OpenVPN
Macros | Functions | Variables
crypto.c File Reference
#include "syshead.h"
#include "crypto.h"
#include "error.h"
#include "integer.h"
#include "platform.h"
#include "memdbg.h"
Include dependency graph for crypto.c:

Go to the source code of this file.

Macros

#define PARSE_INITIAL   0
 
#define PARSE_HEAD   1
 
#define PARSE_DATA   2
 
#define PARSE_DATA_COMPLETE   3
 
#define PARSE_FOOT   4
 
#define PARSE_FINISHED   5
 

Functions

static void openvpn_encrypt_aead (struct buffer *buf, struct buffer work, struct crypto_options *opt)
 
static void openvpn_encrypt_v1 (struct buffer *buf, struct buffer work, struct crypto_options *opt)
 
void openvpn_encrypt (struct buffer *buf, struct buffer work, struct crypto_options *opt)
 Encrypt and HMAC sign a packet so that it can be sent as a data channel VPN tunnel packet to a remote OpenVPN peer. More...
 
bool crypto_check_replay (struct crypto_options *opt, const struct packet_id_net *pin, const char *error_prefix, struct gc_arena *gc)
 Check packet ID for replay, and perform replay administration. More...
 
static bool openvpn_decrypt_aead (struct buffer *buf, struct buffer work, struct crypto_options *opt, const struct frame *frame, const uint8_t *ad_start)
 Unwrap (authenticate, decrypt and check replay protection) AEAD-mode data channel packets. More...
 
static bool openvpn_decrypt_v1 (struct buffer *buf, struct buffer work, struct crypto_options *opt, const struct frame *frame)
 
bool openvpn_decrypt (struct buffer *buf, struct buffer work, struct crypto_options *opt, const struct frame *frame, const uint8_t *ad_start)
 HMAC verify and decrypt a data channel packet received from a remote OpenVPN peer. More...
 
void crypto_adjust_frame_parameters (struct frame *frame, const struct key_type *kt, bool packet_id, bool packet_id_long_form)
 Calculate crypto overhead and adjust frame to account for that. More...
 
unsigned int crypto_max_overhead (void)
 Return the worst-case OpenVPN crypto overhead (in bytes) More...
 
void init_key_type (struct key_type *kt, const char *ciphername, const char *authname, int keysize, bool tls_mode, bool warn)
 Initialize a key_type structure with. More...
 
void init_key_ctx (struct key_ctx *ctx, const struct key *key, const struct key_type *kt, int enc, const char *prefix)
 
void init_key_ctx_bi (struct key_ctx_bi *ctx, const struct key2 *key2, int key_direction, const struct key_type *kt, const char *name)
 
void free_key_ctx (struct key_ctx *ctx)
 
void free_key_ctx_bi (struct key_ctx_bi *ctx)
 
static bool key_is_zero (struct key *key, const struct key_type *kt)
 
bool check_key (struct key *key, const struct key_type *kt)
 
void fixup_key (struct key *key, const struct key_type *kt)
 
void check_replay_consistency (const struct key_type *kt, bool packet_id)
 
void generate_key_random (struct key *key, const struct key_type *kt)
 
void key2_print (const struct key2 *k, const struct key_type *kt, const char *prefix0, const char *prefix1)
 
void test_crypto (struct crypto_options *co, struct frame *frame)
 
void crypto_read_openvpn_key (const struct key_type *key_type, struct key_ctx_bi *ctx, const char *key_file, const char *key_inline, const int key_direction, const char *key_name, const char *opt_name)
 
void read_key_file (struct key2 *key2, const char *file, const unsigned int flags)
 
int write_key_file (const int nkeys, const char *filename)
 Write nkeys 1024-bits keys to file. More...
 
void must_have_n_keys (const char *filename, const char *option, const struct key2 *key2, int n)
 
int ascii2keydirection (int msglevel, const char *str)
 
const char * keydirection2ascii (int kd, bool remote, bool humanreadable)
 
void key_direction_state_init (struct key_direction_state *kds, int key_direction)
 
void verify_fix_key2 (struct key2 *key2, const struct key_type *kt, const char *shared_secret_file)
 
bool write_key (const struct key *key, const struct key_type *kt, struct buffer *buf)
 
int read_key (struct key *key, const struct key_type *kt, struct buffer *buf)
 
static void prng_reset_nonce (void)
 
void prng_init (const char *md_name, const int nonce_secret_len_parm)
 Pseudo-random number generator initialisation. More...
 
void prng_uninit (void)
 
void prng_bytes (uint8_t *output, int len)
 
long int get_random (void)
 
void print_cipher (const cipher_kt_t *cipher)
 Print a cipher list entry. More...
 
static const cipher_name_pairget_cipher_name_pair (const char *cipher_name)
 
const char * translate_cipher_name_from_openvpn (const char *cipher_name)
 Translate a data channel cipher name from the crypto library specific name to the OpenVPN config file 'language'. More...
 
const char * translate_cipher_name_to_openvpn (const char *cipher_name)
 Translate a crypto library cipher name to an OpenVPN cipher name. More...
 
void write_pem_key_file (const char *filename, const char *pem_name)
 Generate a server key with enough randomness to fill a key struct and write to file. More...
 
bool read_pem_key_file (struct buffer *key, const char *pem_name, const char *key_file, const char *key_inline)
 Read key material from a PEM encoded files into the key structure. More...
 

Variables

static const char static_key_head [] = "-----BEGIN OpenVPN Static key V1-----"
 
static const char static_key_foot [] = "-----END OpenVPN Static key V1-----"
 
static const char printable_char_fmt []
 
static const char unprintable_char_fmt []
 
static uint8_tnonce_data = NULL
 
static const md_kt_tnonce_md = NULL
 
static int nonce_secret_len = 0
 

Macro Definition Documentation

◆ PARSE_DATA

#define PARSE_DATA   2

Referenced by read_key_file().

◆ PARSE_DATA_COMPLETE

#define PARSE_DATA_COMPLETE   3

Referenced by read_key_file().

◆ PARSE_FINISHED

#define PARSE_FINISHED   5

Referenced by read_key_file().

◆ PARSE_FOOT

#define PARSE_FOOT   4

Referenced by read_key_file().

◆ PARSE_HEAD

#define PARSE_HEAD   1

Referenced by read_key_file().

◆ PARSE_INITIAL

#define PARSE_INITIAL   0

Referenced by read_key_file().

Function Documentation

◆ ascii2keydirection()

int ascii2keydirection ( int  msglevel,
const char *  str 
)

Definition at line 1497 of file crypto.c.

References KEY_DIRECTION_BIDIRECTIONAL, KEY_DIRECTION_INVERSE, KEY_DIRECTION_NORMAL, and msg.

Referenced by add_option().

◆ check_key()

bool check_key ( struct key key,
const struct key_type kt 
)

◆ check_replay_consistency()

void check_replay_consistency ( const struct key_type kt,
bool  packet_id 
)

◆ crypto_adjust_frame_parameters()

void crypto_adjust_frame_parameters ( struct frame frame,
const struct key_type kt,
bool  packet_id,
bool  packet_id_long_form 
)

◆ crypto_check_replay()

bool crypto_check_replay ( struct crypto_options opt,
const struct packet_id_net pin,
const char *  error_prefix,
struct gc_arena gc 
)

Check packet ID for replay, and perform replay administration.

Parameters
optCrypto options for this packet, contains replay state.
pinPacket ID read from packet.
error_prefixPrefix to use when printing error messages.
gcGarbage collector to use.
Returns
true if packet ID is validated to be not a replay, false otherwise.

Definition at line 323 of file crypto.c.

References CO_MUTE_REPLAY_WARNINGS, CO_PACKET_ID_LONG_FORM, D_REPLAY_ERRORS, crypto_options::flags, msg, crypto_options::packet_id, packet_id_add(), packet_id_net_print(), packet_id_persist_save_obj(), packet_id_reap_test(), packet_id_test(), crypto_options::pid_persist, and packet_id::rec.

Referenced by openvpn_decrypt_aead(), openvpn_decrypt_v1(), and tls_crypt_unwrap().

◆ crypto_max_overhead()

unsigned int crypto_max_overhead ( void  )

◆ crypto_read_openvpn_key()

void crypto_read_openvpn_key ( const struct key_type key_type,
struct key_ctx_bi ctx,
const char *  key_file,
const char *  key_inline,
const int  key_direction,
const char *  key_name,
const char *  opt_name 
)

◆ fixup_key()

void fixup_key ( struct key key,
const struct key_type kt 
)

◆ free_key_ctx()

void free_key_ctx ( struct key_ctx ctx)

◆ free_key_ctx_bi()

void free_key_ctx_bi ( struct key_ctx_bi ctx)

◆ generate_key_random()

void generate_key_random ( struct key key,
const struct key_type kt 
)

◆ get_cipher_name_pair()

static const cipher_name_pair* get_cipher_name_pair ( const char *  cipher_name)
static

◆ get_random()

long int get_random ( void  )

◆ init_key_ctx()

void init_key_ctx ( struct key_ctx ctx,
const struct key key,
const struct key_type kt,
int  enc,
const char *  prefix 
)

◆ init_key_ctx_bi()

void init_key_ctx_bi ( struct key_ctx_bi ctx,
const struct key2 key2,
int  key_direction,
const struct key_type kt,
const char *  name 
)

◆ init_key_type()

void init_key_type ( struct key_type kt,
const char *  ciphername,
const char *  authname,
int  keysize,
bool  tls_mode,
bool  warn 
)

Initialize a key_type structure with.

Parameters
ktThe struct key_type to initialize
ciphernameThe name of the cipher to use
authnameThe name of the HMAC digest to use
keysizeThe length of the cipher key to use, in bytes. Only valid for ciphers that support variable length keys.
tls_modeSpecifies whether we are running in TLS mode, which allows more ciphers than static key mode.
warnPrint warnings when null cipher / auth is used.

Definition at line 743 of file crypto.c.

References ASSERT, key_type::cipher, cipher_kt_block_size(), cipher_kt_get(), cipher_kt_key_size(), cipher_kt_mode_aead(), cipher_kt_mode_cbc(), cipher_kt_mode_ofb_cfb(), key_type::cipher_length, CLEAR, key_type::digest, ENABLE_OFB_CFB_MODE, key_type::hmac_length, M_FATAL, M_WARN, MAX_CIPHER_KEY_LENGTH, md_kt_get(), md_kt_size(), msg, OPENVPN_MAX_CIPHER_BLOCK_SIZE, and translate_cipher_name_from_openvpn().

Referenced by calc_options_string_link_mtu(), do_init_crypto_static(), do_init_crypto_tls_c1(), options_string(), and tls_session_update_crypto_params().

◆ key2_print()

void key2_print ( const struct key2 k,
const struct key_type kt,
const char *  prefix0,
const char *  prefix1 
)

◆ key_direction_state_init()

void key_direction_state_init ( struct key_direction_state kds,
int  key_direction 
)

◆ key_is_zero()

static bool key_is_zero ( struct key key,
const struct key_type kt 
)
static

Definition at line 919 of file crypto.c.

References key::cipher, key_type::cipher_length, D_CRYPT_ERRORS, and msg.

Referenced by check_key().

◆ keydirection2ascii()

const char* keydirection2ascii ( int  kd,
bool  remote,
bool  humanreadable 
)

◆ must_have_n_keys()

void must_have_n_keys ( const char *  filename,
const char *  option,
const struct key2 key2,
int  n 
)

Definition at line 1484 of file crypto.c.

References M_FATAL, msg, key2::n, and PACKAGE.

Referenced by crypto_read_openvpn_key().

◆ openvpn_decrypt_aead()

static bool openvpn_decrypt_aead ( struct buffer buf,
struct buffer  work,
struct crypto_options opt,
const struct frame frame,
const uint8_t ad_start 
)
static

◆ openvpn_decrypt_v1()

static bool openvpn_decrypt_v1 ( struct buffer buf,
struct buffer  work,
struct crypto_options opt,
const struct frame frame 
)
static

◆ openvpn_encrypt_aead()

static void openvpn_encrypt_aead ( struct buffer buf,
struct buffer  work,
struct crypto_options opt 
)
static

◆ openvpn_encrypt_v1()

static void openvpn_encrypt_v1 ( struct buffer buf,
struct buffer  work,
struct crypto_options opt 
)
static

◆ print_cipher()

void print_cipher ( const cipher_kt_t cipher)

◆ prng_bytes()

void prng_bytes ( uint8_t output,
int  len 
)

◆ prng_init()

void prng_init ( const char *  md_name,
const int  nonce_secret_len_parm 
)

Pseudo-random number generator initialisation.

(see prng_rand_bytes())

Parameters
md_nameName of the message digest to use
nonce_secret_len_paramLength of the nonce to use

Definition at line 1707 of file crypto.c.

References ASSERT, check_malloc_return(), D_CRYPTO_DEBUG, dmsg, malloc, md_kt_get(), md_kt_name(), md_kt_size(), nonce_data, nonce_md, nonce_secret_len, NONCE_SECRET_LEN_MAX, NONCE_SECRET_LEN_MIN, prng_reset_nonce(), and prng_uninit().

Referenced by do_init_crypto_tls_c1(), and init_static().

◆ prng_reset_nonce()

static void prng_reset_nonce ( void  )
static

Definition at line 1686 of file crypto.c.

References M_FATAL, md_kt_size(), msg, nonce_data, nonce_md, nonce_secret_len, and rand_bytes().

Referenced by prng_bytes(), and prng_init().

◆ prng_uninit()

void prng_uninit ( void  )

Definition at line 1726 of file crypto.c.

References free, nonce_data, nonce_md, and nonce_secret_len.

Referenced by free_ssl_lib(), init_static(), and prng_init().

◆ read_key()

int read_key ( struct key key,
const struct key_type kt,
struct buffer buf 
)

◆ read_key_file()

void read_key_file ( struct key2 key2,
const char *  file,
const unsigned int  flags 
)

◆ read_pem_key_file()

bool read_pem_key_file ( struct buffer key,
const char *  pem_name,
const char *  key_file,
const char *  key_inline 
)

Read key material from a PEM encoded files into the key structure.

Parameters
keythe key structure that will hold the key material
pem_namethe name used in the pem encoding start/end lines
key_filename of the file to read
key_inlinea string holding the data in case of an inline key
Returns
true if reading into key was successful

Definition at line 1887 of file crypto.c.

References buf_clear(), buf_set_read(), buf_valid(), buffer_read_from_file(), crypto_pem_decode(), gc_free(), gc_new(), INLINE_FILE_TAG, M_WARN, and msg.

Referenced by tls_crypt_v2_init_client_key(), and tls_crypt_v2_init_server_key().

◆ test_crypto()

void test_crypto ( struct crypto_options co,
struct frame frame 
)

◆ translate_cipher_name_from_openvpn()

const char * translate_cipher_name_from_openvpn ( const char *  cipher_name)

Translate a data channel cipher name from the crypto library specific name to the OpenVPN config file 'language'.

Translate a data channel cipher name from the OpenVPN config file 'language' to the crypto library specific name.

Translate an OpenVPN cipher name to a crypto library cipher name.

Parameters
cipher_nameAn OpenVPN cipher name
Returns
The corresponding crypto library cipher name, or NULL if no matching cipher name was found.

Definition at line 1827 of file crypto.c.

References get_cipher_name_pair(), and cipher_name_pair::lib_name.

Referenced by cipher_kt_block_size(), init_key_type(), and tls_check_ncp_cipher_list().

◆ translate_cipher_name_to_openvpn()

const char* translate_cipher_name_to_openvpn ( const char *  cipher_name)

Translate a crypto library cipher name to an OpenVPN cipher name.

Parameters
cipher_nameA crypto library cipher name
Returns
The corresponding OpenVPN cipher name, or NULL if no matching cipher name was found.

Definition at line 1840 of file crypto.c.

References get_cipher_name_pair(), and cipher_name_pair::openvpn_name.

Referenced by cipher_kt_block_size(), cipher_name_cmp(), init_key_ctx(), multi_print_status(), options_string(), and print_cipher().

◆ verify_fix_key2()

void verify_fix_key2 ( struct key2 key2,
const struct key_type kt,
const char *  shared_secret_file 
)

Definition at line 1578 of file crypto.c.

References check_key(), fixup_key(), key2::keys, M_FATAL, msg, and key2::n.

Referenced by crypto_read_openvpn_key().

◆ write_key()

bool write_key ( const struct key key,
const struct key_type kt,
struct buffer buf 
)

◆ write_key_file()

int write_key_file ( const int  nkeys,
const char *  filename 
)

Write nkeys 1024-bits keys to file.

Returns
number of random bits written, or -1 on failure.

Definition at line 1426 of file crypto.c.

References alloc_buf_gc(), buf_clear(), buf_printf(), buffer_write_file(), format_hex_ex(), gc_free(), gc_new(), generate_key_random(), secure_memzero(), static_key_foot, and static_key_head.

Referenced by do_genkey().

◆ write_pem_key_file()

void write_pem_key_file ( const char *  filename,
const char *  pem_name 
)

Generate a server key with enough randomness to fill a key struct and write to file.

Parameters
filenameFilename of the server key file to create.
pem_nameThe name to use in the PEM header/footer.

Definition at line 1853 of file crypto.c.

References buf_clear(), buf_set_read(), buffer_write_file(), clear_buf(), crypto_pem_encode(), gc_free(), gc_new(), M_ERR, M_NONFATAL, M_WARN, msg, rand_bytes(), and secure_memzero().

Referenced by tls_crypt_v2_write_server_key_file().

Variable Documentation

◆ nonce_data

uint8_t* nonce_data = NULL
static

Definition at line 1680 of file crypto.c.

Referenced by prng_bytes(), prng_init(), prng_reset_nonce(), and prng_uninit().

◆ nonce_md

const md_kt_t* nonce_md = NULL
static

Definition at line 1681 of file crypto.c.

Referenced by prng_bytes(), prng_init(), prng_reset_nonce(), and prng_uninit().

◆ nonce_secret_len

int nonce_secret_len = 0
static

Definition at line 1682 of file crypto.c.

Referenced by prng_bytes(), prng_init(), prng_reset_nonce(), and prng_uninit().

◆ printable_char_fmt

const char printable_char_fmt[]
static
Initial value:
=
"Non-Hex character ('%c') found at line %d in key file '%s' (%d/%d/%d bytes found/min/max)"

Definition at line 1216 of file crypto.c.

Referenced by read_key_file().

◆ static_key_foot

const char static_key_foot[] = "-----END OpenVPN Static key V1-----"
static

Definition at line 1214 of file crypto.c.

Referenced by read_key_file(), and write_key_file().

◆ static_key_head

const char static_key_head[] = "-----BEGIN OpenVPN Static key V1-----"
static

Definition at line 1213 of file crypto.c.

Referenced by read_key_file(), and write_key_file().

◆ unprintable_char_fmt

const char unprintable_char_fmt[]
static
Initial value:
=
"Non-Hex, unprintable character (0x%02x) found at line %d in key file '%s' (%d/%d/%d bytes found/min/max)"

Definition at line 1219 of file crypto.c.

Referenced by read_key_file().