1 /*- 2 * SPDX-License-Identifier: ISC 3 * 4 * Copyright (C) 2015-2021 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved. 5 * Copyright (C) 2019-2021 Matt Dunwoodie <ncon@noconroy.net> 6 * 7 * Permission to use, copy, modify, and distribute this software for any 8 * purpose with or without fee is hereby granted, provided that the above 9 * copyright notice and this permission notice appear in all copies. 10 * 11 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 17 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 18 */ 19 20 #ifndef _NET_WG_NOISE_H_ 21 #define _NET_WG_NOISE_H_ 22 23 #ifndef _KERNEL 24 #error "This file should not be included by userland programs." 25 #endif 26 27 #include <crypto/chachapoly.h> 28 #include <crypto/blake2/blake2s.h> 29 #include <crypto/curve25519/curve25519.h> 30 31 #define NOISE_PUBLIC_KEY_LEN CURVE25519_KEY_SIZE 32 #define NOISE_SYMMETRIC_KEY_LEN CHACHA20POLY1305_KEY_SIZE 33 #define NOISE_AUTHTAG_LEN CHACHA20POLY1305_AUTHTAG_SIZE 34 #define NOISE_HASH_LEN BLAKE2S_HASH_SIZE 35 #define NOISE_TIMESTAMP_LEN (sizeof(uint64_t) + sizeof(uint32_t)) 36 37 #define REJECT_AFTER_TIME 180 38 #define REKEY_TIMEOUT 5 39 #define KEEPALIVE_TIMEOUT 10 40 41 struct noise_local; 42 struct noise_remote; 43 struct noise_keypair; 44 45 int noise_init(void); 46 void noise_deinit(void); 47 48 /* Local configuration */ 49 struct noise_local * 50 noise_local_alloc(void); 51 void noise_local_free(struct noise_local *); 52 53 bool noise_local_set_private(struct noise_local *, 54 const uint8_t[NOISE_PUBLIC_KEY_LEN]); 55 bool noise_local_keys(struct noise_local *, 56 uint8_t[NOISE_PUBLIC_KEY_LEN], 57 uint8_t[NOISE_PUBLIC_KEY_LEN]); 58 59 /* Remote configuration */ 60 struct noise_remote * 61 noise_remote_alloc(struct noise_local *, 62 const uint8_t[NOISE_PUBLIC_KEY_LEN], void *); 63 int noise_remote_enable(struct noise_remote *); 64 void noise_remote_disable(struct noise_remote *); 65 struct noise_remote * 66 noise_remote_lookup(struct noise_local *, 67 const uint8_t[NOISE_PUBLIC_KEY_LEN]); 68 struct noise_remote * 69 noise_remote_index(struct noise_local *, uint32_t); 70 struct noise_remote * 71 noise_remote_ref(struct noise_remote *); 72 void noise_remote_put(struct noise_remote *); 73 void noise_remote_free(struct noise_remote *); 74 void * noise_remote_arg(struct noise_remote *); 75 76 void noise_remote_set_psk(struct noise_remote *, 77 const uint8_t[NOISE_SYMMETRIC_KEY_LEN]); 78 bool noise_remote_keys(struct noise_remote *, 79 uint8_t[NOISE_PUBLIC_KEY_LEN], 80 uint8_t[NOISE_SYMMETRIC_KEY_LEN]); 81 bool noise_remote_initiation_expired(struct noise_remote *); 82 void noise_remote_handshake_clear(struct noise_remote *); 83 void noise_remote_keypairs_clear(struct noise_remote *); 84 85 /* Keypair functions */ 86 struct noise_keypair * 87 noise_keypair_lookup(struct noise_local *, uint32_t); 88 struct noise_keypair * 89 noise_keypair_current(struct noise_remote *); 90 struct noise_keypair * 91 noise_keypair_ref(struct noise_keypair *); 92 void noise_keypair_put(struct noise_keypair *); 93 struct noise_remote * 94 noise_keypair_remote(struct noise_keypair *); 95 bool noise_keypair_received_with(struct noise_keypair *); 96 bool noise_keypair_should_refresh(struct noise_remote *, bool); 97 bool noise_keypair_counter_next(struct noise_keypair *, uint64_t *); 98 int noise_keypair_counter_check(struct noise_keypair *, uint64_t); 99 int noise_keypair_encrypt(struct noise_keypair *, uint32_t *r_idx, 100 uint64_t counter, struct mbuf *); 101 int noise_keypair_decrypt(struct noise_keypair *, uint64_t counter, 102 struct mbuf *); 103 104 /* Handshake functions */ 105 bool noise_create_initiation( 106 struct noise_remote *, 107 uint32_t *s_idx, 108 uint8_t ue[NOISE_PUBLIC_KEY_LEN], 109 uint8_t es[NOISE_PUBLIC_KEY_LEN + NOISE_AUTHTAG_LEN], 110 uint8_t ets[NOISE_TIMESTAMP_LEN + NOISE_AUTHTAG_LEN]); 111 struct noise_remote * 112 noise_consume_initiation( 113 struct noise_local *, 114 uint32_t s_idx, 115 uint8_t ue[NOISE_PUBLIC_KEY_LEN], 116 uint8_t es[NOISE_PUBLIC_KEY_LEN + NOISE_AUTHTAG_LEN], 117 uint8_t ets[NOISE_TIMESTAMP_LEN + NOISE_AUTHTAG_LEN]); 118 bool noise_create_response( 119 struct noise_remote *, 120 uint32_t *s_idx, 121 uint32_t *r_idx, 122 uint8_t ue[NOISE_PUBLIC_KEY_LEN], 123 uint8_t en[0 + NOISE_AUTHTAG_LEN]); 124 struct noise_remote * 125 noise_consume_response( 126 struct noise_local *, 127 uint32_t s_idx, 128 uint32_t r_idx, 129 uint8_t ue[NOISE_PUBLIC_KEY_LEN], 130 uint8_t en[0 + NOISE_AUTHTAG_LEN]); 131 132 #ifdef WG_SELFTESTS 133 bool noise_counter_selftest(void); 134 #endif /* WG_SELFTESTS */ 135 136 #endif /* _NET_WG_NOISE_H_ */ 137