fumiama/WireGold
1
0
Fork 0
mirror of https://github.com/fumiama/WireGold.git synced 2026-06-05 07:50:24 +08:00
Code Activity

fix tea in big endian

Browse Source
This commit is contained in:
源文雨
2022-04-12 19:40:40 +08:00
parent 58f950109f
commit 68b2e8cac5
9 changed files with 46 additions and 41 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
go.mod
View File

@@ -3,11 +3,11 @@ module github.com/fumiama/WireGold
go 1.16 go 1.16
require ( require (
github.com/fumiama/blake2b-simd v0.0.0-20220412092318-c99573b3b2b1
github.com/fumiama/go-base16384 v1.3.0 github.com/fumiama/go-base16384 v1.3.0
github.com/fumiama/go-x25519 v1.0.0 github.com/fumiama/go-x25519 v1.0.0
github.com/fumiama/gofastTEA v0.0.9 github.com/fumiama/gofastTEA v0.0.9
github.com/fumiama/water v0.0.0-20211231134027-da391938d6ac github.com/fumiama/water v0.0.0-20211231134027-da391938d6ac
github.com/minio/blake2b-simd v0.0.0-20160723061019-3f5f724cb5b1
github.com/sirupsen/logrus v1.8.1 github.com/sirupsen/logrus v1.8.1
gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b
) )

4
go.sum
View File

@@ -1,5 +1,7 @@
github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/fumiama/blake2b-simd v0.0.0-20220412092318-c99573b3b2b1 h1:bCiKcUQoZk2E68CPRYROZ9/N1BC21jtjxfqGc+5aoRs=
github.com/fumiama/blake2b-simd v0.0.0-20220412092318-c99573b3b2b1/go.mod h1:Olmv2uLdFllRsvwhzOvG/O/Nvgzg0ViokUL4+hiaRSE=
github.com/fumiama/go-base16384 v1.3.0 h1:J5Xtwh/3alGJt/z/0IFralo5UQA89iFWQqbxj5ZQZi8= github.com/fumiama/go-base16384 v1.3.0 h1:J5Xtwh/3alGJt/z/0IFralo5UQA89iFWQqbxj5ZQZi8=
github.com/fumiama/go-base16384 v1.3.0/go.mod h1:RGA715p34BiLoZvPRtaxuo2q25Kq9jFsgUsJb8dwy14= github.com/fumiama/go-base16384 v1.3.0/go.mod h1:RGA715p34BiLoZvPRtaxuo2q25Kq9jFsgUsJb8dwy14=
github.com/fumiama/go-x25519 v1.0.0 h1:hiGg9EhseVmGCc8T1jECVkj8Keu/aJ1ZK05RM8Vuavo= github.com/fumiama/go-x25519 v1.0.0 h1:hiGg9EhseVmGCc8T1jECVkj8Keu/aJ1ZK05RM8Vuavo=
@@ -10,8 +12,6 @@ github.com/fumiama/water v0.0.0-20211231134027-da391938d6ac h1:A/5A0rODsg+EQHH61
github.com/fumiama/water v0.0.0-20211231134027-da391938d6ac/go.mod h1:BBnNY9PwK+UUn4trAU+H0qsMEypm7+3Bj1bVFuJItlo= github.com/fumiama/water v0.0.0-20211231134027-da391938d6ac/go.mod h1:BBnNY9PwK+UUn4trAU+H0qsMEypm7+3Bj1bVFuJItlo=
github.com/fumiama/wintun v0.0.0-20211229152851-8bc97c8034c0 h1:WfrSFlIlCAtg6Rt2IGna0HhJYSDE45YVHiYqO4wwsEw= github.com/fumiama/wintun v0.0.0-20211229152851-8bc97c8034c0 h1:WfrSFlIlCAtg6Rt2IGna0HhJYSDE45YVHiYqO4wwsEw=
github.com/fumiama/wintun v0.0.0-20211229152851-8bc97c8034c0/go.mod h1:dPOG7Af/ArO62RgBz2JJTNFByBn/IXWLo/1kZKcLSe8= github.com/fumiama/wintun v0.0.0-20211229152851-8bc97c8034c0/go.mod h1:dPOG7Af/ArO62RgBz2JJTNFByBn/IXWLo/1kZKcLSe8=
github.com/minio/blake2b-simd v0.0.0-20160723061019-3f5f724cb5b1 h1:lYpkrQH5ajf0OXOcUbGjvZxxijuBwbbmlSxLiuofa+g=
github.com/minio/blake2b-simd v0.0.0-20160723061019-3f5f724cb5b1/go.mod h1:pD8RvIylQ358TN4wwqatJ8rNavkEINozVn9DtGI3dfQ=
github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
github.com/sirupsen/logrus v1.8.1 h1:dJKuHgqk1NNQlqoA6BTlM1Wf9DOH3NBjQyu0h9+AZZE= github.com/sirupsen/logrus v1.8.1 h1:dJKuHgqk1NNQlqoA6BTlM1Wf9DOH3NBjQyu0h9+AZZE=

28
gold/head/packet.go
View File

@@ -7,15 +7,16 @@ import (
"net" "net"
"github.com/fumiama/WireGold/helper" "github.com/fumiama/WireGold/helper"
blake2b "github.com/minio/blake2b-simd" blake2b "github.com/fumiama/blake2b-simd"
"github.com/sirupsen/logrus" "github.com/sirupsen/logrus"
) )
// Packet 是发送和接收的最小单位 // Packet 是发送和接收的最小单位
type Packet struct { type Packet struct {
// DataSZ len(Data) // TeaTypeDataSZ len(Data)
// 高 8 位指定加密所用 tea key
// 不得超过 65507-head 字节 // 不得超过 65507-head 字节
DataSZ uint32 TeaTypeDataSZ uint32
// Proto 详见 head // Proto 详见 head
Proto uint8 Proto uint8
// TTL is time to live // TTL is time to live
@@ -32,7 +33,7 @@ type Packet struct {
Dst net.IP Dst net.IP
// Hash 使用 BLAKE2 生成加密前 Packet 的摘要 // Hash 使用 BLAKE2 生成加密前 Packet 的摘要
// 生成时 Hash 全 0 // 生成时 Hash 全 0
// https://github.com/minio/blake2b-simd // https://github.com/fumiama/blake2b-simd
Hash [32]byte Hash [32]byte
// Data 承载的数据 // Data 承载的数据
Data []byte Data []byte
@@ -60,14 +61,16 @@ func (p *Packet) Unmarshal(data []byte) (complete bool, err error) {
return return
} }
if p.DataSZ == 0 && len(p.Data) == 0 { sz := p.TeaTypeDataSZ & 0x00ffffff
p.DataSZ = binary.LittleEndian.Uint32(data[:4]) if sz == 0 && len(p.Data) == 0 {
if int(p.DataSZ)+52 == len(data) { p.TeaTypeDataSZ = binary.LittleEndian.Uint32(data[:4])
sz = p.TeaTypeDataSZ & 0x00ffffff
if int(sz)+52 == len(data) {
p.Data = data[52:] p.Data = data[52:]
p.rembytes = 0 p.rembytes = 0
} else { } else {
p.Data = make([]byte, p.DataSZ) p.Data = make([]byte, sz)
p.rembytes = p.DataSZ p.rembytes = sz
} }
pt := binary.LittleEndian.Uint16(data[4:6]) pt := binary.LittleEndian.Uint16(data[4:6])
p.Proto = uint8(pt) p.Proto = uint8(pt)
@@ -98,14 +101,14 @@ func (p *Packet) Unmarshal(data []byte) (complete bool, err error) {
// Marshal 将自身数据编码为 []byte // Marshal 将自身数据编码为 []byte
// offset 必须为 8 的倍数,表示偏移的 8 位 // offset 必须为 8 的倍数,表示偏移的 8 位
func (p *Packet) Marshal(src net.IP, datasz uint32, offset uint16, dontfrag, hasmore bool) ([]byte, func()) { func (p *Packet) Marshal(src net.IP, teatype uint8, datasz uint32, offset uint16, dontfrag, hasmore bool) ([]byte, func()) {
p.TTL-- p.TTL--
if p.TTL == 0 { if p.TTL == 0 {
return nil, nil return nil, nil
} }
if src != nil { if src != nil {
p.DataSZ = datasz p.TeaTypeDataSZ = uint32(teatype)<<24 | datasz
p.Src = src p.Src = src
if dontfrag { if dontfrag {
offset |= 0x4000 offset |= 0x4000
@@ -117,7 +120,7 @@ func (p *Packet) Marshal(src net.IP, datasz uint32, offset uint16, dontfrag, has
} }
return helper.OpenWriterF(func(w *helper.Writer) { return helper.OpenWriterF(func(w *helper.Writer) {
w.WriteUInt32(p.DataSZ) w.WriteUInt32(p.TeaTypeDataSZ)
w.WriteUInt16((uint16(p.TTL) << 8) | uint16(p.Proto)) w.WriteUInt16((uint16(p.TTL) << 8) | uint16(p.Proto))
w.WriteUInt16(p.SrcPort) w.WriteUInt16(p.SrcPort)
w.WriteUInt16(p.DstPort) w.WriteUInt16(p.DstPort)
@@ -138,6 +141,7 @@ func (p *Packet) FillHash() {
return return
} }
_ = h.Sum(p.Hash[:0]) _ = h.Sum(p.Hash[:0])
logrus.Debugln("[packet] sum calulated:", hex.EncodeToString(p.Hash[:]))
} }
// IsVaildHash 验证 packet 合法性 // IsVaildHash 验证 packet 合法性

18
gold/link/crypto.go
View File

@@ -1,14 +1,8 @@
package link package link
import (
"unsafe"
tea "github.com/fumiama/gofastTEA"
)
// Encode 使用 TEA 加密 // Encode 使用 TEA 加密
func (l *Link) Encode(b []byte) (eb []byte) { func (l *Link) Encode(teatype uint8, b []byte) (eb []byte) {
if b == nil { if b == nil || teatype >= 16 {
return return
} }
if l.key == nil { if l.key == nil {
@@ -16,14 +10,14 @@ func (l *Link) Encode(b []byte) (eb []byte) {
} else { } else {
// 在此处填写加密逻辑密钥是l.key输入是b输出是eb // 在此处填写加密逻辑密钥是l.key输入是b输出是eb
// 不用写return直接赋值给eb即可 // 不用写return直接赋值给eb即可
eb = (*tea.TEA)(unsafe.Pointer(l.key)).Encrypt(b) eb = l.key[teatype].Encrypt(b)
} }
return return
} }
// Decode 使用 TEA 解密 // Decode 使用 TEA 解密
func (l *Link) Decode(b []byte) (db []byte) { func (l *Link) Decode(teatype uint8, b []byte) (db []byte) {
if b == nil { if b == nil || teatype >= 16 {
return return
} }
if l.key == nil { if l.key == nil {
@@ -31,7 +25,7 @@ func (l *Link) Decode(b []byte) (db []byte) {
} else { } else {
// 在此处填写解密逻辑密钥是l.key输入是b输出是db // 在此处填写解密逻辑密钥是l.key输入是b输出是db
// 不用写return直接赋值给db即可 // 不用写return直接赋值给db即可
db = (*tea.TEA)(unsafe.Pointer(l.key)).Decrypt(b) db = l.key[teatype].Decrypt(b)
} }
return return
} }

3
gold/link/link.go
View File

@@ -7,6 +7,7 @@ import (
"github.com/fumiama/WireGold/gold/head" "github.com/fumiama/WireGold/gold/head"
"github.com/fumiama/WireGold/helper" "github.com/fumiama/WireGold/helper"
base14 "github.com/fumiama/go-base16384" base14 "github.com/fumiama/go-base16384"
tea "github.com/fumiama/gofastTEA"
) )
// Link 是本机到 peer 的连接抽象 // Link 是本机到 peer 的连接抽象
@@ -28,7 +29,7 @@ type Link struct {
// 连接的状态,详见下方 const // 连接的状态,详见下方 const
status int status int
// 连接所用对称加密密钥 // 连接所用对称加密密钥
key *[32]byte key []tea.TEA
// 本机信息 // 本机信息
me *Me me *Me
} }

5
gold/link/listen.go
View File

@@ -22,7 +22,8 @@ func (m *Me) listen() (conn *net.UDPConn, err error) {
lbf = lbf[:n] lbf = lbf[:n]
packet := m.wait(lbf) packet := m.wait(lbf)
if packet != nil { if packet != nil {
r := int(packet.DataSZ) - len(packet.Data) sz := packet.TeaTypeDataSZ & 0x00ffffff
r := int(sz) - len(packet.Data)
if r > 0 { if r > 0 {
remain, err := readAll(conn, r) remain, err := readAll(conn, r)
if err == nil { if err == nil {
@@ -38,7 +39,7 @@ func (m *Me) listen() (conn *net.UDPConn, err error) {
p.endpoint = addr p.endpoint = addr
} }
if p.IsToMe(packet.Dst) { if p.IsToMe(packet.Dst) {
packet.Data = p.Decode(packet.Data) packet.Data = p.Decode(uint8(packet.TeaTypeDataSZ>>24), packet.Data)
if packet.IsVaildHash() { if packet.IsVaildHash() {
switch packet.Proto { switch packet.Proto {
case head.ProtoHello: case head.ProtoHello:

7
gold/link/peer.go
View File

@@ -3,10 +3,10 @@ package link
import ( import (
"net" "net"
"time" "time"
"unsafe"
"github.com/fumiama/WireGold/gold/head" "github.com/fumiama/WireGold/gold/head"
curve "github.com/fumiama/go-x25519" curve "github.com/fumiama/go-x25519"
tea "github.com/fumiama/gofastTEA"
"github.com/sirupsen/logrus" "github.com/sirupsen/logrus"
) )
@@ -32,7 +32,10 @@ func (m *Me) AddPeer(peerip string, pubicKey *[32]byte, endPoint string, allowed
c := curve.Get(m.privKey[:]) c := curve.Get(m.privKey[:])
k, err := c.Shared(pubicKey) k, err := c.Shared(pubicKey)
if err == nil { if err == nil {
l.key = (*[32]byte)(*(*unsafe.Pointer)(unsafe.Pointer(&k))) l.key = make([]tea.TEA, 16)
for i := range l.key {
l.key[i] = tea.NewTeaCipherLittleEndian(k[i : 16+i])
}
} }
} }
if endPoint != "" { if endPoint != "" {

18
gold/link/send.go
View File

@@ -3,6 +3,7 @@ package link
import ( import (
"errors" "errors"
"fmt" "fmt"
"math/rand"
"github.com/fumiama/WireGold/gold/head" "github.com/fumiama/WireGold/gold/head"
"github.com/sirupsen/logrus" "github.com/sirupsen/logrus"
@@ -10,16 +11,17 @@ import (
// Write 向 peer 发包 // Write 向 peer 发包
func (l *Link) Write(p *head.Packet, istransfer bool) (n int, err error) { func (l *Link) Write(p *head.Packet, istransfer bool) (n int, err error) {
teatype := uint8(rand.Intn(16))
if len(p.Data) <= int(l.me.mtu) { if len(p.Data) <= int(l.me.mtu) {
if !istransfer { if !istransfer {
p.FillHash() p.FillHash()
p.Data = l.Encode(p.Data) p.Data = l.Encode(teatype, p.Data)
} }
return l.write(p, uint32(len(p.Data)), 0, istransfer, false) return l.write(p, teatype, uint32(len(p.Data)), 0, istransfer, false)
} }
if !istransfer { if !istransfer {
p.FillHash() p.FillHash()
p.Data = l.Encode(p.Data) p.Data = l.Encode(teatype, p.Data)
} }
data := p.Data data := p.Data
totl := uint32(len(data)) totl := uint32(len(data))
@@ -28,7 +30,7 @@ func (l *Link) Write(p *head.Packet, istransfer bool) (n int, err error) {
logrus.Debugln("[link] split frag", i, ":", i+int(l.me.mtu), ", remain:", int(totl)-i-int(l.me.mtu)) logrus.Debugln("[link] split frag", i, ":", i+int(l.me.mtu), ", remain:", int(totl)-i-int(l.me.mtu))
packet := *p packet := *p
packet.Data = data[:int(l.me.mtu)] packet.Data = data[:int(l.me.mtu)]
cnt, err := l.write(&packet, totl, uint16(uint(i)>>3), istransfer, true) cnt, err := l.write(&packet, teatype, totl, uint16(uint(i)>>3), istransfer, true)
n += cnt n += cnt
if err != nil { if err != nil {
return n, err return n, err
@@ -36,7 +38,7 @@ func (l *Link) Write(p *head.Packet, istransfer bool) (n int, err error) {
data = data[int(l.me.mtu):] data = data[int(l.me.mtu):]
} }
p.Data = data p.Data = data
cnt, err := l.write(p, totl, uint16(uint(i)>>3), istransfer, false) cnt, err := l.write(p, teatype, totl, uint16(uint(i)>>3), istransfer, false)
n += cnt n += cnt
if err != nil { if err != nil {
return n, err return n, err
@@ -45,16 +47,16 @@ func (l *Link) Write(p *head.Packet, istransfer bool) (n int, err error) {
} }
// write 向 peer 发一个包 // write 向 peer 发一个包
func (l *Link) write(p *head.Packet, datasz uint32, offset uint16, istransfer, hasmore bool) (n int, err error) { func (l *Link) write(p *head.Packet, teatype uint8, datasz uint32, offset uint16, istransfer, hasmore bool) (n int, err error) {
var d []byte var d []byte
var cl func() var cl func()
if istransfer { if istransfer {
if p.Flags&0x4000 == 0x4000 && len(p.Data) > int(l.me.mtu) { if p.Flags&0x4000 == 0x4000 && len(p.Data) > int(l.me.mtu) {
return len(p.Data), errors.New("drop dont fragmnet big trans packet") return len(p.Data), errors.New("drop dont fragmnet big trans packet")
} }
d, cl = p.Marshal(nil, 0, 0, false, false) d, cl = p.Marshal(nil, teatype, 0, 0, false, false)
} else { } else {
d, cl = p.Marshal(l.me.me, datasz, offset, false, hasmore) d, cl = p.Marshal(l.me.me, teatype, datasz, offset, false, hasmore)
} }
if d == nil { if d == nil {
return 0, errors.New("[link] ttl exceeded") return 0, errors.New("[link] ttl exceeded")

2
main.go
View File

@@ -21,7 +21,7 @@ func main() {
gen := flag.Bool("g", false, "generate key pair") gen := flag.Bool("g", false, "generate key pair")
showp := flag.Bool("p", false, "show my publickey") showp := flag.Bool("p", false, "show my publickey")
file := flag.String("c", "config.yaml", "specify conf file") file := flag.String("c", "config.yaml", "specify conf file")
mtu := flag.Int("m", 32768-68, "set the mtu of wg") mtu := flag.Int("m", 1500-68, "set the mtu of wg")
debug := flag.Bool("d", false, "print debug logs") debug := flag.Bool("d", false, "print debug logs")
warn := flag.Bool("w", false, "only show logs above warn level") warn := flag.Bool("w", false, "only show logs above warn level")
flag.Parse() flag.Parse()