moony/blinksocks
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

presets: fix hard coded "userKey" in ssr-auth-xxx

Browse Source
This commit is contained in:
Micooz 2017-11-07 21:44:02 +08:00
parent 2054b60430
commit e2f817071e
4 changed files with 17 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/presets/ssr-auth-aes128.js
View File

File diff suppressed because one or more lines are too long

2
lib/presets/ssr-auth-chain-b.js
View File

@ -1 +1 @@
'use strict';Object.defineProperty(exports,'__esModule',{value:true});var _ssrAuthChain=require('./ssr-auth-chain');var _ssrAuthChain2=_interopRequireDefault(_ssrAuthChain);function _interopRequireDefault(obj){return obj&&obj.__esModule?obj:{default:obj}}function bisect_left(array,x,low=0,high=array.length){let mid;while(low<high){mid=low+high>>1;if(array[mid]<x){low=mid+1}else{high=mid}}return low}class SsrAuthChainBPreset extends _ssrAuthChain2.default{constructor(params){super(params);this._data_size_list=[];this._data_size_list2=[];this._salt='auth_chain_b';const rng=(0,_ssrAuthChain.xorshift128plus)();rng.init_from_bin(_ssrAuthChain2.default.userKey);let len=rng.next().mod(8).add(4).toNumber();for(let i=0;i<len;++i){this._data_size_list.push(rng.next().mod(2340).mod(2040).mod(1440).toNumber())}len=rng.next().mod(16).add(8).toNumber();for(let i=0;i<len;++i){this._data_size_list2.push(rng.next().mod(2340).mod(2040).mod(1440).toNumber())}this._data_size_list.sort((a,b)=>a-b);this._data_size_list2.sort((a,b)=>a-b)}onDestroy(){super.onDestroy();this._data_size_list=null;this._data_size_list2=null}getRandomBytesLengthForTcp(seed,base,rng){if(base>=1440){return 0}rng.init_from_bin_datalen(seed,base);const list_1=this._data_size_list;const list_2=this._data_size_list2;const overhead=this._overhead;let pos=bisect_left(list_1,base+overhead);pos=pos+rng.next().mod(list_1.length).toNumber();if(pos<list_1.length){return list_1[pos]-base-overhead}pos=bisect_left(list_2,base+overhead);const final_pos=pos+rng.next().mod(list_2.length).toNumber();if(final_pos<list_2.length){return list_2[final_pos]-base-overhead}if(final_pos<pos+list_2.length-1){return 0}let random_bytes_len;if(base>1300){random_bytes_len=rng.next().mod(31)}else if(base>900){random_bytes_len=rng.next().mod(127)}else if(base>400){random_bytes_len=rng.next().mod(521)}else{random_bytes_len=rng.next().mod(1021)}return random_bytes_len.toNumber()}}exports.default=SsrAuthChainBPreset;
'use strict';Object.defineProperty(exports,'__esModule',{value:true});var _ssrAuthChain=require('./ssr-auth-chain');var _ssrAuthChain2=_interopRequireDefault(_ssrAuthChain);function _interopRequireDefault(obj){return obj&&obj.__esModule?obj:{default:obj}}function bisect_left(array,x,low=0,high=array.length){let mid;while(low<high){mid=low+high>>1;if(array[mid]<x){low=mid+1}else{high=mid}}return low}class SsrAuthChainBPreset extends _ssrAuthChain2.default{constructor(params){super(params);this._data_size_list=[];this._data_size_list2=[];this._salt='auth_chain_b'}onDestroy(){super.onDestroy();this._data_size_list=null;this._data_size_list2=null}initDataSizeLists(){const rng=(0,_ssrAuthChain.xorshift128plus)();rng.init_from_bin(this.readProperty('ss-stream-cipher','key'));let len=rng.next().mod(8).add(4).toNumber();for(let i=0;i<len;++i){this._data_size_list.push(rng.next().mod(2340).mod(2040).mod(1440).toNumber())}len=rng.next().mod(16).add(8).toNumber();for(let i=0;i<len;++i){this._data_size_list2.push(rng.next().mod(2340).mod(2040).mod(1440).toNumber())}this._data_size_list.sort((a,b)=>a-b);this._data_size_list2.sort((a,b)=>a-b)}getRandomBytesLengthForTcp(seed,base,rng){if(this._data_size_list.length<1||this._data_size_list2.length<1){this.initDataSizeLists()}if(base>=1440){return 0}rng.init_from_bin_datalen(seed,base);const list_1=this._data_size_list;const list_2=this._data_size_list2;const overhead=this._overhead;let pos=bisect_left(list_1,base+overhead);pos=pos+rng.next().mod(list_1.length).toNumber();if(pos<list_1.length){return list_1[pos]-base-overhead}pos=bisect_left(list_2,base+overhead);const final_pos=pos+rng.next().mod(list_2.length).toNumber();if(final_pos<list_2.length){return list_2[final_pos]-base-overhead}if(final_pos<pos+list_2.length-1){return 0}let random_bytes_len;if(base>1300){random_bytes_len=rng.next().mod(31)}else if(base>900){random_bytes_len=rng.next().mod(127)}else if(base>400){random_bytes_len=rng.next().mod(521)}else{random_bytes_len=rng.next().mod(1021)}return random_bytes_len.toNumber()}}exports.default=SsrAuthChainBPreset;

4
src/presets/ssr-auth-aes128.js
View File

@ -169,7 +169,7 @@ export default class SsrAuthAes128Preset extends IPreset {
// part 3, chunks
const random_bytes = crypto.randomBytes(random_bytes_len);
let part3 = Buffer.concat([random_bytes, buffer]);
const part3_hmac = this.createHmac(Buffer.concat([part1, part2, part3])).slice(0, 4);
const part3_hmac = this.createHmac(Buffer.concat([part1, part2, part3]), userKey).slice(0, 4);
part3 = Buffer.concat([part3, part3_hmac]);
return Buffer.concat([part1, part2, part3]);
@ -266,7 +266,7 @@ export default class SsrAuthAes128Preset extends IPreset {
// part 3
// const random_bytes = buffer.slice(31, 31 + random_bytes_len);
const part3_hmac = buffer.slice(pack_len - 4, pack_len);
const part3_hmac_calc = this.createHmac(buffer.slice(0, pack_len - 4)).slice(0, 4);
const part3_hmac_calc = this.createHmac(buffer.slice(0, pack_len - 4), userKey).slice(0, 4);
if (!part3_hmac_calc.equals(part3_hmac)) {
return fail(`unexpected hmac in part 3, dump=${dumpHex(buffer)}`);
}

20
src/presets/ssr-auth-chain-b.js
View File

@ -44,8 +44,17 @@ export default class SsrAuthChainBPreset extends SsrAuthChainPreset {
constructor(params) {
super(params);
this._salt = 'auth_chain_b';
}
onDestroy() {
super.onDestroy();
this._data_size_list = null;
this._data_size_list2 = null;
}
initDataSizeLists() {
const rng = xorshift128plus();
rng.init_from_bin(SsrAuthChainPreset.userKey);
rng.init_from_bin(this.readProperty('ss-stream-cipher', 'key'));
// _data_size_list
let len = rng.next().mod(8).add(4).toNumber();
for (let i = 0; i < len; ++i) {
@ -60,13 +69,10 @@ export default class SsrAuthChainBPreset extends SsrAuthChainPreset {
this._data_size_list2.sort((a, b) => a - b);
}
onDestroy() {
super.onDestroy();
this._data_size_list = null;
this._data_size_list2 = null;
}
getRandomBytesLengthForTcp(seed, base, rng) {
if (this._data_size_list.length < 1 || this._data_size_list2.length < 1) {
this.initDataSizeLists();
}
if (base >= 1440) {
return 0;
}