diff options
Diffstat (limited to 'sys/dev/if_wg/include/sys/wg_cookie.h')
-rw-r--r-- | sys/dev/if_wg/include/sys/wg_cookie.h | 174 |
1 files changed, 0 insertions, 174 deletions
diff --git a/sys/dev/if_wg/include/sys/wg_cookie.h b/sys/dev/if_wg/include/sys/wg_cookie.h deleted file mode 100644 index 0bac8fefaf42..000000000000 --- a/sys/dev/if_wg/include/sys/wg_cookie.h +++ /dev/null @@ -1,174 +0,0 @@ -/* - * Copyright (C) 2015-2020 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved. - * Copyright (C) 2019-2020 Matt Dunwoodie <ncon@noconroy.net> - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - * - * ======== wg_cookie.h ======== - * - * This file provides a thread safe interface to the WireGuard cookie - * mechanism. It is split into three parts: - * - * * cookie_maker - * Used to create MACs for messages. - * * cookie_checker - * Used to validate MACs for messages. - * * cookie_macs - * The MACs that authenticate the message. - * - * The MACs provide two properties: - * * mac1 - That the remote end knows a value. - * * mac2 - That the remote end has a specific IP address. - * - * void cookie_maker_init(cookie_maker, ipl, input) - * - Initialise cookie_maker, should only be called once and before use. - * input is the shared value used for mac1. - * - * int cookie_checker_init(cookie_checker, ipl) - * - Initialise cookie_checker, should only be called once and before use. It - * will return ENOBUFS if it cannot allocate required memory. - * - * void cookie_checker_update(cookie_checker, input) - * - Set the input value to check mac1 against. - * - * void cookie_checker_deinit(cookie_checker) - * - Destroy all values associated with cookie_checker. cookie_checker must - * not be used after calling this function. - * - * void cookie_checker_create_payload(cookie_checker, cookie_macs, nonce, - * payload, sockaddr) - * - Create a specific payload derived from the sockaddr. The payload is an - * encrypted shared secret, that the cookie_maker will decrypt and used to - * key the mac2 value. - * - * int cookie_maker_consume_payload(cookie_maker, nonce, payload) - * - Have cookie_maker consume the payload. - * - * void cookie_maker_mac(cookie_maker, cookie_macs, message, len) - * - Create cookie_macs for the message of length len. It will always compute - * mac1, however will only compute mac2 if we have recently received a - * payload to key it with. - * - * int cookie_checker_validate_macs(cookie_checker, cookie_macs, message, len, - * busy, sockaddr) - * - Use cookie_checker to validate the cookie_macs of message with length - * len. If busy, then ratelimiting will be applied to the sockaddr. - * - * ========================== - * $FreeBSD$ - */ - -#ifndef __COOKIE_H__ -#define __COOKIE_H__ - -#include <sys/types.h> -#include <sys/time.h> -#include <sys/rwlock.h> -#include <sys/queue.h> -#include <sys/support.h> - -#include <netinet/in.h> - -#include <crypto/blake2s.h> - -#define COOKIE_MAC_SIZE 16 -#define COOKIE_KEY_SIZE 32 -#define COOKIE_XNONCE_SIZE 24 -#define COOKIE_COOKIE_SIZE 16 -#define COOKIE_SECRET_SIZE 32 -#define COOKIE_INPUT_SIZE 32 -#define COOKIE_ENCRYPTED_SIZE (COOKIE_COOKIE_SIZE + COOKIE_MAC_SIZE) - -#define COOKIE_MAC1_KEY_LABEL "mac1----" -#define COOKIE_COOKIE_KEY_LABEL "cookie--" -#define COOKIE_SECRET_MAX_AGE 120 -#define COOKIE_SECRET_LATENCY 5 - -/* Constants for initiation rate limiting */ -#define RATELIMIT_SIZE (1 << 10) -#define RATELIMIT_SIZE_MAX (RATELIMIT_SIZE * 8) -#define NSEC_PER_SEC 1000000000LL -#define INITIATIONS_PER_SECOND 50 -#define INITIATIONS_BURSTABLE 10 -#define INITIATION_COST (NSEC_PER_SEC / INITIATIONS_PER_SECOND) -#define TOKEN_MAX (INITIATION_COST * INITIATIONS_BURSTABLE) -#define ELEMENT_TIMEOUT 1 -#define IPV4_MASK_SIZE 4 /* Use all 4 bytes of IPv4 address */ -#define IPV6_MASK_SIZE 8 /* Use top 8 bytes (/64) of IPv6 address */ - -struct cookie_macs { - uint8_t mac1[COOKIE_MAC_SIZE]; - uint8_t mac2[COOKIE_MAC_SIZE]; -} __packed; - -struct ratelimit_entry { - LIST_ENTRY(ratelimit_entry) r_entry; - sa_family_t r_af; - union { - struct in_addr r_in; - struct in6_addr r_in6; - }; - struct timespec r_last_time; /* nanouptime */ - uint64_t r_tokens; -}; - -struct ratelimit { - SIPHASH_KEY rl_secret; - uma_zone_t rl_zone; - - struct rwlock rl_lock; - LIST_HEAD(, ratelimit_entry) *rl_table; - u_long rl_table_mask; - size_t rl_table_num; - struct timespec rl_last_gc; /* nanouptime */ -}; - -struct cookie_maker { - uint8_t cp_mac1_key[COOKIE_KEY_SIZE]; - uint8_t cp_cookie_key[COOKIE_KEY_SIZE]; - - struct rwlock cp_lock; - uint8_t cp_cookie[COOKIE_COOKIE_SIZE]; - struct timespec cp_birthdate; /* nanouptime */ - int cp_mac1_valid; - uint8_t cp_mac1_last[COOKIE_MAC_SIZE]; -}; - -struct cookie_checker { - struct ratelimit cc_ratelimit; - - struct rwlock cc_key_lock; - uint8_t cc_mac1_key[COOKIE_KEY_SIZE]; - uint8_t cc_cookie_key[COOKIE_KEY_SIZE]; - - struct rwlock cc_secret_lock; - struct timespec cc_secret_birthdate; /* nanouptime */ - uint8_t cc_secret[COOKIE_SECRET_SIZE]; -}; - -void cookie_maker_init(struct cookie_maker *, const uint8_t[COOKIE_INPUT_SIZE]); -int cookie_checker_init(struct cookie_checker *, uma_zone_t); -void cookie_checker_update(struct cookie_checker *, - uint8_t[COOKIE_INPUT_SIZE]); -void cookie_checker_deinit(struct cookie_checker *); -void cookie_checker_create_payload(struct cookie_checker *, - struct cookie_macs *cm, uint8_t[COOKIE_XNONCE_SIZE], - uint8_t [COOKIE_ENCRYPTED_SIZE], struct sockaddr *); -int cookie_maker_consume_payload(struct cookie_maker *, - uint8_t[COOKIE_XNONCE_SIZE], uint8_t[COOKIE_ENCRYPTED_SIZE]); -void cookie_maker_mac(struct cookie_maker *, struct cookie_macs *, - void *, size_t); -int cookie_checker_validate_macs(struct cookie_checker *, - struct cookie_macs *, void *, size_t, int, struct sockaddr *); - -#endif /* __COOKIE_H__ */ |