ei
/
mtg
peilaus alkaen https://github.com/9seconds/mtg
Tarkkaile 1
Äänestä 0
Fork 0
Koodi Ongelmat 0 Julkaisut 48 Wiki Activity
Highly-opinionated (ex-bullshit-free) MTPROTO proxy for Telegram. If you use v1.0 or upgrade broke you proxy, please read the chapter Version 2
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
180 Commitit
4 Branchit
Puu: 591500de41
Branchit Tagit
${ item.name }
Create branch ${ searchTerm }
from '591500de41'
${ noResults }
mtg/wrappers/mtproto_cipher.go

mtproto_cipher.go 2.7KB
Historia Raaka

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798 
  1. package wrappers

  2. 

  3. import (

  4. 	"bytes"

  5. 	"crypto/aes"

  6. 	"crypto/cipher"

  7. 	"crypto/md5"  // nolint: gas

  8. 	"crypto/sha1" // nolint: gosec

  9. 	"encoding/binary"

  10. 	"net"

  11. 

  12. 	"github.com/9seconds/mtg/mtproto/rpc"

  13. 	"github.com/9seconds/mtg/utils"

  14. )

  15. 

  16. type cipherPurpose uint8

  17. 

  18. const (

  19. 	cipherPurposeClient cipherPurpose = iota

  20. 	cipherPurposeServer

  21. )

  22. 

  23. var emptyIP = [4]byte{0x00, 0x00, 0x00, 0x00}

  24. 

  25. // NewMiddleProxyCipher creates new block cipher to proxy<->telegram

  26. // connection.

  27. func NewMiddleProxyCipher(conn StreamReadWriteCloser,

  28. 	req *rpc.NonceRequest, resp *rpc.NonceResponse, secret []byte) StreamReadWriteCloser {

  29. 	localAddr := conn.LocalAddr()

  30. 	remoteAddr := conn.RemoteAddr()

  31. 

  32. 	encKey, encIV := deriveKeys(cipherPurposeClient, req, resp, localAddr, remoteAddr, secret)

  33. 	decKey, decIV := deriveKeys(cipherPurposeServer, req, resp, localAddr, remoteAddr, secret)

  34. 

  35. 	enc, _ := makeEncrypterDecrypter(encKey, encIV)

  36. 	_, dec := makeEncrypterDecrypter(decKey, decIV)

  37. 

  38. 	return NewBlockCipher(conn, enc, dec)

  39. }

  40. 

  41. func deriveKeys(purpose cipherPurpose, req *rpc.NonceRequest, resp *rpc.NonceResponse,

  42. 	client, remote *net.TCPAddr, secret []byte) ([]byte, []byte) {

  43. 	message := bytes.Buffer{}

  44. 	message.Write(resp.Nonce)   // nolint: gosec

  45. 	message.Write(req.Nonce)    // nolint: gosec

  46. 	message.Write(req.CryptoTS) // nolint: gosec

  47. 

  48. 	clientIPv4 := emptyIP[:]

  49. 	serverIPv4 := emptyIP[:]

  50. 	if client.IP.To4() != nil {

  51. 		clientIPv4 = utils.ReverseBytes(client.IP.To4())

  52. 		serverIPv4 = utils.ReverseBytes(remote.IP.To4())

  53. 	}

  54. 	message.Write(serverIPv4) // nolint: gosec

  55. 

  56. 	var port [2]byte

  57. 	binary.LittleEndian.PutUint16(port[:], uint16(client.Port))

  58. 	message.Write(port[:]) // nolint: gosec

  59. 

  60. 	switch purpose {

  61. 	case cipherPurposeClient:

  62. 		message.WriteString("CLIENT") // nolint: gosec

  63. 	case cipherPurposeServer:

  64. 		message.WriteString("SERVER") // nolint: gosec

  65. 	default:

  66. 		panic("Unexpected cipher purpose")

  67. 	}

  68. 

  69. 	message.Write(clientIPv4) // nolint: gosec

  70. 	binary.LittleEndian.PutUint16(port[:], uint16(remote.Port))

  71. 	message.Write(port[:])    // nolint: gosec

  72. 	message.Write(secret)     // nolint: gosec

  73. 	message.Write(resp.Nonce) // nolint: gosec

  74. 

  75. 	if client.IP.To4() == nil {

  76. 		message.Write(client.IP.To16()) // nolint: gosec

  77. 		message.Write(remote.IP.To16()) // nolint: gosec

  78. 	}

  79. 	message.Write(req.Nonce) // nolint: gosec

  80. 

  81. 	data := message.Bytes()

  82. 	md5sum := md5.Sum(data[1:]) // nolint: gas

  83. 	sha1sum := sha1.Sum(data)   // nolint: gosec

  84. 

  85. 	key := append(md5sum[:12], sha1sum[:]...)

  86. 	iv := md5.Sum(data[2:]) // nolint: gas

  87. 

  88. 	return key, iv[:]

  89. }

  90. 

  91. func makeEncrypterDecrypter(key, iv []byte) (cipher.BlockMode, cipher.BlockMode) {

  92. 	block, err := aes.NewCipher(key)

  93. 	if err != nil {

  94. 		panic(err)

  95. 	}

  96. 

  97. 	return cipher.NewCBCEncrypter(block, iv), cipher.NewCBCDecrypter(block, iv)

  98. }