mirror of
https://github.com/XTLS/Xray-core.git
synced 2025-06-12 03:19:36 +03:00
VMess AEAD based packet length
(cherry picked from commit 08221600082a79376bdc262f2ffec1a3129ae98d)
This commit is contained in:
Shelikhoo
@ -171,6 +171,17 @@ func (c *ClientSession) EncodeRequestBody(request *protocol.RequestHeader, write
|
||||
NonceGenerator: GenerateChunkNonce(c.requestBodyIV[:], uint32(aead.NonceSize())),
|
||||
AdditionalDataGenerator: crypto.GenerateEmptyBytes(),
|
||||
}
|
||||
if request.Option.Has(protocol.RequestOptionAuthenticatedLength) {
|
||||
AuthenticatedLengthKey := vmessaead.KDF16(c.requestBodyKey[:], "auth_len")
|
||||
AuthenticatedLengthKeyAEAD := crypto.NewAesGcm(AuthenticatedLengthKey)
|
||||
|
||||
lengthAuth := &crypto.AEADAuthenticator{
|
||||
AEAD: AuthenticatedLengthKeyAEAD,
|
||||
NonceGenerator: GenerateChunkNonce(c.requestBodyIV[:], uint32(aead.NonceSize())),
|
||||
AdditionalDataGenerator: crypto.GenerateEmptyBytes(),
|
||||
}
|
||||
sizeParser = NewAEADSizeParser(lengthAuth)
|
||||
}
|
||||
return crypto.NewAuthenticationWriter(auth, sizeParser, writer, request.Command.TransferType(), padding)
|
||||
case protocol.SecurityType_CHACHA20_POLY1305:
|
||||
aead, err := chacha20poly1305.New(GenerateChacha20Poly1305Key(c.requestBodyKey[:]))
|
||||
@ -181,6 +192,18 @@ func (c *ClientSession) EncodeRequestBody(request *protocol.RequestHeader, write
|
||||
NonceGenerator: GenerateChunkNonce(c.requestBodyIV[:], uint32(aead.NonceSize())),
|
||||
AdditionalDataGenerator: crypto.GenerateEmptyBytes(),
|
||||
}
|
||||
if request.Option.Has(protocol.RequestOptionAuthenticatedLength) {
|
||||
AuthenticatedLengthKey := vmessaead.KDF16(c.requestBodyKey[:], "auth_len")
|
||||
AuthenticatedLengthKeyAEAD, err := chacha20poly1305.New(GenerateChacha20Poly1305Key(AuthenticatedLengthKey))
|
||||
common.Must(err)
|
||||
|
||||
lengthAuth := &crypto.AEADAuthenticator{
|
||||
AEAD: AuthenticatedLengthKeyAEAD,
|
||||
NonceGenerator: GenerateChunkNonce(c.requestBodyIV[:], uint32(aead.NonceSize())),
|
||||
AdditionalDataGenerator: crypto.GenerateEmptyBytes(),
|
||||
}
|
||||
sizeParser = NewAEADSizeParser(lengthAuth)
|
||||
}
|
||||
return crypto.NewAuthenticationWriter(auth, sizeParser, writer, request.Command.TransferType(), padding)
|
||||
default:
|
||||
panic("Unknown security type.")
|
||||
@ -312,6 +335,17 @@ func (c *ClientSession) DecodeResponseBody(request *protocol.RequestHeader, read
|
||||
NonceGenerator: GenerateChunkNonce(c.responseBodyIV[:], uint32(aead.NonceSize())),
|
||||
AdditionalDataGenerator: crypto.GenerateEmptyBytes(),
|
||||
}
|
||||
if request.Option.Has(protocol.RequestOptionAuthenticatedLength) {
|
||||
AuthenticatedLengthKey := vmessaead.KDF16(c.requestBodyKey[:], "auth_len")
|
||||
AuthenticatedLengthKeyAEAD := crypto.NewAesGcm(AuthenticatedLengthKey)
|
||||
|
||||
lengthAuth := &crypto.AEADAuthenticator{
|
||||
AEAD: AuthenticatedLengthKeyAEAD,
|
||||
NonceGenerator: GenerateChunkNonce(c.requestBodyIV[:], uint32(aead.NonceSize())),
|
||||
AdditionalDataGenerator: crypto.GenerateEmptyBytes(),
|
||||
}
|
||||
sizeParser = NewAEADSizeParser(lengthAuth)
|
||||
}
|
||||
return crypto.NewAuthenticationReader(auth, sizeParser, reader, request.Command.TransferType(), padding)
|
||||
case protocol.SecurityType_CHACHA20_POLY1305:
|
||||
aead, _ := chacha20poly1305.New(GenerateChacha20Poly1305Key(c.responseBodyKey[:]))
|
||||
@ -321,6 +355,18 @@ func (c *ClientSession) DecodeResponseBody(request *protocol.RequestHeader, read
|
||||
NonceGenerator: GenerateChunkNonce(c.responseBodyIV[:], uint32(aead.NonceSize())),
|
||||
AdditionalDataGenerator: crypto.GenerateEmptyBytes(),
|
||||
}
|
||||
if request.Option.Has(protocol.RequestOptionAuthenticatedLength) {
|
||||
AuthenticatedLengthKey := vmessaead.KDF16(c.requestBodyKey[:], "auth_len")
|
||||
AuthenticatedLengthKeyAEAD, err := chacha20poly1305.New(GenerateChacha20Poly1305Key(AuthenticatedLengthKey))
|
||||
common.Must(err)
|
||||
|
||||
lengthAuth := &crypto.AEADAuthenticator{
|
||||
AEAD: AuthenticatedLengthKeyAEAD,
|
||||
NonceGenerator: GenerateChunkNonce(c.requestBodyIV[:], uint32(aead.NonceSize())),
|
||||
AdditionalDataGenerator: crypto.GenerateEmptyBytes(),
|
||||
}
|
||||
sizeParser = NewAEADSizeParser(lengthAuth)
|
||||
}
|
||||
return crypto.NewAuthenticationReader(auth, sizeParser, reader, request.Command.TransferType(), padding)
|
||||
default:
|
||||
panic("Unknown security type.")
|
||||
|
||||
Reference in New Issue
Block a user