auth.h (3826B)
1/* SPDX-License-Identifier: GPL-2.0-or-later */ 2/* SCTP kernel implementation 3 * (C) Copyright 2007 Hewlett-Packard Development Company, L.P. 4 * 5 * This file is part of the SCTP kernel implementation 6 * 7 * Please send any bug reports or fixes you make to the 8 * email address(es): 9 * lksctp developers <linux-sctp@vger.kernel.org> 10 * 11 * Written or modified by: 12 * Vlad Yasevich <vladislav.yasevich@hp.com> 13 */ 14 15#ifndef __sctp_auth_h__ 16#define __sctp_auth_h__ 17 18#include <linux/list.h> 19#include <linux/refcount.h> 20 21struct sctp_endpoint; 22struct sctp_association; 23struct sctp_authkey; 24struct sctp_hmacalgo; 25struct crypto_shash; 26 27/* 28 * Define a generic struct that will hold all the info 29 * necessary for an HMAC transform 30 */ 31struct sctp_hmac { 32 __u16 hmac_id; /* one of the above ids */ 33 char *hmac_name; /* name for loading */ 34 __u16 hmac_len; /* length of the signature */ 35}; 36 37/* This is generic structure that containst authentication bytes used 38 * as keying material. It's a what is referred to as byte-vector all 39 * over SCTP-AUTH 40 */ 41struct sctp_auth_bytes { 42 refcount_t refcnt; 43 __u32 len; 44 __u8 data[]; 45}; 46 47/* Definition for a shared key, weather endpoint or association */ 48struct sctp_shared_key { 49 struct list_head key_list; 50 struct sctp_auth_bytes *key; 51 refcount_t refcnt; 52 __u16 key_id; 53 __u8 deactivated; 54}; 55 56#define key_for_each(__key, __list_head) \ 57 list_for_each_entry(__key, __list_head, key_list) 58 59#define key_for_each_safe(__key, __tmp, __list_head) \ 60 list_for_each_entry_safe(__key, __tmp, __list_head, key_list) 61 62static inline void sctp_auth_key_hold(struct sctp_auth_bytes *key) 63{ 64 if (!key) 65 return; 66 67 refcount_inc(&key->refcnt); 68} 69 70void sctp_auth_key_put(struct sctp_auth_bytes *key); 71struct sctp_shared_key *sctp_auth_shkey_create(__u16 key_id, gfp_t gfp); 72void sctp_auth_destroy_keys(struct list_head *keys); 73int sctp_auth_asoc_init_active_key(struct sctp_association *asoc, gfp_t gfp); 74struct sctp_shared_key *sctp_auth_get_shkey( 75 const struct sctp_association *asoc, 76 __u16 key_id); 77int sctp_auth_asoc_copy_shkeys(const struct sctp_endpoint *ep, 78 struct sctp_association *asoc, 79 gfp_t gfp); 80int sctp_auth_init_hmacs(struct sctp_endpoint *ep, gfp_t gfp); 81void sctp_auth_destroy_hmacs(struct crypto_shash *auth_hmacs[]); 82struct sctp_hmac *sctp_auth_get_hmac(__u16 hmac_id); 83struct sctp_hmac *sctp_auth_asoc_get_hmac(const struct sctp_association *asoc); 84void sctp_auth_asoc_set_default_hmac(struct sctp_association *asoc, 85 struct sctp_hmac_algo_param *hmacs); 86int sctp_auth_asoc_verify_hmac_id(const struct sctp_association *asoc, 87 __be16 hmac_id); 88int sctp_auth_send_cid(enum sctp_cid chunk, 89 const struct sctp_association *asoc); 90int sctp_auth_recv_cid(enum sctp_cid chunk, 91 const struct sctp_association *asoc); 92void sctp_auth_calculate_hmac(const struct sctp_association *asoc, 93 struct sk_buff *skb, struct sctp_auth_chunk *auth, 94 struct sctp_shared_key *ep_key, gfp_t gfp); 95void sctp_auth_shkey_release(struct sctp_shared_key *sh_key); 96void sctp_auth_shkey_hold(struct sctp_shared_key *sh_key); 97 98/* API Helpers */ 99int sctp_auth_ep_add_chunkid(struct sctp_endpoint *ep, __u8 chunk_id); 100int sctp_auth_ep_set_hmacs(struct sctp_endpoint *ep, 101 struct sctp_hmacalgo *hmacs); 102int sctp_auth_set_key(struct sctp_endpoint *ep, struct sctp_association *asoc, 103 struct sctp_authkey *auth_key); 104int sctp_auth_set_active_key(struct sctp_endpoint *ep, 105 struct sctp_association *asoc, __u16 key_id); 106int sctp_auth_del_key_id(struct sctp_endpoint *ep, 107 struct sctp_association *asoc, __u16 key_id); 108int sctp_auth_deact_key_id(struct sctp_endpoint *ep, 109 struct sctp_association *asoc, __u16 key_id); 110int sctp_auth_init(struct sctp_endpoint *ep, gfp_t gfp); 111void sctp_auth_free(struct sctp_endpoint *ep); 112 113#endif