michael@0: /*- michael@0: * Copyright (c) 2001-2008, by Cisco Systems, Inc. All rights reserved. michael@0: * Copyright (c) 2008-2012, by Randall Stewart. All rights reserved. michael@0: * Copyright (c) 2008-2012, by Michael Tuexen. All rights reserved. michael@0: * michael@0: * Redistribution and use in source and binary forms, with or without michael@0: * modification, are permitted provided that the following conditions are met: michael@0: * michael@0: * a) Redistributions of source code must retain the above copyright notice, michael@0: * this list of conditions and the following disclaimer. michael@0: * michael@0: * b) Redistributions in binary form must reproduce the above copyright michael@0: * notice, this list of conditions and the following disclaimer in michael@0: * the documentation and/or other materials provided with the distribution. michael@0: * michael@0: * c) Neither the name of Cisco Systems, Inc. nor the names of its michael@0: * contributors may be used to endorse or promote products derived michael@0: * from this software without specific prior written permission. michael@0: * michael@0: * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS michael@0: * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, michael@0: * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE michael@0: * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE michael@0: * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR michael@0: * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF michael@0: * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS michael@0: * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN michael@0: * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) michael@0: * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF michael@0: * THE POSSIBILITY OF SUCH DAMAGE. michael@0: */ michael@0: michael@0: #ifdef __FreeBSD__ michael@0: #include michael@0: __FBSDID("$FreeBSD: head/sys/netinet/sctp_auth.c 257804 2013-11-07 18:50:11Z tuexen $"); michael@0: #endif michael@0: michael@0: #include michael@0: #include michael@0: #include michael@0: #include michael@0: #include michael@0: #include michael@0: #include michael@0: #include michael@0: #include michael@0: #include michael@0: michael@0: #ifdef SCTP_DEBUG michael@0: #define SCTP_AUTH_DEBUG (SCTP_BASE_SYSCTL(sctp_debug_on) & SCTP_DEBUG_AUTH1) michael@0: #define SCTP_AUTH_DEBUG2 (SCTP_BASE_SYSCTL(sctp_debug_on) & SCTP_DEBUG_AUTH2) michael@0: #endif /* SCTP_DEBUG */ michael@0: michael@0: michael@0: void michael@0: sctp_clear_chunklist(sctp_auth_chklist_t *chklist) michael@0: { michael@0: bzero(chklist, sizeof(*chklist)); michael@0: /* chklist->num_chunks = 0; */ michael@0: } michael@0: michael@0: sctp_auth_chklist_t * michael@0: sctp_alloc_chunklist(void) michael@0: { michael@0: sctp_auth_chklist_t *chklist; michael@0: michael@0: SCTP_MALLOC(chklist, sctp_auth_chklist_t *, sizeof(*chklist), michael@0: SCTP_M_AUTH_CL); michael@0: if (chklist == NULL) { michael@0: SCTPDBG(SCTP_DEBUG_AUTH1, "sctp_alloc_chunklist: failed to get memory!\n"); michael@0: } else { michael@0: sctp_clear_chunklist(chklist); michael@0: } michael@0: return (chklist); michael@0: } michael@0: michael@0: void michael@0: sctp_free_chunklist(sctp_auth_chklist_t *list) michael@0: { michael@0: if (list != NULL) michael@0: SCTP_FREE(list, SCTP_M_AUTH_CL); michael@0: } michael@0: michael@0: sctp_auth_chklist_t * michael@0: sctp_copy_chunklist(sctp_auth_chklist_t *list) michael@0: { michael@0: sctp_auth_chklist_t *new_list; michael@0: michael@0: if (list == NULL) michael@0: return (NULL); michael@0: michael@0: /* get a new list */ michael@0: new_list = sctp_alloc_chunklist(); michael@0: if (new_list == NULL) michael@0: return (NULL); michael@0: /* copy it */ michael@0: bcopy(list, new_list, sizeof(*new_list)); michael@0: michael@0: return (new_list); michael@0: } michael@0: michael@0: michael@0: /* michael@0: * add a chunk to the required chunks list michael@0: */ michael@0: int michael@0: sctp_auth_add_chunk(uint8_t chunk, sctp_auth_chklist_t *list) michael@0: { michael@0: if (list == NULL) michael@0: return (-1); michael@0: michael@0: /* is chunk restricted? */ michael@0: if ((chunk == SCTP_INITIATION) || michael@0: (chunk == SCTP_INITIATION_ACK) || michael@0: (chunk == SCTP_SHUTDOWN_COMPLETE) || michael@0: (chunk == SCTP_AUTHENTICATION)) { michael@0: return (-1); michael@0: } michael@0: if (list->chunks[chunk] == 0) { michael@0: list->chunks[chunk] = 1; michael@0: list->num_chunks++; michael@0: SCTPDBG(SCTP_DEBUG_AUTH1, michael@0: "SCTP: added chunk %u (0x%02x) to Auth list\n", michael@0: chunk, chunk); michael@0: } michael@0: return (0); michael@0: } michael@0: michael@0: /* michael@0: * delete a chunk from the required chunks list michael@0: */ michael@0: int michael@0: sctp_auth_delete_chunk(uint8_t chunk, sctp_auth_chklist_t *list) michael@0: { michael@0: if (list == NULL) michael@0: return (-1); michael@0: michael@0: /* is chunk restricted? */ michael@0: if ((chunk == SCTP_ASCONF) || michael@0: (chunk == SCTP_ASCONF_ACK)) { michael@0: return (-1); michael@0: } michael@0: if (list->chunks[chunk] == 1) { michael@0: list->chunks[chunk] = 0; michael@0: list->num_chunks--; michael@0: SCTPDBG(SCTP_DEBUG_AUTH1, michael@0: "SCTP: deleted chunk %u (0x%02x) from Auth list\n", michael@0: chunk, chunk); michael@0: } michael@0: return (0); michael@0: } michael@0: michael@0: size_t michael@0: sctp_auth_get_chklist_size(const sctp_auth_chklist_t *list) michael@0: { michael@0: if (list == NULL) michael@0: return (0); michael@0: else michael@0: return (list->num_chunks); michael@0: } michael@0: michael@0: /* michael@0: * set the default list of chunks requiring AUTH michael@0: */ michael@0: void michael@0: sctp_auth_set_default_chunks(sctp_auth_chklist_t *list) michael@0: { michael@0: (void)sctp_auth_add_chunk(SCTP_ASCONF, list); michael@0: (void)sctp_auth_add_chunk(SCTP_ASCONF_ACK, list); michael@0: } michael@0: michael@0: /* michael@0: * return the current number and list of required chunks caller must michael@0: * guarantee ptr has space for up to 256 bytes michael@0: */ michael@0: int michael@0: sctp_serialize_auth_chunks(const sctp_auth_chklist_t *list, uint8_t *ptr) michael@0: { michael@0: int i, count = 0; michael@0: michael@0: if (list == NULL) michael@0: return (0); michael@0: michael@0: for (i = 0; i < 256; i++) { michael@0: if (list->chunks[i] != 0) { michael@0: *ptr++ = i; michael@0: count++; michael@0: } michael@0: } michael@0: return (count); michael@0: } michael@0: michael@0: int michael@0: sctp_pack_auth_chunks(const sctp_auth_chklist_t *list, uint8_t *ptr) michael@0: { michael@0: int i, size = 0; michael@0: michael@0: if (list == NULL) michael@0: return (0); michael@0: michael@0: if (list->num_chunks <= 32) { michael@0: /* just list them, one byte each */ michael@0: for (i = 0; i < 256; i++) { michael@0: if (list->chunks[i] != 0) { michael@0: *ptr++ = i; michael@0: size++; michael@0: } michael@0: } michael@0: } else { michael@0: int index, offset; michael@0: michael@0: /* pack into a 32 byte bitfield */ michael@0: for (i = 0; i < 256; i++) { michael@0: if (list->chunks[i] != 0) { michael@0: index = i / 8; michael@0: offset = i % 8; michael@0: ptr[index] |= (1 << offset); michael@0: } michael@0: } michael@0: size = 32; michael@0: } michael@0: return (size); michael@0: } michael@0: michael@0: int michael@0: sctp_unpack_auth_chunks(const uint8_t *ptr, uint8_t num_chunks, michael@0: sctp_auth_chklist_t *list) michael@0: { michael@0: int i; michael@0: int size; michael@0: michael@0: if (list == NULL) michael@0: return (0); michael@0: michael@0: if (num_chunks <= 32) { michael@0: /* just pull them, one byte each */ michael@0: for (i = 0; i < num_chunks; i++) { michael@0: (void)sctp_auth_add_chunk(*ptr++, list); michael@0: } michael@0: size = num_chunks; michael@0: } else { michael@0: int index, offset; michael@0: michael@0: /* unpack from a 32 byte bitfield */ michael@0: for (index = 0; index < 32; index++) { michael@0: for (offset = 0; offset < 8; offset++) { michael@0: if (ptr[index] & (1 << offset)) { michael@0: (void)sctp_auth_add_chunk((index * 8) + offset, list); michael@0: } michael@0: } michael@0: } michael@0: size = 32; michael@0: } michael@0: return (size); michael@0: } michael@0: michael@0: michael@0: /* michael@0: * allocate structure space for a key of length keylen michael@0: */ michael@0: sctp_key_t * michael@0: sctp_alloc_key(uint32_t keylen) michael@0: { michael@0: sctp_key_t *new_key; michael@0: michael@0: SCTP_MALLOC(new_key, sctp_key_t *, sizeof(*new_key) + keylen, michael@0: SCTP_M_AUTH_KY); michael@0: if (new_key == NULL) { michael@0: /* out of memory */ michael@0: return (NULL); michael@0: } michael@0: new_key->keylen = keylen; michael@0: return (new_key); michael@0: } michael@0: michael@0: void michael@0: sctp_free_key(sctp_key_t *key) michael@0: { michael@0: if (key != NULL) michael@0: SCTP_FREE(key,SCTP_M_AUTH_KY); michael@0: } michael@0: michael@0: void michael@0: sctp_print_key(sctp_key_t *key, const char *str) michael@0: { michael@0: uint32_t i; michael@0: michael@0: if (key == NULL) { michael@0: SCTP_PRINTF("%s: [Null key]\n", str); michael@0: return; michael@0: } michael@0: SCTP_PRINTF("%s: len %u, ", str, key->keylen); michael@0: if (key->keylen) { michael@0: for (i = 0; i < key->keylen; i++) michael@0: SCTP_PRINTF("%02x", key->key[i]); michael@0: SCTP_PRINTF("\n"); michael@0: } else { michael@0: SCTP_PRINTF("[Null key]\n"); michael@0: } michael@0: } michael@0: michael@0: void michael@0: sctp_show_key(sctp_key_t *key, const char *str) michael@0: { michael@0: uint32_t i; michael@0: michael@0: if (key == NULL) { michael@0: SCTP_PRINTF("%s: [Null key]\n", str); michael@0: return; michael@0: } michael@0: SCTP_PRINTF("%s: len %u, ", str, key->keylen); michael@0: if (key->keylen) { michael@0: for (i = 0; i < key->keylen; i++) michael@0: SCTP_PRINTF("%02x", key->key[i]); michael@0: SCTP_PRINTF("\n"); michael@0: } else { michael@0: SCTP_PRINTF("[Null key]\n"); michael@0: } michael@0: } michael@0: michael@0: static uint32_t michael@0: sctp_get_keylen(sctp_key_t *key) michael@0: { michael@0: if (key != NULL) michael@0: return (key->keylen); michael@0: else michael@0: return (0); michael@0: } michael@0: michael@0: /* michael@0: * generate a new random key of length 'keylen' michael@0: */ michael@0: sctp_key_t * michael@0: sctp_generate_random_key(uint32_t keylen) michael@0: { michael@0: sctp_key_t *new_key; michael@0: michael@0: new_key = sctp_alloc_key(keylen); michael@0: if (new_key == NULL) { michael@0: /* out of memory */ michael@0: return (NULL); michael@0: } michael@0: SCTP_READ_RANDOM(new_key->key, keylen); michael@0: new_key->keylen = keylen; michael@0: return (new_key); michael@0: } michael@0: michael@0: sctp_key_t * michael@0: sctp_set_key(uint8_t *key, uint32_t keylen) michael@0: { michael@0: sctp_key_t *new_key; michael@0: michael@0: new_key = sctp_alloc_key(keylen); michael@0: if (new_key == NULL) { michael@0: /* out of memory */ michael@0: return (NULL); michael@0: } michael@0: bcopy(key, new_key->key, keylen); michael@0: return (new_key); michael@0: } michael@0: michael@0: /*- michael@0: * given two keys of variable size, compute which key is "larger/smaller" michael@0: * returns: 1 if key1 > key2 michael@0: * -1 if key1 < key2 michael@0: * 0 if key1 = key2 michael@0: */ michael@0: static int michael@0: sctp_compare_key(sctp_key_t *key1, sctp_key_t *key2) michael@0: { michael@0: uint32_t maxlen; michael@0: uint32_t i; michael@0: uint32_t key1len, key2len; michael@0: uint8_t *key_1, *key_2; michael@0: uint8_t val1, val2; michael@0: michael@0: /* sanity/length check */ michael@0: key1len = sctp_get_keylen(key1); michael@0: key2len = sctp_get_keylen(key2); michael@0: if ((key1len == 0) && (key2len == 0)) michael@0: return (0); michael@0: else if (key1len == 0) michael@0: return (-1); michael@0: else if (key2len == 0) michael@0: return (1); michael@0: michael@0: if (key1len < key2len) { michael@0: maxlen = key2len; michael@0: } else { michael@0: maxlen = key1len; michael@0: } michael@0: key_1 = key1->key; michael@0: key_2 = key2->key; michael@0: /* check for numeric equality */ michael@0: for (i = 0; i < maxlen; i++) { michael@0: /* left-pad with zeros */ michael@0: val1 = (i < (maxlen - key1len)) ? 0 : *(key_1++); michael@0: val2 = (i < (maxlen - key2len)) ? 0 : *(key_2++); michael@0: if (val1 > val2) { michael@0: return (1); michael@0: } else if (val1 < val2) { michael@0: return (-1); michael@0: } michael@0: } michael@0: /* keys are equal value, so check lengths */ michael@0: if (key1len == key2len) michael@0: return (0); michael@0: else if (key1len < key2len) michael@0: return (-1); michael@0: else michael@0: return (1); michael@0: } michael@0: michael@0: /* michael@0: * generate the concatenated keying material based on the two keys and the michael@0: * shared key (if available). draft-ietf-tsvwg-auth specifies the specific michael@0: * order for concatenation michael@0: */ michael@0: sctp_key_t * michael@0: sctp_compute_hashkey(sctp_key_t *key1, sctp_key_t *key2, sctp_key_t *shared) michael@0: { michael@0: uint32_t keylen; michael@0: sctp_key_t *new_key; michael@0: uint8_t *key_ptr; michael@0: michael@0: keylen = sctp_get_keylen(key1) + sctp_get_keylen(key2) + michael@0: sctp_get_keylen(shared); michael@0: michael@0: if (keylen > 0) { michael@0: /* get space for the new key */ michael@0: new_key = sctp_alloc_key(keylen); michael@0: if (new_key == NULL) { michael@0: /* out of memory */ michael@0: return (NULL); michael@0: } michael@0: new_key->keylen = keylen; michael@0: key_ptr = new_key->key; michael@0: } else { michael@0: /* all keys empty/null?! */ michael@0: return (NULL); michael@0: } michael@0: michael@0: /* concatenate the keys */ michael@0: if (sctp_compare_key(key1, key2) <= 0) { michael@0: /* key is shared + key1 + key2 */ michael@0: if (sctp_get_keylen(shared)) { michael@0: bcopy(shared->key, key_ptr, shared->keylen); michael@0: key_ptr += shared->keylen; michael@0: } michael@0: if (sctp_get_keylen(key1)) { michael@0: bcopy(key1->key, key_ptr, key1->keylen); michael@0: key_ptr += key1->keylen; michael@0: } michael@0: if (sctp_get_keylen(key2)) { michael@0: bcopy(key2->key, key_ptr, key2->keylen); michael@0: } michael@0: } else { michael@0: /* key is shared + key2 + key1 */ michael@0: if (sctp_get_keylen(shared)) { michael@0: bcopy(shared->key, key_ptr, shared->keylen); michael@0: key_ptr += shared->keylen; michael@0: } michael@0: if (sctp_get_keylen(key2)) { michael@0: bcopy(key2->key, key_ptr, key2->keylen); michael@0: key_ptr += key2->keylen; michael@0: } michael@0: if (sctp_get_keylen(key1)) { michael@0: bcopy(key1->key, key_ptr, key1->keylen); michael@0: } michael@0: } michael@0: return (new_key); michael@0: } michael@0: michael@0: michael@0: sctp_sharedkey_t * michael@0: sctp_alloc_sharedkey(void) michael@0: { michael@0: sctp_sharedkey_t *new_key; michael@0: michael@0: SCTP_MALLOC(new_key, sctp_sharedkey_t *, sizeof(*new_key), michael@0: SCTP_M_AUTH_KY); michael@0: if (new_key == NULL) { michael@0: /* out of memory */ michael@0: return (NULL); michael@0: } michael@0: new_key->keyid = 0; michael@0: new_key->key = NULL; michael@0: new_key->refcount = 1; michael@0: new_key->deactivated = 0; michael@0: return (new_key); michael@0: } michael@0: michael@0: void michael@0: sctp_free_sharedkey(sctp_sharedkey_t *skey) michael@0: { michael@0: if (skey == NULL) michael@0: return; michael@0: michael@0: if (SCTP_DECREMENT_AND_CHECK_REFCOUNT(&skey->refcount)) { michael@0: if (skey->key != NULL) michael@0: sctp_free_key(skey->key); michael@0: SCTP_FREE(skey, SCTP_M_AUTH_KY); michael@0: } michael@0: } michael@0: michael@0: sctp_sharedkey_t * michael@0: sctp_find_sharedkey(struct sctp_keyhead *shared_keys, uint16_t key_id) michael@0: { michael@0: sctp_sharedkey_t *skey; michael@0: michael@0: LIST_FOREACH(skey, shared_keys, next) { michael@0: if (skey->keyid == key_id) michael@0: return (skey); michael@0: } michael@0: return (NULL); michael@0: } michael@0: michael@0: int michael@0: sctp_insert_sharedkey(struct sctp_keyhead *shared_keys, michael@0: sctp_sharedkey_t *new_skey) michael@0: { michael@0: sctp_sharedkey_t *skey; michael@0: michael@0: if ((shared_keys == NULL) || (new_skey == NULL)) michael@0: return (EINVAL); michael@0: michael@0: /* insert into an empty list? */ michael@0: if (LIST_EMPTY(shared_keys)) { michael@0: LIST_INSERT_HEAD(shared_keys, new_skey, next); michael@0: return (0); michael@0: } michael@0: /* insert into the existing list, ordered by key id */ michael@0: LIST_FOREACH(skey, shared_keys, next) { michael@0: if (new_skey->keyid < skey->keyid) { michael@0: /* insert it before here */ michael@0: LIST_INSERT_BEFORE(skey, new_skey, next); michael@0: return (0); michael@0: } else if (new_skey->keyid == skey->keyid) { michael@0: /* replace the existing key */ michael@0: /* verify this key *can* be replaced */ michael@0: if ((skey->deactivated) && (skey->refcount > 1)) { michael@0: SCTPDBG(SCTP_DEBUG_AUTH1, michael@0: "can't replace shared key id %u\n", michael@0: new_skey->keyid); michael@0: return (EBUSY); michael@0: } michael@0: SCTPDBG(SCTP_DEBUG_AUTH1, michael@0: "replacing shared key id %u\n", michael@0: new_skey->keyid); michael@0: LIST_INSERT_BEFORE(skey, new_skey, next); michael@0: LIST_REMOVE(skey, next); michael@0: sctp_free_sharedkey(skey); michael@0: return (0); michael@0: } michael@0: if (LIST_NEXT(skey, next) == NULL) { michael@0: /* belongs at the end of the list */ michael@0: LIST_INSERT_AFTER(skey, new_skey, next); michael@0: return (0); michael@0: } michael@0: } michael@0: /* shouldn't reach here */ michael@0: return (0); michael@0: } michael@0: michael@0: void michael@0: sctp_auth_key_acquire(struct sctp_tcb *stcb, uint16_t key_id) michael@0: { michael@0: sctp_sharedkey_t *skey; michael@0: michael@0: /* find the shared key */ michael@0: skey = sctp_find_sharedkey(&stcb->asoc.shared_keys, key_id); michael@0: michael@0: /* bump the ref count */ michael@0: if (skey) { michael@0: atomic_add_int(&skey->refcount, 1); michael@0: SCTPDBG(SCTP_DEBUG_AUTH2, michael@0: "%s: stcb %p key %u refcount acquire to %d\n", michael@0: __FUNCTION__, (void *)stcb, key_id, skey->refcount); michael@0: } michael@0: } michael@0: michael@0: void michael@0: sctp_auth_key_release(struct sctp_tcb *stcb, uint16_t key_id, int so_locked michael@0: #if !defined(__APPLE__) && !defined(SCTP_SO_LOCK_TESTING) michael@0: SCTP_UNUSED michael@0: #endif michael@0: ) michael@0: { michael@0: sctp_sharedkey_t *skey; michael@0: michael@0: /* find the shared key */ michael@0: skey = sctp_find_sharedkey(&stcb->asoc.shared_keys, key_id); michael@0: michael@0: /* decrement the ref count */ michael@0: if (skey) { michael@0: sctp_free_sharedkey(skey); michael@0: SCTPDBG(SCTP_DEBUG_AUTH2, michael@0: "%s: stcb %p key %u refcount release to %d\n", michael@0: __FUNCTION__, (void *)stcb, key_id, skey->refcount); michael@0: michael@0: /* see if a notification should be generated */ michael@0: if ((skey->refcount <= 1) && (skey->deactivated)) { michael@0: /* notify ULP that key is no longer used */ michael@0: sctp_ulp_notify(SCTP_NOTIFY_AUTH_FREE_KEY, stcb, michael@0: key_id, 0, so_locked); michael@0: SCTPDBG(SCTP_DEBUG_AUTH2, michael@0: "%s: stcb %p key %u no longer used, %d\n", michael@0: __FUNCTION__, (void *)stcb, key_id, skey->refcount); michael@0: } michael@0: } michael@0: } michael@0: michael@0: static sctp_sharedkey_t * michael@0: sctp_copy_sharedkey(const sctp_sharedkey_t *skey) michael@0: { michael@0: sctp_sharedkey_t *new_skey; michael@0: michael@0: if (skey == NULL) michael@0: return (NULL); michael@0: new_skey = sctp_alloc_sharedkey(); michael@0: if (new_skey == NULL) michael@0: return (NULL); michael@0: if (skey->key != NULL) michael@0: new_skey->key = sctp_set_key(skey->key->key, skey->key->keylen); michael@0: else michael@0: new_skey->key = NULL; michael@0: new_skey->keyid = skey->keyid; michael@0: return (new_skey); michael@0: } michael@0: michael@0: int michael@0: sctp_copy_skeylist(const struct sctp_keyhead *src, struct sctp_keyhead *dest) michael@0: { michael@0: sctp_sharedkey_t *skey, *new_skey; michael@0: int count = 0; michael@0: michael@0: if ((src == NULL) || (dest == NULL)) michael@0: return (0); michael@0: LIST_FOREACH(skey, src, next) { michael@0: new_skey = sctp_copy_sharedkey(skey); michael@0: if (new_skey != NULL) { michael@0: (void)sctp_insert_sharedkey(dest, new_skey); michael@0: count++; michael@0: } michael@0: } michael@0: return (count); michael@0: } michael@0: michael@0: michael@0: sctp_hmaclist_t * michael@0: sctp_alloc_hmaclist(uint8_t num_hmacs) michael@0: { michael@0: sctp_hmaclist_t *new_list; michael@0: int alloc_size; michael@0: michael@0: alloc_size = sizeof(*new_list) + num_hmacs * sizeof(new_list->hmac[0]); michael@0: SCTP_MALLOC(new_list, sctp_hmaclist_t *, alloc_size, michael@0: SCTP_M_AUTH_HL); michael@0: if (new_list == NULL) { michael@0: /* out of memory */ michael@0: return (NULL); michael@0: } michael@0: new_list->max_algo = num_hmacs; michael@0: new_list->num_algo = 0; michael@0: return (new_list); michael@0: } michael@0: michael@0: void michael@0: sctp_free_hmaclist(sctp_hmaclist_t *list) michael@0: { michael@0: if (list != NULL) { michael@0: SCTP_FREE(list,SCTP_M_AUTH_HL); michael@0: list = NULL; michael@0: } michael@0: } michael@0: michael@0: int michael@0: sctp_auth_add_hmacid(sctp_hmaclist_t *list, uint16_t hmac_id) michael@0: { michael@0: int i; michael@0: if (list == NULL) michael@0: return (-1); michael@0: if (list->num_algo == list->max_algo) { michael@0: SCTPDBG(SCTP_DEBUG_AUTH1, michael@0: "SCTP: HMAC id list full, ignoring add %u\n", hmac_id); michael@0: return (-1); michael@0: } michael@0: #if defined(SCTP_SUPPORT_HMAC_SHA256) michael@0: if ((hmac_id != SCTP_AUTH_HMAC_ID_SHA1) && michael@0: (hmac_id != SCTP_AUTH_HMAC_ID_SHA256)) { michael@0: #else michael@0: if (hmac_id != SCTP_AUTH_HMAC_ID_SHA1) { michael@0: #endif michael@0: return (-1); michael@0: } michael@0: /* Now is it already in the list */ michael@0: for (i = 0; i < list->num_algo; i++) { michael@0: if (list->hmac[i] == hmac_id) { michael@0: /* already in list */ michael@0: return (-1); michael@0: } michael@0: } michael@0: SCTPDBG(SCTP_DEBUG_AUTH1, "SCTP: add HMAC id %u to list\n", hmac_id); michael@0: list->hmac[list->num_algo++] = hmac_id; michael@0: return (0); michael@0: } michael@0: michael@0: sctp_hmaclist_t * michael@0: sctp_copy_hmaclist(sctp_hmaclist_t *list) michael@0: { michael@0: sctp_hmaclist_t *new_list; michael@0: int i; michael@0: michael@0: if (list == NULL) michael@0: return (NULL); michael@0: /* get a new list */ michael@0: new_list = sctp_alloc_hmaclist(list->max_algo); michael@0: if (new_list == NULL) michael@0: return (NULL); michael@0: /* copy it */ michael@0: new_list->max_algo = list->max_algo; michael@0: new_list->num_algo = list->num_algo; michael@0: for (i = 0; i < list->num_algo; i++) michael@0: new_list->hmac[i] = list->hmac[i]; michael@0: return (new_list); michael@0: } michael@0: michael@0: sctp_hmaclist_t * michael@0: sctp_default_supported_hmaclist(void) michael@0: { michael@0: sctp_hmaclist_t *new_list; michael@0: michael@0: #if defined(SCTP_SUPPORT_HMAC_SHA256) michael@0: new_list = sctp_alloc_hmaclist(2); michael@0: #else michael@0: new_list = sctp_alloc_hmaclist(1); michael@0: #endif michael@0: if (new_list == NULL) michael@0: return (NULL); michael@0: #if defined(SCTP_SUPPORT_HMAC_SHA256) michael@0: /* We prefer SHA256, so list it first */ michael@0: (void)sctp_auth_add_hmacid(new_list, SCTP_AUTH_HMAC_ID_SHA256); michael@0: #endif michael@0: (void)sctp_auth_add_hmacid(new_list, SCTP_AUTH_HMAC_ID_SHA1); michael@0: return (new_list); michael@0: } michael@0: michael@0: /*- michael@0: * HMAC algos are listed in priority/preference order michael@0: * find the best HMAC id to use for the peer based on local support michael@0: */ michael@0: uint16_t michael@0: sctp_negotiate_hmacid(sctp_hmaclist_t *peer, sctp_hmaclist_t *local) michael@0: { michael@0: int i, j; michael@0: michael@0: if ((local == NULL) || (peer == NULL)) michael@0: return (SCTP_AUTH_HMAC_ID_RSVD); michael@0: michael@0: for (i = 0; i < peer->num_algo; i++) { michael@0: for (j = 0; j < local->num_algo; j++) { michael@0: if (peer->hmac[i] == local->hmac[j]) { michael@0: /* found the "best" one */ michael@0: SCTPDBG(SCTP_DEBUG_AUTH1, michael@0: "SCTP: negotiated peer HMAC id %u\n", michael@0: peer->hmac[i]); michael@0: return (peer->hmac[i]); michael@0: } michael@0: } michael@0: } michael@0: /* didn't find one! */ michael@0: return (SCTP_AUTH_HMAC_ID_RSVD); michael@0: } michael@0: michael@0: /*- michael@0: * serialize the HMAC algo list and return space used michael@0: * caller must guarantee ptr has appropriate space michael@0: */ michael@0: int michael@0: sctp_serialize_hmaclist(sctp_hmaclist_t *list, uint8_t *ptr) michael@0: { michael@0: int i; michael@0: uint16_t hmac_id; michael@0: michael@0: if (list == NULL) michael@0: return (0); michael@0: michael@0: for (i = 0; i < list->num_algo; i++) { michael@0: hmac_id = htons(list->hmac[i]); michael@0: bcopy(&hmac_id, ptr, sizeof(hmac_id)); michael@0: ptr += sizeof(hmac_id); michael@0: } michael@0: return (list->num_algo * sizeof(hmac_id)); michael@0: } michael@0: michael@0: int michael@0: sctp_verify_hmac_param (struct sctp_auth_hmac_algo *hmacs, uint32_t num_hmacs) michael@0: { michael@0: uint32_t i; michael@0: michael@0: for (i = 0; i < num_hmacs; i++) { michael@0: if (ntohs(hmacs->hmac_ids[i]) == SCTP_AUTH_HMAC_ID_SHA1) { michael@0: return (0); michael@0: } michael@0: } michael@0: return (-1); michael@0: } michael@0: michael@0: sctp_authinfo_t * michael@0: sctp_alloc_authinfo(void) michael@0: { michael@0: sctp_authinfo_t *new_authinfo; michael@0: michael@0: SCTP_MALLOC(new_authinfo, sctp_authinfo_t *, sizeof(*new_authinfo), michael@0: SCTP_M_AUTH_IF); michael@0: michael@0: if (new_authinfo == NULL) { michael@0: /* out of memory */ michael@0: return (NULL); michael@0: } michael@0: bzero(new_authinfo, sizeof(*new_authinfo)); michael@0: return (new_authinfo); michael@0: } michael@0: michael@0: void michael@0: sctp_free_authinfo(sctp_authinfo_t *authinfo) michael@0: { michael@0: if (authinfo == NULL) michael@0: return; michael@0: michael@0: if (authinfo->random != NULL) michael@0: sctp_free_key(authinfo->random); michael@0: if (authinfo->peer_random != NULL) michael@0: sctp_free_key(authinfo->peer_random); michael@0: if (authinfo->assoc_key != NULL) michael@0: sctp_free_key(authinfo->assoc_key); michael@0: if (authinfo->recv_key != NULL) michael@0: sctp_free_key(authinfo->recv_key); michael@0: michael@0: /* We are NOT dynamically allocating authinfo's right now... */ michael@0: /* SCTP_FREE(authinfo, SCTP_M_AUTH_??); */ michael@0: } michael@0: michael@0: michael@0: uint32_t michael@0: sctp_get_auth_chunk_len(uint16_t hmac_algo) michael@0: { michael@0: int size; michael@0: michael@0: size = sizeof(struct sctp_auth_chunk) + sctp_get_hmac_digest_len(hmac_algo); michael@0: return (SCTP_SIZE32(size)); michael@0: } michael@0: michael@0: uint32_t michael@0: sctp_get_hmac_digest_len(uint16_t hmac_algo) michael@0: { michael@0: switch (hmac_algo) { michael@0: case SCTP_AUTH_HMAC_ID_SHA1: michael@0: return (SCTP_AUTH_DIGEST_LEN_SHA1); michael@0: #if defined(SCTP_SUPPORT_HMAC_SHA256) michael@0: case SCTP_AUTH_HMAC_ID_SHA256: michael@0: return (SCTP_AUTH_DIGEST_LEN_SHA256); michael@0: #endif michael@0: default: michael@0: /* unknown HMAC algorithm: can't do anything */ michael@0: return (0); michael@0: } /* end switch */ michael@0: } michael@0: michael@0: static inline int michael@0: sctp_get_hmac_block_len(uint16_t hmac_algo) michael@0: { michael@0: switch (hmac_algo) { michael@0: case SCTP_AUTH_HMAC_ID_SHA1: michael@0: return (64); michael@0: #if defined(SCTP_SUPPORT_HMAC_SHA256) michael@0: case SCTP_AUTH_HMAC_ID_SHA256: michael@0: return (64); michael@0: #endif michael@0: case SCTP_AUTH_HMAC_ID_RSVD: michael@0: default: michael@0: /* unknown HMAC algorithm: can't do anything */ michael@0: return (0); michael@0: } /* end switch */ michael@0: } michael@0: michael@0: #if defined(__Userspace__) michael@0: /* __Userspace__ SHA1_Init is defined in libcrypto.a (libssl-dev on Ubuntu) */ michael@0: #endif michael@0: static void michael@0: sctp_hmac_init(uint16_t hmac_algo, sctp_hash_context_t *ctx) michael@0: { michael@0: switch (hmac_algo) { michael@0: case SCTP_AUTH_HMAC_ID_SHA1: michael@0: SCTP_SHA1_INIT(&ctx->sha1); michael@0: break; michael@0: #if defined(SCTP_SUPPORT_HMAC_SHA256) michael@0: case SCTP_AUTH_HMAC_ID_SHA256: michael@0: SCTP_SHA256_INIT(&ctx->sha256); michael@0: break; michael@0: #endif michael@0: case SCTP_AUTH_HMAC_ID_RSVD: michael@0: default: michael@0: /* unknown HMAC algorithm: can't do anything */ michael@0: return; michael@0: } /* end switch */ michael@0: } michael@0: michael@0: static void michael@0: sctp_hmac_update(uint16_t hmac_algo, sctp_hash_context_t *ctx, michael@0: uint8_t *text, uint32_t textlen) michael@0: { michael@0: switch (hmac_algo) { michael@0: case SCTP_AUTH_HMAC_ID_SHA1: michael@0: SCTP_SHA1_UPDATE(&ctx->sha1, text, textlen); michael@0: break; michael@0: #if defined(SCTP_SUPPORT_HMAC_SHA256) michael@0: case SCTP_AUTH_HMAC_ID_SHA256: michael@0: SCTP_SHA256_UPDATE(&ctx->sha256, text, textlen); michael@0: break; michael@0: #endif michael@0: case SCTP_AUTH_HMAC_ID_RSVD: michael@0: default: michael@0: /* unknown HMAC algorithm: can't do anything */ michael@0: return; michael@0: } /* end switch */ michael@0: } michael@0: michael@0: static void michael@0: sctp_hmac_final(uint16_t hmac_algo, sctp_hash_context_t *ctx, michael@0: uint8_t *digest) michael@0: { michael@0: switch (hmac_algo) { michael@0: case SCTP_AUTH_HMAC_ID_SHA1: michael@0: SCTP_SHA1_FINAL(digest, &ctx->sha1); michael@0: break; michael@0: #if defined(SCTP_SUPPORT_HMAC_SHA256) michael@0: case SCTP_AUTH_HMAC_ID_SHA256: michael@0: SCTP_SHA256_FINAL(digest, &ctx->sha256); michael@0: break; michael@0: #endif michael@0: case SCTP_AUTH_HMAC_ID_RSVD: michael@0: default: michael@0: /* unknown HMAC algorithm: can't do anything */ michael@0: return; michael@0: } /* end switch */ michael@0: } michael@0: michael@0: /*- michael@0: * Keyed-Hashing for Message Authentication: FIPS 198 (RFC 2104) michael@0: * michael@0: * Compute the HMAC digest using the desired hash key, text, and HMAC michael@0: * algorithm. Resulting digest is placed in 'digest' and digest length michael@0: * is returned, if the HMAC was performed. michael@0: * michael@0: * WARNING: it is up to the caller to supply sufficient space to hold the michael@0: * resultant digest. michael@0: */ michael@0: uint32_t michael@0: sctp_hmac(uint16_t hmac_algo, uint8_t *key, uint32_t keylen, michael@0: uint8_t *text, uint32_t textlen, uint8_t *digest) michael@0: { michael@0: uint32_t digestlen; michael@0: uint32_t blocklen; michael@0: sctp_hash_context_t ctx; michael@0: uint8_t ipad[128], opad[128]; /* keyed hash inner/outer pads */ michael@0: uint8_t temp[SCTP_AUTH_DIGEST_LEN_MAX]; michael@0: uint32_t i; michael@0: michael@0: /* sanity check the material and length */ michael@0: if ((key == NULL) || (keylen == 0) || (text == NULL) || michael@0: (textlen == 0) || (digest == NULL)) { michael@0: /* can't do HMAC with empty key or text or digest store */ michael@0: return (0); michael@0: } michael@0: /* validate the hmac algo and get the digest length */ michael@0: digestlen = sctp_get_hmac_digest_len(hmac_algo); michael@0: if (digestlen == 0) michael@0: return (0); michael@0: michael@0: /* hash the key if it is longer than the hash block size */ michael@0: blocklen = sctp_get_hmac_block_len(hmac_algo); michael@0: if (keylen > blocklen) { michael@0: sctp_hmac_init(hmac_algo, &ctx); michael@0: sctp_hmac_update(hmac_algo, &ctx, key, keylen); michael@0: sctp_hmac_final(hmac_algo, &ctx, temp); michael@0: /* set the hashed key as the key */ michael@0: keylen = digestlen; michael@0: key = temp; michael@0: } michael@0: /* initialize the inner/outer pads with the key and "append" zeroes */ michael@0: bzero(ipad, blocklen); michael@0: bzero(opad, blocklen); michael@0: bcopy(key, ipad, keylen); michael@0: bcopy(key, opad, keylen); michael@0: michael@0: /* XOR the key with ipad and opad values */ michael@0: for (i = 0; i < blocklen; i++) { michael@0: ipad[i] ^= 0x36; michael@0: opad[i] ^= 0x5c; michael@0: } michael@0: michael@0: /* perform inner hash */ michael@0: sctp_hmac_init(hmac_algo, &ctx); michael@0: sctp_hmac_update(hmac_algo, &ctx, ipad, blocklen); michael@0: sctp_hmac_update(hmac_algo, &ctx, text, textlen); michael@0: sctp_hmac_final(hmac_algo, &ctx, temp); michael@0: michael@0: /* perform outer hash */ michael@0: sctp_hmac_init(hmac_algo, &ctx); michael@0: sctp_hmac_update(hmac_algo, &ctx, opad, blocklen); michael@0: sctp_hmac_update(hmac_algo, &ctx, temp, digestlen); michael@0: sctp_hmac_final(hmac_algo, &ctx, digest); michael@0: michael@0: return (digestlen); michael@0: } michael@0: michael@0: /* mbuf version */ michael@0: uint32_t michael@0: sctp_hmac_m(uint16_t hmac_algo, uint8_t *key, uint32_t keylen, michael@0: struct mbuf *m, uint32_t m_offset, uint8_t *digest, uint32_t trailer) michael@0: { michael@0: uint32_t digestlen; michael@0: uint32_t blocklen; michael@0: sctp_hash_context_t ctx; michael@0: uint8_t ipad[128], opad[128]; /* keyed hash inner/outer pads */ michael@0: uint8_t temp[SCTP_AUTH_DIGEST_LEN_MAX]; michael@0: uint32_t i; michael@0: struct mbuf *m_tmp; michael@0: michael@0: /* sanity check the material and length */ michael@0: if ((key == NULL) || (keylen == 0) || (m == NULL) || (digest == NULL)) { michael@0: /* can't do HMAC with empty key or text or digest store */ michael@0: return (0); michael@0: } michael@0: /* validate the hmac algo and get the digest length */ michael@0: digestlen = sctp_get_hmac_digest_len(hmac_algo); michael@0: if (digestlen == 0) michael@0: return (0); michael@0: michael@0: /* hash the key if it is longer than the hash block size */ michael@0: blocklen = sctp_get_hmac_block_len(hmac_algo); michael@0: if (keylen > blocklen) { michael@0: sctp_hmac_init(hmac_algo, &ctx); michael@0: sctp_hmac_update(hmac_algo, &ctx, key, keylen); michael@0: sctp_hmac_final(hmac_algo, &ctx, temp); michael@0: /* set the hashed key as the key */ michael@0: keylen = digestlen; michael@0: key = temp; michael@0: } michael@0: /* initialize the inner/outer pads with the key and "append" zeroes */ michael@0: bzero(ipad, blocklen); michael@0: bzero(opad, blocklen); michael@0: bcopy(key, ipad, keylen); michael@0: bcopy(key, opad, keylen); michael@0: michael@0: /* XOR the key with ipad and opad values */ michael@0: for (i = 0; i < blocklen; i++) { michael@0: ipad[i] ^= 0x36; michael@0: opad[i] ^= 0x5c; michael@0: } michael@0: michael@0: /* perform inner hash */ michael@0: sctp_hmac_init(hmac_algo, &ctx); michael@0: sctp_hmac_update(hmac_algo, &ctx, ipad, blocklen); michael@0: /* find the correct starting mbuf and offset (get start of text) */ michael@0: m_tmp = m; michael@0: while ((m_tmp != NULL) && (m_offset >= (uint32_t) SCTP_BUF_LEN(m_tmp))) { michael@0: m_offset -= SCTP_BUF_LEN(m_tmp); michael@0: m_tmp = SCTP_BUF_NEXT(m_tmp); michael@0: } michael@0: /* now use the rest of the mbuf chain for the text */ michael@0: while (m_tmp != NULL) { michael@0: if ((SCTP_BUF_NEXT(m_tmp) == NULL) && trailer) { michael@0: sctp_hmac_update(hmac_algo, &ctx, mtod(m_tmp, uint8_t *) + m_offset, michael@0: SCTP_BUF_LEN(m_tmp) - (trailer+m_offset)); michael@0: } else { michael@0: sctp_hmac_update(hmac_algo, &ctx, mtod(m_tmp, uint8_t *) + m_offset, michael@0: SCTP_BUF_LEN(m_tmp) - m_offset); michael@0: } michael@0: michael@0: /* clear the offset since it's only for the first mbuf */ michael@0: m_offset = 0; michael@0: m_tmp = SCTP_BUF_NEXT(m_tmp); michael@0: } michael@0: sctp_hmac_final(hmac_algo, &ctx, temp); michael@0: michael@0: /* perform outer hash */ michael@0: sctp_hmac_init(hmac_algo, &ctx); michael@0: sctp_hmac_update(hmac_algo, &ctx, opad, blocklen); michael@0: sctp_hmac_update(hmac_algo, &ctx, temp, digestlen); michael@0: sctp_hmac_final(hmac_algo, &ctx, digest); michael@0: michael@0: return (digestlen); michael@0: } michael@0: michael@0: /*- michael@0: * verify the HMAC digest using the desired hash key, text, and HMAC michael@0: * algorithm. michael@0: * Returns -1 on error, 0 on success. michael@0: */ michael@0: int michael@0: sctp_verify_hmac(uint16_t hmac_algo, uint8_t *key, uint32_t keylen, michael@0: uint8_t *text, uint32_t textlen, michael@0: uint8_t *digest, uint32_t digestlen) michael@0: { michael@0: uint32_t len; michael@0: uint8_t temp[SCTP_AUTH_DIGEST_LEN_MAX]; michael@0: michael@0: /* sanity check the material and length */ michael@0: if ((key == NULL) || (keylen == 0) || michael@0: (text == NULL) || (textlen == 0) || (digest == NULL)) { michael@0: /* can't do HMAC with empty key or text or digest */ michael@0: return (-1); michael@0: } michael@0: len = sctp_get_hmac_digest_len(hmac_algo); michael@0: if ((len == 0) || (digestlen != len)) michael@0: return (-1); michael@0: michael@0: /* compute the expected hash */ michael@0: if (sctp_hmac(hmac_algo, key, keylen, text, textlen, temp) != len) michael@0: return (-1); michael@0: michael@0: if (memcmp(digest, temp, digestlen) != 0) michael@0: return (-1); michael@0: else michael@0: return (0); michael@0: } michael@0: michael@0: michael@0: /* michael@0: * computes the requested HMAC using a key struct (which may be modified if michael@0: * the keylen exceeds the HMAC block len). michael@0: */ michael@0: uint32_t michael@0: sctp_compute_hmac(uint16_t hmac_algo, sctp_key_t *key, uint8_t *text, michael@0: uint32_t textlen, uint8_t *digest) michael@0: { michael@0: uint32_t digestlen; michael@0: uint32_t blocklen; michael@0: sctp_hash_context_t ctx; michael@0: uint8_t temp[SCTP_AUTH_DIGEST_LEN_MAX]; michael@0: michael@0: /* sanity check */ michael@0: if ((key == NULL) || (text == NULL) || (textlen == 0) || michael@0: (digest == NULL)) { michael@0: /* can't do HMAC with empty key or text or digest store */ michael@0: return (0); michael@0: } michael@0: /* validate the hmac algo and get the digest length */ michael@0: digestlen = sctp_get_hmac_digest_len(hmac_algo); michael@0: if (digestlen == 0) michael@0: return (0); michael@0: michael@0: /* hash the key if it is longer than the hash block size */ michael@0: blocklen = sctp_get_hmac_block_len(hmac_algo); michael@0: if (key->keylen > blocklen) { michael@0: sctp_hmac_init(hmac_algo, &ctx); michael@0: sctp_hmac_update(hmac_algo, &ctx, key->key, key->keylen); michael@0: sctp_hmac_final(hmac_algo, &ctx, temp); michael@0: /* save the hashed key as the new key */ michael@0: key->keylen = digestlen; michael@0: bcopy(temp, key->key, key->keylen); michael@0: } michael@0: return (sctp_hmac(hmac_algo, key->key, key->keylen, text, textlen, michael@0: digest)); michael@0: } michael@0: michael@0: /* mbuf version */ michael@0: uint32_t michael@0: sctp_compute_hmac_m(uint16_t hmac_algo, sctp_key_t *key, struct mbuf *m, michael@0: uint32_t m_offset, uint8_t *digest) michael@0: { michael@0: uint32_t digestlen; michael@0: uint32_t blocklen; michael@0: sctp_hash_context_t ctx; michael@0: uint8_t temp[SCTP_AUTH_DIGEST_LEN_MAX]; michael@0: michael@0: /* sanity check */ michael@0: if ((key == NULL) || (m == NULL) || (digest == NULL)) { michael@0: /* can't do HMAC with empty key or text or digest store */ michael@0: return (0); michael@0: } michael@0: /* validate the hmac algo and get the digest length */ michael@0: digestlen = sctp_get_hmac_digest_len(hmac_algo); michael@0: if (digestlen == 0) michael@0: return (0); michael@0: michael@0: /* hash the key if it is longer than the hash block size */ michael@0: blocklen = sctp_get_hmac_block_len(hmac_algo); michael@0: if (key->keylen > blocklen) { michael@0: sctp_hmac_init(hmac_algo, &ctx); michael@0: sctp_hmac_update(hmac_algo, &ctx, key->key, key->keylen); michael@0: sctp_hmac_final(hmac_algo, &ctx, temp); michael@0: /* save the hashed key as the new key */ michael@0: key->keylen = digestlen; michael@0: bcopy(temp, key->key, key->keylen); michael@0: } michael@0: return (sctp_hmac_m(hmac_algo, key->key, key->keylen, m, m_offset, digest, 0)); michael@0: } michael@0: michael@0: int michael@0: sctp_auth_is_supported_hmac(sctp_hmaclist_t *list, uint16_t id) michael@0: { michael@0: int i; michael@0: michael@0: if ((list == NULL) || (id == SCTP_AUTH_HMAC_ID_RSVD)) michael@0: return (0); michael@0: michael@0: for (i = 0; i < list->num_algo; i++) michael@0: if (list->hmac[i] == id) michael@0: return (1); michael@0: michael@0: /* not in the list */ michael@0: return (0); michael@0: } michael@0: michael@0: michael@0: /*- michael@0: * clear any cached key(s) if they match the given key id on an association. michael@0: * the cached key(s) will be recomputed and re-cached at next use. michael@0: * ASSUMES TCB_LOCK is already held michael@0: */ michael@0: void michael@0: sctp_clear_cachedkeys(struct sctp_tcb *stcb, uint16_t keyid) michael@0: { michael@0: if (stcb == NULL) michael@0: return; michael@0: michael@0: if (keyid == stcb->asoc.authinfo.assoc_keyid) { michael@0: sctp_free_key(stcb->asoc.authinfo.assoc_key); michael@0: stcb->asoc.authinfo.assoc_key = NULL; michael@0: } michael@0: if (keyid == stcb->asoc.authinfo.recv_keyid) { michael@0: sctp_free_key(stcb->asoc.authinfo.recv_key); michael@0: stcb->asoc.authinfo.recv_key = NULL; michael@0: } michael@0: } michael@0: michael@0: /*- michael@0: * clear any cached key(s) if they match the given key id for all assocs on michael@0: * an endpoint. michael@0: * ASSUMES INP_WLOCK is already held michael@0: */ michael@0: void michael@0: sctp_clear_cachedkeys_ep(struct sctp_inpcb *inp, uint16_t keyid) michael@0: { michael@0: struct sctp_tcb *stcb; michael@0: michael@0: if (inp == NULL) michael@0: return; michael@0: michael@0: /* clear the cached keys on all assocs on this instance */ michael@0: LIST_FOREACH(stcb, &inp->sctp_asoc_list, sctp_tcblist) { michael@0: SCTP_TCB_LOCK(stcb); michael@0: sctp_clear_cachedkeys(stcb, keyid); michael@0: SCTP_TCB_UNLOCK(stcb); michael@0: } michael@0: } michael@0: michael@0: /*- michael@0: * delete a shared key from an association michael@0: * ASSUMES TCB_LOCK is already held michael@0: */ michael@0: int michael@0: sctp_delete_sharedkey(struct sctp_tcb *stcb, uint16_t keyid) michael@0: { michael@0: sctp_sharedkey_t *skey; michael@0: michael@0: if (stcb == NULL) michael@0: return (-1); michael@0: michael@0: /* is the keyid the assoc active sending key */ michael@0: if (keyid == stcb->asoc.authinfo.active_keyid) michael@0: return (-1); michael@0: michael@0: /* does the key exist? */ michael@0: skey = sctp_find_sharedkey(&stcb->asoc.shared_keys, keyid); michael@0: if (skey == NULL) michael@0: return (-1); michael@0: michael@0: /* are there other refcount holders on the key? */ michael@0: if (skey->refcount > 1) michael@0: return (-1); michael@0: michael@0: /* remove it */ michael@0: LIST_REMOVE(skey, next); michael@0: sctp_free_sharedkey(skey); /* frees skey->key as well */ michael@0: michael@0: /* clear any cached keys */ michael@0: sctp_clear_cachedkeys(stcb, keyid); michael@0: return (0); michael@0: } michael@0: michael@0: /*- michael@0: * deletes a shared key from the endpoint michael@0: * ASSUMES INP_WLOCK is already held michael@0: */ michael@0: int michael@0: sctp_delete_sharedkey_ep(struct sctp_inpcb *inp, uint16_t keyid) michael@0: { michael@0: sctp_sharedkey_t *skey; michael@0: michael@0: if (inp == NULL) michael@0: return (-1); michael@0: michael@0: /* is the keyid the active sending key on the endpoint */ michael@0: if (keyid == inp->sctp_ep.default_keyid) michael@0: return (-1); michael@0: michael@0: /* does the key exist? */ michael@0: skey = sctp_find_sharedkey(&inp->sctp_ep.shared_keys, keyid); michael@0: if (skey == NULL) michael@0: return (-1); michael@0: michael@0: /* endpoint keys are not refcounted */ michael@0: michael@0: /* remove it */ michael@0: LIST_REMOVE(skey, next); michael@0: sctp_free_sharedkey(skey); /* frees skey->key as well */ michael@0: michael@0: /* clear any cached keys */ michael@0: sctp_clear_cachedkeys_ep(inp, keyid); michael@0: return (0); michael@0: } michael@0: michael@0: /*- michael@0: * set the active key on an association michael@0: * ASSUMES TCB_LOCK is already held michael@0: */ michael@0: int michael@0: sctp_auth_setactivekey(struct sctp_tcb *stcb, uint16_t keyid) michael@0: { michael@0: sctp_sharedkey_t *skey = NULL; michael@0: michael@0: /* find the key on the assoc */ michael@0: skey = sctp_find_sharedkey(&stcb->asoc.shared_keys, keyid); michael@0: if (skey == NULL) { michael@0: /* that key doesn't exist */ michael@0: return (-1); michael@0: } michael@0: if ((skey->deactivated) && (skey->refcount > 1)) { michael@0: /* can't reactivate a deactivated key with other refcounts */ michael@0: return (-1); michael@0: } michael@0: michael@0: /* set the (new) active key */ michael@0: stcb->asoc.authinfo.active_keyid = keyid; michael@0: /* reset the deactivated flag */ michael@0: skey->deactivated = 0; michael@0: michael@0: return (0); michael@0: } michael@0: michael@0: /*- michael@0: * set the active key on an endpoint michael@0: * ASSUMES INP_WLOCK is already held michael@0: */ michael@0: int michael@0: sctp_auth_setactivekey_ep(struct sctp_inpcb *inp, uint16_t keyid) michael@0: { michael@0: sctp_sharedkey_t *skey; michael@0: michael@0: /* find the key */ michael@0: skey = sctp_find_sharedkey(&inp->sctp_ep.shared_keys, keyid); michael@0: if (skey == NULL) { michael@0: /* that key doesn't exist */ michael@0: return (-1); michael@0: } michael@0: inp->sctp_ep.default_keyid = keyid; michael@0: return (0); michael@0: } michael@0: michael@0: /*- michael@0: * deactivates a shared key from the association michael@0: * ASSUMES INP_WLOCK is already held michael@0: */ michael@0: int michael@0: sctp_deact_sharedkey(struct sctp_tcb *stcb, uint16_t keyid) michael@0: { michael@0: sctp_sharedkey_t *skey; michael@0: michael@0: if (stcb == NULL) michael@0: return (-1); michael@0: michael@0: /* is the keyid the assoc active sending key */ michael@0: if (keyid == stcb->asoc.authinfo.active_keyid) michael@0: return (-1); michael@0: michael@0: /* does the key exist? */ michael@0: skey = sctp_find_sharedkey(&stcb->asoc.shared_keys, keyid); michael@0: if (skey == NULL) michael@0: return (-1); michael@0: michael@0: /* are there other refcount holders on the key? */ michael@0: if (skey->refcount == 1) { michael@0: /* no other users, send a notification for this key */ michael@0: sctp_ulp_notify(SCTP_NOTIFY_AUTH_FREE_KEY, stcb, keyid, 0, michael@0: SCTP_SO_LOCKED); michael@0: } michael@0: michael@0: /* mark the key as deactivated */ michael@0: skey->deactivated = 1; michael@0: michael@0: return (0); michael@0: } michael@0: michael@0: /*- michael@0: * deactivates a shared key from the endpoint michael@0: * ASSUMES INP_WLOCK is already held michael@0: */ michael@0: int michael@0: sctp_deact_sharedkey_ep(struct sctp_inpcb *inp, uint16_t keyid) michael@0: { michael@0: sctp_sharedkey_t *skey; michael@0: michael@0: if (inp == NULL) michael@0: return (-1); michael@0: michael@0: /* is the keyid the active sending key on the endpoint */ michael@0: if (keyid == inp->sctp_ep.default_keyid) michael@0: return (-1); michael@0: michael@0: /* does the key exist? */ michael@0: skey = sctp_find_sharedkey(&inp->sctp_ep.shared_keys, keyid); michael@0: if (skey == NULL) michael@0: return (-1); michael@0: michael@0: /* endpoint keys are not refcounted */ michael@0: michael@0: /* remove it */ michael@0: LIST_REMOVE(skey, next); michael@0: sctp_free_sharedkey(skey); /* frees skey->key as well */ michael@0: michael@0: return (0); michael@0: } michael@0: michael@0: /* michael@0: * get local authentication parameters from cookie (from INIT-ACK) michael@0: */ michael@0: void michael@0: sctp_auth_get_cookie_params(struct sctp_tcb *stcb, struct mbuf *m, michael@0: uint32_t offset, uint32_t length) michael@0: { michael@0: struct sctp_paramhdr *phdr, tmp_param; michael@0: uint16_t plen, ptype; michael@0: uint8_t random_store[SCTP_PARAM_BUFFER_SIZE]; michael@0: struct sctp_auth_random *p_random = NULL; michael@0: uint16_t random_len = 0; michael@0: uint8_t hmacs_store[SCTP_PARAM_BUFFER_SIZE]; michael@0: struct sctp_auth_hmac_algo *hmacs = NULL; michael@0: uint16_t hmacs_len = 0; michael@0: uint8_t chunks_store[SCTP_PARAM_BUFFER_SIZE]; michael@0: struct sctp_auth_chunk_list *chunks = NULL; michael@0: uint16_t num_chunks = 0; michael@0: sctp_key_t *new_key; michael@0: uint32_t keylen; michael@0: michael@0: /* convert to upper bound */ michael@0: length += offset; michael@0: michael@0: phdr = (struct sctp_paramhdr *)sctp_m_getptr(m, offset, michael@0: sizeof(struct sctp_paramhdr), (uint8_t *)&tmp_param); michael@0: while (phdr != NULL) { michael@0: ptype = ntohs(phdr->param_type); michael@0: plen = ntohs(phdr->param_length); michael@0: michael@0: if ((plen == 0) || (offset + plen > length)) michael@0: break; michael@0: michael@0: if (ptype == SCTP_RANDOM) { michael@0: if (plen > sizeof(random_store)) michael@0: break; michael@0: phdr = sctp_get_next_param(m, offset, michael@0: (struct sctp_paramhdr *)random_store, min(plen, sizeof(random_store))); michael@0: if (phdr == NULL) michael@0: return; michael@0: /* save the random and length for the key */ michael@0: p_random = (struct sctp_auth_random *)phdr; michael@0: random_len = plen - sizeof(*p_random); michael@0: } else if (ptype == SCTP_HMAC_LIST) { michael@0: int num_hmacs; michael@0: int i; michael@0: michael@0: if (plen > sizeof(hmacs_store)) michael@0: break; michael@0: phdr = sctp_get_next_param(m, offset, michael@0: (struct sctp_paramhdr *)hmacs_store, min(plen,sizeof(hmacs_store))); michael@0: if (phdr == NULL) michael@0: return; michael@0: /* save the hmacs list and num for the key */ michael@0: hmacs = (struct sctp_auth_hmac_algo *)phdr; michael@0: hmacs_len = plen - sizeof(*hmacs); michael@0: num_hmacs = hmacs_len / sizeof(hmacs->hmac_ids[0]); michael@0: if (stcb->asoc.local_hmacs != NULL) michael@0: sctp_free_hmaclist(stcb->asoc.local_hmacs); michael@0: stcb->asoc.local_hmacs = sctp_alloc_hmaclist(num_hmacs); michael@0: if (stcb->asoc.local_hmacs != NULL) { michael@0: for (i = 0; i < num_hmacs; i++) { michael@0: (void)sctp_auth_add_hmacid(stcb->asoc.local_hmacs, michael@0: ntohs(hmacs->hmac_ids[i])); michael@0: } michael@0: } michael@0: } else if (ptype == SCTP_CHUNK_LIST) { michael@0: int i; michael@0: michael@0: if (plen > sizeof(chunks_store)) michael@0: break; michael@0: phdr = sctp_get_next_param(m, offset, michael@0: (struct sctp_paramhdr *)chunks_store, min(plen,sizeof(chunks_store))); michael@0: if (phdr == NULL) michael@0: return; michael@0: chunks = (struct sctp_auth_chunk_list *)phdr; michael@0: num_chunks = plen - sizeof(*chunks); michael@0: /* save chunks list and num for the key */ michael@0: if (stcb->asoc.local_auth_chunks != NULL) michael@0: sctp_clear_chunklist(stcb->asoc.local_auth_chunks); michael@0: else michael@0: stcb->asoc.local_auth_chunks = sctp_alloc_chunklist(); michael@0: for (i = 0; i < num_chunks; i++) { michael@0: (void)sctp_auth_add_chunk(chunks->chunk_types[i], michael@0: stcb->asoc.local_auth_chunks); michael@0: } michael@0: } michael@0: /* get next parameter */ michael@0: offset += SCTP_SIZE32(plen); michael@0: if (offset + sizeof(struct sctp_paramhdr) > length) michael@0: break; michael@0: phdr = (struct sctp_paramhdr *)sctp_m_getptr(m, offset, sizeof(struct sctp_paramhdr), michael@0: (uint8_t *)&tmp_param); michael@0: } michael@0: /* concatenate the full random key */ michael@0: keylen = sizeof(*p_random) + random_len + sizeof(*hmacs) + hmacs_len; michael@0: if (chunks != NULL) { michael@0: keylen += sizeof(*chunks) + num_chunks; michael@0: } michael@0: new_key = sctp_alloc_key(keylen); michael@0: if (new_key != NULL) { michael@0: /* copy in the RANDOM */ michael@0: if (p_random != NULL) { michael@0: keylen = sizeof(*p_random) + random_len; michael@0: bcopy(p_random, new_key->key, keylen); michael@0: } michael@0: /* append in the AUTH chunks */ michael@0: if (chunks != NULL) { michael@0: bcopy(chunks, new_key->key + keylen, michael@0: sizeof(*chunks) + num_chunks); michael@0: keylen += sizeof(*chunks) + num_chunks; michael@0: } michael@0: /* append in the HMACs */ michael@0: if (hmacs != NULL) { michael@0: bcopy(hmacs, new_key->key + keylen, michael@0: sizeof(*hmacs) + hmacs_len); michael@0: } michael@0: } michael@0: if (stcb->asoc.authinfo.random != NULL) michael@0: sctp_free_key(stcb->asoc.authinfo.random); michael@0: stcb->asoc.authinfo.random = new_key; michael@0: stcb->asoc.authinfo.random_len = random_len; michael@0: sctp_clear_cachedkeys(stcb, stcb->asoc.authinfo.assoc_keyid); michael@0: sctp_clear_cachedkeys(stcb, stcb->asoc.authinfo.recv_keyid); michael@0: michael@0: /* negotiate what HMAC to use for the peer */ michael@0: stcb->asoc.peer_hmac_id = sctp_negotiate_hmacid(stcb->asoc.peer_hmacs, michael@0: stcb->asoc.local_hmacs); michael@0: michael@0: /* copy defaults from the endpoint */ michael@0: /* FIX ME: put in cookie? */ michael@0: stcb->asoc.authinfo.active_keyid = stcb->sctp_ep->sctp_ep.default_keyid; michael@0: /* copy out the shared key list (by reference) from the endpoint */ michael@0: (void)sctp_copy_skeylist(&stcb->sctp_ep->sctp_ep.shared_keys, michael@0: &stcb->asoc.shared_keys); michael@0: } michael@0: michael@0: /* michael@0: * compute and fill in the HMAC digest for a packet michael@0: */ michael@0: void michael@0: sctp_fill_hmac_digest_m(struct mbuf *m, uint32_t auth_offset, michael@0: struct sctp_auth_chunk *auth, struct sctp_tcb *stcb, uint16_t keyid) michael@0: { michael@0: uint32_t digestlen; michael@0: sctp_sharedkey_t *skey; michael@0: sctp_key_t *key; michael@0: michael@0: if ((stcb == NULL) || (auth == NULL)) michael@0: return; michael@0: michael@0: /* zero the digest + chunk padding */ michael@0: digestlen = sctp_get_hmac_digest_len(stcb->asoc.peer_hmac_id); michael@0: bzero(auth->hmac, SCTP_SIZE32(digestlen)); michael@0: michael@0: /* is the desired key cached? */ michael@0: if ((keyid != stcb->asoc.authinfo.assoc_keyid) || michael@0: (stcb->asoc.authinfo.assoc_key == NULL)) { michael@0: if (stcb->asoc.authinfo.assoc_key != NULL) { michael@0: /* free the old cached key */ michael@0: sctp_free_key(stcb->asoc.authinfo.assoc_key); michael@0: } michael@0: skey = sctp_find_sharedkey(&stcb->asoc.shared_keys, keyid); michael@0: /* the only way skey is NULL is if null key id 0 is used */ michael@0: if (skey != NULL) michael@0: key = skey->key; michael@0: else michael@0: key = NULL; michael@0: /* compute a new assoc key and cache it */ michael@0: stcb->asoc.authinfo.assoc_key = michael@0: sctp_compute_hashkey(stcb->asoc.authinfo.random, michael@0: stcb->asoc.authinfo.peer_random, key); michael@0: stcb->asoc.authinfo.assoc_keyid = keyid; michael@0: SCTPDBG(SCTP_DEBUG_AUTH1, "caching key id %u\n", michael@0: stcb->asoc.authinfo.assoc_keyid); michael@0: #ifdef SCTP_DEBUG michael@0: if (SCTP_AUTH_DEBUG) michael@0: sctp_print_key(stcb->asoc.authinfo.assoc_key, michael@0: "Assoc Key"); michael@0: #endif michael@0: } michael@0: michael@0: /* set in the active key id */ michael@0: auth->shared_key_id = htons(keyid); michael@0: michael@0: /* compute and fill in the digest */ michael@0: (void)sctp_compute_hmac_m(stcb->asoc.peer_hmac_id, stcb->asoc.authinfo.assoc_key, michael@0: m, auth_offset, auth->hmac); michael@0: } michael@0: michael@0: michael@0: static void michael@0: sctp_bzero_m(struct mbuf *m, uint32_t m_offset, uint32_t size) michael@0: { michael@0: struct mbuf *m_tmp; michael@0: uint8_t *data; michael@0: michael@0: /* sanity check */ michael@0: if (m == NULL) michael@0: return; michael@0: michael@0: /* find the correct starting mbuf and offset (get start position) */ michael@0: m_tmp = m; michael@0: while ((m_tmp != NULL) && (m_offset >= (uint32_t) SCTP_BUF_LEN(m_tmp))) { michael@0: m_offset -= SCTP_BUF_LEN(m_tmp); michael@0: m_tmp = SCTP_BUF_NEXT(m_tmp); michael@0: } michael@0: /* now use the rest of the mbuf chain */ michael@0: while ((m_tmp != NULL) && (size > 0)) { michael@0: data = mtod(m_tmp, uint8_t *) + m_offset; michael@0: if (size > (uint32_t) SCTP_BUF_LEN(m_tmp)) { michael@0: bzero(data, SCTP_BUF_LEN(m_tmp)); michael@0: size -= SCTP_BUF_LEN(m_tmp); michael@0: } else { michael@0: bzero(data, size); michael@0: size = 0; michael@0: } michael@0: /* clear the offset since it's only for the first mbuf */ michael@0: m_offset = 0; michael@0: m_tmp = SCTP_BUF_NEXT(m_tmp); michael@0: } michael@0: } michael@0: michael@0: /*- michael@0: * process the incoming Authentication chunk michael@0: * return codes: michael@0: * -1 on any authentication error michael@0: * 0 on authentication verification michael@0: */ michael@0: int michael@0: sctp_handle_auth(struct sctp_tcb *stcb, struct sctp_auth_chunk *auth, michael@0: struct mbuf *m, uint32_t offset) michael@0: { michael@0: uint16_t chunklen; michael@0: uint16_t shared_key_id; michael@0: uint16_t hmac_id; michael@0: sctp_sharedkey_t *skey; michael@0: uint32_t digestlen; michael@0: uint8_t digest[SCTP_AUTH_DIGEST_LEN_MAX]; michael@0: uint8_t computed_digest[SCTP_AUTH_DIGEST_LEN_MAX]; michael@0: michael@0: /* auth is checked for NULL by caller */ michael@0: chunklen = ntohs(auth->ch.chunk_length); michael@0: if (chunklen < sizeof(*auth)) { michael@0: SCTP_STAT_INCR(sctps_recvauthfailed); michael@0: return (-1); michael@0: } michael@0: SCTP_STAT_INCR(sctps_recvauth); michael@0: michael@0: /* get the auth params */ michael@0: shared_key_id = ntohs(auth->shared_key_id); michael@0: hmac_id = ntohs(auth->hmac_id); michael@0: SCTPDBG(SCTP_DEBUG_AUTH1, michael@0: "SCTP AUTH Chunk: shared key %u, HMAC id %u\n", michael@0: shared_key_id, hmac_id); michael@0: michael@0: /* is the indicated HMAC supported? */ michael@0: if (!sctp_auth_is_supported_hmac(stcb->asoc.local_hmacs, hmac_id)) { michael@0: struct mbuf *m_err; michael@0: struct sctp_auth_invalid_hmac *err; michael@0: michael@0: SCTP_STAT_INCR(sctps_recvivalhmacid); michael@0: SCTPDBG(SCTP_DEBUG_AUTH1, michael@0: "SCTP Auth: unsupported HMAC id %u\n", michael@0: hmac_id); michael@0: /* michael@0: * report this in an Error Chunk: Unsupported HMAC michael@0: * Identifier michael@0: */ michael@0: m_err = sctp_get_mbuf_for_msg(sizeof(*err), 0, M_NOWAIT, michael@0: 1, MT_HEADER); michael@0: if (m_err != NULL) { michael@0: /* pre-reserve some space */ michael@0: SCTP_BUF_RESV_UF(m_err, sizeof(struct sctp_chunkhdr)); michael@0: /* fill in the error */ michael@0: err = mtod(m_err, struct sctp_auth_invalid_hmac *); michael@0: bzero(err, sizeof(*err)); michael@0: err->ph.param_type = htons(SCTP_CAUSE_UNSUPPORTED_HMACID); michael@0: err->ph.param_length = htons(sizeof(*err)); michael@0: err->hmac_id = ntohs(hmac_id); michael@0: SCTP_BUF_LEN(m_err) = sizeof(*err); michael@0: /* queue it */ michael@0: sctp_queue_op_err(stcb, m_err); michael@0: } michael@0: return (-1); michael@0: } michael@0: /* get the indicated shared key, if available */ michael@0: if ((stcb->asoc.authinfo.recv_key == NULL) || michael@0: (stcb->asoc.authinfo.recv_keyid != shared_key_id)) { michael@0: /* find the shared key on the assoc first */ michael@0: skey = sctp_find_sharedkey(&stcb->asoc.shared_keys, michael@0: shared_key_id); michael@0: /* if the shared key isn't found, discard the chunk */ michael@0: if (skey == NULL) { michael@0: SCTP_STAT_INCR(sctps_recvivalkeyid); michael@0: SCTPDBG(SCTP_DEBUG_AUTH1, michael@0: "SCTP Auth: unknown key id %u\n", michael@0: shared_key_id); michael@0: return (-1); michael@0: } michael@0: /* generate a notification if this is a new key id */ michael@0: if (stcb->asoc.authinfo.recv_keyid != shared_key_id) michael@0: /* michael@0: * sctp_ulp_notify(SCTP_NOTIFY_AUTH_NEW_KEY, stcb, michael@0: * shared_key_id, (void michael@0: * *)stcb->asoc.authinfo.recv_keyid); michael@0: */ michael@0: sctp_notify_authentication(stcb, SCTP_AUTH_NEW_KEY, michael@0: shared_key_id, stcb->asoc.authinfo.recv_keyid, michael@0: SCTP_SO_NOT_LOCKED); michael@0: /* compute a new recv assoc key and cache it */ michael@0: if (stcb->asoc.authinfo.recv_key != NULL) michael@0: sctp_free_key(stcb->asoc.authinfo.recv_key); michael@0: stcb->asoc.authinfo.recv_key = michael@0: sctp_compute_hashkey(stcb->asoc.authinfo.random, michael@0: stcb->asoc.authinfo.peer_random, skey->key); michael@0: stcb->asoc.authinfo.recv_keyid = shared_key_id; michael@0: #ifdef SCTP_DEBUG michael@0: if (SCTP_AUTH_DEBUG) michael@0: sctp_print_key(stcb->asoc.authinfo.recv_key, "Recv Key"); michael@0: #endif michael@0: } michael@0: /* validate the digest length */ michael@0: digestlen = sctp_get_hmac_digest_len(hmac_id); michael@0: if (chunklen < (sizeof(*auth) + digestlen)) { michael@0: /* invalid digest length */ michael@0: SCTP_STAT_INCR(sctps_recvauthfailed); michael@0: SCTPDBG(SCTP_DEBUG_AUTH1, michael@0: "SCTP Auth: chunk too short for HMAC\n"); michael@0: return (-1); michael@0: } michael@0: /* save a copy of the digest, zero the pseudo header, and validate */ michael@0: bcopy(auth->hmac, digest, digestlen); michael@0: sctp_bzero_m(m, offset + sizeof(*auth), SCTP_SIZE32(digestlen)); michael@0: (void)sctp_compute_hmac_m(hmac_id, stcb->asoc.authinfo.recv_key, michael@0: m, offset, computed_digest); michael@0: michael@0: /* compare the computed digest with the one in the AUTH chunk */ michael@0: if (memcmp(digest, computed_digest, digestlen) != 0) { michael@0: SCTP_STAT_INCR(sctps_recvauthfailed); michael@0: SCTPDBG(SCTP_DEBUG_AUTH1, michael@0: "SCTP Auth: HMAC digest check failed\n"); michael@0: return (-1); michael@0: } michael@0: return (0); michael@0: } michael@0: michael@0: /* michael@0: * Generate NOTIFICATION michael@0: */ michael@0: void michael@0: sctp_notify_authentication(struct sctp_tcb *stcb, uint32_t indication, michael@0: uint16_t keyid, uint16_t alt_keyid, int so_locked michael@0: #if !defined(__APPLE__) && !defined(SCTP_SO_LOCK_TESTING) michael@0: SCTP_UNUSED michael@0: #endif michael@0: ) michael@0: { michael@0: struct mbuf *m_notify; michael@0: struct sctp_authkey_event *auth; michael@0: struct sctp_queued_to_read *control; michael@0: michael@0: if ((stcb == NULL) || michael@0: (stcb->sctp_ep->sctp_flags & SCTP_PCB_FLAGS_SOCKET_GONE) || michael@0: (stcb->sctp_ep->sctp_flags & SCTP_PCB_FLAGS_SOCKET_ALLGONE) || michael@0: (stcb->asoc.state & SCTP_STATE_CLOSED_SOCKET) michael@0: ) { michael@0: /* If the socket is gone we are out of here */ michael@0: return; michael@0: } michael@0: michael@0: if (sctp_stcb_is_feature_off(stcb->sctp_ep, stcb, SCTP_PCB_FLAGS_AUTHEVNT)) michael@0: /* event not enabled */ michael@0: return; michael@0: michael@0: m_notify = sctp_get_mbuf_for_msg(sizeof(struct sctp_authkey_event), michael@0: 0, M_NOWAIT, 1, MT_HEADER); michael@0: if (m_notify == NULL) michael@0: /* no space left */ michael@0: return; michael@0: michael@0: SCTP_BUF_LEN(m_notify) = 0; michael@0: auth = mtod(m_notify, struct sctp_authkey_event *); michael@0: auth->auth_type = SCTP_AUTHENTICATION_EVENT; michael@0: auth->auth_flags = 0; michael@0: auth->auth_length = sizeof(*auth); michael@0: auth->auth_keynumber = keyid; michael@0: auth->auth_altkeynumber = alt_keyid; michael@0: auth->auth_indication = indication; michael@0: auth->auth_assoc_id = sctp_get_associd(stcb); michael@0: michael@0: SCTP_BUF_LEN(m_notify) = sizeof(*auth); michael@0: SCTP_BUF_NEXT(m_notify) = NULL; michael@0: michael@0: /* append to socket */ michael@0: control = sctp_build_readq_entry(stcb, stcb->asoc.primary_destination, michael@0: 0, 0, stcb->asoc.context, 0, 0, 0, m_notify); michael@0: if (control == NULL) { michael@0: /* no memory */ michael@0: sctp_m_freem(m_notify); michael@0: return; michael@0: } michael@0: control->spec_flags = M_NOTIFICATION; michael@0: control->length = SCTP_BUF_LEN(m_notify); michael@0: /* not that we need this */ michael@0: control->tail_mbuf = m_notify; michael@0: sctp_add_to_readq(stcb->sctp_ep, stcb, control, michael@0: &stcb->sctp_socket->so_rcv, 1, SCTP_READ_LOCK_NOT_HELD, so_locked); michael@0: } michael@0: michael@0: michael@0: /*- michael@0: * validates the AUTHentication related parameters in an INIT/INIT-ACK michael@0: * Note: currently only used for INIT as INIT-ACK is handled inline michael@0: * with sctp_load_addresses_from_init() michael@0: */ michael@0: int michael@0: sctp_validate_init_auth_params(struct mbuf *m, int offset, int limit) michael@0: { michael@0: struct sctp_paramhdr *phdr, parm_buf; michael@0: uint16_t ptype, plen; michael@0: int peer_supports_asconf = 0; michael@0: int peer_supports_auth = 0; michael@0: int got_random = 0, got_hmacs = 0, got_chklist = 0; michael@0: uint8_t saw_asconf = 0; michael@0: uint8_t saw_asconf_ack = 0; michael@0: michael@0: /* go through each of the params. */ michael@0: phdr = sctp_get_next_param(m, offset, &parm_buf, sizeof(parm_buf)); michael@0: while (phdr) { michael@0: ptype = ntohs(phdr->param_type); michael@0: plen = ntohs(phdr->param_length); michael@0: michael@0: if (offset + plen > limit) { michael@0: break; michael@0: } michael@0: if (plen < sizeof(struct sctp_paramhdr)) { michael@0: break; michael@0: } michael@0: if (ptype == SCTP_SUPPORTED_CHUNK_EXT) { michael@0: /* A supported extension chunk */ michael@0: struct sctp_supported_chunk_types_param *pr_supported; michael@0: uint8_t local_store[SCTP_PARAM_BUFFER_SIZE]; michael@0: int num_ent, i; michael@0: michael@0: phdr = sctp_get_next_param(m, offset, michael@0: (struct sctp_paramhdr *)&local_store, min(plen,sizeof(local_store))); michael@0: if (phdr == NULL) { michael@0: return (-1); michael@0: } michael@0: pr_supported = (struct sctp_supported_chunk_types_param *)phdr; michael@0: num_ent = plen - sizeof(struct sctp_paramhdr); michael@0: for (i = 0; i < num_ent; i++) { michael@0: switch (pr_supported->chunk_types[i]) { michael@0: case SCTP_ASCONF: michael@0: case SCTP_ASCONF_ACK: michael@0: peer_supports_asconf = 1; michael@0: break; michael@0: default: michael@0: /* one we don't care about */ michael@0: break; michael@0: } michael@0: } michael@0: } else if (ptype == SCTP_RANDOM) { michael@0: got_random = 1; michael@0: /* enforce the random length */ michael@0: if (plen != (sizeof(struct sctp_auth_random) + michael@0: SCTP_AUTH_RANDOM_SIZE_REQUIRED)) { michael@0: SCTPDBG(SCTP_DEBUG_AUTH1, michael@0: "SCTP: invalid RANDOM len\n"); michael@0: return (-1); michael@0: } michael@0: } else if (ptype == SCTP_HMAC_LIST) { michael@0: uint8_t store[SCTP_PARAM_BUFFER_SIZE]; michael@0: struct sctp_auth_hmac_algo *hmacs; michael@0: int num_hmacs; michael@0: michael@0: if (plen > sizeof(store)) michael@0: break; michael@0: phdr = sctp_get_next_param(m, offset, michael@0: (struct sctp_paramhdr *)store, min(plen,sizeof(store))); michael@0: if (phdr == NULL) michael@0: return (-1); michael@0: hmacs = (struct sctp_auth_hmac_algo *)phdr; michael@0: num_hmacs = (plen - sizeof(*hmacs)) / michael@0: sizeof(hmacs->hmac_ids[0]); michael@0: /* validate the hmac list */ michael@0: if (sctp_verify_hmac_param(hmacs, num_hmacs)) { michael@0: SCTPDBG(SCTP_DEBUG_AUTH1, michael@0: "SCTP: invalid HMAC param\n"); michael@0: return (-1); michael@0: } michael@0: got_hmacs = 1; michael@0: } else if (ptype == SCTP_CHUNK_LIST) { michael@0: int i, num_chunks; michael@0: uint8_t chunks_store[SCTP_SMALL_CHUNK_STORE]; michael@0: /* did the peer send a non-empty chunk list? */ michael@0: struct sctp_auth_chunk_list *chunks = NULL; michael@0: phdr = sctp_get_next_param(m, offset, michael@0: (struct sctp_paramhdr *)chunks_store, michael@0: min(plen,sizeof(chunks_store))); michael@0: if (phdr == NULL) michael@0: return (-1); michael@0: michael@0: /*- michael@0: * Flip through the list and mark that the michael@0: * peer supports asconf/asconf_ack. michael@0: */ michael@0: chunks = (struct sctp_auth_chunk_list *)phdr; michael@0: num_chunks = plen - sizeof(*chunks); michael@0: for (i = 0; i < num_chunks; i++) { michael@0: /* record asconf/asconf-ack if listed */ michael@0: if (chunks->chunk_types[i] == SCTP_ASCONF) michael@0: saw_asconf = 1; michael@0: if (chunks->chunk_types[i] == SCTP_ASCONF_ACK) michael@0: saw_asconf_ack = 1; michael@0: michael@0: } michael@0: if (num_chunks) michael@0: got_chklist = 1; michael@0: } michael@0: michael@0: offset += SCTP_SIZE32(plen); michael@0: if (offset >= limit) { michael@0: break; michael@0: } michael@0: phdr = sctp_get_next_param(m, offset, &parm_buf, michael@0: sizeof(parm_buf)); michael@0: } michael@0: /* validate authentication required parameters */ michael@0: if (got_random && got_hmacs) { michael@0: peer_supports_auth = 1; michael@0: } else { michael@0: peer_supports_auth = 0; michael@0: } michael@0: if (!peer_supports_auth && got_chklist) { michael@0: SCTPDBG(SCTP_DEBUG_AUTH1, michael@0: "SCTP: peer sent chunk list w/o AUTH\n"); michael@0: return (-1); michael@0: } michael@0: if (!SCTP_BASE_SYSCTL(sctp_asconf_auth_nochk) && peer_supports_asconf && michael@0: !peer_supports_auth) { michael@0: SCTPDBG(SCTP_DEBUG_AUTH1, michael@0: "SCTP: peer supports ASCONF but not AUTH\n"); michael@0: return (-1); michael@0: } else if ((peer_supports_asconf) && (peer_supports_auth) && michael@0: ((saw_asconf == 0) || (saw_asconf_ack == 0))) { michael@0: return (-2); michael@0: } michael@0: return (0); michael@0: } michael@0: michael@0: void michael@0: sctp_initialize_auth_params(struct sctp_inpcb *inp, struct sctp_tcb *stcb) michael@0: { michael@0: uint16_t chunks_len = 0; michael@0: uint16_t hmacs_len = 0; michael@0: uint16_t random_len = SCTP_AUTH_RANDOM_SIZE_DEFAULT; michael@0: sctp_key_t *new_key; michael@0: uint16_t keylen; michael@0: michael@0: /* initialize hmac list from endpoint */ michael@0: stcb->asoc.local_hmacs = sctp_copy_hmaclist(inp->sctp_ep.local_hmacs); michael@0: if (stcb->asoc.local_hmacs != NULL) { michael@0: hmacs_len = stcb->asoc.local_hmacs->num_algo * michael@0: sizeof(stcb->asoc.local_hmacs->hmac[0]); michael@0: } michael@0: /* initialize auth chunks list from endpoint */ michael@0: stcb->asoc.local_auth_chunks = michael@0: sctp_copy_chunklist(inp->sctp_ep.local_auth_chunks); michael@0: if (stcb->asoc.local_auth_chunks != NULL) { michael@0: int i; michael@0: for (i = 0; i < 256; i++) { michael@0: if (stcb->asoc.local_auth_chunks->chunks[i]) michael@0: chunks_len++; michael@0: } michael@0: } michael@0: /* copy defaults from the endpoint */ michael@0: stcb->asoc.authinfo.active_keyid = inp->sctp_ep.default_keyid; michael@0: michael@0: /* copy out the shared key list (by reference) from the endpoint */ michael@0: (void)sctp_copy_skeylist(&inp->sctp_ep.shared_keys, michael@0: &stcb->asoc.shared_keys); michael@0: michael@0: /* now set the concatenated key (random + chunks + hmacs) */ michael@0: /* key includes parameter headers */ michael@0: keylen = (3 * sizeof(struct sctp_paramhdr)) + random_len + chunks_len + michael@0: hmacs_len; michael@0: new_key = sctp_alloc_key(keylen); michael@0: if (new_key != NULL) { michael@0: struct sctp_paramhdr *ph; michael@0: int plen; michael@0: /* generate and copy in the RANDOM */ michael@0: ph = (struct sctp_paramhdr *)new_key->key; michael@0: ph->param_type = htons(SCTP_RANDOM); michael@0: plen = sizeof(*ph) + random_len; michael@0: ph->param_length = htons(plen); michael@0: SCTP_READ_RANDOM(new_key->key + sizeof(*ph), random_len); michael@0: keylen = plen; michael@0: michael@0: /* append in the AUTH chunks */ michael@0: /* NOTE: currently we always have chunks to list */ michael@0: ph = (struct sctp_paramhdr *)(new_key->key + keylen); michael@0: ph->param_type = htons(SCTP_CHUNK_LIST); michael@0: plen = sizeof(*ph) + chunks_len; michael@0: ph->param_length = htons(plen); michael@0: keylen += sizeof(*ph); michael@0: if (stcb->asoc.local_auth_chunks) { michael@0: int i; michael@0: for (i = 0; i < 256; i++) { michael@0: if (stcb->asoc.local_auth_chunks->chunks[i]) michael@0: new_key->key[keylen++] = i; michael@0: } michael@0: } michael@0: michael@0: /* append in the HMACs */ michael@0: ph = (struct sctp_paramhdr *)(new_key->key + keylen); michael@0: ph->param_type = htons(SCTP_HMAC_LIST); michael@0: plen = sizeof(*ph) + hmacs_len; michael@0: ph->param_length = htons(plen); michael@0: keylen += sizeof(*ph); michael@0: (void)sctp_serialize_hmaclist(stcb->asoc.local_hmacs, michael@0: new_key->key + keylen); michael@0: } michael@0: if (stcb->asoc.authinfo.random != NULL) michael@0: sctp_free_key(stcb->asoc.authinfo.random); michael@0: stcb->asoc.authinfo.random = new_key; michael@0: stcb->asoc.authinfo.random_len = random_len; michael@0: } michael@0: michael@0: michael@0: #ifdef SCTP_HMAC_TEST michael@0: /* michael@0: * HMAC and key concatenation tests michael@0: */ michael@0: static void michael@0: sctp_print_digest(uint8_t *digest, uint32_t digestlen, const char *str) michael@0: { michael@0: uint32_t i; michael@0: michael@0: SCTP_PRINTF("\n%s: 0x", str); michael@0: if (digest == NULL) michael@0: return; michael@0: michael@0: for (i = 0; i < digestlen; i++) michael@0: SCTP_PRINTF("%02x", digest[i]); michael@0: } michael@0: michael@0: static int michael@0: sctp_test_hmac(const char *str, uint16_t hmac_id, uint8_t *key, michael@0: uint32_t keylen, uint8_t *text, uint32_t textlen, michael@0: uint8_t *digest, uint32_t digestlen) michael@0: { michael@0: uint8_t computed_digest[SCTP_AUTH_DIGEST_LEN_MAX]; michael@0: michael@0: SCTP_PRINTF("\n%s:", str); michael@0: sctp_hmac(hmac_id, key, keylen, text, textlen, computed_digest); michael@0: sctp_print_digest(digest, digestlen, "Expected digest"); michael@0: sctp_print_digest(computed_digest, digestlen, "Computed digest"); michael@0: if (memcmp(digest, computed_digest, digestlen) != 0) { michael@0: SCTP_PRINTF("\nFAILED"); michael@0: return (-1); michael@0: } else { michael@0: SCTP_PRINTF("\nPASSED"); michael@0: return (0); michael@0: } michael@0: } michael@0: michael@0: michael@0: /* michael@0: * RFC 2202: HMAC-SHA1 test cases michael@0: */ michael@0: void michael@0: sctp_test_hmac_sha1(void) michael@0: { michael@0: uint8_t *digest; michael@0: uint8_t key[128]; michael@0: uint32_t keylen; michael@0: uint8_t text[128]; michael@0: uint32_t textlen; michael@0: uint32_t digestlen = 20; michael@0: int failed = 0; michael@0: michael@0: /*- michael@0: * test_case = 1 michael@0: * key = 0x0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b michael@0: * key_len = 20 michael@0: * data = "Hi There" michael@0: * data_len = 8 michael@0: * digest = 0xb617318655057264e28bc0b6fb378c8ef146be00 michael@0: */ michael@0: keylen = 20; michael@0: memset(key, 0x0b, keylen); michael@0: textlen = 8; michael@0: strcpy(text, "Hi There"); michael@0: digest = "\xb6\x17\x31\x86\x55\x05\x72\x64\xe2\x8b\xc0\xb6\xfb\x37\x8c\x8e\xf1\x46\xbe\x00"; michael@0: if (sctp_test_hmac("SHA1 test case 1", SCTP_AUTH_HMAC_ID_SHA1, key, keylen, michael@0: text, textlen, digest, digestlen) < 0) michael@0: failed++; michael@0: michael@0: /*- michael@0: * test_case = 2 michael@0: * key = "Jefe" michael@0: * key_len = 4 michael@0: * data = "what do ya want for nothing?" michael@0: * data_len = 28 michael@0: * digest = 0xeffcdf6ae5eb2fa2d27416d5f184df9c259a7c79 michael@0: */ michael@0: keylen = 4; michael@0: strcpy(key, "Jefe"); michael@0: textlen = 28; michael@0: strcpy(text, "what do ya want for nothing?"); michael@0: digest = "\xef\xfc\xdf\x6a\xe5\xeb\x2f\xa2\xd2\x74\x16\xd5\xf1\x84\xdf\x9c\x25\x9a\x7c\x79"; michael@0: if (sctp_test_hmac("SHA1 test case 2", SCTP_AUTH_HMAC_ID_SHA1, key, keylen, michael@0: text, textlen, digest, digestlen) < 0) michael@0: failed++; michael@0: michael@0: /*- michael@0: * test_case = 3 michael@0: * key = 0xaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa michael@0: * key_len = 20 michael@0: * data = 0xdd repeated 50 times michael@0: * data_len = 50 michael@0: * digest = 0x125d7342b9ac11cd91a39af48aa17b4f63f175d3 michael@0: */ michael@0: keylen = 20; michael@0: memset(key, 0xaa, keylen); michael@0: textlen = 50; michael@0: memset(text, 0xdd, textlen); michael@0: digest = "\x12\x5d\x73\x42\xb9\xac\x11\xcd\x91\xa3\x9a\xf4\x8a\xa1\x7b\x4f\x63\xf1\x75\xd3"; michael@0: if (sctp_test_hmac("SHA1 test case 3", SCTP_AUTH_HMAC_ID_SHA1, key, keylen, michael@0: text, textlen, digest, digestlen) < 0) michael@0: failed++; michael@0: michael@0: /*- michael@0: * test_case = 4 michael@0: * key = 0x0102030405060708090a0b0c0d0e0f10111213141516171819 michael@0: * key_len = 25 michael@0: * data = 0xcd repeated 50 times michael@0: * data_len = 50 michael@0: * digest = 0x4c9007f4026250c6bc8414f9bf50c86c2d7235da michael@0: */ michael@0: keylen = 25; michael@0: memcpy(key, "\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19", keylen); michael@0: textlen = 50; michael@0: memset(text, 0xcd, textlen); michael@0: digest = "\x4c\x90\x07\xf4\x02\x62\x50\xc6\xbc\x84\x14\xf9\xbf\x50\xc8\x6c\x2d\x72\x35\xda"; michael@0: if (sctp_test_hmac("SHA1 test case 4", SCTP_AUTH_HMAC_ID_SHA1, key, keylen, michael@0: text, textlen, digest, digestlen) < 0) michael@0: failed++; michael@0: michael@0: /*- michael@0: * test_case = 5 michael@0: * key = 0x0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c michael@0: * key_len = 20 michael@0: * data = "Test With Truncation" michael@0: * data_len = 20 michael@0: * digest = 0x4c1a03424b55e07fe7f27be1d58bb9324a9a5a04 michael@0: * digest-96 = 0x4c1a03424b55e07fe7f27be1 michael@0: */ michael@0: keylen = 20; michael@0: memset(key, 0x0c, keylen); michael@0: textlen = 20; michael@0: strcpy(text, "Test With Truncation"); michael@0: digest = "\x4c\x1a\x03\x42\x4b\x55\xe0\x7f\xe7\xf2\x7b\xe1\xd5\x8b\xb9\x32\x4a\x9a\x5a\x04"; michael@0: if (sctp_test_hmac("SHA1 test case 5", SCTP_AUTH_HMAC_ID_SHA1, key, keylen, michael@0: text, textlen, digest, digestlen) < 0) michael@0: failed++; michael@0: michael@0: /*- michael@0: * test_case = 6 michael@0: * key = 0xaa repeated 80 times michael@0: * key_len = 80 michael@0: * data = "Test Using Larger Than Block-Size Key - Hash Key First" michael@0: * data_len = 54 michael@0: * digest = 0xaa4ae5e15272d00e95705637ce8a3b55ed402112 michael@0: */ michael@0: keylen = 80; michael@0: memset(key, 0xaa, keylen); michael@0: textlen = 54; michael@0: strcpy(text, "Test Using Larger Than Block-Size Key - Hash Key First"); michael@0: digest = "\xaa\x4a\xe5\xe1\x52\x72\xd0\x0e\x95\x70\x56\x37\xce\x8a\x3b\x55\xed\x40\x21\x12"; michael@0: if (sctp_test_hmac("SHA1 test case 6", SCTP_AUTH_HMAC_ID_SHA1, key, keylen, michael@0: text, textlen, digest, digestlen) < 0) michael@0: failed++; michael@0: michael@0: /*- michael@0: * test_case = 7 michael@0: * key = 0xaa repeated 80 times michael@0: * key_len = 80 michael@0: * data = "Test Using Larger Than Block-Size Key and Larger Than One Block-Size Data" michael@0: * data_len = 73 michael@0: * digest = 0xe8e99d0f45237d786d6bbaa7965c7808bbff1a91 michael@0: */ michael@0: keylen = 80; michael@0: memset(key, 0xaa, keylen); michael@0: textlen = 73; michael@0: strcpy(text, "Test Using Larger Than Block-Size Key and Larger Than One Block-Size Data"); michael@0: digest = "\xe8\xe9\x9d\x0f\x45\x23\x7d\x78\x6d\x6b\xba\xa7\x96\x5c\x78\x08\xbb\xff\x1a\x91"; michael@0: if (sctp_test_hmac("SHA1 test case 7", SCTP_AUTH_HMAC_ID_SHA1, key, keylen, michael@0: text, textlen, digest, digestlen) < 0) michael@0: failed++; michael@0: michael@0: /* done with all tests */ michael@0: if (failed) michael@0: SCTP_PRINTF("\nSHA1 test results: %d cases failed", failed); michael@0: else michael@0: SCTP_PRINTF("\nSHA1 test results: all test cases passed"); michael@0: } michael@0: michael@0: /* michael@0: * test assoc key concatenation michael@0: */ michael@0: static int michael@0: sctp_test_key_concatenation(sctp_key_t *key1, sctp_key_t *key2, michael@0: sctp_key_t *expected_key) michael@0: { michael@0: sctp_key_t *key; michael@0: int ret_val; michael@0: michael@0: sctp_show_key(key1, "\nkey1"); michael@0: sctp_show_key(key2, "\nkey2"); michael@0: key = sctp_compute_hashkey(key1, key2, NULL); michael@0: sctp_show_key(expected_key, "\nExpected"); michael@0: sctp_show_key(key, "\nComputed"); michael@0: if (memcmp(key, expected_key, expected_key->keylen) != 0) { michael@0: SCTP_PRINTF("\nFAILED"); michael@0: ret_val = -1; michael@0: } else { michael@0: SCTP_PRINTF("\nPASSED"); michael@0: ret_val = 0; michael@0: } michael@0: sctp_free_key(key1); michael@0: sctp_free_key(key2); michael@0: sctp_free_key(expected_key); michael@0: sctp_free_key(key); michael@0: return (ret_val); michael@0: } michael@0: michael@0: michael@0: void michael@0: sctp_test_authkey(void) michael@0: { michael@0: sctp_key_t *key1, *key2, *expected_key; michael@0: int failed = 0; michael@0: michael@0: /* test case 1 */ michael@0: key1 = sctp_set_key("\x01\x01\x01\x01", 4); michael@0: key2 = sctp_set_key("\x01\x02\x03\x04", 4); michael@0: expected_key = sctp_set_key("\x01\x01\x01\x01\x01\x02\x03\x04", 8); michael@0: if (sctp_test_key_concatenation(key1, key2, expected_key) < 0) michael@0: failed++; michael@0: michael@0: /* test case 2 */ michael@0: key1 = sctp_set_key("\x00\x00\x00\x01", 4); michael@0: key2 = sctp_set_key("\x02", 1); michael@0: expected_key = sctp_set_key("\x00\x00\x00\x01\x02", 5); michael@0: if (sctp_test_key_concatenation(key1, key2, expected_key) < 0) michael@0: failed++; michael@0: michael@0: /* test case 3 */ michael@0: key1 = sctp_set_key("\x01", 1); michael@0: key2 = sctp_set_key("\x00\x00\x00\x02", 4); michael@0: expected_key = sctp_set_key("\x01\x00\x00\x00\x02", 5); michael@0: if (sctp_test_key_concatenation(key1, key2, expected_key) < 0) michael@0: failed++; michael@0: michael@0: /* test case 4 */ michael@0: key1 = sctp_set_key("\x00\x00\x00\x01", 4); michael@0: key2 = sctp_set_key("\x01", 1); michael@0: expected_key = sctp_set_key("\x01\x00\x00\x00\x01", 5); michael@0: if (sctp_test_key_concatenation(key1, key2, expected_key) < 0) michael@0: failed++; michael@0: michael@0: /* test case 5 */ michael@0: key1 = sctp_set_key("\x01", 1); michael@0: key2 = sctp_set_key("\x00\x00\x00\x01", 4); michael@0: expected_key = sctp_set_key("\x01\x00\x00\x00\x01", 5); michael@0: if (sctp_test_key_concatenation(key1, key2, expected_key) < 0) michael@0: failed++; michael@0: michael@0: /* test case 6 */ michael@0: key1 = sctp_set_key("\x00\x00\x00\x00\x01\x02\x03\x04\x05\x06\x07", 11); michael@0: key2 = sctp_set_key("\x00\x00\x00\x00\x01\x02\x03\x04\x05\x06\x08", 11); michael@0: expected_key = sctp_set_key("\x00\x00\x00\x00\x01\x02\x03\x04\x05\x06\x07\x00\x00\x00\x00\x01\x02\x03\x04\x05\x06\x08", 22); michael@0: if (sctp_test_key_concatenation(key1, key2, expected_key) < 0) michael@0: failed++; michael@0: michael@0: /* test case 7 */ michael@0: key1 = sctp_set_key("\x00\x00\x00\x00\x01\x02\x03\x04\x05\x06\x08", 11); michael@0: key2 = sctp_set_key("\x00\x00\x00\x00\x01\x02\x03\x04\x05\x06\x07", 11); michael@0: expected_key = sctp_set_key("\x00\x00\x00\x00\x01\x02\x03\x04\x05\x06\x07\x00\x00\x00\x00\x01\x02\x03\x04\x05\x06\x08", 22); michael@0: if (sctp_test_key_concatenation(key1, key2, expected_key) < 0) michael@0: failed++; michael@0: michael@0: /* done with all tests */ michael@0: if (failed) michael@0: SCTP_PRINTF("\nKey concatenation test results: %d cases failed", failed); michael@0: else michael@0: SCTP_PRINTF("\nKey concatenation test results: all test cases passed"); michael@0: } michael@0: michael@0: michael@0: #if defined(STANDALONE_HMAC_TEST) michael@0: int michael@0: main(void) michael@0: { michael@0: sctp_test_hmac_sha1(); michael@0: sctp_test_authkey(); michael@0: } michael@0: michael@0: #endif /* STANDALONE_HMAC_TEST */ michael@0: michael@0: #endif /* SCTP_HMAC_TEST */