Marshall/refactor structure

Makefile

@@ -22,7 +22,7 @@ test:
 
 app:
 	[ -d $(EXE_DIR) ] || mkdir -p $(EXE_DIR)
-	go build -o ${EXE_DIR}/application ./application
+	go build -o ${EXE_DIR}/application ./cmd/application
 
 libtd:
 	cd ./libtapdance/ && make libtapdance.a

application/conns.go → cmd/application/conns.go

@@ -16,9 +16,9 @@ import (
 	"syscall"
 	"time"
 
-	cj "github.com/refraction-networking/conjure/application/lib"
-	"github.com/refraction-networking/conjure/application/log"
-	"github.com/refraction-networking/conjure/application/transports"
+	cj "github.com/refraction-networking/conjure/pkg/station/lib"
+	"github.com/refraction-networking/conjure/pkg/station/log"
+	"github.com/refraction-networking/conjure/pkg/transports"
 )
 
 // connManagerConfig

application/conns_test.go → cmd/application/conns_test.go

@@ -12,8 +12,9 @@ import (
 	"testing"
 	"time"
 
-	cj "github.com/refraction-networking/conjure/application/lib"
-	"github.com/refraction-networking/conjure/application/log"
+	"github.com/refraction-networking/conjure/internal/conjurepath"
+	cj "github.com/refraction-networking/conjure/pkg/station/lib"
+	"github.com/refraction-networking/conjure/pkg/station/log"
 )
 
 // MockGeoIP is a mock implementation of the geoip.GeoIP interface.
@@ -41,7 +42,7 @@ func (m *MockGeoIP) ASN(ip net.IP) (uint, error) {
 }
 
 func TestConnHandleNewTCPConn(t *testing.T) {
-	testSubnetPath := os.Getenv("GOPATH") + "/src/github.com/refraction-networking/conjure/application/lib/test/phantom_subnets.toml"
+	testSubnetPath := conjurepath.Root + "/pkg/station/lib/test/phantom_subnets.toml"
 	os.Setenv("PHANTOM_SUBNET_LOCATION", testSubnetPath)
 
 	rm := cj.NewRegistrationManager(&cj.RegConfig{})
@@ -128,7 +129,7 @@ func TestConnHandleConcurrent(t *testing.T) {
 	// We don't actually care about what gets written
 	logger := log.New(ioutil.Discard, "[TEST CONN STATS] ", golog.Ldate|golog.Lmicroseconds)
 
-	testSubnetPath := os.Getenv("GOPATH") + "/src/github.com/refraction-networking/conjure/application/lib/test/phantom_subnets.toml"
+	testSubnetPath := conjurepath.Root + "/pkg/station/lib/test/phantom_subnets.toml"
 	os.Setenv("PHANTOM_SUBNET_LOCATION", testSubnetPath)
 
 	rm := cj.NewRegistrationManager(&cj.RegConfig{})

application/main.go → cmd/application/main.go

@@ -10,12 +10,12 @@ import (
 	"syscall"
 	"time"
 
-	cj "github.com/refraction-networking/conjure/application/lib"
-	"github.com/refraction-networking/conjure/application/log"
-	"github.com/refraction-networking/conjure/application/transports/wrapping/min"
-	"github.com/refraction-networking/conjure/application/transports/wrapping/obfs4"
-	"github.com/refraction-networking/conjure/application/transports/wrapping/prefix"
-	pb "github.com/refraction-networking/gotapdance/protobuf"
+	cj "github.com/refraction-networking/conjure/pkg/station/lib"
+	"github.com/refraction-networking/conjure/pkg/station/log"
+	"github.com/refraction-networking/conjure/pkg/transports/wrapping/min"
+	"github.com/refraction-networking/conjure/pkg/transports/wrapping/obfs4"
+	"github.com/refraction-networking/conjure/pkg/transports/wrapping/prefix"
+	pb "github.com/refraction-networking/conjure/proto"
 )
 
 var sharedLogger *log.Logger

application/registration_with_transport_test.go → cmd/application/registration_with_transport_test.go

@@ -6,12 +6,13 @@ import (
 	"os"
 	"testing"
 
-	cj "github.com/refraction-networking/conjure/application/lib"
-	"github.com/refraction-networking/conjure/application/transports/wrapping/min"
-	"github.com/refraction-networking/conjure/application/transports/wrapping/obfs4"
+	"github.com/refraction-networking/conjure/internal/conjurepath"
 	"github.com/refraction-networking/conjure/pkg/core"
+	cj "github.com/refraction-networking/conjure/pkg/station/lib"
+	"github.com/refraction-networking/conjure/pkg/transports/wrapping/min"
+	"github.com/refraction-networking/conjure/pkg/transports/wrapping/obfs4"
 
-	pb "github.com/refraction-networking/gotapdance/protobuf"
+	pb "github.com/refraction-networking/conjure/proto"
 	"github.com/stretchr/testify/require"
 	"google.golang.org/protobuf/proto"
 )
@@ -37,9 +38,8 @@ func mockReceiveFromDetector() (*pb.ClientToStation, cj.ConjureSharedKeys) {
 }
 
 func TestManagerFunctionality(t *testing.T) {
-	cwd, _ := os.Getwd()
-	testSubnetPath := cwd + "/lib/test/phantom_subnets.toml"
-	os.Setenv("PHANTOM_SUBNET_LOCATION", testSubnetPath)
+	root := conjurepath.Root
+	os.Setenv("PHANTOM_SUBNET_LOCATION", root+"/pkg/station/lib/test/phantom_subnets.toml")
 
 	rm := cj.NewRegistrationManager(&cj.RegConfig{})
 

cmd/registration-server/main.go

@@ -12,15 +12,16 @@ import (
 	"time"
 
 	"github.com/BurntSushi/toml"
-	"github.com/refraction-networking/conjure/application/lib"
-	"github.com/refraction-networking/conjure/application/transports/wrapping/min"
-	"github.com/refraction-networking/conjure/application/transports/wrapping/obfs4"
-	"github.com/refraction-networking/conjure/application/transports/wrapping/prefix"
-	"github.com/refraction-networking/conjure/pkg/apiregserver"
-	"github.com/refraction-networking/conjure/pkg/dnsregserver"
+
 	"github.com/refraction-networking/conjure/pkg/metrics"
 	"github.com/refraction-networking/conjure/pkg/regprocessor"
-	pb "github.com/refraction-networking/gotapdance/protobuf"
+	"github.com/refraction-networking/conjure/pkg/regserver/apiregserver"
+	"github.com/refraction-networking/conjure/pkg/regserver/dnsregserver"
+	"github.com/refraction-networking/conjure/pkg/station/lib"
+	"github.com/refraction-networking/conjure/pkg/transports/wrapping/min"
+	"github.com/refraction-networking/conjure/pkg/transports/wrapping/obfs4"
+	"github.com/refraction-networking/conjure/pkg/transports/wrapping/prefix"
+	pb "github.com/refraction-networking/conjure/proto"
 	log "github.com/sirupsen/logrus"
 	"google.golang.org/protobuf/proto"
 )

go.mod

@@ -22,7 +22,7 @@ require (
 	gitlab.com/yawning/obfs4.git v0.0.0-20220904064028-336a71d6e4cf
 	golang.org/x/crypto v0.9.0
 	google.golang.org/grpc v1.52.0
-	google.golang.org/protobuf v1.30.0
+	google.golang.org/protobuf v1.31.0
 )
 
 require (

go.sum

@@ -22,6 +22,8 @@ github.com/fsnotify/fsnotify v1.4.9 h1:hsms1Qyu0jgnwNXIxa+/V/PDsU6CfLf6CNO8H7IWo
 github.com/go-redis/redis/v8 v8.11.5 h1:AcZZR7igkdvfVmQTPnu9WE37LRrO/YrBH5zWyjDC0oI=
 github.com/go-redis/redis/v8 v8.11.5/go.mod h1:gREzHqY1hg6oD9ngVRbLStwAWKhA0FEgq8Jd4h5lpwo=
 github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk=
+github.com/golang/protobuf v1.5.2 h1:ROPKBNFfQgOUMifHyP+KYbvpjbdoFNs+aK7DXlji0Tw=
+github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY=
 github.com/golang/protobuf v1.5.3 h1:KhyjKVUg7Usr/dYsdSqoFveMYd5ko72D+zANwlG1mmg=
 github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY=
 github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
@@ -89,8 +91,10 @@ google.golang.org/grpc v1.52.0 h1:kd48UiU7EHsV4rnLyOJRuP/Il/UHE7gdDAQ+SZI7nZk=
 google.golang.org/grpc v1.52.0/go.mod h1:pu6fVzoFb+NBYNAvQL08ic+lvB2IojljRYuun5vorUY=
 google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
 google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
-google.golang.org/protobuf v1.30.0 h1:kPPoIgf3TsEvrm0PFe15JQ+570QVxYzEvvHqChK+cng=
-google.golang.org/protobuf v1.30.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I=
+google.golang.org/protobuf v1.28.1 h1:d0NfwRgPtno5B1Wa6L2DAG+KivqkdutMf1UhdNx175w=
+google.golang.org/protobuf v1.28.1/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I=
+google.golang.org/protobuf v1.31.0 h1:g0LDEJHgrBl9N9r17Ru3sqWhkIx2NB67okBHPwC7hs8=
+google.golang.org/protobuf v1.31.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk=
 gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q=

internal/conjurepath/conjurepath.go

@@ -0,0 +1,11 @@
+package conjurepath
+
+import (
+	"path/filepath"
+	"runtime"
+)
+
+var (
+	_, base, _, _ = runtime.Caller(0)
+	Root          = filepath.Join(filepath.Dir(base), "../..")
+)

pkg/core/interfaces/interfaces.go

@@ -2,10 +2,52 @@ package interfaces
 
 import (
 	"io"
+	"net"
 
-	pb "github.com/refraction-networking/gotapdance/protobuf"
+	pb "github.com/refraction-networking/conjure/proto"
+	"google.golang.org/protobuf/proto"
+	"google.golang.org/protobuf/types/known/anypb"
 )
 
+// Transport provides a generic interface for utilities that allow the client to dial and connect to
+// a phantom address when creating a Conjure connection.
+type Transport interface {
+	// Name returns a string identifier for the Transport for logging
+	Name() string
+	// String returns a string identifier for the Transport for logging (including string formatters)
+	String() string
+
+	// ID provides an identifier that will be sent to the conjure station during the registration so
+	// that the station knows what transport to expect connecting to the chosen phantom.
+	ID() pb.TransportType
+
+	// GetParams returns a generic protobuf with any parameters from both the registration and the
+	// transport.
+	GetParams() (proto.Message, error)
+
+	// ParseParams gives the specific transport an option to parse a generic object into parameters
+	// provided by the station in the registration response during registration.
+	ParseParams(data *anypb.Any) (any, error)
+
+	// SetParams allows the caller to set parameters associated with the transport, returning an
+	// error if the provided generic message is not compatible. the variadic bool parameter is used
+	// to indicate whether the client should sanity check the params or just apply them. This is
+	// useful in cases where the registrar may provide options to the client that it is able to
+	// handle, but are outside of the clients sanity checks. (see prefix transport for an example)
+	SetParams(any, ...bool) error
+
+	// GetDstPort returns the destination port that the client should open the phantom connection with.
+	GetDstPort(seed []byte) (uint16, error)
+
+	// PrepareKeys provides an opportunity for the transport to integrate the station public key
+	// as well as bytes from the deterministic random generator associated with the registration
+	// that this ClientTransport is attached to.
+	PrepareKeys(pubkey [32]byte, sharedSecret []byte, dRand io.Reader) error
+
+	// Connect returns a net.Conn connection given a context and ConjureReg
+	WrapConn(conn net.Conn) (net.Conn, error)
+}
+
 // Overrides makes it possible to treat an array of overrides as a single override note that the
 // subsequent overrides are not aware of those that come before so they may end up undoing their
 // changes.

pkg/ed25519/LICENSE

@@ -0,0 +1,27 @@
+Copyright (c) 2012 The Go Authors. All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are
+met:
+
+   * Redistributions of source code must retain the above copyright
+notice, this list of conditions and the following disclaimer.
+   * Redistributions in binary form must reproduce the above
+copyright notice, this list of conditions and the following disclaimer
+in the documentation and/or other materials provided with the
+distribution.
+   * Neither the name of Google Inc. nor the names of its
+contributors may be used to endorse or promote products derived from
+this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

pkg/ed25519/ed25519.go

@@ -0,0 +1,127 @@
+// Copyright 2013 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// Package ed25519 implements the Ed25519 signature algorithm. See
+// http://ed25519.cr.yp.to/.
+package ed25519
+
+// This code is a port of the public domain, "ref10" implementation of ed25519
+// from SUPERCOP.
+
+import (
+	"crypto/sha512"
+	"crypto/subtle"
+	"io"
+
+	"github.com/refraction-networking/conjure/pkg/ed25519/edwards25519"
+)
+
+const (
+	PublicKeySize  = 32
+	PrivateKeySize = 64
+	SignatureSize  = 64
+)
+
+// GenerateKey generates a public/private key pair using randomness from rand.
+func GenerateKey(rand io.Reader) (publicKey *[PublicKeySize]byte, privateKey *[PrivateKeySize]byte, err error) {
+	privateKey = new([64]byte)
+	publicKey = new([32]byte)
+	_, err = io.ReadFull(rand, privateKey[:32])
+	if err != nil {
+		return nil, nil, err
+	}
+
+	h := sha512.New()
+	h.Write(privateKey[:32])
+	digest := h.Sum(nil)
+
+	digest[0] &= 248
+	digest[31] &= 127
+	digest[31] |= 64
+
+	var A edwards25519.ExtendedGroupElement
+	var hBytes [32]byte
+	copy(hBytes[:], digest)
+	edwards25519.GeScalarMultBase(&A, &hBytes)
+	A.ToBytes(publicKey)
+
+	copy(privateKey[32:], publicKey[:])
+	return
+}
+
+// Sign signs the message with privateKey and returns a signature.
+func Sign(privateKey *[PrivateKeySize]byte, message []byte) *[SignatureSize]byte {
+	h := sha512.New()
+	h.Write(privateKey[:32])
+
+	var digest1, messageDigest, hramDigest [64]byte
+	var expandedSecretKey [32]byte
+	h.Sum(digest1[:0])
+	copy(expandedSecretKey[:], digest1[:])
+	expandedSecretKey[0] &= 248
+	expandedSecretKey[31] &= 63
+	expandedSecretKey[31] |= 64
+
+	h.Reset()
+	h.Write(digest1[32:])
+	h.Write(message)
+	h.Sum(messageDigest[:0])
+
+	var messageDigestReduced [32]byte
+	edwards25519.ScReduce(&messageDigestReduced, &messageDigest)
+	var R edwards25519.ExtendedGroupElement
+	edwards25519.GeScalarMultBase(&R, &messageDigestReduced)
+
+	var encodedR [32]byte
+	R.ToBytes(&encodedR)
+
+	h.Reset()
+	h.Write(encodedR[:])
+	h.Write(privateKey[32:])
+	h.Write(message)
+	h.Sum(hramDigest[:0])
+	var hramDigestReduced [32]byte
+	edwards25519.ScReduce(&hramDigestReduced, &hramDigest)
+
+	var s [32]byte
+	edwards25519.ScMulAdd(&s, &hramDigestReduced, &expandedSecretKey, &messageDigestReduced)
+
+	signature := new([64]byte)
+	copy(signature[:], encodedR[:])
+	copy(signature[32:], s[:])
+	return signature
+}
+
+// Verify returns true iff sig is a valid signature of message by publicKey.
+func Verify(publicKey *[PublicKeySize]byte, message []byte, sig *[SignatureSize]byte) bool {
+	if sig[63]&224 != 0 {
+		return false
+	}
+
+	var A edwards25519.ExtendedGroupElement
+	if !A.FromBytes(publicKey) {
+		return false
+	}
+	edwards25519.FeNeg(&A.X, &A.X)
+	edwards25519.FeNeg(&A.T, &A.T)
+
+	h := sha512.New()
+	h.Write(sig[:32])
+	h.Write(publicKey[:])
+	h.Write(message)
+	var digest [64]byte
+	h.Sum(digest[:0])
+
+	var hReduced [32]byte
+	edwards25519.ScReduce(&hReduced, &digest)
+
+	var R edwards25519.ProjectiveGroupElement
+	var b [32]byte
+	copy(b[:], sig[32:])
+	edwards25519.GeDoubleScalarMultVartime(&R, &hReduced, &A, &b)
+
+	var checkR [32]byte
+	R.ToBytes(&checkR)
+	return subtle.ConstantTimeCompare(sig[:32], checkR[:]) == 1
+}