From 6149d88c5a2c58a9cc943ca02c36e8ee4e5d1751 Mon Sep 17 00:00:00 2001 From: Alberto Gonzalez Iniesta Date: Tue, 30 Jun 2015 08:22:29 +0200 Subject: Imported Upstream version 2.3.7 --- src/openvpn/crypto.h | 72 +++++++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 71 insertions(+), 1 deletion(-) (limited to 'src/openvpn/crypto.h') diff --git a/src/openvpn/crypto.h b/src/openvpn/crypto.h index bf2f802..e489827 100644 --- a/src/openvpn/crypto.h +++ b/src/openvpn/crypto.h @@ -6,7 +6,7 @@ * packet compression. * * Copyright (C) 2002-2010 OpenVPN Technologies, Inc. - * Copyright (C) 2010 Fox Crypto B.V. + * Copyright (C) 2010-2014 Fox Crypto B.V. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License version 2 @@ -25,6 +25,76 @@ /** * @file Data Channel Cryptography Module + * + * @addtogroup data_crypto Data Channel Crypto module + * + * @par Crypto packet formats + * The Data Channel Crypto module supports a number of crypto modes and + * configurable options. The actual packet format depends on these options. A + * Data Channel packet can consist of: + * - \b Opcode, one byte specifying the packet type (see @ref network_protocol + * "Network protocol"). + * - \b Peer-id, if using the v2 data channel packet format (see @ref + * network_protocol "Network protocol"). + * - \b HMAC, covering the ciphertext IV + ciphertext. The HMAC size depends + * on the \c \-\-auth option. If \c \-\-auth \c none is specified, there is no + * HMAC at all. + * - \b Ciphertext \b IV, if not disabled by \c \-\-no-iv. The IV size depends on + * the \c \-\-cipher option. + * - \b Packet \b ID, a 32-bit incrementing packet counter that provides replay + * protection (if not disabled by \c \-\-no-replay). + * - \b Timestamp, a 32-bit timestamp of the current time. + * - \b Payload, the plain text network packet to be encrypted (unless + * encryption is disabled by using \c \-\-cipher \c none). The payload might + * already be compressed (see @ref compression "Compression module"). + * + * @par + * This section does not discuss the opcode and peer-id, since those do not + * depend on the data channel crypto. See @ref network_protocol + * "Network protocol" for more information on those. + * + * @par + * \e Legenda \n + * [ xxx ] = unprotected \n + * [ - xxx - ] = authenticated \n + * [ * xxx * ] = encrypted and authenticated + * + * @par + * CBC data channel cypto format \n + * In CBC mode, both TLS-mode and static key mode are supported. The IV + * consists of random bits to provide unpredictable IVs. \n + * CBC IV format: \n + * [ - random - ] \n + * CBC data channel crypto format in TLS-mode: \n + * [ HMAC ] [ - IV - ] [ * packet ID * ] [ * packet payload * ] \n + * CBC data channel crypto format in static key mode: \n + * [ HMAC ] [ - IV - ] [ * packet ID * ] [ * timestamp * ] + * [ * packet payload * ] + * + * @par + * CFB/OFB data channel crypto format \n + * CFB and OFB modes are only supported in TLS mode. In these modes, the IV + * consists of the packet counter and a timestamp. If the IV is more than 8 + * bytes long, the remaining space is filled with zeroes. The packet counter may + * not roll over within a single TLS sessions. This results in a unique IV for + * each packet, as required by the CFB and OFB cipher modes. + * + * @par + * CFB/OFB IV format: \n + * [ - packet ID - ] [ - timestamp - ] [ - opt: zero-padding - ] \n + * CFB/OFB data channel crypto format: \n + * [ HMAC ] [ - IV - ] [ * packet payload * ] + * + * @par + * No-crypto data channel format \n + * In no-crypto mode (\c \-\-cipher \c none is specified), both TLS-mode and + * static key mode are supported. No encryption will be performed on the packet, + * but packets can still be authenticated. This mode does not require an IV.\n + * No-crypto data channel crypto format in TLS-mode: \n + * [ HMAC ] [ - packet ID - ] [ - packet payload - ] \n + * No-crypto data channel crypto format in static key mode: \n + * [ HMAC ] [ - packet ID - ] [ - timestamp - ] [ - packet payload - ] + * */ #ifndef CRYPTO_H -- cgit v1.2.3