1 /* SPDX-License-Identifier: GPL-2.0-or-later */ 2 /* SCTP kernel implementation 3 * (C) Copyright 2007 Hewlett-Packard Development Company, L.P. 4 * 5 * This file is part of the SCTP kernel implementation 6 * 7 * Please send any bug reports or fixes you make to the 8 * email address(es): 9 * lksctp developers <linux-sctp@vger.kernel.org> 10 * 11 * Written or modified by: 12 * Vlad Yasevich <vladislav.yasevich@hp.com> 13 */ 14 15 #ifndef __sctp_auth_h__ 16 #define __sctp_auth_h__ 17 18 #include <linux/list.h> 19 #include <linux/refcount.h> 20 21 struct sctp_endpoint; 22 struct sctp_association; 23 struct sctp_authkey; 24 struct sctp_hmacalgo; 25 struct crypto_shash; 26 27 /* 28 * Define a generic struct that will hold all the info 29 * necessary for an HMAC transform 30 */ 31 struct sctp_hmac { 32 __u16 hmac_id; /* one of the above ids */ 33 char *hmac_name; /* name for loading */ 34 __u16 hmac_len; /* length of the signature */ 35 }; 36 37 /* This is generic structure that containst authentication bytes used 38 * as keying material. It's a what is referred to as byte-vector all 39 * over SCTP-AUTH 40 */ 41 struct sctp_auth_bytes { 42 refcount_t refcnt; 43 __u32 len; 44 __u8 data[]; 45 }; 46 47 /* Definition for a shared key, weather endpoint or association */ 48 struct sctp_shared_key { 49 struct list_head key_list; 50 struct sctp_auth_bytes *key; 51 refcount_t refcnt; 52 __u16 key_id; 53 __u8 deactivated; 54 }; 55 56 #define key_for_each(__key, __list_head) \ 57 list_for_each_entry(__key, __list_head, key_list) 58 59 #define key_for_each_safe(__key, __tmp, __list_head) \ 60 list_for_each_entry_safe(__key, __tmp, __list_head, key_list) 61 sctp_auth_key_hold(struct sctp_auth_bytes * key)62 static inline void sctp_auth_key_hold(struct sctp_auth_bytes *key) 63 { 64 if (!key) 65 return; 66 67 refcount_inc(&key->refcnt); 68 } 69 70 void sctp_auth_key_put(struct sctp_auth_bytes *key); 71 struct sctp_shared_key *sctp_auth_shkey_create(__u16 key_id, gfp_t gfp); 72 void sctp_auth_destroy_keys(struct list_head *keys); 73 int sctp_auth_asoc_init_active_key(struct sctp_association *asoc, gfp_t gfp); 74 struct sctp_shared_key *sctp_auth_get_shkey( 75 const struct sctp_association *asoc, 76 __u16 key_id); 77 int sctp_auth_asoc_copy_shkeys(const struct sctp_endpoint *ep, 78 struct sctp_association *asoc, 79 gfp_t gfp); 80 int sctp_auth_init_hmacs(struct sctp_endpoint *ep, gfp_t gfp); 81 void sctp_auth_destroy_hmacs(struct crypto_shash *auth_hmacs[]); 82 struct sctp_hmac *sctp_auth_get_hmac(__u16 hmac_id); 83 struct sctp_hmac *sctp_auth_asoc_get_hmac(const struct sctp_association *asoc); 84 void sctp_auth_asoc_set_default_hmac(struct sctp_association *asoc, 85 struct sctp_hmac_algo_param *hmacs); 86 int sctp_auth_asoc_verify_hmac_id(const struct sctp_association *asoc, 87 __be16 hmac_id); 88 int sctp_auth_send_cid(enum sctp_cid chunk, 89 const struct sctp_association *asoc); 90 int sctp_auth_recv_cid(enum sctp_cid chunk, 91 const struct sctp_association *asoc); 92 void sctp_auth_calculate_hmac(const struct sctp_association *asoc, 93 struct sk_buff *skb, struct sctp_auth_chunk *auth, 94 struct sctp_shared_key *ep_key, gfp_t gfp); 95 void sctp_auth_shkey_release(struct sctp_shared_key *sh_key); 96 void sctp_auth_shkey_hold(struct sctp_shared_key *sh_key); 97 98 /* API Helpers */ 99 int sctp_auth_ep_add_chunkid(struct sctp_endpoint *ep, __u8 chunk_id); 100 int sctp_auth_ep_set_hmacs(struct sctp_endpoint *ep, 101 struct sctp_hmacalgo *hmacs); 102 int sctp_auth_set_key(struct sctp_endpoint *ep, struct sctp_association *asoc, 103 struct sctp_authkey *auth_key); 104 int sctp_auth_set_active_key(struct sctp_endpoint *ep, 105 struct sctp_association *asoc, __u16 key_id); 106 int sctp_auth_del_key_id(struct sctp_endpoint *ep, 107 struct sctp_association *asoc, __u16 key_id); 108 int sctp_auth_deact_key_id(struct sctp_endpoint *ep, 109 struct sctp_association *asoc, __u16 key_id); 110 int sctp_auth_init(struct sctp_endpoint *ep, gfp_t gfp); 111 void sctp_auth_free(struct sctp_endpoint *ep); 112 113 #endif 114