The Design and Implementation of the FreeBSD Operating System, Second Edition
Now available: The Design and Implementation of the FreeBSD Operating System (Second Edition)


[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]

FreeBSD/Linux Kernel Cross Reference
sys/netinet/sctp_auth.c

Version: -  FREEBSD  -  FREEBSD-13-STABLE  -  FREEBSD-13-0  -  FREEBSD-12-STABLE  -  FREEBSD-12-0  -  FREEBSD-11-STABLE  -  FREEBSD-11-0  -  FREEBSD-10-STABLE  -  FREEBSD-10-0  -  FREEBSD-9-STABLE  -  FREEBSD-9-0  -  FREEBSD-8-STABLE  -  FREEBSD-8-0  -  FREEBSD-7-STABLE  -  FREEBSD-7-0  -  FREEBSD-6-STABLE  -  FREEBSD-6-0  -  FREEBSD-5-STABLE  -  FREEBSD-5-0  -  FREEBSD-4-STABLE  -  FREEBSD-3-STABLE  -  FREEBSD22  -  l41  -  OPENBSD  -  linux-2.6  -  MK84  -  PLAN9  -  xnu-8792 
SearchContext: -  none  -  3  -  10 

    1 /*-
    2  * Copyright (c) 2001-2008, by Cisco Systems, Inc. All rights reserved.
    3  * Copyright (c) 2008-2012, by Randall Stewart. All rights reserved.
    4  * Copyright (c) 2008-2012, by Michael Tuexen. All rights reserved.
    5  *
    6  * Redistribution and use in source and binary forms, with or without
    7  * modification, are permitted provided that the following conditions are met:
    8  *
    9  * a) Redistributions of source code must retain the above copyright notice,
   10  *    this list of conditions and the following disclaimer.
   11  *
   12  * b) Redistributions in binary form must reproduce the above copyright
   13  *    notice, this list of conditions and the following disclaimer in
   14  *    the documentation and/or other materials provided with the distribution.
   15  *
   16  * c) Neither the name of Cisco Systems, Inc. nor the names of its
   17  *    contributors may be used to endorse or promote products derived
   18  *    from this software without specific prior written permission.
   19  *
   20  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
   21  * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
   22  * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
   23  * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
   24  * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
   25  * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
   26  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
   27  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
   28  * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
   29  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
   30  * THE POSSIBILITY OF SUCH DAMAGE.
   31  */
   32 
   33 #include <sys/cdefs.h>
   34 __FBSDID("$FreeBSD$");
   35 
   36 #include <netinet/sctp_os.h>
   37 #include <netinet/sctp.h>
   38 #include <netinet/sctp_header.h>
   39 #include <netinet/sctp_pcb.h>
   40 #include <netinet/sctp_var.h>
   41 #include <netinet/sctp_sysctl.h>
   42 #include <netinet/sctputil.h>
   43 #include <netinet/sctp_indata.h>
   44 #include <netinet/sctp_output.h>
   45 #include <netinet/sctp_auth.h>
   46 
   47 #ifdef SCTP_DEBUG
   48 #define SCTP_AUTH_DEBUG         (SCTP_BASE_SYSCTL(sctp_debug_on) & SCTP_DEBUG_AUTH1)
   49 #define SCTP_AUTH_DEBUG2        (SCTP_BASE_SYSCTL(sctp_debug_on) & SCTP_DEBUG_AUTH2)
   50 #endif                          /* SCTP_DEBUG */
   51 
   52 
   53 void
   54 sctp_clear_chunklist(sctp_auth_chklist_t * chklist)
   55 {
   56         bzero(chklist, sizeof(*chklist));
   57         /* chklist->num_chunks = 0; */
   58 }
   59 
   60 sctp_auth_chklist_t *
   61 sctp_alloc_chunklist(void)
   62 {
   63         sctp_auth_chklist_t *chklist;
   64 
   65         SCTP_MALLOC(chklist, sctp_auth_chklist_t *, sizeof(*chklist),
   66             SCTP_M_AUTH_CL);
   67         if (chklist == NULL) {
   68                 SCTPDBG(SCTP_DEBUG_AUTH1, "sctp_alloc_chunklist: failed to get memory!\n");
   69         } else {
   70                 sctp_clear_chunklist(chklist);
   71         }
   72         return (chklist);
   73 }
   74 
   75 void
   76 sctp_free_chunklist(sctp_auth_chklist_t * list)
   77 {
   78         if (list != NULL)
   79                 SCTP_FREE(list, SCTP_M_AUTH_CL);
   80 }
   81 
   82 sctp_auth_chklist_t *
   83 sctp_copy_chunklist(sctp_auth_chklist_t * list)
   84 {
   85         sctp_auth_chklist_t *new_list;
   86 
   87         if (list == NULL)
   88                 return (NULL);
   89 
   90         /* get a new list */
   91         new_list = sctp_alloc_chunklist();
   92         if (new_list == NULL)
   93                 return (NULL);
   94         /* copy it */
   95         bcopy(list, new_list, sizeof(*new_list));
   96 
   97         return (new_list);
   98 }
   99 
  100 
  101 /*
  102  * add a chunk to the required chunks list
  103  */
  104 int
  105 sctp_auth_add_chunk(uint8_t chunk, sctp_auth_chklist_t * list)
  106 {
  107         if (list == NULL)
  108                 return (-1);
  109 
  110         /* is chunk restricted? */
  111         if ((chunk == SCTP_INITIATION) ||
  112             (chunk == SCTP_INITIATION_ACK) ||
  113             (chunk == SCTP_SHUTDOWN_COMPLETE) ||
  114             (chunk == SCTP_AUTHENTICATION)) {
  115                 return (-1);
  116         }
  117         if (list->chunks[chunk] == 0) {
  118                 list->chunks[chunk] = 1;
  119                 list->num_chunks++;
  120                 SCTPDBG(SCTP_DEBUG_AUTH1,
  121                     "SCTP: added chunk %u (0x%02x) to Auth list\n",
  122                     chunk, chunk);
  123         }
  124         return (0);
  125 }
  126 
  127 /*
  128  * delete a chunk from the required chunks list
  129  */
  130 int
  131 sctp_auth_delete_chunk(uint8_t chunk, sctp_auth_chklist_t * list)
  132 {
  133         if (list == NULL)
  134                 return (-1);
  135 
  136         /* is chunk restricted? */
  137         if ((chunk == SCTP_ASCONF) ||
  138             (chunk == SCTP_ASCONF_ACK)) {
  139                 return (-1);
  140         }
  141         if (list->chunks[chunk] == 1) {
  142                 list->chunks[chunk] = 0;
  143                 list->num_chunks--;
  144                 SCTPDBG(SCTP_DEBUG_AUTH1,
  145                     "SCTP: deleted chunk %u (0x%02x) from Auth list\n",
  146                     chunk, chunk);
  147         }
  148         return (0);
  149 }
  150 
  151 size_t
  152 sctp_auth_get_chklist_size(const sctp_auth_chklist_t * list)
  153 {
  154         if (list == NULL)
  155                 return (0);
  156         else
  157                 return (list->num_chunks);
  158 }
  159 
  160 /*
  161  * set the default list of chunks requiring AUTH
  162  */
  163 void
  164 sctp_auth_set_default_chunks(sctp_auth_chklist_t * list)
  165 {
  166         (void)sctp_auth_add_chunk(SCTP_ASCONF, list);
  167         (void)sctp_auth_add_chunk(SCTP_ASCONF_ACK, list);
  168 }
  169 
  170 /*
  171  * return the current number and list of required chunks caller must
  172  * guarantee ptr has space for up to 256 bytes
  173  */
  174 int
  175 sctp_serialize_auth_chunks(const sctp_auth_chklist_t * list, uint8_t * ptr)
  176 {
  177         int i, count = 0;
  178 
  179         if (list == NULL)
  180                 return (0);
  181 
  182         for (i = 0; i < 256; i++) {
  183                 if (list->chunks[i] != 0) {
  184                         *ptr++ = i;
  185                         count++;
  186                 }
  187         }
  188         return (count);
  189 }
  190 
  191 int
  192 sctp_pack_auth_chunks(const sctp_auth_chklist_t * list, uint8_t * ptr)
  193 {
  194         int i, size = 0;
  195 
  196         if (list == NULL)
  197                 return (0);
  198 
  199         if (list->num_chunks <= 32) {
  200                 /* just list them, one byte each */
  201                 for (i = 0; i < 256; i++) {
  202                         if (list->chunks[i] != 0) {
  203                                 *ptr++ = i;
  204                                 size++;
  205                         }
  206                 }
  207         } else {
  208                 int index, offset;
  209 
  210                 /* pack into a 32 byte bitfield */
  211                 for (i = 0; i < 256; i++) {
  212                         if (list->chunks[i] != 0) {
  213                                 index = i / 8;
  214                                 offset = i % 8;
  215                                 ptr[index] |= (1 << offset);
  216                         }
  217                 }
  218                 size = 32;
  219         }
  220         return (size);
  221 }
  222 
  223 int
  224 sctp_unpack_auth_chunks(const uint8_t * ptr, uint8_t num_chunks,
  225     sctp_auth_chklist_t * list)
  226 {
  227         int i;
  228         int size;
  229 
  230         if (list == NULL)
  231                 return (0);
  232 
  233         if (num_chunks <= 32) {
  234                 /* just pull them, one byte each */
  235                 for (i = 0; i < num_chunks; i++) {
  236                         (void)sctp_auth_add_chunk(*ptr++, list);
  237                 }
  238                 size = num_chunks;
  239         } else {
  240                 int index, offset;
  241 
  242                 /* unpack from a 32 byte bitfield */
  243                 for (index = 0; index < 32; index++) {
  244                         for (offset = 0; offset < 8; offset++) {
  245                                 if (ptr[index] & (1 << offset)) {
  246                                         (void)sctp_auth_add_chunk((index * 8) + offset, list);
  247                                 }
  248                         }
  249                 }
  250                 size = 32;
  251         }
  252         return (size);
  253 }
  254 
  255 
  256 /*
  257  * allocate structure space for a key of length keylen
  258  */
  259 sctp_key_t *
  260 sctp_alloc_key(uint32_t keylen)
  261 {
  262         sctp_key_t *new_key;
  263 
  264         SCTP_MALLOC(new_key, sctp_key_t *, sizeof(*new_key) + keylen,
  265             SCTP_M_AUTH_KY);
  266         if (new_key == NULL) {
  267                 /* out of memory */
  268                 return (NULL);
  269         }
  270         new_key->keylen = keylen;
  271         return (new_key);
  272 }
  273 
  274 void
  275 sctp_free_key(sctp_key_t * key)
  276 {
  277         if (key != NULL)
  278                 SCTP_FREE(key, SCTP_M_AUTH_KY);
  279 }
  280 
  281 void
  282 sctp_print_key(sctp_key_t * key, const char *str)
  283 {
  284         uint32_t i;
  285 
  286         if (key == NULL) {
  287                 SCTP_PRINTF("%s: [Null key]\n", str);
  288                 return;
  289         }
  290         SCTP_PRINTF("%s: len %u, ", str, key->keylen);
  291         if (key->keylen) {
  292                 for (i = 0; i < key->keylen; i++)
  293                         SCTP_PRINTF("%02x", key->key[i]);
  294                 SCTP_PRINTF("\n");
  295         } else {
  296                 SCTP_PRINTF("[Null key]\n");
  297         }
  298 }
  299 
  300 void
  301 sctp_show_key(sctp_key_t * key, const char *str)
  302 {
  303         uint32_t i;
  304 
  305         if (key == NULL) {
  306                 SCTP_PRINTF("%s: [Null key]\n", str);
  307                 return;
  308         }
  309         SCTP_PRINTF("%s: len %u, ", str, key->keylen);
  310         if (key->keylen) {
  311                 for (i = 0; i < key->keylen; i++)
  312                         SCTP_PRINTF("%02x", key->key[i]);
  313                 SCTP_PRINTF("\n");
  314         } else {
  315                 SCTP_PRINTF("[Null key]\n");
  316         }
  317 }
  318 
  319 static uint32_t
  320 sctp_get_keylen(sctp_key_t * key)
  321 {
  322         if (key != NULL)
  323                 return (key->keylen);
  324         else
  325                 return (0);
  326 }
  327 
  328 /*
  329  * generate a new random key of length 'keylen'
  330  */
  331 sctp_key_t *
  332 sctp_generate_random_key(uint32_t keylen)
  333 {
  334         sctp_key_t *new_key;
  335 
  336         new_key = sctp_alloc_key(keylen);
  337         if (new_key == NULL) {
  338                 /* out of memory */
  339                 return (NULL);
  340         }
  341         SCTP_READ_RANDOM(new_key->key, keylen);
  342         new_key->keylen = keylen;
  343         return (new_key);
  344 }
  345 
  346 sctp_key_t *
  347 sctp_set_key(uint8_t * key, uint32_t keylen)
  348 {
  349         sctp_key_t *new_key;
  350 
  351         new_key = sctp_alloc_key(keylen);
  352         if (new_key == NULL) {
  353                 /* out of memory */
  354                 return (NULL);
  355         }
  356         bcopy(key, new_key->key, keylen);
  357         return (new_key);
  358 }
  359 
  360 /*-
  361  * given two keys of variable size, compute which key is "larger/smaller"
  362  * returns:  1 if key1 > key2
  363  *          -1 if key1 < key2
  364  *           0 if key1 = key2
  365  */
  366 static int
  367 sctp_compare_key(sctp_key_t * key1, sctp_key_t * key2)
  368 {
  369         uint32_t maxlen;
  370         uint32_t i;
  371         uint32_t key1len, key2len;
  372         uint8_t *key_1, *key_2;
  373         uint8_t val1, val2;
  374 
  375         /* sanity/length check */
  376         key1len = sctp_get_keylen(key1);
  377         key2len = sctp_get_keylen(key2);
  378         if ((key1len == 0) && (key2len == 0))
  379                 return (0);
  380         else if (key1len == 0)
  381                 return (-1);
  382         else if (key2len == 0)
  383                 return (1);
  384 
  385         if (key1len < key2len) {
  386                 maxlen = key2len;
  387         } else {
  388                 maxlen = key1len;
  389         }
  390         key_1 = key1->key;
  391         key_2 = key2->key;
  392         /* check for numeric equality */
  393         for (i = 0; i < maxlen; i++) {
  394                 /* left-pad with zeros */
  395                 val1 = (i < (maxlen - key1len)) ? 0 : *(key_1++);
  396                 val2 = (i < (maxlen - key2len)) ? 0 : *(key_2++);
  397                 if (val1 > val2) {
  398                         return (1);
  399                 } else if (val1 < val2) {
  400                         return (-1);
  401                 }
  402         }
  403         /* keys are equal value, so check lengths */
  404         if (key1len == key2len)
  405                 return (0);
  406         else if (key1len < key2len)
  407                 return (-1);
  408         else
  409                 return (1);
  410 }
  411 
  412 /*
  413  * generate the concatenated keying material based on the two keys and the
  414  * shared key (if available). draft-ietf-tsvwg-auth specifies the specific
  415  * order for concatenation
  416  */
  417 sctp_key_t *
  418 sctp_compute_hashkey(sctp_key_t * key1, sctp_key_t * key2, sctp_key_t * shared)
  419 {
  420         uint32_t keylen;
  421         sctp_key_t *new_key;
  422         uint8_t *key_ptr;
  423 
  424         keylen = sctp_get_keylen(key1) + sctp_get_keylen(key2) +
  425             sctp_get_keylen(shared);
  426 
  427         if (keylen > 0) {
  428                 /* get space for the new key */
  429                 new_key = sctp_alloc_key(keylen);
  430                 if (new_key == NULL) {
  431                         /* out of memory */
  432                         return (NULL);
  433                 }
  434                 new_key->keylen = keylen;
  435                 key_ptr = new_key->key;
  436         } else {
  437                 /* all keys empty/null?! */
  438                 return (NULL);
  439         }
  440 
  441         /* concatenate the keys */
  442         if (sctp_compare_key(key1, key2) <= 0) {
  443                 /* key is shared + key1 + key2 */
  444                 if (sctp_get_keylen(shared)) {
  445                         bcopy(shared->key, key_ptr, shared->keylen);
  446                         key_ptr += shared->keylen;
  447                 }
  448                 if (sctp_get_keylen(key1)) {
  449                         bcopy(key1->key, key_ptr, key1->keylen);
  450                         key_ptr += key1->keylen;
  451                 }
  452                 if (sctp_get_keylen(key2)) {
  453                         bcopy(key2->key, key_ptr, key2->keylen);
  454                 }
  455         } else {
  456                 /* key is shared + key2 + key1 */
  457                 if (sctp_get_keylen(shared)) {
  458                         bcopy(shared->key, key_ptr, shared->keylen);
  459                         key_ptr += shared->keylen;
  460                 }
  461                 if (sctp_get_keylen(key2)) {
  462                         bcopy(key2->key, key_ptr, key2->keylen);
  463                         key_ptr += key2->keylen;
  464                 }
  465                 if (sctp_get_keylen(key1)) {
  466                         bcopy(key1->key, key_ptr, key1->keylen);
  467                 }
  468         }
  469         return (new_key);
  470 }
  471 
  472 
  473 sctp_sharedkey_t *
  474 sctp_alloc_sharedkey(void)
  475 {
  476         sctp_sharedkey_t *new_key;
  477 
  478         SCTP_MALLOC(new_key, sctp_sharedkey_t *, sizeof(*new_key),
  479             SCTP_M_AUTH_KY);
  480         if (new_key == NULL) {
  481                 /* out of memory */
  482                 return (NULL);
  483         }
  484         new_key->keyid = 0;
  485         new_key->key = NULL;
  486         new_key->refcount = 1;
  487         new_key->deactivated = 0;
  488         return (new_key);
  489 }
  490 
  491 void
  492 sctp_free_sharedkey(sctp_sharedkey_t * skey)
  493 {
  494         if (skey == NULL)
  495                 return;
  496 
  497         if (SCTP_DECREMENT_AND_CHECK_REFCOUNT(&skey->refcount)) {
  498                 if (skey->key != NULL)
  499                         sctp_free_key(skey->key);
  500                 SCTP_FREE(skey, SCTP_M_AUTH_KY);
  501         }
  502 }
  503 
  504 sctp_sharedkey_t *
  505 sctp_find_sharedkey(struct sctp_keyhead *shared_keys, uint16_t key_id)
  506 {
  507         sctp_sharedkey_t *skey;
  508 
  509         LIST_FOREACH(skey, shared_keys, next) {
  510                 if (skey->keyid == key_id)
  511                         return (skey);
  512         }
  513         return (NULL);
  514 }
  515 
  516 int
  517 sctp_insert_sharedkey(struct sctp_keyhead *shared_keys,
  518     sctp_sharedkey_t * new_skey)
  519 {
  520         sctp_sharedkey_t *skey;
  521 
  522         if ((shared_keys == NULL) || (new_skey == NULL))
  523                 return (EINVAL);
  524 
  525         /* insert into an empty list? */
  526         if (LIST_EMPTY(shared_keys)) {
  527                 LIST_INSERT_HEAD(shared_keys, new_skey, next);
  528                 return (0);
  529         }
  530         /* insert into the existing list, ordered by key id */
  531         LIST_FOREACH(skey, shared_keys, next) {
  532                 if (new_skey->keyid < skey->keyid) {
  533                         /* insert it before here */
  534                         LIST_INSERT_BEFORE(skey, new_skey, next);
  535                         return (0);
  536                 } else if (new_skey->keyid == skey->keyid) {
  537                         /* replace the existing key */
  538                         /* verify this key *can* be replaced */
  539                         if ((skey->deactivated) && (skey->refcount > 1)) {
  540                                 SCTPDBG(SCTP_DEBUG_AUTH1,
  541                                     "can't replace shared key id %u\n",
  542                                     new_skey->keyid);
  543                                 return (EBUSY);
  544                         }
  545                         SCTPDBG(SCTP_DEBUG_AUTH1,
  546                             "replacing shared key id %u\n",
  547                             new_skey->keyid);
  548                         LIST_INSERT_BEFORE(skey, new_skey, next);
  549                         LIST_REMOVE(skey, next);
  550                         sctp_free_sharedkey(skey);
  551                         return (0);
  552                 }
  553                 if (LIST_NEXT(skey, next) == NULL) {
  554                         /* belongs at the end of the list */
  555                         LIST_INSERT_AFTER(skey, new_skey, next);
  556                         return (0);
  557                 }
  558         }
  559         /* shouldn't reach here */
  560         return (0);
  561 }
  562 
  563 void
  564 sctp_auth_key_acquire(struct sctp_tcb *stcb, uint16_t key_id)
  565 {
  566         sctp_sharedkey_t *skey;
  567 
  568         /* find the shared key */
  569         skey = sctp_find_sharedkey(&stcb->asoc.shared_keys, key_id);
  570 
  571         /* bump the ref count */
  572         if (skey) {
  573                 atomic_add_int(&skey->refcount, 1);
  574                 SCTPDBG(SCTP_DEBUG_AUTH2,
  575                     "%s: stcb %p key %u refcount acquire to %d\n",
  576                     __FUNCTION__, (void *)stcb, key_id, skey->refcount);
  577         }
  578 }
  579 
  580 void
  581 sctp_auth_key_release(struct sctp_tcb *stcb, uint16_t key_id, int so_locked
  582 #if !defined(__APPLE__) && !defined(SCTP_SO_LOCK_TESTING)
  583     SCTP_UNUSED
  584 #endif
  585 )
  586 {
  587         sctp_sharedkey_t *skey;
  588 
  589         /* find the shared key */
  590         skey = sctp_find_sharedkey(&stcb->asoc.shared_keys, key_id);
  591 
  592         /* decrement the ref count */
  593         if (skey) {
  594                 sctp_free_sharedkey(skey);
  595                 SCTPDBG(SCTP_DEBUG_AUTH2,
  596                     "%s: stcb %p key %u refcount release to %d\n",
  597                     __FUNCTION__, (void *)stcb, key_id, skey->refcount);
  598 
  599                 /* see if a notification should be generated */
  600                 if ((skey->refcount <= 1) && (skey->deactivated)) {
  601                         /* notify ULP that key is no longer used */
  602                         sctp_ulp_notify(SCTP_NOTIFY_AUTH_FREE_KEY, stcb,
  603                             key_id, 0, so_locked);
  604                         SCTPDBG(SCTP_DEBUG_AUTH2,
  605                             "%s: stcb %p key %u no longer used, %d\n",
  606                             __FUNCTION__, (void *)stcb, key_id, skey->refcount);
  607                 }
  608         }
  609 }
  610 
  611 static sctp_sharedkey_t *
  612 sctp_copy_sharedkey(const sctp_sharedkey_t * skey)
  613 {
  614         sctp_sharedkey_t *new_skey;
  615 
  616         if (skey == NULL)
  617                 return (NULL);
  618         new_skey = sctp_alloc_sharedkey();
  619         if (new_skey == NULL)
  620                 return (NULL);
  621         if (skey->key != NULL)
  622                 new_skey->key = sctp_set_key(skey->key->key, skey->key->keylen);
  623         else
  624                 new_skey->key = NULL;
  625         new_skey->keyid = skey->keyid;
  626         return (new_skey);
  627 }
  628 
  629 int
  630 sctp_copy_skeylist(const struct sctp_keyhead *src, struct sctp_keyhead *dest)
  631 {
  632         sctp_sharedkey_t *skey, *new_skey;
  633         int count = 0;
  634 
  635         if ((src == NULL) || (dest == NULL))
  636                 return (0);
  637         LIST_FOREACH(skey, src, next) {
  638                 new_skey = sctp_copy_sharedkey(skey);
  639                 if (new_skey != NULL) {
  640                         (void)sctp_insert_sharedkey(dest, new_skey);
  641                         count++;
  642                 }
  643         }
  644         return (count);
  645 }
  646 
  647 
  648 sctp_hmaclist_t *
  649 sctp_alloc_hmaclist(uint8_t num_hmacs)
  650 {
  651         sctp_hmaclist_t *new_list;
  652         int alloc_size;
  653 
  654         alloc_size = sizeof(*new_list) + num_hmacs * sizeof(new_list->hmac[0]);
  655         SCTP_MALLOC(new_list, sctp_hmaclist_t *, alloc_size,
  656             SCTP_M_AUTH_HL);
  657         if (new_list == NULL) {
  658                 /* out of memory */
  659                 return (NULL);
  660         }
  661         new_list->max_algo = num_hmacs;
  662         new_list->num_algo = 0;
  663         return (new_list);
  664 }
  665 
  666 void
  667 sctp_free_hmaclist(sctp_hmaclist_t * list)
  668 {
  669         if (list != NULL) {
  670                 SCTP_FREE(list, SCTP_M_AUTH_HL);
  671                 list = NULL;
  672         }
  673 }
  674 
  675 int
  676 sctp_auth_add_hmacid(sctp_hmaclist_t * list, uint16_t hmac_id)
  677 {
  678         int i;
  679 
  680         if (list == NULL)
  681                 return (-1);
  682         if (list->num_algo == list->max_algo) {
  683                 SCTPDBG(SCTP_DEBUG_AUTH1,
  684                     "SCTP: HMAC id list full, ignoring add %u\n", hmac_id);
  685                 return (-1);
  686         }
  687         if ((hmac_id != SCTP_AUTH_HMAC_ID_SHA1) &&
  688             (hmac_id != SCTP_AUTH_HMAC_ID_SHA256)) {
  689                 return (-1);
  690         }
  691         /* Now is it already in the list */
  692         for (i = 0; i < list->num_algo; i++) {
  693                 if (list->hmac[i] == hmac_id) {
  694                         /* already in list */
  695                         return (-1);
  696                 }
  697         }
  698         SCTPDBG(SCTP_DEBUG_AUTH1, "SCTP: add HMAC id %u to list\n", hmac_id);
  699         list->hmac[list->num_algo++] = hmac_id;
  700         return (0);
  701 }
  702 
  703 sctp_hmaclist_t *
  704 sctp_copy_hmaclist(sctp_hmaclist_t * list)
  705 {
  706         sctp_hmaclist_t *new_list;
  707         int i;
  708 
  709         if (list == NULL)
  710                 return (NULL);
  711         /* get a new list */
  712         new_list = sctp_alloc_hmaclist(list->max_algo);
  713         if (new_list == NULL)
  714                 return (NULL);
  715         /* copy it */
  716         new_list->max_algo = list->max_algo;
  717         new_list->num_algo = list->num_algo;
  718         for (i = 0; i < list->num_algo; i++)
  719                 new_list->hmac[i] = list->hmac[i];
  720         return (new_list);
  721 }
  722 
  723 sctp_hmaclist_t *
  724 sctp_default_supported_hmaclist(void)
  725 {
  726         sctp_hmaclist_t *new_list;
  727 
  728         new_list = sctp_alloc_hmaclist(2);
  729         if (new_list == NULL)
  730                 return (NULL);
  731         /* We prefer SHA256, so list it first */
  732         (void)sctp_auth_add_hmacid(new_list, SCTP_AUTH_HMAC_ID_SHA256);
  733         (void)sctp_auth_add_hmacid(new_list, SCTP_AUTH_HMAC_ID_SHA1);
  734         return (new_list);
  735 }
  736 
  737 /*-
  738  * HMAC algos are listed in priority/preference order
  739  * find the best HMAC id to use for the peer based on local support
  740  */
  741 uint16_t
  742 sctp_negotiate_hmacid(sctp_hmaclist_t * peer, sctp_hmaclist_t * local)
  743 {
  744         int i, j;
  745 
  746         if ((local == NULL) || (peer == NULL))
  747                 return (SCTP_AUTH_HMAC_ID_RSVD);
  748 
  749         for (i = 0; i < peer->num_algo; i++) {
  750                 for (j = 0; j < local->num_algo; j++) {
  751                         if (peer->hmac[i] == local->hmac[j]) {
  752                                 /* found the "best" one */
  753                                 SCTPDBG(SCTP_DEBUG_AUTH1,
  754                                     "SCTP: negotiated peer HMAC id %u\n",
  755                                     peer->hmac[i]);
  756                                 return (peer->hmac[i]);
  757                         }
  758                 }
  759         }
  760         /* didn't find one! */
  761         return (SCTP_AUTH_HMAC_ID_RSVD);
  762 }
  763 
  764 /*-
  765  * serialize the HMAC algo list and return space used
  766  * caller must guarantee ptr has appropriate space
  767  */
  768 int
  769 sctp_serialize_hmaclist(sctp_hmaclist_t * list, uint8_t * ptr)
  770 {
  771         int i;
  772         uint16_t hmac_id;
  773 
  774         if (list == NULL)
  775                 return (0);
  776 
  777         for (i = 0; i < list->num_algo; i++) {
  778                 hmac_id = htons(list->hmac[i]);
  779                 bcopy(&hmac_id, ptr, sizeof(hmac_id));
  780                 ptr += sizeof(hmac_id);
  781         }
  782         return (list->num_algo * sizeof(hmac_id));
  783 }
  784 
  785 int
  786 sctp_verify_hmac_param(struct sctp_auth_hmac_algo *hmacs, uint32_t num_hmacs)
  787 {
  788         uint32_t i;
  789 
  790         for (i = 0; i < num_hmacs; i++) {
  791                 if (ntohs(hmacs->hmac_ids[i]) == SCTP_AUTH_HMAC_ID_SHA1) {
  792                         return (0);
  793                 }
  794         }
  795         return (-1);
  796 }
  797 
  798 sctp_authinfo_t *
  799 sctp_alloc_authinfo(void)
  800 {
  801         sctp_authinfo_t *new_authinfo;
  802 
  803         SCTP_MALLOC(new_authinfo, sctp_authinfo_t *, sizeof(*new_authinfo),
  804             SCTP_M_AUTH_IF);
  805 
  806         if (new_authinfo == NULL) {
  807                 /* out of memory */
  808                 return (NULL);
  809         }
  810         bzero(new_authinfo, sizeof(*new_authinfo));
  811         return (new_authinfo);
  812 }
  813 
  814 void
  815 sctp_free_authinfo(sctp_authinfo_t * authinfo)
  816 {
  817         if (authinfo == NULL)
  818                 return;
  819 
  820         if (authinfo->random != NULL)
  821                 sctp_free_key(authinfo->random);
  822         if (authinfo->peer_random != NULL)
  823                 sctp_free_key(authinfo->peer_random);
  824         if (authinfo->assoc_key != NULL)
  825                 sctp_free_key(authinfo->assoc_key);
  826         if (authinfo->recv_key != NULL)
  827                 sctp_free_key(authinfo->recv_key);
  828 
  829         /* We are NOT dynamically allocating authinfo's right now... */
  830         /* SCTP_FREE(authinfo, SCTP_M_AUTH_??); */
  831 }
  832 
  833 
  834 uint32_t
  835 sctp_get_auth_chunk_len(uint16_t hmac_algo)
  836 {
  837         int size;
  838 
  839         size = sizeof(struct sctp_auth_chunk) + sctp_get_hmac_digest_len(hmac_algo);
  840         return (SCTP_SIZE32(size));
  841 }
  842 
  843 uint32_t
  844 sctp_get_hmac_digest_len(uint16_t hmac_algo)
  845 {
  846         switch (hmac_algo) {
  847         case SCTP_AUTH_HMAC_ID_SHA1:
  848                 return (SCTP_AUTH_DIGEST_LEN_SHA1);
  849         case SCTP_AUTH_HMAC_ID_SHA256:
  850                 return (SCTP_AUTH_DIGEST_LEN_SHA256);
  851         default:
  852                 /* unknown HMAC algorithm: can't do anything */
  853                 return (0);
  854         }                       /* end switch */
  855 }
  856 
  857 static inline int
  858 sctp_get_hmac_block_len(uint16_t hmac_algo)
  859 {
  860         switch (hmac_algo) {
  861         case SCTP_AUTH_HMAC_ID_SHA1:
  862                 return (64);
  863         case SCTP_AUTH_HMAC_ID_SHA256:
  864                 return (64);
  865         case SCTP_AUTH_HMAC_ID_RSVD:
  866         default:
  867                 /* unknown HMAC algorithm: can't do anything */
  868                 return (0);
  869         }                       /* end switch */
  870 }
  871 
  872 static void
  873 sctp_hmac_init(uint16_t hmac_algo, sctp_hash_context_t * ctx)
  874 {
  875         switch (hmac_algo) {
  876         case SCTP_AUTH_HMAC_ID_SHA1:
  877                 SCTP_SHA1_INIT(&ctx->sha1);
  878                 break;
  879         case SCTP_AUTH_HMAC_ID_SHA256:
  880                 SCTP_SHA256_INIT(&ctx->sha256);
  881                 break;
  882         case SCTP_AUTH_HMAC_ID_RSVD:
  883         default:
  884                 /* unknown HMAC algorithm: can't do anything */
  885                 return;
  886         }                       /* end switch */
  887 }
  888 
  889 static void
  890 sctp_hmac_update(uint16_t hmac_algo, sctp_hash_context_t * ctx,
  891     uint8_t * text, uint32_t textlen)
  892 {
  893         switch (hmac_algo) {
  894         case SCTP_AUTH_HMAC_ID_SHA1:
  895                 SCTP_SHA1_UPDATE(&ctx->sha1, text, textlen);
  896                 break;
  897         case SCTP_AUTH_HMAC_ID_SHA256:
  898                 SCTP_SHA256_UPDATE(&ctx->sha256, text, textlen);
  899                 break;
  900         case SCTP_AUTH_HMAC_ID_RSVD:
  901         default:
  902                 /* unknown HMAC algorithm: can't do anything */
  903                 return;
  904         }                       /* end switch */
  905 }
  906 
  907 static void
  908 sctp_hmac_final(uint16_t hmac_algo, sctp_hash_context_t * ctx,
  909     uint8_t * digest)
  910 {
  911         switch (hmac_algo) {
  912         case SCTP_AUTH_HMAC_ID_SHA1:
  913                 SCTP_SHA1_FINAL(digest, &ctx->sha1);
  914                 break;
  915         case SCTP_AUTH_HMAC_ID_SHA256:
  916                 SCTP_SHA256_FINAL(digest, &ctx->sha256);
  917                 break;
  918         case SCTP_AUTH_HMAC_ID_RSVD:
  919         default:
  920                 /* unknown HMAC algorithm: can't do anything */
  921                 return;
  922         }                       /* end switch */
  923 }
  924 
  925 /*-
  926  * Keyed-Hashing for Message Authentication: FIPS 198 (RFC 2104)
  927  *
  928  * Compute the HMAC digest using the desired hash key, text, and HMAC
  929  * algorithm.  Resulting digest is placed in 'digest' and digest length
  930  * is returned, if the HMAC was performed.
  931  *
  932  * WARNING: it is up to the caller to supply sufficient space to hold the
  933  * resultant digest.
  934  */
  935 uint32_t
  936 sctp_hmac(uint16_t hmac_algo, uint8_t * key, uint32_t keylen,
  937     uint8_t * text, uint32_t textlen, uint8_t * digest)
  938 {
  939         uint32_t digestlen;
  940         uint32_t blocklen;
  941         sctp_hash_context_t ctx;
  942         uint8_t ipad[128], opad[128];   /* keyed hash inner/outer pads */
  943         uint8_t temp[SCTP_AUTH_DIGEST_LEN_MAX];
  944         uint32_t i;
  945 
  946         /* sanity check the material and length */
  947         if ((key == NULL) || (keylen == 0) || (text == NULL) ||
  948             (textlen == 0) || (digest == NULL)) {
  949                 /* can't do HMAC with empty key or text or digest store */
  950                 return (0);
  951         }
  952         /* validate the hmac algo and get the digest length */
  953         digestlen = sctp_get_hmac_digest_len(hmac_algo);
  954         if (digestlen == 0)
  955                 return (0);
  956 
  957         /* hash the key if it is longer than the hash block size */
  958         blocklen = sctp_get_hmac_block_len(hmac_algo);
  959         if (keylen > blocklen) {
  960                 sctp_hmac_init(hmac_algo, &ctx);
  961                 sctp_hmac_update(hmac_algo, &ctx, key, keylen);
  962                 sctp_hmac_final(hmac_algo, &ctx, temp);
  963                 /* set the hashed key as the key */
  964                 keylen = digestlen;
  965                 key = temp;
  966         }
  967         /* initialize the inner/outer pads with the key and "append" zeroes */
  968         bzero(ipad, blocklen);
  969         bzero(opad, blocklen);
  970         bcopy(key, ipad, keylen);
  971         bcopy(key, opad, keylen);
  972 
  973         /* XOR the key with ipad and opad values */
  974         for (i = 0; i < blocklen; i++) {
  975                 ipad[i] ^= 0x36;
  976                 opad[i] ^= 0x5c;
  977         }
  978 
  979         /* perform inner hash */
  980         sctp_hmac_init(hmac_algo, &ctx);
  981         sctp_hmac_update(hmac_algo, &ctx, ipad, blocklen);
  982         sctp_hmac_update(hmac_algo, &ctx, text, textlen);
  983         sctp_hmac_final(hmac_algo, &ctx, temp);
  984 
  985         /* perform outer hash */
  986         sctp_hmac_init(hmac_algo, &ctx);
  987         sctp_hmac_update(hmac_algo, &ctx, opad, blocklen);
  988         sctp_hmac_update(hmac_algo, &ctx, temp, digestlen);
  989         sctp_hmac_final(hmac_algo, &ctx, digest);
  990 
  991         return (digestlen);
  992 }
  993 
  994 /* mbuf version */
  995 uint32_t
  996 sctp_hmac_m(uint16_t hmac_algo, uint8_t * key, uint32_t keylen,
  997     struct mbuf *m, uint32_t m_offset, uint8_t * digest, uint32_t trailer)
  998 {
  999         uint32_t digestlen;
 1000         uint32_t blocklen;
 1001         sctp_hash_context_t ctx;
 1002         uint8_t ipad[128], opad[128];   /* keyed hash inner/outer pads */
 1003         uint8_t temp[SCTP_AUTH_DIGEST_LEN_MAX];
 1004         uint32_t i;
 1005         struct mbuf *m_tmp;
 1006 
 1007         /* sanity check the material and length */
 1008         if ((key == NULL) || (keylen == 0) || (m == NULL) || (digest == NULL)) {
 1009                 /* can't do HMAC with empty key or text or digest store */
 1010                 return (0);
 1011         }
 1012         /* validate the hmac algo and get the digest length */
 1013         digestlen = sctp_get_hmac_digest_len(hmac_algo);
 1014         if (digestlen == 0)
 1015                 return (0);
 1016 
 1017         /* hash the key if it is longer than the hash block size */
 1018         blocklen = sctp_get_hmac_block_len(hmac_algo);
 1019         if (keylen > blocklen) {
 1020                 sctp_hmac_init(hmac_algo, &ctx);
 1021                 sctp_hmac_update(hmac_algo, &ctx, key, keylen);
 1022                 sctp_hmac_final(hmac_algo, &ctx, temp);
 1023                 /* set the hashed key as the key */
 1024                 keylen = digestlen;
 1025                 key = temp;
 1026         }
 1027         /* initialize the inner/outer pads with the key and "append" zeroes */
 1028         bzero(ipad, blocklen);
 1029         bzero(opad, blocklen);
 1030         bcopy(key, ipad, keylen);
 1031         bcopy(key, opad, keylen);
 1032 
 1033         /* XOR the key with ipad and opad values */
 1034         for (i = 0; i < blocklen; i++) {
 1035                 ipad[i] ^= 0x36;
 1036                 opad[i] ^= 0x5c;
 1037         }
 1038 
 1039         /* perform inner hash */
 1040         sctp_hmac_init(hmac_algo, &ctx);
 1041         sctp_hmac_update(hmac_algo, &ctx, ipad, blocklen);
 1042         /* find the correct starting mbuf and offset (get start of text) */
 1043         m_tmp = m;
 1044         while ((m_tmp != NULL) && (m_offset >= (uint32_t) SCTP_BUF_LEN(m_tmp))) {
 1045                 m_offset -= SCTP_BUF_LEN(m_tmp);
 1046                 m_tmp = SCTP_BUF_NEXT(m_tmp);
 1047         }
 1048         /* now use the rest of the mbuf chain for the text */
 1049         while (m_tmp != NULL) {
 1050                 if ((SCTP_BUF_NEXT(m_tmp) == NULL) && trailer) {
 1051                         sctp_hmac_update(hmac_algo, &ctx, mtod(m_tmp, uint8_t *) + m_offset,
 1052                             SCTP_BUF_LEN(m_tmp) - (trailer + m_offset));
 1053                 } else {
 1054                         sctp_hmac_update(hmac_algo, &ctx, mtod(m_tmp, uint8_t *) + m_offset,
 1055                             SCTP_BUF_LEN(m_tmp) - m_offset);
 1056                 }
 1057 
 1058                 /* clear the offset since it's only for the first mbuf */
 1059                 m_offset = 0;
 1060                 m_tmp = SCTP_BUF_NEXT(m_tmp);
 1061         }
 1062         sctp_hmac_final(hmac_algo, &ctx, temp);
 1063 
 1064         /* perform outer hash */
 1065         sctp_hmac_init(hmac_algo, &ctx);
 1066         sctp_hmac_update(hmac_algo, &ctx, opad, blocklen);
 1067         sctp_hmac_update(hmac_algo, &ctx, temp, digestlen);
 1068         sctp_hmac_final(hmac_algo, &ctx, digest);
 1069 
 1070         return (digestlen);
 1071 }
 1072 
 1073 /*-
 1074  * verify the HMAC digest using the desired hash key, text, and HMAC
 1075  * algorithm.
 1076  * Returns -1 on error, 0 on success.
 1077  */
 1078 int
 1079 sctp_verify_hmac(uint16_t hmac_algo, uint8_t * key, uint32_t keylen,
 1080     uint8_t * text, uint32_t textlen,
 1081     uint8_t * digest, uint32_t digestlen)
 1082 {
 1083         uint32_t len;
 1084         uint8_t temp[SCTP_AUTH_DIGEST_LEN_MAX];
 1085 
 1086         /* sanity check the material and length */
 1087         if ((key == NULL) || (keylen == 0) ||
 1088             (text == NULL) || (textlen == 0) || (digest == NULL)) {
 1089                 /* can't do HMAC with empty key or text or digest */
 1090                 return (-1);
 1091         }
 1092         len = sctp_get_hmac_digest_len(hmac_algo);
 1093         if ((len == 0) || (digestlen != len))
 1094                 return (-1);
 1095 
 1096         /* compute the expected hash */
 1097         if (sctp_hmac(hmac_algo, key, keylen, text, textlen, temp) != len)
 1098                 return (-1);
 1099 
 1100         if (memcmp(digest, temp, digestlen) != 0)
 1101                 return (-1);
 1102         else
 1103                 return (0);
 1104 }
 1105 
 1106 
 1107 /*
 1108  * computes the requested HMAC using a key struct (which may be modified if
 1109  * the keylen exceeds the HMAC block len).
 1110  */
 1111 uint32_t
 1112 sctp_compute_hmac(uint16_t hmac_algo, sctp_key_t * key, uint8_t * text,
 1113     uint32_t textlen, uint8_t * digest)
 1114 {
 1115         uint32_t digestlen;
 1116         uint32_t blocklen;
 1117         sctp_hash_context_t ctx;
 1118         uint8_t temp[SCTP_AUTH_DIGEST_LEN_MAX];
 1119 
 1120         /* sanity check */
 1121         if ((key == NULL) || (text == NULL) || (textlen == 0) ||
 1122             (digest == NULL)) {
 1123                 /* can't do HMAC with empty key or text or digest store */
 1124                 return (0);
 1125         }
 1126         /* validate the hmac algo and get the digest length */
 1127         digestlen = sctp_get_hmac_digest_len(hmac_algo);
 1128         if (digestlen == 0)
 1129                 return (0);
 1130 
 1131         /* hash the key if it is longer than the hash block size */
 1132         blocklen = sctp_get_hmac_block_len(hmac_algo);
 1133         if (key->keylen > blocklen) {
 1134                 sctp_hmac_init(hmac_algo, &ctx);
 1135                 sctp_hmac_update(hmac_algo, &ctx, key->key, key->keylen);
 1136                 sctp_hmac_final(hmac_algo, &ctx, temp);
 1137                 /* save the hashed key as the new key */
 1138                 key->keylen = digestlen;
 1139                 bcopy(temp, key->key, key->keylen);
 1140         }
 1141         return (sctp_hmac(hmac_algo, key->key, key->keylen, text, textlen,
 1142             digest));
 1143 }
 1144 
 1145 /* mbuf version */
 1146 uint32_t
 1147 sctp_compute_hmac_m(uint16_t hmac_algo, sctp_key_t * key, struct mbuf *m,
 1148     uint32_t m_offset, uint8_t * digest)
 1149 {
 1150         uint32_t digestlen;
 1151         uint32_t blocklen;
 1152         sctp_hash_context_t ctx;
 1153         uint8_t temp[SCTP_AUTH_DIGEST_LEN_MAX];
 1154 
 1155         /* sanity check */
 1156         if ((key == NULL) || (m == NULL) || (digest == NULL)) {
 1157                 /* can't do HMAC with empty key or text or digest store */
 1158                 return (0);
 1159         }
 1160         /* validate the hmac algo and get the digest length */
 1161         digestlen = sctp_get_hmac_digest_len(hmac_algo);
 1162         if (digestlen == 0)
 1163                 return (0);
 1164 
 1165         /* hash the key if it is longer than the hash block size */
 1166         blocklen = sctp_get_hmac_block_len(hmac_algo);
 1167         if (key->keylen > blocklen) {
 1168                 sctp_hmac_init(hmac_algo, &ctx);
 1169                 sctp_hmac_update(hmac_algo, &ctx, key->key, key->keylen);
 1170                 sctp_hmac_final(hmac_algo, &ctx, temp);
 1171                 /* save the hashed key as the new key */
 1172                 key->keylen = digestlen;
 1173                 bcopy(temp, key->key, key->keylen);
 1174         }
 1175         return (sctp_hmac_m(hmac_algo, key->key, key->keylen, m, m_offset, digest, 0));
 1176 }
 1177 
 1178 int
 1179 sctp_auth_is_supported_hmac(sctp_hmaclist_t * list, uint16_t id)
 1180 {
 1181         int i;
 1182 
 1183         if ((list == NULL) || (id == SCTP_AUTH_HMAC_ID_RSVD))
 1184                 return (0);
 1185 
 1186         for (i = 0; i < list->num_algo; i++)
 1187                 if (list->hmac[i] == id)
 1188                         return (1);
 1189 
 1190         /* not in the list */
 1191         return (0);
 1192 }
 1193 
 1194 
 1195 /*-
 1196  * clear any cached key(s) if they match the given key id on an association.
 1197  * the cached key(s) will be recomputed and re-cached at next use.
 1198  * ASSUMES TCB_LOCK is already held
 1199  */
 1200 void
 1201 sctp_clear_cachedkeys(struct sctp_tcb *stcb, uint16_t keyid)
 1202 {
 1203         if (stcb == NULL)
 1204                 return;
 1205 
 1206         if (keyid == stcb->asoc.authinfo.assoc_keyid) {
 1207                 sctp_free_key(stcb->asoc.authinfo.assoc_key);
 1208                 stcb->asoc.authinfo.assoc_key = NULL;
 1209         }
 1210         if (keyid == stcb->asoc.authinfo.recv_keyid) {
 1211                 sctp_free_key(stcb->asoc.authinfo.recv_key);
 1212                 stcb->asoc.authinfo.recv_key = NULL;
 1213         }
 1214 }
 1215 
 1216 /*-
 1217  * clear any cached key(s) if they match the given key id for all assocs on
 1218  * an endpoint.
 1219  * ASSUMES INP_WLOCK is already held
 1220  */
 1221 void
 1222 sctp_clear_cachedkeys_ep(struct sctp_inpcb *inp, uint16_t keyid)
 1223 {
 1224         struct sctp_tcb *stcb;
 1225 
 1226         if (inp == NULL)
 1227                 return;
 1228 
 1229         /* clear the cached keys on all assocs on this instance */
 1230         LIST_FOREACH(stcb, &inp->sctp_asoc_list, sctp_tcblist) {
 1231                 SCTP_TCB_LOCK(stcb);
 1232                 sctp_clear_cachedkeys(stcb, keyid);
 1233                 SCTP_TCB_UNLOCK(stcb);
 1234         }
 1235 }
 1236 
 1237 /*-
 1238  * delete a shared key from an association
 1239  * ASSUMES TCB_LOCK is already held
 1240  */
 1241 int
 1242 sctp_delete_sharedkey(struct sctp_tcb *stcb, uint16_t keyid)
 1243 {
 1244         sctp_sharedkey_t *skey;
 1245 
 1246         if (stcb == NULL)
 1247                 return (-1);
 1248 
 1249         /* is the keyid the assoc active sending key */
 1250         if (keyid == stcb->asoc.authinfo.active_keyid)
 1251                 return (-1);
 1252 
 1253         /* does the key exist? */
 1254         skey = sctp_find_sharedkey(&stcb->asoc.shared_keys, keyid);
 1255         if (skey == NULL)
 1256                 return (-1);
 1257 
 1258         /* are there other refcount holders on the key? */
 1259         if (skey->refcount > 1)
 1260                 return (-1);
 1261 
 1262         /* remove it */
 1263         LIST_REMOVE(skey, next);
 1264         sctp_free_sharedkey(skey);      /* frees skey->key as well */
 1265 
 1266         /* clear any cached keys */
 1267         sctp_clear_cachedkeys(stcb, keyid);
 1268         return (0);
 1269 }
 1270 
 1271 /*-
 1272  * deletes a shared key from the endpoint
 1273  * ASSUMES INP_WLOCK is already held
 1274  */
 1275 int
 1276 sctp_delete_sharedkey_ep(struct sctp_inpcb *inp, uint16_t keyid)
 1277 {
 1278         sctp_sharedkey_t *skey;
 1279 
 1280         if (inp == NULL)
 1281                 return (-1);
 1282 
 1283         /* is the keyid the active sending key on the endpoint */
 1284         if (keyid == inp->sctp_ep.default_keyid)
 1285                 return (-1);
 1286 
 1287         /* does the key exist? */
 1288         skey = sctp_find_sharedkey(&inp->sctp_ep.shared_keys, keyid);
 1289         if (skey == NULL)
 1290                 return (-1);
 1291 
 1292         /* endpoint keys are not refcounted */
 1293 
 1294         /* remove it */
 1295         LIST_REMOVE(skey, next);
 1296         sctp_free_sharedkey(skey);      /* frees skey->key as well */
 1297 
 1298         /* clear any cached keys */
 1299         sctp_clear_cachedkeys_ep(inp, keyid);
 1300         return (0);
 1301 }
 1302 
 1303 /*-
 1304  * set the active key on an association
 1305  * ASSUMES TCB_LOCK is already held
 1306  */
 1307 int
 1308 sctp_auth_setactivekey(struct sctp_tcb *stcb, uint16_t keyid)
 1309 {
 1310         sctp_sharedkey_t *skey = NULL;
 1311 
 1312         /* find the key on the assoc */
 1313         skey = sctp_find_sharedkey(&stcb->asoc.shared_keys, keyid);
 1314         if (skey == NULL) {
 1315                 /* that key doesn't exist */
 1316                 return (-1);
 1317         }
 1318         if ((skey->deactivated) && (skey->refcount > 1)) {
 1319                 /* can't reactivate a deactivated key with other refcounts */
 1320                 return (-1);
 1321         }
 1322         /* set the (new) active key */
 1323         stcb->asoc.authinfo.active_keyid = keyid;
 1324         /* reset the deactivated flag */
 1325         skey->deactivated = 0;
 1326 
 1327         return (0);
 1328 }
 1329 
 1330 /*-
 1331  * set the active key on an endpoint
 1332  * ASSUMES INP_WLOCK is already held
 1333  */
 1334 int
 1335 sctp_auth_setactivekey_ep(struct sctp_inpcb *inp, uint16_t keyid)
 1336 {
 1337         sctp_sharedkey_t *skey;
 1338 
 1339         /* find the key */
 1340         skey = sctp_find_sharedkey(&inp->sctp_ep.shared_keys, keyid);
 1341         if (skey == NULL) {
 1342                 /* that key doesn't exist */
 1343                 return (-1);
 1344         }
 1345         inp->sctp_ep.default_keyid = keyid;
 1346         return (0);
 1347 }
 1348 
 1349 /*-
 1350  * deactivates a shared key from the association
 1351  * ASSUMES INP_WLOCK is already held
 1352  */
 1353 int
 1354 sctp_deact_sharedkey(struct sctp_tcb *stcb, uint16_t keyid)
 1355 {
 1356         sctp_sharedkey_t *skey;
 1357 
 1358         if (stcb == NULL)
 1359                 return (-1);
 1360 
 1361         /* is the keyid the assoc active sending key */
 1362         if (keyid == stcb->asoc.authinfo.active_keyid)
 1363                 return (-1);
 1364 
 1365         /* does the key exist? */
 1366         skey = sctp_find_sharedkey(&stcb->asoc.shared_keys, keyid);
 1367         if (skey == NULL)
 1368                 return (-1);
 1369 
 1370         /* are there other refcount holders on the key? */
 1371         if (skey->refcount == 1) {
 1372                 /* no other users, send a notification for this key */
 1373                 sctp_ulp_notify(SCTP_NOTIFY_AUTH_FREE_KEY, stcb, keyid, 0,
 1374                     SCTP_SO_LOCKED);
 1375         }
 1376         /* mark the key as deactivated */
 1377         skey->deactivated = 1;
 1378 
 1379         return (0);
 1380 }
 1381 
 1382 /*-
 1383  * deactivates a shared key from the endpoint
 1384  * ASSUMES INP_WLOCK is already held
 1385  */
 1386 int
 1387 sctp_deact_sharedkey_ep(struct sctp_inpcb *inp, uint16_t keyid)
 1388 {
 1389         sctp_sharedkey_t *skey;
 1390 
 1391         if (inp == NULL)
 1392                 return (-1);
 1393 
 1394         /* is the keyid the active sending key on the endpoint */
 1395         if (keyid == inp->sctp_ep.default_keyid)
 1396                 return (-1);
 1397 
 1398         /* does the key exist? */
 1399         skey = sctp_find_sharedkey(&inp->sctp_ep.shared_keys, keyid);
 1400         if (skey == NULL)
 1401                 return (-1);
 1402 
 1403         /* endpoint keys are not refcounted */
 1404 
 1405         /* remove it */
 1406         LIST_REMOVE(skey, next);
 1407         sctp_free_sharedkey(skey);      /* frees skey->key as well */
 1408 
 1409         return (0);
 1410 }
 1411 
 1412 /*
 1413  * get local authentication parameters from cookie (from INIT-ACK)
 1414  */
 1415 void
 1416 sctp_auth_get_cookie_params(struct sctp_tcb *stcb, struct mbuf *m,
 1417     uint32_t offset, uint32_t length)
 1418 {
 1419         struct sctp_paramhdr *phdr, tmp_param;
 1420         uint16_t plen, ptype;
 1421         uint8_t random_store[SCTP_PARAM_BUFFER_SIZE];
 1422         struct sctp_auth_random *p_random = NULL;
 1423         uint16_t random_len = 0;
 1424         uint8_t hmacs_store[SCTP_PARAM_BUFFER_SIZE];
 1425         struct sctp_auth_hmac_algo *hmacs = NULL;
 1426         uint16_t hmacs_len = 0;
 1427         uint8_t chunks_store[SCTP_PARAM_BUFFER_SIZE];
 1428         struct sctp_auth_chunk_list *chunks = NULL;
 1429         uint16_t num_chunks = 0;
 1430         sctp_key_t *new_key;
 1431         uint32_t keylen;
 1432 
 1433         /* convert to upper bound */
 1434         length += offset;
 1435 
 1436         phdr = (struct sctp_paramhdr *)sctp_m_getptr(m, offset,
 1437             sizeof(struct sctp_paramhdr), (uint8_t *) & tmp_param);
 1438         while (phdr != NULL) {
 1439                 ptype = ntohs(phdr->param_type);
 1440                 plen = ntohs(phdr->param_length);
 1441 
 1442                 if ((plen == 0) || (offset + plen > length))
 1443                         break;
 1444 
 1445                 if (ptype == SCTP_RANDOM) {
 1446                         if (plen > sizeof(random_store))
 1447                                 break;
 1448                         phdr = sctp_get_next_param(m, offset,
 1449                             (struct sctp_paramhdr *)random_store, min(plen, sizeof(random_store)));
 1450                         if (phdr == NULL)
 1451                                 return;
 1452                         /* save the random and length for the key */
 1453                         p_random = (struct sctp_auth_random *)phdr;
 1454                         random_len = plen - sizeof(*p_random);
 1455                 } else if (ptype == SCTP_HMAC_LIST) {
 1456                         int num_hmacs;
 1457                         int i;
 1458 
 1459                         if (plen > sizeof(hmacs_store))
 1460                                 break;
 1461                         phdr = sctp_get_next_param(m, offset,
 1462                             (struct sctp_paramhdr *)hmacs_store, min(plen, sizeof(hmacs_store)));
 1463                         if (phdr == NULL)
 1464                                 return;
 1465                         /* save the hmacs list and num for the key */
 1466                         hmacs = (struct sctp_auth_hmac_algo *)phdr;
 1467                         hmacs_len = plen - sizeof(*hmacs);
 1468                         num_hmacs = hmacs_len / sizeof(hmacs->hmac_ids[0]);
 1469                         if (stcb->asoc.local_hmacs != NULL)
 1470                                 sctp_free_hmaclist(stcb->asoc.local_hmacs);
 1471                         stcb->asoc.local_hmacs = sctp_alloc_hmaclist(num_hmacs);
 1472                         if (stcb->asoc.local_hmacs != NULL) {
 1473                                 for (i = 0; i < num_hmacs; i++) {
 1474                                         (void)sctp_auth_add_hmacid(stcb->asoc.local_hmacs,
 1475                                             ntohs(hmacs->hmac_ids[i]));
 1476                                 }
 1477                         }
 1478                 } else if (ptype == SCTP_CHUNK_LIST) {
 1479                         int i;
 1480 
 1481                         if (plen > sizeof(chunks_store))
 1482                                 break;
 1483                         phdr = sctp_get_next_param(m, offset,
 1484                             (struct sctp_paramhdr *)chunks_store, min(plen, sizeof(chunks_store)));
 1485                         if (phdr == NULL)
 1486                                 return;
 1487                         chunks = (struct sctp_auth_chunk_list *)phdr;
 1488                         num_chunks = plen - sizeof(*chunks);
 1489                         /* save chunks list and num for the key */
 1490                         if (stcb->asoc.local_auth_chunks != NULL)
 1491                                 sctp_clear_chunklist(stcb->asoc.local_auth_chunks);
 1492                         else
 1493                                 stcb->asoc.local_auth_chunks = sctp_alloc_chunklist();
 1494                         for (i = 0; i < num_chunks; i++) {
 1495                                 (void)sctp_auth_add_chunk(chunks->chunk_types[i],
 1496                                     stcb->asoc.local_auth_chunks);
 1497                         }
 1498                 }
 1499                 /* get next parameter */
 1500                 offset += SCTP_SIZE32(plen);
 1501                 if (offset + sizeof(struct sctp_paramhdr) > length)
 1502                         break;
 1503                 phdr = (struct sctp_paramhdr *)sctp_m_getptr(m, offset, sizeof(struct sctp_paramhdr),
 1504                     (uint8_t *) & tmp_param);
 1505         }
 1506         /* concatenate the full random key */
 1507         keylen = sizeof(*p_random) + random_len + sizeof(*hmacs) + hmacs_len;
 1508         if (chunks != NULL) {
 1509                 keylen += sizeof(*chunks) + num_chunks;
 1510         }
 1511         new_key = sctp_alloc_key(keylen);
 1512         if (new_key != NULL) {
 1513                 /* copy in the RANDOM */
 1514                 if (p_random != NULL) {
 1515                         keylen = sizeof(*p_random) + random_len;
 1516                         bcopy(p_random, new_key->key, keylen);
 1517                 }
 1518                 /* append in the AUTH chunks */
 1519                 if (chunks != NULL) {
 1520                         bcopy(chunks, new_key->key + keylen,
 1521                             sizeof(*chunks) + num_chunks);
 1522                         keylen += sizeof(*chunks) + num_chunks;
 1523                 }
 1524                 /* append in the HMACs */
 1525                 if (hmacs != NULL) {
 1526                         bcopy(hmacs, new_key->key + keylen,
 1527                             sizeof(*hmacs) + hmacs_len);
 1528                 }
 1529         }
 1530         if (stcb->asoc.authinfo.random != NULL)
 1531                 sctp_free_key(stcb->asoc.authinfo.random);
 1532         stcb->asoc.authinfo.random = new_key;
 1533         stcb->asoc.authinfo.random_len = random_len;
 1534         sctp_clear_cachedkeys(stcb, stcb->asoc.authinfo.assoc_keyid);
 1535         sctp_clear_cachedkeys(stcb, stcb->asoc.authinfo.recv_keyid);
 1536 
 1537         /* negotiate what HMAC to use for the peer */
 1538         stcb->asoc.peer_hmac_id = sctp_negotiate_hmacid(stcb->asoc.peer_hmacs,
 1539             stcb->asoc.local_hmacs);
 1540 
 1541         /* copy defaults from the endpoint */
 1542         /* FIX ME: put in cookie? */
 1543         stcb->asoc.authinfo.active_keyid = stcb->sctp_ep->sctp_ep.default_keyid;
 1544         /* copy out the shared key list (by reference) from the endpoint */
 1545         (void)sctp_copy_skeylist(&stcb->sctp_ep->sctp_ep.shared_keys,
 1546             &stcb->asoc.shared_keys);
 1547 }
 1548 
 1549 /*
 1550  * compute and fill in the HMAC digest for a packet
 1551  */
 1552 void
 1553 sctp_fill_hmac_digest_m(struct mbuf *m, uint32_t auth_offset,
 1554     struct sctp_auth_chunk *auth, struct sctp_tcb *stcb, uint16_t keyid)
 1555 {
 1556         uint32_t digestlen;
 1557         sctp_sharedkey_t *skey;
 1558         sctp_key_t *key;
 1559 
 1560         if ((stcb == NULL) || (auth == NULL))
 1561                 return;
 1562 
 1563         /* zero the digest + chunk padding */
 1564         digestlen = sctp_get_hmac_digest_len(stcb->asoc.peer_hmac_id);
 1565         bzero(auth->hmac, SCTP_SIZE32(digestlen));
 1566 
 1567         /* is the desired key cached? */
 1568         if ((keyid != stcb->asoc.authinfo.assoc_keyid) ||
 1569             (stcb->asoc.authinfo.assoc_key == NULL)) {
 1570                 if (stcb->asoc.authinfo.assoc_key != NULL) {
 1571                         /* free the old cached key */
 1572                         sctp_free_key(stcb->asoc.authinfo.assoc_key);
 1573                 }
 1574                 skey = sctp_find_sharedkey(&stcb->asoc.shared_keys, keyid);
 1575                 /* the only way skey is NULL is if null key id 0 is used */
 1576                 if (skey != NULL)
 1577                         key = skey->key;
 1578                 else
 1579                         key = NULL;
 1580                 /* compute a new assoc key and cache it */
 1581                 stcb->asoc.authinfo.assoc_key =
 1582                     sctp_compute_hashkey(stcb->asoc.authinfo.random,
 1583                     stcb->asoc.authinfo.peer_random, key);
 1584                 stcb->asoc.authinfo.assoc_keyid = keyid;
 1585                 SCTPDBG(SCTP_DEBUG_AUTH1, "caching key id %u\n",
 1586                     stcb->asoc.authinfo.assoc_keyid);
 1587 #ifdef SCTP_DEBUG
 1588                 if (SCTP_AUTH_DEBUG)
 1589                         sctp_print_key(stcb->asoc.authinfo.assoc_key,
 1590                             "Assoc Key");
 1591 #endif
 1592         }
 1593         /* set in the active key id */
 1594         auth->shared_key_id = htons(keyid);
 1595 
 1596         /* compute and fill in the digest */
 1597         (void)sctp_compute_hmac_m(stcb->asoc.peer_hmac_id, stcb->asoc.authinfo.assoc_key,
 1598             m, auth_offset, auth->hmac);
 1599 }
 1600 
 1601 
 1602 static void
 1603 sctp_bzero_m(struct mbuf *m, uint32_t m_offset, uint32_t size)
 1604 {
 1605         struct mbuf *m_tmp;
 1606         uint8_t *data;
 1607 
 1608         /* sanity check */
 1609         if (m == NULL)
 1610                 return;
 1611 
 1612         /* find the correct starting mbuf and offset (get start position) */
 1613         m_tmp = m;
 1614         while ((m_tmp != NULL) && (m_offset >= (uint32_t) SCTP_BUF_LEN(m_tmp))) {
 1615                 m_offset -= SCTP_BUF_LEN(m_tmp);
 1616                 m_tmp = SCTP_BUF_NEXT(m_tmp);
 1617         }
 1618         /* now use the rest of the mbuf chain */
 1619         while ((m_tmp != NULL) && (size > 0)) {
 1620                 data = mtod(m_tmp, uint8_t *) + m_offset;
 1621                 if (size > (uint32_t) SCTP_BUF_LEN(m_tmp)) {
 1622                         bzero(data, SCTP_BUF_LEN(m_tmp));
 1623                         size -= SCTP_BUF_LEN(m_tmp);
 1624                 } else {
 1625                         bzero(data, size);
 1626                         size = 0;
 1627                 }
 1628                 /* clear the offset since it's only for the first mbuf */
 1629                 m_offset = 0;
 1630                 m_tmp = SCTP_BUF_NEXT(m_tmp);
 1631         }
 1632 }
 1633 
 1634 /*-
 1635  * process the incoming Authentication chunk
 1636  * return codes:
 1637  *   -1 on any authentication error
 1638  *    0 on authentication verification
 1639  */
 1640 int
 1641 sctp_handle_auth(struct sctp_tcb *stcb, struct sctp_auth_chunk *auth,
 1642     struct mbuf *m, uint32_t offset)
 1643 {
 1644         uint16_t chunklen;
 1645         uint16_t shared_key_id;
 1646         uint16_t hmac_id;
 1647         sctp_sharedkey_t *skey;
 1648         uint32_t digestlen;
 1649         uint8_t digest[SCTP_AUTH_DIGEST_LEN_MAX];
 1650         uint8_t computed_digest[SCTP_AUTH_DIGEST_LEN_MAX];
 1651 
 1652         /* auth is checked for NULL by caller */
 1653         chunklen = ntohs(auth->ch.chunk_length);
 1654         if (chunklen < sizeof(*auth)) {
 1655                 SCTP_STAT_INCR(sctps_recvauthfailed);
 1656                 return (-1);
 1657         }
 1658         SCTP_STAT_INCR(sctps_recvauth);
 1659 
 1660         /* get the auth params */
 1661         shared_key_id = ntohs(auth->shared_key_id);
 1662         hmac_id = ntohs(auth->hmac_id);
 1663         SCTPDBG(SCTP_DEBUG_AUTH1,
 1664             "SCTP AUTH Chunk: shared key %u, HMAC id %u\n",
 1665             shared_key_id, hmac_id);
 1666 
 1667         /* is the indicated HMAC supported? */
 1668         if (!sctp_auth_is_supported_hmac(stcb->asoc.local_hmacs, hmac_id)) {
 1669                 struct mbuf *m_err;
 1670                 struct sctp_auth_invalid_hmac *err;
 1671 
 1672                 SCTP_STAT_INCR(sctps_recvivalhmacid);
 1673                 SCTPDBG(SCTP_DEBUG_AUTH1,
 1674                     "SCTP Auth: unsupported HMAC id %u\n",
 1675                     hmac_id);
 1676                 /*
 1677                  * report this in an Error Chunk: Unsupported HMAC
 1678                  * Identifier
 1679                  */
 1680                 m_err = sctp_get_mbuf_for_msg(sizeof(*err), 0, M_DONTWAIT,
 1681                     1, MT_HEADER);
 1682                 if (m_err != NULL) {
 1683                         /* pre-reserve some space */
 1684                         SCTP_BUF_RESV_UF(m_err, sizeof(struct sctp_chunkhdr));
 1685                         /* fill in the error */
 1686                         err = mtod(m_err, struct sctp_auth_invalid_hmac *);
 1687                         bzero(err, sizeof(*err));
 1688                         err->ph.param_type = htons(SCTP_CAUSE_UNSUPPORTED_HMACID);
 1689                         err->ph.param_length = htons(sizeof(*err));
 1690                         err->hmac_id = ntohs(hmac_id);
 1691                         SCTP_BUF_LEN(m_err) = sizeof(*err);
 1692                         /* queue it */
 1693                         sctp_queue_op_err(stcb, m_err);
 1694                 }
 1695                 return (-1);
 1696         }
 1697         /* get the indicated shared key, if available */
 1698         if ((stcb->asoc.authinfo.recv_key == NULL) ||
 1699             (stcb->asoc.authinfo.recv_keyid != shared_key_id)) {
 1700                 /* find the shared key on the assoc first */
 1701                 skey = sctp_find_sharedkey(&stcb->asoc.shared_keys,
 1702                     shared_key_id);
 1703                 /* if the shared key isn't found, discard the chunk */
 1704                 if (skey == NULL) {
 1705                         SCTP_STAT_INCR(sctps_recvivalkeyid);
 1706                         SCTPDBG(SCTP_DEBUG_AUTH1,
 1707                             "SCTP Auth: unknown key id %u\n",
 1708                             shared_key_id);
 1709                         return (-1);
 1710                 }
 1711                 /* generate a notification if this is a new key id */
 1712                 if (stcb->asoc.authinfo.recv_keyid != shared_key_id)
 1713                         /*
 1714                          * sctp_ulp_notify(SCTP_NOTIFY_AUTH_NEW_KEY, stcb,
 1715                          * shared_key_id, (void
 1716                          * *)stcb->asoc.authinfo.recv_keyid);
 1717                          */
 1718                         sctp_notify_authentication(stcb, SCTP_AUTH_NEW_KEY,
 1719                             shared_key_id, stcb->asoc.authinfo.recv_keyid,
 1720                             SCTP_SO_NOT_LOCKED);
 1721                 /* compute a new recv assoc key and cache it */
 1722                 if (stcb->asoc.authinfo.recv_key != NULL)
 1723                         sctp_free_key(stcb->asoc.authinfo.recv_key);
 1724                 stcb->asoc.authinfo.recv_key =
 1725                     sctp_compute_hashkey(stcb->asoc.authinfo.random,
 1726                     stcb->asoc.authinfo.peer_random, skey->key);
 1727                 stcb->asoc.authinfo.recv_keyid = shared_key_id;
 1728 #ifdef SCTP_DEBUG
 1729                 if (SCTP_AUTH_DEBUG)
 1730                         sctp_print_key(stcb->asoc.authinfo.recv_key, "Recv Key");
 1731 #endif
 1732         }
 1733         /* validate the digest length */
 1734         digestlen = sctp_get_hmac_digest_len(hmac_id);
 1735         if (chunklen < (sizeof(*auth) + digestlen)) {
 1736                 /* invalid digest length */
 1737                 SCTP_STAT_INCR(sctps_recvauthfailed);
 1738                 SCTPDBG(SCTP_DEBUG_AUTH1,
 1739                     "SCTP Auth: chunk too short for HMAC\n");
 1740                 return (-1);
 1741         }
 1742         /* save a copy of the digest, zero the pseudo header, and validate */
 1743         bcopy(auth->hmac, digest, digestlen);
 1744         sctp_bzero_m(m, offset + sizeof(*auth), SCTP_SIZE32(digestlen));
 1745         (void)sctp_compute_hmac_m(hmac_id, stcb->asoc.authinfo.recv_key,
 1746             m, offset, computed_digest);
 1747 
 1748         /* compare the computed digest with the one in the AUTH chunk */
 1749         if (memcmp(digest, computed_digest, digestlen) != 0) {
 1750                 SCTP_STAT_INCR(sctps_recvauthfailed);
 1751                 SCTPDBG(SCTP_DEBUG_AUTH1,
 1752                     "SCTP Auth: HMAC digest check failed\n");
 1753                 return (-1);
 1754         }
 1755         return (0);
 1756 }
 1757 
 1758 /*
 1759  * Generate NOTIFICATION
 1760  */
 1761 void
 1762 sctp_notify_authentication(struct sctp_tcb *stcb, uint32_t indication,
 1763     uint16_t keyid, uint16_t alt_keyid, int so_locked
 1764 #if !defined(__APPLE__) && !defined(SCTP_SO_LOCK_TESTING)
 1765     SCTP_UNUSED
 1766 #endif
 1767 )
 1768 {
 1769         struct mbuf *m_notify;
 1770         struct sctp_authkey_event *auth;
 1771         struct sctp_queued_to_read *control;
 1772 
 1773         if ((stcb == NULL) ||
 1774             (stcb->sctp_ep->sctp_flags & SCTP_PCB_FLAGS_SOCKET_GONE) ||
 1775             (stcb->sctp_ep->sctp_flags & SCTP_PCB_FLAGS_SOCKET_ALLGONE) ||
 1776             (stcb->asoc.state & SCTP_STATE_CLOSED_SOCKET)
 1777             ) {
 1778                 /* If the socket is gone we are out of here */
 1779                 return;
 1780         }
 1781         if (sctp_stcb_is_feature_off(stcb->sctp_ep, stcb, SCTP_PCB_FLAGS_AUTHEVNT))
 1782                 /* event not enabled */
 1783                 return;
 1784 
 1785         m_notify = sctp_get_mbuf_for_msg(sizeof(struct sctp_authkey_event),
 1786             0, M_DONTWAIT, 1, MT_HEADER);
 1787         if (m_notify == NULL)
 1788                 /* no space left */
 1789                 return;
 1790 
 1791         SCTP_BUF_LEN(m_notify) = 0;
 1792         auth = mtod(m_notify, struct sctp_authkey_event *);
 1793         memset(auth, 0, sizeof(struct sctp_authkey_event));
 1794         auth->auth_type = SCTP_AUTHENTICATION_EVENT;
 1795         auth->auth_flags = 0;
 1796         auth->auth_length = sizeof(*auth);
 1797         auth->auth_keynumber = keyid;
 1798         auth->auth_altkeynumber = alt_keyid;
 1799         auth->auth_indication = indication;
 1800         auth->auth_assoc_id = sctp_get_associd(stcb);
 1801 
 1802         SCTP_BUF_LEN(m_notify) = sizeof(*auth);
 1803         SCTP_BUF_NEXT(m_notify) = NULL;
 1804 
 1805         /* append to socket */
 1806         control = sctp_build_readq_entry(stcb, stcb->asoc.primary_destination,
 1807             0, 0, stcb->asoc.context, 0, 0, 0, m_notify);
 1808         if (control == NULL) {
 1809                 /* no memory */
 1810                 sctp_m_freem(m_notify);
 1811                 return;
 1812         }
 1813         control->spec_flags = M_NOTIFICATION;
 1814         control->length = SCTP_BUF_LEN(m_notify);
 1815         /* not that we need this */
 1816         control->tail_mbuf = m_notify;
 1817         sctp_add_to_readq(stcb->sctp_ep, stcb, control,
 1818             &stcb->sctp_socket->so_rcv, 1, SCTP_READ_LOCK_NOT_HELD, so_locked);
 1819 }
 1820 
 1821 
 1822 /*-
 1823  * validates the AUTHentication related parameters in an INIT/INIT-ACK
 1824  * Note: currently only used for INIT as INIT-ACK is handled inline
 1825  * with sctp_load_addresses_from_init()
 1826  */
 1827 int
 1828 sctp_validate_init_auth_params(struct mbuf *m, int offset, int limit)
 1829 {
 1830         struct sctp_paramhdr *phdr, parm_buf;
 1831         uint16_t ptype, plen;
 1832         int peer_supports_asconf = 0;
 1833         int peer_supports_auth = 0;
 1834         int got_random = 0, got_hmacs = 0, got_chklist = 0;
 1835         uint8_t saw_asconf = 0;
 1836         uint8_t saw_asconf_ack = 0;
 1837 
 1838         /* go through each of the params. */
 1839         phdr = sctp_get_next_param(m, offset, &parm_buf, sizeof(parm_buf));
 1840         while (phdr) {
 1841                 ptype = ntohs(phdr->param_type);
 1842                 plen = ntohs(phdr->param_length);
 1843 
 1844                 if (offset + plen > limit) {
 1845                         break;
 1846                 }
 1847                 if (plen < sizeof(struct sctp_paramhdr)) {
 1848                         break;
 1849                 }
 1850                 if (ptype == SCTP_SUPPORTED_CHUNK_EXT) {
 1851                         /* A supported extension chunk */
 1852                         struct sctp_supported_chunk_types_param *pr_supported;
 1853                         uint8_t local_store[SCTP_PARAM_BUFFER_SIZE];
 1854                         int num_ent, i;
 1855 
 1856                         phdr = sctp_get_next_param(m, offset,
 1857                             (struct sctp_paramhdr *)&local_store, min(plen, sizeof(local_store)));
 1858                         if (phdr == NULL) {
 1859                                 return (-1);
 1860                         }
 1861                         pr_supported = (struct sctp_supported_chunk_types_param *)phdr;
 1862                         num_ent = plen - sizeof(struct sctp_paramhdr);
 1863                         for (i = 0; i < num_ent; i++) {
 1864                                 switch (pr_supported->chunk_types[i]) {
 1865                                 case SCTP_ASCONF:
 1866                                 case SCTP_ASCONF_ACK:
 1867                                         peer_supports_asconf = 1;
 1868                                         break;
 1869                                 default:
 1870                                         /* one we don't care about */
 1871                                         break;
 1872                                 }
 1873                         }
 1874                 } else if (ptype == SCTP_RANDOM) {
 1875                         got_random = 1;
 1876                         /* enforce the random length */
 1877                         if (plen != (sizeof(struct sctp_auth_random) +
 1878                             SCTP_AUTH_RANDOM_SIZE_REQUIRED)) {
 1879                                 SCTPDBG(SCTP_DEBUG_AUTH1,
 1880                                     "SCTP: invalid RANDOM len\n");
 1881                                 return (-1);
 1882                         }
 1883                 } else if (ptype == SCTP_HMAC_LIST) {
 1884                         uint8_t store[SCTP_PARAM_BUFFER_SIZE];
 1885                         struct sctp_auth_hmac_algo *hmacs;
 1886                         int num_hmacs;
 1887 
 1888                         if (plen > sizeof(store))
 1889                                 break;
 1890                         phdr = sctp_get_next_param(m, offset,
 1891                             (struct sctp_paramhdr *)store, min(plen, sizeof(store)));
 1892                         if (phdr == NULL)
 1893                                 return (-1);
 1894                         hmacs = (struct sctp_auth_hmac_algo *)phdr;
 1895                         num_hmacs = (plen - sizeof(*hmacs)) /
 1896                             sizeof(hmacs->hmac_ids[0]);
 1897                         /* validate the hmac list */
 1898                         if (sctp_verify_hmac_param(hmacs, num_hmacs)) {
 1899                                 SCTPDBG(SCTP_DEBUG_AUTH1,
 1900                                     "SCTP: invalid HMAC param\n");
 1901                                 return (-1);
 1902                         }
 1903                         got_hmacs = 1;
 1904                 } else if (ptype == SCTP_CHUNK_LIST) {
 1905                         int i, num_chunks;
 1906                         uint8_t chunks_store[SCTP_SMALL_CHUNK_STORE];
 1907 
 1908                         /* did the peer send a non-empty chunk list? */
 1909                         struct sctp_auth_chunk_list *chunks = NULL;
 1910 
 1911                         phdr = sctp_get_next_param(m, offset,
 1912                             (struct sctp_paramhdr *)chunks_store,
 1913                             min(plen, sizeof(chunks_store)));
 1914                         if (phdr == NULL)
 1915                                 return (-1);
 1916 
 1917                         /*-
 1918                          * Flip through the list and mark that the
 1919                          * peer supports asconf/asconf_ack.
 1920                          */
 1921                         chunks = (struct sctp_auth_chunk_list *)phdr;
 1922                         num_chunks = plen - sizeof(*chunks);
 1923                         for (i = 0; i < num_chunks; i++) {
 1924                                 /* record asconf/asconf-ack if listed */
 1925                                 if (chunks->chunk_types[i] == SCTP_ASCONF)
 1926                                         saw_asconf = 1;
 1927                                 if (chunks->chunk_types[i] == SCTP_ASCONF_ACK)
 1928                                         saw_asconf_ack = 1;
 1929 
 1930                         }
 1931                         if (num_chunks)
 1932                                 got_chklist = 1;
 1933                 }
 1934                 offset += SCTP_SIZE32(plen);
 1935                 if (offset >= limit) {
 1936                         break;
 1937                 }
 1938                 phdr = sctp_get_next_param(m, offset, &parm_buf,
 1939                     sizeof(parm_buf));
 1940         }
 1941         /* validate authentication required parameters */
 1942         if (got_random && got_hmacs) {
 1943                 peer_supports_auth = 1;
 1944         } else {
 1945                 peer_supports_auth = 0;
 1946         }
 1947         if (!peer_supports_auth && got_chklist) {
 1948                 SCTPDBG(SCTP_DEBUG_AUTH1,
 1949                     "SCTP: peer sent chunk list w/o AUTH\n");
 1950                 return (-1);
 1951         }
 1952         if (!SCTP_BASE_SYSCTL(sctp_asconf_auth_nochk) && peer_supports_asconf &&
 1953             !peer_supports_auth) {
 1954                 SCTPDBG(SCTP_DEBUG_AUTH1,
 1955                     "SCTP: peer supports ASCONF but not AUTH\n");
 1956                 return (-1);
 1957         } else if ((peer_supports_asconf) && (peer_supports_auth) &&
 1958             ((saw_asconf == 0) || (saw_asconf_ack == 0))) {
 1959                 return (-2);
 1960         }
 1961         return (0);
 1962 }
 1963 
 1964 void
 1965 sctp_initialize_auth_params(struct sctp_inpcb *inp, struct sctp_tcb *stcb)
 1966 {
 1967         uint16_t chunks_len = 0;
 1968         uint16_t hmacs_len = 0;
 1969         uint16_t random_len = SCTP_AUTH_RANDOM_SIZE_DEFAULT;
 1970         sctp_key_t *new_key;
 1971         uint16_t keylen;
 1972 
 1973         /* initialize hmac list from endpoint */
 1974         stcb->asoc.local_hmacs = sctp_copy_hmaclist(inp->sctp_ep.local_hmacs);
 1975         if (stcb->asoc.local_hmacs != NULL) {
 1976                 hmacs_len = stcb->asoc.local_hmacs->num_algo *
 1977                     sizeof(stcb->asoc.local_hmacs->hmac[0]);
 1978         }
 1979         /* initialize auth chunks list from endpoint */
 1980         stcb->asoc.local_auth_chunks =
 1981             sctp_copy_chunklist(inp->sctp_ep.local_auth_chunks);
 1982         if (stcb->asoc.local_auth_chunks != NULL) {
 1983                 int i;
 1984 
 1985                 for (i = 0; i < 256; i++) {
 1986                         if (stcb->asoc.local_auth_chunks->chunks[i])
 1987                                 chunks_len++;
 1988                 }
 1989         }
 1990         /* copy defaults from the endpoint */
 1991         stcb->asoc.authinfo.active_keyid = inp->sctp_ep.default_keyid;
 1992 
 1993         /* copy out the shared key list (by reference) from the endpoint */
 1994         (void)sctp_copy_skeylist(&inp->sctp_ep.shared_keys,
 1995             &stcb->asoc.shared_keys);
 1996 
 1997         /* now set the concatenated key (random + chunks + hmacs) */
 1998         /* key includes parameter headers */
 1999         keylen = (3 * sizeof(struct sctp_paramhdr)) + random_len + chunks_len +
 2000             hmacs_len;
 2001         new_key = sctp_alloc_key(keylen);
 2002         if (new_key != NULL) {
 2003                 struct sctp_paramhdr *ph;
 2004                 int plen;
 2005 
 2006                 /* generate and copy in the RANDOM */
 2007                 ph = (struct sctp_paramhdr *)new_key->key;
 2008                 ph->param_type = htons(SCTP_RANDOM);
 2009                 plen = sizeof(*ph) + random_len;
 2010                 ph->param_length = htons(plen);
 2011                 SCTP_READ_RANDOM(new_key->key + sizeof(*ph), random_len);
 2012                 keylen = plen;
 2013 
 2014                 /* append in the AUTH chunks */
 2015                 /* NOTE: currently we always have chunks to list */
 2016                 ph = (struct sctp_paramhdr *)(new_key->key + keylen);
 2017                 ph->param_type = htons(SCTP_CHUNK_LIST);
 2018                 plen = sizeof(*ph) + chunks_len;
 2019                 ph->param_length = htons(plen);
 2020                 keylen += sizeof(*ph);
 2021                 if (stcb->asoc.local_auth_chunks) {
 2022                         int i;
 2023 
 2024                         for (i = 0; i < 256; i++) {
 2025                                 if (stcb->asoc.local_auth_chunks->chunks[i])
 2026                                         new_key->key[keylen++] = i;
 2027                         }
 2028                 }
 2029                 /* append in the HMACs */
 2030                 ph = (struct sctp_paramhdr *)(new_key->key + keylen);
 2031                 ph->param_type = htons(SCTP_HMAC_LIST);
 2032                 plen = sizeof(*ph) + hmacs_len;
 2033                 ph->param_length = htons(plen);
 2034                 keylen += sizeof(*ph);
 2035                 (void)sctp_serialize_hmaclist(stcb->asoc.local_hmacs,
 2036                     new_key->key + keylen);
 2037         }
 2038         if (stcb->asoc.authinfo.random != NULL)
 2039                 sctp_free_key(stcb->asoc.authinfo.random);
 2040         stcb->asoc.authinfo.random = new_key;
 2041         stcb->asoc.authinfo.random_len = random_len;
 2042 }

Cache object: 098f7b6520d5488a5a03891172ecd4bc


[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]


This page is part of the FreeBSD/Linux Linux Kernel Cross-Reference, and was automatically generated using a modified version of the LXR engine.