func serverStateFromJSONServerState(stateDir string, js *jsonServerState) (*obfs4ServerState, error) { var err error st := new(obfs4ServerState) if st.nodeID, err = ntor.NodeIDFromHex(js.NodeID); err != nil { return nil, err } if st.identityKey, err = ntor.KeypairFromHex(js.PrivateKey); err != nil { return nil, err } if st.drbgSeed, err = drbg.SeedFromHex(js.DrbgSeed); err != nil { return nil, err } if js.IATMode < iatNone || js.IATMode > iatParanoid { return nil, fmt.Errorf("invalid iat-mode '%d'", js.IATMode) } st.iatMode = js.IATMode st.cert = serverCertFromState(st) // Generate a human readable summary of the configured endpoint. if err = newBridgeFile(stateDir, st); err != nil { return nil, err } return st, nil }
func (cf *obfs4ClientFactory) ParseArgs(args *pt.Args) (interface{}, error) { var nodeID *ntor.NodeID var publicKey *ntor.PublicKey // The "new" (version >= 0.0.3) bridge lines use a unified "cert" argument // for the Node ID and Public Key. certStr, ok := args.Get(certArg) if ok { cert, err := serverCertFromString(certStr) if err != nil { return nil, err } nodeID, publicKey = cert.unpack() } else { // The "old" style (version <= 0.0.2) bridge lines use separate Node ID // and Public Key arguments in Base16 encoding and are a UX disaster. nodeIDStr, ok := args.Get(nodeIDArg) if !ok { return nil, fmt.Errorf("missing argument '%s'", nodeIDArg) } var err error if nodeID, err = ntor.NodeIDFromHex(nodeIDStr); err != nil { return nil, err } publicKeyStr, ok := args.Get(publicKeyArg) if !ok { return nil, fmt.Errorf("missing argument '%s'", publicKeyArg) } if publicKey, err = ntor.PublicKeyFromHex(publicKeyStr); err != nil { return nil, err } } // IAT config is common across the two bridge line formats. iatStr, ok := args.Get(iatArg) if !ok { return nil, fmt.Errorf("missing argument '%s'", iatArg) } iatMode, err := strconv.Atoi(iatStr) if err != nil || iatMode < iatNone || iatMode > iatParanoid { return nil, fmt.Errorf("invalid iat-mode '%d'", iatMode) } // Generate the session key pair before connectiong to hide the Elligator2 // rejection sampling from network observers. sessionKey, err := ntor.NewKeypair(true) if err != nil { return nil, err } return &obfs4ClientArgs{nodeID, publicKey, sessionKey, iatMode}, nil }