diff options
author | Yawning Angel <yawning@schwanenlied.me> | 2014-06-02 17:50:01 +0000 |
---|---|---|
committer | Yawning Angel <yawning@schwanenlied.me> | 2014-06-02 17:50:01 +0000 |
commit | 5bdc376e2abaf5ac87816b763f5b26e314ee9536 (patch) | |
tree | 8746291873e187d7783116a2c9758bab23da5eb1 /obfs4.go | |
parent | 5cb3369e200c72aa23c3f86816cb854c35cc95cb (diff) |
Change how the length obfsucation mask is derived.
Instead of using the nonce for the secret box, just use SipHash-2-4 in
OFB mode instead. The IV is generated as part of the KDF. This
simplifies the code a decent amount and also is better on the off
chance that SipHash-2-4 does not avalanche as well as it is currently
assumed.
While here, also decouple the fact that *this implementation* of obfs4
uses a PRNG with 24 bytes of internal state for protocol polymorphism
instead of 32 bytes (that the spec requires).
THIS CHANGE BREAKS WIRE PROTCOL COMPATIBILITY.
Diffstat (limited to 'obfs4.go')
-rw-r--r-- | obfs4.go | 12 |
1 files changed, 10 insertions, 2 deletions
@@ -34,6 +34,7 @@ package obfs4 import ( "bytes" "crypto/sha256" + "encoding/base64" "fmt" "io" "math/rand" @@ -47,6 +48,8 @@ import ( ) const ( + // SeedLength is the length of the obfs4 polymorphism seed. + SeedLength = 32 headerLength = framing.FrameOverhead + packetOverhead connectionTimeout = time.Duration(30) * time.Second @@ -299,7 +302,7 @@ func (c *Obfs4Conn) serverHandshake(nodeID *ntor.NodeID, keypair *ntor.Keypair) c.state = stateEstablished // Send the PRNG seed as the first packet. - err = c.producePacket(&frameBuf, packetTypePrngSeed, c.listener.seed.Bytes()[:], 0) + err = c.producePacket(&frameBuf, packetTypePrngSeed, c.listener.rawSeed, 0) if err != nil { return } @@ -611,6 +614,7 @@ type Obfs4Listener struct { keyPair *ntor.Keypair nodeID *ntor.NodeID + rawSeed []byte seed *drbg.Seed iatSeed *drbg.Seed iatObfuscation bool @@ -716,7 +720,11 @@ func ListenObfs4(network, laddr, nodeID, privateKey, seed string, iatObfuscation if err != nil { return nil, err } - l.seed, err = drbg.SeedFromBase64(seed) + l.rawSeed, err = base64.StdEncoding.DecodeString(seed) + if err != nil { + return nil, err + } + l.seed, err = drbg.SeedFromBytes(l.rawSeed) if err != nil { return nil, err } |