1/*
  2 * xfrm algorithm interface
  3 *
  4 * Copyright (c) 2002 James Morris <jmorris@intercode.com.au>
  5 *
  6 * This program is free software; you can redistribute it and/or modify it
  7 * under the terms of the GNU General Public License as published by the Free
  8 * Software Foundation; either version 2 of the License, or (at your option)
  9 * any later version.
 10 */
 11
 12#include <linux/module.h>
 13#include <linux/kernel.h>
 14#include <linux/pfkeyv2.h>
 15#include <linux/crypto.h>
 16#include <linux/scatterlist.h>
 17#include <net/xfrm.h>
 18#if defined(CONFIG_INET_ESP) || defined(CONFIG_INET_ESP_MODULE) || defined(CONFIG_INET6_ESP) || defined(CONFIG_INET6_ESP_MODULE)
 19#include <net/esp.h>
 20#endif
 21
 22/*
 23 * Algorithms supported by IPsec.  These entries contain properties which
 24 * are used in key negotiation and xfrm processing, and are used to verify
 25 * that instantiated crypto transforms have correct parameters for IPsec
 26 * purposes.
 27 */
 28static struct xfrm_algo_desc aead_list[] = {
 29{
 30	.name = "rfc4106(gcm(aes))",
 31
 32	.uinfo = {
 33		.aead = {
 34			.icv_truncbits = 64,
 35		}
 36	},
 37
 38	.desc = {
 39		.sadb_alg_id = SADB_X_EALG_AES_GCM_ICV8,
 40		.sadb_alg_ivlen = 8,
 41		.sadb_alg_minbits = 128,
 42		.sadb_alg_maxbits = 256
 43	}
 44},
 45{
 46	.name = "rfc4106(gcm(aes))",
 47
 48	.uinfo = {
 49		.aead = {
 50			.icv_truncbits = 96,
 51		}
 52	},
 53
 54	.desc = {
 55		.sadb_alg_id = SADB_X_EALG_AES_GCM_ICV12,
 56		.sadb_alg_ivlen = 8,
 57		.sadb_alg_minbits = 128,
 58		.sadb_alg_maxbits = 256
 59	}
 60},
 61{
 62	.name = "rfc4106(gcm(aes))",
 63
 64	.uinfo = {
 65		.aead = {
 66			.icv_truncbits = 128,
 67		}
 68	},
 69
 70	.desc = {
 71		.sadb_alg_id = SADB_X_EALG_AES_GCM_ICV16,
 72		.sadb_alg_ivlen = 8,
 73		.sadb_alg_minbits = 128,
 74		.sadb_alg_maxbits = 256
 75	}
 76},
 77{
 78	.name = "rfc4309(ccm(aes))",
 79
 80	.uinfo = {
 81		.aead = {
 82			.icv_truncbits = 64,
 83		}
 84	},
 85
 86	.desc = {
 87		.sadb_alg_id = SADB_X_EALG_AES_CCM_ICV8,
 88		.sadb_alg_ivlen = 8,
 89		.sadb_alg_minbits = 128,
 90		.sadb_alg_maxbits = 256
 91	}
 92},
 93{
 94	.name = "rfc4309(ccm(aes))",
 95
 96	.uinfo = {
 97		.aead = {
 98			.icv_truncbits = 96,
 99		}
100	},
101
102	.desc = {
103		.sadb_alg_id = SADB_X_EALG_AES_CCM_ICV12,
104		.sadb_alg_ivlen = 8,
105		.sadb_alg_minbits = 128,
106		.sadb_alg_maxbits = 256
107	}
108},
109{
110	.name = "rfc4309(ccm(aes))",
111
112	.uinfo = {
113		.aead = {
114			.icv_truncbits = 128,
115		}
116	},
117
118	.desc = {
119		.sadb_alg_id = SADB_X_EALG_AES_CCM_ICV16,
120		.sadb_alg_ivlen = 8,
121		.sadb_alg_minbits = 128,
122		.sadb_alg_maxbits = 256
123	}
124},
125{
126	.name = "rfc4543(gcm(aes))",
127
128	.uinfo = {
129		.aead = {
130			.icv_truncbits = 128,
131		}
132	},
133
134	.desc = {
135		.sadb_alg_id = SADB_X_EALG_NULL_AES_GMAC,
136		.sadb_alg_ivlen = 8,
137		.sadb_alg_minbits = 128,
138		.sadb_alg_maxbits = 256
139	}
140},
141};
142
143static struct xfrm_algo_desc aalg_list[] = {
144{
145	.name = "digest_null",
146
147	.uinfo = {
148		.auth = {
149			.icv_truncbits = 0,
150			.icv_fullbits = 0,
151		}
152	},
153
154	.desc = {
155		.sadb_alg_id = SADB_X_AALG_NULL,
156		.sadb_alg_ivlen = 0,
157		.sadb_alg_minbits = 0,
158		.sadb_alg_maxbits = 0
159	}
160},
161{
162	.name = "hmac(md5)",
163	.compat = "md5",
164
165	.uinfo = {
166		.auth = {
167			.icv_truncbits = 96,
168			.icv_fullbits = 128,
169		}
170	},
171
172	.desc = {
173		.sadb_alg_id = SADB_AALG_MD5HMAC,
174		.sadb_alg_ivlen = 0,
175		.sadb_alg_minbits = 128,
176		.sadb_alg_maxbits = 128
177	}
178},
179{
180	.name = "hmac(sha1)",
181	.compat = "sha1",
182
183	.uinfo = {
184		.auth = {
185			.icv_truncbits = 96,
186			.icv_fullbits = 160,
187		}
188	},
189
190	.desc = {
191		.sadb_alg_id = SADB_AALG_SHA1HMAC,
192		.sadb_alg_ivlen = 0,
193		.sadb_alg_minbits = 160,
194		.sadb_alg_maxbits = 160
195	}
196},
197{
198	.name = "hmac(sha256)",
199	.compat = "sha256",
200
201	.uinfo = {
202		.auth = {
203			.icv_truncbits = 96,
204			.icv_fullbits = 256,
205		}
206	},
207
208	.desc = {
209		.sadb_alg_id = SADB_X_AALG_SHA2_256HMAC,
210		.sadb_alg_ivlen = 0,
211		.sadb_alg_minbits = 256,
212		.sadb_alg_maxbits = 256
213	}
214},
215{
216	.name = "hmac(sha384)",
217
218	.uinfo = {
219		.auth = {
220			.icv_truncbits = 192,
221			.icv_fullbits = 384,
222		}
223	},
224
225	.desc = {
226		.sadb_alg_id = SADB_X_AALG_SHA2_384HMAC,
227		.sadb_alg_ivlen = 0,
228		.sadb_alg_minbits = 384,
229		.sadb_alg_maxbits = 384
230	}
231},
232{
233	.name = "hmac(sha512)",
234
235	.uinfo = {
236		.auth = {
237			.icv_truncbits = 256,
238			.icv_fullbits = 512,
239		}
240	},
241
242	.desc = {
243		.sadb_alg_id = SADB_X_AALG_SHA2_512HMAC,
244		.sadb_alg_ivlen = 0,
245		.sadb_alg_minbits = 512,
246		.sadb_alg_maxbits = 512
247	}
248},
249{
250	.name = "hmac(rmd160)",
251	.compat = "rmd160",
252
253	.uinfo = {
254		.auth = {
255			.icv_truncbits = 96,
256			.icv_fullbits = 160,
257		}
258	},
259
260	.desc = {
261		.sadb_alg_id = SADB_X_AALG_RIPEMD160HMAC,
262		.sadb_alg_ivlen = 0,
263		.sadb_alg_minbits = 160,
264		.sadb_alg_maxbits = 160
265	}
266},
267{
268	.name = "xcbc(aes)",
269
270	.uinfo = {
271		.auth = {
272			.icv_truncbits = 96,
273			.icv_fullbits = 128,
274		}
275	},
276
277	.desc = {
278		.sadb_alg_id = SADB_X_AALG_AES_XCBC_MAC,
279		.sadb_alg_ivlen = 0,
280		.sadb_alg_minbits = 128,
281		.sadb_alg_maxbits = 128
282	}
283},
284};
285
286static struct xfrm_algo_desc ealg_list[] = {
287{
288	.name = "ecb(cipher_null)",
289	.compat = "cipher_null",
290
291	.uinfo = {
292		.encr = {
293			.blockbits = 8,
294			.defkeybits = 0,
295		}
296	},
297
298	.desc = {
299		.sadb_alg_id =	SADB_EALG_NULL,
300		.sadb_alg_ivlen = 0,
301		.sadb_alg_minbits = 0,
302		.sadb_alg_maxbits = 0
303	}
304},
305{
306	.name = "cbc(des)",
307	.compat = "des",
308
309	.uinfo = {
310		.encr = {
311			.blockbits = 64,
312			.defkeybits = 64,
313		}
314	},
315
316	.desc = {
317		.sadb_alg_id = SADB_EALG_DESCBC,
318		.sadb_alg_ivlen = 8,
319		.sadb_alg_minbits = 64,
320		.sadb_alg_maxbits = 64
321	}
322},
323{
324	.name = "cbc(des3_ede)",
325	.compat = "des3_ede",
326
327	.uinfo = {
328		.encr = {
329			.blockbits = 64,
330			.defkeybits = 192,
331		}
332	},
333
334	.desc = {
335		.sadb_alg_id = SADB_EALG_3DESCBC,
336		.sadb_alg_ivlen = 8,
337		.sadb_alg_minbits = 192,
338		.sadb_alg_maxbits = 192
339	}
340},
341{
342	.name = "cbc(cast5)",
343	.compat = "cast5",
344
345	.uinfo = {
346		.encr = {
347			.blockbits = 64,
348			.defkeybits = 128,
349		}
350	},
351
352	.desc = {
353		.sadb_alg_id = SADB_X_EALG_CASTCBC,
354		.sadb_alg_ivlen = 8,
355		.sadb_alg_minbits = 40,
356		.sadb_alg_maxbits = 128
357	}
358},
359{
360	.name = "cbc(blowfish)",
361	.compat = "blowfish",
362
363	.uinfo = {
364		.encr = {
365			.blockbits = 64,
366			.defkeybits = 128,
367		}
368	},
369
370	.desc = {
371		.sadb_alg_id = SADB_X_EALG_BLOWFISHCBC,
372		.sadb_alg_ivlen = 8,
373		.sadb_alg_minbits = 40,
374		.sadb_alg_maxbits = 448
375	}
376},
377{
378	.name = "cbc(aes)",
379	.compat = "aes",
380
381	.uinfo = {
382		.encr = {
383			.blockbits = 128,
384			.defkeybits = 128,
385		}
386	},
387
388	.desc = {
389		.sadb_alg_id = SADB_X_EALG_AESCBC,
390		.sadb_alg_ivlen = 8,
391		.sadb_alg_minbits = 128,
392		.sadb_alg_maxbits = 256
393	}
394},
395{
396	.name = "cbc(serpent)",
397	.compat = "serpent",
398
399	.uinfo = {
400		.encr = {
401			.blockbits = 128,
402			.defkeybits = 128,
403		}
404	},
405
406	.desc = {
407		.sadb_alg_id = SADB_X_EALG_SERPENTCBC,
408		.sadb_alg_ivlen = 8,
409		.sadb_alg_minbits = 128,
410		.sadb_alg_maxbits = 256,
411	}
412},
413{
414	.name = "cbc(camellia)",
415	.compat = "camellia",
416
417	.uinfo = {
418		.encr = {
419			.blockbits = 128,
420			.defkeybits = 128,
421		}
422	},
423
424	.desc = {
425		.sadb_alg_id = SADB_X_EALG_CAMELLIACBC,
426		.sadb_alg_ivlen = 8,
427		.sadb_alg_minbits = 128,
428		.sadb_alg_maxbits = 256
429	}
430},
431{
432	.name = "cbc(twofish)",
433	.compat = "twofish",
434
435	.uinfo = {
436		.encr = {
437			.blockbits = 128,
438			.defkeybits = 128,
439		}
440	},
441
442	.desc = {
443		.sadb_alg_id = SADB_X_EALG_TWOFISHCBC,
444		.sadb_alg_ivlen = 8,
445		.sadb_alg_minbits = 128,
446		.sadb_alg_maxbits = 256
447	}
448},
449{
450	.name = "rfc3686(ctr(aes))",
451
452	.uinfo = {
453		.encr = {
454			.blockbits = 128,
455			.defkeybits = 160, /* 128-bit key + 32-bit nonce */
456		}
457	},
458
459	.desc = {
460		.sadb_alg_id = SADB_X_EALG_AESCTR,
461		.sadb_alg_ivlen	= 8,
462		.sadb_alg_minbits = 160,
463		.sadb_alg_maxbits = 288
464	}
465},
466};
467
468static struct xfrm_algo_desc calg_list[] = {
469{
470	.name = "deflate",
471	.uinfo = {
472		.comp = {
473			.threshold = 90,
474		}
475	},
476	.desc = { .sadb_alg_id = SADB_X_CALG_DEFLATE }
477},
478{
479	.name = "lzs",
480	.uinfo = {
481		.comp = {
482			.threshold = 90,
483		}
484	},
485	.desc = { .sadb_alg_id = SADB_X_CALG_LZS }
486},
487{
488	.name = "lzjh",
489	.uinfo = {
490		.comp = {
491			.threshold = 50,
492		}
493	},
494	.desc = { .sadb_alg_id = SADB_X_CALG_LZJH }
495},
496};
497
498static inline int aead_entries(void)
499{
500	return ARRAY_SIZE(aead_list);
501}
502
503static inline int aalg_entries(void)
504{
505	return ARRAY_SIZE(aalg_list);
506}
507
508static inline int ealg_entries(void)
509{
510	return ARRAY_SIZE(ealg_list);
511}
512
513static inline int calg_entries(void)
514{
515	return ARRAY_SIZE(calg_list);
516}
517
518struct xfrm_algo_list {
519	struct xfrm_algo_desc *algs;
520	int entries;
521	u32 type;
522	u32 mask;
523};
524
525static const struct xfrm_algo_list xfrm_aead_list = {
526	.algs = aead_list,
527	.entries = ARRAY_SIZE(aead_list),
528	.type = CRYPTO_ALG_TYPE_AEAD,
529	.mask = CRYPTO_ALG_TYPE_MASK,
530};
531
532static const struct xfrm_algo_list xfrm_aalg_list = {
533	.algs = aalg_list,
534	.entries = ARRAY_SIZE(aalg_list),
535	.type = CRYPTO_ALG_TYPE_HASH,
536	.mask = CRYPTO_ALG_TYPE_HASH_MASK,
537};
538
539static const struct xfrm_algo_list xfrm_ealg_list = {
540	.algs = ealg_list,
541	.entries = ARRAY_SIZE(ealg_list),
542	.type = CRYPTO_ALG_TYPE_BLKCIPHER,
543	.mask = CRYPTO_ALG_TYPE_BLKCIPHER_MASK,
544};
545
546static const struct xfrm_algo_list xfrm_calg_list = {
547	.algs = calg_list,
548	.entries = ARRAY_SIZE(calg_list),
549	.type = CRYPTO_ALG_TYPE_COMPRESS,
550	.mask = CRYPTO_ALG_TYPE_MASK,
551};
552
553static struct xfrm_algo_desc *xfrm_find_algo(
554	const struct xfrm_algo_list *algo_list,
555	int match(const struct xfrm_algo_desc *entry, const void *data),
556	const void *data, int probe)
557{
558	struct xfrm_algo_desc *list = algo_list->algs;
559	int i, status;
560
561	for (i = 0; i < algo_list->entries; i++) {
562		if (!match(list + i, data))
563			continue;
564
565		if (list[i].available)
566			return &list[i];
567
568		if (!probe)
569			break;
570
571		status = crypto_has_alg(list[i].name, algo_list->type,
572					algo_list->mask);
573		if (!status)
574			break;
575
576		list[i].available = status;
577		return &list[i];
578	}
579	return NULL;
580}
581
582static int xfrm_alg_id_match(const struct xfrm_algo_desc *entry,
583			     const void *data)
584{
585	return entry->desc.sadb_alg_id == (unsigned long)data;
586}
587
588struct xfrm_algo_desc *xfrm_aalg_get_byid(int alg_id)
589{
590	return xfrm_find_algo(&xfrm_aalg_list, xfrm_alg_id_match,
591			      (void *)(unsigned long)alg_id, 1);
592}
593EXPORT_SYMBOL_GPL(xfrm_aalg_get_byid);
594
595struct xfrm_algo_desc *xfrm_ealg_get_byid(int alg_id)
596{
597	return xfrm_find_algo(&xfrm_ealg_list, xfrm_alg_id_match,
598			      (void *)(unsigned long)alg_id, 1);
599}
600EXPORT_SYMBOL_GPL(xfrm_ealg_get_byid);
601
602struct xfrm_algo_desc *xfrm_calg_get_byid(int alg_id)
603{
604	return xfrm_find_algo(&xfrm_calg_list, xfrm_alg_id_match,
605			      (void *)(unsigned long)alg_id, 1);
606}
607EXPORT_SYMBOL_GPL(xfrm_calg_get_byid);
608
609static int xfrm_alg_name_match(const struct xfrm_algo_desc *entry,
610			       const void *data)
611{
612	const char *name = data;
613
614	return name && (!strcmp(name, entry->name) ||
615			(entry->compat && !strcmp(name, entry->compat)));
616}
617
618struct xfrm_algo_desc *xfrm_aalg_get_byname(const char *name, int probe)
619{
620	return xfrm_find_algo(&xfrm_aalg_list, xfrm_alg_name_match, name,
621			      probe);
622}
623EXPORT_SYMBOL_GPL(xfrm_aalg_get_byname);
624
625struct xfrm_algo_desc *xfrm_ealg_get_byname(const char *name, int probe)
626{
627	return xfrm_find_algo(&xfrm_ealg_list, xfrm_alg_name_match, name,
628			      probe);
629}
630EXPORT_SYMBOL_GPL(xfrm_ealg_get_byname);
631
632struct xfrm_algo_desc *xfrm_calg_get_byname(const char *name, int probe)
633{
634	return xfrm_find_algo(&xfrm_calg_list, xfrm_alg_name_match, name,
635			      probe);
636}
637EXPORT_SYMBOL_GPL(xfrm_calg_get_byname);
638
639struct xfrm_aead_name {
640	const char *name;
641	int icvbits;
642};
643
644static int xfrm_aead_name_match(const struct xfrm_algo_desc *entry,
645				const void *data)
646{
647	const struct xfrm_aead_name *aead = data;
648	const char *name = aead->name;
649
650	return aead->icvbits == entry->uinfo.aead.icv_truncbits && name &&
651	       !strcmp(name, entry->name);
652}
653
654struct xfrm_algo_desc *xfrm_aead_get_byname(const char *name, int icv_len, int probe)
655{
656	struct xfrm_aead_name data = {
657		.name = name,
658		.icvbits = icv_len,
659	};
660
661	return xfrm_find_algo(&xfrm_aead_list, xfrm_aead_name_match, &data,
662			      probe);
663}
664EXPORT_SYMBOL_GPL(xfrm_aead_get_byname);
665
666struct xfrm_algo_desc *xfrm_aalg_get_byidx(unsigned int idx)
667{
668	if (idx >= aalg_entries())
669		return NULL;
670
671	return &aalg_list[idx];
672}
673EXPORT_SYMBOL_GPL(xfrm_aalg_get_byidx);
674
675struct xfrm_algo_desc *xfrm_ealg_get_byidx(unsigned int idx)
676{
677	if (idx >= ealg_entries())
678		return NULL;
679
680	return &ealg_list[idx];
681}
682EXPORT_SYMBOL_GPL(xfrm_ealg_get_byidx);
683
684/*
685 * Probe for the availability of crypto algorithms, and set the available
686 * flag for any algorithms found on the system.  This is typically called by
687 * pfkey during userspace SA add, update or register.
688 */
689void xfrm_probe_algs(void)
690{
691	int i, status;
692
693	BUG_ON(in_softirq());
694
695	for (i = 0; i < aalg_entries(); i++) {
696		status = crypto_has_hash(aalg_list[i].name, 0,
697					 CRYPTO_ALG_ASYNC);
698		if (aalg_list[i].available != status)
699			aalg_list[i].available = status;
700	}
701
702	for (i = 0; i < ealg_entries(); i++) {
703		status = crypto_has_blkcipher(ealg_list[i].name, 0,
704					      CRYPTO_ALG_ASYNC);
705		if (ealg_list[i].available != status)
706			ealg_list[i].available = status;
707	}
708
709	for (i = 0; i < calg_entries(); i++) {
710		status = crypto_has_comp(calg_list[i].name, 0,
711					 CRYPTO_ALG_ASYNC);
712		if (calg_list[i].available != status)
713			calg_list[i].available = status;
714	}
715}
716EXPORT_SYMBOL_GPL(xfrm_probe_algs);
717
718int xfrm_count_auth_supported(void)
719{
720	int i, n;
721
722	for (i = 0, n = 0; i < aalg_entries(); i++)
723		if (aalg_list[i].available)
724			n++;
725	return n;
726}
727EXPORT_SYMBOL_GPL(xfrm_count_auth_supported);
728
729int xfrm_count_enc_supported(void)
730{
731	int i, n;
732
733	for (i = 0, n = 0; i < ealg_entries(); i++)
734		if (ealg_list[i].available)
735			n++;
736	return n;
737}
738EXPORT_SYMBOL_GPL(xfrm_count_enc_supported);
739
740#if defined(CONFIG_INET_ESP) || defined(CONFIG_INET_ESP_MODULE) || defined(CONFIG_INET6_ESP) || defined(CONFIG_INET6_ESP_MODULE)
741
742void *pskb_put(struct sk_buff *skb, struct sk_buff *tail, int len)
743{
744	if (tail != skb) {
745		skb->data_len += len;
746		skb->len += len;
747	}
748	return skb_put(tail, len);
749}
750EXPORT_SYMBOL_GPL(pskb_put);
751#endif
752
753MODULE_LICENSE("GPL");