Documentation ¶
Overview ¶
Generate init packet
Index ¶
- Constants
- Variables
- func GetDcAddr(dc int16) (ipv4, ipv6 string, err error)
- func IsWrongNonce(nonce Nonce) bool
- type DcCtx
- type ErrInvalidProtocol
- type ErrInvalidProtocolFields
- type ErrSecretLength
- type FakeTlsCtx
- type FakeTlsHandshake
- type MiddleCtx
- type MpCtx
- type Nonce
- type ObfCtx
- type Obfuscator
- type RpcNonce
- type Secret
- type SecretType
Constants ¶
const ( MiddleSecretUrl = "https://core.telegram.org/getProxySecret" MiddleConfigIp4 = "https://core.telegram.org/getProxyConfig" MiddleConfigIp6 = "https://core.telegram.org/getProxyConfigV6" )
const ( FlagNotEncrypted uint32 = 0x02 FlagHasAdTag uint32 = 0x8 FlagMagic uint32 = 0x1000 FlagExtNode2 uint32 = 0x20000 FlagPad uint32 = 0x8000000 FlagIntermediate uint32 = 0x20000000 FlagAbbridged uint32 = 0x40000000 FlagQuickAck uint32 = 0x80000000 )
const ( Abridged = 0xef Intermediate = 0xee //0xeeeeeeee Padded = 0xdd //0xdddddddd Full = 0 )
const AddTagLength = 16
const DcMaxIdx = int16(5)
const FakeTlsHandshakeLen = 1 + 2 + 2 + 512 // handshake version payload_length payload
const MaxPayloadSize = 1024 * 1024 // 131200
const NonceSize = 64
const RpcNonceLen = 16
Variables ¶
var ( RpcNonceTag = [4]byte{0xaa, 0x87, 0xcb, 0x7a} RpcCryptoAesTag = [4]byte{0x01, 0, 0, 0} RpcHandShakeTag = [4]byte{0xf5, 0xee, 0x82, 0x76} RpcProxyAnsTag = [4]byte{0x0d, 0xda, 0x03, 0x44} RpcCloseExtTag = [4]byte{0xa2, 0x34, 0xb6, 0x5e} RpcSimpleAckTag = [4]byte{0x9b, 0x40, 0xac, 0x3b} RpcUnknown = [4]byte{0xdf, 0xa2, 0x30, 0x57} RpcProxyReqTag = [4]byte{0xee, 0xf1, 0xce, 0x36} ProxyTag = [4]byte{0xae, 0x26, 0x1e, 0xdb} ExtraSize = [4]byte{0x18, 0x00, 0x00, 0x00} PaddingFiller = [4]byte{0x4, 0, 0, 0} )
var DcIp4 = maplist.MapList[int16, string]{ Data: map[int16][]string{ 1: {"149.154.175.50:443"}, 2: {"149.154.167.51:443", "95.161.76.100:443"}, 3: {"149.154.175.100:443"}, 4: {"149.154.167.91:443"}, 5: {"149.154.171.5:443"}, }, }
var DcIp6 = maplist.MapList[int16, string]{ Data: map[int16][]string{ 1: {"[2001:b28:f23d:f001::a]:443"}, 2: {"[2001:67c:04e8:f002::a]:443"}, 3: {"[2001:b28:f23d:f003::a]:443"}, 4: {"[2001:67c:04e8:f004::a]:443"}, 5: {"[2001:b28:f23f:f005::a]:443"}, }, }
var ErrInvalidDigestError = errors.New("invalid client digest")
var FakeTlsHeader = [...]byte{
0x16,
0x03,
0x01,
0x02,
0x00,
0x01,
0x00,
0x01,
0xfc,
0x03,
0x03}
var WrongNonceStarters = [...][]byte{
{0xef},
{0x48, 0x45, 0x41, 0x44},
{0x50, 0x4f, 0x53, 0x54},
{0x47, 0x45, 0x54, 0x20},
{0x4f, 0x50, 0x54, 0x49},
{0x16, 0x03, 0x01, 0x02},
{0xdd, 0xdd, 0xdd, 0xdd},
{0xee, 0xee, 0xee, 0xee},
}
Functions ¶
func IsWrongNonce ¶
Check if nonce is correct. Usefull for clients validation
Types ¶
type DcCtx ¶
type DcCtx struct { // Nonce is generated for this-dc connection Nonce Nonce Protocol uint8 // contains filtered or unexported fields }
Context for obfuscation this-DC connection
func (*DcCtx) DecryptNext ¶
func (*DcCtx) EncryptNext ¶
type ErrInvalidProtocol ¶ added in v0.9.9
type ErrInvalidProtocol struct {
// contains filtered or unexported fields
}
func (ErrInvalidProtocol) Error ¶ added in v0.9.9
func (ip ErrInvalidProtocol) Error() string
type ErrInvalidProtocolFields ¶ added in v0.9.9
type ErrInvalidProtocolFields struct {
// contains filtered or unexported fields
}
func (ErrInvalidProtocolFields) Error ¶ added in v0.9.9
func (ipf ErrInvalidProtocolFields) Error() string
type ErrSecretLength ¶ added in v0.9.9
type ErrSecretLength struct {
// contains filtered or unexported fields
}
func (ErrSecretLength) Error ¶ added in v0.9.9
func (e ErrSecretLength) Error() string
type FakeTlsCtx ¶
type FakeTlsCtx struct { Header FakeTlsHandshake Digest [32]byte Timestamp uint32 Secret *Secret }
func FakeTlsCtxFromTlsHeader ¶
func FakeTlsCtxFromTlsHeader(header FakeTlsHandshake, secret *Secret) (c *FakeTlsCtx, err error)
Checks handshake bytes against user secret (does not check timestamp) Return client-this faketls context in case os success.
type FakeTlsHandshake ¶
type FakeTlsHandshake = [FakeTlsHandshakeLen]byte
FakeTlsHandshake is a set of bytes client supposed to send for initiate faketls connection.
type MiddleCtx ¶
type MiddleCtx struct { CliNonce RpcNonce AdTag []byte Out netip.AddrPort MP netip.AddrPort Obf *MpCtx }
this-middle_proxy encryption context
func NewMiddleCtx ¶
func (*MiddleCtx) DecryptBlock ¶
func (*MiddleCtx) EncryptBlock ¶
func (*MiddleCtx) SetObf ¶
initialize obfuscator for MiddleCtx MpNonce is usualu received from middleproxy upo connection CliTimestamp measured upon connection MpSecret usualy received from MiddleSecretUrl
type MpCtx ¶
type MpCtx struct {
// contains filtered or unexported fields
}
Set of block ciphers for this-middle_proxy connection
func (*MpCtx) DecryptBlocks ¶
func (*MpCtx) EncryptBlocks ¶
type ObfCtx ¶
type ObfCtx struct { // Nonce received from client Nonce Nonce // Secret from config Secret *Secret Protocol uint8 Dc int16 Random [2]byte // contains filtered or unexported fields }
Context for client-This obfuscation
func ObfCtxFromNonce ¶
Generate client-this encryption context
func (*ObfCtx) DecryptNext ¶
func (*ObfCtx) EncryptNext ¶
type Obfuscator ¶
type Obfuscator interface { // decrypt supposedly received bytes in buffer and advance decryption context DecryptNext(buf []byte) // encrypt supposedly send bytes in buffer and advance encryption context EncryptNext(buf []byte) }
Common interface that supports encryption and decryption of obfuscated messages.
type RpcNonce ¶
type RpcNonce [RpcNonceLen]byte
type Secret ¶
type Secret struct { RawSecret []byte Type SecretType Tag byte Fakehost string }
func NewSecretHex ¶
Generate secret from hex string
type SecretType ¶
type SecretType int
const ( Simple SecretType = 1 Secured SecretType = 2 FakeTLS SecretType = 3 )