From 70a88b5794588551718bb04f0e7332ea2fb9039c Mon Sep 17 00:00:00 2001 From: database64128 Date: Fri, 1 Jan 2021 04:02:44 +0800 Subject: [PATCH] =?UTF-8?q?=F0=9F=9A=B1=20Remove=20infrastructure=20of=20s?= =?UTF-8?q?tream=20ciphers?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../Encryption/AEAD/AEADEncryptor.cs | 20 ++- shadowsocks-csharp/Encryption/EncryptorFactory.cs | 21 --- .../Encryption/Stream/StreamEncryptor.cs | 182 --------------------- .../Encryption/Stream/StreamMbedTLSEncryptor.cs | 155 ------------------ .../Encryption/Stream/StreamOpenSSLEncryptor.cs | 159 ------------------ .../Encryption/Stream/StreamSodiumEncryptor.cs | 107 ------------ shadowsocks-csharp/View/ConfigForm.cs | 18 -- shadowsocks-csharp/shadowsocks-csharp.csproj | 4 - test/ShadowsocksTest.csproj | 1 - 9 files changed, 18 insertions(+), 649 deletions(-) delete mode 100644 shadowsocks-csharp/Encryption/Stream/StreamEncryptor.cs delete mode 100644 shadowsocks-csharp/Encryption/Stream/StreamMbedTLSEncryptor.cs delete mode 100644 shadowsocks-csharp/Encryption/Stream/StreamOpenSSLEncryptor.cs delete mode 100644 shadowsocks-csharp/Encryption/Stream/StreamSodiumEncryptor.cs diff --git a/shadowsocks-csharp/Encryption/AEAD/AEADEncryptor.cs b/shadowsocks-csharp/Encryption/AEAD/AEADEncryptor.cs index 47fe5865..72dd693a 100644 --- a/shadowsocks-csharp/Encryption/AEAD/AEADEncryptor.cs +++ b/shadowsocks-csharp/Encryption/AEAD/AEADEncryptor.cs @@ -7,7 +7,6 @@ using System.Text; using Shadowsocks.Encryption.CircularBuffer; using Shadowsocks.Controller; using Shadowsocks.Encryption.Exception; -using Shadowsocks.Encryption.Stream; namespace Shadowsocks.Encryption.AEAD { @@ -98,7 +97,24 @@ namespace Shadowsocks.Encryption.AEAD public void DeriveKey(byte[] password, byte[] key, int keylen) { - StreamEncryptor.LegacyDeriveKey(password, key, keylen); + byte[] result = new byte[password.Length + MD5_LEN]; + int i = 0; + byte[] md5sum = null; + while (i < keylen) + { + if (i == 0) + { + md5sum = MbedTLS.MD5(password); + } + else + { + Array.Copy(md5sum, 0, result, 0, MD5_LEN); + Array.Copy(password, 0, result, MD5_LEN, password.Length); + md5sum = MbedTLS.MD5(result); + } + Array.Copy(md5sum, 0, key, i, Math.Min(MD5_LEN, keylen - i)); + i += MD5_LEN; + } } public void DeriveSessionKey(byte[] salt, byte[] masterKey, byte[] sessionKey) diff --git a/shadowsocks-csharp/Encryption/EncryptorFactory.cs b/shadowsocks-csharp/Encryption/EncryptorFactory.cs index 08e234d9..dc1f3abd 100644 --- a/shadowsocks-csharp/Encryption/EncryptorFactory.cs +++ b/shadowsocks-csharp/Encryption/EncryptorFactory.cs @@ -3,7 +3,6 @@ using System.Collections.Generic; using System.Reflection; using System.Text; using Shadowsocks.Encryption.AEAD; -using Shadowsocks.Encryption.Stream; namespace Shadowsocks.Encryption { @@ -26,27 +25,7 @@ namespace Shadowsocks.Encryption { AEADSodiumEncryptorSupportedCiphers.Remove("aes-256-gcm"); } -#if I_KNOW_STREAM_CIPHER_IS_UNSAFE - // XXX: sequence matters, OpenSSL > Sodium > MbedTLS - foreach (string method in StreamOpenSSLEncryptor.SupportedCiphers()) - { - if (!_registeredEncryptors.ContainsKey(method)) - _registeredEncryptors.Add(method, typeof(StreamOpenSSLEncryptor)); - } - - foreach (string method in StreamSodiumEncryptor.SupportedCiphers()) - { - if (!_registeredEncryptors.ContainsKey(method)) - _registeredEncryptors.Add(method, typeof(StreamSodiumEncryptor)); - } - foreach (string method in StreamMbedTLSEncryptor.SupportedCiphers()) - { - if (!_registeredEncryptors.ContainsKey(method)) - _registeredEncryptors.Add(method, typeof(StreamMbedTLSEncryptor)); - } -#endif - foreach (string method in AEADOpenSSLEncryptor.SupportedCiphers()) { if (!_registeredEncryptors.ContainsKey(method)) diff --git a/shadowsocks-csharp/Encryption/Stream/StreamEncryptor.cs b/shadowsocks-csharp/Encryption/Stream/StreamEncryptor.cs deleted file mode 100644 index a93a7cf8..00000000 --- a/shadowsocks-csharp/Encryption/Stream/StreamEncryptor.cs +++ /dev/null @@ -1,182 +0,0 @@ -using System; -using System.Collections.Generic; -using System.Diagnostics; -using System.Text; -using Shadowsocks.Encryption.CircularBuffer; -using Shadowsocks.Controller; - -namespace Shadowsocks.Encryption.Stream -{ - public abstract class StreamEncryptor - : EncryptorBase - { - // for UDP only - protected static byte[] _udpTmpBuf = new byte[65536]; - - // every connection should create its own buffer - private ByteCircularBuffer _encCircularBuffer = new ByteCircularBuffer(TCPHandler.BufferSize * 2); - private ByteCircularBuffer _decCircularBuffer = new ByteCircularBuffer(TCPHandler.BufferSize * 2); - - protected Dictionary ciphers; - - protected byte[] _encryptIV; - protected byte[] _decryptIV; - - // Is first packet - protected bool _decryptIVReceived; - protected bool _encryptIVSent; - - protected string _method; - protected int _cipher; - // internal name in the crypto library - protected string _innerLibName; - protected EncryptorInfo CipherInfo; - // long-time master key - protected static byte[] _key = null; - protected int keyLen; - protected int ivLen; - - public StreamEncryptor(string method, string password) - : base(method, password) - { - InitEncryptorInfo(method); - InitKey(password); - } - - protected abstract Dictionary getCiphers(); - - private void InitEncryptorInfo(string method) - { - method = method.ToLower(); - _method = method; - ciphers = getCiphers(); - CipherInfo = ciphers[_method]; - _innerLibName = CipherInfo.InnerLibName; - _cipher = CipherInfo.Type; - if (_cipher == 0) { - throw new System.Exception("method not found"); - } - keyLen = CipherInfo.KeySize; - ivLen = CipherInfo.IvSize; - } - - private void InitKey(string password) - { - byte[] passbuf = Encoding.UTF8.GetBytes(password); - if (_key == null) _key = new byte[keyLen]; - if (_key.Length != keyLen) Array.Resize(ref _key, keyLen); - LegacyDeriveKey(passbuf, _key, keyLen); - } - - public static void LegacyDeriveKey(byte[] password, byte[] key, int keylen) - { - byte[] result = new byte[password.Length + MD5_LEN]; - int i = 0; - byte[] md5sum = null; - while (i < keylen) { - if (i == 0) { - md5sum = MbedTLS.MD5(password); - } else { - Array.Copy(md5sum, 0, result, 0, MD5_LEN); - Array.Copy(password, 0, result, MD5_LEN, password.Length); - md5sum = MbedTLS.MD5(result); - } - Array.Copy(md5sum, 0, key, i, Math.Min(MD5_LEN, keylen - i)); - i += MD5_LEN; - } - } - - protected virtual void initCipher(byte[] iv, bool isEncrypt) - { - if (isEncrypt) { - _encryptIV = new byte[ivLen]; - Array.Copy(iv, _encryptIV, ivLen); - } else { - _decryptIV = new byte[ivLen]; - Array.Copy(iv, _decryptIV, ivLen); - } - } - - protected abstract void cipherUpdate(bool isEncrypt, int length, byte[] buf, byte[] outbuf); - - protected static void randBytes(byte[] buf, int length) { RNG.GetBytes(buf, length); } - - #region TCP - - public override void Encrypt(byte[] buf, int length, byte[] outbuf, out int outlength) - { - int cipherOffset = 0; - Debug.Assert(_encCircularBuffer != null, "_encCircularBuffer != null"); - _encCircularBuffer.Put(buf, 0, length); - if (! _encryptIVSent) { - // Generate IV - byte[] ivBytes = new byte[ivLen]; - randBytes(ivBytes, ivLen); - initCipher(ivBytes, true); - - Array.Copy(ivBytes, 0, outbuf, 0, ivLen); - cipherOffset = ivLen; - _encryptIVSent = true; - } - int size = _encCircularBuffer.Size; - byte[] plain = _encCircularBuffer.Get(size); - byte[] cipher = new byte[size]; - cipherUpdate(true, size, plain, cipher); - Buffer.BlockCopy(cipher, 0, outbuf, cipherOffset, size); - outlength = size + cipherOffset; - } - - public override void Decrypt(byte[] buf, int length, byte[] outbuf, out int outlength) - { - Debug.Assert(_decCircularBuffer != null, "_circularBuffer != null"); - _decCircularBuffer.Put(buf, 0, length); - if (! _decryptIVReceived) { - if (_decCircularBuffer.Size <= ivLen) { - // we need more data - outlength = 0; - return; - } - // start decryption - _decryptIVReceived = true; - byte[] iv = _decCircularBuffer.Get(ivLen); - initCipher(iv, false); - } - byte[] cipher = _decCircularBuffer.ToArray(); - cipherUpdate(false, cipher.Length, cipher, outbuf); - // move pointer only - _decCircularBuffer.Skip(_decCircularBuffer.Size); - outlength = cipher.Length; - // done the decryption - } - - #endregion - - #region UDP - - public override void EncryptUDP(byte[] buf, int length, byte[] outbuf, out int outlength) - { - // Generate IV - randBytes(outbuf, ivLen); - initCipher(outbuf, true); - lock (_udpTmpBuf) { - cipherUpdate(true, length, buf, _udpTmpBuf); - outlength = length + ivLen; - Buffer.BlockCopy(_udpTmpBuf, 0, outbuf, ivLen, length); - } - } - - public override void DecryptUDP(byte[] buf, int length, byte[] outbuf, out int outlength) - { - // Get IV from first pos - initCipher(buf, false); - outlength = length - ivLen; - lock (_udpTmpBuf) { - // C# could be multi-threaded - Buffer.BlockCopy(buf, ivLen, _udpTmpBuf, 0, length - ivLen); - cipherUpdate(false, length - ivLen, _udpTmpBuf, outbuf); - } - } - - #endregion - } -} \ No newline at end of file diff --git a/shadowsocks-csharp/Encryption/Stream/StreamMbedTLSEncryptor.cs b/shadowsocks-csharp/Encryption/Stream/StreamMbedTLSEncryptor.cs deleted file mode 100644 index 210fcef7..00000000 --- a/shadowsocks-csharp/Encryption/Stream/StreamMbedTLSEncryptor.cs +++ /dev/null @@ -1,155 +0,0 @@ -using System; -using System.Collections.Generic; -using System.Runtime.InteropServices; -using Shadowsocks.Encryption.Exception; - -namespace Shadowsocks.Encryption.Stream -{ - public class StreamMbedTLSEncryptor - : StreamEncryptor, IDisposable - { - const int CIPHER_RC4 = 1; - const int CIPHER_AES = 2; - const int CIPHER_BLOWFISH = 3; - const int CIPHER_CAMELLIA = 4; - - private IntPtr _encryptCtx = IntPtr.Zero; - private IntPtr _decryptCtx = IntPtr.Zero; - - public StreamMbedTLSEncryptor(string method, string password) - : base(method, password) - { - } - - private static Dictionary _ciphers = new Dictionary { - { "aes-128-cfb", new EncryptorInfo("AES-128-CFB128", 16, 16, CIPHER_AES) }, - { "aes-192-cfb", new EncryptorInfo("AES-192-CFB128", 24, 16, CIPHER_AES) }, - { "aes-256-cfb", new EncryptorInfo("AES-256-CFB128", 32, 16, CIPHER_AES) }, - { "aes-128-ctr", new EncryptorInfo("AES-128-CTR", 16, 16, CIPHER_AES) }, - { "aes-192-ctr", new EncryptorInfo("AES-192-CTR", 24, 16, CIPHER_AES) }, - { "aes-256-ctr", new EncryptorInfo("AES-256-CTR", 32, 16, CIPHER_AES) }, - { "bf-cfb", new EncryptorInfo("BLOWFISH-CFB64", 16, 8, CIPHER_BLOWFISH) }, - { "camellia-128-cfb", new EncryptorInfo("CAMELLIA-128-CFB128", 16, 16, CIPHER_CAMELLIA) }, - { "camellia-192-cfb", new EncryptorInfo("CAMELLIA-192-CFB128", 24, 16, CIPHER_CAMELLIA) }, - { "camellia-256-cfb", new EncryptorInfo("CAMELLIA-256-CFB128", 32, 16, CIPHER_CAMELLIA) }, - { "rc4-md5", new EncryptorInfo("ARC4-128", 16, 16, CIPHER_RC4) } - }; - - public static List SupportedCiphers() - { - return new List(_ciphers.Keys); - } - - protected override Dictionary getCiphers() - { - return _ciphers; - } - - protected override void initCipher(byte[] iv, bool isEncrypt) - { - base.initCipher(iv, isEncrypt); - IntPtr ctx = Marshal.AllocHGlobal(MbedTLS.cipher_get_size_ex()); - if (isEncrypt) - { - _encryptCtx = ctx; - } - else - { - _decryptCtx = ctx; - } - byte[] realkey; - if (_method == "rc4-md5") - { - byte[] temp = new byte[keyLen + ivLen]; - Array.Copy(_key, 0, temp, 0, keyLen); - Array.Copy(iv, 0, temp, keyLen, ivLen); - realkey = MbedTLS.MD5(temp); - } - else - { - realkey = _key; - } - MbedTLS.cipher_init(ctx); - if (MbedTLS.cipher_setup( ctx, MbedTLS.cipher_info_from_string( _innerLibName ) ) != 0 ) - throw new System.Exception("Cannot initialize mbed TLS cipher context"); - /* - * MbedTLS takes key length by bit - * cipher_setkey() will set the correct key schedule - * and operation - * - * MBEDTLS_AES_{EN,DE}CRYPT - * == MBEDTLS_BLOWFISH_{EN,DE}CRYPT - * == MBEDTLS_CAMELLIA_{EN,DE}CRYPT - * == MBEDTLS_{EN,DE}CRYPT - * - */ - if (MbedTLS.cipher_setkey(ctx, realkey, keyLen * 8, - isEncrypt ? MbedTLS.MBEDTLS_ENCRYPT : MbedTLS.MBEDTLS_DECRYPT) != 0 ) - throw new System.Exception("Cannot set mbed TLS cipher key"); - if (MbedTLS.cipher_set_iv(ctx, iv, ivLen) != 0) - throw new System.Exception("Cannot set mbed TLS cipher IV"); - if (MbedTLS.cipher_reset(ctx) != 0) - throw new System.Exception("Cannot finalize mbed TLS cipher context"); - } - - protected override void cipherUpdate(bool isEncrypt, int length, byte[] buf, byte[] outbuf) - { - // C# could be multi-threaded - if (_disposed) - { - throw new ObjectDisposedException(this.ToString()); - } - if (MbedTLS.cipher_update(isEncrypt ? _encryptCtx : _decryptCtx, - buf, length, outbuf, ref length) != 0 ) - throw new CryptoErrorException(); - } - - #region IDisposable - - private bool _disposed; - - // instance based lock - private readonly object _lock = new object(); - - public override void Dispose() - { - Dispose(true); - GC.SuppressFinalize(this); - } - - ~StreamMbedTLSEncryptor() - { - Dispose(false); - } - - protected virtual void Dispose(bool disposing) - { - lock (_lock) - { - if (_disposed) return; - _disposed = true; - } - - if (disposing) - { - // free managed objects - } - - // free unmanaged objects - if (_encryptCtx != IntPtr.Zero) - { - MbedTLS.cipher_free(_encryptCtx); - Marshal.FreeHGlobal(_encryptCtx); - _encryptCtx = IntPtr.Zero; - } - if (_decryptCtx != IntPtr.Zero) - { - MbedTLS.cipher_free(_decryptCtx); - Marshal.FreeHGlobal(_decryptCtx); - _decryptCtx = IntPtr.Zero; - } - } - - #endregion - } -} diff --git a/shadowsocks-csharp/Encryption/Stream/StreamOpenSSLEncryptor.cs b/shadowsocks-csharp/Encryption/Stream/StreamOpenSSLEncryptor.cs deleted file mode 100644 index 5897e09b..00000000 --- a/shadowsocks-csharp/Encryption/Stream/StreamOpenSSLEncryptor.cs +++ /dev/null @@ -1,159 +0,0 @@ -using System; -using System.Collections.Generic; -using System.Diagnostics; -using Shadowsocks.Encryption.Exception; - - -namespace Shadowsocks.Encryption.Stream -{ - public class StreamOpenSSLEncryptor - : StreamEncryptor, IDisposable - { - const int CIPHER_RC4 = 1; - const int CIPHER_AES = 2; - const int CIPHER_CAMELLIA = 3; - const int CIPHER_BLOWFISH = 4; - const int CIPHER_CHACHA20_IETF = 5; - - private IntPtr _encryptCtx = IntPtr.Zero; - private IntPtr _decryptCtx = IntPtr.Zero; - - public StreamOpenSSLEncryptor(string method, string password) - : base(method, password) - { - } - - // XXX: name=RC4,blkSz=1,keyLen=16,ivLen=0, do NOT pass IV to it - private static readonly Dictionary _ciphers = new Dictionary - { - { "aes-128-cfb", new EncryptorInfo("AES-128-CFB", 16, 16, CIPHER_AES) }, - { "aes-192-cfb", new EncryptorInfo("AES-192-CFB", 24, 16, CIPHER_AES) }, - { "aes-256-cfb", new EncryptorInfo("AES-256-CFB", 32, 16, CIPHER_AES) }, - { "aes-128-ctr", new EncryptorInfo("aes-128-ctr", 16, 16, CIPHER_AES) }, - { "aes-192-ctr", new EncryptorInfo("aes-192-ctr", 24, 16, CIPHER_AES) }, - { "aes-256-ctr", new EncryptorInfo("aes-256-ctr", 32, 16, CIPHER_AES) }, - { "bf-cfb", new EncryptorInfo("bf-cfb", 16, 8, CIPHER_BLOWFISH) }, - { "camellia-128-cfb", new EncryptorInfo("CAMELLIA-128-CFB", 16, 16, CIPHER_CAMELLIA) }, - { "camellia-192-cfb", new EncryptorInfo("CAMELLIA-192-CFB", 24, 16, CIPHER_CAMELLIA) }, - { "camellia-256-cfb", new EncryptorInfo("CAMELLIA-256-CFB", 32, 16, CIPHER_CAMELLIA) }, - { "rc4-md5", new EncryptorInfo("RC4", 16, 16, CIPHER_RC4) }, - // it's using ivLen=16, not compatible - //{ "chacha20-ietf", new EncryptorInfo("chacha20", 32, 12, CIPHER_CHACHA20_IETF) } - }; - - public static List SupportedCiphers() - { - return new List(_ciphers.Keys); - } - - protected override Dictionary getCiphers() - { - return _ciphers; - } - - protected override void initCipher(byte[] iv, bool isEncrypt) - { - base.initCipher(iv, isEncrypt); - IntPtr cipherInfo = OpenSSL.GetCipherInfo(_innerLibName); - if (cipherInfo == IntPtr.Zero) throw new System.Exception("openssl: cipher not found"); - IntPtr ctx = OpenSSL.EVP_CIPHER_CTX_new(); - if (ctx == IntPtr.Zero) throw new System.Exception("fail to create ctx"); - - if (isEncrypt) - { - _encryptCtx = ctx; - } - else - { - _decryptCtx = ctx; - } - - byte[] realkey; - if (_method == "rc4-md5") - { - byte[] temp = new byte[keyLen + ivLen]; - Array.Copy(_key, 0, temp, 0, keyLen); - Array.Copy(iv, 0, temp, keyLen, ivLen); - realkey = MbedTLS.MD5(temp); - } - else - { - realkey = _key; - } - - var ret = OpenSSL.EVP_CipherInit_ex(ctx, cipherInfo, IntPtr.Zero, null,null, - isEncrypt ? OpenSSL.OPENSSL_ENCRYPT : OpenSSL.OPENSSL_DECRYPT); - if (ret != 1) throw new System.Exception("openssl: fail to set key length"); - ret = OpenSSL.EVP_CIPHER_CTX_set_key_length(ctx, keyLen); - if (ret != 1) throw new System.Exception("openssl: fail to set key length"); - ret = OpenSSL.EVP_CipherInit_ex(ctx, IntPtr.Zero, IntPtr.Zero, realkey, - _method == "rc4-md5" ? null : iv, - isEncrypt ? OpenSSL.OPENSSL_ENCRYPT : OpenSSL.OPENSSL_DECRYPT); - if (ret != 1) throw new System.Exception("openssl: cannot set key and iv"); - OpenSSL.EVP_CIPHER_CTX_set_padding(ctx, 0); - } - - protected override void cipherUpdate(bool isEncrypt, int length, byte[] buf, byte[] outbuf) - { - // C# could be multi-threaded - if (_disposed) - { - throw new ObjectDisposedException(this.ToString()); - } - - int outlen = 0; - var ret = OpenSSL.EVP_CipherUpdate(isEncrypt ? _encryptCtx : _decryptCtx, - outbuf, out outlen, buf, length); - if (ret != 1) - throw new CryptoErrorException(String.Format("ret is {0}", ret)); - Debug.Assert(outlen == length); - } - - #region IDisposable - - private bool _disposed; - - // instance based lock - private readonly object _lock = new object(); - - public override void Dispose() - { - Dispose(true); - GC.SuppressFinalize(this); - } - - ~StreamOpenSSLEncryptor() - { - Dispose(false); - } - - protected virtual void Dispose(bool disposing) - { - lock (_lock) - { - if (_disposed) return; - _disposed = true; - } - - if (disposing) - { - // free managed objects - } - - // free unmanaged objects - if (_encryptCtx != IntPtr.Zero) - { - OpenSSL.EVP_CIPHER_CTX_free(_encryptCtx); - _encryptCtx = IntPtr.Zero; - } - - if (_decryptCtx != IntPtr.Zero) - { - OpenSSL.EVP_CIPHER_CTX_free(_decryptCtx); - _decryptCtx = IntPtr.Zero; - } - } - - #endregion - } -} \ No newline at end of file diff --git a/shadowsocks-csharp/Encryption/Stream/StreamSodiumEncryptor.cs b/shadowsocks-csharp/Encryption/Stream/StreamSodiumEncryptor.cs deleted file mode 100644 index 523fab46..00000000 --- a/shadowsocks-csharp/Encryption/Stream/StreamSodiumEncryptor.cs +++ /dev/null @@ -1,107 +0,0 @@ -using System; -using System.Collections.Generic; -using Shadowsocks.Encryption.Exception; - -namespace Shadowsocks.Encryption.Stream -{ - public class StreamSodiumEncryptor - : StreamEncryptor, IDisposable - { - const int CIPHER_SALSA20 = 1; - const int CIPHER_CHACHA20 = 2; - const int CIPHER_CHACHA20_IETF = 3; - - const int SODIUM_BLOCK_SIZE = 64; - - protected int _encryptBytesRemaining; - protected int _decryptBytesRemaining; - protected ulong _encryptIC; - protected ulong _decryptIC; - protected byte[] _encryptBuf; - protected byte[] _decryptBuf; - - public StreamSodiumEncryptor(string method, string password) - : base(method, password) - { - _encryptBuf = new byte[MAX_INPUT_SIZE + SODIUM_BLOCK_SIZE]; - _decryptBuf = new byte[MAX_INPUT_SIZE + SODIUM_BLOCK_SIZE]; - } - - private static readonly Dictionary _ciphers = new Dictionary { - { "salsa20", new EncryptorInfo(32, 8, CIPHER_SALSA20) }, - { "chacha20", new EncryptorInfo(32, 8, CIPHER_CHACHA20) }, - { "chacha20-ietf", new EncryptorInfo(32, 12, CIPHER_CHACHA20_IETF) } - }; - - protected override Dictionary getCiphers() - { - return _ciphers; - } - - public static List SupportedCiphers() - { - return new List(_ciphers.Keys); - } - - protected override void cipherUpdate(bool isEncrypt, int length, byte[] buf, byte[] outbuf) - { - // TODO write a unidirection cipher so we don't have to if if if - int bytesRemaining; - ulong ic; - byte[] sodiumBuf; - byte[] iv; - int ret = -1; - - if (isEncrypt) - { - bytesRemaining = _encryptBytesRemaining; - ic = _encryptIC; - sodiumBuf = _encryptBuf; - iv = _encryptIV; - } - else - { - bytesRemaining = _decryptBytesRemaining; - ic = _decryptIC; - sodiumBuf = _decryptBuf; - iv = _decryptIV; - } - int padding = bytesRemaining; - Buffer.BlockCopy(buf, 0, sodiumBuf, padding, length); - - switch (_cipher) - { - case CIPHER_SALSA20: - ret = Sodium.crypto_stream_salsa20_xor_ic(sodiumBuf, sodiumBuf, (ulong)(padding + length), iv, ic, _key); - break; - case CIPHER_CHACHA20: - ret = Sodium.crypto_stream_chacha20_xor_ic(sodiumBuf, sodiumBuf, (ulong)(padding + length), iv, ic, _key); - break; - case CIPHER_CHACHA20_IETF: - ret = Sodium.crypto_stream_chacha20_ietf_xor_ic(sodiumBuf, sodiumBuf, (ulong)(padding + length), iv, (uint)ic, _key); - break; - } - if (ret != 0) throw new CryptoErrorException(); - - Buffer.BlockCopy(sodiumBuf, padding, outbuf, 0, length); - padding += length; - ic += (ulong)padding / SODIUM_BLOCK_SIZE; - bytesRemaining = padding % SODIUM_BLOCK_SIZE; - - if (isEncrypt) - { - _encryptBytesRemaining = bytesRemaining; - _encryptIC = ic; - } - else - { - _decryptBytesRemaining = bytesRemaining; - _decryptIC = ic; - } - } - - public override void Dispose() - { - } - } -} diff --git a/shadowsocks-csharp/View/ConfigForm.cs b/shadowsocks-csharp/View/ConfigForm.cs index 3f947851..3fa423b4 100755 --- a/shadowsocks-csharp/View/ConfigForm.cs +++ b/shadowsocks-csharp/View/ConfigForm.cs @@ -25,23 +25,6 @@ namespace Shadowsocks.View public readonly bool deprecated; // Edit here to add/delete encryption method displayed in UI - private static string[] deprecatedMethod = new string[] - { - "rc4-md5", - "salsa20", - "chacha20", - "bf-cfb", - "chacha20-ietf", - "aes-256-cfb", - "aes-192-cfb", - "aes-128-cfb", - "aes-256-ctr", - "aes-192-ctr", - "aes-128-ctr", - "camellia-256-cfb", - "camellia-192-cfb", - "camellia-128-cfb", - }; private static string[] inuseMethod = new string[] { "aes-256-gcm", @@ -66,7 +49,6 @@ namespace Shadowsocks.View var all = new List(); all.AddRange(inuseMethod.Select(i => new EncryptionMethod(i, false))); - all.AddRange(deprecatedMethod.Select(d => new EncryptionMethod(d, true))); allMethods = all.ToArray(); foreach (var item in all) diff --git a/shadowsocks-csharp/shadowsocks-csharp.csproj b/shadowsocks-csharp/shadowsocks-csharp.csproj index 0f2f3d8e..f5ec02b8 100644 --- a/shadowsocks-csharp/shadowsocks-csharp.csproj +++ b/shadowsocks-csharp/shadowsocks-csharp.csproj @@ -240,10 +240,6 @@ - - - - True diff --git a/test/ShadowsocksTest.csproj b/test/ShadowsocksTest.csproj index 54c1b19f..7fd11b49 100644 --- a/test/ShadowsocksTest.csproj +++ b/test/ShadowsocksTest.csproj @@ -56,7 +56,6 @@ -