data_epoch.hpp

Go to the documentation of this file.

//    OpenVPN -- An application to securely tunnel IP networks
//               over a single port, with support for SSL/TLS-based
//               session authentication and key exchange,
//               packet encryption, packet authentication, and
//               packet compression.
//
//    Copyright (C) 2012- OpenVPN Inc.
//
//    SPDX-License-Identifier: MPL-2.0 OR AGPL-3.0-only WITH openvpn3-openssl-exception
//
 
 
#ifndef CRYPTO_DATA_EPOCH_H
#define CRYPTO_DATA_EPOCH_H
 
#include <cstdint>
#include <cstdio>
#include <array>
 
#include "openvpn/crypto/static_key.hpp"
#include "openvpn/crypto/cryptoalgs.hpp"
#include "openvpn/crypto/cryptochoose.hpp"
#include "openvpn/crypto/packet_id_data.hpp"
#include "openvpn/crypto/aead_usage_limit.hpp"
 
 
namespace openvpn {
void ovpn_hkdf_expand(const uint8_t *secret,
                      const uint8_t *info,
                      int info_len,
                      uint8_t *out,
                      int out_len);
 
void ovpn_expand_label(const uint8_t *secret,
                       size_t secret_len,
                       const uint8_t *label,
                       size_t label_len,
                       const uint8_t *context,
                       size_t context_len,
                       uint8_t *out,
                       size_t out_len);
 
OPENVPN_EXCEPTION(epoch_key_exception);
 
struct EpochDataChannelCryptoContext
{
    constexpr static int IV_SIZE = 12;
 
    std::uint16_t epoch = 0;
    openvpn::SSLLib::CryptoAPI::CipherContextAEAD cipher;
    std::array<uint8_t, IV_SIZE> implicit_iv{};
 
    /* will calculate the ID from the packet id and the implicit IV and store the result in
     * the iv_dest parameter */
    void calculate_iv(uint8_t *packet_id, std::array<uint8_t, IV_SIZE> &iv_dest);
};
 
 
struct EpochDataChannelEncryptContext : public EpochDataChannelCryptoContext
{
    openvpn::PacketIDDataSend pid{true, 0};
};
 
struct EpochDataChannelDecryptContext : public EpochDataChannelCryptoContext
{
    openvpn::PacketIDDataReceive pid;
};
 
class EpochKey
{
  public:
    /* SHA256 digest size */
    constexpr static int SECRET_SIZE = 32;
 
    std::array<uint8_t, SECRET_SIZE> keydata{};
    std::uint16_t epoch = 0;
 
 
    /* Constructs a default epoch that is not initialised. Epoch 0 doubles as
     * marker of an uninitialised key */
    EpochKey() = default;
 
    EpochKey(decltype(keydata) keydata, uint16_t epoch)
        : keydata(keydata), epoch(epoch)
    {
    }
 
    EpochKey(StaticKey key);
 
    void iterate();
 
    std::pair<StaticKey, StaticKey> data_key(openvpn::CryptoAlgs::Type cipher);
 
    EpochDataChannelCryptoContext key_context(openvpn::SSLLib::Ctx libctx, openvpn::CryptoAlgs::Type cipher, int mode);
};
 
class DataChannelEpoch
{
  protected:
    openvpn::CryptoAlgs::Type cipher;
 
    SSLLib::Ctx libctx;
 
    uint16_t future_keys_count;
 
    EpochDataChannelEncryptContext encrypt_ctx{};
 
    EpochDataChannelDecryptContext decrypt_ctx{};
 
    EpochDataChannelDecryptContext retiring_decrypt_ctx{};
 
 
    std::vector<EpochDataChannelDecryptContext> future_keys;
 
 
    EpochKey send{};
 
    EpochKey receive{};
 
    void generate_future_receive_keys();
 
    void generate_encrypt_ctx();
 
  public:
    void iterate_send_key();
 
 
    uint16_t get_future_keys_count()
    {
        return future_keys_count;
    }
 
 
    bool should_renegotiate()
    {
        return send.epoch > 0xFF00;
    }
 
    DataChannelEpoch() = default;
 
    DataChannelEpoch(decltype(cipher) cipher, openvpn::StaticKey e1send, openvpn::StaticKey e1recv, SSLLib::Ctx libctx = nullptr, uint16_t future_key_count = 16);
 
    void replace_update_recv_key(std::uint16_t new_epoch, const SessionStats::Ptr &stats_arg);
 
    void check_send_iterate();
 
    EpochDataChannelDecryptContext *lookup_decrypt_key(uint16_t epoch);
 
    EpochDataChannelEncryptContext &encrypt()
    {
        return encrypt_ctx;
    }
};
 
 
 
}; // namespace openvpn
 
#endif // CRYPTO_DATA_EPOCH_H