mirrors/XTLS_REALITY
0
0
Fork 0
mirror of https://github.com/XTLS/REALITY.git synced 2025-08-22 14:38:35 +00:00
Code

REALITY protocol: Remove ChaCha20-Poly1305 support for REALITY's session id auth

Browse Source 
https://github.com/XTLS/Xray-core/pull/3813#issuecomment-2885686468

https://github.com/XTLS/REALITY/pull/4#issuecomment-2885815235

Reverts e07c3b04b9
This commit is contained in:
RPRX 2025-05-16 07:07:13 +00:00 committed by GitHub
parent 514f8647ea
commit 4df2ec9a5b
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 2 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
tls.go
View File

@ -30,7 +30,6 @@ import (
"bytes" "bytes"
"context" "context"
"crypto" "crypto"
"crypto/cipher"
"crypto/ecdsa" "crypto/ecdsa"
"crypto/ed25519" "crypto/ed25519"
"crypto/mlkem" "crypto/mlkem"
@ -50,7 +49,6 @@ import (
"time" "time"
"github.com/pires/go-proxyproto" "github.com/pires/go-proxyproto"
"golang.org/x/crypto/chacha20poly1305"
"golang.org/x/crypto/curve25519" "golang.org/x/crypto/curve25519"
"golang.org/x/crypto/hkdf" "golang.org/x/crypto/hkdf"
@ -190,13 +188,8 @@ func Server(ctx context.Context, conn net.Conn, config *Config) (*Conn, error) {
if _, err = hkdf.New(sha256.New, hs.c.AuthKey, hs.clientHello.random[:20], []byte("REALITY")).Read(hs.c.AuthKey); err != nil { if _, err = hkdf.New(sha256.New, hs.c.AuthKey, hs.clientHello.random[:20], []byte("REALITY")).Read(hs.c.AuthKey); err != nil {
break break
} }
var aead cipher.AEAD block, _ := fipsaes.New(hs.c.AuthKey)
if isAESGCMPreferred(hs.clientHello.cipherSuites) { aead, _ := gcm.NewGCMForTLS13(block)
block, _ := fipsaes.New(hs.c.AuthKey)
aead, _ = gcm.NewGCMForTLS13(block)
} else {
aead, _ = chacha20poly1305.New(hs.c.AuthKey)
}
if config.Show { if config.Show {
fmt.Printf("REALITY remoteAddr: %v\ths.c.AuthKey[:16]: %v\tAEAD: %T\n", remoteAddr, hs.c.AuthKey[:16], aead) fmt.Printf("REALITY remoteAddr: %v\ths.c.AuthKey[:16]: %v\tAEAD: %T\n", remoteAddr, hs.c.AuthKey[:16], aead)
} }