OpenVPN
crypto_openssl.h
Go to the documentation of this file.
1 /*
2  * OpenVPN -- An application to securely tunnel IP networks
3  * over a single TCP/UDP port, with support for SSL/TLS-based
4  * session authentication and key exchange,
5  * packet encryption, packet authentication, and
6  * packet compression.
7  *
8  * Copyright (C) 2002-2018 OpenVPN Inc <sales@openvpn.net>
9  * Copyright (C) 2010-2018 Fox Crypto B.V. <openvpn@fox-it.com>
10  *
11  * This program is free software; you can redistribute it and/or modify
12  * it under the terms of the GNU General Public License version 2
13  * as published by the Free Software Foundation.
14  *
15  * This program is distributed in the hope that it will be useful,
16  * but WITHOUT ANY WARRANTY; without even the implied warranty of
17  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18  * GNU General Public License for more details.
19  *
20  * You should have received a copy of the GNU General Public License along
21  * with this program; if not, write to the Free Software Foundation, Inc.,
22  * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
23  */
24 
29 #ifndef CRYPTO_OPENSSL_H_
30 #define CRYPTO_OPENSSL_H_
31 
32 #include <openssl/evp.h>
33 #include <openssl/hmac.h>
34 #include <openssl/md5.h>
35 #include <openssl/sha.h>
36 
38 typedef EVP_CIPHER cipher_kt_t;
39 
41 typedef EVP_MD md_kt_t;
42 
44 typedef EVP_CIPHER_CTX cipher_ctx_t;
45 
47 typedef EVP_MD_CTX md_ctx_t;
48 
50 typedef HMAC_CTX hmac_ctx_t;
51 
53 #define OPENVPN_MAX_IV_LENGTH EVP_MAX_IV_LENGTH
54 
56 #define OPENVPN_MODE_CBC EVP_CIPH_CBC_MODE
57 
59 #define OPENVPN_MODE_OFB EVP_CIPH_OFB_MODE
60 
62 #define OPENVPN_MODE_CFB EVP_CIPH_CFB_MODE
63 
64 #ifdef HAVE_AEAD_CIPHER_MODES
65 
67 #define OPENVPN_MODE_GCM EVP_CIPH_GCM_MODE
68 
69 #endif /* HAVE_AEAD_CIPHER_MODES */
70 
72 #define OPENVPN_OP_ENCRYPT 1
73 
75 #define OPENVPN_OP_DECRYPT 0
76 
77 #define DES_KEY_LENGTH 8
78 #define MD4_DIGEST_LENGTH 16
79 
87 void crypto_print_openssl_errors(const unsigned int flags);
88 
98 #define crypto_msg(flags, ...) \
99  do { \
100  crypto_print_openssl_errors(nonfatal(flags)); \
101  msg((flags), __VA_ARGS__); \
102  } while (false)
103 
104 static inline bool
106 {
107  return EVP_CIPHER_flags(cipher) & EVP_CIPH_VARIABLE_LENGTH;
108 }
109 
110 #endif /* CRYPTO_OPENSSL_H_ */
EVP_MD_CTX md_ctx_t
Generic message digest context.
EVP_MD md_kt_t
Generic message digest key type context.
list flags
mbedtls_cipher_info_t cipher_kt_t
Generic cipher key type context.
HMAC_CTX hmac_ctx_t
Generic HMAC context.
EVP_CIPHER cipher_kt_t
Generic cipher key type context.
void crypto_print_openssl_errors(const unsigned int flags)
Retrieve any occurred OpenSSL errors and print those errors.
EVP_CIPHER_CTX cipher_ctx_t
Generic cipher context.
static bool cipher_kt_var_key_size(const cipher_kt_t *cipher)