Fix bad cryptography

2019-08-01 00:16:33 +01:00 · 2019-08-01 00:16:33 +01:00 · 2735de4f96
parent 0fbb6011fc
commit 2735de4f96
3 changed files with 23 additions and 28 deletions
--- a/cmd/ck-client/ck-client.go
+++ b/cmd/ck-client/ck-client.go
@ -3,6 +3,7 @@
 package main

 import (
+	"crypto/aes"
 	"encoding/base64"
 	"encoding/binary"
 	"flag"
@ -101,7 +102,11 @@ func makeSession(sta *client.State) *mux.Session {
 	sta.UpdateIntervalKeys()

 	_, tthKey := sta.GetIntervalKeys()
-	sesh := mux.MakeSession(sta.SessionID, mux.UNLIMITED_VALVE, mux.MakeObfs(tthKey, sta.Cipher), mux.MakeDeobfs(tthKey, sta.Cipher), util.ReadTLS)
+	headerCipher, err := aes.NewCipher(tthKey)
+	if err != nil {
+		log.Fatal(err)
+	}
+	sesh := mux.MakeSession(sta.SessionID, mux.UNLIMITED_VALVE, mux.MakeObfs(headerCipher, sta.Cipher), mux.MakeDeobfs(headerCipher, sta.Cipher), util.ReadTLS)

 	var wg sync.WaitGroup
 	for i := 0; i < sta.NumConn; i++ {
--- a/cmd/ck-server/ck-server.go
+++ b/cmd/ck-server/ck-server.go
@ -2,6 +2,7 @@ package main

 import (
 	"bytes"
+	"crypto/aes"
 	"encoding/base64"
 	"flag"
 	"fmt"
@ -109,8 +110,15 @@ func dispatchConnection(conn net.Conn, sta *server.State) {
 		return
 	}

-	obfs := mux.MakeObfs(tthKey, crypto)
-	deobfs := mux.MakeDeobfs(tthKey, crypto)
+	headerCipher, err := aes.NewCipher(tthKey)
+	if err != nil {
+		log.Println(err)
+		goWeb(data)
+		return
+	}
+
+	obfs := mux.MakeObfs(headerCipher, crypto)
+	deobfs := mux.MakeDeobfs(headerCipher, crypto)

 	finishHandshake := func() error {
 		reply := server.ComposeReply(ch)
--- a/internal/multiplex/obfs.go
+++ b/internal/multiplex/obfs.go
@ -1,8 +1,8 @@
 package multiplex

 import (
+	"crypto/cipher"
 	"crypto/rand"
-	"crypto/sha1"
 	"encoding/binary"
 	"errors"
 )
@ -15,19 +15,7 @@ var putU32 = binary.BigEndian.PutUint32

 const HEADER_LEN = 12

-func genXorKey(key, salt []byte) []byte {
-	h := sha1.New()
-	h.Write(append(key, salt...))
-	return h.Sum(nil)[:12]
-}
-
-func xor(a []byte, b []byte) {
-	for i := range a {
-		a[i] ^= b[i]
-	}
-}
-
-func MakeObfs(key []byte, algo Crypto) Obfser {
+func MakeObfs(headerCipher cipher.Block, algo Crypto) Obfser {
 	obfs := func(f *Frame) ([]byte, error) {
 		ret := make([]byte, 5+HEADER_LEN+len(f.Payload)+16)
 		recordLayer := ret[0:5]
@ -46,11 +34,8 @@ func MakeObfs(key []byte, algo Crypto) Obfser {
 		}
 		copy(encryptedPayload, ciphertext)

-		cKey := make([]byte, len(key))
-		copy(cKey, key)
-		salt := encryptedPayload[len(encryptedPayload)-16:]
-		xorKey := genXorKey(cKey, salt)
-		xor(header, xorKey)
+		iv := encryptedPayload[len(encryptedPayload)-16:]
+		cipher.NewCTR(headerCipher, iv).XORKeyStream(header, header)

 		// Composing final obfsed message
 		// We don't use util.AddRecordLayer here to avoid unnecessary malloc
@ -63,7 +48,7 @@ func MakeObfs(key []byte, algo Crypto) Obfser {
 	return obfs
 }

-func MakeDeobfs(key []byte, algo Crypto) Deobfser {
+func MakeDeobfs(headerCipher cipher.Block, algo Crypto) Deobfser {
 	deobfs := func(in []byte) (*Frame, error) {
 		if len(in) < 5+HEADER_LEN+16 {
 			return nil, errors.New("Input cannot be shorter than 33 bytes")
@ -72,12 +57,9 @@ func MakeDeobfs(key []byte, algo Crypto) Deobfser {

 		header := peeled[0:12]
 		payload := peeled[12:]
-		salt := peeled[len(peeled)-16:]
+		iv := peeled[len(peeled)-16:]

-		cKey := make([]byte, len(key))
-		copy(cKey, key)
-		xorKey := genXorKey(cKey, salt)
-		xor(header, xorKey)
+		cipher.NewCTR(headerCipher, iv).XORKeyStream(header, header)

 		streamID := u32(header[0:4])
 		seq := u32(header[4:8])