Merge pull request #2 from refraction-networking/getoutkeystream

Implement GetOutKeystream()
2025-04-03 20:17:36 +03:00 · 2017-09-07 11:40:08 -06:00 · 2017-09-07 11:40:08 -06:00 · 048fc50c2d
commit 048fc50c2d
parent 004572df2e 08a039c453
2 changed files with 12 additions and 0 deletions
--- a/README.md
+++ b/README.md
@ -3,6 +3,7 @@
 ## Low-level access to handshake
 * Read/write access to all bits of client hello message.  
 * Read access to fields of ClientHandshakeState, which, among other things, includes ServerHello and MasterSecret.
+* Read keystream. Can be used to "write" something in ciphertext.
 ## ClientHello fingerprinting resistance
 Golang's ClientHello has a very unique fingerprint, which especially sticks out on mobile clients,
 where Golang is not too popular yet.
--- a/u_conn.go
+++ b/u_conn.go
@ -435,3 +435,14 @@ func (uconn *UConn) MarshalClientHello() error {
 	hello.Raw = helloBuffer.Bytes()
 	return nil
 }
+
+// get current state of cipher and encrypt zeros to get keystream
+func (uconn *UConn) GetOutKeystream(length int) ([]byte, error) {
+	zeros := make([]byte, length)
+
+	if outCipher, ok := uconn.out.cipher.(cipher.AEAD); ok {
+		// AEAD.Seal() does not mutate internal state, other ciphers might
+		return outCipher.Seal(nil, uconn.out.seq[:], zeros, nil), nil
+	}
+	return nil,  errors.New("Could not convert OutCipher to cipher.AEAD")
+}