ei
/
mtg
mirror of https://github.com/9seconds/mtg
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 48 Wiki Activity
Highly-opinionated (ex-bullshit-free) MTPROTO proxy for Telegram. If you use v1.0 or upgrade broke you proxy, please read the chapter Version 2
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
591 Commits
7 Branches
Tree: 491b674e70
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '491b674e70'
${ noResults }
mtg/mtglib/internal/faketls/client_hello.go

client_hello.go 3.1KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118 
  1. package faketls

  2. 

  3. import (

  4. 	"crypto/hmac"

  5. 	"crypto/sha256"

  6. 	"encoding/binary"

  7. 	"fmt"

  8. 	"time"

  9. 

  10. 	"github.com/9seconds/mtg/v2/mtglib/internal/faketls/record"

  11. )

  12. 

  13. type ClientHello struct {

  14. 	Time        time.Time

  15. 	Random      [RandomLen]byte

  16. 	SessionID   []byte

  17. 	Host        string

  18. 	CipherSuite uint16

  19. }

  20. 

  21. func ParseClientHello(secret, handshake []byte) (ClientHello, error) {

  22. 	hello := ClientHello{}

  23. 

  24. 	if len(handshake) < ClientHelloMinLen {

  25. 		return hello, fmt.Errorf("lengh of handshake is too small: %d", len(handshake))

  26. 	}

  27. 

  28. 	if handshake[0] != HandshakeTypeClient {

  29. 		return hello, fmt.Errorf("unknown handshake type %#x", handshake[0])

  30. 	}

  31. 

  32. 	handshakeSizeBytes := [4]byte{0, handshake[1], handshake[2], handshake[3]}

  33. 	handshakeLength := binary.BigEndian.Uint32(handshakeSizeBytes[:])

  34. 

  35. 	if len(handshake)-4 != int(handshakeLength) {

  36. 		return hello,

  37. 			fmt.Errorf("incorrect handshake size. manifested=%d, real=%d",

  38. 				handshakeLength, len(handshake)-4) // nolint: gomnd

  39. 	}

  40. 

  41. 	copy(hello.Random[:], handshake[ClientHelloRandomOffset:])

  42. 

  43. 	for i := ClientHelloRandomOffset; i < ClientHelloRandomOffset+RandomLen; i++ {

  44. 		handshake[i] = 0

  45. 	}

  46. 

  47. 	rec := record.AcquireRecord()

  48. 	defer record.ReleaseRecord(rec)

  49. 

  50. 	rec.Type = record.TypeHandshake

  51. 	rec.Version = record.Version10

  52. 	rec.Payload.Write(handshake)

  53. 

  54. 	// mac is calculated for the whole record, not only

  55. 	// for the payload part

  56. 	mac := hmac.New(sha256.New, secret)

  57. 	rec.Dump(mac) // nolint: errcheck

  58. 

  59. 	computedRandom := mac.Sum(nil)

  60. 

  61. 	for i := 0; i < RandomLen; i++ {

  62. 		computedRandom[i] ^= hello.Random[i]

  63. 	}

  64. 

  65. 	for i := 0; i < RandomLen-4; i++ {

  66. 		if computedRandom[i] != 0 {

  67. 			return hello, ErrBadDigest

  68. 		}

  69. 	}

  70. 

  71. 	timestamp := int64(binary.LittleEndian.Uint32(computedRandom[RandomLen-4:]))

  72. 	hello.Time = time.Unix(timestamp, 0)

  73. 

  74. 	parseSessionID(&hello, handshake)

  75. 	parseCipherSuite(&hello, handshake)

  76. 	parseSNI(&hello, handshake)

  77. 

  78. 	return hello, nil

  79. }

  80. 

  81. func parseSessionID(hello *ClientHello, handshake []byte) {

  82. 	hello.SessionID = make([]byte, handshake[ClientHelloSessionIDOffset])

  83. 	copy(hello.SessionID, handshake[ClientHelloSessionIDOffset+1:])

  84. }

  85. 

  86. func parseCipherSuite(hello *ClientHello, handshake []byte) {

  87. 	cipherSuiteOffset := ClientHelloSessionIDOffset + len(hello.SessionID) + 3 // nolint: gomnd

  88. 	hello.CipherSuite = binary.BigEndian.Uint16(handshake[cipherSuiteOffset : cipherSuiteOffset+2])

  89. }

  90. 

  91. func parseSNI(hello *ClientHello, handshake []byte) {

  92. 	cipherSuiteOffset := ClientHelloSessionIDOffset + len(hello.SessionID) + 1

  93. 	handshake = handshake[cipherSuiteOffset:]

  94. 

  95. 	cipherSuiteLength := binary.BigEndian.Uint16(handshake[:2])

  96. 	handshake = handshake[2+cipherSuiteLength:]

  97. 

  98. 	compressionMethodsLength := int(handshake[0])

  99. 	handshake = handshake[1+compressionMethodsLength:]

  100. 

  101. 	extensionsLength := binary.BigEndian.Uint16(handshake[:2])

  102. 	handshake = handshake[2 : 2+extensionsLength]

  103. 

  104. 	for len(handshake) > 0 {

  105. 		if binary.BigEndian.Uint16(handshake[:2]) != ExtensionSNI {

  106. 			extensionsLength := binary.BigEndian.Uint16(handshake[2:4])

  107. 			handshake = handshake[4+extensionsLength:]

  108. 

  109. 			continue

  110. 		}

  111. 

  112. 		hostnameLength := binary.BigEndian.Uint16(handshake[7:9])

  113. 		handshake = handshake[9:]

  114. 		hello.Host = string(handshake[:int(hostnameLength)])

  115. 

  116. 		return

  117. 	}

  118. }