youys
/
shadowsocks-windows
Not watched
1
0
Fork 0
Code
Releases 67 Wiki Activity
Issues 0 Pull Requests 0 Datasets Model Cloudbrain
You can not select more than 25 topics Topics must start with a chinese character,a letter or number, can include dashes ('-') and can be up to 35 characters long.
Tree: f01ccd801f
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'f01ccd801f'
${ noResults }
shadowsocks-windows/shadowsocks-csharp/Encryption/Stream/StreamEncryptor.cs

182 lines
6.7 kB
Raw Blame History 

  1. using System;

  2. using System.Collections.Generic;

  3. using System.Diagnostics;

  4. using System.Text;

  5. using Shadowsocks.Encryption.CircularBuffer;

  6. using Shadowsocks.Controller;

  7. 

  8. namespace Shadowsocks.Encryption.Stream

  9. {

  10.     public abstract class StreamEncryptor

  11.         : EncryptorBase

  12.     {

  13.         // for UDP only

  14.         protected static byte[] _udpTmpBuf = new byte[65536];

  15. 

  16.         // every connection should create its own buffer

  17.         private ByteCircularBuffer _encCircularBuffer = new ByteCircularBuffer(TCPHandler.BufferSize * 2);

  18.         private ByteCircularBuffer _decCircularBuffer = new ByteCircularBuffer(TCPHandler.BufferSize * 2);

  19. 

  20.         protected Dictionary<string, EncryptorInfo> ciphers;

  21. 

  22.         protected byte[] _encryptIV;

  23.         protected byte[] _decryptIV;

  24. 

  25.         // Is first packet

  26.         protected bool _decryptIVReceived;

  27.         protected bool _encryptIVSent;

  28. 

  29.         protected string _method;

  30.         protected int _cipher;

  31.         // internal name in the crypto library

  32.         protected string _innerLibName;

  33.         protected EncryptorInfo CipherInfo;

  34.         // long-time master key

  35.         protected static byte[] _key = null;

  36.         protected int keyLen;

  37.         protected int ivLen;

  38. 

  39.         public StreamEncryptor(string method, string password)

  40.             : base(method, password)

  41.         {

  42.             InitEncryptorInfo(method);

  43.             InitKey(password);

  44.         }

  45. 

  46.         protected abstract Dictionary<string, EncryptorInfo> getCiphers();

  47. 

  48.         private void InitEncryptorInfo(string method)

  49.         {

  50.             method = method.ToLower();

  51.             _method = method;

  52.             ciphers = getCiphers();

  53.             CipherInfo = ciphers[_method];

  54.             _innerLibName = CipherInfo.InnerLibName;

  55.             _cipher = CipherInfo.Type;

  56.             if (_cipher == 0) {

  57.                 throw new System.Exception("method not found");

  58.             }

  59.             keyLen = CipherInfo.KeySize;

  60.             ivLen = CipherInfo.IvSize;

  61.         }

  62. 

  63.         private void InitKey(string password)

  64.         {

  65.             byte[] passbuf = Encoding.UTF8.GetBytes(password);

  66.             if (_key == null) _key = new byte[keyLen];

  67.             if (_key.Length != keyLen) Array.Resize(ref _key, keyLen);

  68.             LegacyDeriveKey(passbuf, _key, keyLen);

  69.         }

  70. 

  71.         public static void LegacyDeriveKey(byte[] password, byte[] key, int keylen)

  72.         {

  73.             byte[] result = new byte[password.Length + MD5_LEN];

  74.             int i = 0;

  75.             byte[] md5sum = null;

  76.             while (i < keylen) {

  77.                 if (i == 0) {

  78.                     md5sum = MbedTLS.MD5(password);

  79.                 } else {

  80.                     Array.Copy(md5sum, 0, result, 0, MD5_LEN);

  81.                     Array.Copy(password, 0, result, MD5_LEN, password.Length);

  82.                     md5sum = MbedTLS.MD5(result);

  83.                 }

  84.                 Array.Copy(md5sum, 0, key, i, Math.Min(MD5_LEN, keylen - i));

  85.                 i += MD5_LEN;

  86.             }

  87.         }

  88. 

  89.         protected virtual void initCipher(byte[] iv, bool isEncrypt)

  90.         {

  91.             if (isEncrypt) {

  92.                 _encryptIV = new byte[ivLen];

  93.                 Array.Copy(iv, _encryptIV, ivLen);

  94.             } else {

  95.                 _decryptIV = new byte[ivLen];

  96.                 Array.Copy(iv, _decryptIV, ivLen);

  97.             }

  98.         }

  99. 

  100.         protected abstract void cipherUpdate(bool isEncrypt, int length, byte[] buf, byte[] outbuf);

  101. 

  102.         protected static void randBytes(byte[] buf, int length) { RNG.GetBytes(buf, length); }

  103. 

  104.         #region TCP

  105. 

  106.         public override void Encrypt(byte[] buf, int length, byte[] outbuf, out int outlength)

  107.         {

  108.             int cipherOffset = 0;

  109.             Debug.Assert(_encCircularBuffer != null, "_encCircularBuffer != null");

  110.             _encCircularBuffer.Put(buf, 0, length);

  111.             if (! _encryptIVSent) {

  112.                 // Generate IV

  113.                 byte[] ivBytes = new byte[ivLen];

  114.                 randBytes(ivBytes, ivLen);

  115.                 initCipher(ivBytes, true);

  116.                 

  117.                 Array.Copy(ivBytes, 0, outbuf, 0, ivLen);

  118.                 cipherOffset = ivLen;

  119.                 _encryptIVSent = true;

  120.             }

  121.             int size = _encCircularBuffer.Size;

  122.             byte[] plain = _encCircularBuffer.Get(size);

  123.             byte[] cipher = new byte[size];

  124.             cipherUpdate(true, size, plain, cipher);

  125.             Buffer.BlockCopy(cipher, 0, outbuf, cipherOffset, size);

  126.             outlength = size + cipherOffset;

  127.         }

  128. 

  129.         public override void Decrypt(byte[] buf, int length, byte[] outbuf, out int outlength)

  130.         {

  131.             Debug.Assert(_decCircularBuffer != null, "_circularBuffer != null");

  132.             _decCircularBuffer.Put(buf, 0, length);

  133.             if (! _decryptIVReceived) {

  134.                 if (_decCircularBuffer.Size <= ivLen) {

  135.                     // we need more data

  136.                     outlength = 0;

  137.                     return;

  138.                 }

  139.                 // start decryption

  140.                 _decryptIVReceived = true;

  141.                 byte[] iv = _decCircularBuffer.Get(ivLen);

  142.                 initCipher(iv, false);

  143.             }

  144.             byte[] cipher = _decCircularBuffer.ToArray();

  145.             cipherUpdate(false, cipher.Length, cipher, outbuf);

  146.             // move pointer only

  147.             _decCircularBuffer.Skip(_decCircularBuffer.Size);

  148.             outlength = cipher.Length;

  149.             // done the decryption

  150.         }

  151. 

  152.         #endregion

  153. 

  154.         #region UDP

  155. 

  156.         public override void EncryptUDP(byte[] buf, int length, byte[] outbuf, out int outlength)

  157.         {

  158.             // Generate IV

  159.             randBytes(outbuf, ivLen);

  160.             initCipher(outbuf, true);

  161.             lock (_udpTmpBuf) {

  162.                 cipherUpdate(true, length, buf, _udpTmpBuf);

  163.                 outlength = length + ivLen;

  164.                 Buffer.BlockCopy(_udpTmpBuf, 0, outbuf, ivLen, length);

  165.             }

  166.         }

  167. 

  168.         public override void DecryptUDP(byte[] buf, int length, byte[] outbuf, out int outlength)

  169.         {

  170.             // Get IV from first pos

  171.             initCipher(buf, false);

  172.             outlength = length - ivLen;

  173.             lock (_udpTmpBuf) {

  174.                 // C# could be multi-threaded

  175.                 Buffer.BlockCopy(buf, ivLen, _udpTmpBuf, 0, length - ivLen);

  176.                 cipherUpdate(false, length - ivLen, _udpTmpBuf, outbuf);

  177.             }

  178.         }

  179. 

  180.         #endregion

  181.     }

  182. }