Loading...
1// SPDX-License-Identifier: GPL-2.0-or-later
2/*
3 * xfrm algorithm interface
4 *
5 * Copyright (c) 2002 James Morris <jmorris@intercode.com.au>
6 */
7
8#include <crypto/hash.h>
9#include <crypto/skcipher.h>
10#include <linux/module.h>
11#include <linux/kernel.h>
12#include <linux/pfkeyv2.h>
13#include <linux/crypto.h>
14#include <linux/scatterlist.h>
15#include <net/xfrm.h>
16#if IS_ENABLED(CONFIG_INET_ESP) || IS_ENABLED(CONFIG_INET6_ESP)
17#include <net/esp.h>
18#endif
19
20/*
21 * Algorithms supported by IPsec. These entries contain properties which
22 * are used in key negotiation and xfrm processing, and are used to verify
23 * that instantiated crypto transforms have correct parameters for IPsec
24 * purposes.
25 */
26static struct xfrm_algo_desc aead_list[] = {
27{
28 .name = "rfc4106(gcm(aes))",
29
30 .uinfo = {
31 .aead = {
32 .geniv = "seqiv",
33 .icv_truncbits = 64,
34 }
35 },
36
37 .pfkey_supported = 1,
38
39 .desc = {
40 .sadb_alg_id = SADB_X_EALG_AES_GCM_ICV8,
41 .sadb_alg_ivlen = 8,
42 .sadb_alg_minbits = 128,
43 .sadb_alg_maxbits = 256
44 }
45},
46{
47 .name = "rfc4106(gcm(aes))",
48
49 .uinfo = {
50 .aead = {
51 .geniv = "seqiv",
52 .icv_truncbits = 96,
53 }
54 },
55
56 .pfkey_supported = 1,
57
58 .desc = {
59 .sadb_alg_id = SADB_X_EALG_AES_GCM_ICV12,
60 .sadb_alg_ivlen = 8,
61 .sadb_alg_minbits = 128,
62 .sadb_alg_maxbits = 256
63 }
64},
65{
66 .name = "rfc4106(gcm(aes))",
67
68 .uinfo = {
69 .aead = {
70 .geniv = "seqiv",
71 .icv_truncbits = 128,
72 }
73 },
74
75 .pfkey_supported = 1,
76
77 .desc = {
78 .sadb_alg_id = SADB_X_EALG_AES_GCM_ICV16,
79 .sadb_alg_ivlen = 8,
80 .sadb_alg_minbits = 128,
81 .sadb_alg_maxbits = 256
82 }
83},
84{
85 .name = "rfc4309(ccm(aes))",
86
87 .uinfo = {
88 .aead = {
89 .geniv = "seqiv",
90 .icv_truncbits = 64,
91 }
92 },
93
94 .pfkey_supported = 1,
95
96 .desc = {
97 .sadb_alg_id = SADB_X_EALG_AES_CCM_ICV8,
98 .sadb_alg_ivlen = 8,
99 .sadb_alg_minbits = 128,
100 .sadb_alg_maxbits = 256
101 }
102},
103{
104 .name = "rfc4309(ccm(aes))",
105
106 .uinfo = {
107 .aead = {
108 .geniv = "seqiv",
109 .icv_truncbits = 96,
110 }
111 },
112
113 .pfkey_supported = 1,
114
115 .desc = {
116 .sadb_alg_id = SADB_X_EALG_AES_CCM_ICV12,
117 .sadb_alg_ivlen = 8,
118 .sadb_alg_minbits = 128,
119 .sadb_alg_maxbits = 256
120 }
121},
122{
123 .name = "rfc4309(ccm(aes))",
124
125 .uinfo = {
126 .aead = {
127 .geniv = "seqiv",
128 .icv_truncbits = 128,
129 }
130 },
131
132 .pfkey_supported = 1,
133
134 .desc = {
135 .sadb_alg_id = SADB_X_EALG_AES_CCM_ICV16,
136 .sadb_alg_ivlen = 8,
137 .sadb_alg_minbits = 128,
138 .sadb_alg_maxbits = 256
139 }
140},
141{
142 .name = "rfc4543(gcm(aes))",
143
144 .uinfo = {
145 .aead = {
146 .geniv = "seqiv",
147 .icv_truncbits = 128,
148 }
149 },
150
151 .pfkey_supported = 1,
152
153 .desc = {
154 .sadb_alg_id = SADB_X_EALG_NULL_AES_GMAC,
155 .sadb_alg_ivlen = 8,
156 .sadb_alg_minbits = 128,
157 .sadb_alg_maxbits = 256
158 }
159},
160{
161 .name = "rfc7539esp(chacha20,poly1305)",
162
163 .uinfo = {
164 .aead = {
165 .geniv = "seqiv",
166 .icv_truncbits = 128,
167 }
168 },
169
170 .pfkey_supported = 0,
171},
172};
173
174static struct xfrm_algo_desc aalg_list[] = {
175{
176 .name = "digest_null",
177
178 .uinfo = {
179 .auth = {
180 .icv_truncbits = 0,
181 .icv_fullbits = 0,
182 }
183 },
184
185 .pfkey_supported = 1,
186
187 .desc = {
188 .sadb_alg_id = SADB_X_AALG_NULL,
189 .sadb_alg_ivlen = 0,
190 .sadb_alg_minbits = 0,
191 .sadb_alg_maxbits = 0
192 }
193},
194{
195 .name = "hmac(md5)",
196 .compat = "md5",
197
198 .uinfo = {
199 .auth = {
200 .icv_truncbits = 96,
201 .icv_fullbits = 128,
202 }
203 },
204
205 .pfkey_supported = 1,
206
207 .desc = {
208 .sadb_alg_id = SADB_AALG_MD5HMAC,
209 .sadb_alg_ivlen = 0,
210 .sadb_alg_minbits = 128,
211 .sadb_alg_maxbits = 128
212 }
213},
214{
215 .name = "hmac(sha1)",
216 .compat = "sha1",
217
218 .uinfo = {
219 .auth = {
220 .icv_truncbits = 96,
221 .icv_fullbits = 160,
222 }
223 },
224
225 .pfkey_supported = 1,
226
227 .desc = {
228 .sadb_alg_id = SADB_AALG_SHA1HMAC,
229 .sadb_alg_ivlen = 0,
230 .sadb_alg_minbits = 160,
231 .sadb_alg_maxbits = 160
232 }
233},
234{
235 .name = "hmac(sha256)",
236 .compat = "sha256",
237
238 .uinfo = {
239 .auth = {
240 .icv_truncbits = 96,
241 .icv_fullbits = 256,
242 }
243 },
244
245 .pfkey_supported = 1,
246
247 .desc = {
248 .sadb_alg_id = SADB_X_AALG_SHA2_256HMAC,
249 .sadb_alg_ivlen = 0,
250 .sadb_alg_minbits = 256,
251 .sadb_alg_maxbits = 256
252 }
253},
254{
255 .name = "hmac(sha384)",
256
257 .uinfo = {
258 .auth = {
259 .icv_truncbits = 192,
260 .icv_fullbits = 384,
261 }
262 },
263
264 .pfkey_supported = 1,
265
266 .desc = {
267 .sadb_alg_id = SADB_X_AALG_SHA2_384HMAC,
268 .sadb_alg_ivlen = 0,
269 .sadb_alg_minbits = 384,
270 .sadb_alg_maxbits = 384
271 }
272},
273{
274 .name = "hmac(sha512)",
275
276 .uinfo = {
277 .auth = {
278 .icv_truncbits = 256,
279 .icv_fullbits = 512,
280 }
281 },
282
283 .pfkey_supported = 1,
284
285 .desc = {
286 .sadb_alg_id = SADB_X_AALG_SHA2_512HMAC,
287 .sadb_alg_ivlen = 0,
288 .sadb_alg_minbits = 512,
289 .sadb_alg_maxbits = 512
290 }
291},
292{
293 .name = "hmac(rmd160)",
294 .compat = "rmd160",
295
296 .uinfo = {
297 .auth = {
298 .icv_truncbits = 96,
299 .icv_fullbits = 160,
300 }
301 },
302
303 .pfkey_supported = 1,
304
305 .desc = {
306 .sadb_alg_id = SADB_X_AALG_RIPEMD160HMAC,
307 .sadb_alg_ivlen = 0,
308 .sadb_alg_minbits = 160,
309 .sadb_alg_maxbits = 160
310 }
311},
312{
313 .name = "xcbc(aes)",
314
315 .uinfo = {
316 .auth = {
317 .icv_truncbits = 96,
318 .icv_fullbits = 128,
319 }
320 },
321
322 .pfkey_supported = 1,
323
324 .desc = {
325 .sadb_alg_id = SADB_X_AALG_AES_XCBC_MAC,
326 .sadb_alg_ivlen = 0,
327 .sadb_alg_minbits = 128,
328 .sadb_alg_maxbits = 128
329 }
330},
331{
332 /* rfc4494 */
333 .name = "cmac(aes)",
334
335 .uinfo = {
336 .auth = {
337 .icv_truncbits = 96,
338 .icv_fullbits = 128,
339 }
340 },
341
342 .pfkey_supported = 0,
343},
344{
345 .name = "hmac(sm3)",
346 .compat = "sm3",
347
348 .uinfo = {
349 .auth = {
350 .icv_truncbits = 256,
351 .icv_fullbits = 256,
352 }
353 },
354
355 .pfkey_supported = 1,
356
357 .desc = {
358 .sadb_alg_id = SADB_X_AALG_SM3_256HMAC,
359 .sadb_alg_ivlen = 0,
360 .sadb_alg_minbits = 256,
361 .sadb_alg_maxbits = 256
362 }
363},
364};
365
366static struct xfrm_algo_desc ealg_list[] = {
367{
368 .name = "ecb(cipher_null)",
369 .compat = "cipher_null",
370
371 .uinfo = {
372 .encr = {
373 .blockbits = 8,
374 .defkeybits = 0,
375 }
376 },
377
378 .pfkey_supported = 1,
379
380 .desc = {
381 .sadb_alg_id = SADB_EALG_NULL,
382 .sadb_alg_ivlen = 0,
383 .sadb_alg_minbits = 0,
384 .sadb_alg_maxbits = 0
385 }
386},
387{
388 .name = "cbc(des)",
389 .compat = "des",
390
391 .uinfo = {
392 .encr = {
393 .geniv = "echainiv",
394 .blockbits = 64,
395 .defkeybits = 64,
396 }
397 },
398
399 .pfkey_supported = 1,
400
401 .desc = {
402 .sadb_alg_id = SADB_EALG_DESCBC,
403 .sadb_alg_ivlen = 8,
404 .sadb_alg_minbits = 64,
405 .sadb_alg_maxbits = 64
406 }
407},
408{
409 .name = "cbc(des3_ede)",
410 .compat = "des3_ede",
411
412 .uinfo = {
413 .encr = {
414 .geniv = "echainiv",
415 .blockbits = 64,
416 .defkeybits = 192,
417 }
418 },
419
420 .pfkey_supported = 1,
421
422 .desc = {
423 .sadb_alg_id = SADB_EALG_3DESCBC,
424 .sadb_alg_ivlen = 8,
425 .sadb_alg_minbits = 192,
426 .sadb_alg_maxbits = 192
427 }
428},
429{
430 .name = "cbc(cast5)",
431 .compat = "cast5",
432
433 .uinfo = {
434 .encr = {
435 .geniv = "echainiv",
436 .blockbits = 64,
437 .defkeybits = 128,
438 }
439 },
440
441 .pfkey_supported = 1,
442
443 .desc = {
444 .sadb_alg_id = SADB_X_EALG_CASTCBC,
445 .sadb_alg_ivlen = 8,
446 .sadb_alg_minbits = 40,
447 .sadb_alg_maxbits = 128
448 }
449},
450{
451 .name = "cbc(blowfish)",
452 .compat = "blowfish",
453
454 .uinfo = {
455 .encr = {
456 .geniv = "echainiv",
457 .blockbits = 64,
458 .defkeybits = 128,
459 }
460 },
461
462 .pfkey_supported = 1,
463
464 .desc = {
465 .sadb_alg_id = SADB_X_EALG_BLOWFISHCBC,
466 .sadb_alg_ivlen = 8,
467 .sadb_alg_minbits = 40,
468 .sadb_alg_maxbits = 448
469 }
470},
471{
472 .name = "cbc(aes)",
473 .compat = "aes",
474
475 .uinfo = {
476 .encr = {
477 .geniv = "echainiv",
478 .blockbits = 128,
479 .defkeybits = 128,
480 }
481 },
482
483 .pfkey_supported = 1,
484
485 .desc = {
486 .sadb_alg_id = SADB_X_EALG_AESCBC,
487 .sadb_alg_ivlen = 8,
488 .sadb_alg_minbits = 128,
489 .sadb_alg_maxbits = 256
490 }
491},
492{
493 .name = "cbc(serpent)",
494 .compat = "serpent",
495
496 .uinfo = {
497 .encr = {
498 .geniv = "echainiv",
499 .blockbits = 128,
500 .defkeybits = 128,
501 }
502 },
503
504 .pfkey_supported = 1,
505
506 .desc = {
507 .sadb_alg_id = SADB_X_EALG_SERPENTCBC,
508 .sadb_alg_ivlen = 8,
509 .sadb_alg_minbits = 128,
510 .sadb_alg_maxbits = 256,
511 }
512},
513{
514 .name = "cbc(camellia)",
515 .compat = "camellia",
516
517 .uinfo = {
518 .encr = {
519 .geniv = "echainiv",
520 .blockbits = 128,
521 .defkeybits = 128,
522 }
523 },
524
525 .pfkey_supported = 1,
526
527 .desc = {
528 .sadb_alg_id = SADB_X_EALG_CAMELLIACBC,
529 .sadb_alg_ivlen = 8,
530 .sadb_alg_minbits = 128,
531 .sadb_alg_maxbits = 256
532 }
533},
534{
535 .name = "cbc(twofish)",
536 .compat = "twofish",
537
538 .uinfo = {
539 .encr = {
540 .geniv = "echainiv",
541 .blockbits = 128,
542 .defkeybits = 128,
543 }
544 },
545
546 .pfkey_supported = 1,
547
548 .desc = {
549 .sadb_alg_id = SADB_X_EALG_TWOFISHCBC,
550 .sadb_alg_ivlen = 8,
551 .sadb_alg_minbits = 128,
552 .sadb_alg_maxbits = 256
553 }
554},
555{
556 .name = "rfc3686(ctr(aes))",
557
558 .uinfo = {
559 .encr = {
560 .geniv = "seqiv",
561 .blockbits = 128,
562 .defkeybits = 160, /* 128-bit key + 32-bit nonce */
563 }
564 },
565
566 .pfkey_supported = 1,
567
568 .desc = {
569 .sadb_alg_id = SADB_X_EALG_AESCTR,
570 .sadb_alg_ivlen = 8,
571 .sadb_alg_minbits = 160,
572 .sadb_alg_maxbits = 288
573 }
574},
575{
576 .name = "cbc(sm4)",
577 .compat = "sm4",
578
579 .uinfo = {
580 .encr = {
581 .geniv = "echainiv",
582 .blockbits = 128,
583 .defkeybits = 128,
584 }
585 },
586
587 .pfkey_supported = 1,
588
589 .desc = {
590 .sadb_alg_id = SADB_X_EALG_SM4CBC,
591 .sadb_alg_ivlen = 16,
592 .sadb_alg_minbits = 128,
593 .sadb_alg_maxbits = 256
594 }
595},
596};
597
598static struct xfrm_algo_desc calg_list[] = {
599{
600 .name = "deflate",
601 .uinfo = {
602 .comp = {
603 .threshold = 90,
604 }
605 },
606 .pfkey_supported = 1,
607 .desc = { .sadb_alg_id = SADB_X_CALG_DEFLATE }
608},
609{
610 .name = "lzs",
611 .uinfo = {
612 .comp = {
613 .threshold = 90,
614 }
615 },
616 .pfkey_supported = 1,
617 .desc = { .sadb_alg_id = SADB_X_CALG_LZS }
618},
619{
620 .name = "lzjh",
621 .uinfo = {
622 .comp = {
623 .threshold = 50,
624 }
625 },
626 .pfkey_supported = 1,
627 .desc = { .sadb_alg_id = SADB_X_CALG_LZJH }
628},
629};
630
631static inline int aalg_entries(void)
632{
633 return ARRAY_SIZE(aalg_list);
634}
635
636static inline int ealg_entries(void)
637{
638 return ARRAY_SIZE(ealg_list);
639}
640
641static inline int calg_entries(void)
642{
643 return ARRAY_SIZE(calg_list);
644}
645
646struct xfrm_algo_list {
647 struct xfrm_algo_desc *algs;
648 int entries;
649 u32 type;
650 u32 mask;
651};
652
653static const struct xfrm_algo_list xfrm_aead_list = {
654 .algs = aead_list,
655 .entries = ARRAY_SIZE(aead_list),
656 .type = CRYPTO_ALG_TYPE_AEAD,
657 .mask = CRYPTO_ALG_TYPE_MASK,
658};
659
660static const struct xfrm_algo_list xfrm_aalg_list = {
661 .algs = aalg_list,
662 .entries = ARRAY_SIZE(aalg_list),
663 .type = CRYPTO_ALG_TYPE_HASH,
664 .mask = CRYPTO_ALG_TYPE_HASH_MASK,
665};
666
667static const struct xfrm_algo_list xfrm_ealg_list = {
668 .algs = ealg_list,
669 .entries = ARRAY_SIZE(ealg_list),
670 .type = CRYPTO_ALG_TYPE_SKCIPHER,
671 .mask = CRYPTO_ALG_TYPE_MASK,
672};
673
674static const struct xfrm_algo_list xfrm_calg_list = {
675 .algs = calg_list,
676 .entries = ARRAY_SIZE(calg_list),
677 .type = CRYPTO_ALG_TYPE_COMPRESS,
678 .mask = CRYPTO_ALG_TYPE_MASK,
679};
680
681static struct xfrm_algo_desc *xfrm_find_algo(
682 const struct xfrm_algo_list *algo_list,
683 int match(const struct xfrm_algo_desc *entry, const void *data),
684 const void *data, int probe)
685{
686 struct xfrm_algo_desc *list = algo_list->algs;
687 int i, status;
688
689 for (i = 0; i < algo_list->entries; i++) {
690 if (!match(list + i, data))
691 continue;
692
693 if (list[i].available)
694 return &list[i];
695
696 if (!probe)
697 break;
698
699 status = crypto_has_alg(list[i].name, algo_list->type,
700 algo_list->mask);
701 if (!status)
702 break;
703
704 list[i].available = status;
705 return &list[i];
706 }
707 return NULL;
708}
709
710static int xfrm_alg_id_match(const struct xfrm_algo_desc *entry,
711 const void *data)
712{
713 return entry->desc.sadb_alg_id == (unsigned long)data;
714}
715
716struct xfrm_algo_desc *xfrm_aalg_get_byid(int alg_id)
717{
718 return xfrm_find_algo(&xfrm_aalg_list, xfrm_alg_id_match,
719 (void *)(unsigned long)alg_id, 1);
720}
721EXPORT_SYMBOL_GPL(xfrm_aalg_get_byid);
722
723struct xfrm_algo_desc *xfrm_ealg_get_byid(int alg_id)
724{
725 return xfrm_find_algo(&xfrm_ealg_list, xfrm_alg_id_match,
726 (void *)(unsigned long)alg_id, 1);
727}
728EXPORT_SYMBOL_GPL(xfrm_ealg_get_byid);
729
730struct xfrm_algo_desc *xfrm_calg_get_byid(int alg_id)
731{
732 return xfrm_find_algo(&xfrm_calg_list, xfrm_alg_id_match,
733 (void *)(unsigned long)alg_id, 1);
734}
735EXPORT_SYMBOL_GPL(xfrm_calg_get_byid);
736
737static int xfrm_alg_name_match(const struct xfrm_algo_desc *entry,
738 const void *data)
739{
740 const char *name = data;
741
742 return name && (!strcmp(name, entry->name) ||
743 (entry->compat && !strcmp(name, entry->compat)));
744}
745
746struct xfrm_algo_desc *xfrm_aalg_get_byname(const char *name, int probe)
747{
748 return xfrm_find_algo(&xfrm_aalg_list, xfrm_alg_name_match, name,
749 probe);
750}
751EXPORT_SYMBOL_GPL(xfrm_aalg_get_byname);
752
753struct xfrm_algo_desc *xfrm_ealg_get_byname(const char *name, int probe)
754{
755 return xfrm_find_algo(&xfrm_ealg_list, xfrm_alg_name_match, name,
756 probe);
757}
758EXPORT_SYMBOL_GPL(xfrm_ealg_get_byname);
759
760struct xfrm_algo_desc *xfrm_calg_get_byname(const char *name, int probe)
761{
762 return xfrm_find_algo(&xfrm_calg_list, xfrm_alg_name_match, name,
763 probe);
764}
765EXPORT_SYMBOL_GPL(xfrm_calg_get_byname);
766
767struct xfrm_aead_name {
768 const char *name;
769 int icvbits;
770};
771
772static int xfrm_aead_name_match(const struct xfrm_algo_desc *entry,
773 const void *data)
774{
775 const struct xfrm_aead_name *aead = data;
776 const char *name = aead->name;
777
778 return aead->icvbits == entry->uinfo.aead.icv_truncbits && name &&
779 !strcmp(name, entry->name);
780}
781
782struct xfrm_algo_desc *xfrm_aead_get_byname(const char *name, int icv_len, int probe)
783{
784 struct xfrm_aead_name data = {
785 .name = name,
786 .icvbits = icv_len,
787 };
788
789 return xfrm_find_algo(&xfrm_aead_list, xfrm_aead_name_match, &data,
790 probe);
791}
792EXPORT_SYMBOL_GPL(xfrm_aead_get_byname);
793
794struct xfrm_algo_desc *xfrm_aalg_get_byidx(unsigned int idx)
795{
796 if (idx >= aalg_entries())
797 return NULL;
798
799 return &aalg_list[idx];
800}
801EXPORT_SYMBOL_GPL(xfrm_aalg_get_byidx);
802
803struct xfrm_algo_desc *xfrm_ealg_get_byidx(unsigned int idx)
804{
805 if (idx >= ealg_entries())
806 return NULL;
807
808 return &ealg_list[idx];
809}
810EXPORT_SYMBOL_GPL(xfrm_ealg_get_byidx);
811
812/*
813 * Probe for the availability of crypto algorithms, and set the available
814 * flag for any algorithms found on the system. This is typically called by
815 * pfkey during userspace SA add, update or register.
816 */
817void xfrm_probe_algs(void)
818{
819 int i, status;
820
821 BUG_ON(in_softirq());
822
823 for (i = 0; i < aalg_entries(); i++) {
824 status = crypto_has_ahash(aalg_list[i].name, 0, 0);
825 if (aalg_list[i].available != status)
826 aalg_list[i].available = status;
827 }
828
829 for (i = 0; i < ealg_entries(); i++) {
830 status = crypto_has_skcipher(ealg_list[i].name, 0, 0);
831 if (ealg_list[i].available != status)
832 ealg_list[i].available = status;
833 }
834
835 for (i = 0; i < calg_entries(); i++) {
836 status = crypto_has_comp(calg_list[i].name, 0,
837 CRYPTO_ALG_ASYNC);
838 if (calg_list[i].available != status)
839 calg_list[i].available = status;
840 }
841}
842EXPORT_SYMBOL_GPL(xfrm_probe_algs);
843
844int xfrm_count_pfkey_auth_supported(void)
845{
846 int i, n;
847
848 for (i = 0, n = 0; i < aalg_entries(); i++)
849 if (aalg_list[i].available && aalg_list[i].pfkey_supported)
850 n++;
851 return n;
852}
853EXPORT_SYMBOL_GPL(xfrm_count_pfkey_auth_supported);
854
855int xfrm_count_pfkey_enc_supported(void)
856{
857 int i, n;
858
859 for (i = 0, n = 0; i < ealg_entries(); i++)
860 if (ealg_list[i].available && ealg_list[i].pfkey_supported)
861 n++;
862 return n;
863}
864EXPORT_SYMBOL_GPL(xfrm_count_pfkey_enc_supported);
865
866MODULE_LICENSE("GPL");
1// SPDX-License-Identifier: GPL-2.0-or-later
2/*
3 * xfrm algorithm interface
4 *
5 * Copyright (c) 2002 James Morris <jmorris@intercode.com.au>
6 */
7
8#include <crypto/aead.h>
9#include <crypto/hash.h>
10#include <crypto/skcipher.h>
11#include <linux/module.h>
12#include <linux/kernel.h>
13#include <linux/pfkeyv2.h>
14#include <linux/crypto.h>
15#include <linux/scatterlist.h>
16#include <net/xfrm.h>
17#if IS_ENABLED(CONFIG_INET_ESP) || IS_ENABLED(CONFIG_INET6_ESP)
18#include <net/esp.h>
19#endif
20
21/*
22 * Algorithms supported by IPsec. These entries contain properties which
23 * are used in key negotiation and xfrm processing, and are used to verify
24 * that instantiated crypto transforms have correct parameters for IPsec
25 * purposes.
26 */
27static struct xfrm_algo_desc aead_list[] = {
28{
29 .name = "rfc4106(gcm(aes))",
30
31 .uinfo = {
32 .aead = {
33 .geniv = "seqiv",
34 .icv_truncbits = 64,
35 }
36 },
37
38 .pfkey_supported = 1,
39
40 .desc = {
41 .sadb_alg_id = SADB_X_EALG_AES_GCM_ICV8,
42 .sadb_alg_ivlen = 8,
43 .sadb_alg_minbits = 128,
44 .sadb_alg_maxbits = 256
45 }
46},
47{
48 .name = "rfc4106(gcm(aes))",
49
50 .uinfo = {
51 .aead = {
52 .geniv = "seqiv",
53 .icv_truncbits = 96,
54 }
55 },
56
57 .pfkey_supported = 1,
58
59 .desc = {
60 .sadb_alg_id = SADB_X_EALG_AES_GCM_ICV12,
61 .sadb_alg_ivlen = 8,
62 .sadb_alg_minbits = 128,
63 .sadb_alg_maxbits = 256
64 }
65},
66{
67 .name = "rfc4106(gcm(aes))",
68
69 .uinfo = {
70 .aead = {
71 .geniv = "seqiv",
72 .icv_truncbits = 128,
73 }
74 },
75
76 .pfkey_supported = 1,
77
78 .desc = {
79 .sadb_alg_id = SADB_X_EALG_AES_GCM_ICV16,
80 .sadb_alg_ivlen = 8,
81 .sadb_alg_minbits = 128,
82 .sadb_alg_maxbits = 256
83 }
84},
85{
86 .name = "rfc4309(ccm(aes))",
87
88 .uinfo = {
89 .aead = {
90 .geniv = "seqiv",
91 .icv_truncbits = 64,
92 }
93 },
94
95 .pfkey_supported = 1,
96
97 .desc = {
98 .sadb_alg_id = SADB_X_EALG_AES_CCM_ICV8,
99 .sadb_alg_ivlen = 8,
100 .sadb_alg_minbits = 128,
101 .sadb_alg_maxbits = 256
102 }
103},
104{
105 .name = "rfc4309(ccm(aes))",
106
107 .uinfo = {
108 .aead = {
109 .geniv = "seqiv",
110 .icv_truncbits = 96,
111 }
112 },
113
114 .pfkey_supported = 1,
115
116 .desc = {
117 .sadb_alg_id = SADB_X_EALG_AES_CCM_ICV12,
118 .sadb_alg_ivlen = 8,
119 .sadb_alg_minbits = 128,
120 .sadb_alg_maxbits = 256
121 }
122},
123{
124 .name = "rfc4309(ccm(aes))",
125
126 .uinfo = {
127 .aead = {
128 .geniv = "seqiv",
129 .icv_truncbits = 128,
130 }
131 },
132
133 .pfkey_supported = 1,
134
135 .desc = {
136 .sadb_alg_id = SADB_X_EALG_AES_CCM_ICV16,
137 .sadb_alg_ivlen = 8,
138 .sadb_alg_minbits = 128,
139 .sadb_alg_maxbits = 256
140 }
141},
142{
143 .name = "rfc4543(gcm(aes))",
144
145 .uinfo = {
146 .aead = {
147 .geniv = "seqiv",
148 .icv_truncbits = 128,
149 }
150 },
151
152 .pfkey_supported = 1,
153
154 .desc = {
155 .sadb_alg_id = SADB_X_EALG_NULL_AES_GMAC,
156 .sadb_alg_ivlen = 8,
157 .sadb_alg_minbits = 128,
158 .sadb_alg_maxbits = 256
159 }
160},
161{
162 .name = "rfc7539esp(chacha20,poly1305)",
163
164 .uinfo = {
165 .aead = {
166 .geniv = "seqiv",
167 .icv_truncbits = 128,
168 }
169 },
170
171 .pfkey_supported = 0,
172},
173};
174
175static struct xfrm_algo_desc aalg_list[] = {
176{
177 .name = "digest_null",
178
179 .uinfo = {
180 .auth = {
181 .icv_truncbits = 0,
182 .icv_fullbits = 0,
183 }
184 },
185
186 .pfkey_supported = 1,
187
188 .desc = {
189 .sadb_alg_id = SADB_X_AALG_NULL,
190 .sadb_alg_ivlen = 0,
191 .sadb_alg_minbits = 0,
192 .sadb_alg_maxbits = 0
193 }
194},
195{
196 .name = "hmac(md5)",
197 .compat = "md5",
198
199 .uinfo = {
200 .auth = {
201 .icv_truncbits = 96,
202 .icv_fullbits = 128,
203 }
204 },
205
206 .pfkey_supported = 1,
207
208 .desc = {
209 .sadb_alg_id = SADB_AALG_MD5HMAC,
210 .sadb_alg_ivlen = 0,
211 .sadb_alg_minbits = 128,
212 .sadb_alg_maxbits = 128
213 }
214},
215{
216 .name = "hmac(sha1)",
217 .compat = "sha1",
218
219 .uinfo = {
220 .auth = {
221 .icv_truncbits = 96,
222 .icv_fullbits = 160,
223 }
224 },
225
226 .pfkey_supported = 1,
227
228 .desc = {
229 .sadb_alg_id = SADB_AALG_SHA1HMAC,
230 .sadb_alg_ivlen = 0,
231 .sadb_alg_minbits = 160,
232 .sadb_alg_maxbits = 160
233 }
234},
235{
236 .name = "hmac(sha256)",
237 .compat = "sha256",
238
239 .uinfo = {
240 .auth = {
241 .icv_truncbits = 96,
242 .icv_fullbits = 256,
243 }
244 },
245
246 .pfkey_supported = 1,
247
248 .desc = {
249 .sadb_alg_id = SADB_X_AALG_SHA2_256HMAC,
250 .sadb_alg_ivlen = 0,
251 .sadb_alg_minbits = 256,
252 .sadb_alg_maxbits = 256
253 }
254},
255{
256 .name = "hmac(sha384)",
257
258 .uinfo = {
259 .auth = {
260 .icv_truncbits = 192,
261 .icv_fullbits = 384,
262 }
263 },
264
265 .pfkey_supported = 1,
266
267 .desc = {
268 .sadb_alg_id = SADB_X_AALG_SHA2_384HMAC,
269 .sadb_alg_ivlen = 0,
270 .sadb_alg_minbits = 384,
271 .sadb_alg_maxbits = 384
272 }
273},
274{
275 .name = "hmac(sha512)",
276
277 .uinfo = {
278 .auth = {
279 .icv_truncbits = 256,
280 .icv_fullbits = 512,
281 }
282 },
283
284 .pfkey_supported = 1,
285
286 .desc = {
287 .sadb_alg_id = SADB_X_AALG_SHA2_512HMAC,
288 .sadb_alg_ivlen = 0,
289 .sadb_alg_minbits = 512,
290 .sadb_alg_maxbits = 512
291 }
292},
293{
294 .name = "hmac(rmd160)",
295 .compat = "rmd160",
296
297 .uinfo = {
298 .auth = {
299 .icv_truncbits = 96,
300 .icv_fullbits = 160,
301 }
302 },
303
304 .pfkey_supported = 1,
305
306 .desc = {
307 .sadb_alg_id = SADB_X_AALG_RIPEMD160HMAC,
308 .sadb_alg_ivlen = 0,
309 .sadb_alg_minbits = 160,
310 .sadb_alg_maxbits = 160
311 }
312},
313{
314 .name = "xcbc(aes)",
315
316 .uinfo = {
317 .auth = {
318 .icv_truncbits = 96,
319 .icv_fullbits = 128,
320 }
321 },
322
323 .pfkey_supported = 1,
324
325 .desc = {
326 .sadb_alg_id = SADB_X_AALG_AES_XCBC_MAC,
327 .sadb_alg_ivlen = 0,
328 .sadb_alg_minbits = 128,
329 .sadb_alg_maxbits = 128
330 }
331},
332{
333 /* rfc4494 */
334 .name = "cmac(aes)",
335
336 .uinfo = {
337 .auth = {
338 .icv_truncbits = 96,
339 .icv_fullbits = 128,
340 }
341 },
342
343 .pfkey_supported = 0,
344},
345{
346 .name = "hmac(sm3)",
347 .compat = "sm3",
348
349 .uinfo = {
350 .auth = {
351 .icv_truncbits = 256,
352 .icv_fullbits = 256,
353 }
354 },
355
356 .pfkey_supported = 1,
357
358 .desc = {
359 .sadb_alg_id = SADB_X_AALG_SM3_256HMAC,
360 .sadb_alg_ivlen = 0,
361 .sadb_alg_minbits = 256,
362 .sadb_alg_maxbits = 256
363 }
364},
365};
366
367static struct xfrm_algo_desc ealg_list[] = {
368{
369 .name = "ecb(cipher_null)",
370 .compat = "cipher_null",
371
372 .uinfo = {
373 .encr = {
374 .blockbits = 8,
375 .defkeybits = 0,
376 }
377 },
378
379 .pfkey_supported = 1,
380
381 .desc = {
382 .sadb_alg_id = SADB_EALG_NULL,
383 .sadb_alg_ivlen = 0,
384 .sadb_alg_minbits = 0,
385 .sadb_alg_maxbits = 0
386 }
387},
388{
389 .name = "cbc(des)",
390 .compat = "des",
391
392 .uinfo = {
393 .encr = {
394 .geniv = "echainiv",
395 .blockbits = 64,
396 .defkeybits = 64,
397 }
398 },
399
400 .pfkey_supported = 1,
401
402 .desc = {
403 .sadb_alg_id = SADB_EALG_DESCBC,
404 .sadb_alg_ivlen = 8,
405 .sadb_alg_minbits = 64,
406 .sadb_alg_maxbits = 64
407 }
408},
409{
410 .name = "cbc(des3_ede)",
411 .compat = "des3_ede",
412
413 .uinfo = {
414 .encr = {
415 .geniv = "echainiv",
416 .blockbits = 64,
417 .defkeybits = 192,
418 }
419 },
420
421 .pfkey_supported = 1,
422
423 .desc = {
424 .sadb_alg_id = SADB_EALG_3DESCBC,
425 .sadb_alg_ivlen = 8,
426 .sadb_alg_minbits = 192,
427 .sadb_alg_maxbits = 192
428 }
429},
430{
431 .name = "cbc(cast5)",
432 .compat = "cast5",
433
434 .uinfo = {
435 .encr = {
436 .geniv = "echainiv",
437 .blockbits = 64,
438 .defkeybits = 128,
439 }
440 },
441
442 .pfkey_supported = 1,
443
444 .desc = {
445 .sadb_alg_id = SADB_X_EALG_CASTCBC,
446 .sadb_alg_ivlen = 8,
447 .sadb_alg_minbits = 40,
448 .sadb_alg_maxbits = 128
449 }
450},
451{
452 .name = "cbc(blowfish)",
453 .compat = "blowfish",
454
455 .uinfo = {
456 .encr = {
457 .geniv = "echainiv",
458 .blockbits = 64,
459 .defkeybits = 128,
460 }
461 },
462
463 .pfkey_supported = 1,
464
465 .desc = {
466 .sadb_alg_id = SADB_X_EALG_BLOWFISHCBC,
467 .sadb_alg_ivlen = 8,
468 .sadb_alg_minbits = 40,
469 .sadb_alg_maxbits = 448
470 }
471},
472{
473 .name = "cbc(aes)",
474 .compat = "aes",
475
476 .uinfo = {
477 .encr = {
478 .geniv = "echainiv",
479 .blockbits = 128,
480 .defkeybits = 128,
481 }
482 },
483
484 .pfkey_supported = 1,
485
486 .desc = {
487 .sadb_alg_id = SADB_X_EALG_AESCBC,
488 .sadb_alg_ivlen = 8,
489 .sadb_alg_minbits = 128,
490 .sadb_alg_maxbits = 256
491 }
492},
493{
494 .name = "cbc(serpent)",
495 .compat = "serpent",
496
497 .uinfo = {
498 .encr = {
499 .geniv = "echainiv",
500 .blockbits = 128,
501 .defkeybits = 128,
502 }
503 },
504
505 .pfkey_supported = 1,
506
507 .desc = {
508 .sadb_alg_id = SADB_X_EALG_SERPENTCBC,
509 .sadb_alg_ivlen = 8,
510 .sadb_alg_minbits = 128,
511 .sadb_alg_maxbits = 256,
512 }
513},
514{
515 .name = "cbc(camellia)",
516 .compat = "camellia",
517
518 .uinfo = {
519 .encr = {
520 .geniv = "echainiv",
521 .blockbits = 128,
522 .defkeybits = 128,
523 }
524 },
525
526 .pfkey_supported = 1,
527
528 .desc = {
529 .sadb_alg_id = SADB_X_EALG_CAMELLIACBC,
530 .sadb_alg_ivlen = 8,
531 .sadb_alg_minbits = 128,
532 .sadb_alg_maxbits = 256
533 }
534},
535{
536 .name = "cbc(twofish)",
537 .compat = "twofish",
538
539 .uinfo = {
540 .encr = {
541 .geniv = "echainiv",
542 .blockbits = 128,
543 .defkeybits = 128,
544 }
545 },
546
547 .pfkey_supported = 1,
548
549 .desc = {
550 .sadb_alg_id = SADB_X_EALG_TWOFISHCBC,
551 .sadb_alg_ivlen = 8,
552 .sadb_alg_minbits = 128,
553 .sadb_alg_maxbits = 256
554 }
555},
556{
557 .name = "rfc3686(ctr(aes))",
558
559 .uinfo = {
560 .encr = {
561 .geniv = "seqiv",
562 .blockbits = 128,
563 .defkeybits = 160, /* 128-bit key + 32-bit nonce */
564 }
565 },
566
567 .pfkey_supported = 1,
568
569 .desc = {
570 .sadb_alg_id = SADB_X_EALG_AESCTR,
571 .sadb_alg_ivlen = 8,
572 .sadb_alg_minbits = 160,
573 .sadb_alg_maxbits = 288
574 }
575},
576{
577 .name = "cbc(sm4)",
578 .compat = "sm4",
579
580 .uinfo = {
581 .encr = {
582 .geniv = "echainiv",
583 .blockbits = 128,
584 .defkeybits = 128,
585 }
586 },
587
588 .pfkey_supported = 1,
589
590 .desc = {
591 .sadb_alg_id = SADB_X_EALG_SM4CBC,
592 .sadb_alg_ivlen = 16,
593 .sadb_alg_minbits = 128,
594 .sadb_alg_maxbits = 256
595 }
596},
597};
598
599static struct xfrm_algo_desc calg_list[] = {
600{
601 .name = "deflate",
602 .uinfo = {
603 .comp = {
604 .threshold = 90,
605 }
606 },
607 .pfkey_supported = 1,
608 .desc = { .sadb_alg_id = SADB_X_CALG_DEFLATE }
609},
610{
611 .name = "lzs",
612 .uinfo = {
613 .comp = {
614 .threshold = 90,
615 }
616 },
617 .pfkey_supported = 1,
618 .desc = { .sadb_alg_id = SADB_X_CALG_LZS }
619},
620{
621 .name = "lzjh",
622 .uinfo = {
623 .comp = {
624 .threshold = 50,
625 }
626 },
627 .pfkey_supported = 1,
628 .desc = { .sadb_alg_id = SADB_X_CALG_LZJH }
629},
630};
631
632static inline int aalg_entries(void)
633{
634 return ARRAY_SIZE(aalg_list);
635}
636
637static inline int ealg_entries(void)
638{
639 return ARRAY_SIZE(ealg_list);
640}
641
642static inline int calg_entries(void)
643{
644 return ARRAY_SIZE(calg_list);
645}
646
647struct xfrm_algo_list {
648 int (*find)(const char *name, u32 type, u32 mask);
649 struct xfrm_algo_desc *algs;
650 int entries;
651};
652
653static const struct xfrm_algo_list xfrm_aead_list = {
654 .find = crypto_has_aead,
655 .algs = aead_list,
656 .entries = ARRAY_SIZE(aead_list),
657};
658
659static const struct xfrm_algo_list xfrm_aalg_list = {
660 .find = crypto_has_ahash,
661 .algs = aalg_list,
662 .entries = ARRAY_SIZE(aalg_list),
663};
664
665static const struct xfrm_algo_list xfrm_ealg_list = {
666 .find = crypto_has_skcipher,
667 .algs = ealg_list,
668 .entries = ARRAY_SIZE(ealg_list),
669};
670
671static const struct xfrm_algo_list xfrm_calg_list = {
672 .find = crypto_has_comp,
673 .algs = calg_list,
674 .entries = ARRAY_SIZE(calg_list),
675};
676
677static struct xfrm_algo_desc *xfrm_find_algo(
678 const struct xfrm_algo_list *algo_list,
679 int match(const struct xfrm_algo_desc *entry, const void *data),
680 const void *data, int probe)
681{
682 struct xfrm_algo_desc *list = algo_list->algs;
683 int i, status;
684
685 for (i = 0; i < algo_list->entries; i++) {
686 if (!match(list + i, data))
687 continue;
688
689 if (list[i].available)
690 return &list[i];
691
692 if (!probe)
693 break;
694
695 status = algo_list->find(list[i].name, 0, 0);
696 if (!status)
697 break;
698
699 list[i].available = status;
700 return &list[i];
701 }
702 return NULL;
703}
704
705static int xfrm_alg_id_match(const struct xfrm_algo_desc *entry,
706 const void *data)
707{
708 return entry->desc.sadb_alg_id == (unsigned long)data;
709}
710
711struct xfrm_algo_desc *xfrm_aalg_get_byid(int alg_id)
712{
713 return xfrm_find_algo(&xfrm_aalg_list, xfrm_alg_id_match,
714 (void *)(unsigned long)alg_id, 1);
715}
716EXPORT_SYMBOL_GPL(xfrm_aalg_get_byid);
717
718struct xfrm_algo_desc *xfrm_ealg_get_byid(int alg_id)
719{
720 return xfrm_find_algo(&xfrm_ealg_list, xfrm_alg_id_match,
721 (void *)(unsigned long)alg_id, 1);
722}
723EXPORT_SYMBOL_GPL(xfrm_ealg_get_byid);
724
725struct xfrm_algo_desc *xfrm_calg_get_byid(int alg_id)
726{
727 return xfrm_find_algo(&xfrm_calg_list, xfrm_alg_id_match,
728 (void *)(unsigned long)alg_id, 1);
729}
730EXPORT_SYMBOL_GPL(xfrm_calg_get_byid);
731
732static int xfrm_alg_name_match(const struct xfrm_algo_desc *entry,
733 const void *data)
734{
735 const char *name = data;
736
737 return name && (!strcmp(name, entry->name) ||
738 (entry->compat && !strcmp(name, entry->compat)));
739}
740
741struct xfrm_algo_desc *xfrm_aalg_get_byname(const char *name, int probe)
742{
743 return xfrm_find_algo(&xfrm_aalg_list, xfrm_alg_name_match, name,
744 probe);
745}
746EXPORT_SYMBOL_GPL(xfrm_aalg_get_byname);
747
748struct xfrm_algo_desc *xfrm_ealg_get_byname(const char *name, int probe)
749{
750 return xfrm_find_algo(&xfrm_ealg_list, xfrm_alg_name_match, name,
751 probe);
752}
753EXPORT_SYMBOL_GPL(xfrm_ealg_get_byname);
754
755struct xfrm_algo_desc *xfrm_calg_get_byname(const char *name, int probe)
756{
757 return xfrm_find_algo(&xfrm_calg_list, xfrm_alg_name_match, name,
758 probe);
759}
760EXPORT_SYMBOL_GPL(xfrm_calg_get_byname);
761
762struct xfrm_aead_name {
763 const char *name;
764 int icvbits;
765};
766
767static int xfrm_aead_name_match(const struct xfrm_algo_desc *entry,
768 const void *data)
769{
770 const struct xfrm_aead_name *aead = data;
771 const char *name = aead->name;
772
773 return aead->icvbits == entry->uinfo.aead.icv_truncbits && name &&
774 !strcmp(name, entry->name);
775}
776
777struct xfrm_algo_desc *xfrm_aead_get_byname(const char *name, int icv_len, int probe)
778{
779 struct xfrm_aead_name data = {
780 .name = name,
781 .icvbits = icv_len,
782 };
783
784 return xfrm_find_algo(&xfrm_aead_list, xfrm_aead_name_match, &data,
785 probe);
786}
787EXPORT_SYMBOL_GPL(xfrm_aead_get_byname);
788
789struct xfrm_algo_desc *xfrm_aalg_get_byidx(unsigned int idx)
790{
791 if (idx >= aalg_entries())
792 return NULL;
793
794 return &aalg_list[idx];
795}
796EXPORT_SYMBOL_GPL(xfrm_aalg_get_byidx);
797
798struct xfrm_algo_desc *xfrm_ealg_get_byidx(unsigned int idx)
799{
800 if (idx >= ealg_entries())
801 return NULL;
802
803 return &ealg_list[idx];
804}
805EXPORT_SYMBOL_GPL(xfrm_ealg_get_byidx);
806
807/*
808 * Probe for the availability of crypto algorithms, and set the available
809 * flag for any algorithms found on the system. This is typically called by
810 * pfkey during userspace SA add, update or register.
811 */
812void xfrm_probe_algs(void)
813{
814 int i, status;
815
816 BUG_ON(in_softirq());
817
818 for (i = 0; i < aalg_entries(); i++) {
819 status = crypto_has_ahash(aalg_list[i].name, 0, 0);
820 if (aalg_list[i].available != status)
821 aalg_list[i].available = status;
822 }
823
824 for (i = 0; i < ealg_entries(); i++) {
825 status = crypto_has_skcipher(ealg_list[i].name, 0, 0);
826 if (ealg_list[i].available != status)
827 ealg_list[i].available = status;
828 }
829
830 for (i = 0; i < calg_entries(); i++) {
831 status = crypto_has_comp(calg_list[i].name, 0,
832 CRYPTO_ALG_ASYNC);
833 if (calg_list[i].available != status)
834 calg_list[i].available = status;
835 }
836}
837EXPORT_SYMBOL_GPL(xfrm_probe_algs);
838
839int xfrm_count_pfkey_auth_supported(void)
840{
841 int i, n;
842
843 for (i = 0, n = 0; i < aalg_entries(); i++)
844 if (aalg_list[i].available && aalg_list[i].pfkey_supported)
845 n++;
846 return n;
847}
848EXPORT_SYMBOL_GPL(xfrm_count_pfkey_auth_supported);
849
850int xfrm_count_pfkey_enc_supported(void)
851{
852 int i, n;
853
854 for (i = 0, n = 0; i < ealg_entries(); i++)
855 if (ealg_list[i].available && ealg_list[i].pfkey_supported)
856 n++;
857 return n;
858}
859EXPORT_SYMBOL_GPL(xfrm_count_pfkey_enc_supported);
860
861MODULE_DESCRIPTION("XFRM Algorithm interface");
862MODULE_LICENSE("GPL");