| 1 | /* SPDX-License-Identifier: GPL-2.0-or-later */ |
|---|
| 2 | /* SCTP kernel implementation |
|---|
| 3 | * (C) Copyright 2007 Hewlett-Packard Development Company, L.P. |
|---|
| 4 | * |
|---|
| 5 | * This file is part of the SCTP kernel implementation |
|---|
| 6 | * |
|---|
| 7 | * Please send any bug reports or fixes you make to the |
|---|
| 8 | * email address(es): |
|---|
| 9 | * lksctp developers <linux-sctp@vger.kernel.org> |
|---|
| 10 | * |
|---|
| 11 | * Written or modified by: |
|---|
| 12 | * Vlad Yasevich <vladislav.yasevich@hp.com> |
|---|
| 13 | */ |
|---|
| 14 | |
|---|
| 15 | #ifndef __sctp_auth_h__ |
|---|
| 16 | #define __sctp_auth_h__ |
|---|
| 17 | |
|---|
| 18 | #include <linux/list.h> |
|---|
| 19 | #include <linux/refcount.h> |
|---|
| 20 | |
|---|
| 21 | struct sctp_endpoint; |
|---|
| 22 | struct sctp_association; |
|---|
| 23 | struct sctp_authkey; |
|---|
| 24 | struct sctp_hmacalgo; |
|---|
| 25 | struct crypto_shash; |
|---|
| 26 | |
|---|
| 27 | /* |
|---|
| 28 | * Define a generic struct that will hold all the info |
|---|
| 29 | * necessary for an HMAC transform |
|---|
| 30 | */ |
|---|
| 31 | struct sctp_hmac { |
|---|
| 32 | __u16 hmac_id; /* one of the above ids */ |
|---|
| 33 | char *hmac_name; /* name for loading */ |
|---|
| 34 | __u16 hmac_len; /* length of the signature */ |
|---|
| 35 | }; |
|---|
| 36 | |
|---|
| 37 | /* This is generic structure that containst authentication bytes used |
|---|
| 38 | * as keying material. It's a what is referred to as byte-vector all |
|---|
| 39 | * over SCTP-AUTH |
|---|
| 40 | */ |
|---|
| 41 | struct sctp_auth_bytes { |
|---|
| 42 | refcount_t refcnt; |
|---|
| 43 | __u32 len; |
|---|
| 44 | __u8 data[]; |
|---|
| 45 | }; |
|---|
| 46 | |
|---|
| 47 | /* Definition for a shared key, weather endpoint or association */ |
|---|
| 48 | struct sctp_shared_key { |
|---|
| 49 | struct list_head key_list; |
|---|
| 50 | struct sctp_auth_bytes *key; |
|---|
| 51 | refcount_t refcnt; |
|---|
| 52 | __u16 key_id; |
|---|
| 53 | __u8 deactivated; |
|---|
| 54 | }; |
|---|
| 55 | |
|---|
| 56 | #define key_for_each(__key, __list_head) \ |
|---|
| 57 | list_for_each_entry(__key, __list_head, key_list) |
|---|
| 58 | |
|---|
| 59 | #define key_for_each_safe(__key, __tmp, __list_head) \ |
|---|
| 60 | list_for_each_entry_safe(__key, __tmp, __list_head, key_list) |
|---|
| 61 | |
|---|
| 62 | static inline void sctp_auth_key_hold(struct sctp_auth_bytes *key) |
|---|
| 63 | { |
|---|
| 64 | if (!key) |
|---|
| 65 | return; |
|---|
| 66 | |
|---|
| 67 | refcount_inc(r: &key->refcnt); |
|---|
| 68 | } |
|---|
| 69 | |
|---|
| 70 | void sctp_auth_key_put(struct sctp_auth_bytes *key); |
|---|
| 71 | struct sctp_shared_key *sctp_auth_shkey_create(__u16 key_id, gfp_t gfp); |
|---|
| 72 | void sctp_auth_destroy_keys(struct list_head *keys); |
|---|
| 73 | int sctp_auth_asoc_init_active_key(struct sctp_association *asoc, gfp_t gfp); |
|---|
| 74 | struct sctp_shared_key *sctp_auth_get_shkey( |
|---|
| 75 | const struct sctp_association *asoc, |
|---|
| 76 | __u16 key_id); |
|---|
| 77 | int sctp_auth_asoc_copy_shkeys(const struct sctp_endpoint *ep, |
|---|
| 78 | struct sctp_association *asoc, |
|---|
| 79 | gfp_t gfp); |
|---|
| 80 | int sctp_auth_init_hmacs(struct sctp_endpoint *ep, gfp_t gfp); |
|---|
| 81 | void sctp_auth_destroy_hmacs(struct crypto_shash *auth_hmacs[]); |
|---|
| 82 | struct sctp_hmac *sctp_auth_get_hmac(__u16 hmac_id); |
|---|
| 83 | struct sctp_hmac *sctp_auth_asoc_get_hmac(const struct sctp_association *asoc); |
|---|
| 84 | void sctp_auth_asoc_set_default_hmac(struct sctp_association *asoc, |
|---|
| 85 | struct sctp_hmac_algo_param *hmacs); |
|---|
| 86 | int sctp_auth_asoc_verify_hmac_id(const struct sctp_association *asoc, |
|---|
| 87 | __be16 hmac_id); |
|---|
| 88 | int sctp_auth_send_cid(enum sctp_cid chunk, |
|---|
| 89 | const struct sctp_association *asoc); |
|---|
| 90 | int sctp_auth_recv_cid(enum sctp_cid chunk, |
|---|
| 91 | const struct sctp_association *asoc); |
|---|
| 92 | void sctp_auth_calculate_hmac(const struct sctp_association *asoc, |
|---|
| 93 | struct sk_buff *skb, struct sctp_auth_chunk *auth, |
|---|
| 94 | struct sctp_shared_key *ep_key, gfp_t gfp); |
|---|
| 95 | void sctp_auth_shkey_release(struct sctp_shared_key *sh_key); |
|---|
| 96 | void sctp_auth_shkey_hold(struct sctp_shared_key *sh_key); |
|---|
| 97 | |
|---|
| 98 | /* API Helpers */ |
|---|
| 99 | int sctp_auth_ep_add_chunkid(struct sctp_endpoint *ep, __u8 chunk_id); |
|---|
| 100 | int sctp_auth_ep_set_hmacs(struct sctp_endpoint *ep, |
|---|
| 101 | struct sctp_hmacalgo *hmacs); |
|---|
| 102 | int sctp_auth_set_key(struct sctp_endpoint *ep, struct sctp_association *asoc, |
|---|
| 103 | struct sctp_authkey *auth_key); |
|---|
| 104 | int sctp_auth_set_active_key(struct sctp_endpoint *ep, |
|---|
| 105 | struct sctp_association *asoc, __u16 key_id); |
|---|
| 106 | int sctp_auth_del_key_id(struct sctp_endpoint *ep, |
|---|
| 107 | struct sctp_association *asoc, __u16 key_id); |
|---|
| 108 | int sctp_auth_deact_key_id(struct sctp_endpoint *ep, |
|---|
| 109 | struct sctp_association *asoc, __u16 key_id); |
|---|
| 110 | int sctp_auth_init(struct sctp_endpoint *ep, gfp_t gfp); |
|---|
| 111 | void sctp_auth_free(struct sctp_endpoint *ep); |
|---|
| 112 | |
|---|
| 113 | #endif |
|---|
| 114 | |
|---|
