kirillius
/
Cloak
mirror of https://github.com/cbeuw/Cloak
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fix obfsBuf being too small on closing frame

This commit is contained in:
Andy Wang 2020-10-18 21:37:41 +01:00
parent 1ec11c175a
commit e141323c9d
2 changed files with 10 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
internal/multiplex/obfs.go
View File

@ -20,6 +20,7 @@ var putU32 = binary.BigEndian.PutUint32
var putU64 = binary.BigEndian.PutUint64 var putU64 = binary.BigEndian.PutUint64
const HEADER_LEN = 14 const HEADER_LEN = 14
const salsa20NonceSize = 8
const ( const (
E_METHOD_PLAIN = iota E_METHOD_PLAIN = iota
@ -54,14 +55,14 @@ func MakeObfs(salsaKey [32]byte, payloadCipher cipher.AEAD) Obfser {
} }
var extraLen int var extraLen int
if payloadCipher == nil { if payloadCipher == nil {
extraLen = 8 - payloadLen extraLen = salsa20NonceSize - payloadLen
if extraLen < 0 { if extraLen < 0 {
// if our payload is already greater than 8 bytes // if our payload is already greater than 8 bytes
extraLen = 0 extraLen = 0
} }
} else { } else {
extraLen = payloadCipher.Overhead() extraLen = payloadCipher.Overhead()
if extraLen < 8 { if extraLen < salsa20NonceSize {
return 0, errors.New("AEAD's Overhead cannot be fewer than 8 bytes") return 0, errors.New("AEAD's Overhead cannot be fewer than 8 bytes")
} }
} }
@ -89,10 +90,10 @@ func MakeObfs(salsaKey [32]byte, payloadCipher cipher.AEAD) Obfser {
common.CryptoRandRead(extra) common.CryptoRandRead(extra)
} }
} else { } else {
payloadCipher.Seal(payload[:0], header[:12], payload, nil) payloadCipher.Seal(payload[:0], header[:payloadCipher.NonceSize()], payload, nil)
} }
nonce := buf[usefulLen-8 : usefulLen] nonce := buf[usefulLen-salsa20NonceSize : usefulLen]
salsa20.XORKeyStream(header, header, nonce, &salsaKey) salsa20.XORKeyStream(header, header, nonce, &salsaKey)
return usefulLen, nil return usefulLen, nil
@ -105,7 +106,7 @@ func MakeObfs(salsaKey [32]byte, payloadCipher cipher.AEAD) Obfser {
// information and plaintext // information and plaintext
func MakeDeobfs(salsaKey [32]byte, payloadCipher cipher.AEAD) Deobfser { func MakeDeobfs(salsaKey [32]byte, payloadCipher cipher.AEAD) Deobfser {
// stream header length + minimum data size (i.e. nonce size of salsa20) // stream header length + minimum data size (i.e. nonce size of salsa20)
const minInputLen = HEADER_LEN + 8 const minInputLen = HEADER_LEN + salsa20NonceSize
deobfs := func(in []byte) (*Frame, error) { deobfs := func(in []byte) (*Frame, error) {
if len(in) < minInputLen { if len(in) < minInputLen {
return nil, fmt.Errorf("input size %v, but it cannot be shorter than %v bytes", len(in), minInputLen) return nil, fmt.Errorf("input size %v, but it cannot be shorter than %v bytes", len(in), minInputLen)
@ -114,7 +115,7 @@ func MakeDeobfs(salsaKey [32]byte, payloadCipher cipher.AEAD) Deobfser {
header := in[:HEADER_LEN] header := in[:HEADER_LEN]
pldWithOverHead := in[HEADER_LEN:] // payload + potential overhead pldWithOverHead := in[HEADER_LEN:] // payload + potential overhead
nonce := in[len(in)-8:] nonce := in[len(in)-salsa20NonceSize:]
salsa20.XORKeyStream(header, header, nonce, &salsaKey) salsa20.XORKeyStream(header, header, nonce, &salsaKey)
streamID := u32(header[0:4]) streamID := u32(header[0:4])
@ -136,7 +137,7 @@ func MakeDeobfs(salsaKey [32]byte, payloadCipher cipher.AEAD) Deobfser {
outputPayload = pldWithOverHead[:usefulPayloadLen] outputPayload = pldWithOverHead[:usefulPayloadLen]
} }
} else { } else {
_, err := payloadCipher.Open(pldWithOverHead[:0], header[:12], pldWithOverHead, nil) _, err := payloadCipher.Open(pldWithOverHead[:0], header[:payloadCipher.NonceSize()], pldWithOverHead, nil)
if err != nil { if err != nil {
return nil, err return nil, err
} }
@ -162,7 +163,7 @@ func MakeObfuscator(encryptionMethod byte, sessionKey [32]byte) (obfuscator Obfu
switch encryptionMethod { switch encryptionMethod {
case E_METHOD_PLAIN: case E_METHOD_PLAIN:
payloadCipher = nil payloadCipher = nil
obfuscator.maxOverhead = 0 obfuscator.maxOverhead = salsa20NonceSize
case E_METHOD_AES_GCM: case E_METHOD_AES_GCM:
var c cipher.Block var c cipher.Block
c, err = aes.NewCipher(sessionKey[:]) c, err = aes.NewCipher(sessionKey[:])

2
internal/multiplex/session.go
View File

@ -271,7 +271,7 @@ func (sesh *Session) passiveClose() error {
func genRandomPadding() []byte { func genRandomPadding() []byte {
lenB := make([]byte, 1) lenB := make([]byte, 1)
common.CryptoRandRead(lenB) common.CryptoRandRead(lenB)
pad := make([]byte, lenB[0]) pad := make([]byte, lenB[0]+1)
common.CryptoRandRead(pad) common.CryptoRandRead(pad)
return pad return pad
} }