openvpn3/hmac-compat_8hpp_source.html

//    OpenVPN -- An application to securely tunnel IP networks

//               over a single port, with support for SSL/TLS-based

//               session authentication and key exchange,

//               packet encryption, packet authentication, and

//               packet compression.

//

//    Copyright (C) 2012- OpenVPN Inc.

//

//    SPDX-License-Identifier: MPL-2.0 OR AGPL-3.0-only WITH openvpn3-openssl-exception

//


// Wrap the OpenSSL HMAC API defined in <openssl/hmac.h> so

// that it can be used as part of the crypto layer of the OpenVPN core.


#ifndef OPENVPN_OPENSSL_CRYPTO_HMAC_H

#define OPENVPN_OPENSSL_CRYPTO_HMAC_H


#include <string>


#include <openvpn/common/size.hpp>

#include <openvpn/common/exception.hpp>

#include <openvpn/openssl/crypto/digest.hpp>


#include <openvpn/openssl/compat.hpp>


namespace openvpn::OpenSSLCrypto {


class HMACContext

{

  public:

    HMACContext(const HMACContext &) = delete;

    HMACContext &operator=(const HMACContext &) = delete;


    HMACContext &operator=(HMACContext &&rhs)

    {

        erase();

        ctx = rhs.ctx;

        rhs.ctx = nullptr;

        return *this;

    }


    OPENVPN_SIMPLE_EXCEPTION(openssl_hmac_uninitialized);

    OPENVPN_EXCEPTION(openssl_hmac_error);


    enum

    {

        MAX_HMAC_SIZE = EVP_MAX_MD_SIZE

    };


    HMACContext() = default;


    HMACContext(const CryptoAlgs::Type digest, const unsigned char *key, const size_t key_size)

    {

        init(digest, key, key_size);

    }


    ~HMACContext()

    {

        erase();

    }


    void init(const CryptoAlgs::Type digest, const unsigned char *key, const size_t key_size)

    {

        erase();

        ctx = HMAC_CTX_new();

        if (!HMAC_Init_ex(ctx, key, int(key_size), DigestContext::digest_type(digest, nullptr), nullptr))

        {

            openssl_clear_error_stack();

            HMAC_CTX_free(ctx);

            ctx = nullptr;

            throw openssl_hmac_error("HMAC_Init_ex (init)");

        }

    }


    void reset()

    {

        check_initialized();

        if (!HMAC_Init_ex(ctx, nullptr, 0, nullptr, nullptr))

        {

            openssl_clear_error_stack();

            throw openssl_hmac_error("HMAC_Init_ex (reset)");

        }

    }


    void update(const unsigned char *in, const size_t size)

    {

        check_initialized();


        if (!HMAC_Update(ctx, in, int(size)))

        {

            openssl_clear_error_stack();

            throw openssl_hmac_error("HMAC_Update");

        }

    }


    size_t final(unsigned char *out)

    {

        check_initialized();

        unsigned int outlen;

        if (!HMAC_Final(ctx, out, &outlen))

        {

            openssl_clear_error_stack();

            throw openssl_hmac_error("HMAC_Final");

        }

        return outlen;

    }


    size_t size() const

    {

        check_initialized();

        return size_();

    }


    bool is_initialized() const

    {

        return ctx != nullptr;

    }


  private:


    void erase()

    {

        HMAC_CTX_free(ctx);

        ctx = nullptr;

    }


    size_t size_() const

    {

        return HMAC_size(ctx);

    }


    void check_initialized() const

    {

#ifdef OPENVPN_ENABLE_ASSERT

        if (!ctx)

            throw openssl_hmac_uninitialized();

#endif

    }


    HMAC_CTX *ctx = nullptr;

};


} // namespace openvpn::OpenSSLCrypto


#endif

openvpn::OpenSSLCrypto::DigestContext::digest_type
static evp_md_type * digest_type(const CryptoAlgs::Type alg, SSLLib::Ctx libctx)
Definition digest.hpp:102

openvpn::OpenSSLCrypto::HMACContext
Definition hmac-compat.hpp:28

openvpn::OpenSSLCrypto::HMACContext::size
size_t size() const
Definition hmac-compat.hpp:107

openvpn::OpenSSLCrypto::HMACContext::HMACContext
HMACContext(const CryptoAlgs::Type digest, const unsigned char *key, const size_t key_size)
Definition hmac-compat.hpp:51

openvpn::OpenSSLCrypto::HMACContext::HMACContext
HMACContext(const HMACContext &)=delete

openvpn::OpenSSLCrypto::HMACContext::OPENVPN_EXCEPTION
OPENVPN_EXCEPTION(openssl_hmac_error)

openvpn::OpenSSLCrypto::HMACContext::reset
void reset()
Definition hmac-compat.hpp:74

openvpn::OpenSSLCrypto::HMACContext::size_
size_t size_() const
Definition hmac-compat.hpp:125

openvpn::OpenSSLCrypto::HMACContext::update
void update(const unsigned char *in, const size_t size)
Definition hmac-compat.hpp:84

openvpn::OpenSSLCrypto::HMACContext::check_initialized
void check_initialized() const
Definition hmac-compat.hpp:130

openvpn::OpenSSLCrypto::HMACContext::HMACContext
HMACContext()=default

openvpn::OpenSSLCrypto::HMACContext::MAX_HMAC_SIZE
@ MAX_HMAC_SIZE
Definition hmac-compat.hpp:46

openvpn::OpenSSLCrypto::HMACContext::~HMACContext
~HMACContext()
Definition hmac-compat.hpp:56

openvpn::OpenSSLCrypto::HMACContext::init
void init(const CryptoAlgs::Type digest, const unsigned char *key, const size_t key_size)
Definition hmac-compat.hpp:61

openvpn::OpenSSLCrypto::HMACContext::OPENVPN_SIMPLE_EXCEPTION
OPENVPN_SIMPLE_EXCEPTION(openssl_hmac_uninitialized)

openvpn::OpenSSLCrypto::HMACContext::ctx
HMAC_CTX * ctx
Definition hmac-compat.hpp:138

openvpn::OpenSSLCrypto::HMACContext::is_initialized
bool is_initialized() const
Definition hmac-compat.hpp:113

openvpn::OpenSSLCrypto::HMACContext::operator=
HMACContext & operator=(HMACContext &&rhs)
Definition hmac-compat.hpp:33

openvpn::OpenSSLCrypto::HMACContext::erase
void erase()
Definition hmac-compat.hpp:119

openvpn::OpenSSLCrypto::HMACContext::operator=
HMACContext & operator=(const HMACContext &)=delete

compat.hpp

exception.hpp

openvpn::CryptoAlgs::Type
Type
Definition cryptoalgs.hpp:56

openvpn::OpenSSLCrypto
Definition cipher.hpp:30

openvpn::openssl_clear_error_stack
void openssl_clear_error_stack()
Definition error.hpp:247

digest.hpp

size.hpp

out
static std::stringstream out
Definition test_path.cpp:10