diff options
Diffstat (limited to 'main/openvpn/src/openvpn/crypto_backend.h')
-rw-r--r-- | main/openvpn/src/openvpn/crypto_backend.h | 84 |
1 files changed, 0 insertions, 84 deletions
diff --git a/main/openvpn/src/openvpn/crypto_backend.h b/main/openvpn/src/openvpn/crypto_backend.h index faf40594..bc067a7d 100644 --- a/main/openvpn/src/openvpn/crypto_backend.h +++ b/main/openvpn/src/openvpn/crypto_backend.h @@ -38,18 +38,6 @@ #endif #include "basic.h" -/* TLS uses a tag of 128 bytes, let's do the same for OpenVPN */ -#define OPENVPN_AEAD_TAG_LENGTH 16 - -/** Struct used in cipher name translation table */ -typedef struct { - const char * openvpn_name; - const char * ssllib_name; -} cipher_name_pair; - -/** Cipher name translation table */ -extern const cipher_name_pair cipher_name_translation_table[]; -extern const size_t cipher_name_translation_table_count; /* * This routine should have additional OpenSSL crypto library initialisations @@ -233,16 +221,6 @@ int cipher_kt_iv_size (const cipher_kt_t *cipher_kt); int cipher_kt_block_size (const cipher_kt_t *cipher_kt); /** - * Returns the MAC tag size of the cipher, in bytes. - * - * @param ctx Static cipher parameters. May not be NULL. - * - * @return Tag size, in bytes, or 0 if the cipher is not an - * authenticated encryption mode. - */ -int cipher_kt_tag_size (const cipher_kt_t *cipher_kt); - -/** * Returns the mode that the cipher runs in. * * @param cipher_kt Static cipher parameters @@ -272,16 +250,6 @@ bool cipher_kt_mode_cbc(const cipher_kt_t *cipher) bool cipher_kt_mode_ofb_cfb(const cipher_kt_t *cipher) __attribute__((nonnull)); -/** - * Check if the supplied cipher is a supported AEAD mode cipher. - * - * @param cipher Static cipher parameters. May not be NULL. - * - * @return true iff the cipher is a AEAD mode cipher. - */ -bool cipher_kt_mode_aead(const cipher_kt_t *cipher) - __attribute__((nonnull)); - /** * @@ -321,15 +289,6 @@ void cipher_ctx_cleanup (cipher_ctx_t *ctx); int cipher_ctx_iv_length (const cipher_ctx_t *ctx); /** - * Gets the computed message authenticated code (MAC) tag for this cipher. - * - * @param ctx The cipher's context - * @param tag The buffer to write computed tag in. - * @param tag_size The tag buffer size, in bytes. - */ -int cipher_ctx_get_tag (cipher_ctx_t *ctx, uint8_t* tag, int tag_len); - -/** * Returns the block size of the cipher, in bytes. * * @param ctx The cipher's context @@ -370,18 +329,6 @@ const cipher_kt_t *cipher_ctx_get_cipher_kt (const cipher_ctx_t *ctx) int cipher_ctx_reset (cipher_ctx_t *ctx, uint8_t *iv_buf); /** - * Updates the given cipher context, setting the additional data (AD) used - * with authenticated encryption with additional data (AEAD) cipher modes. - * - * @param ctx Cipher's context. May not be NULL. - * @param src Source buffer - * @param src_len Length of the source buffer, in bytes - * - * @return \c 0 on failure, \c 1 on success. - */ -int cipher_ctx_update_ad (cipher_ctx_t *ctx, uint8_t *src, int src_len); - -/** * Updates the given cipher context, encrypting data in the source buffer, and * placing any complete blocks in the destination buffer. * @@ -413,22 +360,6 @@ int cipher_ctx_update (cipher_ctx_t *ctx, uint8_t *dst, int *dst_len, */ int cipher_ctx_final (cipher_ctx_t *ctx, uint8_t *dst, int *dst_len); -/** - * Like \c cipher_ctx_final, but check the computed authentication tag against - * the supplied (expected) tag. This function reports failure when the tags - * don't match. - * - * @param ctx Cipher's context. May not be NULL. - * @param dst Destination buffer. - * @param dst_len Length of the destination buffer, in bytes. - * @param tag The expected authentication tag. - * @param tag_len The length of tag, in bytes. - * - * @return \c 0 on failure, \c 1 on success. - */ -int cipher_ctx_final_check_tag (cipher_ctx_t *ctx, uint8_t *dst, int *dst_len, - const uint8_t *tag, size_t tag_len); - /* * * Generic message digest information functions @@ -596,19 +527,4 @@ void hmac_ctx_update (hmac_ctx_t *ctx, const uint8_t *src, int src_len); */ void hmac_ctx_final (hmac_ctx_t *ctx, uint8_t *dst); -/** - * Check if mode is an AEAD cipher mode. - * - * @param mode The mode to check. - * - * @return true if mode is a supported AEAD mode, false otherwise. - */ -bool crypto_aead_mode (int mode); - -/** XXX doxygen */ -const char * translate_cipher_name_from_openvpn (const char *cipher_name); - -/** XXX doxygen */ -const char * translate_cipher_name_to_openvpn (const char *cipher_name); - #endif /* CRYPTO_BACKEND_H_ */ |