MetaCubeX
diff --git a/‎component/generator/cmd.go
Lines changed: 4 additions & 3 deletions b/‎component/generator/cmd.go
Lines changed: 4 additions & 3 deletions
diff --git a/‎docs/config.yaml
Lines changed: 6 additions & 6 deletions b/‎docs/config.yaml
Lines changed: 6 additions & 6 deletions
diff --git a/‎listener/inbound/vless_test.go
Lines changed: 4 additions & 4 deletions b/‎listener/inbound/vless_test.go
Lines changed: 4 additions & 4 deletions
diff --git a/‎listener/sing_vless/server.go
Lines changed: 1 addition & 9 deletions b/‎listener/sing_vless/server.go
Lines changed: 1 addition & 9 deletions
@@ -50,23 +50,24 @@ func Main(args []string) {
 		if len(args) > 1 {
 			seed = args[1]
 		}
-		seedBase64, clientBase64, hash11Base64, err := encryption.GenMLKEM768(seed)
+		seedBase64, clientBase64, hash32Base64, err := encryption.GenMLKEM768(seed)
 		if err != nil {
 			panic(err)
 		}
 		fmt.Println("Seed: " + seedBase64)
 		fmt.Println("Client: " + clientBase64)
-		fmt.Println("Hash11: " + hash11Base64)
+		fmt.Println("Hash32: " + hash32Base64)
 	case "vless-x25519":
 		var privateKey string
 		if len(args) > 1 {
 			privateKey = args[1]
 		}
-		privateKeyBase64, passwordBase64, err := encryption.GenX25519(privateKey)
+		privateKeyBase64, passwordBase64, hash32Base64, err := encryption.GenX25519(privateKey)
 		if err != nil {
 			panic(err)
 		}
 		fmt.Println("PrivateKey: " + privateKeyBase64)
 		fmt.Println("Password: " + passwordBase64)
+		fmt.Println("Hash32: " + hash32Base64)
 	}
 }
@@ -640,10 +640,10 @@ proxies: # socks5
     network: tcp
     # -------------------------
     # vless encryption客户端配置：
-    # （只使用 1-RTT 模式 / 复用八分钟后协商新的 baseKey，周期需小于服务端的值）
-    # / 是只能选一个，后面是 base64RawURLEncoding，使用 mihomo generate vless-x25519 和 mihomo generate vless-mlkem768 生成，替换值时需去掉括号
+    # （native/xorpub 的 XTLS 可以 Splice。只使用 1-RTT 模式 / 若服务端发的 ticket 中秒数不为零则 0-RTT 复用）
+    # / 是只能选一个，后面 base64 至少一个，无限串联，使用  mihomo generate vless-x25519 和 mihomo generate vless-mlkem768 生成，替换值时需去掉括号
     # -------------------------
-    encryption: "1rtt/8min.native/divide/random.mlkem768Client.(X25519 Password).(ML-KEM-768 Client)"
+    encryption: "mlkem768x25519plus.native/xorpub/random.1rtt/0rtt.(X25519 Password).(ML-KEM-768 Client)..."
     tls: false #可以不开启tls
     udp: true
 
@@ -1365,10 +1365,10 @@ listeners:
     # grpc-service-name: "GunService" # 如果不为空则开启 grpc 传输层
     # -------------------------
     # vless encryption服务端配置：
-    # （只允许 1-RTT 模式 / 同时允许 1-RTT 模式与十分钟复用的 0-RTT 模式；原生外观 / ECH 式 XOR / 全随机数）
-    # / 是只能选一个，后面是 base64RawURLEncoding，使用 mihomo generate vless-x25519 和 mihomo generate vless-mlkem768 生成，替换值时需去掉括号
+    # （原生外观 / 只 XOR 公钥 / 全随机数。只允许 1-RTT 模式 / 同时允许 1-RTT 模式与 600 秒复用的 0-RTT 模式）
+    # / 是只能选一个，后面 base64 至少一个，无限串联，使用 mihomo generate vless-x25519 和 mihomo generate vless-mlkem768 生成，替换值时需去掉括号
     # -------------------------
-    # decryption: "1rtt/10min.native/divide/random.mlkem768Seed.(X25519 PrivateKey).(ML-KEM-768 Seed)"
+    # decryption: "mlkem768x25519plus.native/xorpub/random.1rtt/600s.(X25519 PrivateKey).(ML-KEM-768 Seed)..."
     # 下面两项如果填写则开启 tls（需要同时填写）
     # certificate: ./server.crt
     # private-key: ./server.key
 
@@ -94,24 +94,24 @@ func TestInboundVless_Encryption(t *testing.T) {
 		t.Fatal(err)
 		return
 	}
-	privateKeyBase64, passwordBase64, err := encryption.GenX25519("")
+	privateKeyBase64, passwordBase64, _, err := encryption.GenX25519("")
 	if err != nil {
 		t.Fatal(err)
 		return
 	}
 	var modes = []string{
 		"native",
-		"divide",
+		"xorpub",
 		"random",
 	}
 	for i := range modes {
 		mode := modes[i]
 		t.Run(mode, func(t *testing.T) {
 			inboundOptions := inbound.VlessOption{
-				Decryption: "10min." + mode + ".mlkem768Seed." + privateKeyBase64 + "." + seedBase64,
+				Decryption: "mlkem768x25519plus." + mode + ".600s." + privateKeyBase64 + "." + seedBase64,
 			}
 			outboundOptions := outbound.VlessOption{
-				Encryption: "8min." + mode + ".mlkem768Client." + passwordBase64 + "." + clientBase64,
+				Encryption: "mlkem768x25519plus." + mode + ".0rtt." + passwordBase64 + "." + clientBase64,
 			}
 			testInboundVless(t, inboundOptions, outboundOptions)
 			t.Run("xtls-rprx-vision", func(t *testing.T) {
 
@@ -46,15 +46,7 @@ func init() {
 	})
 
 	vless.RegisterTLS(func(conn net.Conn) (loaded bool, netConn net.Conn, reflectType reflect.Type, reflectPointer unsafe.Pointer) {
-		tlsConn, loaded := network.CastReader[*encryption.ClientConn](conn)
-		if !loaded {
-			return
-		}
-		return true, tlsConn.Conn, reflect.TypeOf(tlsConn).Elem(), unsafe.Pointer(tlsConn)
-	})
-
-	vless.RegisterTLS(func(conn net.Conn) (loaded bool, netConn net.Conn, reflectType reflect.Type, reflectPointer unsafe.Pointer) {
-		tlsConn, loaded := network.CastReader[*encryption.ServerConn](conn)
+		tlsConn, loaded := network.CastReader[*encryption.CommonConn](conn)
 		if !loaded {
 			return
 		}
Original file line number	Diff line number	Diff line change
`@@ -50,23 +50,24 @@ func Main(args []string) {`
`50`	`50`	`if len(args) > 1 {`
`51`	`51`	`seed = args[1]`
`52`	`52`	`}`
`53`		`- seedBase64, clientBase64, hash11Base64, err := encryption.GenMLKEM768(seed)`
	`53`	`+ seedBase64, clientBase64, hash32Base64, err := encryption.GenMLKEM768(seed)`
`54`	`54`	`if err != nil {`
`55`	`55`	`panic(err)`
`56`	`56`	`}`
`57`	`57`	`fmt.Println("Seed: " + seedBase64)`
`58`	`58`	`fmt.Println("Client: " + clientBase64)`
`59`		`- fmt.Println("Hash11: " + hash11Base64)`
	`59`	`+ fmt.Println("Hash32: " + hash32Base64)`
`60`	`60`	`case "vless-x25519":`
`61`	`61`	`var privateKey string`
`62`	`62`	`if len(args) > 1 {`
`63`	`63`	`privateKey = args[1]`
`64`	`64`	`}`
`65`		`- privateKeyBase64, passwordBase64, err := encryption.GenX25519(privateKey)`
	`65`	`+ privateKeyBase64, passwordBase64, hash32Base64, err := encryption.GenX25519(privateKey)`
`66`	`66`	`if err != nil {`
`67`	`67`	`panic(err)`
`68`	`68`	`}`
`69`	`69`	`fmt.Println("PrivateKey: " + privateKeyBase64)`
`70`	`70`	`fmt.Println("Password: " + passwordBase64)`
	`71`	`+ fmt.Println("Hash32: " + hash32Base64)`
`71`	`72`	`}`
`72`	`73`	`}`
Original file line number	Diff line number	Diff line change
`@@ -94,24 +94,24 @@ func TestInboundVless_Encryption(t *testing.T) {`
`94`	`94`	`t.Fatal(err)`
`95`	`95`	`return`
`96`	`96`	`}`
`97`		`- privateKeyBase64, passwordBase64, err := encryption.GenX25519("")`
	`97`	`+ privateKeyBase64, passwordBase64, _, err := encryption.GenX25519("")`
`98`	`98`	`if err != nil {`
`99`	`99`	`t.Fatal(err)`
`100`	`100`	`return`
`101`	`101`	`}`
`102`	`102`	`var modes = []string{`
`103`	`103`	`"native",`
`104`		`- "divide",`
	`104`	`+ "xorpub",`
`105`	`105`	`"random",`
`106`	`106`	`}`
`107`	`107`	`for i := range modes {`
`108`	`108`	`mode := modes[i]`
`109`	`109`	`t.Run(mode, func(t *testing.T) {`
`110`	`110`	`inboundOptions := inbound.VlessOption{`
`111`		`- Decryption: "10min." + mode + ".mlkem768Seed." + privateKeyBase64 + "." + seedBase64,`
	`111`	`+ Decryption: "mlkem768x25519plus." + mode + ".600s." + privateKeyBase64 + "." + seedBase64,`
`112`	`112`	`}`
`113`	`113`	`outboundOptions := outbound.VlessOption{`
`114`		`- Encryption: "8min." + mode + ".mlkem768Client." + passwordBase64 + "." + clientBase64,`
	`114`	`+ Encryption: "mlkem768x25519plus." + mode + ".0rtt." + passwordBase64 + "." + clientBase64,`
`115`	`115`	`}`
`116`	`116`	`testInboundVless(t, inboundOptions, outboundOptions)`
`117`	`117`	`t.Run("xtls-rprx-vision", func(t *testing.T) {`