v2ray-core/proxy/shadowsocks/ota.go

130 lines
2.7 KiB
Go
Raw Normal View History

package shadowsocks
import (
2016-05-24 20:09:22 +00:00
"bytes"
"crypto/hmac"
"crypto/sha1"
2016-01-29 19:54:06 +00:00
"io"
2016-12-08 10:21:24 +00:00
2017-11-29 21:57:18 +00:00
"v2ray.com/core/common"
2016-12-09 10:35:27 +00:00
"v2ray.com/core/common/buf"
2016-08-20 18:55:45 +00:00
"v2ray.com/core/common/serial"
)
const (
2016-12-21 22:07:35 +00:00
// AuthSize is the number of extra bytes for Shadowsocks OTA.
AuthSize = 10
)
type KeyGenerator func() []byte
type Authenticator struct {
key KeyGenerator
}
func NewAuthenticator(keygen KeyGenerator) *Authenticator {
return &Authenticator{
key: keygen,
}
}
2016-12-09 11:08:25 +00:00
func (v *Authenticator) Authenticate(data []byte) buf.Supplier {
2016-11-27 20:39:09 +00:00
hasher := hmac.New(sha1.New, v.key())
2017-11-29 21:57:18 +00:00
common.Must2(hasher.Write(data))
res := hasher.Sum(nil)
2016-12-09 11:08:25 +00:00
return func(b []byte) (int, error) {
return copy(b, res[:AuthSize]), nil
2016-12-06 10:03:42 +00:00
}
}
func HeaderKeyGenerator(key []byte, iv []byte) func() []byte {
return func() []byte {
newKey := make([]byte, 0, len(key)+len(iv))
newKey = append(newKey, iv...)
2016-02-28 20:00:53 +00:00
newKey = append(newKey, key...)
return newKey
}
}
func ChunkKeyGenerator(iv []byte) func() []byte {
2016-12-21 22:07:35 +00:00
chunkID := 0
return func() []byte {
newKey := make([]byte, 0, len(iv)+4)
newKey = append(newKey, iv...)
2016-12-21 22:07:35 +00:00
newKey = serial.IntToBytes(chunkID, newKey)
chunkID++
return newKey
}
}
2016-01-29 19:54:06 +00:00
type ChunkReader struct {
reader io.Reader
auth *Authenticator
}
func NewChunkReader(reader io.Reader, auth *Authenticator) *ChunkReader {
return &ChunkReader{
reader: reader,
auth: auth,
}
}
2017-11-09 21:33:15 +00:00
func (v *ChunkReader) ReadMultiBuffer() (buf.MultiBuffer, error) {
2018-03-12 21:10:13 +00:00
size, err := serial.ReadUint16(v.reader)
if err != nil {
return nil, newError("failed to read size")
2016-11-19 09:57:00 +00:00
}
2018-03-12 21:10:13 +00:00
size += AuthSize
2016-12-05 16:05:47 +00:00
2018-04-02 20:01:55 +00:00
buffer := buf.NewSize(int32(size))
2018-04-01 22:44:47 +00:00
if err := buffer.AppendSupplier(buf.ReadFullFrom(v.reader, int32(size))); err != nil {
2016-02-01 11:22:29 +00:00
buffer.Release()
2016-01-29 19:54:06 +00:00
return nil, err
}
2016-12-05 14:19:14 +00:00
authBytes := buffer.BytesTo(AuthSize)
payload := buffer.BytesFrom(AuthSize)
2016-01-29 19:54:06 +00:00
2016-12-06 10:03:42 +00:00
actualAuthBytes := make([]byte, AuthSize)
v.auth.Authenticate(payload)(actualAuthBytes)
2016-05-24 20:09:22 +00:00
if !bytes.Equal(authBytes, actualAuthBytes) {
2016-02-01 11:22:29 +00:00
buffer.Release()
2017-04-08 23:43:25 +00:00
return nil, newError("invalid auth")
2016-01-29 19:54:06 +00:00
}
2016-07-13 09:38:14 +00:00
buffer.SliceFrom(AuthSize)
2016-01-29 19:54:06 +00:00
2017-04-16 11:17:35 +00:00
return buf.NewMultiBufferValue(buffer), nil
2016-01-29 19:54:06 +00:00
}
2016-10-20 22:33:23 +00:00
type ChunkWriter struct {
writer io.Writer
auth *Authenticator
2016-12-08 10:21:24 +00:00
buffer []byte
2016-10-20 22:33:23 +00:00
}
func NewChunkWriter(writer io.Writer, auth *Authenticator) *ChunkWriter {
return &ChunkWriter{
writer: writer,
auth: auth,
2016-12-08 10:21:24 +00:00
buffer: make([]byte, 32*1024),
2016-10-20 22:33:23 +00:00
}
}
2017-11-09 21:33:15 +00:00
// WriteMultiBuffer implements buf.Writer.
func (w *ChunkWriter) WriteMultiBuffer(mb buf.MultiBuffer) error {
2017-04-15 19:07:23 +00:00
defer mb.Release()
2017-04-15 19:49:18 +00:00
for {
2017-04-19 19:27:21 +00:00
payloadLen, _ := mb.Read(w.buffer[2+AuthSize:])
2017-04-15 19:49:18 +00:00
serial.Uint16ToBytes(uint16(payloadLen), w.buffer[:0])
w.auth.Authenticate(w.buffer[2+AuthSize : 2+AuthSize+payloadLen])(w.buffer[2:])
if _, err := w.writer.Write(w.buffer[:2+AuthSize+payloadLen]); err != nil {
return err
}
if mb.IsEmpty() {
break
}
2017-04-15 19:07:23 +00:00
}
return nil
}