Archives
/
Cloak
mirror of https://github.com/cbeuw/Cloak
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
renovate/github.com-refraction-networking-utls-1.x
master
dependabot/go_modules/golang.org/x/net-0.23.0
ptspec
legacy-v1
v0.1.0
v0.2.0
v1.0.0
v1.1.0
v1.1.1
v1.1.2
v2.0.0
v2.0.1
v2.0.2
v2.1.0
v2.1.1
v2.1.2
v2.1.3
v2.2.0
v2.2.1
v2.2.2
v2.2.3
v2.3.0
v2.3.1
v2.3.2
v2.4.0
v2.4.1
v2.5.0
v2.5.1
v2.5.2
v2.5.3
v2.5.4
v2.5.5
v2.6.0
v2.6.1
v2.7.0
v2.7.1-pre
v2.8.0
v2.9.0
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '52fac535e3'
${ noResults }
Cloak/internal/client/TLS.go

80 lines
2.0 KiB
Go
Raw Blame History

package client
import (
"encoding/binary"
"github.com/cbeuw/Cloak/internal/util"
"net"
log "github.com/sirupsen/logrus"
)
type Browser interface {
composeClientHello(*State) ([]byte, []byte)
}
func makeServerName(serverName string) []byte {
serverNameListLength := make([]byte, 2)
binary.BigEndian.PutUint16(serverNameListLength, uint16(len(serverName)+3))
serverNameType := []byte{0x00} // host_name
serverNameLength := make([]byte, 2)
binary.BigEndian.PutUint16(serverNameLength, uint16(len(serverName)))
ret := make([]byte, 2+1+2+len(serverName))
copy(ret[0:2], serverNameListLength)
copy(ret[2:3], serverNameType)
copy(ret[3:5], serverNameLength)
copy(ret[5:], serverName)
return ret
}
// addExtensionRecord, add type, length to extension data
func addExtRec(typ []byte, data []byte) []byte {
length := make([]byte, 2)
binary.BigEndian.PutUint16(length, uint16(len(data)))
ret := make([]byte, 2+2+len(data))
copy(ret[0:2], typ)
copy(ret[2:4], length)
copy(ret[4:], data)
return ret
}
// composeClientHello composes ClientHello with record layer
func composeClientHello(sta *State) ([]byte, []byte) {
ch, sharedSecret := sta.Browser.composeClientHello(sta)
return util.AddRecordLayer(ch, []byte{0x16}, []byte{0x03, 0x01}), sharedSecret
}
func PrepareConnection(sta *State, conn net.Conn) (sessionKey []byte, err error) {
clientHello, sharedSecret := composeClientHello(sta)
_, err = conn.Write(clientHello)
if err != nil {
return
}
log.Trace("client hello sent successfully")
buf := make([]byte, 1024)
log.Trace("waiting for ServerHello")
_, err = util.ReadTLS(conn, buf)
if err != nil {
return
}
encrypted := append(buf[11:43], buf[89:121]...)
nonce := encrypted[0:12]
ciphertext := encrypted[12:60]
sessionKey, err = util.AESGCMDecrypt(nonce, sharedSecret, ciphertext)
if err != nil {
return
}
for i := 0; i < 2; i++ {
// ChangeCipherSpec and EncryptedCert (in the format of application data)
_, err = util.ReadTLS(conn, buf)
if err != nil {
return
}
}
return sessionKey, nil
}
Reference in New Issue View Git Blame Copy Permalink