From 7318750ed08d0b09b3722a3b712ac6f5b32575af Mon Sep 17 00:00:00 2001
From: md_5 <git@md-5.net>
Date: Tue, 1 Jul 2014 20:13:30 +1000
Subject: [PATCH] Update native cipher to make use of the OpenSSL EVP API so
 that it can actually utilise hardware acceleration and other goodies.

Whereas before OpenSSL would often lose benchmarks now it always wins.
---
 native/compile-native.sh                      |   2 +-
 native/src/main/c/NativeCipherImpl.c          |  56 ------------------
 native/src/main/c/NativeCipherImpl.cpp        |  22 +++++++
 .../main/c/net_md_5_bungee_NativeCipherImpl.h |   8 +--
 .../java/net/md_5/bungee/NativeCipher.java    |  26 +++-----
 .../net/md_5/bungee/NativeCipherImpl.java     |  27 +--------
 native/src/main/resources/native-cipher.so    | Bin 8277 -> 8333 bytes
 7 files changed, 39 insertions(+), 102 deletions(-)
 delete mode 100644 native/src/main/c/NativeCipherImpl.c
 create mode 100644 native/src/main/c/NativeCipherImpl.cpp

diff --git a/native/compile-native.sh b/native/compile-native.sh
index 45e1164f..1baca889 100755
--- a/native/compile-native.sh
+++ b/native/compile-native.sh
@@ -1,3 +1,3 @@
 #!/bin/sh
 
-gcc -shared -fPIC -O3 -Werror -I$JAVA_HOME/include/ -I$JAVA_HOME/include/linux/ src/main/c/NativeCipherImpl.c -o src/main/resources/native-cipher.so -lcrypto
+g++ -shared -fPIC -O3 -Werror -I$JAVA_HOME/include/ -I$JAVA_HOME/include/linux/ src/main/c/NativeCipherImpl.cpp -o src/main/resources/native-cipher.so -lcrypto
diff --git a/native/src/main/c/NativeCipherImpl.c b/native/src/main/c/NativeCipherImpl.c
deleted file mode 100644
index 6e35aa68..00000000
--- a/native/src/main/c/NativeCipherImpl.c
+++ /dev/null
@@ -1,56 +0,0 @@
-#include "net_md_5_bungee_NativeCipherImpl.h"
-#include <openssl/aes.h>
-#include <jni.h>
-#include <stdio.h>
-#include <stdlib.h>
-#define BYTE unsigned char
-
-jlong Java_net_md_15_bungee_NativeCipherImpl_init
-(JNIEnv* env, jobject obj, jbyteArray key)
-{
-    AES_KEY *aes_key = malloc(sizeof(AES_KEY));
-
-    jboolean isKeyCopy;
-    BYTE *key_bytes = (BYTE*)(*env)->GetByteArrayElements(env, key, &isKeyCopy);
-    int key_length = (*env)->GetArrayLength(env, key) * 8; // in bits
-
-    AES_set_encrypt_key(key_bytes, key_length, aes_key);
-
-    if (isKeyCopy) {
-        (*env)->ReleaseByteArrayElements(env, key, (jbyte*)key_bytes, JNI_ABORT);
-    }
-    return (long) aes_key;
-}
-void Java_net_md_15_bungee_NativeCipherImpl_free
-(JNIEnv* env, jobject obj, jlong key)
-{
-    free((AES_KEY*)key);
-}
-void Java_net_md_15_bungee_NativeCipherImpl_cipher
-(JNIEnv* env, jobject obj, jboolean forEncryption, jlong key, jbyteArray iv, jlong in, jlong out, jint length)
-{
-    AES_KEY *aes_key = (AES_KEY*)key;
-
-    size_t buffer_length = (size_t) length;
-
-    BYTE *input =  (BYTE*) in;
-    BYTE *output =  (BYTE*) out;
-
-    jboolean isCopy;
-    BYTE *iv_bytes = (BYTE*)(*env)->GetByteArrayElements(env, iv, &isCopy);
-
-    AES_cfb8_encrypt(
-      input,                                     // input buffer
-      output,                                    // output buffer
-      buffer_length,                             // readable bytes
-      aes_key,                                   // encryption key
-      iv_bytes,                                  // IV
-      NULL,                                      // not needed
-      forEncryption ? AES_ENCRYPT : AES_DECRYPT  // encryption mode
-    );
-
-    // IV has changed, let's copy it back
-    if (isCopy) {
-      (*env)->ReleaseByteArrayElements(env, iv, (jbyte*)iv_bytes, 0);
-    }
-}
diff --git a/native/src/main/c/NativeCipherImpl.cpp b/native/src/main/c/NativeCipherImpl.cpp
new file mode 100644
index 00000000..1c2981dd
--- /dev/null
+++ b/native/src/main/c/NativeCipherImpl.cpp
@@ -0,0 +1,22 @@
+#include <openssl/evp.h>
+#include "net_md_5_bungee_NativeCipherImpl.h"
+
+typedef unsigned char byte;
+
+jlong JNICALL Java_net_md_15_bungee_NativeCipherImpl_init(JNIEnv* env, jobject obj, jboolean forEncryption, jbyteArray key) {
+    jbyte *keyBytes = env->GetByteArrayElements(key, NULL);
+
+    EVP_CIPHER_CTX *cipherCtx = new EVP_CIPHER_CTX();
+    EVP_CipherInit(cipherCtx, EVP_aes_128_cfb8(), (byte*) keyBytes, (byte*) keyBytes, forEncryption);
+
+    env->ReleaseByteArrayElements(key, keyBytes, JNI_ABORT);
+    return (jlong) cipherCtx;
+}
+
+void Java_net_md_15_bungee_NativeCipherImpl_free(JNIEnv* env, jobject obj, jlong ctx) {
+    EVP_CIPHER_CTX_free((EVP_CIPHER_CTX*) ctx);
+}
+
+void Java_net_md_15_bungee_NativeCipherImpl_cipher(JNIEnv* env, jobject obj, jlong ctx, jlong in, jlong out, jint length) {
+    EVP_CipherUpdate((EVP_CIPHER_CTX*) ctx, (byte*) out, &length, (byte*) in, length);
+}
diff --git a/native/src/main/c/net_md_5_bungee_NativeCipherImpl.h b/native/src/main/c/net_md_5_bungee_NativeCipherImpl.h
index 87e30b03..c4187cc9 100644
--- a/native/src/main/c/net_md_5_bungee_NativeCipherImpl.h
+++ b/native/src/main/c/net_md_5_bungee_NativeCipherImpl.h
@@ -10,10 +10,10 @@ extern "C" {
 /*
  * Class:     net_md_5_bungee_NativeCipherImpl
  * Method:    init
- * Signature: ([B)J
+ * Signature: (Z[B)J
  */
 JNIEXPORT jlong JNICALL Java_net_md_15_bungee_NativeCipherImpl_init
-  (JNIEnv *, jobject, jbyteArray);
+  (JNIEnv *, jobject, jboolean, jbyteArray);
 
 /*
  * Class:     net_md_5_bungee_NativeCipherImpl
@@ -26,10 +26,10 @@ JNIEXPORT void JNICALL Java_net_md_15_bungee_NativeCipherImpl_free
 /*
  * Class:     net_md_5_bungee_NativeCipherImpl
  * Method:    cipher
- * Signature: (ZJ[BJJI)V
+ * Signature: (JJJI)V
  */
 JNIEXPORT void JNICALL Java_net_md_15_bungee_NativeCipherImpl_cipher
-  (JNIEnv *, jobject, jboolean, jlong, jbyteArray, jlong, jlong, jint);
+  (JNIEnv *, jobject, jlong, jlong, jlong, jint);
 
 #ifdef __cplusplus
 }
diff --git a/native/src/main/java/net/md_5/bungee/NativeCipher.java b/native/src/main/java/net/md_5/bungee/NativeCipher.java
index 3dc6920a..96f9c83c 100644
--- a/native/src/main/java/net/md_5/bungee/NativeCipher.java
+++ b/native/src/main/java/net/md_5/bungee/NativeCipher.java
@@ -17,12 +17,9 @@ public class NativeCipher implements BungeeCipher
 
     @Getter
     private final NativeCipherImpl nativeCipher = new NativeCipherImpl();
-    private boolean forEncryption;
-    private byte[] iv;
     /*============================================================================*/
     private static boolean loaded;
-
-    private long pointer;
+    private long ctx;
 
     public static boolean isSupported()
     {
@@ -62,22 +59,18 @@ public class NativeCipher implements BungeeCipher
     public void init(boolean forEncryption, SecretKey key) throws GeneralSecurityException
     {
         Preconditions.checkArgument( key.getEncoded().length == 16, "Invalid key size" );
-        if ( pointer != 0 )
-        {
-            nativeCipher.free( pointer );
-        }
-        this.forEncryption = forEncryption;
-        this.iv = key.getEncoded(); // initialize the IV
-        this.pointer = nativeCipher.init( key.getEncoded() );
+        free();
+
+        this.ctx = nativeCipher.init( forEncryption, key.getEncoded() );
     }
 
     @Override
     public void free()
     {
-        if ( pointer != 0 )
+        if ( ctx != 0 )
         {
-            nativeCipher.free( pointer );
-            pointer = 0;
+            nativeCipher.free( ctx );
+            ctx = 0;
         }
     }
 
@@ -87,8 +80,7 @@ public class NativeCipher implements BungeeCipher
         // Smoke tests
         in.memoryAddress();
         out.memoryAddress();
-        Preconditions.checkState( pointer != 0, "Invalid pointer to AES key!" );
-        Preconditions.checkState( iv != null, "Invalid IV!" );
+        Preconditions.checkState( ctx != 0, "Invalid pointer to AES key!" );
 
         // Store how many bytes we can cipher
         int length = in.readableBytes();
@@ -96,7 +88,7 @@ public class NativeCipher implements BungeeCipher
         out.ensureWritable( length );
 
         // Cipher the bytes
-        nativeCipher.cipher( forEncryption, pointer, iv, in.memoryAddress() + in.readerIndex(), out.memoryAddress() + out.writerIndex(), length );
+        nativeCipher.cipher( ctx, in.memoryAddress() + in.readerIndex(), out.memoryAddress() + out.writerIndex(), length );
 
         // Go to the end of the buffer, all bytes would of been read
         in.readerIndex( in.writerIndex() );
diff --git a/native/src/main/java/net/md_5/bungee/NativeCipherImpl.java b/native/src/main/java/net/md_5/bungee/NativeCipherImpl.java
index 261a84ec..2167b1c4 100644
--- a/native/src/main/java/net/md_5/bungee/NativeCipherImpl.java
+++ b/native/src/main/java/net/md_5/bungee/NativeCipherImpl.java
@@ -3,30 +3,9 @@ package net.md_5.bungee;
 class NativeCipherImpl
 {
 
-    /**
-     * Initializes the key.
-     *
-     * @param key the key to for encryption
-     * @return the pointer to key
-     */
-    native long init(byte[] key);
+    native long init(boolean forEncryption, byte[] key);
 
-    /**
-     * Frees the key.
-     *
-     * @param key the pointer to key
-     */
-    native void free(long key);
+    native void free(long ctx);
 
-    /**
-     * This method will encrypt some data in AES-CFB8 using the specified key.
-     *
-     * @param forEncryption encryption / decryption mode
-     * @param key the pointer to key
-     * @param iv the iv to use
-     * @param in the starting memory address for reading data
-     * @param out the starting memory address for writing data
-     * @param length the length of data to read / write
-     */
-    native void cipher(boolean forEncryption, long key, byte[] iv, long in, long out, int length);
+    native void cipher(long ctx, long in, long out, int length);
 }
diff --git a/native/src/main/resources/native-cipher.so b/native/src/main/resources/native-cipher.so
index 03d70f6d70920cc175577d79108a1e12fdec506d..9fd92de91ea498ce0f52cb7d9085ec67b136f2c1 100755
GIT binary patch
delta 2568
zcmZuzZA=tL7@pl@k6VPj<Bq#sP<n@j3KH))v<0oyJ3eF~*NP%aE%XWqfu=>&qco%q
zr&yaUrNO>7@rOyFe@aq*NHHe<XoZ3V)7YS`ifNOgNn1#)^&@F$Q+s`9KU#~<W%ixt
zd7qtoXJ%*Kxf19P4oIxWax85te>#Dv<@B*OAK%Jqpks8XfZ2Hd@SIb~`}VT)`snCi
z+h2S;{*AFC)NjI?h?T)=#(H9WFvFG@;3=1k)d9(DIU9|K_t@u{5R9@S<AX!2$bF7Z
zJ2Ws3m}e!hnIvw=V7On67R<0x4}*Q%$qF*aBaJ0PGh_lS<p*@$qVt`ow-Fb4#pcl&
z&Fn)%^)_AKt$Q0)y_3`~)3<5;K$j^QW=$3*3fE0vWrg>&cfC%^c2$KNnh%Ek`Gw)8
zmc~MrC~50xZ9Y)Z-WGuyaoLWR1I^7EUr{BO?Fg6btc4%qHrVL9nzW{4Z$qRRJe+7g
z7}?vDn+t{9ljhpm@OtkCXy6<TT7)domV#On&h-C(R706+HC#eGh$A^4;%t~mH*&O4
ze?a$B?8$u<7mFoF;Swj7&FV9^l;ojKVoc<K-l)<i#^4P+XVvs{-C0;?7L(}LV3Y;O
zFpJP?PJ}vhV$#w>S_|}>eM}sDVHOz<u3(!7E<UqI|C@O1VTI8PTDkX@MegICw|I#B
z&Ul1dSgDdzmPt(%d%6)_v8=uLw7LV>qPUeh7w2PGvi49+r($td#XBgbbGkUL;!285
zJ(M`562+8=qj*ron<(Ze9#C;U#dO$<QN(gTSBQk%U$hoYjhwS2D?iD-OF|c0KZ%i#
z#A}h?tB=jo08!6q`ajWQ=qDiF;_B&AwU;CJ>Sbj*c9Y7ZMH5Jp&NXsxQ8{hZVE2(k
zxv%IGL<>n6!9puO>ZiFANHF&&TWIlG-Rcg-`76ri@U_TO7)#8o#gbNo;o6bLzGAcW
zi@UJ{t2+uOEzX`@vhqz(x$3_htf^2g26y8BJ*bxZ;$s8jI0xs3aoiQk)WUav<It7K
zvrfeRaasBCzWmw3$4Hi0&rFAu8zJQ;k~oZoZmR4nBgll5+p_Z8SvvW#0eWJ{%G^u!
z!Mb35@a4%CtGkqtJXyK6*ov?GH-K9bav^0}?%$c2Sf<RBDxu88g%sLt@00}N{HpZX
z2MDm&01l)BEnV4DXz7a2z#sgYo+v7!$PmG{RgfyJE4nOEvL)@=wd*riQ+hL2{ChHk
z-Ku9pv0(dvtrVnwQ<>m-KQ1U_ALUAgyk0X~Cu9c&Pq84Oq*&1RMGC%q1gi!AQKt|Q
zLiv;QNFwOSpiHUYsS_+?HxjHSxRa0{G&Z2I;i!fdefO$c_hC%8IxX~&r6me}VIL#G
zkl<#H!-U{thT*Q@w$I`G(n5C>Es_~lTfNL2Y`40Z5!i42wCRlQo7U}B-TtiG-*s!&
zN95A2aR!u^lx*^3*EDvvM>;(lyoKKUb^eW=D)i@Q#8|g&9RtJ3gUmcs*nP=ToF0vC
zkAs5j2;E*-44VxX>^>-T*udh*OOW)D;0THx&m<cIGwd)Z4j&)YV~xUuqab-uM~008
zpW?H7^!N=s#6V@rm(1xg-ie8(3KW+QmRuf~b9s0pA=CmRZb764m<bhP0rM6d63dxE
zxF8nrGwGV=Jn+)HxD3Z65odQoa+=I!4y}mXT|^c{cM(M)Bh_h2AcJT{Oueuv^)~)>
za+=fRBDD}q3;T`mw2le!VuQs~vFhOu3%Q`q55T1~k*S5nG#@hysVjG<UPKQ=1aeBx
z=?K;GJse6CVQ{5X@e5*xex1wm-UF3?G#~Q#)iK0LjHTE5Bg6&FDv@zR13ta<nOclW
zJAR#0yrI#otZH`C{Lgf$&yQ4QRDFI8`%Pl{HTB&`vpt7LhI(IU&Z4cy<o)f)KQ8a@
z()G*p{$W-B=r|Rsr#BOB#Axy7)INCJX+!A;*n)hxlkS4tC$_O29nk$mHQ3xap>VkA
z&4zGGTYJN6ZQXk2S8oJbnhylFRh7L^T^$Phy?NfeWjBUpUI@9<AwO;vjJXTl%P$+t
qwRqV8yQgTgda?NTt`Vm9k7ZJ#-d+NM@=!%_iFVH*;WoUmkbeLO7eLMc

delta 2582
zcmZuzeQZ-z6u+<EZ;aQEt?O%Hw8H`gq#ro4EjaBPD|;mchuZ)HwPVZXrgN*K6A8p^
z4uR*GZd@>n3G$I3#J`3Zlt0vt!Qw(tFd=|qSeDGJhA2~GrhxU__d#IeHus%-e&^hC
zfA_q;druE{E!fMdlKMW!YWh|N65Fl5Mju_Rl9Yzi#|o&TzgJBip$&UCZ9Dr_j`nuy
zr_Fl{&J(*D`Yh-abRG2m<k37+W{@VB3AzQFRb^(69)^#!<JhdWQ6_v^Wy1|BKMtx{
zJgQ=;p9zkqRID}v-t+NRDl0GsBMYn%q@@6za-6d=?w4_cjIYO6A;wX)Av_>MZ_AeF
zfTRgoQMt(_Ba#S-c+L#`5ST59Mjkw=KJR#aYg1E8E#g8Iv2AsUSY2~%>yCIL_FCNz
z{ISz>K&!<^oL&zx*Vfk*Dt6S=SR*>Nc(=89175$^FG4t>eaaJC?p^L(fnF#Nt*fYr
z#3U=>q=Fx5B)ib@pw?PML5}l9rU<zJZ*w%l&edoGV5AXyo@^(&Yw4@-LR6>*n{~FL
zxSWfr*)C#4O1Av+fR}Tk;EH|&_vvi-EnTKvE6$T16GoRfAa7ic59@4p`6Y<x)Fajm
zd|BtC)c65Jxv$H_F1?#F;E>+k-gU>ocWX}=T!?=+nb1zGg1LOx1;daS<KZK{;xlkb
zFZdjuMrRO4L~kJW)My&of=`J~l90M0>c@#r@|Q}A`bR`3nM@6c`T?SADhY5@1l}V6
z*<Pv_biPO13jp6!{0@jJe(@A9jPqSn%yw0D2pDUK5g7jwO^*^n;Qx~3|DpkJG32#>
zuO|*afCDcKr^kp-N3k7TP}?HDtN05rLs(%vk;!)#{|nkg6qcQ6fJby#dlvxe&!KwK
zyhi74poJhW#rw1{EwK;?#Kic?grf>LwgL>X(pRFXjS#@-?7;U8*7ho{5|+4D!3+1k
z`AZCNhn*PyFP#nx7x->9FO2cRZ@h3j-J67shlPtGC?T5w>B+xH){O{b5#jfVC`{~l
z){PQ2a63m*8xek00+7!h-WwYcMmI;fEnIY{zPFthuBRGcma+kEV?-F{gzMafu<#vM
zwN|(c1S7&lLXhve<KesYd{3p@B=O;EE8Ptu(}cS^kPPikuN6j(hmsLtG87mQG;Tub
z<^v$L%WXo5Y+w}_0j>`znI%phi4gZP7sE+<Zf*xm;eq`qFpGn%hK!v883&of|Imxt
z{op|?h%v2Z*fqvk+YKG)dB@5n&$#CkI3Ic`bh0<`SSevlJ*pCh-LK{t*B(tN<LS~y
zn4l`gcuE-;$FSf~!Wgn)&MxQ!Fi-i!Kow&h1bGVZPK1gO0{;(GJj1@P4l%ACO^EUA
z*K&-1kFJy{?9!Jp)v66lApjiXDPdf&vb4aN(;2LqQ@(QLt0qg3CLa;v`S7St&J)ry
zB>^X0fN7x+KE^nyI38qtR4<-noR)sbCuzztenX4r8@*INUT-9hZx~Mo>Sf!TvfLxf
z4`um@EYHf4$Lmd5^L&xU=B=$Qu6%EyH?S<=Z>wo*PP7#*mVh%mP0J{J(tM2i7Kbf9
zGtx*j6dA_?pmFl)LQ~{IJYw<D{W98*sjLD#Wieqs%WqaTqR3t>Wcg_2dh+1GtO9en
z%utbWOlSKnNf}inrNV2nzou@Tp{?x{#bY7IM=OUWj|X!K@RvC*%-TG3Ik^X+EyZD5
z0kso%+RCVXc*Isf59CUg6PRZALfZRS8%aBBRqIecNE=SFIcfupC&A*ud3LKh1C@ic
zQAwiVb@m@&ZL`CwhU*J+j#xn9Cq+ic3j-BgpLb>c3eL&6A76FYsB)Zg_+V}OoQ?KN
zV4)C$ZphVuGUF!hbil<rhYgR59`K)@c9Gr_@tGH_9{y$&T)awtl!)1wnrowSNf|%|
z#b-4R0MbI9_AZ!ZfxqSjTJe{pAbK7aJ<o~bOJuAa2Y<0-Xs6(aGNG9l`fR|TR7$Lr
z@#&?+D{`Do)ArdU`wz&UvQl95i~d%}j7s8&IDu3W=W<)ABK-8cdVFwRMadJ2iD2;Y
za$tHvG0l#DnYScMDoujHvPigOl~h#VWtv=beQRCa<7im3c=qGS0q066To#e~#qKK9
K#TuI%6X<{bvQLZv