[PATCH 3/3] xfrm: Use the user specified truncation length in ESP and AH
Instead of using the hardcoded truncation for authentication algorithms, use the truncation length specified on xfrm_state. Signed-off-by: Martin Willi mar...@strongswan.org --- net/ipv4/ah4.c |2 +- net/ipv4/esp4.c |2 +- net/ipv6/ah6.c |2 +- net/ipv6/esp6.c |2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/net/ipv4/ah4.c b/net/ipv4/ah4.c index 5c66270..b7be5ed 100644 --- a/net/ipv4/ah4.c +++ b/net/ipv4/ah4.c @@ -261,7 +261,7 @@ static int ah_init_state(struct xfrm_state *x) } ahp-icv_full_len = aalg_desc-uinfo.auth.icv_fullbits/8; - ahp-icv_trunc_len = aalg_desc-uinfo.auth.icv_truncbits/8; + ahp-icv_trunc_len = x-aalg-alg_trunc_len/8; BUG_ON(ahp-icv_trunc_len MAX_AH_AUTH_LEN); diff --git a/net/ipv4/esp4.c b/net/ipv4/esp4.c index 12f7287..1948895 100644 --- a/net/ipv4/esp4.c +++ b/net/ipv4/esp4.c @@ -530,7 +530,7 @@ static int esp_init_authenc(struct xfrm_state *x) } err = crypto_aead_setauthsize( - aead, aalg_desc-uinfo.auth.icv_truncbits / 8); + aead, x-aalg-alg_trunc_len / 8); if (err) goto free_key; } diff --git a/net/ipv6/ah6.c b/net/ipv6/ah6.c index c1589e2..0c2ae68 100644 --- a/net/ipv6/ah6.c +++ b/net/ipv6/ah6.c @@ -469,7 +469,7 @@ static int ah6_init_state(struct xfrm_state *x) } ahp-icv_full_len = aalg_desc-uinfo.auth.icv_fullbits/8; - ahp-icv_trunc_len = aalg_desc-uinfo.auth.icv_truncbits/8; + ahp-icv_trunc_len = x-aalg-alg_trunc_len/8; BUG_ON(ahp-icv_trunc_len MAX_AH_AUTH_LEN); diff --git a/net/ipv6/esp6.c b/net/ipv6/esp6.c index af597c7..668a46b 100644 --- a/net/ipv6/esp6.c +++ b/net/ipv6/esp6.c @@ -473,7 +473,7 @@ static int esp_init_authenc(struct xfrm_state *x) } err = crypto_aead_setauthsize( - aead, aalg_desc-uinfo.auth.icv_truncbits / 8); + aead, x-aalg-alg_trunc_len / 8); if (err) goto free_key; } -- 1.6.3.3 -- To unsubscribe from this list: send the line unsubscribe linux-crypto in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH 0/3] xfrm: Custom truncation lengths for authentication algorithms
The following patchset adds support for defining truncation lengths for authentication algorithms in userspace. The main purpose for this is to support SHA256 in IPsec using the standardized 128 bit instead of the currently used 96 bit truncation. Martin Willi (3): xfrm: Define new XFRM netlink auth attribute with specified truncation bits xfrm: Store aalg in xfrm_state with a user specified truncation length xfrm: Use the user specified truncation length in ESP and AH include/linux/xfrm.h |8 +++ include/net/xfrm.h| 12 - net/ipv4/ah4.c|2 +- net/ipv4/esp4.c |2 +- net/ipv6/ah6.c|2 +- net/ipv6/esp6.c |2 +- net/xfrm/xfrm_state.c |2 +- net/xfrm/xfrm_user.c | 129 ++--- 8 files changed, 145 insertions(+), 14 deletions(-) -- To unsubscribe from this list: send the line unsubscribe linux-crypto in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH 2/3] xfrm: Store aalg in xfrm_state with a user specified truncation length
Adding a xfrm_state requires an authentication algorithm specified
either as xfrm_algo or as xfrm_algo_auth with a specific truncation
length. For compatibility, both attributes are dumped to userspace,
and we also accept both attributes, but prefer the new syntax.
If no truncation length is specified, or the authentication algorithm
is specified using xfrm_algo, the truncation length from the algorithm
description in the kernel is used.
Signed-off-by: Martin Willi mar...@strongswan.org
---
include/net/xfrm.h| 12 -
net/xfrm/xfrm_state.c |2 +-
net/xfrm/xfrm_user.c | 129 ++---
3 files changed, 133 insertions(+), 10 deletions(-)
diff --git a/include/net/xfrm.h b/include/net/xfrm.h
index 223e90a..762327d 100644
--- a/include/net/xfrm.h
+++ b/include/net/xfrm.h
@@ -160,7 +160,7 @@ struct xfrm_state
struct xfrm_lifetime_cfg lft;
/* Data for transformer */
- struct xfrm_algo*aalg;
+ struct xfrm_algo_auth *aalg;
struct xfrm_algo*ealg;
struct xfrm_algo*calg;
struct xfrm_algo_aead *aead;
@@ -1541,12 +1541,22 @@ static inline int xfrm_alg_len(struct xfrm_algo *alg)
return sizeof(*alg) + ((alg-alg_key_len + 7) / 8);
}
+static inline int xfrm_alg_auth_len(struct xfrm_algo_auth *alg)
+{
+ return sizeof(*alg) + ((alg-alg_key_len + 7) / 8);
+}
+
#ifdef CONFIG_XFRM_MIGRATE
static inline struct xfrm_algo *xfrm_algo_clone(struct xfrm_algo *orig)
{
return kmemdup(orig, xfrm_alg_len(orig), GFP_KERNEL);
}
+static inline struct xfrm_algo_auth *xfrm_algo_auth_clone(struct
xfrm_algo_auth *orig)
+{
+ return kmemdup(orig, xfrm_alg_auth_len(orig), GFP_KERNEL);
+}
+
static inline void xfrm_states_put(struct xfrm_state **states, int n)
{
int i;
diff --git a/net/xfrm/xfrm_state.c b/net/xfrm/xfrm_state.c
index f2f7c63..67121ce 100644
--- a/net/xfrm/xfrm_state.c
+++ b/net/xfrm/xfrm_state.c
@@ -1110,7 +1110,7 @@ static struct xfrm_state *xfrm_state_clone(struct
xfrm_state *orig, int *errp)
x-props.saddr = orig-props.saddr;
if (orig-aalg) {
- x-aalg = xfrm_algo_clone(orig-aalg);
+ x-aalg = xfrm_algo_auth_clone(orig-aalg);
if (!x-aalg)
goto error;
}
diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c
index b95a2d6..fb42d77 100644
--- a/net/xfrm/xfrm_user.c
+++ b/net/xfrm/xfrm_user.c
@@ -62,6 +62,22 @@ static int verify_one_alg(struct nlattr **attrs, enum
xfrm_attr_type_t type)
return 0;
}
+static int verify_auth_trunc(struct nlattr **attrs)
+{
+ struct nlattr *rt = attrs[XFRMA_ALG_AUTH_TRUNC];
+ struct xfrm_algo_auth *algp;
+
+ if (!rt)
+ return 0;
+
+ algp = nla_data(rt);
+ if (nla_len(rt) xfrm_alg_auth_len(algp))
+ return -EINVAL;
+
+ algp-alg_name[CRYPTO_MAX_ALG_NAME - 1] = '\0';
+ return 0;
+}
+
static int verify_aead(struct nlattr **attrs)
{
struct nlattr *rt = attrs[XFRMA_ALG_AEAD];
@@ -128,7 +144,8 @@ static int verify_newsa_info(struct xfrm_usersa_info *p,
err = -EINVAL;
switch (p-id.proto) {
case IPPROTO_AH:
- if (!attrs[XFRMA_ALG_AUTH] ||
+ if ((!attrs[XFRMA_ALG_AUTH]
+!attrs[XFRMA_ALG_AUTH_TRUNC]) ||
attrs[XFRMA_ALG_AEAD] ||
attrs[XFRMA_ALG_CRYPT] ||
attrs[XFRMA_ALG_COMP])
@@ -139,10 +156,12 @@ static int verify_newsa_info(struct xfrm_usersa_info *p,
if (attrs[XFRMA_ALG_COMP])
goto out;
if (!attrs[XFRMA_ALG_AUTH]
+ !attrs[XFRMA_ALG_AUTH_TRUNC]
!attrs[XFRMA_ALG_CRYPT]
!attrs[XFRMA_ALG_AEAD])
goto out;
if ((attrs[XFRMA_ALG_AUTH] ||
+attrs[XFRMA_ALG_AUTH_TRUNC] ||
attrs[XFRMA_ALG_CRYPT])
attrs[XFRMA_ALG_AEAD])
goto out;
@@ -152,6 +171,7 @@ static int verify_newsa_info(struct xfrm_usersa_info *p,
if (!attrs[XFRMA_ALG_COMP] ||
attrs[XFRMA_ALG_AEAD] ||
attrs[XFRMA_ALG_AUTH] ||
+ attrs[XFRMA_ALG_AUTH_TRUNC] ||
attrs[XFRMA_ALG_CRYPT])
goto out;
break;
@@ -161,6 +181,7 @@ static int verify_newsa_info(struct xfrm_usersa_info *p,
case IPPROTO_ROUTING:
if (attrs[XFRMA_ALG_COMP] ||
attrs[XFRMA_ALG_AUTH] ||
+ attrs[XFRMA_ALG_AUTH_TRUNC] ||
attrs[XFRMA_ALG_AEAD] ||
attrs[XFRMA_ALG_CRYPT] ||
attrs[XFRMA_ENCAP] ||
@@ -176,6 +197,8 @@ static int verify_newsa_info(struct
[PATCH 1/3] xfrm: Define new XFRM netlink auth attribute with specified truncation bits
The new XFRMA_ALG_AUTH_TRUNC attribute taking a xfrm_algo_auth as
argument allows the installation of authentication algorithms with
a truncation length specified in userspace, i.e. SHA256 with 128 bit
instead of 96 bit truncation.
Signed-off-by: Martin Willi mar...@strongswan.org
---
include/linux/xfrm.h |8
1 files changed, 8 insertions(+), 0 deletions(-)
diff --git a/include/linux/xfrm.h b/include/linux/xfrm.h
index 2d4ec15..d28e853 100644
--- a/include/linux/xfrm.h
+++ b/include/linux/xfrm.h
@@ -96,6 +96,13 @@ struct xfrm_algo {
charalg_key[0];
};
+struct xfrm_algo_auth {
+ charalg_name[64];
+ unsigned intalg_key_len;/* in bits */
+ unsigned intalg_trunc_len; /* in bits */
+ charalg_key[0];
+};
+
struct xfrm_algo_aead {
charalg_name[64];
unsigned intalg_key_len;/* in bits */
@@ -283,6 +290,7 @@ enum xfrm_attr_type_t {
XFRMA_MIGRATE,
XFRMA_ALG_AEAD, /* struct xfrm_algo_aead */
XFRMA_KMADDRESS,/* struct xfrm_user_kmaddress */
+ XFRMA_ALG_AUTH_TRUNC, /* struct xfrm_algo_auth */
__XFRMA_MAX
#define XFRMA_MAX (__XFRMA_MAX - 1)
--
1.6.3.3
--
To unsubscribe from this list: send the line unsubscribe linux-crypto in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH] xfrm: Add SHA384 and SHA512 HMAC authentication algorithms to XFRM
These algorithms use a truncation of 192/256 bits, as specified
in RFC4868.
Signed-off-by: Martin Willi mar...@strongswan.org
---
net/xfrm/xfrm_algo.c | 34 ++
1 files changed, 34 insertions(+), 0 deletions(-)
diff --git a/net/xfrm/xfrm_algo.c b/net/xfrm/xfrm_algo.c
index faf54c6..480afda 100644
--- a/net/xfrm/xfrm_algo.c
+++ b/net/xfrm/xfrm_algo.c
@@ -200,6 +200,40 @@ static struct xfrm_algo_desc aalg_list[] = {
}
},
{
+ .name = hmac(sha384),
+
+ .uinfo = {
+ .auth = {
+ .icv_truncbits = 192,
+ .icv_fullbits = 384,
+ }
+ },
+
+ .desc = {
+ .sadb_alg_id = SADB_X_AALG_SHA2_384HMAC,
+ .sadb_alg_ivlen = 0,
+ .sadb_alg_minbits = 384,
+ .sadb_alg_maxbits = 384
+ }
+},
+{
+ .name = hmac(sha512),
+
+ .uinfo = {
+ .auth = {
+ .icv_truncbits = 256,
+ .icv_fullbits = 512,
+ }
+ },
+
+ .desc = {
+ .sadb_alg_id = SADB_X_AALG_SHA2_512HMAC,
+ .sadb_alg_ivlen = 0,
+ .sadb_alg_minbits = 512,
+ .sadb_alg_maxbits = 512
+ }
+},
+{
.name = hmac(rmd160),
.compat = rmd160,
--
1.6.3.3
--
To unsubscribe from this list: send the line unsubscribe linux-crypto in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH 0/3] xfrm: Custom truncation lengths for authentication algorithms
On Wed, Nov 25, 2009 at 11:29:50AM +0100, Martin Willi wrote:
The following patchset adds support for defining truncation lengths
for authentication algorithms in userspace. The main purpose for this
is to support SHA256 in IPsec using the standardized 128 bit
instead of the currently used 96 bit truncation.
Martin Willi (3):
xfrm: Define new XFRM netlink auth attribute with specified
truncation bits
xfrm: Store aalg in xfrm_state with a user specified truncation
length
xfrm: Use the user specified truncation length in ESP and AH
Looks great to me. Thanks Martin!
--
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmVHI~} herb...@gondor.apana.org.au
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
--
To unsubscribe from this list: send the line unsubscribe linux-crypto in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH] xfrm: Add SHA384 and SHA512 HMAC authentication algorithms to XFRM
On Wed, Nov 25, 2009 at 11:58:39AM +0100, Martin Willi wrote:
These algorithms use a truncation of 192/256 bits, as specified
in RFC4868.
Signed-off-by: Martin Willi mar...@strongswan.org
Acked-by: Herbert Xu herb...@gondor.apana.org.au
--
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmVHI~} herb...@gondor.apana.org.au
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
--
To unsubscribe from this list: send the line unsubscribe linux-crypto in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH 0/3] xfrm: Custom truncation lengths for authentication algorithms
From: Martin Willi mar...@strongswan.org Date: Wed, 25 Nov 2009 11:29:50 +0100 The following patchset adds support for defining truncation lengths for authentication algorithms in userspace. The main purpose for this is to support SHA256 in IPsec using the standardized 128 bit instead of the currently used 96 bit truncation. Martin Willi (3): xfrm: Define new XFRM netlink auth attribute with specified truncation bits xfrm: Store aalg in xfrm_state with a user specified truncation length xfrm: Use the user specified truncation length in ESP and AH All applied to net-next-2.6, thanks! -- To unsubscribe from this list: send the line unsubscribe linux-crypto in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH] xfrm: Add SHA384 and SHA512 HMAC authentication algorithms to XFRM
From: Herbert Xu herb...@gondor.apana.org.au Date: Wed, 25 Nov 2009 20:11:40 +0800 On Wed, Nov 25, 2009 at 11:58:39AM +0100, Martin Willi wrote: These algorithms use a truncation of 192/256 bits, as specified in RFC4868. Signed-off-by: Martin Willi mar...@strongswan.org Acked-by: Herbert Xu herb...@gondor.apana.org.au Applied to net-next-2.6 -- To unsubscribe from this list: send the line unsubscribe linux-crypto in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
