enable global padding for aead by default

2026-01-04 16:25:21 -05:00 · 2018-11-02 09:15:35 +01:00
parent 59fa890332
commit 9f48a6d017
2 changed files with 16 additions and 5 deletions
--- a/common/crypto/auth.go
+++ b/common/crypto/auth.go
@@ -2,8 +2,9 @@ package crypto

 import (
 	"crypto/cipher"
-	"crypto/rand"
 	"io"
+	"math/rand"
+	"time"

 	"v2ray.com/core/common"
 	"v2ray.com/core/common/buf"
@@ -226,16 +227,21 @@ type AuthenticationWriter struct {
 	sizeParser   ChunkSizeEncoder
 	transferType protocol.TransferType
 	padding      PaddingLengthGenerator
+	randReader   *rand.Rand
 }

 func NewAuthenticationWriter(auth Authenticator, sizeParser ChunkSizeEncoder, writer io.Writer, transferType protocol.TransferType, padding PaddingLengthGenerator) *AuthenticationWriter {
-	return &AuthenticationWriter{
+	w := &AuthenticationWriter{
 		auth:         auth,
 		writer:       buf.NewWriter(writer),
 		sizeParser:   sizeParser,
 		transferType: transferType,
-		padding:      padding,
 	}
+	if padding != nil {
+		w.padding = padding
+		w.randReader = rand.New(rand.NewSource(time.Now().Unix()))
+	}
+	return w
 }

 func (w *AuthenticationWriter) seal(b *buf.Buffer) (*buf.Buffer, error) {
@@ -263,7 +269,8 @@ func (w *AuthenticationWriter) seal(b *buf.Buffer) (*buf.Buffer, error) {
 		return nil, err
 	}
 	if paddingSize > 0 {
-		common.Must(eb.AppendSupplier(buf.ReadFullFrom(rand.Reader, int32(paddingSize))))
+		// With size of the chunk and padding length encrypted, the content of padding doesn't matter much.
+		common.Must(eb.AppendSupplier(buf.ReadFullFrom(w.randReader, int32(paddingSize))))
 	}

 	return eb, nil