1 /*- 2 * SPDX-License-Identifier: ISC 3 * 4 * Copyright (C) 2015-2021 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved. 5 * Copyright (C) 2019-2021 Matt Dunwoodie <ncon@noconroy.net> 6 * 7 * Permission to use, copy, modify, and distribute this software for any 8 * purpose with or without fee is hereby granted, provided that the above 9 * copyright notice and this permission notice appear in all copies. 10 * 11 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 17 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 18 */ 19 20 #ifndef _NET_WG_COOKIE_H_ 21 #define _NET_WG_COOKIE_H_ 22 23 #ifndef _KERNEL 24 #error "This file should not be included by userland programs." 25 #endif 26 27 #include <crypto/chachapoly.h> 28 #include <crypto/blake2/blake2s.h> 29 30 #define COOKIE_MAC_SIZE 16 31 #define COOKIE_KEY_SIZE BLAKE2S_KEY_SIZE 32 #define COOKIE_NONCE_SIZE XCHACHA20POLY1305_NONCE_SIZE 33 #define COOKIE_COOKIE_SIZE 16 34 #define COOKIE_SECRET_SIZE 32 35 #define COOKIE_INPUT_SIZE 32 36 #define COOKIE_ENCRYPTED_SIZE (COOKIE_COOKIE_SIZE + COOKIE_MAC_SIZE) 37 38 struct cookie_macs { 39 uint8_t mac1[COOKIE_MAC_SIZE]; 40 uint8_t mac2[COOKIE_MAC_SIZE]; 41 }; 42 43 struct cookie_maker { 44 uint8_t cm_mac1_key[COOKIE_KEY_SIZE]; 45 uint8_t cm_cookie_key[COOKIE_KEY_SIZE]; 46 47 struct lock cm_lock; 48 bool cm_cookie_valid; 49 uint8_t cm_cookie[COOKIE_COOKIE_SIZE]; 50 struct timespec cm_cookie_birthdate; /* nanouptime */ 51 bool cm_mac1_sent; 52 uint8_t cm_mac1_last[COOKIE_MAC_SIZE]; 53 }; 54 55 struct cookie_checker { 56 struct lock cc_key_lock; 57 uint8_t cc_mac1_key[COOKIE_KEY_SIZE]; 58 uint8_t cc_cookie_key[COOKIE_KEY_SIZE]; 59 60 struct lock cc_secret_mtx; 61 struct timespec cc_secret_birthdate; /* nanouptime */ 62 uint8_t cc_secret[COOKIE_SECRET_SIZE]; 63 }; 64 65 int cookie_init(void); 66 void cookie_deinit(void); 67 68 void cookie_checker_init(struct cookie_checker *); 69 void cookie_checker_free(struct cookie_checker *); 70 void cookie_checker_update(struct cookie_checker *, 71 const uint8_t[COOKIE_INPUT_SIZE]); 72 void cookie_checker_create_payload(struct cookie_checker *, 73 const struct cookie_macs *, 74 uint8_t[COOKIE_NONCE_SIZE], 75 uint8_t[COOKIE_ENCRYPTED_SIZE], 76 const struct sockaddr *); 77 int cookie_checker_validate_macs(struct cookie_checker *, 78 const struct cookie_macs *, const void *, 79 size_t, bool, const struct sockaddr *); 80 81 void cookie_maker_init(struct cookie_maker *, 82 const uint8_t[COOKIE_INPUT_SIZE]); 83 void cookie_maker_free(struct cookie_maker *); 84 int cookie_maker_consume_payload(struct cookie_maker *, 85 const uint8_t[COOKIE_NONCE_SIZE], 86 const uint8_t[COOKIE_ENCRYPTED_SIZE]); 87 void cookie_maker_mac(struct cookie_maker *, struct cookie_macs *, 88 const void *, size_t); 89 90 #ifdef WG_SELFTESTS 91 bool cookie_selftest(void); 92 #endif /* WG_SELFTESTS */ 93 94 #endif /* _NET_WG_COOKIE_H_ */ 95