27 #elif defined(_MSC_VER) 70 uint8_t *mac_out = NULL;
120 "ENCRYPT: buffer size error, bc=%d bo=%d bl=%d wc=%d wo=%d wl=%d",
163 if (buf->
len > 0 && opt)
166 uint8_t *mac_out = NULL;
167 const uint8_t *hmac_start = NULL;
182 hmac_start =
BEND(&work);
228 msg(
D_CRYPT_ERRORS,
"ENCRYPT: buffer size error, bc=%d bo=%d bl=%d wc=%d wo=%d wl=%d cbs=%d",
249 || outlen == iv_size);
262 hmac_start =
BPTR(buf);
302 if (buf->
len > 0 && opt)
339 "see the man page entry for --no-replay and --replay-window for " 340 "more info or silence this warning with --mute-replay-warnings",
358 const uint8_t *ad_start)
360 static const char error_prefix[] =
"AEAD Decrypt error";
364 uint8_t *tag_ptr = NULL;
399 memcpy(iv,
BPTR(buf), packet_iv_len);
419 if (buf->
len < tag_size)
442 const int ad_size =
BPTR(buf) - ad_start - tag_size;
456 &outlen, tag_ptr, tag_size))
494 static const char error_prefix[] =
"Authenticate/Decrypt packet error";
498 if (buf->
len > 0 && opt)
502 bool have_pin =
false;
519 if (buf->
len < hmac_len)
549 if (buf->
len < iv_size)
553 memcpy(iv_buf,
BPTR(buf), iv_size);
658 const uint8_t *ad_start)
662 if (buf->
len > 0 && opt)
685 bool packet_id_long_form)
687 unsigned int crypto_overhead = 0;
711 msg(
D_MTU_DEBUG,
"%s: Adjusting frame parameters for crypto by %u bytes",
712 __func__, crypto_overhead);
728 msg(
M_WARN,
"WARNING: INSECURE cipher (%s) with block size less than 128" 729 " bit (%d bit). This allows attacks like SWEET32. Mitigate by " 730 "using a --cipher with a larger block size (e.g. AES-256-CBC). " 731 "Support for these insecure ciphers will be removed in " 742 const char *authname,
bool tls_mode,
bool warn)
744 bool aead_cipher =
false;
750 if (strcmp(ciphername,
"none") != 0)
755 msg(
M_FATAL,
"Cipher %s not supported", ciphername);
763 || (tls_mode && aead_cipher)
769 msg(
M_FATAL,
"Cipher '%s' mode not supported", ciphername);
774 msg(
M_FATAL,
"Cipher '%s' not allowed: block size too big.", ciphername);
785 msg(
M_WARN,
"******* WARNING *******: '--cipher none' was specified. " 786 "This means NO encryption will be performed and tunnelled " 787 "data WILL be transmitted in clear text over the network! " 788 "PLEASE DO RECONSIDER THIS SETTING!");
791 if (strcmp(authname,
"none") != 0)
798 if (OPENVPN_MAX_HMAC_SIZE < kt->hmac_length)
800 msg(
M_FATAL,
"HMAC '%s' not allowed: digest size too big.", authname);
804 else if (!aead_cipher)
808 msg(
M_WARN,
"******* WARNING *******: '--auth none' was specified. " 809 "This means no authentication will be performed on received " 810 "packets, meaning you CANNOT trust that the data received by " 811 "the remote side have NOT been manipulated. " 812 "PLEASE DO RECONSIDER THIS SETTING!");
851 "%s: Using %d bit message hash '%s' for HMAC authentication",
868 int key_direction,
const struct key_type *kt,
const char *name)
870 char log_prefix[128] = { 0 };
974 const struct key orig = *key;
1006 msg(
M_FATAL,
"--no-replay cannot be used with a CFB, OFB or AEAD mode cipher");
1040 msg(
M_FATAL,
"ERROR: Random number generator cannot obtain entropy for key generation");
1061 const char *prefix0,
1062 const char *prefix1)
1123 msg(
M_INFO,
"TESTING ENCRYPT/DECRYPT of packet length=%d", i);
1137 memcpy(buf_p,
BPTR(&src),
BLEN(&src));
1153 for (j = 0; j < i; ++j)
1155 const uint8_t in = *(
BPTR(&src) + j);
1156 const uint8_t out = *(
BPTR(&buf) + j);
1159 msg(
M_FATAL,
"SELF TEST FAILED, pos=%d in=%d out=%d", j, in, out);
1172 return "[[INLINE]]";
1180 struct key_ctx_bi *ctx,
const char *key_file,
1181 bool key_inline,
const int key_direction,
1182 const char *key_name,
const char *opt_name)
1196 msg(
M_ERR,
"File '%s' does not have OpenVPN Static Key format. Using " 1197 "free-form passphrase file is not supported anymore.",
1218 "Non-Hex character ('%c') found at line %d in key file '%s' (%d/%d/%d bytes found/min/max)";
1221 "Non-Hex, unprintable character (0x%02x) found at line %d in key file '%s' (%d/%d/%d bytes found/min/max)";
1231 uint8_t hex_byte[3] = {0, 0, 0};
1234 const unsigned char *cp;
1241 uint8_t *out = (uint8_t *) &key2->
keys;
1242 const int keylen =
sizeof(key2->
keys);
1246 #define PARSE_INITIAL 0 1247 #define PARSE_HEAD 1 1248 #define PARSE_DATA 2 1249 #define PARSE_DATA_COMPLETE 3 1250 #define PARSE_FOOT 4 1251 #define PARSE_FINISHED 5 1257 const int onekeylen =
sizeof(key2->
keys[0]);
1267 size = strlen(file) + 1;
1275 msg(
M_FATAL,
"Read error on key file ('%s')", file);
1281 cp = (
unsigned char *)in.
data;
1284 const unsigned char c = *cp;
1287 msg(
M_INFO,
"char='%c'[%d] s=%d ln=%d li=%d m=%d c=%d",
1288 c, (
int)c, state, line_num, line_index, match, count);
1293 line_index = match = 0;
1319 if (++match == hlen)
1331 if (++match == flen)
1343 ASSERT(hb_index >= 0 && hb_index < 2);
1344 hex_byte[hb_index++] = c;
1348 ASSERT(sscanf((
const char *)hex_byte,
"%x", &u) == 1);
1351 if (++count == keylen)
1357 else if (isspace(c))
1378 key2->
n = count / onekeylen;
1386 msg(
M_FATAL,
"Insufficient key material or header text not found in file '%s' (%d/%d/%d bytes found/min/max)",
1393 msg(
M_FATAL,
"Footer text not found in file '%s' (%d/%d/%d bytes found/min/max)",
1400 if (!(flags & RKF_INLINE))
1409 printf(
"KEY READ, n=%d\n", key2->
n);
1410 for (i = 0; i < (int)
SIZE(key2->
keys); ++i)
1414 sizeof(key2->
keys[i]),
1419 printf(
"[%d]\n%s\n\n", i, fmt);
1433 int nbits = nkeys *
sizeof(
struct key) * 8;
1439 const int bytes_per_line = 16;
1442 buf_printf(&out,
"#\n# %d bit OpenVPN static key\n#\n", nbits);
1445 for (
int i = 0; i < nkeys; ++i)
1472 if (!filename || strcmp(filename,
"")==0)
1474 printf(
"%.*s\n",
BLEN(&out),
BPTR(&out));
1497 msg(
M_FATAL,
"Key file '%s' used in --%s contains insufficient key material [keys found=%d required=%d]", filename, option, key2->
n, n);
1499 msg(
M_FATAL,
"Key file '%s' used in --%s contains insufficient key material [keys found=%d required=%d] -- try generating a new key file with '" PACKAGE " --genkey secret [file]', or use the existing key file in bidirectional mode by specifying --%s without a key direction parameter", filename, option, key2->
n, n, option);
1511 else if (!strcmp(str,
"0"))
1515 else if (!strcmp(str,
"1"))
1521 msg(msglevel,
"Unknown key direction '%s' -- must be '0' or '1'", str);
1543 return remote ?
"1" :
"0";
1547 return remote ?
"0" :
"1";
1560 switch (key_direction)
1590 for (i = 0; i < key2->
n; ++i)
1598 msg(
M_FATAL,
"Key #%d in '%s' is bad. Try making a new key with --genkey.",
1599 i+1, shared_secret_file);
1641 uint8_t cipher_length;
1642 uint8_t hmac_length;
1645 if (!
buf_read(buf, &cipher_length, 1))
1649 if (!
buf_read(buf, &hmac_length, 1))
1676 "TLS Error: key length mismatch, local cipher/hmac %d/%d, remote cipher/hmac %d/%d",
1700 msg(
M_FATAL,
"ERROR: Random number generator cannot obtain entropy for PRNG");
1706 for (i = 0; i < size; ++i)
1715 prng_init(
const char *md_name,
const int nonce_secret_len_parm)
1745 static size_t processed = 0;
1752 const int blen =
min_int(len, md_size);
1792 printf(
"%s (%d bit key%s, ",
1798 printf(
"stream cipher");
1807 printf(
", TLS client/server mode only");
1824 || 0 == strcmp(cipher_name, pair->
lib_name))
1864 struct key server_key = { 0 };
1868 if (!
rand_bytes((
void *)&server_key,
sizeof(server_key)))
1873 buf_set_read(&server_key_buf, (
void *)&server_key,
sizeof(server_key));
1875 &server_key_buf, &gc))
1877 msg(
M_WARN,
"ERROR: could not PEM-encode key");
1881 if (!filename || strcmp(filename,
"")==0)
1883 printf(
"%.*s",
BLEN(&server_key_pem),
BPTR(&server_key_pem));
1887 msg(
M_ERR,
"ERROR: could not write key file");
1903 msg(
M_INFO,
"Using random %s.", key_name);
1907 msg(
M_WARN,
"ERROR: could not generate random key");
1918 const char *key_file,
bool key_inline)
1921 struct buffer key_pem = { 0 };
1929 msg(
M_WARN,
"ERROR: failed to read %s file (%s)",
1930 pem_name, key_file);
1936 buf_set_read(&key_pem, (
const void *)key_file, strlen(key_file) + 1);
1941 msg(
M_WARN,
"ERROR: %s pem decode failed", pem_name);
int md_full(const md_kt_t *kt, const uint8_t *src, int src_len, uint8_t *dst)
bool cipher_kt_mode_aead(const cipher_kt_t *cipher)
Check if the supplied cipher is a supported AEAD mode cipher.
bool crypto_pem_decode(const char *name, struct buffer *dst, const struct buffer *src)
Decode a PEM buffer to binary data.
#define PARSE_DATA_COMPLETE
const cipher_kt_t * cipher_ctx_get_cipher_kt(const cipher_ctx_t *ctx)
Returns the static cipher parameters for this context.
int read_key(struct key *key, const struct key_type *kt, struct buffer *buf)
size_t implicit_iv_len
The length of implicit_iv.
static const cipher_name_pair * get_cipher_name_pair(const char *cipher_name)
Security parameter state for processing data channel packets.
#define CO_PACKET_ID_LONG_FORM
Bit-flag indicating whether to use OpenVPN's long packet ID format.
#define CRYPT_ERROR(format)
struct packet_id packet_id
Current packet ID state for both sending and receiving directions.
void free_key_ctx(struct key_ctx *ctx)
uint8_t hmac_length
HMAC length, in bytes.
unsigned int crypto_max_overhead(void)
Return the worst-case OpenVPN crypto overhead (in bytes)
void test_crypto(struct crypto_options *co, struct frame *frame)
static const char unprintable_char_fmt[]
int key_des_num_cblocks(const cipher_kt_t *kt)
Return number of DES cblocks (1 cblock = length of a single-DES key) for the current key type or 0 if...
unsigned int flags
Bit-flags determining behavior of security operation functions.
Key ordering of the key2.keys array.
static uint8_t * buf_write_alloc(struct buffer *buf, size_t size)
struct key keys[2]
Two unidirectional sets of key material.
void init_key_ctx(struct key_ctx *ctx, const struct key *key, const struct key_type *kt, int enc, const char *prefix)
void prng_init(const char *md_name, const int nonce_secret_len_parm)
Pseudo-random number generator initialisation.
struct packet_id_persist * pid_persist
Persistent packet ID state for keeping state between successive OpenVPN process startups.
static void secure_memzero(void *data, size_t len)
Securely zeroise memory.
static bool key_is_zero(struct key *key, const struct key_type *kt)
static bool buf_advance(struct buffer *buf, int size)
Packet geometry parameters.
#define OPENVPN_MAX_IV_LENGTH
Maximum length of an IV.
bool cipher_kt_mode_ofb_cfb(const cipher_kt_t *cipher)
Check if the supplied cipher is a supported OFB or CFB mode cipher.
void fixup_key(struct key *key, const struct key_type *kt)
int cipher_ctx_final(cipher_ctx_t *ctx, uint8_t *dst, int *dst_len)
Pads the final cipher block using PKCS padding, and output to the destination buffer.
static void gc_free(struct gc_arena *a)
void init_key_type(struct key_type *kt, const char *ciphername, const char *authname, bool tls_mode, bool warn)
Initialize a key_type structure with.
bool write_key(const struct key *key, const struct key_type *kt, struct buffer *buf)
static void frame_add_to_extra_frame(struct frame *frame, const unsigned int increment)
const char * openvpn_name
Cipher name used by OpenVPN.
int n
The number of key objects stored in the key2.keys array.
#define OPENVPN_MAX_CIPHER_BLOCK_SIZE
int out_key
Index into the key2.keys array for the sending direction.
#define OPENVPN_MAX_HMAC_SIZE
bool buf_printf(struct buffer *buf, const char *format,...)
int cipher_ctx_reset(cipher_ctx_t *ctx, const uint8_t *iv_buf)
Resets the given cipher context, setting the IV to the specified value.
static char * format_hex(const uint8_t *data, int size, int maxoutput, struct gc_arena *gc)
static int nonce_secret_len
int cipher_kt_iv_size(const cipher_kt_t *cipher_kt)
Returns the size of the IV used by the cipher, in bytes, or 0 if no IV is used.
static void prng_reset_nonce(void)
bool cipher_kt_insecure(const cipher_kt_t *cipher)
Returns true if we consider this cipher to be insecure.
int cipher_kt_tag_size(const cipher_kt_t *cipher_kt)
Returns the MAC tag size of the cipher, in bytes.
static void buf_set_read(struct buffer *buf, const uint8_t *data, size_t size)
static bool cipher_kt_var_key_size(const cipher_kt_t *cipher)
#define MAX_CIPHER_KEY_LENGTH
static const md_kt_t * nonce_md
bool packet_id_read(struct packet_id_net *pin, struct buffer *buf, bool long_form)
struct buffer buffer_read_from_file(const char *filename, struct gc_arena *gc)
buffer_read_from_file - copy the content of a file into a buffer
bool buffer_write_file(const char *filename, const struct buffer *buf)
Write buffer contents to file.
bool check_key(struct key *key, const struct key_type *kt)
bool generate_ephemeral_key(struct buffer *key, const char *key_name)
Generate ephermal key material into the key structure.
static bool check_debug_level(unsigned int level)
int cipher_ctx_get_tag(cipher_ctx_t *ctx, uint8_t *tag, int tag_len)
Gets the computed message authenticated code (MAC) tag for this cipher.
static bool packet_id_initialized(const struct packet_id *pid)
Is this struct packet_id initialized?
bool key_des_check(uint8_t *key, int key_len, int ndc)
void hmac_ctx_cleanup(hmac_ctx_t *ctx)
uint8_t hmac[MAX_HMAC_KEY_LENGTH]
Key material for HMAC operations.
static bool buf_read(struct buffer *src, void *dest, int size)
static const char static_key_head[]
#define FRAME_HEADROOM_ADJ(f, fm)
int offset
Offset in bytes of the actual content within the allocated memory.
void check_replay_consistency(const struct key_type *kt, bool packet_id)
#define OPENVPN_AEAD_MIN_IV_LEN
Minimal IV length for AEAD mode ciphers (in bytes): 4-byte packet id + 8 bytes implicit IV...
int capacity
Size in bytes of memory allocated by malloc().
int len
Length in bytes of the actual content within the allocated memory.
void print_cipher(const cipher_kt_t *cipher)
Print a cipher list entry.
int cipher_ctx_iv_length(const cipher_ctx_t *ctx)
Returns the size of the IV used by the cipher, in bytes, or 0 if no IV is used.
void packet_id_add(struct packet_id_rec *p, const struct packet_id_net *pin)
void must_have_n_keys(const char *filename, const char *option, const struct key2 *key2, int n)
bool packet_id_write(struct packet_id_send *p, struct buffer *buf, bool long_form, bool prepend)
Write a packet ID to buf, and update the packet ID state.
const char * packet_id_net_print(const struct packet_id_net *pin, bool print_timestamp, struct gc_arena *gc)
#define PRNG_NONCE_RESET_BYTES
Number of bytes of random to allow before resetting the nonce.
void cipher_ctx_free(cipher_ctx_t *ctx)
Cleanup and free a cipher context.
const cipher_name_pair cipher_name_translation_table[]
Cipher name translation table.
#define KEY_DIRECTION_NORMAL
void crypto_clear_error(void)
bool openvpn_snprintf(char *str, size_t size, const char *format,...)
static uint8_t * buf_prepend(struct buffer *buf, int size)
bool crypto_pem_encode(const char *name, struct buffer *dst, const struct buffer *src, struct gc_arena *gc)
Encode binary data as PEM.
#define OPENVPN_MODE_CBC
Cipher is in CBC mode.
int rand_bytes(uint8_t *output, int len)
Wrapper for secure random number generator.
static void packet_id_reap_test(struct packet_id_rec *p)
static const char * np(const char *str)
#define KEY_DIRECTION_BIDIRECTIONAL
static struct gc_arena gc_new(void)
int memcmp_constant_time(const void *a, const void *b, size_t size)
As memcmp(), but constant-time.
bool packet_id_test(struct packet_id_rec *p, const struct packet_id_net *pin)
int cipher_ctx_final_check_tag(cipher_ctx_t *ctx, uint8_t *dst, int *dst_len, uint8_t *tag, size_t tag_len)
Like cipher_ctx_final, but check the computed authentication tag against the supplied (expected) tag...
void prng_bytes(uint8_t *output, int len)
int cipher_ctx_update_ad(cipher_ctx_t *ctx, const uint8_t *src, int src_len)
Updates the given cipher context, providing additional data (AD) for authenticated encryption with ad...
const char * print_key_filename(const char *str, bool is_inline)
To be used when printing a string that may contain inline data.
uint8_t cipher_length
Cipher length, in bytes.
void hmac_ctx_update(hmac_ctx_t *ctx, const uint8_t *src, int src_len)
#define FRAME_HEADROOM(f)
void read_key_file(struct key2 *key2, const char *file, const unsigned int flags)
static void gc_init(struct gc_arena *a)
#define KEY_DIRECTION_INVERSE
bool read_pem_key_file(struct buffer *key, const char *pem_name, const char *key_file, bool key_inline)
Read key material from a PEM encoded files into the key structure.
static uint8_t * nonce_data
cipher_ctx_t * cipher
Generic cipher context.
void write_pem_key_file(const char *filename, const char *pem_name)
Generate a server key with enough randomness to fill a key struct and write to file.
mbedtls_md_info_t md_kt_t
Generic message digest key type context.
static void openvpn_encrypt_aead(struct buffer *buf, struct buffer work, struct crypto_options *opt)
int in_key
Index into the key2.keys array for the receiving direction.
#define NONCE_SECRET_LEN_MIN
Container for one set of cipher and/or HMAC contexts.
mbedtls_cipher_info_t cipher_kt_t
Generic cipher key type context.
struct key_ctx encrypt
Cipher and/or HMAC contexts for sending direction.
const char * keydirection2ascii(int kd, bool remote, bool humanreadable)
void init_key_ctx_bi(struct key_ctx_bi *ctx, const struct key2 *key2, int key_direction, const struct key_type *kt, const char *name)
static const char printable_char_fmt[]
const char * md_kt_name(const md_kt_t *kt)
Retrieve a string describing the digest digest (e.g.
int hmac_ctx_size(const hmac_ctx_t *ctx)
void buf_clear(struct buffer *buf)
void key_des_fixup(uint8_t *key, int key_len, int ndc)
void crypto_adjust_frame_parameters(struct frame *frame, const struct key_type *kt, bool packet_id, bool packet_id_long_form)
Calculate crypto overhead and adjust frame to account for that.
const md_kt_t * md_kt_get(const char *digest)
Return message digest parameters, based on the given digest name.
hmac_ctx_t * hmac
Generic HMAC context.
const char * lib_name
Cipher name used by crypto library.
char * format_hex_ex(const uint8_t *data, int size, int maxoutput, unsigned int space_break_flags, const char *separator, struct gc_arena *gc)
static bool openvpn_decrypt_v1(struct buffer *buf, struct buffer work, struct crypto_options *opt, const struct frame *frame)
int ascii2keydirection(int msglevel, const char *str)
void free_key_ctx_bi(struct key_ctx_bi *ctx)
#define CO_IGNORE_PACKET_ID
Bit-flag indicating whether to ignore the packet ID of a received packet.
static void warn_insecure_key_type(const char *ciphername, const cipher_kt_t *cipher)
int cipher_ctx_update(cipher_ctx_t *ctx, uint8_t *dst, int *dst_len, uint8_t *src, int src_len)
Updates the given cipher context, encrypting data in the source buffer, and placing any complete bloc...
void key_direction_state_init(struct key_direction_state *kds, int key_direction)
struct packet_id_send send
uint8_t * data
Pointer to the allocated memory.
#define ENABLE_OFB_CFB_MODE
int cipher_kt_key_size(const cipher_kt_t *cipher_kt)
Returns the size of keys used by the cipher, in bytes.
struct key_ctx decrypt
cipher and/or HMAC contexts for receiving direction.
#define MAX_HMAC_KEY_LENGTH
void openvpn_encrypt(struct buffer *buf, struct buffer work, struct crypto_options *opt)
Encrypt and HMAC sign a packet so that it can be sent as a data channel VPN tunnel packet to a remote...
Container for bidirectional cipher and HMAC key material.
#define NONCE_SECRET_LEN_MAX
cipher_ctx_t * cipher_ctx_new(void)
Generic cipher functions.
int need_keys
The number of key objects necessary to support both sending and receiving.
unsigned char md_kt_size(const md_kt_t *kt)
Returns the size of the message digest, in bytes.
int cipher_ctx_block_size(const cipher_ctx_t *ctx)
Returns the block size of the cipher, in bytes.
bool openvpn_decrypt(struct buffer *buf, struct buffer work, struct crypto_options *opt, const struct frame *frame, const uint8_t *ad_start)
HMAC verify and decrypt a data channel packet received from a remote OpenVPN peer.
static int max_int(int x, int y)
#define D_SHOW_KEY_SOURCE
static bool buf_inc_len(struct buffer *buf, int inc)
const size_t cipher_name_translation_table_count
static void check_malloc_return(const void *p)
const md_kt_t * digest
Message digest static parameters.
struct key_ctx_bi key_ctx_bi
OpenSSL cipher and HMAC contexts for both sending and receiving directions.
#define FRAME_HEADROOM_MARKER_DECRYPT
#define CO_MUTE_REPLAY_WARNINGS
Bit-flag indicating not to display replay warnings.
static const char static_key_foot[]
static bool buf_safe(const struct buffer *buf, size_t len)
Struct used in cipher name translation table.
int write_key_file(const int nkeys, const char *filename)
Write nkeys 1024-bits keys to file.
Wrapper structure for dynamically allocated memory.
const char * translate_cipher_name_to_openvpn(const char *cipher_name)
Translate a crypto library cipher name to an OpenVPN cipher name.
#define buf_init(buf, offset)
#define OPENVPN_OP_ENCRYPT
Cipher should encrypt.
static bool buf_write_prepend(struct buffer *dest, const void *src, int size)
int cipher_kt_mode(const cipher_kt_t *cipher_kt)
Returns the mode that the cipher runs in.
#define OPENVPN_OP_DECRYPT
Cipher should decrypt.
int cipher_kt_block_size(const cipher_kt_t *cipher_kt)
Returns the block size of the cipher, in bytes.
void cipher_ctx_init(cipher_ctx_t *ctx, const uint8_t *key, int key_len, const cipher_kt_t *kt, int enc)
Initialise a cipher context, based on the given key and key type.
const char * translate_cipher_name_from_openvpn(const char *cipher_name)
Translate a data channel cipher name from the crypto library specific name to the OpenVPN config file...
struct buffer alloc_buf_gc(size_t size, struct gc_arena *gc)
static int min_int(int x, int y)
void generate_key_random(struct key *key, const struct key_type *kt)
void key2_print(const struct key2 *k, const struct key_type *kt, const char *prefix0, const char *prefix1)
Garbage collection arena used to keep track of dynamically allocated memory.
static void packet_id_persist_save_obj(struct packet_id_persist *p, const struct packet_id *pid)
static bool buf_write(struct buffer *dest, const void *src, size_t size)
static struct buffer clear_buf(void)
Return an empty struct buffer.
void crypto_read_openvpn_key(const struct key_type *key_type, struct key_ctx_bi *ctx, const char *key_file, bool key_inline, const int key_direction, const char *key_name, const char *opt_name)
uint8_t cipher[MAX_CIPHER_KEY_LENGTH]
Key material for cipher operations.
#define OPENVPN_AEAD_TAG_LENGTH
uint8_t implicit_iv[OPENVPN_MAX_IV_LENGTH]
The implicit part of the IV.
void hmac_ctx_init(hmac_ctx_t *ctx, const uint8_t *key, int key_length, const md_kt_t *kt)
hmac_ctx_t * hmac_ctx_new(void)
static bool buf_valid(const struct buffer *buf)
long int get_random(void)
static void openvpn_encrypt_v1(struct buffer *buf, struct buffer work, struct crypto_options *opt)
static void buf_set_write(struct buffer *buf, uint8_t *data, int size)
void hmac_ctx_final(hmac_ctx_t *ctx, uint8_t *dst)
const cipher_kt_t * cipher
Cipher static parameters.
static void update_time(void)
void verify_fix_key2(struct key2 *key2, const struct key_type *kt, const char *shared_secret_file)
void hmac_ctx_free(hmac_ctx_t *ctx)
static int packet_id_size(bool long_form)
const cipher_kt_t * cipher_kt_get(const char *ciphername)
Return cipher parameters, based on the given cipher name.
void hmac_ctx_reset(hmac_ctx_t *ctx)
const char * cipher_kt_name(const cipher_kt_t *cipher_kt)
Retrieve a string describing the cipher (e.g.
bool crypto_check_replay(struct crypto_options *opt, const struct packet_id_net *pin, const char *error_prefix, struct gc_arena *gc)
Check packet ID for replay, and perform replay administration.
Container for two sets of OpenSSL cipher and/or HMAC contexts for both sending and receiving directio...
Container for unidirectional cipher and HMAC key material.
bool cipher_kt_mode_cbc(const cipher_kt_t *cipher)
Check if the supplied cipher is a supported CBC mode cipher.
static bool openvpn_decrypt_aead(struct buffer *buf, struct buffer work, struct crypto_options *opt, const struct frame *frame, const uint8_t *ad_start)
Unwrap (authenticate, decrypt and check replay protection) AEAD-mode data channel packets...
