xfrm_algo.c revision 7e1525249814acfd293d579abcb6462767643a8a 
1/*
2 * xfrm algorithm interface
3 *
4 * Copyright (c) 2002 James Morris <jmorris@intercode.com.au>
5 *
6 * This program is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the Free
8 * Software Foundation; either version 2 of the License, or (at your option)
9 * any later version.
10 */
11
12#include <linux/module.h>
13#include <linux/kernel.h>
14#include <linux/pfkeyv2.h>
15#include <linux/crypto.h>
16#include <linux/scatterlist.h>
17#include <net/xfrm.h>
18#if defined(CONFIG_INET_AH) || defined(CONFIG_INET_AH_MODULE) || defined(CONFIG_INET6_AH) || defined(CONFIG_INET6_AH_MODULE)
19#include <net/ah.h>
20#endif
21#if defined(CONFIG_INET_ESP) || defined(CONFIG_INET_ESP_MODULE) || defined(CONFIG_INET6_ESP) || defined(CONFIG_INET6_ESP_MODULE)
22#include <net/esp.h>
23#endif
24
25/*
26 * Algorithms supported by IPsec.  These entries contain properties which
27 * are used in key negotiation and xfrm processing, and are used to verify
28 * that instantiated crypto transforms have correct parameters for IPsec
29 * purposes.
30 */
31static struct xfrm_algo_desc aead_list[] = {
32{
33	.name = "rfc4106(gcm(aes))",
34
35	.uinfo = {
36		.aead = {
37			.icv_truncbits = 64,
38		}
39	},
40
41	.desc = {
42		.sadb_alg_id = SADB_X_EALG_AES_GCM_ICV8,
43		.sadb_alg_ivlen = 8,
44		.sadb_alg_minbits = 128,
45		.sadb_alg_maxbits = 256
46	}
47},
48{
49	.name = "rfc4106(gcm(aes))",
50
51	.uinfo = {
52		.aead = {
53			.icv_truncbits = 96,
54		}
55	},
56
57	.desc = {
58		.sadb_alg_id = SADB_X_EALG_AES_GCM_ICV12,
59		.sadb_alg_ivlen = 8,
60		.sadb_alg_minbits = 128,
61		.sadb_alg_maxbits = 256
62	}
63},
64{
65	.name = "rfc4106(gcm(aes))",
66
67	.uinfo = {
68		.aead = {
69			.icv_truncbits = 128,
70		}
71	},
72
73	.desc = {
74		.sadb_alg_id = SADB_X_EALG_AES_GCM_ICV16,
75		.sadb_alg_ivlen = 8,
76		.sadb_alg_minbits = 128,
77		.sadb_alg_maxbits = 256
78	}
79},
80{
81	.name = "rfc4309(ccm(aes))",
82
83	.uinfo = {
84		.aead = {
85			.icv_truncbits = 64,
86		}
87	},
88
89	.desc = {
90		.sadb_alg_id = SADB_X_EALG_AES_CCM_ICV8,
91		.sadb_alg_ivlen = 8,
92		.sadb_alg_minbits = 128,
93		.sadb_alg_maxbits = 256
94	}
95},
96{
97	.name = "rfc4309(ccm(aes))",
98
99	.uinfo = {
100		.aead = {
101			.icv_truncbits = 96,
102		}
103	},
104
105	.desc = {
106		.sadb_alg_id = SADB_X_EALG_AES_CCM_ICV12,
107		.sadb_alg_ivlen = 8,
108		.sadb_alg_minbits = 128,
109		.sadb_alg_maxbits = 256
110	}
111},
112{
113	.name = "rfc4309(ccm(aes))",
114
115	.uinfo = {
116		.aead = {
117			.icv_truncbits = 128,
118		}
119	},
120
121	.desc = {
122		.sadb_alg_id = SADB_X_EALG_AES_CCM_ICV16,
123		.sadb_alg_ivlen = 8,
124		.sadb_alg_minbits = 128,
125		.sadb_alg_maxbits = 256
126	}
127},
128{
129	.name = "rfc4543(gcm(aes))",
130
131	.uinfo = {
132		.aead = {
133			.icv_truncbits = 128,
134		}
135	},
136
137	.desc = {
138		.sadb_alg_id = SADB_X_EALG_NULL_AES_GMAC,
139		.sadb_alg_ivlen = 8,
140		.sadb_alg_minbits = 128,
141		.sadb_alg_maxbits = 256
142	}
143},
144};
145
146static struct xfrm_algo_desc aalg_list[] = {
147{
148	.name = "digest_null",
149
150	.uinfo = {
151		.auth = {
152			.icv_truncbits = 0,
153			.icv_fullbits = 0,
154		}
155	},
156
157	.desc = {
158		.sadb_alg_id = SADB_X_AALG_NULL,
159		.sadb_alg_ivlen = 0,
160		.sadb_alg_minbits = 0,
161		.sadb_alg_maxbits = 0
162	}
163},
164{
165	.name = "hmac(md5)",
166	.compat = "md5",
167
168	.uinfo = {
169		.auth = {
170			.icv_truncbits = 96,
171			.icv_fullbits = 128,
172		}
173	},
174
175	.desc = {
176		.sadb_alg_id = SADB_AALG_MD5HMAC,
177		.sadb_alg_ivlen = 0,
178		.sadb_alg_minbits = 128,
179		.sadb_alg_maxbits = 128
180	}
181},
182{
183	.name = "hmac(sha1)",
184	.compat = "sha1",
185
186	.uinfo = {
187		.auth = {
188			.icv_truncbits = 96,
189			.icv_fullbits = 160,
190		}
191	},
192
193	.desc = {
194		.sadb_alg_id = SADB_AALG_SHA1HMAC,
195		.sadb_alg_ivlen = 0,
196		.sadb_alg_minbits = 160,
197		.sadb_alg_maxbits = 160
198	}
199},
200{
201	.name = "hmac(sha256)",
202	.compat = "sha256",
203
204	.uinfo = {
205		.auth = {
206			.icv_truncbits = 96,
207			.icv_fullbits = 256,
208		}
209	},
210
211	.desc = {
212		.sadb_alg_id = SADB_X_AALG_SHA2_256HMAC,
213		.sadb_alg_ivlen = 0,
214		.sadb_alg_minbits = 256,
215		.sadb_alg_maxbits = 256
216	}
217},
218{
219	.name = "hmac(sha384)",
220
221	.uinfo = {
222		.auth = {
223			.icv_truncbits = 192,
224			.icv_fullbits = 384,
225		}
226	},
227
228	.desc = {
229		.sadb_alg_id = SADB_X_AALG_SHA2_384HMAC,
230		.sadb_alg_ivlen = 0,
231		.sadb_alg_minbits = 384,
232		.sadb_alg_maxbits = 384
233	}
234},
235{
236	.name = "hmac(sha512)",
237
238	.uinfo = {
239		.auth = {
240			.icv_truncbits = 256,
241			.icv_fullbits = 512,
242		}
243	},
244
245	.desc = {
246		.sadb_alg_id = SADB_X_AALG_SHA2_512HMAC,
247		.sadb_alg_ivlen = 0,
248		.sadb_alg_minbits = 512,
249		.sadb_alg_maxbits = 512
250	}
251},
252{
253	.name = "hmac(rmd160)",
254	.compat = "rmd160",
255
256	.uinfo = {
257		.auth = {
258			.icv_truncbits = 96,
259			.icv_fullbits = 160,
260		}
261	},
262
263	.desc = {
264		.sadb_alg_id = SADB_X_AALG_RIPEMD160HMAC,
265		.sadb_alg_ivlen = 0,
266		.sadb_alg_minbits = 160,
267		.sadb_alg_maxbits = 160
268	}
269},
270{
271	.name = "xcbc(aes)",
272
273	.uinfo = {
274		.auth = {
275			.icv_truncbits = 96,
276			.icv_fullbits = 128,
277		}
278	},
279
280	.desc = {
281		.sadb_alg_id = SADB_X_AALG_AES_XCBC_MAC,
282		.sadb_alg_ivlen = 0,
283		.sadb_alg_minbits = 128,
284		.sadb_alg_maxbits = 128
285	}
286},
287};
288
289static struct xfrm_algo_desc ealg_list[] = {
290{
291	.name = "ecb(cipher_null)",
292	.compat = "cipher_null",
293
294	.uinfo = {
295		.encr = {
296			.blockbits = 8,
297			.defkeybits = 0,
298		}
299	},
300
301	.desc = {
302		.sadb_alg_id =	SADB_EALG_NULL,
303		.sadb_alg_ivlen = 0,
304		.sadb_alg_minbits = 0,
305		.sadb_alg_maxbits = 0
306	}
307},
308{
309	.name = "cbc(des)",
310	.compat = "des",
311
312	.uinfo = {
313		.encr = {
314			.blockbits = 64,
315			.defkeybits = 64,
316		}
317	},
318
319	.desc = {
320		.sadb_alg_id = SADB_EALG_DESCBC,
321		.sadb_alg_ivlen = 8,
322		.sadb_alg_minbits = 64,
323		.sadb_alg_maxbits = 64
324	}
325},
326{
327	.name = "cbc(des3_ede)",
328	.compat = "des3_ede",
329
330	.uinfo = {
331		.encr = {
332			.blockbits = 64,
333			.defkeybits = 192,
334		}
335	},
336
337	.desc = {
338		.sadb_alg_id = SADB_EALG_3DESCBC,
339		.sadb_alg_ivlen = 8,
340		.sadb_alg_minbits = 192,
341		.sadb_alg_maxbits = 192
342	}
343},
344{
345	.name = "cbc(cast5)",
346	.compat = "cast5",
347
348	.uinfo = {
349		.encr = {
350			.blockbits = 64,
351			.defkeybits = 128,
352		}
353	},
354
355	.desc = {
356		.sadb_alg_id = SADB_X_EALG_CASTCBC,
357		.sadb_alg_ivlen = 8,
358		.sadb_alg_minbits = 40,
359		.sadb_alg_maxbits = 128
360	}
361},
362{
363	.name = "cbc(blowfish)",
364	.compat = "blowfish",
365
366	.uinfo = {
367		.encr = {
368			.blockbits = 64,
369			.defkeybits = 128,
370		}
371	},
372
373	.desc = {
374		.sadb_alg_id = SADB_X_EALG_BLOWFISHCBC,
375		.sadb_alg_ivlen = 8,
376		.sadb_alg_minbits = 40,
377		.sadb_alg_maxbits = 448
378	}
379},
380{
381	.name = "cbc(aes)",
382	.compat = "aes",
383
384	.uinfo = {
385		.encr = {
386			.blockbits = 128,
387			.defkeybits = 128,
388		}
389	},
390
391	.desc = {
392		.sadb_alg_id = SADB_X_EALG_AESCBC,
393		.sadb_alg_ivlen = 8,
394		.sadb_alg_minbits = 128,
395		.sadb_alg_maxbits = 256
396	}
397},
398{
399	.name = "cbc(serpent)",
400	.compat = "serpent",
401
402	.uinfo = {
403		.encr = {
404			.blockbits = 128,
405			.defkeybits = 128,
406		}
407	},
408
409	.desc = {
410		.sadb_alg_id = SADB_X_EALG_SERPENTCBC,
411		.sadb_alg_ivlen = 8,
412		.sadb_alg_minbits = 128,
413		.sadb_alg_maxbits = 256,
414	}
415},
416{
417	.name = "cbc(camellia)",
418	.compat = "camellia",
419
420	.uinfo = {
421		.encr = {
422			.blockbits = 128,
423			.defkeybits = 128,
424		}
425	},
426
427	.desc = {
428		.sadb_alg_id = SADB_X_EALG_CAMELLIACBC,
429		.sadb_alg_ivlen = 8,
430		.sadb_alg_minbits = 128,
431		.sadb_alg_maxbits = 256
432	}
433},
434{
435	.name = "cbc(twofish)",
436	.compat = "twofish",
437
438	.uinfo = {
439		.encr = {
440			.blockbits = 128,
441			.defkeybits = 128,
442		}
443	},
444
445	.desc = {
446		.sadb_alg_id = SADB_X_EALG_TWOFISHCBC,
447		.sadb_alg_ivlen = 8,
448		.sadb_alg_minbits = 128,
449		.sadb_alg_maxbits = 256
450	}
451},
452{
453	.name = "rfc3686(ctr(aes))",
454
455	.uinfo = {
456		.encr = {
457			.blockbits = 128,
458			.defkeybits = 160, /* 128-bit key + 32-bit nonce */
459		}
460	},
461
462	.desc = {
463		.sadb_alg_id = SADB_X_EALG_AESCTR,
464		.sadb_alg_ivlen	= 8,
465		.sadb_alg_minbits = 160,
466		.sadb_alg_maxbits = 288
467	}
468},
469};
470
471static struct xfrm_algo_desc calg_list[] = {
472{
473	.name = "deflate",
474	.uinfo = {
475		.comp = {
476			.threshold = 90,
477		}
478	},
479	.desc = { .sadb_alg_id = SADB_X_CALG_DEFLATE }
480},
481{
482	.name = "lzs",
483	.uinfo = {
484		.comp = {
485			.threshold = 90,
486		}
487	},
488	.desc = { .sadb_alg_id = SADB_X_CALG_LZS }
489},
490{
491	.name = "lzjh",
492	.uinfo = {
493		.comp = {
494			.threshold = 50,
495		}
496	},
497	.desc = { .sadb_alg_id = SADB_X_CALG_LZJH }
498},
499};
500
501static inline int aead_entries(void)
502{
503	return ARRAY_SIZE(aead_list);
504}
505
506static inline int aalg_entries(void)
507{
508	return ARRAY_SIZE(aalg_list);
509}
510
511static inline int ealg_entries(void)
512{
513	return ARRAY_SIZE(ealg_list);
514}
515
516static inline int calg_entries(void)
517{
518	return ARRAY_SIZE(calg_list);
519}
520
521struct xfrm_algo_list {
522	struct xfrm_algo_desc *algs;
523	int entries;
524	u32 type;
525	u32 mask;
526};
527
528static const struct xfrm_algo_list xfrm_aead_list = {
529	.algs = aead_list,
530	.entries = ARRAY_SIZE(aead_list),
531	.type = CRYPTO_ALG_TYPE_AEAD,
532	.mask = CRYPTO_ALG_TYPE_MASK,
533};
534
535static const struct xfrm_algo_list xfrm_aalg_list = {
536	.algs = aalg_list,
537	.entries = ARRAY_SIZE(aalg_list),
538	.type = CRYPTO_ALG_TYPE_HASH,
539	.mask = CRYPTO_ALG_TYPE_HASH_MASK,
540};
541
542static const struct xfrm_algo_list xfrm_ealg_list = {
543	.algs = ealg_list,
544	.entries = ARRAY_SIZE(ealg_list),
545	.type = CRYPTO_ALG_TYPE_BLKCIPHER,
546	.mask = CRYPTO_ALG_TYPE_BLKCIPHER_MASK,
547};
548
549static const struct xfrm_algo_list xfrm_calg_list = {
550	.algs = calg_list,
551	.entries = ARRAY_SIZE(calg_list),
552	.type = CRYPTO_ALG_TYPE_COMPRESS,
553	.mask = CRYPTO_ALG_TYPE_MASK,
554};
555
556static struct xfrm_algo_desc *xfrm_find_algo(
557	const struct xfrm_algo_list *algo_list,
558	int match(const struct xfrm_algo_desc *entry, const void *data),
559	const void *data, int probe)
560{
561	struct xfrm_algo_desc *list = algo_list->algs;
562	int i, status;
563
564	for (i = 0; i < algo_list->entries; i++) {
565		if (!match(list + i, data))
566			continue;
567
568		if (list[i].available)
569			return &list[i];
570
571		if (!probe)
572			break;
573
574		status = crypto_has_alg(list[i].name, algo_list->type,
575					algo_list->mask);
576		if (!status)
577			break;
578
579		list[i].available = status;
580		return &list[i];
581	}
582	return NULL;
583}
584
585static int xfrm_alg_id_match(const struct xfrm_algo_desc *entry,
586			     const void *data)
587{
588	return entry->desc.sadb_alg_id == (unsigned long)data;
589}
590
591struct xfrm_algo_desc *xfrm_aalg_get_byid(int alg_id)
592{
593	return xfrm_find_algo(&xfrm_aalg_list, xfrm_alg_id_match,
594			      (void *)(unsigned long)alg_id, 1);
595}
596EXPORT_SYMBOL_GPL(xfrm_aalg_get_byid);
597
598struct xfrm_algo_desc *xfrm_ealg_get_byid(int alg_id)
599{
600	return xfrm_find_algo(&xfrm_ealg_list, xfrm_alg_id_match,
601			      (void *)(unsigned long)alg_id, 1);
602}
603EXPORT_SYMBOL_GPL(xfrm_ealg_get_byid);
604
605struct xfrm_algo_desc *xfrm_calg_get_byid(int alg_id)
606{
607	return xfrm_find_algo(&xfrm_calg_list, xfrm_alg_id_match,
608			      (void *)(unsigned long)alg_id, 1);
609}
610EXPORT_SYMBOL_GPL(xfrm_calg_get_byid);
611
612static int xfrm_alg_name_match(const struct xfrm_algo_desc *entry,
613			       const void *data)
614{
615	const char *name = data;
616
617	return name && (!strcmp(name, entry->name) ||
618			(entry->compat && !strcmp(name, entry->compat)));
619}
620
621struct xfrm_algo_desc *xfrm_aalg_get_byname(const char *name, int probe)
622{
623	return xfrm_find_algo(&xfrm_aalg_list, xfrm_alg_name_match, name,
624			      probe);
625}
626EXPORT_SYMBOL_GPL(xfrm_aalg_get_byname);
627
628struct xfrm_algo_desc *xfrm_ealg_get_byname(const char *name, int probe)
629{
630	return xfrm_find_algo(&xfrm_ealg_list, xfrm_alg_name_match, name,
631			      probe);
632}
633EXPORT_SYMBOL_GPL(xfrm_ealg_get_byname);
634
635struct xfrm_algo_desc *xfrm_calg_get_byname(const char *name, int probe)
636{
637	return xfrm_find_algo(&xfrm_calg_list, xfrm_alg_name_match, name,
638			      probe);
639}
640EXPORT_SYMBOL_GPL(xfrm_calg_get_byname);
641
642struct xfrm_aead_name {
643	const char *name;
644	int icvbits;
645};
646
647static int xfrm_aead_name_match(const struct xfrm_algo_desc *entry,
648				const void *data)
649{
650	const struct xfrm_aead_name *aead = data;
651	const char *name = aead->name;
652
653	return aead->icvbits == entry->uinfo.aead.icv_truncbits && name &&
654	       !strcmp(name, entry->name);
655}
656
657struct xfrm_algo_desc *xfrm_aead_get_byname(const char *name, int icv_len, int probe)
658{
659	struct xfrm_aead_name data = {
660		.name = name,
661		.icvbits = icv_len,
662	};
663
664	return xfrm_find_algo(&xfrm_aead_list, xfrm_aead_name_match, &data,
665			      probe);
666}
667EXPORT_SYMBOL_GPL(xfrm_aead_get_byname);
668
669struct xfrm_algo_desc *xfrm_aalg_get_byidx(unsigned int idx)
670{
671	if (idx >= aalg_entries())
672		return NULL;
673
674	return &aalg_list[idx];
675}
676EXPORT_SYMBOL_GPL(xfrm_aalg_get_byidx);
677
678struct xfrm_algo_desc *xfrm_ealg_get_byidx(unsigned int idx)
679{
680	if (idx >= ealg_entries())
681		return NULL;
682
683	return &ealg_list[idx];
684}
685EXPORT_SYMBOL_GPL(xfrm_ealg_get_byidx);
686
687/*
688 * Probe for the availability of crypto algorithms, and set the available
689 * flag for any algorithms found on the system.  This is typically called by
690 * pfkey during userspace SA add, update or register.
691 */
692void xfrm_probe_algs(void)
693{
694	int i, status;
695
696	BUG_ON(in_softirq());
697
698	for (i = 0; i < aalg_entries(); i++) {
699		status = crypto_has_hash(aalg_list[i].name, 0,
700					 CRYPTO_ALG_ASYNC);
701		if (aalg_list[i].available != status)
702			aalg_list[i].available = status;
703	}
704
705	for (i = 0; i < ealg_entries(); i++) {
706		status = crypto_has_blkcipher(ealg_list[i].name, 0,
707					      CRYPTO_ALG_ASYNC);
708		if (ealg_list[i].available != status)
709			ealg_list[i].available = status;
710	}
711
712	for (i = 0; i < calg_entries(); i++) {
713		status = crypto_has_comp(calg_list[i].name, 0,
714					 CRYPTO_ALG_ASYNC);
715		if (calg_list[i].available != status)
716			calg_list[i].available = status;
717	}
718}
719EXPORT_SYMBOL_GPL(xfrm_probe_algs);
720
721int xfrm_count_auth_supported(void)
722{
723	int i, n;
724
725	for (i = 0, n = 0; i < aalg_entries(); i++)
726		if (aalg_list[i].available)
727			n++;
728	return n;
729}
730EXPORT_SYMBOL_GPL(xfrm_count_auth_supported);
731
732int xfrm_count_enc_supported(void)
733{
734	int i, n;
735
736	for (i = 0, n = 0; i < ealg_entries(); i++)
737		if (ealg_list[i].available)
738			n++;
739	return n;
740}
741EXPORT_SYMBOL_GPL(xfrm_count_enc_supported);
742
743#if defined(CONFIG_INET_ESP) || defined(CONFIG_INET_ESP_MODULE) || defined(CONFIG_INET6_ESP) || defined(CONFIG_INET6_ESP_MODULE)
744
745void *pskb_put(struct sk_buff *skb, struct sk_buff *tail, int len)
746{
747	if (tail != skb) {
748		skb->data_len += len;
749		skb->len += len;
750	}
751	return skb_put(tail, len);
752}
753EXPORT_SYMBOL_GPL(pskb_put);
754#endif
755
756MODULE_LICENSE("GPL");
757