ei
/
mtg
зеркало из https://github.com/9seconds/mtg
Следить 1
В избранное 0
Форкнуть 0
Код Задачи 0 Релизы 48 Вики Активность
Highly-opinionated (ex-bullshit-free) MTPROTO proxy for Telegram. If you use v1.0 or upgrade broke you proxy, please read the chapter Version 2
Вы не можете выбрать более 25 тем Темы должны начинаться с буквы или цифры, могут содержать дефисы(-) и должны содержать не более 35 символов.
131 коммит
4 Ветки
Дерево: e5612bfa91
Ветки Теги
${ item.name }
Создать ветку ${ searchTerm }
из 'e5612bfa91'
${ noResults }
mtg/wrappers/mtproto_cipher.go

mtproto_cipher.go 2.4KB
История Исходник

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596 
  1. package wrappers

  2. 

  3. import (

  4. 	"bytes"

  5. 	"crypto/aes"

  6. 	"crypto/cipher"

  7. 	"crypto/md5" // nolint: gas

  8. 	"crypto/sha1"

  9. 	"encoding/binary"

  10. 	"net"

  11. 

  12. 	"github.com/9seconds/mtg/mtproto/rpc"

  13. 	"github.com/9seconds/mtg/utils"

  14. )

  15. 

  16. type cipherPurpose uint8

  17. 

  18. const (

  19. 	cipherPurposeClient cipherPurpose = iota

  20. 	cipherPurposeServer

  21. )

  22. 

  23. var emptyIP = [4]byte{0x00, 0x00, 0x00, 0x00}

  24. 

  25. // NewMiddleProxyCipher creates new block cipher to proxy<->telegram

  26. // connection.

  27. func NewMiddleProxyCipher(conn StreamReadWriteCloser, req *rpc.NonceRequest, resp *rpc.NonceResponse, secret []byte) StreamReadWriteCloser {

  28. 	localAddr := conn.LocalAddr()

  29. 	remoteAddr := conn.RemoteAddr()

  30. 

  31. 	encKey, encIV := deriveKeys(cipherPurposeClient, req, resp, localAddr, remoteAddr, secret)

  32. 	decKey, decIV := deriveKeys(cipherPurposeServer, req, resp, localAddr, remoteAddr, secret)

  33. 

  34. 	enc, _ := makeEncrypterDecrypter(encKey, encIV)

  35. 	_, dec := makeEncrypterDecrypter(decKey, decIV)

  36. 

  37. 	return NewBlockCipher(conn, enc, dec)

  38. }

  39. 

  40. func deriveKeys(purpose cipherPurpose, req *rpc.NonceRequest, resp *rpc.NonceResponse, client *net.TCPAddr, remote *net.TCPAddr, secret []byte) ([]byte, []byte) {

  41. 	message := bytes.Buffer{}

  42. 	message.Write(resp.Nonce[:])

  43. 	message.Write(req.Nonce[:])

  44. 	message.Write(req.CryptoTS[:])

  45. 

  46. 	clientIPv4 := emptyIP[:]

  47. 	serverIPv4 := emptyIP[:]

  48. 	if client.IP.To4() != nil {

  49. 		clientIPv4 = utils.ReverseBytes(client.IP.To4())

  50. 		serverIPv4 = utils.ReverseBytes(remote.IP.To4())

  51. 	}

  52. 	message.Write(serverIPv4)

  53. 

  54. 	var port [2]byte

  55. 	binary.LittleEndian.PutUint16(port[:], uint16(client.Port))

  56. 	message.Write(port[:])

  57. 

  58. 	switch purpose {

  59. 	case cipherPurposeClient:

  60. 		message.WriteString("CLIENT")

  61. 	case cipherPurposeServer:

  62. 		message.WriteString("SERVER")

  63. 	default:

  64. 		panic("Unexpected cipher purpose")

  65. 	}

  66. 

  67. 	message.Write(clientIPv4)

  68. 	binary.LittleEndian.PutUint16(port[:], uint16(remote.Port))

  69. 	message.Write(port[:])

  70. 	message.Write(secret)

  71. 	message.Write(resp.Nonce[:])

  72. 

  73. 	if client.IP.To4() == nil {

  74. 		message.Write(client.IP.To16())

  75. 		message.Write(remote.IP.To16())

  76. 	}

  77. 	message.Write(req.Nonce[:])

  78. 

  79. 	data := message.Bytes()

  80. 	md5sum := md5.Sum(data[1:]) // nolint: gas

  81. 	sha1sum := sha1.Sum(data)

  82. 

  83. 	key := append(md5sum[:12], sha1sum[:]...)

  84. 	iv := md5.Sum(data[2:]) // nolint: gas

  85. 

  86. 	return key, iv[:]

  87. }

  88. 

  89. func makeEncrypterDecrypter(key, iv []byte) (cipher.BlockMode, cipher.BlockMode) {

  90. 	block, err := aes.NewCipher(key)

  91. 	if err != nil {

  92. 		panic(err)

  93. 	}

  94. 

  95. 	return cipher.NewCBCEncrypter(block, iv), cipher.NewCBCDecrypter(block, iv)

  96. }