gandc/zapret2
Template
1
0
Fork 0
mirror of https://github.com/bol-van/zapret2.git synced 2026-03-19 07:45:49 +00:00
Code Issues Packages Projects Releases Wiki Activity

nfqws2: optimize aes-ctr and mtproto detection

Browse Source
This commit is contained in:
bol-van
2025-11-25 14:47:18 +03:00
parent 5e737f314b
commit cfb8b9f11f
4 changed files with 20 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
lua/zapret-tests.lua
View File

@@ -211,13 +211,13 @@ function test_aes_ctr()
test_assert(decrypted==clear_text)
print("* decrypting with bad key")
decrypted = aes_ctr(bu8(u8(string.sub(key,1,1))+1)..string.sub(key,2), iv, encrypted)
decrypted = aes_ctr(bu8(bitand(u8(string.sub(key,1,1))+1,0xFF))..string.sub(key,2), iv, encrypted)
print("decrypted: "..str_or_hex(decrypted))
print( decrypted==clear_text and "DECRYPT OK" or "DECRYPT ERROR" )
test_assert(decrypted~=clear_text)
print("* decrypting with bad iv")
decrypted = aes_ctr(key, bu8(u8(string.sub(iv,1,1))+1)..string.sub(iv,2), encrypted)
decrypted = aes_ctr(key, bu8(bitand(u8(string.sub(iv,1,1))+1,0xFF))..string.sub(iv,2), encrypted)
print("decrypted: "..str_or_hex(decrypted))
print( decrypted==clear_text and "DECRYPT OK" or "DECRYPT ERROR" )
test_assert(decrypted~=clear_text)

1
nfq2/lua.c
View File

@@ -411,7 +411,6 @@ static int luacall_aes(lua_State *L)
if (input_len!=16)
luaL_error(L, "aes: wrong data length %u. should be 16.", (unsigned)input_len);
aes_init_keygen_tables();
aes_context ctx;
uint8_t output[16];
if (aes_setkey(&ctx, bEncrypt, key, key_len) || aes_cipher(&ctx, input, output))

2
nfq2/nfqws.c
View File

@@ -12,6 +12,7 @@
#include "gzip.h"
#include "pools.h"
#include "lua.h"
#include "crypto/aes.h"
#include <stdio.h>
#include <stdlib.h>
@@ -1678,6 +1679,7 @@ int main(int argc, char **argv)
{
if (argc < 2) exithelp();
aes_init_keygen_tables(); // required for aes
set_console_io_buffering();
set_env_exedir(argv[0]);

18
nfq2/protocol.c
View File

@@ -1151,8 +1151,6 @@ bool QUICDecryptInitial(const uint8_t *data, size_t data_len, uint8_t *clean, si
pn_offset += tvb_get_varint(data + pn_offset, &payload_len);
if (payload_len<20 || (pn_offset + payload_len)>data_len) return false;
aes_init_keygen_tables();
uint8_t sample_enc[16];
aes_context ctx;
if (aes_setkey(&ctx, 1, aeshp, sizeof(aeshp)) || aes_cipher(&ctx, data + pn_offset + 4, sample_enc)) return false;
@@ -1390,13 +1388,29 @@ bool IsStunBindingRequest(const uint8_t *data, size_t len)
ntohl(*(uint32_t*)(&data[4]))==0x2112A442 && // magic cookie
ntohs(*(uint16_t*)(&data[2]))==len-20;
}
#if defined(__GNUC__) && !defined(__llvm__)
__attribute__((optimize ("no-strict-aliasing")))
#endif
bool IsMTProto(const uint8_t *data, size_t len)
{
if (len>=64)
{
/*
uint8_t decrypt[64];
aes_ctr_crypt(data+8, 32, data+40, data, 64, decrypt);
return !memcmp(decrypt+56,"\xEF\xEF\xEF\xEF",4);
*/
// this way requires only one AES instead of 4
uint8_t decrypt[16], iv[16];
aes_context ctx;
memcpy(iv, data+40, 16);
ctr_add(iv,3);
if (!aes_setkey(&ctx, AES_ENCRYPT, data+8, 32) && !aes_cipher(&ctx, iv, decrypt))
{
*((uint64_t*)(decrypt+8)) ^= *((uint64_t*)(data+56));
return !memcmp(decrypt+8,"\xEF\xEF\xEF\xEF",4);
}
}
return false;
}