13
0
geforkt von Mirrors/Velocity

Clean up more cipher code and make it -Wall + -Werror clean

Dieser Commit ist enthalten in:
Andrew Steinborn 2020-09-16 00:07:52 -04:00
Ursprung a49a77a7ef
Commit bb31226e09
4 geänderte Dateien mit 25 neuen und 13 gelöschten Zeilen

Datei anzeigen

@ -1,5 +1,11 @@
#!/bin/bash
if [ ! "$CC" ]; then
# The libdeflate authors recommend that we build using GCC as it produces "slightly faster binaries":
# https://github.com/ebiggers/libdeflate#for-unix
export CC=gcc
fi
if [ ! -d libdeflate ]; then
echo "Cloning libdeflate..."
git clone https://github.com/ebiggers/libdeflate.git
@ -10,10 +16,10 @@ cd libdeflate || exit
CFLAGS="-fPIC -O2" make
cd ..
CFLAGS="-O3 -I$JAVA_HOME/include/ -I$JAVA_HOME/include/linux/ -fPIC -shared -Wl,-z,noexecstack"
CFLAGS="-O2 -I$JAVA_HOME/include/ -I$JAVA_HOME/include/linux/ -fPIC -shared -Wl,-z,noexecstack -Wall -Werror"
ARCH=$(uname -m)
mkdir -p src/main/resources/linux_$ARCH
gcc $CFLAGS -Ilibdeflate src/main/c/jni_util.c src/main/c/jni_zlib_deflate.c src/main/c/jni_zlib_inflate.c \
$CC $CFLAGS -Ilibdeflate src/main/c/jni_util.c src/main/c/jni_zlib_deflate.c src/main/c/jni_zlib_inflate.c \
libdeflate/libdeflate.a -o src/main/resources/linux_$ARCH/velocity-compress.so
gcc $CFLAGS -I $MBEDTLS_ROOT/include -shared src/main/c/jni_util.c src/main/c/jni_cipher.c \
$CC $CFLAGS -shared src/main/c/jni_util.c src/main/c/jni_cipher.c \
-o src/main/resources/linux_$ARCH/velocity-cipher.so -lcrypto

Datei anzeigen

@ -12,25 +12,28 @@ Java_com_velocitypowered_natives_encryption_OpenSslCipherImpl_init(JNIEnv *env,
jbyteArray key,
jboolean encrypt)
{
jsize keyLen = (*env)->GetArrayLength(env, key);
if (keyLen != 16) {
throwException(env, "java/lang/IllegalArgumentException", "cipher not 16 bytes");
return 0;
}
EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
if (ctx == NULL) {
throwException(env, "java/lang/OutOfMemoryError", "allocate cipher");
return 0;
}
jsize keyLen = (*env)->GetArrayLength(env, key);
jbyte* keyBytes = (*env)->GetPrimitiveArrayCritical(env, key, NULL);
if (keyBytes == NULL) {
EVP_CIPHER_CTX_free(ctx);
throwException(env, "java/lang/OutOfMemoryError", "cipher get key");
// Since we know the array size is always bounded, we can just use Get<Primitive>ArrayRegion
// and save ourselves some error-checking headaches.
jbyte keyBytes[16];
(*env)->GetByteArrayRegion(env, key, 0, keyLen, (jbyte*) keyBytes);
if ((*env)->ExceptionCheck(env)) {
return 0;
}
int result = EVP_CipherInit(ctx, EVP_aes_128_cfb8(), (byte*) keyBytes, (byte*) keyBytes,
encrypt);
// Release the key byte array now - we won't need it
(*env)->ReleasePrimitiveArrayCritical(env, key, keyBytes, 0);
if (result != 1) {
EVP_CIPHER_CTX_free(ctx);
throwException(env, "java/security/GeneralSecurityException", "openssl initialize cipher");

Datei anzeigen

@ -34,8 +34,7 @@ Java_com_velocitypowered_natives_compression_NativeZlibDeflate_process(JNIEnv *e
jlong sourceAddress,
jint sourceLength,
jlong destinationAddress,
jint destinationLength,
jboolean finish)
jint destinationLength)
{
struct libdeflate_compressor *compressor = (struct libdeflate_compressor *) ctx;
size_t produced = libdeflate_zlib_compress(compressor, (void *) sourceAddress, sourceLength,

Datei anzeigen

@ -53,5 +53,9 @@ Java_com_velocitypowered_natives_compression_NativeZlibInflate_process(JNIEnv *e
// These cases are the same for us. We expect the full uncompressed size to be known.
throwException(env, "java/util/zip/DataFormatException", "uncompressed size is inaccurate");
return JNI_FALSE;
default:
// Unhandled case
throwException(env, "java/util/zip/DataFormatException", "unknown libdeflate return code");
return JNI_FALSE;
}
}