Cloak/internal/client/state.go

package client

import (
	"crypto"
	"encoding/base64"
	"encoding/json"
	"errors"
	"io/ioutil"
	"strings"
	"time"

	"github.com/cbeuw/Cloak/internal/ecdh"
	mux "github.com/cbeuw/Cloak/internal/multiplex"
)

// rawConfig represents the fields in the config json file
type rawConfig struct {
	ServerName       string
	ProxyMethod      string
	EncryptionMethod string
	UID              string
	PublicKey        string
	BrowserSig       string
	NumConn          int
	StreamTimeout    int
}

// State stores the parsed configuration fields
type State struct {
	LocalHost  string
	LocalPort  string
	RemoteHost string
	RemotePort string
	Unordered  bool

	SessionID uint32
	UID       []byte

	staticPub crypto.PublicKey
	now       func() time.Time // for easier testing
	browser   browser

	ProxyMethod      string
	EncryptionMethod byte
	ServerName       string
	NumConn          int
	Timeout          time.Duration
}

// TODO: remove this and let the caller declare it directly
func InitState(localHost, localPort, remoteHost, remotePort string, nowFunc func() time.Time) *State {
	ret := &State{
		LocalHost:  localHost,
		LocalPort:  localPort,
		RemoteHost: remoteHost,
		RemotePort: remotePort,
		now:        nowFunc,
	}
	return ret
}

// semi-colon separated value. This is for Android plugin options
func ssvToJson(ssv string) (ret []byte) {
	unescape := func(s string) string {
		r := strings.Replace(s, `\\`, `\`, -1)
		r = strings.Replace(r, `\=`, `=`, -1)
		r = strings.Replace(r, `\;`, `;`, -1)
		return r
	}
	lines := strings.Split(unescape(ssv), ";")
	ret = []byte("{")
	for _, ln := range lines {
		if ln == "" {
			break
		}
		sp := strings.SplitN(ln, "=", 2)
		key := sp[0]
		value := sp[1]
		// JSON doesn't like quotation marks around int and bool
		// This is extremely ugly but it's still better than writing a tokeniser
		if key == "NumConn" || key == "Unordered" || key == "StreamTimeout" {
			ret = append(ret, []byte(`"`+key+`":`+value+`,`)...)
		} else {
			ret = append(ret, []byte(`"`+key+`":"`+value+`",`)...)
		}
	}
	ret = ret[:len(ret)-1] // remove the last comma
	ret = append(ret, '}')
	return ret
}

// ParseConfig parses the config (either a path to json or Android config) into a State variable
func (sta *State) ParseConfig(conf string) (err error) {
	var content []byte
	// Checking if it's a path to json or a ssv string
	if strings.Contains(conf, ";") && strings.Contains(conf, "=") {
		content = ssvToJson(conf)
	} else {
		content, err = ioutil.ReadFile(conf)
		if err != nil {
			return err
		}
	}
	var preParse rawConfig
	err = json.Unmarshal(content, &preParse)
	if err != nil {
		return err
	}

	switch strings.ToLower(preParse.EncryptionMethod) {
	case "plain":
		sta.EncryptionMethod = mux.E_METHOD_PLAIN
	case "aes-gcm":
		sta.EncryptionMethod = mux.E_METHOD_AES_GCM
	case "chacha20-poly1305":
		sta.EncryptionMethod = mux.E_METHOD_CHACHA20_POLY1305
	default:
		return errors.New("Unknown encryption method")
	}

	switch strings.ToLower(preParse.BrowserSig) {
	case "chrome":
		sta.browser = &Chrome{}
	case "firefox":
		sta.browser = &Firefox{}
	default:
		return errors.New("unsupported browser signature")
	}

	sta.ProxyMethod = preParse.ProxyMethod
	sta.ServerName = preParse.ServerName
	sta.NumConn = preParse.NumConn
	sta.Timeout = time.Duration(preParse.StreamTimeout) * time.Second

	uid, err := base64.StdEncoding.DecodeString(preParse.UID)
	if err != nil {
		return errors.New("Failed to parse UID: " + err.Error())
	}
	sta.UID = uid

	pubBytes, err := base64.StdEncoding.DecodeString(preParse.PublicKey)
	if err != nil {
		return errors.New("Failed to parse Public key: " + err.Error())
	}
	pub, ok := ecdh.Unmarshal(pubBytes)
	if !ok {
		return errors.New("Failed to unmarshal Public key")
	}
	sta.staticPub = pub
	return nil
}
Untested client 2018-10-07 17:09:45 +00:00			`package client`

			`import (`
Use ECDH instead of ECIES 2018-10-14 19:32:54 +00:00			`"crypto"`
Untested client 2018-10-07 17:09:45 +00:00			`"encoding/base64"`
			`"encoding/json"`
			`"errors"`
			`"io/ioutil"`
			`"strings"`
			`"time"`
Use ECDH instead of ECIES 2018-10-14 19:32:54 +00:00
Remove ECDH as an external dependancy and include it as a internal package 2019-01-25 00:24:47 +00:00			`"github.com/cbeuw/Cloak/internal/ecdh"`
More comments 2019-08-20 21:43:04 +00:00			`mux "github.com/cbeuw/Cloak/internal/multiplex"`
Untested client 2018-10-07 17:09:45 +00:00			`)`

More comments 2019-08-20 21:43:04 +00:00			`// rawConfig represents the fields in the config json file`
Untested client 2018-10-07 17:09:45 +00:00			`type rawConfig struct {`
Add optional encryption 2019-06-09 11:05:41 +00:00			`ServerName string`
			`ProxyMethod string`
			`EncryptionMethod string`
			`UID string`
			`PublicKey string`
			`BrowserSig string`
Add unordered mode 2019-08-12 21:43:16 +00:00			`NumConn int`
Add Stream Timeout 2019-08-19 22:23:41 +00:00			`StreamTimeout int`
Untested client 2018-10-07 17:09:45 +00:00			`}`

More comments 2019-08-20 21:43:04 +00:00			`// State stores the parsed configuration fields`
Untested client 2018-10-07 17:09:45 +00:00			`type State struct {`
Cloak 2: generalising cloak as a universal pluggable transport for arbitary proxies 2019-06-09 06:10:22 +00:00			`LocalHost string`
			`LocalPort string`
			`RemoteHost string`
			`RemotePort string`
Move Unordered field around 2019-08-16 22:20:24 +00:00			`Unordered bool`
Use ECDH instead of ECIES 2018-10-14 19:32:54 +00:00
Change the protocol to solve sessionTicket inconsistency 2019-07-26 16:05:46 +00:00			`SessionID uint32`
			`UID []byte`

Unexport some client.State fields 2019-08-16 23:18:19 +00:00			`staticPub crypto.PublicKey`
More comments 2019-08-20 21:43:04 +00:00			`now func() time.Time // for easier testing`
Unexport some client.State fields 2019-08-16 23:18:19 +00:00			`browser browser`
Refactor client TLS 2019-08-02 15:02:25 +00:00
Add optional encryption 2019-06-09 11:05:41 +00:00			`ProxyMethod string`
			`EncryptionMethod byte`
			`ServerName string`
			`NumConn int`
Add Stream Timeout 2019-08-19 22:23:41 +00:00			`Timeout time.Duration`
Untested client 2018-10-07 17:09:45 +00:00			`}`

More comments 2019-08-20 21:43:04 +00:00			`// TODO: remove this and let the caller declare it directly`
Regenerate SessionID on reconnection 2019-01-22 21:51:57 +00:00			`func InitState(localHost, localPort, remoteHost, remotePort string, nowFunc func() time.Time) *State {`
Use ECDH instead of ECIES 2018-10-14 19:32:54 +00:00			`ret := &State{`
TLS1.3 2019-08-02 00:01:19 +00:00			`LocalHost: localHost,`
			`LocalPort: localPort,`
			`RemoteHost: remoteHost,`
			`RemotePort: remotePort,`
Unexport some client.State fields 2019-08-16 23:18:19 +00:00			`now: nowFunc,`
Use ECDH instead of ECIES 2018-10-14 19:32:54 +00:00			`}`
			`return ret`
			`}`

Untested client 2018-10-07 17:09:45 +00:00			`// semi-colon separated value. This is for Android plugin options`
			`func ssvToJson(ssv string) (ret []byte) {`
			`unescape := func(s string) string {`
Integrate keygen util into ck-server 2018-12-17 22:12:38 +00:00			r := strings.Replace(s, `\\`, `\`, -1)
			r = strings.Replace(r, `\=`, `=`, -1)
			r = strings.Replace(r, `\;`, `;`, -1)
Untested client 2018-10-07 17:09:45 +00:00			`return r`
			`}`
			`lines := strings.Split(unescape(ssv), ";")`
			`ret = []byte("{")`
			`for _, ln := range lines {`
			`if ln == "" {`
			`break`
			`}`
			`sp := strings.SplitN(ln, "=", 2)`
			`key := sp[0]`
			`value := sp[1]`
More comments 2019-08-20 21:43:04 +00:00			`// JSON doesn't like quotation marks around int and bool`
			`// This is extremely ugly but it's still better than writing a tokeniser`
Add Stream Timeout 2019-08-19 22:23:41 +00:00			`if key == "NumConn" \|\| key == "Unordered" \|\| key == "StreamTimeout" {`
Integrate keygen util into ck-server 2018-12-17 22:12:38 +00:00			ret = append(ret, []byte(`"`+key+`":`+value+`,`)...)
Untested client 2018-10-07 17:09:45 +00:00			`} else {`
Integrate keygen util into ck-server 2018-12-17 22:12:38 +00:00			ret = append(ret, []byte(`"`+key+`":"`+value+`",`)...)
Untested client 2018-10-07 17:09:45 +00:00			`}`
			`}`
			`ret = ret[:len(ret)-1] // remove the last comma`
			`ret = append(ret, '}')`
			`return ret`
			`}`

			`// ParseConfig parses the config (either a path to json or Android config) into a State variable`
			`func (sta *State) ParseConfig(conf string) (err error) {`
			`var content []byte`
More comments 2019-08-20 21:43:04 +00:00			`// Checking if it's a path to json or a ssv string`
Untested client 2018-10-07 17:09:45 +00:00			`if strings.Contains(conf, ";") && strings.Contains(conf, "=") {`
			`content = ssvToJson(conf)`
			`} else {`
			`content, err = ioutil.ReadFile(conf)`
			`if err != nil {`
			`return err`
			`}`
			`}`
			`var preParse rawConfig`
			`err = json.Unmarshal(content, &preParse)`
			`if err != nil {`
			`return err`
			`}`
Add optional encryption 2019-06-09 11:05:41 +00:00
Refactor client TLS 2019-08-02 15:02:25 +00:00			`switch strings.ToLower(preParse.EncryptionMethod) {`
Add optional encryption 2019-06-09 11:05:41 +00:00			`case "plain":`
More comments 2019-08-20 21:43:04 +00:00			`sta.EncryptionMethod = mux.E_METHOD_PLAIN`
I just did a joint and I need to commit before things go wrong 2019-06-14 12:28:14 +00:00			`case "aes-gcm":`
More comments 2019-08-20 21:43:04 +00:00			`sta.EncryptionMethod = mux.E_METHOD_AES_GCM`
Support Chaha20-Poly1305 2019-06-14 10:26:26 +00:00			`case "chacha20-poly1305":`
More comments 2019-08-20 21:43:04 +00:00			`sta.EncryptionMethod = mux.E_METHOD_CHACHA20_POLY1305`
Add optional encryption 2019-06-09 11:05:41 +00:00			`default:`
			`return errors.New("Unknown encryption method")`
			`}`

Refactor client TLS 2019-08-02 15:02:25 +00:00			`switch strings.ToLower(preParse.BrowserSig) {`
			`case "chrome":`
Unexport some client.State fields 2019-08-16 23:18:19 +00:00			`sta.browser = &Chrome{}`
Refactor client TLS 2019-08-02 15:02:25 +00:00			`case "firefox":`
Unexport some client.State fields 2019-08-16 23:18:19 +00:00			`sta.browser = &Firefox{}`
Refactor client TLS 2019-08-02 15:02:25 +00:00			`default:`
			`return errors.New("unsupported browser signature")`
			`}`

Cloak 2: generalising cloak as a universal pluggable transport for arbitary proxies 2019-06-09 06:10:22 +00:00			`sta.ProxyMethod = preParse.ProxyMethod`
Untested client 2018-10-07 17:09:45 +00:00			`sta.ServerName = preParse.ServerName`
Barely working 2018-10-09 20:53:55 +00:00			`sta.NumConn = preParse.NumConn`
Add Stream Timeout 2019-08-19 22:23:41 +00:00			`sta.Timeout = time.Duration(preParse.StreamTimeout) * time.Second`
Add optional encryption 2019-06-09 11:05:41 +00:00
Redo config format 2018-12-03 20:30:06 +00:00			`uid, err := base64.StdEncoding.DecodeString(preParse.UID)`
Untested client 2018-10-07 17:09:45 +00:00			`if err != nil {`
Redo config format 2018-12-03 20:30:06 +00:00			`return errors.New("Failed to parse UID: " + err.Error())`
Untested client 2018-10-07 17:09:45 +00:00			`}`
QOS and user managing, bug fixes 2018-11-07 21:16:13 +00:00			`sta.UID = uid`
Untested client 2018-10-07 17:09:45 +00:00
Redo config format 2018-12-03 20:30:06 +00:00			`pubBytes, err := base64.StdEncoding.DecodeString(preParse.PublicKey)`
Untested client 2018-10-07 17:09:45 +00:00			`if err != nil {`
Redo config format 2018-12-03 20:30:06 +00:00			`return errors.New("Failed to parse Public key: " + err.Error())`
Untested client 2018-10-07 17:09:45 +00:00			`}`
Remove ECDH as an external dependancy and include it as a internal package 2019-01-25 00:24:47 +00:00			`pub, ok := ecdh.Unmarshal(pubBytes)`
Redo config format 2018-12-03 20:30:06 +00:00			`if !ok {`
			`return errors.New("Failed to unmarshal Public key")`
			`}`
			`sta.staticPub = pub`
			`return nil`
Use ECDH instead of ECIES 2018-10-14 19:32:54 +00:00			`}`