2022-05-24 12:28:18 +00:00
|
|
|
package shadowstream
|
|
|
|
|
|
|
|
import (
|
|
|
|
"crypto/rand"
|
|
|
|
"errors"
|
|
|
|
"io"
|
|
|
|
"net"
|
|
|
|
|
2023-05-28 14:51:26 +00:00
|
|
|
N "github.com/Dreamacro/clash/common/net"
|
2022-05-24 12:28:18 +00:00
|
|
|
"github.com/Dreamacro/clash/common/pool"
|
|
|
|
)
|
|
|
|
|
|
|
|
// ErrShortPacket means the packet is too short to be a valid encrypted packet.
|
|
|
|
var ErrShortPacket = errors.New("short packet")
|
|
|
|
|
|
|
|
// Pack encrypts plaintext using stream cipher s and a random IV.
|
|
|
|
// Returns a slice of dst containing random IV and ciphertext.
|
|
|
|
// Ensure len(dst) >= s.IVSize() + len(plaintext).
|
|
|
|
func Pack(dst, plaintext []byte, s Cipher) ([]byte, error) {
|
|
|
|
if len(dst) < s.IVSize()+len(plaintext) {
|
|
|
|
return nil, io.ErrShortBuffer
|
|
|
|
}
|
|
|
|
iv := dst[:s.IVSize()]
|
|
|
|
_, err := rand.Read(iv)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
s.Encrypter(iv).XORKeyStream(dst[len(iv):], plaintext)
|
|
|
|
return dst[:len(iv)+len(plaintext)], nil
|
|
|
|
}
|
|
|
|
|
|
|
|
// Unpack decrypts pkt using stream cipher s.
|
|
|
|
// Returns a slice of dst containing decrypted plaintext.
|
|
|
|
func Unpack(dst, pkt []byte, s Cipher) ([]byte, error) {
|
|
|
|
if len(pkt) < s.IVSize() {
|
|
|
|
return nil, ErrShortPacket
|
|
|
|
}
|
|
|
|
if len(dst) < len(pkt)-s.IVSize() {
|
|
|
|
return nil, io.ErrShortBuffer
|
|
|
|
}
|
|
|
|
iv := pkt[:s.IVSize()]
|
|
|
|
s.Decrypter(iv).XORKeyStream(dst, pkt[len(iv):])
|
|
|
|
return dst[:len(pkt)-len(iv)], nil
|
|
|
|
}
|
|
|
|
|
|
|
|
type PacketConn struct {
|
2023-05-28 14:51:26 +00:00
|
|
|
N.EnhancePacketConn
|
2022-05-24 12:28:18 +00:00
|
|
|
Cipher
|
|
|
|
}
|
|
|
|
|
2023-05-28 14:51:26 +00:00
|
|
|
// NewPacketConn wraps an N.EnhancePacketConn with stream cipher encryption/decryption.
|
|
|
|
func NewPacketConn(c N.EnhancePacketConn, ciph Cipher) *PacketConn {
|
|
|
|
return &PacketConn{EnhancePacketConn: c, Cipher: ciph}
|
2022-05-24 12:28:18 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
const maxPacketSize = 64 * 1024
|
|
|
|
|
|
|
|
func (c *PacketConn) WriteTo(b []byte, addr net.Addr) (int, error) {
|
|
|
|
buf := pool.Get(maxPacketSize)
|
|
|
|
defer pool.Put(buf)
|
|
|
|
buf, err := Pack(buf, b, c.Cipher)
|
|
|
|
if err != nil {
|
|
|
|
return 0, err
|
|
|
|
}
|
2023-05-28 14:51:26 +00:00
|
|
|
_, err = c.EnhancePacketConn.WriteTo(buf, addr)
|
2022-05-24 12:28:18 +00:00
|
|
|
return len(b), err
|
|
|
|
}
|
|
|
|
|
|
|
|
func (c *PacketConn) ReadFrom(b []byte) (int, net.Addr, error) {
|
2023-05-28 14:51:26 +00:00
|
|
|
n, addr, err := c.EnhancePacketConn.ReadFrom(b)
|
2022-05-24 12:28:18 +00:00
|
|
|
if err != nil {
|
|
|
|
return n, addr, err
|
|
|
|
}
|
|
|
|
bb, err := Unpack(b[c.IVSize():], b[:n], c.Cipher)
|
|
|
|
if err != nil {
|
|
|
|
return n, addr, err
|
|
|
|
}
|
|
|
|
copy(b, bb)
|
|
|
|
return len(bb), addr, err
|
|
|
|
}
|
2023-05-28 14:51:26 +00:00
|
|
|
|
|
|
|
func (c *PacketConn) WaitReadFrom() (data []byte, put func(), addr net.Addr, err error) {
|
|
|
|
data, put, addr, err = c.EnhancePacketConn.WaitReadFrom()
|
|
|
|
if err != nil {
|
|
|
|
return
|
|
|
|
}
|
|
|
|
data, err = Unpack(data[c.IVSize():], data, c)
|
|
|
|
if err != nil {
|
|
|
|
if put != nil {
|
|
|
|
put()
|
|
|
|
}
|
|
|
|
data = nil
|
|
|
|
put = nil
|
|
|
|
return
|
|
|
|
}
|
|
|
|
return
|
|
|
|
}
|