mirror of
https://github.com/ntop/n2n.git
synced 2024-09-19 16:41:11 +02:00
dropped OpenSSL 1.0 support
This commit is contained in:
parent
1815790280
commit
90bf8da3f5
|
@ -38,13 +38,6 @@ AC_ARG_WITH([openssl],
|
|||
[],
|
||||
[with_openssl=no])
|
||||
if test "x$with_openssl" != xno; then
|
||||
AC_CHECK_LIB([crypto], [AES_cbc_encrypt])
|
||||
if test "x$ac_cv_lib_crypto_AES_cbc_encrypt" != xyes; then
|
||||
AC_MSG_RESULT(OpenSSL not present)
|
||||
else
|
||||
AC_DEFINE([HAVE_OPENSSL_1_0], [], [OpenSSL 1.0 is present])
|
||||
N2N_LIBS="-lcrypto ${N2N_LIBS}"
|
||||
fi
|
||||
OLD_CFLAGS="${CFLAGS}"
|
||||
OLD_LDFLAGS="${LDFLAGS}"
|
||||
CFLAGS="${CFLAGS} -I/usr/local/opt/openssl@1.1/include"
|
||||
|
@ -55,6 +48,7 @@ if test "x$with_openssl" != xno; then
|
|||
LDFLAGS="${OLD_LDFLAGS}"
|
||||
else
|
||||
AC_DEFINE([HAVE_OPENSSL_1_1], [], [OpenSSL 1.1 is present])
|
||||
N2N_LIBS="-lcrypto ${N2N_LIBS}"
|
||||
fi
|
||||
fi
|
||||
|
||||
|
|
|
@ -17,7 +17,7 @@
|
|||
*/
|
||||
|
||||
|
||||
#include "n2n.h" // HAVE_OPENSSL_1_1, HAVE_OPENSSL_1_0, traceEvent ...
|
||||
#include "n2n.h" // HAVE_OPENSSL_1_1, traceEvent ...
|
||||
|
||||
|
||||
#ifndef AES_H
|
||||
|
@ -51,15 +51,6 @@ typedef struct aes_context_t {
|
|||
AES_KEY ecb_dec_key; /* one step ecb decryption key */
|
||||
} aes_context_t;
|
||||
|
||||
#elif defined (HAVE_OPENSSL_1_0) // openSSL 1.0 -------------------------------------------
|
||||
|
||||
#include <openssl/aes.h>
|
||||
|
||||
typedef struct aes_context_t {
|
||||
AES_KEY enc_key; /* tx key */
|
||||
AES_KEY dec_key; /* tx key */
|
||||
} aes_context_t;
|
||||
|
||||
#elif defined (__AES__) && defined (__SSE2__) // Intel's AES-NI ---------------------------
|
||||
|
||||
#include <immintrin.h>
|
||||
|
|
|
@ -124,7 +124,7 @@ typedef struct ether_hdr ether_hdr_t;
|
|||
#include <assert.h>
|
||||
#include <sys/stat.h>
|
||||
#include <stdint.h>
|
||||
#if defined (HAVE_OPENSSL_1_0) || defined (HAVE_OPENSSL_1_1)
|
||||
#if defined (HAVE_OPENSSL_1_1)
|
||||
#include <openssl/opensslv.h>
|
||||
#include <openssl/crypto.h>
|
||||
#endif
|
||||
|
|
76
src/aes.c
76
src/aes.c
|
@ -161,80 +161,6 @@ int aes_init (const unsigned char *key, size_t key_size, aes_context_t **ctx) {
|
|||
}
|
||||
|
||||
|
||||
#elif defined (HAVE_OPENSSL_1_0) // openSSL 1.0 -------------------------------------------
|
||||
|
||||
|
||||
int aes_cbc_encrypt (unsigned char *out, const unsigned char *in, size_t in_len,
|
||||
const unsigned char *iv, aes_context_t *ctx) {
|
||||
|
||||
uint8_t tmp_iv[AES_IV_SIZE];
|
||||
memcpy (tmp_iv, iv, AES_IV_SIZE);
|
||||
AES_cbc_encrypt(in, // source
|
||||
out, // destination
|
||||
in_len, // enc size
|
||||
&(ctx->enc_key),
|
||||
tmp_iv,
|
||||
AES_ENCRYPT);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
int aes_cbc_decrypt (unsigned char *out, const unsigned char *in, size_t in_len,
|
||||
const unsigned char *iv, aes_context_t *ctx) {
|
||||
|
||||
uint8_t tmp_iv[AES_IV_SIZE];
|
||||
memcpy (tmp_iv, iv, AES_IV_SIZE);
|
||||
AES_cbc_encrypt(in, // source
|
||||
out, // destination
|
||||
in_len, // enc size
|
||||
&(ctx->dec_key),
|
||||
tmp_iv,
|
||||
AES_DECRYPT);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
int aes_ecb_decrypt (unsigned char *out, const unsigned char *in, aes_context_t *ctx) {
|
||||
|
||||
AES_ecb_encrypt(in, out, &(ctx->dec_key), AES_DECRYPT);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
int aes_init (const unsigned char *key, size_t key_size, aes_context_t **ctx) {
|
||||
|
||||
// allocate context...
|
||||
*ctx = (aes_context_t*) calloc(1, sizeof(aes_context_t));
|
||||
if (!(*ctx))
|
||||
return -1;
|
||||
// ...and fill her up
|
||||
|
||||
// initialize data structures
|
||||
|
||||
// check key size and make key size (given in bytes) dependant settings
|
||||
switch(key_size) {
|
||||
case AES128_KEY_BYTES: // 128 bit key size
|
||||
break;
|
||||
case AES192_KEY_BYTES: // 192 bit key size
|
||||
break;
|
||||
case AES256_KEY_BYTES: // 256 bit key size
|
||||
break;
|
||||
default:
|
||||
traceEvent(TRACE_ERROR, "aes_init invalid key size %u\n", key_size);
|
||||
return -1;
|
||||
}
|
||||
|
||||
// key materiel handling
|
||||
AES_set_encrypt_key(key, key_size * 8, &((*ctx)->enc_key));
|
||||
AES_set_decrypt_key(key, key_size * 8, &((*ctx)->dec_key));
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
#elif defined (__AES__) && defined (__SSE2__) // Intel's AES-NI ---------------------------
|
||||
|
||||
|
||||
|
@ -1210,7 +1136,7 @@ int aes_init (const unsigned char *key, size_t key_size, aes_context_t **ctx) {
|
|||
}
|
||||
|
||||
|
||||
#endif // openSSL 1.1, openSSL 1.0, plain C -----------------------------------------------
|
||||
#endif // openSSL 1.1, AES-NI, plain C ----------------------------------------------------
|
||||
|
||||
int aes_deinit (aes_context_t *ctx) {
|
||||
|
||||
|
|
Loading…
Reference in New Issue
Block a user