diff --git a/native/src/main/c/NativeCipherImpl.cpp b/native/src/main/c/NativeCipherImpl.cpp index cff3dea4..cfe5f089 100644 --- a/native/src/main/c/NativeCipherImpl.cpp +++ b/native/src/main/c/NativeCipherImpl.cpp @@ -1,25 +1,45 @@ -#include +#include +#include + +#include #include "net_md_5_bungee_jni_cipher_NativeCipherImpl.h" typedef unsigned char byte; +struct crypto_context { + int mode; + mbedtls_aes_context cipher; + byte *key; +}; + jlong JNICALL Java_net_md_15_bungee_jni_cipher_NativeCipherImpl_init(JNIEnv* env, jobject obj, jboolean forEncryption, jbyteArray key) { + jsize keyLen = env->GetArrayLength(key); jbyte *keyBytes = env->GetByteArrayElements(key, NULL); - // TODO: Perhaps we need to throw some exceptions in the unlikely event this fails? - EVP_CIPHER_CTX *cipherCtx = EVP_CIPHER_CTX_new(); - EVP_CipherInit(cipherCtx, EVP_aes_128_cfb8(), (byte*) keyBytes, (byte*) keyBytes, forEncryption); + crypto_context *crypto = (crypto_context*) malloc(sizeof (crypto_context)); + mbedtls_aes_init(&crypto->cipher); + + mbedtls_aes_setkey_enc(&crypto->cipher, (byte*) keyBytes, keyLen * 8); + + crypto->key = (byte*) malloc(keyLen); + memcpy(crypto->key, keyBytes, keyLen); + + crypto->mode = (forEncryption) ? MBEDTLS_AES_ENCRYPT : MBEDTLS_AES_DECRYPT; env->ReleaseByteArrayElements(key, keyBytes, JNI_ABORT); - return (jlong) cipherCtx; + return (jlong) crypto; } void Java_net_md_15_bungee_jni_cipher_NativeCipherImpl_free(JNIEnv* env, jobject obj, jlong ctx) { - // TODO: Perhaps we need to throw some exceptions in the unlikely event this fails? - EVP_CIPHER_CTX_free((EVP_CIPHER_CTX*) ctx); + crypto_context *crypto = (crypto_context*) ctx; + + mbedtls_aes_free(&crypto->cipher); + free(crypto->key); + free(crypto); } void Java_net_md_15_bungee_jni_cipher_NativeCipherImpl_cipher(JNIEnv* env, jobject obj, jlong ctx, jlong in, jlong out, jint length) { - // TODO: Perhaps we need to throw some exceptions in the unlikely event this fails? - EVP_CipherUpdate((EVP_CIPHER_CTX*) ctx, (byte*) out, &length, (byte*) in, length); + crypto_context *crypto = (crypto_context*) ctx; + + mbedtls_aes_crypt_cfb8(&crypto->cipher, crypto->mode, length, crypto->key, (byte*) in, (byte*) out); } diff --git a/native/src/main/resources/native-cipher.so b/native/src/main/resources/native-cipher.so index d50d7bbc..de786fe1 100755 Binary files a/native/src/main/resources/native-cipher.so and b/native/src/main/resources/native-cipher.so differ diff --git a/native/src/test/java/net/md_5/bungee/NativeCipherTest.java b/native/src/test/java/net/md_5/bungee/NativeCipherTest.java index 036f4ebc..aa32869d 100644 --- a/native/src/test/java/net/md_5/bungee/NativeCipherTest.java +++ b/native/src/test/java/net/md_5/bungee/NativeCipherTest.java @@ -29,7 +29,7 @@ public class NativeCipherTest private static final NativeCode factory = new NativeCode( "native-cipher", JavaCipher.class, NativeCipher.class ); @Test - public void testOpenSSL() throws Exception + public void testNative() throws Exception { if ( NativeCode.isSupported() ) { @@ -37,13 +37,13 @@ public class NativeCipherTest Assert.assertTrue( "Native cipher failed to load!", loaded ); NativeCipher cipher = new NativeCipher(); - System.out.println( "Testing OpenSSL cipher..." ); + System.out.println( "Testing native cipher..." ); testACipher( cipher ); } } @Test - public void testOpenSSLBenchmark() throws Exception + public void testNativeBenchmark() throws Exception { if ( NativeCode.isSupported() ) { @@ -52,7 +52,7 @@ public class NativeCipherTest NativeCipher cipher = new NativeCipher(); - System.out.println( "Benchmarking OpenSSL cipher..." ); + System.out.println( "Benchmarking native cipher..." ); testBenchmark( cipher ); } } diff --git a/proxy/src/main/java/net/md_5/bungee/BungeeCord.java b/proxy/src/main/java/net/md_5/bungee/BungeeCord.java index 653a4720..84d8ce39 100644 --- a/proxy/src/main/java/net/md_5/bungee/BungeeCord.java +++ b/proxy/src/main/java/net/md_5/bungee/BungeeCord.java @@ -220,17 +220,17 @@ public class BungeeCord extends ProxyServer { if ( EncryptionUtil.nativeFactory.load() ) { - logger.info( "Using OpenSSL based native cipher." ); + logger.info( "Using mbed TLS based native cipher." ); } else { - logger.info( "Using standard Java JCE cipher. To enable the OpenSSL based native cipher, please make sure you are using 64 bit Ubuntu or Debian with libssl installed." ); + logger.info( "Using standard Java JCE cipher." ); } if ( CompressFactory.zlib.load() ) { - logger.info( "Using native code compressor" ); + logger.info( "Using zlib based native compressor." ); } else { - logger.info( "Using standard Java compressor. To enable zero copy compression, run on 64 bit Linux" ); + logger.info( "Using standard Java compressor." ); } } }