deprecate table and rc4

shadowsocks · Dec 4, 2015 · 3033293 · 3033293
1 parent 8e44bc7
commit 3033293
Show file tree

Hide file tree

Showing 4 changed files with 6 additions and 149 deletions.
diff --git a/script/test.sh b/script/test.sh
@@ -101,8 +101,6 @@ test_server_local_pair() {
 
     local url
     url=http://127.0.0.1:$HTTP_PORT/README.md
-    test_shadowsocks $url table
-    test_shadowsocks $url rc4
     test_shadowsocks $url rc4-md5
     test_shadowsocks $url aes-128-cfb
     test_shadowsocks $url aes-192-cfb

diff --git a/shadowsocks/config.go b/shadowsocks/config.go
@@ -130,9 +130,6 @@ func UpdateConfig(old, new *Config) {
 			}
 		}
 	}
-	if old.Method == "table" {
-		old.Method = ""
-	}
 
 	old.Timeout = new.Timeout
 	readTimeout = time.Duration(old.Timeout) * time.Second

diff --git a/shadowsocks/encrypt.go b/shadowsocks/encrypt.go
@@ -1,7 +1,6 @@
 package shadowsocks
 
 import (
-	"bytes"
 	"crypto/aes"
 	"crypto/cipher"
 	"crypto/des"
@@ -20,8 +19,6 @@ import (
 
 var errEmptyPassword = errors.New("empty key")
 
-type tableCipher []byte
-
 func md5sum(d []byte) []byte {
 	h := md5.New()
 	h.Write(d)
@@ -48,50 +45,6 @@ func evpBytesToKey(password string, keyLen int) (key []byte) {
 	return m[:keyLen]
 }
 
-func (tbl tableCipher) XORKeyStream(dst, src []byte) {
-	for i := 0; i < len(src); i++ {
-		dst[i] = tbl[src[i]]
-	}
-}
-
-// NewTableCipher creates a new table based cipher.
-func newTableCipher(s []byte) (enc, dec tableCipher) {
-	const tbl_size = 256
-	enc = make([]byte, tbl_size)
-	dec = make([]byte, tbl_size)
-	table := make([]uint64, tbl_size)
-
-	var a uint64
-	buf := bytes.NewBuffer(s)
-	binary.Read(buf, binary.LittleEndian, &a)
-	var i uint64
-	for i = 0; i < tbl_size; i++ {
-		table[i] = i
-	}
-	for i = 1; i < 1024; i++ {
-		table = Sort(table, func(x, y uint64) int64 {
-			return int64(a%uint64(x+i) - a%uint64(y+i))
-		})
-	}
-	for i = 0; i < tbl_size; i++ {
-		enc[i] = byte(table[i])
-	}
-	for i = 0; i < tbl_size; i++ {
-		dec[enc[i]] = byte(i)
-	}
-	return enc, dec
-}
-
-func newRC4Cipher(key []byte) (enc, dec cipher.Stream, err error) {
-	rc4Enc, err := rc4.NewCipher(key)
-	if err != nil {
-		return
-	}
-	// create a copy, as RC4 encrypt and decrypt uses the same keystream
-	rc4Dec := *rc4Enc
-	return rc4Enc, &rc4Dec, nil
-}
-
 type DecOrEnc int
 
 const (
@@ -191,8 +144,6 @@ type cipherInfo struct {
 }
 
 var cipherMethod = map[string]*cipherInfo{
-	"rc4":         {16, 0, nil},
-	"table":       {16, 0, nil},
 	"aes-128-cfb": {16, 16, newAESStream},
 	"aes-192-cfb": {24, 16, newAESStream},
 	"aes-256-cfb": {32, 16, newAESStream},
@@ -206,7 +157,7 @@ var cipherMethod = map[string]*cipherInfo{
 
 func CheckCipherMethod(method string) error {
 	if method == "" {
-		method = "table"
+		method = "aes-256-cfb"
 	}
 	_, ok := cipherMethod[method]
 	if !ok {
@@ -231,9 +182,6 @@ func NewCipher(method, password string) (c *Cipher, err error) {
 	if password == "" {
 		return nil, errEmptyPassword
 	}
-	if method == "" {
-		method = "table"
-	}
 	var ota bool
 	if strings.HasSuffix(strings.ToLower(method), "-ota") {
 		method = method[:len(method) - 4] // len("-ota") = 4
@@ -250,13 +198,6 @@ func NewCipher(method, password string) (c *Cipher, err error) {
 
 	c = &Cipher{key: key, info: mi}
 
-	if mi.newStream == nil {
-		if method == "table" {
-			c.enc, c.dec = newTableCipher(key)
-		} else if method == "rc4" {
-			c.enc, c.dec, err = newRC4Cipher(key)
-		}
-	}
 	if err != nil {
 		return nil, err
 	}
@@ -312,19 +253,9 @@ func (c *Cipher) Copy() *Cipher {
 	// because the current implementation is not highly optimized, or this is
 	// the nature of the algorithm.)
 
-	switch c.enc.(type) {
-	case tableCipher:
-		return c
-	case *rc4.Cipher:
-		enc, _ := c.enc.(*rc4.Cipher)
-		encCpy := *enc
-		decCpy := *enc
-		return &Cipher{enc: &encCpy, dec: &decCpy}
-	default:
-		nc := *c
-		nc.enc = nil
-		nc.dec = nil
-		nc.ota = c.ota
-		return &nc
-	}
+	nc := *c
+	nc.enc = nil
+	nc.dec = nil
+	nc.ota = c.ota
+	return &nc
 }
diff --git a/shadowsocks/encrypt_test.go b/shadowsocks/encrypt_test.go
@@ -2,38 +2,11 @@ package shadowsocks
 
 import (
 	"crypto/rand"
-	"crypto/rc4"
 	"io"
 	"reflect"
 	"testing"
 )
 
-func TestEncrypTable1(t *testing.T) {
-	encTarget := []byte{60, 53, 84, 138, 217, 94, 88, 23, 39, 242, 219, 35, 12, 157, 165, 181, 255, 143, 83, 247, 162, 16, 31, 209, 190, 171, 115, 65, 38, 41, 21, 245, 236, 46, 121, 62, 166, 233, 44, 154, 153, 145, 230, 49, 128, 216, 173, 29, 241, 119, 64, 229, 194, 103, 131, 110, 26, 197, 218, 59, 204, 56, 27, 34, 141, 221, 149, 239, 192, 195, 24, 155, 170, 183, 11, 254, 213, 37, 137, 226, 75, 203, 55, 19, 72, 248, 22, 129, 33, 175, 178, 10, 198, 71, 77, 36, 113, 167, 48, 2, 117, 140, 142, 66, 199, 232, 243, 32, 123, 54, 51, 82, 57, 177, 87, 251, 150, 196, 133, 5, 253, 130, 8, 184, 14, 152, 231, 3, 186, 159, 76, 89, 228, 205, 156, 96, 163, 146, 18, 91, 132, 85, 80, 109, 172, 176, 105, 13, 50, 235, 127, 0, 189, 95, 98, 136, 250, 200, 108, 179, 211, 214, 106, 168, 78, 79, 74, 210, 30, 73, 201, 151, 208, 114, 101, 174, 92, 52, 120, 240, 15, 169, 220, 182, 81, 224, 43, 185, 40, 99, 180, 17, 212, 158, 42, 90, 9, 191, 45, 6, 25, 4, 222, 67, 126, 1, 116, 124, 206, 69, 61, 7, 68, 97, 202, 63, 244, 20, 28, 58, 93, 134, 104, 144, 227, 147, 102, 118, 135, 148, 47, 238, 86, 112, 122, 70, 107, 215, 100, 139, 223, 225, 164, 237, 111, 125, 207, 160, 187, 246, 234, 161, 188, 193, 249, 252}
-	decTarget := []byte{151, 205, 99, 127, 201, 119, 199, 211, 122, 196, 91, 74, 12, 147, 124, 180, 21, 191, 138, 83, 217, 30, 86, 7, 70, 200, 56, 62, 218, 47, 168, 22, 107, 88, 63, 11, 95, 77, 28, 8, 188, 29, 194, 186, 38, 198, 33, 230, 98, 43, 148, 110, 177, 1, 109, 82, 61, 112, 219, 59, 0, 210, 35, 215, 50, 27, 103, 203, 212, 209, 235, 93, 84, 169, 166, 80, 130, 94, 164, 165, 142, 184, 111, 18, 2, 141, 232, 114, 6, 131, 195, 139, 176, 220, 5, 153, 135, 213, 154, 189, 238, 174, 226, 53, 222, 146, 162, 236, 158, 143, 55, 244, 233, 96, 173, 26, 206, 100, 227, 49, 178, 34, 234, 108, 207, 245, 204, 150, 44, 87, 121, 54, 140, 118, 221, 228, 155, 78, 3, 239, 101, 64, 102, 17, 223, 41, 137, 225, 229, 66, 116, 171, 125, 40, 39, 71, 134, 13, 193, 129, 247, 251, 20, 136, 242, 14, 36, 97, 163, 181, 72, 25, 144, 46, 175, 89, 145, 113, 90, 159, 190, 15, 183, 73, 123, 187, 128, 248, 252, 152, 24, 197, 68, 253, 52, 69, 117, 57, 92, 104, 157, 170, 214, 81, 60, 133, 208, 246, 172, 23, 167, 160, 192, 76, 161, 237, 45, 4, 58, 10, 182, 65, 202, 240, 185, 241, 79, 224, 132, 51, 42, 126, 105, 37, 250, 149, 32, 243, 231, 67, 179, 48, 9, 106, 216, 31, 249, 19, 85, 254, 156, 115, 255, 120, 75, 16}
-	key := evpBytesToKey("foobar!", 16)
-	enc, dec := newTableCipher(key)
-	if !reflect.DeepEqual([]byte(enc), encTarget) {
-		t.Error("Password foobar encrypt table wrong")
-	}
-	if !reflect.DeepEqual([]byte(dec), decTarget) {
-		t.Error("Password foobar decrypt table wrong")
-	}
-}
-
-func TestEncryptTable2(t *testing.T) {
-	encTarget := []byte{124, 30, 170, 247, 27, 127, 224, 59, 13, 22, 196, 76, 72, 154, 32, 209, 4, 2, 131, 62, 101, 51, 230, 9, 166, 11, 99, 80, 208, 112, 36, 248, 81, 102, 130, 88, 218, 38, 168, 15, 241, 228, 167, 117, 158, 41, 10, 180, 194, 50, 204, 243, 246, 251, 29, 198, 219, 210, 195, 21, 54, 91, 203, 221, 70, 57, 183, 17, 147, 49, 133, 65, 77, 55, 202, 122, 162, 169, 188, 200, 190, 125, 63, 244, 96, 31, 107, 106, 74, 143, 116, 148, 78, 46, 1, 137, 150, 110, 181, 56, 95, 139, 58, 3, 231, 66, 165, 142, 242, 43, 192, 157, 89, 175, 109, 220, 128, 0, 178, 42, 255, 20, 214, 185, 83, 160, 253, 7, 23, 92, 111, 153, 26, 226, 33, 176, 144, 18, 216, 212, 28, 151, 71, 206, 222, 182, 8, 174, 205, 201, 152, 240, 155, 108, 223, 104, 239, 98, 164, 211, 184, 34, 193, 14, 114, 187, 40, 254, 12, 67, 93, 217, 6, 94, 16, 19, 82, 86, 245, 24, 197, 134, 132, 138, 229, 121, 5, 235, 238, 85, 47, 103, 113, 179, 69, 250, 45, 135, 156, 25, 61, 75, 44, 146, 189, 84, 207, 172, 119, 53, 123, 186, 120, 171, 68, 227, 145, 136, 100, 90, 48, 79, 159, 149, 39, 213, 236, 126, 52, 60, 225, 199, 105, 73, 233, 252, 118, 215, 35, 115, 64, 37, 97, 129, 161, 177, 87, 237, 141, 173, 191, 163, 140, 234, 232, 249}
-	decTarget := []byte{117, 94, 17, 103, 16, 186, 172, 127, 146, 23, 46, 25, 168, 8, 163, 39, 174, 67, 137, 175, 121, 59, 9, 128, 179, 199, 132, 4, 140, 54, 1, 85, 14, 134, 161, 238, 30, 241, 37, 224, 166, 45, 119, 109, 202, 196, 93, 190, 220, 69, 49, 21, 228, 209, 60, 73, 99, 65, 102, 7, 229, 200, 19, 82, 240, 71, 105, 169, 214, 194, 64, 142, 12, 233, 88, 201, 11, 72, 92, 221, 27, 32, 176, 124, 205, 189, 177, 246, 35, 112, 219, 61, 129, 170, 173, 100, 84, 242, 157, 26, 218, 20, 33, 191, 155, 232, 87, 86, 153, 114, 97, 130, 29, 192, 164, 239, 90, 43, 236, 208, 212, 185, 75, 210, 0, 81, 227, 5, 116, 243, 34, 18, 182, 70, 181, 197, 217, 95, 183, 101, 252, 248, 107, 89, 136, 216, 203, 68, 91, 223, 96, 141, 150, 131, 13, 152, 198, 111, 44, 222, 125, 244, 76, 251, 158, 106, 24, 42, 38, 77, 2, 213, 207, 249, 147, 113, 135, 245, 118, 193, 47, 98, 145, 66, 160, 123, 211, 165, 78, 204, 80, 250, 110, 162, 48, 58, 10, 180, 55, 231, 79, 149, 74, 62, 50, 148, 143, 206, 28, 15, 57, 159, 139, 225, 122, 237, 138, 171, 36, 56, 115, 63, 144, 154, 6, 230, 133, 215, 41, 184, 22, 104, 254, 234, 253, 187, 226, 247, 188, 156, 151, 40, 108, 51, 83, 178, 52, 3, 31, 255, 195, 53, 235, 126, 167, 120}
-	key := evpBytesToKey("barfoo!", 16)
-	enc, dec := newTableCipher(key)
-	if !reflect.DeepEqual([]byte(enc), encTarget) {
-		t.Error("Password barfoo! encrypt table wrong")
-	}
-	if !reflect.DeepEqual([]byte(dec), decTarget) {
-		t.Error("Password barfoo! decrypt table wrong")
-	}
-}
-
 const text = "Don't tell me the moon is shining; show me the glint of light on broken glass."
 
 func testCiphter(t *testing.T, c *Cipher, msg string) {
@@ -49,41 +22,6 @@ func testCiphter(t *testing.T, c *Cipher, msg string) {
 	}
 }
 
-func TestTableCipher(t *testing.T) {
-	cipher, err := NewCipher("", "OpenSesame!")
-	if err != nil {
-		t.Fatal("Should not get error generating table cipher")
-	}
-	if _, ok := cipher.enc.(tableCipher); !ok {
-		t.Error("Should get table cipher")
-	} else {
-		testCiphter(t, cipher, "TableCipher")
-	}
-}
-
-func TestRC4Cipher(t *testing.T) {
-	cipher, err := NewCipher("no-such-method", "foobar")
-	if err == nil {
-		t.Error("Should return error for unsupported encryption method")
-	}
-
-	cipher, err = NewCipher("rc4", "")
-	if err == nil {
-		t.Error("Should get error for empty key creating rc4 cipher")
-	}
-	cipher, err = NewCipher("rc4", "Alibaba")
-	ciphercopy := cipher.Copy()
-	if err != nil {
-		t.Error("Should not error creating rc4 cipher with key Alibaba")
-	}
-	if _, ok := cipher.enc.(*rc4.Cipher); !ok {
-		t.Error("Should get rc4 cipher")
-	} else {
-		testCiphter(t, cipher, "RC4Cipher")
-		testCiphter(t, ciphercopy, "RC4Cipher copy")
-	}
-}
-
 func TestEvpBytesToKey(t *testing.T) {
 	// key, iv := evpBytesToKey("foobar", 32, 16)
 	key := evpBytesToKey("foobar", 32)
@@ -161,13 +99,6 @@ func init() {
 	io.ReadFull(rand.Reader, cipherIv)
 }
 
-func BenchmarkRC4Init(b *testing.B) {
-	key := cipherKey[:16]
-	for i := 0; i < b.N; i++ {
-		rc4.NewCipher(key)
-	}
-}
-
 func benchmarkCipherInit(b *testing.B, method string) {
 	ci := cipherMethod[method]
 	key := cipherKey[:ci.keyLen]