1 unstable release

0.1.0-alpha.1 Sep 21, 2024

#1072 in Cryptography

MIT/Apache

355KB
7.5K SLoC

Obfs4 - The obfourscator - Pluggable Transport

An implementation of obfs4 in pure rust.

⚠️ 🚧 WARNING This crate is still under construction 🚧 ⚠️

  • interface subject to change at any time
  • Not production ready
    • do not rely on this for any security critical applications

Installation

To install, add the following to your project's Cargo.toml:

[dependencies]
obfs4 = "0.1.0"

Integration Examples

Client example using ptrs

use ptrs::{Args, ClientBuilder as _, ClientTransport as _};
use obfs4;
use tokio::net::TcpStream;

let args = Args::from_str("")?;
let client = ClientBuilder::default()
    .options(args)?
    .build();

// future that opens a tcp connection when awaited
let conn_future = TcpStream::connect("127.0.0.1:9000");

// await (create) the tcp conn, attempt to handshake, and return a wrapped Read/Write object on success.
let obfs4_conn = client.wrap(box::pin(conn_future)).await?;

// ...

Server example

let message = b"Hello universe";
let (mut c, mut s) = tokio::io::duplex(65_536);
let mut rng = rand::thread_rng();

let o4_server = Server::new_from_random(&mut rng);

tokio::spawn(async move {
    let mut o4s_stream = o4_server.wrap(&mut s).await.unwrap();

    let mut buf = [0_u8; 50];
    let n = o4s_stream.read(&mut buf).await.unwrap();

    // echo the message back over the tunnel
    o4s_stream.write_all(&buf[..n]).await.unwrap();
});

Server example using ptrs

use ptrs::{ServerBuilder, ServerTransport};
...

// TODO fill out example

Loose Ends:

  • server / client compatibility test go-to-rust and rust-to-go.
  • double check the bit randomization and clearing for high two bits in the dalek representative
  • length distribution things
  • iat mode handling

Performance

  • comparison to golang
  • comparison when kyber is enabled
  • NaCl encryption library(s)

Dependencies

~25–39MB
~589K SLoC