SagerNet/sing
1
0
Fork 0
mirror of https://github.com/SagerNet/sing.git synced 2025-04-04 20:37:40 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions

Fix 2022-blake3-chacha20-ploy1305 write nonce

Browse source
This commit is contained in:
世界 2022-05-13 10:31:02 +08:00
parent 58e06dc57c
commit da424ddd3f
No known key found for this signature in database
GPG key ID: CD109927C34A63C4
2 changed files with 16 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

4
protocol/shadowsocks/shadowaead_2022/protocol.go
View file

@ -444,7 +444,7 @@ func (c *clientPacketConn) WritePacket(buffer *buf.Buffer, destination M.Socksad
if pskLen > 1 { if pskLen > 1 {
panic("unsupported chacha extended header") panic("unsupported chacha extended header")
} }
dataIndex = buffer.Len() dataIndex = PacketNonceSize
} else { } else {
dataIndex = aes.BlockSize dataIndex = aes.BlockSize
} }
@ -649,7 +649,7 @@ func (c *clientPacketConn) WriteTo(p []byte, addr net.Addr) (n int, err error) {
if pskLen > 1 { if pskLen > 1 {
panic("unsupported chacha extended header") panic("unsupported chacha extended header")
} }
dataIndex = buffer.Len() dataIndex = PacketNonceSize
} else { } else {
dataIndex = aes.BlockSize dataIndex = aes.BlockSize
} }

23
protocol/shadowsocks/shadowaead_2022/service.go
View file

@ -8,6 +8,7 @@ import (
"io" "io"
"math" "math"
"net" "net"
"os"
"runtime" "runtime"
"sync" "sync"
"sync/atomic" "sync/atomic"
@ -69,16 +70,20 @@ func NewService(method string, psk []byte, password string, secureRNG io.Reader,
case "2022-blake3-chacha20-poly1305": case "2022-blake3-chacha20-poly1305":
s.keySaltLength = 32 s.keySaltLength = 32
s.constructor = newChacha20Poly1305 s.constructor = newChacha20Poly1305
default:
return nil, os.ErrInvalid
} }
if len(psk) < s.keySaltLength { if len(psk) != s.keySaltLength {
return nil, shadowsocks.ErrBadKey if len(psk) < s.keySaltLength {
} else if len(psk) > s.keySaltLength { return nil, shadowsocks.ErrBadKey
psk = Key(psk, s.keySaltLength) } else if len(psk) > s.keySaltLength {
} else if password == "" { psk = Key(psk, s.keySaltLength)
return nil, ErrMissingPasswordPSK } else if password == "" {
} else { return nil, ErrMissingPasswordPSK
psk = Key([]byte(password), s.keySaltLength) } else {
psk = Key([]byte(password), s.keySaltLength)
}
} }
switch method { switch method {
@ -395,7 +400,7 @@ func (w *serverPacketWriter) WritePacket(buffer *buf.Buffer, destination M.Socks
var dataIndex int var dataIndex int
if w.udpCipher != nil { if w.udpCipher != nil {
common.Must1(header.ReadFullFrom(w.secureRNG, PacketNonceSize)) common.Must1(header.ReadFullFrom(w.secureRNG, PacketNonceSize))
dataIndex = buffer.Len() dataIndex = PacketNonceSize
} else { } else {
dataIndex = aes.BlockSize dataIndex = aes.BlockSize
} }