Home Explore Help
Sign In
wytfy
/
v2ray-core
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Apply Coding Style

Shelikhoo 5 years ago
parent
a58b20b5b8
commit
8c886b4b46
6 changed files with 109 additions and 89 deletions
Unified View Show Diff Stats
  1. 1 1
      proxy/vmess/aead/authid.go
  2. 21 0
      proxy/vmess/aead/consts.go
  3. 49 49
      proxy/vmess/aead/encrypt.go
  4. 1 1
      proxy/vmess/aead/kdf.go
  5. 19 20
      proxy/vmess/encoding/client.go
  6. 18 18
      proxy/vmess/encoding/server.go

+ 1 - 1
proxy/vmess/aead/authid.go
View File 

@@ -32,7 +32,7 @@ func CreateAuthID(cmdKey []byte, time int64) [16]byte {
 
 }
 
 }
 
 
 
 func NewCipherFromKey(cmdKey []byte) cipher.Block {
 
 func NewCipherFromKey(cmdKey []byte) cipher.Block {
 
-	aesBlock, err := aes.NewCipher(KDF16(cmdKey, "AES Auth ID Encryption"))
 
+	aesBlock, err := aes.NewCipher(KDF16(cmdKey, KDFSaltConst_AuthIDEncryptionKey))
 
 	if err != nil {
 
 	if err != nil {
 
 		panic(err)
 
 		panic(err)
 
 	}
 
 	}

+ 21 - 0
proxy/vmess/aead/consts.go
View File 

@@ -0,0 +1,21 @@
 
+package aead
 
+
 
+const KDFSaltConst_AuthIDEncryptionKey = "AES Auth ID Encryption"
 
+
 
+const KDFSaltConst_AEADRespHeaderLenKey = "AEAD Resp Header Len Key"
 
+
 
+const KDFSaltConst_AEADRespHeaderLenIV = "AEAD Resp Header Len IV"
 
+
 
+const KDFSaltConst_AEADRespHeaderPayloadKey = "AEAD Resp Header Key"
 
+
 
+const KDFSaltConst_AEADRespHeaderPayloadIV = "AEAD Resp Header IV"
 
+
 
+const KDFSaltConst_VMessAEADKDF = "VMess AEAD KDF"
 
+
 
+const KDFSaltConst_VmessAuthIDCheckValue = "VMess AuthID Check Value"
 
+
 
+const KDFSaltConst_VMessLengthMask = "VMess AuthID Mask Value"
 
+
 
+const KDFSaltConst_VMessHeaderPayloadAEADKey = "VMess Header AEAD Key"
 
+
 
+const KDFSaltConst_VMessHeaderPayloadAEADIV = "VMess Header AEAD Nonce"

+ 49 - 49
proxy/vmess/aead/encrypt.go
View File 

@@ -14,128 +14,128 @@ import (
 
 )
 
 )
 
 
 
 func SealVMessAEADHeader(key [16]byte, data []byte) []byte {
 
 func SealVMessAEADHeader(key [16]byte, data []byte) []byte {
 
-	authid := CreateAuthID(key[:], time.Now().Unix())
 
+	generatedAuthID := CreateAuthID(key[:], time.Now().Unix())
 
 
 
-	nonce := make([]byte, 8)
 
-	if _, err := io.ReadFull(rand.Reader, nonce); err != nil {
 
+	connectionNonce := make([]byte, 8)
 
+	if _, err := io.ReadFull(rand.Reader, connectionNonce); err != nil {
 
 		panic(err.Error())
 
 		panic(err.Error())
 
 	}
 
 	}
 
 
 
-	lengthbuf := bytes.NewBuffer(nil)
 
+	aeadPayloadLengthSerializeBuffer := bytes.NewBuffer(nil)
 
 
 
-	var HeaderDataLen uint16
 
-	HeaderDataLen = uint16(len(data))
 
+	var headerPayloadDataLen uint16
 
+	headerPayloadDataLen = uint16(len(data))
 
 
 
-	common.Must(binary.Write(lengthbuf, binary.BigEndian, HeaderDataLen))
 
+	common.Must(binary.Write(aeadPayloadLengthSerializeBuffer, binary.BigEndian, headerPayloadDataLen))
 
 
 
-	authidCheck := KDF16(key[:], "VMess AuthID Check Value", string(authid[:]), string(lengthbuf.Bytes()), string(nonce))
 
+	authidCheckValue := KDF16(key[:], KDFSaltConst_VmessAuthIDCheckValue, string(generatedAuthID[:]), string(aeadPayloadLengthSerializeBuffer.Bytes()), string(connectionNonce))
 
 
 
-	lengthbufb := lengthbuf.Bytes()
 
+	aeadPayloadLengthSerializedByte := aeadPayloadLengthSerializeBuffer.Bytes()
 
 
 
-	LengthMask := KDF16(key[:], "VMess AuthID Mask Value", string(authid[:]), string(nonce[:]))[:2]
 
+	aeadPayloadLengthMask := KDF16(key[:], KDFSaltConst_VMessLengthMask, string(generatedAuthID[:]), string(connectionNonce[:]))[:2]
 
 
 
-	lengthbufb[0] = lengthbufb[0] ^ LengthMask[0]
 
-	lengthbufb[1] = lengthbufb[1] ^ LengthMask[1]
 
+	aeadPayloadLengthSerializedByte[0] = aeadPayloadLengthSerializedByte[0] ^ aeadPayloadLengthMask[0]
 
+	aeadPayloadLengthSerializedByte[1] = aeadPayloadLengthSerializedByte[1] ^ aeadPayloadLengthMask[1]
 
 
 
-	HeaderAEADKey := KDF16(key[:], "VMess Header AEAD Key", string(authid[:]), string(nonce))
 
+	payloadHeaderAEADKey := KDF16(key[:], KDFSaltConst_VMessHeaderPayloadAEADKey, string(generatedAuthID[:]), string(connectionNonce))
 
 
 
-	HeaderAEADNonce := KDF(key[:], "VMess Header AEAD Nonce", string(authid[:]), string(nonce))[:12]
 
+	payloadHeaderAEADNonce := KDF(key[:], KDFSaltConst_VMessHeaderPayloadAEADIV, string(generatedAuthID[:]), string(connectionNonce))[:12]
 
 
 
-	block, err := aes.NewCipher(HeaderAEADKey)
 
+	payloadHeaderAEADAESBlock, err := aes.NewCipher(payloadHeaderAEADKey)
 
 	if err != nil {
 
 	if err != nil {
 
 		panic(err.Error())
 
 		panic(err.Error())
 
 	}
 
 	}
 
 
 
-	headerAEAD, err := cipher.NewGCM(block)
 
+	payloadHeaderAEAD, err := cipher.NewGCM(payloadHeaderAEADAESBlock)
 
 
 
 	if err != nil {
 
 	if err != nil {
 
 		panic(err.Error())
 
 		panic(err.Error())
 
 	}
 
 	}
 
 
 
-	headerSealed := headerAEAD.Seal(nil, HeaderAEADNonce, data, authid[:])
 
+	payloadHeaderAEADEncrypted := payloadHeaderAEAD.Seal(nil, payloadHeaderAEADNonce, data, generatedAuthID[:])
 
 
 
-	var outPutBuf = bytes.NewBuffer(nil)
 
+	var outputBuffer = bytes.NewBuffer(nil)
 
 
 
-	common.Must2(outPutBuf.Write(authid[:])) //16
 
+	common.Must2(outputBuffer.Write(generatedAuthID[:])) //16
 
 
 
-	common.Must2(outPutBuf.Write(authidCheck)) //16
 
+	common.Must2(outputBuffer.Write(authidCheckValue)) //16
 
 
 
-	common.Must2(outPutBuf.Write(lengthbufb)) //2
 
+	common.Must2(outputBuffer.Write(aeadPayloadLengthSerializedByte)) //2
 
 
 
-	common.Must2(outPutBuf.Write(nonce)) //8
 
+	common.Must2(outputBuffer.Write(connectionNonce)) //8
 
 
 
-	common.Must2(outPutBuf.Write(headerSealed))
 
+	common.Must2(outputBuffer.Write(payloadHeaderAEADEncrypted))
 
 
 
-	return outPutBuf.Bytes()
 
+	return outputBuffer.Bytes()
 
 }
 
 }
 
 
 
 func OpenVMessAEADHeader(key [16]byte, authid [16]byte, data io.Reader) ([]byte, bool, error, int) {
 
 func OpenVMessAEADHeader(key [16]byte, authid [16]byte, data io.Reader) ([]byte, bool, error, int) {
 
-	var authidCheck [16]byte
 
-	var lengthbufb [2]byte
 
+	var authidCheckValue [16]byte
 
+	var headerPayloadDataLen [2]byte
 
 	var nonce [8]byte
 
 	var nonce [8]byte
 
 
 
-	n, err := io.ReadFull(data, authidCheck[:])
 
+	authidCheckValueReadBytesCounts, err := io.ReadFull(data, authidCheckValue[:])
 
 	if err != nil {
 
 	if err != nil {
 
-		return nil, false, err, n
 
+		return nil, false, err, authidCheckValueReadBytesCounts
 
 	}
 
 	}
 
 
 
-	n2, err := io.ReadFull(data, lengthbufb[:])
 
+	headerPayloadDataLenReadBytesCounts, err := io.ReadFull(data, headerPayloadDataLen[:])
 
 	if err != nil {
 
 	if err != nil {
 
-		return nil, false, err, n + n2
 
+		return nil, false, err, authidCheckValueReadBytesCounts + headerPayloadDataLenReadBytesCounts
 
 	}
 
 	}
 
 
 
-	n4, err := io.ReadFull(data, nonce[:])
 
+	nonceReadBytesCounts, err := io.ReadFull(data, nonce[:])
 
 	if err != nil {
 
 	if err != nil {
 
-		return nil, false, err, n + n2 + n4
 
+		return nil, false, err, authidCheckValueReadBytesCounts + headerPayloadDataLenReadBytesCounts + nonceReadBytesCounts
 
 	}
 
 	}
 
 
 
 	//Unmask Length
 
 	//Unmask Length
 
 
 
-	LengthMask := KDF16(key[:], "VMess AuthID Mask Value", string(authid[:]), string(nonce[:]))[:2]
 
+	LengthMask := KDF16(key[:], KDFSaltConst_VMessLengthMask, string(authid[:]), string(nonce[:]))[:2]
 
 
 
-	lengthbufb[0] = lengthbufb[0] ^ LengthMask[0]
 
-	lengthbufb[1] = lengthbufb[1] ^ LengthMask[1]
 
+	headerPayloadDataLen[0] = headerPayloadDataLen[0] ^ LengthMask[0]
 
+	headerPayloadDataLen[1] = headerPayloadDataLen[1] ^ LengthMask[1]
 
 
 
-	authidCheckV := KDF16(key[:], "VMess AuthID Check Value", string(authid[:]), string(lengthbufb[:]), string(nonce[:]))
 
+	authidCheckValueReceivedFromNetwork := KDF16(key[:], KDFSaltConst_VmessAuthIDCheckValue, string(authid[:]), string(headerPayloadDataLen[:]), string(nonce[:]))
 
 
 
-	if !hmac.Equal(authidCheckV, authidCheck[:]) {
 
-		return nil, true, errCheckMismatch, n + n2 + n4
 
+	if !hmac.Equal(authidCheckValueReceivedFromNetwork, authidCheckValue[:]) {
 
+		return nil, true, errCheckMismatch, authidCheckValueReadBytesCounts + headerPayloadDataLenReadBytesCounts + nonceReadBytesCounts
 
 	}
 
 	}
 
 
 
 	var length uint16
 
 	var length uint16
 
 
 
-	common.Must(binary.Read(bytes.NewReader(lengthbufb[:]), binary.BigEndian, &length))
 
+	common.Must(binary.Read(bytes.NewReader(headerPayloadDataLen[:]), binary.BigEndian, &length))
 
 
 
-	HeaderAEADKey := KDF16(key[:], "VMess Header AEAD Key", string(authid[:]), string(nonce[:]))
 
+	payloadHeaderAEADKey := KDF16(key[:], KDFSaltConst_VMessHeaderPayloadAEADKey, string(authid[:]), string(nonce[:]))
 
 
 
-	HeaderAEADNonce := KDF(key[:], "VMess Header AEAD Nonce", string(authid[:]), string(nonce[:]))[:12]
 
+	payloadHeaderAEADNonce := KDF(key[:], KDFSaltConst_VMessHeaderPayloadAEADIV, string(authid[:]), string(nonce[:]))[:12]
 
 
 
 	//16 == AEAD Tag size
 
 	//16 == AEAD Tag size
 
-	header := make([]byte, length+16)
 
+	payloadHeaderAEADEncrypted := make([]byte, length+16)
 
 
 
-	n3, err := io.ReadFull(data, header)
 
+	payloadHeaderAEADEncryptedReadedBytesCounts, err := io.ReadFull(data, payloadHeaderAEADEncrypted)
 
 	if err != nil {
 
 	if err != nil {
 
-		return nil, false, err, n + n2 + n3 + n4
 
+		return nil, false, err, authidCheckValueReadBytesCounts + headerPayloadDataLenReadBytesCounts + payloadHeaderAEADEncryptedReadedBytesCounts + nonceReadBytesCounts
 
 	}
 
 	}
 
 
 
-	block, err := aes.NewCipher(HeaderAEADKey)
 
+	payloadHeaderAEADAESBlock, err := aes.NewCipher(payloadHeaderAEADKey)
 
 	if err != nil {
 
 	if err != nil {
 
 		panic(err.Error())
 
 		panic(err.Error())
 
 	}
 
 	}
 
 
 
-	headerAEAD, err := cipher.NewGCM(block)
 
+	payloadHeaderAEAD, err := cipher.NewGCM(payloadHeaderAEADAESBlock)
 
 
 
 	if err != nil {
 
 	if err != nil {
 
 		panic(err.Error())
 
 		panic(err.Error())
 
 	}
 
 	}
 
 
 
-	out, erropenAEAD := headerAEAD.Open(nil, HeaderAEADNonce, header, authid[:])
 
+	out, erropenAEAD := payloadHeaderAEAD.Open(nil, payloadHeaderAEADNonce, payloadHeaderAEADEncrypted, authid[:])
 
 
 
 	if erropenAEAD != nil {
 
 	if erropenAEAD != nil {
 
-		return nil, true, erropenAEAD, n + n2 + n3 + n4
 
+		return nil, true, erropenAEAD, authidCheckValueReadBytesCounts + headerPayloadDataLenReadBytesCounts + payloadHeaderAEADEncryptedReadedBytesCounts + nonceReadBytesCounts
 
 	}
 
 	}
 
 
 
-	return out, false, nil, n + n2 + n3 + n4
 
+	return out, false, nil, authidCheckValueReadBytesCounts + headerPayloadDataLenReadBytesCounts + payloadHeaderAEADEncryptedReadedBytesCounts + nonceReadBytesCounts
 
 }
 
 }
 
 
 
 var errCheckMismatch = errors.New("check verify failed")
 
 var errCheckMismatch = errors.New("check verify failed")

+ 1 - 1
proxy/vmess/aead/kdf.go
View File 

@@ -9,7 +9,7 @@ import (
 
 func KDF(key []byte, path ...string) []byte {
 
 func KDF(key []byte, path ...string) []byte {
 
 	hmacf := hmac.New(func() hash.Hash {
 
 	hmacf := hmac.New(func() hash.Hash {
 
 		return sha256.New()
 
 		return sha256.New()
 
-	}, []byte("VMess AEAD KDF"))
 
+	}, []byte(KDFSaltConst_VMessAEADKDF))
 
 
 
 	for _, v := range path {
 
 	for _, v := range path {
 
 		hmacf = hmac.New(func() hash.Hash {
 
 		hmacf = hmac.New(func() hash.Hash {

+ 19 - 20
proxy/vmess/encoding/client.go
View File 

@@ -208,43 +208,42 @@ func (c *ClientSession) DecodeResponseHeader(reader io.Reader) (*protocol.Respon
 
 		aesStream := crypto.NewAesDecryptionStream(c.responseBodyKey[:], c.responseBodyIV[:])
 
 		aesStream := crypto.NewAesDecryptionStream(c.responseBodyKey[:], c.responseBodyIV[:])
 
 		c.responseReader = crypto.NewCryptionReader(aesStream, reader)
 
 		c.responseReader = crypto.NewCryptionReader(aesStream, reader)
 
 	} else {
 
 	} else {
 
-		resph := vmessaead.KDF16(c.responseBodyKey[:], "AEAD Resp Header Len Key")
 
-		respi := vmessaead.KDF(c.responseBodyIV[:], "AEAD Resp Header Len IV")[:12]
 
+		aeadResponseHeaderLengthEncryptionKey := vmessaead.KDF16(c.responseBodyKey[:], vmessaead.KDFSaltConst_AEADRespHeaderLenKey)
 
+		aeadResponseHeaderLengthEncryptionIV := vmessaead.KDF(c.responseBodyIV[:], vmessaead.KDFSaltConst_AEADRespHeaderLenIV)[:12]
 
 
 
-		aesblock := common.Must2(aes.NewCipher(resph)).(cipher.Block)
 
-		aeadHeader := common.Must2(cipher.NewGCM(aesblock)).(cipher.AEAD)
 
+		aeadResponseHeaderLengthEncryptionKeyAESBlock := common.Must2(aes.NewCipher(aeadResponseHeaderLengthEncryptionKey)).(cipher.Block)
 
+		aeadResponseHeaderLengthEncryptionAEAD := common.Must2(cipher.NewGCM(aeadResponseHeaderLengthEncryptionKeyAESBlock)).(cipher.AEAD)
 
 
 
-		var AEADLen [18]byte
 
-		var lenresp int
 
+		var aeadEncryptedResponseHeaderLength [18]byte
 
+		var decryptedResponseHeaderLength int
 
+		var decryptedResponseHeaderLengthBinaryDeserializeBuffer uint16
 
 
 
-		var lenrespr uint16
 
-
 
-		if _, err := io.ReadFull(reader, AEADLen[:]); err != nil {
 
+		if _, err := io.ReadFull(reader, aeadEncryptedResponseHeaderLength[:]); err != nil {
 
 			return nil, newError("Unable to Read Header Len").Base(err)
 
 			return nil, newError("Unable to Read Header Len").Base(err)
 
 		}
 
 		}
 
-		if AEADLend, err := aeadHeader.Open(nil, respi, AEADLen[:], nil); err != nil {
 
+		if decryptedResponseHeaderLengthBinaryBuffer, err := aeadResponseHeaderLengthEncryptionAEAD.Open(nil, aeadResponseHeaderLengthEncryptionIV, aeadEncryptedResponseHeaderLength[:], nil); err != nil {
 
 			return nil, newError("Failed To Decrypt Length").Base(err)
 
 			return nil, newError("Failed To Decrypt Length").Base(err)
 
 		} else {
 
 		} else {
 
-			common.Must(binary.Read(bytes.NewReader(AEADLend), binary.BigEndian, &lenrespr))
 
-			lenresp = int(lenrespr)
 
+			common.Must(binary.Read(bytes.NewReader(decryptedResponseHeaderLengthBinaryBuffer), binary.BigEndian, &decryptedResponseHeaderLengthBinaryDeserializeBuffer))
 
+			decryptedResponseHeaderLength = int(decryptedResponseHeaderLengthBinaryDeserializeBuffer)
 
 		}
 
 		}
 
 
 
-		resphc := vmessaead.KDF16(c.responseBodyKey[:], "AEAD Resp Header Key")
 
-		respic := vmessaead.KDF(c.responseBodyIV[:], "AEAD Resp Header IV")[:12]
 
+		aeadResponseHeaderPayloadEncryptionKey := vmessaead.KDF16(c.responseBodyKey[:], vmessaead.KDFSaltConst_AEADRespHeaderPayloadKey)
 
+		aeadResponseHeaderPayloadEncryptionIV := vmessaead.KDF(c.responseBodyIV[:], vmessaead.KDFSaltConst_AEADRespHeaderPayloadIV)[:12]
 
 
 
-		aesblockc := common.Must2(aes.NewCipher(resphc)).(cipher.Block)
 
-		aeadHeaderc := common.Must2(cipher.NewGCM(aesblockc)).(cipher.AEAD)
 
+		aeadResponseHeaderPayloadEncryptionKeyAESBlock := common.Must2(aes.NewCipher(aeadResponseHeaderPayloadEncryptionKey)).(cipher.Block)
 
+		aeadResponseHeaderPayloadEncryptionAEAD := common.Must2(cipher.NewGCM(aeadResponseHeaderPayloadEncryptionKeyAESBlock)).(cipher.AEAD)
 
 
 
-		respPayload := make([]byte, lenresp+16)
 
+		encryptedResponseHeaderBuffer := make([]byte, decryptedResponseHeaderLength+16)
 
 
 
-		if _, err := io.ReadFull(reader, respPayload); err != nil {
 
+		if _, err := io.ReadFull(reader, encryptedResponseHeaderBuffer); err != nil {
 
 			return nil, newError("Unable to Read Header Data").Base(err)
 
 			return nil, newError("Unable to Read Header Data").Base(err)
 
 		}
 
 		}
 
 
 
-		if AEADData, err := aeadHeaderc.Open(nil, respic, respPayload, nil); err != nil {
 
+		if decryptedResponseHeaderBuffer, err := aeadResponseHeaderPayloadEncryptionAEAD.Open(nil, aeadResponseHeaderPayloadEncryptionIV, encryptedResponseHeaderBuffer, nil); err != nil {
 
 			return nil, newError("Failed To Decrypt Payload").Base(err)
 
 			return nil, newError("Failed To Decrypt Payload").Base(err)
 
 		} else {
 
 		} else {
 
-			c.responseReader = bytes.NewReader(AEADData)
 
+			c.responseReader = bytes.NewReader(decryptedResponseHeaderBuffer)
 
 		}
 
 		}
 
 	}
 
 	}

+ 18 - 18
proxy/vmess/encoding/server.go
View File 

@@ -383,10 +383,10 @@ func (s *ServerSession) EncodeResponseHeader(header *protocol.ResponseHeader, wr
 
 	encryptionWriter = crypto.NewCryptionWriter(aesStream, writer)
 
 	encryptionWriter = crypto.NewCryptionWriter(aesStream, writer)
 
 	s.responseWriter = encryptionWriter
 
 	s.responseWriter = encryptionWriter
 
 
 
-	aeadBuffer := bytes.NewBuffer(nil)
 
+	aeadEncryptedHeaderBuffer := bytes.NewBuffer(nil)
 
 
 
 	if s.isAEADRequest {
 
 	if s.isAEADRequest {
 
-		encryptionWriter = aeadBuffer
 
+		encryptionWriter = aeadEncryptedHeaderBuffer
 
 	}
 
 	}
 
 
 
 	common.Must2(encryptionWriter.Write([]byte{s.responseHeader, byte(header.Option)}))
 
 	common.Must2(encryptionWriter.Write([]byte{s.responseHeader, byte(header.Option)}))
 
@@ -397,30 +397,30 @@ func (s *ServerSession) EncodeResponseHeader(header *protocol.ResponseHeader, wr
 
 
 
 	if s.isAEADRequest {
 
 	if s.isAEADRequest {
 
 
 
-		resph := vmessaead.KDF16(s.responseBodyKey[:], "AEAD Resp Header Len Key")
 
-		respi := vmessaead.KDF(s.responseBodyIV[:], "AEAD Resp Header Len IV")[:12]
 
+		aeadResponseHeaderLengthEncryptionKey := vmessaead.KDF16(s.responseBodyKey[:], vmessaead.KDFSaltConst_AEADRespHeaderLenKey)
 
+		aeadResponseHeaderLengthEncryptionIV := vmessaead.KDF(s.responseBodyIV[:], vmessaead.KDFSaltConst_AEADRespHeaderLenIV)[:12]
 
 
 
-		aesblock := common.Must2(aes.NewCipher(resph)).(cipher.Block)
 
-		aeadHeader := common.Must2(cipher.NewGCM(aesblock)).(cipher.AEAD)
 
+		aeadResponseHeaderLengthEncryptionKeyAESBlock := common.Must2(aes.NewCipher(aeadResponseHeaderLengthEncryptionKey)).(cipher.Block)
 
+		aeadResponseHeaderLengthEncryptionAEAD := common.Must2(cipher.NewGCM(aeadResponseHeaderLengthEncryptionKeyAESBlock)).(cipher.AEAD)
 
 
 
-		aeadlenBuf := bytes.NewBuffer(nil)
 
+		aeadResponseHeaderLengthEncryptionBuffer := bytes.NewBuffer(nil)
 
 
 
-		var aeadLen uint16
 
-		aeadLen = uint16(aeadBuffer.Len())
 
+		var decryptedResponseHeaderLengthBinaryDeserializeBuffer uint16
 
+		decryptedResponseHeaderLengthBinaryDeserializeBuffer = uint16(aeadEncryptedHeaderBuffer.Len())
 
 
 
-		common.Must(binary.Write(aeadlenBuf, binary.BigEndian, aeadLen))
 
+		common.Must(binary.Write(aeadResponseHeaderLengthEncryptionBuffer, binary.BigEndian, decryptedResponseHeaderLengthBinaryDeserializeBuffer))
 
 
 
-		sealedLen := aeadHeader.Seal(nil, respi, aeadlenBuf.Bytes(), nil)
 
-		common.Must2(io.Copy(writer, bytes.NewReader(sealedLen)))
 
+		AEADEncryptedLength := aeadResponseHeaderLengthEncryptionAEAD.Seal(nil, aeadResponseHeaderLengthEncryptionIV, aeadResponseHeaderLengthEncryptionBuffer.Bytes(), nil)
 
+		common.Must2(io.Copy(writer, bytes.NewReader(AEADEncryptedLength)))
 
 
 
-		resphc := vmessaead.KDF16(s.responseBodyKey[:], "AEAD Resp Header Key")
 
-		respic := vmessaead.KDF(s.responseBodyIV[:], "AEAD Resp Header IV")[:12]
 
+		aeadResponseHeaderPayloadEncryptionKey := vmessaead.KDF16(s.responseBodyKey[:], vmessaead.KDFSaltConst_AEADRespHeaderPayloadKey)
 
+		aeadResponseHeaderPayloadEncryptionIV := vmessaead.KDF(s.responseBodyIV[:], vmessaead.KDFSaltConst_AEADRespHeaderPayloadIV)[:12]
 
 
 
-		aesblockc := common.Must2(aes.NewCipher(resphc)).(cipher.Block)
 
-		aeadHeaderc := common.Must2(cipher.NewGCM(aesblockc)).(cipher.AEAD)
 
+		aeadResponseHeaderPayloadEncryptionKeyAESBlock := common.Must2(aes.NewCipher(aeadResponseHeaderPayloadEncryptionKey)).(cipher.Block)
 
+		aeadResponseHeaderPayloadEncryptionAEAD := common.Must2(cipher.NewGCM(aeadResponseHeaderPayloadEncryptionKeyAESBlock)).(cipher.AEAD)
 
 
 
-		sealed := aeadHeaderc.Seal(nil, respic, aeadBuffer.Bytes(), nil)
 
-		common.Must2(io.Copy(writer, bytes.NewReader(sealed)))
 
+		aeadEncryptedHeaderPayload := aeadResponseHeaderPayloadEncryptionAEAD.Seal(nil, aeadResponseHeaderPayloadEncryptionIV, aeadEncryptedHeaderBuffer.Bytes(), nil)
 
+		common.Must2(io.Copy(writer, bytes.NewReader(aeadEncryptedHeaderPayload)))
 
 	}
 
 	}
 
 }
 
 }