James Yonan
5f85652033
For client, replaced all instances of PRNG to new dynamic type.
2014-10-19 19:59:48 -06:00
James Yonan
5102cff6f1
Added polymorphic classes for message digest algorithms.
...
Converted PRNG from static to dynamic polymorphism.
Did not fix PRNG users yet.
2014-10-19 19:14:56 -06:00
James Yonan
e8ca0c47f3
Added "chm" tag to CBC/HMAC encrypt/decrypt class names and
...
source filenames to distinguish from new modes such as AEAD.
2014-10-19 15:19:14 -06:00
James Yonan
677cd039c4
Defer data channel initialization until after client-side
...
options pull, so that cipher/digest can be pushed by server.
Note: incomplete, see fixmes.
2014-10-18 20:37:08 -06:00
James Yonan
bd04ed3755
Added CryptoAlgs for managing crypto algorithms independently of
...
underlying crypto implementation.
Modified proto.hpp to use the new CryptoAlgs types for
cipher/digest selection.
Added initial PolarSSL implementation for cipher/digest
selection using CryptoAlgs types.
Note: this implementation is incomplete, see fixmes.
2014-10-18 10:50:51 -06:00
James Yonan
9145145b64
Checkpoint toward fully polymorphic data channel API. Added a
...
three-level factory model:
CryptoDCFactory -- builds CryptoDCContext objects for a given
cipher/digest
CryptoDCContext -- builds CryptoDCBase objects for a given key ID
CryptoDCBase -- encrypt/decrypt data channel
2014-10-17 15:52:29 -06:00
James Yonan
f47ce33c48
Renamed CryptoContextBase to CryptoDCBase to emphasize
...
that this is the Data Channel crypto API. Related factories,
derived classes, and typedefs also renamed.
2014-10-16 10:10:42 -06:00
James Yonan
8b71fa9800
Converted RAND_API from static to dynamic polymorphism
...
(using RandomAPI as base class).
2014-10-15 12:53:18 -06:00
James Yonan
ab7dfe6f05
Added CryptoContextBase abstraction to allow use of new
...
data channel modes and non-CBC ciphers such as AES-GCM.
2014-10-08 13:43:40 -06:00
James Yonan
4e39a533e9
Added new constant-time memory comparison function crypto::memneq
...
to replace memcmp_secure. crypto::memneq benefits from insights
gained during the development of crypto_memneq for the Linux kernel.
2014-08-17 22:09:12 -06:00
James Yonan
2c6d972ad6
Added AGPL copyright/licensing language.
2014-07-20 21:22:06 -06:00
James Yonan
7fe6fad18a
Added crypto self test capability to core.
...
Added polarssl/bignum-arm.patch to resolve issue where
asm-optimized bignum code would crash on iOS.
2013-06-14 00:34:49 +00:00
James Yonan
82be8b0107
packet_id.hpp now logs errors to a SessionStats objects,
...
like the rest of the core.
Added verbose() method to class SessionStats so that clients can
know whether to pass extra text data to error() virtual method.
2013-05-22 05:13:11 +00:00
James Yonan
9ed088a28b
Implemented "auth none" and "cipher none".
2013-03-13 00:34:17 +00:00
James Yonan
4d9a751af2
Added head comments to all source files.
...
Minor reorganization of unicode code.
2012-11-23 06:18:43 +00:00
James Yonan
df51e2bfc3
Minor SplitLines changes.
2012-11-12 02:33:20 +00:00
James Yonan
5a5a18942a
Added parser size validation constants in
...
openvpn/client/cliconstants.hpp
2012-11-12 01:52:03 +00:00
James Yonan
a6b6d487ef
Global edit to add copyright notice at head of each source file.
2012-08-24 21:13:42 +00:00
James Yonan
801bfae881
Added Polar SSL crypto support via PolarSSLCryptoAPI.
2012-03-13 04:51:52 +00:00
James Yonan
34dc950815
Core refactor to abstract random and crypto APIs using
...
static polymorphism. Only OpenSSL crypto API is
presently implemented. Still need to implement Apple
and PolarSSL.
2012-03-12 12:24:40 +00:00
James Yonan
f13ed3e7a8
Implemented Java client using Swig.
2012-02-11 14:02:51 +00:00
James Yonan
231bd0f21a
Top-level client refactoring, to move configuration functionality
...
from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 20:39:10 +00:00
James Yonan
e7a5d9f55b
Start process of moving client logic out of cli.cpp into
...
general-purpose classes.
Rename ProtoStats to SessionStats and make it more flexible
by using an abstract base class model.
Add a client event queue for the beginnings of a client-backend
API.
Added logic to ProtoContext to invalidate session on certain
kinds of errors in TCP that would be normally be okay in UDP
such as HMAC_ERROR, DECRYPT_ERROR, etc.
Add some alignment adjustment logic for READ_LINK_TCP (3 bytes)
and READ_LINK_UDP (1 byte).
2012-02-04 10:24:54 +00:00
James Yonan
f7067d817c
Added constant-time memcmp.
2012-01-24 01:54:35 +00:00
James Yonan
bd4673c60f
Added IP address classes for IPv4/v6.
...
Implemented get_default_gateway() for Mac OS X.
2012-01-11 06:15:32 +00:00
James Yonan
7371bd8e14
First working version of cli that can be entirely driven from config
...
file. Currently limited to UDP, runs only on Linux, and supports
pushed redirect-gateway but not route directives.
2011-12-18 10:50:08 +00:00
James Yonan
6260957c37
Added AES-NI support.
...
Disable logging in Packet ID code unless OPENVPN_DEBUG_PACKET_ID
is defined.
2011-12-17 05:06:39 +00:00
James Yonan
990231b226
First successful negotiation with AS.
...
Still need to parse and apply PUSH_REPLY options.
2011-12-16 10:02:15 +00:00
James Yonan
c8f7b0ff2f
Keepalive implementation.
2011-12-15 08:48:14 +00:00
James Yonan
44ee74f374
Added compression framework.
...
Implemented LZO_STUB compressor.
Added methods to generate options and peer info strings.
2011-12-14 11:34:33 +00:00
James Yonan
3f73d56afb
Added some string parsing classes/functions for parsing OpenVPN options
...
given as a comma-separated list.
2011-12-13 19:51:29 +00:00
James Yonan
1b5fa38adb
Comment additions.
...
Catch buffer exceptions and increment BUFFER_ERRORS.
2011-12-13 11:13:27 +00:00
James Yonan
1aa65c259b
Implemented soft reset in proto.hpp.
2011-12-13 04:46:56 +00:00
James Yonan
f3e9239d80
Full-protocol unit test using ProtoContext, w/o soft resets.
...
Test in test/ssl/proto.cpp.
2011-12-11 08:28:55 +00:00
James Yonan
ee46876142
Added HMAC and Packet ID integrity checks to reliable/SSL test.
2011-12-05 06:11:51 +00:00
James Yonan
d21c7de80c
Coded hmac2 methods, for dealing with HMAC operations where HMAC
...
signature exists within data range being signed.
In ProtoStack, add raw_write method sending raw packets
that will NOT be encrypted via SSL, but will still be
encapsulated and tracked via reliability layer.
Other misc changes.
2011-12-04 01:34:32 +00:00
James Yonan
3c57bf9b05
ProtoStack with Apple SSL client and OpenSSL server
...
successfully tested by test/reliable/ssl.cpp.
2011-12-02 22:00:56 +00:00
James Yonan
671df2bb14
Reorganized files so that all code that references OpenSSL
...
is either under openvpn/openssl (implementation) or
openvpn/gencrypto (generic crypto selector).
Reorganized applecrypto with evp files under crypto so
that we can eventually build out applecrypto as a full
crypto/ssl replacement for OpenSSL.
2011-11-23 06:08:26 +00:00
James Yonan
d0e1d06812
Ported tlsprf to CommonCrypto.
2011-11-23 03:35:51 +00:00
James Yonan
713fbab110
Extended Apple CommonCrypto support to full OpenVPN
...
data channel layer, so that encdec benchmark will
now run with only CommonCrypto (no OpenSSL linkage).
2011-11-22 09:13:22 +00:00
James Yonan
0d293533f5
Added OpenSSL-like HMAC API using Apple
...
CommonCrypto as backend.
2011-11-22 03:01:28 +00:00
James Yonan
7dd61393ab
Move crypto random number headers out of openvpn/openssl
...
into openvpn/random. Also move boostrand.hpp into
openvpn/random.
2011-11-21 06:11:06 +00:00
James Yonan
b45e9c2e15
Started on ProtoContext object (master OpenVPN protocol
...
context object).
Implemented TLS PRF functions.
2011-11-21 04:58:54 +00:00
James Yonan
f09b9ae12a
Added reltest.cpp for testing ReliableRecv and ReliableSend
...
objects by simulating an unreliable packet stream.
Modified packet_id code so that current time (now) is passed
via function calls rather than accessed as a global.
Added integer random number support via boost::random.
2011-11-09 05:52:52 +00:00
James Yonan
52c42fb5d2
Moved time source files to openvpn/time.
...
Added search/replace tool smod.
2011-11-05 17:02:16 +00:00
James Yonan
b1b313ec28
Implemented new time system based on Time and Time::Duration,
...
with Asio integration using boost::asio::time_traits<openvpn::Time>.
Started reliable receive class (ReliableRecv).
2011-11-01 13:00:49 +00:00
James Yonan
1fcf65fbda
Started PKI tree for wrapping OpenSSL PKI objects.
...
Started SSL Context class.
Implemented dgram & stream buffer queues that can operate as
OpenSSL BIOs.
Reworked Frame class to make it more flexible.
2011-10-25 17:32:26 +00:00
James Yonan
e5b9f303bc
Developed openvpn::time abstraction.
2011-10-16 07:51:07 +00:00
James Yonan
918caca206
First working static key implementation.
...
Tested interoperability with OpenVPN in static key mode.
2011-10-07 05:47:49 +00:00
James Yonan
422cd204af
Added CryptoContext wrapper struct for Encrypt and Decrypt objects.
...
Modified build scripts to use -fwhole-program.
Added read_text function to read a text file into a string.
2011-10-06 17:22:37 +00:00