lzhr/v2fly
1
0
Fork 0
mirror of https://github.com/v2fly/v2ray-core.git synced 2025-01-02 15:36:41 -05:00
Code Issues Releases Wiki Activity

size encoder and decoder

Browse Source
This commit is contained in:
Darien Raymond 2017-04-23 13:30:08 +02:00
parent 6a90ce3c43
commit e87b0ca848
No known key found for this signature in database
GPG Key ID: 7251FFA14BB18169
8 changed files with 383 additions and 348 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
common/buf/writer.go
View File

@ -81,7 +81,7 @@ func (w *bytesToBufferWriter) Write(payload []byte) (int, error) {
return len(payload), nil return len(payload), nil
} }
func (w *bytesToBufferWriter) WriteMulteBuffer(mb MultiBuffer) (int, error) { func (w *bytesToBufferWriter) WriteMultiBuffer(mb MultiBuffer) (int, error) {
return mb.Len(), w.writer.Write(mb) return mb.Len(), w.writer.Write(mb)
} }

183
common/crypto/auth.go
View File

@ -4,15 +4,7 @@ import (
"crypto/cipher" "crypto/cipher"
"io" "io"
"golang.org/x/crypto/sha3"
"v2ray.com/core/common"
"v2ray.com/core/common/buf" "v2ray.com/core/common/buf"
"v2ray.com/core/common/serial"
)
var (
errInsufficientBuffer = newError("insufficient buffer")
) )
type BytesGenerator interface { type BytesGenerator interface {
@ -68,151 +60,67 @@ func (v *AEADAuthenticator) Seal(dst, plainText []byte) ([]byte, error) {
return v.AEAD.Seal(dst, iv, plainText, additionalData), nil return v.AEAD.Seal(dst, iv, plainText, additionalData), nil
} }
type Uint16Generator interface {
Next() uint16
}
type StaticUint16Generator uint16
func (g StaticUint16Generator) Next() uint16 {
return uint16(g)
}
type ShakeUint16Generator struct {
shake sha3.ShakeHash
buffer [2]byte
}
func NewShakeUint16Generator(nonce []byte) *ShakeUint16Generator {
shake := sha3.NewShake128()
shake.Write(nonce)
return &ShakeUint16Generator{
shake: shake,
}
}
func (g *ShakeUint16Generator) Next() uint16 {
g.shake.Read(g.buffer[:])
return serial.BytesToUint16(g.buffer[:])
}
type AuthenticationReader struct { type AuthenticationReader struct {
auth Authenticator auth Authenticator
buffer *buf.Buffer buffer *buf.Buffer
reader io.Reader reader io.Reader
sizeMask Uint16Generator sizeParser ChunkSizeDecoder
chunk []byte
} }
const ( const (
readerBufferSize = 32 * 1024 readerBufferSize = 32 * 1024
) )
func NewAuthenticationReader(auth Authenticator, reader io.Reader, sizeMask Uint16Generator) *AuthenticationReader { func NewAuthenticationReader(auth Authenticator, sizeParser ChunkSizeDecoder, reader io.Reader) *AuthenticationReader {
return &AuthenticationReader{ return &AuthenticationReader{
auth: auth, auth: auth,
buffer: buf.NewLocal(readerBufferSize), buffer: buf.NewLocal(readerBufferSize),
reader: reader, reader: reader,
sizeMask: sizeMask, sizeParser: sizeParser,
} }
} }
func (v *AuthenticationReader) nextChunk(mask uint16) error { func (r *AuthenticationReader) readChunk() error {
if v.buffer.Len() < 2 { if err := r.buffer.Reset(buf.ReadFullFrom(r.reader, r.sizeParser.SizeBytes())); err != nil {
return errInsufficientBuffer return err
} }
size := int(serial.BytesToUint16(v.buffer.BytesTo(2)) ^ mask) size, err := r.sizeParser.Decode(r.buffer.Bytes())
if size > v.buffer.Len()-2 {
return errInsufficientBuffer
}
if size > readerBufferSize-2 {
return newError("size too large: ", size)
}
if size == v.auth.Overhead() {
return io.EOF
}
if size < v.auth.Overhead() {
return newError("invalid packet size: ", size)
}
cipherChunk := v.buffer.BytesRange(2, size+2)
plainChunk, err := v.auth.Open(cipherChunk[:0], cipherChunk)
if err != nil { if err != nil {
return err return err
} }
v.chunk = plainChunk if size > readerBufferSize {
v.buffer.SliceFrom(size + 2) return newError("size too large ", size).AtWarning()
}
if int(size) == r.auth.Overhead() {
return io.EOF
}
if err := r.buffer.Reset(buf.ReadFullFrom(r.reader, int(size))); err != nil {
return err
}
b, err := r.auth.Open(r.buffer.BytesTo(0), r.buffer.Bytes())
if err != nil {
return err
}
r.buffer.Slice(0, len(b))
return nil return nil
} }
func (v *AuthenticationReader) copyChunk(b []byte) int { func (r *AuthenticationReader) Read() (buf.MultiBuffer, error) {
if len(v.chunk) == 0 { if r.buffer.IsEmpty() {
return 0 if err := r.readChunk(); err != nil {
}
nBytes := copy(b, v.chunk)
if nBytes == len(v.chunk) {
v.chunk = nil
} else {
v.chunk = v.chunk[nBytes:]
}
return nBytes
}
func (v *AuthenticationReader) ensureChunk() error {
atHead := false
if v.buffer.IsEmpty() {
v.buffer.Clear()
atHead = true
}
mask := v.sizeMask.Next()
for {
err := v.nextChunk(mask)
if err != errInsufficientBuffer {
return err
}
leftover := v.buffer.Bytes()
if !atHead && len(leftover) > 0 {
common.Must(v.buffer.Reset(func(b []byte) (int, error) {
return copy(b, leftover), nil
}))
}
if err := v.buffer.AppendSupplier(buf.ReadFrom(v.reader)); err != nil {
return err
}
}
}
func (v *AuthenticationReader) Read(b []byte) (int, error) {
if len(v.chunk) > 0 {
nBytes := v.copyChunk(b)
return nBytes, nil
}
err := v.ensureChunk()
if err != nil {
return 0, err
}
return v.copyChunk(b), nil
}
func (r *AuthenticationReader) ReadMultiBuffer() (buf.MultiBuffer, error) {
err := r.ensureChunk()
if err != nil {
return nil, err return nil, err
} }
}
mb := buf.NewMultiBuffer() mb := buf.NewMultiBuffer()
for len(r.chunk) > 0 { for !r.buffer.IsEmpty() {
b := buf.New() b := buf.New()
nBytes, _ := b.Write(r.chunk) b.AppendSupplier(buf.ReadFrom(r.buffer))
mb.Append(b) mb.Append(b)
r.chunk = r.chunk[nBytes:]
} }
r.chunk = nil
return mb, nil return mb, nil
} }
@ -220,46 +128,43 @@ type AuthenticationWriter struct {
auth Authenticator auth Authenticator
buffer []byte buffer []byte
writer io.Writer writer io.Writer
sizeMask Uint16Generator sizeParser ChunkSizeEncoder
} }
func NewAuthenticationWriter(auth Authenticator, writer io.Writer, sizeMask Uint16Generator) *AuthenticationWriter { func NewAuthenticationWriter(auth Authenticator, sizeParser ChunkSizeEncoder, writer io.Writer) *AuthenticationWriter {
return &AuthenticationWriter{ return &AuthenticationWriter{
auth: auth, auth: auth,
buffer: make([]byte, 32*1024), buffer: make([]byte, 32*1024),
writer: writer, writer: writer,
sizeMask: sizeMask, sizeParser: sizeParser,
} }
} }
// Write implements io.Writer. func (w *AuthenticationWriter) writeInternal(b []byte) error {
func (w *AuthenticationWriter) Write(b []byte) (int, error) { sizeBytes := w.sizeParser.SizeBytes()
cipherChunk, err := w.auth.Seal(w.buffer[2:2], b) cipherChunk, err := w.auth.Seal(w.buffer[sizeBytes:sizeBytes], b)
if err != nil { if err != nil {
return 0, err return err
} }
size := uint16(len(cipherChunk)) ^ w.sizeMask.Next() w.sizeParser.Encode(uint16(len(cipherChunk)), w.buffer[:0])
serial.Uint16ToBytes(size, w.buffer[:0]) _, err = w.writer.Write(w.buffer[:sizeBytes+len(cipherChunk)])
_, err = w.writer.Write(w.buffer[:2+len(cipherChunk)]) return err
return len(b), err
} }
func (w *AuthenticationWriter) WriteMultiBuffer(mb buf.MultiBuffer) (int, error) { func (w *AuthenticationWriter) Write(mb buf.MultiBuffer) error {
defer mb.Release() defer mb.Release()
const StartIndex = 17 * 1024 const StartIndex = 17 * 1024
var totalBytes int
for { for {
payloadLen, _ := mb.Read(w.buffer[StartIndex:]) payloadLen, _ := mb.Read(w.buffer[StartIndex:])
nBytes, err := w.Write(w.buffer[StartIndex : StartIndex+payloadLen]) err := w.writeInternal(w.buffer[StartIndex : StartIndex+payloadLen])
totalBytes += nBytes
if err != nil { if err != nil {
return totalBytes, err return err
} }
if mb.IsEmpty() { if mb.IsEmpty() {
break break
} }
} }
return totalBytes, nil return nil
} }

108
common/crypto/auth_test.go
View File

@ -6,7 +6,6 @@ import (
"crypto/rand" "crypto/rand"
"io" "io"
"testing" "testing"
"time"
"v2ray.com/core/common/buf" "v2ray.com/core/common/buf"
. "v2ray.com/core/common/crypto" . "v2ray.com/core/common/crypto"
@ -24,8 +23,11 @@ func TestAuthenticationReaderWriter(t *testing.T) {
aead, err := cipher.NewGCM(block) aead, err := cipher.NewGCM(block)
assert.Error(err).IsNil() assert.Error(err).IsNil()
payload := make([]byte, 8*1024) rawPayload := make([]byte, 8192)
rand.Read(payload) rand.Read(rawPayload)
payload := buf.NewLocal(8192)
payload.Append(rawPayload)
cache := buf.NewLocal(16 * 1024) cache := buf.NewLocal(16 * 1024)
iv := make([]byte, 12) iv := make([]byte, 12)
@ -37,13 +39,11 @@ func TestAuthenticationReaderWriter(t *testing.T) {
Content: iv, Content: iv,
}, },
AdditionalDataGenerator: &NoOpBytesGenerator{}, AdditionalDataGenerator: &NoOpBytesGenerator{},
}, cache, NewShakeUint16Generator([]byte{'a'})) }, PlainChunkSizeParser{}, cache)
nBytes, err := writer.Write(payload) assert.Error(writer.Write(buf.NewMultiBufferValue(payload))).IsNil()
assert.Error(err).IsNil() assert.Int(cache.Len()).Equals(8210)
assert.Int(nBytes).Equals(len(payload)) assert.Error(writer.Write(buf.NewMultiBuffer())).IsNil()
assert.Int(cache.Len()).GreaterThan(0)
_, err = writer.Write([]byte{})
assert.Error(err).IsNil() assert.Error(err).IsNil()
reader := NewAuthenticationReader(&AEADAuthenticator{ reader := NewAuthenticationReader(&AEADAuthenticator{
@ -52,90 +52,16 @@ func TestAuthenticationReaderWriter(t *testing.T) {
Content: iv, Content: iv,
}, },
AdditionalDataGenerator: &NoOpBytesGenerator{}, AdditionalDataGenerator: &NoOpBytesGenerator{},
}, cache, NewShakeUint16Generator([]byte{'a'})) }, PlainChunkSizeParser{}, cache)
actualPayload := make([]byte, 16*1024) mb, err := reader.Read()
nBytes, err = reader.Read(actualPayload)
assert.Error(err).IsNil() assert.Error(err).IsNil()
assert.Int(nBytes).Equals(len(payload)) assert.Int(mb.Len()).Equals(len(rawPayload))
assert.Bytes(actualPayload[:nBytes]).Equals(payload)
_, err = reader.Read(actualPayload) mbContent := make([]byte, 8192)
assert.Error(err).Equals(io.EOF) mb.Read(mbContent)
} assert.Bytes(mbContent).Equals(rawPayload)
func TestAuthenticationReaderWriterPartial(t *testing.T) { _, err = reader.Read()
assert := assert.On(t)
key := make([]byte, 16)
rand.Read(key)
block, err := aes.NewCipher(key)
assert.Error(err).IsNil()
aead, err := cipher.NewGCM(block)
assert.Error(err).IsNil()
payload := make([]byte, 8*1024)
rand.Read(payload)
iv := make([]byte, 12)
rand.Read(iv)
cache := buf.NewLocal(16 * 1024)
writer := NewAuthenticationWriter(&AEADAuthenticator{
AEAD: aead,
NonceGenerator: &StaticBytesGenerator{
Content: iv,
},
AdditionalDataGenerator: &NoOpBytesGenerator{},
}, cache, NewShakeUint16Generator([]byte{'a', 'b'}))
writer.Write([]byte{'a', 'b', 'c', 'd'})
nBytes, err := writer.Write(payload)
assert.Error(err).IsNil()
assert.Int(nBytes).Equals(len(payload))
assert.Int(cache.Len()).GreaterThan(0)
_, err = writer.Write([]byte{})
assert.Error(err).IsNil()
pr, pw := io.Pipe()
go func() {
pw.Write(cache.BytesTo(1024))
time.Sleep(time.Second * 2)
pw.Write(cache.BytesRange(1024, 2048))
time.Sleep(time.Second * 2)
pw.Write(cache.BytesRange(2048, 3072))
time.Sleep(time.Second * 2)
pw.Write(cache.BytesFrom(3072))
time.Sleep(time.Second * 2)
pw.Close()
}()
reader := NewAuthenticationReader(&AEADAuthenticator{
AEAD: aead,
NonceGenerator: &StaticBytesGenerator{
Content: iv,
},
AdditionalDataGenerator: &NoOpBytesGenerator{},
}, pr, NewShakeUint16Generator([]byte{'a', 'b'}))
actualPayload := make([]byte, 7*1024)
nBytes, err = reader.Read(actualPayload)
assert.Error(err).IsNil()
assert.Int(nBytes).Equals(4)
assert.Bytes(actualPayload[:nBytes]).Equals([]byte{'a', 'b', 'c', 'd'})
nBytes, err = reader.Read(actualPayload)
assert.Error(err).IsNil()
assert.Int(nBytes).Equals(len(actualPayload))
assert.Bytes(actualPayload[:nBytes]).Equals(payload[:nBytes])
nBytes, err = reader.Read(actualPayload)
assert.Error(err).IsNil()
assert.Int(nBytes).Equals(len(payload) - len(actualPayload))
assert.Bytes(actualPayload[:nBytes]).Equals(payload[7*1024:])
_, err = reader.Read(actualPayload)
assert.Error(err).Equals(io.EOF) assert.Error(err).Equals(io.EOF)
} }

150
common/crypto/chunk.go Normal file
View File

@ -0,0 +1,150 @@
package crypto
import (
"io"
"v2ray.com/core/common/buf"
"v2ray.com/core/common/serial"
)
type ChunkSizeDecoder interface {
SizeBytes() int
Decode([]byte) (uint16, error)
}
type ChunkSizeEncoder interface {
SizeBytes() int
Encode(uint16, []byte) []byte
}
type PlainChunkSizeParser struct{}
func (PlainChunkSizeParser) SizeBytes() int {
return 2
}
func (PlainChunkSizeParser) Encode(size uint16, b []byte) []byte {
return serial.Uint16ToBytes(size, b)
}
func (PlainChunkSizeParser) Decode(b []byte) (uint16, error) {
return serial.BytesToUint16(b), nil
}
type ChunkStreamReader struct {
sizeDecoder ChunkSizeDecoder
reader buf.Reader
buffer []byte
leftOver buf.MultiBuffer
leftOverSize uint16
}
func NewChunkStreamReader(sizeDecoder ChunkSizeDecoder, reader io.Reader) *ChunkStreamReader {
return &ChunkStreamReader{
sizeDecoder: sizeDecoder,
reader: buf.NewReader(reader),
buffer: make([]byte, sizeDecoder.SizeBytes()),
}
}
func (r *ChunkStreamReader) readAtLeast(size int) (buf.MultiBuffer, error) {
mb := r.leftOver
for mb.Len() < size {
extra, err := r.reader.Read()
if err != nil {
mb.Release()
return nil, err
}
mb.AppendMulti(extra)
}
return mb, nil
}
func (r *ChunkStreamReader) readSize() (uint16, error) {
if r.sizeDecoder.SizeBytes() > r.leftOver.Len() {
mb, err := r.readAtLeast(r.sizeDecoder.SizeBytes() - r.leftOver.Len())
if err != nil {
return 0, err
}
r.leftOver.AppendMulti(mb)
}
r.leftOver.Read(r.buffer)
return r.sizeDecoder.Decode(r.buffer)
}
func (r *ChunkStreamReader) Read() (buf.MultiBuffer, error) {
size := int(r.leftOverSize)
if size == 0 {
nextSize, err := r.readSize()
if err != nil {
return nil, err
}
if nextSize == 0 {
return nil, io.EOF
}
size = int(nextSize)
}
leftOver := r.leftOver
if leftOver.IsEmpty() {
mb, err := r.readAtLeast(1)
if err != nil {
return nil, err
}
leftOver = mb
}
if size >= leftOver.Len() {
r.leftOverSize = uint16(size - leftOver.Len())
r.leftOver = nil
return leftOver, nil
}
mb := leftOver.SliceBySize(size)
if mb.Len() != size {
b := buf.New()
b.AppendSupplier(buf.ReadFullFrom(&leftOver, size-mb.Len()))
mb.Append(b)
}
r.leftOver = leftOver
r.leftOverSize = 0
return mb, nil
}
type ChunkStreamWriter struct {
sizeEncoder ChunkSizeEncoder
writer buf.Writer
}
func NewChunkStreamWriter(sizeEncoder ChunkSizeEncoder, writer io.Writer) *ChunkStreamWriter {
return &ChunkStreamWriter{
sizeEncoder: sizeEncoder,
writer: buf.NewWriter(writer),
}
}
func (w *ChunkStreamWriter) Write(mb buf.MultiBuffer) error {
mb2Write := buf.NewMultiBuffer()
const sliceSize = 8192
for {
slice := mb.SliceBySize(sliceSize)
b := buf.New()
b.AppendSupplier(func(buffer []byte) (int, error) {
w.sizeEncoder.Encode(uint16(slice.Len()), buffer[:0])
return w.sizeEncoder.SizeBytes(), nil
})
mb2Write.Append(b)
mb2Write.AppendMulti(slice)
if mb.IsEmpty() {
break
}
}
return w.writer.Write(mb2Write)
}

44
common/crypto/chunk_test.go Normal file
View File

@ -0,0 +1,44 @@
package crypto_test
import (
"io"
"testing"
"v2ray.com/core/common/buf"
. "v2ray.com/core/common/crypto"
"v2ray.com/core/testing/assert"
)
func TestChunkStreamIO(t *testing.T) {
assert := assert.On(t)
cache := buf.NewLocal(8192)
writer := NewChunkStreamWriter(PlainChunkSizeParser{}, cache)
reader := NewChunkStreamReader(PlainChunkSizeParser{}, cache)
b := buf.New()
b.AppendBytes('a', 'b', 'c', 'd')
assert.Error(writer.Write(buf.NewMultiBufferValue(b))).IsNil()
b = buf.New()
b.AppendBytes('e', 'f', 'g')
assert.Error(writer.Write(buf.NewMultiBufferValue(b))).IsNil()
assert.Error(writer.Write(buf.NewMultiBuffer())).IsNil()
assert.Int(cache.Len()).Equals(13)
mb, err := reader.Read()
assert.Error(err).IsNil()
assert.Int(mb.Len()).Equals(4)
assert.Bytes(mb[0].Bytes()).Equals([]byte("abcd"))
mb, err = reader.Read()
assert.Error(err).IsNil()
assert.Int(mb.Len()).Equals(3)
assert.Bytes(mb[0].Bytes()).Equals([]byte("efg"))
_, err = reader.Read()
assert.Error(err).Equals(io.EOF)
}

55
proxy/vmess/encoding/auth.go
View File

@ -4,6 +4,8 @@ import (
"crypto/md5" "crypto/md5"
"hash/fnv" "hash/fnv"
"golang.org/x/crypto/sha3"
"v2ray.com/core/common/serial" "v2ray.com/core/common/serial"
) )
@ -14,26 +16,6 @@ func Authenticate(b []byte) uint32 {
return fnv1hash.Sum32() return fnv1hash.Sum32()
} }
type NoOpAuthenticator struct{}
func (NoOpAuthenticator) NonceSize() int {
return 0
}
func (NoOpAuthenticator) Overhead() int {
return 0
}
// Seal implements AEAD.Seal().
func (NoOpAuthenticator) Seal(dst, nonce, plaintext, additionalData []byte) []byte {
return append(dst[:0], plaintext...)
}
// Open implements AEAD.Open().
func (NoOpAuthenticator) Open(dst, nonce, ciphertext, additionalData []byte) ([]byte, error) {
return append(dst[:0], ciphertext...), nil
}
// FnvAuthenticator is an AEAD based on Fnv hash. // FnvAuthenticator is an AEAD based on Fnv hash.
type FnvAuthenticator struct { type FnvAuthenticator struct {
} }
@ -71,3 +53,36 @@ func GenerateChacha20Poly1305Key(b []byte) []byte {
copy(key[16:], t[:]) copy(key[16:], t[:])
return key return key
} }
type ShakeSizeParser struct {
shake sha3.ShakeHash
buffer [2]byte
}
func NewShakeSizeParser(nonce []byte) *ShakeSizeParser {
shake := sha3.NewShake128()
shake.Write(nonce)
return &ShakeSizeParser{
shake: shake,
}
}
func (s *ShakeSizeParser) SizeBytes() int {
return 2
}
func (s *ShakeSizeParser) next() uint16 {
s.shake.Read(s.buffer[:])
return serial.BytesToUint16(s.buffer[:])
}
func (s *ShakeSizeParser) Decode(b []byte) (uint16, error) {
mask := s.next()
size := serial.BytesToUint16(b)
return mask ^ size, nil
}
func (s *ShakeSizeParser) Encode(size uint16, b []byte) []byte {
mask := s.next()
return serial.Uint16ToBytes(mask^size, b[:0])
}

77
proxy/vmess/encoding/client.go
View File

@ -117,23 +117,19 @@ func (v *ClientSession) EncodeRequestHeader(header *protocol.RequestHeader, writ
} }
func (v *ClientSession) EncodeRequestBody(request *protocol.RequestHeader, writer io.Writer) buf.Writer { func (v *ClientSession) EncodeRequestBody(request *protocol.RequestHeader, writer io.Writer) buf.Writer {
var authWriter io.Writer var sizeParser crypto.ChunkSizeEncoder = crypto.PlainChunkSizeParser{}
var sizeMask crypto.Uint16Generator = crypto.StaticUint16Generator(0)
if request.Option.Has(protocol.RequestOptionChunkMasking) { if request.Option.Has(protocol.RequestOptionChunkMasking) {
sizeMask = getSizeMask(v.requestBodyIV) sizeParser = NewShakeSizeParser(v.requestBodyIV)
} }
if request.Security.Is(protocol.SecurityType_NONE) { if request.Security.Is(protocol.SecurityType_NONE) {
if request.Option.Has(protocol.RequestOptionChunkStream) { if request.Option.Has(protocol.RequestOptionChunkStream) {
auth := &crypto.AEADAuthenticator{ return crypto.NewChunkStreamWriter(sizeParser, writer)
AEAD: NoOpAuthenticator{},
NonceGenerator: crypto.NoOpBytesGenerator{},
AdditionalDataGenerator: crypto.NoOpBytesGenerator{},
} }
authWriter = crypto.NewAuthenticationWriter(auth, writer, sizeMask)
} else { return buf.NewWriter(writer)
authWriter = writer
} }
} else if request.Security.Is(protocol.SecurityType_LEGACY) {
if request.Security.Is(protocol.SecurityType_LEGACY) {
aesStream := crypto.NewAesEncryptionStream(v.requestBodyKey, v.requestBodyIV) aesStream := crypto.NewAesEncryptionStream(v.requestBodyKey, v.requestBodyIV)
cryptionWriter := crypto.NewCryptionWriter(aesStream, writer) cryptionWriter := crypto.NewCryptionWriter(aesStream, writer)
if request.Option.Has(protocol.RequestOptionChunkStream) { if request.Option.Has(protocol.RequestOptionChunkStream) {
@ -142,11 +138,13 @@ func (v *ClientSession) EncodeRequestBody(request *protocol.RequestHeader, write
NonceGenerator: crypto.NoOpBytesGenerator{}, NonceGenerator: crypto.NoOpBytesGenerator{},
AdditionalDataGenerator: crypto.NoOpBytesGenerator{}, AdditionalDataGenerator: crypto.NoOpBytesGenerator{},
} }
authWriter = crypto.NewAuthenticationWriter(auth, cryptionWriter, sizeMask) return crypto.NewAuthenticationWriter(auth, sizeParser, cryptionWriter)
} else {
authWriter = cryptionWriter
} }
} else if request.Security.Is(protocol.SecurityType_AES128_GCM) {
return buf.NewWriter(cryptionWriter)
}
if request.Security.Is(protocol.SecurityType_AES128_GCM) {
block, _ := aes.NewCipher(v.requestBodyKey) block, _ := aes.NewCipher(v.requestBodyKey)
aead, _ := cipher.NewGCM(block) aead, _ := cipher.NewGCM(block)
@ -158,8 +156,10 @@ func (v *ClientSession) EncodeRequestBody(request *protocol.RequestHeader, write
}, },
AdditionalDataGenerator: crypto.NoOpBytesGenerator{}, AdditionalDataGenerator: crypto.NoOpBytesGenerator{},
} }
authWriter = crypto.NewAuthenticationWriter(auth, writer, sizeMask) return crypto.NewAuthenticationWriter(auth, sizeParser, writer)
} else if request.Security.Is(protocol.SecurityType_CHACHA20_POLY1305) { }
if request.Security.Is(protocol.SecurityType_CHACHA20_POLY1305) {
aead, _ := chacha20poly1305.New(GenerateChacha20Poly1305Key(v.requestBodyKey)) aead, _ := chacha20poly1305.New(GenerateChacha20Poly1305Key(v.requestBodyKey))
auth := &crypto.AEADAuthenticator{ auth := &crypto.AEADAuthenticator{
@ -170,11 +170,10 @@ func (v *ClientSession) EncodeRequestBody(request *protocol.RequestHeader, write
}, },
AdditionalDataGenerator: crypto.NoOpBytesGenerator{}, AdditionalDataGenerator: crypto.NoOpBytesGenerator{},
} }
authWriter = crypto.NewAuthenticationWriter(auth, writer, sizeMask) return crypto.NewAuthenticationWriter(auth, sizeParser, writer)
} }
return buf.NewWriter(authWriter) panic("Unknown security type.")
} }
func (v *ClientSession) DecodeResponseHeader(reader io.Reader) (*protocol.ResponseHeader, error) { func (v *ClientSession) DecodeResponseHeader(reader io.Reader) (*protocol.ResponseHeader, error) {
@ -216,34 +215,32 @@ func (v *ClientSession) DecodeResponseHeader(reader io.Reader) (*protocol.Respon
} }
func (v *ClientSession) DecodeResponseBody(request *protocol.RequestHeader, reader io.Reader) buf.Reader { func (v *ClientSession) DecodeResponseBody(request *protocol.RequestHeader, reader io.Reader) buf.Reader {
var authReader io.Reader var sizeParser crypto.ChunkSizeDecoder = crypto.PlainChunkSizeParser{}
var sizeMask crypto.Uint16Generator = crypto.StaticUint16Generator(0)
if request.Option.Has(protocol.RequestOptionChunkMasking) { if request.Option.Has(protocol.RequestOptionChunkMasking) {
sizeMask = getSizeMask(v.responseBodyIV) sizeParser = NewShakeSizeParser(v.responseBodyIV)
} }
if request.Security.Is(protocol.SecurityType_NONE) { if request.Security.Is(protocol.SecurityType_NONE) {
if request.Option.Has(protocol.RequestOptionChunkStream) { if request.Option.Has(protocol.RequestOptionChunkStream) {
auth := &crypto.AEADAuthenticator{ return crypto.NewChunkStreamReader(sizeParser, reader)
AEAD: NoOpAuthenticator{},
NonceGenerator: crypto.NoOpBytesGenerator{},
AdditionalDataGenerator: crypto.NoOpBytesGenerator{},
} }
authReader = crypto.NewAuthenticationReader(auth, reader, sizeMask)
} else { return buf.NewReader(reader)
authReader = reader
} }
} else if request.Security.Is(protocol.SecurityType_LEGACY) {
if request.Security.Is(protocol.SecurityType_LEGACY) {
if request.Option.Has(protocol.RequestOptionChunkStream) { if request.Option.Has(protocol.RequestOptionChunkStream) {
auth := &crypto.AEADAuthenticator{ auth := &crypto.AEADAuthenticator{
AEAD: new(FnvAuthenticator), AEAD: new(FnvAuthenticator),
NonceGenerator: crypto.NoOpBytesGenerator{}, NonceGenerator: crypto.NoOpBytesGenerator{},
AdditionalDataGenerator: crypto.NoOpBytesGenerator{}, AdditionalDataGenerator: crypto.NoOpBytesGenerator{},
} }
authReader = crypto.NewAuthenticationReader(auth, v.responseReader, sizeMask) return crypto.NewAuthenticationReader(auth, sizeParser, v.responseReader)
} else {
authReader = v.responseReader
} }
} else if request.Security.Is(protocol.SecurityType_AES128_GCM) {
return buf.NewReader(v.responseReader)
}
if request.Security.Is(protocol.SecurityType_AES128_GCM) {
block, _ := aes.NewCipher(v.responseBodyKey) block, _ := aes.NewCipher(v.responseBodyKey)
aead, _ := cipher.NewGCM(block) aead, _ := cipher.NewGCM(block)
@ -255,8 +252,10 @@ func (v *ClientSession) DecodeResponseBody(request *protocol.RequestHeader, read
}, },
AdditionalDataGenerator: crypto.NoOpBytesGenerator{}, AdditionalDataGenerator: crypto.NoOpBytesGenerator{},
} }
authReader = crypto.NewAuthenticationReader(auth, reader, sizeMask) return crypto.NewAuthenticationReader(auth, sizeParser, reader)
} else if request.Security.Is(protocol.SecurityType_CHACHA20_POLY1305) { }
if request.Security.Is(protocol.SecurityType_CHACHA20_POLY1305) {
aead, _ := chacha20poly1305.New(GenerateChacha20Poly1305Key(v.responseBodyKey)) aead, _ := chacha20poly1305.New(GenerateChacha20Poly1305Key(v.responseBodyKey))
auth := &crypto.AEADAuthenticator{ auth := &crypto.AEADAuthenticator{
@ -267,10 +266,10 @@ func (v *ClientSession) DecodeResponseBody(request *protocol.RequestHeader, read
}, },
AdditionalDataGenerator: crypto.NoOpBytesGenerator{}, AdditionalDataGenerator: crypto.NoOpBytesGenerator{},
} }
authReader = crypto.NewAuthenticationReader(auth, reader, sizeMask) return crypto.NewAuthenticationReader(auth, sizeParser, reader)
} }
return buf.NewReader(authReader) panic("Unknown security type.")
} }
type ChunkNonceGenerator struct { type ChunkNonceGenerator struct {

80
proxy/vmess/encoding/server.go
View File

@ -93,10 +93,6 @@ func (h *SessionHistory) run() {
} }
} }
func getSizeMask(b []byte) crypto.Uint16Generator {
return crypto.NewShakeUint16Generator(b)
}
type ServerSession struct { type ServerSession struct {
userValidator protocol.UserValidator userValidator protocol.UserValidator
sessionHistory *SessionHistory sessionHistory *SessionHistory
@ -239,23 +235,19 @@ func (v *ServerSession) DecodeRequestHeader(reader io.Reader) (*protocol.Request
} }
func (v *ServerSession) DecodeRequestBody(request *protocol.RequestHeader, reader io.Reader) buf.Reader { func (v *ServerSession) DecodeRequestBody(request *protocol.RequestHeader, reader io.Reader) buf.Reader {
var authReader io.Reader var sizeParser crypto.ChunkSizeDecoder = crypto.PlainChunkSizeParser{}
var sizeMask crypto.Uint16Generator = crypto.StaticUint16Generator(0)
if request.Option.Has(protocol.RequestOptionChunkMasking) { if request.Option.Has(protocol.RequestOptionChunkMasking) {
sizeMask = getSizeMask(v.requestBodyIV) sizeParser = NewShakeSizeParser(v.requestBodyIV)
} }
if request.Security.Is(protocol.SecurityType_NONE) { if request.Security.Is(protocol.SecurityType_NONE) {
if request.Option.Has(protocol.RequestOptionChunkStream) { if request.Option.Has(protocol.RequestOptionChunkStream) {
auth := &crypto.AEADAuthenticator{ return crypto.NewChunkStreamReader(sizeParser, reader)
AEAD: NoOpAuthenticator{},
NonceGenerator: crypto.NoOpBytesGenerator{},
AdditionalDataGenerator: crypto.NoOpBytesGenerator{},
} }
authReader = crypto.NewAuthenticationReader(auth, reader, sizeMask)
} else { return buf.NewReader(reader)
authReader = reader
} }
} else if request.Security.Is(protocol.SecurityType_LEGACY) {
if request.Security.Is(protocol.SecurityType_LEGACY) {
aesStream := crypto.NewAesDecryptionStream(v.requestBodyKey, v.requestBodyIV) aesStream := crypto.NewAesDecryptionStream(v.requestBodyKey, v.requestBodyIV)
cryptionReader := crypto.NewCryptionReader(aesStream, reader) cryptionReader := crypto.NewCryptionReader(aesStream, reader)
if request.Option.Has(protocol.RequestOptionChunkStream) { if request.Option.Has(protocol.RequestOptionChunkStream) {
@ -264,11 +256,13 @@ func (v *ServerSession) DecodeRequestBody(request *protocol.RequestHeader, reade
NonceGenerator: crypto.NoOpBytesGenerator{}, NonceGenerator: crypto.NoOpBytesGenerator{},
AdditionalDataGenerator: crypto.NoOpBytesGenerator{}, AdditionalDataGenerator: crypto.NoOpBytesGenerator{},
} }
authReader = crypto.NewAuthenticationReader(auth, cryptionReader, sizeMask) return crypto.NewAuthenticationReader(auth, sizeParser, cryptionReader)
} else {
authReader = cryptionReader
} }
} else if request.Security.Is(protocol.SecurityType_AES128_GCM) {
return buf.NewReader(cryptionReader)
}
if request.Security.Is(protocol.SecurityType_AES128_GCM) {
block, _ := aes.NewCipher(v.requestBodyKey) block, _ := aes.NewCipher(v.requestBodyKey)
aead, _ := cipher.NewGCM(block) aead, _ := cipher.NewGCM(block)
@ -280,8 +274,10 @@ func (v *ServerSession) DecodeRequestBody(request *protocol.RequestHeader, reade
}, },
AdditionalDataGenerator: crypto.NoOpBytesGenerator{}, AdditionalDataGenerator: crypto.NoOpBytesGenerator{},
} }
authReader = crypto.NewAuthenticationReader(auth, reader, sizeMask) return crypto.NewAuthenticationReader(auth, sizeParser, reader)
} else if request.Security.Is(protocol.SecurityType_CHACHA20_POLY1305) { }
if request.Security.Is(protocol.SecurityType_CHACHA20_POLY1305) {
aead, _ := chacha20poly1305.New(GenerateChacha20Poly1305Key(v.requestBodyKey)) aead, _ := chacha20poly1305.New(GenerateChacha20Poly1305Key(v.requestBodyKey))
auth := &crypto.AEADAuthenticator{ auth := &crypto.AEADAuthenticator{
@ -292,10 +288,10 @@ func (v *ServerSession) DecodeRequestBody(request *protocol.RequestHeader, reade
}, },
AdditionalDataGenerator: crypto.NoOpBytesGenerator{}, AdditionalDataGenerator: crypto.NoOpBytesGenerator{},
} }
authReader = crypto.NewAuthenticationReader(auth, reader, sizeMask) return crypto.NewAuthenticationReader(auth, sizeParser, reader)
} }
return buf.NewReader(authReader) panic("Unknown security type.")
} }
func (v *ServerSession) EncodeResponseHeader(header *protocol.ResponseHeader, writer io.Writer) { func (v *ServerSession) EncodeResponseHeader(header *protocol.ResponseHeader, writer io.Writer) {
@ -316,34 +312,32 @@ func (v *ServerSession) EncodeResponseHeader(header *protocol.ResponseHeader, wr
} }
func (v *ServerSession) EncodeResponseBody(request *protocol.RequestHeader, writer io.Writer) buf.Writer { func (v *ServerSession) EncodeResponseBody(request *protocol.RequestHeader, writer io.Writer) buf.Writer {
var authWriter io.Writer var sizeParser crypto.ChunkSizeEncoder = crypto.PlainChunkSizeParser{}
var sizeMask crypto.Uint16Generator = crypto.StaticUint16Generator(0)
if request.Option.Has(protocol.RequestOptionChunkMasking) { if request.Option.Has(protocol.RequestOptionChunkMasking) {
sizeMask = getSizeMask(v.responseBodyIV) sizeParser = NewShakeSizeParser(v.responseBodyIV)
} }
if request.Security.Is(protocol.SecurityType_NONE) { if request.Security.Is(protocol.SecurityType_NONE) {
if request.Option.Has(protocol.RequestOptionChunkStream) { if request.Option.Has(protocol.RequestOptionChunkStream) {
auth := &crypto.AEADAuthenticator{ return crypto.NewChunkStreamWriter(sizeParser, writer)
AEAD: NoOpAuthenticator{},
NonceGenerator: crypto.NoOpBytesGenerator{},
AdditionalDataGenerator: crypto.NoOpBytesGenerator{},
} }
authWriter = crypto.NewAuthenticationWriter(auth, writer, sizeMask)
} else { return buf.NewWriter(writer)
authWriter = writer
} }
} else if request.Security.Is(protocol.SecurityType_LEGACY) {
if request.Security.Is(protocol.SecurityType_LEGACY) {
if request.Option.Has(protocol.RequestOptionChunkStream) { if request.Option.Has(protocol.RequestOptionChunkStream) {
auth := &crypto.AEADAuthenticator{ auth := &crypto.AEADAuthenticator{
AEAD: new(FnvAuthenticator), AEAD: new(FnvAuthenticator),
NonceGenerator: crypto.NoOpBytesGenerator{}, NonceGenerator: crypto.NoOpBytesGenerator{},
AdditionalDataGenerator: crypto.NoOpBytesGenerator{}, AdditionalDataGenerator: crypto.NoOpBytesGenerator{},
} }
authWriter = crypto.NewAuthenticationWriter(auth, v.responseWriter, sizeMask) return crypto.NewAuthenticationWriter(auth, sizeParser, v.responseWriter)
} else {
authWriter = v.responseWriter
} }
} else if request.Security.Is(protocol.SecurityType_AES128_GCM) {
return buf.NewWriter(v.responseWriter)
}
if request.Security.Is(protocol.SecurityType_AES128_GCM) {
block, _ := aes.NewCipher(v.responseBodyKey) block, _ := aes.NewCipher(v.responseBodyKey)
aead, _ := cipher.NewGCM(block) aead, _ := cipher.NewGCM(block)
@ -355,8 +349,10 @@ func (v *ServerSession) EncodeResponseBody(request *protocol.RequestHeader, writ
}, },
AdditionalDataGenerator: crypto.NoOpBytesGenerator{}, AdditionalDataGenerator: crypto.NoOpBytesGenerator{},
} }
authWriter = crypto.NewAuthenticationWriter(auth, writer, sizeMask) return crypto.NewAuthenticationWriter(auth, sizeParser, writer)
} else if request.Security.Is(protocol.SecurityType_CHACHA20_POLY1305) { }
if request.Security.Is(protocol.SecurityType_CHACHA20_POLY1305) {
aead, _ := chacha20poly1305.New(GenerateChacha20Poly1305Key(v.responseBodyKey)) aead, _ := chacha20poly1305.New(GenerateChacha20Poly1305Key(v.responseBodyKey))
auth := &crypto.AEADAuthenticator{ auth := &crypto.AEADAuthenticator{
@ -367,8 +363,8 @@ func (v *ServerSession) EncodeResponseBody(request *protocol.RequestHeader, writ
}, },
AdditionalDataGenerator: crypto.NoOpBytesGenerator{}, AdditionalDataGenerator: crypto.NoOpBytesGenerator{},
} }
authWriter = crypto.NewAuthenticationWriter(auth, writer, sizeMask) return crypto.NewAuthenticationWriter(auth, sizeParser, writer)
} }
return buf.NewWriter(authWriter) panic("Unknown security type.")
} }