def __init__( self ):
"""
Initialise a ScrambleSuitTransport object.
"""
log.error("\n\n################################################\n"
"Do NOT rely on ScrambleSuit for strong security!\n"
"################################################\n")
log.debug("Initialising %s." % const.TRANSPORT_NAME)
super(ScrambleSuitTransport, self).__init__()
# Load the server's persistent state from file.
if self.weAreServer:
self.srvState = state.load()
# Initialise the protocol's state machine.
log.debug("Switching to state ST_WAIT_FOR_AUTH.")
self.protoState = const.ST_WAIT_FOR_AUTH
# Buffer for outgoing data.
self.sendBuf = ""
# Buffer for inter-arrival time obfuscation.
self.choppingBuf = fifobuf.Buffer()
# AES instances to decrypt incoming and encrypt outgoing data.
self.sendCrypter = mycrypto.PayloadCrypter()
self.recvCrypter = mycrypto.PayloadCrypter()
# Packet morpher to modify the protocol's packet length distribution.
self.pktMorpher = packetmorpher.new(self.srvState.pktDist
if self.weAreServer else None)
# Inter-arrival time morpher to obfuscate inter arrival times.
self.iatMorpher = self.srvState.iatDist if self.weAreServer else \
probdist.new(lambda: random.random() %
const.MAX_PACKET_DELAY)
# Used to extract protocol messages from encrypted data.
self.protoMsg = message.MessageExtractor()
# Used by the server-side: `True' if the ticket is already
# decrypted but not yet authenticated.
self.decryptedTicket = False
# If we are in external mode we should already have a shared
# secret set up because of validate_external_mode_cli().
if self.weAreExternal:
assert(self.uniformDHSecret)
if self.weAreClient and not self.weAreExternal:
# As a client in managed mode, we get the shared secret
# from callback `handle_socks_args()' per-connection. Set
# the shared secret to None for now.
self.uniformDHSecret = None
self.uniformdh = uniformdh.new(self.uniformDHSecret, self.weAreServer)
def __init__(self):
log.warning("\n+++ Note that ScrambleSuit is still under " \
"development and is NOT safe for practical use. +++\n")
log.info("Initializing %s." % const.TRANSPORT_NAME)
# Initialize the protocol's state machine.
if self.weAreServer:
log.debug("Switching to state ST_WAIT_FOR_TICKET.")
self.state = const.ST_WAIT_FOR_TICKET
elif self.weAreClient:
log.debug("Switching to state ST_WAIT_FOR_PUZZLE.")
self.state = const.ST_WAIT_FOR_PUZZLE
# Magic values to tell when the actual communication begins.
self.sendMagic = self.recvMagic = None
# Buffers for incoming and outgoing data.
self.sendBuf = self.recvBuf = ""
# Caches the outgoing data before written to the wire.
self.choppedPieces = []
# AES instances for incoming and outgoing data.
self.sendCrypter = mycrypto.PayloadCrypter()
self.recvCrypter = mycrypto.PayloadCrypter()
# Packet morpher to modify the protocol's packet length distribution.
self.pktMorpher = packetmorpher.PacketMorpher()
# Inter arrival time morpher to obfuscate inter arrival times.
self.iatMorpher = probdist.RandProbDist(lambda: random.random() % 0.01)
# Circuit to write data to and receive data from.
self.circuit = None
# Timer service to generate garbage data while puzzle is being solved.
self.ts = None
# When the client magic was sent to guess if the ticket was accepted.
self.magicSent = None
# `True' if the client used a session ticket, `False' otherwise.
self.redeemedTicket = None
# Cache the puzzle if the session ticket is not accepted by the server.
self.cachedPuzzle = None
# `True' when ScrambleSuit should stop sending cover traffic.
self.stopCoverTraffic = None
# Used by the unpack mechanism
self.totalLen = None
self.payloadLen = None
def test5_AES( self ):
plain = "this is a test"
key = os.urandom(16)
iv = os.urandom(8)
crypter1 = mycrypto.PayloadCrypter()
crypter1.setSessionKey(key, iv)
crypter2 = mycrypto.PayloadCrypter()
crypter2.setSessionKey(key, iv)
cipher = crypter1.encrypt(plain)
self.failIf(cipher == plain)
self.failUnless(crypter2.decrypt(cipher) == plain)
def test2_getPadding( self ):
pm = packetmorpher.new()
sendCrypter = mycrypto.PayloadCrypter()
sendCrypter.setSessionKey("A" * 32, "A" * 8)
sendHMAC = "A" * 32
for i in xrange(0, const.MTU + 2):
padLen = len(pm.getPadding(sendCrypter, sendHMAC, i))
self.assertTrue(const.HDR_LENGTH <= padLen < const.MTU + \
const.HDR_LENGTH)