协议密钥动态随机生成

gate/net/kcp_connect_manager.go

@@ -3,7 +3,6 @@ package net
 import (
 	"bytes"
 	"encoding/binary"
-	"os"
 	"strconv"
 	"sync"
 	"time"
@@ -14,11 +13,6 @@ import (
 	"hk4e/pkg/random"
 )
 
-type KcpXorKey struct {
-	encKey []byte
-	decKey []byte
-}
-
 type KcpConnectManager struct {
 	openState      bool
 	connMap        map[uint64]*kcp.UDPSession
@@ -36,10 +30,10 @@ type KcpConnectManager struct {
 	kcpSendListenMap     map[uint64]bool
 	kcpSendListenMapLock sync.RWMutex
 	// key
-	dispatchKey   []byte
-	secretKey     []byte
-	kcpKeyMap     map[uint64]*KcpXorKey
-	kcpKeyMapLock sync.RWMutex
+	dispatchKey     []byte
+	dispatchKeyLock sync.RWMutex
+	kcpKeyMap       map[uint64][]byte
+	kcpKeyMapLock   sync.RWMutex
 	// conv短时间内唯一生成
 	convGenMap     map[uint64]int64
 	convGenMapLock sync.RWMutex
@@ -57,7 +51,7 @@ func NewKcpConnectManager(protoMsgInput chan *ProtoMsg, protoMsgOutput chan *Pro
 	r.kcpRawSendChanMap = make(map[uint64]chan *ProtoMsg)
 	r.kcpRecvListenMap = make(map[uint64]bool)
 	r.kcpSendListenMap = make(map[uint64]bool)
-	r.kcpKeyMap = make(map[uint64]*KcpXorKey)
+	r.kcpKeyMap = make(map[uint64][]byte)
 	r.convGenMap = make(map[uint64]int64)
 	return r
 }
@@ -65,17 +59,7 @@ func NewKcpConnectManager(protoMsgInput chan *ProtoMsg, protoMsgOutput chan *Pro
 func (k *KcpConnectManager) Start() {
 	go func() {
 		// key
-		var err error = nil
-		k.dispatchKey, err = os.ReadFile("key/dispatchKey.bin")
-		if err != nil {
-			logger.LOG.Error("open dispatchKey.bin error")
-			return
-		}
-		k.secretKey, err = os.ReadFile("key/secretKey.bin")
-		if err != nil {
-			logger.LOG.Error("open secretKey.bin error")
-			return
-		}
+		k.dispatchKey = make([]byte, 4096)
 		// kcp
 		port := strconv.FormatInt(int64(config.CONF.Hk4e.KcpPort), 10)
 		listener, err := kcp.ListenWithOptions("0.0.0.0:"+port, nil, 0, 0)
@@ -110,10 +94,9 @@ func (k *KcpConnectManager) Start() {
 				k.connMap[convId] = conn
 				k.connMapLock.Unlock()
 				k.kcpKeyMapLock.Lock()
-				k.kcpKeyMap[convId] = &KcpXorKey{
-					encKey: k.dispatchKey,
-					decKey: k.dispatchKey,
-				}
+				k.dispatchKeyLock.RLock()
+				k.kcpKeyMap[convId] = k.dispatchKey
+				k.dispatchKeyLock.RUnlock()
 				k.kcpKeyMapLock.Unlock()
 				go k.recvHandle(convId)
 				kcpRawSendChan := make(chan *ProtoMsg, 10000)

gate/net/kcp_endecode.go

@@ -42,7 +42,7 @@ func (k *KcpConnectManager) decodeBinToPayload(data []byte, convId uint64, kcpMs
 		logger.LOG.Error("kcp xor key not exist, convId: %v", convId)
 		return
 	}
-	endec.Xor(data, xorKey.decKey)
+	endec.Xor(data, xorKey)
 	k.decodeRecur(data, convId, kcpMsgList)
 }
 
@@ -183,6 +183,6 @@ func (k *KcpConnectManager) encodePayloadToBin(kcpMsg *KcpMsg) (bin []byte) {
 		logger.LOG.Error("kcp xor key not exist, convId: %v", kcpMsg.ConvId)
 		return
 	}
-	endec.Xor(bin, xorKey.encKey)
+	endec.Xor(bin, xorKey)
 	return bin
 }

gate/net/kcp_event.go

@@ -4,6 +4,7 @@ import "hk4e/pkg/logger"
 
 const (
 	KcpXorKeyChange = iota
+	KcpDispatchKeyChange
 	KcpPacketRecvListen
 	KcpPacketSendListen
 	KcpConnForceClose
@@ -38,20 +39,24 @@ func (k *KcpConnectManager) eventHandle() {
 				logger.LOG.Error("conn not exist, convId: %v", event.ConvId)
 				continue
 			}
-			flag, ok := event.EventMessage.(string)
+			key, ok := event.EventMessage.([]byte)
 			if !ok {
 				logger.LOG.Error("event KcpXorKeyChange msg type error")
 				continue
 			}
-			if flag == "ENC" {
-				k.kcpKeyMapLock.Lock()
-				k.kcpKeyMap[event.ConvId].encKey = k.secretKey
-				k.kcpKeyMapLock.Unlock()
-			} else if flag == "DEC" {
-				k.kcpKeyMapLock.Lock()
-				k.kcpKeyMap[event.ConvId].decKey = k.secretKey
-				k.kcpKeyMapLock.Unlock()
+			k.kcpKeyMapLock.Lock()
+			k.kcpKeyMap[event.ConvId] = key
+			k.kcpKeyMapLock.Unlock()
+		case KcpDispatchKeyChange:
+			// 首包加密XOR密钥切换
+			key, ok := event.EventMessage.([]byte)
+			if !ok {
+				logger.LOG.Error("event KcpXorKeyChange msg type error")
+				continue
 			}
+			k.dispatchKeyLock.Lock()
+			k.dispatchKey = key
+			k.dispatchKeyLock.Unlock()
 		case KcpPacketRecvListen:
 			// 收包监听
 			k.connMapLock.RLock()