From 939901a89abb169648423473056260335d3af639 Mon Sep 17 00:00:00 2001 From: cyBerta Date: Thu, 6 Apr 2023 01:08:05 +0200 Subject: first pass on obfs4-hop pt integration --- .../bitmaskclient/base/models/GatewayJsonTest.java | 2 +- .../bitmaskclient/base/models/TransportTest.java | 68 ++++++++++++++++++++++ .../bitmaskclient/eip/VpnConfigGeneratorTest.java | 41 ++++++++++--- 3 files changed, 103 insertions(+), 8 deletions(-) create mode 100644 app/src/test/java/se/leap/bitmaskclient/base/models/TransportTest.java (limited to 'app/src/test/java/se') diff --git a/app/src/test/java/se/leap/bitmaskclient/base/models/GatewayJsonTest.java b/app/src/test/java/se/leap/bitmaskclient/base/models/GatewayJsonTest.java index 61275378..801f98ad 100644 --- a/app/src/test/java/se/leap/bitmaskclient/base/models/GatewayJsonTest.java +++ b/app/src/test/java/se/leap/bitmaskclient/base/models/GatewayJsonTest.java @@ -12,7 +12,7 @@ public class GatewayJsonTest { @Test public void testToString() { - String gatewayJSON = "{\"location\":\"Unknown Location\",\"ip_address\":\"1.2.3.4\",\"host\":\"pinned.obfuscation.proxy\",\"capabilities\":{\"adblock\":false,\"filter_dns\":false,\"limited\":false,\"transport\":[{\"type\":\"obfs4\",\"protocols\":[\"tcp\"],\"ports\":[\"1194\"],\"options\":{\"cert\":\"xxxxxxx\",\"iatMode\":\"0\"}}],\"user_ips\":false}}"; + String gatewayJSON = "{\"location\":\"Unknown Location\",\"ip_address\":\"1.2.3.4\",\"host\":\"pinned.obfuscation.proxy\",\"capabilities\":{\"adblock\":false,\"filter_dns\":false,\"limited\":false,\"transport\":[{\"type\":\"obfs4\",\"protocols\":[\"tcp\"],\"ports\":[\"1194\"],\"options\":{\"cert\":\"xxxxxxx\",\"iatMode\":\"0\",\"experimental\":false,\"portSeed\":0,\"portCount\":0}}],\"user_ips\":false}}"; Connection.TransportType transportType = OBFS4; Transport[] transports = new Transport[]{ diff --git a/app/src/test/java/se/leap/bitmaskclient/base/models/TransportTest.java b/app/src/test/java/se/leap/bitmaskclient/base/models/TransportTest.java new file mode 100644 index 00000000..37dfc161 --- /dev/null +++ b/app/src/test/java/se/leap/bitmaskclient/base/models/TransportTest.java @@ -0,0 +1,68 @@ +package se.leap.bitmaskclient.base.models; + +import static se.leap.bitmaskclient.base.models.Constants.CAPABILITIES; +import static se.leap.bitmaskclient.base.models.Constants.TRANSPORT; + +import junit.framework.TestCase; + +import org.json.JSONException; +import org.json.JSONObject; + +import java.io.IOException; + +import de.blinkt.openvpn.core.connection.Connection; +import se.leap.bitmaskclient.testutils.TestSetupHelper; + +public class TransportTest extends TestCase { + + private JSONObject gateway; + + public void test_obfs4_fromJson() throws IOException, JSONException { + gateway = new JSONObject(TestSetupHelper.getInputAsString(getClass().getClassLoader().getResourceAsStream("ptdemo_obfs4hop_tcp_gateways.json"))).getJSONArray("gateways").getJSONObject(2); + JSONObject obfs4Transport = gateway.getJSONObject(CAPABILITIES).getJSONArray(TRANSPORT).getJSONObject(1); + Transport transport = Transport.fromJson(obfs4Transport); + assertEquals("obfs4", transport.getType()); + assertEquals("0", transport.getOptions().getIatMode()); + assertEquals("kcp", transport.getProtocols()[0]); + assertEquals(1, transport.getProtocols().length); + assertEquals("23050", transport.getPorts()[0]); + assertEquals(1, transport.getPorts().length); + assertEquals("XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX1", transport.getOptions().getCert()); + assertNull(transport.getOptions().getEndpoints()); + assertEquals(0, transport.getOptions().getPortCount()); + assertEquals(0, transport.getOptions().getPortSeed()); + assertFalse(transport.getOptions().isExperimental()); + } + + public void test_obfs4hop_fromJson() throws IOException, JSONException { + gateway = new JSONObject(TestSetupHelper.getInputAsString(getClass().getClassLoader().getResourceAsStream("ptdemo_obfs4hop_tcp_gateways.json"))).getJSONArray("gateways").getJSONObject(2); + JSONObject obfs4Transport = gateway.getJSONObject(CAPABILITIES).getJSONArray(TRANSPORT).getJSONObject(2); + Transport transport = Transport.fromJson(obfs4Transport); + assertEquals("obfs4-hop", transport.getType()); + assertEquals(Connection.TransportType.OBFS4_HOP, transport.getTransportType()); + assertEquals("tcp", transport.getProtocols()[0]); + assertEquals(1, transport.getProtocols().length); + assertNull(transport.getPorts()); + assertNull(transport.getOptions().getCert()); + assertNotNull(transport.getOptions().getEndpoints()); + assertEquals(2, transport.getOptions().getEndpoints().length); + assertEquals("CERT1", transport.getOptions().getEndpoints()[0].getCert()); + assertEquals("CERT2", transport.getOptions().getEndpoints()[1].getCert()); + assertEquals("1.1.1.1", transport.getOptions().getEndpoints()[0].getIp()); + assertEquals("2.2.2.2", transport.getOptions().getEndpoints()[1].getIp()); + assertTrue(transport.getOptions().isExperimental()); + } + + public void test_openvpn_fromJson() throws IOException, JSONException { + gateway = new JSONObject(TestSetupHelper.getInputAsString(getClass().getClassLoader().getResourceAsStream("ptdemo_obfs4hop_tcp_gateways.json"))).getJSONArray("gateways").getJSONObject(2); + JSONObject obfs4Transport = gateway.getJSONObject(CAPABILITIES).getJSONArray(TRANSPORT).getJSONObject(0); + Transport transport = Transport.fromJson(obfs4Transport); + assertEquals("openvpn", transport.getType()); + assertEquals(2, transport.getProtocols().length); + assertEquals("tcp", transport.getProtocols()[0]); + assertEquals("udp", transport.getProtocols()[1]); + assertEquals(1, transport.getPorts().length); + assertEquals("1195", transport.getPorts()[0]); + assertNull(transport.getOptions()); + } +} \ No newline at end of file diff --git a/app/src/test/java/se/leap/bitmaskclient/eip/VpnConfigGeneratorTest.java b/app/src/test/java/se/leap/bitmaskclient/eip/VpnConfigGeneratorTest.java index 6b1c5bf3..99e71f05 100644 --- a/app/src/test/java/se/leap/bitmaskclient/eip/VpnConfigGeneratorTest.java +++ b/app/src/test/java/se/leap/bitmaskclient/eip/VpnConfigGeneratorTest.java @@ -9,6 +9,7 @@ import static org.mockito.Mockito.mock; import static org.powermock.api.mockito.PowerMockito.mockStatic; import static org.powermock.api.mockito.PowerMockito.when; import static de.blinkt.openvpn.core.connection.Connection.TransportType.OBFS4; +import static de.blinkt.openvpn.core.connection.Connection.TransportType.OBFS4_HOP; import static de.blinkt.openvpn.core.connection.Connection.TransportType.OPENVPN; import static se.leap.bitmaskclient.base.models.Constants.OPENVPN_CONFIGURATION; import static se.leap.bitmaskclient.testutils.MockHelper.mockTextUtils; @@ -34,6 +35,7 @@ import java.util.HashMap; import de.blinkt.openvpn.VpnProfile; import de.blinkt.openvpn.core.connection.Connection; import de.blinkt.openvpn.core.connection.Obfs4Connection; +import de.blinkt.openvpn.core.connection.Obfs4HopConnection; import se.leap.bitmaskclient.base.utils.ConfigHelper; import se.leap.bitmaskclient.testutils.MockHelper; import se.leap.bitmaskclient.testutils.TestSetupHelper; @@ -1696,9 +1698,8 @@ public class VpnConfigGeneratorTest { configuration.preferUDP = true; vpnConfigGenerator = new VpnConfigGenerator(generalConfig, secrets, gateway, configuration); HashMap vpnProfiles = vpnConfigGenerator.generateVpnProfiles(); - assertTrue(vpnProfiles.containsKey(OBFS4) && ((Obfs4Connection)vpnProfiles.get(OBFS4).mConnections[0]).getDispatcherOptions().udp); + assertTrue(vpnProfiles.containsKey(OBFS4) && ((Obfs4Connection)vpnProfiles.get(OBFS4).mConnections[0]).getObfs4Options().transport.getProtocols()[0].equals("kcp")); assertTrue(vpnProfiles.containsKey(OPENVPN)); - } @Test @@ -1715,16 +1716,20 @@ public class VpnConfigGeneratorTest { } @Test - public void testGenerateVpnProfile_ObfuscationPinningEnabled_obfs4AndOpenvpnProfile () throws Exception { + public void testGenerateVpnProfile_ObfuscationPinningNotEnabled_obfs4AndOpenvpnProfile () throws Exception { gateway = new JSONObject(TestSetupHelper.getInputAsString(getClass().getClassLoader().getResourceAsStream("ptdemo_kcp_gateways.json"))).getJSONArray("gateways").getJSONObject(1); generalConfig = new JSONObject(TestSetupHelper.getInputAsString(getClass().getClassLoader().getResourceAsStream("ptdemo_kcp_gateways.json"))).getJSONObject(OPENVPN_CONFIGURATION); VpnConfigGenerator.Configuration configuration = new VpnConfigGenerator.Configuration(); configuration.apiVersion = 3; - configuration.useObfuscationPinning = true; + configuration.useObfuscationPinning = false; + configuration.obfuscationProxyPort = "443"; + configuration.obfuscationProxyIP = "5.6.7.8"; + configuration.obfuscationProxyCert = "asdfasdf"; + configuration.obfuscationProxyKCP = true; configuration.remoteGatewayIP = "1.2.3.4"; vpnConfigGenerator = new VpnConfigGenerator(generalConfig, secrets, gateway, configuration); HashMap vpnProfiles = vpnConfigGenerator.generateVpnProfiles(); - assertFalse("has no openvpn profile", vpnProfiles.containsKey(OPENVPN)); + assertTrue("has openvpn profile", vpnProfiles.containsKey(OPENVPN)); assertTrue("has obfs4 profile", vpnProfiles.containsKey(OBFS4)); assertTrue("bridge is running KCP", vpnProfiles.get(OBFS4).mGatewayIp.equals("1.2.3.4")); @@ -1747,7 +1752,7 @@ public class VpnConfigGeneratorTest { assertFalse("has openvpn profile", vpnProfiles.containsKey(OPENVPN)); assertTrue("has obfs4 profile", vpnProfiles.containsKey(OBFS4)); assertTrue("bridge is pinned one", vpnProfiles.get(OBFS4).getTransportType() == OBFS4 && !vpnProfiles.get(OBFS4).mConnections[0].isUseUdp() ); - assertTrue("bridge is running KCP", ((Obfs4Connection) vpnProfiles.get(OBFS4).mConnections[0]).getDispatcherOptions().udp == false); + assertTrue("bridge is running TCP", ((Obfs4Connection) vpnProfiles.get(OBFS4).mConnections[0]).getObfs4Options().transport.getProtocols()[0].equals("tcp")); } @Test @@ -1768,7 +1773,29 @@ public class VpnConfigGeneratorTest { assertFalse("has openvpn profile", vpnProfiles.containsKey(OPENVPN)); assertTrue("has no obfs4 profile", vpnProfiles.containsKey(OBFS4)); assertTrue("bridge is pinned one", vpnProfiles.get(OBFS4).getTransportType() == OBFS4 && vpnProfiles.get(OBFS4).mGatewayIp.equals("1.2.3.4")); - assertTrue("bridge is running KCP", ((Obfs4Connection) vpnProfiles.get(OBFS4).mConnections[0]).getDispatcherOptions().udp == true); + assertTrue("bridge is running KCP", ((Obfs4Connection) vpnProfiles.get(OBFS4).mConnections[0]).getObfs4Options().transport.getProtocols()[0].equals("kcp")); + } + @Test + public void testGenerateVpnProfile_obfs4hop_tcp () throws Exception { + gateway = new JSONObject(TestSetupHelper.getInputAsString(getClass().getClassLoader().getResourceAsStream("ptdemo_obfs4hop_tcp_gateways.json"))).getJSONArray("gateways").getJSONObject(2); + generalConfig = new JSONObject(TestSetupHelper.getInputAsString(getClass().getClassLoader().getResourceAsStream("ptdemo_obfs4hop_tcp_gateways.json"))).getJSONObject(OPENVPN_CONFIGURATION); + VpnConfigGenerator.Configuration configuration = new VpnConfigGenerator.Configuration(); + configuration.apiVersion = 3; + vpnConfigGenerator = new VpnConfigGenerator(generalConfig, secrets, gateway, configuration); + HashMap vpnProfiles = vpnConfigGenerator.generateVpnProfiles(); + assertTrue(vpnProfiles.containsKey(OBFS4_HOP) && ((Obfs4HopConnection)vpnProfiles.get(OBFS4_HOP).mConnections[0]).getObfs4Options().transport.getProtocols()[0].equals("tcp")); + assertTrue(vpnProfiles.containsKey(OPENVPN)); } + @Test + public void testGenerateVpnProfile_obfs4hop_kcp () throws Exception { + gateway = new JSONObject(TestSetupHelper.getInputAsString(getClass().getClassLoader().getResourceAsStream("ptdemo_obfs4hop_kcp_gateways.json"))).getJSONArray("gateways").getJSONObject(2); + generalConfig = new JSONObject(TestSetupHelper.getInputAsString(getClass().getClassLoader().getResourceAsStream("ptdemo_obfs4hop_kcp_gateways.json"))).getJSONObject(OPENVPN_CONFIGURATION); + VpnConfigGenerator.Configuration configuration = new VpnConfigGenerator.Configuration(); + configuration.apiVersion = 3; + vpnConfigGenerator = new VpnConfigGenerator(generalConfig, secrets, gateway, configuration); + HashMap vpnProfiles = vpnConfigGenerator.generateVpnProfiles(); + assertTrue(vpnProfiles.containsKey(OBFS4_HOP) && ((Obfs4HopConnection)vpnProfiles.get(OBFS4_HOP).mConnections[0]).getObfs4Options().transport.getProtocols()[0].equals("kcp")); + assertTrue(vpnProfiles.containsKey(OPENVPN)); + } } \ No newline at end of file -- cgit v1.2.3