ei
/
mtg
miroir de https://github.com/9seconds/mtg
Suivre 1
Ajouter aux favoris 0
Bifurcation 0
Code Tickets 0 Versions 48 Wiki Activité
Highly-opinionated (ex-bullshit-free) MTPROTO proxy for Telegram. If you use v1.0 or upgrade broke you proxy, please read the chapter Version 2
Vous ne pouvez pas sélectionner plus de 25 sujets Les noms de sujets doivent commencer par une lettre ou un nombre, peuvent contenir des tirets ('-') et peuvent comporter jusqu'à 35 caractères.
257 Révisions
11 Branches
Aborescence: b280f47731
Branches Tags
${ item.name }
Créer la branche ${ searchTerm }
de 'b280f47731'
${ noResults }
mtg/wrappers/mtproto_cipher.go

mtproto_cipher.go 2.7KB
Historique Brut

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111 
  1. package wrappers

  2. 

  3. import (

  4. 	"bytes"

  5. 	"crypto/aes"

  6. 	"crypto/cipher"

  7. 	"crypto/md5"

  8. 	"crypto/sha1"

  9. 	"encoding/binary"

  10. 	"net"

  11. 

  12. 	"github.com/9seconds/mtg/mtproto/rpc"

  13. 	"github.com/9seconds/mtg/utils"

  14. )

  15. 

  16. type mtprotoCipherPurpose uint8

  17. 

  18. const (

  19. 	mtprotoCipherPurposeClient mtprotoCipherPurpose = iota

  20. 	mtprotoCipherPurposeServer

  21. )

  22. 

  23. var mtprotoEmptyIP = [4]byte{0x00, 0x00, 0x00, 0x00}

  24. 

  25. func NewMiddleProxyCipher(parent StreamReadWriteCloser,

  26. 	req *rpc.NonceRequest,

  27. 	resp *rpc.NonceResponse,

  28. 	secret []byte) StreamReadWriteCloser {

  29. 	localAddr := parent.LocalAddr()

  30. 	remoteAddr := parent.RemoteAddr()

  31. 

  32. 	encKey, encIV := mtprotoDeriveKeys(mtprotoCipherPurposeClient,

  33. 		req,

  34. 		resp,

  35. 		localAddr,

  36. 		remoteAddr,

  37. 		secret)

  38. 	decKey, decIV := mtprotoDeriveKeys(mtprotoCipherPurposeServer,

  39. 		req,

  40. 		resp,

  41. 		localAddr,

  42. 		remoteAddr,

  43. 		secret)

  44. 

  45. 	enc, _ := mtprotoMakeEncrypterDecrypter(encKey, encIV)

  46. 	_, dec := mtprotoMakeEncrypterDecrypter(decKey, decIV)

  47. 

  48. 	return newBlockCipher(parent, enc, dec)

  49. }

  50. 

  51. func mtprotoDeriveKeys(purpose mtprotoCipherPurpose,

  52. 	req *rpc.NonceRequest,

  53. 	resp *rpc.NonceResponse,

  54. 	client, remote *net.TCPAddr,

  55. 	secret []byte) ([]byte, []byte) {

  56. 	message := bytes.Buffer{}

  57. 	message.Write(resp.Nonce)   // nolint: gosec

  58. 	message.Write(req.Nonce)    // nolint: gosec

  59. 	message.Write(req.CryptoTS) // nolint: gosec

  60. 

  61. 	clientIPv4 := mtprotoEmptyIP[:]

  62. 	serverIPv4 := mtprotoEmptyIP[:]

  63. 	if client.IP.To4() != nil {

  64. 		clientIPv4 = utils.ReverseBytes(client.IP.To4())

  65. 		serverIPv4 = utils.ReverseBytes(remote.IP.To4())

  66. 	}

  67. 	message.Write(serverIPv4) // nolint: gosec

  68. 

  69. 	var port [2]byte

  70. 	binary.LittleEndian.PutUint16(port[:], uint16(client.Port))

  71. 	message.Write(port[:]) // nolint: gosec

  72. 

  73. 	switch purpose {

  74. 	case mtprotoCipherPurposeClient:

  75. 		message.WriteString("CLIENT") // nolint: gosec

  76. 	case mtprotoCipherPurposeServer:

  77. 		message.WriteString("SERVER") // nolint: gosec

  78. 	default:

  79. 		panic("Unexpected cipher purpose")

  80. 	}

  81. 

  82. 	message.Write(clientIPv4) // nolint: gosec

  83. 	binary.LittleEndian.PutUint16(port[:], uint16(remote.Port))

  84. 	message.Write(port[:])    // nolint: gosec

  85. 	message.Write(secret)     // nolint: gosec

  86. 	message.Write(resp.Nonce) // nolint: gosec

  87. 

  88. 	if client.IP.To4() == nil {

  89. 		message.Write(client.IP.To16()) // nolint: gosec

  90. 		message.Write(remote.IP.To16()) // nolint: gosec

  91. 	}

  92. 	message.Write(req.Nonce) // nolint: gosec

  93. 

  94. 	data := message.Bytes()

  95. 	md5sum := md5.Sum(data[1:]) // nolint: gas

  96. 	sha1sum := sha1.Sum(data)   // nolint: gosec

  97. 

  98. 	key := append(md5sum[:12], sha1sum[:]...)

  99. 	iv := md5.Sum(data[2:]) // nolint: gas

  100. 

  101. 	return key, iv[:]

  102. }

  103. 

  104. func mtprotoMakeEncrypterDecrypter(key, iv []byte) (cipher.BlockMode, cipher.BlockMode) {

  105. 	block, err := aes.NewCipher(key)

  106. 	if err != nil {

  107. 		panic(err)

  108. 	}

  109. 

  110. 	return cipher.NewCBCEncrypter(block, iv), cipher.NewCBCDecrypter(block, iv)

  111. }