shadowTLS/shadow/client_test.go

package shadow

import (
	"bytes"
	"crypto/md5"
	"crypto/tls"
	"fmt"
	utls "github.com/refraction-networking/utls"
	"io/ioutil"
	"net"
	"net/http"
	"testing"
	"time"
)

func TestHandshake(t *testing.T) {
	dial, err := tls.DialWithDialer(&net.Dialer{
		Timeout: time.Second * 5,
	}, "tcp", "evan.run:443", &tls.Config{
		ServerName: "evan.run",
	})

	err = dial.Handshake()
	if err != nil {
		fmt.Println(err)
	}
	time.Sleep(time.Minute)
}

func TestMd5(t *testing.T) {
	key := "Passwd"
	passwd := []byte(key)

	buf := make([]byte, 32)
	srcCode := md5.Sum(RandomByte(16))
	copy(buf[0:], srcCode[0:])
	buffer := bytes.NewBuffer(srcCode[:])

	sum := md5.Sum(passwd)
	buffer.Write(sum[:])

	hash := md5.Sum(buffer.Bytes())
	copy(buf[16:], hash[0:])
	fmt.Println(buf)

	vBuf := make([]byte, 32)
	copy(vBuf, buf[0:16])
	verifyBuf := bytes.NewBuffer(vBuf)
	verifyBuf.Write(sum[:])

	verifyHash := md5.Sum(buffer.Bytes())
	if bytes.Equal(verifyHash[:], buf[16:32]) {
		fmt.Println("GOOD")
	}
	if VerifyKey(buf, key) {
		fmt.Println("VerifyKey GOOD")
	}

}

func TestAes(t *testing.T) {
	key := []byte("1234567812345678")
	data := []byte("AVC")

	e := AesEncryptCBC(data, key)
	d := AesDecryptCBC(e, key)

	fmt.Println(string(d))
}

func TestTLSFingerprint(t *testing.T) {

	transport := http.Transport{
		DialTLS: func(network, adr string) (net.Conn, error) {
			dial, err := net.Dial(network, adr)
			if err != nil {
				return nil, err
			}
			return wrapTLSClient(dial, time.Second*5)
		},
	}
	client := http.Client{
		Transport:     &transport,
		CheckRedirect: nil,
		Jar:           nil,
		Timeout:       0,
	}
	get, err := client.Get("https://client.tlsfingerprint.io:8443/")
	if err != nil {
		return
	}
	all, err := ioutil.ReadAll(get.Body)
	if err != nil {
		return
	}
	fmt.Println(string(all))

}

func wrapTLSClient(conn net.Conn, timeout time.Duration) (net.Conn, error) {
	var err error

	conn.SetDeadline(time.Now().Add(timeout))
	defer conn.SetDeadline(time.Time{})

	tlsConn := utls.UClient(conn, &utls.Config{ServerName: "client.tlsfingerprint.io"}, utls.HelloCustom)
	//fingerprinter := &utls.Fingerprinter{}
	//generatedSpec, err := fingerprinter.FingerprintClientHello([]byte{0x16, 0x03, 0x01, 0x02, 0x00, 0x01, 0x00, 0x01, 0xfc, 0x03, 0x03, 0x0c, 0x81, 0xa3, 0x5c, 0x8b, 0x44, 0xf7, 0x74, 0x77, 0x7a, 0x51, 0x0f, 0x6f, 0xf4, 0xef, 0xb2, 0xb0, 0x40, 0x15, 0x8e, 0x66, 0xeb, 0xbe, 0x84, 0x6e, 0x18, 0x4b, 0x41, 0x2d, 0x6c, 0xb1, 0x97, 0x20, 0x85, 0x63, 0x63, 0x8b, 0xa6, 0x08, 0x50, 0xd2, 0xbe, 0xd9, 0xd3, 0x15, 0x8a, 0xbe, 0xdb, 0x62, 0xef, 0x39, 0x01, 0x7b, 0xdb, 0xd7, 0xe9, 0x78, 0xc0, 0x8d, 0x3d, 0x32, 0xbe, 0x8d, 0xfc, 0xef, 0x00, 0x20, 0x6a, 0x6a, 0x13, 0x01, 0x13, 0x02, 0x13, 0x03, 0xc0, 0x2b, 0xc0, 0x2f, 0xc0, 0x2c, 0xc0, 0x30, 0xcc, 0xa9, 0xcc, 0xa8, 0xc0, 0x13, 0xc0, 0x14, 0x00, 0x9c, 0x00, 0x9d, 0x00, 0x2f, 0x00, 0x35, 0x01, 0x00, 0x01, 0x93, 0x7a, 0x7a, 0x00, 0x00, 0x00, 0x00, 0x00, 0x15, 0x00, 0x13, 0x00, 0x00, 0x10, 0x73, 0x61, 0x6e, 0x6b, 0x75, 0x61, 0x69, 0x2e, 0x65, 0x76, 0x61, 0x6e, 0x2e, 0x72, 0x75, 0x6e, 0x00, 0x17, 0x00, 0x00, 0xff, 0x01, 0x00, 0x01, 0x00, 0x00, 0x0a, 0x00, 0x0a, 0x00, 0x08, 0xea, 0xea, 0x00, 0x1d, 0x00, 0x17, 0x00, 0x18, 0x00, 0x0b, 0x00, 0x02, 0x01, 0x00, 0x00, 0x23, 0x00, 0x00, 0x00, 0x10, 0x00, 0x0b, 0x00, 0x09, 0x08, 0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31, 0x00, 0x05, 0x00, 0x05, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0d, 0x00, 0x12, 0x00, 0x10, 0x04, 0x03, 0x08, 0x04, 0x04, 0x01, 0x05, 0x03, 0x08, 0x05, 0x05, 0x01, 0x08, 0x06, 0x06, 0x01, 0x00, 0x12, 0x00, 0x00, 0x00, 0x33, 0x00, 0x2b, 0x00, 0x29, 0xea, 0xea, 0x00, 0x01, 0x00, 0x00, 0x1d, 0x00, 0x20, 0x0c, 0x4d, 0x88, 0xfa, 0x97, 0xa0, 0x2e, 0xbe, 0xac, 0x9a, 0xae, 0x1d, 0xae, 0x00, 0x2d, 0xd0, 0x57, 0x40, 0x8f, 0x06, 0xcb, 0x31, 0xf3, 0x8e, 0x7d, 0xec, 0x93, 0xfb, 0xd7, 0x95, 0x0a, 0x40, 0x00, 0x2d, 0x00, 0x02, 0x01, 0x01, 0x00, 0x2b, 0x00, 0x07, 0x06, 0xea, 0xea, 0x03, 0x04, 0x03, 0x03, 0x00, 0x1b, 0x00, 0x03, 0x02, 0x00, 0x02, 0x44, 0x69, 0x00, 0x05, 0x00, 0x03, 0x02, 0x68, 0x32, 0xda, 0xda, 0x00, 0x01, 0x00, 0x00, 0x15, 0x00, 0xca, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00})
	//tlsConn.ApplyPreset(generatedSpec)
	spec := &utls.ClientHelloSpec{
		CipherSuites: []uint16{
			utls.GREASE_PLACEHOLDER,
			utls.TLS_AES_128_GCM_SHA256,
			utls.TLS_AES_256_GCM_SHA384,
			utls.TLS_CHACHA20_POLY1305_SHA256,
			utls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
			utls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
			utls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
			utls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
			utls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
			utls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,
			utls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
			utls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
			utls.TLS_RSA_WITH_AES_128_GCM_SHA256,
			utls.TLS_RSA_WITH_AES_256_GCM_SHA384,
			utls.TLS_RSA_WITH_AES_128_CBC_SHA,
			utls.TLS_RSA_WITH_AES_256_CBC_SHA,
		},
		CompressionMethods: []byte{
			0x00, // compressionNone
		},
		Extensions: []utls.TLSExtension{
			&utls.UtlsGREASEExtension{},
			&utls.SNIExtension{},
			&utls.UtlsExtendedMasterSecretExtension{},
			&utls.RenegotiationInfoExtension{Renegotiation: utls.RenegotiateOnceAsClient},
			&utls.SupportedCurvesExtension{[]utls.CurveID{
				utls.GREASE_PLACEHOLDER,
				utls.X25519,
				utls.CurveP256,
				utls.CurveP384,
			}},
			&utls.SupportedPointsExtension{SupportedPoints: []byte{
				0x00, // pointFormatUncompressed
			}},
			&utls.SessionTicketExtension{},
			&utls.ALPNExtension{AlpnProtocols: []string{"http/1.1"}},
			&utls.StatusRequestExtension{},
			&utls.SignatureAlgorithmsExtension{SupportedSignatureAlgorithms: []utls.SignatureScheme{
				utls.ECDSAWithP256AndSHA256,
				utls.PSSWithSHA256,
				utls.PKCS1WithSHA256,
				utls.ECDSAWithP384AndSHA384,
				utls.PSSWithSHA384,
				utls.PKCS1WithSHA384,
				utls.PSSWithSHA512,
				utls.PKCS1WithSHA512,
			}},
			&utls.SCTExtension{},
			&utls.KeyShareExtension{[]utls.KeyShare{
				{Group: utls.CurveID(utls.GREASE_PLACEHOLDER), Data: []byte{0}},
				{Group: utls.X25519},
			}},
			&utls.PSKKeyExchangeModesExtension{[]uint8{
				utls.PskModeDHE,
			}},
			&utls.SupportedVersionsExtension{[]uint16{
				utls.GREASE_PLACEHOLDER,
				VersionTLS13,
				VersionTLS12,
			}},
			&utls.UtlsCompressCertExtension{[]utls.CertCompressionAlgo{
				utls.CertCompressionBrotli,
			}},
			&utls.ApplicationSettingsExtension{SupportedProtocols: []string{"h2"}},
			&utls.UtlsGREASEExtension{},
			&utls.UtlsPaddingExtension{GetPaddingLen: utls.BoringPaddingStyle},
		},
	}
	tlsConn.ApplyPreset(spec)
	if err = tlsConn.Handshake(); err != nil {
		fmt.Println(err.Error())
		tlsConn.Close()
		return nil, err
	}

	return tlsConn, err
}