xnu-344.tar.gz

[apple/xnu.git] / bsd / netinet6 / esp_output.c
diff --git a/bsd/netinet6/esp_output.c b/bsd/netinet6/esp_output.c

index 26a1b0ca6208868115e9c2ef91ccdf01f15521b0..9ada8fc7c17a57da7e1a469a69b237c81bef0a88 100644 (file)
--- a/bsd/netinet6/esp_output.c
+++ b/bsd/netinet6/esp_output.c
@@ -1,4 +1,5 @@
-/*     $KAME: esp_output.c,v 1.17 2000/02/22 14:04:15 itojun Exp $     */
+/*     $FreeBSD: src/sys/netinet6/esp_output.c,v 1.1.2.2 2001/07/03 11:01:50 ume Exp $ */
+/*     $KAME: esp_output.c,v 1.43 2001/03/01 07:10:45 itojun Exp $     */
  
  /*
   * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
  
  /*
   * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -30,9 +31,6 @@
   */
  
  #define _IP_VHL
   */
  
  #define _IP_VHL
-#if (defined(__FreeBSD__) && __FreeBSD__ >= 3) || defined(__NetBSD__)
-#include "opt_inet.h"
-#endif
  
  /*
   * RFC1827/2406 Encapsulated Security Payload.
  
  /*
   * RFC1827/2406 Encapsulated Security Payload.
@@ -66,11 +64,19 @@
  #endif
  
  #include <netinet6/ipsec.h>
  #endif
  
  #include <netinet6/ipsec.h>
+#if INET6
+#include <netinet6/ipsec6.h>
+#endif
  #include <netinet6/ah.h>
  #include <netinet6/ah.h>
+#if INET6
+#include <netinet6/ah6.h>
+#endif
  #include <netinet6/esp.h>
  #include <netinet6/esp.h>
+#if INET6
+#include <netinet6/esp6.h>
+#endif
  #include <netkey/key.h>
  #include <netkey/keydb.h>
  #include <netkey/key.h>
  #include <netkey/keydb.h>
-#include <netkey/key_debug.h>
  
  #include <net/net_osdep.h>
  
  
  #include <net/net_osdep.h>
  
@@ -85,7 +91,8 @@ esp_hdrsiz(isr)
         struct ipsecrequest *isr;
  {
         struct secasvar *sav;
         struct ipsecrequest *isr;
  {
         struct secasvar *sav;
-       struct esp_algorithm *algo;
+       const struct esp_algorithm *algo;
+       const struct ah_algorithm *aalgo;
         size_t ivlen;
         size_t authlen;
         size_t hdrsiz;
         size_t ivlen;
         size_t authlen;
         size_t hdrsiz;
@@ -106,7 +113,7 @@ esp_hdrsiz(isr)
                 goto estimate;
  
         /* we need transport mode ESP. */
                 goto estimate;
  
         /* we need transport mode ESP. */
-       algo = &esp_algorithms[sav->alg_enc];
+       algo = esp_algorithm_lookup(sav->alg_enc);
         if (!algo)
                 goto estimate;
         ivlen = sav->ivlen;
         if (!algo)
                 goto estimate;
         ivlen = sav->ivlen;
@@ -125,8 +132,9 @@ esp_hdrsiz(isr)
                 hdrsiz = sizeof(struct esp) + ivlen + 9;
         } else {
                 /* RFC 2406 */
                 hdrsiz = sizeof(struct esp) + ivlen + 9;
         } else {
                 /* RFC 2406 */
-               if (sav->replay && sav->alg_auth && sav->key_auth)
-                       authlen = (*ah_algorithms[sav->alg_auth].sumsiz)(sav);
+               aalgo = ah_algorithm_lookup(sav->alg_auth);
+               if (aalgo && sav->replay && sav->key_auth)
+                       authlen = (aalgo->sumsiz)(sav);
                 else
                         authlen = 0;
                 hdrsiz = sizeof(struct newesp) + ivlen + 9 + authlen;
                 else
                         authlen = 0;
                 hdrsiz = sizeof(struct newesp) + ivlen + 9 + authlen;
@@ -138,12 +146,12 @@ esp_hdrsiz(isr)
         /*
          * ASSUMING:
          *      sizeof(struct newesp) > sizeof(struct esp).
         /*
          * ASSUMING:
          *      sizeof(struct newesp) > sizeof(struct esp).
-        *      8 = ivlen for CBC mode (RFC2451).
+        *      esp_max_ivlen() = max ivlen for CBC mode
          *      9 = (maximum padding length without random padding length)
          *         + (Pad Length field) + (Next Header field).
          *      16 = maximum ICV we support.
          */
          *      9 = (maximum padding length without random padding length)
          *         + (Pad Length field) + (Next Header field).
          *      16 = maximum ICV we support.
          */
-       return sizeof(struct newesp) + 8 + 9 + 16;
+       return sizeof(struct newesp) + esp_max_ivlen() + 9 + 16;
  }
  
  /*
  }
  
  /*
@@ -179,7 +187,7 @@ esp_output(m, nexthdrp, md, isr, af)
         struct esp *esp;
         struct esptail *esptail;
         struct secasvar *sav = isr->sav;
         struct esp *esp;
         struct esptail *esptail;
         struct secasvar *sav = isr->sav;
-       struct esp_algorithm *algo;
+       const struct esp_algorithm *algo;
         u_int32_t spi;
         u_int8_t nxt = 0;
         size_t plen;    /*payload length to be encrypted*/
         u_int32_t spi;
         u_int8_t nxt = 0;
         size_t plen;    /*payload length to be encrypted*/
@@ -188,16 +196,19 @@ esp_output(m, nexthdrp, md, isr, af)
         int afnumber;
         size_t extendsiz;
         int error = 0;
         int afnumber;
         size_t extendsiz;
         int error = 0;
+       struct ipsecstat *stat;
  
         switch (af) {
  #if INET
         case AF_INET:
                 afnumber = 4;
  
         switch (af) {
  #if INET
         case AF_INET:
                 afnumber = 4;
+               stat = &ipsecstat;
                 break;
  #endif
  #if INET6
         case AF_INET6:
                 afnumber = 6;
                 break;
  #endif
  #if INET6
         case AF_INET6:
                 afnumber = 6;
+               stat = &ipsec6stat;
                 break;
  #endif
         default:
                 break;
  #endif
         default:
@@ -220,28 +231,31 @@ esp_output(m, nexthdrp, md, isr, af)
                                 (u_int32_t)ntohl(ip->ip_dst.s_addr),
                                 (u_int32_t)ntohl(sav->spi)));
                         ipsecstat.out_inval++;
                                 (u_int32_t)ntohl(ip->ip_dst.s_addr),
                                 (u_int32_t)ntohl(sav->spi)));
                         ipsecstat.out_inval++;
-                       m_freem(m);
-                       return EINVAL;
+                       break;
                     }
  #endif /*INET*/
  #if INET6
                 case AF_INET6:
                     }
  #endif /*INET*/
  #if INET6
                 case AF_INET6:
-                   {
-                       struct ip6_hdr *ip6;
-
-                       ip6 = mtod(m, struct ip6_hdr *);
                         ipseclog((LOG_DEBUG, "esp6_output: internal error: "
                                 "sav->replay is null: SPI=%u\n",
                                 (u_int32_t)ntohl(sav->spi)));
                         ipsec6stat.out_inval++;
                         ipseclog((LOG_DEBUG, "esp6_output: internal error: "
                                 "sav->replay is null: SPI=%u\n",
                                 (u_int32_t)ntohl(sav->spi)));
                         ipsec6stat.out_inval++;
-                       m_freem(m);
-                       return EINVAL;
-                   }
+                       break;
  #endif /*INET6*/
  #endif /*INET6*/
+               default:
+                       panic("esp_output: should not reach here");
                 }
                 }
+               m_freem(m);
+               return EINVAL;
         }
  
         }
  
-       algo = &esp_algorithms[sav->alg_enc];   /*XXX*/
+       algo = esp_algorithm_lookup(sav->alg_enc);
+       if (!algo) {
+               ipseclog((LOG_ERR, "esp_output: unsupported algorithm: "
+                   "SPI=%u\n", (u_int32_t)ntohl(sav->spi)));
+               m_freem(m);
+               return EINVAL;
+       }
         spi = sav->spi;
         ivlen = sav->ivlen;
         /* should be okey */
         spi = sav->spi;
         ivlen = sav->ivlen;
         /* should be okey */
@@ -326,7 +340,7 @@ esp_output(m, nexthdrp, md, isr, af)
          * before: IP ... payload
          * after:  IP ... ESP IV payload
          */
          * before: IP ... payload
          * after:  IP ... ESP IV payload
          */
-       if (M_LEADINGSPACE(md) < esphlen) {
+       if (M_LEADINGSPACE(md) < esphlen || (md->m_flags & M_EXT) != 0) {
                 MGET(n, M_DONTWAIT, MT_DATA);
                 if (!n) {
                         m_freem(m);
                 MGET(n, M_DONTWAIT, MT_DATA);
                 if (!n) {
                         m_freem(m);
@@ -381,7 +395,7 @@ esp_output(m, nexthdrp, md, isr, af)
                                 ipseclog((LOG_WARNING,
                                     "replay counter overflowed. %s\n",
                                     ipsec_logsastr(sav)));
                                 ipseclog((LOG_WARNING,
                                     "replay counter overflowed. %s\n",
                                     ipsec_logsastr(sav)));
-                               ipsecstat.out_inval++;
+                               stat->out_inval++;
                                 m_freem(m);
                                 return EINVAL;
                         }
                                 m_freem(m);
                                 return EINVAL;
                         }
@@ -397,7 +411,6 @@ esp_output(m, nexthdrp, md, isr, af)
      {
         /*
          * find the last mbuf. make some room for ESP trailer.
      {
         /*
          * find the last mbuf. make some room for ESP trailer.
-        * XXX new-esp authentication data
          */
  #if INET
         struct ip *ip = NULL;
          */
  #if INET
         struct ip *ip = NULL;
@@ -405,6 +418,7 @@ esp_output(m, nexthdrp, md, isr, af)
         size_t padbound;
         u_char *extend;
         int i;
         size_t padbound;
         u_char *extend;
         int i;
+       int randpadmax;
  
         if (algo->padbound)
                 padbound = algo->padbound;
  
         if (algo->padbound)
                 padbound = algo->padbound;
@@ -418,13 +432,62 @@ esp_output(m, nexthdrp, md, isr, af)
         if (extendsiz == 1)
                 extendsiz = padbound + 1;
  
         if (extendsiz == 1)
                 extendsiz = padbound + 1;
  
+       /* random padding */
+       switch (af) {
+#if INET
+       case AF_INET:
+               randpadmax = ip4_esp_randpad;
+               break;
+#endif
+#if INET6
+       case AF_INET6:
+               randpadmax = ip6_esp_randpad;
+               break;
+#endif
+       default:
+               randpadmax = -1;
+               break;
+       }
+       if (randpadmax < 0 || plen + extendsiz >= randpadmax)
+               ;
+       else {
+               int n;
+
+               /* round */
+               randpadmax = (randpadmax / padbound) * padbound;
+               n = (randpadmax - plen + extendsiz) / padbound;
+
+               if (n > 0)
+                       n = (random() % n) * padbound;
+               else
+                       n = 0;
+
+               /*
+                * make sure we do not pad too much.
+                * MLEN limitation comes from the trailer attachment
+                * code below.
+                * 256 limitation comes from sequential padding.
+                * also, the 1-octet length field in ESP trailer imposes
+                * limitation (but is less strict than sequential padding
+                * as length field do not count the last 2 octets).
+                */
+               if (extendsiz + n <= MLEN && extendsiz + n < 256)
+                       extendsiz += n;
+       }
+
+#if DIAGNOSTIC
+       if (extendsiz > MLEN || extendsiz >= 256)
+               panic("extendsiz too big in esp_output");
+#endif
+
         n = m;
         while (n->m_next)
                 n = n->m_next;
  
         /*
         n = m;
         while (n->m_next)
                 n = n->m_next;
  
         /*
-        * if M_EXT, the external part may be shared among
-        * two consequtive TCP packets.
+        * if M_EXT, the external mbuf data may be shared among
+        * two consequtive TCP packets, and it may be unsafe to use the
+        * trailing space.
          */
         if (!(n->m_flags & M_EXT) && extendsiz < M_TRAILINGSPACE(n)) {
                 extend = mtod(n, u_char *) + n->m_len;
          */
         if (!(n->m_flags & M_EXT) && extendsiz < M_TRAILINGSPACE(n)) {
                 extend = mtod(n, u_char *) + n->m_len;
@@ -450,8 +513,7 @@ esp_output(m, nexthdrp, md, isr, af)
         }
         switch (sav->flags & SADB_X_EXT_PMASK) {
         case SADB_X_EXT_PRAND:
         }
         switch (sav->flags & SADB_X_EXT_PMASK) {
         case SADB_X_EXT_PRAND:
-               for (i = 0; i < extendsiz; i++)
-                       extend[i] = random() & 0xff;
+               key_randomfill(extend, extendsiz);
                 break;
         case SADB_X_EXT_PZERO:
                 bzero(extend, extendsiz);
                 break;
         case SADB_X_EXT_PZERO:
                 bzero(extend, extendsiz);
@@ -493,6 +555,16 @@ esp_output(m, nexthdrp, md, isr, af)
         }
      }
  
         }
      }
  
+       /*
+        * pre-compute and cache intermediate key
+        */
+       error = esp_schedule(algo, sav);
+       if (error) {
+               m_freem(m);
+               stat->out_inval++;
+               goto fail;
+       }
+
         /*
          * encrypt the packet, based on security association
          * and the algorithm specified.
         /*
          * encrypt the packet, based on security association
          * and the algorithm specified.
@@ -500,20 +572,9 @@ esp_output(m, nexthdrp, md, isr, af)
         if (!algo->encrypt)
                 panic("internal error: no encrypt function");
         if ((*algo->encrypt)(m, espoff, plen + extendsiz, sav, algo, ivlen)) {
         if (!algo->encrypt)
                 panic("internal error: no encrypt function");
         if ((*algo->encrypt)(m, espoff, plen + extendsiz, sav, algo, ivlen)) {
+               /* m is already freed */
                 ipseclog((LOG_ERR, "packet encryption failure\n"));
                 ipseclog((LOG_ERR, "packet encryption failure\n"));
-               m_freem(m);
-               switch (af) {
-#if INET
-               case AF_INET:
-                       ipsecstat.out_inval++;
-                       break;
-#endif
-#if INET6
-               case AF_INET6:
-                       ipsec6stat.out_inval++;
-                       break;
-#endif
-               }
+               stat->out_inval++;
                 error = EINVAL;
                 goto fail;
         }
                 error = EINVAL;
                 goto fail;
         }
@@ -525,21 +586,33 @@ esp_output(m, nexthdrp, md, isr, af)
                 goto noantireplay;
         if (!sav->key_auth)
                 goto noantireplay;
                 goto noantireplay;
         if (!sav->key_auth)
                 goto noantireplay;
-       if (!sav->alg_auth)
+       if (sav->key_auth == SADB_AALG_NONE)
                 goto noantireplay;
                 goto noantireplay;
+
      {
      {
+       const struct ah_algorithm *aalgo;
         u_char authbuf[AH_MAXSUMSIZE];
         struct mbuf *n;
         u_char *p;
         size_t siz;
         u_char authbuf[AH_MAXSUMSIZE];
         struct mbuf *n;
         u_char *p;
         size_t siz;
+#if INET
         struct ip *ip;
         struct ip *ip;
+#endif
  
  
-       siz = (((*ah_algorithms[sav->alg_auth].sumsiz)(sav) + 3) & ~(4 - 1));
+       aalgo = ah_algorithm_lookup(sav->alg_auth);
+       if (!aalgo)
+               goto noantireplay;
+       siz = ((aalgo->sumsiz)(sav) + 3) & ~(4 - 1);
         if (AH_MAXSUMSIZE < siz)
                 panic("assertion failed for AH_MAXSUMSIZE");
  
         if (AH_MAXSUMSIZE < siz)
                 panic("assertion failed for AH_MAXSUMSIZE");
  
-       if (esp_auth(m, espoff, m->m_pkthdr.len - espoff, sav, authbuf))
-               goto noantireplay;
+       if (esp_auth(m, espoff, m->m_pkthdr.len - espoff, sav, authbuf)) {
+               ipseclog((LOG_ERR, "ESP checksum generation failure\n"));
+               m_freem(m);
+               error = EINVAL;
+               stat->out_inval++;
+               goto fail;
+       }
  
         n = m;
         while (n->m_next)
  
         n = m;
         while (n->m_next)
@@ -598,32 +671,9 @@ noantireplay:
         if (!m) {
                 ipseclog((LOG_ERR,
                     "NULL mbuf after encryption in esp%d_output", afnumber));
         if (!m) {
                 ipseclog((LOG_ERR,
                     "NULL mbuf after encryption in esp%d_output", afnumber));
-       } else {
-               switch (af) {
-#if INET
-               case AF_INET:
-                       ipsecstat.out_success++;
-                       break;
-#endif
-#if INET6
-               case AF_INET6:
-                       ipsec6stat.out_success++;
-                       break;
-#endif
-               }
-       }
-       switch (af) {
-#if INET
-       case AF_INET:
-               ipsecstat.out_esphist[sav->alg_enc]++;
-               break;
-#endif
-#if INET6
-       case AF_INET6:
-               ipsec6stat.out_esphist[sav->alg_enc]++;
-               break;
-#endif
-       }
+       } else
+               stat->out_success++;
+       stat->out_esphist[sav->alg_enc]++;
         key_sa_recordxfer(sav, m);
         return 0;
  
         key_sa_recordxfer(sav, m);
         return 0;
  
@@ -645,7 +695,7 @@ esp4_output(m, isr)
         if (m->m_len < sizeof(struct ip)) {
                 ipseclog((LOG_DEBUG, "esp4_output: first mbuf too short\n"));
                 m_freem(m);
         if (m->m_len < sizeof(struct ip)) {
                 ipseclog((LOG_DEBUG, "esp4_output: first mbuf too short\n"));
                 m_freem(m);
-               return NULL;
+               return 0;
         }
         ip = mtod(m, struct ip *);
         /* XXX assumes that m->m_next points to payload */
         }
         ip = mtod(m, struct ip *);
         /* XXX assumes that m->m_next points to payload */
@@ -664,7 +714,7 @@ esp6_output(m, nexthdrp, md, isr)
         if (m->m_len < sizeof(struct ip6_hdr)) {
                 ipseclog((LOG_DEBUG, "esp6_output: first mbuf too short\n"));
                 m_freem(m);
         if (m->m_len < sizeof(struct ip6_hdr)) {
                 ipseclog((LOG_DEBUG, "esp6_output: first mbuf too short\n"));
                 m_freem(m);
-               return NULL;
+               return 0;
         }
         return esp_output(m, nexthdrp, md, isr, AF_INET6);
  }
         }
         return esp_output(m, nexthdrp, md, isr, AF_INET6);
  }