271 lines
5.3 KiB
Go
271 lines
5.3 KiB
Go
package mmtls
|
||
|
||
import (
|
||
"bufio"
|
||
"crypto"
|
||
"math/big"
|
||
"net"
|
||
|
||
"golang.org/x/net/proxy"
|
||
)
|
||
|
||
// GlobalProxyConfig 全局代理配置(由 srv 层设置)
|
||
var GlobalProxyConfig = struct {
|
||
LongConnTimeout int
|
||
LongConnReadTimeout int
|
||
LongConnRetryTimes int
|
||
LongConnRetryInterval int
|
||
ShortConnTimeout int
|
||
AllowDirectOnProxyFail bool
|
||
}{
|
||
LongConnTimeout: 15,
|
||
LongConnReadTimeout: 210,
|
||
LongConnRetryTimes: 30,
|
||
LongConnRetryInterval: 500,
|
||
ShortConnTimeout: 15,
|
||
AllowDirectOnProxyFail: false,
|
||
}
|
||
|
||
// AesGcmParam AesGcm加密解密参数
|
||
type AesGcmParam struct {
|
||
AesKey []byte
|
||
Nonce []byte
|
||
}
|
||
|
||
// ClientEcdhKeys 客户端随机的两个EcdhKey私钥
|
||
type ClientEcdhKeys struct {
|
||
PriKey1 crypto.PrivateKey
|
||
PubKeyBuf1 []byte
|
||
PriKey2 crypto.PrivateKey
|
||
PubKeyBuf2 []byte
|
||
}
|
||
|
||
// HkdfKey28 HkdfKey28
|
||
type HkdfKey28 struct {
|
||
AesKey []byte
|
||
Nonce []byte
|
||
}
|
||
|
||
// HkdfKey56 HkdfKey56
|
||
type HkdfKey56 struct {
|
||
EncodeAesKey []byte
|
||
EncodeNonce []byte
|
||
DecodeAesKey []byte
|
||
DecodeNonce []byte
|
||
}
|
||
|
||
// MMInfo MMInfo
|
||
type MMInfo struct {
|
||
// 短链接 属性
|
||
// mmtls 协议host 例如:hkextshort.weixin.qq.com,这个需要保存这数据库
|
||
ShortHost string
|
||
// mmtls路径 -- 例如:/mmtls/12345678(随机8位16进制字符串),每次握手都随机一个
|
||
ShortURL string
|
||
// 短链接会话票据(服务端返回, 第一次握手不设置), 下一次握手选择其中一个发给服务器, 需要保存到数据库
|
||
ShortPskList []*Psk
|
||
// 握手扩展出来的用于后续加密的Key
|
||
PskAccessKey []byte
|
||
|
||
// 长链接 属性
|
||
LongHost string
|
||
LONGPort uint32
|
||
|
||
// Deprecated:
|
||
LONGClientSeq uint32 `json:"-"` // 不持久化
|
||
// Deprecated:
|
||
LONGServerSeq uint32 `json:"-"` // 不持久化
|
||
// Deprecated:
|
||
Conn net.Conn `json:"-"` // 不持久化
|
||
reader *bufio.Reader
|
||
|
||
LongHdkfKey *HkdfKey56
|
||
// ClientEcdhKeys
|
||
ClientEcdhKeys *ClientEcdhKeys
|
||
// 代理
|
||
Dialer proxy.Dialer
|
||
|
||
LongConnTimeout int
|
||
LongConnReadTimeout int
|
||
LongConnRetryTimes int
|
||
LongConnRetryInterval int
|
||
ShortConnTimeout int
|
||
AllowDirectOnProxyFail bool
|
||
}
|
||
|
||
// EcdsaSignature 服务端传过来的校验数据
|
||
type EcdsaSignature struct {
|
||
R, S *big.Int
|
||
}
|
||
|
||
// CipherSuiteInfo CipherSuiteInfo
|
||
type CipherSuiteInfo struct {
|
||
SuiteCode uint16
|
||
Clipher1 string
|
||
Clipher2 string
|
||
Clipher3 string
|
||
Clipher4 string
|
||
Clipher5 string
|
||
Length1 uint32
|
||
Length2 uint32
|
||
Length3 uint32
|
||
}
|
||
|
||
// CipherSuite CipherSuite
|
||
type CipherSuite struct {
|
||
SuiteCode uint16
|
||
SuiteInfo *CipherSuiteInfo
|
||
}
|
||
|
||
// ClientKeyOffer ClientKeyOffer
|
||
type ClientKeyOffer struct {
|
||
Version uint32
|
||
PublicValue []byte
|
||
}
|
||
|
||
// CertificateVerify CertificateVerify
|
||
type CertificateVerify struct {
|
||
Signature []byte
|
||
}
|
||
|
||
// ClientKeyShareExtension ClientKeyShareExtension
|
||
type ClientKeyShareExtension struct {
|
||
ClientKeyOfferList []*ClientKeyOffer
|
||
CertificateVersion uint32
|
||
}
|
||
|
||
// EarlyEncryptDataExtension EarlyEncryptDataExtension
|
||
type EarlyEncryptDataExtension struct {
|
||
ClientGmtTime uint32
|
||
}
|
||
|
||
// PreSharedKeyExtension PreSharedKeyExtension
|
||
type PreSharedKeyExtension struct {
|
||
PskList []*Psk
|
||
}
|
||
|
||
// ServerKeyShareExtension ServerKeyShareExtension
|
||
type ServerKeyShareExtension struct {
|
||
KeyOfferNameGroup uint32
|
||
PublicValue []byte
|
||
}
|
||
|
||
// Extension Extension
|
||
type Extension struct {
|
||
ExtensionType uint16
|
||
ExtensionData []byte
|
||
}
|
||
|
||
// EncryptedExtensions EncryptedExtensions
|
||
type EncryptedExtensions struct {
|
||
ExtensionList []*Extension
|
||
}
|
||
|
||
// ClientHello ClientHello
|
||
type ClientHello struct {
|
||
Version uint16
|
||
CipherSuiteList []*CipherSuite
|
||
RandomBytes []byte
|
||
ClientGmtTime uint32
|
||
ExtensionList []*Extension
|
||
}
|
||
|
||
// ServerHello ServerHello
|
||
type ServerHello struct {
|
||
Version uint16
|
||
CipherSuite *CipherSuite
|
||
RandomBytes []byte
|
||
ExtensionList []*Extension
|
||
}
|
||
|
||
// Psk Psk
|
||
type Psk struct {
|
||
Type byte
|
||
TicketKLifeTimeHint uint32
|
||
MacValue []byte
|
||
KeyVersion uint32
|
||
Iv []byte
|
||
EncryptedTicket []byte
|
||
}
|
||
|
||
// ClientPsk CLientPsk
|
||
type ClientPsk struct {
|
||
Psk *Psk
|
||
PskExpiredTime uint64
|
||
PreSharedKey []byte
|
||
}
|
||
|
||
// Finished Finished
|
||
type Finished struct {
|
||
VerifyData []byte
|
||
}
|
||
|
||
// HTTPHandler HttpHandler
|
||
type HTTPHandler struct {
|
||
URL string
|
||
Host string
|
||
MMPkg []byte
|
||
}
|
||
|
||
// KeyPair ECDH信息
|
||
type KeyPair struct {
|
||
Version uint32
|
||
Nid uint32
|
||
PublicKey []byte
|
||
PrivateKey []byte
|
||
}
|
||
|
||
// NewSessionTicket NewSessionTicket
|
||
type NewSessionTicket struct {
|
||
PskList []*Psk
|
||
}
|
||
|
||
// PskTicket PskTicket
|
||
type PskTicket struct {
|
||
Version byte
|
||
MMTlsVersion uint16
|
||
CipherSuite *CipherSuite
|
||
KeyVersion uint32
|
||
TicketKLifeTimeHint uint32
|
||
PreSharedKey []byte
|
||
MacKey []byte
|
||
ClientGmtTime uint32
|
||
ServerGmtTime uint32
|
||
EcdhVersion uint32
|
||
Valid byte
|
||
}
|
||
|
||
// RecordHead RecordHead
|
||
type RecordHead struct {
|
||
Type byte
|
||
Tag uint16
|
||
Size uint16
|
||
}
|
||
|
||
// Alert Alert
|
||
type Alert struct {
|
||
AlertLevel byte
|
||
AlertType uint16
|
||
FallBackURL []byte
|
||
SignatureURL []byte
|
||
}
|
||
|
||
// PackItem 包数量
|
||
type PackItem struct {
|
||
RecordHead []byte
|
||
PackData []byte
|
||
}
|
||
|
||
// LongPackHeaderInfo 长链接请求包头部信息
|
||
type LongPackHeaderInfo struct {
|
||
HeaderLen uint16
|
||
Version uint16
|
||
Operation uint32
|
||
SequenceNumber uint32
|
||
}
|
||
|
||
// LongRecvInfo 长链接接收信息
|
||
type LongRecvInfo struct {
|
||
HeaderInfo *LongPackHeaderInfo
|
||
RespData []byte
|
||
}
|