1 /* 2 * xfrm algorithm interface 3 * 4 * Copyright (c) 2002 James Morris <jmorris@intercode.com.au> 5 * 6 * This program is free software; you can redistribute it and/or modify it 7 * under the terms of the GNU General Public License as published by the Free 8 * Software Foundation; either version 2 of the License, or (at your option) 9 * any later version. 10 */ 11 12 #include <linux/module.h> 13 #include <linux/kernel.h> 14 #include <linux/pfkeyv2.h> 15 #include <linux/crypto.h> 16 #include <linux/scatterlist.h> 17 #include <net/xfrm.h> 18 #if defined(CONFIG_INET_ESP) || defined(CONFIG_INET_ESP_MODULE) || defined(CONFIG_INET6_ESP) || defined(CONFIG_INET6_ESP_MODULE) 19 #include <net/esp.h> 20 #endif 21 22 /* 23 * Algorithms supported by IPsec. These entries contain properties which 24 * are used in key negotiation and xfrm processing, and are used to verify 25 * that instantiated crypto transforms have correct parameters for IPsec 26 * purposes. 27 */ 28 static struct xfrm_algo_desc aead_list[] = { 29 { 30 .name = "rfc4106(gcm(aes))", 31 32 .uinfo = { 33 .aead = { 34 .icv_truncbits = 64, 35 } 36 }, 37 38 .pfkey_supported = 1, 39 40 .desc = { 41 .sadb_alg_id = SADB_X_EALG_AES_GCM_ICV8, 42 .sadb_alg_ivlen = 8, 43 .sadb_alg_minbits = 128, 44 .sadb_alg_maxbits = 256 45 } 46 }, 47 { 48 .name = "rfc4106(gcm(aes))", 49 50 .uinfo = { 51 .aead = { 52 .icv_truncbits = 96, 53 } 54 }, 55 56 .pfkey_supported = 1, 57 58 .desc = { 59 .sadb_alg_id = SADB_X_EALG_AES_GCM_ICV12, 60 .sadb_alg_ivlen = 8, 61 .sadb_alg_minbits = 128, 62 .sadb_alg_maxbits = 256 63 } 64 }, 65 { 66 .name = "rfc4106(gcm(aes))", 67 68 .uinfo = { 69 .aead = { 70 .icv_truncbits = 128, 71 } 72 }, 73 74 .pfkey_supported = 1, 75 76 .desc = { 77 .sadb_alg_id = SADB_X_EALG_AES_GCM_ICV16, 78 .sadb_alg_ivlen = 8, 79 .sadb_alg_minbits = 128, 80 .sadb_alg_maxbits = 256 81 } 82 }, 83 { 84 .name = "rfc4309(ccm(aes))", 85 86 .uinfo = { 87 .aead = { 88 .icv_truncbits = 64, 89 } 90 }, 91 92 .pfkey_supported = 1, 93 94 .desc = { 95 .sadb_alg_id = SADB_X_EALG_AES_CCM_ICV8, 96 .sadb_alg_ivlen = 8, 97 .sadb_alg_minbits = 128, 98 .sadb_alg_maxbits = 256 99 } 100 }, 101 { 102 .name = "rfc4309(ccm(aes))", 103 104 .uinfo = { 105 .aead = { 106 .icv_truncbits = 96, 107 } 108 }, 109 110 .pfkey_supported = 1, 111 112 .desc = { 113 .sadb_alg_id = SADB_X_EALG_AES_CCM_ICV12, 114 .sadb_alg_ivlen = 8, 115 .sadb_alg_minbits = 128, 116 .sadb_alg_maxbits = 256 117 } 118 }, 119 { 120 .name = "rfc4309(ccm(aes))", 121 122 .uinfo = { 123 .aead = { 124 .icv_truncbits = 128, 125 } 126 }, 127 128 .pfkey_supported = 1, 129 130 .desc = { 131 .sadb_alg_id = SADB_X_EALG_AES_CCM_ICV16, 132 .sadb_alg_ivlen = 8, 133 .sadb_alg_minbits = 128, 134 .sadb_alg_maxbits = 256 135 } 136 }, 137 { 138 .name = "rfc4543(gcm(aes))", 139 140 .uinfo = { 141 .aead = { 142 .icv_truncbits = 128, 143 } 144 }, 145 146 .pfkey_supported = 1, 147 148 .desc = { 149 .sadb_alg_id = SADB_X_EALG_NULL_AES_GMAC, 150 .sadb_alg_ivlen = 8, 151 .sadb_alg_minbits = 128, 152 .sadb_alg_maxbits = 256 153 } 154 }, 155 }; 156 157 static struct xfrm_algo_desc aalg_list[] = { 158 { 159 .name = "digest_null", 160 161 .uinfo = { 162 .auth = { 163 .icv_truncbits = 0, 164 .icv_fullbits = 0, 165 } 166 }, 167 168 .pfkey_supported = 1, 169 170 .desc = { 171 .sadb_alg_id = SADB_X_AALG_NULL, 172 .sadb_alg_ivlen = 0, 173 .sadb_alg_minbits = 0, 174 .sadb_alg_maxbits = 0 175 } 176 }, 177 { 178 .name = "hmac(md5)", 179 .compat = "md5", 180 181 .uinfo = { 182 .auth = { 183 .icv_truncbits = 96, 184 .icv_fullbits = 128, 185 } 186 }, 187 188 .pfkey_supported = 1, 189 190 .desc = { 191 .sadb_alg_id = SADB_AALG_MD5HMAC, 192 .sadb_alg_ivlen = 0, 193 .sadb_alg_minbits = 128, 194 .sadb_alg_maxbits = 128 195 } 196 }, 197 { 198 .name = "hmac(sha1)", 199 .compat = "sha1", 200 201 .uinfo = { 202 .auth = { 203 .icv_truncbits = 96, 204 .icv_fullbits = 160, 205 } 206 }, 207 208 .pfkey_supported = 1, 209 210 .desc = { 211 .sadb_alg_id = SADB_AALG_SHA1HMAC, 212 .sadb_alg_ivlen = 0, 213 .sadb_alg_minbits = 160, 214 .sadb_alg_maxbits = 160 215 } 216 }, 217 { 218 .name = "hmac(sha256)", 219 .compat = "sha256", 220 221 .uinfo = { 222 .auth = { 223 .icv_truncbits = 96, 224 .icv_fullbits = 256, 225 } 226 }, 227 228 .pfkey_supported = 1, 229 230 .desc = { 231 .sadb_alg_id = SADB_X_AALG_SHA2_256HMAC, 232 .sadb_alg_ivlen = 0, 233 .sadb_alg_minbits = 256, 234 .sadb_alg_maxbits = 256 235 } 236 }, 237 { 238 .name = "hmac(sha384)", 239 240 .uinfo = { 241 .auth = { 242 .icv_truncbits = 192, 243 .icv_fullbits = 384, 244 } 245 }, 246 247 .pfkey_supported = 1, 248 249 .desc = { 250 .sadb_alg_id = SADB_X_AALG_SHA2_384HMAC, 251 .sadb_alg_ivlen = 0, 252 .sadb_alg_minbits = 384, 253 .sadb_alg_maxbits = 384 254 } 255 }, 256 { 257 .name = "hmac(sha512)", 258 259 .uinfo = { 260 .auth = { 261 .icv_truncbits = 256, 262 .icv_fullbits = 512, 263 } 264 }, 265 266 .pfkey_supported = 1, 267 268 .desc = { 269 .sadb_alg_id = SADB_X_AALG_SHA2_512HMAC, 270 .sadb_alg_ivlen = 0, 271 .sadb_alg_minbits = 512, 272 .sadb_alg_maxbits = 512 273 } 274 }, 275 { 276 .name = "hmac(rmd160)", 277 .compat = "rmd160", 278 279 .uinfo = { 280 .auth = { 281 .icv_truncbits = 96, 282 .icv_fullbits = 160, 283 } 284 }, 285 286 .pfkey_supported = 1, 287 288 .desc = { 289 .sadb_alg_id = SADB_X_AALG_RIPEMD160HMAC, 290 .sadb_alg_ivlen = 0, 291 .sadb_alg_minbits = 160, 292 .sadb_alg_maxbits = 160 293 } 294 }, 295 { 296 .name = "xcbc(aes)", 297 298 .uinfo = { 299 .auth = { 300 .icv_truncbits = 96, 301 .icv_fullbits = 128, 302 } 303 }, 304 305 .pfkey_supported = 1, 306 307 .desc = { 308 .sadb_alg_id = SADB_X_AALG_AES_XCBC_MAC, 309 .sadb_alg_ivlen = 0, 310 .sadb_alg_minbits = 128, 311 .sadb_alg_maxbits = 128 312 } 313 }, 314 { 315 /* rfc4494 */ 316 .name = "cmac(aes)", 317 318 .uinfo = { 319 .auth = { 320 .icv_truncbits = 96, 321 .icv_fullbits = 128, 322 } 323 }, 324 325 .pfkey_supported = 0, 326 }, 327 }; 328 329 static struct xfrm_algo_desc ealg_list[] = { 330 { 331 .name = "ecb(cipher_null)", 332 .compat = "cipher_null", 333 334 .uinfo = { 335 .encr = { 336 .blockbits = 8, 337 .defkeybits = 0, 338 } 339 }, 340 341 .pfkey_supported = 1, 342 343 .desc = { 344 .sadb_alg_id = SADB_EALG_NULL, 345 .sadb_alg_ivlen = 0, 346 .sadb_alg_minbits = 0, 347 .sadb_alg_maxbits = 0 348 } 349 }, 350 { 351 .name = "cbc(des)", 352 .compat = "des", 353 354 .uinfo = { 355 .encr = { 356 .blockbits = 64, 357 .defkeybits = 64, 358 } 359 }, 360 361 .pfkey_supported = 1, 362 363 .desc = { 364 .sadb_alg_id = SADB_EALG_DESCBC, 365 .sadb_alg_ivlen = 8, 366 .sadb_alg_minbits = 64, 367 .sadb_alg_maxbits = 64 368 } 369 }, 370 { 371 .name = "cbc(des3_ede)", 372 .compat = "des3_ede", 373 374 .uinfo = { 375 .encr = { 376 .blockbits = 64, 377 .defkeybits = 192, 378 } 379 }, 380 381 .pfkey_supported = 1, 382 383 .desc = { 384 .sadb_alg_id = SADB_EALG_3DESCBC, 385 .sadb_alg_ivlen = 8, 386 .sadb_alg_minbits = 192, 387 .sadb_alg_maxbits = 192 388 } 389 }, 390 { 391 .name = "cbc(cast5)", 392 .compat = "cast5", 393 394 .uinfo = { 395 .encr = { 396 .blockbits = 64, 397 .defkeybits = 128, 398 } 399 }, 400 401 .pfkey_supported = 1, 402 403 .desc = { 404 .sadb_alg_id = SADB_X_EALG_CASTCBC, 405 .sadb_alg_ivlen = 8, 406 .sadb_alg_minbits = 40, 407 .sadb_alg_maxbits = 128 408 } 409 }, 410 { 411 .name = "cbc(blowfish)", 412 .compat = "blowfish", 413 414 .uinfo = { 415 .encr = { 416 .blockbits = 64, 417 .defkeybits = 128, 418 } 419 }, 420 421 .pfkey_supported = 1, 422 423 .desc = { 424 .sadb_alg_id = SADB_X_EALG_BLOWFISHCBC, 425 .sadb_alg_ivlen = 8, 426 .sadb_alg_minbits = 40, 427 .sadb_alg_maxbits = 448 428 } 429 }, 430 { 431 .name = "cbc(aes)", 432 .compat = "aes", 433 434 .uinfo = { 435 .encr = { 436 .blockbits = 128, 437 .defkeybits = 128, 438 } 439 }, 440 441 .pfkey_supported = 1, 442 443 .desc = { 444 .sadb_alg_id = SADB_X_EALG_AESCBC, 445 .sadb_alg_ivlen = 8, 446 .sadb_alg_minbits = 128, 447 .sadb_alg_maxbits = 256 448 } 449 }, 450 { 451 .name = "cbc(serpent)", 452 .compat = "serpent", 453 454 .uinfo = { 455 .encr = { 456 .blockbits = 128, 457 .defkeybits = 128, 458 } 459 }, 460 461 .pfkey_supported = 1, 462 463 .desc = { 464 .sadb_alg_id = SADB_X_EALG_SERPENTCBC, 465 .sadb_alg_ivlen = 8, 466 .sadb_alg_minbits = 128, 467 .sadb_alg_maxbits = 256, 468 } 469 }, 470 { 471 .name = "cbc(camellia)", 472 .compat = "camellia", 473 474 .uinfo = { 475 .encr = { 476 .blockbits = 128, 477 .defkeybits = 128, 478 } 479 }, 480 481 .pfkey_supported = 1, 482 483 .desc = { 484 .sadb_alg_id = SADB_X_EALG_CAMELLIACBC, 485 .sadb_alg_ivlen = 8, 486 .sadb_alg_minbits = 128, 487 .sadb_alg_maxbits = 256 488 } 489 }, 490 { 491 .name = "cbc(twofish)", 492 .compat = "twofish", 493 494 .uinfo = { 495 .encr = { 496 .blockbits = 128, 497 .defkeybits = 128, 498 } 499 }, 500 501 .pfkey_supported = 1, 502 503 .desc = { 504 .sadb_alg_id = SADB_X_EALG_TWOFISHCBC, 505 .sadb_alg_ivlen = 8, 506 .sadb_alg_minbits = 128, 507 .sadb_alg_maxbits = 256 508 } 509 }, 510 { 511 .name = "rfc3686(ctr(aes))", 512 513 .uinfo = { 514 .encr = { 515 .blockbits = 128, 516 .defkeybits = 160, /* 128-bit key + 32-bit nonce */ 517 } 518 }, 519 520 .pfkey_supported = 1, 521 522 .desc = { 523 .sadb_alg_id = SADB_X_EALG_AESCTR, 524 .sadb_alg_ivlen = 8, 525 .sadb_alg_minbits = 160, 526 .sadb_alg_maxbits = 288 527 } 528 }, 529 }; 530 531 static struct xfrm_algo_desc calg_list[] = { 532 { 533 .name = "deflate", 534 .uinfo = { 535 .comp = { 536 .threshold = 90, 537 } 538 }, 539 .pfkey_supported = 1, 540 .desc = { .sadb_alg_id = SADB_X_CALG_DEFLATE } 541 }, 542 { 543 .name = "lzs", 544 .uinfo = { 545 .comp = { 546 .threshold = 90, 547 } 548 }, 549 .pfkey_supported = 1, 550 .desc = { .sadb_alg_id = SADB_X_CALG_LZS } 551 }, 552 { 553 .name = "lzjh", 554 .uinfo = { 555 .comp = { 556 .threshold = 50, 557 } 558 }, 559 .pfkey_supported = 1, 560 .desc = { .sadb_alg_id = SADB_X_CALG_LZJH } 561 }, 562 }; 563 564 static inline int aead_entries(void) 565 { 566 return ARRAY_SIZE(aead_list); 567 } 568 569 static inline int aalg_entries(void) 570 { 571 return ARRAY_SIZE(aalg_list); 572 } 573 574 static inline int ealg_entries(void) 575 { 576 return ARRAY_SIZE(ealg_list); 577 } 578 579 static inline int calg_entries(void) 580 { 581 return ARRAY_SIZE(calg_list); 582 } 583 584 struct xfrm_algo_list { 585 struct xfrm_algo_desc *algs; 586 int entries; 587 u32 type; 588 u32 mask; 589 }; 590 591 static const struct xfrm_algo_list xfrm_aead_list = { 592 .algs = aead_list, 593 .entries = ARRAY_SIZE(aead_list), 594 .type = CRYPTO_ALG_TYPE_AEAD, 595 .mask = CRYPTO_ALG_TYPE_MASK, 596 }; 597 598 static const struct xfrm_algo_list xfrm_aalg_list = { 599 .algs = aalg_list, 600 .entries = ARRAY_SIZE(aalg_list), 601 .type = CRYPTO_ALG_TYPE_HASH, 602 .mask = CRYPTO_ALG_TYPE_HASH_MASK, 603 }; 604 605 static const struct xfrm_algo_list xfrm_ealg_list = { 606 .algs = ealg_list, 607 .entries = ARRAY_SIZE(ealg_list), 608 .type = CRYPTO_ALG_TYPE_BLKCIPHER, 609 .mask = CRYPTO_ALG_TYPE_BLKCIPHER_MASK, 610 }; 611 612 static const struct xfrm_algo_list xfrm_calg_list = { 613 .algs = calg_list, 614 .entries = ARRAY_SIZE(calg_list), 615 .type = CRYPTO_ALG_TYPE_COMPRESS, 616 .mask = CRYPTO_ALG_TYPE_MASK, 617 }; 618 619 static struct xfrm_algo_desc *xfrm_find_algo( 620 const struct xfrm_algo_list *algo_list, 621 int match(const struct xfrm_algo_desc *entry, const void *data), 622 const void *data, int probe) 623 { 624 struct xfrm_algo_desc *list = algo_list->algs; 625 int i, status; 626 627 for (i = 0; i < algo_list->entries; i++) { 628 if (!match(list + i, data)) 629 continue; 630 631 if (list[i].available) 632 return &list[i]; 633 634 if (!probe) 635 break; 636 637 status = crypto_has_alg(list[i].name, algo_list->type, 638 algo_list->mask); 639 if (!status) 640 break; 641 642 list[i].available = status; 643 return &list[i]; 644 } 645 return NULL; 646 } 647 648 static int xfrm_alg_id_match(const struct xfrm_algo_desc *entry, 649 const void *data) 650 { 651 return entry->desc.sadb_alg_id == (unsigned long)data; 652 } 653 654 struct xfrm_algo_desc *xfrm_aalg_get_byid(int alg_id) 655 { 656 return xfrm_find_algo(&xfrm_aalg_list, xfrm_alg_id_match, 657 (void *)(unsigned long)alg_id, 1); 658 } 659 EXPORT_SYMBOL_GPL(xfrm_aalg_get_byid); 660 661 struct xfrm_algo_desc *xfrm_ealg_get_byid(int alg_id) 662 { 663 return xfrm_find_algo(&xfrm_ealg_list, xfrm_alg_id_match, 664 (void *)(unsigned long)alg_id, 1); 665 } 666 EXPORT_SYMBOL_GPL(xfrm_ealg_get_byid); 667 668 struct xfrm_algo_desc *xfrm_calg_get_byid(int alg_id) 669 { 670 return xfrm_find_algo(&xfrm_calg_list, xfrm_alg_id_match, 671 (void *)(unsigned long)alg_id, 1); 672 } 673 EXPORT_SYMBOL_GPL(xfrm_calg_get_byid); 674 675 static int xfrm_alg_name_match(const struct xfrm_algo_desc *entry, 676 const void *data) 677 { 678 const char *name = data; 679 680 return name && (!strcmp(name, entry->name) || 681 (entry->compat && !strcmp(name, entry->compat))); 682 } 683 684 struct xfrm_algo_desc *xfrm_aalg_get_byname(const char *name, int probe) 685 { 686 return xfrm_find_algo(&xfrm_aalg_list, xfrm_alg_name_match, name, 687 probe); 688 } 689 EXPORT_SYMBOL_GPL(xfrm_aalg_get_byname); 690 691 struct xfrm_algo_desc *xfrm_ealg_get_byname(const char *name, int probe) 692 { 693 return xfrm_find_algo(&xfrm_ealg_list, xfrm_alg_name_match, name, 694 probe); 695 } 696 EXPORT_SYMBOL_GPL(xfrm_ealg_get_byname); 697 698 struct xfrm_algo_desc *xfrm_calg_get_byname(const char *name, int probe) 699 { 700 return xfrm_find_algo(&xfrm_calg_list, xfrm_alg_name_match, name, 701 probe); 702 } 703 EXPORT_SYMBOL_GPL(xfrm_calg_get_byname); 704 705 struct xfrm_aead_name { 706 const char *name; 707 int icvbits; 708 }; 709 710 static int xfrm_aead_name_match(const struct xfrm_algo_desc *entry, 711 const void *data) 712 { 713 const struct xfrm_aead_name *aead = data; 714 const char *name = aead->name; 715 716 return aead->icvbits == entry->uinfo.aead.icv_truncbits && name && 717 !strcmp(name, entry->name); 718 } 719 720 struct xfrm_algo_desc *xfrm_aead_get_byname(const char *name, int icv_len, int probe) 721 { 722 struct xfrm_aead_name data = { 723 .name = name, 724 .icvbits = icv_len, 725 }; 726 727 return xfrm_find_algo(&xfrm_aead_list, xfrm_aead_name_match, &data, 728 probe); 729 } 730 EXPORT_SYMBOL_GPL(xfrm_aead_get_byname); 731 732 struct xfrm_algo_desc *xfrm_aalg_get_byidx(unsigned int idx) 733 { 734 if (idx >= aalg_entries()) 735 return NULL; 736 737 return &aalg_list[idx]; 738 } 739 EXPORT_SYMBOL_GPL(xfrm_aalg_get_byidx); 740 741 struct xfrm_algo_desc *xfrm_ealg_get_byidx(unsigned int idx) 742 { 743 if (idx >= ealg_entries()) 744 return NULL; 745 746 return &ealg_list[idx]; 747 } 748 EXPORT_SYMBOL_GPL(xfrm_ealg_get_byidx); 749 750 /* 751 * Probe for the availability of crypto algorithms, and set the available 752 * flag for any algorithms found on the system. This is typically called by 753 * pfkey during userspace SA add, update or register. 754 */ 755 void xfrm_probe_algs(void) 756 { 757 int i, status; 758 759 BUG_ON(in_softirq()); 760 761 for (i = 0; i < aalg_entries(); i++) { 762 status = crypto_has_hash(aalg_list[i].name, 0, 763 CRYPTO_ALG_ASYNC); 764 if (aalg_list[i].available != status) 765 aalg_list[i].available = status; 766 } 767 768 for (i = 0; i < ealg_entries(); i++) { 769 status = crypto_has_ablkcipher(ealg_list[i].name, 0, 0); 770 if (ealg_list[i].available != status) 771 ealg_list[i].available = status; 772 } 773 774 for (i = 0; i < calg_entries(); i++) { 775 status = crypto_has_comp(calg_list[i].name, 0, 776 CRYPTO_ALG_ASYNC); 777 if (calg_list[i].available != status) 778 calg_list[i].available = status; 779 } 780 } 781 EXPORT_SYMBOL_GPL(xfrm_probe_algs); 782 783 int xfrm_count_pfkey_auth_supported(void) 784 { 785 int i, n; 786 787 for (i = 0, n = 0; i < aalg_entries(); i++) 788 if (aalg_list[i].available && aalg_list[i].pfkey_supported) 789 n++; 790 return n; 791 } 792 EXPORT_SYMBOL_GPL(xfrm_count_pfkey_auth_supported); 793 794 int xfrm_count_pfkey_enc_supported(void) 795 { 796 int i, n; 797 798 for (i = 0, n = 0; i < ealg_entries(); i++) 799 if (ealg_list[i].available && ealg_list[i].pfkey_supported) 800 n++; 801 return n; 802 } 803 EXPORT_SYMBOL_GPL(xfrm_count_pfkey_enc_supported); 804 805 MODULE_LICENSE("GPL"); 806