diff --git a/src/encrypt.c b/src/encrypt.c index 301dfca4..361592ac 100644 --- a/src/encrypt.c +++ b/src/encrypt.c @@ -1478,7 +1478,7 @@ int enc_init(const char *pass, const char *method) return m; } -int ss_check_hash(char **buf_ptr, ssize_t *buf_len, struct chunk *chunk, int buf_size) +int ss_check_hash(char **buf_ptr, ssize_t *buf_len, struct chunk *chunk, struct enc_ctx *ctx, int buf_size) { int i, j, k; char *buf = *buf_ptr; @@ -1511,12 +1511,12 @@ int ss_check_hash(char **buf_ptr, ssize_t *buf_len, struct chunk *chunk, int buf if (cidx == chunk->len + AUTH_BYTES) { // Compare hash uint8_t *hash = (uint8_t *)malloc(chunk->len); - uint8_t key[MAX_KEY_LENGTH + sizeof(uint32_t)]; + uint8_t key[MAX_IV_LENGTH + sizeof(uint32_t)]; - memcpy(key, enc_key, enc_key_len); - memcpy(key + enc_key_len, &chunk->counter, sizeof(uint32_t)); + memcpy(key, ctx->evp.iv, enc_key_len); + memcpy(key + enc_iv_len, &chunk->counter, sizeof(uint32_t)); crypto_generichash(hash, HASH_BYTES, (uint8_t *)chunk->buf + AUTH_BYTES, chunk->len, - key, enc_key_len + sizeof(uint32_t)); + key, enc_iv_len + sizeof(uint32_t)); if (memcmp(hash, chunk->buf + CLEN_BYTES, HASH_BYTES) != 0) return 0; @@ -1538,7 +1538,7 @@ int ss_check_hash(char **buf_ptr, ssize_t *buf_len, struct chunk *chunk, int buf return 1; } -char *ss_gen_hash(char *buf, ssize_t *buf_len, uint32_t *counter, int buf_size) +char *ss_gen_hash(char *buf, ssize_t *buf_len, uint32_t *counter, struct enc_ctx *ctx, int buf_size) { ssize_t blen = *buf_len; int size = max(AUTH_BYTES + blen, buf_size); @@ -1549,11 +1549,11 @@ char *ss_gen_hash(char *buf, ssize_t *buf_len, uint32_t *counter, int buf_size) uint16_t chunk_len = htons((uint16_t)blen); uint8_t hash[HASH_BYTES]; - uint8_t key[MAX_KEY_LENGTH + sizeof(uint32_t)]; + uint8_t key[MAX_IV_LENGTH + sizeof(uint32_t)]; - memcpy(key, enc_key, enc_key_len); - memcpy(key + enc_key_len, counter, sizeof(uint32_t)); - crypto_generichash(hash, HASH_BYTES, (uint8_t *)buf, blen, key, enc_key_len + sizeof(uint32_t)); + memcpy(key, ctx->evp.iv, enc_iv_len); + memcpy(key + enc_iv_len, counter, sizeof(uint32_t)); + crypto_generichash(hash, HASH_BYTES, (uint8_t *)buf, blen, key, enc_iv_len + sizeof(uint32_t)); memmove(buf + AUTH_BYTES, buf, blen); memcpy(buf + CLEN_BYTES, hash, HASH_BYTES); diff --git a/src/encrypt.h b/src/encrypt.h index df148af5..13a724ab 100644 --- a/src/encrypt.h +++ b/src/encrypt.h @@ -181,7 +181,7 @@ unsigned char *enc_md5(const unsigned char *d, size_t n, unsigned char *md); int ss_onetimeauth(char *auth, char *msg, int msg_len, struct enc_ctx *ctx); int ss_onetimeauth_verify(char *auth, char *msg, int msg_len, struct enc_ctx *ctx); -int ss_check_hash(char **buf_ptr, ssize_t *buf_len, struct chunk *chunk, int buf_size); -char *ss_gen_hash(char *buf, ssize_t *buf_len, uint32_t *counter, int buf_size); +int ss_check_hash(char **buf_ptr, ssize_t *buf_len, struct chunk *chunk, struct enc_ctx *ctx, int buf_size); +char *ss_gen_hash(char *buf, ssize_t *buf_len, uint32_t *counter, struct enc_ctx *ctx, int buf_size); #endif // _ENCRYPT_H diff --git a/src/local.c b/src/local.c index 016356b9..f84c2cc4 100644 --- a/src/local.c +++ b/src/local.c @@ -245,7 +245,7 @@ static void server_recv_cb(EV_P_ ev_io *w, int revents) } if (!remote->direct && remote->send_ctx->connected && auth) { - remote->buf = ss_gen_hash(remote->buf, &r, &remote->counter, BUF_SIZE); + remote->buf = ss_gen_hash(remote->buf, &r, &remote->counter, server->e_ctx, BUF_SIZE); } // insert shadowsocks header @@ -485,7 +485,7 @@ static void server_recv_cb(EV_P_ ev_io *w, int revents) if (r > 0) { if (auth) { - buf = ss_gen_hash(buf, &r, &remote->counter, BUF_SIZE); + buf = ss_gen_hash(buf, &r, &remote->counter, server->e_ctx, BUF_SIZE); } memcpy(remote->buf + addr_len, buf, r); } diff --git a/src/redir.c b/src/redir.c index 8c4427ae..7ba3397f 100644 --- a/src/redir.c +++ b/src/redir.c @@ -185,7 +185,7 @@ static void server_recv_cb(EV_P_ ev_io *w, int revents) } if (auth) { - remote->buf = ss_gen_hash(remote->buf, &r, &remote->counter, BUF_SIZE); + remote->buf = ss_gen_hash(remote->buf, &r, &remote->counter, server->e_ctx, BUF_SIZE); } remote->buf = ss_encrypt(BUF_SIZE, remote->buf, &r, server->e_ctx); diff --git a/src/server.c b/src/server.c index 11de6f99..0e8f10a6 100644 --- a/src/server.c +++ b/src/server.c @@ -495,7 +495,7 @@ static void server_recv_cb(EV_P_ ev_io *w, int revents) // handshake and transmit data if (server->stage == 5) { - if (server->auth && !ss_check_hash(&remote->buf, &r, server->chunk, BUF_SIZE)) { + if (server->auth && !ss_check_hash(&remote->buf, &r, server->chunk, server->e_ctx, BUF_SIZE)) { LOGE("hash error"); report_addr(server->fd); close_and_free_server(EV_A_ server); @@ -548,7 +548,7 @@ static void server_recv_cb(EV_P_ ev_io *w, int revents) * | 2 | 4 | Variable | ... * +------+---------+-------------+------+ * - * The key of BLAKE2b is (KEY + CHUNK ID) + * The key of BLAKE2b is (IV + CHUNK ID) */ int offset = 0; @@ -684,7 +684,7 @@ static void server_recv_cb(EV_P_ ev_io *w, int revents) memmove(server->buf, server->buf + offset, server->buf_len); } - if (server->auth && !ss_check_hash(&server->buf, &server->buf_len, server->chunk, BUF_SIZE)) { + if (server->auth && !ss_check_hash(&server->buf, &server->buf_len, server->chunk, server->d_ctx, BUF_SIZE)) { LOGE("hash error"); report_addr(server->fd); close_and_free_server(EV_A_ server); diff --git a/src/tunnel.c b/src/tunnel.c index ef575355..9e848852 100644 --- a/src/tunnel.c +++ b/src/tunnel.c @@ -197,7 +197,7 @@ static void server_recv_cb(EV_P_ ev_io *w, int revents) } if (auth) { - remote->buf = ss_gen_hash(remote->buf, &r, &remote->counter, BUF_SIZE); + remote->buf = ss_gen_hash(remote->buf, &r, &remote->counter, server->e_ctx, BUF_SIZE); } remote->buf = ss_encrypt(BUF_SIZE, remote->buf, &r, server->e_ctx);