Cloak/internal/server/auth.go

package server

import (
	"bytes"
	"crypto"
	"crypto/sha256"
	"encoding/binary"
	"log"

	"github.com/cbeuw/Cloak/internal/util"
	ecdh "github.com/cbeuw/go-ecdh"
)

// input ticket, return UID
func decryptSessionTicket(staticPv crypto.PrivateKey, ticket []byte) ([]byte, uint32, error) {
	ec := ecdh.NewCurve25519ECDH()
	ephPub, _ := ec.Unmarshal(ticket[0:32])
	key, err := ec.GenerateSharedSecret(staticPv, ephPub)
	if err != nil {
		return nil, 0, err
	}
	UIDsID := util.AESDecrypt(ticket[0:16], key, ticket[32:68])
	sessionID := binary.BigEndian.Uint32(UIDsID[32:36])
	return UIDsID[0:32], sessionID, nil
}

func validateRandom(random []byte, UID []byte, time int64) bool {
	t := make([]byte, 8)
	binary.BigEndian.PutUint64(t, uint64(time/(12*60*60)))
	rdm := random[0:16]
	preHash := make([]byte, 56)
	copy(preHash[0:32], UID)
	copy(preHash[32:40], t)
	copy(preHash[40:56], rdm)
	h := sha256.New()
	h.Write(preHash)
	return bytes.Equal(h.Sum(nil)[0:16], random[16:32])
}
func TouchStone(ch *ClientHello, sta *State) (isSS bool, UID []byte, sessionID uint32) {
	var random [32]byte
	copy(random[:], ch.random)
	used := sta.getUsedRandom(random)
	if used != 0 {
		log.Println("Replay! Duplicate random")
		return false, nil, 0
	}
	sta.putUsedRandom(random)

	ticket := ch.extensions[[2]byte{0x00, 0x23}]
	if len(ticket) < 64 {
		return false, nil, 0
	}
	UID, sessionID, err := decryptSessionTicket(sta.staticPv, ticket)
	if err != nil {
		log.Printf("ts: %v\n", err)
		return false, nil, 0
	}
	isSS = validateRandom(ch.random, UID, sta.Now().Unix())
	if !isSS {
		return false, nil, 0
	}

	return
}
Untested server 2018-10-09 15:07:54 +00:00			`package server`

			`import (`
			`"bytes"`
Use ECDH instead of ECIES 2018-10-14 19:32:54 +00:00			`"crypto"`
Untested server 2018-10-09 15:07:54 +00:00			`"crypto/sha256"`
			`"encoding/binary"`
			`"log"`
Use ECDH instead of ECIES 2018-10-14 19:32:54 +00:00
			`"github.com/cbeuw/Cloak/internal/util"`
			`ecdh "github.com/cbeuw/go-ecdh"`
Untested server 2018-10-09 15:07:54 +00:00			`)`

QOS and user managing, bug fixes 2018-11-07 21:16:13 +00:00			`// input ticket, return UID`
			`func decryptSessionTicket(staticPv crypto.PrivateKey, ticket []byte) ([]byte, uint32, error) {`
Use ECDH instead of ECIES 2018-10-14 19:32:54 +00:00			`ec := ecdh.NewCurve25519ECDH()`
			`ephPub, _ := ec.Unmarshal(ticket[0:32])`
			`key, err := ec.GenerateSharedSecret(staticPv, ephPub)`
Untested server 2018-10-09 15:07:54 +00:00			`if err != nil {`
QOS and user managing, bug fixes 2018-11-07 21:16:13 +00:00			`return nil, 0, err`
Untested server 2018-10-09 15:07:54 +00:00			`}`
QOS and user managing, bug fixes 2018-11-07 21:16:13 +00:00			`UIDsID := util.AESDecrypt(ticket[0:16], key, ticket[32:68])`
			`sessionID := binary.BigEndian.Uint32(UIDsID[32:36])`
			`return UIDsID[0:32], sessionID, nil`
Untested server 2018-10-09 15:07:54 +00:00			`}`

QOS and user managing, bug fixes 2018-11-07 21:16:13 +00:00			`func validateRandom(random []byte, UID []byte, time int64) bool {`
Untested server 2018-10-09 15:07:54 +00:00			`t := make([]byte, 8)`
Use ECDH instead of ECIES 2018-10-14 19:32:54 +00:00			`binary.BigEndian.PutUint64(t, uint64(time/(126060)))`
			`rdm := random[0:16]`
Untested server 2018-10-09 15:07:54 +00:00			`preHash := make([]byte, 56)`
QOS and user managing, bug fixes 2018-11-07 21:16:13 +00:00			`copy(preHash[0:32], UID)`
Untested server 2018-10-09 15:07:54 +00:00			`copy(preHash[32:40], t)`
Use ECDH instead of ECIES 2018-10-14 19:32:54 +00:00			`copy(preHash[40:56], rdm)`
Untested server 2018-10-09 15:07:54 +00:00			`h := sha256.New()`
			`h.Write(preHash)`
			`return bytes.Equal(h.Sum(nil)[0:16], random[16:32])`
			`}`
QOS and user managing, bug fixes 2018-11-07 21:16:13 +00:00			`func TouchStone(ch ClientHello, sta State) (isSS bool, UID []byte, sessionID uint32) {`
Untested server 2018-10-09 15:07:54 +00:00			`var random [32]byte`
			`copy(random[:], ch.random)`
			`used := sta.getUsedRandom(random)`
			`if used != 0 {`
			`log.Println("Replay! Duplicate random")`
QOS and user managing, bug fixes 2018-11-07 21:16:13 +00:00			`return false, nil, 0`
Untested server 2018-10-09 15:07:54 +00:00			`}`
			`sta.putUsedRandom(random)`

drop aes encryption of headers 2018-10-20 20:41:01 +00:00			`ticket := ch.extensions[[2]byte{0x00, 0x23}]`
			`if len(ticket) < 64 {`
QOS and user managing, bug fixes 2018-11-07 21:16:13 +00:00			`return false, nil, 0`
drop aes encryption of headers 2018-10-20 20:41:01 +00:00			`}`
QOS and user managing, bug fixes 2018-11-07 21:16:13 +00:00			`UID, sessionID, err := decryptSessionTicket(sta.staticPv, ticket)`
Untested server 2018-10-09 15:07:54 +00:00			`if err != nil {`
Use ECDH instead of ECIES 2018-10-14 19:32:54 +00:00			`log.Printf("ts: %v\n", err)`
QOS and user managing, bug fixes 2018-11-07 21:16:13 +00:00			`return false, nil, 0`
Untested server 2018-10-09 15:07:54 +00:00			`}`
QOS and user managing, bug fixes 2018-11-07 21:16:13 +00:00			`isSS = validateRandom(ch.random, UID, sta.Now().Unix())`
Untested server 2018-10-09 15:07:54 +00:00			`if !isSS {`
QOS and user managing, bug fixes 2018-11-07 21:16:13 +00:00			`return false, nil, 0`
Untested server 2018-10-09 15:07:54 +00:00			`}`

QOS and user managing, bug fixes 2018-11-07 21:16:13 +00:00			`return`
Untested server 2018-10-09 15:07:54 +00:00			`}`