Home Explore Help
Sign In
wytfy
/
v2ray-core
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: f0d87d13d6
Branches Tags
v2ray-core
/
proxy
/
shadowsocks2022
/
method_aes256gcm.go

method_aes256gcm.go 2.3 KB
History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677 
  1. package shadowsocks2022
    2. 

  2. 

  3. import (
    4. 

  4. 	"crypto/aes"
    5. 

  5. 	"crypto/cipher"
    6. 

  6. )
    7. 

  7. 

  8. func newAES256GCMMethod() *AES256GCMMethod {
    9. 

  9. 	return &AES256GCMMethod{}
    10. 

  10. }
    11. 

  11. 

  12. type AES256GCMMethod struct{}
    13. 

  13. 

  14. func (a AES256GCMMethod) GetSessionSubKeyAndSaltLength() int {
    15. 

  15. 	return 32
    16. 

  16. }
    17. 

  17. 

  18. func (a AES256GCMMethod) GetStreamAEAD(sessionSubKey []byte) (cipher.AEAD, error) {
    19. 

  19. 	aesCipher, err := aes.NewCipher(sessionSubKey)
    20. 

  20. 	if err != nil {
    21. 

  21. 		return nil, newError("failed to create AES cipher").Base(err)
    22. 

  22. 	}
    23. 

  23. 	aead, err := cipher.NewGCM(aesCipher)
    24. 

  24. 	if err != nil {
    25. 

  25. 		return nil, newError("failed to create AES-GCM AEAD").Base(err)
    26. 

  26. 	}
    27. 

  27. 	return aead, nil
    28. 

  28. }
    29. 

  29. 

  30. func (a AES256GCMMethod) GenerateEIH(currentIdentitySubKey []byte, nextPskHash []byte, out []byte) error {
    31. 

  31. 	aesCipher, err := aes.NewCipher(currentIdentitySubKey)
    32. 

  32. 	if err != nil {
    33. 

  33. 		return newError("failed to create AES cipher").Base(err)
    34. 

  34. 	}
    35. 

  35. 	aesCipher.Encrypt(out, nextPskHash)
    36. 

  36. 	return nil
    37. 

  37. }
    38. 

  38. 

  39. func (a AES256GCMMethod) GetUDPClientProcessor(ipsk [][]byte, psk []byte, derivation KeyDerivation) (UDPClientPacketProcessor, error) {
    40. 

  40. 	reqSeparateHeaderPsk := psk
    41. 

  41. 	if ipsk != nil {
    42. 

  42. 		reqSeparateHeaderPsk = ipsk[0]
    43. 

  43. 	}
    44. 

  44. 	reqSeparateHeaderCipher, err := aes.NewCipher(reqSeparateHeaderPsk)
    45. 

  45. 	if err != nil {
    46. 

  46. 		return nil, newError("failed to create AES cipher").Base(err)
    47. 

  47. 	}
    48. 

  48. 	respSeparateHeaderCipher, err := aes.NewCipher(psk)
    49. 

  49. 	if err != nil {
    50. 

  50. 		return nil, newError("failed to create AES cipher").Base(err)
    51. 

  51. 	}
    52. 

  52. 	getPacketAEAD := func(sessionID []byte) cipher.AEAD {
    53. 

  53. 		sessionKey := make([]byte, a.GetSessionSubKeyAndSaltLength())
    54. 

  54. 		derivation.GetSessionSubKey(psk, sessionID, sessionKey)
    55. 

  55. 		block, err := aes.NewCipher(sessionKey)
    56. 

  56. 		if err != nil {
    57. 

  57. 			panic(err)
    58. 

  58. 		}
    59. 

  59. 		aead, err := cipher.NewGCM(block)
    60. 

  60. 		if err != nil {
    61. 

  61. 			panic(err)
    62. 

  62. 		}
    63. 

  63. 		return aead
    64. 

  64. 	}
    65. 

  65. 	if len(ipsk) == 0 {
    66. 

  66. 		return NewAESUDPClientPacketProcessor(reqSeparateHeaderCipher, respSeparateHeaderCipher, getPacketAEAD, nil), nil
    67. 

  67. 	}
    68. 

  68. 	eihGenerator := newAESEIHGeneratorContainer(len(ipsk), psk, ipsk)
    69. 

  69. 	getEIH := func(mask []byte) ExtensibleIdentityHeaders {
    70. 

  70. 		eih, err := eihGenerator.GenerateEIHUDP(derivation, a, mask)
    71. 

  71. 		if err != nil {
    72. 

  72. 			newError("failed to generate EIH").Base(err).WriteToLog()
    73. 

  73. 		}
    74. 

  74. 		return eih
    75. 

  75. 	}
    76. 

  76. 	return NewAESUDPClientPacketProcessor(reqSeparateHeaderCipher, respSeparateHeaderCipher, getPacketAEAD, getEIH), nil
    77. 

  77. }
    78.