Data Channel Cryptography mbed TLS-specific backend interface. More...
#include <stdbool.h>#include <mbedtls/cipher.h>#include <mbedtls/md.h>#include <mbedtls/ctr_drbg.h>
Go to the source code of this file.
Macros | |
| #define | OPENVPN_MAX_IV_LENGTH MBEDTLS_MAX_IV_LENGTH |
| Maximum length of an IV. | |
| #define | OPENVPN_MODE_CBC MBEDTLS_MODE_CBC |
| Cipher is in CBC mode. | |
| #define | OPENVPN_MODE_OFB MBEDTLS_MODE_OFB |
| Cipher is in OFB mode. | |
| #define | OPENVPN_MODE_CFB MBEDTLS_MODE_CFB |
| Cipher is in CFB mode. | |
| #define | OPENVPN_MODE_GCM MBEDTLS_MODE_GCM |
| Cipher is in GCM mode. | |
| #define | OPENVPN_OP_ENCRYPT MBEDTLS_ENCRYPT |
| Cipher should encrypt. | |
| #define | OPENVPN_OP_DECRYPT MBEDTLS_DECRYPT |
| Cipher should decrypt. | |
| #define | MD4_DIGEST_LENGTH 16 |
| #define | MD5_DIGEST_LENGTH 16 |
| #define | SHA_DIGEST_LENGTH 20 |
| #define | SHA256_DIGEST_LENGTH 32 |
| #define | mbed_ok(errval) mbed_log_func_line_lite(D_CRYPT_ERRORS, errval, __func__, __LINE__) |
| Check errval and log on error. | |
Typedefs | |
| typedef mbedtls_md_info_t | md_kt_t |
| Generic message digest key type context. | |
| typedef mbedtls_cipher_context_t | cipher_ctx_t |
| Generic cipher context. | |
| typedef mbedtls_md_context_t | md_ctx_t |
| Generic message digest context. | |
| typedef mbedtls_md_context_t | hmac_ctx_t |
| Generic HMAC context. | |
| typedef void | provider_t |
| typedef mbedtls_operation_t | crypto_operation_t |
Functions | |
| mbedtls_ctr_drbg_context * | rand_ctx_get (void) |
| Returns a singleton instance of the mbed TLS random number generator. | |
| bool | mbed_log_err (unsigned int flags, int errval, const char *prefix) |
| Log the supplied mbed TLS error, prefixed by supplied prefix. | |
| bool | mbed_log_func_line (unsigned int flags, int errval, const char *func, int line) |
| Log the supplied mbed TLS error, prefixed by function name and line number. | |
| static bool | mbed_log_func_line_lite (unsigned int flags, int errval, const char *func, int line) |
| Wraps mbed_log_func_line() to prevent function calls for non-errors. | |
Detailed Description
Data Channel Cryptography mbed TLS-specific backend interface.
Definition in file crypto_mbedtls.h.
Macro Definition Documentation
◆ mbed_ok
| #define mbed_ok | ( | errval | ) | mbed_log_func_line_lite(D_CRYPT_ERRORS, errval, __func__, __LINE__) |
Check errval and log on error.
Convenience wrapper to put around mbed TLS library calls, e.g. if (!mbed_ok (mbedtls_ssl_func())) return 0; or ASSERT (mbed_ok (mbedtls_ssl_func()));
- Parameters
-
errval mbed TLS error code to convert to error message.
- Returns
- true if no errors are detected, false otherwise.
Definition at line 149 of file crypto_mbedtls.h.
◆ MD4_DIGEST_LENGTH
| #define MD4_DIGEST_LENGTH 16 |
Definition at line 76 of file crypto_mbedtls.h.
◆ MD5_DIGEST_LENGTH
| #define MD5_DIGEST_LENGTH 16 |
Definition at line 77 of file crypto_mbedtls.h.
◆ OPENVPN_MAX_IV_LENGTH
| #define OPENVPN_MAX_IV_LENGTH MBEDTLS_MAX_IV_LENGTH |
Maximum length of an IV.
Definition at line 54 of file crypto_mbedtls.h.
◆ OPENVPN_MODE_CBC
| #define OPENVPN_MODE_CBC MBEDTLS_MODE_CBC |
Cipher is in CBC mode.
Definition at line 57 of file crypto_mbedtls.h.
◆ OPENVPN_MODE_CFB
| #define OPENVPN_MODE_CFB MBEDTLS_MODE_CFB |
Cipher is in CFB mode.
Definition at line 63 of file crypto_mbedtls.h.
◆ OPENVPN_MODE_GCM
| #define OPENVPN_MODE_GCM MBEDTLS_MODE_GCM |
Cipher is in GCM mode.
Definition at line 66 of file crypto_mbedtls.h.
◆ OPENVPN_MODE_OFB
| #define OPENVPN_MODE_OFB MBEDTLS_MODE_OFB |
Cipher is in OFB mode.
Definition at line 60 of file crypto_mbedtls.h.
◆ OPENVPN_OP_DECRYPT
| #define OPENVPN_OP_DECRYPT MBEDTLS_DECRYPT |
Cipher should decrypt.
Definition at line 74 of file crypto_mbedtls.h.
◆ OPENVPN_OP_ENCRYPT
| #define OPENVPN_OP_ENCRYPT MBEDTLS_ENCRYPT |
Cipher should encrypt.
Definition at line 71 of file crypto_mbedtls.h.
◆ SHA256_DIGEST_LENGTH
| #define SHA256_DIGEST_LENGTH 32 |
Definition at line 79 of file crypto_mbedtls.h.
◆ SHA_DIGEST_LENGTH
| #define SHA_DIGEST_LENGTH 20 |
Definition at line 78 of file crypto_mbedtls.h.
Typedef Documentation
◆ cipher_ctx_t
| typedef mbedtls_cipher_context_t cipher_ctx_t |
Generic cipher context.
Definition at line 42 of file crypto_mbedtls.h.
◆ crypto_operation_t
| typedef mbedtls_operation_t crypto_operation_t |
Definition at line 68 of file crypto_mbedtls.h.
◆ hmac_ctx_t
| typedef mbedtls_md_context_t hmac_ctx_t |
Generic HMAC context.
Definition at line 48 of file crypto_mbedtls.h.
◆ md_ctx_t
| typedef mbedtls_md_context_t md_ctx_t |
Generic message digest context.
Definition at line 45 of file crypto_mbedtls.h.
◆ md_kt_t
| typedef mbedtls_md_info_t md_kt_t |
Generic message digest key type context.
Definition at line 39 of file crypto_mbedtls.h.
◆ provider_t
| typedef void provider_t |
Definition at line 51 of file crypto_mbedtls.h.
Function Documentation
◆ mbed_log_err()
| bool mbed_log_err | ( | unsigned int | flags, |
| int | errval, | ||
| const char * | prefix | ||
| ) |
Log the supplied mbed TLS error, prefixed by supplied prefix.
- Parameters
-
flags Flags to indicate error type and priority. errval mbed TLS error code to convert to error message. prefix Prefix to mbed TLS error message.
- Returns
- true if no errors are detected, false otherwise.
◆ mbed_log_func_line()
| bool mbed_log_func_line | ( | unsigned int | flags, |
| int | errval, | ||
| const char * | func, | ||
| int | line | ||
| ) |
Log the supplied mbed TLS error, prefixed by function name and line number.
- Parameters
-
flags Flags to indicate error type and priority. errval mbed TLS error code to convert to error message. func Function name where error was reported. line Line number where error was reported.
- Returns
- true if no errors are detected, false otherwise.
Referenced by mbed_log_func_line_lite().
◆ mbed_log_func_line_lite()
|
inlinestatic |
Wraps mbed_log_func_line() to prevent function calls for non-errors.
Definition at line 127 of file crypto_mbedtls.h.
References mbed_log_func_line().
◆ rand_ctx_get()
| mbedtls_ctr_drbg_context * rand_ctx_get | ( | void | ) |
Returns a singleton instance of the mbed TLS random number generator.
For PolarSSL/mbed TLS 1.1+, this is the CTR_DRBG random number generator. If it hasn't been initialised yet, the RNG will be initialised using the default entropy sources. Aside from the default platform entropy sources, an additional entropy source, the HAVEGE random number generator will also be added. During initialisation, a personalisation string will be added based on the time, the PID, and a pointer to the random context.
