kirillius
/
Cloak
mirror of https://github.com/cbeuw/Cloak
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Refactor authentication pipeline

This commit is contained in:
Andy Wang 2020-04-06 15:24:18 +01:00
parent a161409577
commit 6a83c58143
6 changed files with 44 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
cmd/ck-server/ck-server.go
View File

@ -58,7 +58,7 @@ func dispatchConnection(conn net.Conn, sta *server.State) {
go util.Pipe(conn, webConn, 0)
}
ci, finishHandshake, err := server.PrepareConnection(data, sta, conn)
ci, finishHandshake, err := server.AuthFirstPacket(data, sta)
if err != nil {
log.WithFields(log.Fields{
"remoteAddr": remoteAddr,
@ -84,7 +84,7 @@ func dispatchConnection(conn net.Conn, sta *server.State) {
// added to the userinfo database. The distinction between going into the admin mode
// and normal proxy mode is that sessionID needs == 0 for admin mode
if bytes.Equal(ci.UID, sta.AdminUID) && ci.SessionId == 0 {
preparedConn, err := finishHandshake(sessionKey)
preparedConn, err := finishHandshake(conn, sessionKey)
if err != nil {
log.Error(err)
return
@ -136,7 +136,7 @@ func dispatchConnection(conn net.Conn, sta *server.State) {
}
if existing {
preparedConn, err := finishHandshake(sesh.SessionKey)
preparedConn, err := finishHandshake(conn, sesh.SessionKey)
if err != nil {
log.Error(err)
return
@ -146,7 +146,7 @@ func dispatchConnection(conn net.Conn, sta *server.State) {
return
}
preparedConn, err := finishHandshake(sessionKey)
preparedConn, err := finishHandshake(conn, sessionKey)
if err != nil {
log.Error(err)
return

22
internal/server/TLS.go
View File

@ -19,24 +19,29 @@ func (TLS) String() string { return "TLS" }
func (TLS) HasRecordLayer() bool { return true }
func (TLS) UnitReadFunc() func(net.Conn, []byte) (int, error) { return util.ReadTLS }
func (TLS) handshake(clientHello []byte, privateKey crypto.PrivateKey, originalConn net.Conn) (fragments authFragments, finisher func([]byte) (net.Conn, error), err error) {
var ch *ClientHello
ch, err = parseClientHello(clientHello)
func (TLS) processFirstPacket(clientHello []byte, privateKey crypto.PrivateKey) (fragments authFragments, respond Responder, err error) {
ch, err := parseClientHello(clientHello)
if err != nil {
log.Debug(err)
err = ErrBadClientHello
return
}
fragments, err = unmarshalClientHello(ch, privateKey)
fragments, err = TLS{}.unmarshalClientHello(ch, privateKey)
if err != nil {
err = fmt.Errorf("failed to unmarshal ClientHello into authFragments: %v", err)
return
}
finisher = func(sessionKey []byte) (preparedConn net.Conn, err error) {
respond = TLS{}.makeResponder(ch.sessionId, fragments.sharedSecret[:])
return
}
func (TLS) makeResponder(clientHelloSessionId []byte, sharedSecret []byte) Responder {
respond := func(originalConn net.Conn, sessionKey []byte) (preparedConn net.Conn, err error) {
preparedConn = originalConn
reply, err := composeReply(ch, fragments.sharedSecret[:], sessionKey)
reply, err := composeReply(clientHelloSessionId, sharedSecret, sessionKey)
if err != nil {
err = fmt.Errorf("failed to compose TLS reply: %v", err)
return
@ -49,11 +54,10 @@ func (TLS) handshake(clientHello []byte, privateKey crypto.PrivateKey, originalC
}
return
}
return
return respond
}
func unmarshalClientHello(ch *ClientHello, staticPv crypto.PrivateKey) (fragments authFragments, err error) {
func (TLS) unmarshalClientHello(ch *ClientHello, staticPv crypto.PrivateKey) (fragments authFragments, err error) {
copy(fragments.randPubKey[:], ch.random)
ephPub, ok := ecdh.Unmarshal(fragments.randPubKey[:])
if !ok {

4
internal/server/TLSAux.go
View File

@ -198,9 +198,9 @@ func composeServerHello(sessionId []byte, sharedSecret []byte, sessionKey []byte
// composeReply composes the ServerHello, ChangeCipherSpec and an ApplicationData messages
// together with their respective record layers into one byte slice.
func composeReply(ch *ClientHello, sharedSecret []byte, sessionKey []byte) ([]byte, error) {
func composeReply(clientHelloSessionId []byte, sharedSecret []byte, sessionKey []byte) ([]byte, error) {
TLS12 := []byte{0x03, 0x03}
sh, err := composeServerHello(ch.sessionId, sharedSecret, sessionKey)
sh, err := composeServerHello(clientHelloSessionId, sharedSecret, sessionKey)
if err != nil {
return nil, err
}

19
internal/server/auth.go
View File

@ -6,7 +6,6 @@ import (
"errors"
"fmt"
"github.com/cbeuw/Cloak/internal/util"
"net"
"time"
log "github.com/sirupsen/logrus"
@ -34,8 +33,8 @@ const (
var ErrTimestampOutOfWindow = errors.New("timestamp is outside of the accepting window")
var ErrUnreconisedProtocol = errors.New("unreconised protocol")
// touchStone checks if a the authFragments are valid. It doesn't check if the UID is authorised
func touchStone(fragments authFragments, now func() time.Time) (info ClientInfo, err error) {
// decryptClientInfo checks if a the authFragments are valid. It doesn't check if the UID is authorised
func decryptClientInfo(fragments authFragments, now func() time.Time) (info ClientInfo, err error) {
var plaintext []byte
plaintext, err = util.AESGCMDecrypt(fragments.randPubKey[0:12], fragments.sharedSecret[:], fragments.ciphertextWithTag[:])
if err != nil {
@ -64,25 +63,23 @@ func touchStone(fragments authFragments, now func() time.Time) (info ClientInfo,
var ErrReplay = errors.New("duplicate random")
var ErrBadProxyMethod = errors.New("invalid proxy method")
// PrepareConnection checks if the first packet of data is ClientHello or HTTP GET, and checks if it was from a Cloak client
// AuthFirstPacket checks if the first packet of data is ClientHello or HTTP GET, and checks if it was from a Cloak client
// if it is from a Cloak client, it returns the ClientInfo with the decrypted fields. It doesn't check if the user
// is authorised. It also returns a finisher callback function to be called when the caller wishes to proceed with
// the handshake
func PrepareConnection(firstPacket []byte, sta *State, conn net.Conn) (info ClientInfo, finisher func([]byte) (net.Conn, error), err error) {
func AuthFirstPacket(firstPacket []byte, sta *State) (info ClientInfo, finisher Responder, err error) {
var transport Transport
switch firstPacket[0] {
case 0x47:
transport = WebSocket{}
transport = &WebSocket{}
case 0x16:
transport = TLS{}
transport = &TLS{}
default:
err = ErrUnreconisedProtocol
return
}
var fragments authFragments
fragments, finisher, err = transport.handshake(firstPacket, sta.staticPv, conn)
fragments, finisher, err := transport.processFirstPacket(firstPacket, sta.staticPv)
if err != nil {
return
}
@ -92,7 +89,7 @@ func PrepareConnection(firstPacket []byte, sta *State, conn net.Conn) (info Clie
return
}
info, err = touchStone(fragments, sta.Now)
info, err = decryptClientInfo(fragments, sta.Now)
if err != nil {
log.Debug(err)
err = fmt.Errorf("transport %v in correct format but not Cloak: %v", transport, err)

3
internal/server/transport.go
View File

@ -6,10 +6,11 @@ import (
"net"
)
type Responder = func(originalConn net.Conn, sessionKey []byte) (preparedConn net.Conn, err error)
type Transport interface {
HasRecordLayer() bool
UnitReadFunc() func(net.Conn, []byte) (int, error)
handshake(reqPacket []byte, privateKey crypto.PrivateKey, originalConn net.Conn) (authFragments, func([]byte) (net.Conn, error), error)
processFirstPacket(reqPacket []byte, privateKey crypto.PrivateKey) (authFragments, Responder, error)
}
var ErrInvalidPubKey = errors.New("public key has invalid format")

23
internal/server/websocket.go
View File

@ -13,13 +13,15 @@ import (
"net/http"
)
type WebSocket struct{}
type WebSocket struct {
requestPacket []byte
}
func (WebSocket) String() string { return "WebSocket" }
func (WebSocket) HasRecordLayer() bool { return false }
func (WebSocket) UnitReadFunc() func(net.Conn, []byte) (int, error) { return util.ReadWebSocket }
func (WebSocket) handshake(reqPacket []byte, privateKey crypto.PrivateKey, originalConn net.Conn) (fragments authFragments, finisher func([]byte) (net.Conn, error), err error) {
func (WebSocket) processFirstPacket(reqPacket []byte, privateKey crypto.PrivateKey) (fragments authFragments, respond Responder, err error) {
var req *http.Request
req, err = http.ReadRequest(bufio.NewReader(bytes.NewBuffer(reqPacket)))
if err != nil {
@ -29,13 +31,19 @@ func (WebSocket) handshake(reqPacket []byte, privateKey crypto.PrivateKey, origi
var hiddenData []byte
hiddenData, err = base64.StdEncoding.DecodeString(req.Header.Get("hidden"))
fragments, err = unmarshalHidden(hiddenData, privateKey)
fragments, err = WebSocket{}.unmarshalHidden(hiddenData, privateKey)
if err != nil {
err = fmt.Errorf("failed to unmarshal hidden data from WS into authFragments: %v", err)
return
}
finisher = func(sessionKey []byte) (preparedConn net.Conn, err error) {
respond = WebSocket{}.makeResponder(reqPacket, fragments.sharedSecret[:])
return
}
func (WebSocket) makeResponder(reqPacket []byte, sharedSecret []byte) Responder {
respond := func(originalConn net.Conn, sessionKey []byte) (preparedConn net.Conn, err error) {
handler := newWsHandshakeHandler()
// For an explanation of the following 3 lines, see the comments in websocketAux.go
@ -47,7 +55,7 @@ func (WebSocket) handshake(reqPacket []byte, privateKey crypto.PrivateKey, origi
util.CryptoRandRead(nonce)
// reply: [12 bytes nonce][32 bytes encrypted session key][16 bytes authentication tag]
encryptedKey, err := util.AESGCMEncrypt(nonce, fragments.sharedSecret[:], sessionKey) // 32 + 16 = 48 bytes
encryptedKey, err := util.AESGCMEncrypt(nonce, sharedSecret, sessionKey) // 32 + 16 = 48 bytes
if err != nil {
err = fmt.Errorf("failed to encrypt reply: %v", err)
return
@ -61,13 +69,12 @@ func (WebSocket) handshake(reqPacket []byte, privateKey crypto.PrivateKey, origi
}
return
}
return
return respond
}
var ErrBadGET = errors.New("non (or malformed) HTTP GET")
func unmarshalHidden(hidden []byte, staticPv crypto.PrivateKey) (fragments authFragments, err error) {
func (WebSocket) unmarshalHidden(hidden []byte, staticPv crypto.PrivateKey) (fragments authFragments, err error) {
if len(hidden) < 96 {
err = ErrBadGET
return