| OLD | NEW |
|---|
| (Empty) |
| 1 /*- | |
| 2 * Copyright (c) 2001-2008, by Cisco Systems, Inc. All rights reserved. | |
| 3 * Copyright (c) 2008-2012, by Randall Stewart. All rights reserved. | |
| 4 * Copyright (c) 2008-2012, by Michael Tuexen. All rights reserved. | |
| 5 * | |
| 6 * Redistribution and use in source and binary forms, with or without | |
| 7 * modification, are permitted provided that the following conditions are met: | |
| 8 * | |
| 9 * a) Redistributions of source code must retain the above copyright notice, | |
| 10 * this list of conditions and the following disclaimer. | |
| 11 * | |
| 12 * b) Redistributions in binary form must reproduce the above copyright | |
| 13 * notice, this list of conditions and the following disclaimer in | |
| 14 * the documentation and/or other materials provided with the distribution. | |
| 15 * | |
| 16 * c) Neither the name of Cisco Systems, Inc. nor the names of its | |
| 17 * contributors may be used to endorse or promote products derived | |
| 18 * from this software without specific prior written permission. | |
| 19 * | |
| 20 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS | |
| 21 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, | |
| 22 * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOS
E | |
| 23 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE | |
| 24 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR | |
| 25 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF | |
| 26 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS | |
| 27 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN | |
| 28 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | |
| 29 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF | |
| 30 * THE POSSIBILITY OF SUCH DAMAGE. | |
| 31 */ | |
| 32 | |
| 33 #ifdef __FreeBSD__ | |
| 34 #include <sys/cdefs.h> | |
| 35 __FBSDID("$FreeBSD: head/sys/netinet/sctp_auth.h 235828 2012-05-23 11:26:28Z tue
xen $"); | |
| 36 #endif | |
| 37 | |
| 38 #ifndef _NETINET_SCTP_AUTH_H_ | |
| 39 #define _NETINET_SCTP_AUTH_H_ | |
| 40 | |
| 41 #include <netinet/sctp_sha1.h> | |
| 42 | |
| 43 /* digest lengths */ | |
| 44 #define SCTP_AUTH_DIGEST_LEN_SHA1 20 | |
| 45 #define SCTP_AUTH_DIGEST_LEN_SHA224 28 | |
| 46 #define SCTP_AUTH_DIGEST_LEN_SHA256 32 | |
| 47 #define SCTP_AUTH_DIGEST_LEN_SHA384 48 | |
| 48 #define SCTP_AUTH_DIGEST_LEN_SHA512 64 | |
| 49 #define SCTP_AUTH_DIGEST_LEN_MAX 64 | |
| 50 | |
| 51 /* random sizes */ | |
| 52 #define SCTP_AUTH_RANDOM_SIZE_DEFAULT 32 | |
| 53 #define SCTP_AUTH_RANDOM_SIZE_REQUIRED 32 | |
| 54 #define SCTP_AUTH_RANDOM_SIZE_MAX 256 | |
| 55 | |
| 56 /* union of all supported HMAC algorithm contexts */ | |
| 57 typedef union sctp_hash_context { | |
| 58 SHA1_CTX sha1; | |
| 59 #ifdef HAVE_SHA2 | |
| 60 SHA256_CTX sha256; | |
| 61 SHA384_CTX sha384; | |
| 62 SHA512_CTX sha512; | |
| 63 #endif | |
| 64 } sctp_hash_context_t; | |
| 65 | |
| 66 typedef struct sctp_key { | |
| 67 uint32_t keylen; | |
| 68 uint8_t key[]; | |
| 69 } sctp_key_t; | |
| 70 | |
| 71 typedef struct sctp_shared_key { | |
| 72 LIST_ENTRY(sctp_shared_key) next; | |
| 73 sctp_key_t *key; /* key text */ | |
| 74 uint32_t refcount; /* reference count */ | |
| 75 uint16_t keyid; /* shared key ID */ | |
| 76 uint8_t deactivated; /* key is deactivated */ | |
| 77 } sctp_sharedkey_t; | |
| 78 | |
| 79 LIST_HEAD(sctp_keyhead, sctp_shared_key); | |
| 80 | |
| 81 /* authentication chunks list */ | |
| 82 typedef struct sctp_auth_chklist { | |
| 83 uint8_t chunks[256]; | |
| 84 uint8_t num_chunks; | |
| 85 } sctp_auth_chklist_t; | |
| 86 | |
| 87 /* hmac algos supported list */ | |
| 88 typedef struct sctp_hmaclist { | |
| 89 uint16_t max_algo; /* max algorithms allocated */ | |
| 90 uint16_t num_algo; /* num algorithms used */ | |
| 91 uint16_t hmac[]; | |
| 92 } sctp_hmaclist_t; | |
| 93 | |
| 94 /* authentication info */ | |
| 95 typedef struct sctp_authinformation { | |
| 96 sctp_key_t *random; /* local random key (concatenated) */ | |
| 97 uint32_t random_len; /* local random number length for param */ | |
| 98 sctp_key_t *peer_random;/* peer's random key (concatenated) */ | |
| 99 sctp_key_t *assoc_key; /* cached concatenated send key */ | |
| 100 sctp_key_t *recv_key; /* cached concatenated recv key */ | |
| 101 uint16_t active_keyid; /* active send keyid */ | |
| 102 uint16_t assoc_keyid; /* current send keyid (cached) */ | |
| 103 uint16_t recv_keyid; /* last recv keyid (cached) */ | |
| 104 } sctp_authinfo_t; | |
| 105 | |
| 106 | |
| 107 | |
| 108 /* | |
| 109 * Macros | |
| 110 */ | |
| 111 #define sctp_auth_is_required_chunk(chunk, list) ((list == NULL) ? (0) : (list->
chunks[chunk] != 0)) | |
| 112 | |
| 113 /* | |
| 114 * function prototypes | |
| 115 */ | |
| 116 | |
| 117 /* socket option api functions */ | |
| 118 extern sctp_auth_chklist_t *sctp_alloc_chunklist(void); | |
| 119 extern void sctp_free_chunklist(sctp_auth_chklist_t *chklist); | |
| 120 extern void sctp_clear_chunklist(sctp_auth_chklist_t *chklist); | |
| 121 extern sctp_auth_chklist_t *sctp_copy_chunklist(sctp_auth_chklist_t *chklist); | |
| 122 extern int sctp_auth_add_chunk(uint8_t chunk, sctp_auth_chklist_t *list); | |
| 123 extern int sctp_auth_delete_chunk(uint8_t chunk, sctp_auth_chklist_t *list); | |
| 124 extern size_t sctp_auth_get_chklist_size(const sctp_auth_chklist_t *list); | |
| 125 extern void sctp_auth_set_default_chunks(sctp_auth_chklist_t *list); | |
| 126 extern int sctp_serialize_auth_chunks(const sctp_auth_chklist_t *list, | |
| 127 uint8_t *ptr); | |
| 128 extern int sctp_pack_auth_chunks(const sctp_auth_chklist_t *list, | |
| 129 uint8_t *ptr); | |
| 130 extern int sctp_unpack_auth_chunks(const uint8_t *ptr, uint8_t num_chunks, | |
| 131 sctp_auth_chklist_t *list); | |
| 132 | |
| 133 /* key handling */ | |
| 134 extern sctp_key_t *sctp_alloc_key(uint32_t keylen); | |
| 135 extern void sctp_free_key(sctp_key_t *key); | |
| 136 extern void sctp_print_key(sctp_key_t *key, const char *str); | |
| 137 extern void sctp_show_key(sctp_key_t *key, const char *str); | |
| 138 extern sctp_key_t *sctp_generate_random_key(uint32_t keylen); | |
| 139 extern sctp_key_t *sctp_set_key(uint8_t *key, uint32_t keylen); | |
| 140 extern sctp_key_t *sctp_compute_hashkey(sctp_key_t *key1, sctp_key_t *key2, | |
| 141 sctp_key_t *shared); | |
| 142 | |
| 143 /* shared key handling */ | |
| 144 extern sctp_sharedkey_t *sctp_alloc_sharedkey(void); | |
| 145 extern void sctp_free_sharedkey(sctp_sharedkey_t *skey); | |
| 146 extern sctp_sharedkey_t *sctp_find_sharedkey(struct sctp_keyhead *shared_keys, | |
| 147 uint16_t key_id); | |
| 148 extern int sctp_insert_sharedkey(struct sctp_keyhead *shared_keys, | |
| 149 sctp_sharedkey_t *new_skey); | |
| 150 extern int sctp_copy_skeylist(const struct sctp_keyhead *src, | |
| 151 struct sctp_keyhead *dest); | |
| 152 /* ref counts on shared keys, by key id */ | |
| 153 extern void sctp_auth_key_acquire(struct sctp_tcb *stcb, uint16_t keyid); | |
| 154 extern void sctp_auth_key_release(struct sctp_tcb *stcb, uint16_t keyid, | |
| 155 int so_locked); | |
| 156 | |
| 157 | |
| 158 /* hmac list handling */ | |
| 159 extern sctp_hmaclist_t *sctp_alloc_hmaclist(uint8_t num_hmacs); | |
| 160 extern void sctp_free_hmaclist(sctp_hmaclist_t *list); | |
| 161 extern int sctp_auth_add_hmacid(sctp_hmaclist_t *list, uint16_t hmac_id); | |
| 162 extern sctp_hmaclist_t *sctp_copy_hmaclist(sctp_hmaclist_t *list); | |
| 163 extern sctp_hmaclist_t *sctp_default_supported_hmaclist(void); | |
| 164 extern uint16_t sctp_negotiate_hmacid(sctp_hmaclist_t *peer, | |
| 165 sctp_hmaclist_t *local); | |
| 166 extern int sctp_serialize_hmaclist(sctp_hmaclist_t *list, uint8_t *ptr); | |
| 167 extern int sctp_verify_hmac_param(struct sctp_auth_hmac_algo *hmacs, | |
| 168 uint32_t num_hmacs); | |
| 169 | |
| 170 extern sctp_authinfo_t *sctp_alloc_authinfo(void); | |
| 171 extern void sctp_free_authinfo(sctp_authinfo_t *authinfo); | |
| 172 | |
| 173 /* keyed-HMAC functions */ | |
| 174 extern uint32_t sctp_get_auth_chunk_len(uint16_t hmac_algo); | |
| 175 extern uint32_t sctp_get_hmac_digest_len(uint16_t hmac_algo); | |
| 176 extern uint32_t sctp_hmac(uint16_t hmac_algo, uint8_t *key, uint32_t keylen, | |
| 177 uint8_t *text, uint32_t textlen, uint8_t *digest); | |
| 178 extern int sctp_verify_hmac(uint16_t hmac_algo, uint8_t *key, uint32_t keylen, | |
| 179 uint8_t *text, uint32_t textlen, uint8_t *digest, uint32_t digestlen); | |
| 180 extern uint32_t sctp_compute_hmac(uint16_t hmac_algo, sctp_key_t *key, | |
| 181 uint8_t *text, uint32_t textlen, uint8_t *digest); | |
| 182 extern int sctp_auth_is_supported_hmac(sctp_hmaclist_t *list, uint16_t id); | |
| 183 | |
| 184 /* mbuf versions */ | |
| 185 extern uint32_t sctp_hmac_m(uint16_t hmac_algo, uint8_t *key, uint32_t keylen, | |
| 186 struct mbuf *m, uint32_t m_offset, uint8_t *digest, uint32_t trailer); | |
| 187 extern uint32_t sctp_compute_hmac_m(uint16_t hmac_algo, sctp_key_t *key, | |
| 188 struct mbuf *m, uint32_t m_offset, uint8_t *digest); | |
| 189 | |
| 190 /* | |
| 191 * authentication routines | |
| 192 */ | |
| 193 extern void sctp_clear_cachedkeys(struct sctp_tcb *stcb, uint16_t keyid); | |
| 194 extern void sctp_clear_cachedkeys_ep(struct sctp_inpcb *inp, uint16_t keyid); | |
| 195 extern int sctp_delete_sharedkey(struct sctp_tcb *stcb, uint16_t keyid); | |
| 196 extern int sctp_delete_sharedkey_ep(struct sctp_inpcb *inp, uint16_t keyid); | |
| 197 extern int sctp_auth_setactivekey(struct sctp_tcb *stcb, uint16_t keyid); | |
| 198 extern int sctp_auth_setactivekey_ep(struct sctp_inpcb *inp, uint16_t keyid); | |
| 199 extern int sctp_deact_sharedkey(struct sctp_tcb *stcb, uint16_t keyid); | |
| 200 extern int sctp_deact_sharedkey_ep(struct sctp_inpcb *inp, uint16_t keyid); | |
| 201 | |
| 202 extern void sctp_auth_get_cookie_params(struct sctp_tcb *stcb, struct mbuf *m, | |
| 203 uint32_t offset, uint32_t length); | |
| 204 extern void sctp_fill_hmac_digest_m(struct mbuf *m, uint32_t auth_offset, | |
| 205 struct sctp_auth_chunk *auth, struct sctp_tcb *stcb, uint16_t key_id); | |
| 206 extern struct mbuf *sctp_add_auth_chunk(struct mbuf *m, struct mbuf **m_end, | |
| 207 struct sctp_auth_chunk **auth_ret, uint32_t *offset, | |
| 208 struct sctp_tcb *stcb, uint8_t chunk); | |
| 209 extern int sctp_handle_auth(struct sctp_tcb *stcb, struct sctp_auth_chunk *ch, | |
| 210 struct mbuf *m, uint32_t offset); | |
| 211 extern void sctp_notify_authentication(struct sctp_tcb *stcb, | |
| 212 uint32_t indication, uint16_t keyid, uint16_t alt_keyid, int so_locked); | |
| 213 extern int sctp_validate_init_auth_params(struct mbuf *m, int offset, | |
| 214 int limit); | |
| 215 extern void sctp_initialize_auth_params(struct sctp_inpcb *inp, | |
| 216 struct sctp_tcb *stcb); | |
| 217 | |
| 218 /* test functions */ | |
| 219 #ifdef SCTP_HMAC_TEST | |
| 220 extern void sctp_test_hmac_sha1(void); | |
| 221 extern void sctp_test_authkey(void); | |
| 222 #endif | |
| 223 #endif /* __SCTP_AUTH_H__ */ | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 23960004:
Updated usrsctp to latest version with fixes upstream. Fixed usrsctp gyp file; removed overides. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src