bug fixes

2024-12-30 05:56:54 -05:00 · 2016-12-07 22:52:56 +01:00 · 2016-12-07 22:52:56 +01:00 · 7d2cf4c0e0
commit 7d2cf4c0e0
parent a6e25b3f67
4 changed files with 17 additions and 14 deletions
--- a/common/crypto/auth.go
+++ b/common/crypto/auth.go
@ -102,7 +102,7 @@ func (v *AuthenticationReader) NextChunk() error {
 		return errors.New("AuthenticationReader: invalid packet size.")
 	}
 	cipherChunk := v.buffer.BytesRange(2, size+2)
-	plainChunk, err := v.auth.Open(cipherChunk, cipherChunk)
+	plainChunk, err := v.auth.Open(cipherChunk[:0], cipherChunk)
 	if err != nil {
 		return err
 	}
@ -131,7 +131,9 @@ func (v *AuthenticationReader) EnsureChunk() error {
 			return nil
 		}
 		if err == errInsufficientBuffer {
-			if !v.buffer.IsEmpty() {
+			if v.buffer.IsEmpty() {
+				v.buffer.Clear()
+			} else {
 				leftover := v.buffer.Bytes()
 				v.buffer.SetBytesFunc(func(b []byte) int {
 					return copy(b, leftover)
@ -175,10 +177,11 @@ func NewAuthenticationWriter(auth Authenticator, writer io.Writer) *Authenticati
 }

 func (v *AuthenticationWriter) Write(b []byte) (int, error) {
-	cipherChunk, err := v.auth.Seal(v.buffer[2:], b)
+	cipherChunk, err := v.auth.Seal(v.buffer[2:2], b)
 	if err != nil {
 		return 0, err
 	}
+
 	serial.Uint16ToBytes(uint16(len(cipherChunk)), v.buffer[:0])
 	_, err = v.writer.Write(v.buffer[:2+len(cipherChunk)])
 	return len(b), err
--- a/proxy/vmess/encoding/auth.go
+++ b/proxy/vmess/encoding/auth.go
@ -26,7 +26,7 @@ func (v *FnvAuthenticator) Overhead() int {
 }

 func (v *FnvAuthenticator) Seal(dst, nonce, plaintext, additionalData []byte) []byte {
-	dst = serial.Uint32ToBytes(Authenticate(plaintext), dst[:0])
+	dst = serial.Uint32ToBytes(Authenticate(plaintext), dst)
 	return append(dst, plaintext...)
 }

@ -34,7 +34,7 @@ func (v *FnvAuthenticator) Open(dst, nonce, ciphertext, additionalData []byte) (
 	if serial.BytesToUint32(ciphertext[:4]) != Authenticate(ciphertext[4:]) {
 		return dst, crypto.ErrAuthenticationFailed
 	}
-	return append(dst[:0], ciphertext[4:]...), nil
+	return append(dst, ciphertext[4:]...), nil
 }

 func GenerateChacha20Poly1305Key(b []byte) []byte {
--- a/proxy/vmess/encoding/client.go
+++ b/proxy/vmess/encoding/client.go
@ -136,25 +136,25 @@ func (v *ClientSession) EncodeRequestBody(request *protocol.RequestHeader, write
 			authWriter = cryptionWriter
 		}
 	} else if request.Security.Is(protocol.SecurityType_AES128_GCM) {
-		block, _ := aes.NewCipher(v.responseBodyKey)
+		block, _ := aes.NewCipher(v.requestBodyKey)
 		aead, _ := cipher.NewGCM(block)

 		auth := &crypto.AEADAuthenticator{
 			AEAD: aead,
 			NonceGenerator: &ChunkNonceGenerator{
-				Nonce: append([]byte(nil), v.responseBodyIV...),
+				Nonce: append([]byte(nil), v.requestBodyIV...),
 				Size:  aead.NonceSize(),
 			},
 			AdditionalDataGenerator: crypto.NoOpBytesGenerator{},
 		}
 		authWriter = crypto.NewAuthenticationWriter(auth, writer)
 	} else if request.Security.Is(protocol.SecurityType_CHACHA20_POLY1305) {
-		aead, _ := chacha20poly1305.New(GenerateChacha20Poly1305Key(v.responseBodyKey))
+		aead, _ := chacha20poly1305.New(GenerateChacha20Poly1305Key(v.requestBodyKey))

 		auth := &crypto.AEADAuthenticator{
 			AEAD: aead,
 			NonceGenerator: &ChunkNonceGenerator{
-				Nonce: append([]byte(nil), v.responseBodyIV...),
+				Nonce: append([]byte(nil), v.requestBodyIV...),
 				Size:  aead.NonceSize(),
 			},
 			AdditionalDataGenerator: crypto.NoOpBytesGenerator{},
@ -266,7 +266,7 @@ type ChunkNonceGenerator struct {
 }

 func (v *ChunkNonceGenerator) Next() []byte {
-	serial.Uint16ToBytes(v.count, v.Nonce[:2])
+	serial.Uint16ToBytes(v.count, v.Nonce[:0])
 	v.count++
 	return v.Nonce[:v.Size]
 }
--- a/proxy/vmess/encoding/server.go
+++ b/proxy/vmess/encoding/server.go
@ -183,25 +183,25 @@ func (v *ServerSession) DecodeRequestBody(request *protocol.RequestHeader, reade
 			authReader = cryptionReader
 		}
 	} else if request.Security.Is(protocol.SecurityType_AES128_GCM) {
-		block, _ := aes.NewCipher(v.responseBodyKey)
+		block, _ := aes.NewCipher(v.requestBodyKey)
 		aead, _ := cipher.NewGCM(block)

 		auth := &crypto.AEADAuthenticator{
 			AEAD: aead,
 			NonceGenerator: &ChunkNonceGenerator{
-				Nonce: append([]byte(nil), v.responseBodyIV...),
+				Nonce: append([]byte(nil), v.requestBodyIV...),
 				Size:  aead.NonceSize(),
 			},
 			AdditionalDataGenerator: crypto.NoOpBytesGenerator{},
 		}
 		authReader = crypto.NewAuthenticationReader(auth, reader, aggressive)
 	} else if request.Security.Is(protocol.SecurityType_CHACHA20_POLY1305) {
-		aead, _ := chacha20poly1305.New(GenerateChacha20Poly1305Key(v.responseBodyKey))
+		aead, _ := chacha20poly1305.New(GenerateChacha20Poly1305Key(v.requestBodyKey))

 		auth := &crypto.AEADAuthenticator{
 			AEAD: aead,
 			NonceGenerator: &ChunkNonceGenerator{
-				Nonce: append([]byte(nil), v.responseBodyIV...),
+				Nonce: append([]byte(nil), v.requestBodyIV...),
 				Size:  aead.NonceSize(),
 			},
 			AdditionalDataGenerator: crypto.NoOpBytesGenerator{},