1 |
/*- |
2 |
* Copyright (c) 2001-2008, by Cisco Systems, Inc. All rights reserved. |
3 |
* Copyright (c) 2008-2012, by Randall Stewart. All rights reserved. |
4 |
* Copyright (c) 2008-2012, by Michael Tuexen. All rights reserved. |
5 |
* |
6 |
* Redistribution and use in source and binary forms, with or without |
7 |
* modification, are permitted provided that the following conditions are met: |
8 |
* |
9 |
* a) Redistributions of source code must retain the above copyright notice, |
10 |
* this list of conditions and the following disclaimer. |
11 |
* |
12 |
* b) Redistributions in binary form must reproduce the above copyright |
13 |
* notice, this list of conditions and the following disclaimer in |
14 |
* the documentation and/or other materials provided with the distribution. |
15 |
* |
16 |
* c) Neither the name of Cisco Systems, Inc. nor the names of its |
17 |
* contributors may be used to endorse or promote products derived |
18 |
* from this software without specific prior written permission. |
19 |
* |
20 |
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS |
21 |
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, |
22 |
* THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
23 |
* ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE |
24 |
* LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR |
25 |
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF |
26 |
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS |
27 |
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN |
28 |
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) |
29 |
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF |
30 |
* THE POSSIBILITY OF SUCH DAMAGE. |
31 |
*/ |
32 |
|
33 |
#include <sys/cdefs.h> |
34 |
__MBSDID("$MidnightBSD$"); |
35 |
|
36 |
#include <netinet/sctp_os.h> |
37 |
#include <netinet/sctp.h> |
38 |
#include <netinet/sctp_header.h> |
39 |
#include <netinet/sctp_pcb.h> |
40 |
#include <netinet/sctp_var.h> |
41 |
#include <netinet/sctp_sysctl.h> |
42 |
#include <netinet/sctputil.h> |
43 |
#include <netinet/sctp_indata.h> |
44 |
#include <netinet/sctp_output.h> |
45 |
#include <netinet/sctp_auth.h> |
46 |
|
47 |
#ifdef SCTP_DEBUG |
48 |
#define SCTP_AUTH_DEBUG (SCTP_BASE_SYSCTL(sctp_debug_on) & SCTP_DEBUG_AUTH1) |
49 |
#define SCTP_AUTH_DEBUG2 (SCTP_BASE_SYSCTL(sctp_debug_on) & SCTP_DEBUG_AUTH2) |
50 |
#endif /* SCTP_DEBUG */ |
51 |
|
52 |
|
53 |
void |
54 |
sctp_clear_chunklist(sctp_auth_chklist_t * chklist) |
55 |
{ |
56 |
bzero(chklist, sizeof(*chklist)); |
57 |
/* chklist->num_chunks = 0; */ |
58 |
} |
59 |
|
60 |
sctp_auth_chklist_t * |
61 |
sctp_alloc_chunklist(void) |
62 |
{ |
63 |
sctp_auth_chklist_t *chklist; |
64 |
|
65 |
SCTP_MALLOC(chklist, sctp_auth_chklist_t *, sizeof(*chklist), |
66 |
SCTP_M_AUTH_CL); |
67 |
if (chklist == NULL) { |
68 |
SCTPDBG(SCTP_DEBUG_AUTH1, "sctp_alloc_chunklist: failed to get memory!\n"); |
69 |
} else { |
70 |
sctp_clear_chunklist(chklist); |
71 |
} |
72 |
return (chklist); |
73 |
} |
74 |
|
75 |
void |
76 |
sctp_free_chunklist(sctp_auth_chklist_t * list) |
77 |
{ |
78 |
if (list != NULL) |
79 |
SCTP_FREE(list, SCTP_M_AUTH_CL); |
80 |
} |
81 |
|
82 |
sctp_auth_chklist_t * |
83 |
sctp_copy_chunklist(sctp_auth_chklist_t * list) |
84 |
{ |
85 |
sctp_auth_chklist_t *new_list; |
86 |
|
87 |
if (list == NULL) |
88 |
return (NULL); |
89 |
|
90 |
/* get a new list */ |
91 |
new_list = sctp_alloc_chunklist(); |
92 |
if (new_list == NULL) |
93 |
return (NULL); |
94 |
/* copy it */ |
95 |
bcopy(list, new_list, sizeof(*new_list)); |
96 |
|
97 |
return (new_list); |
98 |
} |
99 |
|
100 |
|
101 |
/* |
102 |
* add a chunk to the required chunks list |
103 |
*/ |
104 |
int |
105 |
sctp_auth_add_chunk(uint8_t chunk, sctp_auth_chklist_t * list) |
106 |
{ |
107 |
if (list == NULL) |
108 |
return (-1); |
109 |
|
110 |
/* is chunk restricted? */ |
111 |
if ((chunk == SCTP_INITIATION) || |
112 |
(chunk == SCTP_INITIATION_ACK) || |
113 |
(chunk == SCTP_SHUTDOWN_COMPLETE) || |
114 |
(chunk == SCTP_AUTHENTICATION)) { |
115 |
return (-1); |
116 |
} |
117 |
if (list->chunks[chunk] == 0) { |
118 |
list->chunks[chunk] = 1; |
119 |
list->num_chunks++; |
120 |
SCTPDBG(SCTP_DEBUG_AUTH1, |
121 |
"SCTP: added chunk %u (0x%02x) to Auth list\n", |
122 |
chunk, chunk); |
123 |
} |
124 |
return (0); |
125 |
} |
126 |
|
127 |
/* |
128 |
* delete a chunk from the required chunks list |
129 |
*/ |
130 |
int |
131 |
sctp_auth_delete_chunk(uint8_t chunk, sctp_auth_chklist_t * list) |
132 |
{ |
133 |
if (list == NULL) |
134 |
return (-1); |
135 |
|
136 |
/* is chunk restricted? */ |
137 |
if ((chunk == SCTP_ASCONF) || |
138 |
(chunk == SCTP_ASCONF_ACK)) { |
139 |
return (-1); |
140 |
} |
141 |
if (list->chunks[chunk] == 1) { |
142 |
list->chunks[chunk] = 0; |
143 |
list->num_chunks--; |
144 |
SCTPDBG(SCTP_DEBUG_AUTH1, |
145 |
"SCTP: deleted chunk %u (0x%02x) from Auth list\n", |
146 |
chunk, chunk); |
147 |
} |
148 |
return (0); |
149 |
} |
150 |
|
151 |
size_t |
152 |
sctp_auth_get_chklist_size(const sctp_auth_chklist_t * list) |
153 |
{ |
154 |
if (list == NULL) |
155 |
return (0); |
156 |
else |
157 |
return (list->num_chunks); |
158 |
} |
159 |
|
160 |
/* |
161 |
* set the default list of chunks requiring AUTH |
162 |
*/ |
163 |
void |
164 |
sctp_auth_set_default_chunks(sctp_auth_chklist_t * list) |
165 |
{ |
166 |
(void)sctp_auth_add_chunk(SCTP_ASCONF, list); |
167 |
(void)sctp_auth_add_chunk(SCTP_ASCONF_ACK, list); |
168 |
} |
169 |
|
170 |
/* |
171 |
* return the current number and list of required chunks caller must |
172 |
* guarantee ptr has space for up to 256 bytes |
173 |
*/ |
174 |
int |
175 |
sctp_serialize_auth_chunks(const sctp_auth_chklist_t * list, uint8_t * ptr) |
176 |
{ |
177 |
int i, count = 0; |
178 |
|
179 |
if (list == NULL) |
180 |
return (0); |
181 |
|
182 |
for (i = 0; i < 256; i++) { |
183 |
if (list->chunks[i] != 0) { |
184 |
*ptr++ = i; |
185 |
count++; |
186 |
} |
187 |
} |
188 |
return (count); |
189 |
} |
190 |
|
191 |
int |
192 |
sctp_pack_auth_chunks(const sctp_auth_chklist_t * list, uint8_t * ptr) |
193 |
{ |
194 |
int i, size = 0; |
195 |
|
196 |
if (list == NULL) |
197 |
return (0); |
198 |
|
199 |
if (list->num_chunks <= 32) { |
200 |
/* just list them, one byte each */ |
201 |
for (i = 0; i < 256; i++) { |
202 |
if (list->chunks[i] != 0) { |
203 |
*ptr++ = i; |
204 |
size++; |
205 |
} |
206 |
} |
207 |
} else { |
208 |
int index, offset; |
209 |
|
210 |
/* pack into a 32 byte bitfield */ |
211 |
for (i = 0; i < 256; i++) { |
212 |
if (list->chunks[i] != 0) { |
213 |
index = i / 8; |
214 |
offset = i % 8; |
215 |
ptr[index] |= (1 << offset); |
216 |
} |
217 |
} |
218 |
size = 32; |
219 |
} |
220 |
return (size); |
221 |
} |
222 |
|
223 |
int |
224 |
sctp_unpack_auth_chunks(const uint8_t * ptr, uint8_t num_chunks, |
225 |
sctp_auth_chklist_t * list) |
226 |
{ |
227 |
int i; |
228 |
int size; |
229 |
|
230 |
if (list == NULL) |
231 |
return (0); |
232 |
|
233 |
if (num_chunks <= 32) { |
234 |
/* just pull them, one byte each */ |
235 |
for (i = 0; i < num_chunks; i++) { |
236 |
(void)sctp_auth_add_chunk(*ptr++, list); |
237 |
} |
238 |
size = num_chunks; |
239 |
} else { |
240 |
int index, offset; |
241 |
|
242 |
/* unpack from a 32 byte bitfield */ |
243 |
for (index = 0; index < 32; index++) { |
244 |
for (offset = 0; offset < 8; offset++) { |
245 |
if (ptr[index] & (1 << offset)) { |
246 |
(void)sctp_auth_add_chunk((index * 8) + offset, list); |
247 |
} |
248 |
} |
249 |
} |
250 |
size = 32; |
251 |
} |
252 |
return (size); |
253 |
} |
254 |
|
255 |
|
256 |
/* |
257 |
* allocate structure space for a key of length keylen |
258 |
*/ |
259 |
sctp_key_t * |
260 |
sctp_alloc_key(uint32_t keylen) |
261 |
{ |
262 |
sctp_key_t *new_key; |
263 |
|
264 |
SCTP_MALLOC(new_key, sctp_key_t *, sizeof(*new_key) + keylen, |
265 |
SCTP_M_AUTH_KY); |
266 |
if (new_key == NULL) { |
267 |
/* out of memory */ |
268 |
return (NULL); |
269 |
} |
270 |
new_key->keylen = keylen; |
271 |
return (new_key); |
272 |
} |
273 |
|
274 |
void |
275 |
sctp_free_key(sctp_key_t * key) |
276 |
{ |
277 |
if (key != NULL) |
278 |
SCTP_FREE(key, SCTP_M_AUTH_KY); |
279 |
} |
280 |
|
281 |
void |
282 |
sctp_print_key(sctp_key_t * key, const char *str) |
283 |
{ |
284 |
uint32_t i; |
285 |
|
286 |
if (key == NULL) { |
287 |
SCTP_PRINTF("%s: [Null key]\n", str); |
288 |
return; |
289 |
} |
290 |
SCTP_PRINTF("%s: len %u, ", str, key->keylen); |
291 |
if (key->keylen) { |
292 |
for (i = 0; i < key->keylen; i++) |
293 |
SCTP_PRINTF("%02x", key->key[i]); |
294 |
SCTP_PRINTF("\n"); |
295 |
} else { |
296 |
SCTP_PRINTF("[Null key]\n"); |
297 |
} |
298 |
} |
299 |
|
300 |
void |
301 |
sctp_show_key(sctp_key_t * key, const char *str) |
302 |
{ |
303 |
uint32_t i; |
304 |
|
305 |
if (key == NULL) { |
306 |
SCTP_PRINTF("%s: [Null key]\n", str); |
307 |
return; |
308 |
} |
309 |
SCTP_PRINTF("%s: len %u, ", str, key->keylen); |
310 |
if (key->keylen) { |
311 |
for (i = 0; i < key->keylen; i++) |
312 |
SCTP_PRINTF("%02x", key->key[i]); |
313 |
SCTP_PRINTF("\n"); |
314 |
} else { |
315 |
SCTP_PRINTF("[Null key]\n"); |
316 |
} |
317 |
} |
318 |
|
319 |
static uint32_t |
320 |
sctp_get_keylen(sctp_key_t * key) |
321 |
{ |
322 |
if (key != NULL) |
323 |
return (key->keylen); |
324 |
else |
325 |
return (0); |
326 |
} |
327 |
|
328 |
/* |
329 |
* generate a new random key of length 'keylen' |
330 |
*/ |
331 |
sctp_key_t * |
332 |
sctp_generate_random_key(uint32_t keylen) |
333 |
{ |
334 |
sctp_key_t *new_key; |
335 |
|
336 |
/* validate keylen */ |
337 |
if (keylen > SCTP_AUTH_RANDOM_SIZE_MAX) |
338 |
keylen = SCTP_AUTH_RANDOM_SIZE_MAX; |
339 |
|
340 |
new_key = sctp_alloc_key(keylen); |
341 |
if (new_key == NULL) { |
342 |
/* out of memory */ |
343 |
return (NULL); |
344 |
} |
345 |
SCTP_READ_RANDOM(new_key->key, keylen); |
346 |
new_key->keylen = keylen; |
347 |
return (new_key); |
348 |
} |
349 |
|
350 |
sctp_key_t * |
351 |
sctp_set_key(uint8_t * key, uint32_t keylen) |
352 |
{ |
353 |
sctp_key_t *new_key; |
354 |
|
355 |
new_key = sctp_alloc_key(keylen); |
356 |
if (new_key == NULL) { |
357 |
/* out of memory */ |
358 |
return (NULL); |
359 |
} |
360 |
bcopy(key, new_key->key, keylen); |
361 |
return (new_key); |
362 |
} |
363 |
|
364 |
/*- |
365 |
* given two keys of variable size, compute which key is "larger/smaller" |
366 |
* returns: 1 if key1 > key2 |
367 |
* -1 if key1 < key2 |
368 |
* 0 if key1 = key2 |
369 |
*/ |
370 |
static int |
371 |
sctp_compare_key(sctp_key_t * key1, sctp_key_t * key2) |
372 |
{ |
373 |
uint32_t maxlen; |
374 |
uint32_t i; |
375 |
uint32_t key1len, key2len; |
376 |
uint8_t *key_1, *key_2; |
377 |
uint8_t temp[SCTP_AUTH_RANDOM_SIZE_MAX]; |
378 |
|
379 |
/* sanity/length check */ |
380 |
key1len = sctp_get_keylen(key1); |
381 |
key2len = sctp_get_keylen(key2); |
382 |
if ((key1len == 0) && (key2len == 0)) |
383 |
return (0); |
384 |
else if (key1len == 0) |
385 |
return (-1); |
386 |
else if (key2len == 0) |
387 |
return (1); |
388 |
|
389 |
if (key1len != key2len) { |
390 |
if (key1len >= key2len) |
391 |
maxlen = key1len; |
392 |
else |
393 |
maxlen = key2len; |
394 |
bzero(temp, maxlen); |
395 |
if (key1len < maxlen) { |
396 |
/* prepend zeroes to key1 */ |
397 |
bcopy(key1->key, temp + (maxlen - key1len), key1len); |
398 |
key_1 = temp; |
399 |
key_2 = key2->key; |
400 |
} else { |
401 |
/* prepend zeroes to key2 */ |
402 |
bcopy(key2->key, temp + (maxlen - key2len), key2len); |
403 |
key_1 = key1->key; |
404 |
key_2 = temp; |
405 |
} |
406 |
} else { |
407 |
maxlen = key1len; |
408 |
key_1 = key1->key; |
409 |
key_2 = key2->key; |
410 |
} |
411 |
|
412 |
for (i = 0; i < maxlen; i++) { |
413 |
if (*key_1 > *key_2) |
414 |
return (1); |
415 |
else if (*key_1 < *key_2) |
416 |
return (-1); |
417 |
key_1++; |
418 |
key_2++; |
419 |
} |
420 |
|
421 |
/* keys are equal value, so check lengths */ |
422 |
if (key1len == key2len) |
423 |
return (0); |
424 |
else if (key1len < key2len) |
425 |
return (-1); |
426 |
else |
427 |
return (1); |
428 |
} |
429 |
|
430 |
/* |
431 |
* generate the concatenated keying material based on the two keys and the |
432 |
* shared key (if available). draft-ietf-tsvwg-auth specifies the specific |
433 |
* order for concatenation |
434 |
*/ |
435 |
sctp_key_t * |
436 |
sctp_compute_hashkey(sctp_key_t * key1, sctp_key_t * key2, sctp_key_t * shared) |
437 |
{ |
438 |
uint32_t keylen; |
439 |
sctp_key_t *new_key; |
440 |
uint8_t *key_ptr; |
441 |
|
442 |
keylen = sctp_get_keylen(key1) + sctp_get_keylen(key2) + |
443 |
sctp_get_keylen(shared); |
444 |
|
445 |
if (keylen > 0) { |
446 |
/* get space for the new key */ |
447 |
new_key = sctp_alloc_key(keylen); |
448 |
if (new_key == NULL) { |
449 |
/* out of memory */ |
450 |
return (NULL); |
451 |
} |
452 |
new_key->keylen = keylen; |
453 |
key_ptr = new_key->key; |
454 |
} else { |
455 |
/* all keys empty/null?! */ |
456 |
return (NULL); |
457 |
} |
458 |
|
459 |
/* concatenate the keys */ |
460 |
if (sctp_compare_key(key1, key2) <= 0) { |
461 |
/* key is shared + key1 + key2 */ |
462 |
if (sctp_get_keylen(shared)) { |
463 |
bcopy(shared->key, key_ptr, shared->keylen); |
464 |
key_ptr += shared->keylen; |
465 |
} |
466 |
if (sctp_get_keylen(key1)) { |
467 |
bcopy(key1->key, key_ptr, key1->keylen); |
468 |
key_ptr += key1->keylen; |
469 |
} |
470 |
if (sctp_get_keylen(key2)) { |
471 |
bcopy(key2->key, key_ptr, key2->keylen); |
472 |
} |
473 |
} else { |
474 |
/* key is shared + key2 + key1 */ |
475 |
if (sctp_get_keylen(shared)) { |
476 |
bcopy(shared->key, key_ptr, shared->keylen); |
477 |
key_ptr += shared->keylen; |
478 |
} |
479 |
if (sctp_get_keylen(key2)) { |
480 |
bcopy(key2->key, key_ptr, key2->keylen); |
481 |
key_ptr += key2->keylen; |
482 |
} |
483 |
if (sctp_get_keylen(key1)) { |
484 |
bcopy(key1->key, key_ptr, key1->keylen); |
485 |
} |
486 |
} |
487 |
return (new_key); |
488 |
} |
489 |
|
490 |
|
491 |
sctp_sharedkey_t * |
492 |
sctp_alloc_sharedkey(void) |
493 |
{ |
494 |
sctp_sharedkey_t *new_key; |
495 |
|
496 |
SCTP_MALLOC(new_key, sctp_sharedkey_t *, sizeof(*new_key), |
497 |
SCTP_M_AUTH_KY); |
498 |
if (new_key == NULL) { |
499 |
/* out of memory */ |
500 |
return (NULL); |
501 |
} |
502 |
new_key->keyid = 0; |
503 |
new_key->key = NULL; |
504 |
new_key->refcount = 1; |
505 |
new_key->deactivated = 0; |
506 |
return (new_key); |
507 |
} |
508 |
|
509 |
void |
510 |
sctp_free_sharedkey(sctp_sharedkey_t * skey) |
511 |
{ |
512 |
if (skey == NULL) |
513 |
return; |
514 |
|
515 |
if (SCTP_DECREMENT_AND_CHECK_REFCOUNT(&skey->refcount)) { |
516 |
if (skey->key != NULL) |
517 |
sctp_free_key(skey->key); |
518 |
SCTP_FREE(skey, SCTP_M_AUTH_KY); |
519 |
} |
520 |
} |
521 |
|
522 |
sctp_sharedkey_t * |
523 |
sctp_find_sharedkey(struct sctp_keyhead *shared_keys, uint16_t key_id) |
524 |
{ |
525 |
sctp_sharedkey_t *skey; |
526 |
|
527 |
LIST_FOREACH(skey, shared_keys, next) { |
528 |
if (skey->keyid == key_id) |
529 |
return (skey); |
530 |
} |
531 |
return (NULL); |
532 |
} |
533 |
|
534 |
int |
535 |
sctp_insert_sharedkey(struct sctp_keyhead *shared_keys, |
536 |
sctp_sharedkey_t * new_skey) |
537 |
{ |
538 |
sctp_sharedkey_t *skey; |
539 |
|
540 |
if ((shared_keys == NULL) || (new_skey == NULL)) |
541 |
return (EINVAL); |
542 |
|
543 |
/* insert into an empty list? */ |
544 |
if (LIST_EMPTY(shared_keys)) { |
545 |
LIST_INSERT_HEAD(shared_keys, new_skey, next); |
546 |
return (0); |
547 |
} |
548 |
/* insert into the existing list, ordered by key id */ |
549 |
LIST_FOREACH(skey, shared_keys, next) { |
550 |
if (new_skey->keyid < skey->keyid) { |
551 |
/* insert it before here */ |
552 |
LIST_INSERT_BEFORE(skey, new_skey, next); |
553 |
return (0); |
554 |
} else if (new_skey->keyid == skey->keyid) { |
555 |
/* replace the existing key */ |
556 |
/* verify this key *can* be replaced */ |
557 |
if ((skey->deactivated) && (skey->refcount > 1)) { |
558 |
SCTPDBG(SCTP_DEBUG_AUTH1, |
559 |
"can't replace shared key id %u\n", |
560 |
new_skey->keyid); |
561 |
return (EBUSY); |
562 |
} |
563 |
SCTPDBG(SCTP_DEBUG_AUTH1, |
564 |
"replacing shared key id %u\n", |
565 |
new_skey->keyid); |
566 |
LIST_INSERT_BEFORE(skey, new_skey, next); |
567 |
LIST_REMOVE(skey, next); |
568 |
sctp_free_sharedkey(skey); |
569 |
return (0); |
570 |
} |
571 |
if (LIST_NEXT(skey, next) == NULL) { |
572 |
/* belongs at the end of the list */ |
573 |
LIST_INSERT_AFTER(skey, new_skey, next); |
574 |
return (0); |
575 |
} |
576 |
} |
577 |
/* shouldn't reach here */ |
578 |
return (0); |
579 |
} |
580 |
|
581 |
void |
582 |
sctp_auth_key_acquire(struct sctp_tcb *stcb, uint16_t key_id) |
583 |
{ |
584 |
sctp_sharedkey_t *skey; |
585 |
|
586 |
/* find the shared key */ |
587 |
skey = sctp_find_sharedkey(&stcb->asoc.shared_keys, key_id); |
588 |
|
589 |
/* bump the ref count */ |
590 |
if (skey) { |
591 |
atomic_add_int(&skey->refcount, 1); |
592 |
SCTPDBG(SCTP_DEBUG_AUTH2, |
593 |
"%s: stcb %p key %u refcount acquire to %d\n", |
594 |
__FUNCTION__, stcb, key_id, skey->refcount); |
595 |
} |
596 |
} |
597 |
|
598 |
void |
599 |
sctp_auth_key_release(struct sctp_tcb *stcb, uint16_t key_id, int so_locked |
600 |
#if !defined(__APPLE__) && !defined(SCTP_SO_LOCK_TESTING) |
601 |
SCTP_UNUSED |
602 |
#endif |
603 |
) |
604 |
{ |
605 |
sctp_sharedkey_t *skey; |
606 |
|
607 |
/* find the shared key */ |
608 |
skey = sctp_find_sharedkey(&stcb->asoc.shared_keys, key_id); |
609 |
|
610 |
/* decrement the ref count */ |
611 |
if (skey) { |
612 |
sctp_free_sharedkey(skey); |
613 |
SCTPDBG(SCTP_DEBUG_AUTH2, |
614 |
"%s: stcb %p key %u refcount release to %d\n", |
615 |
__FUNCTION__, stcb, key_id, skey->refcount); |
616 |
|
617 |
/* see if a notification should be generated */ |
618 |
if ((skey->refcount <= 1) && (skey->deactivated)) { |
619 |
/* notify ULP that key is no longer used */ |
620 |
sctp_ulp_notify(SCTP_NOTIFY_AUTH_FREE_KEY, stcb, |
621 |
key_id, 0, so_locked); |
622 |
SCTPDBG(SCTP_DEBUG_AUTH2, |
623 |
"%s: stcb %p key %u no longer used, %d\n", |
624 |
__FUNCTION__, stcb, key_id, skey->refcount); |
625 |
} |
626 |
} |
627 |
} |
628 |
|
629 |
static sctp_sharedkey_t * |
630 |
sctp_copy_sharedkey(const sctp_sharedkey_t * skey) |
631 |
{ |
632 |
sctp_sharedkey_t *new_skey; |
633 |
|
634 |
if (skey == NULL) |
635 |
return (NULL); |
636 |
new_skey = sctp_alloc_sharedkey(); |
637 |
if (new_skey == NULL) |
638 |
return (NULL); |
639 |
if (skey->key != NULL) |
640 |
new_skey->key = sctp_set_key(skey->key->key, skey->key->keylen); |
641 |
else |
642 |
new_skey->key = NULL; |
643 |
new_skey->keyid = skey->keyid; |
644 |
return (new_skey); |
645 |
} |
646 |
|
647 |
int |
648 |
sctp_copy_skeylist(const struct sctp_keyhead *src, struct sctp_keyhead *dest) |
649 |
{ |
650 |
sctp_sharedkey_t *skey, *new_skey; |
651 |
int count = 0; |
652 |
|
653 |
if ((src == NULL) || (dest == NULL)) |
654 |
return (0); |
655 |
LIST_FOREACH(skey, src, next) { |
656 |
new_skey = sctp_copy_sharedkey(skey); |
657 |
if (new_skey != NULL) { |
658 |
(void)sctp_insert_sharedkey(dest, new_skey); |
659 |
count++; |
660 |
} |
661 |
} |
662 |
return (count); |
663 |
} |
664 |
|
665 |
|
666 |
sctp_hmaclist_t * |
667 |
sctp_alloc_hmaclist(uint8_t num_hmacs) |
668 |
{ |
669 |
sctp_hmaclist_t *new_list; |
670 |
int alloc_size; |
671 |
|
672 |
alloc_size = sizeof(*new_list) + num_hmacs * sizeof(new_list->hmac[0]); |
673 |
SCTP_MALLOC(new_list, sctp_hmaclist_t *, alloc_size, |
674 |
SCTP_M_AUTH_HL); |
675 |
if (new_list == NULL) { |
676 |
/* out of memory */ |
677 |
return (NULL); |
678 |
} |
679 |
new_list->max_algo = num_hmacs; |
680 |
new_list->num_algo = 0; |
681 |
return (new_list); |
682 |
} |
683 |
|
684 |
void |
685 |
sctp_free_hmaclist(sctp_hmaclist_t * list) |
686 |
{ |
687 |
if (list != NULL) { |
688 |
SCTP_FREE(list, SCTP_M_AUTH_HL); |
689 |
list = NULL; |
690 |
} |
691 |
} |
692 |
|
693 |
int |
694 |
sctp_auth_add_hmacid(sctp_hmaclist_t * list, uint16_t hmac_id) |
695 |
{ |
696 |
int i; |
697 |
|
698 |
if (list == NULL) |
699 |
return (-1); |
700 |
if (list->num_algo == list->max_algo) { |
701 |
SCTPDBG(SCTP_DEBUG_AUTH1, |
702 |
"SCTP: HMAC id list full, ignoring add %u\n", hmac_id); |
703 |
return (-1); |
704 |
} |
705 |
if ((hmac_id != SCTP_AUTH_HMAC_ID_SHA1) && |
706 |
#ifdef HAVE_SHA224 |
707 |
(hmac_id != SCTP_AUTH_HMAC_ID_SHA224) && |
708 |
#endif |
709 |
#ifdef HAVE_SHA2 |
710 |
(hmac_id != SCTP_AUTH_HMAC_ID_SHA256) && |
711 |
(hmac_id != SCTP_AUTH_HMAC_ID_SHA384) && |
712 |
(hmac_id != SCTP_AUTH_HMAC_ID_SHA512) && |
713 |
#endif |
714 |
1) { |
715 |
return (-1); |
716 |
} |
717 |
/* Now is it already in the list */ |
718 |
for (i = 0; i < list->num_algo; i++) { |
719 |
if (list->hmac[i] == hmac_id) { |
720 |
/* already in list */ |
721 |
return (-1); |
722 |
} |
723 |
} |
724 |
SCTPDBG(SCTP_DEBUG_AUTH1, "SCTP: add HMAC id %u to list\n", hmac_id); |
725 |
list->hmac[list->num_algo++] = hmac_id; |
726 |
return (0); |
727 |
} |
728 |
|
729 |
sctp_hmaclist_t * |
730 |
sctp_copy_hmaclist(sctp_hmaclist_t * list) |
731 |
{ |
732 |
sctp_hmaclist_t *new_list; |
733 |
int i; |
734 |
|
735 |
if (list == NULL) |
736 |
return (NULL); |
737 |
/* get a new list */ |
738 |
new_list = sctp_alloc_hmaclist(list->max_algo); |
739 |
if (new_list == NULL) |
740 |
return (NULL); |
741 |
/* copy it */ |
742 |
new_list->max_algo = list->max_algo; |
743 |
new_list->num_algo = list->num_algo; |
744 |
for (i = 0; i < list->num_algo; i++) |
745 |
new_list->hmac[i] = list->hmac[i]; |
746 |
return (new_list); |
747 |
} |
748 |
|
749 |
sctp_hmaclist_t * |
750 |
sctp_default_supported_hmaclist(void) |
751 |
{ |
752 |
sctp_hmaclist_t *new_list; |
753 |
|
754 |
new_list = sctp_alloc_hmaclist(2); |
755 |
if (new_list == NULL) |
756 |
return (NULL); |
757 |
(void)sctp_auth_add_hmacid(new_list, SCTP_AUTH_HMAC_ID_SHA1); |
758 |
(void)sctp_auth_add_hmacid(new_list, SCTP_AUTH_HMAC_ID_SHA256); |
759 |
return (new_list); |
760 |
} |
761 |
|
762 |
/*- |
763 |
* HMAC algos are listed in priority/preference order |
764 |
* find the best HMAC id to use for the peer based on local support |
765 |
*/ |
766 |
uint16_t |
767 |
sctp_negotiate_hmacid(sctp_hmaclist_t * peer, sctp_hmaclist_t * local) |
768 |
{ |
769 |
int i, j; |
770 |
|
771 |
if ((local == NULL) || (peer == NULL)) |
772 |
return (SCTP_AUTH_HMAC_ID_RSVD); |
773 |
|
774 |
for (i = 0; i < peer->num_algo; i++) { |
775 |
for (j = 0; j < local->num_algo; j++) { |
776 |
if (peer->hmac[i] == local->hmac[j]) { |
777 |
/* found the "best" one */ |
778 |
SCTPDBG(SCTP_DEBUG_AUTH1, |
779 |
"SCTP: negotiated peer HMAC id %u\n", |
780 |
peer->hmac[i]); |
781 |
return (peer->hmac[i]); |
782 |
} |
783 |
} |
784 |
} |
785 |
/* didn't find one! */ |
786 |
return (SCTP_AUTH_HMAC_ID_RSVD); |
787 |
} |
788 |
|
789 |
/*- |
790 |
* serialize the HMAC algo list and return space used |
791 |
* caller must guarantee ptr has appropriate space |
792 |
*/ |
793 |
int |
794 |
sctp_serialize_hmaclist(sctp_hmaclist_t * list, uint8_t * ptr) |
795 |
{ |
796 |
int i; |
797 |
uint16_t hmac_id; |
798 |
|
799 |
if (list == NULL) |
800 |
return (0); |
801 |
|
802 |
for (i = 0; i < list->num_algo; i++) { |
803 |
hmac_id = htons(list->hmac[i]); |
804 |
bcopy(&hmac_id, ptr, sizeof(hmac_id)); |
805 |
ptr += sizeof(hmac_id); |
806 |
} |
807 |
return (list->num_algo * sizeof(hmac_id)); |
808 |
} |
809 |
|
810 |
int |
811 |
sctp_verify_hmac_param(struct sctp_auth_hmac_algo *hmacs, uint32_t num_hmacs) |
812 |
{ |
813 |
uint32_t i; |
814 |
uint16_t hmac_id; |
815 |
uint32_t sha1_supported = 0; |
816 |
|
817 |
for (i = 0; i < num_hmacs; i++) { |
818 |
hmac_id = ntohs(hmacs->hmac_ids[i]); |
819 |
if (hmac_id == SCTP_AUTH_HMAC_ID_SHA1) |
820 |
sha1_supported = 1; |
821 |
} |
822 |
/* all HMAC id's are supported */ |
823 |
if (sha1_supported == 0) |
824 |
return (-1); |
825 |
else |
826 |
return (0); |
827 |
} |
828 |
|
829 |
sctp_authinfo_t * |
830 |
sctp_alloc_authinfo(void) |
831 |
{ |
832 |
sctp_authinfo_t *new_authinfo; |
833 |
|
834 |
SCTP_MALLOC(new_authinfo, sctp_authinfo_t *, sizeof(*new_authinfo), |
835 |
SCTP_M_AUTH_IF); |
836 |
|
837 |
if (new_authinfo == NULL) { |
838 |
/* out of memory */ |
839 |
return (NULL); |
840 |
} |
841 |
bzero(new_authinfo, sizeof(*new_authinfo)); |
842 |
return (new_authinfo); |
843 |
} |
844 |
|
845 |
void |
846 |
sctp_free_authinfo(sctp_authinfo_t * authinfo) |
847 |
{ |
848 |
if (authinfo == NULL) |
849 |
return; |
850 |
|
851 |
if (authinfo->random != NULL) |
852 |
sctp_free_key(authinfo->random); |
853 |
if (authinfo->peer_random != NULL) |
854 |
sctp_free_key(authinfo->peer_random); |
855 |
if (authinfo->assoc_key != NULL) |
856 |
sctp_free_key(authinfo->assoc_key); |
857 |
if (authinfo->recv_key != NULL) |
858 |
sctp_free_key(authinfo->recv_key); |
859 |
|
860 |
/* We are NOT dynamically allocating authinfo's right now... */ |
861 |
/* SCTP_FREE(authinfo, SCTP_M_AUTH_??); */ |
862 |
} |
863 |
|
864 |
|
865 |
uint32_t |
866 |
sctp_get_auth_chunk_len(uint16_t hmac_algo) |
867 |
{ |
868 |
int size; |
869 |
|
870 |
size = sizeof(struct sctp_auth_chunk) + sctp_get_hmac_digest_len(hmac_algo); |
871 |
return (SCTP_SIZE32(size)); |
872 |
} |
873 |
|
874 |
uint32_t |
875 |
sctp_get_hmac_digest_len(uint16_t hmac_algo) |
876 |
{ |
877 |
switch (hmac_algo) { |
878 |
case SCTP_AUTH_HMAC_ID_SHA1: |
879 |
return (SCTP_AUTH_DIGEST_LEN_SHA1); |
880 |
#ifdef HAVE_SHA224 |
881 |
case SCTP_AUTH_HMAC_ID_SHA224: |
882 |
return (SCTP_AUTH_DIGEST_LEN_SHA224); |
883 |
#endif |
884 |
#ifdef HAVE_SHA2 |
885 |
case SCTP_AUTH_HMAC_ID_SHA256: |
886 |
return (SCTP_AUTH_DIGEST_LEN_SHA256); |
887 |
case SCTP_AUTH_HMAC_ID_SHA384: |
888 |
return (SCTP_AUTH_DIGEST_LEN_SHA384); |
889 |
case SCTP_AUTH_HMAC_ID_SHA512: |
890 |
return (SCTP_AUTH_DIGEST_LEN_SHA512); |
891 |
#endif |
892 |
default: |
893 |
/* unknown HMAC algorithm: can't do anything */ |
894 |
return (0); |
895 |
} /* end switch */ |
896 |
} |
897 |
|
898 |
static inline int |
899 |
sctp_get_hmac_block_len(uint16_t hmac_algo) |
900 |
{ |
901 |
switch (hmac_algo) { |
902 |
case SCTP_AUTH_HMAC_ID_SHA1: |
903 |
#ifdef HAVE_SHA224 |
904 |
case SCTP_AUTH_HMAC_ID_SHA224: |
905 |
#endif |
906 |
return (64); |
907 |
#ifdef HAVE_SHA2 |
908 |
case SCTP_AUTH_HMAC_ID_SHA256: |
909 |
return (64); |
910 |
case SCTP_AUTH_HMAC_ID_SHA384: |
911 |
case SCTP_AUTH_HMAC_ID_SHA512: |
912 |
return (128); |
913 |
#endif |
914 |
case SCTP_AUTH_HMAC_ID_RSVD: |
915 |
default: |
916 |
/* unknown HMAC algorithm: can't do anything */ |
917 |
return (0); |
918 |
} /* end switch */ |
919 |
} |
920 |
|
921 |
static void |
922 |
sctp_hmac_init(uint16_t hmac_algo, sctp_hash_context_t * ctx) |
923 |
{ |
924 |
switch (hmac_algo) { |
925 |
case SCTP_AUTH_HMAC_ID_SHA1: |
926 |
SHA1_Init(&ctx->sha1); |
927 |
break; |
928 |
#ifdef HAVE_SHA224 |
929 |
case SCTP_AUTH_HMAC_ID_SHA224: |
930 |
break; |
931 |
#endif |
932 |
#ifdef HAVE_SHA2 |
933 |
case SCTP_AUTH_HMAC_ID_SHA256: |
934 |
SHA256_Init(&ctx->sha256); |
935 |
break; |
936 |
case SCTP_AUTH_HMAC_ID_SHA384: |
937 |
SHA384_Init(&ctx->sha384); |
938 |
break; |
939 |
case SCTP_AUTH_HMAC_ID_SHA512: |
940 |
SHA512_Init(&ctx->sha512); |
941 |
break; |
942 |
#endif |
943 |
case SCTP_AUTH_HMAC_ID_RSVD: |
944 |
default: |
945 |
/* unknown HMAC algorithm: can't do anything */ |
946 |
return; |
947 |
} /* end switch */ |
948 |
} |
949 |
|
950 |
static void |
951 |
sctp_hmac_update(uint16_t hmac_algo, sctp_hash_context_t * ctx, |
952 |
uint8_t * text, uint32_t textlen) |
953 |
{ |
954 |
switch (hmac_algo) { |
955 |
case SCTP_AUTH_HMAC_ID_SHA1: |
956 |
SHA1_Update(&ctx->sha1, text, textlen); |
957 |
break; |
958 |
#ifdef HAVE_SHA224 |
959 |
case SCTP_AUTH_HMAC_ID_SHA224: |
960 |
break; |
961 |
#endif |
962 |
#ifdef HAVE_SHA2 |
963 |
case SCTP_AUTH_HMAC_ID_SHA256: |
964 |
SHA256_Update(&ctx->sha256, text, textlen); |
965 |
break; |
966 |
case SCTP_AUTH_HMAC_ID_SHA384: |
967 |
SHA384_Update(&ctx->sha384, text, textlen); |
968 |
break; |
969 |
case SCTP_AUTH_HMAC_ID_SHA512: |
970 |
SHA512_Update(&ctx->sha512, text, textlen); |
971 |
break; |
972 |
#endif |
973 |
case SCTP_AUTH_HMAC_ID_RSVD: |
974 |
default: |
975 |
/* unknown HMAC algorithm: can't do anything */ |
976 |
return; |
977 |
} /* end switch */ |
978 |
} |
979 |
|
980 |
static void |
981 |
sctp_hmac_final(uint16_t hmac_algo, sctp_hash_context_t * ctx, |
982 |
uint8_t * digest) |
983 |
{ |
984 |
switch (hmac_algo) { |
985 |
case SCTP_AUTH_HMAC_ID_SHA1: |
986 |
SHA1_Final(digest, &ctx->sha1); |
987 |
break; |
988 |
#ifdef HAVE_SHA224 |
989 |
case SCTP_AUTH_HMAC_ID_SHA224: |
990 |
break; |
991 |
#endif |
992 |
#ifdef HAVE_SHA2 |
993 |
case SCTP_AUTH_HMAC_ID_SHA256: |
994 |
SHA256_Final(digest, &ctx->sha256); |
995 |
break; |
996 |
case SCTP_AUTH_HMAC_ID_SHA384: |
997 |
/* SHA384 is truncated SHA512 */ |
998 |
SHA384_Final(digest, &ctx->sha384); |
999 |
break; |
1000 |
case SCTP_AUTH_HMAC_ID_SHA512: |
1001 |
SHA512_Final(digest, &ctx->sha512); |
1002 |
break; |
1003 |
#endif |
1004 |
case SCTP_AUTH_HMAC_ID_RSVD: |
1005 |
default: |
1006 |
/* unknown HMAC algorithm: can't do anything */ |
1007 |
return; |
1008 |
} /* end switch */ |
1009 |
} |
1010 |
|
1011 |
/*- |
1012 |
* Keyed-Hashing for Message Authentication: FIPS 198 (RFC 2104) |
1013 |
* |
1014 |
* Compute the HMAC digest using the desired hash key, text, and HMAC |
1015 |
* algorithm. Resulting digest is placed in 'digest' and digest length |
1016 |
* is returned, if the HMAC was performed. |
1017 |
* |
1018 |
* WARNING: it is up to the caller to supply sufficient space to hold the |
1019 |
* resultant digest. |
1020 |
*/ |
1021 |
uint32_t |
1022 |
sctp_hmac(uint16_t hmac_algo, uint8_t * key, uint32_t keylen, |
1023 |
uint8_t * text, uint32_t textlen, uint8_t * digest) |
1024 |
{ |
1025 |
uint32_t digestlen; |
1026 |
uint32_t blocklen; |
1027 |
sctp_hash_context_t ctx; |
1028 |
uint8_t ipad[128], opad[128]; /* keyed hash inner/outer pads */ |
1029 |
uint8_t temp[SCTP_AUTH_DIGEST_LEN_MAX]; |
1030 |
uint32_t i; |
1031 |
|
1032 |
/* sanity check the material and length */ |
1033 |
if ((key == NULL) || (keylen == 0) || (text == NULL) || |
1034 |
(textlen == 0) || (digest == NULL)) { |
1035 |
/* can't do HMAC with empty key or text or digest store */ |
1036 |
return (0); |
1037 |
} |
1038 |
/* validate the hmac algo and get the digest length */ |
1039 |
digestlen = sctp_get_hmac_digest_len(hmac_algo); |
1040 |
if (digestlen == 0) |
1041 |
return (0); |
1042 |
|
1043 |
/* hash the key if it is longer than the hash block size */ |
1044 |
blocklen = sctp_get_hmac_block_len(hmac_algo); |
1045 |
if (keylen > blocklen) { |
1046 |
sctp_hmac_init(hmac_algo, &ctx); |
1047 |
sctp_hmac_update(hmac_algo, &ctx, key, keylen); |
1048 |
sctp_hmac_final(hmac_algo, &ctx, temp); |
1049 |
/* set the hashed key as the key */ |
1050 |
keylen = digestlen; |
1051 |
key = temp; |
1052 |
} |
1053 |
/* initialize the inner/outer pads with the key and "append" zeroes */ |
1054 |
bzero(ipad, blocklen); |
1055 |
bzero(opad, blocklen); |
1056 |
bcopy(key, ipad, keylen); |
1057 |
bcopy(key, opad, keylen); |
1058 |
|
1059 |
/* XOR the key with ipad and opad values */ |
1060 |
for (i = 0; i < blocklen; i++) { |
1061 |
ipad[i] ^= 0x36; |
1062 |
opad[i] ^= 0x5c; |
1063 |
} |
1064 |
|
1065 |
/* perform inner hash */ |
1066 |
sctp_hmac_init(hmac_algo, &ctx); |
1067 |
sctp_hmac_update(hmac_algo, &ctx, ipad, blocklen); |
1068 |
sctp_hmac_update(hmac_algo, &ctx, text, textlen); |
1069 |
sctp_hmac_final(hmac_algo, &ctx, temp); |
1070 |
|
1071 |
/* perform outer hash */ |
1072 |
sctp_hmac_init(hmac_algo, &ctx); |
1073 |
sctp_hmac_update(hmac_algo, &ctx, opad, blocklen); |
1074 |
sctp_hmac_update(hmac_algo, &ctx, temp, digestlen); |
1075 |
sctp_hmac_final(hmac_algo, &ctx, digest); |
1076 |
|
1077 |
return (digestlen); |
1078 |
} |
1079 |
|
1080 |
/* mbuf version */ |
1081 |
uint32_t |
1082 |
sctp_hmac_m(uint16_t hmac_algo, uint8_t * key, uint32_t keylen, |
1083 |
struct mbuf *m, uint32_t m_offset, uint8_t * digest, uint32_t trailer) |
1084 |
{ |
1085 |
uint32_t digestlen; |
1086 |
uint32_t blocklen; |
1087 |
sctp_hash_context_t ctx; |
1088 |
uint8_t ipad[128], opad[128]; /* keyed hash inner/outer pads */ |
1089 |
uint8_t temp[SCTP_AUTH_DIGEST_LEN_MAX]; |
1090 |
uint32_t i; |
1091 |
struct mbuf *m_tmp; |
1092 |
|
1093 |
/* sanity check the material and length */ |
1094 |
if ((key == NULL) || (keylen == 0) || (m == NULL) || (digest == NULL)) { |
1095 |
/* can't do HMAC with empty key or text or digest store */ |
1096 |
return (0); |
1097 |
} |
1098 |
/* validate the hmac algo and get the digest length */ |
1099 |
digestlen = sctp_get_hmac_digest_len(hmac_algo); |
1100 |
if (digestlen == 0) |
1101 |
return (0); |
1102 |
|
1103 |
/* hash the key if it is longer than the hash block size */ |
1104 |
blocklen = sctp_get_hmac_block_len(hmac_algo); |
1105 |
if (keylen > blocklen) { |
1106 |
sctp_hmac_init(hmac_algo, &ctx); |
1107 |
sctp_hmac_update(hmac_algo, &ctx, key, keylen); |
1108 |
sctp_hmac_final(hmac_algo, &ctx, temp); |
1109 |
/* set the hashed key as the key */ |
1110 |
keylen = digestlen; |
1111 |
key = temp; |
1112 |
} |
1113 |
/* initialize the inner/outer pads with the key and "append" zeroes */ |
1114 |
bzero(ipad, blocklen); |
1115 |
bzero(opad, blocklen); |
1116 |
bcopy(key, ipad, keylen); |
1117 |
bcopy(key, opad, keylen); |
1118 |
|
1119 |
/* XOR the key with ipad and opad values */ |
1120 |
for (i = 0; i < blocklen; i++) { |
1121 |
ipad[i] ^= 0x36; |
1122 |
opad[i] ^= 0x5c; |
1123 |
} |
1124 |
|
1125 |
/* perform inner hash */ |
1126 |
sctp_hmac_init(hmac_algo, &ctx); |
1127 |
sctp_hmac_update(hmac_algo, &ctx, ipad, blocklen); |
1128 |
/* find the correct starting mbuf and offset (get start of text) */ |
1129 |
m_tmp = m; |
1130 |
while ((m_tmp != NULL) && (m_offset >= (uint32_t) SCTP_BUF_LEN(m_tmp))) { |
1131 |
m_offset -= SCTP_BUF_LEN(m_tmp); |
1132 |
m_tmp = SCTP_BUF_NEXT(m_tmp); |
1133 |
} |
1134 |
/* now use the rest of the mbuf chain for the text */ |
1135 |
while (m_tmp != NULL) { |
1136 |
if ((SCTP_BUF_NEXT(m_tmp) == NULL) && trailer) { |
1137 |
sctp_hmac_update(hmac_algo, &ctx, mtod(m_tmp, uint8_t *) + m_offset, |
1138 |
SCTP_BUF_LEN(m_tmp) - (trailer + m_offset)); |
1139 |
} else { |
1140 |
sctp_hmac_update(hmac_algo, &ctx, mtod(m_tmp, uint8_t *) + m_offset, |
1141 |
SCTP_BUF_LEN(m_tmp) - m_offset); |
1142 |
} |
1143 |
|
1144 |
/* clear the offset since it's only for the first mbuf */ |
1145 |
m_offset = 0; |
1146 |
m_tmp = SCTP_BUF_NEXT(m_tmp); |
1147 |
} |
1148 |
sctp_hmac_final(hmac_algo, &ctx, temp); |
1149 |
|
1150 |
/* perform outer hash */ |
1151 |
sctp_hmac_init(hmac_algo, &ctx); |
1152 |
sctp_hmac_update(hmac_algo, &ctx, opad, blocklen); |
1153 |
sctp_hmac_update(hmac_algo, &ctx, temp, digestlen); |
1154 |
sctp_hmac_final(hmac_algo, &ctx, digest); |
1155 |
|
1156 |
return (digestlen); |
1157 |
} |
1158 |
|
1159 |
/*- |
1160 |
* verify the HMAC digest using the desired hash key, text, and HMAC |
1161 |
* algorithm. |
1162 |
* Returns -1 on error, 0 on success. |
1163 |
*/ |
1164 |
int |
1165 |
sctp_verify_hmac(uint16_t hmac_algo, uint8_t * key, uint32_t keylen, |
1166 |
uint8_t * text, uint32_t textlen, |
1167 |
uint8_t * digest, uint32_t digestlen) |
1168 |
{ |
1169 |
uint32_t len; |
1170 |
uint8_t temp[SCTP_AUTH_DIGEST_LEN_MAX]; |
1171 |
|
1172 |
/* sanity check the material and length */ |
1173 |
if ((key == NULL) || (keylen == 0) || |
1174 |
(text == NULL) || (textlen == 0) || (digest == NULL)) { |
1175 |
/* can't do HMAC with empty key or text or digest */ |
1176 |
return (-1); |
1177 |
} |
1178 |
len = sctp_get_hmac_digest_len(hmac_algo); |
1179 |
if ((len == 0) || (digestlen != len)) |
1180 |
return (-1); |
1181 |
|
1182 |
/* compute the expected hash */ |
1183 |
if (sctp_hmac(hmac_algo, key, keylen, text, textlen, temp) != len) |
1184 |
return (-1); |
1185 |
|
1186 |
if (memcmp(digest, temp, digestlen) != 0) |
1187 |
return (-1); |
1188 |
else |
1189 |
return (0); |
1190 |
} |
1191 |
|
1192 |
|
1193 |
/* |
1194 |
* computes the requested HMAC using a key struct (which may be modified if |
1195 |
* the keylen exceeds the HMAC block len). |
1196 |
*/ |
1197 |
uint32_t |
1198 |
sctp_compute_hmac(uint16_t hmac_algo, sctp_key_t * key, uint8_t * text, |
1199 |
uint32_t textlen, uint8_t * digest) |
1200 |
{ |
1201 |
uint32_t digestlen; |
1202 |
uint32_t blocklen; |
1203 |
sctp_hash_context_t ctx; |
1204 |
uint8_t temp[SCTP_AUTH_DIGEST_LEN_MAX]; |
1205 |
|
1206 |
/* sanity check */ |
1207 |
if ((key == NULL) || (text == NULL) || (textlen == 0) || |
1208 |
(digest == NULL)) { |
1209 |
/* can't do HMAC with empty key or text or digest store */ |
1210 |
return (0); |
1211 |
} |
1212 |
/* validate the hmac algo and get the digest length */ |
1213 |
digestlen = sctp_get_hmac_digest_len(hmac_algo); |
1214 |
if (digestlen == 0) |
1215 |
return (0); |
1216 |
|
1217 |
/* hash the key if it is longer than the hash block size */ |
1218 |
blocklen = sctp_get_hmac_block_len(hmac_algo); |
1219 |
if (key->keylen > blocklen) { |
1220 |
sctp_hmac_init(hmac_algo, &ctx); |
1221 |
sctp_hmac_update(hmac_algo, &ctx, key->key, key->keylen); |
1222 |
sctp_hmac_final(hmac_algo, &ctx, temp); |
1223 |
/* save the hashed key as the new key */ |
1224 |
key->keylen = digestlen; |
1225 |
bcopy(temp, key->key, key->keylen); |
1226 |
} |
1227 |
return (sctp_hmac(hmac_algo, key->key, key->keylen, text, textlen, |
1228 |
digest)); |
1229 |
} |
1230 |
|
1231 |
/* mbuf version */ |
1232 |
uint32_t |
1233 |
sctp_compute_hmac_m(uint16_t hmac_algo, sctp_key_t * key, struct mbuf *m, |
1234 |
uint32_t m_offset, uint8_t * digest) |
1235 |
{ |
1236 |
uint32_t digestlen; |
1237 |
uint32_t blocklen; |
1238 |
sctp_hash_context_t ctx; |
1239 |
uint8_t temp[SCTP_AUTH_DIGEST_LEN_MAX]; |
1240 |
|
1241 |
/* sanity check */ |
1242 |
if ((key == NULL) || (m == NULL) || (digest == NULL)) { |
1243 |
/* can't do HMAC with empty key or text or digest store */ |
1244 |
return (0); |
1245 |
} |
1246 |
/* validate the hmac algo and get the digest length */ |
1247 |
digestlen = sctp_get_hmac_digest_len(hmac_algo); |
1248 |
if (digestlen == 0) |
1249 |
return (0); |
1250 |
|
1251 |
/* hash the key if it is longer than the hash block size */ |
1252 |
blocklen = sctp_get_hmac_block_len(hmac_algo); |
1253 |
if (key->keylen > blocklen) { |
1254 |
sctp_hmac_init(hmac_algo, &ctx); |
1255 |
sctp_hmac_update(hmac_algo, &ctx, key->key, key->keylen); |
1256 |
sctp_hmac_final(hmac_algo, &ctx, temp); |
1257 |
/* save the hashed key as the new key */ |
1258 |
key->keylen = digestlen; |
1259 |
bcopy(temp, key->key, key->keylen); |
1260 |
} |
1261 |
return (sctp_hmac_m(hmac_algo, key->key, key->keylen, m, m_offset, digest, 0)); |
1262 |
} |
1263 |
|
1264 |
int |
1265 |
sctp_auth_is_supported_hmac(sctp_hmaclist_t * list, uint16_t id) |
1266 |
{ |
1267 |
int i; |
1268 |
|
1269 |
if ((list == NULL) || (id == SCTP_AUTH_HMAC_ID_RSVD)) |
1270 |
return (0); |
1271 |
|
1272 |
for (i = 0; i < list->num_algo; i++) |
1273 |
if (list->hmac[i] == id) |
1274 |
return (1); |
1275 |
|
1276 |
/* not in the list */ |
1277 |
return (0); |
1278 |
} |
1279 |
|
1280 |
|
1281 |
/*- |
1282 |
* clear any cached key(s) if they match the given key id on an association. |
1283 |
* the cached key(s) will be recomputed and re-cached at next use. |
1284 |
* ASSUMES TCB_LOCK is already held |
1285 |
*/ |
1286 |
void |
1287 |
sctp_clear_cachedkeys(struct sctp_tcb *stcb, uint16_t keyid) |
1288 |
{ |
1289 |
if (stcb == NULL) |
1290 |
return; |
1291 |
|
1292 |
if (keyid == stcb->asoc.authinfo.assoc_keyid) { |
1293 |
sctp_free_key(stcb->asoc.authinfo.assoc_key); |
1294 |
stcb->asoc.authinfo.assoc_key = NULL; |
1295 |
} |
1296 |
if (keyid == stcb->asoc.authinfo.recv_keyid) { |
1297 |
sctp_free_key(stcb->asoc.authinfo.recv_key); |
1298 |
stcb->asoc.authinfo.recv_key = NULL; |
1299 |
} |
1300 |
} |
1301 |
|
1302 |
/*- |
1303 |
* clear any cached key(s) if they match the given key id for all assocs on |
1304 |
* an endpoint. |
1305 |
* ASSUMES INP_WLOCK is already held |
1306 |
*/ |
1307 |
void |
1308 |
sctp_clear_cachedkeys_ep(struct sctp_inpcb *inp, uint16_t keyid) |
1309 |
{ |
1310 |
struct sctp_tcb *stcb; |
1311 |
|
1312 |
if (inp == NULL) |
1313 |
return; |
1314 |
|
1315 |
/* clear the cached keys on all assocs on this instance */ |
1316 |
LIST_FOREACH(stcb, &inp->sctp_asoc_list, sctp_tcblist) { |
1317 |
SCTP_TCB_LOCK(stcb); |
1318 |
sctp_clear_cachedkeys(stcb, keyid); |
1319 |
SCTP_TCB_UNLOCK(stcb); |
1320 |
} |
1321 |
} |
1322 |
|
1323 |
/*- |
1324 |
* delete a shared key from an association |
1325 |
* ASSUMES TCB_LOCK is already held |
1326 |
*/ |
1327 |
int |
1328 |
sctp_delete_sharedkey(struct sctp_tcb *stcb, uint16_t keyid) |
1329 |
{ |
1330 |
sctp_sharedkey_t *skey; |
1331 |
|
1332 |
if (stcb == NULL) |
1333 |
return (-1); |
1334 |
|
1335 |
/* is the keyid the assoc active sending key */ |
1336 |
if (keyid == stcb->asoc.authinfo.active_keyid) |
1337 |
return (-1); |
1338 |
|
1339 |
/* does the key exist? */ |
1340 |
skey = sctp_find_sharedkey(&stcb->asoc.shared_keys, keyid); |
1341 |
if (skey == NULL) |
1342 |
return (-1); |
1343 |
|
1344 |
/* are there other refcount holders on the key? */ |
1345 |
if (skey->refcount > 1) |
1346 |
return (-1); |
1347 |
|
1348 |
/* remove it */ |
1349 |
LIST_REMOVE(skey, next); |
1350 |
sctp_free_sharedkey(skey); /* frees skey->key as well */ |
1351 |
|
1352 |
/* clear any cached keys */ |
1353 |
sctp_clear_cachedkeys(stcb, keyid); |
1354 |
return (0); |
1355 |
} |
1356 |
|
1357 |
/*- |
1358 |
* deletes a shared key from the endpoint |
1359 |
* ASSUMES INP_WLOCK is already held |
1360 |
*/ |
1361 |
int |
1362 |
sctp_delete_sharedkey_ep(struct sctp_inpcb *inp, uint16_t keyid) |
1363 |
{ |
1364 |
sctp_sharedkey_t *skey; |
1365 |
|
1366 |
if (inp == NULL) |
1367 |
return (-1); |
1368 |
|
1369 |
/* is the keyid the active sending key on the endpoint */ |
1370 |
if (keyid == inp->sctp_ep.default_keyid) |
1371 |
return (-1); |
1372 |
|
1373 |
/* does the key exist? */ |
1374 |
skey = sctp_find_sharedkey(&inp->sctp_ep.shared_keys, keyid); |
1375 |
if (skey == NULL) |
1376 |
return (-1); |
1377 |
|
1378 |
/* endpoint keys are not refcounted */ |
1379 |
|
1380 |
/* remove it */ |
1381 |
LIST_REMOVE(skey, next); |
1382 |
sctp_free_sharedkey(skey); /* frees skey->key as well */ |
1383 |
|
1384 |
/* clear any cached keys */ |
1385 |
sctp_clear_cachedkeys_ep(inp, keyid); |
1386 |
return (0); |
1387 |
} |
1388 |
|
1389 |
/*- |
1390 |
* set the active key on an association |
1391 |
* ASSUMES TCB_LOCK is already held |
1392 |
*/ |
1393 |
int |
1394 |
sctp_auth_setactivekey(struct sctp_tcb *stcb, uint16_t keyid) |
1395 |
{ |
1396 |
sctp_sharedkey_t *skey = NULL; |
1397 |
|
1398 |
/* find the key on the assoc */ |
1399 |
skey = sctp_find_sharedkey(&stcb->asoc.shared_keys, keyid); |
1400 |
if (skey == NULL) { |
1401 |
/* that key doesn't exist */ |
1402 |
return (-1); |
1403 |
} |
1404 |
if ((skey->deactivated) && (skey->refcount > 1)) { |
1405 |
/* can't reactivate a deactivated key with other refcounts */ |
1406 |
return (-1); |
1407 |
} |
1408 |
/* set the (new) active key */ |
1409 |
stcb->asoc.authinfo.active_keyid = keyid; |
1410 |
/* reset the deactivated flag */ |
1411 |
skey->deactivated = 0; |
1412 |
|
1413 |
return (0); |
1414 |
} |
1415 |
|
1416 |
/*- |
1417 |
* set the active key on an endpoint |
1418 |
* ASSUMES INP_WLOCK is already held |
1419 |
*/ |
1420 |
int |
1421 |
sctp_auth_setactivekey_ep(struct sctp_inpcb *inp, uint16_t keyid) |
1422 |
{ |
1423 |
sctp_sharedkey_t *skey; |
1424 |
|
1425 |
/* find the key */ |
1426 |
skey = sctp_find_sharedkey(&inp->sctp_ep.shared_keys, keyid); |
1427 |
if (skey == NULL) { |
1428 |
/* that key doesn't exist */ |
1429 |
return (-1); |
1430 |
} |
1431 |
inp->sctp_ep.default_keyid = keyid; |
1432 |
return (0); |
1433 |
} |
1434 |
|
1435 |
/*- |
1436 |
* deactivates a shared key from the association |
1437 |
* ASSUMES INP_WLOCK is already held |
1438 |
*/ |
1439 |
int |
1440 |
sctp_deact_sharedkey(struct sctp_tcb *stcb, uint16_t keyid) |
1441 |
{ |
1442 |
sctp_sharedkey_t *skey; |
1443 |
|
1444 |
if (stcb == NULL) |
1445 |
return (-1); |
1446 |
|
1447 |
/* is the keyid the assoc active sending key */ |
1448 |
if (keyid == stcb->asoc.authinfo.active_keyid) |
1449 |
return (-1); |
1450 |
|
1451 |
/* does the key exist? */ |
1452 |
skey = sctp_find_sharedkey(&stcb->asoc.shared_keys, keyid); |
1453 |
if (skey == NULL) |
1454 |
return (-1); |
1455 |
|
1456 |
/* are there other refcount holders on the key? */ |
1457 |
if (skey->refcount == 1) { |
1458 |
/* no other users, send a notification for this key */ |
1459 |
sctp_ulp_notify(SCTP_NOTIFY_AUTH_FREE_KEY, stcb, keyid, 0, |
1460 |
SCTP_SO_LOCKED); |
1461 |
} |
1462 |
/* mark the key as deactivated */ |
1463 |
skey->deactivated = 1; |
1464 |
|
1465 |
return (0); |
1466 |
} |
1467 |
|
1468 |
/*- |
1469 |
* deactivates a shared key from the endpoint |
1470 |
* ASSUMES INP_WLOCK is already held |
1471 |
*/ |
1472 |
int |
1473 |
sctp_deact_sharedkey_ep(struct sctp_inpcb *inp, uint16_t keyid) |
1474 |
{ |
1475 |
sctp_sharedkey_t *skey; |
1476 |
|
1477 |
if (inp == NULL) |
1478 |
return (-1); |
1479 |
|
1480 |
/* is the keyid the active sending key on the endpoint */ |
1481 |
if (keyid == inp->sctp_ep.default_keyid) |
1482 |
return (-1); |
1483 |
|
1484 |
/* does the key exist? */ |
1485 |
skey = sctp_find_sharedkey(&inp->sctp_ep.shared_keys, keyid); |
1486 |
if (skey == NULL) |
1487 |
return (-1); |
1488 |
|
1489 |
/* endpoint keys are not refcounted */ |
1490 |
|
1491 |
/* remove it */ |
1492 |
LIST_REMOVE(skey, next); |
1493 |
sctp_free_sharedkey(skey); /* frees skey->key as well */ |
1494 |
|
1495 |
return (0); |
1496 |
} |
1497 |
|
1498 |
/* |
1499 |
* get local authentication parameters from cookie (from INIT-ACK) |
1500 |
*/ |
1501 |
void |
1502 |
sctp_auth_get_cookie_params(struct sctp_tcb *stcb, struct mbuf *m, |
1503 |
uint32_t offset, uint32_t length) |
1504 |
{ |
1505 |
struct sctp_paramhdr *phdr, tmp_param; |
1506 |
uint16_t plen, ptype; |
1507 |
uint8_t random_store[SCTP_PARAM_BUFFER_SIZE]; |
1508 |
struct sctp_auth_random *p_random = NULL; |
1509 |
uint16_t random_len = 0; |
1510 |
uint8_t hmacs_store[SCTP_PARAM_BUFFER_SIZE]; |
1511 |
struct sctp_auth_hmac_algo *hmacs = NULL; |
1512 |
uint16_t hmacs_len = 0; |
1513 |
uint8_t chunks_store[SCTP_PARAM_BUFFER_SIZE]; |
1514 |
struct sctp_auth_chunk_list *chunks = NULL; |
1515 |
uint16_t num_chunks = 0; |
1516 |
sctp_key_t *new_key; |
1517 |
uint32_t keylen; |
1518 |
|
1519 |
/* convert to upper bound */ |
1520 |
length += offset; |
1521 |
|
1522 |
phdr = (struct sctp_paramhdr *)sctp_m_getptr(m, offset, |
1523 |
sizeof(struct sctp_paramhdr), (uint8_t *) & tmp_param); |
1524 |
while (phdr != NULL) { |
1525 |
ptype = ntohs(phdr->param_type); |
1526 |
plen = ntohs(phdr->param_length); |
1527 |
|
1528 |
if ((plen == 0) || (offset + plen > length)) |
1529 |
break; |
1530 |
|
1531 |
if (ptype == SCTP_RANDOM) { |
1532 |
if (plen > sizeof(random_store)) |
1533 |
break; |
1534 |
phdr = sctp_get_next_param(m, offset, |
1535 |
(struct sctp_paramhdr *)random_store, min(plen, sizeof(random_store))); |
1536 |
if (phdr == NULL) |
1537 |
return; |
1538 |
/* save the random and length for the key */ |
1539 |
p_random = (struct sctp_auth_random *)phdr; |
1540 |
random_len = plen - sizeof(*p_random); |
1541 |
} else if (ptype == SCTP_HMAC_LIST) { |
1542 |
int num_hmacs; |
1543 |
int i; |
1544 |
|
1545 |
if (plen > sizeof(hmacs_store)) |
1546 |
break; |
1547 |
phdr = sctp_get_next_param(m, offset, |
1548 |
(struct sctp_paramhdr *)hmacs_store, min(plen, sizeof(hmacs_store))); |
1549 |
if (phdr == NULL) |
1550 |
return; |
1551 |
/* save the hmacs list and num for the key */ |
1552 |
hmacs = (struct sctp_auth_hmac_algo *)phdr; |
1553 |
hmacs_len = plen - sizeof(*hmacs); |
1554 |
num_hmacs = hmacs_len / sizeof(hmacs->hmac_ids[0]); |
1555 |
if (stcb->asoc.local_hmacs != NULL) |
1556 |
sctp_free_hmaclist(stcb->asoc.local_hmacs); |
1557 |
stcb->asoc.local_hmacs = sctp_alloc_hmaclist(num_hmacs); |
1558 |
if (stcb->asoc.local_hmacs != NULL) { |
1559 |
for (i = 0; i < num_hmacs; i++) { |
1560 |
(void)sctp_auth_add_hmacid(stcb->asoc.local_hmacs, |
1561 |
ntohs(hmacs->hmac_ids[i])); |
1562 |
} |
1563 |
} |
1564 |
} else if (ptype == SCTP_CHUNK_LIST) { |
1565 |
int i; |
1566 |
|
1567 |
if (plen > sizeof(chunks_store)) |
1568 |
break; |
1569 |
phdr = sctp_get_next_param(m, offset, |
1570 |
(struct sctp_paramhdr *)chunks_store, min(plen, sizeof(chunks_store))); |
1571 |
if (phdr == NULL) |
1572 |
return; |
1573 |
chunks = (struct sctp_auth_chunk_list *)phdr; |
1574 |
num_chunks = plen - sizeof(*chunks); |
1575 |
/* save chunks list and num for the key */ |
1576 |
if (stcb->asoc.local_auth_chunks != NULL) |
1577 |
sctp_clear_chunklist(stcb->asoc.local_auth_chunks); |
1578 |
else |
1579 |
stcb->asoc.local_auth_chunks = sctp_alloc_chunklist(); |
1580 |
for (i = 0; i < num_chunks; i++) { |
1581 |
(void)sctp_auth_add_chunk(chunks->chunk_types[i], |
1582 |
stcb->asoc.local_auth_chunks); |
1583 |
} |
1584 |
} |
1585 |
/* get next parameter */ |
1586 |
offset += SCTP_SIZE32(plen); |
1587 |
if (offset + sizeof(struct sctp_paramhdr) > length) |
1588 |
break; |
1589 |
phdr = (struct sctp_paramhdr *)sctp_m_getptr(m, offset, sizeof(struct sctp_paramhdr), |
1590 |
(uint8_t *) & tmp_param); |
1591 |
} |
1592 |
/* concatenate the full random key */ |
1593 |
keylen = sizeof(*p_random) + random_len + sizeof(*hmacs) + hmacs_len; |
1594 |
if (chunks != NULL) { |
1595 |
keylen += sizeof(*chunks) + num_chunks; |
1596 |
} |
1597 |
new_key = sctp_alloc_key(keylen); |
1598 |
if (new_key != NULL) { |
1599 |
/* copy in the RANDOM */ |
1600 |
if (p_random != NULL) { |
1601 |
keylen = sizeof(*p_random) + random_len; |
1602 |
bcopy(p_random, new_key->key, keylen); |
1603 |
} |
1604 |
/* append in the AUTH chunks */ |
1605 |
if (chunks != NULL) { |
1606 |
bcopy(chunks, new_key->key + keylen, |
1607 |
sizeof(*chunks) + num_chunks); |
1608 |
keylen += sizeof(*chunks) + num_chunks; |
1609 |
} |
1610 |
/* append in the HMACs */ |
1611 |
if (hmacs != NULL) { |
1612 |
bcopy(hmacs, new_key->key + keylen, |
1613 |
sizeof(*hmacs) + hmacs_len); |
1614 |
} |
1615 |
} |
1616 |
if (stcb->asoc.authinfo.random != NULL) |
1617 |
sctp_free_key(stcb->asoc.authinfo.random); |
1618 |
stcb->asoc.authinfo.random = new_key; |
1619 |
stcb->asoc.authinfo.random_len = random_len; |
1620 |
sctp_clear_cachedkeys(stcb, stcb->asoc.authinfo.assoc_keyid); |
1621 |
sctp_clear_cachedkeys(stcb, stcb->asoc.authinfo.recv_keyid); |
1622 |
|
1623 |
/* negotiate what HMAC to use for the peer */ |
1624 |
stcb->asoc.peer_hmac_id = sctp_negotiate_hmacid(stcb->asoc.peer_hmacs, |
1625 |
stcb->asoc.local_hmacs); |
1626 |
|
1627 |
/* copy defaults from the endpoint */ |
1628 |
/* FIX ME: put in cookie? */ |
1629 |
stcb->asoc.authinfo.active_keyid = stcb->sctp_ep->sctp_ep.default_keyid; |
1630 |
/* copy out the shared key list (by reference) from the endpoint */ |
1631 |
(void)sctp_copy_skeylist(&stcb->sctp_ep->sctp_ep.shared_keys, |
1632 |
&stcb->asoc.shared_keys); |
1633 |
} |
1634 |
|
1635 |
/* |
1636 |
* compute and fill in the HMAC digest for a packet |
1637 |
*/ |
1638 |
void |
1639 |
sctp_fill_hmac_digest_m(struct mbuf *m, uint32_t auth_offset, |
1640 |
struct sctp_auth_chunk *auth, struct sctp_tcb *stcb, uint16_t keyid) |
1641 |
{ |
1642 |
uint32_t digestlen; |
1643 |
sctp_sharedkey_t *skey; |
1644 |
sctp_key_t *key; |
1645 |
|
1646 |
if ((stcb == NULL) || (auth == NULL)) |
1647 |
return; |
1648 |
|
1649 |
/* zero the digest + chunk padding */ |
1650 |
digestlen = sctp_get_hmac_digest_len(stcb->asoc.peer_hmac_id); |
1651 |
bzero(auth->hmac, SCTP_SIZE32(digestlen)); |
1652 |
|
1653 |
/* is the desired key cached? */ |
1654 |
if ((keyid != stcb->asoc.authinfo.assoc_keyid) || |
1655 |
(stcb->asoc.authinfo.assoc_key == NULL)) { |
1656 |
if (stcb->asoc.authinfo.assoc_key != NULL) { |
1657 |
/* free the old cached key */ |
1658 |
sctp_free_key(stcb->asoc.authinfo.assoc_key); |
1659 |
} |
1660 |
skey = sctp_find_sharedkey(&stcb->asoc.shared_keys, keyid); |
1661 |
/* the only way skey is NULL is if null key id 0 is used */ |
1662 |
if (skey != NULL) |
1663 |
key = skey->key; |
1664 |
else |
1665 |
key = NULL; |
1666 |
/* compute a new assoc key and cache it */ |
1667 |
stcb->asoc.authinfo.assoc_key = |
1668 |
sctp_compute_hashkey(stcb->asoc.authinfo.random, |
1669 |
stcb->asoc.authinfo.peer_random, key); |
1670 |
stcb->asoc.authinfo.assoc_keyid = keyid; |
1671 |
SCTPDBG(SCTP_DEBUG_AUTH1, "caching key id %u\n", |
1672 |
stcb->asoc.authinfo.assoc_keyid); |
1673 |
#ifdef SCTP_DEBUG |
1674 |
if (SCTP_AUTH_DEBUG) |
1675 |
sctp_print_key(stcb->asoc.authinfo.assoc_key, |
1676 |
"Assoc Key"); |
1677 |
#endif |
1678 |
} |
1679 |
/* set in the active key id */ |
1680 |
auth->shared_key_id = htons(keyid); |
1681 |
|
1682 |
/* compute and fill in the digest */ |
1683 |
(void)sctp_compute_hmac_m(stcb->asoc.peer_hmac_id, stcb->asoc.authinfo.assoc_key, |
1684 |
m, auth_offset, auth->hmac); |
1685 |
} |
1686 |
|
1687 |
|
1688 |
static void |
1689 |
sctp_bzero_m(struct mbuf *m, uint32_t m_offset, uint32_t size) |
1690 |
{ |
1691 |
struct mbuf *m_tmp; |
1692 |
uint8_t *data; |
1693 |
|
1694 |
/* sanity check */ |
1695 |
if (m == NULL) |
1696 |
return; |
1697 |
|
1698 |
/* find the correct starting mbuf and offset (get start position) */ |
1699 |
m_tmp = m; |
1700 |
while ((m_tmp != NULL) && (m_offset >= (uint32_t) SCTP_BUF_LEN(m_tmp))) { |
1701 |
m_offset -= SCTP_BUF_LEN(m_tmp); |
1702 |
m_tmp = SCTP_BUF_NEXT(m_tmp); |
1703 |
} |
1704 |
/* now use the rest of the mbuf chain */ |
1705 |
while ((m_tmp != NULL) && (size > 0)) { |
1706 |
data = mtod(m_tmp, uint8_t *) + m_offset; |
1707 |
if (size > (uint32_t) SCTP_BUF_LEN(m_tmp)) { |
1708 |
bzero(data, SCTP_BUF_LEN(m_tmp)); |
1709 |
size -= SCTP_BUF_LEN(m_tmp); |
1710 |
} else { |
1711 |
bzero(data, size); |
1712 |
size = 0; |
1713 |
} |
1714 |
/* clear the offset since it's only for the first mbuf */ |
1715 |
m_offset = 0; |
1716 |
m_tmp = SCTP_BUF_NEXT(m_tmp); |
1717 |
} |
1718 |
} |
1719 |
|
1720 |
/*- |
1721 |
* process the incoming Authentication chunk |
1722 |
* return codes: |
1723 |
* -1 on any authentication error |
1724 |
* 0 on authentication verification |
1725 |
*/ |
1726 |
int |
1727 |
sctp_handle_auth(struct sctp_tcb *stcb, struct sctp_auth_chunk *auth, |
1728 |
struct mbuf *m, uint32_t offset) |
1729 |
{ |
1730 |
uint16_t chunklen; |
1731 |
uint16_t shared_key_id; |
1732 |
uint16_t hmac_id; |
1733 |
sctp_sharedkey_t *skey; |
1734 |
uint32_t digestlen; |
1735 |
uint8_t digest[SCTP_AUTH_DIGEST_LEN_MAX]; |
1736 |
uint8_t computed_digest[SCTP_AUTH_DIGEST_LEN_MAX]; |
1737 |
|
1738 |
/* auth is checked for NULL by caller */ |
1739 |
chunklen = ntohs(auth->ch.chunk_length); |
1740 |
if (chunklen < sizeof(*auth)) { |
1741 |
SCTP_STAT_INCR(sctps_recvauthfailed); |
1742 |
return (-1); |
1743 |
} |
1744 |
SCTP_STAT_INCR(sctps_recvauth); |
1745 |
|
1746 |
/* get the auth params */ |
1747 |
shared_key_id = ntohs(auth->shared_key_id); |
1748 |
hmac_id = ntohs(auth->hmac_id); |
1749 |
SCTPDBG(SCTP_DEBUG_AUTH1, |
1750 |
"SCTP AUTH Chunk: shared key %u, HMAC id %u\n", |
1751 |
shared_key_id, hmac_id); |
1752 |
|
1753 |
/* is the indicated HMAC supported? */ |
1754 |
if (!sctp_auth_is_supported_hmac(stcb->asoc.local_hmacs, hmac_id)) { |
1755 |
struct mbuf *m_err; |
1756 |
struct sctp_auth_invalid_hmac *err; |
1757 |
|
1758 |
SCTP_STAT_INCR(sctps_recvivalhmacid); |
1759 |
SCTPDBG(SCTP_DEBUG_AUTH1, |
1760 |
"SCTP Auth: unsupported HMAC id %u\n", |
1761 |
hmac_id); |
1762 |
/* |
1763 |
* report this in an Error Chunk: Unsupported HMAC |
1764 |
* Identifier |
1765 |
*/ |
1766 |
m_err = sctp_get_mbuf_for_msg(sizeof(*err), 0, M_DONTWAIT, |
1767 |
1, MT_HEADER); |
1768 |
if (m_err != NULL) { |
1769 |
/* pre-reserve some space */ |
1770 |
SCTP_BUF_RESV_UF(m_err, sizeof(struct sctp_chunkhdr)); |
1771 |
/* fill in the error */ |
1772 |
err = mtod(m_err, struct sctp_auth_invalid_hmac *); |
1773 |
bzero(err, sizeof(*err)); |
1774 |
err->ph.param_type = htons(SCTP_CAUSE_UNSUPPORTED_HMACID); |
1775 |
err->ph.param_length = htons(sizeof(*err)); |
1776 |
err->hmac_id = ntohs(hmac_id); |
1777 |
SCTP_BUF_LEN(m_err) = sizeof(*err); |
1778 |
/* queue it */ |
1779 |
sctp_queue_op_err(stcb, m_err); |
1780 |
} |
1781 |
return (-1); |
1782 |
} |
1783 |
/* get the indicated shared key, if available */ |
1784 |
if ((stcb->asoc.authinfo.recv_key == NULL) || |
1785 |
(stcb->asoc.authinfo.recv_keyid != shared_key_id)) { |
1786 |
/* find the shared key on the assoc first */ |
1787 |
skey = sctp_find_sharedkey(&stcb->asoc.shared_keys, |
1788 |
shared_key_id); |
1789 |
/* if the shared key isn't found, discard the chunk */ |
1790 |
if (skey == NULL) { |
1791 |
SCTP_STAT_INCR(sctps_recvivalkeyid); |
1792 |
SCTPDBG(SCTP_DEBUG_AUTH1, |
1793 |
"SCTP Auth: unknown key id %u\n", |
1794 |
shared_key_id); |
1795 |
return (-1); |
1796 |
} |
1797 |
/* generate a notification if this is a new key id */ |
1798 |
if (stcb->asoc.authinfo.recv_keyid != shared_key_id) |
1799 |
/* |
1800 |
* sctp_ulp_notify(SCTP_NOTIFY_AUTH_NEW_KEY, stcb, |
1801 |
* shared_key_id, (void |
1802 |
* *)stcb->asoc.authinfo.recv_keyid); |
1803 |
*/ |
1804 |
sctp_notify_authentication(stcb, SCTP_AUTH_NEW_KEY, |
1805 |
shared_key_id, stcb->asoc.authinfo.recv_keyid, |
1806 |
SCTP_SO_NOT_LOCKED); |
1807 |
/* compute a new recv assoc key and cache it */ |
1808 |
if (stcb->asoc.authinfo.recv_key != NULL) |
1809 |
sctp_free_key(stcb->asoc.authinfo.recv_key); |
1810 |
stcb->asoc.authinfo.recv_key = |
1811 |
sctp_compute_hashkey(stcb->asoc.authinfo.random, |
1812 |
stcb->asoc.authinfo.peer_random, skey->key); |
1813 |
stcb->asoc.authinfo.recv_keyid = shared_key_id; |
1814 |
#ifdef SCTP_DEBUG |
1815 |
if (SCTP_AUTH_DEBUG) |
1816 |
sctp_print_key(stcb->asoc.authinfo.recv_key, "Recv Key"); |
1817 |
#endif |
1818 |
} |
1819 |
/* validate the digest length */ |
1820 |
digestlen = sctp_get_hmac_digest_len(hmac_id); |
1821 |
if (chunklen < (sizeof(*auth) + digestlen)) { |
1822 |
/* invalid digest length */ |
1823 |
SCTP_STAT_INCR(sctps_recvauthfailed); |
1824 |
SCTPDBG(SCTP_DEBUG_AUTH1, |
1825 |
"SCTP Auth: chunk too short for HMAC\n"); |
1826 |
return (-1); |
1827 |
} |
1828 |
/* save a copy of the digest, zero the pseudo header, and validate */ |
1829 |
bcopy(auth->hmac, digest, digestlen); |
1830 |
sctp_bzero_m(m, offset + sizeof(*auth), SCTP_SIZE32(digestlen)); |
1831 |
(void)sctp_compute_hmac_m(hmac_id, stcb->asoc.authinfo.recv_key, |
1832 |
m, offset, computed_digest); |
1833 |
|
1834 |
/* compare the computed digest with the one in the AUTH chunk */ |
1835 |
if (memcmp(digest, computed_digest, digestlen) != 0) { |
1836 |
SCTP_STAT_INCR(sctps_recvauthfailed); |
1837 |
SCTPDBG(SCTP_DEBUG_AUTH1, |
1838 |
"SCTP Auth: HMAC digest check failed\n"); |
1839 |
return (-1); |
1840 |
} |
1841 |
return (0); |
1842 |
} |
1843 |
|
1844 |
/* |
1845 |
* Generate NOTIFICATION |
1846 |
*/ |
1847 |
void |
1848 |
sctp_notify_authentication(struct sctp_tcb *stcb, uint32_t indication, |
1849 |
uint16_t keyid, uint16_t alt_keyid, int so_locked |
1850 |
#if !defined(__APPLE__) && !defined(SCTP_SO_LOCK_TESTING) |
1851 |
SCTP_UNUSED |
1852 |
#endif |
1853 |
) |
1854 |
{ |
1855 |
struct mbuf *m_notify; |
1856 |
struct sctp_authkey_event *auth; |
1857 |
struct sctp_queued_to_read *control; |
1858 |
|
1859 |
if ((stcb == NULL) || |
1860 |
(stcb->sctp_ep->sctp_flags & SCTP_PCB_FLAGS_SOCKET_GONE) || |
1861 |
(stcb->sctp_ep->sctp_flags & SCTP_PCB_FLAGS_SOCKET_ALLGONE) || |
1862 |
(stcb->asoc.state & SCTP_STATE_CLOSED_SOCKET) |
1863 |
) { |
1864 |
/* If the socket is gone we are out of here */ |
1865 |
return; |
1866 |
} |
1867 |
if (sctp_stcb_is_feature_off(stcb->sctp_ep, stcb, SCTP_PCB_FLAGS_AUTHEVNT)) |
1868 |
/* event not enabled */ |
1869 |
return; |
1870 |
|
1871 |
m_notify = sctp_get_mbuf_for_msg(sizeof(struct sctp_authkey_event), |
1872 |
0, M_DONTWAIT, 1, MT_HEADER); |
1873 |
if (m_notify == NULL) |
1874 |
/* no space left */ |
1875 |
return; |
1876 |
|
1877 |
SCTP_BUF_LEN(m_notify) = 0; |
1878 |
auth = mtod(m_notify, struct sctp_authkey_event *); |
1879 |
memset(auth, 0, sizeof(struct sctp_authkey_event)); |
1880 |
auth->auth_type = SCTP_AUTHENTICATION_EVENT; |
1881 |
auth->auth_flags = 0; |
1882 |
auth->auth_length = sizeof(*auth); |
1883 |
auth->auth_keynumber = keyid; |
1884 |
auth->auth_altkeynumber = alt_keyid; |
1885 |
auth->auth_indication = indication; |
1886 |
auth->auth_assoc_id = sctp_get_associd(stcb); |
1887 |
|
1888 |
SCTP_BUF_LEN(m_notify) = sizeof(*auth); |
1889 |
SCTP_BUF_NEXT(m_notify) = NULL; |
1890 |
|
1891 |
/* append to socket */ |
1892 |
control = sctp_build_readq_entry(stcb, stcb->asoc.primary_destination, |
1893 |
0, 0, stcb->asoc.context, 0, 0, 0, m_notify); |
1894 |
if (control == NULL) { |
1895 |
/* no memory */ |
1896 |
sctp_m_freem(m_notify); |
1897 |
return; |
1898 |
} |
1899 |
control->spec_flags = M_NOTIFICATION; |
1900 |
control->length = SCTP_BUF_LEN(m_notify); |
1901 |
/* not that we need this */ |
1902 |
control->tail_mbuf = m_notify; |
1903 |
sctp_add_to_readq(stcb->sctp_ep, stcb, control, |
1904 |
&stcb->sctp_socket->so_rcv, 1, SCTP_READ_LOCK_NOT_HELD, so_locked); |
1905 |
} |
1906 |
|
1907 |
|
1908 |
/*- |
1909 |
* validates the AUTHentication related parameters in an INIT/INIT-ACK |
1910 |
* Note: currently only used for INIT as INIT-ACK is handled inline |
1911 |
* with sctp_load_addresses_from_init() |
1912 |
*/ |
1913 |
int |
1914 |
sctp_validate_init_auth_params(struct mbuf *m, int offset, int limit) |
1915 |
{ |
1916 |
struct sctp_paramhdr *phdr, parm_buf; |
1917 |
uint16_t ptype, plen; |
1918 |
int peer_supports_asconf = 0; |
1919 |
int peer_supports_auth = 0; |
1920 |
int got_random = 0, got_hmacs = 0, got_chklist = 0; |
1921 |
uint8_t saw_asconf = 0; |
1922 |
uint8_t saw_asconf_ack = 0; |
1923 |
|
1924 |
/* go through each of the params. */ |
1925 |
phdr = sctp_get_next_param(m, offset, &parm_buf, sizeof(parm_buf)); |
1926 |
while (phdr) { |
1927 |
ptype = ntohs(phdr->param_type); |
1928 |
plen = ntohs(phdr->param_length); |
1929 |
|
1930 |
if (offset + plen > limit) { |
1931 |
break; |
1932 |
} |
1933 |
if (plen < sizeof(struct sctp_paramhdr)) { |
1934 |
break; |
1935 |
} |
1936 |
if (ptype == SCTP_SUPPORTED_CHUNK_EXT) { |
1937 |
/* A supported extension chunk */ |
1938 |
struct sctp_supported_chunk_types_param *pr_supported; |
1939 |
uint8_t local_store[SCTP_PARAM_BUFFER_SIZE]; |
1940 |
int num_ent, i; |
1941 |
|
1942 |
phdr = sctp_get_next_param(m, offset, |
1943 |
(struct sctp_paramhdr *)&local_store, min(plen, sizeof(local_store))); |
1944 |
if (phdr == NULL) { |
1945 |
return (-1); |
1946 |
} |
1947 |
pr_supported = (struct sctp_supported_chunk_types_param *)phdr; |
1948 |
num_ent = plen - sizeof(struct sctp_paramhdr); |
1949 |
for (i = 0; i < num_ent; i++) { |
1950 |
switch (pr_supported->chunk_types[i]) { |
1951 |
case SCTP_ASCONF: |
1952 |
case SCTP_ASCONF_ACK: |
1953 |
peer_supports_asconf = 1; |
1954 |
break; |
1955 |
default: |
1956 |
/* one we don't care about */ |
1957 |
break; |
1958 |
} |
1959 |
} |
1960 |
} else if (ptype == SCTP_RANDOM) { |
1961 |
got_random = 1; |
1962 |
/* enforce the random length */ |
1963 |
if (plen != (sizeof(struct sctp_auth_random) + |
1964 |
SCTP_AUTH_RANDOM_SIZE_REQUIRED)) { |
1965 |
SCTPDBG(SCTP_DEBUG_AUTH1, |
1966 |
"SCTP: invalid RANDOM len\n"); |
1967 |
return (-1); |
1968 |
} |
1969 |
} else if (ptype == SCTP_HMAC_LIST) { |
1970 |
uint8_t store[SCTP_PARAM_BUFFER_SIZE]; |
1971 |
struct sctp_auth_hmac_algo *hmacs; |
1972 |
int num_hmacs; |
1973 |
|
1974 |
if (plen > sizeof(store)) |
1975 |
break; |
1976 |
phdr = sctp_get_next_param(m, offset, |
1977 |
(struct sctp_paramhdr *)store, min(plen, sizeof(store))); |
1978 |
if (phdr == NULL) |
1979 |
return (-1); |
1980 |
hmacs = (struct sctp_auth_hmac_algo *)phdr; |
1981 |
num_hmacs = (plen - sizeof(*hmacs)) / |
1982 |
sizeof(hmacs->hmac_ids[0]); |
1983 |
/* validate the hmac list */ |
1984 |
if (sctp_verify_hmac_param(hmacs, num_hmacs)) { |
1985 |
SCTPDBG(SCTP_DEBUG_AUTH1, |
1986 |
"SCTP: invalid HMAC param\n"); |
1987 |
return (-1); |
1988 |
} |
1989 |
got_hmacs = 1; |
1990 |
} else if (ptype == SCTP_CHUNK_LIST) { |
1991 |
int i, num_chunks; |
1992 |
uint8_t chunks_store[SCTP_SMALL_CHUNK_STORE]; |
1993 |
|
1994 |
/* did the peer send a non-empty chunk list? */ |
1995 |
struct sctp_auth_chunk_list *chunks = NULL; |
1996 |
|
1997 |
phdr = sctp_get_next_param(m, offset, |
1998 |
(struct sctp_paramhdr *)chunks_store, |
1999 |
min(plen, sizeof(chunks_store))); |
2000 |
if (phdr == NULL) |
2001 |
return (-1); |
2002 |
|
2003 |
/*- |
2004 |
* Flip through the list and mark that the |
2005 |
* peer supports asconf/asconf_ack. |
2006 |
*/ |
2007 |
chunks = (struct sctp_auth_chunk_list *)phdr; |
2008 |
num_chunks = plen - sizeof(*chunks); |
2009 |
for (i = 0; i < num_chunks; i++) { |
2010 |
/* record asconf/asconf-ack if listed */ |
2011 |
if (chunks->chunk_types[i] == SCTP_ASCONF) |
2012 |
saw_asconf = 1; |
2013 |
if (chunks->chunk_types[i] == SCTP_ASCONF_ACK) |
2014 |
saw_asconf_ack = 1; |
2015 |
|
2016 |
} |
2017 |
if (num_chunks) |
2018 |
got_chklist = 1; |
2019 |
} |
2020 |
offset += SCTP_SIZE32(plen); |
2021 |
if (offset >= limit) { |
2022 |
break; |
2023 |
} |
2024 |
phdr = sctp_get_next_param(m, offset, &parm_buf, |
2025 |
sizeof(parm_buf)); |
2026 |
} |
2027 |
/* validate authentication required parameters */ |
2028 |
if (got_random && got_hmacs) { |
2029 |
peer_supports_auth = 1; |
2030 |
} else { |
2031 |
peer_supports_auth = 0; |
2032 |
} |
2033 |
if (!peer_supports_auth && got_chklist) { |
2034 |
SCTPDBG(SCTP_DEBUG_AUTH1, |
2035 |
"SCTP: peer sent chunk list w/o AUTH\n"); |
2036 |
return (-1); |
2037 |
} |
2038 |
if (!SCTP_BASE_SYSCTL(sctp_asconf_auth_nochk) && peer_supports_asconf && |
2039 |
!peer_supports_auth) { |
2040 |
SCTPDBG(SCTP_DEBUG_AUTH1, |
2041 |
"SCTP: peer supports ASCONF but not AUTH\n"); |
2042 |
return (-1); |
2043 |
} else if ((peer_supports_asconf) && (peer_supports_auth) && |
2044 |
((saw_asconf == 0) || (saw_asconf_ack == 0))) { |
2045 |
return (-2); |
2046 |
} |
2047 |
return (0); |
2048 |
} |
2049 |
|
2050 |
void |
2051 |
sctp_initialize_auth_params(struct sctp_inpcb *inp, struct sctp_tcb *stcb) |
2052 |
{ |
2053 |
uint16_t chunks_len = 0; |
2054 |
uint16_t hmacs_len = 0; |
2055 |
uint16_t random_len = SCTP_AUTH_RANDOM_SIZE_DEFAULT; |
2056 |
sctp_key_t *new_key; |
2057 |
uint16_t keylen; |
2058 |
|
2059 |
/* initialize hmac list from endpoint */ |
2060 |
stcb->asoc.local_hmacs = sctp_copy_hmaclist(inp->sctp_ep.local_hmacs); |
2061 |
if (stcb->asoc.local_hmacs != NULL) { |
2062 |
hmacs_len = stcb->asoc.local_hmacs->num_algo * |
2063 |
sizeof(stcb->asoc.local_hmacs->hmac[0]); |
2064 |
} |
2065 |
/* initialize auth chunks list from endpoint */ |
2066 |
stcb->asoc.local_auth_chunks = |
2067 |
sctp_copy_chunklist(inp->sctp_ep.local_auth_chunks); |
2068 |
if (stcb->asoc.local_auth_chunks != NULL) { |
2069 |
int i; |
2070 |
|
2071 |
for (i = 0; i < 256; i++) { |
2072 |
if (stcb->asoc.local_auth_chunks->chunks[i]) |
2073 |
chunks_len++; |
2074 |
} |
2075 |
} |
2076 |
/* copy defaults from the endpoint */ |
2077 |
stcb->asoc.authinfo.active_keyid = inp->sctp_ep.default_keyid; |
2078 |
|
2079 |
/* copy out the shared key list (by reference) from the endpoint */ |
2080 |
(void)sctp_copy_skeylist(&inp->sctp_ep.shared_keys, |
2081 |
&stcb->asoc.shared_keys); |
2082 |
|
2083 |
/* now set the concatenated key (random + chunks + hmacs) */ |
2084 |
/* key includes parameter headers */ |
2085 |
keylen = (3 * sizeof(struct sctp_paramhdr)) + random_len + chunks_len + |
2086 |
hmacs_len; |
2087 |
new_key = sctp_alloc_key(keylen); |
2088 |
if (new_key != NULL) { |
2089 |
struct sctp_paramhdr *ph; |
2090 |
int plen; |
2091 |
|
2092 |
/* generate and copy in the RANDOM */ |
2093 |
ph = (struct sctp_paramhdr *)new_key->key; |
2094 |
ph->param_type = htons(SCTP_RANDOM); |
2095 |
plen = sizeof(*ph) + random_len; |
2096 |
ph->param_length = htons(plen); |
2097 |
SCTP_READ_RANDOM(new_key->key + sizeof(*ph), random_len); |
2098 |
keylen = plen; |
2099 |
|
2100 |
/* append in the AUTH chunks */ |
2101 |
/* NOTE: currently we always have chunks to list */ |
2102 |
ph = (struct sctp_paramhdr *)(new_key->key + keylen); |
2103 |
ph->param_type = htons(SCTP_CHUNK_LIST); |
2104 |
plen = sizeof(*ph) + chunks_len; |
2105 |
ph->param_length = htons(plen); |
2106 |
keylen += sizeof(*ph); |
2107 |
if (stcb->asoc.local_auth_chunks) { |
2108 |
int i; |
2109 |
|
2110 |
for (i = 0; i < 256; i++) { |
2111 |
if (stcb->asoc.local_auth_chunks->chunks[i]) |
2112 |
new_key->key[keylen++] = i; |
2113 |
} |
2114 |
} |
2115 |
/* append in the HMACs */ |
2116 |
ph = (struct sctp_paramhdr *)(new_key->key + keylen); |
2117 |
ph->param_type = htons(SCTP_HMAC_LIST); |
2118 |
plen = sizeof(*ph) + hmacs_len; |
2119 |
ph->param_length = htons(plen); |
2120 |
keylen += sizeof(*ph); |
2121 |
(void)sctp_serialize_hmaclist(stcb->asoc.local_hmacs, |
2122 |
new_key->key + keylen); |
2123 |
} |
2124 |
if (stcb->asoc.authinfo.random != NULL) |
2125 |
sctp_free_key(stcb->asoc.authinfo.random); |
2126 |
stcb->asoc.authinfo.random = new_key; |
2127 |
stcb->asoc.authinfo.random_len = random_len; |
2128 |
} |