Fix shadowsocks xchacha cipher nonce size

This commit is contained in:
yuhan6665 2021-12-18 23:23:09 -05:00
parent 63da3a5481
commit 9ea1bf7c1d
3 changed files with 4 additions and 8 deletions

View file

@ -39,10 +39,6 @@ func GenerateIncreasingNonce(nonce []byte) BytesGenerator {
} }
} }
func GenerateInitialAEADNonce() BytesGenerator {
return GenerateIncreasingNonce([]byte{0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF})
}
func GenerateAEADNonceWithSize(nonceSize int) BytesGenerator { func GenerateAEADNonceWithSize(nonceSize int) BytesGenerator {
c := make([]byte, nonceSize) c := make([]byte, nonceSize)
for i := 0; i < nonceSize; i++ { for i := 0; i < nonceSize; i++ {

View file

@ -86,7 +86,7 @@ func ReadTCPSession(validator *Validator, reader io.Reader) (*protocol.RequestHe
if aead != nil { if aead != nil {
auth := &crypto.AEADAuthenticator{ auth := &crypto.AEADAuthenticator{
AEAD: aead, AEAD: aead,
NonceGenerator: crypto.GenerateInitialAEADNonce(), NonceGenerator: crypto.GenerateAEADNonceWithSize(aead.NonceSize()),
} }
r = crypto.NewAuthenticationReader(auth, &crypto.AEADChunkSizeParser{ r = crypto.NewAuthenticationReader(auth, &crypto.AEADChunkSizeParser{
Auth: auth, Auth: auth,

View file

@ -93,11 +93,11 @@ func (v *Validator) Get(bs []byte, command protocol.RequestCommand) (u *protocol
var matchErr error var matchErr error
switch command { switch command {
case protocol.RequestCommandTCP: case protocol.RequestCommandTCP:
data := make([]byte, 16) data := make([]byte, 4+aead.NonceSize())
ret, matchErr = aead.Open(data[:0], data[4:16], bs[ivLen:ivLen+18], nil) ret, matchErr = aead.Open(data[:0], data[4:], bs[ivLen:ivLen+18], nil)
case protocol.RequestCommandUDP: case protocol.RequestCommandUDP:
data := make([]byte, 8192) data := make([]byte, 8192)
ret, matchErr = aead.Open(data[:0], data[8180:8192], bs[ivLen:], nil) ret, matchErr = aead.Open(data[:0], data[8192-aead.NonceSize():8192], bs[ivLen:], nil)
} }
if matchErr == nil { if matchErr == nil {