Cloak/internal/client/auth.go

package client

import (
	"crypto/rand"
	"encoding/binary"
	"github.com/cbeuw/Cloak/internal/ecdh"
	"github.com/cbeuw/Cloak/internal/util"
	"sync/atomic"
)

const (
	UNORDERED_FLAG = 0x01 // 0000 0001
)

type chHiddenData struct {
	chRandom         []byte
	chSessionId      []byte
	chX25519KeyShare []byte
	chExtSNI         []byte
}

func makeHiddenData(sta *State) (ret chHiddenData, sharedSecret []byte) {
	// random is marshalled ephemeral pub key 32 bytes
	// TLSsessionID || keyShare is [encrypted UID 16 bytes, proxy method 12 bytes, encryption method 1 byte, timestamp 8 bytes, sessionID 4 bytes] [1 byte flag] [6 bytes reserved] [16 bytes authentication tag]
	ephPv, ephPub, _ := ecdh.GenerateKey(rand.Reader)
	ret.chRandom = ecdh.Marshal(ephPub)

	plaintext := make([]byte, 48)
	copy(plaintext, sta.UID)
	copy(plaintext[16:28], sta.ProxyMethod)
	plaintext[28] = sta.EncryptionMethod
	binary.BigEndian.PutUint64(plaintext[29:37], uint64(sta.now().Unix()))
	binary.BigEndian.PutUint32(plaintext[37:41], atomic.LoadUint32(&sta.SessionID))

	if sta.Unordered {
		plaintext[41] |= UNORDERED_FLAG
	}

	sharedSecret = ecdh.GenerateSharedSecret(ephPv, sta.staticPub)
	nonce := ret.chRandom[0:12]
	ciphertext, _ := util.AESGCMEncrypt(nonce, sharedSecret, plaintext)
	ret.chSessionId = ciphertext[0:32]
	ret.chX25519KeyShare = ciphertext[32:64]
	ret.chExtSNI = makeServerName(sta.ServerName)
	return
}
Untested client 2018-10-07 17:09:45 +00:00			`package client`

			`import (`
			`"crypto/rand"`
			`"encoding/binary"`
Remove ECDH as an external dependancy and include it as a internal package 2019-01-25 00:24:47 +00:00			`"github.com/cbeuw/Cloak/internal/ecdh"`
			`"github.com/cbeuw/Cloak/internal/util"`
TLS1.3 2019-08-02 00:01:19 +00:00			`"sync/atomic"`
Untested client 2018-10-07 17:09:45 +00:00			`)`

Add unordered mode 2019-08-12 21:43:16 +00:00			`const (`
			`UNORDERED_FLAG = 0x01 // 0000 0001`
			`)`

Refactor client ClientHello composition 2019-08-16 23:16:31 +00:00			`type chHiddenData struct {`
			`chRandom []byte`
			`chSessionId []byte`
			`chX25519KeyShare []byte`
			`chExtSNI []byte`
			`}`

			`func makeHiddenData(sta *State) (ret chHiddenData, sharedSecret []byte) {`
TLS1.3 2019-08-02 00:01:19 +00:00			`// random is marshalled ephemeral pub key 32 bytes`
Add unordered mode 2019-08-12 21:43:16 +00:00			`// TLSsessionID \|\| keyShare is [encrypted UID 16 bytes, proxy method 12 bytes, encryption method 1 byte, timestamp 8 bytes, sessionID 4 bytes] [1 byte flag] [6 bytes reserved] [16 bytes authentication tag]`
TLS1.3 2019-08-02 00:01:19 +00:00			`ephPv, ephPub, _ := ecdh.GenerateKey(rand.Reader)`
Refactor client ClientHello composition 2019-08-16 23:16:31 +00:00			`ret.chRandom = ecdh.Marshal(ephPub)`
TLS1.3 2019-08-02 00:01:19 +00:00
			`plaintext := make([]byte, 48)`
			`copy(plaintext, sta.UID)`
			`copy(plaintext[16:28], sta.ProxyMethod)`
			`plaintext[28] = sta.EncryptionMethod`
Unexport some client.State fields 2019-08-16 23:18:19 +00:00			`binary.BigEndian.PutUint64(plaintext[29:37], uint64(sta.now().Unix()))`
TLS1.3 2019-08-02 00:01:19 +00:00			`binary.BigEndian.PutUint32(plaintext[37:41], atomic.LoadUint32(&sta.SessionID))`

Add unordered mode 2019-08-12 21:43:16 +00:00			`if sta.Unordered {`
			`plaintext[41] \|= UNORDERED_FLAG`
			`}`

TLS1.3 2019-08-02 00:01:19 +00:00			`sharedSecret = ecdh.GenerateSharedSecret(ephPv, sta.staticPub)`
Refactor client ClientHello composition 2019-08-16 23:16:31 +00:00			`nonce := ret.chRandom[0:12]`
TLS1.3 2019-08-02 00:01:19 +00:00			`ciphertext, _ := util.AESGCMEncrypt(nonce, sharedSecret, plaintext)`
Refactor client ClientHello composition 2019-08-16 23:16:31 +00:00			`ret.chSessionId = ciphertext[0:32]`
			`ret.chX25519KeyShare = ciphertext[32:64]`
			`ret.chExtSNI = makeServerName(sta.ServerName)`
TLS1.3 2019-08-02 00:01:19 +00:00			`return`
Untested client 2018-10-07 17:09:45 +00:00			`}`