1 /* 2 * xfrm algorithm interface 3 * 4 * Copyright (c) 2002 James Morris <jmorris@intercode.com.au> 5 * 6 * This program is free software; you can redistribute it and/or modify it 7 * under the terms of the GNU General Public License as published by the Free 8 * Software Foundation; either version 2 of the License, or (at your option) 9 * any later version. 10 */ 11 12 #include <linux/module.h> 13 #include <linux/kernel.h> 14 #include <linux/pfkeyv2.h> 15 #include <linux/crypto.h> 16 #include <linux/scatterlist.h> 17 #include <net/xfrm.h> 18 #if defined(CONFIG_INET_AH) || defined(CONFIG_INET_AH_MODULE) || defined(CONFIG_INET6_AH) || defined(CONFIG_INET6_AH_MODULE) 19 #include <net/ah.h> 20 #endif 21 #if defined(CONFIG_INET_ESP) || defined(CONFIG_INET_ESP_MODULE) || defined(CONFIG_INET6_ESP) || defined(CONFIG_INET6_ESP_MODULE) 22 #include <net/esp.h> 23 #endif 24 25 /* 26 * Algorithms supported by IPsec. These entries contain properties which 27 * are used in key negotiation and xfrm processing, and are used to verify 28 * that instantiated crypto transforms have correct parameters for IPsec 29 * purposes. 30 */ 31 static struct xfrm_algo_desc aead_list[] = { 32 { 33 .name = "rfc4106(gcm(aes))", 34 35 .uinfo = { 36 .aead = { 37 .icv_truncbits = 64, 38 } 39 }, 40 41 .desc = { 42 .sadb_alg_id = SADB_X_EALG_AES_GCM_ICV8, 43 .sadb_alg_ivlen = 8, 44 .sadb_alg_minbits = 128, 45 .sadb_alg_maxbits = 256 46 } 47 }, 48 { 49 .name = "rfc4106(gcm(aes))", 50 51 .uinfo = { 52 .aead = { 53 .icv_truncbits = 96, 54 } 55 }, 56 57 .desc = { 58 .sadb_alg_id = SADB_X_EALG_AES_GCM_ICV12, 59 .sadb_alg_ivlen = 8, 60 .sadb_alg_minbits = 128, 61 .sadb_alg_maxbits = 256 62 } 63 }, 64 { 65 .name = "rfc4106(gcm(aes))", 66 67 .uinfo = { 68 .aead = { 69 .icv_truncbits = 128, 70 } 71 }, 72 73 .desc = { 74 .sadb_alg_id = SADB_X_EALG_AES_GCM_ICV16, 75 .sadb_alg_ivlen = 8, 76 .sadb_alg_minbits = 128, 77 .sadb_alg_maxbits = 256 78 } 79 }, 80 { 81 .name = "rfc4309(ccm(aes))", 82 83 .uinfo = { 84 .aead = { 85 .icv_truncbits = 64, 86 } 87 }, 88 89 .desc = { 90 .sadb_alg_id = SADB_X_EALG_AES_CCM_ICV8, 91 .sadb_alg_ivlen = 8, 92 .sadb_alg_minbits = 128, 93 .sadb_alg_maxbits = 256 94 } 95 }, 96 { 97 .name = "rfc4309(ccm(aes))", 98 99 .uinfo = { 100 .aead = { 101 .icv_truncbits = 96, 102 } 103 }, 104 105 .desc = { 106 .sadb_alg_id = SADB_X_EALG_AES_CCM_ICV12, 107 .sadb_alg_ivlen = 8, 108 .sadb_alg_minbits = 128, 109 .sadb_alg_maxbits = 256 110 } 111 }, 112 { 113 .name = "rfc4309(ccm(aes))", 114 115 .uinfo = { 116 .aead = { 117 .icv_truncbits = 128, 118 } 119 }, 120 121 .desc = { 122 .sadb_alg_id = SADB_X_EALG_AES_CCM_ICV16, 123 .sadb_alg_ivlen = 8, 124 .sadb_alg_minbits = 128, 125 .sadb_alg_maxbits = 256 126 } 127 }, 128 }; 129 130 static struct xfrm_algo_desc aalg_list[] = { 131 { 132 .name = "digest_null", 133 134 .uinfo = { 135 .auth = { 136 .icv_truncbits = 0, 137 .icv_fullbits = 0, 138 } 139 }, 140 141 .desc = { 142 .sadb_alg_id = SADB_X_AALG_NULL, 143 .sadb_alg_ivlen = 0, 144 .sadb_alg_minbits = 0, 145 .sadb_alg_maxbits = 0 146 } 147 }, 148 { 149 .name = "hmac(md5)", 150 .compat = "md5", 151 152 .uinfo = { 153 .auth = { 154 .icv_truncbits = 96, 155 .icv_fullbits = 128, 156 } 157 }, 158 159 .desc = { 160 .sadb_alg_id = SADB_AALG_MD5HMAC, 161 .sadb_alg_ivlen = 0, 162 .sadb_alg_minbits = 128, 163 .sadb_alg_maxbits = 128 164 } 165 }, 166 { 167 .name = "hmac(sha1)", 168 .compat = "sha1", 169 170 .uinfo = { 171 .auth = { 172 .icv_truncbits = 96, 173 .icv_fullbits = 160, 174 } 175 }, 176 177 .desc = { 178 .sadb_alg_id = SADB_AALG_SHA1HMAC, 179 .sadb_alg_ivlen = 0, 180 .sadb_alg_minbits = 160, 181 .sadb_alg_maxbits = 160 182 } 183 }, 184 { 185 .name = "hmac(sha256)", 186 .compat = "sha256", 187 188 .uinfo = { 189 .auth = { 190 .icv_truncbits = 96, 191 .icv_fullbits = 256, 192 } 193 }, 194 195 .desc = { 196 .sadb_alg_id = SADB_X_AALG_SHA2_256HMAC, 197 .sadb_alg_ivlen = 0, 198 .sadb_alg_minbits = 256, 199 .sadb_alg_maxbits = 256 200 } 201 }, 202 { 203 .name = "hmac(rmd160)", 204 .compat = "rmd160", 205 206 .uinfo = { 207 .auth = { 208 .icv_truncbits = 96, 209 .icv_fullbits = 160, 210 } 211 }, 212 213 .desc = { 214 .sadb_alg_id = SADB_X_AALG_RIPEMD160HMAC, 215 .sadb_alg_ivlen = 0, 216 .sadb_alg_minbits = 160, 217 .sadb_alg_maxbits = 160 218 } 219 }, 220 { 221 .name = "xcbc(aes)", 222 223 .uinfo = { 224 .auth = { 225 .icv_truncbits = 96, 226 .icv_fullbits = 128, 227 } 228 }, 229 230 .desc = { 231 .sadb_alg_id = SADB_X_AALG_AES_XCBC_MAC, 232 .sadb_alg_ivlen = 0, 233 .sadb_alg_minbits = 128, 234 .sadb_alg_maxbits = 128 235 } 236 }, 237 }; 238 239 static struct xfrm_algo_desc ealg_list[] = { 240 { 241 .name = "ecb(cipher_null)", 242 .compat = "cipher_null", 243 244 .uinfo = { 245 .encr = { 246 .blockbits = 8, 247 .defkeybits = 0, 248 } 249 }, 250 251 .desc = { 252 .sadb_alg_id = SADB_EALG_NULL, 253 .sadb_alg_ivlen = 0, 254 .sadb_alg_minbits = 0, 255 .sadb_alg_maxbits = 0 256 } 257 }, 258 { 259 .name = "cbc(des)", 260 .compat = "des", 261 262 .uinfo = { 263 .encr = { 264 .blockbits = 64, 265 .defkeybits = 64, 266 } 267 }, 268 269 .desc = { 270 .sadb_alg_id = SADB_EALG_DESCBC, 271 .sadb_alg_ivlen = 8, 272 .sadb_alg_minbits = 64, 273 .sadb_alg_maxbits = 64 274 } 275 }, 276 { 277 .name = "cbc(des3_ede)", 278 .compat = "des3_ede", 279 280 .uinfo = { 281 .encr = { 282 .blockbits = 64, 283 .defkeybits = 192, 284 } 285 }, 286 287 .desc = { 288 .sadb_alg_id = SADB_EALG_3DESCBC, 289 .sadb_alg_ivlen = 8, 290 .sadb_alg_minbits = 192, 291 .sadb_alg_maxbits = 192 292 } 293 }, 294 { 295 .name = "cbc(cast128)", 296 .compat = "cast128", 297 298 .uinfo = { 299 .encr = { 300 .blockbits = 64, 301 .defkeybits = 128, 302 } 303 }, 304 305 .desc = { 306 .sadb_alg_id = SADB_X_EALG_CASTCBC, 307 .sadb_alg_ivlen = 8, 308 .sadb_alg_minbits = 40, 309 .sadb_alg_maxbits = 128 310 } 311 }, 312 { 313 .name = "cbc(blowfish)", 314 .compat = "blowfish", 315 316 .uinfo = { 317 .encr = { 318 .blockbits = 64, 319 .defkeybits = 128, 320 } 321 }, 322 323 .desc = { 324 .sadb_alg_id = SADB_X_EALG_BLOWFISHCBC, 325 .sadb_alg_ivlen = 8, 326 .sadb_alg_minbits = 40, 327 .sadb_alg_maxbits = 448 328 } 329 }, 330 { 331 .name = "cbc(aes)", 332 .compat = "aes", 333 334 .uinfo = { 335 .encr = { 336 .blockbits = 128, 337 .defkeybits = 128, 338 } 339 }, 340 341 .desc = { 342 .sadb_alg_id = SADB_X_EALG_AESCBC, 343 .sadb_alg_ivlen = 8, 344 .sadb_alg_minbits = 128, 345 .sadb_alg_maxbits = 256 346 } 347 }, 348 { 349 .name = "cbc(serpent)", 350 .compat = "serpent", 351 352 .uinfo = { 353 .encr = { 354 .blockbits = 128, 355 .defkeybits = 128, 356 } 357 }, 358 359 .desc = { 360 .sadb_alg_id = SADB_X_EALG_SERPENTCBC, 361 .sadb_alg_ivlen = 8, 362 .sadb_alg_minbits = 128, 363 .sadb_alg_maxbits = 256, 364 } 365 }, 366 { 367 .name = "cbc(camellia)", 368 369 .uinfo = { 370 .encr = { 371 .blockbits = 128, 372 .defkeybits = 128, 373 } 374 }, 375 376 .desc = { 377 .sadb_alg_id = SADB_X_EALG_CAMELLIACBC, 378 .sadb_alg_ivlen = 8, 379 .sadb_alg_minbits = 128, 380 .sadb_alg_maxbits = 256 381 } 382 }, 383 { 384 .name = "cbc(twofish)", 385 .compat = "twofish", 386 387 .uinfo = { 388 .encr = { 389 .blockbits = 128, 390 .defkeybits = 128, 391 } 392 }, 393 394 .desc = { 395 .sadb_alg_id = SADB_X_EALG_TWOFISHCBC, 396 .sadb_alg_ivlen = 8, 397 .sadb_alg_minbits = 128, 398 .sadb_alg_maxbits = 256 399 } 400 }, 401 { 402 .name = "rfc3686(ctr(aes))", 403 404 .uinfo = { 405 .encr = { 406 .blockbits = 128, 407 .defkeybits = 160, /* 128-bit key + 32-bit nonce */ 408 } 409 }, 410 411 .desc = { 412 .sadb_alg_id = SADB_X_EALG_AESCTR, 413 .sadb_alg_ivlen = 8, 414 .sadb_alg_minbits = 128, 415 .sadb_alg_maxbits = 256 416 } 417 }, 418 }; 419 420 static struct xfrm_algo_desc calg_list[] = { 421 { 422 .name = "deflate", 423 .uinfo = { 424 .comp = { 425 .threshold = 90, 426 } 427 }, 428 .desc = { .sadb_alg_id = SADB_X_CALG_DEFLATE } 429 }, 430 { 431 .name = "lzs", 432 .uinfo = { 433 .comp = { 434 .threshold = 90, 435 } 436 }, 437 .desc = { .sadb_alg_id = SADB_X_CALG_LZS } 438 }, 439 { 440 .name = "lzjh", 441 .uinfo = { 442 .comp = { 443 .threshold = 50, 444 } 445 }, 446 .desc = { .sadb_alg_id = SADB_X_CALG_LZJH } 447 }, 448 }; 449 450 static inline int aead_entries(void) 451 { 452 return ARRAY_SIZE(aead_list); 453 } 454 455 static inline int aalg_entries(void) 456 { 457 return ARRAY_SIZE(aalg_list); 458 } 459 460 static inline int ealg_entries(void) 461 { 462 return ARRAY_SIZE(ealg_list); 463 } 464 465 static inline int calg_entries(void) 466 { 467 return ARRAY_SIZE(calg_list); 468 } 469 470 struct xfrm_algo_list { 471 struct xfrm_algo_desc *algs; 472 int entries; 473 u32 type; 474 u32 mask; 475 }; 476 477 static const struct xfrm_algo_list xfrm_aead_list = { 478 .algs = aead_list, 479 .entries = ARRAY_SIZE(aead_list), 480 .type = CRYPTO_ALG_TYPE_AEAD, 481 .mask = CRYPTO_ALG_TYPE_MASK, 482 }; 483 484 static const struct xfrm_algo_list xfrm_aalg_list = { 485 .algs = aalg_list, 486 .entries = ARRAY_SIZE(aalg_list), 487 .type = CRYPTO_ALG_TYPE_HASH, 488 .mask = CRYPTO_ALG_TYPE_HASH_MASK, 489 }; 490 491 static const struct xfrm_algo_list xfrm_ealg_list = { 492 .algs = ealg_list, 493 .entries = ARRAY_SIZE(ealg_list), 494 .type = CRYPTO_ALG_TYPE_BLKCIPHER, 495 .mask = CRYPTO_ALG_TYPE_BLKCIPHER_MASK, 496 }; 497 498 static const struct xfrm_algo_list xfrm_calg_list = { 499 .algs = calg_list, 500 .entries = ARRAY_SIZE(calg_list), 501 .type = CRYPTO_ALG_TYPE_COMPRESS, 502 .mask = CRYPTO_ALG_TYPE_MASK, 503 }; 504 505 static struct xfrm_algo_desc *xfrm_find_algo( 506 const struct xfrm_algo_list *algo_list, 507 int match(const struct xfrm_algo_desc *entry, const void *data), 508 const void *data, int probe) 509 { 510 struct xfrm_algo_desc *list = algo_list->algs; 511 int i, status; 512 513 for (i = 0; i < algo_list->entries; i++) { 514 if (!match(list + i, data)) 515 continue; 516 517 if (list[i].available) 518 return &list[i]; 519 520 if (!probe) 521 break; 522 523 status = crypto_has_alg(list[i].name, algo_list->type, 524 algo_list->mask); 525 if (!status) 526 break; 527 528 list[i].available = status; 529 return &list[i]; 530 } 531 return NULL; 532 } 533 534 static int xfrm_alg_id_match(const struct xfrm_algo_desc *entry, 535 const void *data) 536 { 537 return entry->desc.sadb_alg_id == (unsigned long)data; 538 } 539 540 struct xfrm_algo_desc *xfrm_aalg_get_byid(int alg_id) 541 { 542 return xfrm_find_algo(&xfrm_aalg_list, xfrm_alg_id_match, 543 (void *)(unsigned long)alg_id, 1); 544 } 545 EXPORT_SYMBOL_GPL(xfrm_aalg_get_byid); 546 547 struct xfrm_algo_desc *xfrm_ealg_get_byid(int alg_id) 548 { 549 return xfrm_find_algo(&xfrm_ealg_list, xfrm_alg_id_match, 550 (void *)(unsigned long)alg_id, 1); 551 } 552 EXPORT_SYMBOL_GPL(xfrm_ealg_get_byid); 553 554 struct xfrm_algo_desc *xfrm_calg_get_byid(int alg_id) 555 { 556 return xfrm_find_algo(&xfrm_calg_list, xfrm_alg_id_match, 557 (void *)(unsigned long)alg_id, 1); 558 } 559 EXPORT_SYMBOL_GPL(xfrm_calg_get_byid); 560 561 static int xfrm_alg_name_match(const struct xfrm_algo_desc *entry, 562 const void *data) 563 { 564 const char *name = data; 565 566 return name && (!strcmp(name, entry->name) || 567 (entry->compat && !strcmp(name, entry->compat))); 568 } 569 570 struct xfrm_algo_desc *xfrm_aalg_get_byname(char *name, int probe) 571 { 572 return xfrm_find_algo(&xfrm_aalg_list, xfrm_alg_name_match, name, 573 probe); 574 } 575 EXPORT_SYMBOL_GPL(xfrm_aalg_get_byname); 576 577 struct xfrm_algo_desc *xfrm_ealg_get_byname(char *name, int probe) 578 { 579 return xfrm_find_algo(&xfrm_ealg_list, xfrm_alg_name_match, name, 580 probe); 581 } 582 EXPORT_SYMBOL_GPL(xfrm_ealg_get_byname); 583 584 struct xfrm_algo_desc *xfrm_calg_get_byname(char *name, int probe) 585 { 586 return xfrm_find_algo(&xfrm_calg_list, xfrm_alg_name_match, name, 587 probe); 588 } 589 EXPORT_SYMBOL_GPL(xfrm_calg_get_byname); 590 591 struct xfrm_aead_name { 592 const char *name; 593 int icvbits; 594 }; 595 596 static int xfrm_aead_name_match(const struct xfrm_algo_desc *entry, 597 const void *data) 598 { 599 const struct xfrm_aead_name *aead = data; 600 const char *name = aead->name; 601 602 return aead->icvbits == entry->uinfo.aead.icv_truncbits && name && 603 !strcmp(name, entry->name); 604 } 605 606 struct xfrm_algo_desc *xfrm_aead_get_byname(char *name, int icv_len, int probe) 607 { 608 struct xfrm_aead_name data = { 609 .name = name, 610 .icvbits = icv_len, 611 }; 612 613 return xfrm_find_algo(&xfrm_aead_list, xfrm_aead_name_match, &data, 614 probe); 615 } 616 EXPORT_SYMBOL_GPL(xfrm_aead_get_byname); 617 618 struct xfrm_algo_desc *xfrm_aalg_get_byidx(unsigned int idx) 619 { 620 if (idx >= aalg_entries()) 621 return NULL; 622 623 return &aalg_list[idx]; 624 } 625 EXPORT_SYMBOL_GPL(xfrm_aalg_get_byidx); 626 627 struct xfrm_algo_desc *xfrm_ealg_get_byidx(unsigned int idx) 628 { 629 if (idx >= ealg_entries()) 630 return NULL; 631 632 return &ealg_list[idx]; 633 } 634 EXPORT_SYMBOL_GPL(xfrm_ealg_get_byidx); 635 636 /* 637 * Probe for the availability of crypto algorithms, and set the available 638 * flag for any algorithms found on the system. This is typically called by 639 * pfkey during userspace SA add, update or register. 640 */ 641 void xfrm_probe_algs(void) 642 { 643 int i, status; 644 645 BUG_ON(in_softirq()); 646 647 for (i = 0; i < aalg_entries(); i++) { 648 status = crypto_has_hash(aalg_list[i].name, 0, 649 CRYPTO_ALG_ASYNC); 650 if (aalg_list[i].available != status) 651 aalg_list[i].available = status; 652 } 653 654 for (i = 0; i < ealg_entries(); i++) { 655 status = crypto_has_blkcipher(ealg_list[i].name, 0, 656 CRYPTO_ALG_ASYNC); 657 if (ealg_list[i].available != status) 658 ealg_list[i].available = status; 659 } 660 661 for (i = 0; i < calg_entries(); i++) { 662 status = crypto_has_comp(calg_list[i].name, 0, 663 CRYPTO_ALG_ASYNC); 664 if (calg_list[i].available != status) 665 calg_list[i].available = status; 666 } 667 } 668 EXPORT_SYMBOL_GPL(xfrm_probe_algs); 669 670 int xfrm_count_auth_supported(void) 671 { 672 int i, n; 673 674 for (i = 0, n = 0; i < aalg_entries(); i++) 675 if (aalg_list[i].available) 676 n++; 677 return n; 678 } 679 EXPORT_SYMBOL_GPL(xfrm_count_auth_supported); 680 681 int xfrm_count_enc_supported(void) 682 { 683 int i, n; 684 685 for (i = 0, n = 0; i < ealg_entries(); i++) 686 if (ealg_list[i].available) 687 n++; 688 return n; 689 } 690 EXPORT_SYMBOL_GPL(xfrm_count_enc_supported); 691 692 /* Move to common area: it is shared with AH. */ 693 694 int skb_icv_walk(const struct sk_buff *skb, struct hash_desc *desc, 695 int offset, int len, icv_update_fn_t icv_update) 696 { 697 int start = skb_headlen(skb); 698 int i, copy = start - offset; 699 int err; 700 struct scatterlist sg; 701 702 /* Checksum header. */ 703 if (copy > 0) { 704 if (copy > len) 705 copy = len; 706 707 sg_init_one(&sg, skb->data + offset, copy); 708 709 err = icv_update(desc, &sg, copy); 710 if (unlikely(err)) 711 return err; 712 713 if ((len -= copy) == 0) 714 return 0; 715 offset += copy; 716 } 717 718 for (i = 0; i < skb_shinfo(skb)->nr_frags; i++) { 719 int end; 720 721 BUG_TRAP(start <= offset + len); 722 723 end = start + skb_shinfo(skb)->frags[i].size; 724 if ((copy = end - offset) > 0) { 725 skb_frag_t *frag = &skb_shinfo(skb)->frags[i]; 726 727 if (copy > len) 728 copy = len; 729 730 sg_init_table(&sg, 1); 731 sg_set_page(&sg, frag->page, copy, 732 frag->page_offset + offset-start); 733 734 err = icv_update(desc, &sg, copy); 735 if (unlikely(err)) 736 return err; 737 738 if (!(len -= copy)) 739 return 0; 740 offset += copy; 741 } 742 start = end; 743 } 744 745 if (skb_shinfo(skb)->frag_list) { 746 struct sk_buff *list = skb_shinfo(skb)->frag_list; 747 748 for (; list; list = list->next) { 749 int end; 750 751 BUG_TRAP(start <= offset + len); 752 753 end = start + list->len; 754 if ((copy = end - offset) > 0) { 755 if (copy > len) 756 copy = len; 757 err = skb_icv_walk(list, desc, offset-start, 758 copy, icv_update); 759 if (unlikely(err)) 760 return err; 761 if ((len -= copy) == 0) 762 return 0; 763 offset += copy; 764 } 765 start = end; 766 } 767 } 768 BUG_ON(len); 769 return 0; 770 } 771 EXPORT_SYMBOL_GPL(skb_icv_walk); 772 773 #if defined(CONFIG_INET_ESP) || defined(CONFIG_INET_ESP_MODULE) || defined(CONFIG_INET6_ESP) || defined(CONFIG_INET6_ESP_MODULE) 774 775 void *pskb_put(struct sk_buff *skb, struct sk_buff *tail, int len) 776 { 777 if (tail != skb) { 778 skb->data_len += len; 779 skb->len += len; 780 } 781 return skb_put(tail, len); 782 } 783 EXPORT_SYMBOL_GPL(pskb_put); 784 #endif 785