Let's start with a 15 minutes ugly PoC hack before going to bed

Who said the DNSCrypt protocol was "complex"?
2025-04-06 14:47:35 +03:00 · 2018-01-09 00:24:51 +01:00 · 2018-01-09 00:24:51 +01:00 · b076e01f7a
commit b076e01f7a
parent 9653ab395c
4 changed files with 346 additions and 0 deletions
--- a/common.go
+++ b/common.go
@ -0,0 +1,57 @@
+package main
+
+import (
+	"errors"
+	"time"
+)
+
+type CryptoConstruction uint16
+
+const (
+	UndefinedConstruction CryptoConstruction = iota
+	XSalsa20Poly1305
+	XChacha20Poly1305
+)
+
+type ServerParams struct {
+	CertInfo CertInfo
+}
+
+var (
+	CertMagic              = [4]byte{0x44, 0x4e, 0x53, 0x43}
+	ServerMagic            = [8]byte{0x72, 0x36, 0x66, 0x6e, 0x76, 0x57, 0x6a, 0x38}
+	MinDNSPacketSize       = uint(12)
+	MaxDNSPacketSize       = uint(4096)
+	InitialMinQuestionSize = uint(128)
+	TimeoutMin             = 1 * time.Second
+	TimeoutMax             = 5 * time.Second
+)
+
+func HasTCFlag(packet []byte) bool {
+	return packet[2]&2 == 2
+}
+
+func Pad(packet []byte, minSize uint) []byte {
+	packet = append(packet, 0x80)
+	for uint(len(packet)) < minSize {
+		packet = append(packet, 0)
+	}
+	return packet
+}
+
+func Unpad(packet []byte) ([]byte, error) {
+	i := len(packet)
+	for {
+		if i == 0 {
+			return nil, errors.New("Invalid padding (short packet)")
+		}
+		i--
+		if packet[i] == 0x80 {
+			break
+		}
+		if packet[i] != 0x00 {
+			return nil, errors.New("Invalid padding (delimiter not found)")
+		}
+	}
+	return packet[:i], nil
+}