kdxcxs
/
n2n
mirror of https://github.com/ntop/n2n.git
1
0
Fork 0
Code Issues Releases Wiki Activity
Browse Source

Removed PRIx64, a C99 feature

pull/122/head
lucaderi 6 years ago
parent
f33907ebd8
commit
86870a781e
1 changed files with 31 additions and 31 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 62
      transform_aes.c

62
transform_aes.c
View File

@ -71,7 +71,7 @@ static int transop_deinit_aes(n2n_trans_op_t *arg) {
*/
static size_t aes_best_keysize(size_t numBytes)
{
if (numBytes >= AES256_KEY_BYTES )
if (numBytes >= AES256_KEY_BYTES)
{
return AES256_KEY_BYTES;
}
@ -123,8 +123,8 @@ static int transop_encode_aes( n2n_trans_op_t * arg,
uint8_t assembly[N2N_PKT_BUF_SIZE] = {0};
uint32_t * pnonce;
if ( (in_len + TRANSOP_AES_NONCE_SIZE) <= N2N_PKT_BUF_SIZE ) {
if ( (in_len + TRANSOP_AES_NONCE_SIZE + TRANSOP_AES_PREAMBLE_SIZE) <= out_len ) {
if ( (in_len + TRANSOP_AES_NONCE_SIZE) <= N2N_PKT_BUF_SIZE) {
if ( (in_len + TRANSOP_AES_NONCE_SIZE + TRANSOP_AES_PREAMBLE_SIZE) <= out_len) {
int len=-1;
size_t idx=0;
size_t tx_sa_num = 0; // Not used
@ -132,13 +132,13 @@ static int transop_encode_aes( n2n_trans_op_t * arg,
uint8_t padding = 0;
n2n_aes_ivec_t enc_ivec = {0};
traceEvent( TRACE_DEBUG, "encode_aes %lu", in_len);
traceEvent(TRACE_DEBUG, "encode_aes %lu", in_len);
/* Encode the aes format version. */
encode_uint8( outbuf, &idx, N2N_AES_TRANSFORM_VERSION );
encode_uint8( outbuf, &idx, N2N_AES_TRANSFORM_VERSION);
/* Encode the security association (SA) number */
encode_uint32( outbuf, &idx, tx_sa_num ); // Not used
encode_uint32( outbuf, &idx, tx_sa_num); // Not used
/* Generate and encode the IV seed.
* Using two calls to rand() because RAND_MAX is usually < 64bit
@ -155,26 +155,26 @@ static int transop_encode_aes( n2n_trans_op_t * arg,
* contents of assembly are encrypted. */
pnonce = (uint32_t *)assembly;
*pnonce = rand();
memcpy( assembly + TRANSOP_AES_NONCE_SIZE, inbuf, in_len );
memcpy( assembly + TRANSOP_AES_NONCE_SIZE, inbuf, in_len);
/* Need at least one encrypted byte at the end for the padding. */
len2 = ( (len / AES_BLOCK_SIZE) + 1) * AES_BLOCK_SIZE; /* Round up to next whole AES adding at least one byte. */
padding = (len2-len);
assembly[len2 - 1] = padding;
traceEvent( TRACE_DEBUG, "padding = %u, seed = %016" PRIx64, padding, iv_seed );
traceEvent(TRACE_DEBUG, "padding = %u, seed = %016", padding, iv_seed);
set_aes_cbc_iv(priv, enc_ivec, iv_seed);
AES_cbc_encrypt( assembly, /* source */
outbuf + TRANSOP_AES_PREAMBLE_SIZE, /* dest */
len2, /* enc size */
&(priv->enc_key), enc_ivec, AES_ENCRYPT );
&(priv->enc_key), enc_ivec, AES_ENCRYPT);
len2 += TRANSOP_AES_PREAMBLE_SIZE; /* size of data carried in UDP. */
} else
traceEvent( TRACE_ERROR, "encode_aes outbuf too small." );
traceEvent(TRACE_ERROR, "encode_aes outbuf too small.");
} else
traceEvent( TRACE_ERROR, "encode_aes inbuf too big to encrypt." );
traceEvent(TRACE_ERROR, "encode_aes inbuf too big to encrypt.");
return len2;
}
@ -190,9 +190,9 @@ static int transop_decode_aes( n2n_trans_op_t * arg,
transop_aes_t * priv = (transop_aes_t *)arg->priv;
uint8_t assembly[N2N_PKT_BUF_SIZE];
if ( ( (in_len - TRANSOP_AES_PREAMBLE_SIZE) <= N2N_PKT_BUF_SIZE ) /* Cipher text fits in assembly */
&& (in_len >= (TRANSOP_AES_PREAMBLE_SIZE + TRANSOP_AES_NONCE_SIZE) ) /* Has at least version, SA, iv seed and nonce */
)
if ( ( (in_len - TRANSOP_AES_PREAMBLE_SIZE) <= N2N_PKT_BUF_SIZE) /* Cipher text fits in assembly */
&& (in_len >= (TRANSOP_AES_PREAMBLE_SIZE + TRANSOP_AES_NONCE_SIZE)) /* Has at least version, SA, iv seed and nonce */
)
{
uint32_t sa_rx=0; // Not used
size_t rem=in_len;
@ -201,20 +201,20 @@ static int transop_decode_aes( n2n_trans_op_t * arg,
uint64_t iv_seed=0;
/* Get the encoding version to make sure it is supported */
decode_uint8( &aes_enc_ver, inbuf, &rem, &idx );
decode_uint8( &aes_enc_ver, inbuf, &rem, &idx);
if ( N2N_AES_TRANSFORM_VERSION == aes_enc_ver ) {
if ( N2N_AES_TRANSFORM_VERSION == aes_enc_ver) {
/* Get the SA number and make sure we are decrypting with the right one. - Not used*/
decode_uint32( &sa_rx, inbuf, &rem, &idx );
decode_uint32( &sa_rx, inbuf, &rem, &idx);
/* Get the IV seed */
decode_buf((uint8_t *)&iv_seed, sizeof(iv_seed), inbuf, &rem, &idx);
traceEvent( TRACE_DEBUG, "decode_aes %lu with seed %016" PRIx64, in_len, iv_seed );
traceEvent(TRACE_DEBUG, "decode_aes %lu with seed %016", in_len, iv_seed);
len = (in_len - TRANSOP_AES_PREAMBLE_SIZE);
if ( 0 == (len % AES_BLOCK_SIZE ) ) {
if ( 0 == (len % AES_BLOCK_SIZE)) {
uint8_t padding;
n2n_aes_ivec_t dec_ivec = {0};
@ -224,7 +224,7 @@ static int transop_decode_aes( n2n_trans_op_t * arg,
assembly, /* destination */
len,
&(priv->dec_key),
dec_ivec, AES_DECRYPT );
dec_ivec, AES_DECRYPT);
/* last byte is how much was padding: max value should be
* AES_BLOCKSIZE-1 */
@ -235,7 +235,7 @@ static int transop_decode_aes( n2n_trans_op_t * arg,
/* strictly speaking for this to be an ethernet packet
* it is going to need to be even bigger; but this is
* enough to prevent segfaults. */
traceEvent( TRACE_DEBUG, "padding = %u", padding );
traceEvent(TRACE_DEBUG, "padding = %u", padding);
len -= padding;
len -= TRANSOP_AES_NONCE_SIZE; /* size of ethernet packet */
@ -243,17 +243,17 @@ static int transop_decode_aes( n2n_trans_op_t * arg,
/* Step over 4-byte random nonce value */
memcpy( outbuf,
assembly + TRANSOP_AES_NONCE_SIZE,
len );
len);
} else
traceEvent( TRACE_WARNING, "UDP payload decryption failed." );
traceEvent(TRACE_WARNING, "UDP payload decryption failed.");
} else {
traceEvent( TRACE_WARNING, "Encrypted length %d is not a multiple of AES_BLOCK_SIZE (%d)", len, AES_BLOCK_SIZE );
traceEvent(TRACE_WARNING, "Encrypted length %d is not a multiple of AES_BLOCK_SIZE (%d)", len, AES_BLOCK_SIZE);
len = 0;
}
} else
traceEvent( TRACE_ERROR, "decode_aes unsupported aes version %u.", aes_enc_ver );
traceEvent(TRACE_ERROR, "decode_aes unsupported aes version %u.", aes_enc_ver);
} else
traceEvent( TRACE_ERROR, "decode_aes inbuf wrong size (%ul) to decrypt.", in_len );
traceEvent(TRACE_ERROR, "decode_aes inbuf wrong size (%ul) to decrypt.", in_len);
return len;
}
@ -264,10 +264,10 @@ static int setup_aes_key(transop_aes_t *priv, const uint8_t *key, ssize_t key_si
struct sha512_keybuf keybuf;
/* Clear out any old possibly longer key matter. */
memset( &(priv->enc_key), 0, sizeof(priv->enc_key) );
memset( &(priv->dec_key), 0, sizeof(priv->dec_key) );
memset( &(priv->iv_enc_key), 0, sizeof(priv->iv_enc_key) );
memset( &(priv->iv_ext_val), 0, sizeof(priv->iv_ext_val) );
memset( &(priv->enc_key), 0, sizeof(priv->enc_key));
memset( &(priv->dec_key), 0, sizeof(priv->dec_key));
memset( &(priv->iv_enc_key), 0, sizeof(priv->iv_enc_key));
memset( &(priv->iv_ext_val), 0, sizeof(priv->iv_ext_val));
/* We still use aes_best_keysize (even not necessary since we hash the key
* into the 256bits enc_dec_key) to let the users choose the degree of encryption.
@ -287,7 +287,7 @@ static int setup_aes_key(transop_aes_t *priv, const uint8_t *key, ssize_t key_si
AES_set_encrypt_key(keybuf.iv_enc_key, sizeof(keybuf.iv_enc_key) * 8, &(priv->iv_enc_key));
memcpy(priv->iv_ext_val, keybuf.iv_ext_val, sizeof(keybuf.iv_ext_val));
traceEvent( TRACE_DEBUG, "AES %u bits setup completed\n",
traceEvent(TRACE_DEBUG, "AES %u bits setup completed\n",
aes_keysize_bits, key);
return(0);

Write Preview
Loading…
Cancel
Save