crypto.h

Go to the documentation of this file.

/*
 *  OpenVPN -- An application to securely tunnel IP networks
 *             over a single TCP/UDP port, with support for SSL/TLS-based
 *             session authentication and key exchange,
 *             packet encryption, packet authentication, and
 *             packet compression.
 *
 *  Copyright (C) 2002-2023 OpenVPN Inc <sales@openvpn.net>
 *  Copyright (C) 2010-2021 Fox Crypto B.V. <openvpn@foxcrypto.com>
 *
 *  This program is free software; you can redistribute it and/or modify
 *  it under the terms of the GNU General Public License version 2
 *  as published by the Free Software Foundation.
 *
 *  This program is distributed in the hope that it will be useful,
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *  GNU General Public License for more details.
 *
 *  You should have received a copy of the GNU General Public License along
 *  with this program; if not, write to the Free Software Foundation, Inc.,
 *  51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 */
 
#ifndef CRYPTO_H
#define CRYPTO_H
 
#include "crypto_backend.h"
#include "basic.h"
#include "buffer.h"
#include "packet_id.h"
#include "mtu.h"
 
struct sha256_digest {
    uint8_t digest[SHA256_DIGEST_LENGTH];
};
 
/*
 * Defines a key type and key length for both cipher and HMAC.
 */
struct key_type
{
    const char *cipher;         
    const char *digest;         
};
 
struct key
{
    uint8_t cipher[MAX_CIPHER_KEY_LENGTH];
    uint8_t hmac[MAX_HMAC_KEY_LENGTH];
};
 
 
struct key_ctx
{
    cipher_ctx_t *cipher;       
    hmac_ctx_t *hmac;           
    uint8_t implicit_iv[OPENVPN_MAX_IV_LENGTH];
    size_t implicit_iv_len;     
};
 
#define KEY_DIRECTION_BIDIRECTIONAL 0 /* same keys for both directions */
#define KEY_DIRECTION_NORMAL        1 /* encrypt with keys[0], decrypt with keys[1] */
#define KEY_DIRECTION_INVERSE       2 /* encrypt with keys[1], decrypt with keys[0] */
 
struct key2
{
    int n;                      
    struct key keys[2];         
};
 
struct key_direction_state
{
    int out_key;                
    int in_key;                 
    int need_keys;              
};
 
struct key_ctx_bi
{
    struct key_ctx encrypt;     
    struct key_ctx decrypt;     
    bool initialized;
};
 
struct crypto_options
{
    struct key_ctx_bi key_ctx_bi;
    struct packet_id packet_id; 
    struct packet_id_persist *pid_persist;
#define CO_PACKET_ID_LONG_FORM  (1<<0)
 
#define CO_IGNORE_PACKET_ID     (1<<1)
 
#define CO_MUTE_REPLAY_WARNINGS (1<<2)
 
#define CO_USE_TLS_KEY_MATERIAL_EXPORT  (1<<3)
 
#define CO_RESEND_WKC (1<<4)
 
#define CO_FORCE_TLSCRYPTV2_COOKIE  (1<<5)
 
#define CO_USE_CC_EXIT_NOTIFY       (1<<6)
 
#define CO_USE_DYNAMIC_TLS_CRYPT   (1<<7)
 
    unsigned int flags;         
};
 
#define CRYPT_ERROR(format) \
    do { msg(D_CRYPT_ERRORS, "%s: " format, error_prefix); goto error_exit; } while (false)
 
#define OPENVPN_AEAD_MIN_IV_LEN (sizeof(packet_id_type) + 8)
 
#define RKF_MUST_SUCCEED (1<<0)
#define RKF_INLINE       (1<<1)
void read_key_file(struct key2 *key2, const char *file, const unsigned int flags);
 
int write_key_file(const int nkeys, const char *filename);
 
bool check_key(struct key *key, const struct key_type *kt);
 
bool write_key(const struct key *key, const struct key_type *kt,
               struct buffer *buf);
 
int read_key(struct key *key, const struct key_type *kt, struct buffer *buf);
 
void init_key_type(struct key_type *kt, const char *ciphername,
                   const char *authname, bool tls_mode, bool warn);
 
/*
 * Key context functions
 */
 
void init_key_ctx(struct key_ctx *ctx, const struct key *key,
                  const struct key_type *kt, int enc,
                  const char *prefix);
 
void free_key_ctx(struct key_ctx *ctx);
 
void init_key_ctx_bi(struct key_ctx_bi *ctx, const struct key2 *key2,
                     int key_direction, const struct key_type *kt,
                     const char *name);
 
void free_key_ctx_bi(struct key_ctx_bi *ctx);
 
 
/**************************************************************************/
void openvpn_encrypt(struct buffer *buf, struct buffer work,
                     struct crypto_options *opt);
 
 
bool openvpn_decrypt(struct buffer *buf, struct buffer work,
                     struct crypto_options *opt, const struct frame *frame,
                     const uint8_t *ad_start);
 
bool crypto_check_replay(struct crypto_options *opt,
                         const struct packet_id_net *pin, const char *error_prefix,
                         struct gc_arena *gc);
 
 
unsigned int
calculate_crypto_overhead(const struct key_type *kt,
                          unsigned int pkt_id_size,
                          bool occ);
 
unsigned int crypto_max_overhead(void);
 
void
write_pem_key_file(const char *filename, const char *key_name);
 
bool
generate_ephemeral_key(struct buffer *key, const char *pem_name);
 
bool
read_pem_key_file(struct buffer *key, const char *pem_name,
                  const char *key_file, bool key_inline);
 
/*
 * Message digest-based pseudo random number generator.
 *
 * If the PRNG was initialised with a certain message digest, uses the digest
 * to calculate the next random number, and prevent depletion of the entropy
 * pool.
 *
 * This PRNG is aimed at IV generation and similar miscellaneous tasks. Use
 * \c rand_bytes() for higher-assurance functionality.
 *
 * Retrieves len bytes of pseudo random data, and places it in output.
 *
 * @param output        Output buffer
 * @param len           Length of the output buffer
 */
void prng_bytes(uint8_t *output, int len);
 
/* an analogue to the random() function, but use prng_bytes */
long int get_random(void);
 
void print_cipher(const char *cipher);
 
void test_crypto(struct crypto_options *co, struct frame *f);
 
 
/* key direction functions */
 
void key_direction_state_init(struct key_direction_state *kds, int key_direction);
 
void verify_fix_key2(struct key2 *key2, const struct key_type *kt, const char *shared_secret_file);
 
void must_have_n_keys(const char *filename, const char *option, const struct key2 *key2, int n);
 
int ascii2keydirection(int msglevel, const char *str);
 
const char *keydirection2ascii(int kd, bool remote, bool humanreadable);
 
/* print keys */
void key2_print(const struct key2 *k,
                const struct key_type *kt,
                const char *prefix0,
                const char *prefix1);
 
void crypto_read_openvpn_key(const struct key_type *key_type,
                             struct key_ctx_bi *ctx, const char *key_file,
                             bool key_inline, const int key_direction,
                             const char *key_name, const char *opt_name,
                             struct key2 *keydata);
 
/*
 * Inline functions
 */
 
int memcmp_constant_time(const void *a, const void *b, size_t size);
 
static inline bool
key_ctx_bi_defined(const struct key_ctx_bi *key)
{
    return key->encrypt.cipher || key->encrypt.hmac || key->decrypt.cipher || key->decrypt.hmac;
}
 
const char *print_key_filename(const char *str, bool is_inline);
 
static inline struct key_type
create_kt(const char *cipher, const char *md, const char *optname)
{
    struct key_type kt;
    kt.cipher = cipher;
    kt.digest = md;
 
    if (cipher_defined(kt.cipher) && !cipher_valid(kt.cipher))
    {
        msg(M_WARN, "ERROR: --%s requires %s support.", optname, kt.cipher);
        return (struct key_type) { 0 };
    }
    if (md_defined(kt.digest) && !md_valid(kt.digest))
    {
        msg(M_WARN, "ERROR: --%s requires %s support.", optname, kt.digest);
        return (struct key_type) { 0 };
    }
 
    return kt;
}
 
bool check_tls_prf_working(void);
 
#endif /* CRYPTO_H */