add AH/ESP algorithms: hmac-ripemd160 (AH), AES XCBC MAC (AH),

AES counter mode (ESP)
2003-07-25 10:00:49 +00:00 · 2003-07-25 10:00:49 +00:00 · 1270423572
commit 1270423572
parent 4fc37746bf
6 changed files with 151 additions and 23 deletions
--- a/sys/conf/files
+++ b/sys/conf/files
@ -1,4 +1,4 @@
-#	$NetBSD: files,v 1.619 2003/07/22 03:24:23 itojun Exp $
+#	$NetBSD: files,v 1.620 2003/07/25 10:00:51 itojun Exp $

 #	@(#)files.newconf	7.5 (Berkeley) 5/10/93

@ -90,6 +90,7 @@ include "crypto/des/files.des"
 include "crypto/blowfish/files.blowfish"
 include "crypto/cast128/files.cast128"
 include "crypto/rijndael/files.rijndael"
+include "crypto/ripemd160/files.ripemd160"
 include "crypto/sha2/files.sha2"

 #
--- a/sys/net/pfkeyv2.h
+++ b/sys/net/pfkeyv2.h
@ -1,5 +1,5 @@
-/*	$NetBSD: pfkeyv2.h,v 1.13 2003/07/22 03:24:25 itojun Exp $	*/
-/*	$KAME: pfkeyv2.h,v 1.23 2000/10/03 21:38:21 itojun Exp $	*/
+/*	$NetBSD: pfkeyv2.h,v 1.14 2003/07/25 10:00:49 itojun Exp $	*/
+/*	$KAME: pfkeyv2.h,v 1.36 2003/07/25 09:33:37 itojun Exp $	*/

 /*
 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@ -305,6 +305,8 @@ struct sadb_x_ipsecrequest {
 #define SADB_X_AALG_SHA2_256	5
 #define SADB_X_AALG_SHA2_384	6
 #define SADB_X_AALG_SHA2_512	7
+#define SADB_X_AALG_RIPEMD160HMAC 8
+#define SADB_X_AALG_AES_XCBC_MAC 9 /* draft-ietf-ipsec-ciph-aes-xcbc-mac-04 */
 /* private allocations should use 249-255 (RFC2407) */
 #define SADB_X_AALG_MD5		249	/* Keyed MD5 */
 #define SADB_X_AALG_SHA		250	/* Keyed SHA */
@ -315,13 +317,14 @@ struct sadb_x_ipsecrequest {
 #define SADB_EALG_DESCBC	2
 #define SADB_EALG_3DESCBC	3
 #define SADB_EALG_NULL		11
-#define SADB_EALG_MAX		12
+#define SADB_EALG_MAX		249
 /* private allocations - based on RFC2407/IANA assignment */
 #define SADB_X_EALG_CAST128CBC	6
 #define SADB_X_EALG_BLOWFISHCBC	7
 #define SADB_X_EALG_RIJNDAELCBC	12
 #define SADB_X_EALG_AES		12
 /* private allocations should use 249-255 (RFC2407) */
+#define SADB_X_EALG_AESCTR	249	/* draft-ietf-ipsec-ciph-aes-ctr-03 */

 /* private allocations - based on RFC2407/IANA assignment */
 #define SADB_X_CALG_NONE	0
--- a/sys/netinet6/ah_core.c
+++ b/sys/netinet6/ah_core.c
@ -1,5 +1,5 @@
-/*	$NetBSD: ah_core.c,v 1.32 2003/07/22 11:18:24 itojun Exp $	*/
-/*	$KAME: ah_core.c,v 1.45 2001/07/26 06:53:14 jinmei Exp $	*/
+/*	$NetBSD: ah_core.c,v 1.33 2003/07/25 10:00:50 itojun Exp $	*/
+/*	$KAME: ah_core.c,v 1.57 2003/07/25 09:33:36 itojun Exp $	*/

 /*
 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@ -35,7 +35,7 @@
 */

 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: ah_core.c,v 1.32 2003/07/22 11:18:24 itojun Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ah_core.c,v 1.33 2003/07/25 10:00:50 itojun Exp $");

 #include "opt_inet.h"
 #include "opt_ipsec.h"
@ -69,6 +69,7 @@ __KERNEL_RCSID(0, "$NetBSD: ah_core.c,v 1.32 2003/07/22 11:18:24 itojun Exp $");

 #include <netinet6/ipsec.h>
 #include <netinet6/ah.h>
+#include <netinet6/ah_aesxcbcmac.h>
 #ifdef IPSEC_ESP
 #include <netinet6/esp.h>
 #endif
@ -79,6 +80,8 @@ __KERNEL_RCSID(0, "$NetBSD: ah_core.c,v 1.32 2003/07/22 11:18:24 itojun Exp $");
 #include <sys/sha1.h>
 #define SHA1_RESULTLEN	20
 #include <crypto/sha2/sha2.h>
+#include <crypto/ripemd160/rmd160.h>
+#define RIPEMD160_RESULTLEN	20

 #include <net/net_osdep.h>

@ -133,6 +136,12 @@ static void ah_hmac_sha2_512_loop __P((struct ah_algorithm_state *, u_int8_t *,
 	size_t));
 static void ah_hmac_sha2_512_result __P((struct ah_algorithm_state *,
 	u_int8_t *, size_t));
+static int ah_hmac_ripemd160_init __P((struct ah_algorithm_state *,
+	struct secasvar *));
+static void ah_hmac_ripemd160_loop __P((struct ah_algorithm_state *, u_int8_t *,
+	size_t));
+static void ah_hmac_ripemd160_result __P((struct ah_algorithm_state *,
+	u_int8_t *, size_t));

 static void ah_update_mbuf __P((struct mbuf *, int, int,
 	const struct ah_algorithm *, struct ah_algorithm_state *));
@ -169,6 +178,14 @@ ah_algorithm_lookup(idx)
 			"hmac-sha2-512",
 			ah_hmac_sha2_512_init, ah_hmac_sha2_512_loop,
 			ah_hmac_sha2_512_result, },
+		{ ah_sumsiz_1216, ah_common_mature, 160, 160,
+			"hmac-sha2-512",
+			ah_hmac_ripemd160_init, ah_hmac_ripemd160_loop,
+			ah_hmac_ripemd160_result, },
+		{ ah_sumsiz_1216, ah_common_mature, 128, 128,
+			"aes-xcbc-mac",
+			ah_aes_xcbc_mac_init, ah_aes_xcbc_mac_loop,
+			ah_aes_xcbc_mac_result, },
 	};

 	switch (idx) {
@ -188,6 +205,10 @@ ah_algorithm_lookup(idx)
 		return &ah_algorithms[6];
 	case SADB_X_AALG_SHA2_512:
 		return &ah_algorithms[7];
+	case SADB_X_AALG_RIPEMD160HMAC:
+		return &ah_algorithms[8];
+	case SADB_X_AALG_AES_XCBC_MAC:
+		return &ah_algorithms[9];
 	default:
 		return NULL;
 	}
@ -982,6 +1003,110 @@ ah_hmac_sha2_512_result(state, addr, l)
 	free(state->foo, M_TEMP);
 }

+static int
+ah_hmac_ripemd160_init(state, sav)
+	struct ah_algorithm_state *state;
+	struct secasvar *sav;
+{
+	u_char *ipad;
+	u_char *opad;
+	RMD160_CTX *ctxt;
+	u_char tk[RIPEMD160_RESULTLEN];
+	u_char *key;
+	size_t keylen;
+	size_t i;
+
+	if (!state)
+		panic("ah_hmac_ripemd160_init: what?");
+
+	state->sav = sav;
+	state->foo = (void *)malloc(64 + 64 + sizeof(RMD160_CTX),
+	    M_TEMP, M_NOWAIT);
+	if (!state->foo)
+		return ENOBUFS;
+	bzero(state->foo, 64 + 64 + sizeof(RMD160_CTX));
+
+	ipad = (u_char *)state->foo;
+	opad = (u_char *)(ipad + 64);
+	ctxt = (RMD160_CTX *)(opad + 64);
+
+	/* compress the key if necessery */
+	if (64 < _KEYLEN(state->sav->key_auth)) {
+		bzero(tk, sizeof(tk));
+		bzero(ctxt, sizeof(*ctxt));
+		RMD160Init(ctxt);
+		RMD160Update(ctxt, _KEYBUF(state->sav->key_auth),
+		    _KEYLEN(state->sav->key_auth));
+		RMD160Final(&tk[0], ctxt);
+		key = &tk[0];
+		keylen = sizeof(tk) < 64 ? sizeof(tk) : 64;
+	} else {
+		key = _KEYBUF(state->sav->key_auth);
+		keylen = _KEYLEN(state->sav->key_auth);
+	}
+
+	bzero(ipad, 64);
+	bzero(opad, 64);
+	bcopy(key, ipad, keylen);
+	bcopy(key, opad, keylen);
+	for (i = 0; i < 64; i++) {
+		ipad[i] ^= 0x36;
+		opad[i] ^= 0x5c;
+	}
+
+	bzero(ctxt, sizeof(*ctxt));
+	RMD160Init(ctxt);
+	RMD160Update(ctxt, ipad, 64);
+
+	return 0;
+}
+
+static void
+ah_hmac_ripemd160_loop(state, addr, len)
+	struct ah_algorithm_state *state;
+	u_int8_t *addr;
+	size_t len;
+{
+	RMD160_CTX *ctxt;
+
+	if (!state || !state->foo)
+		panic("ah_hmac_ripemd160_loop: what?");
+
+	ctxt = (RMD160_CTX *)(((u_char *)state->foo) + 128);
+	RMD160Update(ctxt, (caddr_t)addr, (size_t)len);
+}
+
+static void
+ah_hmac_ripemd160_result(state, addr, l)
+	struct ah_algorithm_state *state;
+	u_int8_t *addr;
+	size_t l;
+{
+	u_char digest[RIPEMD160_RESULTLEN];
+	u_char *ipad;
+	u_char *opad;
+	RMD160_CTX *ctxt;
+
+	if (!state || !state->foo)
+		panic("ah_hmac_ripemd160_result: what?");
+
+	ipad = (u_char *)state->foo;
+	opad = (u_char *)(ipad + 64);
+	ctxt = (RMD160_CTX *)(opad + 64);
+
+	RMD160Final((caddr_t)digest, ctxt);
+
+	bzero(ctxt, sizeof(*ctxt));
+	RMD160Init(ctxt);
+	RMD160Update(ctxt, opad, 64);
+	RMD160Update(ctxt, (caddr_t)digest, sizeof(digest));
+	RMD160Final((caddr_t)digest, ctxt);
+
+	bcopy(digest, addr, sizeof(digest) > l ? l : sizeof(digest));
+
+	free(state->foo, M_TEMP);
+}
+
 /*------------------------------------------------------------*/

 /*
--- a/sys/netinet6/esp_core.c
+++ b/sys/netinet6/esp_core.c
@ -1,4 +1,4 @@
-/*	$NetBSD: esp_core.c,v 1.30 2003/07/22 08:54:29 itojun Exp $	*/
+/*	$NetBSD: esp_core.c,v 1.31 2003/07/25 10:00:50 itojun Exp $	*/
 /*	$KAME: esp_core.c,v 1.53 2001/11/27 09:47:30 sakane Exp $	*/

 /*
@ -31,7 +31,7 @@
 */

 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: esp_core.c,v 1.30 2003/07/22 08:54:29 itojun Exp $");
+__KERNEL_RCSID(0, "$NetBSD: esp_core.c,v 1.31 2003/07/25 10:00:50 itojun Exp $");

 #include "opt_inet.h"

@ -51,19 +51,13 @@ __KERNEL_RCSID(0, "$NetBSD: esp_core.c,v 1.30 2003/07/22 08:54:29 itojun Exp $")
 #include <net/route.h>

 #include <netinet/in.h>
-#include <netinet/in_var.h>
-#ifdef INET6
-#include <netinet/ip6.h>
-#include <netinet6/ip6_var.h>
-#include <netinet/icmp6.h>
-#endif

 #include <netinet6/ipsec.h>
 #include <netinet6/ah.h>
 #include <netinet6/esp.h>
 #include <netinet6/esp_rijndael.h>
+#include <netinet6/esp_aesctr.h>
 #include <net/pfkeyv2.h>
-#include <netkey/keydb.h>
 #include <netkey/key.h>

 #include <crypto/des/des.h>
@ -129,7 +123,7 @@ static const struct esp_algorithm esp_algorithms[] = {
 		esp_common_ivlen, esp_cbc_decrypt,
 		esp_cbc_encrypt, esp_3des_schedule,
 		esp_3des_blockdecrypt, esp_3des_blockencrypt, },
-	{ 1, 0, esp_null_mature, 0, 2048, 0, "null",
+	{ 1, 0, esp_null_mature, 0, 2048, NULL, "null",
 		esp_common_ivlen, esp_null_decrypt,
 		esp_null_encrypt, NULL, },
 	{ 8, 8, esp_cbc_mature, 40, 448, esp_blowfish_schedlen, "blowfish-cbc",
@ -146,6 +140,9 @@ static const struct esp_algorithm esp_algorithms[] = {
 		esp_common_ivlen, esp_cbc_decrypt,
 		esp_cbc_encrypt, esp_rijndael_schedule,
 		esp_rijndael_blockdecrypt, esp_rijndael_blockencrypt },
+	{ 16, 8, esp_aesctr_mature, 160, 288, esp_aesctr_schedlen, "aes-ctr",
+		esp_common_ivlen, esp_aesctr_decrypt,
+		esp_aesctr_encrypt, esp_aesctr_schedule },
 };

 const struct esp_algorithm *
@ -166,6 +163,8 @@ esp_algorithm_lookup(idx)
 		return &esp_algorithms[4];
 	case SADB_X_EALG_RIJNDAELCBC:
 		return &esp_algorithms[5];
+	case SADB_X_EALG_AESCTR:
+		return &esp_algorithms[6];
 	default:
 		return NULL;
 	}
--- a/sys/netinet6/esp_rijndael.c
+++ b/sys/netinet6/esp_rijndael.c
@ -1,4 +1,4 @@
-/*	$NetBSD: esp_rijndael.c,v 1.13 2003/07/20 03:24:03 itojun Exp $	*/
+/*	$NetBSD: esp_rijndael.c,v 1.14 2003/07/25 10:00:51 itojun Exp $	*/
 /*	$KAME: esp_rijndael.c,v 1.4 2001/03/02 05:53:05 itojun Exp $	*/

 /*
@ -31,9 +31,7 @@
 */

 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: esp_rijndael.c,v 1.13 2003/07/20 03:24:03 itojun Exp $");
-
-#include "opt_inet.h"
+__KERNEL_RCSID(0, "$NetBSD: esp_rijndael.c,v 1.14 2003/07/25 10:00:51 itojun Exp $");

 #include <sys/param.h>
 #include <sys/systm.h>
--- a/sys/netinet6/files.netipsec
+++ b/sys/netinet6/files.netipsec
@ -1,8 +1,9 @@
-#	$NetBSD: files.netipsec,v 1.4 2003/07/22 03:26:16 itojun Exp $
+#	$NetBSD: files.netipsec,v 1.5 2003/07/25 10:00:51 itojun Exp $

-defflag opt_ipsec.h		IPSEC: sha2
+defflag opt_ipsec.h		IPSEC: rijndael, sha2, ripemd160
 defflag opt_ipsec.h		IPSEC_ESP: des, blowfish, cast128, rijndael

+file	netinet6/ah_aesxcbcmac.c	ipsec
 file	netinet6/ah_core.c		ipsec
 file	netinet6/ah_input.c		ipsec
 file	netinet6/ah_output.c		ipsec
@ -11,6 +12,7 @@ file	netinet6/esp_core.c		ipsec & ipsec_esp
 file	netinet6/esp_output.c		ipsec & ipsec_esp
 file	netinet6/esp_input.c		ipsec & ipsec_esp
 file	netinet6/esp_rijndael.c		ipsec & ipsec_esp
+file	netinet6/esp_aesctr.c		ipsec & ipsec_esp

 file	netinet6/ipcomp_core.c		ipsec
 file	netinet6/ipcomp_input.c		ipsec