1 | /* SPDX-License-Identifier: GPL-2.0-or-later */ |
2 | /* SCTP kernel implementation |
3 | * (C) Copyright 2007 Hewlett-Packard Development Company, L.P. |
4 | * |
5 | * This file is part of the SCTP kernel implementation |
6 | * |
7 | * Please send any bug reports or fixes you make to the |
8 | * email address(es): |
9 | * lksctp developers <linux-sctp@vger.kernel.org> |
10 | * |
11 | * Written or modified by: |
12 | * Vlad Yasevich <vladislav.yasevich@hp.com> |
13 | */ |
14 | |
15 | #ifndef __sctp_auth_h__ |
16 | #define __sctp_auth_h__ |
17 | |
18 | #include <linux/list.h> |
19 | #include <linux/refcount.h> |
20 | |
21 | struct sctp_endpoint; |
22 | struct sctp_association; |
23 | struct sctp_authkey; |
24 | struct sctp_hmacalgo; |
25 | struct crypto_shash; |
26 | |
27 | /* |
28 | * Define a generic struct that will hold all the info |
29 | * necessary for an HMAC transform |
30 | */ |
31 | struct sctp_hmac { |
32 | __u16 hmac_id; /* one of the above ids */ |
33 | char *hmac_name; /* name for loading */ |
34 | __u16 hmac_len; /* length of the signature */ |
35 | }; |
36 | |
37 | /* This is generic structure that containst authentication bytes used |
38 | * as keying material. It's a what is referred to as byte-vector all |
39 | * over SCTP-AUTH |
40 | */ |
41 | struct sctp_auth_bytes { |
42 | refcount_t refcnt; |
43 | __u32 len; |
44 | __u8 data[]; |
45 | }; |
46 | |
47 | /* Definition for a shared key, weather endpoint or association */ |
48 | struct sctp_shared_key { |
49 | struct list_head key_list; |
50 | struct sctp_auth_bytes *key; |
51 | refcount_t refcnt; |
52 | __u16 key_id; |
53 | __u8 deactivated; |
54 | }; |
55 | |
56 | #define key_for_each(__key, __list_head) \ |
57 | list_for_each_entry(__key, __list_head, key_list) |
58 | |
59 | #define key_for_each_safe(__key, __tmp, __list_head) \ |
60 | list_for_each_entry_safe(__key, __tmp, __list_head, key_list) |
61 | |
62 | static inline void sctp_auth_key_hold(struct sctp_auth_bytes *key) |
63 | { |
64 | if (!key) |
65 | return; |
66 | |
67 | refcount_inc(r: &key->refcnt); |
68 | } |
69 | |
70 | void sctp_auth_key_put(struct sctp_auth_bytes *key); |
71 | struct sctp_shared_key *sctp_auth_shkey_create(__u16 key_id, gfp_t gfp); |
72 | void sctp_auth_destroy_keys(struct list_head *keys); |
73 | int sctp_auth_asoc_init_active_key(struct sctp_association *asoc, gfp_t gfp); |
74 | struct sctp_shared_key *sctp_auth_get_shkey( |
75 | const struct sctp_association *asoc, |
76 | __u16 key_id); |
77 | int sctp_auth_asoc_copy_shkeys(const struct sctp_endpoint *ep, |
78 | struct sctp_association *asoc, |
79 | gfp_t gfp); |
80 | int sctp_auth_init_hmacs(struct sctp_endpoint *ep, gfp_t gfp); |
81 | void sctp_auth_destroy_hmacs(struct crypto_shash *auth_hmacs[]); |
82 | struct sctp_hmac *sctp_auth_get_hmac(__u16 hmac_id); |
83 | struct sctp_hmac *sctp_auth_asoc_get_hmac(const struct sctp_association *asoc); |
84 | void sctp_auth_asoc_set_default_hmac(struct sctp_association *asoc, |
85 | struct sctp_hmac_algo_param *hmacs); |
86 | int sctp_auth_asoc_verify_hmac_id(const struct sctp_association *asoc, |
87 | __be16 hmac_id); |
88 | int sctp_auth_send_cid(enum sctp_cid chunk, |
89 | const struct sctp_association *asoc); |
90 | int sctp_auth_recv_cid(enum sctp_cid chunk, |
91 | const struct sctp_association *asoc); |
92 | void sctp_auth_calculate_hmac(const struct sctp_association *asoc, |
93 | struct sk_buff *skb, struct sctp_auth_chunk *auth, |
94 | struct sctp_shared_key *ep_key, gfp_t gfp); |
95 | void sctp_auth_shkey_release(struct sctp_shared_key *sh_key); |
96 | void sctp_auth_shkey_hold(struct sctp_shared_key *sh_key); |
97 | |
98 | /* API Helpers */ |
99 | int sctp_auth_ep_add_chunkid(struct sctp_endpoint *ep, __u8 chunk_id); |
100 | int sctp_auth_ep_set_hmacs(struct sctp_endpoint *ep, |
101 | struct sctp_hmacalgo *hmacs); |
102 | int sctp_auth_set_key(struct sctp_endpoint *ep, struct sctp_association *asoc, |
103 | struct sctp_authkey *auth_key); |
104 | int sctp_auth_set_active_key(struct sctp_endpoint *ep, |
105 | struct sctp_association *asoc, __u16 key_id); |
106 | int sctp_auth_del_key_id(struct sctp_endpoint *ep, |
107 | struct sctp_association *asoc, __u16 key_id); |
108 | int sctp_auth_deact_key_id(struct sctp_endpoint *ep, |
109 | struct sctp_association *asoc, __u16 key_id); |
110 | int sctp_auth_init(struct sctp_endpoint *ep, gfp_t gfp); |
111 | void sctp_auth_free(struct sctp_endpoint *ep); |
112 | |
113 | #endif |
114 | |