xref: /dragonfly/sys/net/wg/wg_cookie.h (revision 7485684f) 
1 /*-
2  * SPDX-License-Identifier: ISC
3  *
4  * Copyright (C) 2015-2021 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
5  * Copyright (C) 2019-2021 Matt Dunwoodie <ncon@noconroy.net>
6  *
7  * Permission to use, copy, modify, and distribute this software for any
8  * purpose with or without fee is hereby granted, provided that the above
9  * copyright notice and this permission notice appear in all copies.
10  *
11  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
12  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
13  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
14  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
15  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
16  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
17  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18  */
19 
20 #ifndef _NET_WG_COOKIE_H_
21 #define _NET_WG_COOKIE_H_
22 
23 #ifndef _KERNEL
24 #error "This file should not be included by userland programs."
25 #endif
26 
27 #include <crypto/chachapoly.h>
28 
29 #define COOKIE_MAC_SIZE		16
30 #define COOKIE_COOKIE_SIZE	16
31 #define COOKIE_INPUT_SIZE	32
32 #define COOKIE_NONCE_SIZE	XCHACHA20POLY1305_NONCE_SIZE
33 #define COOKIE_ENCRYPTED_SIZE	(COOKIE_COOKIE_SIZE + COOKIE_MAC_SIZE)
34 
35 struct cookie_macs {
36 	uint8_t	mac1[COOKIE_MAC_SIZE];
37 	uint8_t	mac2[COOKIE_MAC_SIZE];
38 };
39 
40 struct cookie_maker;
41 struct cookie_checker;
42 
43 int	cookie_init(void);
44 void	cookie_deinit(void);
45 
46 struct cookie_checker *
47 	cookie_checker_alloc(void);
48 void	cookie_checker_free(struct cookie_checker *);
49 void	cookie_checker_update(struct cookie_checker *,
50 			      const uint8_t[COOKIE_INPUT_SIZE]);
51 void	cookie_checker_create_payload(struct cookie_checker *,
52 				      const struct cookie_macs *,
53 				      uint8_t[COOKIE_NONCE_SIZE],
54 				      uint8_t[COOKIE_ENCRYPTED_SIZE],
55 				      const struct sockaddr *);
56 int	cookie_checker_validate_macs(struct cookie_checker *,
57 				     const struct cookie_macs *, const void *,
58 				     size_t, bool, const struct sockaddr *);
59 
60 struct cookie_maker *
61 	cookie_maker_alloc(const uint8_t[COOKIE_INPUT_SIZE]);
62 void	cookie_maker_free(struct cookie_maker *);
63 int	cookie_maker_consume_payload(struct cookie_maker *,
64 				     const uint8_t[COOKIE_NONCE_SIZE],
65 				     const uint8_t[COOKIE_ENCRYPTED_SIZE]);
66 void	cookie_maker_mac(struct cookie_maker *, struct cookie_macs *,
67 			 const void *, size_t);
68 
69 #ifdef WG_SELFTESTS
70 bool	cookie_selftest(void);
71 #endif /* WG_SELFTESTS */
72 
73 #endif /* _NET_WG_COOKIE_H_ */
74