20 20:41:01 +00:00			`}`
Add optional encryption 2019-06-09 11:05:41 +00:00			`UID, sessionID, proxyMethod, encryptionMethod = decryptSessionTicket(sta.staticPv, ticket)`
Use AES-GCM instead of CTR 2019-06-09 14:03:28 +00:00			`if len(UID) < 32 {`
			`return`
			`}`
Cloak 2: generalising cloak as a universal pluggable transport for arbitary proxies 2019-06-09 06:10:22 +00:00			`isCK = validateRandom(ch.random, UID, sta.Now().Unix())`
			`if !isCK {`
Add optional encryption 2019-06-09 11:05:41 +00:00			`return`
Untested server 2018-10-09 15:07:54 +00:00			`}`

QOS and user managing, bug fixes 2018-11-07 21:16:13 +00:00			`return`
Untested server 2018-10-09 15:07:54 +00:00			`}`