Documentation
¶
Overview ¶
Package crypto provides encryption, decryption, and obfuscation for Asymptote.
Index ¶
- Constants
- Variables
- func BuildChangeCipherSpec() []byte
- func BuildFakeClientFinished() ([]byte, error)
- func BuildFakeEncryptedExtensions() ([]byte, error)
- func DeriveHeaderKey(sessionKey []byte) []byte
- func GenerateKey() ([]byte, error)
- func ParseClientHello(data []byte) (peerPublicKey *ecdh.PublicKey, err error)
- func XORBytes(data []byte, key []byte, counter uint32) []byte
- type Handshaker
- type Session
Constants ¶
const HandshakeTimeout = 10 * time.Second
HandshakeTimeout is the maximum time allowed for the handshake.
const MaxPadding = 255
MaxPadding is the maximum random padding bytes added to each packet.
Variables ¶
var ( ErrDecryptionFailed = errors.New("asymptote/crypto: decryption failed") ErrInvalidPayload = errors.New("asymptote/crypto: invalid payload") ErrKeyLength = errors.New("asymptote/crypto: key must be 32 bytes") )
Errors for crypto operations.
var ( ErrHandshakeFailed = errors.New("asymptote/crypto: handshake failed") ErrInvalidHello = errors.New("asymptote/crypto: invalid client hello") ErrInvalidResponse = errors.New("asymptote/crypto: invalid server response") ErrHandshakeTimeout = errors.New("asymptote/crypto: handshake timeout") )
Handshake errors.
Functions ¶
func BuildChangeCipherSpec ¶
func BuildChangeCipherSpec() []byte
BuildChangeCipherSpec creates a fake TLS ChangeCipherSpec message. This is a single-byte message (0x01) wrapped in a TLS record with content type 0x14. In real TLS 1.3, this is sent for backward compatibility.
func BuildFakeClientFinished ¶
BuildFakeClientFinished creates a fake client Finished message. Mimics the encrypted Finished message sent by the client in TLS 1.3.
func BuildFakeEncryptedExtensions ¶
BuildFakeEncryptedExtensions creates a fake encrypted extensions message. After ChangeCipherSpec, all further TLS messages appear encrypted. We send random data in an Application Data record to mimic this.
func DeriveHeaderKey ¶
DeriveHeaderKey derives a 32-byte key for header encryption from the session key. Uses SHA-256(sessionKey || "asymptote-header-key") as a simple KDF.
func GenerateKey ¶
GenerateKey generates a random 32-byte key for ChaCha20-Poly1305.
func ParseClientHello ¶
ParseClientHello verifies that the received data looks like a TLS 1.3 ClientHello and extracts the X25519 public key from the key_share extension.
Types ¶
type Handshaker ¶
type Handshaker struct {
// contains filtered or unexported fields
}
Handshaker performs the initial key exchange disguised as a TLS 1.3 handshake.
func NewHandshaker ¶
func NewHandshaker(sni string) (*Handshaker, error)
NewHandshaker creates a new handshaker with the given SNI (Server Name Indication).
func (*Handshaker) BuildClientHello ¶
func (h *Handshaker) BuildClientHello() ([]byte, error)
BuildClientHello creates a packet that mimics a TLS 1.3 ClientHello byte-for-byte. This is designed to fool DPI systems into thinking it's regular HTTPS traffic.
func (*Handshaker) BuildServerHello ¶
func (h *Handshaker) BuildServerHello() ([]byte, error)
BuildServerHello creates a server response that looks like a TLS 1.3 ServerHello. It includes the server's X25519 public key.
func (*Handshaker) DeriveSessionKey ¶
func (h *Handshaker) DeriveSessionKey(peerPublicKey *ecdh.PublicKey) ([]byte, error)
DeriveSessionKey performs X25519 key exchange and derives a 32-byte session key.
type Session ¶
type Session struct {
// contains filtered or unexported fields
}
Session holds the AEAD cipher and related state for a connection.
func NewSession ¶
NewSession creates a new crypto session with the given 32-byte key.
func (*Session) Open ¶
Open decrypts ciphertext and removes padding. Input format: [Nonce:12][Ciphertext+Tag]
Source Files