v2fly/transport/internet/kcp/crypt.go

package kcp

import (
	"crypto/cipher"
	"hash/fnv"

	"v2ray.com/core/common/serial"
)

// SimpleAuthenticator is a legacy AEAD used for KCP encryption.
type SimpleAuthenticator struct{}

// NewSimpleAuthenticator creates a new SimpleAuthenticator
func NewSimpleAuthenticator() cipher.AEAD {
	return &SimpleAuthenticator{}
}

// NonceSize implements cipher.AEAD.NonceSize().
func (*SimpleAuthenticator) NonceSize() int {
	return 0
}

// Overhead implements cipher.AEAD.NonceSize().
func (*SimpleAuthenticator) Overhead() int {
	return 6
}

// Seal implements cipher.AEAD.Seal().
func (a *SimpleAuthenticator) Seal(dst, nonce, plain, extra []byte) []byte {
	dst = append(dst, 0, 0, 0, 0)
	dst = serial.Uint16ToBytes(uint16(len(plain)), dst)
	dst = append(dst, plain...)

	fnvHash := fnv.New32a()
	fnvHash.Write(dst[4:])
	fnvHash.Sum(dst[:0])

	len := len(dst)
	xtra := 4 - len%4
	if xtra != 4 {
		dst = append(dst, make([]byte, xtra)...)
	}
	xorfwd(dst)
	if xtra != 4 {
		dst = dst[:len]
	}
	return dst
}

// Open implements cipher.AEAD.Open().
func (a *SimpleAuthenticator) Open(dst, nonce, cipherText, extra []byte) ([]byte, error) {
	dst = append(dst, cipherText...)
	dstLen := len(dst)
	xtra := 4 - dstLen%4
	if xtra != 4 {
		dst = append(dst, make([]byte, xtra)...)
	}
	xorbkd(dst)
	if xtra != 4 {
		dst = dst[:dstLen]
	}

	fnvHash := fnv.New32a()
	fnvHash.Write(dst[4:])
	if serial.BytesToUint32(dst[:4]) != fnvHash.Sum32() {
		return nil, newError("invalid auth")
	}

	length := serial.BytesToUint16(dst[4:6])
	if len(dst)-6 != int(length) {
		return nil, newError("invalid auth")
	}

	return dst[6:], nil
}
customizable kcp code 2016-06-14 17:25:06 -04:00			`package kcp`

Integrate kcp with other components 2016-06-17 10:51:41 -04:00			`import (`
refine kcp header and security 2016-12-08 10:27:41 -05:00			`"crypto/cipher"`
Integrate kcp with other components 2016-06-17 10:51:41 -04:00			`"hash/fnv"`

unified import path 2016-08-20 14:55:45 -04:00			`"v2ray.com/core/common/serial"`
refine kcp header and security 2016-12-08 10:27:41 -05:00			`)`

comments 2016-12-08 10:32:53 -05:00			`// SimpleAuthenticator is a legacy AEAD used for KCP encryption.`
Integrate kcp with other components 2016-06-17 10:51:41 -04:00			`type SimpleAuthenticator struct{}`

comments 2016-12-08 10:32:53 -05:00			`// NewSimpleAuthenticator creates a new SimpleAuthenticator`
refine kcp header and security 2016-12-08 10:27:41 -05:00			`func NewSimpleAuthenticator() cipher.AEAD {`
Integrate kcp with other components 2016-06-17 10:51:41 -04:00			`return &SimpleAuthenticator{}`
customizable kcp code 2016-06-14 17:25:06 -04:00			`}`

comments 2016-12-08 10:32:53 -05:00			`// NonceSize implements cipher.AEAD.NonceSize().`
refactor 2017-04-13 16:17:58 -04:00			`func (*SimpleAuthenticator) NonceSize() int {`
refine kcp header and security 2016-12-08 10:27:41 -05:00			`return 0`
			`}`

comments 2016-12-08 10:32:53 -05:00			`// Overhead implements cipher.AEAD.NonceSize().`
refactor 2017-04-13 16:17:58 -04:00			`func (*SimpleAuthenticator) Overhead() int {`
Integrate kcp with other components 2016-06-17 10:51:41 -04:00			`return 6`
customizable kcp code 2016-06-14 17:25:06 -04:00			`}`

comments 2016-12-08 10:32:53 -05:00			`// Seal implements cipher.AEAD.Seal().`
refactor 2017-04-13 16:17:58 -04:00			`func (a *SimpleAuthenticator) Seal(dst, nonce, plain, extra []byte) []byte {`
refine kcp header and security 2016-12-08 10:27:41 -05:00			`dst = append(dst, 0, 0, 0, 0)`
			`dst = serial.Uint16ToBytes(uint16(len(plain)), dst)`
			`dst = append(dst, plain...)`

Integrate kcp with other components 2016-06-17 10:51:41 -04:00			`fnvHash := fnv.New32a()`
refine kcp header and security 2016-12-08 10:27:41 -05:00			`fnvHash.Write(dst[4:])`
			`fnvHash.Sum(dst[:0])`
Integrate kcp with other components 2016-06-17 10:51:41 -04:00
refine kcp header and security 2016-12-08 10:27:41 -05:00			`len := len(dst)`
improve simple authenticator performance in amd64 2016-06-17 20:13:35 -04:00			`xtra := 4 - len%4`
refine kcp header and security 2016-12-08 10:27:41 -05:00			`if xtra != 4 {`
			`dst = append(dst, make([]byte, xtra)...)`
improve simple authenticator performance in amd64 2016-06-17 20:13:35 -04:00			`}`
refine kcp header and security 2016-12-08 10:27:41 -05:00			`xorfwd(dst)`
			`if xtra != 4 {`
			`dst = dst[:len]`
Integrate kcp with other components 2016-06-17 10:51:41 -04:00			`}`
refine kcp header and security 2016-12-08 10:27:41 -05:00			`return dst`
customizable kcp code 2016-06-14 17:25:06 -04:00			`}`

comments 2016-12-08 10:32:53 -05:00			`// Open implements cipher.AEAD.Open().`
refactor 2017-04-13 16:17:58 -04:00			`func (a *SimpleAuthenticator) Open(dst, nonce, cipherText, extra []byte) ([]byte, error) {`
refine kcp header and security 2016-12-08 10:27:41 -05:00			`dst = append(dst, cipherText...)`
			`dstLen := len(dst)`
			`xtra := 4 - dstLen%4`
			`if xtra != 4 {`
			`dst = append(dst, make([]byte, xtra)...)`
improve simple authenticator performance in amd64 2016-06-17 20:13:35 -04:00			`}`
refine kcp header and security 2016-12-08 10:27:41 -05:00			`xorbkd(dst)`
			`if xtra != 4 {`
			`dst = dst[:dstLen]`
Integrate kcp with other components 2016-06-17 10:51:41 -04:00			`}`

			`fnvHash := fnv.New32a()`
refine kcp header and security 2016-12-08 10:27:41 -05:00			`fnvHash.Write(dst[4:])`
			`if serial.BytesToUint32(dst[:4]) != fnvHash.Sum32() {`
cleanup error messages 2017-04-09 09:04:04 -04:00			`return nil, newError("invalid auth")`
Integrate kcp with other components 2016-06-17 10:51:41 -04:00			`}`

refine kcp header and security 2016-12-08 10:27:41 -05:00			`length := serial.BytesToUint16(dst[4:6])`
			`if len(dst)-6 != int(length) {`
cleanup error messages 2017-04-09 09:04:04 -04:00			`return nil, newError("invalid auth")`
Integrate kcp with other components 2016-06-17 10:51:41 -04:00			`}`

refine kcp header and security 2016-12-08 10:27:41 -05:00			`return dst[6:], nil`
Integrate kcp with other components 2016-06-17 10:51:41 -04:00			`}`