Fix 2022 cipher password handling

2026-05-22 20:02:37 +08:00 · 2026-05-22 20:02:37 +08:00 · 7189f4b227
commit 7189f4b227
parent b7f7607a07
1 changed files with 57 additions and 1 deletions
--- a/shadowsocks-all-mihomo.sh
+++ b/shadowsocks-all-mihomo.sh
@ -151,6 +151,42 @@ is_valid_port() {
    return 0
 }

+is_2022_cipher() {
+    [[ "$1" == 2022-* ]]
+}
+
+get_2022_key_size() {
+    case "$1" in
+        2022-blake3-aes-128-gcm)
+            echo 16
+            ;;
+        2022-blake3-aes-256-gcm|2022-blake3-chacha20-poly1305)
+            echo 32
+            ;;
+        *)
+            echo 0
+            ;;
+    esac
+}
+
+generate_2022_key() {
+    local key_size="$1"
+    if command -v openssl > /dev/null 2>&1; then
+        openssl rand -base64 "${key_size}"
+    else
+        head -c "${key_size}" /dev/urandom | base64 -w0
+        echo
+    fi
+}
+
+is_valid_2022_key() {
+    local key="$1"
+    local key_size="$2"
+    local decoded_size
+    decoded_size=$(printf '%s' "${key}" | base64 -d 2> /dev/null | wc -c | tr -d ' ')
+    [ "${decoded_size}" = "${key_size}" ]
+}
+
 install_check(){
    if check_sys packageManager dnf || check_sys packageManager apt; then
        return 0
@ -191,6 +227,26 @@ install_select(){
 }

 install_prepare_password(){
+    if is_2022_cipher "${shadowsockscipher}"; then
+        local key_size default_key
+        key_size=$(get_2022_key_size "${shadowsockscipher}")
+        default_key=$(generate_2022_key "${key_size}")
+        while true
+        do
+        echo "Please enter base64 key for ${shadowsockscipher}"
+        read -r -p "(Default key: ${default_key}):" shadowsockspwd
+        [ -z "${shadowsockspwd}" ] && shadowsockspwd="${default_key}"
+        if is_valid_2022_key "${shadowsockspwd}" "${key_size}"; then
+            echo
+            echo "password = ${shadowsockspwd}"
+            echo
+            break
+        fi
+        echo -e "[${red}Error${plain}] ${shadowsockscipher} requires a base64 key decoded to ${key_size} bytes"
+        done
+        return 0
+    fi
+
    echo "Please enter password for ${software[${selected}-1]}"
    read -r -p '(Default password: teddysun.com):' shadowsockspwd
    [ -z "${shadowsockspwd}" ] && shadowsockspwd='teddysun.com'
@ -306,9 +362,9 @@ install_prepare_plugin_options(){
 }

 install_prepare(){
-    install_prepare_password
    install_prepare_port
    install_prepare_cipher
+    install_prepare_password
    install_prepare_plugin

    echo