Merge branch 'feat/chacha20'

Cargo.toml

@@ -22,6 +22,7 @@ tabled = "0.15"
 thiserror = "1"
 tokio = "1"
 tokio-util = "0.7"
+tokio_chacha20 = { git = "https://github.com/Banyc/tokio_chacha20.git", rev = "3e8835dc6143c1c5ecd664d5af3d6fa8229cf4e3" }
 tokio_kcp = "0.9"
 tracing = "0.1"
 tracing-subscriber = "0.3"

access_server/Cargo.toml

@@ -16,6 +16,7 @@ proxy_client = { path = "../proxy_client" }
 serde = { workspace = true, features = ["derive"] }
 thiserror = { workspace = true }
 tokio = { workspace = true, features = ["full"] }
+tokio_chacha20 = { workspace = true }
 tokio-util = { workspace = true }
 tracing = { workspace = true }
 tracing-subscriber = { workspace = true }

access_server/src/socks5/server/tcp.rs

@@ -4,7 +4,6 @@ use async_speed_limit::Limiter;
 use common::{
     addr::{InternetAddr, InternetAddrStr},
     config::SharableConfig,
-    crypto::XorCrypto,
     filter::{self, Filter, FilterBuilder},
     loading::{self, Hook},
     stream::{
@@ -552,7 +551,8 @@ impl Socks5ServerTcpAccess {
     async fn establish_proxy_chain(
         &self,
         destination: InternetAddr,
-    ) -> Result<(CreatedStreamAndAddr, Option<XorCrypto>), StreamEstablishError> {
+    ) -> Result<(CreatedStreamAndAddr, Option<tokio_chacha20::config::Config>), StreamEstablishError>
+    {
         let proxy_chain = self.proxy_table.choose_chain();
         let res = proxy_client::stream::establish(
             &proxy_chain.chain,
@@ -584,7 +584,7 @@ pub enum EstablishResult<S> {
         destination: InternetAddr,
         downstream: S,
         upstream: CreatedStreamAndAddr,
-        payload_crypto: Option<XorCrypto>,
+        payload_crypto: Option<tokio_chacha20::config::Config>,
     },
 }
 
@@ -601,7 +601,7 @@ enum RequestResult {
     Proxy {
         destination: InternetAddr,
         upstream: CreatedStreamAndAddr,
-        payload_crypto: Option<XorCrypto>,
+        payload_crypto: Option<tokio_chacha20::config::Config>,
     },
 }
 

access_server/src/stream/streams/http_tunnel/mod.rs

@@ -19,7 +19,6 @@ use common::{
         io_copy::{CopyBidirectional, DEAD_SESSION_RETENTION_DURATION},
         proxy_table::StreamProxyTable,
         session_table::{Session, StreamSessionTable},
-        xor::XorStream,
         IoAddr, IoStream, SimplifiedStreamMetrics, SimplifiedStreamProxyMetrics, StreamServerHook,
     },
 };
@@ -251,9 +250,11 @@ impl HttpAccess {
         let res = match &proxy_chain.payload_crypto {
             Some(crypto) => {
                 // Establish encrypted stream
-                let xor_stream = XorStream::upgrade(upstream.stream, crypto);
+                let (r, w) = tokio::io::split(upstream.stream);
+                let upstream =
+                    tokio_chacha20::stream::WholeStream::from_key_halves(*crypto.key(), r, w);
 
-                tls_http(xor_stream, req, session_guard).await
+                tls_http(upstream, req, session_guard).await
             }
             None => tls_http(upstream.stream, req, session_guard).await,
         };

common/Cargo.toml

@@ -32,6 +32,7 @@ thiserror = { workspace = true }
 tokio = { workspace = true, features = ["full"] }
 tokio-io-timeout = "1"
 tokio-util = { workspace = true }
+tokio_chacha20 = { workspace = true }
 tokio_kcp = { workspace = true }
 tracing = { workspace = true }