ei
/
mtg
огледало от https://github.com/9seconds/mtg
Наблюдаван 1
Харесван 0
Разклонения 0
Код Задачи 0 Версии 48 Уики Activity
Highly-opinionated (ex-bullshit-free) MTPROTO proxy for Telegram. If you use v1.0 or upgrade broke you proxy, please read the chapter Version 2
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
332 Ревизии
4 Клонове
ИН на ревизия: 843fc4b70f
Клонове Маркери
${ item.name }
Create branch ${ searchTerm }
от '843fc4b70f'
${ noResults }
mtg/wrappers/stream/mtproto_cipher.go

mtproto_cipher.go 2.8KB
История Директен файл

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116 
  1. package stream

  2. 

  3. import (

  4. 	"bytes"

  5. 	"crypto/aes"

  6. 	"crypto/cipher"

  7. 	"crypto/md5"  // nolint: gosec

  8. 	"crypto/sha1" // nolint: gosec

  9. 	"encoding/binary"

  10. 	"net"

  11. 

  12. 	"github.com/9seconds/mtg/conntypes"

  13. 	"github.com/9seconds/mtg/mtproto/rpc"

  14. 	"github.com/9seconds/mtg/utils"

  15. )

  16. 

  17. type mtprotoCipherPurpose uint8

  18. 

  19. const (

  20. 	mtprotoCipherPurposeClient mtprotoCipherPurpose = iota

  21. 	mtprotoCipherPurposeServer

  22. )

  23. 

  24. var mtprotoEmptyIP = [4]byte{0x00, 0x00, 0x00, 0x00}

  25. 

  26. func NewMiddleProxyCipher(parent conntypes.StreamReadWriteCloser,

  27. 	req *rpc.NonceRequest,

  28. 	resp *rpc.NonceResponse,

  29. 	secret []byte) conntypes.StreamReadWriteCloser {

  30. 	localAddr := parent.LocalAddr()

  31. 	remoteAddr := parent.RemoteAddr()

  32. 

  33. 	encKey, encIV := mtprotoDeriveKeys(mtprotoCipherPurposeClient,

  34. 		req,

  35. 		resp,

  36. 		localAddr,

  37. 		remoteAddr,

  38. 		secret)

  39. 	decKey, decIV := mtprotoDeriveKeys(mtprotoCipherPurposeServer,

  40. 		req,

  41. 		resp,

  42. 		localAddr,

  43. 		remoteAddr,

  44. 		secret)

  45. 

  46. 	enc, _ := mtprotoMakeEncrypterDecrypter(encKey, encIV)

  47. 	_, dec := mtprotoMakeEncrypterDecrypter(decKey, decIV)

  48. 

  49. 	return newBlockCipher(parent, enc, dec)

  50. }

  51. 

  52. func mtprotoDeriveKeys(purpose mtprotoCipherPurpose,

  53. 	req *rpc.NonceRequest,

  54. 	resp *rpc.NonceResponse,

  55. 	client, remote *net.TCPAddr,

  56. 	secret []byte) ([]byte, []byte) {

  57. 	message := bytes.Buffer{}

  58. 	message.Write(resp.Nonce)   // nolint: gosec

  59. 	message.Write(req.Nonce)    // nolint: gosec

  60. 	message.Write(req.CryptoTS) // nolint: gosec

  61. 

  62. 	clientIPv4 := mtprotoEmptyIP[:]

  63. 	serverIPv4 := mtprotoEmptyIP[:]

  64. 

  65. 	if client.IP.To4() != nil {

  66. 		clientIPv4 = utils.ReverseBytes(client.IP.To4())

  67. 		serverIPv4 = utils.ReverseBytes(remote.IP.To4())

  68. 	}

  69. 

  70. 	message.Write(serverIPv4) // nolint: gosec

  71. 

  72. 	var port [2]byte

  73. 

  74. 	binary.LittleEndian.PutUint16(port[:], uint16(client.Port))

  75. 	message.Write(port[:]) // nolint: gosec

  76. 

  77. 	switch purpose {

  78. 	case mtprotoCipherPurposeClient:

  79. 		message.WriteString("CLIENT") // nolint: gosec

  80. 	case mtprotoCipherPurposeServer:

  81. 		message.WriteString("SERVER") // nolint: gosec

  82. 	default:

  83. 		panic("Unexpected cipher purpose")

  84. 	}

  85. 

  86. 	message.Write(clientIPv4) // nolint: gosec

  87. 	binary.LittleEndian.PutUint16(port[:], uint16(remote.Port))

  88. 	message.Write(port[:])    // nolint: gosec

  89. 	message.Write(secret)     // nolint: gosec

  90. 	message.Write(resp.Nonce) // nolint: gosec

  91. 

  92. 	if client.IP.To4() == nil {

  93. 		message.Write(client.IP.To16()) // nolint: gosec

  94. 		message.Write(remote.IP.To16()) // nolint: gosec

  95. 	}

  96. 

  97. 	message.Write(req.Nonce) // nolint: gosec

  98. 

  99. 	data := message.Bytes()

  100. 	md5sum := md5.Sum(data[1:]) // nolint: gas

  101. 	sha1sum := sha1.Sum(data)   // nolint: gosec

  102. 

  103. 	key := append(md5sum[:12], sha1sum[:]...)

  104. 	iv := md5.Sum(data[2:]) // nolint: gas

  105. 

  106. 	return key, iv[:]

  107. }

  108. 

  109. func mtprotoMakeEncrypterDecrypter(key, iv []byte) (cipher.BlockMode, cipher.BlockMode) {

  110. 	block, err := aes.NewCipher(key)

  111. 	if err != nil {

  112. 		panic(err)

  113. 	}

  114. 

  115. 	return cipher.NewCBCEncrypter(block, iv), cipher.NewCBCDecrypter(block, iv)

  116. }