The Tor Browser / file diff

diff: netwerk/sctp/src/netinet/sctp_auth.h

netwerk/sctp/src/netinet/sctp_auth.h

changeset 0
6474c204b198
     1.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     1.2 +++ b/netwerk/sctp/src/netinet/sctp_auth.h	Wed Dec 31 06:09:35 2014 +0100
     1.3 @@ -0,0 +1,217 @@
     1.4 +/*-
     1.5 + * Copyright (c) 2001-2008, by Cisco Systems, Inc. All rights reserved.
     1.6 + * Copyright (c) 2008-2012, by Randall Stewart. All rights reserved.
     1.7 + * Copyright (c) 2008-2012, by Michael Tuexen. All rights reserved.
     1.8 + *
     1.9 + * Redistribution and use in source and binary forms, with or without
    1.10 + * modification, are permitted provided that the following conditions are met:
    1.11 + *
    1.12 + * a) Redistributions of source code must retain the above copyright notice,
    1.13 + *    this list of conditions and the following disclaimer.
    1.14 + *
    1.15 + * b) Redistributions in binary form must reproduce the above copyright
    1.16 + *    notice, this list of conditions and the following disclaimer in
    1.17 + *    the documentation and/or other materials provided with the distribution.
    1.18 + *
    1.19 + * c) Neither the name of Cisco Systems, Inc. nor the names of its
    1.20 + *    contributors may be used to endorse or promote products derived
    1.21 + *    from this software without specific prior written permission.
    1.22 + *
    1.23 + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
    1.24 + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
    1.25 + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
    1.26 + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
    1.27 + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
    1.28 + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
    1.29 + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
    1.30 + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
    1.31 + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
    1.32 + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
    1.33 + * THE POSSIBILITY OF SUCH DAMAGE.
    1.34 + */
    1.35 +
    1.36 +#ifdef __FreeBSD__
    1.37 +#include <sys/cdefs.h>
    1.38 +__FBSDID("$FreeBSD: head/sys/netinet/sctp_auth.h 257804 2013-11-07 18:50:11Z tuexen $");
    1.39 +#endif
    1.40 +
    1.41 +#ifndef _NETINET_SCTP_AUTH_H_
    1.42 +#define _NETINET_SCTP_AUTH_H_
    1.43 +
    1.44 +#include <netinet/sctp_os.h>
    1.45 +
    1.46 +/* digest lengths */
    1.47 +#define SCTP_AUTH_DIGEST_LEN_SHA1	20
    1.48 +#define SCTP_AUTH_DIGEST_LEN_SHA256	32
    1.49 +#define SCTP_AUTH_DIGEST_LEN_MAX	SCTP_AUTH_DIGEST_LEN_SHA256
    1.50 +
    1.51 +/* random sizes */
    1.52 +#define SCTP_AUTH_RANDOM_SIZE_DEFAULT	32
    1.53 +#define SCTP_AUTH_RANDOM_SIZE_REQUIRED	32
    1.54 +
    1.55 +/* union of all supported HMAC algorithm contexts */
    1.56 +typedef union sctp_hash_context {
    1.57 +	SCTP_SHA1_CTX sha1;
    1.58 +#if defined(SCTP_SUPPORT_HMAC_SHA256)
    1.59 +	SCTP_SHA256_CTX sha256;
    1.60 +#endif
    1.61 +} sctp_hash_context_t;
    1.62 +
    1.63 +typedef struct sctp_key {
    1.64 +	uint32_t keylen;
    1.65 +	uint8_t key[];
    1.66 +} sctp_key_t;
    1.67 +
    1.68 +typedef struct sctp_shared_key {
    1.69 +	LIST_ENTRY(sctp_shared_key) next;
    1.70 +	sctp_key_t *key;	/* key text */
    1.71 +	uint32_t refcount;	/* reference count */
    1.72 +	uint16_t keyid;		/* shared key ID */
    1.73 +	uint8_t deactivated;	/* key is deactivated */
    1.74 +} sctp_sharedkey_t;
    1.75 +
    1.76 +LIST_HEAD(sctp_keyhead, sctp_shared_key);
    1.77 +
    1.78 +/* authentication chunks list */
    1.79 +typedef struct sctp_auth_chklist {
    1.80 +	uint8_t chunks[256];
    1.81 +	uint8_t num_chunks;
    1.82 +} sctp_auth_chklist_t;
    1.83 +
    1.84 +/* hmac algos supported list */
    1.85 +typedef struct sctp_hmaclist {
    1.86 +	uint16_t max_algo;	/* max algorithms allocated */
    1.87 +	uint16_t num_algo;	/* num algorithms used */
    1.88 +	uint16_t hmac[];
    1.89 +} sctp_hmaclist_t;
    1.90 +
    1.91 +/* authentication info */
    1.92 +typedef struct sctp_authinformation {
    1.93 +	sctp_key_t *random;	/* local random key (concatenated) */
    1.94 +	uint32_t random_len;	/* local random number length for param */
    1.95 +	sctp_key_t *peer_random;/* peer's random key (concatenated) */
    1.96 +	sctp_key_t *assoc_key;	/* cached concatenated send key */
    1.97 +	sctp_key_t *recv_key;	/* cached concatenated recv key */
    1.98 +	uint16_t active_keyid;	/* active send keyid */
    1.99 +	uint16_t assoc_keyid;	/* current send keyid (cached) */
   1.100 +	uint16_t recv_keyid;	/* last recv keyid (cached) */
   1.101 +} sctp_authinfo_t;
   1.102 +
   1.103 +
   1.104 +
   1.105 +/*
   1.106 + * Macros
   1.107 + */
   1.108 +#define sctp_auth_is_required_chunk(chunk, list) ((list == NULL) ? (0) : (list->chunks[chunk] != 0))
   1.109 +
   1.110 +/*
   1.111 + * function prototypes
   1.112 + */
   1.113 +
   1.114 +/* socket option api functions */
   1.115 +extern sctp_auth_chklist_t *sctp_alloc_chunklist(void);
   1.116 +extern void sctp_free_chunklist(sctp_auth_chklist_t *chklist);
   1.117 +extern void sctp_clear_chunklist(sctp_auth_chklist_t *chklist);
   1.118 +extern sctp_auth_chklist_t *sctp_copy_chunklist(sctp_auth_chklist_t *chklist);
   1.119 +extern int sctp_auth_add_chunk(uint8_t chunk, sctp_auth_chklist_t *list);
   1.120 +extern int sctp_auth_delete_chunk(uint8_t chunk, sctp_auth_chklist_t *list);
   1.121 +extern size_t sctp_auth_get_chklist_size(const sctp_auth_chklist_t *list);
   1.122 +extern void sctp_auth_set_default_chunks(sctp_auth_chklist_t *list);
   1.123 +extern int sctp_serialize_auth_chunks(const sctp_auth_chklist_t *list,
   1.124 +    uint8_t *ptr);
   1.125 +extern int sctp_pack_auth_chunks(const sctp_auth_chklist_t *list,
   1.126 +    uint8_t *ptr);
   1.127 +extern int sctp_unpack_auth_chunks(const uint8_t *ptr, uint8_t num_chunks,
   1.128 +    sctp_auth_chklist_t *list);
   1.129 +
   1.130 +/* key handling */
   1.131 +extern sctp_key_t *sctp_alloc_key(uint32_t keylen);
   1.132 +extern void sctp_free_key(sctp_key_t *key);
   1.133 +extern void sctp_print_key(sctp_key_t *key, const char *str);
   1.134 +extern void sctp_show_key(sctp_key_t *key, const char *str);
   1.135 +extern sctp_key_t *sctp_generate_random_key(uint32_t keylen);
   1.136 +extern sctp_key_t *sctp_set_key(uint8_t *key, uint32_t keylen);
   1.137 +extern sctp_key_t *sctp_compute_hashkey(sctp_key_t *key1, sctp_key_t *key2,
   1.138 +    sctp_key_t *shared);
   1.139 +
   1.140 +/* shared key handling */
   1.141 +extern sctp_sharedkey_t *sctp_alloc_sharedkey(void);
   1.142 +extern void sctp_free_sharedkey(sctp_sharedkey_t *skey);
   1.143 +extern sctp_sharedkey_t *sctp_find_sharedkey(struct sctp_keyhead *shared_keys,
   1.144 +    uint16_t key_id);
   1.145 +extern int sctp_insert_sharedkey(struct sctp_keyhead *shared_keys,
   1.146 +    sctp_sharedkey_t *new_skey);
   1.147 +extern int sctp_copy_skeylist(const struct sctp_keyhead *src,
   1.148 +    struct sctp_keyhead *dest);
   1.149 +/* ref counts on shared keys, by key id */
   1.150 +extern void sctp_auth_key_acquire(struct sctp_tcb *stcb, uint16_t keyid);
   1.151 +extern void sctp_auth_key_release(struct sctp_tcb *stcb, uint16_t keyid,
   1.152 +    int so_locked);
   1.153 +
   1.154 +
   1.155 +/* hmac list handling */
   1.156 +extern sctp_hmaclist_t *sctp_alloc_hmaclist(uint8_t num_hmacs);
   1.157 +extern void sctp_free_hmaclist(sctp_hmaclist_t *list);
   1.158 +extern int sctp_auth_add_hmacid(sctp_hmaclist_t *list, uint16_t hmac_id);
   1.159 +extern sctp_hmaclist_t *sctp_copy_hmaclist(sctp_hmaclist_t *list);
   1.160 +extern sctp_hmaclist_t *sctp_default_supported_hmaclist(void);
   1.161 +extern uint16_t sctp_negotiate_hmacid(sctp_hmaclist_t *peer,
   1.162 +    sctp_hmaclist_t *local);
   1.163 +extern int sctp_serialize_hmaclist(sctp_hmaclist_t *list, uint8_t *ptr);
   1.164 +extern int sctp_verify_hmac_param(struct sctp_auth_hmac_algo *hmacs,
   1.165 +    uint32_t num_hmacs);
   1.166 +
   1.167 +extern sctp_authinfo_t *sctp_alloc_authinfo(void);
   1.168 +extern void sctp_free_authinfo(sctp_authinfo_t *authinfo);
   1.169 +
   1.170 +/* keyed-HMAC functions */
   1.171 +extern uint32_t sctp_get_auth_chunk_len(uint16_t hmac_algo);
   1.172 +extern uint32_t sctp_get_hmac_digest_len(uint16_t hmac_algo);
   1.173 +extern uint32_t sctp_hmac(uint16_t hmac_algo, uint8_t *key, uint32_t keylen,
   1.174 +    uint8_t *text, uint32_t textlen, uint8_t *digest);
   1.175 +extern int sctp_verify_hmac(uint16_t hmac_algo, uint8_t *key, uint32_t keylen,
   1.176 +    uint8_t *text, uint32_t textlen, uint8_t *digest, uint32_t digestlen);
   1.177 +extern uint32_t sctp_compute_hmac(uint16_t hmac_algo, sctp_key_t *key,
   1.178 +    uint8_t *text, uint32_t textlen, uint8_t *digest);
   1.179 +extern int sctp_auth_is_supported_hmac(sctp_hmaclist_t *list, uint16_t id);
   1.180 +
   1.181 +/* mbuf versions */
   1.182 +extern uint32_t sctp_hmac_m(uint16_t hmac_algo, uint8_t *key, uint32_t keylen,
   1.183 +    struct mbuf *m, uint32_t m_offset, uint8_t *digest, uint32_t trailer);
   1.184 +extern uint32_t sctp_compute_hmac_m(uint16_t hmac_algo, sctp_key_t *key,
   1.185 +    struct mbuf *m, uint32_t m_offset, uint8_t *digest);
   1.186 +
   1.187 +/*
   1.188 + * authentication routines
   1.189 + */
   1.190 +extern void sctp_clear_cachedkeys(struct sctp_tcb *stcb, uint16_t keyid);
   1.191 +extern void sctp_clear_cachedkeys_ep(struct sctp_inpcb *inp, uint16_t keyid);
   1.192 +extern int sctp_delete_sharedkey(struct sctp_tcb *stcb, uint16_t keyid);
   1.193 +extern int sctp_delete_sharedkey_ep(struct sctp_inpcb *inp, uint16_t keyid);
   1.194 +extern int sctp_auth_setactivekey(struct sctp_tcb *stcb, uint16_t keyid);
   1.195 +extern int sctp_auth_setactivekey_ep(struct sctp_inpcb *inp, uint16_t keyid);
   1.196 +extern int sctp_deact_sharedkey(struct sctp_tcb *stcb, uint16_t keyid);
   1.197 +extern int sctp_deact_sharedkey_ep(struct sctp_inpcb *inp, uint16_t keyid);
   1.198 +
   1.199 +extern void sctp_auth_get_cookie_params(struct sctp_tcb *stcb, struct mbuf *m,
   1.200 +    uint32_t offset, uint32_t length);
   1.201 +extern void sctp_fill_hmac_digest_m(struct mbuf *m, uint32_t auth_offset,
   1.202 +    struct sctp_auth_chunk *auth, struct sctp_tcb *stcb, uint16_t key_id);
   1.203 +extern struct mbuf *sctp_add_auth_chunk(struct mbuf *m, struct mbuf **m_end,
   1.204 +    struct sctp_auth_chunk **auth_ret, uint32_t *offset,
   1.205 +    struct sctp_tcb *stcb, uint8_t chunk);
   1.206 +extern int sctp_handle_auth(struct sctp_tcb *stcb, struct sctp_auth_chunk *ch,
   1.207 +    struct mbuf *m, uint32_t offset);
   1.208 +extern void sctp_notify_authentication(struct sctp_tcb *stcb,
   1.209 +    uint32_t indication, uint16_t keyid, uint16_t alt_keyid, int so_locked);
   1.210 +extern int sctp_validate_init_auth_params(struct mbuf *m, int offset,
   1.211 +    int limit);
   1.212 +extern void sctp_initialize_auth_params(struct sctp_inpcb *inp,
   1.213 +    struct sctp_tcb *stcb);
   1.214 +
   1.215 +/* test functions */
   1.216 +#ifdef SCTP_HMAC_TEST
   1.217 +extern void sctp_test_hmac_sha1(void);
   1.218 +extern void sctp_test_authkey(void);
   1.219 +#endif
   1.220 +#endif /* __SCTP_AUTH_H__ */

Mercurial Repository: The Tor Browser

Europalab SCM Repository Server

mercurial