github.com/yaling888/clash@v1.53.0/transport/ssr/protocol/auth_sha1_v4.go (about)

     1  package protocol
     2  
     3  import (
     4  	"bytes"
     5  	"encoding/binary"
     6  	"hash/adler32"
     7  	"hash/crc32"
     8  	"math/rand/v2"
     9  	"net"
    10  
    11  	"github.com/yaling888/clash/common/pool"
    12  	"github.com/yaling888/clash/transport/ssr/tools"
    13  )
    14  
    15  func init() {
    16  	register("auth_sha1_v4", newAuthSHA1V4, 7)
    17  }
    18  
    19  type authSHA1V4 struct {
    20  	*Base
    21  	*authData
    22  	iv            []byte
    23  	hasSentHeader bool
    24  	rawTrans      bool
    25  }
    26  
    27  func newAuthSHA1V4(b *Base) Protocol {
    28  	return &authSHA1V4{Base: b, authData: &authData{}}
    29  }
    30  
    31  func (a *authSHA1V4) StreamConn(c net.Conn, iv []byte) net.Conn {
    32  	p := &authSHA1V4{Base: a.Base, authData: a.next()}
    33  	p.iv = iv
    34  	return &Conn{Conn: c, Protocol: p}
    35  }
    36  
    37  func (a *authSHA1V4) PacketConn(c net.PacketConn) net.PacketConn {
    38  	return c
    39  }
    40  
    41  func (a *authSHA1V4) Decode(dst, src *bytes.Buffer) error {
    42  	if a.rawTrans {
    43  		_, _ = dst.ReadFrom(src)
    44  		return nil
    45  	}
    46  	for src.Len() > 4 {
    47  		if uint16(crc32.ChecksumIEEE(src.Bytes()[:2])&0xffff) != binary.LittleEndian.Uint16(src.Bytes()[2:4]) {
    48  			src.Reset()
    49  			return errAuthSHA1V4CRC32Error
    50  		}
    51  
    52  		length := int(binary.BigEndian.Uint16(src.Bytes()[:2]))
    53  		if length >= 8192 || length < 7 {
    54  			a.rawTrans = true
    55  			src.Reset()
    56  			return errAuthSHA1V4LengthError
    57  		}
    58  		if length > src.Len() {
    59  			break
    60  		}
    61  
    62  		if adler32.Checksum(src.Bytes()[:length-4]) != binary.LittleEndian.Uint32(src.Bytes()[length-4:length]) {
    63  			a.rawTrans = true
    64  			src.Reset()
    65  			return errAuthSHA1V4Adler32Error
    66  		}
    67  
    68  		pos := int(src.Bytes()[4])
    69  		if pos < 255 {
    70  			pos += 4
    71  		} else {
    72  			pos = int(binary.BigEndian.Uint16(src.Bytes()[5:7])) + 4
    73  		}
    74  		dst.Write(src.Bytes()[pos : length-4])
    75  		src.Next(length)
    76  	}
    77  	return nil
    78  }
    79  
    80  func (a *authSHA1V4) Encode(buf *bytes.Buffer, b []byte) error {
    81  	if !a.hasSentHeader {
    82  		dataLength := getDataLength(b)
    83  
    84  		a.packAuthData(buf, b[:dataLength])
    85  		b = b[dataLength:]
    86  
    87  		a.hasSentHeader = true
    88  	}
    89  	for len(b) > 8100 {
    90  		a.packData(buf, b[:8100])
    91  		b = b[8100:]
    92  	}
    93  	if len(b) > 0 {
    94  		a.packData(buf, b)
    95  	}
    96  
    97  	return nil
    98  }
    99  
   100  func (a *authSHA1V4) DecodePacket(b []byte) ([]byte, error) { return b, nil }
   101  
   102  func (a *authSHA1V4) EncodePacket(buf *bytes.Buffer, b []byte) error {
   103  	buf.Write(b)
   104  	return nil
   105  }
   106  
   107  func (a *authSHA1V4) packData(poolBuf *bytes.Buffer, data []byte) {
   108  	dataLength := len(data)
   109  	randDataLength := a.getRandDataLength(dataLength)
   110  	/*
   111  		2:	uint16 BigEndian packedDataLength
   112  		2:	uint16 LittleEndian crc32Data & 0xffff
   113  		3:	maxRandDataLengthPrefix (min:1)
   114  		4:	adler32Data
   115  	*/
   116  	packedDataLength := 2 + 2 + 3 + randDataLength + dataLength + 4
   117  	if randDataLength < 128 {
   118  		packedDataLength -= 2
   119  	}
   120  
   121  	_ = binary.Write(poolBuf, binary.BigEndian, uint16(packedDataLength))
   122  	_ = binary.Write(poolBuf, binary.LittleEndian, uint16(crc32.ChecksumIEEE(poolBuf.Bytes()[poolBuf.Len()-2:])&0xffff))
   123  	a.packRandData(poolBuf, randDataLength)
   124  	poolBuf.Write(data)
   125  	_ = binary.Write(poolBuf, binary.LittleEndian, adler32.Checksum(poolBuf.Bytes()[poolBuf.Len()-packedDataLength+4:]))
   126  }
   127  
   128  func (a *authSHA1V4) packAuthData(poolBuf *bytes.Buffer, data []byte) {
   129  	dataLength := len(data)
   130  	randDataLength := a.getRandDataLength(12 + dataLength)
   131  	/*
   132  		2:	uint16 BigEndian packedAuthDataLength
   133  		4:	uint32 LittleEndian crc32Data
   134  		3:	maxRandDataLengthPrefix (min: 1)
   135  		12:	authDataLength
   136  		10:	hmacSHA1DataLength
   137  	*/
   138  	packedAuthDataLength := 2 + 4 + 3 + randDataLength + 12 + dataLength + 10
   139  	if randDataLength < 128 {
   140  		packedAuthDataLength -= 2
   141  	}
   142  
   143  	salt := []byte("auth_sha1_v4")
   144  	crcData := pool.GetBufferWriter()
   145  	crcData.Grow(len(salt) + len(a.Key) + 2)
   146  	defer pool.PutBufferWriter(crcData)
   147  	binary.BigEndian.PutUint16(*crcData, uint16(packedAuthDataLength))
   148  	copy((*crcData)[2:], salt)
   149  	copy((*crcData)[2+len(salt):], a.Key)
   150  
   151  	key := pool.GetBufferWriter()
   152  	defer pool.PutBufferWriter(key)
   153  	key.PutSlice(a.iv)
   154  	key.PutSlice(a.Key)
   155  
   156  	poolBuf.Write((*crcData)[:2])
   157  	_ = binary.Write(poolBuf, binary.LittleEndian, crc32.ChecksumIEEE(crcData.Bytes()))
   158  	a.packRandData(poolBuf, randDataLength)
   159  	a.putAuthData(poolBuf)
   160  	poolBuf.Write(data)
   161  	poolBuf.Write(tools.HmacSHA1(key.Bytes(), poolBuf.Bytes()[poolBuf.Len()-packedAuthDataLength+10:])[:10])
   162  }
   163  
   164  func (a *authSHA1V4) packRandData(poolBuf *bytes.Buffer, size int) {
   165  	if size < 128 {
   166  		poolBuf.WriteByte(byte(size + 1))
   167  		tools.AppendRandBytes(poolBuf, size)
   168  		return
   169  	}
   170  	poolBuf.WriteByte(255)
   171  	_ = binary.Write(poolBuf, binary.BigEndian, uint16(size+3))
   172  	tools.AppendRandBytes(poolBuf, size)
   173  }
   174  
   175  func (a *authSHA1V4) getRandDataLength(size int) int {
   176  	if size > 1200 {
   177  		return 0
   178  	}
   179  	if size > 400 {
   180  		return rand.IntN(256)
   181  	}
   182  	return rand.IntN(512)
   183  }