vbatts/shadowsocks
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

fix test

Browse source
This commit is contained in:
clowwindy 2014-12-31 13:41:51 +08:00
parent ccd1c0b45c
commit af5455c820
4 changed files with 25 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

5
shadowsocks/crypto/ctypes_libsodium.py
View file

@ -39,7 +39,7 @@ BLOCK_SIZE = 64
def load_libsodium(): def load_libsodium():
global loaded, libsodium, buf, tag_buf global loaded, libsodium, buf
from ctypes.util import find_library from ctypes.util import find_library
for p in ('sodium', 'libsodium'): for p in ('sodium', 'libsodium'):
@ -73,7 +73,6 @@ def load_libsodium():
libsodium.sodium_init() libsodium.sodium_init()
buf = create_string_buffer(buf_size) buf = create_string_buffer(buf_size)
tag_buf = create_string_buffer(16)
loaded = True loaded = True
@ -118,9 +117,9 @@ class Salsa20Crypto(object):
class Poly1305(object): class Poly1305(object):
@staticmethod @staticmethod
def auth(method, key, data): def auth(method, key, data):
global tag_buf
if not loaded: if not loaded:
load_libsodium() load_libsodium()
tag_buf = create_string_buffer(16)
libsodium.crypto_onetimeauth(byref(tag_buf), data, len(data), key) libsodium.crypto_onetimeauth(byref(tag_buf), data, len(data), key)
return tag_buf.raw return tag_buf.raw

24
shadowsocks/crypto/hmac.py
View file

@ -24,6 +24,7 @@ from __future__ import absolute_import, division, print_function, \
with_statement with_statement
import hmac import hmac
import hashlib
from shadowsocks import common from shadowsocks import common
@ -34,13 +35,30 @@ class HMAC(object):
@staticmethod @staticmethod
def auth(method, key, data): def auth(method, key, data):
digest = common.to_str(method.replace(b'hmac-', b'')) digest = common.to_str(method.replace(b'hmac-', b''))
return hmac.new(key, data, digest).digest() return hmac.new(key, data, getattr(hashlib, digest)).digest()
@staticmethod @staticmethod
def verify(method, key, data, tag): def verify(method, key, data, tag):
digest = common.to_str(method.replace(b'hmac-', b'')) digest = common.to_str(method.replace(b'hmac-', b''))
t = hmac.new(key, data, digest).digest() t = hmac.new(key, data, getattr(hashlib, digest)).digest()
return hmac.compare_digest(t, tag) if hasattr(hmac, 'compare_digest'):
return hmac.compare_digest(t, tag)
else:
return _time_independent_equals(t, tag)
# from tornado
def _time_independent_equals(a, b):
if len(a) != len(b):
return False
result = 0
if type(a[0]) is int: # python3 byte strings
for x, y in zip(a, b):
result |= x ^ y
else: # python2
for x, y in zip(a, b):
result |= ord(x) ^ ord(y)
return result == 0
auths = { auths = {

2
shadowsocks/encrypt.py
View file

@ -180,7 +180,7 @@ def auth_create(data, password, iv, method):
def auth_open(data, password, iv, method): def auth_open(data, password, iv, method):
if method is None: if not method:
return data return data
# verify hmac and remove the hmac or return None # verify hmac and remove the hmac or return None
password = common.to_bytes(password) password = common.to_bytes(password)

1
shadowsocks/utils.py
View file

@ -173,6 +173,7 @@ def get_config(is_local):
config['password'] = config.get('password', '') config['password'] = config.get('password', '')
config['method'] = config.get('method', 'aes-256-cfb') config['method'] = config.get('method', 'aes-256-cfb')
config['auth'] = config.get('auth', None)
config['port_password'] = config.get('port_password', None) config['port_password'] = config.get('port_password', None)
config['timeout'] = int(config.get('timeout', 300)) config['timeout'] = int(config.get('timeout', 300))
config['fast_open'] = config.get('fast_open', False) config['fast_open'] = config.get('fast_open', False)