OpenVPN
Macros | Functions | Variables
crypto.c File Reference
#include "syshead.h"
#include "crypto.h"
#include "error.h"
#include "integer.h"
#include "platform.h"
#include "memdbg.h"
Include dependency graph for crypto.c:

Go to the source code of this file.

Macros

#define PARSE_INITIAL   0
 
#define PARSE_HEAD   1
 
#define PARSE_DATA   2
 
#define PARSE_DATA_COMPLETE   3
 
#define PARSE_FOOT   4
 
#define PARSE_FINISHED   5
 

Functions

static void openvpn_encrypt_aead (struct buffer *buf, struct buffer work, struct crypto_options *opt)
 
static void openvpn_encrypt_v1 (struct buffer *buf, struct buffer work, struct crypto_options *opt)
 
void openvpn_encrypt (struct buffer *buf, struct buffer work, struct crypto_options *opt)
 Encrypt and HMAC sign a packet so that it can be sent as a data channel VPN tunnel packet to a remote OpenVPN peer. More...
 
bool crypto_check_replay (struct crypto_options *opt, const struct packet_id_net *pin, const char *error_prefix, struct gc_arena *gc)
 Check packet ID for replay, and perform replay administration. More...
 
static bool openvpn_decrypt_aead (struct buffer *buf, struct buffer work, struct crypto_options *opt, const struct frame *frame, const uint8_t *ad_start)
 Unwrap (authenticate, decrypt and check replay protection) AEAD-mode data channel packets. More...
 
static bool openvpn_decrypt_v1 (struct buffer *buf, struct buffer work, struct crypto_options *opt, const struct frame *frame)
 
bool openvpn_decrypt (struct buffer *buf, struct buffer work, struct crypto_options *opt, const struct frame *frame, const uint8_t *ad_start)
 HMAC verify and decrypt a data channel packet received from a remote OpenVPN peer. More...
 
void crypto_adjust_frame_parameters (struct frame *frame, const struct key_type *kt, bool packet_id, bool packet_id_long_form)
 Calculate crypto overhead and adjust frame to account for that. More...
 
unsigned int crypto_max_overhead (void)
 Return the worst-case OpenVPN crypto overhead (in bytes) More...
 
static void warn_insecure_key_type (const char *ciphername, const cipher_kt_t *cipher)
 
void init_key_type (struct key_type *kt, const char *ciphername, const char *authname, bool tls_mode, bool warn)
 Initialize a key_type structure with. More...
 
void init_key_ctx (struct key_ctx *ctx, const struct key *key, const struct key_type *kt, int enc, const char *prefix)
 
void init_key_ctx_bi (struct key_ctx_bi *ctx, const struct key2 *key2, int key_direction, const struct key_type *kt, const char *name)
 
void free_key_ctx (struct key_ctx *ctx)
 
void free_key_ctx_bi (struct key_ctx_bi *ctx)
 
static bool key_is_zero (struct key *key, const struct key_type *kt)
 
bool check_key (struct key *key, const struct key_type *kt)
 
void fixup_key (struct key *key, const struct key_type *kt)
 
void check_replay_consistency (const struct key_type *kt, bool packet_id)
 
void generate_key_random (struct key *key, const struct key_type *kt)
 
void key2_print (const struct key2 *k, const struct key_type *kt, const char *prefix0, const char *prefix1)
 
void test_crypto (struct crypto_options *co, struct frame *frame)
 
const char * print_key_filename (const char *str, bool is_inline)
 To be used when printing a string that may contain inline data. More...
 
void crypto_read_openvpn_key (const struct key_type *key_type, struct key_ctx_bi *ctx, const char *key_file, bool key_inline, const int key_direction, const char *key_name, const char *opt_name)
 
void read_key_file (struct key2 *key2, const char *file, const unsigned int flags)
 
int write_key_file (const int nkeys, const char *filename)
 Write nkeys 1024-bits keys to file. More...
 
void must_have_n_keys (const char *filename, const char *option, const struct key2 *key2, int n)
 
int ascii2keydirection (int msglevel, const char *str)
 
const char * keydirection2ascii (int kd, bool remote, bool humanreadable)
 
void key_direction_state_init (struct key_direction_state *kds, int key_direction)
 
void verify_fix_key2 (struct key2 *key2, const struct key_type *kt, const char *shared_secret_file)
 
bool write_key (const struct key *key, const struct key_type *kt, struct buffer *buf)
 
int read_key (struct key *key, const struct key_type *kt, struct buffer *buf)
 
static void prng_reset_nonce (void)
 
void prng_init (const char *md_name, const int nonce_secret_len_parm)
 Pseudo-random number generator initialisation. More...
 
void prng_uninit (void)
 
void prng_bytes (uint8_t *output, int len)
 
long int get_random (void)
 
void print_cipher (const cipher_kt_t *cipher)
 Print a cipher list entry. More...
 
static const cipher_name_pairget_cipher_name_pair (const char *cipher_name)
 
const char * translate_cipher_name_from_openvpn (const char *cipher_name)
 Translate a data channel cipher name from the crypto library specific name to the OpenVPN config file 'language'. More...
 
const char * translate_cipher_name_to_openvpn (const char *cipher_name)
 Translate a crypto library cipher name to an OpenVPN cipher name. More...
 
void write_pem_key_file (const char *filename, const char *pem_name)
 Generate a server key with enough randomness to fill a key struct and write to file. More...
 
bool generate_ephemeral_key (struct buffer *key, const char *key_name)
 Generate ephermal key material into the key structure. More...
 
bool read_pem_key_file (struct buffer *key, const char *pem_name, const char *key_file, bool key_inline)
 Read key material from a PEM encoded files into the key structure. More...
 

Variables

static const char static_key_head [] = "-----BEGIN OpenVPN Static key V1-----"
 
static const char static_key_foot [] = "-----END OpenVPN Static key V1-----"
 
static const char printable_char_fmt []
 
static const char unprintable_char_fmt []
 
static uint8_t * nonce_data = NULL
 
static const md_kt_tnonce_md = NULL
 
static int nonce_secret_len = 0
 

Macro Definition Documentation

◆ PARSE_DATA

#define PARSE_DATA   2

Referenced by read_key_file().

◆ PARSE_DATA_COMPLETE

#define PARSE_DATA_COMPLETE   3

Referenced by read_key_file().

◆ PARSE_FINISHED

#define PARSE_FINISHED   5

Referenced by read_key_file().

◆ PARSE_FOOT

#define PARSE_FOOT   4

Referenced by read_key_file().

◆ PARSE_HEAD

#define PARSE_HEAD   1

Referenced by read_key_file().

◆ PARSE_INITIAL

#define PARSE_INITIAL   0

Referenced by read_key_file().

Function Documentation

◆ ascii2keydirection()

int ascii2keydirection ( int  msglevel,
const char *  str 
)

Definition at line 1505 of file crypto.c.

References KEY_DIRECTION_BIDIRECTIONAL, KEY_DIRECTION_INVERSE, KEY_DIRECTION_NORMAL, and msg.

Referenced by add_option().

◆ check_key()

bool check_key ( struct key key,
const struct key_type kt 
)

◆ check_replay_consistency()

void check_replay_consistency ( const struct key_type kt,
bool  packet_id 
)

◆ crypto_adjust_frame_parameters()

void crypto_adjust_frame_parameters ( struct frame frame,
const struct key_type kt,
bool  packet_id,
bool  packet_id_long_form 
)

◆ crypto_check_replay()

bool crypto_check_replay ( struct crypto_options opt,
const struct packet_id_net pin,
const char *  error_prefix,
struct gc_arena gc 
)

Check packet ID for replay, and perform replay administration.

Parameters
optCrypto options for this packet, contains replay state.
pinPacket ID read from packet.
error_prefixPrefix to use when printing error messages.
gcGarbage collector to use.
Returns
true if packet ID is validated to be not a replay, false otherwise.

Definition at line 319 of file crypto.c.

References CO_MUTE_REPLAY_WARNINGS, CO_PACKET_ID_LONG_FORM, D_REPLAY_ERRORS, crypto_options::flags, msg, crypto_options::packet_id, packet_id_add(), packet_id_net_print(), packet_id_persist_save_obj(), packet_id_reap_test(), packet_id_test(), crypto_options::pid_persist, and packet_id::rec.

Referenced by openvpn_decrypt_aead(), openvpn_decrypt_v1(), and tls_crypt_unwrap().

◆ crypto_max_overhead()

unsigned int crypto_max_overhead ( void  )

◆ crypto_read_openvpn_key()

void crypto_read_openvpn_key ( const struct key_type key_type,
struct key_ctx_bi ctx,
const char *  key_file,
bool  key_inline,
const int  key_direction,
const char *  key_name,
const char *  opt_name 
)

◆ fixup_key()

void fixup_key ( struct key key,
const struct key_type kt 
)

◆ free_key_ctx()

void free_key_ctx ( struct key_ctx ctx)

◆ free_key_ctx_bi()

void free_key_ctx_bi ( struct key_ctx_bi ctx)

◆ generate_ephemeral_key()

bool generate_ephemeral_key ( struct buffer key,
const char *  pem_name 
)

Generate ephermal key material into the key structure.

Parameters
keythe key structure that will hold the key material
pem_namethe name used for logging
Returns
true if key generation was successful

Definition at line 1899 of file crypto.c.

References BCAP, BEND, buf_inc_len(), buffer::len, M_INFO, M_WARN, msg, and rand_bytes().

Referenced by auth_token_init_secret().

◆ generate_key_random()

void generate_key_random ( struct key key,
const struct key_type kt 
)

◆ get_cipher_name_pair()

static const cipher_name_pair* get_cipher_name_pair ( const char *  cipher_name)
static

◆ get_random()

long int get_random ( void  )

◆ init_key_ctx()

void init_key_ctx ( struct key_ctx ctx,
const struct key key,
const struct key_type kt,
int  enc,
const char *  prefix 
)

◆ init_key_ctx_bi()

void init_key_ctx_bi ( struct key_ctx_bi ctx,
const struct key2 key2,
int  key_direction,
const struct key_type kt,
const char *  name 
)

◆ init_key_type()

void init_key_type ( struct key_type kt,
const char *  ciphername,
const char *  authname,
bool  tls_mode,
bool  warn 
)

Initialize a key_type structure with.

Parameters
ktThe struct key_type to initialize
ciphernameThe name of the cipher to use
authnameThe name of the HMAC digest to use
tls_modeSpecifies whether we are running in TLS mode, which allows more ciphers than static key mode.
warnPrint warnings when null cipher / auth is used.

Definition at line 741 of file crypto.c.

References ASSERT, key_type::cipher, cipher_kt_block_size(), cipher_kt_get(), cipher_kt_key_size(), cipher_kt_mode_aead(), cipher_kt_mode_cbc(), cipher_kt_mode_ofb_cfb(), key_type::cipher_length, CLEAR, key_type::digest, ENABLE_OFB_CFB_MODE, key_type::hmac_length, M_FATAL, M_WARN, md_kt_get(), md_kt_size(), msg, OPENVPN_MAX_CIPHER_BLOCK_SIZE, and warn_insecure_key_type().

Referenced by calc_options_string_link_mtu(), do_init_crypto_static(), do_init_crypto_tls_c1(), options_string(), and tls_session_update_crypto_params().

◆ key2_print()

void key2_print ( const struct key2 k,
const struct key_type kt,
const char *  prefix0,
const char *  prefix1 
)

◆ key_direction_state_init()

void key_direction_state_init ( struct key_direction_state kds,
int  key_direction 
)

◆ key_is_zero()

static bool key_is_zero ( struct key key,
const struct key_type kt 
)
static

Definition at line 911 of file crypto.c.

References key::cipher, key_type::cipher_length, D_CRYPT_ERRORS, and msg.

Referenced by check_key().

◆ keydirection2ascii()

const char* keydirection2ascii ( int  kd,
bool  remote,
bool  humanreadable 
)

◆ must_have_n_keys()

void must_have_n_keys ( const char *  filename,
const char *  option,
const struct key2 key2,
int  n 
)

Definition at line 1492 of file crypto.c.

References M_FATAL, msg, key2::n, and PACKAGE.

Referenced by crypto_read_openvpn_key().

◆ openvpn_decrypt_aead()

static bool openvpn_decrypt_aead ( struct buffer buf,
struct buffer  work,
struct crypto_options opt,
const struct frame frame,
const uint8_t *  ad_start 
)
static

◆ openvpn_decrypt_v1()

static bool openvpn_decrypt_v1 ( struct buffer buf,
struct buffer  work,
struct crypto_options opt,
const struct frame frame 
)
static

◆ openvpn_encrypt_aead()

static void openvpn_encrypt_aead ( struct buffer buf,
struct buffer  work,
struct crypto_options opt 
)
static

◆ openvpn_encrypt_v1()

static void openvpn_encrypt_v1 ( struct buffer buf,
struct buffer  work,
struct crypto_options opt 
)
static

◆ print_cipher()

void print_cipher ( const cipher_kt_t cipher)

Print a cipher list entry.

Definition at line 1787 of file crypto.c.

References cipher_kt_block_size(), cipher_kt_key_size(), cipher_kt_mode_cbc(), cipher_kt_name(), and cipher_kt_var_key_size().

Referenced by show_available_ciphers().

◆ print_key_filename()

const char* print_key_filename ( const char *  str,
bool  is_inline 
)

To be used when printing a string that may contain inline data.

If "is_inline" is true, return the inline tag. If "is_inline" is false and "str" is not NULL, return "str". Return the constant string "[NULL]" otherwise.

Parameters
strthe original string to return when is_inline is false
is_inlinetrue when str contains an inline data of some sort

Definition at line 1168 of file crypto.c.

References np().

Referenced by backend_tls_ctx_reload_crl(), crypto_read_openvpn_key(), key_ctx_bi_defined(), read_key_file(), tls_ctx_load_ca(), tls_ctx_load_dh_params(), tls_ctx_load_extra_certs(), and tls_ctx_load_priv_file().

◆ prng_bytes()

void prng_bytes ( uint8_t *  output,
int  len 
)

◆ prng_init()

void prng_init ( const char *  md_name,
const int  nonce_secret_len_parm 
)

Pseudo-random number generator initialisation.

(see prng_rand_bytes())

Parameters
md_nameName of the message digest to use
nonce_secret_len_paramLength of the nonce to use

Definition at line 1715 of file crypto.c.

References ASSERT, check_malloc_return(), D_CRYPTO_DEBUG, dmsg, malloc, md_kt_get(), md_kt_name(), md_kt_size(), nonce_data, nonce_md, nonce_secret_len, NONCE_SECRET_LEN_MAX, NONCE_SECRET_LEN_MIN, prng_reset_nonce(), and prng_uninit().

Referenced by do_init_crypto_tls_c1(), and init_static().

◆ prng_reset_nonce()

static void prng_reset_nonce ( void  )
static

Definition at line 1694 of file crypto.c.

References M_FATAL, md_kt_size(), msg, nonce_data, nonce_md, nonce_secret_len, and rand_bytes().

Referenced by prng_bytes(), and prng_init().

◆ prng_uninit()

void prng_uninit ( void  )

Definition at line 1734 of file crypto.c.

References free, nonce_data, nonce_md, and nonce_secret_len.

Referenced by free_ssl_lib(), init_static(), and prng_init().

◆ read_key()

int read_key ( struct key key,
const struct key_type kt,
struct buffer buf 
)

◆ read_key_file()

void read_key_file ( struct key2 key2,
const char *  file,
const unsigned int  flags 
)

◆ read_pem_key_file()

bool read_pem_key_file ( struct buffer key,
const char *  pem_name,
const char *  key_file,
bool  key_inline 
)

Read key material from a PEM encoded files into the key structure.

Parameters
keythe key structure that will hold the key material
pem_namethe name used in the pem encoding start/end lines
key_filename of the file to read or the key itself if key_inline is true
key_inlineTrue if key_file contains an inline key, False otherwise.
Returns
true if reading into key was successful

Definition at line 1917 of file crypto.c.

References buf_clear(), buf_set_read(), buf_valid(), buffer_read_from_file(), crypto_pem_decode(), gc_free(), gc_new(), M_WARN, and msg.

Referenced by auth_token_init_secret(), tls_crypt_v2_init_client_key(), and tls_crypt_v2_init_server_key().

◆ test_crypto()

void test_crypto ( struct crypto_options co,
struct frame frame 
)

◆ translate_cipher_name_from_openvpn()

const char * translate_cipher_name_from_openvpn ( const char *  cipher_name)

Translate a data channel cipher name from the crypto library specific name to the OpenVPN config file 'language'.

Translate a data channel cipher name from the OpenVPN config file 'language' to the crypto library specific name.

Translate an OpenVPN cipher name to a crypto library cipher name.

Parameters
cipher_nameAn OpenVPN cipher name
Returns
The corresponding crypto library cipher name, or NULL if no matching cipher name was found.

Definition at line 1835 of file crypto.c.

References get_cipher_name_pair(), and cipher_name_pair::lib_name.

Referenced by cipher_kt_block_size(), and cipher_kt_get().

◆ translate_cipher_name_to_openvpn()

const char* translate_cipher_name_to_openvpn ( const char *  cipher_name)

Translate a crypto library cipher name to an OpenVPN cipher name.

Parameters
cipher_nameA crypto library cipher name
Returns
The corresponding OpenVPN cipher name, or NULL if no matching cipher name was found.

Definition at line 1848 of file crypto.c.

References get_cipher_name_pair(), and cipher_name_pair::openvpn_name.

Referenced by cipher_kt_block_size(), cipher_kt_name(), and multi_print_status().

◆ verify_fix_key2()

void verify_fix_key2 ( struct key2 key2,
const struct key_type kt,
const char *  shared_secret_file 
)

Definition at line 1586 of file crypto.c.

References check_key(), fixup_key(), key2::keys, M_FATAL, msg, and key2::n.

Referenced by crypto_read_openvpn_key().

◆ warn_insecure_key_type()

static void warn_insecure_key_type ( const char *  ciphername,
const cipher_kt_t cipher 
)
static

Definition at line 724 of file crypto.c.

References cipher_kt_block_size(), cipher_kt_insecure(), M_WARN, and msg.

Referenced by init_key_ctx(), and init_key_type().

◆ write_key()

bool write_key ( const struct key key,
const struct key_type kt,
struct buffer buf 
)

◆ write_key_file()

int write_key_file ( const int  nkeys,
const char *  filename 
)

Write nkeys 1024-bits keys to file.

Returns
number of random bits written, or -1 on failure.

Definition at line 1429 of file crypto.c.

References alloc_buf_gc(), BLEN, BPTR, buf_clear(), buf_printf(), buffer_write_file(), format_hex_ex(), gc_free(), gc_new(), generate_key_random(), secure_memzero(), static_key_foot, and static_key_head.

Referenced by do_genkey().

◆ write_pem_key_file()

void write_pem_key_file ( const char *  filename,
const char *  key_name 
)

Generate a server key with enough randomness to fill a key struct and write to file.

Parameters
filenameFilename of the server key file to create.
pem_nameThe name to use in the PEM header/footer.

Definition at line 1861 of file crypto.c.

References BLEN, BPTR, buf_clear(), buf_set_read(), buffer_write_file(), clear_buf(), crypto_pem_encode(), gc_free(), gc_new(), M_ERR, M_NONFATAL, M_WARN, msg, rand_bytes(), and secure_memzero().

Referenced by auth_token_write_server_key_file(), and tls_crypt_v2_write_server_key_file().

Variable Documentation

◆ nonce_data

uint8_t* nonce_data = NULL
static

Definition at line 1688 of file crypto.c.

Referenced by prng_bytes(), prng_init(), prng_reset_nonce(), and prng_uninit().

◆ nonce_md

const md_kt_t* nonce_md = NULL
static

Definition at line 1689 of file crypto.c.

Referenced by prng_bytes(), prng_init(), prng_reset_nonce(), and prng_uninit().

◆ nonce_secret_len

int nonce_secret_len = 0
static

Definition at line 1690 of file crypto.c.

Referenced by prng_bytes(), prng_init(), prng_reset_nonce(), and prng_uninit().

◆ printable_char_fmt

const char printable_char_fmt[]
static
Initial value:
=
"Non-Hex character ('%c') found at line %d in key file '%s' (%d/%d/%d bytes found/min/max)"

Definition at line 1217 of file crypto.c.

Referenced by read_key_file().

◆ static_key_foot

const char static_key_foot[] = "-----END OpenVPN Static key V1-----"
static

Definition at line 1215 of file crypto.c.

Referenced by read_key_file(), and write_key_file().

◆ static_key_head

const char static_key_head[] = "-----BEGIN OpenVPN Static key V1-----"
static

Definition at line 1214 of file crypto.c.

Referenced by read_key_file(), and write_key_file().

◆ unprintable_char_fmt

const char unprintable_char_fmt[]
static
Initial value:
=
"Non-Hex, unprintable character (0x%02x) found at line %d in key file '%s' (%d/%d/%d bytes found/min/max)"

Definition at line 1220 of file crypto.c.

Referenced by read_key_file().