Telethon/telethon/network/connection/tcpobfuscated.py

import os

from .tcpabridged import AbridgedPacketCodec
from .connection import ObfuscatedConnection

from ...crypto import AESModeCTR


class ObfuscatedIO:
    header = None

    def __init__(self, connection):
        self._reader = connection._reader
        self._writer = connection._writer

        (self.header,
         self._encrypt,
         self._decrypt) = self.init_header(connection.packet_codec)

    @staticmethod
    def init_header(packet_codec):
        # Obfuscated messages secrets cannot start with any of these
        keywords = (b'PVrG', b'GET ', b'POST', b'\xee\xee\xee\xee')
        while True:
            random = os.urandom(64)
            if (random[0] != 0xef and
                    random[:4] not in keywords and
                    random[4:8] != b'\0\0\0\0'):
                break

        random = bytearray(random)
        random_reversed = random[55:7:-1]  # Reversed (8, len=48)

        # Encryption has "continuous buffer" enabled
        encrypt_key = bytes(random[8:40])
        encrypt_iv = bytes(random[40:56])
        decrypt_key = bytes(random_reversed[:32])
        decrypt_iv = bytes(random_reversed[32:48])

        encryptor = AESModeCTR(encrypt_key, encrypt_iv)
        decryptor = AESModeCTR(decrypt_key, decrypt_iv)

        random[56:60] = packet_codec.obfuscate_tag
        random[56:64] = encryptor.encrypt(bytes(random))[56:64]
        return (random, encryptor, decryptor)

    async def readexactly(self, n):
        return self._decrypt.encrypt(await self._reader.readexactly(n))

    def write(self, data):
        self._writer.write(self._encrypt.encrypt(data))


class ConnectionTcpObfuscated(ObfuscatedConnection):
    """
    Mode that Telegram defines as "obfuscated2". Encodes the packet
    just like `ConnectionTcpAbridged`, but encrypts every message with
    a randomly generated key using the AES-CTR mode so the packets are
    harder to discern.
    """
    obfuscated_io = ObfuscatedIO
    packet_codec = AbridgedPacketCodec
Make the Connection a proper ABC (#509) 2018-05-10 15:22:19 +03:00			`import os`

Rework class hierarchy, try to DRY more 2019-03-12 03:12:55 +03:00			`from .tcpabridged import AbridgedPacketCodec`
			`from .connection import ObfuscatedConnection`
Implement different mtproto proxy protocols; refactor obfuscated2 2019-03-10 03:00:11 +03:00
Make the Connection a proper ABC (#509) 2018-05-10 15:22:19 +03:00			`from ...crypto import AESModeCTR`


Implement different mtproto proxy protocols; refactor obfuscated2 2019-03-10 03:00:11 +03:00			`class ObfuscatedIO:`
			`header = None`

Rework class hierarchy, try to DRY more 2019-03-12 03:12:55 +03:00			`def __init__(self, connection):`
			`self._reader = connection._reader`
			`self._writer = connection._writer`

			`(self.header,`
			`self._encrypt,`
			`self._decrypt) = self.init_header(connection.packet_codec)`

Apply several lints 2019-05-03 14:59:17 +03:00			`@staticmethod`
			`def init_header(packet_codec):`
Make the Connection a proper ABC (#509) 2018-05-10 15:22:19 +03:00			`# Obfuscated messages secrets cannot start with any of these`
Let all connection modes implement the new Connection 2018-09-27 20:22:35 +03:00			`keywords = (b'PVrG', b'GET ', b'POST', b'\xee\xee\xee\xee')`
Make the Connection a proper ABC (#509) 2018-05-10 15:22:19 +03:00			`while True:`
			`random = os.urandom(64)`
Fix incorrect check for reserved data prefix in ConnectionTcpObfuscated 2019-02-10 22:47:09 +03:00			`if (random[0] != 0xef and`
Make the Connection a proper ABC (#509) 2018-05-10 15:22:19 +03:00			`random[:4] not in keywords and`
Fix several typos (#1328) 2019-11-10 13:29:43 +03:00			`random[4:8] != b'\0\0\0\0'):`
Make the Connection a proper ABC (#509) 2018-05-10 15:22:19 +03:00			`break`

Let all connection modes implement the new Connection 2018-09-27 20:22:35 +03:00			`random = bytearray(random)`
Make the Connection a proper ABC (#509) 2018-05-10 15:22:19 +03:00			`random_reversed = random[55:7:-1] # Reversed (8, len=48)`

Let all connection modes implement the new Connection 2018-09-27 20:22:35 +03:00			`# Encryption has "continuous buffer" enabled`
Implement different mtproto proxy protocols; refactor obfuscated2 2019-03-10 03:00:11 +03:00			`encrypt_key = bytes(random[8:40])`
Make the Connection a proper ABC (#509) 2018-05-10 15:22:19 +03:00			`encrypt_iv = bytes(random[40:56])`
Implement different mtproto proxy protocols; refactor obfuscated2 2019-03-10 03:00:11 +03:00			`decrypt_key = bytes(random_reversed[:32])`
Make the Connection a proper ABC (#509) 2018-05-10 15:22:19 +03:00			`decrypt_iv = bytes(random_reversed[32:48])`

Rework class hierarchy, try to DRY more 2019-03-12 03:12:55 +03:00			`encryptor = AESModeCTR(encrypt_key, encrypt_iv)`
			`decryptor = AESModeCTR(decrypt_key, decrypt_iv)`
Fix incorrect sending of DC id when connecting to MTProxy 2019-02-12 14:17:08 +03:00
Rework class hierarchy, try to DRY more 2019-03-12 03:12:55 +03:00			`random[56:60] = packet_codec.obfuscate_tag`
			`random[56:64] = encryptor.encrypt(bytes(random))[56:64]`
			`return (random, encryptor, decryptor)`
Initial implementation of MTProxy support (#1107) 2019-02-11 02:16:46 +03:00
Implement different mtproto proxy protocols; refactor obfuscated2 2019-03-10 03:00:11 +03:00			`async def readexactly(self, n):`
Rework class hierarchy, try to DRY more 2019-03-12 03:12:55 +03:00			`return self._decrypt.encrypt(await self._reader.readexactly(n))`
Initial implementation of MTProxy support (#1107) 2019-02-11 02:16:46 +03:00
Implement different mtproto proxy protocols; refactor obfuscated2 2019-03-10 03:00:11 +03:00			`def write(self, data):`
Rework class hierarchy, try to DRY more 2019-03-12 03:12:55 +03:00			`self._writer.write(self._encrypt.encrypt(data))`


			`class ConnectionTcpObfuscated(ObfuscatedConnection):`
			`"""`
			`Mode that Telegram defines as "obfuscated2". Encodes the packet`
			just like `ConnectionTcpAbridged`, but encrypts every message with
			`a randomly generated key using the AES-CTR mode so the packets are`
			`harder to discern.`
			`"""`
			`obfuscated_io = ObfuscatedIO`
			`packet_codec = AbridgedPacketCodec`