youys
/
shadowsocks-windows
Not watched
1
0
Fork 0
Code
Releases 67 Wiki Activity
Issues 0 Pull Requests 0 Datasets Model Cloudbrain
You can not select more than 25 topics Topics must start with a chinese character,a letter or number, can include dashes ('-') and can be up to 35 characters long.
897 Commits
5 Branches
32 MB
176 Download
Tree: 1c1cc62235
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '1c1cc62235'
${ noResults }
shadowsocks-windows/shadowsocks-csharp/Encryption/IVEncryptor.cs

IVEncryptor.cs 11 kB
Raw Normal View History

refactor
10 years ago
use ConcurrentDictionary instead of Dictionary
9 years ago
Refine encryption(#655) * Refine encryption - Add AES-CTR, blowfish and camellia ciphers aes-256-ctr aes-192-ctr aes-128-ctr bf-cfb camellia-128-cfb camellia-192-cfb camellia-256-cfb - Merge the previous PolarSSL and MbedTLS - Switch to MbedTLS's cipher layer functions - Add workaround to set cipher operation(encrypt/decrypt) Signed-off-by: Syrone Wong <wong.syrone@gmail.com> * Add function to get MbedTLS cipher context size and drop hard-coded ctx sizes Signed-off-by: Syrone Wong <wong.syrone@gmail.com>
8 years ago
refactor
10 years ago
support onetime auth
9 years ago
refactor
10 years ago
refactor package name
10 years ago
refactor
10 years ago
Update the hash function follow with https://github.com/shadowsocks/shadowsocks-libev/commit/5ae4df94e440c4f6826a679a62687ad27303d89b
9 years ago
Refactor to make OTA code more independent and clear. and misc changes
8 years ago
refactor
10 years ago
Refine Encryption module (#717) - use EncryptorInfo struct instead of Dictionary<string, int[]>>
8 years ago
refactor
10 years ago
use ConcurrentDictionary instead of Dictionary
9 years ago
refactor
10 years ago
Refine encryption introduce a constructor to store inner method name Signed-off-by: Syrone Wong <wong.syrone@gmail.com>
8 years ago
refactor
10 years ago
refact
9 years ago
refactor
10 years ago
Refine Encryption module (#717) - use EncryptorInfo struct instead of Dictionary<string, int[]>>
8 years ago
refactor
10 years ago
Remove unnecessary call to InitKey.
8 years ago
refactor
10 years ago
Refine encryption introduce a constructor to store inner method name Signed-off-by: Syrone Wong <wong.syrone@gmail.com>
8 years ago
refactor
10 years ago
Refine encryption introduce a constructor to store inner method name Signed-off-by: Syrone Wong <wong.syrone@gmail.com>
8 years ago
use ConcurrentDictionary instead of Dictionary
9 years ago
refactor
10 years ago
use ConcurrentDictionary instead of Dictionary
9 years ago
refactor
10 years ago
Refactor to make OTA code more independent and clear. and misc changes
8 years ago
refactor
10 years ago
override MD5, so compatible with FIPS
9 years ago
refactor
10 years ago
override MD5, so compatible with FIPS
9 years ago
refactor
10 years ago
Refactor to make OTA code more independent and clear. and misc changes
8 years ago
support onetime auth
9 years ago
Refactor to make OTA code more independent and clear. and misc changes
8 years ago
Update the hash function follow with https://github.com/shadowsocks/shadowsocks-libev/commit/5ae4df94e440c4f6826a679a62687ad27303d89b
9 years ago
Protocol V2
9 years ago
Update the hash function follow with https://github.com/shadowsocks/shadowsocks-libev/commit/5ae4df94e440c4f6826a679a62687ad27303d89b
9 years ago
Refactor to make OTA code more independent and clear. and misc changes
8 years ago
Update the hash function follow with https://github.com/shadowsocks/shadowsocks-libev/commit/5ae4df94e440c4f6826a679a62687ad27303d89b
9 years ago
Refactor to make OTA code more independent and clear. and misc changes
8 years ago
Update the hash function follow with https://github.com/shadowsocks/shadowsocks-libev/commit/5ae4df94e440c4f6826a679a62687ad27303d89b
9 years ago
Refactor to make OTA code more independent and clear. and misc changes
8 years ago
Update the hash function follow with https://github.com/shadowsocks/shadowsocks-libev/commit/5ae4df94e440c4f6826a679a62687ad27303d89b
9 years ago
Refine the authentication for true CCA
9 years ago
Refactor to make OTA code more independent and clear. and misc changes
8 years ago
Update the hash function follow with https://github.com/shadowsocks/shadowsocks-libev/commit/5ae4df94e440c4f6826a679a62687ad27303d89b
9 years ago
Refactor to make OTA code more independent and clear. and misc changes
8 years ago
Protocol V2
9 years ago
Refactor to make OTA code more independent and clear. and misc changes
8 years ago
Protocol V2
9 years ago
Refactor to make OTA code more independent and clear. and misc changes
8 years ago
refact
9 years ago
Refactor to make OTA code more independent and clear. and misc changes
8 years ago
refact
9 years ago
Refactor to make OTA code more independent and clear. and misc changes
8 years ago
refact
9 years ago
Refactor to make OTA code more independent and clear. and misc changes
8 years ago
Fix #561
8 years ago
refact
9 years ago
Refactor to make OTA code more independent and clear. and misc changes
8 years ago
refact
9 years ago
Refactor to make OTA code more independent and clear. and misc changes
8 years ago
refact
9 years ago
Refactor to make OTA code more independent and clear. and misc changes
8 years ago
refact
9 years ago
Refactor to make OTA code more independent and clear. and misc changes
8 years ago
refact
9 years ago
Refactor to make OTA code more independent and clear. and misc changes
8 years ago
refact
9 years ago
Refactor to make OTA code more independent and clear. and misc changes
8 years ago
refact
9 years ago
Refactor to make OTA code more independent and clear. and misc changes
8 years ago
refact
9 years ago
refactor
10 years ago
Refactor to make OTA code more independent and clear. and misc changes
8 years ago
refactor
10 years ago
Refactor to make OTA code more independent and clear. and misc changes
8 years ago
refact
9 years ago
Protocol V2
9 years ago
refactor
10 years ago
Refactor to make OTA code more independent and clear. and misc changes
8 years ago
refactor
10 years ago
support onetime auth
9 years ago
refactor
10 years ago
 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293 
  1. using System;

  2. using System.Collections.Generic;

  3. using System.Collections.Concurrent;

  4. using System.Linq;

  5. using System.Security.Cryptography;

  6. using System.Text;

  7. using System.Net;

  8. 

  9. namespace Shadowsocks.Encryption

  10. {

  11.     public abstract class IVEncryptor

  12.         : EncryptorBase

  13.     {

  14.         public const int MAX_KEY_LENGTH = 64;

  15.         public const int MAX_IV_LENGTH = 16;

  16. 

  17.         protected static byte[] tempbuf = new byte[MAX_INPUT_SIZE];

  18. 

  19.         protected Dictionary<string, EncryptorInfo> ciphers;

  20. 

  21.         private static readonly ConcurrentDictionary<string, byte[]> CachedKeys = new ConcurrentDictionary<string, byte[]>();

  22.         protected byte[] _encryptIV;

  23.         protected byte[] _decryptIV;

  24.         protected bool _decryptIVReceived;

  25.         protected bool _encryptIVSent;

  26.         protected string _method;

  27.         protected int _cipher;

  28.         // internal name in the crypto library

  29.         protected string _innerLibName;

  30.         protected EncryptorInfo CipherInfo;

  31.         protected byte[] _key;

  32.         protected int keyLen;

  33.         protected int ivLen;

  34. 

  35.         public IVEncryptor(string method, string password, bool onetimeauth, bool isudp)

  36.             : base(method, password, onetimeauth, isudp)

  37.         {

  38.             InitKey(method, password);

  39.         }

  40. 

  41.         protected abstract Dictionary<string, EncryptorInfo> getCiphers();

  42. 

  43.         private void InitKey(string method, string password)

  44.         {

  45.             method = method.ToLower();

  46.             _method = method;

  47.             string k = method + ":" + password;

  48.             ciphers = getCiphers();

  49.             CipherInfo = ciphers[_method];

  50.             _innerLibName = CipherInfo.InnerLibName;

  51.             _cipher = CipherInfo.Type;

  52.             if (_cipher == 0)

  53.             {

  54.                 throw new Exception("method not found");

  55.             }

  56.             keyLen = CipherInfo.KeySize;

  57.             ivLen = CipherInfo.IvSize;

  58.             _key = CachedKeys.GetOrAdd(k, (nk) =>

  59.             {

  60.                 byte[] passbuf = Encoding.UTF8.GetBytes(password);

  61.                 byte[] key = new byte[32];

  62.                 bytesToKey(passbuf, key);

  63.                 return key;

  64.             });

  65.         }

  66. 

  67.         protected void bytesToKey(byte[] password, byte[] key)

  68.         {

  69.             byte[] result = new byte[password.Length + 16];

  70.             int i = 0;

  71.             byte[] md5sum = null;

  72.             while (i < key.Length)

  73.             {

  74.                 if (i == 0)

  75.                 {

  76.                     md5sum = MbedTLS.MD5(password);

  77.                 }

  78.                 else

  79.                 {

  80.                     md5sum.CopyTo(result, 0);

  81.                     password.CopyTo(result, md5sum.Length);

  82.                     md5sum = MbedTLS.MD5(result);

  83.                 }

  84.                 md5sum.CopyTo(key, i);

  85.                 i += md5sum.Length;

  86.             }

  87.         }

  88. 

  89.         protected virtual void initCipher(byte[] iv, bool isCipher)

  90.         {

  91.             if (ivLen > 0)

  92.             {

  93.                 if (isCipher)

  94.                 {

  95.                     _encryptIV = new byte[ivLen];

  96.                     Array.Copy(iv, _encryptIV, ivLen);

  97.                 }

  98.                 else

  99.                 {

  100.                     _decryptIV = new byte[ivLen];

  101.                     Array.Copy(iv, _decryptIV, ivLen);

  102.                 }

  103.             }

  104.         }

  105. 

  106.         protected abstract void cipherUpdate(bool isCipher, int length, byte[] buf, byte[] outbuf);

  107. 

  108.         #region OneTimeAuth

  109. 

  110.         public const int ONETIMEAUTH_FLAG = 0x10;

  111.         public const int ADDRTYPE_MASK = 0xF;

  112. 

  113.         public const int ONETIMEAUTH_BYTES = 10;

  114. 

  115.         public const int CLEN_BYTES = 2;

  116.         public const int AUTH_BYTES = ONETIMEAUTH_BYTES + CLEN_BYTES;

  117. 

  118.         private uint _otaChunkCounter;

  119.         private byte[] _otaChunkKeyBuffer;

  120. 

  121.         protected int OtaGetHeadLen(byte[] buf, int length)

  122.         {

  123.             int len = 0;

  124.             int atyp = length > 0 ? (buf[0] & ADDRTYPE_MASK) : 0;

  125.             if (atyp == 1)

  126.             {

  127.                 len = 7; // atyp (1 bytes) + ipv4 (4 bytes) + port (2 bytes)

  128.             }

  129.             else if (atyp == 3 && length > 1)

  130.             {

  131.                 int nameLen = buf[1];

  132.                 len = 4 + nameLen; // atyp (1 bytes) + name length (1 bytes) + name (n bytes) + port (2 bytes)

  133.             }

  134.             else if (atyp == 4)

  135.             {

  136.                 len = 19; // atyp (1 bytes) + ipv6 (16 bytes) + port (2 bytes)

  137.             }

  138.             if (len == 0 || len > length)

  139.                 throw new Exception($"invalid header with addr type {atyp}");

  140.             return len;

  141.         }

  142. 

  143.         private byte[] OtaGenHash(byte[] msg, int msg_len)

  144.         {

  145.             byte[] auth = new byte[ONETIMEAUTH_BYTES];

  146.             byte[] hash = new byte[20];

  147.             byte[] auth_key = new byte[MAX_IV_LENGTH + MAX_KEY_LENGTH];

  148.             Buffer.BlockCopy(_encryptIV, 0, auth_key, 0, ivLen);

  149.             Buffer.BlockCopy(_key, 0, auth_key, ivLen, keyLen);

  150.             Sodium.ss_sha1_hmac_ex(auth_key, (uint)(ivLen + keyLen),

  151.                 msg, 0, (uint)msg_len, hash);

  152.             Buffer.BlockCopy(hash, 0, auth, 0, ONETIMEAUTH_BYTES);

  153.             return auth;

  154.         }

  155. 

  156.         private void OtaUpdateKeyBuffer()

  157.         {

  158.             if (_otaChunkKeyBuffer == null)

  159.             {

  160.                 _otaChunkKeyBuffer = new byte[MAX_IV_LENGTH + 4];

  161.                 Buffer.BlockCopy(_encryptIV, 0, _otaChunkKeyBuffer, 0, ivLen);

  162.             }

  163. 

  164.             byte[] counter_bytes = BitConverter.GetBytes((uint)IPAddress.HostToNetworkOrder((int)_otaChunkCounter));

  165.             Buffer.BlockCopy(counter_bytes, 0, _otaChunkKeyBuffer, ivLen, 4);

  166.             _otaChunkCounter++;

  167.         }

  168. 

  169.         private byte[] OtaGenChunkHash(byte[] buf, int offset, int len)

  170.         {

  171.             byte[] hash = new byte[20];

  172.             OtaUpdateKeyBuffer();

  173.             Sodium.ss_sha1_hmac_ex(_otaChunkKeyBuffer, (uint)_otaChunkKeyBuffer.Length,

  174.                 buf, offset, (uint)len, hash);

  175.             return hash;

  176.         }

  177. 

  178.         private void OtaAuthBuffer4Tcp(byte[] buf, ref int length)

  179.         {

  180.             if (!_encryptIVSent)

  181.             {

  182.                 int headLen = OtaGetHeadLen(buf, length);

  183.                 int dataLen = length - headLen;

  184.                 buf[0] |= ONETIMEAUTH_FLAG;

  185.                 byte[] hash = OtaGenHash(buf, headLen);

  186.                 Buffer.BlockCopy(buf, headLen, buf, headLen + ONETIMEAUTH_BYTES + AUTH_BYTES, dataLen);

  187.                 Buffer.BlockCopy(hash, 0, buf, headLen, ONETIMEAUTH_BYTES);

  188. 

  189.                 if (dataLen == 0)

  190.                 {

  191.                     length = headLen + ONETIMEAUTH_BYTES;

  192.                 }

  193.                 else

  194.                 {

  195.                     hash = OtaGenChunkHash(buf, headLen + ONETIMEAUTH_BYTES + AUTH_BYTES, dataLen);

  196.                     Buffer.BlockCopy(hash, 0, buf, headLen + ONETIMEAUTH_BYTES + CLEN_BYTES, ONETIMEAUTH_BYTES);

  197.                     byte[] lenBytes = BitConverter.GetBytes((ushort) IPAddress.HostToNetworkOrder((short) dataLen));

  198.                     Buffer.BlockCopy(lenBytes, 0, buf, headLen + ONETIMEAUTH_BYTES, CLEN_BYTES);

  199.                     length = headLen + ONETIMEAUTH_BYTES + AUTH_BYTES + dataLen;

  200.                 }

  201.             }

  202.             else

  203.             {

  204.                 byte[] hash = OtaGenChunkHash(buf, 0, length);

  205.                 Buffer.BlockCopy(buf, 0, buf, AUTH_BYTES, length);

  206.                 byte[] lenBytes = BitConverter.GetBytes((ushort)IPAddress.HostToNetworkOrder((short)length));

  207.                 Buffer.BlockCopy(lenBytes, 0, buf, 0, CLEN_BYTES);

  208.                 Buffer.BlockCopy(hash, 0, buf, CLEN_BYTES, ONETIMEAUTH_BYTES);

  209.                 length += AUTH_BYTES;

  210.             }

  211.         }

  212. 

  213.         private void OtaAuthBuffer4Udp(byte[] buf, ref int length)

  214.         {

  215.             buf[0] |= ONETIMEAUTH_FLAG;

  216.             byte[] hash = OtaGenHash(buf, length);

  217.             Buffer.BlockCopy(hash, 0, buf, length, ONETIMEAUTH_BYTES);

  218.             length += ONETIMEAUTH_BYTES;

  219.         }

  220. 

  221.         private void OtaAuthBuffer(byte[] buf, ref int length)

  222.         {

  223.             if (OnetimeAuth && ivLen > 0)

  224.             {

  225.                 if (!IsUDP)

  226.                 {

  227.                     OtaAuthBuffer4Tcp(buf, ref length);

  228.                 }

  229.                 else

  230.                 {

  231.                     OtaAuthBuffer4Udp(buf, ref length);

  232.                 }

  233.             }

  234.         }

  235. 

  236.         #endregion

  237. 

  238.         protected static void randBytes(byte[] buf, int length)

  239.         {

  240.             byte[] temp = new byte[length];

  241.             RNGCryptoServiceProvider rngServiceProvider = new RNGCryptoServiceProvider();

  242.             rngServiceProvider.GetBytes(temp);

  243.             temp.CopyTo(buf, 0);

  244.         }

  245. 

  246.         public override void Encrypt(byte[] buf, int length, byte[] outbuf, out int outlength)

  247.         {

  248.             if (!_encryptIVSent)

  249.             {

  250.                 // Generate IV

  251.                 randBytes(outbuf, ivLen);

  252.                 initCipher(outbuf, true);

  253.                 outlength = length + ivLen;

  254.                 OtaAuthBuffer(buf, ref length);

  255.                 _encryptIVSent = true;

  256.                 lock (tempbuf)

  257.                 {

  258.                     cipherUpdate(true, length, buf, tempbuf);

  259.                     outlength = length + ivLen;

  260.                     Buffer.BlockCopy(tempbuf, 0, outbuf, ivLen, length);

  261.                 }

  262.             }

  263.             else

  264.             {

  265.                 OtaAuthBuffer(buf, ref length);

  266.                 outlength = length;

  267.                 cipherUpdate(true, length, buf, outbuf);

  268.             }

  269.         }

  270. 

  271.         public override void Decrypt(byte[] buf, int length, byte[] outbuf, out int outlength)

  272.         {

  273.             if (!_decryptIVReceived)

  274.             {

  275.                 _decryptIVReceived = true;

  276.                 initCipher(buf, false);

  277.                 outlength = length - ivLen;

  278.                 lock (tempbuf)

  279.                 {

  280.                     // C# could be multi-threaded

  281.                     Buffer.BlockCopy(buf, ivLen, tempbuf, 0, length - ivLen);

  282.                     cipherUpdate(false, length - ivLen, tempbuf, outbuf);

  283.                 }

  284.             }

  285.             else

  286.             {

  287.                 outlength = length;

  288.                 cipherUpdate(false, length, buf, outbuf);

  289.             }

  290.         }

  291. 

  292.     }

  293. }

No Description