The Design and Implementation of the FreeBSD Operating System, Second Edition
Now available: The Design and Implementation of the FreeBSD Operating System (Second Edition)


[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]

FreeBSD/Linux Kernel Cross Reference
sys/netinet/sctp_auth.c

Version: -  FREEBSD  -  FREEBSD-13-STABLE  -  FREEBSD-13-0  -  FREEBSD-12-STABLE  -  FREEBSD-12-0  -  FREEBSD-11-STABLE  -  FREEBSD-11-0  -  FREEBSD-10-STABLE  -  FREEBSD-10-0  -  FREEBSD-9-STABLE  -  FREEBSD-9-0  -  FREEBSD-8-STABLE  -  FREEBSD-8-0  -  FREEBSD-7-STABLE  -  FREEBSD-7-0  -  FREEBSD-6-STABLE  -  FREEBSD-6-0  -  FREEBSD-5-STABLE  -  FREEBSD-5-0  -  FREEBSD-4-STABLE  -  FREEBSD-3-STABLE  -  FREEBSD22  -  l41  -  OPENBSD  -  linux-2.6  -  MK84  -  PLAN9  -  xnu-8792 
SearchContext: -  none  -  3  -  10 

    1 /*-
    2  * Copyright (c) 2001-2008, by Cisco Systems, Inc. All rights reserved.
    3  * Copyright (c) 2008-2012, by Randall Stewart. All rights reserved.
    4  * Copyright (c) 2008-2012, by Michael Tuexen. All rights reserved.
    5  *
    6  * Redistribution and use in source and binary forms, with or without
    7  * modification, are permitted provided that the following conditions are met:
    8  *
    9  * a) Redistributions of source code must retain the above copyright notice,
   10  *    this list of conditions and the following disclaimer.
   11  *
   12  * b) Redistributions in binary form must reproduce the above copyright
   13  *    notice, this list of conditions and the following disclaimer in
   14  *    the documentation and/or other materials provided with the distribution.
   15  *
   16  * c) Neither the name of Cisco Systems, Inc. nor the names of its
   17  *    contributors may be used to endorse or promote products derived
   18  *    from this software without specific prior written permission.
   19  *
   20  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
   21  * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
   22  * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
   23  * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
   24  * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
   25  * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
   26  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
   27  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
   28  * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
   29  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
   30  * THE POSSIBILITY OF SUCH DAMAGE.
   31  */
   32 
   33 #include <sys/cdefs.h>
   34 __FBSDID("$FreeBSD: releng/10.2/sys/netinet/sctp_auth.c 283734 2015-05-29 13:23:16Z tuexen $");
   35 
   36 #include <netinet/sctp_os.h>
   37 #include <netinet/sctp.h>
   38 #include <netinet/sctp_header.h>
   39 #include <netinet/sctp_pcb.h>
   40 #include <netinet/sctp_var.h>
   41 #include <netinet/sctp_sysctl.h>
   42 #include <netinet/sctputil.h>
   43 #include <netinet/sctp_indata.h>
   44 #include <netinet/sctp_output.h>
   45 #include <netinet/sctp_auth.h>
   46 
   47 #ifdef SCTP_DEBUG
   48 #define SCTP_AUTH_DEBUG         (SCTP_BASE_SYSCTL(sctp_debug_on) & SCTP_DEBUG_AUTH1)
   49 #define SCTP_AUTH_DEBUG2        (SCTP_BASE_SYSCTL(sctp_debug_on) & SCTP_DEBUG_AUTH2)
   50 #endif                          /* SCTP_DEBUG */
   51 
   52 
   53 void
   54 sctp_clear_chunklist(sctp_auth_chklist_t * chklist)
   55 {
   56         bzero(chklist, sizeof(*chklist));
   57         /* chklist->num_chunks = 0; */
   58 }
   59 
   60 sctp_auth_chklist_t *
   61 sctp_alloc_chunklist(void)
   62 {
   63         sctp_auth_chklist_t *chklist;
   64 
   65         SCTP_MALLOC(chklist, sctp_auth_chklist_t *, sizeof(*chklist),
   66             SCTP_M_AUTH_CL);
   67         if (chklist == NULL) {
   68                 SCTPDBG(SCTP_DEBUG_AUTH1, "sctp_alloc_chunklist: failed to get memory!\n");
   69         } else {
   70                 sctp_clear_chunklist(chklist);
   71         }
   72         return (chklist);
   73 }
   74 
   75 void
   76 sctp_free_chunklist(sctp_auth_chklist_t * list)
   77 {
   78         if (list != NULL)
   79                 SCTP_FREE(list, SCTP_M_AUTH_CL);
   80 }
   81 
   82 sctp_auth_chklist_t *
   83 sctp_copy_chunklist(sctp_auth_chklist_t * list)
   84 {
   85         sctp_auth_chklist_t *new_list;
   86 
   87         if (list == NULL)
   88                 return (NULL);
   89 
   90         /* get a new list */
   91         new_list = sctp_alloc_chunklist();
   92         if (new_list == NULL)
   93                 return (NULL);
   94         /* copy it */
   95         bcopy(list, new_list, sizeof(*new_list));
   96 
   97         return (new_list);
   98 }
   99 
  100 
  101 /*
  102  * add a chunk to the required chunks list
  103  */
  104 int
  105 sctp_auth_add_chunk(uint8_t chunk, sctp_auth_chklist_t * list)
  106 {
  107         if (list == NULL)
  108                 return (-1);
  109 
  110         /* is chunk restricted? */
  111         if ((chunk == SCTP_INITIATION) ||
  112             (chunk == SCTP_INITIATION_ACK) ||
  113             (chunk == SCTP_SHUTDOWN_COMPLETE) ||
  114             (chunk == SCTP_AUTHENTICATION)) {
  115                 return (-1);
  116         }
  117         if (list->chunks[chunk] == 0) {
  118                 list->chunks[chunk] = 1;
  119                 list->num_chunks++;
  120                 SCTPDBG(SCTP_DEBUG_AUTH1,
  121                     "SCTP: added chunk %u (0x%02x) to Auth list\n",
  122                     chunk, chunk);
  123         }
  124         return (0);
  125 }
  126 
  127 /*
  128  * delete a chunk from the required chunks list
  129  */
  130 int
  131 sctp_auth_delete_chunk(uint8_t chunk, sctp_auth_chklist_t * list)
  132 {
  133         if (list == NULL)
  134                 return (-1);
  135 
  136         if (list->chunks[chunk] == 1) {
  137                 list->chunks[chunk] = 0;
  138                 list->num_chunks--;
  139                 SCTPDBG(SCTP_DEBUG_AUTH1,
  140                     "SCTP: deleted chunk %u (0x%02x) from Auth list\n",
  141                     chunk, chunk);
  142         }
  143         return (0);
  144 }
  145 
  146 size_t
  147 sctp_auth_get_chklist_size(const sctp_auth_chklist_t * list)
  148 {
  149         if (list == NULL)
  150                 return (0);
  151         else
  152                 return (list->num_chunks);
  153 }
  154 
  155 /*
  156  * return the current number and list of required chunks caller must
  157  * guarantee ptr has space for up to 256 bytes
  158  */
  159 int
  160 sctp_serialize_auth_chunks(const sctp_auth_chklist_t * list, uint8_t * ptr)
  161 {
  162         int i, count = 0;
  163 
  164         if (list == NULL)
  165                 return (0);
  166 
  167         for (i = 0; i < 256; i++) {
  168                 if (list->chunks[i] != 0) {
  169                         *ptr++ = i;
  170                         count++;
  171                 }
  172         }
  173         return (count);
  174 }
  175 
  176 int
  177 sctp_pack_auth_chunks(const sctp_auth_chklist_t * list, uint8_t * ptr)
  178 {
  179         int i, size = 0;
  180 
  181         if (list == NULL)
  182                 return (0);
  183 
  184         if (list->num_chunks <= 32) {
  185                 /* just list them, one byte each */
  186                 for (i = 0; i < 256; i++) {
  187                         if (list->chunks[i] != 0) {
  188                                 *ptr++ = i;
  189                                 size++;
  190                         }
  191                 }
  192         } else {
  193                 int index, offset;
  194 
  195                 /* pack into a 32 byte bitfield */
  196                 for (i = 0; i < 256; i++) {
  197                         if (list->chunks[i] != 0) {
  198                                 index = i / 8;
  199                                 offset = i % 8;
  200                                 ptr[index] |= (1 << offset);
  201                         }
  202                 }
  203                 size = 32;
  204         }
  205         return (size);
  206 }
  207 
  208 int
  209 sctp_unpack_auth_chunks(const uint8_t * ptr, uint8_t num_chunks,
  210     sctp_auth_chklist_t * list)
  211 {
  212         int i;
  213         int size;
  214 
  215         if (list == NULL)
  216                 return (0);
  217 
  218         if (num_chunks <= 32) {
  219                 /* just pull them, one byte each */
  220                 for (i = 0; i < num_chunks; i++) {
  221                         (void)sctp_auth_add_chunk(*ptr++, list);
  222                 }
  223                 size = num_chunks;
  224         } else {
  225                 int index, offset;
  226 
  227                 /* unpack from a 32 byte bitfield */
  228                 for (index = 0; index < 32; index++) {
  229                         for (offset = 0; offset < 8; offset++) {
  230                                 if (ptr[index] & (1 << offset)) {
  231                                         (void)sctp_auth_add_chunk((index * 8) + offset, list);
  232                                 }
  233                         }
  234                 }
  235                 size = 32;
  236         }
  237         return (size);
  238 }
  239 
  240 
  241 /*
  242  * allocate structure space for a key of length keylen
  243  */
  244 sctp_key_t *
  245 sctp_alloc_key(uint32_t keylen)
  246 {
  247         sctp_key_t *new_key;
  248 
  249         SCTP_MALLOC(new_key, sctp_key_t *, sizeof(*new_key) + keylen,
  250             SCTP_M_AUTH_KY);
  251         if (new_key == NULL) {
  252                 /* out of memory */
  253                 return (NULL);
  254         }
  255         new_key->keylen = keylen;
  256         return (new_key);
  257 }
  258 
  259 void
  260 sctp_free_key(sctp_key_t * key)
  261 {
  262         if (key != NULL)
  263                 SCTP_FREE(key, SCTP_M_AUTH_KY);
  264 }
  265 
  266 void
  267 sctp_print_key(sctp_key_t * key, const char *str)
  268 {
  269         uint32_t i;
  270 
  271         if (key == NULL) {
  272                 SCTP_PRINTF("%s: [Null key]\n", str);
  273                 return;
  274         }
  275         SCTP_PRINTF("%s: len %u, ", str, key->keylen);
  276         if (key->keylen) {
  277                 for (i = 0; i < key->keylen; i++)
  278                         SCTP_PRINTF("%02x", key->key[i]);
  279                 SCTP_PRINTF("\n");
  280         } else {
  281                 SCTP_PRINTF("[Null key]\n");
  282         }
  283 }
  284 
  285 void
  286 sctp_show_key(sctp_key_t * key, const char *str)
  287 {
  288         uint32_t i;
  289 
  290         if (key == NULL) {
  291                 SCTP_PRINTF("%s: [Null key]\n", str);
  292                 return;
  293         }
  294         SCTP_PRINTF("%s: len %u, ", str, key->keylen);
  295         if (key->keylen) {
  296                 for (i = 0; i < key->keylen; i++)
  297                         SCTP_PRINTF("%02x", key->key[i]);
  298                 SCTP_PRINTF("\n");
  299         } else {
  300                 SCTP_PRINTF("[Null key]\n");
  301         }
  302 }
  303 
  304 static uint32_t
  305 sctp_get_keylen(sctp_key_t * key)
  306 {
  307         if (key != NULL)
  308                 return (key->keylen);
  309         else
  310                 return (0);
  311 }
  312 
  313 /*
  314  * generate a new random key of length 'keylen'
  315  */
  316 sctp_key_t *
  317 sctp_generate_random_key(uint32_t keylen)
  318 {
  319         sctp_key_t *new_key;
  320 
  321         new_key = sctp_alloc_key(keylen);
  322         if (new_key == NULL) {
  323                 /* out of memory */
  324                 return (NULL);
  325         }
  326         SCTP_READ_RANDOM(new_key->key, keylen);
  327         new_key->keylen = keylen;
  328         return (new_key);
  329 }
  330 
  331 sctp_key_t *
  332 sctp_set_key(uint8_t * key, uint32_t keylen)
  333 {
  334         sctp_key_t *new_key;
  335 
  336         new_key = sctp_alloc_key(keylen);
  337         if (new_key == NULL) {
  338                 /* out of memory */
  339                 return (NULL);
  340         }
  341         bcopy(key, new_key->key, keylen);
  342         return (new_key);
  343 }
  344 
  345 /*-
  346  * given two keys of variable size, compute which key is "larger/smaller"
  347  * returns:  1 if key1 > key2
  348  *          -1 if key1 < key2
  349  *           0 if key1 = key2
  350  */
  351 static int
  352 sctp_compare_key(sctp_key_t * key1, sctp_key_t * key2)
  353 {
  354         uint32_t maxlen;
  355         uint32_t i;
  356         uint32_t key1len, key2len;
  357         uint8_t *key_1, *key_2;
  358         uint8_t val1, val2;
  359 
  360         /* sanity/length check */
  361         key1len = sctp_get_keylen(key1);
  362         key2len = sctp_get_keylen(key2);
  363         if ((key1len == 0) && (key2len == 0))
  364                 return (0);
  365         else if (key1len == 0)
  366                 return (-1);
  367         else if (key2len == 0)
  368                 return (1);
  369 
  370         if (key1len < key2len) {
  371                 maxlen = key2len;
  372         } else {
  373                 maxlen = key1len;
  374         }
  375         key_1 = key1->key;
  376         key_2 = key2->key;
  377         /* check for numeric equality */
  378         for (i = 0; i < maxlen; i++) {
  379                 /* left-pad with zeros */
  380                 val1 = (i < (maxlen - key1len)) ? 0 : *(key_1++);
  381                 val2 = (i < (maxlen - key2len)) ? 0 : *(key_2++);
  382                 if (val1 > val2) {
  383                         return (1);
  384                 } else if (val1 < val2) {
  385                         return (-1);
  386                 }
  387         }
  388         /* keys are equal value, so check lengths */
  389         if (key1len == key2len)
  390                 return (0);
  391         else if (key1len < key2len)
  392                 return (-1);
  393         else
  394                 return (1);
  395 }
  396 
  397 /*
  398  * generate the concatenated keying material based on the two keys and the
  399  * shared key (if available). draft-ietf-tsvwg-auth specifies the specific
  400  * order for concatenation
  401  */
  402 sctp_key_t *
  403 sctp_compute_hashkey(sctp_key_t * key1, sctp_key_t * key2, sctp_key_t * shared)
  404 {
  405         uint32_t keylen;
  406         sctp_key_t *new_key;
  407         uint8_t *key_ptr;
  408 
  409         keylen = sctp_get_keylen(key1) + sctp_get_keylen(key2) +
  410             sctp_get_keylen(shared);
  411 
  412         if (keylen > 0) {
  413                 /* get space for the new key */
  414                 new_key = sctp_alloc_key(keylen);
  415                 if (new_key == NULL) {
  416                         /* out of memory */
  417                         return (NULL);
  418                 }
  419                 new_key->keylen = keylen;
  420                 key_ptr = new_key->key;
  421         } else {
  422                 /* all keys empty/null?! */
  423                 return (NULL);
  424         }
  425 
  426         /* concatenate the keys */
  427         if (sctp_compare_key(key1, key2) <= 0) {
  428                 /* key is shared + key1 + key2 */
  429                 if (sctp_get_keylen(shared)) {
  430                         bcopy(shared->key, key_ptr, shared->keylen);
  431                         key_ptr += shared->keylen;
  432                 }
  433                 if (sctp_get_keylen(key1)) {
  434                         bcopy(key1->key, key_ptr, key1->keylen);
  435                         key_ptr += key1->keylen;
  436                 }
  437                 if (sctp_get_keylen(key2)) {
  438                         bcopy(key2->key, key_ptr, key2->keylen);
  439                 }
  440         } else {
  441                 /* key is shared + key2 + key1 */
  442                 if (sctp_get_keylen(shared)) {
  443                         bcopy(shared->key, key_ptr, shared->keylen);
  444                         key_ptr += shared->keylen;
  445                 }
  446                 if (sctp_get_keylen(key2)) {
  447                         bcopy(key2->key, key_ptr, key2->keylen);
  448                         key_ptr += key2->keylen;
  449                 }
  450                 if (sctp_get_keylen(key1)) {
  451                         bcopy(key1->key, key_ptr, key1->keylen);
  452                 }
  453         }
  454         return (new_key);
  455 }
  456 
  457 
  458 sctp_sharedkey_t *
  459 sctp_alloc_sharedkey(void)
  460 {
  461         sctp_sharedkey_t *new_key;
  462 
  463         SCTP_MALLOC(new_key, sctp_sharedkey_t *, sizeof(*new_key),
  464             SCTP_M_AUTH_KY);
  465         if (new_key == NULL) {
  466                 /* out of memory */
  467                 return (NULL);
  468         }
  469         new_key->keyid = 0;
  470         new_key->key = NULL;
  471         new_key->refcount = 1;
  472         new_key->deactivated = 0;
  473         return (new_key);
  474 }
  475 
  476 void
  477 sctp_free_sharedkey(sctp_sharedkey_t * skey)
  478 {
  479         if (skey == NULL)
  480                 return;
  481 
  482         if (SCTP_DECREMENT_AND_CHECK_REFCOUNT(&skey->refcount)) {
  483                 if (skey->key != NULL)
  484                         sctp_free_key(skey->key);
  485                 SCTP_FREE(skey, SCTP_M_AUTH_KY);
  486         }
  487 }
  488 
  489 sctp_sharedkey_t *
  490 sctp_find_sharedkey(struct sctp_keyhead *shared_keys, uint16_t key_id)
  491 {
  492         sctp_sharedkey_t *skey;
  493 
  494         LIST_FOREACH(skey, shared_keys, next) {
  495                 if (skey->keyid == key_id)
  496                         return (skey);
  497         }
  498         return (NULL);
  499 }
  500 
  501 int
  502 sctp_insert_sharedkey(struct sctp_keyhead *shared_keys,
  503     sctp_sharedkey_t * new_skey)
  504 {
  505         sctp_sharedkey_t *skey;
  506 
  507         if ((shared_keys == NULL) || (new_skey == NULL))
  508                 return (EINVAL);
  509 
  510         /* insert into an empty list? */
  511         if (LIST_EMPTY(shared_keys)) {
  512                 LIST_INSERT_HEAD(shared_keys, new_skey, next);
  513                 return (0);
  514         }
  515         /* insert into the existing list, ordered by key id */
  516         LIST_FOREACH(skey, shared_keys, next) {
  517                 if (new_skey->keyid < skey->keyid) {
  518                         /* insert it before here */
  519                         LIST_INSERT_BEFORE(skey, new_skey, next);
  520                         return (0);
  521                 } else if (new_skey->keyid == skey->keyid) {
  522                         /* replace the existing key */
  523                         /* verify this key *can* be replaced */
  524                         if ((skey->deactivated) && (skey->refcount > 1)) {
  525                                 SCTPDBG(SCTP_DEBUG_AUTH1,
  526                                     "can't replace shared key id %u\n",
  527                                     new_skey->keyid);
  528                                 return (EBUSY);
  529                         }
  530                         SCTPDBG(SCTP_DEBUG_AUTH1,
  531                             "replacing shared key id %u\n",
  532                             new_skey->keyid);
  533                         LIST_INSERT_BEFORE(skey, new_skey, next);
  534                         LIST_REMOVE(skey, next);
  535                         sctp_free_sharedkey(skey);
  536                         return (0);
  537                 }
  538                 if (LIST_NEXT(skey, next) == NULL) {
  539                         /* belongs at the end of the list */
  540                         LIST_INSERT_AFTER(skey, new_skey, next);
  541                         return (0);
  542                 }
  543         }
  544         /* shouldn't reach here */
  545         return (0);
  546 }
  547 
  548 void
  549 sctp_auth_key_acquire(struct sctp_tcb *stcb, uint16_t key_id)
  550 {
  551         sctp_sharedkey_t *skey;
  552 
  553         /* find the shared key */
  554         skey = sctp_find_sharedkey(&stcb->asoc.shared_keys, key_id);
  555 
  556         /* bump the ref count */
  557         if (skey) {
  558                 atomic_add_int(&skey->refcount, 1);
  559                 SCTPDBG(SCTP_DEBUG_AUTH2,
  560                     "%s: stcb %p key %u refcount acquire to %d\n",
  561                     __FUNCTION__, (void *)stcb, key_id, skey->refcount);
  562         }
  563 }
  564 
  565 void
  566 sctp_auth_key_release(struct sctp_tcb *stcb, uint16_t key_id, int so_locked
  567 #if !defined(__APPLE__) && !defined(SCTP_SO_LOCK_TESTING)
  568     SCTP_UNUSED
  569 #endif
  570 )
  571 {
  572         sctp_sharedkey_t *skey;
  573 
  574         /* find the shared key */
  575         skey = sctp_find_sharedkey(&stcb->asoc.shared_keys, key_id);
  576 
  577         /* decrement the ref count */
  578         if (skey) {
  579                 SCTPDBG(SCTP_DEBUG_AUTH2,
  580                     "%s: stcb %p key %u refcount release to %d\n",
  581                     __FUNCTION__, (void *)stcb, key_id, skey->refcount);
  582 
  583                 /* see if a notification should be generated */
  584                 if ((skey->refcount <= 2) && (skey->deactivated)) {
  585                         /* notify ULP that key is no longer used */
  586                         sctp_ulp_notify(SCTP_NOTIFY_AUTH_FREE_KEY, stcb,
  587                             key_id, 0, so_locked);
  588                         SCTPDBG(SCTP_DEBUG_AUTH2,
  589                             "%s: stcb %p key %u no longer used, %d\n",
  590                             __FUNCTION__, (void *)stcb, key_id, skey->refcount);
  591                 }
  592                 sctp_free_sharedkey(skey);
  593         }
  594 }
  595 
  596 static sctp_sharedkey_t *
  597 sctp_copy_sharedkey(const sctp_sharedkey_t * skey)
  598 {
  599         sctp_sharedkey_t *new_skey;
  600 
  601         if (skey == NULL)
  602                 return (NULL);
  603         new_skey = sctp_alloc_sharedkey();
  604         if (new_skey == NULL)
  605                 return (NULL);
  606         if (skey->key != NULL)
  607                 new_skey->key = sctp_set_key(skey->key->key, skey->key->keylen);
  608         else
  609                 new_skey->key = NULL;
  610         new_skey->keyid = skey->keyid;
  611         return (new_skey);
  612 }
  613 
  614 int
  615 sctp_copy_skeylist(const struct sctp_keyhead *src, struct sctp_keyhead *dest)
  616 {
  617         sctp_sharedkey_t *skey, *new_skey;
  618         int count = 0;
  619 
  620         if ((src == NULL) || (dest == NULL))
  621                 return (0);
  622         LIST_FOREACH(skey, src, next) {
  623                 new_skey = sctp_copy_sharedkey(skey);
  624                 if (new_skey != NULL) {
  625                         (void)sctp_insert_sharedkey(dest, new_skey);
  626                         count++;
  627                 }
  628         }
  629         return (count);
  630 }
  631 
  632 
  633 sctp_hmaclist_t *
  634 sctp_alloc_hmaclist(uint16_t num_hmacs)
  635 {
  636         sctp_hmaclist_t *new_list;
  637         int alloc_size;
  638 
  639         alloc_size = sizeof(*new_list) + num_hmacs * sizeof(new_list->hmac[0]);
  640         SCTP_MALLOC(new_list, sctp_hmaclist_t *, alloc_size,
  641             SCTP_M_AUTH_HL);
  642         if (new_list == NULL) {
  643                 /* out of memory */
  644                 return (NULL);
  645         }
  646         new_list->max_algo = num_hmacs;
  647         new_list->num_algo = 0;
  648         return (new_list);
  649 }
  650 
  651 void
  652 sctp_free_hmaclist(sctp_hmaclist_t * list)
  653 {
  654         if (list != NULL) {
  655                 SCTP_FREE(list, SCTP_M_AUTH_HL);
  656                 list = NULL;
  657         }
  658 }
  659 
  660 int
  661 sctp_auth_add_hmacid(sctp_hmaclist_t * list, uint16_t hmac_id)
  662 {
  663         int i;
  664 
  665         if (list == NULL)
  666                 return (-1);
  667         if (list->num_algo == list->max_algo) {
  668                 SCTPDBG(SCTP_DEBUG_AUTH1,
  669                     "SCTP: HMAC id list full, ignoring add %u\n", hmac_id);
  670                 return (-1);
  671         }
  672         if ((hmac_id != SCTP_AUTH_HMAC_ID_SHA1) &&
  673             (hmac_id != SCTP_AUTH_HMAC_ID_SHA256)) {
  674                 return (-1);
  675         }
  676         /* Now is it already in the list */
  677         for (i = 0; i < list->num_algo; i++) {
  678                 if (list->hmac[i] == hmac_id) {
  679                         /* already in list */
  680                         return (-1);
  681                 }
  682         }
  683         SCTPDBG(SCTP_DEBUG_AUTH1, "SCTP: add HMAC id %u to list\n", hmac_id);
  684         list->hmac[list->num_algo++] = hmac_id;
  685         return (0);
  686 }
  687 
  688 sctp_hmaclist_t *
  689 sctp_copy_hmaclist(sctp_hmaclist_t * list)
  690 {
  691         sctp_hmaclist_t *new_list;
  692         int i;
  693 
  694         if (list == NULL)
  695                 return (NULL);
  696         /* get a new list */
  697         new_list = sctp_alloc_hmaclist(list->max_algo);
  698         if (new_list == NULL)
  699                 return (NULL);
  700         /* copy it */
  701         new_list->max_algo = list->max_algo;
  702         new_list->num_algo = list->num_algo;
  703         for (i = 0; i < list->num_algo; i++)
  704                 new_list->hmac[i] = list->hmac[i];
  705         return (new_list);
  706 }
  707 
  708 sctp_hmaclist_t *
  709 sctp_default_supported_hmaclist(void)
  710 {
  711         sctp_hmaclist_t *new_list;
  712 
  713         new_list = sctp_alloc_hmaclist(2);
  714         if (new_list == NULL)
  715                 return (NULL);
  716         /* We prefer SHA256, so list it first */
  717         (void)sctp_auth_add_hmacid(new_list, SCTP_AUTH_HMAC_ID_SHA256);
  718         (void)sctp_auth_add_hmacid(new_list, SCTP_AUTH_HMAC_ID_SHA1);
  719         return (new_list);
  720 }
  721 
  722 /*-
  723  * HMAC algos are listed in priority/preference order
  724  * find the best HMAC id to use for the peer based on local support
  725  */
  726 uint16_t
  727 sctp_negotiate_hmacid(sctp_hmaclist_t * peer, sctp_hmaclist_t * local)
  728 {
  729         int i, j;
  730 
  731         if ((local == NULL) || (peer == NULL))
  732                 return (SCTP_AUTH_HMAC_ID_RSVD);
  733 
  734         for (i = 0; i < peer->num_algo; i++) {
  735                 for (j = 0; j < local->num_algo; j++) {
  736                         if (peer->hmac[i] == local->hmac[j]) {
  737                                 /* found the "best" one */
  738                                 SCTPDBG(SCTP_DEBUG_AUTH1,
  739                                     "SCTP: negotiated peer HMAC id %u\n",
  740                                     peer->hmac[i]);
  741                                 return (peer->hmac[i]);
  742                         }
  743                 }
  744         }
  745         /* didn't find one! */
  746         return (SCTP_AUTH_HMAC_ID_RSVD);
  747 }
  748 
  749 /*-
  750  * serialize the HMAC algo list and return space used
  751  * caller must guarantee ptr has appropriate space
  752  */
  753 int
  754 sctp_serialize_hmaclist(sctp_hmaclist_t * list, uint8_t * ptr)
  755 {
  756         int i;
  757         uint16_t hmac_id;
  758 
  759         if (list == NULL)
  760                 return (0);
  761 
  762         for (i = 0; i < list->num_algo; i++) {
  763                 hmac_id = htons(list->hmac[i]);
  764                 bcopy(&hmac_id, ptr, sizeof(hmac_id));
  765                 ptr += sizeof(hmac_id);
  766         }
  767         return (list->num_algo * sizeof(hmac_id));
  768 }
  769 
  770 int
  771 sctp_verify_hmac_param(struct sctp_auth_hmac_algo *hmacs, uint32_t num_hmacs)
  772 {
  773         uint32_t i;
  774 
  775         for (i = 0; i < num_hmacs; i++) {
  776                 if (ntohs(hmacs->hmac_ids[i]) == SCTP_AUTH_HMAC_ID_SHA1) {
  777                         return (0);
  778                 }
  779         }
  780         return (-1);
  781 }
  782 
  783 sctp_authinfo_t *
  784 sctp_alloc_authinfo(void)
  785 {
  786         sctp_authinfo_t *new_authinfo;
  787 
  788         SCTP_MALLOC(new_authinfo, sctp_authinfo_t *, sizeof(*new_authinfo),
  789             SCTP_M_AUTH_IF);
  790 
  791         if (new_authinfo == NULL) {
  792                 /* out of memory */
  793                 return (NULL);
  794         }
  795         bzero(new_authinfo, sizeof(*new_authinfo));
  796         return (new_authinfo);
  797 }
  798 
  799 void
  800 sctp_free_authinfo(sctp_authinfo_t * authinfo)
  801 {
  802         if (authinfo == NULL)
  803                 return;
  804 
  805         if (authinfo->random != NULL)
  806                 sctp_free_key(authinfo->random);
  807         if (authinfo->peer_random != NULL)
  808                 sctp_free_key(authinfo->peer_random);
  809         if (authinfo->assoc_key != NULL)
  810                 sctp_free_key(authinfo->assoc_key);
  811         if (authinfo->recv_key != NULL)
  812                 sctp_free_key(authinfo->recv_key);
  813 
  814         /* We are NOT dynamically allocating authinfo's right now... */
  815         /* SCTP_FREE(authinfo, SCTP_M_AUTH_??); */
  816 }
  817 
  818 
  819 uint32_t
  820 sctp_get_auth_chunk_len(uint16_t hmac_algo)
  821 {
  822         int size;
  823 
  824         size = sizeof(struct sctp_auth_chunk) + sctp_get_hmac_digest_len(hmac_algo);
  825         return (SCTP_SIZE32(size));
  826 }
  827 
  828 uint32_t
  829 sctp_get_hmac_digest_len(uint16_t hmac_algo)
  830 {
  831         switch (hmac_algo) {
  832         case SCTP_AUTH_HMAC_ID_SHA1:
  833                 return (SCTP_AUTH_DIGEST_LEN_SHA1);
  834         case SCTP_AUTH_HMAC_ID_SHA256:
  835                 return (SCTP_AUTH_DIGEST_LEN_SHA256);
  836         default:
  837                 /* unknown HMAC algorithm: can't do anything */
  838                 return (0);
  839         }                       /* end switch */
  840 }
  841 
  842 static inline int
  843 sctp_get_hmac_block_len(uint16_t hmac_algo)
  844 {
  845         switch (hmac_algo) {
  846         case SCTP_AUTH_HMAC_ID_SHA1:
  847                 return (64);
  848         case SCTP_AUTH_HMAC_ID_SHA256:
  849                 return (64);
  850         case SCTP_AUTH_HMAC_ID_RSVD:
  851         default:
  852                 /* unknown HMAC algorithm: can't do anything */
  853                 return (0);
  854         }                       /* end switch */
  855 }
  856 
  857 static void
  858 sctp_hmac_init(uint16_t hmac_algo, sctp_hash_context_t * ctx)
  859 {
  860         switch (hmac_algo) {
  861         case SCTP_AUTH_HMAC_ID_SHA1:
  862                 SCTP_SHA1_INIT(&ctx->sha1);
  863                 break;
  864         case SCTP_AUTH_HMAC_ID_SHA256:
  865                 SCTP_SHA256_INIT(&ctx->sha256);
  866                 break;
  867         case SCTP_AUTH_HMAC_ID_RSVD:
  868         default:
  869                 /* unknown HMAC algorithm: can't do anything */
  870                 return;
  871         }                       /* end switch */
  872 }
  873 
  874 static void
  875 sctp_hmac_update(uint16_t hmac_algo, sctp_hash_context_t * ctx,
  876     uint8_t * text, uint32_t textlen)
  877 {
  878         switch (hmac_algo) {
  879         case SCTP_AUTH_HMAC_ID_SHA1:
  880                 SCTP_SHA1_UPDATE(&ctx->sha1, text, textlen);
  881                 break;
  882         case SCTP_AUTH_HMAC_ID_SHA256:
  883                 SCTP_SHA256_UPDATE(&ctx->sha256, text, textlen);
  884                 break;
  885         case SCTP_AUTH_HMAC_ID_RSVD:
  886         default:
  887                 /* unknown HMAC algorithm: can't do anything */
  888                 return;
  889         }                       /* end switch */
  890 }
  891 
  892 static void
  893 sctp_hmac_final(uint16_t hmac_algo, sctp_hash_context_t * ctx,
  894     uint8_t * digest)
  895 {
  896         switch (hmac_algo) {
  897         case SCTP_AUTH_HMAC_ID_SHA1:
  898                 SCTP_SHA1_FINAL(digest, &ctx->sha1);
  899                 break;
  900         case SCTP_AUTH_HMAC_ID_SHA256:
  901                 SCTP_SHA256_FINAL(digest, &ctx->sha256);
  902                 break;
  903         case SCTP_AUTH_HMAC_ID_RSVD:
  904         default:
  905                 /* unknown HMAC algorithm: can't do anything */
  906                 return;
  907         }                       /* end switch */
  908 }
  909 
  910 /*-
  911  * Keyed-Hashing for Message Authentication: FIPS 198 (RFC 2104)
  912  *
  913  * Compute the HMAC digest using the desired hash key, text, and HMAC
  914  * algorithm.  Resulting digest is placed in 'digest' and digest length
  915  * is returned, if the HMAC was performed.
  916  *
  917  * WARNING: it is up to the caller to supply sufficient space to hold the
  918  * resultant digest.
  919  */
  920 uint32_t
  921 sctp_hmac(uint16_t hmac_algo, uint8_t * key, uint32_t keylen,
  922     uint8_t * text, uint32_t textlen, uint8_t * digest)
  923 {
  924         uint32_t digestlen;
  925         uint32_t blocklen;
  926         sctp_hash_context_t ctx;
  927         uint8_t ipad[128], opad[128];   /* keyed hash inner/outer pads */
  928         uint8_t temp[SCTP_AUTH_DIGEST_LEN_MAX];
  929         uint32_t i;
  930 
  931         /* sanity check the material and length */
  932         if ((key == NULL) || (keylen == 0) || (text == NULL) ||
  933             (textlen == 0) || (digest == NULL)) {
  934                 /* can't do HMAC with empty key or text or digest store */
  935                 return (0);
  936         }
  937         /* validate the hmac algo and get the digest length */
  938         digestlen = sctp_get_hmac_digest_len(hmac_algo);
  939         if (digestlen == 0)
  940                 return (0);
  941 
  942         /* hash the key if it is longer than the hash block size */
  943         blocklen = sctp_get_hmac_block_len(hmac_algo);
  944         if (keylen > blocklen) {
  945                 sctp_hmac_init(hmac_algo, &ctx);
  946                 sctp_hmac_update(hmac_algo, &ctx, key, keylen);
  947                 sctp_hmac_final(hmac_algo, &ctx, temp);
  948                 /* set the hashed key as the key */
  949                 keylen = digestlen;
  950                 key = temp;
  951         }
  952         /* initialize the inner/outer pads with the key and "append" zeroes */
  953         bzero(ipad, blocklen);
  954         bzero(opad, blocklen);
  955         bcopy(key, ipad, keylen);
  956         bcopy(key, opad, keylen);
  957 
  958         /* XOR the key with ipad and opad values */
  959         for (i = 0; i < blocklen; i++) {
  960                 ipad[i] ^= 0x36;
  961                 opad[i] ^= 0x5c;
  962         }
  963 
  964         /* perform inner hash */
  965         sctp_hmac_init(hmac_algo, &ctx);
  966         sctp_hmac_update(hmac_algo, &ctx, ipad, blocklen);
  967         sctp_hmac_update(hmac_algo, &ctx, text, textlen);
  968         sctp_hmac_final(hmac_algo, &ctx, temp);
  969 
  970         /* perform outer hash */
  971         sctp_hmac_init(hmac_algo, &ctx);
  972         sctp_hmac_update(hmac_algo, &ctx, opad, blocklen);
  973         sctp_hmac_update(hmac_algo, &ctx, temp, digestlen);
  974         sctp_hmac_final(hmac_algo, &ctx, digest);
  975 
  976         return (digestlen);
  977 }
  978 
  979 /* mbuf version */
  980 uint32_t
  981 sctp_hmac_m(uint16_t hmac_algo, uint8_t * key, uint32_t keylen,
  982     struct mbuf *m, uint32_t m_offset, uint8_t * digest, uint32_t trailer)
  983 {
  984         uint32_t digestlen;
  985         uint32_t blocklen;
  986         sctp_hash_context_t ctx;
  987         uint8_t ipad[128], opad[128];   /* keyed hash inner/outer pads */
  988         uint8_t temp[SCTP_AUTH_DIGEST_LEN_MAX];
  989         uint32_t i;
  990         struct mbuf *m_tmp;
  991 
  992         /* sanity check the material and length */
  993         if ((key == NULL) || (keylen == 0) || (m == NULL) || (digest == NULL)) {
  994                 /* can't do HMAC with empty key or text or digest store */
  995                 return (0);
  996         }
  997         /* validate the hmac algo and get the digest length */
  998         digestlen = sctp_get_hmac_digest_len(hmac_algo);
  999         if (digestlen == 0)
 1000                 return (0);
 1001 
 1002         /* hash the key if it is longer than the hash block size */
 1003         blocklen = sctp_get_hmac_block_len(hmac_algo);
 1004         if (keylen > blocklen) {
 1005                 sctp_hmac_init(hmac_algo, &ctx);
 1006                 sctp_hmac_update(hmac_algo, &ctx, key, keylen);
 1007                 sctp_hmac_final(hmac_algo, &ctx, temp);
 1008                 /* set the hashed key as the key */
 1009                 keylen = digestlen;
 1010                 key = temp;
 1011         }
 1012         /* initialize the inner/outer pads with the key and "append" zeroes */
 1013         bzero(ipad, blocklen);
 1014         bzero(opad, blocklen);
 1015         bcopy(key, ipad, keylen);
 1016         bcopy(key, opad, keylen);
 1017 
 1018         /* XOR the key with ipad and opad values */
 1019         for (i = 0; i < blocklen; i++) {
 1020                 ipad[i] ^= 0x36;
 1021                 opad[i] ^= 0x5c;
 1022         }
 1023 
 1024         /* perform inner hash */
 1025         sctp_hmac_init(hmac_algo, &ctx);
 1026         sctp_hmac_update(hmac_algo, &ctx, ipad, blocklen);
 1027         /* find the correct starting mbuf and offset (get start of text) */
 1028         m_tmp = m;
 1029         while ((m_tmp != NULL) && (m_offset >= (uint32_t) SCTP_BUF_LEN(m_tmp))) {
 1030                 m_offset -= SCTP_BUF_LEN(m_tmp);
 1031                 m_tmp = SCTP_BUF_NEXT(m_tmp);
 1032         }
 1033         /* now use the rest of the mbuf chain for the text */
 1034         while (m_tmp != NULL) {
 1035                 if ((SCTP_BUF_NEXT(m_tmp) == NULL) && trailer) {
 1036                         sctp_hmac_update(hmac_algo, &ctx, mtod(m_tmp, uint8_t *) + m_offset,
 1037                             SCTP_BUF_LEN(m_tmp) - (trailer + m_offset));
 1038                 } else {
 1039                         sctp_hmac_update(hmac_algo, &ctx, mtod(m_tmp, uint8_t *) + m_offset,
 1040                             SCTP_BUF_LEN(m_tmp) - m_offset);
 1041                 }
 1042 
 1043                 /* clear the offset since it's only for the first mbuf */
 1044                 m_offset = 0;
 1045                 m_tmp = SCTP_BUF_NEXT(m_tmp);
 1046         }
 1047         sctp_hmac_final(hmac_algo, &ctx, temp);
 1048 
 1049         /* perform outer hash */
 1050         sctp_hmac_init(hmac_algo, &ctx);
 1051         sctp_hmac_update(hmac_algo, &ctx, opad, blocklen);
 1052         sctp_hmac_update(hmac_algo, &ctx, temp, digestlen);
 1053         sctp_hmac_final(hmac_algo, &ctx, digest);
 1054 
 1055         return (digestlen);
 1056 }
 1057 
 1058 /*-
 1059  * verify the HMAC digest using the desired hash key, text, and HMAC
 1060  * algorithm.
 1061  * Returns -1 on error, 0 on success.
 1062  */
 1063 int
 1064 sctp_verify_hmac(uint16_t hmac_algo, uint8_t * key, uint32_t keylen,
 1065     uint8_t * text, uint32_t textlen,
 1066     uint8_t * digest, uint32_t digestlen)
 1067 {
 1068         uint32_t len;
 1069         uint8_t temp[SCTP_AUTH_DIGEST_LEN_MAX];
 1070 
 1071         /* sanity check the material and length */
 1072         if ((key == NULL) || (keylen == 0) ||
 1073             (text == NULL) || (textlen == 0) || (digest == NULL)) {
 1074                 /* can't do HMAC with empty key or text or digest */
 1075                 return (-1);
 1076         }
 1077         len = sctp_get_hmac_digest_len(hmac_algo);
 1078         if ((len == 0) || (digestlen != len))
 1079                 return (-1);
 1080 
 1081         /* compute the expected hash */
 1082         if (sctp_hmac(hmac_algo, key, keylen, text, textlen, temp) != len)
 1083                 return (-1);
 1084 
 1085         if (memcmp(digest, temp, digestlen) != 0)
 1086                 return (-1);
 1087         else
 1088                 return (0);
 1089 }
 1090 
 1091 
 1092 /*
 1093  * computes the requested HMAC using a key struct (which may be modified if
 1094  * the keylen exceeds the HMAC block len).
 1095  */
 1096 uint32_t
 1097 sctp_compute_hmac(uint16_t hmac_algo, sctp_key_t * key, uint8_t * text,
 1098     uint32_t textlen, uint8_t * digest)
 1099 {
 1100         uint32_t digestlen;
 1101         uint32_t blocklen;
 1102         sctp_hash_context_t ctx;
 1103         uint8_t temp[SCTP_AUTH_DIGEST_LEN_MAX];
 1104 
 1105         /* sanity check */
 1106         if ((key == NULL) || (text == NULL) || (textlen == 0) ||
 1107             (digest == NULL)) {
 1108                 /* can't do HMAC with empty key or text or digest store */
 1109                 return (0);
 1110         }
 1111         /* validate the hmac algo and get the digest length */
 1112         digestlen = sctp_get_hmac_digest_len(hmac_algo);
 1113         if (digestlen == 0)
 1114                 return (0);
 1115 
 1116         /* hash the key if it is longer than the hash block size */
 1117         blocklen = sctp_get_hmac_block_len(hmac_algo);
 1118         if (key->keylen > blocklen) {
 1119                 sctp_hmac_init(hmac_algo, &ctx);
 1120                 sctp_hmac_update(hmac_algo, &ctx, key->key, key->keylen);
 1121                 sctp_hmac_final(hmac_algo, &ctx, temp);
 1122                 /* save the hashed key as the new key */
 1123                 key->keylen = digestlen;
 1124                 bcopy(temp, key->key, key->keylen);
 1125         }
 1126         return (sctp_hmac(hmac_algo, key->key, key->keylen, text, textlen,
 1127             digest));
 1128 }
 1129 
 1130 /* mbuf version */
 1131 uint32_t
 1132 sctp_compute_hmac_m(uint16_t hmac_algo, sctp_key_t * key, struct mbuf *m,
 1133     uint32_t m_offset, uint8_t * digest)
 1134 {
 1135         uint32_t digestlen;
 1136         uint32_t blocklen;
 1137         sctp_hash_context_t ctx;
 1138         uint8_t temp[SCTP_AUTH_DIGEST_LEN_MAX];
 1139 
 1140         /* sanity check */
 1141         if ((key == NULL) || (m == NULL) || (digest == NULL)) {
 1142                 /* can't do HMAC with empty key or text or digest store */
 1143                 return (0);
 1144         }
 1145         /* validate the hmac algo and get the digest length */
 1146         digestlen = sctp_get_hmac_digest_len(hmac_algo);
 1147         if (digestlen == 0)
 1148                 return (0);
 1149 
 1150         /* hash the key if it is longer than the hash block size */
 1151         blocklen = sctp_get_hmac_block_len(hmac_algo);
 1152         if (key->keylen > blocklen) {
 1153                 sctp_hmac_init(hmac_algo, &ctx);
 1154                 sctp_hmac_update(hmac_algo, &ctx, key->key, key->keylen);
 1155                 sctp_hmac_final(hmac_algo, &ctx, temp);
 1156                 /* save the hashed key as the new key */
 1157                 key->keylen = digestlen;
 1158                 bcopy(temp, key->key, key->keylen);
 1159         }
 1160         return (sctp_hmac_m(hmac_algo, key->key, key->keylen, m, m_offset, digest, 0));
 1161 }
 1162 
 1163 int
 1164 sctp_auth_is_supported_hmac(sctp_hmaclist_t * list, uint16_t id)
 1165 {
 1166         int i;
 1167 
 1168         if ((list == NULL) || (id == SCTP_AUTH_HMAC_ID_RSVD))
 1169                 return (0);
 1170 
 1171         for (i = 0; i < list->num_algo; i++)
 1172                 if (list->hmac[i] == id)
 1173                         return (1);
 1174 
 1175         /* not in the list */
 1176         return (0);
 1177 }
 1178 
 1179 
 1180 /*-
 1181  * clear any cached key(s) if they match the given key id on an association.
 1182  * the cached key(s) will be recomputed and re-cached at next use.
 1183  * ASSUMES TCB_LOCK is already held
 1184  */
 1185 void
 1186 sctp_clear_cachedkeys(struct sctp_tcb *stcb, uint16_t keyid)
 1187 {
 1188         if (stcb == NULL)
 1189                 return;
 1190 
 1191         if (keyid == stcb->asoc.authinfo.assoc_keyid) {
 1192                 sctp_free_key(stcb->asoc.authinfo.assoc_key);
 1193                 stcb->asoc.authinfo.assoc_key = NULL;
 1194         }
 1195         if (keyid == stcb->asoc.authinfo.recv_keyid) {
 1196                 sctp_free_key(stcb->asoc.authinfo.recv_key);
 1197                 stcb->asoc.authinfo.recv_key = NULL;
 1198         }
 1199 }
 1200 
 1201 /*-
 1202  * clear any cached key(s) if they match the given key id for all assocs on
 1203  * an endpoint.
 1204  * ASSUMES INP_WLOCK is already held
 1205  */
 1206 void
 1207 sctp_clear_cachedkeys_ep(struct sctp_inpcb *inp, uint16_t keyid)
 1208 {
 1209         struct sctp_tcb *stcb;
 1210 
 1211         if (inp == NULL)
 1212                 return;
 1213 
 1214         /* clear the cached keys on all assocs on this instance */
 1215         LIST_FOREACH(stcb, &inp->sctp_asoc_list, sctp_tcblist) {
 1216                 SCTP_TCB_LOCK(stcb);
 1217                 sctp_clear_cachedkeys(stcb, keyid);
 1218                 SCTP_TCB_UNLOCK(stcb);
 1219         }
 1220 }
 1221 
 1222 /*-
 1223  * delete a shared key from an association
 1224  * ASSUMES TCB_LOCK is already held
 1225  */
 1226 int
 1227 sctp_delete_sharedkey(struct sctp_tcb *stcb, uint16_t keyid)
 1228 {
 1229         sctp_sharedkey_t *skey;
 1230 
 1231         if (stcb == NULL)
 1232                 return (-1);
 1233 
 1234         /* is the keyid the assoc active sending key */
 1235         if (keyid == stcb->asoc.authinfo.active_keyid)
 1236                 return (-1);
 1237 
 1238         /* does the key exist? */
 1239         skey = sctp_find_sharedkey(&stcb->asoc.shared_keys, keyid);
 1240         if (skey == NULL)
 1241                 return (-1);
 1242 
 1243         /* are there other refcount holders on the key? */
 1244         if (skey->refcount > 1)
 1245                 return (-1);
 1246 
 1247         /* remove it */
 1248         LIST_REMOVE(skey, next);
 1249         sctp_free_sharedkey(skey);      /* frees skey->key as well */
 1250 
 1251         /* clear any cached keys */
 1252         sctp_clear_cachedkeys(stcb, keyid);
 1253         return (0);
 1254 }
 1255 
 1256 /*-
 1257  * deletes a shared key from the endpoint
 1258  * ASSUMES INP_WLOCK is already held
 1259  */
 1260 int
 1261 sctp_delete_sharedkey_ep(struct sctp_inpcb *inp, uint16_t keyid)
 1262 {
 1263         sctp_sharedkey_t *skey;
 1264 
 1265         if (inp == NULL)
 1266                 return (-1);
 1267 
 1268         /* is the keyid the active sending key on the endpoint */
 1269         if (keyid == inp->sctp_ep.default_keyid)
 1270                 return (-1);
 1271 
 1272         /* does the key exist? */
 1273         skey = sctp_find_sharedkey(&inp->sctp_ep.shared_keys, keyid);
 1274         if (skey == NULL)
 1275                 return (-1);
 1276 
 1277         /* endpoint keys are not refcounted */
 1278 
 1279         /* remove it */
 1280         LIST_REMOVE(skey, next);
 1281         sctp_free_sharedkey(skey);      /* frees skey->key as well */
 1282 
 1283         /* clear any cached keys */
 1284         sctp_clear_cachedkeys_ep(inp, keyid);
 1285         return (0);
 1286 }
 1287 
 1288 /*-
 1289  * set the active key on an association
 1290  * ASSUMES TCB_LOCK is already held
 1291  */
 1292 int
 1293 sctp_auth_setactivekey(struct sctp_tcb *stcb, uint16_t keyid)
 1294 {
 1295         sctp_sharedkey_t *skey = NULL;
 1296 
 1297         /* find the key on the assoc */
 1298         skey = sctp_find_sharedkey(&stcb->asoc.shared_keys, keyid);
 1299         if (skey == NULL) {
 1300                 /* that key doesn't exist */
 1301                 return (-1);
 1302         }
 1303         if ((skey->deactivated) && (skey->refcount > 1)) {
 1304                 /* can't reactivate a deactivated key with other refcounts */
 1305                 return (-1);
 1306         }
 1307         /* set the (new) active key */
 1308         stcb->asoc.authinfo.active_keyid = keyid;
 1309         /* reset the deactivated flag */
 1310         skey->deactivated = 0;
 1311 
 1312         return (0);
 1313 }
 1314 
 1315 /*-
 1316  * set the active key on an endpoint
 1317  * ASSUMES INP_WLOCK is already held
 1318  */
 1319 int
 1320 sctp_auth_setactivekey_ep(struct sctp_inpcb *inp, uint16_t keyid)
 1321 {
 1322         sctp_sharedkey_t *skey;
 1323 
 1324         /* find the key */
 1325         skey = sctp_find_sharedkey(&inp->sctp_ep.shared_keys, keyid);
 1326         if (skey == NULL) {
 1327                 /* that key doesn't exist */
 1328                 return (-1);
 1329         }
 1330         inp->sctp_ep.default_keyid = keyid;
 1331         return (0);
 1332 }
 1333 
 1334 /*-
 1335  * deactivates a shared key from the association
 1336  * ASSUMES INP_WLOCK is already held
 1337  */
 1338 int
 1339 sctp_deact_sharedkey(struct sctp_tcb *stcb, uint16_t keyid)
 1340 {
 1341         sctp_sharedkey_t *skey;
 1342 
 1343         if (stcb == NULL)
 1344                 return (-1);
 1345 
 1346         /* is the keyid the assoc active sending key */
 1347         if (keyid == stcb->asoc.authinfo.active_keyid)
 1348                 return (-1);
 1349 
 1350         /* does the key exist? */
 1351         skey = sctp_find_sharedkey(&stcb->asoc.shared_keys, keyid);
 1352         if (skey == NULL)
 1353                 return (-1);
 1354 
 1355         /* are there other refcount holders on the key? */
 1356         if (skey->refcount == 1) {
 1357                 /* no other users, send a notification for this key */
 1358                 sctp_ulp_notify(SCTP_NOTIFY_AUTH_FREE_KEY, stcb, keyid, 0,
 1359                     SCTP_SO_LOCKED);
 1360         }
 1361         /* mark the key as deactivated */
 1362         skey->deactivated = 1;
 1363 
 1364         return (0);
 1365 }
 1366 
 1367 /*-
 1368  * deactivates a shared key from the endpoint
 1369  * ASSUMES INP_WLOCK is already held
 1370  */
 1371 int
 1372 sctp_deact_sharedkey_ep(struct sctp_inpcb *inp, uint16_t keyid)
 1373 {
 1374         sctp_sharedkey_t *skey;
 1375 
 1376         if (inp == NULL)
 1377                 return (-1);
 1378 
 1379         /* is the keyid the active sending key on the endpoint */
 1380         if (keyid == inp->sctp_ep.default_keyid)
 1381                 return (-1);
 1382 
 1383         /* does the key exist? */
 1384         skey = sctp_find_sharedkey(&inp->sctp_ep.shared_keys, keyid);
 1385         if (skey == NULL)
 1386                 return (-1);
 1387 
 1388         /* endpoint keys are not refcounted */
 1389 
 1390         /* remove it */
 1391         LIST_REMOVE(skey, next);
 1392         sctp_free_sharedkey(skey);      /* frees skey->key as well */
 1393 
 1394         return (0);
 1395 }
 1396 
 1397 /*
 1398  * get local authentication parameters from cookie (from INIT-ACK)
 1399  */
 1400 void
 1401 sctp_auth_get_cookie_params(struct sctp_tcb *stcb, struct mbuf *m,
 1402     uint32_t offset, uint32_t length)
 1403 {
 1404         struct sctp_paramhdr *phdr, tmp_param;
 1405         uint16_t plen, ptype;
 1406         uint8_t random_store[SCTP_PARAM_BUFFER_SIZE];
 1407         struct sctp_auth_random *p_random = NULL;
 1408         uint16_t random_len = 0;
 1409         uint8_t hmacs_store[SCTP_PARAM_BUFFER_SIZE];
 1410         struct sctp_auth_hmac_algo *hmacs = NULL;
 1411         uint16_t hmacs_len = 0;
 1412         uint8_t chunks_store[SCTP_PARAM_BUFFER_SIZE];
 1413         struct sctp_auth_chunk_list *chunks = NULL;
 1414         uint16_t num_chunks = 0;
 1415         sctp_key_t *new_key;
 1416         uint32_t keylen;
 1417 
 1418         /* convert to upper bound */
 1419         length += offset;
 1420 
 1421         phdr = (struct sctp_paramhdr *)sctp_m_getptr(m, offset,
 1422             sizeof(struct sctp_paramhdr), (uint8_t *) & tmp_param);
 1423         while (phdr != NULL) {
 1424                 ptype = ntohs(phdr->param_type);
 1425                 plen = ntohs(phdr->param_length);
 1426 
 1427                 if ((plen == 0) || (offset + plen > length))
 1428                         break;
 1429 
 1430                 if (ptype == SCTP_RANDOM) {
 1431                         if (plen > sizeof(random_store))
 1432                                 break;
 1433                         phdr = sctp_get_next_param(m, offset,
 1434                             (struct sctp_paramhdr *)random_store, min(plen, sizeof(random_store)));
 1435                         if (phdr == NULL)
 1436                                 return;
 1437                         /* save the random and length for the key */
 1438                         p_random = (struct sctp_auth_random *)phdr;
 1439                         random_len = plen - sizeof(*p_random);
 1440                 } else if (ptype == SCTP_HMAC_LIST) {
 1441                         uint16_t num_hmacs;
 1442                         uint16_t i;
 1443 
 1444                         if (plen > sizeof(hmacs_store))
 1445                                 break;
 1446                         phdr = sctp_get_next_param(m, offset,
 1447                             (struct sctp_paramhdr *)hmacs_store, min(plen, sizeof(hmacs_store)));
 1448                         if (phdr == NULL)
 1449                                 return;
 1450                         /* save the hmacs list and num for the key */
 1451                         hmacs = (struct sctp_auth_hmac_algo *)phdr;
 1452                         hmacs_len = plen - sizeof(*hmacs);
 1453                         num_hmacs = hmacs_len / sizeof(hmacs->hmac_ids[0]);
 1454                         if (stcb->asoc.local_hmacs != NULL)
 1455                                 sctp_free_hmaclist(stcb->asoc.local_hmacs);
 1456                         stcb->asoc.local_hmacs = sctp_alloc_hmaclist(num_hmacs);
 1457                         if (stcb->asoc.local_hmacs != NULL) {
 1458                                 for (i = 0; i < num_hmacs; i++) {
 1459                                         (void)sctp_auth_add_hmacid(stcb->asoc.local_hmacs,
 1460                                             ntohs(hmacs->hmac_ids[i]));
 1461                                 }
 1462                         }
 1463                 } else if (ptype == SCTP_CHUNK_LIST) {
 1464                         int i;
 1465 
 1466                         if (plen > sizeof(chunks_store))
 1467                                 break;
 1468                         phdr = sctp_get_next_param(m, offset,
 1469                             (struct sctp_paramhdr *)chunks_store, min(plen, sizeof(chunks_store)));
 1470                         if (phdr == NULL)
 1471                                 return;
 1472                         chunks = (struct sctp_auth_chunk_list *)phdr;
 1473                         num_chunks = plen - sizeof(*chunks);
 1474                         /* save chunks list and num for the key */
 1475                         if (stcb->asoc.local_auth_chunks != NULL)
 1476                                 sctp_clear_chunklist(stcb->asoc.local_auth_chunks);
 1477                         else
 1478                                 stcb->asoc.local_auth_chunks = sctp_alloc_chunklist();
 1479                         for (i = 0; i < num_chunks; i++) {
 1480                                 (void)sctp_auth_add_chunk(chunks->chunk_types[i],
 1481                                     stcb->asoc.local_auth_chunks);
 1482                         }
 1483                 }
 1484                 /* get next parameter */
 1485                 offset += SCTP_SIZE32(plen);
 1486                 if (offset + sizeof(struct sctp_paramhdr) > length)
 1487                         break;
 1488                 phdr = (struct sctp_paramhdr *)sctp_m_getptr(m, offset, sizeof(struct sctp_paramhdr),
 1489                     (uint8_t *) & tmp_param);
 1490         }
 1491         /* concatenate the full random key */
 1492         keylen = sizeof(*p_random) + random_len + sizeof(*hmacs) + hmacs_len;
 1493         if (chunks != NULL) {
 1494                 keylen += sizeof(*chunks) + num_chunks;
 1495         }
 1496         new_key = sctp_alloc_key(keylen);
 1497         if (new_key != NULL) {
 1498                 /* copy in the RANDOM */
 1499                 if (p_random != NULL) {
 1500                         keylen = sizeof(*p_random) + random_len;
 1501                         bcopy(p_random, new_key->key, keylen);
 1502                 }
 1503                 /* append in the AUTH chunks */
 1504                 if (chunks != NULL) {
 1505                         bcopy(chunks, new_key->key + keylen,
 1506                             sizeof(*chunks) + num_chunks);
 1507                         keylen += sizeof(*chunks) + num_chunks;
 1508                 }
 1509                 /* append in the HMACs */
 1510                 if (hmacs != NULL) {
 1511                         bcopy(hmacs, new_key->key + keylen,
 1512                             sizeof(*hmacs) + hmacs_len);
 1513                 }
 1514         }
 1515         if (stcb->asoc.authinfo.random != NULL)
 1516                 sctp_free_key(stcb->asoc.authinfo.random);
 1517         stcb->asoc.authinfo.random = new_key;
 1518         stcb->asoc.authinfo.random_len = random_len;
 1519         sctp_clear_cachedkeys(stcb, stcb->asoc.authinfo.assoc_keyid);
 1520         sctp_clear_cachedkeys(stcb, stcb->asoc.authinfo.recv_keyid);
 1521 
 1522         /* negotiate what HMAC to use for the peer */
 1523         stcb->asoc.peer_hmac_id = sctp_negotiate_hmacid(stcb->asoc.peer_hmacs,
 1524             stcb->asoc.local_hmacs);
 1525 
 1526         /* copy defaults from the endpoint */
 1527         /* FIX ME: put in cookie? */
 1528         stcb->asoc.authinfo.active_keyid = stcb->sctp_ep->sctp_ep.default_keyid;
 1529         /* copy out the shared key list (by reference) from the endpoint */
 1530         (void)sctp_copy_skeylist(&stcb->sctp_ep->sctp_ep.shared_keys,
 1531             &stcb->asoc.shared_keys);
 1532 }
 1533 
 1534 /*
 1535  * compute and fill in the HMAC digest for a packet
 1536  */
 1537 void
 1538 sctp_fill_hmac_digest_m(struct mbuf *m, uint32_t auth_offset,
 1539     struct sctp_auth_chunk *auth, struct sctp_tcb *stcb, uint16_t keyid)
 1540 {
 1541         uint32_t digestlen;
 1542         sctp_sharedkey_t *skey;
 1543         sctp_key_t *key;
 1544 
 1545         if ((stcb == NULL) || (auth == NULL))
 1546                 return;
 1547 
 1548         /* zero the digest + chunk padding */
 1549         digestlen = sctp_get_hmac_digest_len(stcb->asoc.peer_hmac_id);
 1550         bzero(auth->hmac, SCTP_SIZE32(digestlen));
 1551 
 1552         /* is the desired key cached? */
 1553         if ((keyid != stcb->asoc.authinfo.assoc_keyid) ||
 1554             (stcb->asoc.authinfo.assoc_key == NULL)) {
 1555                 if (stcb->asoc.authinfo.assoc_key != NULL) {
 1556                         /* free the old cached key */
 1557                         sctp_free_key(stcb->asoc.authinfo.assoc_key);
 1558                 }
 1559                 skey = sctp_find_sharedkey(&stcb->asoc.shared_keys, keyid);
 1560                 /* the only way skey is NULL is if null key id 0 is used */
 1561                 if (skey != NULL)
 1562                         key = skey->key;
 1563                 else
 1564                         key = NULL;
 1565                 /* compute a new assoc key and cache it */
 1566                 stcb->asoc.authinfo.assoc_key =
 1567                     sctp_compute_hashkey(stcb->asoc.authinfo.random,
 1568                     stcb->asoc.authinfo.peer_random, key);
 1569                 stcb->asoc.authinfo.assoc_keyid = keyid;
 1570                 SCTPDBG(SCTP_DEBUG_AUTH1, "caching key id %u\n",
 1571                     stcb->asoc.authinfo.assoc_keyid);
 1572 #ifdef SCTP_DEBUG
 1573                 if (SCTP_AUTH_DEBUG)
 1574                         sctp_print_key(stcb->asoc.authinfo.assoc_key,
 1575                             "Assoc Key");
 1576 #endif
 1577         }
 1578         /* set in the active key id */
 1579         auth->shared_key_id = htons(keyid);
 1580 
 1581         /* compute and fill in the digest */
 1582         (void)sctp_compute_hmac_m(stcb->asoc.peer_hmac_id, stcb->asoc.authinfo.assoc_key,
 1583             m, auth_offset, auth->hmac);
 1584 }
 1585 
 1586 
 1587 static void
 1588 sctp_bzero_m(struct mbuf *m, uint32_t m_offset, uint32_t size)
 1589 {
 1590         struct mbuf *m_tmp;
 1591         uint8_t *data;
 1592 
 1593         /* sanity check */
 1594         if (m == NULL)
 1595                 return;
 1596 
 1597         /* find the correct starting mbuf and offset (get start position) */
 1598         m_tmp = m;
 1599         while ((m_tmp != NULL) && (m_offset >= (uint32_t) SCTP_BUF_LEN(m_tmp))) {
 1600                 m_offset -= SCTP_BUF_LEN(m_tmp);
 1601                 m_tmp = SCTP_BUF_NEXT(m_tmp);
 1602         }
 1603         /* now use the rest of the mbuf chain */
 1604         while ((m_tmp != NULL) && (size > 0)) {
 1605                 data = mtod(m_tmp, uint8_t *) + m_offset;
 1606                 if (size > (uint32_t) SCTP_BUF_LEN(m_tmp)) {
 1607                         bzero(data, SCTP_BUF_LEN(m_tmp));
 1608                         size -= SCTP_BUF_LEN(m_tmp);
 1609                 } else {
 1610                         bzero(data, size);
 1611                         size = 0;
 1612                 }
 1613                 /* clear the offset since it's only for the first mbuf */
 1614                 m_offset = 0;
 1615                 m_tmp = SCTP_BUF_NEXT(m_tmp);
 1616         }
 1617 }
 1618 
 1619 /*-
 1620  * process the incoming Authentication chunk
 1621  * return codes:
 1622  *   -1 on any authentication error
 1623  *    0 on authentication verification
 1624  */
 1625 int
 1626 sctp_handle_auth(struct sctp_tcb *stcb, struct sctp_auth_chunk *auth,
 1627     struct mbuf *m, uint32_t offset)
 1628 {
 1629         uint16_t chunklen;
 1630         uint16_t shared_key_id;
 1631         uint16_t hmac_id;
 1632         sctp_sharedkey_t *skey;
 1633         uint32_t digestlen;
 1634         uint8_t digest[SCTP_AUTH_DIGEST_LEN_MAX];
 1635         uint8_t computed_digest[SCTP_AUTH_DIGEST_LEN_MAX];
 1636 
 1637         /* auth is checked for NULL by caller */
 1638         chunklen = ntohs(auth->ch.chunk_length);
 1639         if (chunklen < sizeof(*auth)) {
 1640                 SCTP_STAT_INCR(sctps_recvauthfailed);
 1641                 return (-1);
 1642         }
 1643         SCTP_STAT_INCR(sctps_recvauth);
 1644 
 1645         /* get the auth params */
 1646         shared_key_id = ntohs(auth->shared_key_id);
 1647         hmac_id = ntohs(auth->hmac_id);
 1648         SCTPDBG(SCTP_DEBUG_AUTH1,
 1649             "SCTP AUTH Chunk: shared key %u, HMAC id %u\n",
 1650             shared_key_id, hmac_id);
 1651 
 1652         /* is the indicated HMAC supported? */
 1653         if (!sctp_auth_is_supported_hmac(stcb->asoc.local_hmacs, hmac_id)) {
 1654                 struct mbuf *m_err;
 1655                 struct sctp_auth_invalid_hmac *err;
 1656 
 1657                 SCTP_STAT_INCR(sctps_recvivalhmacid);
 1658                 SCTPDBG(SCTP_DEBUG_AUTH1,
 1659                     "SCTP Auth: unsupported HMAC id %u\n",
 1660                     hmac_id);
 1661                 /*
 1662                  * report this in an Error Chunk: Unsupported HMAC
 1663                  * Identifier
 1664                  */
 1665                 m_err = sctp_get_mbuf_for_msg(sizeof(*err), 0, M_NOWAIT,
 1666                     1, MT_HEADER);
 1667                 if (m_err != NULL) {
 1668                         /* pre-reserve some space */
 1669                         SCTP_BUF_RESV_UF(m_err, sizeof(struct sctp_chunkhdr));
 1670                         /* fill in the error */
 1671                         err = mtod(m_err, struct sctp_auth_invalid_hmac *);
 1672                         bzero(err, sizeof(*err));
 1673                         err->ph.param_type = htons(SCTP_CAUSE_UNSUPPORTED_HMACID);
 1674                         err->ph.param_length = htons(sizeof(*err));
 1675                         err->hmac_id = ntohs(hmac_id);
 1676                         SCTP_BUF_LEN(m_err) = sizeof(*err);
 1677                         /* queue it */
 1678                         sctp_queue_op_err(stcb, m_err);
 1679                 }
 1680                 return (-1);
 1681         }
 1682         /* get the indicated shared key, if available */
 1683         if ((stcb->asoc.authinfo.recv_key == NULL) ||
 1684             (stcb->asoc.authinfo.recv_keyid != shared_key_id)) {
 1685                 /* find the shared key on the assoc first */
 1686                 skey = sctp_find_sharedkey(&stcb->asoc.shared_keys,
 1687                     shared_key_id);
 1688                 /* if the shared key isn't found, discard the chunk */
 1689                 if (skey == NULL) {
 1690                         SCTP_STAT_INCR(sctps_recvivalkeyid);
 1691                         SCTPDBG(SCTP_DEBUG_AUTH1,
 1692                             "SCTP Auth: unknown key id %u\n",
 1693                             shared_key_id);
 1694                         return (-1);
 1695                 }
 1696                 /* generate a notification if this is a new key id */
 1697                 if (stcb->asoc.authinfo.recv_keyid != shared_key_id)
 1698                         /*
 1699                          * sctp_ulp_notify(SCTP_NOTIFY_AUTH_NEW_KEY, stcb,
 1700                          * shared_key_id, (void
 1701                          * *)stcb->asoc.authinfo.recv_keyid);
 1702                          */
 1703                         sctp_notify_authentication(stcb, SCTP_AUTH_NEW_KEY,
 1704                             shared_key_id, stcb->asoc.authinfo.recv_keyid,
 1705                             SCTP_SO_NOT_LOCKED);
 1706                 /* compute a new recv assoc key and cache it */
 1707                 if (stcb->asoc.authinfo.recv_key != NULL)
 1708                         sctp_free_key(stcb->asoc.authinfo.recv_key);
 1709                 stcb->asoc.authinfo.recv_key =
 1710                     sctp_compute_hashkey(stcb->asoc.authinfo.random,
 1711                     stcb->asoc.authinfo.peer_random, skey->key);
 1712                 stcb->asoc.authinfo.recv_keyid = shared_key_id;
 1713 #ifdef SCTP_DEBUG
 1714                 if (SCTP_AUTH_DEBUG)
 1715                         sctp_print_key(stcb->asoc.authinfo.recv_key, "Recv Key");
 1716 #endif
 1717         }
 1718         /* validate the digest length */
 1719         digestlen = sctp_get_hmac_digest_len(hmac_id);
 1720         if (chunklen < (sizeof(*auth) + digestlen)) {
 1721                 /* invalid digest length */
 1722                 SCTP_STAT_INCR(sctps_recvauthfailed);
 1723                 SCTPDBG(SCTP_DEBUG_AUTH1,
 1724                     "SCTP Auth: chunk too short for HMAC\n");
 1725                 return (-1);
 1726         }
 1727         /* save a copy of the digest, zero the pseudo header, and validate */
 1728         bcopy(auth->hmac, digest, digestlen);
 1729         sctp_bzero_m(m, offset + sizeof(*auth), SCTP_SIZE32(digestlen));
 1730         (void)sctp_compute_hmac_m(hmac_id, stcb->asoc.authinfo.recv_key,
 1731             m, offset, computed_digest);
 1732 
 1733         /* compare the computed digest with the one in the AUTH chunk */
 1734         if (memcmp(digest, computed_digest, digestlen) != 0) {
 1735                 SCTP_STAT_INCR(sctps_recvauthfailed);
 1736                 SCTPDBG(SCTP_DEBUG_AUTH1,
 1737                     "SCTP Auth: HMAC digest check failed\n");
 1738                 return (-1);
 1739         }
 1740         return (0);
 1741 }
 1742 
 1743 /*
 1744  * Generate NOTIFICATION
 1745  */
 1746 void
 1747 sctp_notify_authentication(struct sctp_tcb *stcb, uint32_t indication,
 1748     uint16_t keyid, uint16_t alt_keyid, int so_locked
 1749 #if !defined(__APPLE__) && !defined(SCTP_SO_LOCK_TESTING)
 1750     SCTP_UNUSED
 1751 #endif
 1752 )
 1753 {
 1754         struct mbuf *m_notify;
 1755         struct sctp_authkey_event *auth;
 1756         struct sctp_queued_to_read *control;
 1757 
 1758         if ((stcb == NULL) ||
 1759             (stcb->sctp_ep->sctp_flags & SCTP_PCB_FLAGS_SOCKET_GONE) ||
 1760             (stcb->sctp_ep->sctp_flags & SCTP_PCB_FLAGS_SOCKET_ALLGONE) ||
 1761             (stcb->asoc.state & SCTP_STATE_CLOSED_SOCKET)
 1762             ) {
 1763                 /* If the socket is gone we are out of here */
 1764                 return;
 1765         }
 1766         if (sctp_stcb_is_feature_off(stcb->sctp_ep, stcb, SCTP_PCB_FLAGS_AUTHEVNT))
 1767                 /* event not enabled */
 1768                 return;
 1769 
 1770         m_notify = sctp_get_mbuf_for_msg(sizeof(struct sctp_authkey_event),
 1771             0, M_NOWAIT, 1, MT_HEADER);
 1772         if (m_notify == NULL)
 1773                 /* no space left */
 1774                 return;
 1775 
 1776         SCTP_BUF_LEN(m_notify) = 0;
 1777         auth = mtod(m_notify, struct sctp_authkey_event *);
 1778         memset(auth, 0, sizeof(struct sctp_authkey_event));
 1779         auth->auth_type = SCTP_AUTHENTICATION_EVENT;
 1780         auth->auth_flags = 0;
 1781         auth->auth_length = sizeof(*auth);
 1782         auth->auth_keynumber = keyid;
 1783         auth->auth_altkeynumber = alt_keyid;
 1784         auth->auth_indication = indication;
 1785         auth->auth_assoc_id = sctp_get_associd(stcb);
 1786 
 1787         SCTP_BUF_LEN(m_notify) = sizeof(*auth);
 1788         SCTP_BUF_NEXT(m_notify) = NULL;
 1789 
 1790         /* append to socket */
 1791         control = sctp_build_readq_entry(stcb, stcb->asoc.primary_destination,
 1792             0, 0, stcb->asoc.context, 0, 0, 0, m_notify);
 1793         if (control == NULL) {
 1794                 /* no memory */
 1795                 sctp_m_freem(m_notify);
 1796                 return;
 1797         }
 1798         control->spec_flags = M_NOTIFICATION;
 1799         control->length = SCTP_BUF_LEN(m_notify);
 1800         /* not that we need this */
 1801         control->tail_mbuf = m_notify;
 1802         sctp_add_to_readq(stcb->sctp_ep, stcb, control,
 1803             &stcb->sctp_socket->so_rcv, 1, SCTP_READ_LOCK_NOT_HELD, so_locked);
 1804 }
 1805 
 1806 
 1807 /*-
 1808  * validates the AUTHentication related parameters in an INIT/INIT-ACK
 1809  * Note: currently only used for INIT as INIT-ACK is handled inline
 1810  * with sctp_load_addresses_from_init()
 1811  */
 1812 int
 1813 sctp_validate_init_auth_params(struct mbuf *m, int offset, int limit)
 1814 {
 1815         struct sctp_paramhdr *phdr, parm_buf;
 1816         uint16_t ptype, plen;
 1817         int peer_supports_asconf = 0;
 1818         int peer_supports_auth = 0;
 1819         int got_random = 0, got_hmacs = 0, got_chklist = 0;
 1820         uint8_t saw_asconf = 0;
 1821         uint8_t saw_asconf_ack = 0;
 1822 
 1823         /* go through each of the params. */
 1824         phdr = sctp_get_next_param(m, offset, &parm_buf, sizeof(parm_buf));
 1825         while (phdr) {
 1826                 ptype = ntohs(phdr->param_type);
 1827                 plen = ntohs(phdr->param_length);
 1828 
 1829                 if (offset + plen > limit) {
 1830                         break;
 1831                 }
 1832                 if (plen < sizeof(struct sctp_paramhdr)) {
 1833                         break;
 1834                 }
 1835                 if (ptype == SCTP_SUPPORTED_CHUNK_EXT) {
 1836                         /* A supported extension chunk */
 1837                         struct sctp_supported_chunk_types_param *pr_supported;
 1838                         uint8_t local_store[SCTP_PARAM_BUFFER_SIZE];
 1839                         int num_ent, i;
 1840 
 1841                         phdr = sctp_get_next_param(m, offset,
 1842                             (struct sctp_paramhdr *)&local_store, min(plen, sizeof(local_store)));
 1843                         if (phdr == NULL) {
 1844                                 return (-1);
 1845                         }
 1846                         pr_supported = (struct sctp_supported_chunk_types_param *)phdr;
 1847                         num_ent = plen - sizeof(struct sctp_paramhdr);
 1848                         for (i = 0; i < num_ent; i++) {
 1849                                 switch (pr_supported->chunk_types[i]) {
 1850                                 case SCTP_ASCONF:
 1851                                 case SCTP_ASCONF_ACK:
 1852                                         peer_supports_asconf = 1;
 1853                                         break;
 1854                                 default:
 1855                                         /* one we don't care about */
 1856                                         break;
 1857                                 }
 1858                         }
 1859                 } else if (ptype == SCTP_RANDOM) {
 1860                         got_random = 1;
 1861                         /* enforce the random length */
 1862                         if (plen != (sizeof(struct sctp_auth_random) +
 1863                             SCTP_AUTH_RANDOM_SIZE_REQUIRED)) {
 1864                                 SCTPDBG(SCTP_DEBUG_AUTH1,
 1865                                     "SCTP: invalid RANDOM len\n");
 1866                                 return (-1);
 1867                         }
 1868                 } else if (ptype == SCTP_HMAC_LIST) {
 1869                         uint8_t store[SCTP_PARAM_BUFFER_SIZE];
 1870                         struct sctp_auth_hmac_algo *hmacs;
 1871                         int num_hmacs;
 1872 
 1873                         if (plen > sizeof(store))
 1874                                 break;
 1875                         phdr = sctp_get_next_param(m, offset,
 1876                             (struct sctp_paramhdr *)store, min(plen, sizeof(store)));
 1877                         if (phdr == NULL)
 1878                                 return (-1);
 1879                         hmacs = (struct sctp_auth_hmac_algo *)phdr;
 1880                         num_hmacs = (plen - sizeof(*hmacs)) /
 1881                             sizeof(hmacs->hmac_ids[0]);
 1882                         /* validate the hmac list */
 1883                         if (sctp_verify_hmac_param(hmacs, num_hmacs)) {
 1884                                 SCTPDBG(SCTP_DEBUG_AUTH1,
 1885                                     "SCTP: invalid HMAC param\n");
 1886                                 return (-1);
 1887                         }
 1888                         got_hmacs = 1;
 1889                 } else if (ptype == SCTP_CHUNK_LIST) {
 1890                         int i, num_chunks;
 1891                         uint8_t chunks_store[SCTP_SMALL_CHUNK_STORE];
 1892 
 1893                         /* did the peer send a non-empty chunk list? */
 1894                         struct sctp_auth_chunk_list *chunks = NULL;
 1895 
 1896                         phdr = sctp_get_next_param(m, offset,
 1897                             (struct sctp_paramhdr *)chunks_store,
 1898                             min(plen, sizeof(chunks_store)));
 1899                         if (phdr == NULL)
 1900                                 return (-1);
 1901 
 1902                         /*-
 1903                          * Flip through the list and mark that the
 1904                          * peer supports asconf/asconf_ack.
 1905                          */
 1906                         chunks = (struct sctp_auth_chunk_list *)phdr;
 1907                         num_chunks = plen - sizeof(*chunks);
 1908                         for (i = 0; i < num_chunks; i++) {
 1909                                 /* record asconf/asconf-ack if listed */
 1910                                 if (chunks->chunk_types[i] == SCTP_ASCONF)
 1911                                         saw_asconf = 1;
 1912                                 if (chunks->chunk_types[i] == SCTP_ASCONF_ACK)
 1913                                         saw_asconf_ack = 1;
 1914 
 1915                         }
 1916                         if (num_chunks)
 1917                                 got_chklist = 1;
 1918                 }
 1919                 offset += SCTP_SIZE32(plen);
 1920                 if (offset >= limit) {
 1921                         break;
 1922                 }
 1923                 phdr = sctp_get_next_param(m, offset, &parm_buf,
 1924                     sizeof(parm_buf));
 1925         }
 1926         /* validate authentication required parameters */
 1927         if (got_random && got_hmacs) {
 1928                 peer_supports_auth = 1;
 1929         } else {
 1930                 peer_supports_auth = 0;
 1931         }
 1932         if (!peer_supports_auth && got_chklist) {
 1933                 SCTPDBG(SCTP_DEBUG_AUTH1,
 1934                     "SCTP: peer sent chunk list w/o AUTH\n");
 1935                 return (-1);
 1936         }
 1937         if (peer_supports_asconf && !peer_supports_auth) {
 1938                 SCTPDBG(SCTP_DEBUG_AUTH1,
 1939                     "SCTP: peer supports ASCONF but not AUTH\n");
 1940                 return (-1);
 1941         } else if ((peer_supports_asconf) && (peer_supports_auth) &&
 1942             ((saw_asconf == 0) || (saw_asconf_ack == 0))) {
 1943                 return (-2);
 1944         }
 1945         return (0);
 1946 }
 1947 
 1948 void
 1949 sctp_initialize_auth_params(struct sctp_inpcb *inp, struct sctp_tcb *stcb)
 1950 {
 1951         uint16_t chunks_len = 0;
 1952         uint16_t hmacs_len = 0;
 1953         uint16_t random_len = SCTP_AUTH_RANDOM_SIZE_DEFAULT;
 1954         sctp_key_t *new_key;
 1955         uint16_t keylen;
 1956 
 1957         /* initialize hmac list from endpoint */
 1958         stcb->asoc.local_hmacs = sctp_copy_hmaclist(inp->sctp_ep.local_hmacs);
 1959         if (stcb->asoc.local_hmacs != NULL) {
 1960                 hmacs_len = stcb->asoc.local_hmacs->num_algo *
 1961                     sizeof(stcb->asoc.local_hmacs->hmac[0]);
 1962         }
 1963         /* initialize auth chunks list from endpoint */
 1964         stcb->asoc.local_auth_chunks =
 1965             sctp_copy_chunklist(inp->sctp_ep.local_auth_chunks);
 1966         if (stcb->asoc.local_auth_chunks != NULL) {
 1967                 int i;
 1968 
 1969                 for (i = 0; i < 256; i++) {
 1970                         if (stcb->asoc.local_auth_chunks->chunks[i])
 1971                                 chunks_len++;
 1972                 }
 1973         }
 1974         /* copy defaults from the endpoint */
 1975         stcb->asoc.authinfo.active_keyid = inp->sctp_ep.default_keyid;
 1976 
 1977         /* copy out the shared key list (by reference) from the endpoint */
 1978         (void)sctp_copy_skeylist(&inp->sctp_ep.shared_keys,
 1979             &stcb->asoc.shared_keys);
 1980 
 1981         /* now set the concatenated key (random + chunks + hmacs) */
 1982         /* key includes parameter headers */
 1983         keylen = (3 * sizeof(struct sctp_paramhdr)) + random_len + chunks_len +
 1984             hmacs_len;
 1985         new_key = sctp_alloc_key(keylen);
 1986         if (new_key != NULL) {
 1987                 struct sctp_paramhdr *ph;
 1988                 int plen;
 1989 
 1990                 /* generate and copy in the RANDOM */
 1991                 ph = (struct sctp_paramhdr *)new_key->key;
 1992                 ph->param_type = htons(SCTP_RANDOM);
 1993                 plen = sizeof(*ph) + random_len;
 1994                 ph->param_length = htons(plen);
 1995                 SCTP_READ_RANDOM(new_key->key + sizeof(*ph), random_len);
 1996                 keylen = plen;
 1997 
 1998                 /* append in the AUTH chunks */
 1999                 /* NOTE: currently we always have chunks to list */
 2000                 ph = (struct sctp_paramhdr *)(new_key->key + keylen);
 2001                 ph->param_type = htons(SCTP_CHUNK_LIST);
 2002                 plen = sizeof(*ph) + chunks_len;
 2003                 ph->param_length = htons(plen);
 2004                 keylen += sizeof(*ph);
 2005                 if (stcb->asoc.local_auth_chunks) {
 2006                         int i;
 2007 
 2008                         for (i = 0; i < 256; i++) {
 2009                                 if (stcb->asoc.local_auth_chunks->chunks[i])
 2010                                         new_key->key[keylen++] = i;
 2011                         }
 2012                 }
 2013                 /* append in the HMACs */
 2014                 ph = (struct sctp_paramhdr *)(new_key->key + keylen);
 2015                 ph->param_type = htons(SCTP_HMAC_LIST);
 2016                 plen = sizeof(*ph) + hmacs_len;
 2017                 ph->param_length = htons(plen);
 2018                 keylen += sizeof(*ph);
 2019                 (void)sctp_serialize_hmaclist(stcb->asoc.local_hmacs,
 2020                     new_key->key + keylen);
 2021         }
 2022         if (stcb->asoc.authinfo.random != NULL)
 2023                 sctp_free_key(stcb->asoc.authinfo.random);
 2024         stcb->asoc.authinfo.random = new_key;
 2025         stcb->asoc.authinfo.random_len = random_len;
 2026 }

Cache object: 127543c12ca9d346452a5db21cf80345


[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]


This page is part of the FreeBSD/Linux Linux Kernel Cross-Reference, and was automatically generated using a modified version of the LXR engine.