1 // SPDX-License-Identifier: GPL-2.0-or-later 2 /* SCTP kernel implementation 3 * (C) Copyright 2007 Hewlett-Packard Development Company, L.P. 4 * 5 * This file is part of the SCTP kernel implementation 6 * 7 * Please send any bug reports or fixes you make to the 8 * email address(es): 9 * lksctp developers <linux-sctp@vger.kernel.org> 10 * 11 * Written or modified by: 12 * Vlad Yasevich <vladislav.yasevich@hp.com> 13 */ 14 15 #include <crypto/sha1.h> 16 #include <crypto/sha2.h> 17 #include <linux/slab.h> 18 #include <linux/types.h> 19 #include <net/sctp/sctp.h> 20 #include <net/sctp/auth.h> 21 22 static const struct sctp_hmac sctp_hmac_list[SCTP_AUTH_NUM_HMACS] = { 23 { 24 /* id 0 is reserved. as all 0 */ 25 .hmac_id = SCTP_AUTH_HMAC_ID_RESERVED_0, 26 }, 27 { 28 .hmac_id = SCTP_AUTH_HMAC_ID_SHA1, 29 .hmac_len = SHA1_DIGEST_SIZE, 30 }, 31 { 32 /* id 2 is reserved as well */ 33 .hmac_id = SCTP_AUTH_HMAC_ID_RESERVED_2, 34 }, 35 { 36 .hmac_id = SCTP_AUTH_HMAC_ID_SHA256, 37 .hmac_len = SHA256_DIGEST_SIZE, 38 } 39 }; 40 41 static bool sctp_hmac_supported(__u16 hmac_id) 42 { 43 return hmac_id < ARRAY_SIZE(sctp_hmac_list) && 44 sctp_hmac_list[hmac_id].hmac_len != 0; 45 } 46 47 void sctp_auth_key_put(struct sctp_auth_bytes *key) 48 { 49 if (!key) 50 return; 51 52 if (refcount_dec_and_test(&key->refcnt)) { 53 kfree_sensitive(key); 54 SCTP_DBG_OBJCNT_DEC(keys); 55 } 56 } 57 58 /* Create a new key structure of a given length */ 59 static struct sctp_auth_bytes *sctp_auth_create_key(__u32 key_len, gfp_t gfp) 60 { 61 struct sctp_auth_bytes *key; 62 63 /* Verify that we are not going to overflow INT_MAX */ 64 if (key_len > (INT_MAX - sizeof(struct sctp_auth_bytes))) 65 return NULL; 66 67 /* Allocate the shared key */ 68 key = kmalloc(sizeof(struct sctp_auth_bytes) + key_len, gfp); 69 if (!key) 70 return NULL; 71 72 key->len = key_len; 73 refcount_set(&key->refcnt, 1); 74 SCTP_DBG_OBJCNT_INC(keys); 75 76 return key; 77 } 78 79 /* Create a new shared key container with a give key id */ 80 struct sctp_shared_key *sctp_auth_shkey_create(__u16 key_id, gfp_t gfp) 81 { 82 struct sctp_shared_key *new; 83 84 /* Allocate the shared key container */ 85 new = kzalloc(sizeof(struct sctp_shared_key), gfp); 86 if (!new) 87 return NULL; 88 89 INIT_LIST_HEAD(&new->key_list); 90 refcount_set(&new->refcnt, 1); 91 new->key_id = key_id; 92 93 return new; 94 } 95 96 /* Free the shared key structure */ 97 static void sctp_auth_shkey_destroy(struct sctp_shared_key *sh_key) 98 { 99 BUG_ON(!list_empty(&sh_key->key_list)); 100 sctp_auth_key_put(sh_key->key); 101 sh_key->key = NULL; 102 kfree(sh_key); 103 } 104 105 void sctp_auth_shkey_release(struct sctp_shared_key *sh_key) 106 { 107 if (refcount_dec_and_test(&sh_key->refcnt)) 108 sctp_auth_shkey_destroy(sh_key); 109 } 110 111 void sctp_auth_shkey_hold(struct sctp_shared_key *sh_key) 112 { 113 refcount_inc(&sh_key->refcnt); 114 } 115 116 /* Destroy the entire key list. This is done during the 117 * associon and endpoint free process. 118 */ 119 void sctp_auth_destroy_keys(struct list_head *keys) 120 { 121 struct sctp_shared_key *ep_key; 122 struct sctp_shared_key *tmp; 123 124 if (list_empty(keys)) 125 return; 126 127 key_for_each_safe(ep_key, tmp, keys) { 128 list_del_init(&ep_key->key_list); 129 sctp_auth_shkey_release(ep_key); 130 } 131 } 132 133 /* Compare two byte vectors as numbers. Return values 134 * are: 135 * 0 - vectors are equal 136 * < 0 - vector 1 is smaller than vector2 137 * > 0 - vector 1 is greater than vector2 138 * 139 * Algorithm is: 140 * This is performed by selecting the numerically smaller key vector... 141 * If the key vectors are equal as numbers but differ in length ... 142 * the shorter vector is considered smaller 143 * 144 * Examples (with small values): 145 * 000123456789 > 123456789 (first number is longer) 146 * 000123456789 < 234567891 (second number is larger numerically) 147 * 123456789 > 2345678 (first number is both larger & longer) 148 */ 149 static int sctp_auth_compare_vectors(struct sctp_auth_bytes *vector1, 150 struct sctp_auth_bytes *vector2) 151 { 152 int diff; 153 int i; 154 const __u8 *longer; 155 156 diff = vector1->len - vector2->len; 157 if (diff) { 158 longer = (diff > 0) ? vector1->data : vector2->data; 159 160 /* Check to see if the longer number is 161 * lead-zero padded. If it is not, it 162 * is automatically larger numerically. 163 */ 164 for (i = 0; i < abs(diff); i++) { 165 if (longer[i] != 0) 166 return diff; 167 } 168 } 169 170 /* lengths are the same, compare numbers */ 171 return memcmp(vector1->data, vector2->data, vector1->len); 172 } 173 174 /* 175 * Create a key vector as described in SCTP-AUTH, Section 6.1 176 * The RANDOM parameter, the CHUNKS parameter and the HMAC-ALGO 177 * parameter sent by each endpoint are concatenated as byte vectors. 178 * These parameters include the parameter type, parameter length, and 179 * the parameter value, but padding is omitted; all padding MUST be 180 * removed from this concatenation before proceeding with further 181 * computation of keys. Parameters which were not sent are simply 182 * omitted from the concatenation process. The resulting two vectors 183 * are called the two key vectors. 184 */ 185 static struct sctp_auth_bytes *sctp_auth_make_key_vector( 186 struct sctp_random_param *random, 187 struct sctp_chunks_param *chunks, 188 struct sctp_hmac_algo_param *hmacs, 189 gfp_t gfp) 190 { 191 struct sctp_auth_bytes *new; 192 __u32 len; 193 __u32 offset = 0; 194 __u16 random_len, hmacs_len, chunks_len = 0; 195 196 random_len = ntohs(random->param_hdr.length); 197 hmacs_len = ntohs(hmacs->param_hdr.length); 198 if (chunks) 199 chunks_len = ntohs(chunks->param_hdr.length); 200 201 len = random_len + hmacs_len + chunks_len; 202 203 new = sctp_auth_create_key(len, gfp); 204 if (!new) 205 return NULL; 206 207 memcpy(new->data, random, random_len); 208 offset += random_len; 209 210 if (chunks) { 211 memcpy(new->data + offset, chunks, chunks_len); 212 offset += chunks_len; 213 } 214 215 memcpy(new->data + offset, hmacs, hmacs_len); 216 217 return new; 218 } 219 220 221 /* Make a key vector based on our local parameters */ 222 static struct sctp_auth_bytes *sctp_auth_make_local_vector( 223 const struct sctp_association *asoc, 224 gfp_t gfp) 225 { 226 return sctp_auth_make_key_vector( 227 (struct sctp_random_param *)asoc->c.auth_random, 228 (struct sctp_chunks_param *)asoc->c.auth_chunks, 229 (struct sctp_hmac_algo_param *)asoc->c.auth_hmacs, gfp); 230 } 231 232 /* Make a key vector based on peer's parameters */ 233 static struct sctp_auth_bytes *sctp_auth_make_peer_vector( 234 const struct sctp_association *asoc, 235 gfp_t gfp) 236 { 237 return sctp_auth_make_key_vector(asoc->peer.peer_random, 238 asoc->peer.peer_chunks, 239 asoc->peer.peer_hmacs, 240 gfp); 241 } 242 243 244 /* Set the value of the association shared key base on the parameters 245 * given. The algorithm is: 246 * From the endpoint pair shared keys and the key vectors the 247 * association shared keys are computed. This is performed by selecting 248 * the numerically smaller key vector and concatenating it to the 249 * endpoint pair shared key, and then concatenating the numerically 250 * larger key vector to that. The result of the concatenation is the 251 * association shared key. 252 */ 253 static struct sctp_auth_bytes *sctp_auth_asoc_set_secret( 254 struct sctp_shared_key *ep_key, 255 struct sctp_auth_bytes *first_vector, 256 struct sctp_auth_bytes *last_vector, 257 gfp_t gfp) 258 { 259 struct sctp_auth_bytes *secret; 260 __u32 offset = 0; 261 __u32 auth_len; 262 263 auth_len = first_vector->len + last_vector->len; 264 if (ep_key->key) 265 auth_len += ep_key->key->len; 266 267 secret = sctp_auth_create_key(auth_len, gfp); 268 if (!secret) 269 return NULL; 270 271 if (ep_key->key) { 272 memcpy(secret->data, ep_key->key->data, ep_key->key->len); 273 offset += ep_key->key->len; 274 } 275 276 memcpy(secret->data + offset, first_vector->data, first_vector->len); 277 offset += first_vector->len; 278 279 memcpy(secret->data + offset, last_vector->data, last_vector->len); 280 281 return secret; 282 } 283 284 /* Create an association shared key. Follow the algorithm 285 * described in SCTP-AUTH, Section 6.1 286 */ 287 static struct sctp_auth_bytes *sctp_auth_asoc_create_secret( 288 const struct sctp_association *asoc, 289 struct sctp_shared_key *ep_key, 290 gfp_t gfp) 291 { 292 struct sctp_auth_bytes *local_key_vector; 293 struct sctp_auth_bytes *peer_key_vector; 294 struct sctp_auth_bytes *first_vector, 295 *last_vector; 296 struct sctp_auth_bytes *secret = NULL; 297 int cmp; 298 299 300 /* Now we need to build the key vectors 301 * SCTP-AUTH , Section 6.1 302 * The RANDOM parameter, the CHUNKS parameter and the HMAC-ALGO 303 * parameter sent by each endpoint are concatenated as byte vectors. 304 * These parameters include the parameter type, parameter length, and 305 * the parameter value, but padding is omitted; all padding MUST be 306 * removed from this concatenation before proceeding with further 307 * computation of keys. Parameters which were not sent are simply 308 * omitted from the concatenation process. The resulting two vectors 309 * are called the two key vectors. 310 */ 311 312 local_key_vector = sctp_auth_make_local_vector(asoc, gfp); 313 peer_key_vector = sctp_auth_make_peer_vector(asoc, gfp); 314 315 if (!peer_key_vector || !local_key_vector) 316 goto out; 317 318 /* Figure out the order in which the key_vectors will be 319 * added to the endpoint shared key. 320 * SCTP-AUTH, Section 6.1: 321 * This is performed by selecting the numerically smaller key 322 * vector and concatenating it to the endpoint pair shared 323 * key, and then concatenating the numerically larger key 324 * vector to that. If the key vectors are equal as numbers 325 * but differ in length, then the concatenation order is the 326 * endpoint shared key, followed by the shorter key vector, 327 * followed by the longer key vector. Otherwise, the key 328 * vectors are identical, and may be concatenated to the 329 * endpoint pair key in any order. 330 */ 331 cmp = sctp_auth_compare_vectors(local_key_vector, 332 peer_key_vector); 333 if (cmp < 0) { 334 first_vector = local_key_vector; 335 last_vector = peer_key_vector; 336 } else { 337 first_vector = peer_key_vector; 338 last_vector = local_key_vector; 339 } 340 341 secret = sctp_auth_asoc_set_secret(ep_key, first_vector, last_vector, 342 gfp); 343 out: 344 sctp_auth_key_put(local_key_vector); 345 sctp_auth_key_put(peer_key_vector); 346 347 return secret; 348 } 349 350 /* 351 * Populate the association overlay list with the list 352 * from the endpoint. 353 */ 354 int sctp_auth_asoc_copy_shkeys(const struct sctp_endpoint *ep, 355 struct sctp_association *asoc, 356 gfp_t gfp) 357 { 358 struct sctp_shared_key *sh_key; 359 struct sctp_shared_key *new; 360 361 BUG_ON(!list_empty(&asoc->endpoint_shared_keys)); 362 363 key_for_each(sh_key, &ep->endpoint_shared_keys) { 364 new = sctp_auth_shkey_create(sh_key->key_id, gfp); 365 if (!new) 366 goto nomem; 367 368 new->key = sh_key->key; 369 sctp_auth_key_hold(new->key); 370 list_add(&new->key_list, &asoc->endpoint_shared_keys); 371 } 372 373 return 0; 374 375 nomem: 376 sctp_auth_destroy_keys(&asoc->endpoint_shared_keys); 377 return -ENOMEM; 378 } 379 380 381 /* Public interface to create the association shared key. 382 * See code above for the algorithm. 383 */ 384 int sctp_auth_asoc_init_active_key(struct sctp_association *asoc, gfp_t gfp) 385 { 386 struct sctp_auth_bytes *secret; 387 struct sctp_shared_key *ep_key; 388 struct sctp_chunk *chunk; 389 390 /* If we don't support AUTH, or peer is not capable 391 * we don't need to do anything. 392 */ 393 if (!asoc->peer.auth_capable) 394 return 0; 395 396 /* If the key_id is non-zero and we couldn't find an 397 * endpoint pair shared key, we can't compute the 398 * secret. 399 * For key_id 0, endpoint pair shared key is a NULL key. 400 */ 401 ep_key = sctp_auth_get_shkey(asoc, asoc->active_key_id); 402 BUG_ON(!ep_key); 403 404 secret = sctp_auth_asoc_create_secret(asoc, ep_key, gfp); 405 if (!secret) 406 return -ENOMEM; 407 408 sctp_auth_key_put(asoc->asoc_shared_key); 409 asoc->asoc_shared_key = secret; 410 asoc->shkey = ep_key; 411 412 /* Update send queue in case any chunk already in there now 413 * needs authenticating 414 */ 415 list_for_each_entry(chunk, &asoc->outqueue.out_chunk_list, list) { 416 if (sctp_auth_send_cid(chunk->chunk_hdr->type, asoc)) { 417 chunk->auth = 1; 418 if (!chunk->shkey) { 419 chunk->shkey = asoc->shkey; 420 sctp_auth_shkey_hold(chunk->shkey); 421 } 422 } 423 } 424 425 return 0; 426 } 427 428 429 /* Find the endpoint pair shared key based on the key_id */ 430 struct sctp_shared_key *sctp_auth_get_shkey( 431 const struct sctp_association *asoc, 432 __u16 key_id) 433 { 434 struct sctp_shared_key *key; 435 436 /* First search associations set of endpoint pair shared keys */ 437 key_for_each(key, &asoc->endpoint_shared_keys) { 438 if (key->key_id == key_id) { 439 if (!key->deactivated) 440 return key; 441 break; 442 } 443 } 444 445 return NULL; 446 } 447 448 const struct sctp_hmac *sctp_auth_get_hmac(__u16 hmac_id) 449 { 450 return &sctp_hmac_list[hmac_id]; 451 } 452 453 /* Get an hmac description information that we can use to build 454 * the AUTH chunk 455 */ 456 const struct sctp_hmac * 457 sctp_auth_asoc_get_hmac(const struct sctp_association *asoc) 458 { 459 struct sctp_hmac_algo_param *hmacs; 460 __u16 n_elt; 461 __u16 id = 0; 462 int i; 463 464 /* If we have a default entry, use it */ 465 if (asoc->default_hmac_id) 466 return &sctp_hmac_list[asoc->default_hmac_id]; 467 468 /* Since we do not have a default entry, find the first entry 469 * we support and return that. Do not cache that id. 470 */ 471 hmacs = asoc->peer.peer_hmacs; 472 if (!hmacs) 473 return NULL; 474 475 n_elt = (ntohs(hmacs->param_hdr.length) - 476 sizeof(struct sctp_paramhdr)) >> 1; 477 for (i = 0; i < n_elt; i++) { 478 id = ntohs(hmacs->hmac_ids[i]); 479 if (sctp_hmac_supported(id)) 480 return &sctp_hmac_list[id]; 481 } 482 return NULL; 483 } 484 485 static int __sctp_auth_find_hmacid(__be16 *hmacs, int n_elts, __be16 hmac_id) 486 { 487 int found = 0; 488 int i; 489 490 for (i = 0; i < n_elts; i++) { 491 if (hmac_id == hmacs[i]) { 492 found = 1; 493 break; 494 } 495 } 496 497 return found; 498 } 499 500 /* See if the HMAC_ID is one that we claim as supported */ 501 int sctp_auth_asoc_verify_hmac_id(const struct sctp_association *asoc, 502 __be16 hmac_id) 503 { 504 struct sctp_hmac_algo_param *hmacs; 505 __u16 n_elt; 506 507 if (!asoc) 508 return 0; 509 510 hmacs = (struct sctp_hmac_algo_param *)asoc->c.auth_hmacs; 511 n_elt = (ntohs(hmacs->param_hdr.length) - 512 sizeof(struct sctp_paramhdr)) >> 1; 513 514 return __sctp_auth_find_hmacid(hmacs->hmac_ids, n_elt, hmac_id); 515 } 516 517 518 /* Cache the default HMAC id. This to follow this text from SCTP-AUTH: 519 * Section 6.1: 520 * The receiver of a HMAC-ALGO parameter SHOULD use the first listed 521 * algorithm it supports. 522 */ 523 void sctp_auth_asoc_set_default_hmac(struct sctp_association *asoc, 524 struct sctp_hmac_algo_param *hmacs) 525 { 526 __u16 id; 527 int i; 528 int n_params; 529 530 /* if the default id is already set, use it */ 531 if (asoc->default_hmac_id) 532 return; 533 534 n_params = (ntohs(hmacs->param_hdr.length) - 535 sizeof(struct sctp_paramhdr)) >> 1; 536 for (i = 0; i < n_params; i++) { 537 id = ntohs(hmacs->hmac_ids[i]); 538 if (sctp_hmac_supported(id)) { 539 asoc->default_hmac_id = id; 540 break; 541 } 542 } 543 } 544 545 546 /* Check to see if the given chunk is supposed to be authenticated */ 547 static int __sctp_auth_cid(enum sctp_cid chunk, struct sctp_chunks_param *param) 548 { 549 unsigned short len; 550 int found = 0; 551 int i; 552 553 if (!param || param->param_hdr.length == 0) 554 return 0; 555 556 len = ntohs(param->param_hdr.length) - sizeof(struct sctp_paramhdr); 557 558 /* SCTP-AUTH, Section 3.2 559 * The chunk types for INIT, INIT-ACK, SHUTDOWN-COMPLETE and AUTH 560 * chunks MUST NOT be listed in the CHUNKS parameter. However, if 561 * a CHUNKS parameter is received then the types for INIT, INIT-ACK, 562 * SHUTDOWN-COMPLETE and AUTH chunks MUST be ignored. 563 */ 564 for (i = 0; !found && i < len; i++) { 565 switch (param->chunks[i]) { 566 case SCTP_CID_INIT: 567 case SCTP_CID_INIT_ACK: 568 case SCTP_CID_SHUTDOWN_COMPLETE: 569 case SCTP_CID_AUTH: 570 break; 571 572 default: 573 if (param->chunks[i] == chunk) 574 found = 1; 575 break; 576 } 577 } 578 579 return found; 580 } 581 582 /* Check if peer requested that this chunk is authenticated */ 583 int sctp_auth_send_cid(enum sctp_cid chunk, const struct sctp_association *asoc) 584 { 585 if (!asoc) 586 return 0; 587 588 if (!asoc->peer.auth_capable) 589 return 0; 590 591 return __sctp_auth_cid(chunk, asoc->peer.peer_chunks); 592 } 593 594 /* Check if we requested that peer authenticate this chunk. */ 595 int sctp_auth_recv_cid(enum sctp_cid chunk, const struct sctp_association *asoc) 596 { 597 if (!asoc) 598 return 0; 599 600 if (!asoc->peer.auth_capable) 601 return 0; 602 603 return __sctp_auth_cid(chunk, 604 (struct sctp_chunks_param *)asoc->c.auth_chunks); 605 } 606 607 /* SCTP-AUTH: Section 6.2: 608 * The sender MUST calculate the MAC as described in RFC2104 [2] using 609 * the hash function H as described by the MAC Identifier and the shared 610 * association key K based on the endpoint pair shared key described by 611 * the shared key identifier. The 'data' used for the computation of 612 * the AUTH-chunk is given by the AUTH chunk with its HMAC field set to 613 * zero (as shown in Figure 6) followed by all chunks that are placed 614 * after the AUTH chunk in the SCTP packet. 615 */ 616 void sctp_auth_calculate_hmac(const struct sctp_association *asoc, 617 struct sk_buff *skb, struct sctp_auth_chunk *auth, 618 struct sctp_shared_key *ep_key, gfp_t gfp) 619 { 620 struct sctp_auth_bytes *asoc_key; 621 __u16 key_id, hmac_id; 622 int free_key = 0; 623 size_t data_len; 624 __u8 *digest; 625 626 /* Extract the info we need: 627 * - hmac id 628 * - key id 629 */ 630 key_id = ntohs(auth->auth_hdr.shkey_id); 631 hmac_id = ntohs(auth->auth_hdr.hmac_id); 632 633 if (key_id == asoc->active_key_id) 634 asoc_key = asoc->asoc_shared_key; 635 else { 636 /* ep_key can't be NULL here */ 637 asoc_key = sctp_auth_asoc_create_secret(asoc, ep_key, gfp); 638 if (!asoc_key) 639 return; 640 641 free_key = 1; 642 } 643 644 data_len = skb_tail_pointer(skb) - (unsigned char *)auth; 645 digest = (u8 *)(&auth->auth_hdr + 1); 646 if (hmac_id == SCTP_AUTH_HMAC_ID_SHA1) { 647 hmac_sha1_usingrawkey(asoc_key->data, asoc_key->len, 648 (const u8 *)auth, data_len, digest); 649 } else { 650 WARN_ON_ONCE(hmac_id != SCTP_AUTH_HMAC_ID_SHA256); 651 hmac_sha256_usingrawkey(asoc_key->data, asoc_key->len, 652 (const u8 *)auth, data_len, digest); 653 } 654 655 if (free_key) 656 sctp_auth_key_put(asoc_key); 657 } 658 659 /* API Helpers */ 660 661 /* Add a chunk to the endpoint authenticated chunk list */ 662 int sctp_auth_ep_add_chunkid(struct sctp_endpoint *ep, __u8 chunk_id) 663 { 664 struct sctp_chunks_param *p = ep->auth_chunk_list; 665 __u16 nchunks; 666 __u16 param_len; 667 668 /* If this chunk is already specified, we are done */ 669 if (__sctp_auth_cid(chunk_id, p)) 670 return 0; 671 672 /* Check if we can add this chunk to the array */ 673 param_len = ntohs(p->param_hdr.length); 674 nchunks = param_len - sizeof(struct sctp_paramhdr); 675 if (nchunks == SCTP_NUM_CHUNK_TYPES) 676 return -EINVAL; 677 678 p->chunks[nchunks] = chunk_id; 679 p->param_hdr.length = htons(param_len + 1); 680 return 0; 681 } 682 683 /* Add hmac identifires to the endpoint list of supported hmac ids */ 684 int sctp_auth_ep_set_hmacs(struct sctp_endpoint *ep, 685 struct sctp_hmacalgo *hmacs) 686 { 687 int has_sha1 = 0; 688 __u16 id; 689 int i; 690 691 /* Scan the list looking for unsupported id. Also make sure that 692 * SHA1 is specified. 693 */ 694 for (i = 0; i < hmacs->shmac_num_idents; i++) { 695 id = hmacs->shmac_idents[i]; 696 697 if (!sctp_hmac_supported(id)) 698 return -EOPNOTSUPP; 699 700 if (SCTP_AUTH_HMAC_ID_SHA1 == id) 701 has_sha1 = 1; 702 } 703 704 if (!has_sha1) 705 return -EINVAL; 706 707 for (i = 0; i < hmacs->shmac_num_idents; i++) 708 ep->auth_hmacs_list->hmac_ids[i] = 709 htons(hmacs->shmac_idents[i]); 710 ep->auth_hmacs_list->param_hdr.length = 711 htons(sizeof(struct sctp_paramhdr) + 712 hmacs->shmac_num_idents * sizeof(__u16)); 713 return 0; 714 } 715 716 /* Set a new shared key on either endpoint or association. If the 717 * key with a same ID already exists, replace the key (remove the 718 * old key and add a new one). 719 */ 720 int sctp_auth_set_key(struct sctp_endpoint *ep, 721 struct sctp_association *asoc, 722 struct sctp_authkey *auth_key) 723 { 724 struct sctp_shared_key *cur_key, *shkey; 725 struct sctp_auth_bytes *key; 726 struct list_head *sh_keys; 727 int replace = 0; 728 729 /* Try to find the given key id to see if 730 * we are doing a replace, or adding a new key 731 */ 732 if (asoc) { 733 if (!asoc->peer.auth_capable) 734 return -EACCES; 735 sh_keys = &asoc->endpoint_shared_keys; 736 } else { 737 if (!ep->auth_enable) 738 return -EACCES; 739 sh_keys = &ep->endpoint_shared_keys; 740 } 741 742 key_for_each(shkey, sh_keys) { 743 if (shkey->key_id == auth_key->sca_keynumber) { 744 replace = 1; 745 break; 746 } 747 } 748 749 cur_key = sctp_auth_shkey_create(auth_key->sca_keynumber, GFP_KERNEL); 750 if (!cur_key) 751 return -ENOMEM; 752 753 /* Create a new key data based on the info passed in */ 754 key = sctp_auth_create_key(auth_key->sca_keylength, GFP_KERNEL); 755 if (!key) { 756 kfree(cur_key); 757 return -ENOMEM; 758 } 759 760 memcpy(key->data, &auth_key->sca_key[0], auth_key->sca_keylength); 761 cur_key->key = key; 762 763 if (!replace) { 764 list_add(&cur_key->key_list, sh_keys); 765 return 0; 766 } 767 768 list_del_init(&shkey->key_list); 769 list_add(&cur_key->key_list, sh_keys); 770 771 if (asoc && asoc->active_key_id == auth_key->sca_keynumber && 772 sctp_auth_asoc_init_active_key(asoc, GFP_KERNEL)) { 773 list_del_init(&cur_key->key_list); 774 sctp_auth_shkey_release(cur_key); 775 list_add(&shkey->key_list, sh_keys); 776 return -ENOMEM; 777 } 778 779 sctp_auth_shkey_release(shkey); 780 return 0; 781 } 782 783 int sctp_auth_set_active_key(struct sctp_endpoint *ep, 784 struct sctp_association *asoc, 785 __u16 key_id) 786 { 787 struct sctp_shared_key *key; 788 struct list_head *sh_keys; 789 int found = 0; 790 791 /* The key identifier MUST correst to an existing key */ 792 if (asoc) { 793 if (!asoc->peer.auth_capable) 794 return -EACCES; 795 sh_keys = &asoc->endpoint_shared_keys; 796 } else { 797 if (!ep->auth_enable) 798 return -EACCES; 799 sh_keys = &ep->endpoint_shared_keys; 800 } 801 802 key_for_each(key, sh_keys) { 803 if (key->key_id == key_id) { 804 found = 1; 805 break; 806 } 807 } 808 809 if (!found || key->deactivated) 810 return -EINVAL; 811 812 if (asoc) { 813 __u16 active_key_id = asoc->active_key_id; 814 815 asoc->active_key_id = key_id; 816 if (sctp_auth_asoc_init_active_key(asoc, GFP_KERNEL)) { 817 asoc->active_key_id = active_key_id; 818 return -ENOMEM; 819 } 820 } else 821 ep->active_key_id = key_id; 822 823 return 0; 824 } 825 826 int sctp_auth_del_key_id(struct sctp_endpoint *ep, 827 struct sctp_association *asoc, 828 __u16 key_id) 829 { 830 struct sctp_shared_key *key; 831 struct list_head *sh_keys; 832 int found = 0; 833 834 /* The key identifier MUST NOT be the current active key 835 * The key identifier MUST correst to an existing key 836 */ 837 if (asoc) { 838 if (!asoc->peer.auth_capable) 839 return -EACCES; 840 if (asoc->active_key_id == key_id) 841 return -EINVAL; 842 843 sh_keys = &asoc->endpoint_shared_keys; 844 } else { 845 if (!ep->auth_enable) 846 return -EACCES; 847 if (ep->active_key_id == key_id) 848 return -EINVAL; 849 850 sh_keys = &ep->endpoint_shared_keys; 851 } 852 853 key_for_each(key, sh_keys) { 854 if (key->key_id == key_id) { 855 found = 1; 856 break; 857 } 858 } 859 860 if (!found) 861 return -EINVAL; 862 863 /* Delete the shared key */ 864 list_del_init(&key->key_list); 865 sctp_auth_shkey_release(key); 866 867 return 0; 868 } 869 870 int sctp_auth_deact_key_id(struct sctp_endpoint *ep, 871 struct sctp_association *asoc, __u16 key_id) 872 { 873 struct sctp_shared_key *key; 874 struct list_head *sh_keys; 875 int found = 0; 876 877 /* The key identifier MUST NOT be the current active key 878 * The key identifier MUST correst to an existing key 879 */ 880 if (asoc) { 881 if (!asoc->peer.auth_capable) 882 return -EACCES; 883 if (asoc->active_key_id == key_id) 884 return -EINVAL; 885 886 sh_keys = &asoc->endpoint_shared_keys; 887 } else { 888 if (!ep->auth_enable) 889 return -EACCES; 890 if (ep->active_key_id == key_id) 891 return -EINVAL; 892 893 sh_keys = &ep->endpoint_shared_keys; 894 } 895 896 key_for_each(key, sh_keys) { 897 if (key->key_id == key_id) { 898 found = 1; 899 break; 900 } 901 } 902 903 if (!found) 904 return -EINVAL; 905 906 /* refcnt == 1 and !list_empty mean it's not being used anywhere 907 * and deactivated will be set, so it's time to notify userland 908 * that this shkey can be freed. 909 */ 910 if (asoc && !list_empty(&key->key_list) && 911 refcount_read(&key->refcnt) == 1) { 912 struct sctp_ulpevent *ev; 913 914 ev = sctp_ulpevent_make_authkey(asoc, key->key_id, 915 SCTP_AUTH_FREE_KEY, GFP_KERNEL); 916 if (ev) 917 asoc->stream.si->enqueue_event(&asoc->ulpq, ev); 918 } 919 920 key->deactivated = 1; 921 922 return 0; 923 } 924 925 int sctp_auth_init(struct sctp_endpoint *ep, gfp_t gfp) 926 { 927 /* Allocate space for HMACS and CHUNKS authentication 928 * variables. There are arrays that we encode directly 929 * into parameters to make the rest of the operations easier. 930 */ 931 if (!ep->auth_hmacs_list) { 932 struct sctp_hmac_algo_param *auth_hmacs; 933 934 auth_hmacs = kzalloc(struct_size(auth_hmacs, hmac_ids, 935 SCTP_AUTH_NUM_HMACS), gfp); 936 if (!auth_hmacs) 937 goto nomem; 938 /* Initialize the HMACS parameter. 939 * SCTP-AUTH: Section 3.3 940 * Every endpoint supporting SCTP chunk authentication MUST 941 * support the HMAC based on the SHA-1 algorithm. 942 */ 943 auth_hmacs->param_hdr.type = SCTP_PARAM_HMAC_ALGO; 944 auth_hmacs->param_hdr.length = 945 htons(sizeof(struct sctp_paramhdr) + 2); 946 auth_hmacs->hmac_ids[0] = htons(SCTP_AUTH_HMAC_ID_SHA1); 947 ep->auth_hmacs_list = auth_hmacs; 948 } 949 950 if (!ep->auth_chunk_list) { 951 struct sctp_chunks_param *auth_chunks; 952 953 auth_chunks = kzalloc(sizeof(*auth_chunks) + 954 SCTP_NUM_CHUNK_TYPES, gfp); 955 if (!auth_chunks) 956 goto nomem; 957 /* Initialize the CHUNKS parameter */ 958 auth_chunks->param_hdr.type = SCTP_PARAM_CHUNKS; 959 auth_chunks->param_hdr.length = 960 htons(sizeof(struct sctp_paramhdr)); 961 ep->auth_chunk_list = auth_chunks; 962 } 963 964 return 0; 965 966 nomem: 967 /* Free all allocations */ 968 kfree(ep->auth_hmacs_list); 969 kfree(ep->auth_chunk_list); 970 ep->auth_hmacs_list = NULL; 971 ep->auth_chunk_list = NULL; 972 return -ENOMEM; 973 } 974 975 void sctp_auth_free(struct sctp_endpoint *ep) 976 { 977 kfree(ep->auth_hmacs_list); 978 kfree(ep->auth_chunk_list); 979 ep->auth_hmacs_list = NULL; 980 ep->auth_chunk_list = NULL; 981 } 982