1 /* 2 * xfrm algorithm interface 3 * 4 * Copyright (c) 2002 James Morris <jmorris@intercode.com.au> 5 * 6 * This program is free software; you can redistribute it and/or modify it 7 * under the terms of the GNU General Public License as published by the Free 8 * Software Foundation; either version 2 of the License, or (at your option) 9 * any later version. 10 */ 11 12 #include <linux/module.h> 13 #include <linux/kernel.h> 14 #include <linux/pfkeyv2.h> 15 #include <linux/crypto.h> 16 #include <linux/scatterlist.h> 17 #include <net/xfrm.h> 18 #if defined(CONFIG_INET_AH) || defined(CONFIG_INET_AH_MODULE) || defined(CONFIG_INET6_AH) || defined(CONFIG_INET6_AH_MODULE) 19 #include <net/ah.h> 20 #endif 21 #if defined(CONFIG_INET_ESP) || defined(CONFIG_INET_ESP_MODULE) || defined(CONFIG_INET6_ESP) || defined(CONFIG_INET6_ESP_MODULE) 22 #include <net/esp.h> 23 #endif 24 25 /* 26 * Algorithms supported by IPsec. These entries contain properties which 27 * are used in key negotiation and xfrm processing, and are used to verify 28 * that instantiated crypto transforms have correct parameters for IPsec 29 * purposes. 30 */ 31 static struct xfrm_algo_desc aead_list[] = { 32 { 33 .name = "rfc4106(gcm(aes))", 34 35 .uinfo = { 36 .aead = { 37 .icv_truncbits = 64, 38 } 39 }, 40 41 .desc = { 42 .sadb_alg_id = SADB_X_EALG_AES_GCM_ICV8, 43 .sadb_alg_ivlen = 8, 44 .sadb_alg_minbits = 128, 45 .sadb_alg_maxbits = 256 46 } 47 }, 48 { 49 .name = "rfc4106(gcm(aes))", 50 51 .uinfo = { 52 .aead = { 53 .icv_truncbits = 96, 54 } 55 }, 56 57 .desc = { 58 .sadb_alg_id = SADB_X_EALG_AES_GCM_ICV12, 59 .sadb_alg_ivlen = 8, 60 .sadb_alg_minbits = 128, 61 .sadb_alg_maxbits = 256 62 } 63 }, 64 { 65 .name = "rfc4106(gcm(aes))", 66 67 .uinfo = { 68 .aead = { 69 .icv_truncbits = 128, 70 } 71 }, 72 73 .desc = { 74 .sadb_alg_id = SADB_X_EALG_AES_GCM_ICV16, 75 .sadb_alg_ivlen = 8, 76 .sadb_alg_minbits = 128, 77 .sadb_alg_maxbits = 256 78 } 79 }, 80 { 81 .name = "rfc4309(ccm(aes))", 82 83 .uinfo = { 84 .aead = { 85 .icv_truncbits = 64, 86 } 87 }, 88 89 .desc = { 90 .sadb_alg_id = SADB_X_EALG_AES_CCM_ICV8, 91 .sadb_alg_ivlen = 8, 92 .sadb_alg_minbits = 128, 93 .sadb_alg_maxbits = 256 94 } 95 }, 96 { 97 .name = "rfc4309(ccm(aes))", 98 99 .uinfo = { 100 .aead = { 101 .icv_truncbits = 96, 102 } 103 }, 104 105 .desc = { 106 .sadb_alg_id = SADB_X_EALG_AES_CCM_ICV12, 107 .sadb_alg_ivlen = 8, 108 .sadb_alg_minbits = 128, 109 .sadb_alg_maxbits = 256 110 } 111 }, 112 { 113 .name = "rfc4309(ccm(aes))", 114 115 .uinfo = { 116 .aead = { 117 .icv_truncbits = 128, 118 } 119 }, 120 121 .desc = { 122 .sadb_alg_id = SADB_X_EALG_AES_CCM_ICV16, 123 .sadb_alg_ivlen = 8, 124 .sadb_alg_minbits = 128, 125 .sadb_alg_maxbits = 256 126 } 127 }, 128 }; 129 130 static struct xfrm_algo_desc aalg_list[] = { 131 { 132 .name = "hmac(digest_null)", 133 .compat = "digest_null", 134 135 .uinfo = { 136 .auth = { 137 .icv_truncbits = 0, 138 .icv_fullbits = 0, 139 } 140 }, 141 142 .desc = { 143 .sadb_alg_id = SADB_X_AALG_NULL, 144 .sadb_alg_ivlen = 0, 145 .sadb_alg_minbits = 0, 146 .sadb_alg_maxbits = 0 147 } 148 }, 149 { 150 .name = "hmac(md5)", 151 .compat = "md5", 152 153 .uinfo = { 154 .auth = { 155 .icv_truncbits = 96, 156 .icv_fullbits = 128, 157 } 158 }, 159 160 .desc = { 161 .sadb_alg_id = SADB_AALG_MD5HMAC, 162 .sadb_alg_ivlen = 0, 163 .sadb_alg_minbits = 128, 164 .sadb_alg_maxbits = 128 165 } 166 }, 167 { 168 .name = "hmac(sha1)", 169 .compat = "sha1", 170 171 .uinfo = { 172 .auth = { 173 .icv_truncbits = 96, 174 .icv_fullbits = 160, 175 } 176 }, 177 178 .desc = { 179 .sadb_alg_id = SADB_AALG_SHA1HMAC, 180 .sadb_alg_ivlen = 0, 181 .sadb_alg_minbits = 160, 182 .sadb_alg_maxbits = 160 183 } 184 }, 185 { 186 .name = "hmac(sha256)", 187 .compat = "sha256", 188 189 .uinfo = { 190 .auth = { 191 .icv_truncbits = 96, 192 .icv_fullbits = 256, 193 } 194 }, 195 196 .desc = { 197 .sadb_alg_id = SADB_X_AALG_SHA2_256HMAC, 198 .sadb_alg_ivlen = 0, 199 .sadb_alg_minbits = 256, 200 .sadb_alg_maxbits = 256 201 } 202 }, 203 { 204 .name = "hmac(ripemd160)", 205 .compat = "ripemd160", 206 207 .uinfo = { 208 .auth = { 209 .icv_truncbits = 96, 210 .icv_fullbits = 160, 211 } 212 }, 213 214 .desc = { 215 .sadb_alg_id = SADB_X_AALG_RIPEMD160HMAC, 216 .sadb_alg_ivlen = 0, 217 .sadb_alg_minbits = 160, 218 .sadb_alg_maxbits = 160 219 } 220 }, 221 { 222 .name = "xcbc(aes)", 223 224 .uinfo = { 225 .auth = { 226 .icv_truncbits = 96, 227 .icv_fullbits = 128, 228 } 229 }, 230 231 .desc = { 232 .sadb_alg_id = SADB_X_AALG_AES_XCBC_MAC, 233 .sadb_alg_ivlen = 0, 234 .sadb_alg_minbits = 128, 235 .sadb_alg_maxbits = 128 236 } 237 }, 238 }; 239 240 static struct xfrm_algo_desc ealg_list[] = { 241 { 242 .name = "ecb(cipher_null)", 243 .compat = "cipher_null", 244 245 .uinfo = { 246 .encr = { 247 .blockbits = 8, 248 .defkeybits = 0, 249 } 250 }, 251 252 .desc = { 253 .sadb_alg_id = SADB_EALG_NULL, 254 .sadb_alg_ivlen = 0, 255 .sadb_alg_minbits = 0, 256 .sadb_alg_maxbits = 0 257 } 258 }, 259 { 260 .name = "cbc(des)", 261 .compat = "des", 262 263 .uinfo = { 264 .encr = { 265 .blockbits = 64, 266 .defkeybits = 64, 267 } 268 }, 269 270 .desc = { 271 .sadb_alg_id = SADB_EALG_DESCBC, 272 .sadb_alg_ivlen = 8, 273 .sadb_alg_minbits = 64, 274 .sadb_alg_maxbits = 64 275 } 276 }, 277 { 278 .name = "cbc(des3_ede)", 279 .compat = "des3_ede", 280 281 .uinfo = { 282 .encr = { 283 .blockbits = 64, 284 .defkeybits = 192, 285 } 286 }, 287 288 .desc = { 289 .sadb_alg_id = SADB_EALG_3DESCBC, 290 .sadb_alg_ivlen = 8, 291 .sadb_alg_minbits = 192, 292 .sadb_alg_maxbits = 192 293 } 294 }, 295 { 296 .name = "cbc(cast128)", 297 .compat = "cast128", 298 299 .uinfo = { 300 .encr = { 301 .blockbits = 64, 302 .defkeybits = 128, 303 } 304 }, 305 306 .desc = { 307 .sadb_alg_id = SADB_X_EALG_CASTCBC, 308 .sadb_alg_ivlen = 8, 309 .sadb_alg_minbits = 40, 310 .sadb_alg_maxbits = 128 311 } 312 }, 313 { 314 .name = "cbc(blowfish)", 315 .compat = "blowfish", 316 317 .uinfo = { 318 .encr = { 319 .blockbits = 64, 320 .defkeybits = 128, 321 } 322 }, 323 324 .desc = { 325 .sadb_alg_id = SADB_X_EALG_BLOWFISHCBC, 326 .sadb_alg_ivlen = 8, 327 .sadb_alg_minbits = 40, 328 .sadb_alg_maxbits = 448 329 } 330 }, 331 { 332 .name = "cbc(aes)", 333 .compat = "aes", 334 335 .uinfo = { 336 .encr = { 337 .blockbits = 128, 338 .defkeybits = 128, 339 } 340 }, 341 342 .desc = { 343 .sadb_alg_id = SADB_X_EALG_AESCBC, 344 .sadb_alg_ivlen = 8, 345 .sadb_alg_minbits = 128, 346 .sadb_alg_maxbits = 256 347 } 348 }, 349 { 350 .name = "cbc(serpent)", 351 .compat = "serpent", 352 353 .uinfo = { 354 .encr = { 355 .blockbits = 128, 356 .defkeybits = 128, 357 } 358 }, 359 360 .desc = { 361 .sadb_alg_id = SADB_X_EALG_SERPENTCBC, 362 .sadb_alg_ivlen = 8, 363 .sadb_alg_minbits = 128, 364 .sadb_alg_maxbits = 256, 365 } 366 }, 367 { 368 .name = "cbc(camellia)", 369 370 .uinfo = { 371 .encr = { 372 .blockbits = 128, 373 .defkeybits = 128, 374 } 375 }, 376 377 .desc = { 378 .sadb_alg_id = SADB_X_EALG_CAMELLIACBC, 379 .sadb_alg_ivlen = 8, 380 .sadb_alg_minbits = 128, 381 .sadb_alg_maxbits = 256 382 } 383 }, 384 { 385 .name = "cbc(twofish)", 386 .compat = "twofish", 387 388 .uinfo = { 389 .encr = { 390 .blockbits = 128, 391 .defkeybits = 128, 392 } 393 }, 394 395 .desc = { 396 .sadb_alg_id = SADB_X_EALG_TWOFISHCBC, 397 .sadb_alg_ivlen = 8, 398 .sadb_alg_minbits = 128, 399 .sadb_alg_maxbits = 256 400 } 401 }, 402 { 403 .name = "rfc3686(ctr(aes))", 404 405 .uinfo = { 406 .encr = { 407 .blockbits = 128, 408 .defkeybits = 160, /* 128-bit key + 32-bit nonce */ 409 } 410 }, 411 412 .desc = { 413 .sadb_alg_id = SADB_X_EALG_AESCTR, 414 .sadb_alg_ivlen = 8, 415 .sadb_alg_minbits = 128, 416 .sadb_alg_maxbits = 256 417 } 418 }, 419 }; 420 421 static struct xfrm_algo_desc calg_list[] = { 422 { 423 .name = "deflate", 424 .uinfo = { 425 .comp = { 426 .threshold = 90, 427 } 428 }, 429 .desc = { .sadb_alg_id = SADB_X_CALG_DEFLATE } 430 }, 431 { 432 .name = "lzs", 433 .uinfo = { 434 .comp = { 435 .threshold = 90, 436 } 437 }, 438 .desc = { .sadb_alg_id = SADB_X_CALG_LZS } 439 }, 440 { 441 .name = "lzjh", 442 .uinfo = { 443 .comp = { 444 .threshold = 50, 445 } 446 }, 447 .desc = { .sadb_alg_id = SADB_X_CALG_LZJH } 448 }, 449 }; 450 451 static inline int aead_entries(void) 452 { 453 return ARRAY_SIZE(aead_list); 454 } 455 456 static inline int aalg_entries(void) 457 { 458 return ARRAY_SIZE(aalg_list); 459 } 460 461 static inline int ealg_entries(void) 462 { 463 return ARRAY_SIZE(ealg_list); 464 } 465 466 static inline int calg_entries(void) 467 { 468 return ARRAY_SIZE(calg_list); 469 } 470 471 struct xfrm_algo_list { 472 struct xfrm_algo_desc *algs; 473 int entries; 474 u32 type; 475 u32 mask; 476 }; 477 478 static const struct xfrm_algo_list xfrm_aead_list = { 479 .algs = aead_list, 480 .entries = ARRAY_SIZE(aead_list), 481 .type = CRYPTO_ALG_TYPE_AEAD, 482 .mask = CRYPTO_ALG_TYPE_MASK, 483 }; 484 485 static const struct xfrm_algo_list xfrm_aalg_list = { 486 .algs = aalg_list, 487 .entries = ARRAY_SIZE(aalg_list), 488 .type = CRYPTO_ALG_TYPE_HASH, 489 .mask = CRYPTO_ALG_TYPE_HASH_MASK, 490 }; 491 492 static const struct xfrm_algo_list xfrm_ealg_list = { 493 .algs = ealg_list, 494 .entries = ARRAY_SIZE(ealg_list), 495 .type = CRYPTO_ALG_TYPE_BLKCIPHER, 496 .mask = CRYPTO_ALG_TYPE_BLKCIPHER_MASK, 497 }; 498 499 static const struct xfrm_algo_list xfrm_calg_list = { 500 .algs = calg_list, 501 .entries = ARRAY_SIZE(calg_list), 502 .type = CRYPTO_ALG_TYPE_COMPRESS, 503 .mask = CRYPTO_ALG_TYPE_MASK, 504 }; 505 506 static struct xfrm_algo_desc *xfrm_find_algo( 507 const struct xfrm_algo_list *algo_list, 508 int match(const struct xfrm_algo_desc *entry, const void *data), 509 const void *data, int probe) 510 { 511 struct xfrm_algo_desc *list = algo_list->algs; 512 int i, status; 513 514 for (i = 0; i < algo_list->entries; i++) { 515 if (!match(list + i, data)) 516 continue; 517 518 if (list[i].available) 519 return &list[i]; 520 521 if (!probe) 522 break; 523 524 status = crypto_has_alg(list[i].name, algo_list->type, 525 algo_list->mask); 526 if (!status) 527 break; 528 529 list[i].available = status; 530 return &list[i]; 531 } 532 return NULL; 533 } 534 535 static int xfrm_alg_id_match(const struct xfrm_algo_desc *entry, 536 const void *data) 537 { 538 return entry->desc.sadb_alg_id == (unsigned long)data; 539 } 540 541 struct xfrm_algo_desc *xfrm_aalg_get_byid(int alg_id) 542 { 543 return xfrm_find_algo(&xfrm_aalg_list, xfrm_alg_id_match, 544 (void *)(unsigned long)alg_id, 1); 545 } 546 EXPORT_SYMBOL_GPL(xfrm_aalg_get_byid); 547 548 struct xfrm_algo_desc *xfrm_ealg_get_byid(int alg_id) 549 { 550 return xfrm_find_algo(&xfrm_ealg_list, xfrm_alg_id_match, 551 (void *)(unsigned long)alg_id, 1); 552 } 553 EXPORT_SYMBOL_GPL(xfrm_ealg_get_byid); 554 555 struct xfrm_algo_desc *xfrm_calg_get_byid(int alg_id) 556 { 557 return xfrm_find_algo(&xfrm_calg_list, xfrm_alg_id_match, 558 (void *)(unsigned long)alg_id, 1); 559 } 560 EXPORT_SYMBOL_GPL(xfrm_calg_get_byid); 561 562 static int xfrm_alg_name_match(const struct xfrm_algo_desc *entry, 563 const void *data) 564 { 565 const char *name = data; 566 567 return name && (!strcmp(name, entry->name) || 568 (entry->compat && !strcmp(name, entry->compat))); 569 } 570 571 struct xfrm_algo_desc *xfrm_aalg_get_byname(char *name, int probe) 572 { 573 return xfrm_find_algo(&xfrm_aalg_list, xfrm_alg_name_match, name, 574 probe); 575 } 576 EXPORT_SYMBOL_GPL(xfrm_aalg_get_byname); 577 578 struct xfrm_algo_desc *xfrm_ealg_get_byname(char *name, int probe) 579 { 580 return xfrm_find_algo(&xfrm_ealg_list, xfrm_alg_name_match, name, 581 probe); 582 } 583 EXPORT_SYMBOL_GPL(xfrm_ealg_get_byname); 584 585 struct xfrm_algo_desc *xfrm_calg_get_byname(char *name, int probe) 586 { 587 return xfrm_find_algo(&xfrm_calg_list, xfrm_alg_name_match, name, 588 probe); 589 } 590 EXPORT_SYMBOL_GPL(xfrm_calg_get_byname); 591 592 struct xfrm_aead_name { 593 const char *name; 594 int icvbits; 595 }; 596 597 static int xfrm_aead_name_match(const struct xfrm_algo_desc *entry, 598 const void *data) 599 { 600 const struct xfrm_aead_name *aead = data; 601 const char *name = aead->name; 602 603 return aead->icvbits == entry->uinfo.aead.icv_truncbits && name && 604 !strcmp(name, entry->name); 605 } 606 607 struct xfrm_algo_desc *xfrm_aead_get_byname(char *name, int icv_len, int probe) 608 { 609 struct xfrm_aead_name data = { 610 .name = name, 611 .icvbits = icv_len, 612 }; 613 614 return xfrm_find_algo(&xfrm_aead_list, xfrm_aead_name_match, &data, 615 probe); 616 } 617 EXPORT_SYMBOL_GPL(xfrm_aead_get_byname); 618 619 struct xfrm_algo_desc *xfrm_aalg_get_byidx(unsigned int idx) 620 { 621 if (idx >= aalg_entries()) 622 return NULL; 623 624 return &aalg_list[idx]; 625 } 626 EXPORT_SYMBOL_GPL(xfrm_aalg_get_byidx); 627 628 struct xfrm_algo_desc *xfrm_ealg_get_byidx(unsigned int idx) 629 { 630 if (idx >= ealg_entries()) 631 return NULL; 632 633 return &ealg_list[idx]; 634 } 635 EXPORT_SYMBOL_GPL(xfrm_ealg_get_byidx); 636 637 /* 638 * Probe for the availability of crypto algorithms, and set the available 639 * flag for any algorithms found on the system. This is typically called by 640 * pfkey during userspace SA add, update or register. 641 */ 642 void xfrm_probe_algs(void) 643 { 644 int i, status; 645 646 BUG_ON(in_softirq()); 647 648 for (i = 0; i < aalg_entries(); i++) { 649 status = crypto_has_hash(aalg_list[i].name, 0, 650 CRYPTO_ALG_ASYNC); 651 if (aalg_list[i].available != status) 652 aalg_list[i].available = status; 653 } 654 655 for (i = 0; i < ealg_entries(); i++) { 656 status = crypto_has_blkcipher(ealg_list[i].name, 0, 657 CRYPTO_ALG_ASYNC); 658 if (ealg_list[i].available != status) 659 ealg_list[i].available = status; 660 } 661 662 for (i = 0; i < calg_entries(); i++) { 663 status = crypto_has_comp(calg_list[i].name, 0, 664 CRYPTO_ALG_ASYNC); 665 if (calg_list[i].available != status) 666 calg_list[i].available = status; 667 } 668 } 669 EXPORT_SYMBOL_GPL(xfrm_probe_algs); 670 671 int xfrm_count_auth_supported(void) 672 { 673 int i, n; 674 675 for (i = 0, n = 0; i < aalg_entries(); i++) 676 if (aalg_list[i].available) 677 n++; 678 return n; 679 } 680 EXPORT_SYMBOL_GPL(xfrm_count_auth_supported); 681 682 int xfrm_count_enc_supported(void) 683 { 684 int i, n; 685 686 for (i = 0, n = 0; i < ealg_entries(); i++) 687 if (ealg_list[i].available) 688 n++; 689 return n; 690 } 691 EXPORT_SYMBOL_GPL(xfrm_count_enc_supported); 692 693 /* Move to common area: it is shared with AH. */ 694 695 int skb_icv_walk(const struct sk_buff *skb, struct hash_desc *desc, 696 int offset, int len, icv_update_fn_t icv_update) 697 { 698 int start = skb_headlen(skb); 699 int i, copy = start - offset; 700 int err; 701 struct scatterlist sg; 702 703 /* Checksum header. */ 704 if (copy > 0) { 705 if (copy > len) 706 copy = len; 707 708 sg_init_one(&sg, skb->data + offset, copy); 709 710 err = icv_update(desc, &sg, copy); 711 if (unlikely(err)) 712 return err; 713 714 if ((len -= copy) == 0) 715 return 0; 716 offset += copy; 717 } 718 719 for (i = 0; i < skb_shinfo(skb)->nr_frags; i++) { 720 int end; 721 722 BUG_TRAP(start <= offset + len); 723 724 end = start + skb_shinfo(skb)->frags[i].size; 725 if ((copy = end - offset) > 0) { 726 skb_frag_t *frag = &skb_shinfo(skb)->frags[i]; 727 728 if (copy > len) 729 copy = len; 730 731 sg_init_table(&sg, 1); 732 sg_set_page(&sg, frag->page, copy, 733 frag->page_offset + offset-start); 734 735 err = icv_update(desc, &sg, copy); 736 if (unlikely(err)) 737 return err; 738 739 if (!(len -= copy)) 740 return 0; 741 offset += copy; 742 } 743 start = end; 744 } 745 746 if (skb_shinfo(skb)->frag_list) { 747 struct sk_buff *list = skb_shinfo(skb)->frag_list; 748 749 for (; list; list = list->next) { 750 int end; 751 752 BUG_TRAP(start <= offset + len); 753 754 end = start + list->len; 755 if ((copy = end - offset) > 0) { 756 if (copy > len) 757 copy = len; 758 err = skb_icv_walk(list, desc, offset-start, 759 copy, icv_update); 760 if (unlikely(err)) 761 return err; 762 if ((len -= copy) == 0) 763 return 0; 764 offset += copy; 765 } 766 start = end; 767 } 768 } 769 BUG_ON(len); 770 return 0; 771 } 772 EXPORT_SYMBOL_GPL(skb_icv_walk); 773 774 #if defined(CONFIG_INET_ESP) || defined(CONFIG_INET_ESP_MODULE) || defined(CONFIG_INET6_ESP) || defined(CONFIG_INET6_ESP_MODULE) 775 776 void *pskb_put(struct sk_buff *skb, struct sk_buff *tail, int len) 777 { 778 if (tail != skb) { 779 skb->data_len += len; 780 skb->len += len; 781 } 782 return skb_put(tail, len); 783 } 784 EXPORT_SYMBOL_GPL(pskb_put); 785 #endif 786