1 /*- 2 * SPDX-License-Identifier: ISC 3 * 4 * Copyright (C) 2015-2021 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved. 5 * Copyright (C) 2019-2021 Matt Dunwoodie <ncon@noconroy.net> 6 * 7 * Permission to use, copy, modify, and distribute this software for any 8 * purpose with or without fee is hereby granted, provided that the above 9 * copyright notice and this permission notice appear in all copies. 10 * 11 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 17 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 18 */ 19 20 #ifndef _NET_WG_NOISE_H_ 21 #define _NET_WG_NOISE_H_ 22 23 #ifndef _KERNEL 24 #error "This file should not be included by userland programs." 25 #endif 26 27 #include <crypto/chachapoly.h> 28 #include <crypto/blake2/blake2s.h> 29 #include <crypto/curve25519/curve25519.h> 30 31 #define NOISE_PUBLIC_KEY_LEN CURVE25519_KEY_SIZE 32 #define NOISE_SYMMETRIC_KEY_LEN CHACHA20POLY1305_KEY_SIZE 33 #define NOISE_AUTHTAG_LEN CHACHA20POLY1305_AUTHTAG_SIZE 34 #define NOISE_HASH_LEN BLAKE2S_HASH_SIZE 35 #define NOISE_TIMESTAMP_LEN (sizeof(uint64_t) + sizeof(uint32_t)) 36 37 #define REJECT_AFTER_TIME 180 38 #define REKEY_TIMEOUT 5 39 #define KEEPALIVE_TIMEOUT 10 40 41 struct noise_local; 42 struct noise_remote; 43 struct noise_keypair; 44 45 /* Local configuration */ 46 struct noise_local * 47 noise_local_alloc(void); 48 void noise_local_free(struct noise_local *); 49 50 bool noise_local_set_private(struct noise_local *, 51 const uint8_t[NOISE_PUBLIC_KEY_LEN]); 52 bool noise_local_keys(struct noise_local *, 53 uint8_t[NOISE_PUBLIC_KEY_LEN], 54 uint8_t[NOISE_PUBLIC_KEY_LEN]); 55 56 /* Remote configuration */ 57 struct noise_remote * 58 noise_remote_alloc(struct noise_local *, 59 const uint8_t[NOISE_PUBLIC_KEY_LEN], void *); 60 int noise_remote_enable(struct noise_remote *); 61 void noise_remote_disable(struct noise_remote *); 62 struct noise_remote * 63 noise_remote_lookup(struct noise_local *, 64 const uint8_t[NOISE_PUBLIC_KEY_LEN]); 65 struct noise_remote * 66 noise_remote_index(struct noise_local *, uint32_t); 67 struct noise_remote * 68 noise_remote_ref(struct noise_remote *); 69 void noise_remote_put(struct noise_remote *); 70 void noise_remote_free(struct noise_remote *); 71 void * noise_remote_arg(struct noise_remote *); 72 73 void noise_remote_set_psk(struct noise_remote *, 74 const uint8_t[NOISE_SYMMETRIC_KEY_LEN]); 75 bool noise_remote_keys(struct noise_remote *, 76 uint8_t[NOISE_PUBLIC_KEY_LEN], 77 uint8_t[NOISE_SYMMETRIC_KEY_LEN]); 78 bool noise_remote_initiation_expired(struct noise_remote *); 79 void noise_remote_handshake_clear(struct noise_remote *); 80 void noise_remote_keypairs_clear(struct noise_remote *); 81 82 /* Keypair functions */ 83 struct noise_keypair * 84 noise_keypair_lookup(struct noise_local *, uint32_t); 85 struct noise_keypair * 86 noise_keypair_current(struct noise_remote *); 87 struct noise_keypair * 88 noise_keypair_ref(struct noise_keypair *); 89 void noise_keypair_put(struct noise_keypair *); 90 bool noise_keypair_received_with(struct noise_keypair *); 91 92 struct noise_remote * 93 noise_keypair_remote(struct noise_keypair *); 94 95 bool noise_keypair_counter_next(struct noise_keypair *, uint64_t *); 96 bool noise_keypair_counter_check(struct noise_keypair *, uint64_t); 97 98 bool noise_keep_key_fresh_send(struct noise_remote *); 99 bool noise_keep_key_fresh_recv(struct noise_remote *); 100 101 int noise_keypair_encrypt(struct noise_keypair *, uint32_t *r_idx, 102 uint64_t counter, struct mbuf *); 103 int noise_keypair_decrypt(struct noise_keypair *, uint64_t counter, 104 struct mbuf *); 105 106 /* Handshake functions */ 107 bool noise_create_initiation( 108 struct noise_remote *, 109 uint32_t *s_idx, 110 uint8_t ue[NOISE_PUBLIC_KEY_LEN], 111 uint8_t es[NOISE_PUBLIC_KEY_LEN + NOISE_AUTHTAG_LEN], 112 uint8_t ets[NOISE_TIMESTAMP_LEN + NOISE_AUTHTAG_LEN]); 113 struct noise_remote * 114 noise_consume_initiation( 115 struct noise_local *, 116 uint32_t s_idx, 117 uint8_t ue[NOISE_PUBLIC_KEY_LEN], 118 uint8_t es[NOISE_PUBLIC_KEY_LEN + NOISE_AUTHTAG_LEN], 119 uint8_t ets[NOISE_TIMESTAMP_LEN + NOISE_AUTHTAG_LEN]); 120 bool noise_create_response( 121 struct noise_remote *, 122 uint32_t *s_idx, 123 uint32_t *r_idx, 124 uint8_t ue[NOISE_PUBLIC_KEY_LEN], 125 uint8_t en[0 + NOISE_AUTHTAG_LEN]); 126 struct noise_remote * 127 noise_consume_response( 128 struct noise_local *, 129 uint32_t s_idx, 130 uint32_t r_idx, 131 uint8_t ue[NOISE_PUBLIC_KEY_LEN], 132 uint8_t en[0 + NOISE_AUTHTAG_LEN]); 133 134 #ifdef WG_SELFTESTS 135 bool noise_counter_selftest(void); 136 #endif /* WG_SELFTESTS */ 137 138 #endif /* _NET_WG_NOISE_H_ */ 139