diff --git a/README.md b/README.md index 285575f..ebf70db 100644 --- a/README.md +++ b/README.md @@ -126,11 +126,11 @@ instead a CDN is used, use `CDN`. `ProxyMethod` is the name of the proxy method you are using. This must match one of the entries in the server's `ProxyBook` exactly. -`EncryptionMethod` is the name of the encryption algorithm you want Cloak to use. Options are `plain`, `aes-gcm` -and `chacha20-poly1305`. Note: Cloak isn't intended to provide transport security. The point of encryption is to hide -fingerprints of proxy protocols and render the payload statistically random-like. **You may only leave it as `plain` if -you are certain that your underlying proxy tool already provides BOTH encryption and authentication (via AEAD or similar -techniques).** +`EncryptionMethod` is the name of the encryption algorithm you want Cloak to use. Options are `plain`, `aes-256-gcm` ( +synonymous to `aes-gcm`), `aes-128-gcm`, and `chacha20-poly1305`. Note: Cloak isn't intended to provide transport +security. The point of encryption is to hide fingerprints of proxy protocols and render the payload statistically +random-like. **You may only leave it as `plain` if you are certain that your underlying proxy tool already provides BOTH +encryption and authentication (via AEAD or similar techniques).** `ServerName` is the domain you want to make your ISP or firewall _think_ you are visiting. Ideally it should match `RedirAddr` in the server's configuration, a major site the censor allows, but it doesn't have to. diff --git a/internal/client/state.go b/internal/client/state.go index f942ad3..c26f839 100644 --- a/internal/client/state.go +++ b/internal/client/state.go @@ -164,7 +164,10 @@ func (raw *RawConfig) ProcessRawConfig(worldState common.WorldState) (local Loca case "plain": auth.EncryptionMethod = mux.EncryptionMethodPlain case "aes-gcm": - auth.EncryptionMethod = mux.EncryptionMethodAESGCM + case "aes-256-gcm": + auth.EncryptionMethod = mux.EncryptionMethodAES256GCM + case "aes-128-gcm": + auth.EncryptionMethod = mux.EncryptionMethodAES128GCM case "chacha20-poly1305": auth.EncryptionMethod = mux.EncryptionMethodChaha20Poly1305 default: diff --git a/internal/multiplex/obfs.go b/internal/multiplex/obfs.go index 97b2cd9..8ec0d5b 100644 --- a/internal/multiplex/obfs.go +++ b/internal/multiplex/obfs.go @@ -21,8 +21,9 @@ const salsa20NonceSize = 8 const ( EncryptionMethodPlain = iota - EncryptionMethodAESGCM + EncryptionMethodAES256GCM EncryptionMethodChaha20Poly1305 + EncryptionMethodAES128GCM ) // Obfuscator is responsible for serialisation, obfuscation, and optional encryption of data frames. @@ -171,7 +172,7 @@ func MakeObfuscator(encryptionMethod byte, sessionKey [32]byte) (obfuscator Obfu case EncryptionMethodPlain: payloadCipher = nil obfuscator.maxOverhead = salsa20NonceSize - case EncryptionMethodAESGCM: + case EncryptionMethodAES256GCM: var c cipher.Block c, err = aes.NewCipher(sessionKey[:]) if err != nil { @@ -182,6 +183,17 @@ func MakeObfuscator(encryptionMethod byte, sessionKey [32]byte) (obfuscator Obfu return } obfuscator.maxOverhead = payloadCipher.Overhead() + case EncryptionMethodAES128GCM: + var c cipher.Block + c, err = aes.NewCipher(sessionKey[:16]) + if err != nil { + return + } + payloadCipher, err = cipher.NewGCM(c) + if err != nil { + return + } + obfuscator.maxOverhead = payloadCipher.Overhead() case EncryptionMethodChaha20Poly1305: payloadCipher, err = chacha20poly1305.New(sessionKey[:]) if err != nil { @@ -189,7 +201,7 @@ func MakeObfuscator(encryptionMethod byte, sessionKey [32]byte) (obfuscator Obfu } obfuscator.maxOverhead = payloadCipher.Overhead() default: - return obfuscator, errors.New("Unknown encryption method") + return obfuscator, fmt.Errorf("unknown encryption method valued %v", encryptionMethod) } if payloadCipher != nil { diff --git a/internal/multiplex/obfs_test.go b/internal/multiplex/obfs_test.go index 2bee633..78a760d 100644 --- a/internal/multiplex/obfs_test.go +++ b/internal/multiplex/obfs_test.go @@ -46,8 +46,16 @@ func TestGenerateObfs(t *testing.T) { run(obfuscator, t) } }) - t.Run("aes-gcm", func(t *testing.T) { - obfuscator, err := MakeObfuscator(EncryptionMethodAESGCM, sessionKey) + t.Run("aes-256-gcm", func(t *testing.T) { + obfuscator, err := MakeObfuscator(EncryptionMethodAES256GCM, sessionKey) + if err != nil { + t.Errorf("failed to generate obfuscator %v", err) + } else { + run(obfuscator, t) + } + }) + t.Run("aes-128-gcm", func(t *testing.T) { + obfuscator, err := MakeObfuscator(EncryptionMethodAES128GCM, sessionKey) if err != nil { t.Errorf("failed to generate obfuscator %v", err) } else { diff --git a/internal/multiplex/session_test.go b/internal/multiplex/session_test.go index 990437a..ebd305e 100644 --- a/internal/multiplex/session_test.go +++ b/internal/multiplex/session_test.go @@ -44,7 +44,7 @@ func TestRecvDataFromRemote(t *testing.T) { encryptionMethods := map[string]Obfuscator{ "plain": MakeObfuscatorUnwrap(EncryptionMethodPlain, sessionKey), - "aes-gcm": MakeObfuscatorUnwrap(EncryptionMethodAESGCM, sessionKey), + "aes-gcm": MakeObfuscatorUnwrap(EncryptionMethodAES256GCM, sessionKey), "chacha20-poly1305": MakeObfuscatorUnwrap(EncryptionMethodChaha20Poly1305, sessionKey), } @@ -430,7 +430,8 @@ func BenchmarkRecvDataFromRemote_Ordered(b *testing.B) { table := map[string]byte{ "plain": EncryptionMethodPlain, - "aes-gcm": EncryptionMethodAESGCM, + "aes-256-gcm": EncryptionMethodAES256GCM, + "aes-128-gcm": EncryptionMethodAES128GCM, "chacha20poly1305": EncryptionMethodChaha20Poly1305, } @@ -466,7 +467,8 @@ func BenchmarkMultiStreamWrite(b *testing.B) { table := map[string]byte{ "plain": EncryptionMethodPlain, - "aes-gcm": EncryptionMethodAESGCM, + "aes-256-gcm": EncryptionMethodAES256GCM, + "aes-128-gcm": EncryptionMethodAES128GCM, "chacha20poly1305": EncryptionMethodChaha20Poly1305, } diff --git a/internal/multiplex/stream_test.go b/internal/multiplex/stream_test.go index 0435557..eb13bc8 100644 --- a/internal/multiplex/stream_test.go +++ b/internal/multiplex/stream_test.go @@ -39,7 +39,8 @@ func BenchmarkStream_Write_Ordered(b *testing.B) { eMethods := map[string]byte{ "plain": EncryptionMethodPlain, "chacha20-poly1305": EncryptionMethodChaha20Poly1305, - "aes-gcm": EncryptionMethodAESGCM, + "aes-256-gcm": EncryptionMethodAES256GCM, + "aes-128-gcm": EncryptionMethodAES128GCM, } for name, method := range eMethods { diff --git a/internal/server/dispatcher.go b/internal/server/dispatcher.go index 80ee28c..9daa772 100644 --- a/internal/server/dispatcher.go +++ b/internal/server/dispatcher.go @@ -175,7 +175,13 @@ func dispatchConnection(conn net.Conn, sta *State) { common.RandRead(sta.WorldState.Rand, sessionKey[:]) obfuscator, err := mux.MakeObfuscator(ci.EncryptionMethod, sessionKey) if err != nil { - log.Error(err) + log.WithFields(log.Fields{ + "remoteAddr": conn.RemoteAddr(), + "UID": b64(ci.UID), + "sessionId": ci.SessionId, + "proxyMethod": ci.ProxyMethod, + "encryptionMethod": ci.EncryptionMethod, + }).Error(err) goWeb() return } diff --git a/internal/test/integration_test.go b/internal/test/integration_test.go index dbf7c14..22935b2 100644 --- a/internal/test/integration_test.go +++ b/internal/test/integration_test.go @@ -518,7 +518,8 @@ func BenchmarkIntegration(b *testing.B) { encryptionMethods := map[string]byte{ "plain": mux.EncryptionMethodPlain, "chacha20-poly1305": mux.EncryptionMethodChaha20Poly1305, - "aes-gcm": mux.EncryptionMethodAESGCM, + "aes-256-gcm": mux.EncryptionMethodAES256GCM, + "aes-128-gcm": mux.EncryptionMethodAES128GCM, } for name, method := range encryptionMethods {