1 files changed, 62 insertions, 0 deletions

diff --git a/scripts/gen-shapeshifter-state.py b/scripts/gen-shapeshifter-state.py
new file mode 100755
index 0000000..e7b1ff2
--- /dev/null
+++ b/scripts/gen-shapeshifter-state.py
@@ -0,0 +1,62 @@
+#!/usr/bin/env python3
+"""
+Generates the Curve25519 keypair that is needed by the shapeshifter-dispatcher
+server.
+
+Depends on python3-axolotl-curve25519 package.
+"""
+
+import base64
+import json
+import os
+
+import pysodium
+import binascii
+
+BRIDGE_PREAMBLE = "Bridge obfs4 <IP ADDRESS>:<PORT> <FINGERPRINT> cert="
+BRIDGE_END = " iat-mode=0"
+
+
+def generate(statedir):
+    try:
+        os.makedirs(statedir)
+    except Exception:
+        pass
+    print("[+] Generating shapeshifter parameters...")
+
+    public, private = pysodium.crypto_box_keypair()
+
+    priv_hex = binascii.b2a_hex(private)
+    pub_hex = binascii.b2a_hex(public)
+    node_id = os.urandom(20)
+    node_id_hex = binascii.b2a_hex(node_id)
+    drbg_seed = os.urandom(24)
+
+    def tostr(b):
+        return b.decode('utf-8')
+
+    with open(statedir + '/obfs4_state.json', 'w') as state:
+        state.write(json.dumps({
+            'node-id': tostr(node_id_hex),
+            'private-key': tostr(priv_hex),
+            'public-key': tostr(pub_hex),
+            'drbg-seed': tostr(binascii.b2a_hex(drbg_seed)),
+            'iat-mode': 0}))
+
+    cert = base64.b64encode(node_id + pub_hex)
+    print("CERT:", cert)
+
+    with open(statedir + '/obfs4_cert.txt', 'w') as certf:
+        certf.write(tostr(cert).rstrip('='))
+
+    with open(statedir + '/obfs4_bridgeline.txt', 'w') as bridgef:
+        bridgef.write(BRIDGE_PREAMBLE + tostr(cert) + BRIDGE_END)
+    print("[+] done")
+
+
+if __name__ == "__main__":
+    import argparse
+    parser = argparse.ArgumentParser()
+    parser.add_argument("statedir")
+    args = parser.parse_args()
+    generate(args.statedir)