OpenVPN
|
#include "buffer.h"
#include <openssl/rsa.h>
#include <openssl/ssl.h>
#include <openssl/x509.h>
#include <openssl/err.h>
Go to the source code of this file.
Macros | |
#define | SSL_CTX_set1_groups SSL_CTX_set1_curves |
#define | EVP_CTRL_AEAD_SET_TAG EVP_CTRL_GCM_SET_TAG |
#define | EVP_CTRL_AEAD_GET_TAG EVP_CTRL_GCM_GET_TAG |
#define | RSA_F_RSA_OSSL_PRIVATE_ENCRYPT RSA_F_RSA_EAY_PRIVATE_ENCRYPT |
#define | SSL_get_peer_tmp_key SSL_get_server_tmp_key |
#define | EVP_CIPHER_CTX_reset EVP_CIPHER_CTX_init |
#define | X509_get0_notBefore X509_get_notBefore |
#define | X509_get0_notAfter X509_get_notAfter |
#define | OPENSSL_VERSION SSLEAY_VERSION |
#define | OpenSSL_version SSLeay_version |
#define | EVP_MD_get0_name EVP_MD_name |
#define | EVP_CIPHER_get0_name EVP_CIPHER_name |
#define | EVP_CIPHER_CTX_get_mode EVP_CIPHER_CTX_mode |
#define | SSL_CTX_new_ex(libctx, propq, method) SSL_CTX_new((method)) |
Reduce SSL_CTX_new_ex() to SSL_CTX_new() for OpenSSL < 3. More... | |
Typedefs | |
typedef void | OSSL_LIB_CTX |
typedef void | OSSL_PROVIDER |
Functions | |
static void | X509_OBJECT_free (X509_OBJECT *obj) |
Destroy a X509 object. More... | |
static int | EVP_MD_CTX_reset (EVP_MD_CTX *ctx) |
Reset a message digest context. More... | |
static void | EVP_MD_CTX_free (EVP_MD_CTX *ctx) |
Free an existing message digest context. More... | |
static EVP_MD_CTX * | EVP_MD_CTX_new (void) |
Allocate a new message digest object. More... | |
static int | HMAC_CTX_reset (HMAC_CTX *ctx) |
Reset a HMAC context. More... | |
static void | HMAC_CTX_free (HMAC_CTX *ctx) |
Cleanup and free an existing HMAC context. More... | |
static HMAC_CTX * | HMAC_CTX_new (void) |
Allocate a new HMAC context object. More... | |
static void * | SSL_CTX_get_default_passwd_cb_userdata (SSL_CTX *ctx) |
Fetch the default password callback user data from the SSL context. More... | |
static pem_password_cb * | SSL_CTX_get_default_passwd_cb (SSL_CTX *ctx) |
Fetch the default password callback from the SSL context. More... | |
static EVP_PKEY * | X509_get0_pubkey (const X509 *x) |
Get the public key from a X509 certificate. More... | |
static | STACK_OF (X509_OBJECT) *X509_STORE_get0_objects(X509_STORE *store) |
Fetch the X509 object stack from the X509 store. More... | |
static int | X509_OBJECT_get_type (const X509_OBJECT *obj) |
Get the type of an X509 object. More... | |
static RSA * | EVP_PKEY_get0_RSA (EVP_PKEY *pkey) |
Get the RSA object of a public key. More... | |
static EC_KEY * | EVP_PKEY_get0_EC_KEY (EVP_PKEY *pkey) |
Get the EC_KEY object of a public key. More... | |
static DSA * | EVP_PKEY_get0_DSA (EVP_PKEY *pkey) |
Get the DSA object of a public key. More... | |
static void | RSA_set_flags (RSA *rsa, int flags) |
Set the RSA flags. More... | |
static void | RSA_get0_key (const RSA *rsa, const BIGNUM **n, const BIGNUM **e, const BIGNUM **d) |
Get the RSA parameters. More... | |
static int | RSA_set0_key (RSA *rsa, BIGNUM *n, BIGNUM *e, BIGNUM *d) |
Set the RSA parameters. More... | |
static int | RSA_bits (const RSA *rsa) |
Number of significant RSA bits. More... | |
static void | DSA_get0_pqg (const DSA *dsa, const BIGNUM **p, const BIGNUM **q, const BIGNUM **g) |
Get the DSA parameters. More... | |
static int | DSA_bits (const DSA *dsa) |
Number of significant DSA bits. More... | |
static RSA_METHOD * | RSA_meth_new (const char *name, int flags) |
Allocate a new RSA method object. More... | |
static void | RSA_meth_free (RSA_METHOD *meth) |
Free an existing RSA_METHOD object. More... | |
static int | RSA_meth_set_pub_enc (RSA_METHOD *meth, int(*pub_enc)(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding)) |
Set the public encoding function of an RSA_METHOD object. More... | |
static int | RSA_meth_set_pub_dec (RSA_METHOD *meth, int(*pub_dec)(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding)) |
Set the public decoding function of an RSA_METHOD object. More... | |
static int | RSA_meth_set_priv_enc (RSA_METHOD *meth, int(*priv_enc)(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding)) |
Set the private encoding function of an RSA_METHOD object. More... | |
static int | RSA_meth_set_priv_dec (RSA_METHOD *meth, int(*priv_dec)(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding)) |
Set the private decoding function of an RSA_METHOD object. More... | |
static int | RSA_meth_set_init (RSA_METHOD *meth, int(*init)(RSA *rsa)) |
Set the init function of an RSA_METHOD object. More... | |
static int | RSA_meth_set_sign (RSA_METHOD *meth, int(*sign)(int type, const unsigned char *m, unsigned int m_length, unsigned char *sigret, unsigned int *siglen, const RSA *rsa)) |
Set the sign function of an RSA_METHOD object. More... | |
static int | RSA_meth_set_finish (RSA_METHOD *meth, int(*finish)(RSA *rsa)) |
Set the finish function of an RSA_METHOD object. More... | |
static int | RSA_meth_set0_app_data (RSA_METHOD *meth, void *app_data) |
Set the application data of an RSA_METHOD object. More... | |
static void * | RSA_meth_get0_app_data (const RSA_METHOD *meth) |
Get the application data of an RSA_METHOD object. More... | |
static int | EC_GROUP_order_bits (const EC_GROUP *group) |
Gets the number of bits of the order of an EC_GROUP. More... | |
static int | SSL_CTX_get_min_proto_version (SSL_CTX *ctx) |
Return the min SSL protocol version currently enabled in the context. More... | |
static int | SSL_CTX_get_max_proto_version (SSL_CTX *ctx) |
Return the max SSL protocol version currently enabled in the context. More... | |
static int | SSL_CTX_set_min_proto_version (SSL_CTX *ctx, long tls_ver_min) |
Mimics SSL_CTX_set_min_proto_version for OpenSSL < 1.1. More... | |
static int | SSL_CTX_set_max_proto_version (SSL_CTX *ctx, long tls_ver_max) |
Mimics SSL_CTX_set_max_proto_version for OpenSSL < 1.1. More... | |
static int | EVP_PKEY_get_group_name (EVP_PKEY *pkey, char *gname, size_t gname_sz, size_t *gname_len) |
static const EVP_CIPHER * | EVP_CIPHER_fetch (void *ctx, const char *algorithm, const char *properties) |
static const EVP_MD * | EVP_MD_fetch (void *ctx, const char *algorithm, const char *properties) |
static void | EVP_CIPHER_free (const EVP_CIPHER *cipher) |
static void | EVP_MD_free (const EVP_MD *md) |
static unsigned long | ERR_get_error_all (const char **file, int *line, const char **func, const char **data, int *flags) |
#define EVP_CIPHER_CTX_get_mode EVP_CIPHER_CTX_mode |
Definition at line 767 of file openssl_compat.h.
#define EVP_CIPHER_CTX_reset EVP_CIPHER_CTX_init |
Definition at line 121 of file openssl_compat.h.
#define EVP_CIPHER_get0_name EVP_CIPHER_name |
Definition at line 766 of file openssl_compat.h.
#define EVP_CTRL_AEAD_GET_TAG EVP_CTRL_GCM_GET_TAG |
Definition at line 71 of file openssl_compat.h.
#define EVP_CTRL_AEAD_SET_TAG EVP_CTRL_GCM_SET_TAG |
Definition at line 70 of file openssl_compat.h.
#define EVP_MD_get0_name EVP_MD_name |
Definition at line 765 of file openssl_compat.h.
#define OPENSSL_VERSION SSLEAY_VERSION |
Definition at line 627 of file openssl_compat.h.
#define OpenSSL_version SSLeay_version |
Definition at line 628 of file openssl_compat.h.
#define RSA_F_RSA_OSSL_PRIVATE_ENCRYPT RSA_F_RSA_EAY_PRIVATE_ENCRYPT |
Definition at line 75 of file openssl_compat.h.
#define SSL_CTX_new_ex | ( | libctx, | |
propq, | |||
method | |||
) | SSL_CTX_new((method)) |
Reduce SSL_CTX_new_ex() to SSL_CTX_new() for OpenSSL < 3.
Definition at line 770 of file openssl_compat.h.
#define SSL_CTX_set1_groups SSL_CTX_set1_curves |
Definition at line 50 of file openssl_compat.h.
#define SSL_get_peer_tmp_key SSL_get_server_tmp_key |
Definition at line 79 of file openssl_compat.h.
#define X509_get0_notAfter X509_get_notAfter |
Definition at line 123 of file openssl_compat.h.
#define X509_get0_notBefore X509_get_notBefore |
Definition at line 122 of file openssl_compat.h.
typedef void OSSL_LIB_CTX |
Definition at line 774 of file openssl_compat.h.
typedef void OSSL_PROVIDER |
Definition at line 775 of file openssl_compat.h.
|
inlinestatic |
Number of significant DSA bits.
rsa | The DSA object ; shall not be NULL |
Definition at line 396 of file openssl_compat.h.
References DSA_get0_pqg().
|
inlinestatic |
Get the DSA parameters.
dsa | The DSA object |
p | The p parameter |
q | The q parameter |
g | The g parameter |
Definition at line 372 of file openssl_compat.h.
Referenced by DSA_bits().
|
inlinestatic |
Gets the number of bits of the order of an EC_GROUP.
group | EC_GROUP object |
Definition at line 617 of file openssl_compat.h.
|
inlinestatic |
Definition at line 808 of file openssl_compat.h.
Referenced by crypto_print_openssl_errors().
|
inlinestatic |
Definition at line 780 of file openssl_compat.h.
References ASSERT.
Referenced by cipher_get(), and cipher_kt_block_size().
|
inlinestatic |
Definition at line 796 of file openssl_compat.h.
Referenced by cipher_ctx_init(), cipher_kt_block_size(), cipher_kt_insecure(), cipher_kt_iv_size(), cipher_kt_key_size(), cipher_kt_mode_aead(), cipher_kt_mode_cbc(), cipher_kt_mode_ofb_cfb(), cipher_kt_name(), and cipher_valid_reason().
|
inlinestatic |
Free an existing message digest context.
ctx | The message digest context |
Definition at line 103 of file openssl_compat.h.
Referenced by md_ctx_free(), and tls1_P_hash().
|
inlinestatic |
Allocate a new message digest object.
Definition at line 114 of file openssl_compat.h.
References ALLOC_OBJ_CLEAR.
Referenced by md_ctx_new().
|
inlinestatic |
Reset a message digest context.
ctx | The message digest context |
Definition at line 91 of file openssl_compat.h.
Referenced by md_ctx_cleanup().
|
inlinestatic |
Definition at line 788 of file openssl_compat.h.
References ASSERT.
Referenced by md_get(), and md_valid().
|
inlinestatic |
Definition at line 802 of file openssl_compat.h.
Referenced by md_ctx_init(), md_full(), md_kt_name(), md_kt_size(), and md_valid().
|
inlinestatic |
Get the DSA object of a public key.
pkey | Public key object |
Definition at line 266 of file openssl_compat.h.
|
inlinestatic |
Get the EC_KEY object of a public key.
pkey | Public key object |
Definition at line 253 of file openssl_compat.h.
Referenced by EVP_PKEY_get_group_name().
|
inlinestatic |
Get the RSA object of a public key.
pkey | Public key object |
Definition at line 241 of file openssl_compat.h.
Referenced by tls_ctx_use_external_rsa_key().
|
inlinestatic |
Definition at line 735 of file openssl_compat.h.
References EVP_PKEY_get0_EC_KEY(), and strncpynt().
Referenced by print_pkey_details().
|
inlinestatic |
Cleanup and free an existing HMAC context.
ctx | The HMAC context |
Definition at line 154 of file openssl_compat.h.
Referenced by hmac_ctx_free().
|
inlinestatic |
Allocate a new HMAC context object.
Definition at line 166 of file openssl_compat.h.
References ALLOC_OBJ_CLEAR.
Referenced by hmac_ctx_new().
|
inlinestatic |
Reset a HMAC context.
OpenSSL 1.1+ removes APIs HMAC_CTX_init() and HMAC_CTX_cleanup() and replace them with a single call that does a cleanup followed by an init. A proper _reset() for OpenSSL < 1.1 should perform a similar set of operations.
It means that before we kill a HMAC context, we'll have to cleanup again, as we probably have allocated a few resources when we forced an init.
ctx | The HMAC context |
Definition at line 141 of file openssl_compat.h.
Referenced by hmac_ctx_cleanup(), and hmac_ctx_init().
|
inlinestatic |
Number of significant RSA bits.
rsa | The RSA object ; shall not be NULL |
Definition at line 356 of file openssl_compat.h.
References RSA_get0_key().
|
inlinestatic |
Get the RSA parameters.
rsa | The RSA object |
n | The n parameter |
e | The e parameter |
d | The d parameter |
Definition at line 295 of file openssl_compat.h.
Referenced by RSA_bits(), and tls_ctx_use_external_rsa_key().
|
inlinestatic |
Free an existing RSA_METHOD object.
meth | The RSA_METHOD object |
Definition at line 426 of file openssl_compat.h.
Referenced by openvpn_extkey_rsa_finish(), and tls_ctx_use_external_rsa_key().
|
inlinestatic |
Get the application data of an RSA_METHOD object.
meth | The RSA_METHOD object |
Definition at line 605 of file openssl_compat.h.
|
inlinestatic |
Allocate a new RSA method object.
name | The object name |
flags | Configuration flags |
Definition at line 411 of file openssl_compat.h.
References ALLOC_OBJ_CLEAR, and string_alloc().
Referenced by tls_ctx_use_external_rsa_key().
|
inlinestatic |
Set the application data of an RSA_METHOD object.
meth | The RSA_METHOD object |
app_data | Application data |
Definition at line 588 of file openssl_compat.h.
Referenced by tls_ctx_use_external_rsa_key().
|
inlinestatic |
Set the finish function of an RSA_METHOD object.
meth | The RSA_METHOD object |
finish | the finish function |
Definition at line 570 of file openssl_compat.h.
Referenced by tls_ctx_use_external_rsa_key().
|
inlinestatic |
Set the init function of an RSA_METHOD object.
meth | The RSA_METHOD object |
init | the init function |
Definition at line 533 of file openssl_compat.h.
References init().
Referenced by tls_ctx_use_external_rsa_key().
|
inlinestatic |
Set the private decoding function of an RSA_METHOD object.
meth | The RSA_METHOD object |
priv_dec | the private decoding function |
Definition at line 512 of file openssl_compat.h.
Referenced by tls_ctx_use_external_rsa_key().
|
inlinestatic |
Set the private encoding function of an RSA_METHOD object.
meth | The RSA_METHOD object |
priv_enc | the private encoding function |
Definition at line 491 of file openssl_compat.h.
Referenced by tls_ctx_use_external_rsa_key().
|
inlinestatic |
Set the public decoding function of an RSA_METHOD object.
meth | The RSA_METHOD object |
pub_dec | the public decoding function |
Definition at line 470 of file openssl_compat.h.
Referenced by tls_ctx_use_external_rsa_key().
|
inlinestatic |
Set the public encoding function of an RSA_METHOD object.
meth | The RSA_METHOD object |
pub_enc | the public encoding function |
Definition at line 449 of file openssl_compat.h.
Referenced by tls_ctx_use_external_rsa_key().
|
inlinestatic |
Set the sign function of an RSA_METHOD object.
meth | The RSA_METHOD object |
sign | The sign function |
Definition at line 552 of file openssl_compat.h.
|
inlinestatic |
Set the RSA parameters.
rsa | The RSA object |
n | The n parameter |
e | The e parameter |
d | The d parameter |
Definition at line 322 of file openssl_compat.h.
Referenced by tls_ctx_use_external_rsa_key().
|
inlinestatic |
Set the RSA flags.
rsa | The RSA object |
flags | New flags value |
Definition at line 278 of file openssl_compat.h.
Referenced by tls_ctx_use_external_rsa_key().
|
inlinestatic |
Fetch the default password callback from the SSL context.
ctx | SSL context |
Definition at line 192 of file openssl_compat.h.
Referenced by tls_ctx_load_cert_file(), and tls_ctx_load_priv_file().
|
inlinestatic |
Fetch the default password callback user data from the SSL context.
ctx | SSL context |
Definition at line 180 of file openssl_compat.h.
Referenced by tls_ctx_load_cert_file(), and tls_ctx_load_priv_file().
|
inlinestatic |
Return the max SSL protocol version currently enabled in the context.
If no valid version >= TLS1.0 is found, return 0.
Definition at line 654 of file openssl_compat.h.
|
inlinestatic |
Return the min SSL protocol version currently enabled in the context.
If no valid version >= TLS1.0 is found, return 0.
Definition at line 633 of file openssl_compat.h.
Referenced by tls_ctx_set_tls_versions().
|
inlinestatic |
Mimics SSL_CTX_set_max_proto_version for OpenSSL < 1.1.
Definition at line 701 of file openssl_compat.h.
Referenced by show_available_tls_ciphers_list(), and tls_ctx_set_tls_versions().
|
inlinestatic |
Mimics SSL_CTX_set_min_proto_version for OpenSSL < 1.1.
Definition at line 674 of file openssl_compat.h.
Referenced by show_available_tls_ciphers_list(), and tls_ctx_set_tls_versions().
|
inlinestatic |
Fetch the X509 object stack from the X509 store.
store | X509 object store |
Definition at line 216 of file openssl_compat.h.
Referenced by backend_tls_ctx_reload_crl(), show_available_tls_ciphers_list(), tls_ctx_load_ca(), tls_ctx_load_pkcs12(), and tls_verify_crl_missing().
|
inlinestatic |
Get the public key from a X509 certificate.
x | X509 certificate |
Definition at line 204 of file openssl_compat.h.
Referenced by test_tls_ctx_use_pkcs11(), and tls_ctx_use_management_external_key().
|
inlinestatic |
Destroy a X509 object.
obj | X509 object |
Definition at line 61 of file openssl_compat.h.
Referenced by backend_tls_ctx_reload_crl().
|
inlinestatic |
Get the type of an X509 object.
obj | X509 object |
Definition at line 229 of file openssl_compat.h.
Referenced by backend_tls_ctx_reload_crl(), and tls_verify_crl_missing().