You can not select more than 25 topics Topics must start with a chinese character,a letter or number, can include dashes ('-') and can be up to 35 characters long.

StreamEncryptor.cs 6.3 kB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183
  1. using System;
  2. using System.Collections.Generic;
  3. using System.Diagnostics;
  4. using System.Text;
  5. using Shadowsocks.Encryption.CircularBuffer;
  6. using Shadowsocks.Controller;
  7. namespace Shadowsocks.Encryption.Stream
  8. {
  9. public abstract class StreamEncryptor : EncryptorBase
  10. {
  11. // for UDP only
  12. protected static byte[] _udpTmpBuf = new byte[65536];
  13. // every connection should create its own buffer
  14. private ByteCircularBuffer buffer = new ByteCircularBuffer(TCPHandler.BufferSize * 2);
  15. protected Dictionary<string, CipherInfo> ciphers;
  16. // Is first packet
  17. protected bool ivReady;
  18. protected string _method;
  19. protected CipherFamily _cipher;
  20. protected CipherInfo CipherInfo;
  21. // long-time master key
  22. protected static byte[] key = null;
  23. protected byte[] iv;
  24. protected int keyLen;
  25. protected int ivLen;
  26. public StreamEncryptor(string method, string password)
  27. : base(method, password)
  28. {
  29. InitEncryptorInfo(method);
  30. InitKey(password);
  31. }
  32. protected abstract Dictionary<string, CipherInfo> getCiphers();
  33. private void InitEncryptorInfo(string method)
  34. {
  35. method = method.ToLower();
  36. _method = method;
  37. ciphers = getCiphers();
  38. CipherInfo = ciphers[_method];
  39. _cipher = CipherInfo.Type;
  40. var parameter = (StreamCipherParameter)CipherInfo.CipherParameter;
  41. keyLen = parameter.KeySize;
  42. ivLen = parameter.IvSize;
  43. }
  44. private void InitKey(string password)
  45. {
  46. byte[] passbuf = Encoding.UTF8.GetBytes(password);
  47. key ??= new byte[keyLen];
  48. if (key.Length != keyLen) Array.Resize(ref key, keyLen);
  49. LegacyDeriveKey(passbuf, key, keyLen);
  50. }
  51. public static void LegacyDeriveKey(byte[] password, byte[] key, int keylen)
  52. {
  53. byte[] result = new byte[password.Length + MD5_LEN];
  54. int i = 0;
  55. byte[] md5sum = null;
  56. while (i < keylen)
  57. {
  58. if (i == 0)
  59. {
  60. md5sum = CryptoUtils.MD5(password);
  61. }
  62. else
  63. {
  64. Array.Copy(md5sum, 0, result, 0, MD5_LEN);
  65. Array.Copy(password, 0, result, MD5_LEN, password.Length);
  66. md5sum = CryptoUtils.MD5(result);
  67. }
  68. Array.Copy(md5sum, 0, key, i, Math.Min(MD5_LEN, keylen - i));
  69. i += MD5_LEN;
  70. }
  71. }
  72. protected virtual void initCipher(byte[] iv, bool isEncrypt)
  73. {
  74. this.iv = new byte[ivLen];
  75. Array.Copy(iv, this.iv, ivLen);
  76. }
  77. protected abstract void cipherUpdate(bool isEncrypt, int length, byte[] buf, byte[] outbuf);
  78. protected abstract int CipherEncrypt(Span<byte> plain, Span<byte> cipher);
  79. protected abstract int CipherDecrypt(Span<byte> plain, Span<byte> cipher);
  80. //protected static void randBytes(byte[] buf, int length) { RNG.GetBytes(buf, length); }
  81. #region TCP
  82. public override void Encrypt(byte[] buf, int length, byte[] outbuf, out int outlength)
  83. {
  84. int cipherOffset = 0;
  85. Debug.Assert(buffer != null, "_encCircularBuffer != null");
  86. buffer.Put(buf, 0, length);
  87. if (!ivReady)
  88. {
  89. // Generate IV
  90. byte[] ivBytes = RNG.GetBytes(ivLen);
  91. initCipher(ivBytes, true);
  92. Array.Copy(ivBytes, 0, outbuf, 0, ivLen);
  93. cipherOffset = ivLen;
  94. ivReady = true;
  95. }
  96. int size = buffer.Size;
  97. byte[] plain = buffer.Get(size);
  98. byte[] cipher = new byte[size];
  99. cipherUpdate(true, size, plain, cipher);
  100. Buffer.BlockCopy(cipher, 0, outbuf, cipherOffset, size);
  101. outlength = size + cipherOffset;
  102. }
  103. public override void Decrypt(byte[] buf, int length, byte[] outbuf, out int outlength)
  104. {
  105. Debug.Assert(buffer != null, "_circularBuffer != null");
  106. buffer.Put(buf, 0, length);
  107. if (!ivReady)
  108. {
  109. if (buffer.Size <= ivLen)
  110. {
  111. // we need more data
  112. outlength = 0;
  113. return;
  114. }
  115. // start decryption
  116. ivReady = true;
  117. if (ivLen > 0)
  118. {
  119. byte[] iv = buffer.Get(ivLen);
  120. initCipher(iv, false);
  121. }
  122. else initCipher(Array.Empty<byte>(), false);
  123. }
  124. byte[] cipher = buffer.ToArray();
  125. cipherUpdate(false, cipher.Length, cipher, outbuf);
  126. // move pointer only
  127. buffer.Skip(buffer.Size);
  128. outlength = cipher.Length;
  129. // done the decryption
  130. }
  131. #endregion
  132. #region UDP
  133. public override void EncryptUDP(byte[] buf, int length, byte[] outbuf, out int outlength)
  134. {
  135. // Generate IV
  136. RNG.GetBytes(outbuf, ivLen);
  137. initCipher(outbuf, true);
  138. lock (_udpTmpBuf)
  139. {
  140. cipherUpdate(true, length, buf, _udpTmpBuf);
  141. outlength = length + ivLen;
  142. Buffer.BlockCopy(_udpTmpBuf, 0, outbuf, ivLen, length);
  143. }
  144. }
  145. public override void DecryptUDP(byte[] buf, int length, byte[] outbuf, out int outlength)
  146. {
  147. // Get IV from first pos
  148. initCipher(buf, false);
  149. outlength = length - ivLen;
  150. lock (_udpTmpBuf)
  151. {
  152. // C# could be multi-threaded
  153. Buffer.BlockCopy(buf, ivLen, _udpTmpBuf, 0, length - ivLen);
  154. cipherUpdate(false, length - ivLen, _udpTmpBuf, outbuf);
  155. }
  156. }
  157. #endregion
  158. }
  159. }