mirror of
https://github.com/cbeuw/Cloak.git
synced 2024-11-07 15:20:40 +00:00
73 lines
2.0 KiB
Go
73 lines
2.0 KiB
Go
package multiplex
|
|
|
|
import (
|
|
"crypto/rand"
|
|
"crypto/sha1"
|
|
"encoding/binary"
|
|
"errors"
|
|
"io"
|
|
)
|
|
|
|
type Obfser func(*Frame) ([]byte, error)
|
|
type Deobfser func([]byte) (*Frame, error)
|
|
|
|
var u32 = binary.BigEndian.Uint32
|
|
|
|
const headerLen = 12
|
|
|
|
// For each frame, the three parts of the header is xored with three keys.
|
|
// The keys are generated from the SID and the payload of the frame.
|
|
func genXorKeys(key, nonce []byte) (i uint32, ii uint32, iii uint8) {
|
|
h := sha1.New()
|
|
hashed := h.Sum(append(key, nonce...))
|
|
return u32(hashed[0:4]), u32(hashed[4:8]), hashed[8]
|
|
}
|
|
|
|
func MakeObfs(key []byte) Obfser {
|
|
obfs := func(f *Frame) ([]byte, error) {
|
|
obfsedHeader := make([]byte, headerLen)
|
|
// header: [StreamID 4 bytes][Seq 4 bytes][Closing 1 byte][Nonce 3 bytes]
|
|
io.ReadFull(rand.Reader, obfsedHeader[9:12])
|
|
i, ii, iii := genXorKeys(key, obfsedHeader[9:12])
|
|
binary.BigEndian.PutUint32(obfsedHeader[0:4], f.StreamID^i)
|
|
binary.BigEndian.PutUint32(obfsedHeader[4:8], f.Seq^ii)
|
|
obfsedHeader[8] = f.Closing ^ iii
|
|
|
|
// Composing final obfsed message
|
|
// We don't use util.AddRecordLayer here to avoid unnecessary malloc
|
|
obfsed := make([]byte, 5+headerLen+len(f.Payload))
|
|
obfsed[0] = 0x17
|
|
obfsed[1] = 0x03
|
|
obfsed[2] = 0x03
|
|
binary.BigEndian.PutUint16(obfsed[3:5], uint16(headerLen+len(f.Payload)))
|
|
copy(obfsed[5:5+headerLen], obfsedHeader)
|
|
copy(obfsed[5+headerLen:], f.Payload)
|
|
// obfsed: [record layer 5 bytes][cipherheader 12 bytes][payload]
|
|
return obfsed, nil
|
|
}
|
|
return obfs
|
|
}
|
|
|
|
func MakeDeobfs(key []byte) Deobfser {
|
|
deobfs := func(in []byte) (*Frame, error) {
|
|
if len(in) < 5+headerLen {
|
|
return nil, errors.New("Input cannot be shorter than 17 bytes")
|
|
}
|
|
peeled := in[5:]
|
|
i, ii, iii := genXorKeys(key, peeled[9:12])
|
|
streamID := u32(peeled[0:4]) ^ i
|
|
seq := u32(peeled[4:8]) ^ ii
|
|
closing := peeled[8] ^ iii
|
|
payload := make([]byte, len(peeled)-headerLen)
|
|
copy(payload, peeled[headerLen:])
|
|
ret := &Frame{
|
|
StreamID: streamID,
|
|
Seq: seq,
|
|
Closing: closing,
|
|
Payload: payload,
|
|
}
|
|
return ret, nil
|
|
}
|
|
return deobfs
|
|
}
|