ei
/
mtg
mirror of https://github.com/9seconds/mtg
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 48 Wiki Activity
Highly-opinionated (ex-bullshit-free) MTPROTO proxy for Telegram. If you use v1.0 or upgrade broke you proxy, please read the chapter Version 2
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
946 Commits
4 Branches
Tree: 7aa01dcebe
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '7aa01dcebe'
${ noResults }
mtg/mtglib/internal/obfuscation/obfuscator.go

obfuscator.go 1.8KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687 
  1. package obfuscation

  2. 

  3. import (

  4. 	"crypto/aes"

  5. 	"crypto/cipher"

  6. 	"crypto/sha256"

  7. 	"crypto/subtle"

  8. 	"encoding/hex"

  9. 	"fmt"

  10. 	"hash"

  11. 	"io"

  12. 

  13. 	"github.com/9seconds/mtg/v2/essentials"

  14. )

  15. 

  16. type Obfuscator struct {

  17. 	Secret []byte

  18. }

  19. 

  20. func (o Obfuscator) ReadHandshake(r essentials.Conn) (int, essentials.Conn, error) {

  21. 	frame := handshakeFrame{}

  22. 

  23. 	if _, err := io.ReadFull(r, frame.data[:]); err != nil {

  24. 		return 0, nil, fmt.Errorf("cannot read frame: %w", err)

  25. 	}

  26. 

  27. 	hasher := sha256.New()

  28. 	recvCipher := o.getCipher(&frame, hasher)

  29. 

  30. 	frame.revert()

  31. 	hasher.Reset()

  32. 	sendCipher := o.getCipher(&frame, hasher)

  33. 

  34. 	recvCipher.XORKeyStream(frame.data[:], frame.data[:])

  35. 

  36. 	if val := frame.connectionType(); subtle.ConstantTimeCompare(val, hfConnectionType[:]) != 1 {

  37. 		return 0, nil, fmt.Errorf("unsupported connection type: %s", hex.EncodeToString(val))

  38. 	}

  39. 

  40. 	cn := conn{

  41. 		Conn:       r,

  42. 		recvCipher: recvCipher,

  43. 		sendCipher: sendCipher,

  44. 	}

  45. 

  46. 	return frame.dc(), cn, nil

  47. }

  48. 

  49. func (o Obfuscator) SendHandshake(w essentials.Conn, dc int) (essentials.Conn, error) {

  50. 	frame := generateHandshake(dc)

  51. 	copyFrame := frame

  52. 	hasher := sha256.New()

  53. 

  54. 	sendCipher := o.getCipher(&frame, hasher)

  55. 

  56. 	frame.revert()

  57. 	hasher.Reset()

  58. 	recvCipher := o.getCipher(&frame, hasher)

  59. 

  60. 	sendCipher.XORKeyStream(frame.data[:], frame.data[:])

  61. 	copy(frame.key(), copyFrame.key())

  62. 	copy(frame.iv(), copyFrame.iv())

  63. 

  64. 	if _, err := w.Write(frame.data[:]); err != nil {

  65. 		return nil, fmt.Errorf("cannot send a handshake: %w", err)

  66. 	}

  67. 

  68. 	return conn{

  69. 		Conn:       w,

  70. 		recvCipher: recvCipher,

  71. 		sendCipher: sendCipher,

  72. 	}, nil

  73. }

  74. 

  75. func (o Obfuscator) getCipher(f *handshakeFrame, hasher hash.Hash) cipher.Stream {

  76. 	blockKey := f.key()

  77. 

  78. 	if o.Secret != nil {

  79. 		hasher.Write(blockKey)

  80. 		hasher.Write(o.Secret)

  81. 		blockKey = hasher.Sum(nil)

  82. 	}

  83. 

  84. 	block, _ := aes.NewCipher(blockKey)

  85. 

  86. 	return cipher.NewCTR(block, f.iv())

  87. }