Orange Pi5 kernel

Deprecated Linux kernel 5.10.110 for OrangePi 5/5B/5+ boards

3 Commits   0 Branches   0 Tags
Index
Trunk
Branches
Tags
Trunk
Branches
Tags
Home page
Home page
orangepi/linux-orangepi-5.10.y.git/trunk/drivers/net/wireguard/messages.h 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   1) /* SPDX-License-Identifier: GPL-2.0 */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   2) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   3)  * Copyright (C) 2015-2019 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   4)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   5) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   6) #ifndef _WG_MESSAGES_H
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   7) #define _WG_MESSAGES_H
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   8) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   9) #include <crypto/curve25519.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  10) #include <crypto/chacha20poly1305.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  11) #include <crypto/blake2s.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  12) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  13) #include <linux/kernel.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  14) #include <linux/param.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  15) #include <linux/skbuff.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  16) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  17) enum noise_lengths {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  18) 	NOISE_PUBLIC_KEY_LEN = CURVE25519_KEY_SIZE,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  19) 	NOISE_SYMMETRIC_KEY_LEN = CHACHA20POLY1305_KEY_SIZE,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  20) 	NOISE_TIMESTAMP_LEN = sizeof(u64) + sizeof(u32),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  21) 	NOISE_AUTHTAG_LEN = CHACHA20POLY1305_AUTHTAG_SIZE,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  22) 	NOISE_HASH_LEN = BLAKE2S_HASH_SIZE
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  23) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  24) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  25) #define noise_encrypted_len(plain_len) ((plain_len) + NOISE_AUTHTAG_LEN)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  26) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  27) enum cookie_values {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  28) 	COOKIE_SECRET_MAX_AGE = 2 * 60,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  29) 	COOKIE_SECRET_LATENCY = 5,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  30) 	COOKIE_NONCE_LEN = XCHACHA20POLY1305_NONCE_SIZE,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  31) 	COOKIE_LEN = 16
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  32) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  33) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  34) enum counter_values {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  35) 	COUNTER_BITS_TOTAL = 8192,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  36) 	COUNTER_REDUNDANT_BITS = BITS_PER_LONG,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  37) 	COUNTER_WINDOW_SIZE = COUNTER_BITS_TOTAL - COUNTER_REDUNDANT_BITS
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  38) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  39) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  40) enum limits {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  41) 	REKEY_AFTER_MESSAGES = 1ULL << 60,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  42) 	REJECT_AFTER_MESSAGES = U64_MAX - COUNTER_WINDOW_SIZE - 1,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  43) 	REKEY_TIMEOUT = 5,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  44) 	REKEY_TIMEOUT_JITTER_MAX_JIFFIES = HZ / 3,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  45) 	REKEY_AFTER_TIME = 120,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  46) 	REJECT_AFTER_TIME = 180,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  47) 	INITIATIONS_PER_SECOND = 50,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  48) 	MAX_PEERS_PER_DEVICE = 1U << 20,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  49) 	KEEPALIVE_TIMEOUT = 10,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  50) 	MAX_TIMER_HANDSHAKES = 90 / REKEY_TIMEOUT,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  51) 	MAX_QUEUED_INCOMING_HANDSHAKES = 4096, /* TODO: replace this with DQL */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  52) 	MAX_STAGED_PACKETS = 128,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  53) 	MAX_QUEUED_PACKETS = 1024 /* TODO: replace this with DQL */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  54) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  55) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  56) enum message_type {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  57) 	MESSAGE_INVALID = 0,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  58) 	MESSAGE_HANDSHAKE_INITIATION = 1,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  59) 	MESSAGE_HANDSHAKE_RESPONSE = 2,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  60) 	MESSAGE_HANDSHAKE_COOKIE = 3,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  61) 	MESSAGE_DATA = 4
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  62) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  63) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  64) struct message_header {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  65) 	/* The actual layout of this that we want is:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  66) 	 * u8 type
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  67) 	 * u8 reserved_zero[3]
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  68) 	 *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  69) 	 * But it turns out that by encoding this as little endian,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  70) 	 * we achieve the same thing, and it makes checking faster.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  71) 	 */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  72) 	__le32 type;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  73) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  74) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  75) struct message_macs {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  76) 	u8 mac1[COOKIE_LEN];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  77) 	u8 mac2[COOKIE_LEN];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  78) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  79) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  80) struct message_handshake_initiation {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  81) 	struct message_header header;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  82) 	__le32 sender_index;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  83) 	u8 unencrypted_ephemeral[NOISE_PUBLIC_KEY_LEN];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  84) 	u8 encrypted_static[noise_encrypted_len(NOISE_PUBLIC_KEY_LEN)];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  85) 	u8 encrypted_timestamp[noise_encrypted_len(NOISE_TIMESTAMP_LEN)];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  86) 	struct message_macs macs;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  87) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  88) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  89) struct message_handshake_response {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  90) 	struct message_header header;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  91) 	__le32 sender_index;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  92) 	__le32 receiver_index;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  93) 	u8 unencrypted_ephemeral[NOISE_PUBLIC_KEY_LEN];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  94) 	u8 encrypted_nothing[noise_encrypted_len(0)];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  95) 	struct message_macs macs;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  96) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  97) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  98) struct message_handshake_cookie {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  99) 	struct message_header header;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 100) 	__le32 receiver_index;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 101) 	u8 nonce[COOKIE_NONCE_LEN];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 102) 	u8 encrypted_cookie[noise_encrypted_len(COOKIE_LEN)];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 103) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 104) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 105) struct message_data {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 106) 	struct message_header header;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 107) 	__le32 key_idx;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 108) 	__le64 counter;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 109) 	u8 encrypted_data[];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 110) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 111) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 112) #define message_data_len(plain_len) \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 113) 	(noise_encrypted_len(plain_len) + sizeof(struct message_data))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 114) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 115) enum message_alignments {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 116) 	MESSAGE_PADDING_MULTIPLE = 16,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 117) 	MESSAGE_MINIMUM_LENGTH = message_data_len(0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 118) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 119) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 120) #define SKB_HEADER_LEN                                       \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 121) 	(max(sizeof(struct iphdr), sizeof(struct ipv6hdr)) + \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 122) 	 sizeof(struct udphdr) + NET_SKB_PAD)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 123) #define DATA_PACKET_HEAD_ROOM \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 124) 	ALIGN(sizeof(struct message_data) + SKB_HEADER_LEN, 4)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 125) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 126) enum { HANDSHAKE_DSCP = 0x88 /* AF41, plus 00 ECN */ };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 127) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 128) #endif /* _WG_MESSAGES_H */
cGit-ui 0.1.7
Git 2.40.0
Nginx 1.22.1

Where any material of this site is being reproduced, published or issued to others the reference to the source is obligatory.

© Andrey V. Kosteltsev, 2019 – 2025.