// Read reads a VMessRequest from a byte stream.
func (r *VMessRequestReader) Read(reader io.Reader) (*VMessRequest, error) {
buffer := alloc.NewSmallBuffer()
nBytes, err := v2net.ReadAllBytes(reader, buffer.Value[:config.IDBytesLen])
if err != nil {
return nil, err
}
userId, timeSec, valid := r.vUserSet.GetUser(buffer.Value[:nBytes])
if !valid {
return nil, proxy.InvalidAuthentication
}
aesCipher, err := aes.NewCipher(userId.CmdKey())
if err != nil {
return nil, err
}
aesStream := cipher.NewCFBDecrypter(aesCipher, user.Int64Hash(timeSec))
decryptor := v2io.NewCryptionReader(aesStream, reader)
if err != nil {
return nil, err
}
nBytes, err = v2net.ReadAllBytes(decryptor, buffer.Value[:41])
if err != nil {
return nil, err
}
bufferLen := nBytes
request := &VMessRequest{
UserId: *userId,
Version: buffer.Value[0],
}
if request.Version != Version {
log.Warning("Invalid protocol version %d", request.Version)
return nil, proxy.InvalidProtocolVersion
}
request.RequestIV = buffer.Value[1:17] // 16 bytes
request.RequestKey = buffer.Value[17:33] // 16 bytes
request.ResponseHeader = buffer.Value[33:37] // 4 bytes
request.Command = buffer.Value[37]
port := binary.BigEndian.Uint16(buffer.Value[38:40])
switch buffer.Value[40] {
case addrTypeIPv4:
_, err = v2net.ReadAllBytes(decryptor, buffer.Value[41:45]) // 4 bytes
bufferLen += 4
if err != nil {
return nil, err
}
request.Address = v2net.IPAddress(buffer.Value[41:45], port)
case addrTypeIPv6:
_, err = v2net.ReadAllBytes(decryptor, buffer.Value[41:57]) // 16 bytes
bufferLen += 16
if err != nil {
return nil, err
}
request.Address = v2net.IPAddress(buffer.Value[41:57], port)
case addrTypeDomain:
_, err = v2net.ReadAllBytes(decryptor, buffer.Value[41:42])
if err != nil {
return nil, err
}
domainLength := int(buffer.Value[41])
_, err = v2net.ReadAllBytes(decryptor, buffer.Value[42:42+domainLength])
if err != nil {
return nil, err
}
bufferLen += 1 + domainLength
request.Address = v2net.DomainAddress(string(buffer.Value[42:42+domainLength]), port)
}
_, err = v2net.ReadAllBytes(decryptor, buffer.Value[bufferLen:bufferLen+4])
if err != nil {
return nil, err
}
fnv1a := fnv.New32a()
fnv1a.Write(buffer.Value[:bufferLen])
actualHash := fnv1a.Sum32()
expectedHash := binary.BigEndian.Uint32(buffer.Value[bufferLen : bufferLen+4])
if actualHash != expectedHash {
return nil, transport.CorruptedPacket
}
return request, nil
}
func (r *VMessRequestReader) Read(reader io.Reader) (*VMessRequest, error) {
buffer := make([]byte, 256)
nBytes, err := reader.Read(buffer[:user.IDBytesLen])
if err != nil {
return nil, err
}
log.Debug("Read user hash: %v", buffer[:nBytes])
userId, timeSec, valid := r.vUserSet.GetUser(buffer[:nBytes])
if !valid {
return nil, ErrorInvalidUser
}
aesCipher, err := aes.NewCipher(userId.CmdKey())
if err != nil {
return nil, err
}
aesStream := cipher.NewCFBDecrypter(aesCipher, user.Int64Hash(timeSec))
decryptor := v2io.NewCryptionReader(aesStream, reader)
if err != nil {
return nil, err
}
nBytes, err = decryptor.Read(buffer[0:1])
if err != nil {
return nil, err
}
randomLength := buffer[0]
if randomLength <= 0 || randomLength > 32 {
return nil, fmt.Errorf("Unexpected random length %d", randomLength)
}
_, err = decryptor.Read(buffer[:randomLength])
if err != nil {
return nil, err
}
nBytes, err = decryptor.Read(buffer[0:1])
if err != nil {
return nil, err
}
request := &VMessRequest{
UserId: *userId,
Version: buffer[0],
}
if request.Version != Version {
log.Error("Unknown VMess version %d", request.Version)
return nil, ErrorInvalidVerion
}
// TODO: check number of bytes returned
_, err = decryptor.Read(request.RequestIV[:])
if err != nil {
return nil, err
}
_, err = decryptor.Read(request.RequestKey[:])
if err != nil {
return nil, err
}
_, err = decryptor.Read(request.ResponseHeader[:])
if err != nil {
return nil, err
}
_, err = decryptor.Read(buffer[0:1])
if err != nil {
return nil, err
}
request.Command = buffer[0]
_, err = decryptor.Read(buffer[0:2])
if err != nil {
return nil, err
}
port := binary.BigEndian.Uint16(buffer[0:2])
_, err = decryptor.Read(buffer[0:1])
if err != nil {
return nil, err
}
switch buffer[0] {
case addrTypeIPv4:
_, err = decryptor.Read(buffer[1:5])
if err != nil {
return nil, err
}
request.Address = v2net.IPAddress(buffer[1:5], port)
case addrTypeIPv6:
_, err = decryptor.Read(buffer[1:17])
if err != nil {
return nil, err
}
request.Address = v2net.IPAddress(buffer[1:17], port)
case addrTypeDomain:
_, err = decryptor.Read(buffer[1:2])
if err != nil {
return nil, err
}
domainLength := buffer[1]
_, err = decryptor.Read(buffer[2 : 2+domainLength])
if err != nil {
return nil, err
}
request.Address = v2net.DomainAddress(string(buffer[2:2+domainLength]), port)
}
_, err = decryptor.Read(buffer[0:1])
if err != nil {
return nil, err
}
randomLength = buffer[0]
_, err = decryptor.Read(buffer[:randomLength])
if err != nil {
return nil, err
}
return request, nil
}
// Read reads a VMessRequest from a byte stream.
func (r *VMessRequestReader) Read(reader io.Reader) (*VMessRequest, error) {
buffer := make([]byte, 256)
nBytes, err := reader.Read(buffer[:user.IDBytesLen])
if err != nil {
return nil, err
}
log.Debug("Read user hash: %v", buffer[:nBytes])
userId, timeSec, valid := r.vUserSet.GetUser(buffer[:nBytes])
if !valid {
return nil, errors.NewAuthenticationError(buffer[:nBytes])
}
aesCipher, err := aes.NewCipher(userId.CmdKey())
if err != nil {
return nil, err
}
aesStream := cipher.NewCFBDecrypter(aesCipher, user.Int64Hash(timeSec))
decryptor := v2io.NewCryptionReader(aesStream, reader)
if err != nil {
return nil, err
}
nBytes, err = decryptor.Read(buffer[:41])
if err != nil {
return nil, err
}
bufferLen := nBytes
request := &VMessRequest{
UserId: *userId,
Version: buffer[0],
}
if request.Version != Version {
return nil, errors.NewProtocolVersionError(int(request.Version))
}
copy(request.RequestIV[:], buffer[1:17]) // 16 bytes
copy(request.RequestKey[:], buffer[17:33]) // 16 bytes
copy(request.ResponseHeader[:], buffer[33:37]) // 4 bytes
request.Command = buffer[37]
port := binary.BigEndian.Uint16(buffer[38:40])
switch buffer[40] {
case addrTypeIPv4:
_, err = decryptor.Read(buffer[41:45]) // 4 bytes
bufferLen += 4
if err != nil {
return nil, err
}
request.Address = v2net.IPAddress(buffer[41:45], port)
case addrTypeIPv6:
_, err = decryptor.Read(buffer[41:57]) // 16 bytes
bufferLen += 16
if err != nil {
return nil, err
}
request.Address = v2net.IPAddress(buffer[41:57], port)
case addrTypeDomain:
_, err = decryptor.Read(buffer[41:42])
if err != nil {
return nil, err
}
domainLength := int(buffer[41])
_, err = decryptor.Read(buffer[42 : 42+domainLength])
if err != nil {
return nil, err
}
bufferLen += 1 + domainLength
request.Address = v2net.DomainAddress(string(buffer[42:42+domainLength]), port)
}
_, err = decryptor.Read(buffer[bufferLen : bufferLen+4])
if err != nil {
return nil, err
}
fnv1a := fnv.New32a()
fnv1a.Write(buffer[:bufferLen])
actualHash := fnv1a.Sum32()
expectedHash := binary.BigEndian.Uint32(buffer[bufferLen : bufferLen+4])
if actualHash != expectedHash {
return nil, errors.NewCorruptedPacketError()
}
return request, nil
}
