1 /* 2 * xfrm algorithm interface 3 * 4 * Copyright (c) 2002 James Morris <jmorris@intercode.com.au> 5 * 6 * This program is free software; you can redistribute it and/or modify it 7 * under the terms of the GNU General Public License as published by the Free 8 * Software Foundation; either version 2 of the License, or (at your option) 9 * any later version. 10 */ 11 12 #include <linux/module.h> 13 #include <linux/kernel.h> 14 #include <linux/pfkeyv2.h> 15 #include <linux/crypto.h> 16 #include <linux/scatterlist.h> 17 #include <net/xfrm.h> 18 #if defined(CONFIG_INET_ESP) || defined(CONFIG_INET_ESP_MODULE) || defined(CONFIG_INET6_ESP) || defined(CONFIG_INET6_ESP_MODULE) 19 #include <net/esp.h> 20 #endif 21 22 /* 23 * Algorithms supported by IPsec. These entries contain properties which 24 * are used in key negotiation and xfrm processing, and are used to verify 25 * that instantiated crypto transforms have correct parameters for IPsec 26 * purposes. 27 */ 28 static struct xfrm_algo_desc aead_list[] = { 29 { 30 .name = "rfc4106(gcm(aes))", 31 32 .uinfo = { 33 .aead = { 34 .icv_truncbits = 64, 35 } 36 }, 37 38 .desc = { 39 .sadb_alg_id = SADB_X_EALG_AES_GCM_ICV8, 40 .sadb_alg_ivlen = 8, 41 .sadb_alg_minbits = 128, 42 .sadb_alg_maxbits = 256 43 } 44 }, 45 { 46 .name = "rfc4106(gcm(aes))", 47 48 .uinfo = { 49 .aead = { 50 .icv_truncbits = 96, 51 } 52 }, 53 54 .desc = { 55 .sadb_alg_id = SADB_X_EALG_AES_GCM_ICV12, 56 .sadb_alg_ivlen = 8, 57 .sadb_alg_minbits = 128, 58 .sadb_alg_maxbits = 256 59 } 60 }, 61 { 62 .name = "rfc4106(gcm(aes))", 63 64 .uinfo = { 65 .aead = { 66 .icv_truncbits = 128, 67 } 68 }, 69 70 .desc = { 71 .sadb_alg_id = SADB_X_EALG_AES_GCM_ICV16, 72 .sadb_alg_ivlen = 8, 73 .sadb_alg_minbits = 128, 74 .sadb_alg_maxbits = 256 75 } 76 }, 77 { 78 .name = "rfc4309(ccm(aes))", 79 80 .uinfo = { 81 .aead = { 82 .icv_truncbits = 64, 83 } 84 }, 85 86 .desc = { 87 .sadb_alg_id = SADB_X_EALG_AES_CCM_ICV8, 88 .sadb_alg_ivlen = 8, 89 .sadb_alg_minbits = 128, 90 .sadb_alg_maxbits = 256 91 } 92 }, 93 { 94 .name = "rfc4309(ccm(aes))", 95 96 .uinfo = { 97 .aead = { 98 .icv_truncbits = 96, 99 } 100 }, 101 102 .desc = { 103 .sadb_alg_id = SADB_X_EALG_AES_CCM_ICV12, 104 .sadb_alg_ivlen = 8, 105 .sadb_alg_minbits = 128, 106 .sadb_alg_maxbits = 256 107 } 108 }, 109 { 110 .name = "rfc4309(ccm(aes))", 111 112 .uinfo = { 113 .aead = { 114 .icv_truncbits = 128, 115 } 116 }, 117 118 .desc = { 119 .sadb_alg_id = SADB_X_EALG_AES_CCM_ICV16, 120 .sadb_alg_ivlen = 8, 121 .sadb_alg_minbits = 128, 122 .sadb_alg_maxbits = 256 123 } 124 }, 125 { 126 .name = "rfc4543(gcm(aes))", 127 128 .uinfo = { 129 .aead = { 130 .icv_truncbits = 128, 131 } 132 }, 133 134 .desc = { 135 .sadb_alg_id = SADB_X_EALG_NULL_AES_GMAC, 136 .sadb_alg_ivlen = 8, 137 .sadb_alg_minbits = 128, 138 .sadb_alg_maxbits = 256 139 } 140 }, 141 }; 142 143 static struct xfrm_algo_desc aalg_list[] = { 144 { 145 .name = "digest_null", 146 147 .uinfo = { 148 .auth = { 149 .icv_truncbits = 0, 150 .icv_fullbits = 0, 151 } 152 }, 153 154 .desc = { 155 .sadb_alg_id = SADB_X_AALG_NULL, 156 .sadb_alg_ivlen = 0, 157 .sadb_alg_minbits = 0, 158 .sadb_alg_maxbits = 0 159 } 160 }, 161 { 162 .name = "hmac(md5)", 163 .compat = "md5", 164 165 .uinfo = { 166 .auth = { 167 .icv_truncbits = 96, 168 .icv_fullbits = 128, 169 } 170 }, 171 172 .desc = { 173 .sadb_alg_id = SADB_AALG_MD5HMAC, 174 .sadb_alg_ivlen = 0, 175 .sadb_alg_minbits = 128, 176 .sadb_alg_maxbits = 128 177 } 178 }, 179 { 180 .name = "hmac(sha1)", 181 .compat = "sha1", 182 183 .uinfo = { 184 .auth = { 185 .icv_truncbits = 96, 186 .icv_fullbits = 160, 187 } 188 }, 189 190 .desc = { 191 .sadb_alg_id = SADB_AALG_SHA1HMAC, 192 .sadb_alg_ivlen = 0, 193 .sadb_alg_minbits = 160, 194 .sadb_alg_maxbits = 160 195 } 196 }, 197 { 198 .name = "hmac(sha256)", 199 .compat = "sha256", 200 201 .uinfo = { 202 .auth = { 203 .icv_truncbits = 96, 204 .icv_fullbits = 256, 205 } 206 }, 207 208 .desc = { 209 .sadb_alg_id = SADB_X_AALG_SHA2_256HMAC, 210 .sadb_alg_ivlen = 0, 211 .sadb_alg_minbits = 256, 212 .sadb_alg_maxbits = 256 213 } 214 }, 215 { 216 .name = "hmac(sha384)", 217 218 .uinfo = { 219 .auth = { 220 .icv_truncbits = 192, 221 .icv_fullbits = 384, 222 } 223 }, 224 225 .desc = { 226 .sadb_alg_id = SADB_X_AALG_SHA2_384HMAC, 227 .sadb_alg_ivlen = 0, 228 .sadb_alg_minbits = 384, 229 .sadb_alg_maxbits = 384 230 } 231 }, 232 { 233 .name = "hmac(sha512)", 234 235 .uinfo = { 236 .auth = { 237 .icv_truncbits = 256, 238 .icv_fullbits = 512, 239 } 240 }, 241 242 .desc = { 243 .sadb_alg_id = SADB_X_AALG_SHA2_512HMAC, 244 .sadb_alg_ivlen = 0, 245 .sadb_alg_minbits = 512, 246 .sadb_alg_maxbits = 512 247 } 248 }, 249 { 250 .name = "hmac(rmd160)", 251 .compat = "rmd160", 252 253 .uinfo = { 254 .auth = { 255 .icv_truncbits = 96, 256 .icv_fullbits = 160, 257 } 258 }, 259 260 .desc = { 261 .sadb_alg_id = SADB_X_AALG_RIPEMD160HMAC, 262 .sadb_alg_ivlen = 0, 263 .sadb_alg_minbits = 160, 264 .sadb_alg_maxbits = 160 265 } 266 }, 267 { 268 .name = "xcbc(aes)", 269 270 .uinfo = { 271 .auth = { 272 .icv_truncbits = 96, 273 .icv_fullbits = 128, 274 } 275 }, 276 277 .desc = { 278 .sadb_alg_id = SADB_X_AALG_AES_XCBC_MAC, 279 .sadb_alg_ivlen = 0, 280 .sadb_alg_minbits = 128, 281 .sadb_alg_maxbits = 128 282 } 283 }, 284 }; 285 286 static struct xfrm_algo_desc ealg_list[] = { 287 { 288 .name = "ecb(cipher_null)", 289 .compat = "cipher_null", 290 291 .uinfo = { 292 .encr = { 293 .blockbits = 8, 294 .defkeybits = 0, 295 } 296 }, 297 298 .desc = { 299 .sadb_alg_id = SADB_EALG_NULL, 300 .sadb_alg_ivlen = 0, 301 .sadb_alg_minbits = 0, 302 .sadb_alg_maxbits = 0 303 } 304 }, 305 { 306 .name = "cbc(des)", 307 .compat = "des", 308 309 .uinfo = { 310 .encr = { 311 .blockbits = 64, 312 .defkeybits = 64, 313 } 314 }, 315 316 .desc = { 317 .sadb_alg_id = SADB_EALG_DESCBC, 318 .sadb_alg_ivlen = 8, 319 .sadb_alg_minbits = 64, 320 .sadb_alg_maxbits = 64 321 } 322 }, 323 { 324 .name = "cbc(des3_ede)", 325 .compat = "des3_ede", 326 327 .uinfo = { 328 .encr = { 329 .blockbits = 64, 330 .defkeybits = 192, 331 } 332 }, 333 334 .desc = { 335 .sadb_alg_id = SADB_EALG_3DESCBC, 336 .sadb_alg_ivlen = 8, 337 .sadb_alg_minbits = 192, 338 .sadb_alg_maxbits = 192 339 } 340 }, 341 { 342 .name = "cbc(cast5)", 343 .compat = "cast5", 344 345 .uinfo = { 346 .encr = { 347 .blockbits = 64, 348 .defkeybits = 128, 349 } 350 }, 351 352 .desc = { 353 .sadb_alg_id = SADB_X_EALG_CASTCBC, 354 .sadb_alg_ivlen = 8, 355 .sadb_alg_minbits = 40, 356 .sadb_alg_maxbits = 128 357 } 358 }, 359 { 360 .name = "cbc(blowfish)", 361 .compat = "blowfish", 362 363 .uinfo = { 364 .encr = { 365 .blockbits = 64, 366 .defkeybits = 128, 367 } 368 }, 369 370 .desc = { 371 .sadb_alg_id = SADB_X_EALG_BLOWFISHCBC, 372 .sadb_alg_ivlen = 8, 373 .sadb_alg_minbits = 40, 374 .sadb_alg_maxbits = 448 375 } 376 }, 377 { 378 .name = "cbc(aes)", 379 .compat = "aes", 380 381 .uinfo = { 382 .encr = { 383 .blockbits = 128, 384 .defkeybits = 128, 385 } 386 }, 387 388 .desc = { 389 .sadb_alg_id = SADB_X_EALG_AESCBC, 390 .sadb_alg_ivlen = 8, 391 .sadb_alg_minbits = 128, 392 .sadb_alg_maxbits = 256 393 } 394 }, 395 { 396 .name = "cbc(serpent)", 397 .compat = "serpent", 398 399 .uinfo = { 400 .encr = { 401 .blockbits = 128, 402 .defkeybits = 128, 403 } 404 }, 405 406 .desc = { 407 .sadb_alg_id = SADB_X_EALG_SERPENTCBC, 408 .sadb_alg_ivlen = 8, 409 .sadb_alg_minbits = 128, 410 .sadb_alg_maxbits = 256, 411 } 412 }, 413 { 414 .name = "cbc(camellia)", 415 .compat = "camellia", 416 417 .uinfo = { 418 .encr = { 419 .blockbits = 128, 420 .defkeybits = 128, 421 } 422 }, 423 424 .desc = { 425 .sadb_alg_id = SADB_X_EALG_CAMELLIACBC, 426 .sadb_alg_ivlen = 8, 427 .sadb_alg_minbits = 128, 428 .sadb_alg_maxbits = 256 429 } 430 }, 431 { 432 .name = "cbc(twofish)", 433 .compat = "twofish", 434 435 .uinfo = { 436 .encr = { 437 .blockbits = 128, 438 .defkeybits = 128, 439 } 440 }, 441 442 .desc = { 443 .sadb_alg_id = SADB_X_EALG_TWOFISHCBC, 444 .sadb_alg_ivlen = 8, 445 .sadb_alg_minbits = 128, 446 .sadb_alg_maxbits = 256 447 } 448 }, 449 { 450 .name = "rfc3686(ctr(aes))", 451 452 .uinfo = { 453 .encr = { 454 .blockbits = 128, 455 .defkeybits = 160, /* 128-bit key + 32-bit nonce */ 456 } 457 }, 458 459 .desc = { 460 .sadb_alg_id = SADB_X_EALG_AESCTR, 461 .sadb_alg_ivlen = 8, 462 .sadb_alg_minbits = 160, 463 .sadb_alg_maxbits = 288 464 } 465 }, 466 }; 467 468 static struct xfrm_algo_desc calg_list[] = { 469 { 470 .name = "deflate", 471 .uinfo = { 472 .comp = { 473 .threshold = 90, 474 } 475 }, 476 .desc = { .sadb_alg_id = SADB_X_CALG_DEFLATE } 477 }, 478 { 479 .name = "lzs", 480 .uinfo = { 481 .comp = { 482 .threshold = 90, 483 } 484 }, 485 .desc = { .sadb_alg_id = SADB_X_CALG_LZS } 486 }, 487 { 488 .name = "lzjh", 489 .uinfo = { 490 .comp = { 491 .threshold = 50, 492 } 493 }, 494 .desc = { .sadb_alg_id = SADB_X_CALG_LZJH } 495 }, 496 }; 497 498 static inline int aead_entries(void) 499 { 500 return ARRAY_SIZE(aead_list); 501 } 502 503 static inline int aalg_entries(void) 504 { 505 return ARRAY_SIZE(aalg_list); 506 } 507 508 static inline int ealg_entries(void) 509 { 510 return ARRAY_SIZE(ealg_list); 511 } 512 513 static inline int calg_entries(void) 514 { 515 return ARRAY_SIZE(calg_list); 516 } 517 518 struct xfrm_algo_list { 519 struct xfrm_algo_desc *algs; 520 int entries; 521 u32 type; 522 u32 mask; 523 }; 524 525 static const struct xfrm_algo_list xfrm_aead_list = { 526 .algs = aead_list, 527 .entries = ARRAY_SIZE(aead_list), 528 .type = CRYPTO_ALG_TYPE_AEAD, 529 .mask = CRYPTO_ALG_TYPE_MASK, 530 }; 531 532 static const struct xfrm_algo_list xfrm_aalg_list = { 533 .algs = aalg_list, 534 .entries = ARRAY_SIZE(aalg_list), 535 .type = CRYPTO_ALG_TYPE_HASH, 536 .mask = CRYPTO_ALG_TYPE_HASH_MASK, 537 }; 538 539 static const struct xfrm_algo_list xfrm_ealg_list = { 540 .algs = ealg_list, 541 .entries = ARRAY_SIZE(ealg_list), 542 .type = CRYPTO_ALG_TYPE_BLKCIPHER, 543 .mask = CRYPTO_ALG_TYPE_BLKCIPHER_MASK, 544 }; 545 546 static const struct xfrm_algo_list xfrm_calg_list = { 547 .algs = calg_list, 548 .entries = ARRAY_SIZE(calg_list), 549 .type = CRYPTO_ALG_TYPE_COMPRESS, 550 .mask = CRYPTO_ALG_TYPE_MASK, 551 }; 552 553 static struct xfrm_algo_desc *xfrm_find_algo( 554 const struct xfrm_algo_list *algo_list, 555 int match(const struct xfrm_algo_desc *entry, const void *data), 556 const void *data, int probe) 557 { 558 struct xfrm_algo_desc *list = algo_list->algs; 559 int i, status; 560 561 for (i = 0; i < algo_list->entries; i++) { 562 if (!match(list + i, data)) 563 continue; 564 565 if (list[i].available) 566 return &list[i]; 567 568 if (!probe) 569 break; 570 571 status = crypto_has_alg(list[i].name, algo_list->type, 572 algo_list->mask); 573 if (!status) 574 break; 575 576 list[i].available = status; 577 return &list[i]; 578 } 579 return NULL; 580 } 581 582 static int xfrm_alg_id_match(const struct xfrm_algo_desc *entry, 583 const void *data) 584 { 585 return entry->desc.sadb_alg_id == (unsigned long)data; 586 } 587 588 struct xfrm_algo_desc *xfrm_aalg_get_byid(int alg_id) 589 { 590 return xfrm_find_algo(&xfrm_aalg_list, xfrm_alg_id_match, 591 (void *)(unsigned long)alg_id, 1); 592 } 593 EXPORT_SYMBOL_GPL(xfrm_aalg_get_byid); 594 595 struct xfrm_algo_desc *xfrm_ealg_get_byid(int alg_id) 596 { 597 return xfrm_find_algo(&xfrm_ealg_list, xfrm_alg_id_match, 598 (void *)(unsigned long)alg_id, 1); 599 } 600 EXPORT_SYMBOL_GPL(xfrm_ealg_get_byid); 601 602 struct xfrm_algo_desc *xfrm_calg_get_byid(int alg_id) 603 { 604 return xfrm_find_algo(&xfrm_calg_list, xfrm_alg_id_match, 605 (void *)(unsigned long)alg_id, 1); 606 } 607 EXPORT_SYMBOL_GPL(xfrm_calg_get_byid); 608 609 static int xfrm_alg_name_match(const struct xfrm_algo_desc *entry, 610 const void *data) 611 { 612 const char *name = data; 613 614 return name && (!strcmp(name, entry->name) || 615 (entry->compat && !strcmp(name, entry->compat))); 616 } 617 618 struct xfrm_algo_desc *xfrm_aalg_get_byname(const char *name, int probe) 619 { 620 return xfrm_find_algo(&xfrm_aalg_list, xfrm_alg_name_match, name, 621 probe); 622 } 623 EXPORT_SYMBOL_GPL(xfrm_aalg_get_byname); 624 625 struct xfrm_algo_desc *xfrm_ealg_get_byname(const char *name, int probe) 626 { 627 return xfrm_find_algo(&xfrm_ealg_list, xfrm_alg_name_match, name, 628 probe); 629 } 630 EXPORT_SYMBOL_GPL(xfrm_ealg_get_byname); 631 632 struct xfrm_algo_desc *xfrm_calg_get_byname(const char *name, int probe) 633 { 634 return xfrm_find_algo(&xfrm_calg_list, xfrm_alg_name_match, name, 635 probe); 636 } 637 EXPORT_SYMBOL_GPL(xfrm_calg_get_byname); 638 639 struct xfrm_aead_name { 640 const char *name; 641 int icvbits; 642 }; 643 644 static int xfrm_aead_name_match(const struct xfrm_algo_desc *entry, 645 const void *data) 646 { 647 const struct xfrm_aead_name *aead = data; 648 const char *name = aead->name; 649 650 return aead->icvbits == entry->uinfo.aead.icv_truncbits && name && 651 !strcmp(name, entry->name); 652 } 653 654 struct xfrm_algo_desc *xfrm_aead_get_byname(const char *name, int icv_len, int probe) 655 { 656 struct xfrm_aead_name data = { 657 .name = name, 658 .icvbits = icv_len, 659 }; 660 661 return xfrm_find_algo(&xfrm_aead_list, xfrm_aead_name_match, &data, 662 probe); 663 } 664 EXPORT_SYMBOL_GPL(xfrm_aead_get_byname); 665 666 struct xfrm_algo_desc *xfrm_aalg_get_byidx(unsigned int idx) 667 { 668 if (idx >= aalg_entries()) 669 return NULL; 670 671 return &aalg_list[idx]; 672 } 673 EXPORT_SYMBOL_GPL(xfrm_aalg_get_byidx); 674 675 struct xfrm_algo_desc *xfrm_ealg_get_byidx(unsigned int idx) 676 { 677 if (idx >= ealg_entries()) 678 return NULL; 679 680 return &ealg_list[idx]; 681 } 682 EXPORT_SYMBOL_GPL(xfrm_ealg_get_byidx); 683 684 /* 685 * Probe for the availability of crypto algorithms, and set the available 686 * flag for any algorithms found on the system. This is typically called by 687 * pfkey during userspace SA add, update or register. 688 */ 689 void xfrm_probe_algs(void) 690 { 691 int i, status; 692 693 BUG_ON(in_softirq()); 694 695 for (i = 0; i < aalg_entries(); i++) { 696 status = crypto_has_hash(aalg_list[i].name, 0, 697 CRYPTO_ALG_ASYNC); 698 if (aalg_list[i].available != status) 699 aalg_list[i].available = status; 700 } 701 702 for (i = 0; i < ealg_entries(); i++) { 703 status = crypto_has_blkcipher(ealg_list[i].name, 0, 704 CRYPTO_ALG_ASYNC); 705 if (ealg_list[i].available != status) 706 ealg_list[i].available = status; 707 } 708 709 for (i = 0; i < calg_entries(); i++) { 710 status = crypto_has_comp(calg_list[i].name, 0, 711 CRYPTO_ALG_ASYNC); 712 if (calg_list[i].available != status) 713 calg_list[i].available = status; 714 } 715 } 716 EXPORT_SYMBOL_GPL(xfrm_probe_algs); 717 718 int xfrm_count_auth_supported(void) 719 { 720 int i, n; 721 722 for (i = 0, n = 0; i < aalg_entries(); i++) 723 if (aalg_list[i].available) 724 n++; 725 return n; 726 } 727 EXPORT_SYMBOL_GPL(xfrm_count_auth_supported); 728 729 int xfrm_count_enc_supported(void) 730 { 731 int i, n; 732 733 for (i = 0, n = 0; i < ealg_entries(); i++) 734 if (ealg_list[i].available) 735 n++; 736 return n; 737 } 738 EXPORT_SYMBOL_GPL(xfrm_count_enc_supported); 739 740 #if defined(CONFIG_INET_ESP) || defined(CONFIG_INET_ESP_MODULE) || defined(CONFIG_INET6_ESP) || defined(CONFIG_INET6_ESP_MODULE) 741 742 void *pskb_put(struct sk_buff *skb, struct sk_buff *tail, int len) 743 { 744 if (tail != skb) { 745 skb->data_len += len; 746 skb->len += len; 747 } 748 return skb_put(tail, len); 749 } 750 EXPORT_SYMBOL_GPL(pskb_put); 751 #endif 752 753 MODULE_LICENSE("GPL"); 754