xref: /freebsd/sys/dev/wg/wg_noise.h (revision 744bfb213144c63cbaf38d91a1c4f7aebb9b9fbc) 
1*744bfb21SJohn Baldwin /* SPDX-License-Identifier: ISC
2*744bfb21SJohn Baldwin  *
3*744bfb21SJohn Baldwin  * Copyright (C) 2015-2021 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
4*744bfb21SJohn Baldwin  * Copyright (C) 2019-2021 Matt Dunwoodie <ncon@noconroy.net>
5*744bfb21SJohn Baldwin  */
6*744bfb21SJohn Baldwin 
7*744bfb21SJohn Baldwin #ifndef __NOISE_H__
8*744bfb21SJohn Baldwin #define __NOISE_H__
9*744bfb21SJohn Baldwin 
10*744bfb21SJohn Baldwin #include "crypto.h"
11*744bfb21SJohn Baldwin 
12*744bfb21SJohn Baldwin #define NOISE_PUBLIC_KEY_LEN	CURVE25519_KEY_SIZE
13*744bfb21SJohn Baldwin #define NOISE_SYMMETRIC_KEY_LEN	CHACHA20POLY1305_KEY_SIZE
14*744bfb21SJohn Baldwin #define NOISE_TIMESTAMP_LEN	(sizeof(uint64_t) + sizeof(uint32_t))
15*744bfb21SJohn Baldwin #define NOISE_AUTHTAG_LEN	CHACHA20POLY1305_AUTHTAG_SIZE
16*744bfb21SJohn Baldwin #define NOISE_HASH_LEN		BLAKE2S_HASH_SIZE
17*744bfb21SJohn Baldwin 
18*744bfb21SJohn Baldwin #define REJECT_AFTER_TIME	180
19*744bfb21SJohn Baldwin #define REKEY_TIMEOUT		5
20*744bfb21SJohn Baldwin #define KEEPALIVE_TIMEOUT	10
21*744bfb21SJohn Baldwin 
22*744bfb21SJohn Baldwin struct noise_local;
23*744bfb21SJohn Baldwin struct noise_remote;
24*744bfb21SJohn Baldwin struct noise_keypair;
25*744bfb21SJohn Baldwin 
26*744bfb21SJohn Baldwin /* Local configuration */
27*744bfb21SJohn Baldwin struct noise_local *
28*744bfb21SJohn Baldwin 	noise_local_alloc(void *);
29*744bfb21SJohn Baldwin struct noise_local *
30*744bfb21SJohn Baldwin 	noise_local_ref(struct noise_local *);
31*744bfb21SJohn Baldwin void	noise_local_put(struct noise_local *);
32*744bfb21SJohn Baldwin void	noise_local_free(struct noise_local *, void (*)(struct noise_local *));
33*744bfb21SJohn Baldwin void *	noise_local_arg(struct noise_local *);
34*744bfb21SJohn Baldwin 
35*744bfb21SJohn Baldwin void	noise_local_private(struct noise_local *,
36*744bfb21SJohn Baldwin 	    const uint8_t[NOISE_PUBLIC_KEY_LEN]);
37*744bfb21SJohn Baldwin int	noise_local_keys(struct noise_local *,
38*744bfb21SJohn Baldwin 	    uint8_t[NOISE_PUBLIC_KEY_LEN],
39*744bfb21SJohn Baldwin 	    uint8_t[NOISE_PUBLIC_KEY_LEN]);
40*744bfb21SJohn Baldwin 
41*744bfb21SJohn Baldwin /* Remote configuration */
42*744bfb21SJohn Baldwin struct noise_remote *
43*744bfb21SJohn Baldwin 	noise_remote_alloc(struct noise_local *, void *,
44*744bfb21SJohn Baldwin 	    const uint8_t[NOISE_PUBLIC_KEY_LEN]);
45*744bfb21SJohn Baldwin int	noise_remote_enable(struct noise_remote *);
46*744bfb21SJohn Baldwin void	noise_remote_disable(struct noise_remote *);
47*744bfb21SJohn Baldwin struct noise_remote *
48*744bfb21SJohn Baldwin 	noise_remote_lookup(struct noise_local *, const uint8_t[NOISE_PUBLIC_KEY_LEN]);
49*744bfb21SJohn Baldwin struct noise_remote *
50*744bfb21SJohn Baldwin 	noise_remote_index(struct noise_local *, uint32_t);
51*744bfb21SJohn Baldwin struct noise_remote *
52*744bfb21SJohn Baldwin 	noise_remote_ref(struct noise_remote *);
53*744bfb21SJohn Baldwin void	noise_remote_put(struct noise_remote *);
54*744bfb21SJohn Baldwin void	noise_remote_free(struct noise_remote *, void (*)(struct noise_remote *));
55*744bfb21SJohn Baldwin struct noise_local *
56*744bfb21SJohn Baldwin 	noise_remote_local(struct noise_remote *);
57*744bfb21SJohn Baldwin void *	noise_remote_arg(struct noise_remote *);
58*744bfb21SJohn Baldwin 
59*744bfb21SJohn Baldwin void	noise_remote_set_psk(struct noise_remote *,
60*744bfb21SJohn Baldwin 	    const uint8_t[NOISE_SYMMETRIC_KEY_LEN]);
61*744bfb21SJohn Baldwin int	noise_remote_keys(struct noise_remote *,
62*744bfb21SJohn Baldwin 	    uint8_t[NOISE_PUBLIC_KEY_LEN],
63*744bfb21SJohn Baldwin 	    uint8_t[NOISE_SYMMETRIC_KEY_LEN]);
64*744bfb21SJohn Baldwin int	noise_remote_initiation_expired(struct noise_remote *);
65*744bfb21SJohn Baldwin void	noise_remote_handshake_clear(struct noise_remote *);
66*744bfb21SJohn Baldwin void	noise_remote_keypairs_clear(struct noise_remote *);
67*744bfb21SJohn Baldwin 
68*744bfb21SJohn Baldwin /* Keypair functions */
69*744bfb21SJohn Baldwin struct noise_keypair *
70*744bfb21SJohn Baldwin 	noise_keypair_lookup(struct noise_local *, uint32_t);
71*744bfb21SJohn Baldwin struct noise_keypair *
72*744bfb21SJohn Baldwin 	noise_keypair_current(struct noise_remote *);
73*744bfb21SJohn Baldwin struct noise_keypair *
74*744bfb21SJohn Baldwin 	noise_keypair_ref(struct noise_keypair *);
75*744bfb21SJohn Baldwin int	noise_keypair_received_with(struct noise_keypair *);
76*744bfb21SJohn Baldwin void	noise_keypair_put(struct noise_keypair *);
77*744bfb21SJohn Baldwin 
78*744bfb21SJohn Baldwin struct noise_remote *
79*744bfb21SJohn Baldwin 	noise_keypair_remote(struct noise_keypair *);
80*744bfb21SJohn Baldwin 
81*744bfb21SJohn Baldwin int	noise_keypair_nonce_next(struct noise_keypair *, uint64_t *);
82*744bfb21SJohn Baldwin int	noise_keypair_nonce_check(struct noise_keypair *, uint64_t);
83*744bfb21SJohn Baldwin 
84*744bfb21SJohn Baldwin int	noise_keep_key_fresh_send(struct noise_remote *);
85*744bfb21SJohn Baldwin int	noise_keep_key_fresh_recv(struct noise_remote *);
86*744bfb21SJohn Baldwin int	noise_keypair_encrypt(
87*744bfb21SJohn Baldwin 	    struct noise_keypair *,
88*744bfb21SJohn Baldwin 	    uint32_t *r_idx,
89*744bfb21SJohn Baldwin 	    uint64_t nonce,
90*744bfb21SJohn Baldwin 	    struct mbuf *);
91*744bfb21SJohn Baldwin int	noise_keypair_decrypt(
92*744bfb21SJohn Baldwin 	    struct noise_keypair *,
93*744bfb21SJohn Baldwin 	    uint64_t nonce,
94*744bfb21SJohn Baldwin 	    struct mbuf *);
95*744bfb21SJohn Baldwin 
96*744bfb21SJohn Baldwin /* Handshake functions */
97*744bfb21SJohn Baldwin int	noise_create_initiation(
98*744bfb21SJohn Baldwin 	    struct noise_remote *,
99*744bfb21SJohn Baldwin 	    uint32_t *s_idx,
100*744bfb21SJohn Baldwin 	    uint8_t ue[NOISE_PUBLIC_KEY_LEN],
101*744bfb21SJohn Baldwin 	    uint8_t es[NOISE_PUBLIC_KEY_LEN + NOISE_AUTHTAG_LEN],
102*744bfb21SJohn Baldwin 	    uint8_t ets[NOISE_TIMESTAMP_LEN + NOISE_AUTHTAG_LEN]);
103*744bfb21SJohn Baldwin 
104*744bfb21SJohn Baldwin int	noise_consume_initiation(
105*744bfb21SJohn Baldwin 	    struct noise_local *,
106*744bfb21SJohn Baldwin 	    struct noise_remote **,
107*744bfb21SJohn Baldwin 	    uint32_t s_idx,
108*744bfb21SJohn Baldwin 	    uint8_t ue[NOISE_PUBLIC_KEY_LEN],
109*744bfb21SJohn Baldwin 	    uint8_t es[NOISE_PUBLIC_KEY_LEN + NOISE_AUTHTAG_LEN],
110*744bfb21SJohn Baldwin 	    uint8_t ets[NOISE_TIMESTAMP_LEN + NOISE_AUTHTAG_LEN]);
111*744bfb21SJohn Baldwin 
112*744bfb21SJohn Baldwin int	noise_create_response(
113*744bfb21SJohn Baldwin 	    struct noise_remote *,
114*744bfb21SJohn Baldwin 	    uint32_t *s_idx,
115*744bfb21SJohn Baldwin 	    uint32_t *r_idx,
116*744bfb21SJohn Baldwin 	    uint8_t ue[NOISE_PUBLIC_KEY_LEN],
117*744bfb21SJohn Baldwin 	    uint8_t en[0 + NOISE_AUTHTAG_LEN]);
118*744bfb21SJohn Baldwin 
119*744bfb21SJohn Baldwin int	noise_consume_response(
120*744bfb21SJohn Baldwin 	    struct noise_local *,
121*744bfb21SJohn Baldwin 	    struct noise_remote **,
122*744bfb21SJohn Baldwin 	    uint32_t s_idx,
123*744bfb21SJohn Baldwin 	    uint32_t r_idx,
124*744bfb21SJohn Baldwin 	    uint8_t ue[NOISE_PUBLIC_KEY_LEN],
125*744bfb21SJohn Baldwin 	    uint8_t en[0 + NOISE_AUTHTAG_LEN]);
126*744bfb21SJohn Baldwin 
127*744bfb21SJohn Baldwin #ifdef SELFTESTS
128*744bfb21SJohn Baldwin bool	noise_counter_selftest(void);
129*744bfb21SJohn Baldwin #endif /* SELFTESTS */
130*744bfb21SJohn Baldwin 
131*744bfb21SJohn Baldwin #endif /* __NOISE_H__ */
132