kdxcxs
/
n2n
mirror of https://github.com/ntop/n2n.git
1
0
Fork 0
Code Issues Releases Wiki Activity
Browse Source

Merge pull request #422 from Logan007/remOpenSsl10 

dropped openssl 1.0 support
pull/424/head
Luca Deri 4 years ago
committed by GitHub
parent
7208ee1c66 647ab85d46
commit
4026564151
No known key found for this signature in database GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 5 additions and 93 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 9
      configure.seed
  2. 11
      include/aes.h
  3. 2
      include/n2n.h
  4. 76
      src/aes.c

9
configure.seed
View File

@ -38,23 +38,18 @@ AC_ARG_WITH([openssl],
[], [],
[with_openssl=no]) [with_openssl=no])
if test "x$with_openssl" != xno; then if test "x$with_openssl" != xno; then
AC_CHECK_LIB([crypto], [AES_cbc_encrypt])
if test "x$ac_cv_lib_crypto_AES_cbc_encrypt" != xyes; then
AC_MSG_RESULT(OpenSSL not present)
else
AC_DEFINE([HAVE_OPENSSL_1_0], [], [OpenSSL 1.0 is present])
N2N_LIBS="-lcrypto ${N2N_LIBS}"
fi
OLD_CFLAGS="${CFLAGS}" OLD_CFLAGS="${CFLAGS}"
OLD_LDFLAGS="${LDFLAGS}" OLD_LDFLAGS="${LDFLAGS}"
CFLAGS="${CFLAGS} -I/usr/local/opt/openssl@1.1/include" CFLAGS="${CFLAGS} -I/usr/local/opt/openssl@1.1/include"
LDFLAGS="${LDFLAGS} -L/usr/local/opt/openssl@1.1/lib/" LDFLAGS="${LDFLAGS} -L/usr/local/opt/openssl@1.1/lib/"
AC_CHECK_LIB([crypto], [EVP_CIPHER_CTX_reset]) AC_CHECK_LIB([crypto], [EVP_CIPHER_CTX_reset])
if test "x$ac_cv_lib_crypto_EVP_CIPHER_CTX_reset" != xyes; then if test "x$ac_cv_lib_crypto_EVP_CIPHER_CTX_reset" != xyes; then
AC_MSG_RESULT(OpenSSL 1.1 not present)
CFLAGS="${OLD_CFLAGS}" CFLAGS="${OLD_CFLAGS}"
LDFLAGS="${OLD_LDFLAGS}" LDFLAGS="${OLD_LDFLAGS}"
else else
AC_DEFINE([HAVE_OPENSSL_1_1], [], [OpenSSL 1.1 is present]) AC_DEFINE([HAVE_OPENSSL_1_1], [], [OpenSSL 1.1 is present])
N2N_LIBS="-lcrypto ${N2N_LIBS}"
fi fi
fi fi

11
include/aes.h
View File

@ -17,7 +17,7 @@
*/ */
#include "n2n.h" // HAVE_OPENSSL_1_1, HAVE_OPENSSL_1_0, traceEvent ... #include "n2n.h" // HAVE_OPENSSL_1_1, traceEvent ...
#ifndef AES_H #ifndef AES_H
@ -51,15 +51,6 @@ typedef struct aes_context_t {
AES_KEY ecb_dec_key; /* one step ecb decryption key */ AES_KEY ecb_dec_key; /* one step ecb decryption key */
} aes_context_t; } aes_context_t;
#elif defined (HAVE_OPENSSL_1_0) // openSSL 1.0 -------------------------------------------
#include <openssl/aes.h>
typedef struct aes_context_t {
AES_KEY enc_key; /* tx key */
AES_KEY dec_key; /* tx key */
} aes_context_t;
#elif defined (__AES__) && defined (__SSE2__) // Intel's AES-NI --------------------------- #elif defined (__AES__) && defined (__SSE2__) // Intel's AES-NI ---------------------------
#include <immintrin.h> #include <immintrin.h>

2
include/n2n.h
View File

@ -124,7 +124,7 @@ typedef struct ether_hdr ether_hdr_t;
#include <assert.h> #include <assert.h>
#include <sys/stat.h> #include <sys/stat.h>
#include <stdint.h> #include <stdint.h>
#if defined (HAVE_OPENSSL_1_0) || defined (HAVE_OPENSSL_1_1) #if defined (HAVE_OPENSSL_1_1)
#include <openssl/opensslv.h> #include <openssl/opensslv.h>
#include <openssl/crypto.h> #include <openssl/crypto.h>
#endif #endif

76
src/aes.c
View File

@ -161,80 +161,6 @@ int aes_init (const unsigned char *key, size_t key_size, aes_context_t **ctx) {
} }
#elif defined (HAVE_OPENSSL_1_0) // openSSL 1.0 -------------------------------------------
int aes_cbc_encrypt (unsigned char *out, const unsigned char *in, size_t in_len,
const unsigned char *iv, aes_context_t *ctx) {
uint8_t tmp_iv[AES_IV_SIZE];
memcpy (tmp_iv, iv, AES_IV_SIZE);
AES_cbc_encrypt(in, // source
out, // destination
in_len, // enc size
&(ctx->enc_key),
tmp_iv,
AES_ENCRYPT);
return 0;
}
int aes_cbc_decrypt (unsigned char *out, const unsigned char *in, size_t in_len,
const unsigned char *iv, aes_context_t *ctx) {
uint8_t tmp_iv[AES_IV_SIZE];
memcpy (tmp_iv, iv, AES_IV_SIZE);
AES_cbc_encrypt(in, // source
out, // destination
in_len, // enc size
&(ctx->dec_key),
tmp_iv,
AES_DECRYPT);
return 0;
}
int aes_ecb_decrypt (unsigned char *out, const unsigned char *in, aes_context_t *ctx) {
AES_ecb_encrypt(in, out, &(ctx->dec_key), AES_DECRYPT);
return 0;
}
int aes_init (const unsigned char *key, size_t key_size, aes_context_t **ctx) {
// allocate context...
*ctx = (aes_context_t*) calloc(1, sizeof(aes_context_t));
if (!(*ctx))
return -1;
// ...and fill her up
// initialize data structures
// check key size and make key size (given in bytes) dependant settings
switch(key_size) {
case AES128_KEY_BYTES: // 128 bit key size
break;
case AES192_KEY_BYTES: // 192 bit key size
break;
case AES256_KEY_BYTES: // 256 bit key size
break;
default:
traceEvent(TRACE_ERROR, "aes_init invalid key size %u\n", key_size);
return -1;
}
// key materiel handling
AES_set_encrypt_key(key, key_size * 8, &((*ctx)->enc_key));
AES_set_decrypt_key(key, key_size * 8, &((*ctx)->dec_key));
return 0;
}
#elif defined (__AES__) && defined (__SSE2__) // Intel's AES-NI --------------------------- #elif defined (__AES__) && defined (__SSE2__) // Intel's AES-NI ---------------------------
@ -1210,7 +1136,7 @@ int aes_init (const unsigned char *key, size_t key_size, aes_context_t **ctx) {
} }
#endif // openSSL 1.1, openSSL 1.0, plain C ----------------------------------------------- #endif // openSSL 1.1, AES-NI, plain C ----------------------------------------------------
int aes_deinit (aes_context_t *ctx) { int aes_deinit (aes_context_t *ctx) {

Write Preview
Loading…
Cancel
Save