Skip to content

Commit

Permalink
Fix incorrect IV usage which slightly reduced security
Browse files Browse the repository at this point in the history
  • Loading branch information
xiaokangwang committed Sep 12, 2020
1 parent 8661477 commit e2e2661
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 2 deletions.
2 changes: 1 addition & 1 deletion proxy/vmess/encoding/client.go
Original file line number Diff line number Diff line change
Expand Up @@ -71,7 +71,7 @@ func NewClientSession(idHash protocol.IDHash, ctx context.Context) *ClientSessio
} else {
BodyKey := sha256.Sum256(session.requestBodyKey[:])
copy(session.responseBodyKey[:], BodyKey[:16])
BodyIV := sha256.Sum256(session.requestBodyKey[:])
BodyIV := sha256.Sum256(session.requestBodyIV[:])
copy(session.responseBodyIV[:], BodyIV[:16])
}

Expand Down
2 changes: 1 addition & 1 deletion proxy/vmess/encoding/server.go
Original file line number Diff line number Diff line change
Expand Up @@ -374,7 +374,7 @@ func (s *ServerSession) EncodeResponseHeader(header *protocol.ResponseHeader, wr
} else {
BodyKey := sha256.Sum256(s.requestBodyKey[:])
copy(s.responseBodyKey[:], BodyKey[:16])
BodyIV := sha256.Sum256(s.requestBodyKey[:])
BodyIV := sha256.Sum256(s.requestBodyIV[:])
copy(s.responseBodyIV[:], BodyIV[:16])
}

Expand Down

0 comments on commit e2e2661

Please sign in to comment.