xref: /OK3568_Linux_fs/kernel/drivers/net/wireguard/noise.h (revision 4882a59341e53eb6f0b4789bf948001014eff981) 
1*4882a593Smuzhiyun /* SPDX-License-Identifier: GPL-2.0 */
2*4882a593Smuzhiyun /*
3*4882a593Smuzhiyun  * Copyright (C) 2015-2019 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
4*4882a593Smuzhiyun  */
5*4882a593Smuzhiyun #ifndef _WG_NOISE_H
6*4882a593Smuzhiyun #define _WG_NOISE_H
7*4882a593Smuzhiyun 
8*4882a593Smuzhiyun #include "messages.h"
9*4882a593Smuzhiyun #include "peerlookup.h"
10*4882a593Smuzhiyun 
11*4882a593Smuzhiyun #include <linux/types.h>
12*4882a593Smuzhiyun #include <linux/spinlock.h>
13*4882a593Smuzhiyun #include <linux/atomic.h>
14*4882a593Smuzhiyun #include <linux/rwsem.h>
15*4882a593Smuzhiyun #include <linux/mutex.h>
16*4882a593Smuzhiyun #include <linux/kref.h>
17*4882a593Smuzhiyun 
18*4882a593Smuzhiyun struct noise_replay_counter {
19*4882a593Smuzhiyun 	u64 counter;
20*4882a593Smuzhiyun 	spinlock_t lock;
21*4882a593Smuzhiyun 	unsigned long backtrack[COUNTER_BITS_TOTAL / BITS_PER_LONG];
22*4882a593Smuzhiyun };
23*4882a593Smuzhiyun 
24*4882a593Smuzhiyun struct noise_symmetric_key {
25*4882a593Smuzhiyun 	u8 key[NOISE_SYMMETRIC_KEY_LEN];
26*4882a593Smuzhiyun 	u64 birthdate;
27*4882a593Smuzhiyun 	bool is_valid;
28*4882a593Smuzhiyun };
29*4882a593Smuzhiyun 
30*4882a593Smuzhiyun struct noise_keypair {
31*4882a593Smuzhiyun 	struct index_hashtable_entry entry;
32*4882a593Smuzhiyun 	struct noise_symmetric_key sending;
33*4882a593Smuzhiyun 	atomic64_t sending_counter;
34*4882a593Smuzhiyun 	struct noise_symmetric_key receiving;
35*4882a593Smuzhiyun 	struct noise_replay_counter receiving_counter;
36*4882a593Smuzhiyun 	__le32 remote_index;
37*4882a593Smuzhiyun 	bool i_am_the_initiator;
38*4882a593Smuzhiyun 	struct kref refcount;
39*4882a593Smuzhiyun 	struct rcu_head rcu;
40*4882a593Smuzhiyun 	u64 internal_id;
41*4882a593Smuzhiyun };
42*4882a593Smuzhiyun 
43*4882a593Smuzhiyun struct noise_keypairs {
44*4882a593Smuzhiyun 	struct noise_keypair __rcu *current_keypair;
45*4882a593Smuzhiyun 	struct noise_keypair __rcu *previous_keypair;
46*4882a593Smuzhiyun 	struct noise_keypair __rcu *next_keypair;
47*4882a593Smuzhiyun 	spinlock_t keypair_update_lock;
48*4882a593Smuzhiyun };
49*4882a593Smuzhiyun 
50*4882a593Smuzhiyun struct noise_static_identity {
51*4882a593Smuzhiyun 	u8 static_public[NOISE_PUBLIC_KEY_LEN];
52*4882a593Smuzhiyun 	u8 static_private[NOISE_PUBLIC_KEY_LEN];
53*4882a593Smuzhiyun 	struct rw_semaphore lock;
54*4882a593Smuzhiyun 	bool has_identity;
55*4882a593Smuzhiyun };
56*4882a593Smuzhiyun 
57*4882a593Smuzhiyun enum noise_handshake_state {
58*4882a593Smuzhiyun 	HANDSHAKE_ZEROED,
59*4882a593Smuzhiyun 	HANDSHAKE_CREATED_INITIATION,
60*4882a593Smuzhiyun 	HANDSHAKE_CONSUMED_INITIATION,
61*4882a593Smuzhiyun 	HANDSHAKE_CREATED_RESPONSE,
62*4882a593Smuzhiyun 	HANDSHAKE_CONSUMED_RESPONSE
63*4882a593Smuzhiyun };
64*4882a593Smuzhiyun 
65*4882a593Smuzhiyun struct noise_handshake {
66*4882a593Smuzhiyun 	struct index_hashtable_entry entry;
67*4882a593Smuzhiyun 
68*4882a593Smuzhiyun 	enum noise_handshake_state state;
69*4882a593Smuzhiyun 	u64 last_initiation_consumption;
70*4882a593Smuzhiyun 
71*4882a593Smuzhiyun 	struct noise_static_identity *static_identity;
72*4882a593Smuzhiyun 
73*4882a593Smuzhiyun 	u8 ephemeral_private[NOISE_PUBLIC_KEY_LEN];
74*4882a593Smuzhiyun 	u8 remote_static[NOISE_PUBLIC_KEY_LEN];
75*4882a593Smuzhiyun 	u8 remote_ephemeral[NOISE_PUBLIC_KEY_LEN];
76*4882a593Smuzhiyun 	u8 precomputed_static_static[NOISE_PUBLIC_KEY_LEN];
77*4882a593Smuzhiyun 
78*4882a593Smuzhiyun 	u8 preshared_key[NOISE_SYMMETRIC_KEY_LEN];
79*4882a593Smuzhiyun 
80*4882a593Smuzhiyun 	u8 hash[NOISE_HASH_LEN];
81*4882a593Smuzhiyun 	u8 chaining_key[NOISE_HASH_LEN];
82*4882a593Smuzhiyun 
83*4882a593Smuzhiyun 	u8 latest_timestamp[NOISE_TIMESTAMP_LEN];
84*4882a593Smuzhiyun 	__le32 remote_index;
85*4882a593Smuzhiyun 
86*4882a593Smuzhiyun 	/* Protects all members except the immutable (after noise_handshake_
87*4882a593Smuzhiyun 	 * init): remote_static, precomputed_static_static, static_identity.
88*4882a593Smuzhiyun 	 */
89*4882a593Smuzhiyun 	struct rw_semaphore lock;
90*4882a593Smuzhiyun };
91*4882a593Smuzhiyun 
92*4882a593Smuzhiyun struct wg_device;
93*4882a593Smuzhiyun 
94*4882a593Smuzhiyun void wg_noise_init(void);
95*4882a593Smuzhiyun void wg_noise_handshake_init(struct noise_handshake *handshake,
96*4882a593Smuzhiyun 			     struct noise_static_identity *static_identity,
97*4882a593Smuzhiyun 			     const u8 peer_public_key[NOISE_PUBLIC_KEY_LEN],
98*4882a593Smuzhiyun 			     const u8 peer_preshared_key[NOISE_SYMMETRIC_KEY_LEN],
99*4882a593Smuzhiyun 			     struct wg_peer *peer);
100*4882a593Smuzhiyun void wg_noise_handshake_clear(struct noise_handshake *handshake);
wg_noise_reset_last_sent_handshake(atomic64_t * handshake_ns)101*4882a593Smuzhiyun static inline void wg_noise_reset_last_sent_handshake(atomic64_t *handshake_ns)
102*4882a593Smuzhiyun {
103*4882a593Smuzhiyun 	atomic64_set(handshake_ns, ktime_get_coarse_boottime_ns() -
104*4882a593Smuzhiyun 				       (u64)(REKEY_TIMEOUT + 1) * NSEC_PER_SEC);
105*4882a593Smuzhiyun }
106*4882a593Smuzhiyun 
107*4882a593Smuzhiyun void wg_noise_keypair_put(struct noise_keypair *keypair, bool unreference_now);
108*4882a593Smuzhiyun struct noise_keypair *wg_noise_keypair_get(struct noise_keypair *keypair);
109*4882a593Smuzhiyun void wg_noise_keypairs_clear(struct noise_keypairs *keypairs);
110*4882a593Smuzhiyun bool wg_noise_received_with_keypair(struct noise_keypairs *keypairs,
111*4882a593Smuzhiyun 				    struct noise_keypair *received_keypair);
112*4882a593Smuzhiyun void wg_noise_expire_current_peer_keypairs(struct wg_peer *peer);
113*4882a593Smuzhiyun 
114*4882a593Smuzhiyun void wg_noise_set_static_identity_private_key(
115*4882a593Smuzhiyun 	struct noise_static_identity *static_identity,
116*4882a593Smuzhiyun 	const u8 private_key[NOISE_PUBLIC_KEY_LEN]);
117*4882a593Smuzhiyun void wg_noise_precompute_static_static(struct wg_peer *peer);
118*4882a593Smuzhiyun 
119*4882a593Smuzhiyun bool
120*4882a593Smuzhiyun wg_noise_handshake_create_initiation(struct message_handshake_initiation *dst,
121*4882a593Smuzhiyun 				     struct noise_handshake *handshake);
122*4882a593Smuzhiyun struct wg_peer *
123*4882a593Smuzhiyun wg_noise_handshake_consume_initiation(struct message_handshake_initiation *src,
124*4882a593Smuzhiyun 				      struct wg_device *wg);
125*4882a593Smuzhiyun 
126*4882a593Smuzhiyun bool wg_noise_handshake_create_response(struct message_handshake_response *dst,
127*4882a593Smuzhiyun 					struct noise_handshake *handshake);
128*4882a593Smuzhiyun struct wg_peer *
129*4882a593Smuzhiyun wg_noise_handshake_consume_response(struct message_handshake_response *src,
130*4882a593Smuzhiyun 				    struct wg_device *wg);
131*4882a593Smuzhiyun 
132*4882a593Smuzhiyun bool wg_noise_handshake_begin_session(struct noise_handshake *handshake,
133*4882a593Smuzhiyun 				      struct noise_keypairs *keypairs);
134*4882a593Smuzhiyun 
135*4882a593Smuzhiyun #endif /* _WG_NOISE_H */
136