mirror/openvpn3
0
0
Fork 0
mirror of https://github.com/OpenVPN/openvpn3.git synced 2024-09-20 12:12:15 +02:00
Code
5f85652033
openvpn3/openvpn/crypto/cryptodc.hpp
James Yonan bd04ed3755 Added CryptoAlgs for managing crypto algorithms independently of 
underlying crypto implementation.

Modified proto.hpp to use the new CryptoAlgs types for
cipher/digest selection.

Added initial PolarSSL implementation for cipher/digest
selection using CryptoAlgs types.

Note: this implementation is incomplete, see fixmes.
2014-10-18 10:50:51 -06:00

114 lines
3.7 KiB
C++
Raw Blame History

// OpenVPN -- An application to securely tunnel IP networks
// over a single port, with support for SSL/TLS-based
// session authentication and key exchange,
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2013-2014 OpenVPN Technologies, Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.
// Base class for OpenVPN data channel encryption/decryption
#ifndef OPENVPN_CRYPTO_CRYPTODC_H
#define OPENVPN_CRYPTO_CRYPTODC_H
#include <openvpn/buffer/buffer.hpp>
#include <openvpn/error/error.hpp>
#include <openvpn/common/rc.hpp>
#include <openvpn/frame/frame.hpp>
#include <openvpn/random/prng.hpp>
#include <openvpn/crypto/static_key.hpp>
#include <openvpn/crypto/packet_id.hpp>
#include <openvpn/crypto/cryptoalgs.hpp>
namespace openvpn {
// Base class for encryption/decryption of data channel
template <typename CRYPTO_API>
class CryptoDCBase : public RC<thread_unsafe_refcount>
{
public:
typedef boost::intrusive_ptr<CryptoDCBase> Ptr;
// Encrypt/Decrypt
// returns true if packet ID is close to wrapping
virtual bool encrypt(BufferAllocated& buf, const PacketID::time_t now) = 0;
virtual Error::Type decrypt(BufferAllocated& buf, const PacketID::time_t now) = 0;
// Initialization
virtual void init_encrypt_cipher(const StaticKey& key) = 0;
virtual void init_encrypt_hmac(const StaticKey& key) = 0;
virtual void init_encrypt_pid_send(const int form) = 0;
virtual void init_decrypt_cipher(const StaticKey& key) = 0;
virtual void init_decrypt_hmac(const StaticKey& key) = 0;
virtual void init_decrypt_pid_recv(const int mode, const int form,
const int seq_backtrack, const int time_backtrack,
const char *name, const int unit,
const SessionStats::Ptr& stats_arg) = 0;
// Indicate whether or not cipher/digest is defined
virtual bool cipher_defined() const = 0;
virtual bool digest_defined() const = 0;
// Rekeying
enum RekeyType {
ACTIVATE_PRIMARY,
DEACTIVATE_SECONDARY,
PROMOTE_SECONDARY_TO_PRIMARY,
DEACTIVATE_ALL,
};
virtual void rekey(const RekeyType type) = 0;
};
// Factory for CryptoDCBase objects
template <typename CRYPTO_API>
class CryptoDCContext : public RC<thread_unsafe_refcount>
{
public:
typedef boost::intrusive_ptr<CryptoDCContext> Ptr;
virtual typename CryptoDCBase<CRYPTO_API>::Ptr new_obj(const unsigned int key_id) = 0;
// Info for ProtoContext::options_string
virtual std::string cipher_name() const = 0;
virtual std::string digest_name() const = 0;
virtual size_t key_size() const = 0;
// Info for ProtoContext::link_mtu_adjust
virtual size_t encap_overhead() const = 0;
};
// Factory for CryptoDCContext objects
template <typename CRYPTO_API>
class CryptoDCFactory : public RC<thread_unsafe_refcount>
{
public:
typedef boost::intrusive_ptr<CryptoDCFactory> Ptr;
virtual typename CryptoDCContext<CRYPTO_API>::Ptr new_obj(const CryptoAlgs::Type cipher,
const CryptoAlgs::Type digest) = 0;
};
}
#endif
View Git Blame Copy Permalink