github.com/v2fly/v2ray-core/v5@v5.16.2-0.20240507031116-8191faa6e095/proxy/shadowsocks2022/method_aes256gcm.go

github.com/v2fly/v2ray-core/v5@v5.16.2-0.20240507031116-8191faa6e095/proxy/shadowsocks2022/method_aes256gcm.go (about)

     1  package shadowsocks2022
     2  
     3  import (
     4  	"crypto/aes"
     5  	"crypto/cipher"
     6  )
     7  
     8  func newAES256GCMMethod() *AES256GCMMethod {
     9  	return &AES256GCMMethod{}
    10  }
    11  
    12  type AES256GCMMethod struct{}
    13  
    14  func (a AES256GCMMethod) GetSessionSubKeyAndSaltLength() int {
    15  	return 32
    16  }
    17  
    18  func (a AES256GCMMethod) GetStreamAEAD(sessionSubKey []byte) (cipher.AEAD, error) {
    19  	aesCipher, err := aes.NewCipher(sessionSubKey)
    20  	if err != nil {
    21  		return nil, newError("failed to create AES cipher").Base(err)
    22  	}
    23  	aead, err := cipher.NewGCM(aesCipher)
    24  	if err != nil {
    25  		return nil, newError("failed to create AES-GCM AEAD").Base(err)
    26  	}
    27  	return aead, nil
    28  }
    29  
    30  func (a AES256GCMMethod) GenerateEIH(currentIdentitySubKey []byte, nextPskHash []byte, out []byte) error {
    31  	aesCipher, err := aes.NewCipher(currentIdentitySubKey)
    32  	if err != nil {
    33  		return newError("failed to create AES cipher").Base(err)
    34  	}
    35  	aesCipher.Encrypt(out, nextPskHash)
    36  	return nil
    37  }
    38  
    39  func (a AES256GCMMethod) GetUDPClientProcessor(ipsk [][]byte, psk []byte, derivation KeyDerivation) (UDPClientPacketProcessor, error) {
    40  	reqSeparateHeaderPsk := psk
    41  	if ipsk != nil {
    42  		reqSeparateHeaderPsk = ipsk[0]
    43  	}
    44  	reqSeparateHeaderCipher, err := aes.NewCipher(reqSeparateHeaderPsk)
    45  	if err != nil {
    46  		return nil, newError("failed to create AES cipher").Base(err)
    47  	}
    48  	respSeparateHeaderCipher, err := aes.NewCipher(psk)
    49  	if err != nil {
    50  		return nil, newError("failed to create AES cipher").Base(err)
    51  	}
    52  	getPacketAEAD := func(sessionID []byte) cipher.AEAD {
    53  		sessionKey := make([]byte, a.GetSessionSubKeyAndSaltLength())
    54  		derivation.GetSessionSubKey(psk, sessionID, sessionKey)
    55  		block, err := aes.NewCipher(sessionKey)
    56  		if err != nil {
    57  			panic(err)
    58  		}
    59  		aead, err := cipher.NewGCM(block)
    60  		if err != nil {
    61  			panic(err)
    62  		}
    63  		return aead
    64  	}
    65  	if len(ipsk) == 0 {
    66  		return NewAESUDPClientPacketProcessor(reqSeparateHeaderCipher, respSeparateHeaderCipher, getPacketAEAD, nil), nil
    67  	}
    68  	eihGenerator := newAESEIHGeneratorContainer(len(ipsk), psk, ipsk)
    69  	getEIH := func(mask []byte) ExtensibleIdentityHeaders {
    70  		eih, err := eihGenerator.GenerateEIHUDP(derivation, a, mask)
    71  		if err != nil {
    72  			newError("failed to generate EIH").Base(err).WriteToLog()
    73  		}
    74  		return eih
    75  	}
    76  	return NewAESUDPClientPacketProcessor(reqSeparateHeaderCipher, respSeparateHeaderCipher, getPacketAEAD, getEIH), nil
    77  }