2 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 * 3. Neither the name of the project nor the names of its contributors
14 * may be used to endorse or promote products derived from this software
15 * without specific prior written permission.
17 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
33 #include "opt_inet6.h"
34 #include "opt_ipsec.h"
37 * RFC1827/2406 Encapsulated Security Payload.
40 #include <sys/param.h>
41 #include <sys/systm.h>
42 #include <sys/malloc.h>
44 #include <sys/domain.h>
45 #include <sys/protosw.h>
46 #include <sys/socket.h>
47 #include <sys/socketvar.h>
48 #include <sys/errno.h>
50 #include <sys/kernel.h>
51 #include <sys/syslog.h>
54 #include <net/route.h>
56 #include <netinet/in.h>
57 #include <netinet/in_systm.h>
58 #include <netinet/ip.h>
59 #include <netinet/in_var.h>
60 #include <netinet/in_pcb.h>
63 #include <netinet6/ip6.h>
64 #include <netinet6/ip6_var.h>
65 #include <netinet6/icmp6.h>
68 #include <netinet6/ipsec.h>
69 #include <netinet6/ah.h>
71 #include <netinet6/ipsec6.h>
72 #include <netinet6/ah6.h>
75 #include <netinet6/esp.h>
77 #include <netinet6/esp6.h>
80 #include <netkey/key.h>
81 #include <netkey/keydb.h>
83 #include <netkey/key_debug.h>
85 #define KEYDEBUG(lev,arg)
88 #include <net/net_osdep.h>
90 static int esp_output __P((struct mbuf *, u_char *, struct mbuf *,
91 struct ipsecrequest *, int));
94 * compute ESP header size.
98 struct ipsecrequest *isr;
100 struct secasvar *sav;
101 struct esp_algorithm *algo;
108 panic("esp_hdrsiz: NULL was passed.\n");
112 if (isr->saidx.proto != IPPROTO_ESP)
113 panic("unsupported mode passed to esp_hdrsiz");
117 if (sav->state != SADB_SASTATE_MATURE
118 && sav->state != SADB_SASTATE_DYING)
121 /* we need transport mode ESP. */
122 algo = &esp_algorithms[sav->alg_enc];
131 * right now we don't calcurate the padding size. simply
132 * treat the padding size as constant, for simplicity.
134 * XXX variable size padding support
136 if (sav->flags & SADB_X_EXT_OLD) {
138 hdrsiz = sizeof(struct esp) + ivlen + 9;
141 if (sav->replay && sav->alg_auth && sav->key_auth)
142 authlen = (*ah_algorithms[sav->alg_auth].sumsiz)(sav);
145 hdrsiz = sizeof(struct newesp) + ivlen + 9 + authlen;
153 * sizeof(struct newesp) > sizeof(struct esp).
154 * 8 = ivlen for CBC mode (RFC2451).
155 * 9 = (maximum padding length without random Padding length)
156 * + (Pad Length field) + (Next Header field).
157 * 16 = maximum ICV we supported.
159 return sizeof(struct newesp) + 8 + 9 + 16;
163 * Modify the packet so that the payload is encrypted.
164 * The mbuf (m) must start with IPv4 or IPv6 header.
165 * On failure, free the given mbuf and return NULL.
170 * IP ......... payload
171 * during the encryption:
172 * m nexthdrp mprev md
174 * IP ............... esp iv payload pad padlen nxthdr
175 * <--><-><------><--------------->
176 * esplen plen extendsiz
180 * <-----------------> espoff
183 esp_output(m, nexthdrp, md, isr, af)
187 struct ipsecrequest *isr;
193 struct esptail *esptail;
194 struct secasvar *sav = isr->sav;
195 struct esp_algorithm *algo;
198 size_t plen; /*payload length to be encrypted*/
217 printf("esp_output: unsupported af %d\n", af);
218 return 0; /* no change at all */
221 /* some sanity check */
222 if ((sav->flags & SADB_X_EXT_OLD) == 0 && !sav->replay) {
229 ip = mtod(m, struct ip *);
230 printf("esp4_output: internal error: "
231 "sav->replay is null: "
233 (u_int32_t)ntohl(ip->ip_src.s_addr),
234 (u_int32_t)ntohl(ip->ip_dst.s_addr),
235 (u_int32_t)ntohl(sav->spi));
236 ipsecstat.out_inval++;
246 ip6 = mtod(m, struct ip6_hdr *);
247 printf("esp6_output: internal error: "
248 "sav->replay is null: SPI=%u\n",
249 (u_int32_t)ntohl(sav->spi));
250 ipsec6stat.out_inval++;
258 algo = &esp_algorithms[sav->alg_enc]; /*XXX*/
263 panic("invalid ivlen");
269 * XXX inserts ESP header right after IPv4 header. should
270 * chase the header chain.
271 * XXX sequential number
274 struct ip *ip = NULL;
277 struct ip6_hdr *ip6 = NULL;
279 size_t esplen; /*sizeof(struct esp/newesp)*/
280 size_t esphlen; /*sizeof(struct esp/newesp) + ivlen*/
281 size_t hlen = 0; /*ip header len*/
283 if (sav->flags & SADB_X_EXT_OLD) {
285 esplen = sizeof(struct esp);
288 if (sav->flags & SADB_X_EXT_DERIV)
289 esplen = sizeof(struct esp);
291 esplen = sizeof(struct newesp);
293 esphlen = esplen + ivlen;
295 for (mprev = m; mprev && mprev->m_next != md; mprev = mprev->m_next)
297 if (mprev == NULL || mprev->m_next != md) {
298 printf("esp%d_output: md is not in chain\n", afnumber);
304 for (n = md; n; n = n->m_next)
310 ip = mtod(m, struct ip *);
312 hlen = IP_VHL_HL(ip->ip_vhl) << 2;
314 hlen = ip->ip_hl << 2;
320 ip6 = mtod(m, struct ip6_hdr *);
326 /* make the packet over-writable */
327 mprev->m_next = NULL;
328 if ((md = ipsec_copypkt(md)) == NULL) {
335 espoff = m->m_pkthdr.len - plen;
338 * grow the mbuf to accomodate ESP header.
339 * before: IP ... payload
340 * after: IP ... ESP IV payload
342 if (M_LEADINGSPACE(md) < esphlen) {
343 MGET(n, M_DONTWAIT, MT_DATA);
352 m->m_pkthdr.len += esphlen;
353 esp = mtod(n, struct esp *);
355 md->m_len += esphlen;
356 md->m_data -= esphlen;
357 m->m_pkthdr.len += esphlen;
358 esp = mtod(md, struct esp *);
362 *nexthdrp = IPPROTO_ESP;
366 if (esphlen < (IP_MAXPACKET - ntohs(ip->ip_len)))
367 ip->ip_len = htons(ntohs(ip->ip_len) + esphlen);
369 printf("IPv4 ESP output: size exceeds limit\n");
370 ipsecstat.out_inval++;
379 /* total packet length will be computed in ip6_output() */
385 /* initialize esp header. */
387 if ((sav->flags & SADB_X_EXT_OLD) == 0) {
389 nesp = (struct newesp *)esp;
390 sav->replay->count++;
392 * XXX sequence number must not be cycled, if the SA is
393 * installed by IKE daemon.
395 nesp->esp_seq = htonl(sav->replay->count);
400 * find the last mbuf. make some room for ESP trailer.
401 * XXX new-esp authentication data
404 struct ip *ip = NULL;
409 padbound = algo->padbound;
412 /* ESP packet, including nxthdr field, must be length of 4n */
416 extendsiz = padbound - (plen % padbound);
418 extendsiz = padbound + 1;
425 * if M_EXT, the external part may be shared among
426 * two consequtive TCP packets.
428 if (!(n->m_flags & M_EXT) && extendsiz < M_TRAILINGSPACE(n)) {
429 switch (sav->flags & SADB_X_EXT_PMASK) {
430 case SADB_X_EXT_PRAND:
432 case SADB_X_EXT_PZERO:
433 bzero((caddr_t)(mtod(n, u_int8_t *) + n->m_len),
436 case SADB_X_EXT_PSEQ:
440 p = mtod(n, u_char *) + n->m_len;
441 for (i = 0; i < extendsiz; i++)
446 n->m_len += extendsiz;
447 m->m_pkthdr.len += extendsiz;
451 MGET(nn, M_DONTWAIT, MT_DATA);
453 printf("esp%d_output: can't alloc mbuf", afnumber);
458 nn->m_len = extendsiz;
459 switch (sav->flags & SADB_X_EXT_PMASK) {
460 case SADB_X_EXT_PRAND:
462 case SADB_X_EXT_PZERO:
463 bzero(mtod(nn, caddr_t), extendsiz);
465 case SADB_X_EXT_PSEQ:
469 p = mtod(nn, u_char *);
470 for (i = 0; i < extendsiz; i++)
478 m->m_pkthdr.len += extendsiz;
481 /* initialize esp trailer. */
482 esptail = (struct esptail *)
483 (mtod(n, u_int8_t *) + n->m_len - sizeof(struct esptail));
484 esptail->esp_nxt = nxt;
485 esptail->esp_padlen = extendsiz - 2;
487 /* modify IP header (for ESP header part only) */
491 ip = mtod(m, struct ip *);
492 if (extendsiz < (IP_MAXPACKET - ntohs(ip->ip_len)))
493 ip->ip_len = htons(ntohs(ip->ip_len) + extendsiz);
495 printf("IPv4 ESP output: size exceeds limit\n");
496 ipsecstat.out_inval++;
505 /* total packet length will be computed in ip6_output() */
512 * encrypt the packet, based on security association
513 * and the algorithm specified.
516 panic("internal error: no encrypt function");
517 if ((*algo->encrypt)(m, espoff, plen + extendsiz, sav, algo, ivlen)) {
518 printf("packet encryption failure\n");
523 ipsecstat.out_inval++;
528 ipsec6stat.out_inval++;
537 * calculate ICV if required.
546 u_char authbuf[AH_MAXSUMSIZE];
552 siz = (((*ah_algorithms[sav->alg_auth].sumsiz)(sav) + 3) & ~(4 - 1));
553 if (AH_MAXSUMSIZE < siz)
554 panic("assertion failed for AH_MAXSUMSIZE");
556 if (esp_auth(m, espoff, m->m_pkthdr.len - espoff, sav, authbuf))
563 if (!(n->m_flags & M_EXT) && siz < M_TRAILINGSPACE(n)) { /*XXX*/
565 m->m_pkthdr.len += siz;
566 p = mtod(n, u_char *) + n->m_len - siz;
570 MGET(nn, M_DONTWAIT, MT_DATA);
572 printf("can't alloc mbuf in esp%d_output", afnumber);
581 m->m_pkthdr.len += siz;
582 p = mtod(nn, u_char *);
584 bcopy(authbuf, p, siz);
586 /* modify IP header (for ESP header part only) */
590 ip = mtod(m, struct ip *);
591 if (siz < (IP_MAXPACKET - ntohs(ip->ip_len)))
592 ip->ip_len = htons(ntohs(ip->ip_len) + siz);
594 printf("IPv4 ESP output: size exceeds limit\n");
595 ipsecstat.out_inval++;
604 /* total packet length will be computed in ip6_output() */
612 printf("NULL mbuf after encryption in esp%d_output", afnumber);
617 ipsecstat.out_success++;
622 ipsec6stat.out_success++;
630 ipsecstat.out_esphist[sav->alg_enc]++;
635 ipsec6stat.out_esphist[sav->alg_enc]++;
639 key_sa_recordxfer(sav, m);
646 panic("something bad in esp_output");
654 struct ipsecrequest *isr;
657 if (m->m_len < sizeof(struct ip)) {
658 printf("esp4_output: first mbuf too short\n");
662 ip = mtod(m, struct ip *);
663 /* XXX assumes that m->m_next points to payload */
664 return esp_output(m, &ip->ip_p, m->m_next, isr, AF_INET);
670 esp6_output(m, nexthdrp, md, isr)
674 struct ipsecrequest *isr;
676 if (m->m_len < sizeof(struct ip6_hdr)) {
677 printf("esp6_output: first mbuf too short\n");
681 return esp_output(m, nexthdrp, md, isr, AF_INET6);