OSCL-LXR |
|
|
|
|||
0001 /* SPDX-License-Identifier: GPL-2.0 */ 0002 /* 0003 * net/tipc/crypto.h: Include file for TIPC crypto 0004 * 0005 * Copyright (c) 2019, Ericsson AB 0006 * All rights reserved. 0007 * 0008 * Redistribution and use in source and binary forms, with or without 0009 * modification, are permitted provided that the following conditions are met: 0010 * 0011 * 1. Redistributions of source code must retain the above copyright 0012 * notice, this list of conditions and the following disclaimer. 0013 * 2. Redistributions in binary form must reproduce the above copyright 0014 * notice, this list of conditions and the following disclaimer in the 0015 * documentation and/or other materials provided with the distribution. 0016 * 3. Neither the names of the copyright holders nor the names of its 0017 * contributors may be used to endorse or promote products derived from 0018 * this software without specific prior written permission. 0019 * 0020 * Alternatively, this software may be distributed under the terms of the 0021 * GNU General Public License ("GPL") version 2 as published by the Free 0022 * Software Foundation. 0023 * 0024 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 0025 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 0026 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 0027 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE 0028 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 0029 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 0030 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 0031 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 0032 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 0033 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 0034 * POSSIBILITY OF SUCH DAMAGE. 0035 */ 0036 #ifdef CONFIG_TIPC_CRYPTO 0037 #ifndef _TIPC_CRYPTO_H 0038 #define _TIPC_CRYPTO_H 0039 0040 #include "core.h" 0041 #include "node.h" 0042 #include "msg.h" 0043 #include "bearer.h" 0044 0045 #define TIPC_EVERSION 7 0046 0047 /* AEAD aes(gcm) */ 0048 #define TIPC_AES_GCM_KEY_SIZE_128 16 0049 #define TIPC_AES_GCM_KEY_SIZE_192 24 0050 #define TIPC_AES_GCM_KEY_SIZE_256 32 0051 0052 #define TIPC_AES_GCM_SALT_SIZE 4 0053 #define TIPC_AES_GCM_IV_SIZE 12 0054 #define TIPC_AES_GCM_TAG_SIZE 16 0055 0056 /* 0057 * TIPC crypto modes: 0058 * - CLUSTER_KEY: 0059 * One single key is used for both TX & RX in all nodes in the cluster. 0060 * - PER_NODE_KEY: 0061 * Each nodes in the cluster has one TX key, for RX a node needs to know 0062 * its peers' TX key for the decryption of messages from those nodes. 0063 */ 0064 enum { 0065 CLUSTER_KEY = 1, 0066 PER_NODE_KEY = (1 << 1), 0067 }; 0068 0069 extern int sysctl_tipc_max_tfms __read_mostly; 0070 extern int sysctl_tipc_key_exchange_enabled __read_mostly; 0071 0072 /* 0073 * TIPC encryption message format: 0074 * 0075 * 3 3 2 2 2 2 2 2 2 2 2 2 1 1 1 1 1 1 1 1 1 1 0 0 0 0 0 0 0 0 0 0 0076 * 1 0 9 8 7 6 5 4|3 2 1 0 9 8 7 6|5 4 3 2 1 0 9 8|7 6 5 4 3 2 1 0 0077 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 0078 * w0:|Ver=7| User |D|TX |RX |K|M|N| Rsvd | 0079 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 0080 * w1:| Seqno | 0081 * w2:| (8 octets) | 0082 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 0083 * w3:\ Prevnode \ 0084 * / (4 or 16 octets) / 0085 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 0086 * \ \ 0087 * / Encrypted complete TIPC V2 header and user data / 0088 * \ \ 0089 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 0090 * | | 0091 * | AuthTag | 0092 * | (16 octets) | 0093 * | | 0094 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 0095 * 0096 * Word0: 0097 * Ver : = 7 i.e. TIPC encryption message version 0098 * User : = 7 (for LINK_PROTOCOL); = 13 (for LINK_CONFIG) or = 0 0099 * D : The destined bit i.e. the message's destination node is 0100 * "known" or not at the message encryption 0101 * TX : TX key used for the message encryption 0102 * RX : Currently RX active key corresponding to the destination 0103 * node's TX key (when the "D" bit is set) 0104 * K : Keep-alive bit (for RPS, LINK_PROTOCOL/STATE_MSG only) 0105 * M : Bit indicates if sender has master key 0106 * N : Bit indicates if sender has no RX keys corresponding to the 0107 * receiver's TX (when the "D" bit is set) 0108 * Rsvd : Reserved bit, field 0109 * Word1-2: 0110 * Seqno : The 64-bit sequence number of the encrypted message, also 0111 * part of the nonce used for the message encryption/decryption 0112 * Word3-: 0113 * Prevnode: The source node address, or ID in case LINK_CONFIG only 0114 * AuthTag : The authentication tag for the message integrity checking 0115 * generated by the message encryption 0116 */ 0117 struct tipc_ehdr { 0118 union { 0119 struct { 0120 #if defined(__LITTLE_ENDIAN_BITFIELD) 0121 __u8 destined:1, 0122 user:4, 0123 version:3; 0124 __u8 reserved_1:1, 0125 rx_nokey:1, 0126 master_key:1, 0127 keepalive:1, 0128 rx_key_active:2, 0129 tx_key:2; 0130 #elif defined(__BIG_ENDIAN_BITFIELD) 0131 __u8 version:3, 0132 user:4, 0133 destined:1; 0134 __u8 tx_key:2, 0135 rx_key_active:2, 0136 keepalive:1, 0137 master_key:1, 0138 rx_nokey:1, 0139 reserved_1:1; 0140 #else 0141 #error "Please fix <asm/byteorder.h>" 0142 #endif 0143 __be16 reserved_2; 0144 } __packed; 0145 __be32 w0; 0146 }; 0147 __be64 seqno; 0148 union { 0149 __be32 addr; 0150 __u8 id[NODE_ID_LEN]; /* For a LINK_CONFIG message only! */ 0151 }; 0152 #define EHDR_SIZE (offsetof(struct tipc_ehdr, addr) + sizeof(__be32)) 0153 #define EHDR_CFG_SIZE (sizeof(struct tipc_ehdr)) 0154 #define EHDR_MIN_SIZE (EHDR_SIZE) 0155 #define EHDR_MAX_SIZE (EHDR_CFG_SIZE) 0156 #define EMSG_OVERHEAD (EHDR_SIZE + TIPC_AES_GCM_TAG_SIZE) 0157 } __packed; 0158 0159 int tipc_crypto_start(struct tipc_crypto **crypto, struct net *net, 0160 struct tipc_node *node); 0161 void tipc_crypto_stop(struct tipc_crypto **crypto); 0162 void tipc_crypto_timeout(struct tipc_crypto *rx); 0163 int tipc_crypto_xmit(struct net *net, struct sk_buff **skb, 0164 struct tipc_bearer *b, struct tipc_media_addr *dst, 0165 struct tipc_node *__dnode); 0166 int tipc_crypto_rcv(struct net *net, struct tipc_crypto *rx, 0167 struct sk_buff **skb, struct tipc_bearer *b); 0168 int tipc_crypto_key_init(struct tipc_crypto *c, struct tipc_aead_key *ukey, 0169 u8 mode, bool master_key); 0170 void tipc_crypto_key_flush(struct tipc_crypto *c); 0171 int tipc_crypto_key_distr(struct tipc_crypto *tx, u8 key, 0172 struct tipc_node *dest); 0173 void tipc_crypto_msg_rcv(struct net *net, struct sk_buff *skb); 0174 void tipc_crypto_rekeying_sched(struct tipc_crypto *tx, bool changed, 0175 u32 new_intv); 0176 int tipc_aead_key_validate(struct tipc_aead_key *ukey, struct genl_info *info); 0177 bool tipc_ehdr_validate(struct sk_buff *skb); 0178 0179 static inline u32 msg_key_gen(struct tipc_msg *m) 0180 { 0181 return msg_bits(m, 4, 16, 0xffff); 0182 } 0183 0184 static inline void msg_set_key_gen(struct tipc_msg *m, u32 gen) 0185 { 0186 msg_set_bits(m, 4, 16, 0xffff, gen); 0187 } 0188 0189 static inline u32 msg_key_mode(struct tipc_msg *m) 0190 { 0191 return msg_bits(m, 4, 0, 0xf); 0192 } 0193 0194 static inline void msg_set_key_mode(struct tipc_msg *m, u32 mode) 0195 { 0196 msg_set_bits(m, 4, 0, 0xf, mode); 0197 } 0198 0199 #endif /* _TIPC_CRYPTO_H */ 0200 #endif
| [ Source navigation ] | [ Diff markup ] | [ Identifier search ] | [ general search ] |
|
This page was automatically generated by the 2.1.0 LXR engine. The LXR team |
|