auth.h 3.7 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113
  1. /* SPDX-License-Identifier: GPL-2.0-or-later */
  2. /* SCTP kernel implementation
  3. * (C) Copyright 2007 Hewlett-Packard Development Company, L.P.
  4. *
  5. * This file is part of the SCTP kernel implementation
  6. *
  7. * Please send any bug reports or fixes you make to the
  8. * email address(es):
  9. * lksctp developers <[email protected]>
  10. *
  11. * Written or modified by:
  12. * Vlad Yasevich <[email protected]>
  13. */
  14. #ifndef __sctp_auth_h__
  15. #define __sctp_auth_h__
  16. #include <linux/list.h>
  17. #include <linux/refcount.h>
  18. struct sctp_endpoint;
  19. struct sctp_association;
  20. struct sctp_authkey;
  21. struct sctp_hmacalgo;
  22. struct crypto_shash;
  23. /*
  24. * Define a generic struct that will hold all the info
  25. * necessary for an HMAC transform
  26. */
  27. struct sctp_hmac {
  28. __u16 hmac_id; /* one of the above ids */
  29. char *hmac_name; /* name for loading */
  30. __u16 hmac_len; /* length of the signature */
  31. };
  32. /* This is generic structure that containst authentication bytes used
  33. * as keying material. It's a what is referred to as byte-vector all
  34. * over SCTP-AUTH
  35. */
  36. struct sctp_auth_bytes {
  37. refcount_t refcnt;
  38. __u32 len;
  39. __u8 data[];
  40. };
  41. /* Definition for a shared key, weather endpoint or association */
  42. struct sctp_shared_key {
  43. struct list_head key_list;
  44. struct sctp_auth_bytes *key;
  45. refcount_t refcnt;
  46. __u16 key_id;
  47. __u8 deactivated;
  48. };
  49. #define key_for_each(__key, __list_head) \
  50. list_for_each_entry(__key, __list_head, key_list)
  51. #define key_for_each_safe(__key, __tmp, __list_head) \
  52. list_for_each_entry_safe(__key, __tmp, __list_head, key_list)
  53. static inline void sctp_auth_key_hold(struct sctp_auth_bytes *key)
  54. {
  55. if (!key)
  56. return;
  57. refcount_inc(&key->refcnt);
  58. }
  59. void sctp_auth_key_put(struct sctp_auth_bytes *key);
  60. struct sctp_shared_key *sctp_auth_shkey_create(__u16 key_id, gfp_t gfp);
  61. void sctp_auth_destroy_keys(struct list_head *keys);
  62. int sctp_auth_asoc_init_active_key(struct sctp_association *asoc, gfp_t gfp);
  63. struct sctp_shared_key *sctp_auth_get_shkey(
  64. const struct sctp_association *asoc,
  65. __u16 key_id);
  66. int sctp_auth_asoc_copy_shkeys(const struct sctp_endpoint *ep,
  67. struct sctp_association *asoc,
  68. gfp_t gfp);
  69. int sctp_auth_init_hmacs(struct sctp_endpoint *ep, gfp_t gfp);
  70. void sctp_auth_destroy_hmacs(struct crypto_shash *auth_hmacs[]);
  71. struct sctp_hmac *sctp_auth_get_hmac(__u16 hmac_id);
  72. struct sctp_hmac *sctp_auth_asoc_get_hmac(const struct sctp_association *asoc);
  73. void sctp_auth_asoc_set_default_hmac(struct sctp_association *asoc,
  74. struct sctp_hmac_algo_param *hmacs);
  75. int sctp_auth_asoc_verify_hmac_id(const struct sctp_association *asoc,
  76. __be16 hmac_id);
  77. int sctp_auth_send_cid(enum sctp_cid chunk,
  78. const struct sctp_association *asoc);
  79. int sctp_auth_recv_cid(enum sctp_cid chunk,
  80. const struct sctp_association *asoc);
  81. void sctp_auth_calculate_hmac(const struct sctp_association *asoc,
  82. struct sk_buff *skb, struct sctp_auth_chunk *auth,
  83. struct sctp_shared_key *ep_key, gfp_t gfp);
  84. void sctp_auth_shkey_release(struct sctp_shared_key *sh_key);
  85. void sctp_auth_shkey_hold(struct sctp_shared_key *sh_key);
  86. /* API Helpers */
  87. int sctp_auth_ep_add_chunkid(struct sctp_endpoint *ep, __u8 chunk_id);
  88. int sctp_auth_ep_set_hmacs(struct sctp_endpoint *ep,
  89. struct sctp_hmacalgo *hmacs);
  90. int sctp_auth_set_key(struct sctp_endpoint *ep, struct sctp_association *asoc,
  91. struct sctp_authkey *auth_key);
  92. int sctp_auth_set_active_key(struct sctp_endpoint *ep,
  93. struct sctp_association *asoc, __u16 key_id);
  94. int sctp_auth_del_key_id(struct sctp_endpoint *ep,
  95. struct sctp_association *asoc, __u16 key_id);
  96. int sctp_auth_deact_key_id(struct sctp_endpoint *ep,
  97. struct sctp_association *asoc, __u16 key_id);
  98. int sctp_auth_init(struct sctp_endpoint *ep, gfp_t gfp);
  99. void sctp_auth_free(struct sctp_endpoint *ep);
  100. #endif