2 * OpenVPN -- An application to securely tunnel IP networks
3 * over a single TCP/UDP port, with support for SSL/TLS-based
4 * session authentication and key exchange,
5 * packet encryption, packet authentication, and
8 * Copyright (C) 2002-2005 OpenVPN Solutions LLC <info@openvpn.net>
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License version 2
12 * as published by the Free Software Foundation.
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
19 * You should have received a copy of the GNU General Public License
20 * along with this program (see the file COPYING included with this
21 * distribution); if not, write to the Free Software Foundation, Inc.,
22 * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
30 * Does our OpenSSL library support crypto hardware acceleration?
32 #if defined(HAVE_OPENSSL_ENGINE_H) && defined(HAVE_ENGINE_LOAD_BUILTIN_ENGINES) && defined(HAVE_ENGINE_REGISTER_ALL_COMPLETE) && defined(HAVE_ENGINE_CLEANUP)
33 #define CRYPTO_ENGINE 1
35 #define CRYPTO_ENGINE 0
38 #include <openssl/objects.h>
39 #include <openssl/rand.h>
40 #include <openssl/evp.h>
41 #include <openssl/hmac.h>
42 #include <openssl/des.h>
43 #include <openssl/md5.h>
45 #include <openssl/md4.h>
47 #include <openssl/sha.h>
48 #include <openssl/err.h>
51 #include <openssl/engine.h>
54 #if SSLEAY_VERSION_NUMBER >= 0x00907000L
55 #include <openssl/des_old.h>
60 #include "packet_id.h"
64 * Workarounds for incompatibilites between OpenSSL libraries.
65 * Right now we accept OpenSSL libraries from 0.9.5 to 0.9.7.
68 #if SSLEAY_VERSION_NUMBER < 0x00907000L
70 /* Workaround: EVP_CIPHER_mode is defined wrong in OpenSSL 0.9.6 but is fixed in 0.9.7 */
71 #undef EVP_CIPHER_mode
72 #define EVP_CIPHER_mode(e) (((e)->flags) & EVP_CIPH_MODE)
74 #define DES_cblock des_cblock
75 #define DES_is_weak_key des_is_weak_key
76 #define DES_check_key_parity des_check_key_parity
77 #define DES_set_odd_parity des_set_odd_parity
79 #define HMAC_CTX_init(ctx) CLEAR (*ctx)
80 #define HMAC_Init_ex(ctx,sec,len,md,impl) HMAC_Init(ctx, sec, len, md)
81 #define HMAC_CTX_cleanup(ctx) HMAC_cleanup(ctx)
82 #define EVP_MD_CTX_cleanup(md) CLEAR (*md)
84 #define INFO_CALLBACK_SSL_CONST
88 #ifndef INFO_CALLBACK_SSL_CONST
89 #define INFO_CALLBACK_SSL_CONST const
92 #if SSLEAY_VERSION_NUMBER < 0x00906000
94 #undef EVP_CIPHER_mode
95 #define EVP_CIPHER_mode(x) 1
96 #define EVP_CIPHER_CTX_mode(x) 1
97 #define EVP_CIPHER_flags(x) 0
99 #define EVP_CIPH_CBC_MODE 1
100 #define EVP_CIPH_CFB_MODE 0
101 #define EVP_CIPH_OFB_MODE 0
102 #define EVP_CIPH_VARIABLE_LENGTH 0
104 #define OPENSSL_malloc(x) malloc(x)
105 #define OPENSSL_free(x) free(x)
108 EVP_CipherInit_ov (EVP_CIPHER_CTX
*ctx
, const EVP_CIPHER
*type
, uint8_t *key
, uint8_t *iv
, int enc
)
110 EVP_CipherInit (ctx
, type
, key
, iv
, enc
);
115 EVP_CipherUpdate_ov (EVP_CIPHER_CTX
*ctx
, uint8_t *out
, int *outl
, uint8_t *in
, int inl
)
117 EVP_CipherUpdate (ctx
, out
, outl
, in
, inl
);
122 cipher_ok (const char* name
)
124 const int i
= strlen (name
) - 4;
126 return !strcmp (name
+ i
, "-CBC");
134 EVP_CipherInit_ov (EVP_CIPHER_CTX
*ctx
, const EVP_CIPHER
*type
, uint8_t *key
, uint8_t *iv
, int enc
)
136 return EVP_CipherInit (ctx
, type
, key
, iv
, enc
);
140 EVP_CipherUpdate_ov (EVP_CIPHER_CTX
*ctx
, uint8_t *out
, int *outl
, uint8_t *in
, int inl
)
142 return EVP_CipherUpdate (ctx
, out
, outl
, in
, inl
);
146 cipher_ok (const char* name
)
153 #if SSLEAY_VERSION_NUMBER < 0x0090581f
154 #undef DES_check_key_parity
155 #define DES_check_key_parity(x) 1
158 #ifndef EVP_CIPHER_name
159 #define EVP_CIPHER_name(e) OBJ_nid2sn(EVP_CIPHER_nid(e))
163 #define EVP_MD_name(e) OBJ_nid2sn(EVP_MD_type(e))
167 * Max size in bytes of any cipher key that might conceivably be used.
169 * This value is checked at compile time in crypto.c to make sure
170 * it is always at least EVP_MAX_KEY_LENGTH.
172 * We define our own value, since this parameter
173 * is used to control the size of static key files.
174 * If the OpenSSL library increases EVP_MAX_KEY_LENGTH,
175 * we don't want our key files to be suddenly rendered
178 #define MAX_CIPHER_KEY_LENGTH 64
181 * Max size in bytes of any HMAC key that might conceivably be used.
183 * This value is checked at compile time in crypto.c to make sure
184 * it is always at least EVP_MAX_MD_SIZE. We define our own value
185 * for the same reason as above.
187 #define MAX_HMAC_KEY_LENGTH 64
190 * Defines a key type and key length for both cipher and HMAC.
194 uint8_t cipher_length
;
196 const EVP_CIPHER
*cipher
;
197 const EVP_MD
*digest
;
205 uint8_t cipher
[MAX_CIPHER_KEY_LENGTH
];
206 uint8_t hmac
[MAX_HMAC_KEY_LENGTH
];
209 #define KEY_DIRECTION_BIDIRECTIONAL 0 /* same keys for both directions */
210 #define KEY_DIRECTION_NORMAL 1 /* encrypt with keys[0], decrypt with keys[1] */
211 #define KEY_DIRECTION_INVERSE 2 /* encrypt with keys[1], decrypt with keys[0] */
214 * Dual random keys (for encrypt/decrypt)
223 * Used for controlling bidirectional keys
224 * vs. a separate key for each direction.
226 struct key_direction_state
234 * A key context for cipher and/or HMAC.
238 EVP_CIPHER_CTX
*cipher
;
243 * Cipher/HMAC key context for both sending and receiving
248 struct key_ctx encrypt
;
249 struct key_ctx decrypt
;
253 * Options for encrypt/decrypt.
255 struct crypto_options
257 struct key_ctx_bi
*key_ctx_bi
;
258 struct packet_id
*packet_id
;
259 struct packet_id_persist
*pid_persist
;
261 # define CO_PACKET_ID_LONG_FORM (1<<0)
262 # define CO_USE_IV (1<<1)
263 # define CO_IGNORE_PACKET_ID (1<<2)
264 # define CO_MUTE_REPLAY_WARNINGS (1<<3)
268 void init_key_type (struct key_type
*kt
, const char *ciphername
,
269 bool ciphername_defined
, const char *authname
,
270 bool authname_defined
, int keysize
,
271 bool cfb_ofb_allowed
, bool warn
);
273 void read_key_file (struct key2
*key2
, const char *filename
, bool must_succeed
);
275 int write_key_file (const int nkeys
, const char *filename
);
277 int read_passphrase_hash (const char *passphrase_file
,
278 const EVP_MD
*digest
,
282 void generate_key_random (struct key
*key
, const struct key_type
*kt
);
284 void check_replay_iv_consistency(const struct key_type
*kt
, bool packet_id
, bool use_iv
);
286 bool check_key (struct key
*key
, const struct key_type
*kt
);
288 void fixup_key (struct key
*key
, const struct key_type
*kt
);
290 bool write_key (const struct key
*key
, const struct key_type
*kt
,
293 int read_key (struct key
*key
, const struct key_type
*kt
, struct buffer
*buf
);
295 bool cfb_ofb_mode (const struct key_type
* kt
);
297 const char *kt_cipher_name (const struct key_type
*kt
);
298 const char *kt_digest_name (const struct key_type
*kt
);
299 int kt_key_size (const struct key_type
*kt
);
301 /* enc parameter in init_key_ctx */
305 void init_key_ctx (struct key_ctx
*ctx
, struct key
*key
,
306 const struct key_type
*kt
, int enc
,
309 void free_key_ctx (struct key_ctx
*ctx
);
310 void free_key_ctx_bi (struct key_ctx_bi
*ctx
);
312 void openvpn_encrypt (struct buffer
*buf
, struct buffer work
,
313 const struct crypto_options
*opt
,
314 const struct frame
* frame
);
316 bool openvpn_decrypt (struct buffer
*buf
, struct buffer work
,
317 const struct crypto_options
*opt
,
318 const struct frame
* frame
);
321 void crypto_adjust_frame_parameters(struct frame
*frame
,
322 const struct key_type
* kt
,
326 bool packet_id_long_form
);
328 void prng_init (void);
329 void prng_bytes (uint8_t *output
, int len
);
331 void test_crypto (const struct crypto_options
*co
, struct frame
* f
);
333 const char *md5sum(uint8_t *buf
, int len
, int n_print_chars
, struct gc_arena
*gc
);
335 void show_available_ciphers (void);
337 void show_available_digests (void);
339 void show_available_engines (void);
341 void init_crypto_lib_engine (const char *engine_name
);
343 void init_crypto_lib (void);
345 void uninit_crypto_lib (void);
347 /* key direction functions */
349 void key_direction_state_init (struct key_direction_state
*kds
, int key_direction
);
351 void verify_fix_key2 (struct key2
*key2
, const struct key_type
*kt
, const char *shared_secret_file
);
353 void must_have_n_keys (const char *filename
, const char *option
, const struct key2
*key2
, int n
);
355 int ascii2keydirection (int msglevel
, const char *str
);
357 const char *keydirection2ascii (int kd
, bool remote
);
360 void key2_print (const struct key2
* k
,
361 const struct key_type
*kt
,
363 const char* prefix1
);
365 /* memory debugging */
366 void openssl_dmalloc_init (void);
370 void get_tls_handshake_key (const struct key_type
*key_type
,
371 struct key_ctx_bi
*ctx
,
372 const char *passphrase_file
,
377 void init_ssl_lib (void);
378 void free_ssl_lib (void);
387 key_ctx_bi_defined(const struct key_ctx_bi
* key
)
389 return key
->encrypt
.cipher
|| key
->encrypt
.hmac
|| key
->decrypt
.cipher
|| key
->decrypt
.hmac
;
392 #endif /* USE_CRYPTO */
393 #endif /* CRYPTO_H */