trival

encrypt.cpp

@@ -208,6 +208,13 @@ int de_padding(const char *data ,int &data_len,int padding_num)
 }
 int cipher_aes128cbc_encrypt(const char *data,char *output,int &len,char * key)
 {
+	static int first_time=1;
+	if(aes_key_optimize)
+	{
+		if(first_time==0) key=0;
+		else first_time=0;
+	}
+
 	char buf[buf_len];
 	memcpy(buf,data,len);//TODO inefficient code
 
@@ -253,7 +260,12 @@ int cipher_none_encrypt(const char *data,char *output,int &len,char * key)
 }
 int cipher_aes128cbc_decrypt(const char *data,char *output,int &len,char * key)
 {
-
+	static int first_time=1;
+	if(aes_key_optimize)
+	{
+		if(first_time==0) key=0;
+		else first_time=0;
+	}
 	if(len%16 !=0) {mylog(log_debug,"len%%16!=0\n");return -1;}
 	//if(len<0) {mylog(log_debug,"len <0\n");return -1;}
 	AES_CBC_decrypt_buffer((unsigned char *)output,(unsigned char *)data,len,(unsigned char *)key,(unsigned char *)zero_iv);

encrypt.h

@@ -10,6 +10,10 @@
 
 //using namespace std;
 
+
+const int aes_key_optimize=1; //if enabled,once you used a key for aes,you cant change it anymore
+
+
 int my_encrypt(const char *data,char *output,int &len,char * key);
 int my_decrypt(const char *data,char *output,int &len,char * key);
 
@@ -32,4 +36,10 @@ extern cipher_mode_t cipher_mode;
 extern unordered_map<int, const char *> auth_mode_tostring;
 extern unordered_map<int, const char *> cipher_mode_tostring;
 
+
+
+
+int cipher_decrypt(const char *data,char *output,int &len,char * key);//internal interface ,exposed for test only
+int cipher_encrypt(const char *data,char *output,int &len,char * key);//internal interface ,exposed for test only
+
 #endif

lib/aes_acc/aesacc.c

@@ -340,30 +340,34 @@ int AES_support_hwaccel(void)
 void AES_CBC_encrypt_buffer(uint8_t* output, uint8_t* input, uint32_t length, const uint8_t* key, const uint8_t* iv)
 {
   uint8_t iv_tmp[16];
-  uint8_t rk[AES_RKSIZE];
+  static uint8_t rk[AES_RKSIZE];
 
-  if (key == NULL || iv == NULL)
+  if (iv == NULL)
   {
     return;
   }
   aeshw_init();
   memcpy(iv_tmp, iv, 16);
-  setkey_enc(rk, key);
+  if(key!= NULL)
+	  setkey_enc(rk, key);
   encrypt_cbc(rk, length, iv_tmp, input, output);
 }
 
 void AES_CBC_decrypt_buffer(uint8_t* output, uint8_t* input, uint32_t length, const uint8_t* key, const uint8_t* iv)
 {
   uint8_t iv_tmp[16];
-  uint8_t rk[AES_RKSIZE];
+  static uint8_t rk[AES_RKSIZE];
 
-  if (key == NULL || iv == NULL)
+  if (iv == NULL)
   {
     return;
   }
   aeshw_init();
   memcpy(iv_tmp, iv, 16);
-  setkey_dec(rk, key);
+  if(key!= NULL)
+  {
+	  setkey_dec(rk, key);
+  }
   decrypt_cbc(rk, length, iv_tmp, input, output);
 }
 

lib/aes_faster_c/aes.h

@@ -0,0 +1,267 @@
+/**
+ * \file aes.h
+ *
+ * \brief AES block cipher
+ *
+ *  Copyright (C) 2006-2014, Brainspark B.V.
+ *
+ *  This file is part of PolarSSL (http://www.polarssl.org)
+ *  Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
+ *
+ *  All rights reserved.
+ *
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation; either version 2 of the License, or
+ *  (at your option) any later version.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License along
+ *  with this program; if not, write to the Free Software Foundation, Inc.,
+ *  51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ */
+#ifndef POLARSSL_AES_H
+#define POLARSSL_AES_H
+/*
+#if !defined(POLARSSL_CONFIG_FILE)
+#include "config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
+*/
+
+////////modification begin
+#define POLARSSL_AES_ROM_TABLES
+#define POLARSSL_CIPHER_MODE_CBC
+//#define POLARSSL_SELF_TEST
+#define polarssl_printf printf
+///////add end
+
+
+
+#include <string.h>
+
+#if defined(_MSC_VER) && !defined(EFIX64) && !defined(EFI32)
+#include <basetsd.h>
+typedef UINT32 uint32_t;
+#else
+#include <inttypes.h>
+#endif
+
+/* padlock.c and aesni.c rely on these values! */
+#define AES_ENCRYPT     1
+#define AES_DECRYPT     0
+
+#define POLARSSL_ERR_AES_INVALID_KEY_LENGTH                -0x0020  /**< Invalid key length. */
+#define POLARSSL_ERR_AES_INVALID_INPUT_LENGTH              -0x0022  /**< Invalid data input length. */
+
+#if !defined(POLARSSL_AES_ALT)
+// Regular implementation
+//
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief          AES context structure
+ *
+ * \note           buf is able to hold 32 extra bytes, which can be used:
+ *                 - for alignment purposes if VIA padlock is used, and/or
+ *                 - to simplify key expansion in the 256-bit case by
+ *                 generating an extra round key
+ */
+typedef struct
+{
+    int nr;                     /*!<  number of rounds  */
+    uint32_t *rk;               /*!<  AES round keys    */
+    uint32_t buf[68];           /*!<  unaligned data    */
+}
+aes_context;
+
+/**
+ * \brief          Initialize AES context
+ *
+ * \param ctx      AES context to be initialized
+ */
+void aes_init( aes_context *ctx );
+
+/**
+ * \brief          Clear AES context
+ *
+ * \param ctx      AES context to be cleared
+ */
+void aes_free( aes_context *ctx );
+
+/**
+ * \brief          AES key schedule (encryption)
+ *
+ * \param ctx      AES context to be initialized
+ * \param key      encryption key
+ * \param keysize  must be 128, 192 or 256
+ *
+ * \return         0 if successful, or POLARSSL_ERR_AES_INVALID_KEY_LENGTH
+ */
+int aes_setkey_enc( aes_context *ctx, const unsigned char *key,
+                    unsigned int keysize );
+
+/**
+ * \brief          AES key schedule (decryption)
+ *
+ * \param ctx      AES context to be initialized
+ * \param key      decryption key
+ * \param keysize  must be 128, 192 or 256
+ *
+ * \return         0 if successful, or POLARSSL_ERR_AES_INVALID_KEY_LENGTH
+ */
+int aes_setkey_dec( aes_context *ctx, const unsigned char *key,
+                    unsigned int keysize );
+
+/**
+ * \brief          AES-ECB block encryption/decryption
+ *
+ * \param ctx      AES context
+ * \param mode     AES_ENCRYPT or AES_DECRYPT
+ * \param input    16-byte input block
+ * \param output   16-byte output block
+ *
+ * \return         0 if successful
+ */
+int aes_crypt_ecb( aes_context *ctx,
+                    int mode,
+                    const unsigned char input[16],
+                    unsigned char output[16] );
+
+#if defined(POLARSSL_CIPHER_MODE_CBC)
+/**
+ * \brief          AES-CBC buffer encryption/decryption
+ *                 Length should be a multiple of the block
+ *                 size (16 bytes)
+ *
+ * \param ctx      AES context
+ * \param mode     AES_ENCRYPT or AES_DECRYPT
+ * \param length   length of the input data
+ * \param iv       initialization vector (updated after use)
+ * \param input    buffer holding the input data
+ * \param output   buffer holding the output data
+ *
+ * \return         0 if successful, or POLARSSL_ERR_AES_INVALID_INPUT_LENGTH
+ */
+int aes_crypt_cbc( aes_context *ctx,
+                    int mode,
+                    size_t length,
+                    unsigned char iv[16],
+                    const unsigned char *input,
+                    unsigned char *output );
+#endif /* POLARSSL_CIPHER_MODE_CBC */
+
+#if defined(POLARSSL_CIPHER_MODE_CFB)
+/**
+ * \brief          AES-CFB128 buffer encryption/decryption.
+ *
+ * Note: Due to the nature of CFB you should use the same key schedule for
+ * both encryption and decryption. So a context initialized with
+ * aes_setkey_enc() for both AES_ENCRYPT and AES_DECRYPT.
+ *
+ * \param ctx      AES context
+ * \param mode     AES_ENCRYPT or AES_DECRYPT
+ * \param length   length of the input data
+ * \param iv_off   offset in IV (updated after use)
+ * \param iv       initialization vector (updated after use)
+ * \param input    buffer holding the input data
+ * \param output   buffer holding the output data
+ *
+ * \return         0 if successful
+ */
+int aes_crypt_cfb128( aes_context *ctx,
+                       int mode,
+                       size_t length,
+                       size_t *iv_off,
+                       unsigned char iv[16],
+                       const unsigned char *input,
+                       unsigned char *output );
+
+/**
+ * \brief          AES-CFB8 buffer encryption/decryption.
+ *
+ * Note: Due to the nature of CFB you should use the same key schedule for
+ * both encryption and decryption. So a context initialized with
+ * aes_setkey_enc() for both AES_ENCRYPT and AES_DECRYPT.
+ *
+ * \param ctx      AES context
+ * \param mode     AES_ENCRYPT or AES_DECRYPT
+ * \param length   length of the input data
+ * \param iv       initialization vector (updated after use)
+ * \param input    buffer holding the input data
+ * \param output   buffer holding the output data
+ *
+ * \return         0 if successful
+ */
+int aes_crypt_cfb8( aes_context *ctx,
+                    int mode,
+                    size_t length,
+                    unsigned char iv[16],
+                    const unsigned char *input,
+                    unsigned char *output );
+#endif /*POLARSSL_CIPHER_MODE_CFB */
+
+#if defined(POLARSSL_CIPHER_MODE_CTR)
+/**
+ * \brief               AES-CTR buffer encryption/decryption
+ *
+ * Warning: You have to keep the maximum use of your counter in mind!
+ *
+ * Note: Due to the nature of CTR you should use the same key schedule for
+ * both encryption and decryption. So a context initialized with
+ * aes_setkey_enc() for both AES_ENCRYPT and AES_DECRYPT.
+ *
+ * \param ctx           AES context
+ * \param length        The length of the data
+ * \param nc_off        The offset in the current stream_block (for resuming
+ *                      within current cipher stream). The offset pointer to
+ *                      should be 0 at the start of a stream.
+ * \param nonce_counter The 128-bit nonce and counter.
+ * \param stream_block  The saved stream-block for resuming. Is overwritten
+ *                      by the function.
+ * \param input         The input data stream
+ * \param output        The output data stream
+ *
+ * \return         0 if successful
+ */
+int aes_crypt_ctr( aes_context *ctx,
+                       size_t length,
+                       size_t *nc_off,
+                       unsigned char nonce_counter[16],
+                       unsigned char stream_block[16],
+                       const unsigned char *input,
+                       unsigned char *output );
+#endif /* POLARSSL_CIPHER_MODE_CTR */
+
+#ifdef __cplusplus
+}
+#endif
+
+#else  /* POLARSSL_AES_ALT */
+#include "aes_alt.h"
+#endif /* POLARSSL_AES_ALT */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief          Checkup routine
+ *
+ * \return         0 if successful, or 1 if the test failed
+ */
+int aes_self_test( int verbose );
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* aes.h */

lib/aes_faster_c/wrapper.c

@@ -0,0 +1,56 @@
+#include "aes.h"
+#include <stdio.h>
+#include <stdlib.h>
+
+#if defined(AES256) && (AES256 == 1)
+#define AES_KEYSIZE 256
+#elif defined(AES192) && (AES192 == 1)
+#define AES_KEYSIZE 192
+#else
+#define AES_KEYSIZE 128
+#endif
+
+
+void AES_ECB_encrypt(const uint8_t* input, const uint8_t* key, uint8_t *output, const uint32_t length)
+{
+	printf("AES_ECB_encrypt not implemented\n");
+	exit(-1);
+}
+void AES_ECB_decrypt(const uint8_t* input, const uint8_t* key, uint8_t *output, const uint32_t length)
+{
+	printf("AES_ECB_encrypt not implemented\n");
+	exit(-1);
+}
+
+void AES_CBC_encrypt_buffer(uint8_t* output, uint8_t* input, uint32_t length, const uint8_t* key, const uint8_t* iv)
+{
+	static aes_context ctx;
+	static int done=0;
+	if(done==0)
+	{
+		aes_init( &ctx);
+		done=1;
+	}
+
+	char tmp_iv[16];
+	if(key!=0) aes_setkey_enc(&ctx,key,AES_KEYSIZE);
+	memcpy(tmp_iv,iv,16);
+	aes_crypt_cbc( &ctx, AES_ENCRYPT, length, (unsigned char* )tmp_iv, (const unsigned char*)input,(unsigned char*) output );
+	return ;
+}
+void AES_CBC_decrypt_buffer(uint8_t* output, uint8_t* input, uint32_t length, const uint8_t* key, const uint8_t* iv)
+{
+	static aes_context ctx;
+	static int done=0;
+	if(done==0)
+	{
+		aes_init( &ctx);
+		done=1;
+	}
+
+	char tmp_iv[16];
+	if(key!=0) aes_setkey_dec(&ctx,key,AES_KEYSIZE);
+	memcpy(tmp_iv,iv,16);
+	aes_crypt_cbc( &ctx,AES_DECRYPT, length, (unsigned char*)tmp_iv, (const unsigned char*)input, (unsigned char*) output );
+	return;
+}

lib/md5.c

@@ -302,11 +302,15 @@ void md5_finish( md5_context *ctx, unsigned char output[16] )
  */
 void md5( const unsigned char *input, size_t ilen, unsigned char output[16] )
 {
-    md5_context ctx;
-
-    md5_init( &ctx );
+    static md5_context ctx;
+    static int done=0;
+    if(done==0)
+    {
+        md5_init( &ctx );
+    	done=1;
+    }
     md5_starts( &ctx );
     md5_update( &ctx, input, ilen );
     md5_finish( &ctx, output );
-    md5_free( &ctx );
+    //md5_free( &ctx );
 }

main.cpp

@@ -2677,6 +2677,7 @@ int load_config(char *file_name, int &argc, vector<string> &argv) //load conf fi
 
 	return 0;
 }
+
 int unit_test()
 {
 	printf("running unit test\n");
@@ -2703,6 +2704,35 @@ int unit_test()
 
 	printf("%x %x\n",(int)c1,(int)c2);
 
+	const char buf[]={1,2,3,4,5,6,7,8,9,10,11,2,13,14,15,16};
+	char key[100]={0};
+	char buf2[100]={0};
+	char buf3[100]={0};
+	char buf4[100]={0};
+	int len=16;
+	for(int i=0;i<len;i++)
+	{
+		printf("<%d>",buf[i]);
+	}
+	printf("\n");
+	cipher_encrypt(buf,buf2,len,key);
+	for(int i=0;i<len;i++)
+	{
+		printf("<%d>",buf2[i]);
+	}
+	printf("\n");
+	int temp_len=len;
+	cipher_decrypt(buf2,buf3,len,key);
+	for(int i=0;i<len;i++)
+	{
+		printf("<%d>",buf3[i]);
+	}
+	printf("\n");
+	cipher_encrypt(buf2,buf4,temp_len,key);
+	for(int i=0;i<temp_len;i++)
+	{
+		printf("<%d>",buf4[i]);
+	}
 	return 0;
 }
 

makefile

@@ -8,8 +8,10 @@ cc_arm= /toolchains/arm-2014.05/bin/arm-none-linux-gnueabi-g++
 #cc_bcm2708=/home/wangyu/raspberry/tools/arm-bcm2708/gcc-linaro-arm-linux-gnueabihf-raspbian/bin/arm-linux-gnueabihf-g++ 
 FLAGS= -std=c++11 -Wall -Wextra -Wno-unused-variable -Wno-unused-parameter -Wno-missing-field-initializers
 
-SOURCES=main.cpp lib/aes.c lib/md5.c encrypt.cpp log.cpp network.cpp common.cpp  -lpthread
-SOURCES_AES_ACC=$(filter-out lib/aes.c,$(SOURCES)) $(wildcard lib/aes_acc/aes*.c)
+COMMON=main.cpp lib/md5.c encrypt.cpp log.cpp network.cpp common.cpp  -lpthread
+SOURCES= $(COMMON) lib/aes_faster_c/aes.c lib/aes_faster_c/wrapper.c
+SOURCES_TINY_AES= $(COMMON) lib/aes.c
+SOURCES_AES_ACC=$(COMMON) $(wildcard lib/aes_acc/aes*.c)
 
 NAME=udp2raw
 TARGETS=amd64 arm amd64_hw_aes arm_asm_aes mips24kc_be mips24kc_be_asm_aes x86 x86_asm_aes mips24kc_le mips24kc_le_asm_aes