mirror of https://github.com/v2ray/v2ray-core
Apply Coding Style
parent
a58b20b5b8
commit
8c886b4b46
|
@ -32,7 +32,7 @@ func CreateAuthID(cmdKey []byte, time int64) [16]byte {
|
||||||
}
|
}
|
||||||
|
|
||||||
func NewCipherFromKey(cmdKey []byte) cipher.Block {
|
func NewCipherFromKey(cmdKey []byte) cipher.Block {
|
||||||
aesBlock, err := aes.NewCipher(KDF16(cmdKey, "AES Auth ID Encryption"))
|
aesBlock, err := aes.NewCipher(KDF16(cmdKey, KDFSaltConst_AuthIDEncryptionKey))
|
||||||
if err != nil {
|
if err != nil {
|
||||||
panic(err)
|
panic(err)
|
||||||
}
|
}
|
||||||
|
|
|
@ -0,0 +1,21 @@
|
||||||
|
package aead
|
||||||
|
|
||||||
|
const KDFSaltConst_AuthIDEncryptionKey = "AES Auth ID Encryption"
|
||||||
|
|
||||||
|
const KDFSaltConst_AEADRespHeaderLenKey = "AEAD Resp Header Len Key"
|
||||||
|
|
||||||
|
const KDFSaltConst_AEADRespHeaderLenIV = "AEAD Resp Header Len IV"
|
||||||
|
|
||||||
|
const KDFSaltConst_AEADRespHeaderPayloadKey = "AEAD Resp Header Key"
|
||||||
|
|
||||||
|
const KDFSaltConst_AEADRespHeaderPayloadIV = "AEAD Resp Header IV"
|
||||||
|
|
||||||
|
const KDFSaltConst_VMessAEADKDF = "VMess AEAD KDF"
|
||||||
|
|
||||||
|
const KDFSaltConst_VmessAuthIDCheckValue = "VMess AuthID Check Value"
|
||||||
|
|
||||||
|
const KDFSaltConst_VMessLengthMask = "VMess AuthID Mask Value"
|
||||||
|
|
||||||
|
const KDFSaltConst_VMessHeaderPayloadAEADKey = "VMess Header AEAD Key"
|
||||||
|
|
||||||
|
const KDFSaltConst_VMessHeaderPayloadAEADIV = "VMess Header AEAD Nonce"
|
|
@ -14,128 +14,128 @@ import (
|
||||||
)
|
)
|
||||||
|
|
||||||
func SealVMessAEADHeader(key [16]byte, data []byte) []byte {
|
func SealVMessAEADHeader(key [16]byte, data []byte) []byte {
|
||||||
authid := CreateAuthID(key[:], time.Now().Unix())
|
generatedAuthID := CreateAuthID(key[:], time.Now().Unix())
|
||||||
|
|
||||||
nonce := make([]byte, 8)
|
connectionNonce := make([]byte, 8)
|
||||||
if _, err := io.ReadFull(rand.Reader, nonce); err != nil {
|
if _, err := io.ReadFull(rand.Reader, connectionNonce); err != nil {
|
||||||
panic(err.Error())
|
panic(err.Error())
|
||||||
}
|
}
|
||||||
|
|
||||||
lengthbuf := bytes.NewBuffer(nil)
|
aeadPayloadLengthSerializeBuffer := bytes.NewBuffer(nil)
|
||||||
|
|
||||||
var HeaderDataLen uint16
|
var headerPayloadDataLen uint16
|
||||||
HeaderDataLen = uint16(len(data))
|
headerPayloadDataLen = uint16(len(data))
|
||||||
|
|
||||||
common.Must(binary.Write(lengthbuf, binary.BigEndian, HeaderDataLen))
|
common.Must(binary.Write(aeadPayloadLengthSerializeBuffer, binary.BigEndian, headerPayloadDataLen))
|
||||||
|
|
||||||
authidCheck := KDF16(key[:], "VMess AuthID Check Value", string(authid[:]), string(lengthbuf.Bytes()), string(nonce))
|
authidCheckValue := KDF16(key[:], KDFSaltConst_VmessAuthIDCheckValue, string(generatedAuthID[:]), string(aeadPayloadLengthSerializeBuffer.Bytes()), string(connectionNonce))
|
||||||
|
|
||||||
lengthbufb := lengthbuf.Bytes()
|
aeadPayloadLengthSerializedByte := aeadPayloadLengthSerializeBuffer.Bytes()
|
||||||
|
|
||||||
LengthMask := KDF16(key[:], "VMess AuthID Mask Value", string(authid[:]), string(nonce[:]))[:2]
|
aeadPayloadLengthMask := KDF16(key[:], KDFSaltConst_VMessLengthMask, string(generatedAuthID[:]), string(connectionNonce[:]))[:2]
|
||||||
|
|
||||||
lengthbufb[0] = lengthbufb[0] ^ LengthMask[0]
|
aeadPayloadLengthSerializedByte[0] = aeadPayloadLengthSerializedByte[0] ^ aeadPayloadLengthMask[0]
|
||||||
lengthbufb[1] = lengthbufb[1] ^ LengthMask[1]
|
aeadPayloadLengthSerializedByte[1] = aeadPayloadLengthSerializedByte[1] ^ aeadPayloadLengthMask[1]
|
||||||
|
|
||||||
HeaderAEADKey := KDF16(key[:], "VMess Header AEAD Key", string(authid[:]), string(nonce))
|
payloadHeaderAEADKey := KDF16(key[:], KDFSaltConst_VMessHeaderPayloadAEADKey, string(generatedAuthID[:]), string(connectionNonce))
|
||||||
|
|
||||||
HeaderAEADNonce := KDF(key[:], "VMess Header AEAD Nonce", string(authid[:]), string(nonce))[:12]
|
payloadHeaderAEADNonce := KDF(key[:], KDFSaltConst_VMessHeaderPayloadAEADIV, string(generatedAuthID[:]), string(connectionNonce))[:12]
|
||||||
|
|
||||||
block, err := aes.NewCipher(HeaderAEADKey)
|
payloadHeaderAEADAESBlock, err := aes.NewCipher(payloadHeaderAEADKey)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
panic(err.Error())
|
panic(err.Error())
|
||||||
}
|
}
|
||||||
|
|
||||||
headerAEAD, err := cipher.NewGCM(block)
|
payloadHeaderAEAD, err := cipher.NewGCM(payloadHeaderAEADAESBlock)
|
||||||
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
panic(err.Error())
|
panic(err.Error())
|
||||||
}
|
}
|
||||||
|
|
||||||
headerSealed := headerAEAD.Seal(nil, HeaderAEADNonce, data, authid[:])
|
payloadHeaderAEADEncrypted := payloadHeaderAEAD.Seal(nil, payloadHeaderAEADNonce, data, generatedAuthID[:])
|
||||||
|
|
||||||
var outPutBuf = bytes.NewBuffer(nil)
|
var outputBuffer = bytes.NewBuffer(nil)
|
||||||
|
|
||||||
common.Must2(outPutBuf.Write(authid[:])) //16
|
common.Must2(outputBuffer.Write(generatedAuthID[:])) //16
|
||||||
|
|
||||||
common.Must2(outPutBuf.Write(authidCheck)) //16
|
common.Must2(outputBuffer.Write(authidCheckValue)) //16
|
||||||
|
|
||||||
common.Must2(outPutBuf.Write(lengthbufb)) //2
|
common.Must2(outputBuffer.Write(aeadPayloadLengthSerializedByte)) //2
|
||||||
|
|
||||||
common.Must2(outPutBuf.Write(nonce)) //8
|
common.Must2(outputBuffer.Write(connectionNonce)) //8
|
||||||
|
|
||||||
common.Must2(outPutBuf.Write(headerSealed))
|
common.Must2(outputBuffer.Write(payloadHeaderAEADEncrypted))
|
||||||
|
|
||||||
return outPutBuf.Bytes()
|
return outputBuffer.Bytes()
|
||||||
}
|
}
|
||||||
|
|
||||||
func OpenVMessAEADHeader(key [16]byte, authid [16]byte, data io.Reader) ([]byte, bool, error, int) {
|
func OpenVMessAEADHeader(key [16]byte, authid [16]byte, data io.Reader) ([]byte, bool, error, int) {
|
||||||
var authidCheck [16]byte
|
var authidCheckValue [16]byte
|
||||||
var lengthbufb [2]byte
|
var headerPayloadDataLen [2]byte
|
||||||
var nonce [8]byte
|
var nonce [8]byte
|
||||||
|
|
||||||
n, err := io.ReadFull(data, authidCheck[:])
|
authidCheckValueReadBytesCounts, err := io.ReadFull(data, authidCheckValue[:])
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, false, err, n
|
return nil, false, err, authidCheckValueReadBytesCounts
|
||||||
}
|
}
|
||||||
|
|
||||||
n2, err := io.ReadFull(data, lengthbufb[:])
|
headerPayloadDataLenReadBytesCounts, err := io.ReadFull(data, headerPayloadDataLen[:])
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, false, err, n + n2
|
return nil, false, err, authidCheckValueReadBytesCounts + headerPayloadDataLenReadBytesCounts
|
||||||
}
|
}
|
||||||
|
|
||||||
n4, err := io.ReadFull(data, nonce[:])
|
nonceReadBytesCounts, err := io.ReadFull(data, nonce[:])
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, false, err, n + n2 + n4
|
return nil, false, err, authidCheckValueReadBytesCounts + headerPayloadDataLenReadBytesCounts + nonceReadBytesCounts
|
||||||
}
|
}
|
||||||
|
|
||||||
//Unmask Length
|
//Unmask Length
|
||||||
|
|
||||||
LengthMask := KDF16(key[:], "VMess AuthID Mask Value", string(authid[:]), string(nonce[:]))[:2]
|
LengthMask := KDF16(key[:], KDFSaltConst_VMessLengthMask, string(authid[:]), string(nonce[:]))[:2]
|
||||||
|
|
||||||
lengthbufb[0] = lengthbufb[0] ^ LengthMask[0]
|
headerPayloadDataLen[0] = headerPayloadDataLen[0] ^ LengthMask[0]
|
||||||
lengthbufb[1] = lengthbufb[1] ^ LengthMask[1]
|
headerPayloadDataLen[1] = headerPayloadDataLen[1] ^ LengthMask[1]
|
||||||
|
|
||||||
authidCheckV := KDF16(key[:], "VMess AuthID Check Value", string(authid[:]), string(lengthbufb[:]), string(nonce[:]))
|
authidCheckValueReceivedFromNetwork := KDF16(key[:], KDFSaltConst_VmessAuthIDCheckValue, string(authid[:]), string(headerPayloadDataLen[:]), string(nonce[:]))
|
||||||
|
|
||||||
if !hmac.Equal(authidCheckV, authidCheck[:]) {
|
if !hmac.Equal(authidCheckValueReceivedFromNetwork, authidCheckValue[:]) {
|
||||||
return nil, true, errCheckMismatch, n + n2 + n4
|
return nil, true, errCheckMismatch, authidCheckValueReadBytesCounts + headerPayloadDataLenReadBytesCounts + nonceReadBytesCounts
|
||||||
}
|
}
|
||||||
|
|
||||||
var length uint16
|
var length uint16
|
||||||
|
|
||||||
common.Must(binary.Read(bytes.NewReader(lengthbufb[:]), binary.BigEndian, &length))
|
common.Must(binary.Read(bytes.NewReader(headerPayloadDataLen[:]), binary.BigEndian, &length))
|
||||||
|
|
||||||
HeaderAEADKey := KDF16(key[:], "VMess Header AEAD Key", string(authid[:]), string(nonce[:]))
|
payloadHeaderAEADKey := KDF16(key[:], KDFSaltConst_VMessHeaderPayloadAEADKey, string(authid[:]), string(nonce[:]))
|
||||||
|
|
||||||
HeaderAEADNonce := KDF(key[:], "VMess Header AEAD Nonce", string(authid[:]), string(nonce[:]))[:12]
|
payloadHeaderAEADNonce := KDF(key[:], KDFSaltConst_VMessHeaderPayloadAEADIV, string(authid[:]), string(nonce[:]))[:12]
|
||||||
|
|
||||||
//16 == AEAD Tag size
|
//16 == AEAD Tag size
|
||||||
header := make([]byte, length+16)
|
payloadHeaderAEADEncrypted := make([]byte, length+16)
|
||||||
|
|
||||||
n3, err := io.ReadFull(data, header)
|
payloadHeaderAEADEncryptedReadedBytesCounts, err := io.ReadFull(data, payloadHeaderAEADEncrypted)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, false, err, n + n2 + n3 + n4
|
return nil, false, err, authidCheckValueReadBytesCounts + headerPayloadDataLenReadBytesCounts + payloadHeaderAEADEncryptedReadedBytesCounts + nonceReadBytesCounts
|
||||||
}
|
}
|
||||||
|
|
||||||
block, err := aes.NewCipher(HeaderAEADKey)
|
payloadHeaderAEADAESBlock, err := aes.NewCipher(payloadHeaderAEADKey)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
panic(err.Error())
|
panic(err.Error())
|
||||||
}
|
}
|
||||||
|
|
||||||
headerAEAD, err := cipher.NewGCM(block)
|
payloadHeaderAEAD, err := cipher.NewGCM(payloadHeaderAEADAESBlock)
|
||||||
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
panic(err.Error())
|
panic(err.Error())
|
||||||
}
|
}
|
||||||
|
|
||||||
out, erropenAEAD := headerAEAD.Open(nil, HeaderAEADNonce, header, authid[:])
|
out, erropenAEAD := payloadHeaderAEAD.Open(nil, payloadHeaderAEADNonce, payloadHeaderAEADEncrypted, authid[:])
|
||||||
|
|
||||||
if erropenAEAD != nil {
|
if erropenAEAD != nil {
|
||||||
return nil, true, erropenAEAD, n + n2 + n3 + n4
|
return nil, true, erropenAEAD, authidCheckValueReadBytesCounts + headerPayloadDataLenReadBytesCounts + payloadHeaderAEADEncryptedReadedBytesCounts + nonceReadBytesCounts
|
||||||
}
|
}
|
||||||
|
|
||||||
return out, false, nil, n + n2 + n3 + n4
|
return out, false, nil, authidCheckValueReadBytesCounts + headerPayloadDataLenReadBytesCounts + payloadHeaderAEADEncryptedReadedBytesCounts + nonceReadBytesCounts
|
||||||
}
|
}
|
||||||
|
|
||||||
var errCheckMismatch = errors.New("check verify failed")
|
var errCheckMismatch = errors.New("check verify failed")
|
||||||
|
|
|
@ -9,7 +9,7 @@ import (
|
||||||
func KDF(key []byte, path ...string) []byte {
|
func KDF(key []byte, path ...string) []byte {
|
||||||
hmacf := hmac.New(func() hash.Hash {
|
hmacf := hmac.New(func() hash.Hash {
|
||||||
return sha256.New()
|
return sha256.New()
|
||||||
}, []byte("VMess AEAD KDF"))
|
}, []byte(KDFSaltConst_VMessAEADKDF))
|
||||||
|
|
||||||
for _, v := range path {
|
for _, v := range path {
|
||||||
hmacf = hmac.New(func() hash.Hash {
|
hmacf = hmac.New(func() hash.Hash {
|
||||||
|
|
|
@ -208,43 +208,42 @@ func (c *ClientSession) DecodeResponseHeader(reader io.Reader) (*protocol.Respon
|
||||||
aesStream := crypto.NewAesDecryptionStream(c.responseBodyKey[:], c.responseBodyIV[:])
|
aesStream := crypto.NewAesDecryptionStream(c.responseBodyKey[:], c.responseBodyIV[:])
|
||||||
c.responseReader = crypto.NewCryptionReader(aesStream, reader)
|
c.responseReader = crypto.NewCryptionReader(aesStream, reader)
|
||||||
} else {
|
} else {
|
||||||
resph := vmessaead.KDF16(c.responseBodyKey[:], "AEAD Resp Header Len Key")
|
aeadResponseHeaderLengthEncryptionKey := vmessaead.KDF16(c.responseBodyKey[:], vmessaead.KDFSaltConst_AEADRespHeaderLenKey)
|
||||||
respi := vmessaead.KDF(c.responseBodyIV[:], "AEAD Resp Header Len IV")[:12]
|
aeadResponseHeaderLengthEncryptionIV := vmessaead.KDF(c.responseBodyIV[:], vmessaead.KDFSaltConst_AEADRespHeaderLenIV)[:12]
|
||||||
|
|
||||||
aesblock := common.Must2(aes.NewCipher(resph)).(cipher.Block)
|
aeadResponseHeaderLengthEncryptionKeyAESBlock := common.Must2(aes.NewCipher(aeadResponseHeaderLengthEncryptionKey)).(cipher.Block)
|
||||||
aeadHeader := common.Must2(cipher.NewGCM(aesblock)).(cipher.AEAD)
|
aeadResponseHeaderLengthEncryptionAEAD := common.Must2(cipher.NewGCM(aeadResponseHeaderLengthEncryptionKeyAESBlock)).(cipher.AEAD)
|
||||||
|
|
||||||
var AEADLen [18]byte
|
var aeadEncryptedResponseHeaderLength [18]byte
|
||||||
var lenresp int
|
var decryptedResponseHeaderLength int
|
||||||
|
var decryptedResponseHeaderLengthBinaryDeserializeBuffer uint16
|
||||||
|
|
||||||
var lenrespr uint16
|
if _, err := io.ReadFull(reader, aeadEncryptedResponseHeaderLength[:]); err != nil {
|
||||||
|
|
||||||
if _, err := io.ReadFull(reader, AEADLen[:]); err != nil {
|
|
||||||
return nil, newError("Unable to Read Header Len").Base(err)
|
return nil, newError("Unable to Read Header Len").Base(err)
|
||||||
}
|
}
|
||||||
if AEADLend, err := aeadHeader.Open(nil, respi, AEADLen[:], nil); err != nil {
|
if decryptedResponseHeaderLengthBinaryBuffer, err := aeadResponseHeaderLengthEncryptionAEAD.Open(nil, aeadResponseHeaderLengthEncryptionIV, aeadEncryptedResponseHeaderLength[:], nil); err != nil {
|
||||||
return nil, newError("Failed To Decrypt Length").Base(err)
|
return nil, newError("Failed To Decrypt Length").Base(err)
|
||||||
} else {
|
} else {
|
||||||
common.Must(binary.Read(bytes.NewReader(AEADLend), binary.BigEndian, &lenrespr))
|
common.Must(binary.Read(bytes.NewReader(decryptedResponseHeaderLengthBinaryBuffer), binary.BigEndian, &decryptedResponseHeaderLengthBinaryDeserializeBuffer))
|
||||||
lenresp = int(lenrespr)
|
decryptedResponseHeaderLength = int(decryptedResponseHeaderLengthBinaryDeserializeBuffer)
|
||||||
}
|
}
|
||||||
|
|
||||||
resphc := vmessaead.KDF16(c.responseBodyKey[:], "AEAD Resp Header Key")
|
aeadResponseHeaderPayloadEncryptionKey := vmessaead.KDF16(c.responseBodyKey[:], vmessaead.KDFSaltConst_AEADRespHeaderPayloadKey)
|
||||||
respic := vmessaead.KDF(c.responseBodyIV[:], "AEAD Resp Header IV")[:12]
|
aeadResponseHeaderPayloadEncryptionIV := vmessaead.KDF(c.responseBodyIV[:], vmessaead.KDFSaltConst_AEADRespHeaderPayloadIV)[:12]
|
||||||
|
|
||||||
aesblockc := common.Must2(aes.NewCipher(resphc)).(cipher.Block)
|
aeadResponseHeaderPayloadEncryptionKeyAESBlock := common.Must2(aes.NewCipher(aeadResponseHeaderPayloadEncryptionKey)).(cipher.Block)
|
||||||
aeadHeaderc := common.Must2(cipher.NewGCM(aesblockc)).(cipher.AEAD)
|
aeadResponseHeaderPayloadEncryptionAEAD := common.Must2(cipher.NewGCM(aeadResponseHeaderPayloadEncryptionKeyAESBlock)).(cipher.AEAD)
|
||||||
|
|
||||||
respPayload := make([]byte, lenresp+16)
|
encryptedResponseHeaderBuffer := make([]byte, decryptedResponseHeaderLength+16)
|
||||||
|
|
||||||
if _, err := io.ReadFull(reader, respPayload); err != nil {
|
if _, err := io.ReadFull(reader, encryptedResponseHeaderBuffer); err != nil {
|
||||||
return nil, newError("Unable to Read Header Data").Base(err)
|
return nil, newError("Unable to Read Header Data").Base(err)
|
||||||
}
|
}
|
||||||
|
|
||||||
if AEADData, err := aeadHeaderc.Open(nil, respic, respPayload, nil); err != nil {
|
if decryptedResponseHeaderBuffer, err := aeadResponseHeaderPayloadEncryptionAEAD.Open(nil, aeadResponseHeaderPayloadEncryptionIV, encryptedResponseHeaderBuffer, nil); err != nil {
|
||||||
return nil, newError("Failed To Decrypt Payload").Base(err)
|
return nil, newError("Failed To Decrypt Payload").Base(err)
|
||||||
} else {
|
} else {
|
||||||
c.responseReader = bytes.NewReader(AEADData)
|
c.responseReader = bytes.NewReader(decryptedResponseHeaderBuffer)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -383,10 +383,10 @@ func (s *ServerSession) EncodeResponseHeader(header *protocol.ResponseHeader, wr
|
||||||
encryptionWriter = crypto.NewCryptionWriter(aesStream, writer)
|
encryptionWriter = crypto.NewCryptionWriter(aesStream, writer)
|
||||||
s.responseWriter = encryptionWriter
|
s.responseWriter = encryptionWriter
|
||||||
|
|
||||||
aeadBuffer := bytes.NewBuffer(nil)
|
aeadEncryptedHeaderBuffer := bytes.NewBuffer(nil)
|
||||||
|
|
||||||
if s.isAEADRequest {
|
if s.isAEADRequest {
|
||||||
encryptionWriter = aeadBuffer
|
encryptionWriter = aeadEncryptedHeaderBuffer
|
||||||
}
|
}
|
||||||
|
|
||||||
common.Must2(encryptionWriter.Write([]byte{s.responseHeader, byte(header.Option)}))
|
common.Must2(encryptionWriter.Write([]byte{s.responseHeader, byte(header.Option)}))
|
||||||
|
@ -397,30 +397,30 @@ func (s *ServerSession) EncodeResponseHeader(header *protocol.ResponseHeader, wr
|
||||||
|
|
||||||
if s.isAEADRequest {
|
if s.isAEADRequest {
|
||||||
|
|
||||||
resph := vmessaead.KDF16(s.responseBodyKey[:], "AEAD Resp Header Len Key")
|
aeadResponseHeaderLengthEncryptionKey := vmessaead.KDF16(s.responseBodyKey[:], vmessaead.KDFSaltConst_AEADRespHeaderLenKey)
|
||||||
respi := vmessaead.KDF(s.responseBodyIV[:], "AEAD Resp Header Len IV")[:12]
|
aeadResponseHeaderLengthEncryptionIV := vmessaead.KDF(s.responseBodyIV[:], vmessaead.KDFSaltConst_AEADRespHeaderLenIV)[:12]
|
||||||
|
|
||||||
aesblock := common.Must2(aes.NewCipher(resph)).(cipher.Block)
|
aeadResponseHeaderLengthEncryptionKeyAESBlock := common.Must2(aes.NewCipher(aeadResponseHeaderLengthEncryptionKey)).(cipher.Block)
|
||||||
aeadHeader := common.Must2(cipher.NewGCM(aesblock)).(cipher.AEAD)
|
aeadResponseHeaderLengthEncryptionAEAD := common.Must2(cipher.NewGCM(aeadResponseHeaderLengthEncryptionKeyAESBlock)).(cipher.AEAD)
|
||||||
|
|
||||||
aeadlenBuf := bytes.NewBuffer(nil)
|
aeadResponseHeaderLengthEncryptionBuffer := bytes.NewBuffer(nil)
|
||||||
|
|
||||||
var aeadLen uint16
|
var decryptedResponseHeaderLengthBinaryDeserializeBuffer uint16
|
||||||
aeadLen = uint16(aeadBuffer.Len())
|
decryptedResponseHeaderLengthBinaryDeserializeBuffer = uint16(aeadEncryptedHeaderBuffer.Len())
|
||||||
|
|
||||||
common.Must(binary.Write(aeadlenBuf, binary.BigEndian, aeadLen))
|
common.Must(binary.Write(aeadResponseHeaderLengthEncryptionBuffer, binary.BigEndian, decryptedResponseHeaderLengthBinaryDeserializeBuffer))
|
||||||
|
|
||||||
sealedLen := aeadHeader.Seal(nil, respi, aeadlenBuf.Bytes(), nil)
|
AEADEncryptedLength := aeadResponseHeaderLengthEncryptionAEAD.Seal(nil, aeadResponseHeaderLengthEncryptionIV, aeadResponseHeaderLengthEncryptionBuffer.Bytes(), nil)
|
||||||
common.Must2(io.Copy(writer, bytes.NewReader(sealedLen)))
|
common.Must2(io.Copy(writer, bytes.NewReader(AEADEncryptedLength)))
|
||||||
|
|
||||||
resphc := vmessaead.KDF16(s.responseBodyKey[:], "AEAD Resp Header Key")
|
aeadResponseHeaderPayloadEncryptionKey := vmessaead.KDF16(s.responseBodyKey[:], vmessaead.KDFSaltConst_AEADRespHeaderPayloadKey)
|
||||||
respic := vmessaead.KDF(s.responseBodyIV[:], "AEAD Resp Header IV")[:12]
|
aeadResponseHeaderPayloadEncryptionIV := vmessaead.KDF(s.responseBodyIV[:], vmessaead.KDFSaltConst_AEADRespHeaderPayloadIV)[:12]
|
||||||
|
|
||||||
aesblockc := common.Must2(aes.NewCipher(resphc)).(cipher.Block)
|
aeadResponseHeaderPayloadEncryptionKeyAESBlock := common.Must2(aes.NewCipher(aeadResponseHeaderPayloadEncryptionKey)).(cipher.Block)
|
||||||
aeadHeaderc := common.Must2(cipher.NewGCM(aesblockc)).(cipher.AEAD)
|
aeadResponseHeaderPayloadEncryptionAEAD := common.Must2(cipher.NewGCM(aeadResponseHeaderPayloadEncryptionKeyAESBlock)).(cipher.AEAD)
|
||||||
|
|
||||||
sealed := aeadHeaderc.Seal(nil, respic, aeadBuffer.Bytes(), nil)
|
aeadEncryptedHeaderPayload := aeadResponseHeaderPayloadEncryptionAEAD.Seal(nil, aeadResponseHeaderPayloadEncryptionIV, aeadEncryptedHeaderBuffer.Bytes(), nil)
|
||||||
common.Must2(io.Copy(writer, bytes.NewReader(sealed)))
|
common.Must2(io.Copy(writer, bytes.NewReader(aeadEncryptedHeaderPayload)))
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue