1
0
mirror of https://github.com/SoftEtherVPN/SoftEtherVPN.git synced 2024-12-24 17:19:52 +03:00

Merge PR #485: Encrypt: use OpenSSL's EVP interface, which supports AES-NI without the need of another library

This commit is contained in:
Davide Beatrici 2018-07-21 05:31:09 +02:00 committed by GitHub
commit 412a5aea71
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
22 changed files with 140 additions and 362 deletions

View File

@ -47,7 +47,7 @@ else
endif
# Files
HEADERS_MAYAQUA=src/Mayaqua/Cfg.h src/Mayaqua/cryptoki.h src/Mayaqua/Encrypt.h src/Mayaqua/FileIO.h src/Mayaqua/intelaes/iaesni.h src/Mayaqua/Internat.h src/Mayaqua/Kernel.h src/Mayaqua/Mayaqua.h src/Mayaqua/MayaType.h src/Mayaqua/Memory.h src/Mayaqua/Microsoft.h src/Mayaqua/Network.h src/Mayaqua/Object.h src/Mayaqua/OS.h src/Mayaqua/Pack.h src/Mayaqua/pkcs11.h src/Mayaqua/pkcs11f.h src/Mayaqua/pkcs11t.h src/Mayaqua/Secure.h src/Mayaqua/Str.h src/Mayaqua/Table.h src/Mayaqua/TcpIp.h src/Mayaqua/Tick64.h src/Mayaqua/Tracking.h src/Mayaqua/TunTap.h src/Mayaqua/Unix.h src/Mayaqua/Win32.h src/Mayaqua/zlib/zconf.h src/Mayaqua/zlib/zlib.h
HEADERS_MAYAQUA=src/Mayaqua/Cfg.h src/Mayaqua/cryptoki.h src/Mayaqua/Encrypt.h src/Mayaqua/FileIO.h src/Mayaqua/Internat.h src/Mayaqua/Kernel.h src/Mayaqua/Mayaqua.h src/Mayaqua/MayaType.h src/Mayaqua/Memory.h src/Mayaqua/Microsoft.h src/Mayaqua/Network.h src/Mayaqua/Object.h src/Mayaqua/OS.h src/Mayaqua/Pack.h src/Mayaqua/pkcs11.h src/Mayaqua/pkcs11f.h src/Mayaqua/pkcs11t.h src/Mayaqua/Secure.h src/Mayaqua/Str.h src/Mayaqua/Table.h src/Mayaqua/TcpIp.h src/Mayaqua/Tick64.h src/Mayaqua/Tracking.h src/Mayaqua/TunTap.h src/Mayaqua/Unix.h src/Mayaqua/Win32.h src/Mayaqua/zlib/zconf.h src/Mayaqua/zlib/zlib.h
HEADERS_CEDAR=src/Cedar/Account.h src/Cedar/Admin.h src/Cedar/AzureClient.h src/Cedar/AzureServer.h src/Cedar/Bridge.h src/Cedar/BridgeUnix.h src/Cedar/BridgeWin32.h src/Cedar/Cedar.h src/Cedar/CedarPch.h src/Cedar/CedarType.h src/Cedar/Client.h src/Cedar/CM.h src/Cedar/CMInner.h src/Cedar/Command.h src/Cedar/Connection.h src/Cedar/Console.h src/Cedar/Database.h src/Cedar/DDNS.h src/Cedar/EM.h src/Cedar/EMInner.h src/Cedar/EtherLog.h src/Cedar/Hub.h src/Cedar/Interop_OpenVPN.h src/Cedar/Interop_SSTP.h src/Cedar/IPsec.h src/Cedar/IPsec_EtherIP.h src/Cedar/IPsec_IKE.h src/Cedar/IPsec_IkePacket.h src/Cedar/IPsec_IPC.h src/Cedar/IPsec_L2TP.h src/Cedar/IPsec_PPP.h src/Cedar/IPsec_Win7.h src/Cedar/IPsec_Win7Inner.h src/Cedar/Layer3.h src/Cedar/Link.h src/Cedar/Listener.h src/Cedar/Logging.h src/Cedar/Nat.h src/Cedar/NativeStack.h src/Cedar/netcfgn.h src/Cedar/netcfgx.h src/Cedar/NM.h src/Cedar/NMInner.h src/Cedar/NullLan.h src/Cedar/Protocol.h src/Cedar/Radius.h src/Cedar/Remote.h src/Cedar/Sam.h src/Cedar/SecureInfo.h src/Cedar/SecureNAT.h src/Cedar/SeLowUser.h src/Cedar/Server.h src/Cedar/Session.h src/Cedar/SM.h src/Cedar/SMInner.h src/Cedar/SW.h src/Cedar/SWInner.h src/Cedar/UdpAccel.h src/Cedar/UT.h src/Cedar/VG.h src/Cedar/Virtual.h src/Cedar/VLan.h src/Cedar/VLanUnix.h src/Cedar/VLanWin32.h src/Cedar/WaterMark.h src/Cedar/WebUI.h src/Cedar/Win32Com.h src/Cedar/winpcap/bittypes.h src/Cedar/winpcap/bucket_lookup.h src/Cedar/winpcap/count_packets.h src/Cedar/winpcap/Devioctl.h src/Cedar/winpcap/Gnuc.h src/Cedar/winpcap/ip6_misc.h src/Cedar/winpcap/memory_t.h src/Cedar/winpcap/normal_lookup.h src/Cedar/winpcap/Ntddndis.h src/Cedar/winpcap/Ntddpack.h src/Cedar/winpcap/Packet32.h src/Cedar/winpcap/pcap.h src/Cedar/winpcap/pcap-bpf.h src/Cedar/winpcap/pcap-int.h src/Cedar/winpcap/pcap-stdinc.h src/Cedar/winpcap/pthread.h src/Cedar/winpcap/remote-ext.h src/Cedar/winpcap/sched.h src/Cedar/winpcap/semaphore.h src/Cedar/winpcap/tcp_session.h src/Cedar/winpcap/time_calls.h src/Cedar/winpcap/tme.h src/Cedar/winpcap/Win32-Extensions.h src/Cedar/WinUi.h src/Cedar/Wpc.h
OBJECTS_MAYAQUA=tmp/objs/Mayaqua/Cfg.o tmp/objs/Mayaqua/Encrypt.o tmp/objs/Mayaqua/FileIO.o tmp/objs/Mayaqua/Internat.o tmp/objs/Mayaqua/Kernel.o tmp/objs/Mayaqua/Mayaqua.o tmp/objs/Mayaqua/Memory.o tmp/objs/Mayaqua/Microsoft.o tmp/objs/Mayaqua/Network.o tmp/objs/Mayaqua/Object.o tmp/objs/Mayaqua/OS.o tmp/objs/Mayaqua/Pack.o tmp/objs/Mayaqua/Secure.o tmp/objs/Mayaqua/Str.o tmp/objs/Mayaqua/Table.o tmp/objs/Mayaqua/TcpIp.o tmp/objs/Mayaqua/Tick64.o tmp/objs/Mayaqua/Tracking.o tmp/objs/Mayaqua/Unix.o tmp/objs/Mayaqua/Win32.o
OBJECTS_CEDAR=tmp/objs/Cedar/Account.o tmp/objs/Cedar/Admin.o tmp/objs/Cedar/AzureClient.o tmp/objs/Cedar/AzureServer.o tmp/objs/Cedar/Bridge.o tmp/objs/Cedar/BridgeUnix.o tmp/objs/Cedar/BridgeWin32.o tmp/objs/Cedar/Cedar.o tmp/objs/Cedar/CedarPch.o tmp/objs/Cedar/Client.o tmp/objs/Cedar/CM.o tmp/objs/Cedar/Command.o tmp/objs/Cedar/Connection.o tmp/objs/Cedar/Console.o tmp/objs/Cedar/Database.o tmp/objs/Cedar/DDNS.o tmp/objs/Cedar/EM.o tmp/objs/Cedar/EtherLog.o tmp/objs/Cedar/Hub.o tmp/objs/Cedar/Interop_OpenVPN.o tmp/objs/Cedar/Interop_SSTP.o tmp/objs/Cedar/IPsec.o tmp/objs/Cedar/IPsec_EtherIP.o tmp/objs/Cedar/IPsec_IKE.o tmp/objs/Cedar/IPsec_IkePacket.o tmp/objs/Cedar/IPsec_IPC.o tmp/objs/Cedar/IPsec_L2TP.o tmp/objs/Cedar/IPsec_PPP.o tmp/objs/Cedar/IPsec_Win7.o tmp/objs/Cedar/Layer3.o tmp/objs/Cedar/Link.o tmp/objs/Cedar/Listener.o tmp/objs/Cedar/Logging.o tmp/objs/Cedar/Nat.o tmp/objs/Cedar/NativeStack.o tmp/objs/Cedar/NM.o tmp/objs/Cedar/NullLan.o tmp/objs/Cedar/Protocol.o tmp/objs/Cedar/Radius.o tmp/objs/Cedar/Remote.o tmp/objs/Cedar/Sam.o tmp/objs/Cedar/SecureInfo.o tmp/objs/Cedar/SecureNAT.o tmp/objs/Cedar/SeLowUser.o tmp/objs/Cedar/Server.o tmp/objs/Cedar/Session.o tmp/objs/Cedar/SM.o tmp/objs/Cedar/SW.o tmp/objs/Cedar/UdpAccel.o tmp/objs/Cedar/UT.o tmp/objs/Cedar/VG.o tmp/objs/Cedar/Virtual.o tmp/objs/Cedar/VLan.o tmp/objs/Cedar/VLanUnix.o tmp/objs/Cedar/VLanWin32.o tmp/objs/Cedar/WaterMark.o tmp/objs/Cedar/WebUI.o tmp/objs/Cedar/WinUi.o tmp/objs/Cedar/Wpc.o

View File

@ -47,7 +47,7 @@ else
endif
# Files
HEADERS_MAYAQUA=src/Mayaqua/Cfg.h src/Mayaqua/cryptoki.h src/Mayaqua/Encrypt.h src/Mayaqua/FileIO.h src/Mayaqua/intelaes/iaesni.h src/Mayaqua/Internat.h src/Mayaqua/Kernel.h src/Mayaqua/Mayaqua.h src/Mayaqua/MayaType.h src/Mayaqua/Memory.h src/Mayaqua/Microsoft.h src/Mayaqua/Network.h src/Mayaqua/Object.h src/Mayaqua/OS.h src/Mayaqua/Pack.h src/Mayaqua/pkcs11.h src/Mayaqua/pkcs11f.h src/Mayaqua/pkcs11t.h src/Mayaqua/Secure.h src/Mayaqua/Str.h src/Mayaqua/Table.h src/Mayaqua/TcpIp.h src/Mayaqua/Tick64.h src/Mayaqua/Tracking.h src/Mayaqua/TunTap.h src/Mayaqua/Unix.h src/Mayaqua/Win32.h src/Mayaqua/zlib/zconf.h src/Mayaqua/zlib/zlib.h
HEADERS_MAYAQUA=src/Mayaqua/Cfg.h src/Mayaqua/cryptoki.h src/Mayaqua/Encrypt.h src/Mayaqua/FileIO.h src/Mayaqua/Internat.h src/Mayaqua/Kernel.h src/Mayaqua/Mayaqua.h src/Mayaqua/MayaType.h src/Mayaqua/Memory.h src/Mayaqua/Microsoft.h src/Mayaqua/Network.h src/Mayaqua/Object.h src/Mayaqua/OS.h src/Mayaqua/Pack.h src/Mayaqua/pkcs11.h src/Mayaqua/pkcs11f.h src/Mayaqua/pkcs11t.h src/Mayaqua/Secure.h src/Mayaqua/Str.h src/Mayaqua/Table.h src/Mayaqua/TcpIp.h src/Mayaqua/Tick64.h src/Mayaqua/Tracking.h src/Mayaqua/TunTap.h src/Mayaqua/Unix.h src/Mayaqua/Win32.h src/Mayaqua/zlib/zconf.h src/Mayaqua/zlib/zlib.h
HEADERS_CEDAR=src/Cedar/Account.h src/Cedar/Admin.h src/Cedar/AzureClient.h src/Cedar/AzureServer.h src/Cedar/Bridge.h src/Cedar/BridgeUnix.h src/Cedar/BridgeWin32.h src/Cedar/Cedar.h src/Cedar/CedarPch.h src/Cedar/CedarType.h src/Cedar/Client.h src/Cedar/CM.h src/Cedar/CMInner.h src/Cedar/Command.h src/Cedar/Connection.h src/Cedar/Console.h src/Cedar/Database.h src/Cedar/DDNS.h src/Cedar/EM.h src/Cedar/EMInner.h src/Cedar/EtherLog.h src/Cedar/Hub.h src/Cedar/Interop_OpenVPN.h src/Cedar/Interop_SSTP.h src/Cedar/IPsec.h src/Cedar/IPsec_EtherIP.h src/Cedar/IPsec_IKE.h src/Cedar/IPsec_IkePacket.h src/Cedar/IPsec_IPC.h src/Cedar/IPsec_L2TP.h src/Cedar/IPsec_PPP.h src/Cedar/IPsec_Win7.h src/Cedar/IPsec_Win7Inner.h src/Cedar/Layer3.h src/Cedar/Link.h src/Cedar/Listener.h src/Cedar/Logging.h src/Cedar/Nat.h src/Cedar/NativeStack.h src/Cedar/netcfgn.h src/Cedar/netcfgx.h src/Cedar/NM.h src/Cedar/NMInner.h src/Cedar/NullLan.h src/Cedar/Protocol.h src/Cedar/Radius.h src/Cedar/Remote.h src/Cedar/Sam.h src/Cedar/SecureInfo.h src/Cedar/SecureNAT.h src/Cedar/SeLowUser.h src/Cedar/Server.h src/Cedar/Session.h src/Cedar/SM.h src/Cedar/SMInner.h src/Cedar/SW.h src/Cedar/SWInner.h src/Cedar/UdpAccel.h src/Cedar/UT.h src/Cedar/VG.h src/Cedar/Virtual.h src/Cedar/VLan.h src/Cedar/VLanUnix.h src/Cedar/VLanWin32.h src/Cedar/WaterMark.h src/Cedar/WebUI.h src/Cedar/Win32Com.h src/Cedar/winpcap/bittypes.h src/Cedar/winpcap/bucket_lookup.h src/Cedar/winpcap/count_packets.h src/Cedar/winpcap/Devioctl.h src/Cedar/winpcap/Gnuc.h src/Cedar/winpcap/ip6_misc.h src/Cedar/winpcap/memory_t.h src/Cedar/winpcap/normal_lookup.h src/Cedar/winpcap/Ntddndis.h src/Cedar/winpcap/Ntddpack.h src/Cedar/winpcap/Packet32.h src/Cedar/winpcap/pcap.h src/Cedar/winpcap/pcap-bpf.h src/Cedar/winpcap/pcap-int.h src/Cedar/winpcap/pcap-stdinc.h src/Cedar/winpcap/pthread.h src/Cedar/winpcap/remote-ext.h src/Cedar/winpcap/sched.h src/Cedar/winpcap/semaphore.h src/Cedar/winpcap/tcp_session.h src/Cedar/winpcap/time_calls.h src/Cedar/winpcap/tme.h src/Cedar/winpcap/Win32-Extensions.h src/Cedar/WinUi.h src/Cedar/Wpc.h
OBJECTS_MAYAQUA=tmp/objs/Mayaqua/Cfg.o tmp/objs/Mayaqua/Encrypt.o tmp/objs/Mayaqua/FileIO.o tmp/objs/Mayaqua/Internat.o tmp/objs/Mayaqua/Kernel.o tmp/objs/Mayaqua/Mayaqua.o tmp/objs/Mayaqua/Memory.o tmp/objs/Mayaqua/Microsoft.o tmp/objs/Mayaqua/Network.o tmp/objs/Mayaqua/Object.o tmp/objs/Mayaqua/OS.o tmp/objs/Mayaqua/Pack.o tmp/objs/Mayaqua/Secure.o tmp/objs/Mayaqua/Str.o tmp/objs/Mayaqua/Table.o tmp/objs/Mayaqua/TcpIp.o tmp/objs/Mayaqua/Tick64.o tmp/objs/Mayaqua/Tracking.o tmp/objs/Mayaqua/Unix.o tmp/objs/Mayaqua/Win32.o
OBJECTS_CEDAR=tmp/objs/Cedar/Account.o tmp/objs/Cedar/Admin.o tmp/objs/Cedar/AzureClient.o tmp/objs/Cedar/AzureServer.o tmp/objs/Cedar/Bridge.o tmp/objs/Cedar/BridgeUnix.o tmp/objs/Cedar/BridgeWin32.o tmp/objs/Cedar/Cedar.o tmp/objs/Cedar/CedarPch.o tmp/objs/Cedar/Client.o tmp/objs/Cedar/CM.o tmp/objs/Cedar/Command.o tmp/objs/Cedar/Connection.o tmp/objs/Cedar/Console.o tmp/objs/Cedar/Database.o tmp/objs/Cedar/DDNS.o tmp/objs/Cedar/EM.o tmp/objs/Cedar/EtherLog.o tmp/objs/Cedar/Hub.o tmp/objs/Cedar/Interop_OpenVPN.o tmp/objs/Cedar/Interop_SSTP.o tmp/objs/Cedar/IPsec.o tmp/objs/Cedar/IPsec_EtherIP.o tmp/objs/Cedar/IPsec_IKE.o tmp/objs/Cedar/IPsec_IkePacket.o tmp/objs/Cedar/IPsec_IPC.o tmp/objs/Cedar/IPsec_L2TP.o tmp/objs/Cedar/IPsec_PPP.o tmp/objs/Cedar/IPsec_Win7.o tmp/objs/Cedar/Layer3.o tmp/objs/Cedar/Link.o tmp/objs/Cedar/Listener.o tmp/objs/Cedar/Logging.o tmp/objs/Cedar/Nat.o tmp/objs/Cedar/NativeStack.o tmp/objs/Cedar/NM.o tmp/objs/Cedar/NullLan.o tmp/objs/Cedar/Protocol.o tmp/objs/Cedar/Radius.o tmp/objs/Cedar/Remote.o tmp/objs/Cedar/Sam.o tmp/objs/Cedar/SecureInfo.o tmp/objs/Cedar/SecureNAT.o tmp/objs/Cedar/SeLowUser.o tmp/objs/Cedar/Server.o tmp/objs/Cedar/Session.o tmp/objs/Cedar/SM.o tmp/objs/Cedar/SW.o tmp/objs/Cedar/UdpAccel.o tmp/objs/Cedar/UT.o tmp/objs/Cedar/VG.o tmp/objs/Cedar/Virtual.o tmp/objs/Cedar/VLan.o tmp/objs/Cedar/VLanUnix.o tmp/objs/Cedar/VLanWin32.o tmp/objs/Cedar/WaterMark.o tmp/objs/Cedar/WebUI.o tmp/objs/Cedar/WinUi.o tmp/objs/Cedar/Wpc.o

View File

@ -999,15 +999,6 @@ namespace BuildUtil
}
}
if (this.Os == OSList.Linux)
{
if (this.Cpu == CpuList.x86 || this.Cpu == CpuList.x64)
{
// Include libintelaes.a only for x86 / x64 in Linux
libs.Add(string.Format("lib/{0}.a", "libintelaes"));
}
}
gccOptionForCompile = MakeGccOptions(macros.ToArray(), includes.ToArray(), options.ToArray(), null);
if (crossCompile)

View File

@ -1770,8 +1770,8 @@ void GetServerCapsMain(SERVER *s, CAPSLIST *t)
// UDP acceleration feature
AddCapsBool(t, "b_support_udp_acceleration", true);
// Intel AES Acceleration function
AddCapsBool(t, "b_support_intel_aes", IsIntelAesNiSupported());
// AES acceleration function
AddCapsBool(t, "b_support_aes_ni", IsAesNiSupported());
#ifdef OS_WIN32
// SeLow driver
@ -5946,9 +5946,6 @@ void SiLoadServerCfg(SERVER *s, FOLDER *f)
// Disable the NAT-traversal feature
s->DisableNatTraversal = CfgGetBool(f, "DisableNatTraversal");
// Intel AES
s->DisableIntelAesAcceleration = CfgGetBool(f, "DisableIntelAesAcceleration");
if (s->Cedar->Bridge == false)
{
// Enable the VPN-over-ICMP
@ -6372,9 +6369,6 @@ void SiWriteServerCfg(FOLDER *f, SERVER *s)
CfgAddBool(f, "EnableVpnOverDns", s->EnableVpnOverDns);
}
// Intel AES
CfgAddBool(f, "DisableIntelAesAcceleration", s->DisableIntelAesAcceleration);
if (c->Bridge == false)
{
OPENVPN_SSTP_CONFIG config;
@ -10982,12 +10976,6 @@ SERVER *SiNewServerEx(bool bridge, bool in_client_inner_server, bool relay_serve
SetFifoCurrentReallocMemSize(MEM_FIFO_REALLOC_MEM_SIZE);
if (s->DisableIntelAesAcceleration)
{
// Disable the Intel AES acceleration
DisableIntelAesAccel();
}
// Raise the priority
if (s->NoHighPriorityProcess == false)
{

View File

@ -293,7 +293,6 @@ struct SERVER
bool DisableNatTraversal; // Disable the NAT-traversal feature
bool EnableVpnOverIcmp; // VPN over ICMP is enabled
bool EnableVpnOverDns; // VPN over DNS is enabled
bool DisableIntelAesAcceleration; // Disable the Intel AES acceleration
bool NoMoreSave; // Do not save any more
bool EnableConditionalAccept; // Apply the Conditional Accept the Listener
bool EnableLegacySSL; // Enable Legacy SSL

View File

@ -145,9 +145,11 @@
#include <openssl/x509v3.h>
#include <Mayaqua/Mayaqua.h>
#ifdef USE_INTEL_AESNI_LIBRARY
#include <intelaes/iaesni.h>
#endif // USE_INTEL_AESNI_LIBRARY
#ifdef _MSC_VER
#include <intrin.h> // For __cpuid()
#else
#include <cpuid.h> // For __get_cpuid()
#endif
LOCK *openssl_lock = NULL;
@ -156,7 +158,6 @@ int ssl_clientcert_index = 0;
LOCK **ssl_lock_obj = NULL;
UINT ssl_lock_num;
static bool openssl_inited = false;
static bool is_intel_aes_supported = false;
static unsigned char *Internal_SHA0(const unsigned char *d, size_t n, unsigned char *md);
@ -3662,7 +3663,6 @@ void InitCryptLibrary()
{
char tmp[16];
CheckIfIntelAesNiSupportedInit();
// RAND_Init_For_SoftEther()
openssl_lock = NewLock();
SSL_library_init();
@ -4106,81 +4106,85 @@ void AesFreeKey(AES_KEY_VALUE *k)
// AES encryption
void AesEncrypt(void *dest, void *src, UINT size, AES_KEY_VALUE *k, void *ivec)
{
UCHAR ivec_copy[AES_IV_SIZE];
EVP_CIPHER_CTX *ctx = NULL;
int dest_len = 0;
int len = 0;
int ret = 0;
// Validate arguments
if (dest == NULL || src == NULL || size == 0 || k == NULL || ivec == NULL)
{
return;
}
#ifdef USE_INTEL_AESNI_LIBRARY
if (is_intel_aes_supported)
// Create and initialize the context
ctx = EVP_CIPHER_CTX_new();
if (!ctx)
{
AesEncryptWithIntel(dest, src, size, k, ivec);
ERR_print_errors_fp(stderr);
return;
}
#endif // USE_INTEL_AESNI_LIBRARY
Copy(ivec_copy, ivec, AES_IV_SIZE);
// Disable padding, as it's handled by IkeEncryptWithPadding()
EVP_CIPHER_CTX_set_padding(ctx, false);
AES_cbc_encrypt(src, dest, size, k->EncryptKey, ivec, 1);
// Initialize the encryption operation
switch (k->KeySize)
{
case 16:
ret = EVP_EncryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, k->KeyValue, ivec);
break;
case 24:
ret = EVP_EncryptInit_ex(ctx, EVP_aes_192_cbc(), NULL, k->KeyValue, ivec);
break;
case 32:
ret = EVP_EncryptInit_ex(ctx, EVP_aes_256_cbc(), NULL, k->KeyValue, ivec);
break;
}
if (ret != 1)
{
ERR_print_errors_fp(stderr);
EVP_CIPHER_CTX_free(ctx);
return;
}
// Provide the message to be encrypted and obtain the cipher output
ret = EVP_EncryptUpdate(ctx, dest, &dest_len, src, size);
if (ret != 1)
{
ERR_print_errors_fp(stderr);
EVP_CIPHER_CTX_free(ctx);
return;
}
// Finalize the encryption
ret = EVP_EncryptFinal_ex(ctx, (unsigned char *) dest + dest_len, &len);
if (ret != 1)
{
ERR_print_errors_fp(stderr);
EVP_CIPHER_CTX_free(ctx);
return;
}
dest_len += len;
// Clean up
EVP_CIPHER_CTX_free(ctx);
}
// AES decryption
void AesDecrypt(void *dest, void *src, UINT size, AES_KEY_VALUE *k, void *ivec)
{
UCHAR ivec_copy[AES_IV_SIZE];
// Validate arguments
if (dest == NULL || src == NULL || size == 0 || k == NULL || ivec == NULL)
{
return;
}
#ifdef USE_INTEL_AESNI_LIBRARY
if (is_intel_aes_supported)
{
AesDecryptWithIntel(dest, src, size, k, ivec);
return;
}
#endif // USE_INTEL_AESNI_LIBRARY
Copy(ivec_copy, ivec, AES_IV_SIZE);
AES_cbc_encrypt(src, dest, size, k->DecryptKey, ivec, 0);
}
// Determine whether the Intel AES-NI is supported
bool IsIntelAesNiSupported()
{
return is_intel_aes_supported;
}
void CheckIfIntelAesNiSupportedInit()
{
#ifdef USE_INTEL_AESNI_LIBRARY
if (check_for_aes_instructions())
{
is_intel_aes_supported = true;
}
else
{
is_intel_aes_supported = false;
}
#else // USE_INTEL_AESNI_LIBRARY
is_intel_aes_supported = false;
#endif // USE_INTEL_AESNI_LIBRARY
}
// Disable the Intel AES-NI
void DisableIntelAesAccel()
{
is_intel_aes_supported = false;
}
#ifdef USE_INTEL_AESNI_LIBRARY
// Encrypt AES using the Intel AES-NI
void AesEncryptWithIntel(void *dest, void *src, UINT size, AES_KEY_VALUE *k, void *ivec)
{
UCHAR ivec_copy[AES_IV_SIZE];
EVP_CIPHER_CTX *ctx = NULL;
int dest_len = 0;
int len = 0;
int ret = 0;
// Validate arguments
if (dest == NULL || src == NULL || size == 0 || k == NULL || ivec == NULL)
@ -4188,53 +4192,85 @@ void AesEncryptWithIntel(void *dest, void *src, UINT size, AES_KEY_VALUE *k, voi
return;
}
Copy(ivec_copy, ivec, AES_IV_SIZE);
// Create and initialize the context
ctx = EVP_CIPHER_CTX_new();
if (!ctx)
{
ERR_print_errors_fp(stderr);
return;
}
// Disable padding, as it's handled by IkeEncryptWithPadding()
EVP_CIPHER_CTX_set_padding(ctx, false);
// Initialize the decryption operation
switch (k->KeySize)
{
case 16:
intel_AES_enc128_CBC(src, dest, k->KeyValue, (size / AES_IV_SIZE), ivec_copy);
ret = EVP_DecryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, k->KeyValue, ivec);
break;
case 24:
intel_AES_enc192_CBC(src, dest, k->KeyValue, (size / AES_IV_SIZE), ivec_copy);
ret = EVP_DecryptInit_ex(ctx, EVP_aes_192_cbc(), NULL, k->KeyValue, ivec);
break;
case 32:
intel_AES_enc256_CBC(src, dest, k->KeyValue, (size / AES_IV_SIZE), ivec_copy);
ret = EVP_DecryptInit_ex(ctx, EVP_aes_256_cbc(), NULL, k->KeyValue, ivec);
break;
}
}
// Decrypt AES using the Intel AES-NI
void AesDecryptWithIntel(void *dest, void *src, UINT size, AES_KEY_VALUE *k, void *ivec)
{
UCHAR ivec_copy[AES_IV_SIZE];
// Validate arguments
if (dest == NULL || src == NULL || size == 0 || k == NULL || ivec == NULL)
if (ret != 1)
{
ERR_print_errors_fp(stderr);
EVP_CIPHER_CTX_free(ctx);
return;
}
Copy(ivec_copy, ivec, AES_IV_SIZE);
// Provide the message to be decrypted and obtain the plaintext output
ret = EVP_DecryptUpdate(ctx, dest, &dest_len, src, size);
switch (k->KeySize)
if (ret != 1)
{
case 16:
intel_AES_dec128_CBC(src, dest, k->KeyValue, (size / AES_IV_SIZE), ivec_copy);
break;
case 24:
intel_AES_dec192_CBC(src, dest, k->KeyValue, (size / AES_IV_SIZE), ivec_copy);
break;
case 32:
intel_AES_dec256_CBC(src, dest, k->KeyValue, (size / AES_IV_SIZE), ivec_copy);
break;
ERR_print_errors_fp(stderr);
EVP_CIPHER_CTX_free(ctx);
return;
}
// Finalize the decryption
ret = EVP_DecryptFinal_ex(ctx, (unsigned char *) dest + dest_len, &len);
if (ret != 1)
{
ERR_print_errors_fp(stderr);
EVP_CIPHER_CTX_free(ctx);
return;
}
dest_len += len;
// Clean up
EVP_CIPHER_CTX_free(ctx);
}
// Determine whether the AES-NI instruction set is supported by the CPU
bool IsAesNiSupported()
{
bool supported = false;
// Unfortunately OpenSSL doesn't provide a function to do it
#ifdef _MSC_VER
int regs[4]; // EAX, EBX, ECX, EDX
__cpuid(regs, 1);
supported = (regs[2] >> 25) & 1;
#else
uint32_t eax, ebx, ecx, edx;
__get_cpuid(1, &eax, &ebx, &ecx, &edx);
supported = (ecx & bit_AES) > 0;
#endif
return supported;
}
#endif // USE_INTEL_AESNI_LIBRARY
// Calculation of HMAC-SHA-1
void MacSha1(void *dst, void *key, UINT key_size, void *data, UINT data_size)

View File

@ -522,13 +522,7 @@ void AesFreeKey(AES_KEY_VALUE *k);
void AesEncrypt(void *dest, void *src, UINT size, AES_KEY_VALUE *k, void *ivec);
void AesDecrypt(void *dest, void *src, UINT size, AES_KEY_VALUE *k, void *ivec);
bool IsIntelAesNiSupported();
void CheckIfIntelAesNiSupportedInit();
#ifdef USE_INTEL_AESNI_LIBRARY
void AesEncryptWithIntel(void *dest, void *src, UINT size, AES_KEY_VALUE *k, void *ivec);
void AesDecryptWithIntel(void *dest, void *src, UINT size, AES_KEY_VALUE *k, void *ivec);
#endif // USE_INTEL_AESNI_LIBRARY
bool IsAesNiSupported();
void OpenSSL_InitLock();
void OpenSSL_FreeLock();
@ -551,8 +545,6 @@ void Enc_tls1_PRF(unsigned char *label, int label_len, const unsigned char *sec,
void HMacSha1(void *dst, void *key, UINT key_size, void *data, UINT data_size);
void HMacMd5(void *dst, void *key, UINT key_size, void *data, UINT data_size);
void DisableIntelAesAccel();
int GetSslClientCertIndex();
#ifdef ENCRYPT_C

View File

@ -215,12 +215,6 @@ int PASCAL WinMain(HINSTANCE hInst, HINSTANCE hPrev, char *CmdLine, int CmdShow)
#define PROBE_DATA(data, size)
#endif // USE_PROBE
// About Intel AES-NI Library
#if (defined(OS_WIN32) || (defined(UNIX_LINUX) && (defined(CPU_X86) || defined(CPU_X64))))
// Supports only for Linux (x86 / x64) or Windows
#define USE_INTEL_AESNI_LIBRARY
#endif
// Determine the performance / memory strategy
#if (defined(CPU_X86) || defined(CPU_X64) || defined(CPU_X86_X64) || defined(CPU_SPARC) || defined(CPU_SPARC64) || defined(OS_WIN32) || defined(__amd64__) || defined(__amd64) || defined(__x86_64__) || defined(__x86_64) || defined(i386) || defined(__i386) || defined(__i386__) || defined(__ia64__) || defined(__IA64__) || defined(_IA64))
#define USE_STRATEGY_PERFORMACE

View File

@ -69,7 +69,7 @@
/>
<Tool
Name="VCLibrarianTool"
AdditionalDependencies="libeay32.lib ssleay32.lib zlib.lib libintelaes.lib"
AdditionalDependencies="libeay32.lib ssleay32.lib zlib.lib"
AdditionalLibraryDirectories="$(SolutionDir)BuildFiles\Library\$(PlatformName)_$(ConfigurationName)"
/>
<Tool
@ -139,7 +139,7 @@
/>
<Tool
Name="VCLibrarianTool"
AdditionalDependencies="libeay32.lib ssleay32.lib zlib.lib libintelaes.lib"
AdditionalDependencies="libeay32.lib ssleay32.lib zlib.lib"
AdditionalLibraryDirectories="$(SolutionDir)BuildFiles\Library\$(PlatformName)_$(ConfigurationName)"
/>
<Tool
@ -212,7 +212,7 @@
/>
<Tool
Name="VCLibrarianTool"
AdditionalDependencies="libeay32.lib ssleay32.lib zlib.lib libintelaes.lib"
AdditionalDependencies="libeay32.lib ssleay32.lib zlib.lib"
AdditionalLibraryDirectories="$(SolutionDir)BuildFiles\Library\$(PlatformName)_$(ConfigurationName)"
/>
<Tool
@ -286,7 +286,7 @@
/>
<Tool
Name="VCLibrarianTool"
AdditionalDependencies="libeay32.lib ssleay32.lib zlib.lib libintelaes.lib"
AdditionalDependencies="libeay32.lib ssleay32.lib zlib.lib"
AdditionalLibraryDirectories="$(SolutionDir)BuildFiles\Library\$(PlatformName)_$(ConfigurationName)"
/>
<Tool
@ -827,14 +827,6 @@
>
</File>
</Filter>
<Filter
Name="intelaes"
>
<File
RelativePath=".\intelaes\iaesni.h"
>
</File>
</Filter>
</Files>
<Globals>
</Globals>

View File

@ -1,147 +0,0 @@
/*
* Copyright (c) 2010, Intel Corporation
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are met:
*
* * Redistributions of source code must retain the above copyright notice,
* this list of conditions and the following disclaimer.
* * Redistributions in binary form must reproduce the above copyright notice,
* this list of conditions and the following disclaimer in the documentation
* and/or other materials provided with the distribution.
* * Neither the name of Intel Corporation nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
* IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
* BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
* OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
* ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifndef _IAESNI_H__
#define _IAESNI_H__
#include <stdlib.h>
#define AES_INSTRCTIONS_CPUID_BIT (1<<25)
//indicates input param
#define _AES_IN
//indicates output param
#define _AES_OUT
//indicates input/output param - based on context
#define _AES_INOUT
//typedef unsigned char UCHAR;
/*#ifndef bool
#define bool BOOL
#endif*/
//test if the processor actually supports the above functions
//executing one the functions below without processor support will cause UD fault
//bool check_for_aes_instructions(void);
#if (__cplusplus)
extern "C" {
#endif
int check_for_aes_instructions(void);
#define ROUND_KEYS_UNALIGNED_TESTING
#ifdef __linux__
#ifdef ROUND_KEYS_UNALIGNED_TESTING
#define DEFINE_ROUND_KEYS \
UCHAR __attribute__ ((aligned (16))) _expandedKey[16*16]; \
UCHAR *expandedKey = _expandedKey + 4; \
#else
#define DEFINE_ROUND_KEYS \
UCHAR __attribute__ ((aligned (16))) _expandedKey[16*16]; \
UCHAR *expandedKey = _expandedKey; \
#endif
#else // if not __linux__
#ifdef ROUND_KEYS_UNALIGNED_TESTING
#define DEFINE_ROUND_KEYS \
__declspec(align(16)) UCHAR _expandedKey[16*16]; \
UCHAR *expandedKey = _expandedKey + 4; \
#else
#define DEFINE_ROUND_KEYS \
__declspec(align(16)) UCHAR _expandedKey[16*16]; \
UCHAR *expandedKey = _expandedKey; \
#endif
#endif
// encryption functions
// plainText is pointer to input stream
// cipherText is pointer to buffer to be filled with encrypted (cipher text) data
// key is pointer to enc key (sizes are 16 bytes for AES-128, 24 bytes for AES-192, 32 for AES-256)
// numBlocks is number of 16 bytes blocks to process - note that encryption is done of full 16 byte blocks
void intel_AES_enc128(_AES_IN UCHAR *plainText, _AES_OUT UCHAR *cipherText, _AES_IN UCHAR *key, _AES_IN size_t numBlocks);
void intel_AES_enc192(_AES_IN UCHAR *plainText, _AES_OUT UCHAR *cipherText, _AES_IN UCHAR *key, _AES_IN size_t numBlocks);
void intel_AES_enc256(_AES_IN UCHAR *plainText, _AES_OUT UCHAR *cipherText, _AES_IN UCHAR *key, _AES_IN size_t numBlocks);
void intel_AES_enc128_CBC(_AES_IN UCHAR *plainText, _AES_OUT UCHAR *cipherText, _AES_IN UCHAR *key, _AES_IN size_t numBlocks, _AES_IN UCHAR *iv);
void intel_AES_enc192_CBC(_AES_IN UCHAR *plainText, _AES_OUT UCHAR *cipherText, _AES_IN UCHAR *key, _AES_IN size_t numBlocks, _AES_IN UCHAR *iv);
void intel_AES_enc256_CBC(_AES_IN UCHAR *plainText, _AES_OUT UCHAR *cipherText, _AES_IN UCHAR *key, _AES_IN size_t numBlocks, _AES_IN UCHAR *iv);
// encryption functions
// cipherText is pointer to encrypted stream
// plainText is pointer to buffer to be filled with original (plain text) data
// key is pointer to enc key (sizes are 16 bytes for AES-128, 24 bytes for AES-192, 32 for AES-256)
// numBlocks is number of 16 bytes blocks to process - note that decryption is done of full 16 byte blocks
void intel_AES_dec128(_AES_IN UCHAR *cipherText, _AES_OUT UCHAR *plainText, _AES_IN UCHAR *key, _AES_IN size_t numBlocks);
void intel_AES_dec192(_AES_IN UCHAR *cipherText, _AES_OUT UCHAR *plainText, _AES_IN UCHAR *key, _AES_IN size_t numBlocks);
void intel_AES_dec256(_AES_IN UCHAR *cipherText, _AES_OUT UCHAR *plainText, _AES_IN UCHAR *key, _AES_IN size_t numBlocks);
void intel_AES_dec128_CBC(_AES_IN UCHAR *cipherText, _AES_OUT UCHAR *plainText, _AES_IN UCHAR *key, _AES_IN size_t numBlocks, _AES_IN UCHAR *iv);
void intel_AES_dec192_CBC(_AES_IN UCHAR *cipherText, _AES_OUT UCHAR *plainText, _AES_IN UCHAR *key, _AES_IN size_t numBlocks, _AES_IN UCHAR *iv);
void intel_AES_dec256_CBC(_AES_IN UCHAR *cipherText, _AES_OUT UCHAR *plainText, _AES_IN UCHAR *key, _AES_IN size_t numBlocks, _AES_IN UCHAR *iv);
void intel_AES_encdec128_CTR(_AES_IN UCHAR *input, _AES_OUT UCHAR *output, _AES_IN UCHAR *key, _AES_IN size_t numBlocks, _AES_IN UCHAR *initial_counter);
void intel_AES_encdec192_CTR(_AES_IN UCHAR *input, _AES_OUT UCHAR *output, _AES_IN UCHAR *key, _AES_IN size_t numBlocks, _AES_IN UCHAR *initial_counter);
void intel_AES_encdec256_CTR(_AES_IN UCHAR *input, _AES_OUT UCHAR *output, _AES_IN UCHAR *key, _AES_IN size_t numBlocks, _AES_IN UCHAR *initial_counter);
#if (__cplusplus)
}
#endif
#endif

View File

@ -689,36 +689,3 @@ Gailly and Mark Adler; it does not include third-party code.
If you redistribute modified sources, we would appreciate that you include in
the file ChangeLog history information documenting your changes. Please read
the FAQ for more information on the distribution of modified source versions.
-------------------
Intel AESNI Sample Library:
Copyright (c) 2010, Intel Corporation
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are met:
* Redistributions of source code must retain the above copyright notice, this
list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright notice,
this list of conditions and the following disclaimer in the documentation
and/or other materials provided with the distribution.
* Neither the name of Intel Corporation nor the names of its contributors may
be used to endorse or promote products derived from this software without
specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
Issue Date: Aug 6, 2010

View File

@ -420,23 +420,6 @@ If you redistribute modified sources, we would appreciate that you include in th
-------------------
Intel AESNI Sample Library:
Copyright (c) 2010, Intel Corporation
All rights reserved.
Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:
* Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.
* Neither the name of Intel Corporation nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
Issue Date: Aug 6, 2010
-------------------
SHA0 implementation:
Copyright (C) 2009 Gabriel A. Petursson

View File

@ -295,23 +295,6 @@ If you redistribute modified sources, we would appreciate that you include in th
-------------------
Intel AESNI Sample Library:
Copyright (c) 2010, Intel Corporation
All rights reserved.
Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:
* Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.
* Neither the name of Intel Corporation nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
Issue Date: Aug 6, 2010
-------------------
NOTES WRITTEN BY SOFTETHER CORPORATION
Note for users of non-Windows version of PacketiX VPN: The enumerated bundle of License Agreements above are copies of original License Agreements of each library programs which PacketiX VPN uses. PacketiX VPN is not a delivered work from these libraries. PacketiX VPN is a separated work from the libraries, but it may call functions of the libraries (whether or not PacketiX VPN calls such functions are depended on the user's intention to link them or not on user's side computer). While some libraries indicate GPL or LGPL as a condition to re-distribute, PacketiX VPN is not license under GPL nor LGPL. Therefore, we took special care not to make PacketiX VPN become delivered works of any GPL or LGPL libraries. In order to achieve that, both PacketiX VPN and GPL/LGPL libraries are distributed with isolated forms (means that any program files of PacketiX VPN are not bound nor linked to any GPL/LGPL libraries). If a user of PacketiX VPN wants to link GPL/LGPL libraries by their own decisions, operations and responsibilities, he may do that on his computer. However, if a delivered work under copyright law is created as a result of such an operation, such a delivered work must not re-distributed to other people, because it may violate GPL/LGPL libraries' conditions.

View File

@ -665,7 +665,7 @@ CT_b_support_special_listener 支持 VPN over ICMP 和 VPN over DNS
CT_b_support_redirect_url_acl 支持访问列表 HTTP URL 改道
CT_b_is_in_vm 虚拟机上运行
CT_b_support_azure 支持 VPN Azure
CT_b_support_intel_aes 支持 Intel CPU AES 加密加速功能 (AES-NI)
CT_b_support_aes_ni 支持 CPU AES 加密加速功能 (AES-NI)
CT_b_using_selow_driver 支持 SoftEther Lightweight Kernel-mode Ethernet Driver
CT_b_support_vgs 支持 VPN Gate 服务的服务器功能
CT_b_support_vgs_in_client VPN Gate 服务的服务器功能 (VPN 客户端集成)

View File

@ -659,7 +659,7 @@ CT_b_support_special_listener VPN over ICMP and VPN over DNS is Supported
CT_b_support_redirect_url_acl HTTP URL Redirection in Access List is Supported
CT_b_is_in_vm Running on VM (Virtual Machine)
CT_b_support_azure VPN Azure is Supported
CT_b_support_intel_aes Intel CPU AES Acceleration (AES-NI) is Active
CT_b_support_aes_ni CPU AES Acceleration (AES-NI) is Active
CT_b_using_selow_driver SoftEther Lightweight Kernel-mode Ethernet Driver is Active
CT_b_support_vgs VPN Gate Service Server Functions are Supported
CT_b_support_vgs_in_client VPN Gate Service Server Functions (VPN Client integrated)

View File

@ -661,7 +661,7 @@ CT_b_support_special_listener VPN over ICMP および VPN over DNS 接続の受
CT_b_support_redirect_url_acl アクセスリストで HTTP の URL リダイレクト機能をサポート
CT_b_is_in_vm VM (仮想マシン) 内で動作中
CT_b_support_azure VPN Azure 機能が利用可能
CT_b_support_intel_aes Intel CPU AES Acceleration (AES-NI) が動作中
CT_b_support_aes_ni CPU AES Acceleration (AES-NI) が動作中
CT_b_using_selow_driver SoftEther 軽量カーネルモード Ethernet ドライバを使用中
CT_b_support_vgs VPN Gate サービス サーバー機能が利用可能
CT_b_support_vgs_in_client VPN Gate サービス サーバー機能 (VPN Client 統合)

View File

@ -662,7 +662,7 @@ CT_b_support_special_listener VPN over ICMP 및 VPN over DNS 연결 접수
CT_b_support_redirect_url_acl 액세스 목록에서 HTTP의 URL 리디렉션 기능을 지원
CT_b_is_in_vm VM(가상 머신)에서 실행중인
CT_b_support_azure VPN Azure 기능을 사용할 수
CT_b_support_intel_aes Intel CPU AES Acceleration (AES-NI)가 동작 중
CT_b_support_aes_ni CPU AES Acceleration (AES-NI)가 동작 중
CT_b_using_selow_driver SoftEther 경량 커널 모드 Ethernet 드라이버를 사용 중
CT_b_support_vgs VPN Gate 서비스 서버 기능을 사용할 수
CT_b_support_vgs_in_client VPN Gate 서비스 서버 기능 (VPN Client 통합)

View File

@ -667,7 +667,7 @@ CT_b_support_special_listener 支持 VPN over ICMP 和 VPN over DNS
CT_b_support_redirect_url_acl 支持訪問列表 HTTP URL 改道
CT_b_is_in_vm 虛擬機器上運行
CT_b_support_azure 支持 VPN Azure
CT_b_support_intel_aes 支援 Intel CPU AES 加密加速功能 (AES-NI)
CT_b_support_aes_ni 支援 CPU AES 加密加速功能 (AES-NI)
CT_b_using_selow_driver 支持 SoftEther Lightweight Kernel-mode Ethernet Driver
CT_b_support_vgs 支援 VPN Gate 服務的伺服器功能
CT_b_support_vgs_in_client VPN Gate 服務的伺服器功能 (VPN 用戶端集成)