obfs4

package module
v0.0.0-...-cac72fb Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 18, 2020 License: BSD-2-Clause, BSD-3-Clause Imports: 29 Imported by: 17

README

obfs4

This is a look-like nothing obfuscation protocol that incorporates ideas and concepts from Philipp Winter's ScrambleSuit protocol. The obfs naming was chosen primarily because it was shorter, in terms of protocol ancestery obfs4 is much closer to ScrambleSuit than obfs2/obfs3.

The notable differences between ScrambleSuit and obfs4:

  • The handshake always does a full key exchange (no such thing as a Session Ticket Handshake).
  • The handshake uses the Tor Project's ntor handshake with public keys obfuscated via the Elligator 2 mapping.
  • The link layer encryption uses NaCl secret boxes (Poly1305/XSalsa20).
  • As an added bonus, obfs4proxy also supports acting as an obfs2/3 client and bridge to ease the transition to the new protocol.

Using obfs4

Go Version:

obfs4 is one of the transports available in the Shapeshifter-Transports library.

  1. First, you need to create a dialer dialer := proxy.Direct

  2. Create an instance of an obfs4 server obfs4Transport := obfs4.Transport{ CertString: "InsertCertStringHere", IatMode: 0 or 1, Address: "InsertAddressHere", Dialer: dialer,}

  3. Call Dial on obfs4Transport: _, err := obfs4Transport.Dial()

Documentation

Overview

Package obfs4 provides an implementation of the Tor Project's obfs4 obfuscation protocol.

Index

Constants

This section is empty.

Variables

View Source 
var ErrInvalidHandshake = errors.New("handshake: Failed to find M_[C,S]")

ErrInvalidHandshake is the error returned when the obfs4 handshake fails due to the peer not sending the correct mark. This error is fatal and the connection MUST be dropped.

View Source 
var ErrMarkNotFoundYet = errors.New("handshake: M_[C,S] not found yet")

ErrMarkNotFoundYet is the error returned when the obfs4 handshake is incomplete and requires more data to continue. This error is non-fatal and is the equivalent to EAGAIN/EWOULDBLOCK.

View Source 
var ErrNtorFailed = errors.New("handshake: ntor handshake failure")

ErrNtorFailed is the error returned when the ntor handshake fails. This error is fatal and the connection MUST be dropped.

View Source 
var ErrReplayedHandshake = errors.New("handshake: Replay detected")

ErrReplayedHandshake is the error returned when the obfs4 handshake fails due it being replayed. This error is fatal and the connection MUST be dropped.

Functions

This section is empty.

Types

type Config 

type Config struct {
	CertString string `json:"cert"`
	IatMode    string `json:"iat-mode"`
}

type InvalidAuthError 

type InvalidAuthError struct {
	Derived  *ntor.Auth
	Received *ntor.Auth
}

InvalidAuthError is the error returned when the ntor AUTH tags do not match. This error is fatal and the connection MUST be dropped.

func (*InvalidAuthError) Error 

func (e *InvalidAuthError) Error() string

type InvalidMacError 

type InvalidMacError struct {
	Derived  []byte
	Received []byte
}

InvalidMacError is the error returned when the handshake MACs do not match. This error is fatal and the connection MUST be dropped.

func (*InvalidMacError) Error 

func (e *InvalidMacError) Error() string

type InvalidPacketLengthError 

type InvalidPacketLengthError int

InvalidPacketLengthError is the error returned when decodePacket detects a invalid packet length/

func (InvalidPacketLengthError) Error 

func (e InvalidPacketLengthError) Error() string

type InvalidPayloadLengthError 

type InvalidPayloadLengthError int

InvalidPayloadLengthError is the error returned when decodePacket rejects the payload length.

func (InvalidPayloadLengthError) Error 

func (e InvalidPayloadLengthError) Error() string

type Obfs4ClientArgs 

type Obfs4ClientArgs struct {
	// contains filtered or unexported fields
}

type Obfs4ServerFactory 

type Obfs4ServerFactory struct {
	// contains filtered or unexported fields
}

type Obfs4Transport 

type Obfs4Transport struct {
	// contains filtered or unexported fields
}

Transport that uses the obfs4 protocol to shapeshift the application network traffic

func NewObfs4Client 

func NewObfs4Client(certString string, iatMode int, dialer proxy.Dialer) (*Obfs4Transport, error)

func NewObfs4Server 

func NewObfs4Server(stateDir string) (*Obfs4Transport, error)

func (*Obfs4Transport) Close 

func (transport *Obfs4Transport) Close() error

func (*Obfs4Transport) Dial 

func (transport *Obfs4Transport) Dial(address string) (net.Conn, error)

Create outgoing transport connection

func (*Obfs4Transport) Listen 

func (transport *Obfs4Transport) Listen(address string) net.Listener

end code added from optimizer Create listener for incoming transport connection

type Transport 

type Transport struct {
	CertString string
	IatMode    int
	Address    string
	Dialer     proxy.Dialer
}

begin code added from optimizer

func (Transport) Dial 

func (transport Transport) Dial() (net.Conn, error)

Source Files

View all Source files

Directories

Path Synopsis
Package framing implements the obfs4 link framing and cryptography.
 Package framing implements the obfs4 link framing and cryptography.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.