6825182b |
/*
* OpenVPN -- An application to securely tunnel IP networks
* over a single TCP/UDP port, with support for SSL/TLS-based
* session authentication and key exchange,
* packet encryption, packet authentication, and
* packet compression.
* |
49979459 |
* Copyright (C) 2002-2018 OpenVPN Inc <sales@openvpn.net>
* Copyright (C) 2010-2018 Fox Crypto B.V. <openvpn@fox-it.com> |
6825182b |
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 2
* as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
* |
caa54ac3 |
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. |
6825182b |
*/
/**
* @file Data Channel Cryptography SSL library-specific backend interface
*/
#ifndef CRYPTO_BACKEND_H_
#define CRYPTO_BACKEND_H_
|
9b33b5a4 |
#ifdef ENABLE_CRYPTO_OPENSSL |
6825182b |
#include "crypto_openssl.h"
#endif |
86d8cd68 |
#ifdef ENABLE_CRYPTO_MBEDTLS |
74586c65 |
#include "crypto_mbedtls.h" |
53f97e1e |
#endif |
6825182b |
#include "basic.h"
|
66407e11 |
/* TLS uses a tag of 128 bytes, let's do the same for OpenVPN */
#define OPENVPN_AEAD_TAG_LENGTH 16 |
b01cb9ef |
|
97894360 |
/* Maximum cipher block size (bytes) */
#define OPENVPN_MAX_CIPHER_BLOCK_SIZE 32
/* Maximum HMAC digest size (bytes) */ |
81d882d5 |
#define OPENVPN_MAX_HMAC_SIZE 64 |
97894360 |
|
2193d7c0 |
/** Types referencing specific message digest hashing algorithms */
typedef enum {
MD_SHA1,
MD_SHA256
} hash_algo_type ;
|
44dc5d30 |
/** Struct used in cipher name translation table */
typedef struct { |
81d882d5 |
const char *openvpn_name; /**< Cipher name used by OpenVPN */
const char *lib_name; /**< Cipher name used by crypto library */ |
44dc5d30 |
} cipher_name_pair;
/** Cipher name translation table */
extern const cipher_name_pair cipher_name_translation_table[];
extern const size_t cipher_name_translation_table_count;
|
b01cb9ef |
/*
* This routine should have additional OpenSSL crypto library initialisations
* used by both crypto and ssl components of OpenVPN.
*/ |
81d882d5 |
void crypto_init_lib(void); |
b01cb9ef |
|
81d882d5 |
void crypto_uninit_lib(void); |
b01cb9ef |
|
81d882d5 |
void crypto_clear_error(void); |
330715f0 |
|
b01cb9ef |
/*
* Initialise the given named crypto engine.
*/ |
81d882d5 |
void crypto_init_lib_engine(const char *engine_name); |
b01cb9ef |
#ifdef DMALLOC
/*
* OpenSSL memory debugging. If dmalloc debugging is enabled, tell
* OpenSSL to use our private malloc/realloc/free functions so that
* we can dispatch them to dmalloc.
*/ |
81d882d5 |
void crypto_init_dmalloc(void);
|
b01cb9ef |
#endif /* DMALLOC */
|
f499b921 |
/**
* Translate a data channel cipher name from the OpenVPN config file
* 'language' to the crypto library specific name.
*/ |
81d882d5 |
const char *translate_cipher_name_from_openvpn(const char *cipher_name); |
f499b921 |
/**
* Translate a data channel cipher name from the crypto library specific name
* to the OpenVPN config file 'language'.
*/ |
81d882d5 |
const char *translate_cipher_name_from_openvpn(const char *cipher_name); |
f499b921 |
|
81d882d5 |
void show_available_ciphers(void); |
7151f3f7 |
|
81d882d5 |
void show_available_digests(void); |
7151f3f7 |
|
81d882d5 |
void show_available_engines(void); |
7151f3f7 |
|
6825182b |
/*
*
* Random number functions, used in cases where we want
* reasonably strong cryptographic random number generation
* without depleting our entropy pool. Used for random
* IV values and a number of other miscellaneous tasks.
*
*/
/**
* Wrapper for secure random number generator. Retrieves len bytes of random
* data, and places it in output.
* |
81d882d5 |
* @param output Output buffer
* @param len Length of the output buffer, in bytes |
6825182b |
* |
81d882d5 |
* @return \c 1 on success, \c 0 on failure |
6825182b |
*/ |
81d882d5 |
int rand_bytes(uint8_t *output, int len); |
6825182b |
|
23ee3563 |
/*
* |
183c3d19 |
* Key functions, allow manipulation of keys.
*
*/
/**
* Return number of DES cblocks (1 cblock = length of a single-DES key) for the
* current key type or 0 if not a DES cipher.
* |
81d882d5 |
* @param kt Type of key |
183c3d19 |
* |
81d882d5 |
* @return Number of DES cblocks that the key consists of, or 0. |
183c3d19 |
*/ |
81d882d5 |
int key_des_num_cblocks(const cipher_kt_t *kt); |
183c3d19 |
/*
* Check the given DES key. Checks the given key's length, weakness and parity.
* |
81d882d5 |
* @param key Key to check
* @param key_len Length of the key, in bytes
* @param ndc Number of DES cblocks that the key is made up of. |
183c3d19 |
* |
81d882d5 |
* @return \c true if the key is valid, \c false otherwise. |
183c3d19 |
*/ |
81d882d5 |
bool key_des_check(uint8_t *key, int key_len, int ndc); |
183c3d19 |
/*
* Fix the given DES key, setting its parity to odd.
* |
81d882d5 |
* @param key Key to check
* @param key_len Length of the key, in bytes
* @param ndc Number of DES cblocks that the key is made up of. |
183c3d19 |
*/ |
81d882d5 |
void key_des_fixup(uint8_t *key, int key_len, int ndc); |
183c3d19 |
|
4a5a6033 |
/**
* Encrypt the given block, using DES ECB mode
* |
81d882d5 |
* @param key DES key to use.
* @param src Buffer containing the 8-byte source.
* @param dst Buffer containing the 8-byte destination |
4a5a6033 |
*/ |
81d882d5 |
void cipher_des_encrypt_ecb(const unsigned char key[DES_KEY_LENGTH],
unsigned char src[DES_KEY_LENGTH],
unsigned char dst[DES_KEY_LENGTH]); |
4a5a6033 |
|
183c3d19 |
/*
* |
23ee3563 |
* Generic cipher key type functions
*
*/
/*
* Max size in bytes of any cipher key that might conceivably be used.
*
* This value is checked at compile time in crypto.c to make sure
* it is always at least EVP_MAX_KEY_LENGTH.
*
* We define our own value, since this parameter
* is used to control the size of static key files.
* If the OpenSSL library increases EVP_MAX_KEY_LENGTH,
* we don't want our key files to be suddenly rendered
* unusable.
*/
#define MAX_CIPHER_KEY_LENGTH 64
|
670f9dd9 |
/**
* Return cipher parameters, based on the given cipher name. The
* contents of these parameters are library-specific, and can be used to
* initialise encryption/decryption.
* |
81d882d5 |
* @param ciphername Name of the cipher to retrieve parameters for (e.g.
* \c AES-128-CBC). |
670f9dd9 |
* |
81d882d5 |
* @return A statically allocated structure containing parameters
* for the given cipher, or NULL if no matching parameters
* were found. |
670f9dd9 |
*/ |
81d882d5 |
const cipher_kt_t *cipher_kt_get(const char *ciphername); |
670f9dd9 |
/**
* Retrieve a string describing the cipher (e.g. \c AES-128-CBC).
* |
81d882d5 |
* @param cipher_kt Static cipher parameters |
670f9dd9 |
*
* @return a statically allocated string describing the cipher.
*/ |
81d882d5 |
const char *cipher_kt_name(const cipher_kt_t *cipher_kt); |
670f9dd9 |
/**
* Returns the size of keys used by the cipher, in bytes. If the cipher has a
* variable key size, return the default key size.
* |
81d882d5 |
* @param cipher_kt Static cipher parameters |
670f9dd9 |
* |
81d882d5 |
* @return (Default) size of keys used by the cipher, in bytes. |
670f9dd9 |
*/ |
81d882d5 |
int cipher_kt_key_size(const cipher_kt_t *cipher_kt); |
670f9dd9 |
/**
* Returns the size of the IV used by the cipher, in bytes, or 0 if no IV is
* used.
* |
81d882d5 |
* @param cipher_kt Static cipher parameters |
670f9dd9 |
* |
81d882d5 |
* @return Size of the IV, in bytes, or 0 if the cipher does not
* use an IV. |
670f9dd9 |
*/ |
81d882d5 |
int cipher_kt_iv_size(const cipher_kt_t *cipher_kt); |
670f9dd9 |
/**
* Returns the block size of the cipher, in bytes.
* |
81d882d5 |
* @param cipher_kt Static cipher parameters |
670f9dd9 |
* |
81d882d5 |
* @return Block size, in bytes. |
670f9dd9 |
*/ |
81d882d5 |
int cipher_kt_block_size(const cipher_kt_t *cipher_kt); |
670f9dd9 |
/** |
66407e11 |
* Returns the MAC tag size of the cipher, in bytes.
* |
81d882d5 |
* @param ctx Static cipher parameters. |
66407e11 |
* |
81d882d5 |
* @return Tag size in bytes, or 0 if the tag size could not be
* determined. |
66407e11 |
*/ |
81d882d5 |
int cipher_kt_tag_size(const cipher_kt_t *cipher_kt); |
66407e11 |
/** |
670f9dd9 |
* Returns the mode that the cipher runs in.
* |
81d882d5 |
* @param cipher_kt Static cipher parameters. May not be NULL. |
670f9dd9 |
* |
81d882d5 |
* @return Cipher mode, either \c OPENVPN_MODE_CBC, \c
* OPENVPN_MODE_OFB or \c OPENVPN_MODE_CFB |
670f9dd9 |
*/ |
81d882d5 |
int cipher_kt_mode(const cipher_kt_t *cipher_kt); |
670f9dd9 |
|
a4b27b64 |
/** |
38cd1ed5 |
* Check if the supplied cipher is a supported CBC mode cipher. |
a4b27b64 |
* |
81d882d5 |
* @param cipher Static cipher parameters. |
a4b27b64 |
* |
81d882d5 |
* @return true iff the cipher is a CBC mode cipher. |
a4b27b64 |
*/ |
98156e90 |
bool cipher_kt_mode_cbc(const cipher_kt_t *cipher); |
a4b27b64 |
/** |
38cd1ed5 |
* Check if the supplied cipher is a supported OFB or CFB mode cipher. |
a4b27b64 |
* |
81d882d5 |
* @param cipher Static cipher parameters. |
a4b27b64 |
* |
81d882d5 |
* @return true iff the cipher is a OFB or CFB mode cipher. |
a4b27b64 |
*/ |
98156e90 |
bool cipher_kt_mode_ofb_cfb(const cipher_kt_t *cipher); |
a4b27b64 |
|
66407e11 |
/**
* Check if the supplied cipher is a supported AEAD mode cipher.
* |
81d882d5 |
* @param cipher Static cipher parameters. |
66407e11 |
* |
81d882d5 |
* @return true iff the cipher is a AEAD mode cipher. |
66407e11 |
*/
bool cipher_kt_mode_aead(const cipher_kt_t *cipher);
|
670f9dd9 |
|
485c5f76 |
/**
*
* Generic cipher functions
*
*/
/** |
6cbd48a3 |
* Allocate a new cipher context
*
* @return a new cipher context
*/
cipher_ctx_t *cipher_ctx_new(void);
/**
* Free a cipher context
*
* @param ctx Cipher context.
*/
void cipher_ctx_free(cipher_ctx_t *ctx);
/** |
485c5f76 |
* Initialise a cipher context, based on the given key and key type.
* |
81d882d5 |
* @param ctx Cipher context. May not be NULL
* @param key Buffer containing the key to use
* @param key_len Length of the key, in bytes
* @param kt Static cipher parameters to use
* @param enc Whether to encrypt or decrypt (either
* \c MBEDTLS_OP_ENCRYPT or \c MBEDTLS_OP_DECRYPT). |
485c5f76 |
*/ |
5e6e4b7d |
void cipher_ctx_init(cipher_ctx_t *ctx, const uint8_t *key, int key_len, |
81d882d5 |
const cipher_kt_t *kt, int enc); |
485c5f76 |
/**
* Cleanup the specified context.
* |
81d882d5 |
* @param ctx Cipher context to cleanup. |
485c5f76 |
*/ |
81d882d5 |
void cipher_ctx_cleanup(cipher_ctx_t *ctx); |
485c5f76 |
/**
* Returns the size of the IV used by the cipher, in bytes, or 0 if no IV is
* used.
* |
81d882d5 |
* @param ctx The cipher's context |
485c5f76 |
* |
81d882d5 |
* @return Size of the IV, in bytes, or \c 0 if the cipher does not
* use an IV or ctx was NULL. |
485c5f76 |
*/ |
81d882d5 |
int cipher_ctx_iv_length(const cipher_ctx_t *ctx); |
485c5f76 |
/** |
66407e11 |
* Gets the computed message authenticated code (MAC) tag for this cipher.
* |
81d882d5 |
* @param ctx The cipher's context
* @param tag The buffer to write computed tag in.
* @param tag_size The tag buffer size, in bytes. |
66407e11 |
*/ |
81d882d5 |
int cipher_ctx_get_tag(cipher_ctx_t *ctx, uint8_t *tag, int tag_len); |
66407e11 |
/** |
485c5f76 |
* Returns the block size of the cipher, in bytes.
* |
81d882d5 |
* @param ctx The cipher's context |
485c5f76 |
* |
81d882d5 |
* @return Block size, in bytes, or 0 if ctx was NULL. |
485c5f76 |
*/ |
81d882d5 |
int cipher_ctx_block_size(const cipher_ctx_t *ctx); |
485c5f76 |
/**
* Returns the mode that the cipher runs in.
* |
81d882d5 |
* @param ctx Cipher's context. May not be NULL. |
485c5f76 |
* |
81d882d5 |
* @return Cipher mode, either \c OPENVPN_MODE_CBC, \c
* OPENVPN_MODE_OFB or \c OPENVPN_MODE_CFB |
485c5f76 |
*/ |
81d882d5 |
int cipher_ctx_mode(const cipher_ctx_t *ctx); |
485c5f76 |
/** |
a4b27b64 |
* Returns the static cipher parameters for this context.
* |
81d882d5 |
* @param ctx Cipher's context. |
a4b27b64 |
* |
81d882d5 |
* @return Static cipher parameters for the supplied context, or
* NULL if unable to determine cipher parameters. |
a4b27b64 |
*/ |
81d882d5 |
const cipher_kt_t *cipher_ctx_get_cipher_kt(const cipher_ctx_t *ctx); |
a4b27b64 |
/** |
485c5f76 |
* Resets the given cipher context, setting the IV to the specified value.
* Preserves the associated key information.
* |
81d882d5 |
* @param ctx Cipher's context. May not be NULL.
* @param iv_buf The IV to use. |
485c5f76 |
* |
81d882d5 |
* @return \c 0 on failure, \c 1 on success. |
485c5f76 |
*/ |
5e6e4b7d |
int cipher_ctx_reset(cipher_ctx_t *ctx, const uint8_t *iv_buf); |
485c5f76 |
/** |
66407e11 |
* Updates the given cipher context, providing additional data (AD) for
* authenticated encryption with additional data (AEAD) cipher modes.
* |
81d882d5 |
* @param ctx Cipher's context. May not be NULL.
* @param src Source buffer
* @param src_len Length of the source buffer, in bytes |
66407e11 |
* |
81d882d5 |
* @return \c 0 on failure, \c 1 on success. |
66407e11 |
*/ |
81d882d5 |
int cipher_ctx_update_ad(cipher_ctx_t *ctx, const uint8_t *src, int src_len); |
66407e11 |
/** |
485c5f76 |
* Updates the given cipher context, encrypting data in the source buffer, and
* placing any complete blocks in the destination buffer.
*
* Note that if a complete block cannot be written, data is cached in the
* context, and emitted at a later call to \c cipher_ctx_update, or by a call
* to \c cipher_ctx_final(). This implies that dst should have enough room for |
cc377dec |
* src_len + \c cipher_ctx_block_size(). |
485c5f76 |
* |
81d882d5 |
* @param ctx Cipher's context. May not be NULL.
* @param dst Destination buffer
* @param dst_len Length of the destination buffer, in bytes
* @param src Source buffer
* @param src_len Length of the source buffer, in bytes |
485c5f76 |
* |
81d882d5 |
* @return \c 0 on failure, \c 1 on success. |
485c5f76 |
*/ |
81d882d5 |
int cipher_ctx_update(cipher_ctx_t *ctx, uint8_t *dst, int *dst_len,
uint8_t *src, int src_len); |
485c5f76 |
/**
* Pads the final cipher block using PKCS padding, and output to the destination
* buffer.
* |
81d882d5 |
* @param ctx Cipher's context. May not be NULL.
* @param dst Destination buffer
* @param dst_len Length of the destination buffer, in bytes |
485c5f76 |
* |
81d882d5 |
* @return \c 0 on failure, \c 1 on success. |
485c5f76 |
*/ |
81d882d5 |
int cipher_ctx_final(cipher_ctx_t *ctx, uint8_t *dst, int *dst_len); |
485c5f76 |
|
66407e11 |
/**
* Like \c cipher_ctx_final, but check the computed authentication tag against
* the supplied (expected) tag. This function reports failure when the tags
* don't match.
*
* @param ctx Cipher's context. May not be NULL.
* @param dst Destination buffer.
* @param dst_len Length of the destination buffer, in bytes.
* @param tag The expected authentication tag.
* @param tag_len The length of tag, in bytes.
*
* @return \c 0 on failure, \c 1 on success.
*/ |
81d882d5 |
int cipher_ctx_final_check_tag(cipher_ctx_t *ctx, uint8_t *dst, int *dst_len,
uint8_t *tag, size_t tag_len); |
66407e11 |
|
23ee3563 |
/*
*
* Generic message digest information functions
*
*/
/*
* Max size in bytes of any HMAC key that might conceivably be used.
*
* This value is checked at compile time in crypto.c to make sure
* it is always at least EVP_MAX_MD_SIZE. We define our own value
* for the same reason as above.
*/
#define MAX_HMAC_KEY_LENGTH 64
|
902f674e |
/**
* Return message digest parameters, based on the given digest name. The
* contents of these parameters are library-specific, and can be used to
* initialise HMAC or message digest operations.
* |
81d882d5 |
* @param digest Name of the digest to retrieve parameters for (e.g.
* \c MD5). |
902f674e |
* |
81d882d5 |
* @return A statically allocated structure containing parameters
* for the given message digest. |
902f674e |
*/ |
81d882d5 |
const md_kt_t *md_kt_get(const char *digest); |
902f674e |
/**
* Retrieve a string describing the digest digest (e.g. \c SHA1).
* |
81d882d5 |
* @param kt Static message digest parameters |
902f674e |
* |
81d882d5 |
* @return Statically allocated string describing the message
* digest. |
902f674e |
*/ |
81d882d5 |
const char *md_kt_name(const md_kt_t *kt); |
902f674e |
/**
* Returns the size of the message digest, in bytes.
* |
81d882d5 |
* @param kt Static message digest parameters |
902f674e |
* |
81d882d5 |
* @return Message digest size, in bytes, or 0 if ctx was NULL. |
902f674e |
*/ |
81d882d5 |
int md_kt_size(const md_kt_t *kt); |
902f674e |
|
d5f44617 |
/*
*
* Generic message digest functions
*
*/
/*
* Calculates the message digest for the given buffer.
* |
81d882d5 |
* @param kt Static message digest parameters
* @param src Buffer to digest. May not be NULL.
* @param src_len The length of the incoming buffer.
* @param dst Buffer to write the message digest to. May not be NULL. |
d5f44617 |
* |
81d882d5 |
* @return \c 1 on success, \c 0 on failure |
d5f44617 |
*/ |
81d882d5 |
int md_full(const md_kt_t *kt, const uint8_t *src, int src_len, uint8_t *dst); |
d5f44617 |
/* |
c481ef00 |
* Allocate a new message digest context
*
* @return a new zeroed MD context
*/
md_ctx_t *md_ctx_new(void);
/*
* Free an existing, non-null message digest context
*
* @param ctx Message digest context
*/
void md_ctx_free(md_ctx_t *ctx);
/* |
d5f44617 |
* Initialises the given message digest context.
* |
81d882d5 |
* @param ctx Message digest context
* @param kt Static message digest parameters |
d5f44617 |
*/ |
81d882d5 |
void md_ctx_init(md_ctx_t *ctx, const md_kt_t *kt); |
d5f44617 |
/*
* Free the given message digest context.
* |
81d882d5 |
* @param ctx Message digest context |
d5f44617 |
*/
void md_ctx_cleanup(md_ctx_t *ctx);
/*
* Returns the size of the message digest output by the given context
* |
81d882d5 |
* @param ctx Message digest context. |
d5f44617 |
* |
81d882d5 |
* @return Size of the message digest, or \0 if ctx is NULL. |
d5f44617 |
*/ |
81d882d5 |
int md_ctx_size(const md_ctx_t *ctx); |
d5f44617 |
/*
* Process the given data for use in the message digest.
* |
81d882d5 |
* @param ctx Message digest context. May not be NULL.
* @param src Buffer to digest. May not be NULL.
* @param src_len The length of the incoming buffer. |
d5f44617 |
*/ |
81d882d5 |
void md_ctx_update(md_ctx_t *ctx, const uint8_t *src, int src_len); |
d5f44617 |
/*
* Output the message digest to the given buffer.
* |
81d882d5 |
* @param ctx Message digest context. May not be NULL.
* @param dst Buffer to write the message digest to. May not be NULL. |
d5f44617 |
*/ |
81d882d5 |
void md_ctx_final(md_ctx_t *ctx, uint8_t *dst); |
d5f44617 |
|
e8c950f1 |
/*
*
* Generic HMAC functions
*
*/
/* |
aba98e90 |
* Create a new HMAC context
*
* @return A new HMAC context
*/
hmac_ctx_t *hmac_ctx_new(void);
/*
* Free an existing HMAC context
*
* @param ctx HMAC context to free
*/
void hmac_ctx_free(hmac_ctx_t *ctx);
/* |
e8c950f1 |
* Initialises the given HMAC context, using the given digest
* and key.
* |
81d882d5 |
* @param ctx HMAC context to intialise
* @param key The key to use for the HMAC
* @param key_len The key length to use
* @param kt Static message digest parameters |
e8c950f1 |
*
*/ |
81d882d5 |
void hmac_ctx_init(hmac_ctx_t *ctx, const uint8_t *key, int key_length,
const md_kt_t *kt); |
e8c950f1 |
/*
* Free the given HMAC context.
* |
81d882d5 |
* @param ctx HMAC context |
e8c950f1 |
*/
void hmac_ctx_cleanup(hmac_ctx_t *ctx);
/*
* Returns the size of the HMAC output by the given HMAC Context
* |
81d882d5 |
* @param ctx HMAC context. |
e8c950f1 |
* |
81d882d5 |
* @return Size of the HMAC, or \0 if ctx is NULL. |
e8c950f1 |
*/ |
81d882d5 |
int hmac_ctx_size(const hmac_ctx_t *ctx); |
e8c950f1 |
/*
* Resets the given HMAC context, preserving the associated key information
* |
81d882d5 |
* @param ctx HMAC context. May not be NULL. |
e8c950f1 |
*/ |
81d882d5 |
void hmac_ctx_reset(hmac_ctx_t *ctx); |
e8c950f1 |
/*
* Process the given data for use in the HMAC.
* |
81d882d5 |
* @param ctx HMAC context. May not be NULL.
* @param src The buffer to HMAC. May not be NULL.
* @param src_len The length of the incoming buffer. |
e8c950f1 |
*/ |
81d882d5 |
void hmac_ctx_update(hmac_ctx_t *ctx, const uint8_t *src, int src_len); |
e8c950f1 |
/*
* Output the HMAC to the given buffer.
* |
81d882d5 |
* @param ctx HMAC context. May not be NULL.
* @param dst buffer to write the HMAC to. May not be NULL. |
e8c950f1 |
*/ |
81d882d5 |
void hmac_ctx_final(hmac_ctx_t *ctx, uint8_t *dst); |
e8c950f1 |
|
44dc5d30 |
/**
* Translate an OpenVPN cipher name to a crypto library cipher name.
* |
81d882d5 |
* @param cipher_name An OpenVPN cipher name |
44dc5d30 |
* |
81d882d5 |
* @return The corresponding crypto library cipher name, or NULL
* if no matching cipher name was found. |
44dc5d30 |
*/ |
81d882d5 |
const char *translate_cipher_name_from_openvpn(const char *cipher_name); |
44dc5d30 |
/**
* Translate a crypto library cipher name to an OpenVPN cipher name.
* |
81d882d5 |
* @param cipher_name A crypto library cipher name |
44dc5d30 |
* |
81d882d5 |
* @return The corresponding OpenVPN cipher name, or NULL if no
* matching cipher name was found. |
44dc5d30 |
*/ |
81d882d5 |
const char *translate_cipher_name_to_openvpn(const char *cipher_name); |
44dc5d30 |
|
6825182b |
#endif /* CRYPTO_BACKEND_H_ */ |