mirror of
https://github.com/v2fly/v2ray-core.git
synced 2025-01-04 16:37:12 -05:00
bug fixes
This commit is contained in:
Darien Raymond
parent
a6e25b3f67
commit
7d2cf4c0e0
@ -102,7 +102,7 @@ func (v *AuthenticationReader) NextChunk() error {
|
|||||||
return errors.New("AuthenticationReader: invalid packet size.")
|
return errors.New("AuthenticationReader: invalid packet size.")
|
||||||
}
|
}
|
||||||
cipherChunk := v.buffer.BytesRange(2, size+2)
|
cipherChunk := v.buffer.BytesRange(2, size+2)
|
||||||
plainChunk, err := v.auth.Open(cipherChunk, cipherChunk)
|
plainChunk, err := v.auth.Open(cipherChunk[:0], cipherChunk)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
@ -131,7 +131,9 @@ func (v *AuthenticationReader) EnsureChunk() error {
|
|||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
if err == errInsufficientBuffer {
|
if err == errInsufficientBuffer {
|
||||||
if !v.buffer.IsEmpty() {
|
if v.buffer.IsEmpty() {
|
||||||
|
v.buffer.Clear()
|
||||||
|
} else {
|
||||||
leftover := v.buffer.Bytes()
|
leftover := v.buffer.Bytes()
|
||||||
v.buffer.SetBytesFunc(func(b []byte) int {
|
v.buffer.SetBytesFunc(func(b []byte) int {
|
||||||
return copy(b, leftover)
|
return copy(b, leftover)
|
||||||
@ -175,10 +177,11 @@ func NewAuthenticationWriter(auth Authenticator, writer io.Writer) *Authenticati
|
|||||||
}
|
}
|
||||||
|
|
||||||
func (v *AuthenticationWriter) Write(b []byte) (int, error) {
|
func (v *AuthenticationWriter) Write(b []byte) (int, error) {
|
||||||
cipherChunk, err := v.auth.Seal(v.buffer[2:], b)
|
cipherChunk, err := v.auth.Seal(v.buffer[2:2], b)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return 0, err
|
return 0, err
|
||||||
}
|
}
|
||||||
|
|
||||||
serial.Uint16ToBytes(uint16(len(cipherChunk)), v.buffer[:0])
|
serial.Uint16ToBytes(uint16(len(cipherChunk)), v.buffer[:0])
|
||||||
_, err = v.writer.Write(v.buffer[:2+len(cipherChunk)])
|
_, err = v.writer.Write(v.buffer[:2+len(cipherChunk)])
|
||||||
return len(b), err
|
return len(b), err
|
||||||
|
|||||||
@ -26,7 +26,7 @@ func (v *FnvAuthenticator) Overhead() int {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func (v *FnvAuthenticator) Seal(dst, nonce, plaintext, additionalData []byte) []byte {
|
func (v *FnvAuthenticator) Seal(dst, nonce, plaintext, additionalData []byte) []byte {
|
||||||
dst = serial.Uint32ToBytes(Authenticate(plaintext), dst[:0])
|
dst = serial.Uint32ToBytes(Authenticate(plaintext), dst)
|
||||||
return append(dst, plaintext...)
|
return append(dst, plaintext...)
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -34,7 +34,7 @@ func (v *FnvAuthenticator) Open(dst, nonce, ciphertext, additionalData []byte) (
|
|||||||
if serial.BytesToUint32(ciphertext[:4]) != Authenticate(ciphertext[4:]) {
|
if serial.BytesToUint32(ciphertext[:4]) != Authenticate(ciphertext[4:]) {
|
||||||
return dst, crypto.ErrAuthenticationFailed
|
return dst, crypto.ErrAuthenticationFailed
|
||||||
}
|
}
|
||||||
return append(dst[:0], ciphertext[4:]...), nil
|
return append(dst, ciphertext[4:]...), nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func GenerateChacha20Poly1305Key(b []byte) []byte {
|
func GenerateChacha20Poly1305Key(b []byte) []byte {
|
||||||
|
|||||||
@ -136,25 +136,25 @@ func (v *ClientSession) EncodeRequestBody(request *protocol.RequestHeader, write
|
|||||||
authWriter = cryptionWriter
|
authWriter = cryptionWriter
|
||||||
}
|
}
|
||||||
} else if request.Security.Is(protocol.SecurityType_AES128_GCM) {
|
} else if request.Security.Is(protocol.SecurityType_AES128_GCM) {
|
||||||
block, _ := aes.NewCipher(v.responseBodyKey)
|
block, _ := aes.NewCipher(v.requestBodyKey)
|
||||||
aead, _ := cipher.NewGCM(block)
|
aead, _ := cipher.NewGCM(block)
|
||||||
|
|
||||||
auth := &crypto.AEADAuthenticator{
|
auth := &crypto.AEADAuthenticator{
|
||||||
AEAD: aead,
|
AEAD: aead,
|
||||||
NonceGenerator: &ChunkNonceGenerator{
|
NonceGenerator: &ChunkNonceGenerator{
|
||||||
Nonce: append([]byte(nil), v.responseBodyIV...),
|
Nonce: append([]byte(nil), v.requestBodyIV...),
|
||||||
Size: aead.NonceSize(),
|
Size: aead.NonceSize(),
|
||||||
},
|
},
|
||||||
AdditionalDataGenerator: crypto.NoOpBytesGenerator{},
|
AdditionalDataGenerator: crypto.NoOpBytesGenerator{},
|
||||||
}
|
}
|
||||||
authWriter = crypto.NewAuthenticationWriter(auth, writer)
|
authWriter = crypto.NewAuthenticationWriter(auth, writer)
|
||||||
} else if request.Security.Is(protocol.SecurityType_CHACHA20_POLY1305) {
|
} else if request.Security.Is(protocol.SecurityType_CHACHA20_POLY1305) {
|
||||||
aead, _ := chacha20poly1305.New(GenerateChacha20Poly1305Key(v.responseBodyKey))
|
aead, _ := chacha20poly1305.New(GenerateChacha20Poly1305Key(v.requestBodyKey))
|
||||||
|
|
||||||
auth := &crypto.AEADAuthenticator{
|
auth := &crypto.AEADAuthenticator{
|
||||||
AEAD: aead,
|
AEAD: aead,
|
||||||
NonceGenerator: &ChunkNonceGenerator{
|
NonceGenerator: &ChunkNonceGenerator{
|
||||||
Nonce: append([]byte(nil), v.responseBodyIV...),
|
Nonce: append([]byte(nil), v.requestBodyIV...),
|
||||||
Size: aead.NonceSize(),
|
Size: aead.NonceSize(),
|
||||||
},
|
},
|
||||||
AdditionalDataGenerator: crypto.NoOpBytesGenerator{},
|
AdditionalDataGenerator: crypto.NoOpBytesGenerator{},
|
||||||
@ -266,7 +266,7 @@ type ChunkNonceGenerator struct {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func (v *ChunkNonceGenerator) Next() []byte {
|
func (v *ChunkNonceGenerator) Next() []byte {
|
||||||
serial.Uint16ToBytes(v.count, v.Nonce[:2])
|
serial.Uint16ToBytes(v.count, v.Nonce[:0])
|
||||||
v.count++
|
v.count++
|
||||||
return v.Nonce[:v.Size]
|
return v.Nonce[:v.Size]
|
||||||
}
|
}
|
||||||
|
|||||||
@ -183,25 +183,25 @@ func (v *ServerSession) DecodeRequestBody(request *protocol.RequestHeader, reade
|
|||||||
authReader = cryptionReader
|
authReader = cryptionReader
|
||||||
}
|
}
|
||||||
} else if request.Security.Is(protocol.SecurityType_AES128_GCM) {
|
} else if request.Security.Is(protocol.SecurityType_AES128_GCM) {
|
||||||
block, _ := aes.NewCipher(v.responseBodyKey)
|
block, _ := aes.NewCipher(v.requestBodyKey)
|
||||||
aead, _ := cipher.NewGCM(block)
|
aead, _ := cipher.NewGCM(block)
|
||||||
|
|
||||||
auth := &crypto.AEADAuthenticator{
|
auth := &crypto.AEADAuthenticator{
|
||||||
AEAD: aead,
|
AEAD: aead,
|
||||||
NonceGenerator: &ChunkNonceGenerator{
|
NonceGenerator: &ChunkNonceGenerator{
|
||||||
Nonce: append([]byte(nil), v.responseBodyIV...),
|
Nonce: append([]byte(nil), v.requestBodyIV...),
|
||||||
Size: aead.NonceSize(),
|
Size: aead.NonceSize(),
|
||||||
},
|
},
|
||||||
AdditionalDataGenerator: crypto.NoOpBytesGenerator{},
|
AdditionalDataGenerator: crypto.NoOpBytesGenerator{},
|
||||||
}
|
}
|
||||||
authReader = crypto.NewAuthenticationReader(auth, reader, aggressive)
|
authReader = crypto.NewAuthenticationReader(auth, reader, aggressive)
|
||||||
} else if request.Security.Is(protocol.SecurityType_CHACHA20_POLY1305) {
|
} else if request.Security.Is(protocol.SecurityType_CHACHA20_POLY1305) {
|
||||||
aead, _ := chacha20poly1305.New(GenerateChacha20Poly1305Key(v.responseBodyKey))
|
aead, _ := chacha20poly1305.New(GenerateChacha20Poly1305Key(v.requestBodyKey))
|
||||||
|
|
||||||
auth := &crypto.AEADAuthenticator{
|
auth := &crypto.AEADAuthenticator{
|
||||||
AEAD: aead,
|
AEAD: aead,
|
||||||
NonceGenerator: &ChunkNonceGenerator{
|
NonceGenerator: &ChunkNonceGenerator{
|
||||||
Nonce: append([]byte(nil), v.responseBodyIV...),
|
Nonce: append([]byte(nil), v.requestBodyIV...),
|
||||||
Size: aead.NonceSize(),
|
Size: aead.NonceSize(),
|
||||||
},
|
},
|
||||||
AdditionalDataGenerator: crypto.NoOpBytesGenerator{},
|
AdditionalDataGenerator: crypto.NoOpBytesGenerator{},
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user