C++ (Cpp) md_kt_get示例

示例#1

0

显示文件

文件： crypto.c 项目： KatekovAnton/iOS-OpenVPN-Sample

void
md5_state_init (struct md5_state *s)
{
  const md_kt_t *md5_kt = md_kt_get("MD5");

  md_ctx_init(&s->ctx, md5_kt);
}

示例#2

0

显示文件

文件： crypto.c 项目： KatekovAnton/iOS-OpenVPN-Sample

const char *
md5sum (uint8_t *buf, int len, int n_print_chars, struct gc_arena *gc)
{
  uint8_t digest[MD5_DIGEST_LENGTH];
  const md_kt_t *md5_kt = md_kt_get("MD5");

  md_full(md5_kt, buf, len, digest);

  return format_hex (digest, MD5_DIGEST_LENGTH, n_print_chars, gc);
}

示例#3

0

显示文件

文件： crypto.c 项目： alshalan/Mobile-OpenVPN

/*
 * Build a struct key_type.
 */
void
init_key_type (struct key_type *kt, const char *ciphername,
	       bool ciphername_defined, const char *authname,
	       bool authname_defined, int keysize,
	       bool cfb_ofb_allowed, bool warn)
{
  CLEAR (*kt);
  if (ciphername && ciphername_defined)
    {
      kt->cipher = cipher_kt_get (ciphername);
      kt->cipher_length = cipher_kt_key_size (kt->cipher);
      if (keysize > 0 && keysize <= MAX_CIPHER_KEY_LENGTH)
	kt->cipher_length = keysize;

      /* check legal cipher mode */
      {
	const unsigned int mode = cipher_kt_mode (kt->cipher);
	if (!(mode == OPENVPN_MODE_CBC
#ifdef ALLOW_NON_CBC_CIPHERS
	      || (cfb_ofb_allowed && (mode == OPENVPN_MODE_CFB || mode == OPENVPN_MODE_OFB))
#endif
	      ))
#ifdef ENABLE_SMALL
	  msg (M_FATAL, "Cipher '%s' mode not supported", ciphername);
#else
	  msg (M_FATAL, "Cipher '%s' uses a mode not supported by " PACKAGE_NAME " in your current configuration.  CBC mode is always supported, while CFB and OFB modes are supported only when using SSL/TLS authentication and key exchange mode, and when " PACKAGE_NAME " has been built with ALLOW_NON_CBC_CIPHERS.", ciphername);
#endif
      }
    }
  else
    {
      if (warn)
	msg (M_WARN, "******* WARNING *******: null cipher specified, no encryption will be used");
    }
  if (authname && authname_defined)
    {
      kt->digest = md_kt_get (authname);
      kt->hmac_length = md_kt_size (kt->digest);
    }
  else
    {
      if (warn)
	msg (M_WARN, "******* WARNING *******: null MAC specified, no authentication will be used");
    }
}

示例#4

0

显示文件

文件： crypto.c 项目： KatekovAnton/iOS-OpenVPN-Sample

void
prng_init (const char *md_name, const int nonce_secret_len_parm)
{
  prng_uninit ();
  nonce_md = md_name ? md_kt_get (md_name) : NULL;
  if (nonce_md)
    {
      ASSERT (nonce_secret_len_parm >= NONCE_SECRET_LEN_MIN && nonce_secret_len_parm <= NONCE_SECRET_LEN_MAX);
      nonce_secret_len = nonce_secret_len_parm;
      {
	const int size = md_kt_size(nonce_md) + nonce_secret_len;
	dmsg (D_CRYPTO_DEBUG, "PRNG init md=%s size=%d", md_kt_name(nonce_md), size);
	nonce_data = (uint8_t*) malloc (size);
	check_malloc_return (nonce_data);
	prng_reset_nonce();
      }
    }
}

示例#5

0

显示文件

文件： crypto.c 项目： KatekovAnton/iOS-OpenVPN-Sample

/*
 * Build a struct key_type.
 */
void
init_key_type (struct key_type *kt, const char *ciphername,
	       bool ciphername_defined, const char *authname,
	       bool authname_defined, int keysize,
	       bool cfb_ofb_allowed, bool warn)
{
  CLEAR (*kt);
  if (ciphername && ciphername_defined)
    {
      kt->cipher = cipher_kt_get (translate_cipher_name_from_openvpn(ciphername));
      kt->cipher_length = cipher_kt_key_size (kt->cipher);
      if (keysize > 0 && keysize <= MAX_CIPHER_KEY_LENGTH)
	kt->cipher_length = keysize;

      /* check legal cipher mode */
      {
	if (!(cipher_kt_mode_cbc(kt->cipher)
#ifdef ENABLE_OFB_CFB_MODE
	      || (cfb_ofb_allowed && cipher_kt_mode_ofb_cfb(kt->cipher))
#endif
	      ))
	  msg (M_FATAL, "Cipher '%s' mode not supported", ciphername);
      }
    }
  else
    {
      if (warn)
	msg (M_WARN, "******* WARNING *******: null cipher specified, no encryption will be used");
    }
  if (authname && authname_defined)
    {
      kt->digest = md_kt_get (authname);
      kt->hmac_length = md_kt_size (kt->digest);
    }
  else
    {
      if (warn)
	msg (M_WARN, "******* WARNING *******: null MAC specified, no authentication will be used");
    }
}

示例#6

0

显示文件

文件： misc.c 项目： anlaneg/openvpn

void
get_user_pass_auto_userid(struct user_pass *up, const char *tag)
{
    struct gc_arena gc = gc_new();
    struct buffer buf;
    uint8_t macaddr[6];
    static uint8_t digest [MD5_DIGEST_LENGTH];
    static const uint8_t hashprefix[] = "AUTO_USERID_DIGEST";

    const md_kt_t *md5_kt = md_kt_get("MD5");
    md_ctx_t *ctx;

    CLEAR(*up);
    buf_set_write(&buf, (uint8_t *)up->username, USER_PASS_LEN);
    buf_printf(&buf, "%s", TARGET_PREFIX);
    if (get_default_gateway_mac_addr(macaddr))
    {
        dmsg(D_AUTO_USERID, "GUPAU: macaddr=%s", format_hex_ex(macaddr, sizeof(macaddr), 0, 1, ":", &gc));
        ctx = md_ctx_new();
        md_ctx_init(ctx, md5_kt);
        md_ctx_update(ctx, hashprefix, sizeof(hashprefix) - 1);
        md_ctx_update(ctx, macaddr, sizeof(macaddr));
        md_ctx_final(ctx, digest);
        md_ctx_cleanup(ctx);
        md_ctx_free(ctx);
        buf_printf(&buf, "%s", format_hex_ex(digest, sizeof(digest), 0, 256, " ", &gc));
    }
    else
    {
        buf_printf(&buf, "UNKNOWN");
    }
    if (tag && strcmp(tag, "stdin"))
    {
        buf_printf(&buf, "-%s", tag);
    }
    up->defined = true;
    gc_free(&gc);

    dmsg(D_AUTO_USERID, "GUPAU: AUTO_USERID: '%s'", up->username);
}

示例#7

0

显示文件

文件： tls_crypt.c 项目： OpenVPN/openvpn

static struct key_type
tls_crypt_kt(void)
{
    struct key_type kt;
    kt.cipher = cipher_kt_get("AES-256-CTR");
    kt.digest = md_kt_get("SHA256");

    if (!kt.cipher)
    {
        msg(M_WARN, "ERROR: --tls-crypt requires AES-256-CTR support.");
        return (struct key_type) { 0 };
    }
    if (!kt.digest)
    {
        msg(M_WARN, "ERROR: --tls-crypt requires HMAC-SHA-256 support.");
        return (struct key_type) { 0 };
    }

    kt.cipher_length = cipher_kt_key_size(kt.cipher);
    kt.hmac_length = md_kt_size(kt.digest);

    return kt;
}

示例#8

0

显示文件

文件： push.c 项目： anlaneg/openvpn

int
process_incoming_push_msg(struct context *c,
                          const struct buffer *buffer,
                          bool honor_received_options,
                          unsigned int permission_mask,
                          unsigned int *option_types_found)
{
    int ret = PUSH_MSG_ERROR;
    struct buffer buf = *buffer;

#if P2MP_SERVER
    if (buf_string_compare_advance(&buf, "PUSH_REQUEST"))
    {
        ret = process_incoming_push_request(c);
    }
    else
#endif

    if (honor_received_options && buf_string_compare_advance(&buf, "PUSH_REPLY"))
    {
        const uint8_t ch = buf_read_u8(&buf);
        if (ch == ',')
        {
            struct buffer buf_orig = buf;
            if (!c->c2.pulled_options_digest_init_done)
            {
                c->c2.pulled_options_state = md_ctx_new();
                md_ctx_init(c->c2.pulled_options_state, md_kt_get("SHA256"));
                c->c2.pulled_options_digest_init_done = true;
            }
            if (!c->c2.did_pre_pull_restore)
            {
                pre_pull_restore(&c->options, &c->c2.gc);
                c->c2.did_pre_pull_restore = true;
            }
            if (apply_push_options(&c->options,
                                   &buf,
                                   permission_mask,
                                   option_types_found,
                                   c->c2.es))
            {
                push_update_digest(c->c2.pulled_options_state, &buf_orig,
                                   &c->options);
                switch (c->options.push_continuation)
                {
                    case 0:
                    case 1:
                        md_ctx_final(c->c2.pulled_options_state, c->c2.pulled_options_digest.digest);
                        md_ctx_cleanup(c->c2.pulled_options_state);
                        md_ctx_free(c->c2.pulled_options_state);
                        c->c2.pulled_options_state = NULL;
                        c->c2.pulled_options_digest_init_done = false;
                        ret = PUSH_MSG_REPLY;
                        break;

                    case 2:
                        ret = PUSH_MSG_CONTINUATION;
                        break;
                }
            }
        }
        else if (ch == '\0')
        {
            ret = PUSH_MSG_REPLY;
        }
        /* show_settings (&c->options); */
    }
    return ret;
}