Skip to content

fix(deps): update rust crate aes to 0.9 #2107

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
renovate wants to merge 3 commits into
base: master
Choose a base branch
from
+109 βˆ’35
Open

fix(deps): update rust crate aes to 0.9 #2107

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
f02e277
fix(deps): update rust crate aes to 0.9
renovate[bot] Apr 26, 2026
2609729
feat: compat cipher 0.5
zonyitoo Apr 26, 2026
060e718
fix: replaced deprecated from_slice
zonyitoo Apr 27, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
94 changes: 74 additions & 20 deletions Cargo.lock
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion crates/shadowsocks/Cargo.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -90,7 +90,7 @@ hickory-resolver = { version = "0.25", optional = true }
arc-swap = { version = "1.7", optional = true }
notify = { version = "8.0", optional = true }

aes = { version = "0.8", optional = true }
aes = { version = "0.9", optional = true }
blake3 = "1.5"
shadowsocks-crypto = { version = "0.6.0", default-features = false }

Expand Down
18 changes: 13 additions & 5 deletions crates/shadowsocks/src/relay/tcprelay/aead_2022.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -55,7 +55,7 @@ use std::{

use aes::{
Aes128, Aes256, Block,
cipher::{BlockDecrypt, BlockEncrypt, KeyInit},
cipher::{BlockCipherDecrypt, BlockCipherEncrypt, KeyInit},
};
use byte_string::ByteStr;
use bytes::{Buf, BufMut, Bytes, BytesMut};
Expand Down Expand Up @@ -315,11 +315,17 @@ impl DecryptedReader {
match self.method {
CipherKind::AEAD2022_BLAKE3_AES_128_GCM => {
let cipher = Aes128::new_from_slice(&identity_sub_key[0..16]).expect("AES-128");
cipher.decrypt_block_b2b(Block::from_slice(eih), &mut user_hash);
cipher.decrypt_block_b2b(
<&Block as TryFrom<&[u8]>>::try_from(eih).expect("EIH key length mismatch"),
&mut user_hash,
);
}
CipherKind::AEAD2022_BLAKE3_AES_256_GCM => {
let cipher = Aes256::new_from_slice(&identity_sub_key[0..32]).expect("AES-256");
cipher.decrypt_block_b2b(Block::from_slice(eih), &mut user_hash);
cipher.decrypt_block_b2b(
<&Block as TryFrom<&[u8]>>::try_from(eih).expect("EIH key length mismatch"),
&mut user_hash,
);
}
_ => unreachable!("{} doesn't support EIH", self.method),
}
Expand Down Expand Up @@ -560,7 +566,8 @@ impl EncryptedWriter {
let enc_key = &sub_key[0..16];
let cipher = Aes128::new_from_slice(enc_key).expect("AES-128");

let ipsk_plain_text = Block::from_slice(ipsk_plain_text);
let ipsk_plain_text =
<&Block as TryFrom<&[u8]>>::try_from(ipsk_plain_text).expect("ipsk length mismatch");
let mut block = Block::from([0u8; 16]);
cipher.encrypt_block_b2b(ipsk_plain_text, &mut block);

Expand All @@ -575,7 +582,8 @@ impl EncryptedWriter {
let enc_key = &sub_key[0..32];
let cipher = Aes256::new_from_slice(enc_key).expect("AES-256");

let ipsk_plain_text = Block::from_slice(ipsk_plain_text);
let ipsk_plain_text =
<&Block as TryFrom<&[u8]>>::try_from(ipsk_plain_text).expect("ipsk length mismatch");
let mut block = Block::from([0u8; 16]);
cipher.encrypt_block_b2b(ipsk_plain_text, &mut block);

Expand Down
30 changes: 21 additions & 9 deletions crates/shadowsocks/src/relay/udprelay/aead_2022.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -58,7 +58,7 @@ use std::{

use aes::{
Aes128, Aes256, Block,
cipher::{BlockDecrypt, BlockEncrypt, KeyInit},
cipher::{BlockCipherDecrypt, BlockCipherEncrypt, KeyInit},
};
use byte_string::ByteStr;
use bytes::{Buf, BufMut, Bytes, BytesMut};
Expand Down Expand Up @@ -225,12 +225,14 @@ fn encrypt_message(
match method {
CipherKind::AEAD2022_BLAKE3_AES_128_GCM => {
let cipher = Aes128::new_from_slice(ipsk).expect("AES-128 init");
let block = Block::from_mut_slice(packet_header);
let block = <&mut Block as TryFrom<&mut [u8]>>::try_from(packet_header)
.expect("Packet header length mismatch");
cipher.encrypt_block(block);
}
CipherKind::AEAD2022_BLAKE3_AES_256_GCM => {
let cipher = Aes256::new_from_slice(ipsk).expect("AES-256 init");
let block = Block::from_mut_slice(packet_header);
let block = <&mut Block as TryFrom<&mut [u8]>>::try_from(packet_header)
.expect("Packet header length mismatch");
cipher.encrypt_block(block);
}
_ => unreachable!("{} is not an AES-*-GCM cipher", method),
Expand Down Expand Up @@ -305,12 +307,14 @@ fn decrypt_message(
match method {
CipherKind::AEAD2022_BLAKE3_AES_128_GCM => {
let cipher = Aes128::new_from_slice(key).expect("AES-128 init");
let block = Block::from_mut_slice(packet_header);
let block = <&mut Block as TryFrom<&mut [u8]>>::try_from(packet_header)
.expect("Packet header length mismatch");
cipher.decrypt_block(block);
}
CipherKind::AEAD2022_BLAKE3_AES_256_GCM => {
let cipher = Aes256::new_from_slice(key).expect("AES-256 init");
let block = Block::from_mut_slice(packet_header);
let block = <&mut Block as TryFrom<&mut [u8]>>::try_from(packet_header)
.expect("Packet header length mismatch");
cipher.decrypt_block(block);
}
_ => unreachable!("{} is not an AES-*-GCM cipher", method),
Expand Down Expand Up @@ -343,11 +347,15 @@ fn decrypt_message(
match method {
CipherKind::AEAD2022_BLAKE3_AES_128_GCM => {
let cipher = Aes128::new_from_slice(key).expect("AES-128 init");
cipher.decrypt_block(Block::from_mut_slice(eih));
cipher.decrypt_block(
<&mut Block as TryFrom<&mut [u8]>>::try_from(eih).expect("EIH key length mismatch"),
);
}
CipherKind::AEAD2022_BLAKE3_AES_256_GCM => {
let cipher = Aes256::new_from_slice(key).expect("AES-256 init");
cipher.decrypt_block(Block::from_mut_slice(eih))
cipher.decrypt_block(
<&mut Block as TryFrom<&mut [u8]>>::try_from(eih).expect("EIH key length mismatch"),
)
}
_ => unreachable!("{} doesn't support EIH", method),
}
Expand Down Expand Up @@ -466,11 +474,15 @@ pub fn encrypt_client_payload_aead_2022(
match method {
CipherKind::AEAD2022_BLAKE3_AES_128_GCM => {
let cipher = Aes128::new_from_slice(ipsk).expect("AES-128 init");
cipher.encrypt_block(Block::from_mut_slice(identity_header));
cipher.encrypt_block(
<&mut Block as TryFrom<&mut [u8]>>::try_from(identity_header).expect("EIH key length mismatch"),
);
}
CipherKind::AEAD2022_BLAKE3_AES_256_GCM => {
let cipher = Aes256::new_from_slice(ipsk).expect("AES-256 init");
cipher.encrypt_block(Block::from_mut_slice(identity_header));
cipher.encrypt_block(
<&mut Block as TryFrom<&mut [u8]>>::try_from(identity_header).expect("EIH key length mismatch"),
);
}
_ => unreachable!("{} doesn't support EIH", method),
}
Expand Down
Loading