ei
/
mtg
зеркало из https://github.com/9seconds/mtg
Следить 1
В избранное 0
Форкнуть 0
Код Задачи 0 Релизы 48 Вики Активность
Highly-opinionated (ex-bullshit-free) MTPROTO proxy for Telegram. If you use v1.0 or upgrade broke you proxy, please read the chapter Version 2
Вы не можете выбрать более 25 тем Темы должны начинаться с буквы или цифры, могут содержать дефисы(-) и должны содержать не более 35 символов.
942 коммитов
4 Ветки
Дерево: 9f12620dba
Ветки Теги
${ item.name }
Создать ветку ${ searchTerm }
из '9f12620dba'
${ noResults }
mtg/mtglib/internal/faketls/client_hello.go

client_hello.go 3.6KB
История Исходник

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134 
  1. package faketls

  2. 

  3. import (

  4. 	"crypto/hmac"

  5. 	"crypto/sha256"

  6. 	"crypto/subtle"

  7. 	"encoding/binary"

  8. 	"fmt"

  9. 	"time"

  10. 

  11. 	"github.com/9seconds/mtg/v2/mtglib/internal/faketls/record"

  12. )

  13. 

  14. type ClientHello struct {

  15. 	Time        time.Time

  16. 	Random      [RandomLen]byte

  17. 	SessionID   []byte

  18. 	Host        string

  19. 	CipherSuite uint16

  20. }

  21. 

  22. func (c ClientHello) Valid(hostname string, tolerateTimeSkewness time.Duration) error {

  23. 	if c.Host != "" && c.Host != hostname {

  24. 		return fmt.Errorf("incorrect hostname %s", hostname)

  25. 	}

  26. 

  27. 	now := time.Now()

  28. 

  29. 	timeDiff := now.Sub(c.Time)

  30. 	if timeDiff < 0 {

  31. 		timeDiff = -timeDiff

  32. 	}

  33. 

  34. 	if timeDiff > tolerateTimeSkewness {

  35. 		return fmt.Errorf("incorrect timestamp. got=%d, now=%d, diff=%s",

  36. 			c.Time.Unix(), now.Unix(), timeDiff.String())

  37. 	}

  38. 

  39. 	return nil

  40. }

  41. 

  42. func ParseClientHello(secret, handshake []byte) (ClientHello, error) {

  43. 	hello := ClientHello{}

  44. 

  45. 	if len(handshake) < ClientHelloMinLen {

  46. 		return hello, fmt.Errorf("lengh of handshake is too small: %d", len(handshake))

  47. 	}

  48. 

  49. 	if handshake[0] != HandshakeTypeClient {

  50. 		return hello, fmt.Errorf("unknown handshake type %#x", handshake[0])

  51. 	}

  52. 

  53. 	handshakeSizeBytes := [4]byte{0, handshake[1], handshake[2], handshake[3]}

  54. 	handshakeLength := binary.BigEndian.Uint32(handshakeSizeBytes[:])

  55. 

  56. 	if len(handshake)-4 != int(handshakeLength) {

  57. 		return hello,

  58. 			fmt.Errorf("incorrect handshake size. manifested=%d, real=%d",

  59. 				handshakeLength, len(handshake)-4)

  60. 	}

  61. 

  62. 	copy(hello.Random[:], handshake[ClientHelloRandomOffset:])

  63. 	copy(handshake[ClientHelloRandomOffset:], clientHelloEmptyRandom)

  64. 

  65. 	rec := record.AcquireRecord()

  66. 	defer record.ReleaseRecord(rec)

  67. 

  68. 	rec.Type = record.TypeHandshake

  69. 	rec.Version = record.Version10

  70. 	rec.Payload.Write(handshake)

  71. 

  72. 	// mac is calculated for the whole record, not only

  73. 	// for the payload part

  74. 	mac := hmac.New(sha256.New, secret)

  75. 	rec.Dump(mac) //nolint: errcheck

  76. 

  77. 	computedRandom := mac.Sum(nil)

  78. 

  79. 	for i := range RandomLen {

  80. 		computedRandom[i] ^= hello.Random[i]

  81. 	}

  82. 

  83. 	if subtle.ConstantTimeCompare(clientHelloEmptyRandom[:RandomLen-4], computedRandom[:RandomLen-4]) != 1 {

  84. 		return hello, ErrBadDigest

  85. 	}

  86. 

  87. 	timestamp := int64(binary.LittleEndian.Uint32(computedRandom[RandomLen-4:]))

  88. 	hello.Time = time.Unix(timestamp, 0)

  89. 

  90. 	parseSessionID(&hello, handshake)

  91. 	parseCipherSuite(&hello, handshake)

  92. 	parseSNI(&hello, handshake)

  93. 

  94. 	return hello, nil

  95. }

  96. 

  97. func parseSessionID(hello *ClientHello, handshake []byte) {

  98. 	hello.SessionID = make([]byte, handshake[ClientHelloSessionIDOffset])

  99. 	copy(hello.SessionID, handshake[ClientHelloSessionIDOffset+1:])

  100. }

  101. 

  102. func parseCipherSuite(hello *ClientHello, handshake []byte) {

  103. 	cipherSuiteOffset := ClientHelloSessionIDOffset + len(hello.SessionID) + 3

  104. 	hello.CipherSuite = binary.BigEndian.Uint16(handshake[cipherSuiteOffset : cipherSuiteOffset+2])

  105. }

  106. 

  107. func parseSNI(hello *ClientHello, handshake []byte) {

  108. 	cipherSuiteOffset := ClientHelloSessionIDOffset + len(hello.SessionID) + 1

  109. 	handshake = handshake[cipherSuiteOffset:]

  110. 

  111. 	cipherSuiteLength := binary.BigEndian.Uint16(handshake[:2])

  112. 	handshake = handshake[2+cipherSuiteLength:]

  113. 

  114. 	compressionMethodsLength := int(handshake[0])

  115. 	handshake = handshake[1+compressionMethodsLength:]

  116. 

  117. 	extensionsLength := binary.BigEndian.Uint16(handshake[:2])

  118. 	handshake = handshake[2 : 2+extensionsLength]

  119. 

  120. 	for len(handshake) > 0 {

  121. 		if binary.BigEndian.Uint16(handshake[:2]) != ExtensionSNI {

  122. 			extensionsLength := binary.BigEndian.Uint16(handshake[2:4])

  123. 			handshake = handshake[4+extensionsLength:]

  124. 

  125. 			continue

  126. 		}

  127. 

  128. 		hostnameLength := binary.BigEndian.Uint16(handshake[7:9])

  129. 		handshake = handshake[9:]

  130. 		hello.Host = string(handshake[:int(hostnameLength)])

  131. 

  132. 		return

  133. 	}

  134. }