obfs4

package module
v2.2.22 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 11, 2022 License: MIT Imports: 32 Imported by: 2

README

obfs4

This is a look-like nothing obfuscation protocol that incorporates ideas and concepts from Philipp Winter's ScrambleSuit protocol. The obfs naming was chosen primarily because it was shorter, in terms of protocol ancestery obfs4 is much closer to ScrambleSuit than obfs2/obfs3.

The notable differences between ScrambleSuit and obfs4:

  • The handshake always does a full key exchange (no such thing as a Session Ticket Handshake).
  • The handshake uses the Tor Project's ntor handshake with public keys obfuscated via the Elligator 2 mapping.
  • The link layer encryption uses NaCl secret boxes (Poly1305/XSalsa20).
  • As an added bonus, obfs4proxy also supports acting as an obfs2/3 client and bridge to ease the transition to the new protocol.

Using obfs4

Go Version:

obfs4 is one of the transports available in the Shapeshifter-Transports library.

  1. First, you need to create a dialer dialer := proxy.Direct

  2. Create an instance of an obfs4 server obfs4Transport := obfs4.Transport{ CertString: "InsertCertStringHere", IatMode: 0 or 1, Address: "InsertAddressHere", Dialer: dialer,}

  3. Call Dial on obfs4Transport: _, err := obfs4Transport.Dial()

Documentation

Overview

Package obfs4 provides an implementation of the Tor Project's obfs4 obfuscation protocol.

Index

Constants

This section is empty.

Variables

View Source 
var ErrInvalidHandshake = errors.New("handshake: Failed to find M_[C,S]")

ErrInvalidHandshake is the error returned when the obfs4 handshake fails due to the peer not sending the correct mark. This error is fatal and the connection MUST be dropped.

View Source 
var ErrMarkNotFoundYet = errors.New("handshake: M_[C,S] not found yet")

ErrMarkNotFoundYet is the error returned when the obfs4 handshake is incomplete and requires more data to continue. This error is non-fatal and is the equivalent to EAGAIN/EWOULDBLOCK.

View Source 
var ErrNtorFailed = errors.New("handshake: ntor handshake failure")

ErrNtorFailed is the error returned when the ntor handshake fails. This error is fatal and the connection MUST be dropped.

View Source 
var ErrReplayedHandshake = errors.New("handshake: Replay detected")

ErrReplayedHandshake is the error returned when the obfs4 handshake fails due it being replayed. This error is fatal and the connection MUST be dropped.

Functions

func RunLocalObfs4Server added in v2.1.12 

func RunLocalObfs4Server(data string) bool

RunLocalObfs4Server runs the server side in the background for the test

Types

type ClientArgs added in v2.1.12 

type ClientArgs struct {
	// contains filtered or unexported fields
}

ClientArgs contains arguments for client side

type Config 

type Config struct {
	CertString string `json:"cert"`
	IatMode    string `json:"iat-mode"`
}

Config contains arguments formatted for a json file

type InvalidAuthError 

type InvalidAuthError struct {
	Derived  *ntor.Auth
	Received *ntor.Auth
}

InvalidAuthError is the error returned when the ntor AUTH tags do not match. This error is fatal and the connection MUST be dropped.

func (*InvalidAuthError) Error 

func (e *InvalidAuthError) Error() string

type InvalidMacError 

type InvalidMacError struct {
	Derived  []byte
	Received []byte
}

InvalidMacError is the error returned when the handshake MACs do not match. This error is fatal and the connection MUST be dropped.

func (*InvalidMacError) Error 

func (e *InvalidMacError) Error() string

type InvalidPacketLengthError 

type InvalidPacketLengthError int

InvalidPacketLengthError is the error returned when decodePacket detects a invalid packet length/

func (InvalidPacketLengthError) Error 

func (e InvalidPacketLengthError) Error() string

type InvalidPayloadLengthError 

type InvalidPayloadLengthError int

InvalidPayloadLengthError is the error returned when decodePacket rejects the payload length.

func (InvalidPayloadLengthError) Error 

func (e InvalidPayloadLengthError) Error() string

type OptimizerTransport added in v2.1.12 

type OptimizerTransport struct {
	CertString string
	IatMode    int
	Address    string
	Dialer     proxy.Dialer
}

OptimizerTransport contains parameters to be used in Optimizer

func (OptimizerTransport) Dial added in v2.1.12 

func (transport OptimizerTransport) Dial() (net.Conn, error)

Dial creates outgoing transport connection

type ServerFactory added in v2.1.12 

type ServerFactory struct {
	// contains filtered or unexported fields
}

ServerFactory contains arguments for server side

type Transport 

type Transport struct {
	// contains filtered or unexported fields
}

Transport that uses the obfs4 protocol to shapeshift the application network traffic

func NewObfs4Client 

func NewObfs4Client(certString string, iatMode int, dialer proxy.Dialer) (*Transport, error)

NewObfs4Client initializes the obfs4 client side

func NewObfs4Server 

func NewObfs4Server(stateDir string) (*Transport, error)

NewObfs4Server initializes the obfs4 server side

func RunObfs4Client added in v2.1.12 

func RunObfs4Client() (*Transport, error)

RunObfs4Client runs the client side in the background for the test

func (*Transport) Close added in v2.1.12 

func (transport *Transport) Close() error

Close closes the transport listener.

func (*Transport) Dial 

func (transport *Transport) Dial(address string) (net.Conn, error)

Dial creates outgoing transport connection

func (*Transport) Listen added in v2.1.12 

func (transport *Transport) Listen(address string) net.Listener

Listen creates listener for incoming transport connection

Source Files

View all Source files

Directories

Path Synopsis
Package framing implements the obfs4 link framing and cryptography.
 Package framing implements the obfs4 link framing and cryptography.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.