v2fly/proxy/vmess/encoding/client.go

package encoding

import (
	"crypto/aes"
	"crypto/cipher"
	"crypto/md5"
	"crypto/rand"
	"hash/fnv"
	"io"

	"golang.org/x/crypto/chacha20poly1305"

	"v2ray.com/core/common/buf"
	"v2ray.com/core/common/crypto"
	"v2ray.com/core/common/dice"
	"v2ray.com/core/common/errors"
	"v2ray.com/core/app/log"
	"v2ray.com/core/common/net"
	"v2ray.com/core/common/protocol"
	"v2ray.com/core/common/serial"
	"v2ray.com/core/proxy/vmess"
)

func hashTimestamp(t protocol.Timestamp) []byte {
	bytes := make([]byte, 0, 32)
	bytes = t.Bytes(bytes)
	bytes = t.Bytes(bytes)
	bytes = t.Bytes(bytes)
	bytes = t.Bytes(bytes)
	return bytes
}

// ClientSession stores connection session info for VMess client.
type ClientSession struct {
	requestBodyKey  []byte
	requestBodyIV   []byte
	responseHeader  byte
	responseBodyKey []byte
	responseBodyIV  []byte
	responseReader  io.Reader
	idHash          protocol.IDHash
}

// NewClientSession creates a new ClientSession.
func NewClientSession(idHash protocol.IDHash) *ClientSession {
	randomBytes := make([]byte, 33) // 16 + 16 + 1
	rand.Read(randomBytes)

	session := &ClientSession{}
	session.requestBodyKey = randomBytes[:16]
	session.requestBodyIV = randomBytes[16:32]
	session.responseHeader = randomBytes[32]
	responseBodyKey := md5.Sum(session.requestBodyKey)
	responseBodyIV := md5.Sum(session.requestBodyIV)
	session.responseBodyKey = responseBodyKey[:]
	session.responseBodyIV = responseBodyIV[:]
	session.idHash = idHash

	return session
}

func (v *ClientSession) EncodeRequestHeader(header *protocol.RequestHeader, writer io.Writer) {
	timestamp := protocol.NewTimestampGenerator(protocol.NowTime(), 30)()
	account, err := header.User.GetTypedAccount()
	if err != nil {
		log.Error("VMess: Failed to get user account: ", err)
		return
	}
	idHash := v.idHash(account.(*vmess.InternalAccount).AnyValidID().Bytes())
	idHash.Write(timestamp.Bytes(nil))
	writer.Write(idHash.Sum(nil))

	buffer := make([]byte, 0, 512)
	buffer = append(buffer, Version)
	buffer = append(buffer, v.requestBodyIV...)
	buffer = append(buffer, v.requestBodyKey...)
	buffer = append(buffer, v.responseHeader, byte(header.Option))
	padingLen := dice.Roll(16)
	if header.Security.Is(protocol.SecurityType_LEGACY) {
		// Disable padding in legacy mode for a smooth transition.
		padingLen = 0
	}
	security := byte(padingLen<<4) | byte(header.Security)
	buffer = append(buffer, security, byte(0), byte(header.Command))
	buffer = header.Port.Bytes(buffer)

	switch header.Address.Family() {
	case net.AddressFamilyIPv4:
		buffer = append(buffer, AddrTypeIPv4)
		buffer = append(buffer, header.Address.IP()...)
	case net.AddressFamilyIPv6:
		buffer = append(buffer, AddrTypeIPv6)
		buffer = append(buffer, header.Address.IP()...)
	case net.AddressFamilyDomain:
		buffer = append(buffer, AddrTypeDomain, byte(len(header.Address.Domain())))
		buffer = append(buffer, header.Address.Domain()...)
	}

	if padingLen > 0 {
		pading := make([]byte, padingLen)
		rand.Read(pading)
		buffer = append(buffer, pading...)
	}

	fnv1a := fnv.New32a()
	fnv1a.Write(buffer)

	buffer = fnv1a.Sum(buffer)

	timestampHash := md5.New()
	timestampHash.Write(hashTimestamp(timestamp))
	iv := timestampHash.Sum(nil)
	aesStream := crypto.NewAesEncryptionStream(account.(*vmess.InternalAccount).ID.CmdKey(), iv)
	aesStream.XORKeyStream(buffer, buffer)
	writer.Write(buffer)

	return
}

func (v *ClientSession) EncodeRequestBody(request *protocol.RequestHeader, writer io.Writer) buf.Writer {
	var authWriter io.Writer
	if request.Security.Is(protocol.SecurityType_NONE) {
		if request.Option.Has(protocol.RequestOptionChunkStream) {
			auth := &crypto.AEADAuthenticator{
				AEAD:                    NoOpAuthenticator{},
				NonceGenerator:          crypto.NoOpBytesGenerator{},
				AdditionalDataGenerator: crypto.NoOpBytesGenerator{},
			}
			authWriter = crypto.NewAuthenticationWriter(auth, writer)
		} else {
			authWriter = writer
		}
	} else if request.Security.Is(protocol.SecurityType_LEGACY) {
		aesStream := crypto.NewAesEncryptionStream(v.requestBodyKey, v.requestBodyIV)
		cryptionWriter := crypto.NewCryptionWriter(aesStream, writer)
		if request.Option.Has(protocol.RequestOptionChunkStream) {
			auth := &crypto.AEADAuthenticator{
				AEAD:                    new(FnvAuthenticator),
				NonceGenerator:          crypto.NoOpBytesGenerator{},
				AdditionalDataGenerator: crypto.NoOpBytesGenerator{},
			}
			authWriter = crypto.NewAuthenticationWriter(auth, cryptionWriter)
		} else {
			authWriter = cryptionWriter
		}
	} else if request.Security.Is(protocol.SecurityType_AES128_GCM) {
		block, _ := aes.NewCipher(v.requestBodyKey)
		aead, _ := cipher.NewGCM(block)

		auth := &crypto.AEADAuthenticator{
			AEAD: aead,
			NonceGenerator: &ChunkNonceGenerator{
				Nonce: append([]byte(nil), v.requestBodyIV...),
				Size:  aead.NonceSize(),
			},
			AdditionalDataGenerator: crypto.NoOpBytesGenerator{},
		}
		authWriter = crypto.NewAuthenticationWriter(auth, writer)
	} else if request.Security.Is(protocol.SecurityType_CHACHA20_POLY1305) {
		aead, _ := chacha20poly1305.New(GenerateChacha20Poly1305Key(v.requestBodyKey))

		auth := &crypto.AEADAuthenticator{
			AEAD: aead,
			NonceGenerator: &ChunkNonceGenerator{
				Nonce: append([]byte(nil), v.requestBodyIV...),
				Size:  aead.NonceSize(),
			},
			AdditionalDataGenerator: crypto.NoOpBytesGenerator{},
		}
		authWriter = crypto.NewAuthenticationWriter(auth, writer)
	}

	return buf.NewWriter(authWriter)

}

func (v *ClientSession) DecodeResponseHeader(reader io.Reader) (*protocol.ResponseHeader, error) {
	aesStream := crypto.NewAesDecryptionStream(v.responseBodyKey, v.responseBodyIV)
	v.responseReader = crypto.NewCryptionReader(aesStream, reader)

	buffer := make([]byte, 256)

	_, err := io.ReadFull(v.responseReader, buffer[:4])
	if err != nil {
		log.Info("VMess|Client: Failed to read response header: ", err)
		return nil, err
	}

	if buffer[0] != v.responseHeader {
		return nil, errors.Format("VMess|Client: Unexpected response header. Expecting %d but actually %d", v.responseHeader, buffer[0])
	}

	header := &protocol.ResponseHeader{
		Option: protocol.ResponseOption(buffer[1]),
	}

	if buffer[2] != 0 {
		cmdID := buffer[2]
		dataLen := int(buffer[3])
		_, err := io.ReadFull(v.responseReader, buffer[:dataLen])
		if err != nil {
			log.Info("VMess|Client: Failed to read response command: ", err)
			return nil, err
		}
		data := buffer[:dataLen]
		command, err := UnmarshalCommand(cmdID, data)
		if err == nil {
			header.Command = command
		}
	}

	return header, nil
}

func (v *ClientSession) DecodeResponseBody(request *protocol.RequestHeader, reader io.Reader) buf.Reader {
	var authReader io.Reader
	if request.Security.Is(protocol.SecurityType_NONE) {
		if request.Option.Has(protocol.RequestOptionChunkStream) {
			auth := &crypto.AEADAuthenticator{
				AEAD:                    new(FnvAuthenticator),
				NonceGenerator:          crypto.NoOpBytesGenerator{},
				AdditionalDataGenerator: crypto.NoOpBytesGenerator{},
			}
			authReader = crypto.NewAuthenticationReader(auth, reader)
		} else {
			authReader = reader
		}
	} else if request.Security.Is(protocol.SecurityType_LEGACY) {
		if request.Option.Has(protocol.RequestOptionChunkStream) {
			auth := &crypto.AEADAuthenticator{
				AEAD:                    new(FnvAuthenticator),
				NonceGenerator:          crypto.NoOpBytesGenerator{},
				AdditionalDataGenerator: crypto.NoOpBytesGenerator{},
			}
			authReader = crypto.NewAuthenticationReader(auth, v.responseReader)
		} else {
			authReader = v.responseReader
		}
	} else if request.Security.Is(protocol.SecurityType_AES128_GCM) {
		block, _ := aes.NewCipher(v.responseBodyKey)
		aead, _ := cipher.NewGCM(block)

		auth := &crypto.AEADAuthenticator{
			AEAD: aead,
			NonceGenerator: &ChunkNonceGenerator{
				Nonce: append([]byte(nil), v.responseBodyIV...),
				Size:  aead.NonceSize(),
			},
			AdditionalDataGenerator: crypto.NoOpBytesGenerator{},
		}
		authReader = crypto.NewAuthenticationReader(auth, reader)
	} else if request.Security.Is(protocol.SecurityType_CHACHA20_POLY1305) {
		aead, _ := chacha20poly1305.New(GenerateChacha20Poly1305Key(v.responseBodyKey))

		auth := &crypto.AEADAuthenticator{
			AEAD: aead,
			NonceGenerator: &ChunkNonceGenerator{
				Nonce: append([]byte(nil), v.responseBodyIV...),
				Size:  aead.NonceSize(),
			},
			AdditionalDataGenerator: crypto.NoOpBytesGenerator{},
		}
		authReader = crypto.NewAuthenticationReader(auth, reader)
	}

	return buf.NewReader(authReader)
}

type ChunkNonceGenerator struct {
	Nonce []byte
	Size  int
	count uint16
}

func (v *ChunkNonceGenerator) Next() []byte {
	serial.Uint16ToBytes(v.count, v.Nonce[:0])
	v.count++
	return v.Nonce[:v.Size]
}
move encoding to vmess 2016-07-23 07:17:51 -04:00			`package encoding`
protocol and api 2016-02-25 15:50:38 -05:00
			`import (`
more security types in vmess. 2016-12-07 11:32:40 -05:00			`"crypto/aes"`
			`"crypto/cipher"`
protocol and api 2016-02-25 15:50:38 -05:00			`"crypto/md5"`
			`"crypto/rand"`
			`"hash/fnv"`
			`"io"`
more security types in vmess. 2016-12-07 11:32:40 -05:00
			`"golang.org/x/crypto/chacha20poly1305"`

refactor io package 2016-12-09 07:17:34 -05:00			`"v2ray.com/core/common/buf"`
unified import path 2016-08-20 14:55:45 -04:00			`"v2ray.com/core/common/crypto"`
more security types in vmess. 2016-12-07 11:32:40 -05:00			`"v2ray.com/core/common/dice"`
errors.Format 2016-12-15 05:05:32 -05:00			`"v2ray.com/core/common/errors"`
move common/log to app/log 2017-02-01 15:35:40 -05:00			`"v2ray.com/core/app/log"`
simplify import 2017-01-13 17:42:39 -05:00			`"v2ray.com/core/common/net"`
unified import path 2016-08-20 14:55:45 -04:00			`"v2ray.com/core/common/protocol"`
more security types in vmess. 2016-12-07 11:32:40 -05:00			`"v2ray.com/core/common/serial"`
unified import path 2016-08-20 14:55:45 -04:00			`"v2ray.com/core/proxy/vmess"`
protocol and api 2016-02-25 15:50:38 -05:00			`)`

			`func hashTimestamp(t protocol.Timestamp) []byte {`
			`bytes := make([]byte, 0, 32)`
fix a bug in vmess encoding 2016-07-27 10:36:46 -04:00			`bytes = t.Bytes(bytes)`
			`bytes = t.Bytes(bytes)`
			`bytes = t.Bytes(bytes)`
			`bytes = t.Bytes(bytes)`
protocol and api 2016-02-25 15:50:38 -05:00			`return bytes`
			`}`

comments 2016-12-13 03:32:29 -05:00			`// ClientSession stores connection session info for VMess client.`
protocol and api 2016-02-25 15:50:38 -05:00			`type ClientSession struct {`
			`requestBodyKey []byte`
			`requestBodyIV []byte`
			`responseHeader byte`
			`responseBodyKey []byte`
			`responseBodyIV []byte`
more protocol implementation 2016-02-26 18:05:53 -05:00			`responseReader io.Reader`
protocol and api 2016-02-25 15:50:38 -05:00			`idHash protocol.IDHash`
			`}`

comments 2016-12-13 03:32:29 -05:00			`// NewClientSession creates a new ClientSession.`
protocol and api 2016-02-25 15:50:38 -05:00			`func NewClientSession(idHash protocol.IDHash) *ClientSession {`
			`randomBytes := make([]byte, 33) // 16 + 16 + 1`
			`rand.Read(randomBytes)`

			`session := &ClientSession{}`
			`session.requestBodyKey = randomBytes[:16]`
			`session.requestBodyIV = randomBytes[16:32]`
			`session.responseHeader = randomBytes[32]`
more protocol implementation 2016-02-26 18:05:53 -05:00			`responseBodyKey := md5.Sum(session.requestBodyKey)`
			`responseBodyIV := md5.Sum(session.requestBodyIV)`
			`session.responseBodyKey = responseBodyKey[:]`
			`session.responseBodyIV = responseBodyIV[:]`
protocol and api 2016-02-25 15:50:38 -05:00			`session.idHash = idHash`

			`return session`
			`}`

rename 'this' 2016-11-27 15:39:09 -05:00			`func (v ClientSession) EncodeRequestHeader(header protocol.RequestHeader, writer io.Writer) {`
protocol and api 2016-02-25 15:50:38 -05:00			`timestamp := protocol.NewTimestampGenerator(protocol.NowTime(), 30)()`
remove use of any 2016-10-16 08:22:21 -04:00			`account, err := header.User.GetTypedAccount()`
accounts in protobuf 2016-09-17 18:41:21 -04:00			`if err != nil {`
			`log.Error("VMess: Failed to get user account: ", err)`
			`return`
			`}`
rename 'this' 2016-11-27 15:39:09 -05:00			`idHash := v.idHash(account.(*vmess.InternalAccount).AnyValidID().Bytes())`
refactor bytes functions 2016-06-26 16:34:48 -04:00			`idHash.Write(timestamp.Bytes(nil))`
Migrate VMessOut into protocol 2016-02-27 10:41:21 -05:00			`writer.Write(idHash.Sum(nil))`
protocol and api 2016-02-25 15:50:38 -05:00
remove unnecessary use of buffer 2016-07-15 15:15:41 -04:00			`buffer := make([]byte, 0, 512)`
			`buffer = append(buffer, Version)`
rename 'this' 2016-11-27 15:39:09 -05:00			`buffer = append(buffer, v.requestBodyIV...)`
			`buffer = append(buffer, v.requestBodyKey...)`
more security types in vmess. 2016-12-07 11:32:40 -05:00			`buffer = append(buffer, v.responseHeader, byte(header.Option))`
			`padingLen := dice.Roll(16)`
pading compatibitlity 2016-12-09 19:05:55 -05:00			`if header.Security.Is(protocol.SecurityType_LEGACY) {`
			`// Disable padding in legacy mode for a smooth transition.`
			`padingLen = 0`
			`}`
more security types in vmess. 2016-12-07 11:32:40 -05:00			`security := byte(padingLen<<4) \| byte(header.Security)`
			`buffer = append(buffer, security, byte(0), byte(header.Command))`
remove unnecessary use of buffer 2016-07-15 15:15:41 -04:00			`buffer = header.Port.Bytes(buffer)`
protocol and api 2016-02-25 15:50:38 -05:00
introduce address family in v2net 2016-08-14 12:14:12 -04:00			`switch header.Address.Family() {`
simplify import 2017-01-13 17:42:39 -05:00			`case net.AddressFamilyIPv4:`
remove unnecessary use of buffer 2016-07-15 15:15:41 -04:00			`buffer = append(buffer, AddrTypeIPv4)`
			`buffer = append(buffer, header.Address.IP()...)`
simplify import 2017-01-13 17:42:39 -05:00			`case net.AddressFamilyIPv6:`
remove unnecessary use of buffer 2016-07-15 15:15:41 -04:00			`buffer = append(buffer, AddrTypeIPv6)`
			`buffer = append(buffer, header.Address.IP()...)`
simplify import 2017-01-13 17:42:39 -05:00			`case net.AddressFamilyDomain:`
remove unnecessary use of buffer 2016-07-15 15:15:41 -04:00			`buffer = append(buffer, AddrTypeDomain, byte(len(header.Address.Domain())))`
			`buffer = append(buffer, header.Address.Domain()...)`
protocol and api 2016-02-25 15:50:38 -05:00			`}`

pading compatibitlity 2016-12-09 19:05:55 -05:00			`if padingLen > 0 {`
			`pading := make([]byte, padingLen)`
			`rand.Read(pading)`
			`buffer = append(buffer, pading...)`
			`}`
more security types in vmess. 2016-12-07 11:32:40 -05:00
protocol and api 2016-02-25 15:50:38 -05:00			`fnv1a := fnv.New32a()`
remove unnecessary use of buffer 2016-07-15 15:15:41 -04:00			`fnv1a.Write(buffer)`
protocol and api 2016-02-25 15:50:38 -05:00
remove unnecessary use of buffer 2016-07-15 15:15:41 -04:00			`buffer = fnv1a.Sum(buffer)`
protocol and api 2016-02-25 15:50:38 -05:00
			`timestampHash := md5.New()`
			`timestampHash.Write(hashTimestamp(timestamp))`
			`iv := timestampHash.Sum(nil)`
refactor protos 2016-10-12 12:43:55 -04:00			`aesStream := crypto.NewAesEncryptionStream(account.(*vmess.InternalAccount).ID.CmdKey(), iv)`
remove unnecessary use of buffer 2016-07-15 15:15:41 -04:00			`aesStream.XORKeyStream(buffer, buffer)`
			`writer.Write(buffer)`
protocol and api 2016-02-25 15:50:38 -05:00
			`return`
			`}`

refactor io package 2016-12-09 07:17:34 -05:00			`func (v ClientSession) EncodeRequestBody(request protocol.RequestHeader, writer io.Writer) buf.Writer {`
more security types in vmess. 2016-12-07 11:32:40 -05:00			`var authWriter io.Writer`
			`if request.Security.Is(protocol.SecurityType_NONE) {`
			`if request.Option.Has(protocol.RequestOptionChunkStream) {`
			`auth := &crypto.AEADAuthenticator{`
true none encryption 2017-01-22 14:43:01 -05:00			`AEAD: NoOpAuthenticator{},`
more security types in vmess. 2016-12-07 11:32:40 -05:00			`NonceGenerator: crypto.NoOpBytesGenerator{},`
			`AdditionalDataGenerator: crypto.NoOpBytesGenerator{},`
			`}`
			`authWriter = crypto.NewAuthenticationWriter(auth, writer)`
			`} else {`
			`authWriter = writer`
			`}`
			`} else if request.Security.Is(protocol.SecurityType_LEGACY) {`
			`aesStream := crypto.NewAesEncryptionStream(v.requestBodyKey, v.requestBodyIV)`
			`cryptionWriter := crypto.NewCryptionWriter(aesStream, writer)`
			`if request.Option.Has(protocol.RequestOptionChunkStream) {`
			`auth := &crypto.AEADAuthenticator{`
			`AEAD: new(FnvAuthenticator),`
			`NonceGenerator: crypto.NoOpBytesGenerator{},`
			`AdditionalDataGenerator: crypto.NoOpBytesGenerator{},`
			`}`
			`authWriter = crypto.NewAuthenticationWriter(auth, cryptionWriter)`
			`} else {`
			`authWriter = cryptionWriter`
			`}`
			`} else if request.Security.Is(protocol.SecurityType_AES128_GCM) {`
bug fixes 2016-12-07 16:52:56 -05:00			`block, _ := aes.NewCipher(v.requestBodyKey)`
more security types in vmess. 2016-12-07 11:32:40 -05:00			`aead, _ := cipher.NewGCM(block)`

			`auth := &crypto.AEADAuthenticator{`
			`AEAD: aead,`
			`NonceGenerator: &ChunkNonceGenerator{`
bug fixes 2016-12-07 16:52:56 -05:00			`Nonce: append([]byte(nil), v.requestBodyIV...),`
more security types in vmess. 2016-12-07 11:32:40 -05:00			`Size: aead.NonceSize(),`
			`},`
			`AdditionalDataGenerator: crypto.NoOpBytesGenerator{},`
			`}`
			`authWriter = crypto.NewAuthenticationWriter(auth, writer)`
			`} else if request.Security.Is(protocol.SecurityType_CHACHA20_POLY1305) {`
bug fixes 2016-12-07 16:52:56 -05:00			`aead, _ := chacha20poly1305.New(GenerateChacha20Poly1305Key(v.requestBodyKey))`
more security types in vmess. 2016-12-07 11:32:40 -05:00
			`auth := &crypto.AEADAuthenticator{`
			`AEAD: aead,`
			`NonceGenerator: &ChunkNonceGenerator{`
bug fixes 2016-12-07 16:52:56 -05:00			`Nonce: append([]byte(nil), v.requestBodyIV...),`
more security types in vmess. 2016-12-07 11:32:40 -05:00			`Size: aead.NonceSize(),`
			`},`
			`AdditionalDataGenerator: crypto.NoOpBytesGenerator{},`
			`}`
			`authWriter = crypto.NewAuthenticationWriter(auth, writer)`
			`}`

refactor io package 2016-12-09 07:17:34 -05:00			`return buf.NewWriter(authWriter)`
more security types in vmess. 2016-12-07 11:32:40 -05:00
protocol and api 2016-02-25 15:50:38 -05:00			`}`

rename 'this' 2016-11-27 15:39:09 -05:00			`func (v ClientSession) DecodeResponseHeader(reader io.Reader) (protocol.ResponseHeader, error) {`
			`aesStream := crypto.NewAesDecryptionStream(v.responseBodyKey, v.responseBodyIV)`
			`v.responseReader = crypto.NewCryptionReader(aesStream, reader)`
more protocol implementation 2016-02-26 18:05:53 -05:00
remove unnecessary use of buffer 2016-07-16 04:45:32 -04:00			`buffer := make([]byte, 256)`
more protocol implementation 2016-02-26 18:05:53 -05:00
rename 'this' 2016-11-27 15:39:09 -05:00			`_, err := io.ReadFull(v.responseReader, buffer[:4])`
more protocol implementation 2016-02-26 18:05:53 -05:00			`if err != nil {`
more security types in vmess. 2016-12-07 11:32:40 -05:00			`log.Info("VMess\|Client: Failed to read response header: ", err)`
more protocol implementation 2016-02-26 18:05:53 -05:00			`return nil, err`
			`}`

rename 'this' 2016-11-27 15:39:09 -05:00			`if buffer[0] != v.responseHeader {`
errors.Format 2016-12-15 05:05:32 -05:00			`return nil, errors.Format("VMess\|Client: Unexpected response header. Expecting %d but actually %d", v.responseHeader, buffer[0])`
more protocol implementation 2016-02-26 18:05:53 -05:00			`}`

send reuse option in header 2016-06-02 15:34:25 -04:00			`header := &protocol.ResponseHeader{`
remove unnecessary use of buffer 2016-07-16 04:45:32 -04:00			`Option: protocol.ResponseOption(buffer[1]),`
send reuse option in header 2016-06-02 15:34:25 -04:00			`}`
more protocol implementation 2016-02-26 18:05:53 -05:00
remove unnecessary use of buffer 2016-07-16 04:45:32 -04:00			`if buffer[2] != 0 {`
style 2016-12-13 05:15:11 -05:00			`cmdID := buffer[2]`
remove unnecessary use of buffer 2016-07-16 04:45:32 -04:00			`dataLen := int(buffer[3])`
rename 'this' 2016-11-27 15:39:09 -05:00			`_, err := io.ReadFull(v.responseReader, buffer[:dataLen])`
more protocol implementation 2016-02-26 18:05:53 -05:00			`if err != nil {`
more security types in vmess. 2016-12-07 11:32:40 -05:00			`log.Info("VMess\|Client: Failed to read response command: ", err)`
more protocol implementation 2016-02-26 18:05:53 -05:00			`return nil, err`
			`}`
remove unnecessary use of buffer 2016-07-16 04:45:32 -04:00			`data := buffer[:dataLen]`
style 2016-12-13 05:15:11 -05:00			`command, err := UnmarshalCommand(cmdID, data)`
Fix unused variables 2016-04-25 18:46:04 -04:00			`if err == nil {`
			`header.Command = command`
			`}`
more protocol implementation 2016-02-26 18:05:53 -05:00			`}`

			`return header, nil`
			`}`

refactor io package 2016-12-09 07:17:34 -05:00			`func (v ClientSession) DecodeResponseBody(request protocol.RequestHeader, reader io.Reader) buf.Reader {`
more security types in vmess. 2016-12-07 11:32:40 -05:00			`var authReader io.Reader`
			`if request.Security.Is(protocol.SecurityType_NONE) {`
			`if request.Option.Has(protocol.RequestOptionChunkStream) {`
			`auth := &crypto.AEADAuthenticator{`
			`AEAD: new(FnvAuthenticator),`
			`NonceGenerator: crypto.NoOpBytesGenerator{},`
			`AdditionalDataGenerator: crypto.NoOpBytesGenerator{},`
			`}`
remove aggressive reader 2017-01-30 16:07:22 -05:00			`authReader = crypto.NewAuthenticationReader(auth, reader)`
more security types in vmess. 2016-12-07 11:32:40 -05:00			`} else {`
			`authReader = reader`
			`}`
			`} else if request.Security.Is(protocol.SecurityType_LEGACY) {`
			`if request.Option.Has(protocol.RequestOptionChunkStream) {`
			`auth := &crypto.AEADAuthenticator{`
			`AEAD: new(FnvAuthenticator),`
			`NonceGenerator: crypto.NoOpBytesGenerator{},`
			`AdditionalDataGenerator: crypto.NoOpBytesGenerator{},`
			`}`
remove aggressive reader 2017-01-30 16:07:22 -05:00			`authReader = crypto.NewAuthenticationReader(auth, v.responseReader)`
more security types in vmess. 2016-12-07 11:32:40 -05:00			`} else {`
			`authReader = v.responseReader`
			`}`
			`} else if request.Security.Is(protocol.SecurityType_AES128_GCM) {`
			`block, _ := aes.NewCipher(v.responseBodyKey)`
			`aead, _ := cipher.NewGCM(block)`

			`auth := &crypto.AEADAuthenticator{`
			`AEAD: aead,`
			`NonceGenerator: &ChunkNonceGenerator{`
			`Nonce: append([]byte(nil), v.responseBodyIV...),`
			`Size: aead.NonceSize(),`
			`},`
			`AdditionalDataGenerator: crypto.NoOpBytesGenerator{},`
			`}`
remove aggressive reader 2017-01-30 16:07:22 -05:00			`authReader = crypto.NewAuthenticationReader(auth, reader)`
more security types in vmess. 2016-12-07 11:32:40 -05:00			`} else if request.Security.Is(protocol.SecurityType_CHACHA20_POLY1305) {`
security options in vmess 2016-12-07 15:43:41 -05:00			`aead, _ := chacha20poly1305.New(GenerateChacha20Poly1305Key(v.responseBodyKey))`
more security types in vmess. 2016-12-07 11:32:40 -05:00
			`auth := &crypto.AEADAuthenticator{`
			`AEAD: aead,`
			`NonceGenerator: &ChunkNonceGenerator{`
			`Nonce: append([]byte(nil), v.responseBodyIV...),`
			`Size: aead.NonceSize(),`
			`},`
			`AdditionalDataGenerator: crypto.NoOpBytesGenerator{},`
			`}`
remove aggressive reader 2017-01-30 16:07:22 -05:00			`authReader = crypto.NewAuthenticationReader(auth, reader)`
more security types in vmess. 2016-12-07 11:32:40 -05:00			`}`

refactor io package 2016-12-09 07:17:34 -05:00			`return buf.NewReader(authReader)`
more security types in vmess. 2016-12-07 11:32:40 -05:00			`}`

			`type ChunkNonceGenerator struct {`
			`Nonce []byte`
			`Size int`
			`count uint16`
			`}`

			`func (v *ChunkNonceGenerator) Next() []byte {`
bug fixes 2016-12-07 16:52:56 -05:00			`serial.Uint16ToBytes(v.count, v.Nonce[:0])`
more security types in vmess. 2016-12-07 11:32:40 -05:00			`v.count++`
			`return v.Nonce[:v.Size]`
more protocol implementation 2016-02-26 18:05:53 -05:00			`}`