youys
/
shadowsocks-windows
Not watched
1
0
Fork 0
Code
Releases 67 Wiki Activity
Issues 0 Pull Requests 0 Datasets Model Cloudbrain
You can not select more than 25 topics Topics must start with a chinese character,a letter or number, can include dashes ('-') and can be up to 35 characters long.
547 Commits
5 Branches
32 MB
2564 Download
Tree: 0eee5cd98f
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '0eee5cd98f'
${ noResults }
shadowsocks-windows/shadowsocks-csharp/Encryption/IVEncryptor.cs

IVEncryptor.cs 9.8 kB
Raw Normal View History

refactor
11 years ago
support onetime auth
10 years ago
refactor
11 years ago
refactor package name
11 years ago
refactor
11 years ago
Update the hash function follow with https://github.com/shadowsocks/shadowsocks-libev/commit/5ae4df94e440c4f6826a679a62687ad27303d89b
10 years ago
support onetime auth
10 years ago
Update the hash function follow with https://github.com/shadowsocks/shadowsocks-libev/commit/5ae4df94e440c4f6826a679a62687ad27303d89b
10 years ago
support onetime auth
10 years ago
Update the hash function follow with https://github.com/shadowsocks/shadowsocks-libev/commit/5ae4df94e440c4f6826a679a62687ad27303d89b
10 years ago
support onetime auth
10 years ago
sodium works
11 years ago
refactor
11 years ago
Update the hash function follow with https://github.com/shadowsocks/shadowsocks-libev/commit/5ae4df94e440c4f6826a679a62687ad27303d89b
10 years ago
refactor
11 years ago
support onetime auth
10 years ago
refactor
11 years ago
support onetime auth
10 years ago
Update the hash function follow with https://github.com/shadowsocks/shadowsocks-libev/commit/5ae4df94e440c4f6826a679a62687ad27303d89b
10 years ago
support onetime auth
10 years ago
refactor
11 years ago
no repeat random number generator The stock code use class Random to generate IV, the Random is pseudo random number generator. The IV maybe repeat, this will cause shadowsocks-libev closed the sockets with the error message 'invalid password or cipher'. Reference https://github.com/shadowsocks/shadowsocks-libev/issues/389 Solution is use class RNGCryptoServiceProvider to generate IV, of course it's lower performance, but a little bit.
10 years ago
refactor
11 years ago
Update the hash function follow with https://github.com/shadowsocks/shadowsocks-libev/commit/5ae4df94e440c4f6826a679a62687ad27303d89b
10 years ago
support onetime auth
10 years ago
Update the hash function follow with https://github.com/shadowsocks/shadowsocks-libev/commit/5ae4df94e440c4f6826a679a62687ad27303d89b
10 years ago
refactor
11 years ago
support onetime auth
10 years ago
Update the hash function follow with https://github.com/shadowsocks/shadowsocks-libev/commit/5ae4df94e440c4f6826a679a62687ad27303d89b
10 years ago
support onetime auth
10 years ago
Update the hash function follow with https://github.com/shadowsocks/shadowsocks-libev/commit/5ae4df94e440c4f6826a679a62687ad27303d89b
10 years ago
support onetime auth
10 years ago
Update the hash function follow with https://github.com/shadowsocks/shadowsocks-libev/commit/5ae4df94e440c4f6826a679a62687ad27303d89b
10 years ago
support onetime auth
10 years ago
Update the hash function follow with https://github.com/shadowsocks/shadowsocks-libev/commit/5ae4df94e440c4f6826a679a62687ad27303d89b
10 years ago
support onetime auth
10 years ago
refactor
11 years ago
support onetime auth
10 years ago
Update the hash function follow with https://github.com/shadowsocks/shadowsocks-libev/commit/5ae4df94e440c4f6826a679a62687ad27303d89b
10 years ago
support onetime auth
10 years ago
Update the hash function follow with https://github.com/shadowsocks/shadowsocks-libev/commit/5ae4df94e440c4f6826a679a62687ad27303d89b
10 years ago
support onetime auth
10 years ago
refactor
11 years ago
support onetime auth
10 years ago
refactor
11 years ago
 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265 
  1. using System;

  2. using System.Collections.Generic;

  3. using System.Security.Cryptography;

  4. using System.Text;

  5. using System.Net;

  6. 

  7. namespace Shadowsocks.Encryption

  8. {

  9.     public abstract class IVEncryptor

  10.         : EncryptorBase

  11.     {

  12.         public const int MAX_KEY_LENGTH = 64;

  13.         public const int MAX_IV_LENGTH = 16;

  14. 

  15.         public const int ONETIMEAUTH_FLAG = 0x10;

  16.         public const int ADDRTYPE_MASK = 0xF;

  17. 

  18.         public const int ONETIMEAUTH_BYTES = 16;

  19.         public const int ONETIMEAUTH_KEYBYTES = 32;

  20. 

  21.         public const int HASH_BUF_LEN = 128;

  22.         public const int HASH_BYTES = 4;

  23. 

  24.         protected static byte[] tempbuf = new byte[MAX_INPUT_SIZE];

  25. 

  26.         protected Dictionary<string, int[]> ciphers;

  27. 

  28.         private static readonly Dictionary<string, byte[]> CachedKeys = new Dictionary<string, byte[]>();

  29.         protected byte[] _encryptIV;

  30.         protected byte[] _decryptIV;

  31.         protected bool _decryptIVReceived;

  32.         protected bool _encryptIVSent;

  33.         protected int _encryptIVOffset = 0;

  34.         protected int _decryptIVOffset = 0;

  35.         protected string _method;

  36.         protected int _cipher;

  37.         protected int[] _cipherInfo;

  38.         protected byte[] _key;

  39.         protected int keyLen;

  40.         protected int ivLen;

  41.         protected byte[] hash_buf;

  42.         protected int hash_idx = 0;

  43. 

  44.         public IVEncryptor(string method, string password, bool onetimeauth)

  45.             : base(method, password, onetimeauth)

  46.         {

  47.             InitKey(method, password);

  48.             if (OnetimeAuth)

  49.             {

  50.                 hash_buf = new byte[HASH_BUF_LEN];

  51.             }

  52.         }

  53. 

  54.         protected abstract Dictionary<string, int[]> getCiphers();

  55. 

  56.         protected void InitKey(string method, string password)

  57.         {

  58.             method = method.ToLower();

  59.             _method = method;

  60.             string k = method + ":" + password;

  61.             ciphers = getCiphers();

  62.             _cipherInfo = ciphers[_method];

  63.             _cipher = _cipherInfo[2];

  64.             if (_cipher == 0)

  65.             {

  66.                 throw new Exception("method not found");

  67.             }

  68.             keyLen = ciphers[_method][0];

  69.             ivLen = ciphers[_method][1];

  70.             if (CachedKeys.ContainsKey(k))

  71.             {

  72.                 _key = CachedKeys[k];

  73.             }

  74.             else

  75.             {

  76.                 byte[] passbuf = Encoding.UTF8.GetBytes(password);

  77.                 _key = new byte[32];

  78.                 byte[] iv = new byte[16];

  79.                 bytesToKey(passbuf, _key);

  80.                 CachedKeys[k] = _key;

  81.             }

  82.         }

  83. 

  84.         protected void bytesToKey(byte[] password, byte[] key)

  85.         {

  86.             byte[] result = new byte[password.Length + 16];

  87.             int i = 0;

  88.             byte[] md5sum = null;

  89.             while (i < key.Length)

  90.             {

  91.                 MD5 md5 = MD5.Create();

  92.                 if (i == 0)

  93.                 {

  94.                     md5sum = md5.ComputeHash(password);

  95.                 }

  96.                 else

  97.                 {

  98.                     md5sum.CopyTo(result, 0);

  99.                     password.CopyTo(result, md5sum.Length);

  100.                     md5sum = md5.ComputeHash(result);

  101.                 }

  102.                 md5sum.CopyTo(key, i);

  103.                 i += md5sum.Length;

  104.             }

  105.         }

  106. 

  107.         protected static void randBytes(byte[] buf, int length)

  108.         {

  109.             byte[] temp = new byte[length];

  110.             RNGCryptoServiceProvider rngServiceProvider = new RNGCryptoServiceProvider();

  111.             rngServiceProvider.GetBytes(temp);

  112.             temp.CopyTo(buf, 0);

  113.         }

  114. 

  115.         protected virtual void initCipher(byte[] iv, bool isCipher)

  116.         {

  117.             if (ivLen > 0)

  118.             {

  119.                 if (isCipher)

  120.                 {

  121.                     _encryptIV = new byte[ivLen];

  122.                     Array.Copy(iv, _encryptIV, ivLen);

  123.                 }

  124.                 else

  125.                 {

  126.                     _decryptIV = new byte[ivLen];

  127.                     Array.Copy(iv, _decryptIV, ivLen);

  128.                 }

  129.             }

  130.         }

  131. 

  132.         protected abstract void cipherUpdate(bool isCipher, int length, byte[] buf, byte[] outbuf);

  133. 

  134.         protected int ss_headlen(byte[] buf, int length)

  135.         {

  136.             int len = 0;

  137.             int atyp = length > 0 ? (buf[0] & ADDRTYPE_MASK) : 0;

  138.             if (atyp == 1)

  139.             {

  140.                 len = 7; // atyp (1 bytes) + ipv4 (4 bytes) + port (2 bytes)

  141.             }

  142.             else if (atyp == 3 && length > 1)

  143.             {

  144.                 int nameLen = buf[1];

  145.                 len = 4 + nameLen; // atyp (1 bytes) + name length (1 bytes) + name (n bytes) + port (2 bytes)

  146.             }

  147.             else if (atyp == 4)

  148.             {

  149.                 len = 19; // atyp (1 bytes) + ipv6 (16 bytes) + port (2 bytes)

  150.             }

  151.             if (len == 0 || len > length)

  152.                 throw new Exception($"invalid header with addr type {atyp}");

  153.             return len;

  154.         }

  155. 

  156.         protected int ss_onetimeauth(byte[] auth,

  157.             byte[] msg, int msg_len,

  158.             byte[] iv, int iv_len,

  159.             byte[] key, int key_len)

  160.         {

  161.             byte[] auth_key = new byte[ONETIMEAUTH_KEYBYTES];

  162.             byte[] auth_bytes = new byte[MAX_IV_LENGTH + MAX_KEY_LENGTH];

  163.             Buffer.BlockCopy(iv, 0, auth_bytes, 0, ivLen);

  164.             Buffer.BlockCopy(key, 0, auth_bytes, ivLen, key_len);

  165.             Sodium.crypto_generichash(auth_key, ONETIMEAUTH_KEYBYTES, auth_bytes, (ulong)(iv_len + key_len), null, 0);

  166.             return Sodium.crypto_onetimeauth(auth, msg, (ulong)msg_len, auth_key);

  167.         }

  168. 

  169.         protected void ss_gen_hash(byte[] in_buf, ref int in_offset, ref int in_len,

  170.             byte[] hash_buf, ref int hash_idx, int buf_size)

  171.         {

  172.             int i, j;

  173.             int offset = in_offset;

  174.             int blen = in_len;

  175.             int cidx = hash_idx;

  176.             int size = (blen / HASH_BUF_LEN + 1) * HASH_BYTES + blen;

  177.             if (buf_size < (size + offset))

  178.                 throw new Exception("failed to generate hash:  buffer size insufficient");

  179.             byte[] hash = new byte[HASH_BYTES];

  180.             for (i = 0, j = offset; i < blen; i++, j++)

  181.             {

  182.                 if (cidx == HASH_BUF_LEN)

  183.                 {

  184.                     Sodium.crypto_generichash(hash, HASH_BYTES, hash_buf, HASH_BUF_LEN, null, 0);

  185.                     Buffer.BlockCopy(in_buf, j, in_buf, j + HASH_BYTES, blen - i);

  186.                     Buffer.BlockCopy(hash, 0, in_buf, j, HASH_BYTES);

  187.                     j += HASH_BYTES; cidx = 0;

  188.                 }

  189.                 hash_buf[cidx] = in_buf[j];

  190.                 cidx++;

  191.             }

  192.             in_offset = j;

  193.             in_len = j - offset;

  194.             hash_idx = cidx;

  195.         }

  196. 

  197.         public override void Encrypt(byte[] buf, int length, byte[] outbuf, out int outlength)

  198.         {

  199.             if (!_encryptIVSent)

  200.             {

  201.                 _encryptIVSent = true;

  202.                 randBytes(outbuf, ivLen);

  203.                 initCipher(outbuf, true);

  204.                 outlength = length + ivLen;

  205.                 lock (tempbuf)

  206.                 {

  207.                     if (OnetimeAuth)

  208.                     {

  209.                         lock (hash_buf)

  210.                         {

  211.                             int headLen = ss_headlen(buf, length);

  212.                             int data_len = length - headLen;

  213.                             Buffer.BlockCopy(buf, headLen, buf, headLen + ONETIMEAUTH_BYTES, data_len);

  214.                             buf[0] |= ONETIMEAUTH_FLAG;

  215.                             byte[] auth = new byte[ONETIMEAUTH_BYTES];

  216.                             ss_onetimeauth(auth, buf, headLen, _encryptIV, ivLen, _key, keyLen);

  217.                             Buffer.BlockCopy(auth, 0, buf, headLen, ONETIMEAUTH_BYTES);

  218.                             int buf_offset = headLen + ONETIMEAUTH_BYTES;

  219.                             ss_gen_hash(buf, ref buf_offset, ref data_len, hash_buf, ref hash_idx, buf.Length);

  220.                             length = headLen + ONETIMEAUTH_BYTES + data_len;

  221.                         }

  222.                     }

  223.                     cipherUpdate(true, length, buf, tempbuf);

  224.                     outlength = length + ivLen;

  225.                     Buffer.BlockCopy(tempbuf, 0, outbuf, ivLen, length);

  226.                 }

  227.             }

  228.             else

  229.             {

  230.                 if (OnetimeAuth)

  231.                 {

  232.                     lock (hash_buf)

  233.                     {

  234.                         int buf_offset = 0;

  235.                         ss_gen_hash(buf, ref buf_offset, ref length, hash_buf, ref hash_idx, buf.Length);

  236.                     }

  237.                 }

  238.                 outlength = length;

  239.                 cipherUpdate(true, length, buf, outbuf);

  240.             }

  241.         }

  242. 

  243.         public override void Decrypt(byte[] buf, int length, byte[] outbuf, out int outlength)

  244.         {

  245.             if (!_decryptIVReceived)

  246.             {

  247.                 _decryptIVReceived = true;

  248.                 initCipher(buf, false);

  249.                 outlength = length - ivLen;

  250.                 lock (tempbuf)

  251.                 {

  252.                     // C# could be multi-threaded

  253.                     Buffer.BlockCopy(buf, ivLen, tempbuf, 0, length - ivLen);

  254.                     cipherUpdate(false, length - ivLen, tempbuf, outbuf);

  255.                 }

  256.             }

  257.             else

  258.             {

  259.                 outlength = length;

  260.                 cipherUpdate(false, length, buf, outbuf);

  261.             }

  262.         }

  263. 

  264.     }

  265. }

No Description