youys
/
shadowsocks-windows
Not watched
1
0
Fork 0
Code
Releases 67 Wiki Activity
Issues 0 Pull Requests 0 Datasets Model Cloudbrain
You can not select more than 25 topics Topics must start with a chinese character,a letter or number, can include dashes ('-') and can be up to 35 characters long.
Tree: e62e14eefc
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'e62e14eefc'
${ noResults }
shadowsocks-windows/Shadowsocks.Net/Crypto/Stream/StreamCrypto.cs

179 lines
6.2 kB
Raw Blame History 

  1. using Splat;

  2. using System;

  3. using System.Collections.Generic;

  4. using System.Runtime.CompilerServices;

  5. using System.Text;

  6. 

  7. namespace Shadowsocks.Net.Crypto.Stream

  8. {

  9.     public abstract class StreamCrypto : CryptoBase, IEnableLogger

  10.     {

  11.         // shared by TCP decrypt UDP encrypt and decrypt

  12.         protected static byte[] sharedBuffer = new byte[65536];

  13. 

  14.         // Is first packet

  15.         protected bool ivReady;

  16. 

  17.         protected CipherFamily cipherFamily;

  18.         protected CipherInfo CipherInfo;

  19.         // long-time master key

  20.         protected static byte[] key = Array.Empty<byte>();

  21.         protected byte[] iv = Array.Empty<byte>();

  22.         protected int keyLen;

  23.         protected int ivLen;

  24. 

  25.         public StreamCrypto(string method, string password)

  26.             : base(method, password)

  27.         {

  28.             CipherInfo = GetCiphers()[method.ToLower()];

  29.             cipherFamily = CipherInfo.Type;

  30.             StreamCipherParameter parameter = (StreamCipherParameter)CipherInfo.CipherParameter;

  31.             keyLen = parameter.KeySize;

  32.             ivLen = parameter.IvSize;

  33. 

  34.             InitKey(password);

  35. 

  36.             this.Log().Debug($"key {instanceId} {key} {keyLen}");

  37.         }

  38. 

  39.         protected abstract Dictionary<string, CipherInfo> GetCiphers();

  40. 

  41.         private void InitKey(string password)

  42.         {

  43.             byte[] passbuf = Encoding.UTF8.GetBytes(password);

  44.             key ??= new byte[keyLen];

  45.             if (key.Length != keyLen)

  46.             {

  47.                 Array.Resize(ref key, keyLen);

  48.             }

  49. 

  50.             LegacyDeriveKey(passbuf, key, keyLen);

  51.         }

  52. 

  53.         [MethodImpl(MethodImplOptions.AggressiveInlining)]

  54.         public static void LegacyDeriveKey(byte[] password, byte[] key, int keylen)

  55.         {

  56.             byte[] result = new byte[password.Length + MD5Length];

  57.             int i = 0;

  58.             byte[] md5sum = Array.Empty<byte>();

  59.             while (i < keylen)

  60.             {

  61.                 if (i == 0)

  62.                 {

  63.                     md5sum = CryptoUtils.MD5(password);

  64.                 }

  65.                 else

  66.                 {

  67.                     Array.Copy(md5sum, 0, result, 0, MD5Length);

  68.                     Array.Copy(password, 0, result, MD5Length, password.Length);

  69.                     md5sum = CryptoUtils.MD5(result);

  70.                 }

  71.                 Array.Copy(md5sum, 0, key, i, Math.Min(MD5Length, keylen - i));

  72.                 i += MD5Length;

  73.             }

  74.         }

  75. 

  76.         protected virtual void InitCipher(byte[] iv, bool isEncrypt)

  77.         {

  78.             if (ivLen == 0)

  79.             {

  80.                 return;

  81.             }

  82. 

  83.             this.iv = new byte[ivLen];

  84.             Array.Copy(iv, this.iv, ivLen);

  85.         }

  86. 

  87.         protected abstract int CipherEncrypt(ReadOnlySpan<byte> plain, Span<byte> cipher);

  88.         protected abstract int CipherDecrypt(Span<byte> plain, ReadOnlySpan<byte> cipher);

  89. 

  90.         #region TCP

  91.         [MethodImpl(MethodImplOptions.Synchronized)]

  92.         public override int Encrypt(ReadOnlySpan<byte> plain, Span<byte> cipher)

  93.         {

  94.             int cipherOffset = 0;

  95.             this.Log().Debug($"{instanceId} encrypt TCP, generate iv: {!ivReady}");

  96.             if (!ivReady)

  97.             {

  98.                 // Generate IV

  99.                 byte[] ivBytes = RNG.GetBytes(ivLen);

  100.                 InitCipher(ivBytes, true);

  101.                 ivBytes.CopyTo(cipher);

  102.                 cipherOffset = ivLen;

  103.                 cipher = cipher.Slice(cipherOffset);

  104.                 ivReady = true;

  105.             }

  106.             int clen = CipherEncrypt(plain, cipher);

  107. 

  108.             this.Log().Debug($"plain {instanceId} {Convert.ToBase64String(plain)}");

  109.             this.Log().Debug($"cipher {instanceId} {Convert.ToBase64String(cipher.Slice(0, clen))}");

  110.             this.Log().Debug($"iv {instanceId} {iv} {ivLen}");

  111.             return clen + cipherOffset;

  112.         }

  113. 

  114.         private int recieveCtr = 0;

  115.         [MethodImpl(MethodImplOptions.Synchronized)]

  116.         public override int Decrypt(Span<byte> plain, ReadOnlySpan<byte> cipher)

  117.         {

  118.             this.Log().Debug($"{instanceId} decrypt TCP, read iv: {!ivReady}");

  119. 

  120.             int cipherOffset = 0;

  121.             // is first packet, need read iv

  122.             if (!ivReady)

  123.             {

  124.                 // push to buffer in case of not enough data

  125.                 cipher.CopyTo(sharedBuffer.AsSpan(recieveCtr));

  126.                 recieveCtr += cipher.Length;

  127. 

  128.                 // not enough data for read iv, return 0 byte data

  129.                 if (recieveCtr <= ivLen)

  130.                 {

  131.                     return 0;

  132.                 }

  133.                 // start decryption

  134.                 ivReady = true;

  135.                 if (ivLen > 0)

  136.                 {

  137.                     // read iv

  138.                     byte[] iv = sharedBuffer.AsSpan(0, ivLen).ToArray();

  139.                     InitCipher(iv, false);

  140.                 }

  141.                 else

  142.                 {

  143.                     InitCipher(Array.Empty<byte>(), false);

  144.                 }

  145.                 cipherOffset += ivLen;

  146.             }

  147. 

  148.             // read all data from buffer

  149.             int len = CipherDecrypt(plain, cipher.Slice(cipherOffset));

  150. 

  151.             this.Log().Debug($"cipher {instanceId} {Convert.ToBase64String(cipher.Slice(cipherOffset))}");

  152.             this.Log().Debug($"plain {instanceId} {Convert.ToBase64String(plain.Slice(0, len))}");

  153.             this.Log().Debug($"iv {instanceId} {iv} {ivLen}");

  154.             return len;

  155.         }

  156. 

  157.         #endregion

  158. 

  159.         #region UDP

  160.         [MethodImpl(MethodImplOptions.Synchronized)]

  161.         public override int EncryptUDP(ReadOnlySpan<byte> plain, Span<byte> cipher)

  162.         {

  163.             byte[] iv = RNG.GetBytes(ivLen);

  164.             iv.CopyTo(cipher);

  165.             InitCipher(iv, true);

  166.             return ivLen + CipherEncrypt(plain, cipher.Slice(ivLen));

  167.         }

  168. 

  169.         [MethodImpl(MethodImplOptions.Synchronized)]

  170.         public override int DecryptUDP(Span<byte> plain, ReadOnlySpan<byte> cipher)

  171.         {

  172.             InitCipher(cipher.Slice(0, ivLen).ToArray(), false);

  173.             return CipherDecrypt(plain, cipher.Slice(ivLen));

  174.         }

  175. 

  176.         #endregion

  177.     }

  178. }