^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1) /* SPDX-License-Identifier: GPL-2.0 */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3) * Copyright (C) 2015-2019 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 5) #ifndef _WG_NOISE_H
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 6) #define _WG_NOISE_H
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 7)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 8) #include "messages.h"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 9) #include "peerlookup.h"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 10)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 11) #include <linux/types.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 12) #include <linux/spinlock.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 13) #include <linux/atomic.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 14) #include <linux/rwsem.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 15) #include <linux/mutex.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 16) #include <linux/kref.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 17)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 18) struct noise_replay_counter {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 19) u64 counter;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 20) spinlock_t lock;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 21) unsigned long backtrack[COUNTER_BITS_TOTAL / BITS_PER_LONG];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 22) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 23)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 24) struct noise_symmetric_key {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 25) u8 key[NOISE_SYMMETRIC_KEY_LEN];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 26) u64 birthdate;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 27) bool is_valid;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 28) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 29)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 30) struct noise_keypair {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 31) struct index_hashtable_entry entry;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 32) struct noise_symmetric_key sending;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 33) atomic64_t sending_counter;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 34) struct noise_symmetric_key receiving;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 35) struct noise_replay_counter receiving_counter;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 36) __le32 remote_index;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 37) bool i_am_the_initiator;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 38) struct kref refcount;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 39) struct rcu_head rcu;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 40) u64 internal_id;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 41) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 42)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 43) struct noise_keypairs {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 44) struct noise_keypair __rcu *current_keypair;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 45) struct noise_keypair __rcu *previous_keypair;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 46) struct noise_keypair __rcu *next_keypair;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 47) spinlock_t keypair_update_lock;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 48) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 49)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 50) struct noise_static_identity {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 51) u8 static_public[NOISE_PUBLIC_KEY_LEN];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 52) u8 static_private[NOISE_PUBLIC_KEY_LEN];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 53) struct rw_semaphore lock;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 54) bool has_identity;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 55) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 56)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 57) enum noise_handshake_state {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 58) HANDSHAKE_ZEROED,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 59) HANDSHAKE_CREATED_INITIATION,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 60) HANDSHAKE_CONSUMED_INITIATION,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 61) HANDSHAKE_CREATED_RESPONSE,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 62) HANDSHAKE_CONSUMED_RESPONSE
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 63) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 64)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 65) struct noise_handshake {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 66) struct index_hashtable_entry entry;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 67)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 68) enum noise_handshake_state state;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 69) u64 last_initiation_consumption;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 70)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 71) struct noise_static_identity *static_identity;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 72)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 73) u8 ephemeral_private[NOISE_PUBLIC_KEY_LEN];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 74) u8 remote_static[NOISE_PUBLIC_KEY_LEN];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 75) u8 remote_ephemeral[NOISE_PUBLIC_KEY_LEN];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 76) u8 precomputed_static_static[NOISE_PUBLIC_KEY_LEN];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 77)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 78) u8 preshared_key[NOISE_SYMMETRIC_KEY_LEN];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 79)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 80) u8 hash[NOISE_HASH_LEN];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 81) u8 chaining_key[NOISE_HASH_LEN];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 82)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 83) u8 latest_timestamp[NOISE_TIMESTAMP_LEN];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 84) __le32 remote_index;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 85)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 86) /* Protects all members except the immutable (after noise_handshake_
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 87) * init): remote_static, precomputed_static_static, static_identity.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 88) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 89) struct rw_semaphore lock;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 90) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 91)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 92) struct wg_device;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 93)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 94) void wg_noise_init(void);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 95) void wg_noise_handshake_init(struct noise_handshake *handshake,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 96) struct noise_static_identity *static_identity,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 97) const u8 peer_public_key[NOISE_PUBLIC_KEY_LEN],
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 98) const u8 peer_preshared_key[NOISE_SYMMETRIC_KEY_LEN],
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 99) struct wg_peer *peer);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 100) void wg_noise_handshake_clear(struct noise_handshake *handshake);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 101) static inline void wg_noise_reset_last_sent_handshake(atomic64_t *handshake_ns)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 102) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 103) atomic64_set(handshake_ns, ktime_get_coarse_boottime_ns() -
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 104) (u64)(REKEY_TIMEOUT + 1) * NSEC_PER_SEC);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 105) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 106)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 107) void wg_noise_keypair_put(struct noise_keypair *keypair, bool unreference_now);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 108) struct noise_keypair *wg_noise_keypair_get(struct noise_keypair *keypair);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 109) void wg_noise_keypairs_clear(struct noise_keypairs *keypairs);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 110) bool wg_noise_received_with_keypair(struct noise_keypairs *keypairs,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 111) struct noise_keypair *received_keypair);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 112) void wg_noise_expire_current_peer_keypairs(struct wg_peer *peer);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 113)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 114) void wg_noise_set_static_identity_private_key(
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 115) struct noise_static_identity *static_identity,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 116) const u8 private_key[NOISE_PUBLIC_KEY_LEN]);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 117) void wg_noise_precompute_static_static(struct wg_peer *peer);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 118)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 119) bool
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 120) wg_noise_handshake_create_initiation(struct message_handshake_initiation *dst,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 121) struct noise_handshake *handshake);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 122) struct wg_peer *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 123) wg_noise_handshake_consume_initiation(struct message_handshake_initiation *src,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 124) struct wg_device *wg);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 125)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 126) bool wg_noise_handshake_create_response(struct message_handshake_response *dst,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 127) struct noise_handshake *handshake);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 128) struct wg_peer *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 129) wg_noise_handshake_consume_response(struct message_handshake_response *src,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 130) struct wg_device *wg);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 131)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 132) bool wg_noise_handshake_begin_session(struct noise_handshake *handshake,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 133) struct noise_keypairs *keypairs);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 134)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 135) #endif /* _WG_NOISE_H */
Orange Pi5 kernel
Deprecated Linux kernel 5.10.110 for OrangePi 5/5B/5+ boards
3 Commits
0 Branches
0 Tags