Clash.Meta/transport/ssr/protocol/base.go

package protocol

import (
	"bytes"
	"crypto/aes"
	"crypto/cipher"
	"encoding/base64"
	"encoding/binary"
	"sync"
	"time"

	"github.com/Dreamacro/clash/common/pool"
	"github.com/Dreamacro/clash/log"
	"github.com/Dreamacro/clash/transport/shadowsocks/core"

	"github.com/zhangyunhao116/fastrand"
)

type Base struct {
	Key      []byte
	Overhead int
	Param    string
}

type userData struct {
	userKey []byte
	userID  [4]byte
}

type authData struct {
	clientID     [4]byte
	connectionID uint32
	mutex        sync.Mutex
}

func (a *authData) next() *authData {
	r := &authData{}
	a.mutex.Lock()
	defer a.mutex.Unlock()
	if a.connectionID > 0xff000000 || a.connectionID == 0 {
		fastrand.Read(a.clientID[:])
		a.connectionID = fastrand.Uint32() & 0xffffff
	}
	a.connectionID++
	copy(r.clientID[:], a.clientID[:])
	r.connectionID = a.connectionID
	return r
}

func (a *authData) putAuthData(buf *bytes.Buffer) {
	binary.Write(buf, binary.LittleEndian, uint32(time.Now().Unix()))
	buf.Write(a.clientID[:])
	binary.Write(buf, binary.LittleEndian, a.connectionID)
}

func (a *authData) putEncryptedData(b *bytes.Buffer, userKey []byte, paddings [2]int, salt string) error {
	encrypt := pool.Get(16)
	defer pool.Put(encrypt)
	binary.LittleEndian.PutUint32(encrypt, uint32(time.Now().Unix()))
	copy(encrypt[4:], a.clientID[:])
	binary.LittleEndian.PutUint32(encrypt[8:], a.connectionID)
	binary.LittleEndian.PutUint16(encrypt[12:], uint16(paddings[0]))
	binary.LittleEndian.PutUint16(encrypt[14:], uint16(paddings[1]))

	cipherKey := core.Kdf(base64.StdEncoding.EncodeToString(userKey)+salt, 16)
	block, err := aes.NewCipher(cipherKey)
	if err != nil {
		log.Warnln("New cipher error: %s", err.Error())
		return err
	}
	iv := bytes.Repeat([]byte{0}, 16)
	cbcCipher := cipher.NewCBCEncrypter(block, iv)

	cbcCipher.CryptBlocks(encrypt, encrypt)

	b.Write(encrypt)
	return nil
}
Feature: add ssr support (#805) * Refactor ssr stream cipher to expose iv and key References: https://github.com/Dreamacro/go-shadowsocks2 https://github.com/sh4d0wfiend/go-shadowsocksr2 * Implement ssr obfs Reference: https://github.com/mzz2017/shadowsocksR * Implement ssr protocol References: https://github.com/mzz2017/shadowsocksR https://github.com/shadowsocksRb/shadowsocksr-libev https://github.com/shadowsocksr-backup/shadowsocksr 2020-07-22 23:02:15 +08:00			`package protocol`

Improve: refactor ssr and fix #995 (#1189) Co-authored-by: goomada <madao@DESKTOP-IOEBS0C.localdomain> 2021-02-15 14:32:03 +08:00			`import (`
			`"bytes"`
			`"crypto/aes"`
			`"crypto/cipher"`
			`"encoding/base64"`
			`"encoding/binary"`
			`"sync"`
			`"time"`

			`"github.com/Dreamacro/clash/common/pool"`
			`"github.com/Dreamacro/clash/log"`
Chore: make hadowsocks2 lib embed 2022-05-24 20:28:18 +08:00			`"github.com/Dreamacro/clash/transport/shadowsocks/core"`
chore: use fastrand to replace math/rand 2023-03-06 18:10:14 +08:00
			`"github.com/zhangyunhao116/fastrand"`
Improve: refactor ssr and fix #995 (#1189) Co-authored-by: goomada <madao@DESKTOP-IOEBS0C.localdomain> 2021-02-15 14:32:03 +08:00			`)`

Feature: add ssr support (#805) * Refactor ssr stream cipher to expose iv and key References: https://github.com/Dreamacro/go-shadowsocks2 https://github.com/sh4d0wfiend/go-shadowsocksr2 * Implement ssr obfs Reference: https://github.com/mzz2017/shadowsocksR * Implement ssr protocol References: https://github.com/mzz2017/shadowsocksR https://github.com/shadowsocksRb/shadowsocksr-libev https://github.com/shadowsocksr-backup/shadowsocksr 2020-07-22 23:02:15 +08:00			`type Base struct {`
			`Key []byte`
			`Overhead int`
			`Param string`
			`}`
Improve: refactor ssr and fix #995 (#1189) Co-authored-by: goomada <madao@DESKTOP-IOEBS0C.localdomain> 2021-02-15 14:32:03 +08:00
			`type userData struct {`
			`userKey []byte`
			`userID [4]byte`
			`}`

			`type authData struct {`
			`clientID [4]byte`
			`connectionID uint32`
			`mutex sync.Mutex`
			`}`

			`func (a authData) next() authData {`
			`r := &authData{}`
			`a.mutex.Lock()`
			`defer a.mutex.Unlock()`
			`if a.connectionID > 0xff000000 \|\| a.connectionID == 0 {`
chore: use fastrand to replace math/rand 2023-03-06 18:10:14 +08:00			`fastrand.Read(a.clientID[:])`
			`a.connectionID = fastrand.Uint32() & 0xffffff`
Improve: refactor ssr and fix #995 (#1189) Co-authored-by: goomada <madao@DESKTOP-IOEBS0C.localdomain> 2021-02-15 14:32:03 +08:00			`}`
			`a.connectionID++`
			`copy(r.clientID[:], a.clientID[:])`
			`r.connectionID = a.connectionID`
			`return r`
			`}`

			`func (a authData) putAuthData(buf bytes.Buffer) {`
			`binary.Write(buf, binary.LittleEndian, uint32(time.Now().Unix()))`
			`buf.Write(a.clientID[:])`
			`binary.Write(buf, binary.LittleEndian, a.connectionID)`
			`}`

			`func (a authData) putEncryptedData(b bytes.Buffer, userKey []byte, paddings [2]int, salt string) error {`
			`encrypt := pool.Get(16)`
			`defer pool.Put(encrypt)`
			`binary.LittleEndian.PutUint32(encrypt, uint32(time.Now().Unix()))`
			`copy(encrypt[4:], a.clientID[:])`
			`binary.LittleEndian.PutUint32(encrypt[8:], a.connectionID)`
			`binary.LittleEndian.PutUint16(encrypt[12:], uint16(paddings[0]))`
			`binary.LittleEndian.PutUint16(encrypt[14:], uint16(paddings[1]))`

			`cipherKey := core.Kdf(base64.StdEncoding.EncodeToString(userKey)+salt, 16)`
			`block, err := aes.NewCipher(cipherKey)`
			`if err != nil {`
			`log.Warnln("New cipher error: %s", err.Error())`
			`return err`
			`}`
			`iv := bytes.Repeat([]byte{0}, 16)`
			`cbcCipher := cipher.NewCBCEncrypter(block, iv)`

			`cbcCipher.CryptBlocks(encrypt, encrypt)`

			`b.Write(encrypt)`
			`return nil`
			`}`