1 /* SPDX-License-Identifier: GPL-2.0-or-later */ 2 /* SCTP kernel implementation 3 * (C) Copyright 2007 Hewlett-Packard Development Company, L.P. 4 * 5 * This file is part of the SCTP kernel implementation 6 * 7 * Please send any bug reports or fixes you make to the 8 * email address(es): 9 * lksctp developers <linux-sctp@vger.kernel.org> 10 * 11 * Written or modified by: 12 * Vlad Yasevich <vladislav.yasevich@hp.com> 13 */ 14 15 #ifndef __sctp_auth_h__ 16 #define __sctp_auth_h__ 17 18 #include <linux/list.h> 19 #include <linux/refcount.h> 20 21 struct sctp_endpoint; 22 struct sctp_association; 23 struct sctp_authkey; 24 struct sctp_hmacalgo; 25 26 /* Defines an HMAC algorithm supported by SCTP chunk authentication */ 27 struct sctp_hmac { 28 __u16 hmac_id; /* one of SCTP_AUTH_HMAC_ID_* */ 29 __u16 hmac_len; /* length of the HMAC value in bytes */ 30 }; 31 32 /* This is generic structure that containst authentication bytes used 33 * as keying material. It's a what is referred to as byte-vector all 34 * over SCTP-AUTH 35 */ 36 struct sctp_auth_bytes { 37 refcount_t refcnt; 38 __u32 len; 39 __u8 data[]; 40 }; 41 42 /* Definition for a shared key, weather endpoint or association */ 43 struct sctp_shared_key { 44 struct list_head key_list; 45 struct sctp_auth_bytes *key; 46 refcount_t refcnt; 47 __u16 key_id; 48 __u8 deactivated; 49 }; 50 51 #define key_for_each(__key, __list_head) \ 52 list_for_each_entry(__key, __list_head, key_list) 53 54 #define key_for_each_safe(__key, __tmp, __list_head) \ 55 list_for_each_entry_safe(__key, __tmp, __list_head, key_list) 56 57 static inline void sctp_auth_key_hold(struct sctp_auth_bytes *key) 58 { 59 if (!key) 60 return; 61 62 refcount_inc(&key->refcnt); 63 } 64 65 void sctp_auth_key_put(struct sctp_auth_bytes *key); 66 struct sctp_shared_key *sctp_auth_shkey_create(__u16 key_id, gfp_t gfp); 67 void sctp_auth_destroy_keys(struct list_head *keys); 68 int sctp_auth_asoc_init_active_key(struct sctp_association *asoc, gfp_t gfp); 69 struct sctp_shared_key *sctp_auth_get_shkey( 70 const struct sctp_association *asoc, 71 __u16 key_id); 72 int sctp_auth_asoc_copy_shkeys(const struct sctp_endpoint *ep, 73 struct sctp_association *asoc, 74 gfp_t gfp); 75 int sctp_auth_init_hmacs(struct sctp_endpoint *ep, gfp_t gfp); 76 const struct sctp_hmac *sctp_auth_get_hmac(__u16 hmac_id); 77 const struct sctp_hmac * 78 sctp_auth_asoc_get_hmac(const struct sctp_association *asoc); 79 void sctp_auth_asoc_set_default_hmac(struct sctp_association *asoc, 80 struct sctp_hmac_algo_param *hmacs); 81 int sctp_auth_asoc_verify_hmac_id(const struct sctp_association *asoc, 82 __be16 hmac_id); 83 int sctp_auth_send_cid(enum sctp_cid chunk, 84 const struct sctp_association *asoc); 85 int sctp_auth_recv_cid(enum sctp_cid chunk, 86 const struct sctp_association *asoc); 87 void sctp_auth_calculate_hmac(const struct sctp_association *asoc, 88 struct sk_buff *skb, struct sctp_auth_chunk *auth, 89 struct sctp_shared_key *ep_key, gfp_t gfp); 90 void sctp_auth_shkey_release(struct sctp_shared_key *sh_key); 91 void sctp_auth_shkey_hold(struct sctp_shared_key *sh_key); 92 93 /* API Helpers */ 94 int sctp_auth_ep_add_chunkid(struct sctp_endpoint *ep, __u8 chunk_id); 95 int sctp_auth_ep_set_hmacs(struct sctp_endpoint *ep, 96 struct sctp_hmacalgo *hmacs); 97 int sctp_auth_set_key(struct sctp_endpoint *ep, struct sctp_association *asoc, 98 struct sctp_authkey *auth_key); 99 int sctp_auth_set_active_key(struct sctp_endpoint *ep, 100 struct sctp_association *asoc, __u16 key_id); 101 int sctp_auth_del_key_id(struct sctp_endpoint *ep, 102 struct sctp_association *asoc, __u16 key_id); 103 int sctp_auth_deact_key_id(struct sctp_endpoint *ep, 104 struct sctp_association *asoc, __u16 key_id); 105 int sctp_auth_init(struct sctp_endpoint *ep, gfp_t gfp); 106 void sctp_auth_free(struct sctp_endpoint *ep); 107 108 #endif 109