AMajor/SoftEtherVPN
1
0
Fork 0
mirror of https://github.com/SoftEtherVPN/SoftEtherVPN.git synced 2025-07-06 07:44:57 +03:00
Code Releases Activity

Merge PR #485: Encrypt: use OpenSSL's EVP interface, which supports AES-NI without the need of another library

Browse Source
This commit is contained in:
Davide Beatrici
2018-07-21 05:31:09 +02:00
committed by GitHub
parent 23fd1fc94e 4029f3ae8d
commit 412a5aea71
22 changed files with 140 additions and 362 deletions
Download Patch File Download Diff File Expand all files Collapse all files

216
src/Mayaqua/Encrypt.c
View File

@ -145,9 +145,11 @@
#include <openssl/x509v3.h>
#include <Mayaqua/Mayaqua.h>
#ifdef USE_INTEL_AESNI_LIBRARY
#include <intelaes/iaesni.h>
#endif // USE_INTEL_AESNI_LIBRARY
#ifdef _MSC_VER
#include <intrin.h> // For __cpuid()
#else
#include <cpuid.h> // For __get_cpuid()
#endif
LOCK *openssl_lock = NULL;
@ -156,7 +158,6 @@ int ssl_clientcert_index = 0;
LOCK **ssl_lock_obj = NULL;
UINT ssl_lock_num;
static bool openssl_inited = false;
static bool is_intel_aes_supported = false;
static unsigned char *Internal_SHA0(const unsigned char *d, size_t n, unsigned char *md);
@ -3662,7 +3663,6 @@ void InitCryptLibrary()
{
char tmp[16];
CheckIfIntelAesNiSupportedInit();
// RAND_Init_For_SoftEther()
openssl_lock = NewLock();
SSL_library_init();
@ -4106,81 +4106,85 @@ void AesFreeKey(AES_KEY_VALUE *k)
// AES encryption
void AesEncrypt(void *dest, void *src, UINT size, AES_KEY_VALUE *k, void *ivec)
{
UCHAR ivec_copy[AES_IV_SIZE];
EVP_CIPHER_CTX *ctx = NULL;
int dest_len = 0;
int len = 0;
int ret = 0;
// Validate arguments
if (dest == NULL || src == NULL || size == 0 || k == NULL || ivec == NULL)
{
return;
}
#ifdef USE_INTEL_AESNI_LIBRARY
if (is_intel_aes_supported)
// Create and initialize the context
ctx = EVP_CIPHER_CTX_new();
if (!ctx)
{
AesEncryptWithIntel(dest, src, size, k, ivec);
ERR_print_errors_fp(stderr);
return;
}
#endif // USE_INTEL_AESNI_LIBRARY
Copy(ivec_copy, ivec, AES_IV_SIZE);
// Disable padding, as it's handled by IkeEncryptWithPadding()
EVP_CIPHER_CTX_set_padding(ctx, false);
AES_cbc_encrypt(src, dest, size, k->EncryptKey, ivec, 1);
// Initialize the encryption operation
switch (k->KeySize)
{
case 16:
ret = EVP_EncryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, k->KeyValue, ivec);
break;
case 24:
ret = EVP_EncryptInit_ex(ctx, EVP_aes_192_cbc(), NULL, k->KeyValue, ivec);
break;
case 32:
ret = EVP_EncryptInit_ex(ctx, EVP_aes_256_cbc(), NULL, k->KeyValue, ivec);
break;
}
if (ret != 1)
{
ERR_print_errors_fp(stderr);
EVP_CIPHER_CTX_free(ctx);
return;
}
// Provide the message to be encrypted and obtain the cipher output
ret = EVP_EncryptUpdate(ctx, dest, &dest_len, src, size);
if (ret != 1)
{
ERR_print_errors_fp(stderr);
EVP_CIPHER_CTX_free(ctx);
return;
}
// Finalize the encryption
ret = EVP_EncryptFinal_ex(ctx, (unsigned char *) dest + dest_len, &len);
if (ret != 1)
{
ERR_print_errors_fp(stderr);
EVP_CIPHER_CTX_free(ctx);
return;
}
dest_len += len;
// Clean up
EVP_CIPHER_CTX_free(ctx);
}
// AES decryption
void AesDecrypt(void *dest, void *src, UINT size, AES_KEY_VALUE *k, void *ivec)
{
UCHAR ivec_copy[AES_IV_SIZE];
// Validate arguments
if (dest == NULL || src == NULL || size == 0 || k == NULL || ivec == NULL)
{
return;
}
#ifdef USE_INTEL_AESNI_LIBRARY
if (is_intel_aes_supported)
{
AesDecryptWithIntel(dest, src, size, k, ivec);
return;
}
#endif // USE_INTEL_AESNI_LIBRARY
Copy(ivec_copy, ivec, AES_IV_SIZE);
AES_cbc_encrypt(src, dest, size, k->DecryptKey, ivec, 0);
}
// Determine whether the Intel AES-NI is supported
bool IsIntelAesNiSupported()
{
return is_intel_aes_supported;
}
void CheckIfIntelAesNiSupportedInit()
{
#ifdef USE_INTEL_AESNI_LIBRARY
if (check_for_aes_instructions())
{
is_intel_aes_supported = true;
}
else
{
is_intel_aes_supported = false;
}
#else // USE_INTEL_AESNI_LIBRARY
is_intel_aes_supported = false;
#endif // USE_INTEL_AESNI_LIBRARY
}
// Disable the Intel AES-NI
void DisableIntelAesAccel()
{
is_intel_aes_supported = false;
}
#ifdef USE_INTEL_AESNI_LIBRARY
// Encrypt AES using the Intel AES-NI
void AesEncryptWithIntel(void *dest, void *src, UINT size, AES_KEY_VALUE *k, void *ivec)
{
UCHAR ivec_copy[AES_IV_SIZE];
EVP_CIPHER_CTX *ctx = NULL;
int dest_len = 0;
int len = 0;
int ret = 0;
// Validate arguments
if (dest == NULL || src == NULL || size == 0 || k == NULL || ivec == NULL)
@ -4188,53 +4192,85 @@ void AesEncryptWithIntel(void *dest, void *src, UINT size, AES_KEY_VALUE *k, voi
return;
}
Copy(ivec_copy, ivec, AES_IV_SIZE);
// Create and initialize the context
ctx = EVP_CIPHER_CTX_new();
if (!ctx)
{
ERR_print_errors_fp(stderr);
return;
}
// Disable padding, as it's handled by IkeEncryptWithPadding()
EVP_CIPHER_CTX_set_padding(ctx, false);
// Initialize the decryption operation
switch (k->KeySize)
{
case 16:
intel_AES_enc128_CBC(src, dest, k->KeyValue, (size / AES_IV_SIZE), ivec_copy);
ret = EVP_DecryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, k->KeyValue, ivec);
break;
case 24:
intel_AES_enc192_CBC(src, dest, k->KeyValue, (size / AES_IV_SIZE), ivec_copy);
ret = EVP_DecryptInit_ex(ctx, EVP_aes_192_cbc(), NULL, k->KeyValue, ivec);
break;
case 32:
intel_AES_enc256_CBC(src, dest, k->KeyValue, (size / AES_IV_SIZE), ivec_copy);
ret = EVP_DecryptInit_ex(ctx, EVP_aes_256_cbc(), NULL, k->KeyValue, ivec);
break;
}
}
// Decrypt AES using the Intel AES-NI
void AesDecryptWithIntel(void *dest, void *src, UINT size, AES_KEY_VALUE *k, void *ivec)
{
UCHAR ivec_copy[AES_IV_SIZE];
// Validate arguments
if (dest == NULL || src == NULL || size == 0 || k == NULL || ivec == NULL)
if (ret != 1)
{
ERR_print_errors_fp(stderr);
EVP_CIPHER_CTX_free(ctx);
return;
}
Copy(ivec_copy, ivec, AES_IV_SIZE);
// Provide the message to be decrypted and obtain the plaintext output
ret = EVP_DecryptUpdate(ctx, dest, &dest_len, src, size);
switch (k->KeySize)
if (ret != 1)
{
case 16:
intel_AES_dec128_CBC(src, dest, k->KeyValue, (size / AES_IV_SIZE), ivec_copy);
break;
case 24:
intel_AES_dec192_CBC(src, dest, k->KeyValue, (size / AES_IV_SIZE), ivec_copy);
break;
case 32:
intel_AES_dec256_CBC(src, dest, k->KeyValue, (size / AES_IV_SIZE), ivec_copy);
break;
ERR_print_errors_fp(stderr);
EVP_CIPHER_CTX_free(ctx);
return;
}
// Finalize the decryption
ret = EVP_DecryptFinal_ex(ctx, (unsigned char *) dest + dest_len, &len);
if (ret != 1)
{
ERR_print_errors_fp(stderr);
EVP_CIPHER_CTX_free(ctx);
return;
}
dest_len += len;
// Clean up
EVP_CIPHER_CTX_free(ctx);
}
// Determine whether the AES-NI instruction set is supported by the CPU
bool IsAesNiSupported()
{
bool supported = false;
// Unfortunately OpenSSL doesn't provide a function to do it
#ifdef _MSC_VER
int regs[4]; // EAX, EBX, ECX, EDX
__cpuid(regs, 1);
supported = (regs[2] >> 25) & 1;
#else
uint32_t eax, ebx, ecx, edx;
__get_cpuid(1, &eax, &ebx, &ecx, &edx);
supported = (ecx & bit_AES) > 0;
#endif
return supported;
}
#endif // USE_INTEL_AESNI_LIBRARY
// Calculation of HMAC-SHA-1
void MacSha1(void *dst, void *key, UINT key_size, void *data, UINT data_size)

10
src/Mayaqua/Encrypt.h
View File

@ -522,13 +522,7 @@ void AesFreeKey(AES_KEY_VALUE *k);
void AesEncrypt(void *dest, void *src, UINT size, AES_KEY_VALUE *k, void *ivec);
void AesDecrypt(void *dest, void *src, UINT size, AES_KEY_VALUE *k, void *ivec);
bool IsIntelAesNiSupported();
void CheckIfIntelAesNiSupportedInit();
#ifdef USE_INTEL_AESNI_LIBRARY
void AesEncryptWithIntel(void *dest, void *src, UINT size, AES_KEY_VALUE *k, void *ivec);
void AesDecryptWithIntel(void *dest, void *src, UINT size, AES_KEY_VALUE *k, void *ivec);
#endif // USE_INTEL_AESNI_LIBRARY
bool IsAesNiSupported();
void OpenSSL_InitLock();
void OpenSSL_FreeLock();
@ -551,8 +545,6 @@ void Enc_tls1_PRF(unsigned char *label, int label_len, const unsigned char *sec,
void HMacSha1(void *dst, void *key, UINT key_size, void *data, UINT data_size);
void HMacMd5(void *dst, void *key, UINT key_size, void *data, UINT data_size);
void DisableIntelAesAccel();
int GetSslClientCertIndex();
#ifdef ENCRYPT_C

6
src/Mayaqua/Mayaqua.h
View File

@ -215,12 +215,6 @@ int PASCAL WinMain(HINSTANCE hInst, HINSTANCE hPrev, char *CmdLine, int CmdShow)
#define PROBE_DATA(data, size)
#endif // USE_PROBE
// About Intel AES-NI Library
#if (defined(OS_WIN32) || (defined(UNIX_LINUX) && (defined(CPU_X86) || defined(CPU_X64))))
// Supports only for Linux (x86 / x64) or Windows
#define USE_INTEL_AESNI_LIBRARY
#endif
// Determine the performance / memory strategy
#if (defined(CPU_X86) || defined(CPU_X64) || defined(CPU_X86_X64) || defined(CPU_SPARC) || defined(CPU_SPARC64) || defined(OS_WIN32) || defined(__amd64__) || defined(__amd64) || defined(__x86_64__) || defined(__x86_64) || defined(i386) || defined(__i386) || defined(__i386__) || defined(__ia64__) || defined(__IA64__) || defined(_IA64))
#define USE_STRATEGY_PERFORMACE

16
src/Mayaqua/Mayaqua.vcproj
View File

@ -69,7 +69,7 @@
/>
<Tool
Name="VCLibrarianTool"
AdditionalDependencies="libeay32.lib ssleay32.lib zlib.lib libintelaes.lib"
AdditionalDependencies="libeay32.lib ssleay32.lib zlib.lib"
AdditionalLibraryDirectories="$(SolutionDir)BuildFiles\Library\$(PlatformName)_$(ConfigurationName)"
/>
<Tool
@ -139,7 +139,7 @@
/>
<Tool
Name="VCLibrarianTool"
AdditionalDependencies="libeay32.lib ssleay32.lib zlib.lib libintelaes.lib"
AdditionalDependencies="libeay32.lib ssleay32.lib zlib.lib"
AdditionalLibraryDirectories="$(SolutionDir)BuildFiles\Library\$(PlatformName)_$(ConfigurationName)"
/>
<Tool
@ -212,7 +212,7 @@
/>
<Tool
Name="VCLibrarianTool"
AdditionalDependencies="libeay32.lib ssleay32.lib zlib.lib libintelaes.lib"
AdditionalDependencies="libeay32.lib ssleay32.lib zlib.lib"
AdditionalLibraryDirectories="$(SolutionDir)BuildFiles\Library\$(PlatformName)_$(ConfigurationName)"
/>
<Tool
@ -286,7 +286,7 @@
/>
<Tool
Name="VCLibrarianTool"
AdditionalDependencies="libeay32.lib ssleay32.lib zlib.lib libintelaes.lib"
AdditionalDependencies="libeay32.lib ssleay32.lib zlib.lib"
AdditionalLibraryDirectories="$(SolutionDir)BuildFiles\Library\$(PlatformName)_$(ConfigurationName)"
/>
<Tool
@ -827,14 +827,6 @@
>
</File>
</Filter>
<Filter
Name="intelaes"
>
<File
RelativePath=".\intelaes\iaesni.h"
>
</File>
</Filter>
</Files>
<Globals>
</Globals>

147
src/Mayaqua/intelaes/iaesni.h
View File

@ -1,147 +0,0 @@
/*
* Copyright (c) 2010, Intel Corporation
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are met:
*
* * Redistributions of source code must retain the above copyright notice,
* this list of conditions and the following disclaimer.
* * Redistributions in binary form must reproduce the above copyright notice,
* this list of conditions and the following disclaimer in the documentation
* and/or other materials provided with the distribution.
* * Neither the name of Intel Corporation nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
* IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
* BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
* OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
* ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifndef _IAESNI_H__
#define _IAESNI_H__
#include <stdlib.h>
#define AES_INSTRCTIONS_CPUID_BIT (1<<25)
//indicates input param
#define _AES_IN
//indicates output param
#define _AES_OUT
//indicates input/output param - based on context
#define _AES_INOUT
//typedef unsigned char UCHAR;
/*#ifndef bool
#define bool BOOL
#endif*/
//test if the processor actually supports the above functions
//executing one the functions below without processor support will cause UD fault
//bool check_for_aes_instructions(void);
#if (__cplusplus)
extern "C" {
#endif
int check_for_aes_instructions(void);
#define ROUND_KEYS_UNALIGNED_TESTING
#ifdef __linux__
#ifdef ROUND_KEYS_UNALIGNED_TESTING
#define DEFINE_ROUND_KEYS \
UCHAR __attribute__ ((aligned (16))) _expandedKey[16*16]; \
UCHAR *expandedKey = _expandedKey + 4; \
#else
#define DEFINE_ROUND_KEYS \
UCHAR __attribute__ ((aligned (16))) _expandedKey[16*16]; \
UCHAR *expandedKey = _expandedKey; \
#endif
#else // if not __linux__
#ifdef ROUND_KEYS_UNALIGNED_TESTING
#define DEFINE_ROUND_KEYS \
__declspec(align(16)) UCHAR _expandedKey[16*16]; \
UCHAR *expandedKey = _expandedKey + 4; \
#else
#define DEFINE_ROUND_KEYS \
__declspec(align(16)) UCHAR _expandedKey[16*16]; \
UCHAR *expandedKey = _expandedKey; \
#endif
#endif
// encryption functions
// plainText is pointer to input stream
// cipherText is pointer to buffer to be filled with encrypted (cipher text) data
// key is pointer to enc key (sizes are 16 bytes for AES-128, 24 bytes for AES-192, 32 for AES-256)
// numBlocks is number of 16 bytes blocks to process - note that encryption is done of full 16 byte blocks
void intel_AES_enc128(_AES_IN UCHAR *plainText, _AES_OUT UCHAR *cipherText, _AES_IN UCHAR *key, _AES_IN size_t numBlocks);
void intel_AES_enc192(_AES_IN UCHAR *plainText, _AES_OUT UCHAR *cipherText, _AES_IN UCHAR *key, _AES_IN size_t numBlocks);
void intel_AES_enc256(_AES_IN UCHAR *plainText, _AES_OUT UCHAR *cipherText, _AES_IN UCHAR *key, _AES_IN size_t numBlocks);
void intel_AES_enc128_CBC(_AES_IN UCHAR *plainText, _AES_OUT UCHAR *cipherText, _AES_IN UCHAR *key, _AES_IN size_t numBlocks, _AES_IN UCHAR *iv);
void intel_AES_enc192_CBC(_AES_IN UCHAR *plainText, _AES_OUT UCHAR *cipherText, _AES_IN UCHAR *key, _AES_IN size_t numBlocks, _AES_IN UCHAR *iv);
void intel_AES_enc256_CBC(_AES_IN UCHAR *plainText, _AES_OUT UCHAR *cipherText, _AES_IN UCHAR *key, _AES_IN size_t numBlocks, _AES_IN UCHAR *iv);
// encryption functions
// cipherText is pointer to encrypted stream
// plainText is pointer to buffer to be filled with original (plain text) data
// key is pointer to enc key (sizes are 16 bytes for AES-128, 24 bytes for AES-192, 32 for AES-256)
// numBlocks is number of 16 bytes blocks to process - note that decryption is done of full 16 byte blocks
void intel_AES_dec128(_AES_IN UCHAR *cipherText, _AES_OUT UCHAR *plainText, _AES_IN UCHAR *key, _AES_IN size_t numBlocks);
void intel_AES_dec192(_AES_IN UCHAR *cipherText, _AES_OUT UCHAR *plainText, _AES_IN UCHAR *key, _AES_IN size_t numBlocks);
void intel_AES_dec256(_AES_IN UCHAR *cipherText, _AES_OUT UCHAR *plainText, _AES_IN UCHAR *key, _AES_IN size_t numBlocks);
void intel_AES_dec128_CBC(_AES_IN UCHAR *cipherText, _AES_OUT UCHAR *plainText, _AES_IN UCHAR *key, _AES_IN size_t numBlocks, _AES_IN UCHAR *iv);
void intel_AES_dec192_CBC(_AES_IN UCHAR *cipherText, _AES_OUT UCHAR *plainText, _AES_IN UCHAR *key, _AES_IN size_t numBlocks, _AES_IN UCHAR *iv);
void intel_AES_dec256_CBC(_AES_IN UCHAR *cipherText, _AES_OUT UCHAR *plainText, _AES_IN UCHAR *key, _AES_IN size_t numBlocks, _AES_IN UCHAR *iv);
void intel_AES_encdec128_CTR(_AES_IN UCHAR *input, _AES_OUT UCHAR *output, _AES_IN UCHAR *key, _AES_IN size_t numBlocks, _AES_IN UCHAR *initial_counter);
void intel_AES_encdec192_CTR(_AES_IN UCHAR *input, _AES_OUT UCHAR *output, _AES_IN UCHAR *key, _AES_IN size_t numBlocks, _AES_IN UCHAR *initial_counter);
void intel_AES_encdec256_CTR(_AES_IN UCHAR *input, _AES_OUT UCHAR *output, _AES_IN UCHAR *key, _AES_IN size_t numBlocks, _AES_IN UCHAR *initial_counter);
#if (__cplusplus)
}
#endif
#endif