obfs

package
v0.0.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 26, 2025 License: MIT, MIT Imports: 10 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var ErrPSKTooShort = fmt.Errorf("PSK must be at least %d bytes", smPSKMinLen)

Functions

func WrapPacketConn 

func WrapPacketConn(conn net.PacketConn, obfs Obfuscator) net.PacketConn

WrapPacketConn enables obfuscation on a net.PacketConn. The obfuscation is transparent to the caller - the n bytes returned by ReadFrom and WriteTo are the number of original bytes, not after obfuscation/deobfuscation.

Types

type ChameleonObfuscator added in v0.0.1 

type ChameleonObfuscator struct {
	PSK []byte // Pre-shared key. Used to derive the actual ChaCha20 key.
}

ChameleonObfuscator implements authenticated encryption using ChaCha20-Poly1305. It derives a unique key for each packet from a pre-shared key (PSK) and a per-packet random nonce. The nonce is prepended to the ciphertext. This provides strong confidentiality and integrity.

func NewChameleonObfuscator added in v0.0.1 

func NewChameleonObfuscator(psk []byte) (*ChameleonObfuscator, error)

NewChameleonObfuscator creates a new ChameleonObfuscator instance. psk: The pre-shared key used to derive the ChaCha20 key. It must not be empty.

func (*ChameleonObfuscator) Deobfuscate added in v0.0.1 

func (o *ChameleonObfuscator) Deobfuscate(in, out []byte) int

Deobfuscate decrypts the input byte slice 'in' and writes the result to 'out'. It extracts the nonce, derives the key, and attempts to decrypt the payload. If decryption fails (e.g., due to data corruption or tampering, indicated by authentication failure), it returns 0 to signal an invalid packet. Returns the number of bytes written to 'out'. If 'in' is invalid or 'out' is too small, returns 0.

func (*ChameleonObfuscator) Obfuscate added in v0.0.1 

func (o *ChameleonObfuscator) Obfuscate(in, out []byte) int

Obfuscate encrypts the input byte slice 'in' and writes the result to 'out'. It generates a random nonce, derives a ChaCha20 key from the PSK, encrypts 'in' with the nonce, and prepends the nonce to the resulting ciphertext (which includes the auth tag). Returns the number of bytes written to 'out'. If 'out' is too small, returns 0.

type Obfuscator 

type Obfuscator interface {
	Obfuscate(in, out []byte) int
	Deobfuscate(in, out []byte) int
}

Obfuscator is the interface that wraps the Obfuscate and Deobfuscate methods. Both methods return the number of bytes written to out. If a packet is not valid, the methods should return 0.

func NewObfuscatorFromConfig added in v0.0.1 

func NewObfuscatorFromConfig(cfg ObfuscatorConfig) (Obfuscator, error)

NewObfuscatorFromConfig is a factory function that creates and returns an Obfuscator interface instance based on the provided configuration. It centralizes the instantiation logic for different obfuscation protocols.

type ObfuscatorConfig added in v0.0.1 

type ObfuscatorConfig struct {
	Type     string `mapstructure:"type"`     // Type of the obfuscator (e.g., "salamander", "scramble", "chameleon")
	Password string `mapstructure:"password"` // Pre-shared key/password used by the obfuscator

}

ObfuscatorConfig defines the common configuration structure for all obfuscators. This allows for unified configuration parsing.

type SalamanderObfuscator 

type SalamanderObfuscator struct {
	PSK     []byte
	RandSrc *rand.Rand
	// contains filtered or unexported fields
}

SalamanderObfuscator is an obfuscator that obfuscates each packet with the BLAKE2b-256 hash of a pre-shared key combined with a random salt. Packet format: [8-byte salt][payload]

func NewSalamanderObfuscator 

func NewSalamanderObfuscator(psk []byte) (*SalamanderObfuscator, error)

func (*SalamanderObfuscator) Deobfuscate 

func (o *SalamanderObfuscator) Deobfuscate(in, out []byte) int

func (*SalamanderObfuscator) Obfuscate 

func (o *SalamanderObfuscator) Obfuscate(in, out []byte) int

type ScrambleObfuscator added in v0.0.1 

type ScrambleObfuscator struct {
	PSK []byte // Pre-shared key for key derivation
}

ScrambleObfuscator implements a simple counter-based stream cipher obfuscation. It uses a per-packet random nonce and a pre-shared key (PSK) to derive an evolving key stream for each block of the packet.

func NewScrambleObfuscator added in v0.0.1 

func NewScrambleObfuscator(psk []byte) (*ScrambleObfuscator, error)

NewScrambleObfuscator creates a new ScrambleObfuscator instance. psk: The pre-shared key used for obfuscation. It must not be empty.

func (*ScrambleObfuscator) Deobfuscate added in v0.0.1 

func (o *ScrambleObfuscator) Deobfuscate(in, out []byte) int

Deobfuscate deobfuscates the input byte slice 'in' and writes the result to 'out'. It extracts the nonce, re-derives the same evolving key stream, and XORs the payload to restore the original data. Returns the number of bytes written to 'out'. If 'in' is invalid or 'out' is too small, returns 0.

func (*ScrambleObfuscator) Obfuscate added in v0.0.1 

func (o *ScrambleObfuscator) Obfuscate(in, out []byte) int

Obfuscate obfuscates the input byte slice 'in' and writes the result to 'out'. It prepends a random nonce, then XORs payload blocks with an evolving key derived from the PSK and the current nonce counter. Returns the number of bytes written to 'out'. If 'out' is too small, returns 0.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.