Cloak/internal/server/auth.go

package server

import (
	"bytes"
	"crypto"
	"crypto/sha256"
	"encoding/binary"
	"log"

	"github.com/cbeuw/Cloak/internal/util"
	ecdh "github.com/cbeuw/go-ecdh"
)

// input ticket, return UID
func decryptSessionTicket(staticPv crypto.PrivateKey, ticket []byte) ([]byte, uint32) {
	ec := ecdh.NewCurve25519ECDH()
	ephPub, _ := ec.Unmarshal(ticket[0:32])
	key, _ := ec.GenerateSharedSecret(staticPv, ephPub)
	UIDsID := util.AESDecrypt(ticket[0:16], key, ticket[32:68])
	sessionID := binary.BigEndian.Uint32(UIDsID[32:36])
	return UIDsID[0:32], sessionID
}

func validateRandom(random []byte, UID []byte, time int64) bool {
	t := make([]byte, 8)
	binary.BigEndian.PutUint64(t, uint64(time/(12*60*60)))
	rdm := random[0:16]
	preHash := make([]byte, 56)
	copy(preHash[0:32], UID)
	copy(preHash[32:40], t)
	copy(preHash[40:56], rdm)
	h := sha256.New()
	h.Write(preHash)
	return bytes.Equal(h.Sum(nil)[0:16], random[16:32])
}
func TouchStone(ch *ClientHello, sta *State) (isSS bool, UID []byte, sessionID uint32) {
	var random [32]byte
	copy(random[:], ch.random)

	sta.usedRandomM.Lock()
	used := sta.usedRandom[random]
	sta.usedRandom[random] = int(sta.Now().Unix())
	sta.usedRandomM.Unlock()

	if used != 0 {
		log.Println("Replay! Duplicate random")
		return false, nil, 0
	}

	ticket := ch.extensions[[2]byte{0x00, 0x23}]
	if len(ticket) < 68 {
		return false, nil, 0
	}
	UID, sessionID = decryptSessionTicket(sta.staticPv, ticket)
	isSS = validateRandom(ch.random, UID, sta.Now().Unix())
	if !isSS {
		return false, nil, 0
	}

	return
}
Untested server 2018-10-09 15:07:54 +00:00			`package server`

			`import (`
			`"bytes"`
Use ECDH instead of ECIES 2018-10-14 19:32:54 +00:00			`"crypto"`
Untested server 2018-10-09 15:07:54 +00:00			`"crypto/sha256"`
			`"encoding/binary"`
			`"log"`
Use ECDH instead of ECIES 2018-10-14 19:32:54 +00:00
			`"github.com/cbeuw/Cloak/internal/util"`
			`ecdh "github.com/cbeuw/go-ecdh"`
Untested server 2018-10-09 15:07:54 +00:00			`)`

QOS and user managing, bug fixes 2018-11-07 21:16:13 +00:00			`// input ticket, return UID`
Remove reundancy and fix a race 2019-01-19 19:30:32 +00:00			`func decryptSessionTicket(staticPv crypto.PrivateKey, ticket []byte) ([]byte, uint32) {`
Use ECDH instead of ECIES 2018-10-14 19:32:54 +00:00			`ec := ecdh.NewCurve25519ECDH()`
			`ephPub, _ := ec.Unmarshal(ticket[0:32])`
Remove reundancy and fix a race 2019-01-19 19:30:32 +00:00			`key, _ := ec.GenerateSharedSecret(staticPv, ephPub)`
QOS and user managing, bug fixes 2018-11-07 21:16:13 +00:00			`UIDsID := util.AESDecrypt(ticket[0:16], key, ticket[32:68])`
			`sessionID := binary.BigEndian.Uint32(UIDsID[32:36])`
Remove reundancy and fix a race 2019-01-19 19:30:32 +00:00			`return UIDsID[0:32], sessionID`
Untested server 2018-10-09 15:07:54 +00:00			`}`

QOS and user managing, bug fixes 2018-11-07 21:16:13 +00:00			`func validateRandom(random []byte, UID []byte, time int64) bool {`
Untested server 2018-10-09 15:07:54 +00:00			`t := make([]byte, 8)`
Use ECDH instead of ECIES 2018-10-14 19:32:54 +00:00			`binary.BigEndian.PutUint64(t, uint64(time/(126060)))`
			`rdm := random[0:16]`
Untested server 2018-10-09 15:07:54 +00:00			`preHash := make([]byte, 56)`
QOS and user managing, bug fixes 2018-11-07 21:16:13 +00:00			`copy(preHash[0:32], UID)`
Untested server 2018-10-09 15:07:54 +00:00			`copy(preHash[32:40], t)`
Use ECDH instead of ECIES 2018-10-14 19:32:54 +00:00			`copy(preHash[40:56], rdm)`
Untested server 2018-10-09 15:07:54 +00:00			`h := sha256.New()`
			`h.Write(preHash)`
			`return bytes.Equal(h.Sum(nil)[0:16], random[16:32])`
			`}`
QOS and user managing, bug fixes 2018-11-07 21:16:13 +00:00			`func TouchStone(ch ClientHello, sta State) (isSS bool, UID []byte, sessionID uint32) {`
Untested server 2018-10-09 15:07:54 +00:00			`var random [32]byte`
			`copy(random[:], ch.random)`
Remove reundancy and fix a race 2019-01-19 19:30:32 +00:00
			`sta.usedRandomM.Lock()`
			`used := sta.usedRandom[random]`
			`sta.usedRandom[random] = int(sta.Now().Unix())`
			`sta.usedRandomM.Unlock()`

Untested server 2018-10-09 15:07:54 +00:00			`if used != 0 {`
			`log.Println("Replay! Duplicate random")`
QOS and user managing, bug fixes 2018-11-07 21:16:13 +00:00			`return false, nil, 0`
Untested server 2018-10-09 15:07:54 +00:00			`}`

drop aes encryption of headers 2018-10-20 20:41:01 +00:00			`ticket := ch.extensions[[2]byte{0x00, 0x23}]`
Fix a user input validation 2019-01-19 13:18:13 +00:00			`if len(ticket) < 68 {`
QOS and user managing, bug fixes 2018-11-07 21:16:13 +00:00			`return false, nil, 0`
drop aes encryption of headers 2018-10-20 20:41:01 +00:00			`}`
Remove reundancy and fix a race 2019-01-19 19:30:32 +00:00			`UID, sessionID = decryptSessionTicket(sta.staticPv, ticket)`
QOS and user managing, bug fixes 2018-11-07 21:16:13 +00:00			`isSS = validateRandom(ch.random, UID, sta.Now().Unix())`
Untested server 2018-10-09 15:07:54 +00:00			`if !isSS {`
QOS and user managing, bug fixes 2018-11-07 21:16:13 +00:00			`return false, nil, 0`
Untested server 2018-10-09 15:07:54 +00:00			`}`

QOS and user managing, bug fixes 2018-11-07 21:16:13 +00:00			`return`
Untested server 2018-10-09 15:07:54 +00:00			`}`