Cloak/internal/server/auth.go

package server

import (
	"bytes"
	"encoding/binary"
	"github.com/cbeuw/Cloak/internal/ecdh"
	"github.com/cbeuw/Cloak/internal/util"
	"log"
)

func TouchStone(ch *ClientHello, sta *State) (isCK bool, UID []byte, sessionID uint32, proxyMethod string, encryptionMethod byte, sharedSecret []byte) {
	var random [32]byte
	copy(random[:], ch.random)

	sta.usedRandomM.Lock()
	used := sta.usedRandom[random]
	sta.usedRandom[random] = int(sta.Now().Unix())
	sta.usedRandomM.Unlock()

	if used != 0 {
		log.Println("Replay! Duplicate random")
		return
	}

	ephPub, ok := ecdh.Unmarshal(random[:])
	if !ok {
		return
	}

	sharedSecret = ecdh.GenerateSharedSecret(sta.staticPv, ephPub)
	keyShare, err := parseKeyShare(ch.extensions[[2]byte{0x00, 0x33}])
	if err != nil {
		return
	}
	ciphertext := append(ch.sessionId, keyShare...)

	if len(ciphertext) != 64 {
		return
	}

	plaintext, err := util.AESGCMDecrypt(random[0:12], sharedSecret, ciphertext)
	if err != nil {
		return
	}

	UID = plaintext[0:16]
	proxyMethod = string(bytes.Trim(plaintext[16:28], "\x00"))
	encryptionMethod = plaintext[28]
	timestamp := int64(binary.BigEndian.Uint64(plaintext[29:37]))
	if timestamp/int64(TIMESTAMP_WINDOW.Seconds()) != sta.Now().Unix()/int64(TIMESTAMP_WINDOW.Seconds()) {
		isCK = false
		return
	}
	sessionID = binary.BigEndian.Uint32(plaintext[37:41])

	isCK = true
	return
}
Untested server 6 years ago			`package server`

			`import (`
			`"bytes"`
			`"encoding/binary"`
Remove ECDH as an external dependancy and include it as a internal package 6 years ago			`"github.com/cbeuw/Cloak/internal/ecdh"`
Use ECDH instead of ECIES 6 years ago			`"github.com/cbeuw/Cloak/internal/util"`
Change the protocol to solve sessionTicket inconsistency 5 years ago			`"log"`
Untested server 6 years ago			`)`

TLS1.3 5 years ago			`func TouchStone(ch ClientHello, sta State) (isCK bool, UID []byte, sessionID uint32, proxyMethod string, encryptionMethod byte, sharedSecret []byte) {`
Untested server 6 years ago			`var random [32]byte`
			`copy(random[:], ch.random)`
Remove reundancy and fix a race 6 years ago
			`sta.usedRandomM.Lock()`
			`used := sta.usedRandom[random]`
			`sta.usedRandom[random] = int(sta.Now().Unix())`
			`sta.usedRandomM.Unlock()`

Untested server 6 years ago			`if used != 0 {`
			`log.Println("Replay! Duplicate random")`
Add optional encryption 5 years ago			`return`
Untested server 6 years ago			`}`

TLS1.3 5 years ago			`ephPub, ok := ecdh.Unmarshal(random[:])`
			`if !ok {`
			`return`
			`}`
Change the protocol to solve sessionTicket inconsistency 5 years ago
TLS1.3 5 years ago			`sharedSecret = ecdh.GenerateSharedSecret(sta.staticPv, ephPub)`
			`keyShare, err := parseKeyShare(ch.extensions[[2]byte{0x00, 0x33}])`
			`if err != nil {`
Add optional encryption 5 years ago			`return`
drop aes encryption of headers 6 years ago			`}`
TLS1.3 5 years ago			`ciphertext := append(ch.sessionId, keyShare...)`
Change the protocol to solve sessionTicket inconsistency 5 years ago
TLS1.3 5 years ago			`if len(ciphertext) != 64 {`
			`return`
			`}`
Change the protocol to solve sessionTicket inconsistency 5 years ago
TLS1.3 5 years ago			`plaintext, err := util.AESGCMDecrypt(random[0:12], sharedSecret, ciphertext)`
			`if err != nil {`
Use AES-GCM instead of CTR 5 years ago			`return`
			`}`
TLS1.3 5 years ago
			`UID = plaintext[0:16]`
			`proxyMethod = string(bytes.Trim(plaintext[16:28], "\x00"))`
			`encryptionMethod = plaintext[28]`
			`timestamp := int64(binary.BigEndian.Uint64(plaintext[29:37]))`
			`if timestamp/int64(TIMESTAMP_WINDOW.Seconds()) != sta.Now().Unix()/int64(TIMESTAMP_WINDOW.Seconds()) {`
			`isCK = false`
Add optional encryption 5 years ago			`return`
Untested server 6 years ago			`}`
TLS1.3 5 years ago			`sessionID = binary.BigEndian.Uint32(plaintext[37:41])`
Untested server 6 years ago
TLS1.3 5 years ago			`isCK = true`
QOS and user managing, bug fixes 6 years ago			`return`
Untested server 6 years ago			`}`