ei
/
mtg
spegling av https://github.com/9seconds/mtg
Bevaka 1
Stjärnmärk 0
Förgrening 0
Kod Ärenden 0 Släpp 48 Wiki Aktiviteter
Highly-opinionated (ex-bullshit-free) MTPROTO proxy for Telegram. If you use v1.0 or upgrade broke you proxy, please read the chapter Version 2
Du kan inte välja fler än 25 ämnen Ämnen måste starta med en bokstav eller siffra, kan innehålla bindestreck ('-') och vara max 35 tecken långa.
1135 Incheckningar
4 Grenar
Träd: 327af9c463
Grenar Taggar
${ item.name }
Skapa branchen ${ searchTerm }
från '327af9c463'
${ noResults }
mtg/mtglib/obfuscation/obfuscator.go

obfuscator.go 2.4KB
Historik

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596 
  1. package obfuscation

  2. 

  3. import (

  4. 	"crypto/aes"

  5. 	"crypto/cipher"

  6. 	"crypto/sha256"

  7. 	"crypto/subtle"

  8. 	"encoding/hex"

  9. 	"fmt"

  10. 	"hash"

  11. 	"io"

  12. 

  13. 	"github.com/9seconds/mtg/v2/essentials"

  14. )

  15. 

  16. // Obfuscator implements the obfuscated2 handshake

  17. // (https://core.telegram.org/mtproto/mtproto-transports#transport-obfuscation).

  18. // Set Secret to the MTProxy secret for key-mixed handshakes; leave nil for

  19. // direct DC connections.

  20. type Obfuscator struct {

  21. 	Secret []byte

  22. }

  23. 

  24. // ReadHandshake reads the 64-byte obfuscated2 client handshake from r,

  25. // validates it, and returns the DC the client requested along with a

  26. // transparent en/decrypting wrapper over r.

  27. func (o Obfuscator) ReadHandshake(r essentials.Conn) (int, essentials.Conn, error) {

  28. 	frame := handshakeFrame{}

  29. 

  30. 	if _, err := io.ReadFull(r, frame.data[:]); err != nil {

  31. 		return 0, nil, fmt.Errorf("cannot read frame: %w", err)

  32. 	}

  33. 

  34. 	hasher := sha256.New()

  35. 	recvCipher := o.getCipher(&frame, hasher)

  36. 

  37. 	frame.revert()

  38. 	hasher.Reset()

  39. 	sendCipher := o.getCipher(&frame, hasher)

  40. 

  41. 	recvCipher.XORKeyStream(frame.data[:], frame.data[:])

  42. 

  43. 	if val := frame.connectionType(); subtle.ConstantTimeCompare(val, hfConnectionType[:]) != 1 {

  44. 		return 0, nil, fmt.Errorf("unsupported connection type: %s", hex.EncodeToString(val))

  45. 	}

  46. 

  47. 	cn := conn{

  48. 		Conn:       r,

  49. 		recvCipher: recvCipher,

  50. 		sendCipher: sendCipher,

  51. 	}

  52. 

  53. 	return frame.dc(), cn, nil

  54. }

  55. 

  56. // SendHandshake writes a fresh 64-byte obfuscated2 handshake for the given

  57. // DC to w and returns a transparent en/decrypting wrapper over w.

  58. func (o Obfuscator) SendHandshake(w essentials.Conn, dc int) (essentials.Conn, error) {

  59. 	frame := generateHandshake(dc)

  60. 	copyFrame := frame

  61. 	hasher := sha256.New()

  62. 

  63. 	sendCipher := o.getCipher(&frame, hasher)

  64. 

  65. 	frame.revert()

  66. 	hasher.Reset()

  67. 	recvCipher := o.getCipher(&frame, hasher)

  68. 

  69. 	sendCipher.XORKeyStream(frame.data[:], frame.data[:])

  70. 	copy(frame.key(), copyFrame.key())

  71. 	copy(frame.iv(), copyFrame.iv())

  72. 

  73. 	if _, err := w.Write(frame.data[:]); err != nil {

  74. 		return nil, fmt.Errorf("cannot send a handshake: %w", err)

  75. 	}

  76. 

  77. 	return conn{

  78. 		Conn:       w,

  79. 		recvCipher: recvCipher,

  80. 		sendCipher: sendCipher,

  81. 	}, nil

  82. }

  83. 

  84. func (o Obfuscator) getCipher(f *handshakeFrame, hasher hash.Hash) cipher.Stream {

  85. 	blockKey := f.key()

  86. 

  87. 	if o.Secret != nil {

  88. 		hasher.Write(blockKey)

  89. 		hasher.Write(o.Secret)

  90. 		blockKey = hasher.Sum(nil)

  91. 	}

  92. 

  93. 	block, _ := aes.NewCipher(blockKey)

  94. 

  95. 	return cipher.NewCTR(block, f.iv())

  96. }