Improved key handling

README.md

@@ -22,14 +22,22 @@ go install github.com/riobard/go-shadowsocks2
 
 ## Basic Usage
 
+### Key generation
+
+A random key is almost always better than a password. You can generate a base64url-encoded 16-byte random key with
+
+```sh
+go-shadowsocks -keygen 16
+```
+
 
 ### Server
 
-Start a server listening on port 8848 using `aes-128-gcm` AEAD cipher with a 128-bit key in hexdecimal.
+Start a server listening on port 8848 using `aes-128-gcm` AEAD cipher with a base64url-encoded 16-byte key.
 
 
 ```sh
-go-shadowsocks2 -s :8488 -cipher aes-128-gcm -key 1234567890abcdef1234567890abcdef -verbose
+go-shadowsocks2 -s :8488 -cipher aes-128-gcm -key k5yEIX5ciUDpkpdtvZm7zQ== -verbose
 ```
 
 
@@ -41,7 +49,7 @@ connections, and tunnels UDP packets received on port 1080 and port 1081 to 8.8.
 respectively. 
 
 ```sh
-go-shadowsocks2 -c [server_address]:8488 -cipher aes-128-gcm -key 1234567890abcdef1234567890abcdef \
+go-shadowsocks2 -c [server_address]:8488 -cipher aes-128-gcm -key k5yEIX5ciUDpkpdtvZm7zQ== \
     -socks :1080 -udptun :1080=8.8.8.8:53,:1081=8.8.4.4:53 -verbose
 ```
 
@@ -60,7 +68,7 @@ Start a client listening on port 1082 for redirected TCP connections and port 10
 TCP IPv6 connections.
 
 ```sh
-go-shadowsocks2 -c [server_address]:8488 -cipher aes-128-gcm -key 1234567890abcdef1234567890abcdef \
+go-shadowsocks2 -c [server_address]:8488 -cipher aes-128-gcm -key k5yEIX5ciUDpkpdtvZm7zQ== \
     -redir :1082 -redir6 :1083
 ```
 
@@ -82,7 +90,7 @@ Start a client on the same machine with the server. The client listens on port 1
 and tunnels to localhost:5201 where iperf3 is listening.
 
 ```sh
-go-shadowsocks2 -c [server_address]:8488 -cipher aes-128-gcm -key 1234567890abcdef1234567890abcdef \
+go-shadowsocks2 -c [server_address]:8488 -cipher aes-128-gcm -key k5yEIX5ciUDpkpdtvZm7zQ== \
     -tcptun :1090=localhost:5201
 ```
 

cipher.go

@@ -3,7 +3,7 @@ package main
 import (
 	"crypto/cipher"
 	"crypto/md5"
-	"errors"
+	"fmt"
 	"net"
 	"sort"
 	"strings"
@@ -14,11 +14,6 @@ import (
 	"github.com/riobard/go-shadowsocks2/shadowstream"
 )
 
-var (
-	errCipherNotSupported = errors.New("cipher not supported")
-	errKeySize            = errors.New("key size error")
-)
-
 // List of AEAD ciphers: key size in bytes and constructor
 var aeadList = map[string]struct {
 	KeySize int
@@ -60,29 +55,37 @@ func listCipher() []string {
 	return l
 }
 
-// non-empty key selects AEAD ciphers; otherwise use password with stream ciphers.
+// derive key from password if given key is empty
 func pickCipher(name string, key []byte, password string) (core.StreamConnCipher, core.PacketConnCipher, error) {
 	name = strings.ToLower(name)
 
 	if name == "dummy" {
 		return dummyStream(), dummyPacket(), nil
 	}
 
-	if choice, ok := aeadList[name]; len(key) > 0 && ok {
+	if choice, ok := aeadList[name]; ok {
+		if len(key) == 0 {
+			key = kdf(password, choice.KeySize)
+		}
 		if len(key) != choice.KeySize {
-			return nil, nil, errKeySize
+			return nil, nil, fmt.Errorf("key size error: need %d-byte key", choice.KeySize)
 		}
 		aead, err := choice.New(key)
 		return aeadStream(aead), aeadPacket(aead), err
 	}
 
 	if choice, ok := streamList[name]; ok {
-		key := kdf(password, choice.KeySize)
+		if len(key) == 0 {
+			key = kdf(password, choice.KeySize)
+		}
+		if len(key) != choice.KeySize {
+			return nil, nil, fmt.Errorf("key size error: need %d-byte key", choice.KeySize)
+		}
 		ciph, err := choice.New(key)
 		return streamStream(ciph), streamPacket(ciph), err
 	}
 
-	return nil, nil, errCipherNotSupported
+	return nil, nil, fmt.Errorf("cipher %q not supported", name)
 }
 
 func aeadStream(aead cipher.AEAD) core.StreamConnCipher {

main.go

@@ -43,7 +43,7 @@ func main() {
 
 	flag.BoolVar(&config.Verbose, "verbose", false, "verbose mode")
 	flag.StringVar(&flags.Cipher, "cipher", "", "cipher")
-	flag.StringVar(&flags.Key, "key", "", "base64url-encoded key")
+	flag.StringVar(&flags.Key, "key", "", "base64url-encoded key (derive from password if empty)")
 	flag.IntVar(&flags.Keygen, "keygen", 0, "generate a base64url-encoded random key of given length in byte")
 	flag.StringVar(&flags.Password, "password", "", "password")
 	flag.StringVar(&flags.Server, "s", "", "server listen address")
@@ -81,14 +81,14 @@ func main() {
 	if flags.Key != "" {
 		k, err := base64.URLEncoding.DecodeString(flags.Key)
 		if err != nil {
-			log.Fatalf("key: %v", err)
+			log.Fatal(err)
 		}
 		key = k
 	}
 
 	streamCipher, packetCipher, err := pickCipher(flags.Cipher, key, flags.Password)
 	if err != nil {
-		log.Fatalf("cipher: %v", err)
+		log.Fatal(err)
 	}
 
 	if flags.Client != "" { // client mode