1 /* 2 * xfrm algorithm interface 3 * 4 * Copyright (c) 2002 James Morris <jmorris@intercode.com.au> 5 * 6 * This program is free software; you can redistribute it and/or modify it 7 * under the terms of the GNU General Public License as published by the Free 8 * Software Foundation; either version 2 of the License, or (at your option) 9 * any later version. 10 */ 11 12 #include <linux/module.h> 13 #include <linux/kernel.h> 14 #include <linux/pfkeyv2.h> 15 #include <linux/crypto.h> 16 #include <linux/scatterlist.h> 17 #include <net/xfrm.h> 18 #if defined(CONFIG_INET_AH) || defined(CONFIG_INET_AH_MODULE) || defined(CONFIG_INET6_AH) || defined(CONFIG_INET6_AH_MODULE) 19 #include <net/ah.h> 20 #endif 21 #if defined(CONFIG_INET_ESP) || defined(CONFIG_INET_ESP_MODULE) || defined(CONFIG_INET6_ESP) || defined(CONFIG_INET6_ESP_MODULE) 22 #include <net/esp.h> 23 #endif 24 25 /* 26 * Algorithms supported by IPsec. These entries contain properties which 27 * are used in key negotiation and xfrm processing, and are used to verify 28 * that instantiated crypto transforms have correct parameters for IPsec 29 * purposes. 30 */ 31 static struct xfrm_algo_desc aead_list[] = { 32 { 33 .name = "rfc4106(gcm(aes))", 34 35 .uinfo = { 36 .aead = { 37 .icv_truncbits = 64, 38 } 39 }, 40 41 .desc = { 42 .sadb_alg_id = SADB_X_EALG_AES_GCM_ICV8, 43 .sadb_alg_ivlen = 8, 44 .sadb_alg_minbits = 128, 45 .sadb_alg_maxbits = 256 46 } 47 }, 48 { 49 .name = "rfc4106(gcm(aes))", 50 51 .uinfo = { 52 .aead = { 53 .icv_truncbits = 96, 54 } 55 }, 56 57 .desc = { 58 .sadb_alg_id = SADB_X_EALG_AES_GCM_ICV12, 59 .sadb_alg_ivlen = 8, 60 .sadb_alg_minbits = 128, 61 .sadb_alg_maxbits = 256 62 } 63 }, 64 { 65 .name = "rfc4106(gcm(aes))", 66 67 .uinfo = { 68 .aead = { 69 .icv_truncbits = 128, 70 } 71 }, 72 73 .desc = { 74 .sadb_alg_id = SADB_X_EALG_AES_GCM_ICV16, 75 .sadb_alg_ivlen = 8, 76 .sadb_alg_minbits = 128, 77 .sadb_alg_maxbits = 256 78 } 79 }, 80 { 81 .name = "rfc4309(ccm(aes))", 82 83 .uinfo = { 84 .aead = { 85 .icv_truncbits = 64, 86 } 87 }, 88 89 .desc = { 90 .sadb_alg_id = SADB_X_EALG_AES_CCM_ICV8, 91 .sadb_alg_ivlen = 8, 92 .sadb_alg_minbits = 128, 93 .sadb_alg_maxbits = 256 94 } 95 }, 96 { 97 .name = "rfc4309(ccm(aes))", 98 99 .uinfo = { 100 .aead = { 101 .icv_truncbits = 96, 102 } 103 }, 104 105 .desc = { 106 .sadb_alg_id = SADB_X_EALG_AES_CCM_ICV12, 107 .sadb_alg_ivlen = 8, 108 .sadb_alg_minbits = 128, 109 .sadb_alg_maxbits = 256 110 } 111 }, 112 { 113 .name = "rfc4309(ccm(aes))", 114 115 .uinfo = { 116 .aead = { 117 .icv_truncbits = 128, 118 } 119 }, 120 121 .desc = { 122 .sadb_alg_id = SADB_X_EALG_AES_CCM_ICV16, 123 .sadb_alg_ivlen = 8, 124 .sadb_alg_minbits = 128, 125 .sadb_alg_maxbits = 256 126 } 127 }, 128 { 129 .name = "rfc4543(gcm(aes))", 130 131 .uinfo = { 132 .aead = { 133 .icv_truncbits = 128, 134 } 135 }, 136 137 .desc = { 138 .sadb_alg_id = SADB_X_EALG_NULL_AES_GMAC, 139 .sadb_alg_ivlen = 8, 140 .sadb_alg_minbits = 128, 141 .sadb_alg_maxbits = 256 142 } 143 }, 144 }; 145 146 static struct xfrm_algo_desc aalg_list[] = { 147 { 148 .name = "digest_null", 149 150 .uinfo = { 151 .auth = { 152 .icv_truncbits = 0, 153 .icv_fullbits = 0, 154 } 155 }, 156 157 .desc = { 158 .sadb_alg_id = SADB_X_AALG_NULL, 159 .sadb_alg_ivlen = 0, 160 .sadb_alg_minbits = 0, 161 .sadb_alg_maxbits = 0 162 } 163 }, 164 { 165 .name = "hmac(md5)", 166 .compat = "md5", 167 168 .uinfo = { 169 .auth = { 170 .icv_truncbits = 96, 171 .icv_fullbits = 128, 172 } 173 }, 174 175 .desc = { 176 .sadb_alg_id = SADB_AALG_MD5HMAC, 177 .sadb_alg_ivlen = 0, 178 .sadb_alg_minbits = 128, 179 .sadb_alg_maxbits = 128 180 } 181 }, 182 { 183 .name = "hmac(sha1)", 184 .compat = "sha1", 185 186 .uinfo = { 187 .auth = { 188 .icv_truncbits = 96, 189 .icv_fullbits = 160, 190 } 191 }, 192 193 .desc = { 194 .sadb_alg_id = SADB_AALG_SHA1HMAC, 195 .sadb_alg_ivlen = 0, 196 .sadb_alg_minbits = 160, 197 .sadb_alg_maxbits = 160 198 } 199 }, 200 { 201 .name = "hmac(sha256)", 202 .compat = "sha256", 203 204 .uinfo = { 205 .auth = { 206 .icv_truncbits = 96, 207 .icv_fullbits = 256, 208 } 209 }, 210 211 .desc = { 212 .sadb_alg_id = SADB_X_AALG_SHA2_256HMAC, 213 .sadb_alg_ivlen = 0, 214 .sadb_alg_minbits = 256, 215 .sadb_alg_maxbits = 256 216 } 217 }, 218 { 219 .name = "hmac(sha384)", 220 221 .uinfo = { 222 .auth = { 223 .icv_truncbits = 192, 224 .icv_fullbits = 384, 225 } 226 }, 227 228 .desc = { 229 .sadb_alg_id = SADB_X_AALG_SHA2_384HMAC, 230 .sadb_alg_ivlen = 0, 231 .sadb_alg_minbits = 384, 232 .sadb_alg_maxbits = 384 233 } 234 }, 235 { 236 .name = "hmac(sha512)", 237 238 .uinfo = { 239 .auth = { 240 .icv_truncbits = 256, 241 .icv_fullbits = 512, 242 } 243 }, 244 245 .desc = { 246 .sadb_alg_id = SADB_X_AALG_SHA2_512HMAC, 247 .sadb_alg_ivlen = 0, 248 .sadb_alg_minbits = 512, 249 .sadb_alg_maxbits = 512 250 } 251 }, 252 { 253 .name = "hmac(rmd160)", 254 .compat = "rmd160", 255 256 .uinfo = { 257 .auth = { 258 .icv_truncbits = 96, 259 .icv_fullbits = 160, 260 } 261 }, 262 263 .desc = { 264 .sadb_alg_id = SADB_X_AALG_RIPEMD160HMAC, 265 .sadb_alg_ivlen = 0, 266 .sadb_alg_minbits = 160, 267 .sadb_alg_maxbits = 160 268 } 269 }, 270 { 271 .name = "xcbc(aes)", 272 273 .uinfo = { 274 .auth = { 275 .icv_truncbits = 96, 276 .icv_fullbits = 128, 277 } 278 }, 279 280 .desc = { 281 .sadb_alg_id = SADB_X_AALG_AES_XCBC_MAC, 282 .sadb_alg_ivlen = 0, 283 .sadb_alg_minbits = 128, 284 .sadb_alg_maxbits = 128 285 } 286 }, 287 }; 288 289 static struct xfrm_algo_desc ealg_list[] = { 290 { 291 .name = "ecb(cipher_null)", 292 .compat = "cipher_null", 293 294 .uinfo = { 295 .encr = { 296 .blockbits = 8, 297 .defkeybits = 0, 298 } 299 }, 300 301 .desc = { 302 .sadb_alg_id = SADB_EALG_NULL, 303 .sadb_alg_ivlen = 0, 304 .sadb_alg_minbits = 0, 305 .sadb_alg_maxbits = 0 306 } 307 }, 308 { 309 .name = "cbc(des)", 310 .compat = "des", 311 312 .uinfo = { 313 .encr = { 314 .blockbits = 64, 315 .defkeybits = 64, 316 } 317 }, 318 319 .desc = { 320 .sadb_alg_id = SADB_EALG_DESCBC, 321 .sadb_alg_ivlen = 8, 322 .sadb_alg_minbits = 64, 323 .sadb_alg_maxbits = 64 324 } 325 }, 326 { 327 .name = "cbc(des3_ede)", 328 .compat = "des3_ede", 329 330 .uinfo = { 331 .encr = { 332 .blockbits = 64, 333 .defkeybits = 192, 334 } 335 }, 336 337 .desc = { 338 .sadb_alg_id = SADB_EALG_3DESCBC, 339 .sadb_alg_ivlen = 8, 340 .sadb_alg_minbits = 192, 341 .sadb_alg_maxbits = 192 342 } 343 }, 344 { 345 .name = "cbc(cast5)", 346 .compat = "cast5", 347 348 .uinfo = { 349 .encr = { 350 .blockbits = 64, 351 .defkeybits = 128, 352 } 353 }, 354 355 .desc = { 356 .sadb_alg_id = SADB_X_EALG_CASTCBC, 357 .sadb_alg_ivlen = 8, 358 .sadb_alg_minbits = 40, 359 .sadb_alg_maxbits = 128 360 } 361 }, 362 { 363 .name = "cbc(blowfish)", 364 .compat = "blowfish", 365 366 .uinfo = { 367 .encr = { 368 .blockbits = 64, 369 .defkeybits = 128, 370 } 371 }, 372 373 .desc = { 374 .sadb_alg_id = SADB_X_EALG_BLOWFISHCBC, 375 .sadb_alg_ivlen = 8, 376 .sadb_alg_minbits = 40, 377 .sadb_alg_maxbits = 448 378 } 379 }, 380 { 381 .name = "cbc(aes)", 382 .compat = "aes", 383 384 .uinfo = { 385 .encr = { 386 .blockbits = 128, 387 .defkeybits = 128, 388 } 389 }, 390 391 .desc = { 392 .sadb_alg_id = SADB_X_EALG_AESCBC, 393 .sadb_alg_ivlen = 8, 394 .sadb_alg_minbits = 128, 395 .sadb_alg_maxbits = 256 396 } 397 }, 398 { 399 .name = "cbc(serpent)", 400 .compat = "serpent", 401 402 .uinfo = { 403 .encr = { 404 .blockbits = 128, 405 .defkeybits = 128, 406 } 407 }, 408 409 .desc = { 410 .sadb_alg_id = SADB_X_EALG_SERPENTCBC, 411 .sadb_alg_ivlen = 8, 412 .sadb_alg_minbits = 128, 413 .sadb_alg_maxbits = 256, 414 } 415 }, 416 { 417 .name = "cbc(camellia)", 418 .compat = "camellia", 419 420 .uinfo = { 421 .encr = { 422 .blockbits = 128, 423 .defkeybits = 128, 424 } 425 }, 426 427 .desc = { 428 .sadb_alg_id = SADB_X_EALG_CAMELLIACBC, 429 .sadb_alg_ivlen = 8, 430 .sadb_alg_minbits = 128, 431 .sadb_alg_maxbits = 256 432 } 433 }, 434 { 435 .name = "cbc(twofish)", 436 .compat = "twofish", 437 438 .uinfo = { 439 .encr = { 440 .blockbits = 128, 441 .defkeybits = 128, 442 } 443 }, 444 445 .desc = { 446 .sadb_alg_id = SADB_X_EALG_TWOFISHCBC, 447 .sadb_alg_ivlen = 8, 448 .sadb_alg_minbits = 128, 449 .sadb_alg_maxbits = 256 450 } 451 }, 452 { 453 .name = "rfc3686(ctr(aes))", 454 455 .uinfo = { 456 .encr = { 457 .blockbits = 128, 458 .defkeybits = 160, /* 128-bit key + 32-bit nonce */ 459 } 460 }, 461 462 .desc = { 463 .sadb_alg_id = SADB_X_EALG_AESCTR, 464 .sadb_alg_ivlen = 8, 465 .sadb_alg_minbits = 128, 466 .sadb_alg_maxbits = 256 467 } 468 }, 469 }; 470 471 static struct xfrm_algo_desc calg_list[] = { 472 { 473 .name = "deflate", 474 .uinfo = { 475 .comp = { 476 .threshold = 90, 477 } 478 }, 479 .desc = { .sadb_alg_id = SADB_X_CALG_DEFLATE } 480 }, 481 { 482 .name = "lzs", 483 .uinfo = { 484 .comp = { 485 .threshold = 90, 486 } 487 }, 488 .desc = { .sadb_alg_id = SADB_X_CALG_LZS } 489 }, 490 { 491 .name = "lzjh", 492 .uinfo = { 493 .comp = { 494 .threshold = 50, 495 } 496 }, 497 .desc = { .sadb_alg_id = SADB_X_CALG_LZJH } 498 }, 499 }; 500 501 static inline int aead_entries(void) 502 { 503 return ARRAY_SIZE(aead_list); 504 } 505 506 static inline int aalg_entries(void) 507 { 508 return ARRAY_SIZE(aalg_list); 509 } 510 511 static inline int ealg_entries(void) 512 { 513 return ARRAY_SIZE(ealg_list); 514 } 515 516 static inline int calg_entries(void) 517 { 518 return ARRAY_SIZE(calg_list); 519 } 520 521 struct xfrm_algo_list { 522 struct xfrm_algo_desc *algs; 523 int entries; 524 u32 type; 525 u32 mask; 526 }; 527 528 static const struct xfrm_algo_list xfrm_aead_list = { 529 .algs = aead_list, 530 .entries = ARRAY_SIZE(aead_list), 531 .type = CRYPTO_ALG_TYPE_AEAD, 532 .mask = CRYPTO_ALG_TYPE_MASK, 533 }; 534 535 static const struct xfrm_algo_list xfrm_aalg_list = { 536 .algs = aalg_list, 537 .entries = ARRAY_SIZE(aalg_list), 538 .type = CRYPTO_ALG_TYPE_HASH, 539 .mask = CRYPTO_ALG_TYPE_HASH_MASK, 540 }; 541 542 static const struct xfrm_algo_list xfrm_ealg_list = { 543 .algs = ealg_list, 544 .entries = ARRAY_SIZE(ealg_list), 545 .type = CRYPTO_ALG_TYPE_BLKCIPHER, 546 .mask = CRYPTO_ALG_TYPE_BLKCIPHER_MASK, 547 }; 548 549 static const struct xfrm_algo_list xfrm_calg_list = { 550 .algs = calg_list, 551 .entries = ARRAY_SIZE(calg_list), 552 .type = CRYPTO_ALG_TYPE_COMPRESS, 553 .mask = CRYPTO_ALG_TYPE_MASK, 554 }; 555 556 static struct xfrm_algo_desc *xfrm_find_algo( 557 const struct xfrm_algo_list *algo_list, 558 int match(const struct xfrm_algo_desc *entry, const void *data), 559 const void *data, int probe) 560 { 561 struct xfrm_algo_desc *list = algo_list->algs; 562 int i, status; 563 564 for (i = 0; i < algo_list->entries; i++) { 565 if (!match(list + i, data)) 566 continue; 567 568 if (list[i].available) 569 return &list[i]; 570 571 if (!probe) 572 break; 573 574 status = crypto_has_alg(list[i].name, algo_list->type, 575 algo_list->mask); 576 if (!status) 577 break; 578 579 list[i].available = status; 580 return &list[i]; 581 } 582 return NULL; 583 } 584 585 static int xfrm_alg_id_match(const struct xfrm_algo_desc *entry, 586 const void *data) 587 { 588 return entry->desc.sadb_alg_id == (unsigned long)data; 589 } 590 591 struct xfrm_algo_desc *xfrm_aalg_get_byid(int alg_id) 592 { 593 return xfrm_find_algo(&xfrm_aalg_list, xfrm_alg_id_match, 594 (void *)(unsigned long)alg_id, 1); 595 } 596 EXPORT_SYMBOL_GPL(xfrm_aalg_get_byid); 597 598 struct xfrm_algo_desc *xfrm_ealg_get_byid(int alg_id) 599 { 600 return xfrm_find_algo(&xfrm_ealg_list, xfrm_alg_id_match, 601 (void *)(unsigned long)alg_id, 1); 602 } 603 EXPORT_SYMBOL_GPL(xfrm_ealg_get_byid); 604 605 struct xfrm_algo_desc *xfrm_calg_get_byid(int alg_id) 606 { 607 return xfrm_find_algo(&xfrm_calg_list, xfrm_alg_id_match, 608 (void *)(unsigned long)alg_id, 1); 609 } 610 EXPORT_SYMBOL_GPL(xfrm_calg_get_byid); 611 612 static int xfrm_alg_name_match(const struct xfrm_algo_desc *entry, 613 const void *data) 614 { 615 const char *name = data; 616 617 return name && (!strcmp(name, entry->name) || 618 (entry->compat && !strcmp(name, entry->compat))); 619 } 620 621 struct xfrm_algo_desc *xfrm_aalg_get_byname(const char *name, int probe) 622 { 623 return xfrm_find_algo(&xfrm_aalg_list, xfrm_alg_name_match, name, 624 probe); 625 } 626 EXPORT_SYMBOL_GPL(xfrm_aalg_get_byname); 627 628 struct xfrm_algo_desc *xfrm_ealg_get_byname(const char *name, int probe) 629 { 630 return xfrm_find_algo(&xfrm_ealg_list, xfrm_alg_name_match, name, 631 probe); 632 } 633 EXPORT_SYMBOL_GPL(xfrm_ealg_get_byname); 634 635 struct xfrm_algo_desc *xfrm_calg_get_byname(const char *name, int probe) 636 { 637 return xfrm_find_algo(&xfrm_calg_list, xfrm_alg_name_match, name, 638 probe); 639 } 640 EXPORT_SYMBOL_GPL(xfrm_calg_get_byname); 641 642 struct xfrm_aead_name { 643 const char *name; 644 int icvbits; 645 }; 646 647 static int xfrm_aead_name_match(const struct xfrm_algo_desc *entry, 648 const void *data) 649 { 650 const struct xfrm_aead_name *aead = data; 651 const char *name = aead->name; 652 653 return aead->icvbits == entry->uinfo.aead.icv_truncbits && name && 654 !strcmp(name, entry->name); 655 } 656 657 struct xfrm_algo_desc *xfrm_aead_get_byname(const char *name, int icv_len, int probe) 658 { 659 struct xfrm_aead_name data = { 660 .name = name, 661 .icvbits = icv_len, 662 }; 663 664 return xfrm_find_algo(&xfrm_aead_list, xfrm_aead_name_match, &data, 665 probe); 666 } 667 EXPORT_SYMBOL_GPL(xfrm_aead_get_byname); 668 669 struct xfrm_algo_desc *xfrm_aalg_get_byidx(unsigned int idx) 670 { 671 if (idx >= aalg_entries()) 672 return NULL; 673 674 return &aalg_list[idx]; 675 } 676 EXPORT_SYMBOL_GPL(xfrm_aalg_get_byidx); 677 678 struct xfrm_algo_desc *xfrm_ealg_get_byidx(unsigned int idx) 679 { 680 if (idx >= ealg_entries()) 681 return NULL; 682 683 return &ealg_list[idx]; 684 } 685 EXPORT_SYMBOL_GPL(xfrm_ealg_get_byidx); 686 687 /* 688 * Probe for the availability of crypto algorithms, and set the available 689 * flag for any algorithms found on the system. This is typically called by 690 * pfkey during userspace SA add, update or register. 691 */ 692 void xfrm_probe_algs(void) 693 { 694 int i, status; 695 696 BUG_ON(in_softirq()); 697 698 for (i = 0; i < aalg_entries(); i++) { 699 status = crypto_has_hash(aalg_list[i].name, 0, 700 CRYPTO_ALG_ASYNC); 701 if (aalg_list[i].available != status) 702 aalg_list[i].available = status; 703 } 704 705 for (i = 0; i < ealg_entries(); i++) { 706 status = crypto_has_blkcipher(ealg_list[i].name, 0, 707 CRYPTO_ALG_ASYNC); 708 if (ealg_list[i].available != status) 709 ealg_list[i].available = status; 710 } 711 712 for (i = 0; i < calg_entries(); i++) { 713 status = crypto_has_comp(calg_list[i].name, 0, 714 CRYPTO_ALG_ASYNC); 715 if (calg_list[i].available != status) 716 calg_list[i].available = status; 717 } 718 } 719 EXPORT_SYMBOL_GPL(xfrm_probe_algs); 720 721 int xfrm_count_auth_supported(void) 722 { 723 int i, n; 724 725 for (i = 0, n = 0; i < aalg_entries(); i++) 726 if (aalg_list[i].available) 727 n++; 728 return n; 729 } 730 EXPORT_SYMBOL_GPL(xfrm_count_auth_supported); 731 732 int xfrm_count_enc_supported(void) 733 { 734 int i, n; 735 736 for (i = 0, n = 0; i < ealg_entries(); i++) 737 if (ealg_list[i].available) 738 n++; 739 return n; 740 } 741 EXPORT_SYMBOL_GPL(xfrm_count_enc_supported); 742 743 #if defined(CONFIG_INET_ESP) || defined(CONFIG_INET_ESP_MODULE) || defined(CONFIG_INET6_ESP) || defined(CONFIG_INET6_ESP_MODULE) 744 745 void *pskb_put(struct sk_buff *skb, struct sk_buff *tail, int len) 746 { 747 if (tail != skb) { 748 skb->data_len += len; 749 skb->len += len; 750 } 751 return skb_put(tail, len); 752 } 753 EXPORT_SYMBOL_GPL(pskb_put); 754 #endif 755