Introduce ah_authsiz, which computes the length of the ICV only. Use it in esp_hdrsiz, and clarify. Until now we were using ah_hdrsiz, and were relying on the fact that the size of the AH header happens to be equal to that of the ESP trailer. Now the size of the ESP trailer is added manually. This also fixes one branch in esp_hdrsiz: we always append an ESP trailer, so it must always be taken into account, and not just when an ICV is here.diff -r1.19 -r1.20 src/sys/netipsec/xform.h
(maxv)
--- src/sys/netipsec/xform.h 2018/05/07 09:25:04 1.19
+++ src/sys/netipsec/xform.h 2018/05/30 17:17:11 1.20
@@ -1,14 +1,14 @@ | @@ -1,14 +1,14 @@ | |||
1 | /* $NetBSD: xform.h,v 1.19 2018/05/07 09:25:04 maxv Exp $ */ | 1 | /* $NetBSD: xform.h,v 1.20 2018/05/30 17:17:11 maxv Exp $ */ | |
2 | /* $FreeBSD: xform.h,v 1.1.4.1 2003/01/24 05:11:36 sam Exp $ */ | 2 | /* $FreeBSD: xform.h,v 1.1.4.1 2003/01/24 05:11:36 sam Exp $ */ | |
3 | /* $OpenBSD: ip_ipsp.h,v 1.119 2002/03/14 01:27:11 millert Exp $ */ | 3 | /* $OpenBSD: ip_ipsp.h,v 1.119 2002/03/14 01:27:11 millert Exp $ */ | |
4 | /* | 4 | /* | |
5 | * The authors of this code are John Ioannidis (ji@tla.org), | 5 | * The authors of this code are John Ioannidis (ji@tla.org), | |
6 | * Angelos D. Keromytis (kermit@csd.uch.gr), | 6 | * Angelos D. Keromytis (kermit@csd.uch.gr), | |
7 | * Niels Provos (provos@physnet.uni-hamburg.de) and | 7 | * Niels Provos (provos@physnet.uni-hamburg.de) and | |
8 | * Niklas Hallqvist (niklas@appli.se). | 8 | * Niklas Hallqvist (niklas@appli.se). | |
9 | * | 9 | * | |
10 | * The original version of this code was written by John Ioannidis | 10 | * The original version of this code was written by John Ioannidis | |
11 | * for BSD/OS in Athens, Greece, in November 1995. | 11 | * for BSD/OS in Athens, Greece, in November 1995. | |
12 | * | 12 | * | |
13 | * Ported to OpenBSD and NetBSD, with additional transforms, in December 1996, | 13 | * Ported to OpenBSD and NetBSD, with additional transforms, in December 1996, | |
14 | * by Angelos D. Keromytis. | 14 | * by Angelos D. Keromytis. | |
@@ -86,24 +86,25 @@ struct xformsw { | @@ -86,24 +86,25 @@ struct xformsw { | |||
86 | #ifdef _KERNEL | 86 | #ifdef _KERNEL | |
87 | void xform_register(struct xformsw *); | 87 | void xform_register(struct xformsw *); | |
88 | int xform_init(struct secasvar *sav, int); | 88 | int xform_init(struct secasvar *sav, int); | |
89 | 89 | |||
90 | struct cryptoini; | 90 | struct cryptoini; | |
91 | 91 | |||
92 | /* XF_IP4 */ | 92 | /* XF_IP4 */ | |
93 | int ipip_output(struct mbuf *, struct secasvar *, struct mbuf **); | 93 | int ipip_output(struct mbuf *, struct secasvar *, struct mbuf **); | |
94 | 94 | |||
95 | /* XF_AH */ | 95 | /* XF_AH */ | |
96 | int ah_init0(struct secasvar *, const struct xformsw *, struct cryptoini *); | 96 | int ah_init0(struct secasvar *, const struct xformsw *, struct cryptoini *); | |
97 | int ah_zeroize(struct secasvar *); | 97 | int ah_zeroize(struct secasvar *); | |
98 | const struct auth_hash *ah_algorithm_lookup(int); | 98 | const struct auth_hash *ah_algorithm_lookup(int); | |
99 | size_t ah_authsiz(const struct secasvar *); | |||
99 | size_t ah_hdrsiz(const struct secasvar *); | 100 | size_t ah_hdrsiz(const struct secasvar *); | |
100 | 101 | |||
101 | /* XF_ESP */ | 102 | /* XF_ESP */ | |
102 | const struct enc_xform *esp_algorithm_lookup(int); | 103 | const struct enc_xform *esp_algorithm_lookup(int); | |
103 | size_t esp_hdrsiz(const struct secasvar *); | 104 | size_t esp_hdrsiz(const struct secasvar *); | |
104 | 105 | |||
105 | /* XF_COMP */ | 106 | /* XF_COMP */ | |
106 | const struct comp_algo *ipcomp_algorithm_lookup(int); | 107 | const struct comp_algo *ipcomp_algorithm_lookup(int); | |
107 | 108 | |||
108 | #endif /* _KERNEL */ | 109 | #endif /* _KERNEL */ | |
109 | #endif /* !_NETIPSEC_XFORM_H_ */ | 110 | #endif /* !_NETIPSEC_XFORM_H_ */ |
--- src/sys/netipsec/xform_ah.c 2018/05/29 16:50:38 1.103
+++ src/sys/netipsec/xform_ah.c 2018/05/30 17:17:11 1.104
@@ -1,14 +1,14 @@ | @@ -1,14 +1,14 @@ | |||
1 | /* $NetBSD: xform_ah.c,v 1.103 2018/05/29 16:50:38 maxv Exp $ */ | 1 | /* $NetBSD: xform_ah.c,v 1.104 2018/05/30 17:17:11 maxv Exp $ */ | |
2 | /* $FreeBSD: xform_ah.c,v 1.1.4.1 2003/01/24 05:11:36 sam Exp $ */ | 2 | /* $FreeBSD: xform_ah.c,v 1.1.4.1 2003/01/24 05:11:36 sam Exp $ */ | |
3 | /* $OpenBSD: ip_ah.c,v 1.63 2001/06/26 06:18:58 angelos Exp $ */ | 3 | /* $OpenBSD: ip_ah.c,v 1.63 2001/06/26 06:18:58 angelos Exp $ */ | |
4 | /* | 4 | /* | |
5 | * The authors of this code are John Ioannidis (ji@tla.org), | 5 | * The authors of this code are John Ioannidis (ji@tla.org), | |
6 | * Angelos D. Keromytis (kermit@csd.uch.gr) and | 6 | * Angelos D. Keromytis (kermit@csd.uch.gr) and | |
7 | * Niels Provos (provos@physnet.uni-hamburg.de). | 7 | * Niels Provos (provos@physnet.uni-hamburg.de). | |
8 | * | 8 | * | |
9 | * The original version of this code was written by John Ioannidis | 9 | * The original version of this code was written by John Ioannidis | |
10 | * for BSD/OS in Athens, Greece, in November 1995. | 10 | * for BSD/OS in Athens, Greece, in November 1995. | |
11 | * | 11 | * | |
12 | * Ported to OpenBSD and NetBSD, with additional transforms, in December 1996, | 12 | * Ported to OpenBSD and NetBSD, with additional transforms, in December 1996, | |
13 | * by Angelos D. Keromytis. | 13 | * by Angelos D. Keromytis. | |
14 | * | 14 | * | |
@@ -29,27 +29,27 @@ | @@ -29,27 +29,27 @@ | |||
29 | * You may use this code under the GNU public license if you so wish. Please | 29 | * You may use this code under the GNU public license if you so wish. Please | |
30 | * contribute changes back to the authors under this freer than GPL license | 30 | * contribute changes back to the authors under this freer than GPL license | |
31 | * so that we may further the use of strong encryption without limitations to | 31 | * so that we may further the use of strong encryption without limitations to | |
32 | * all. | 32 | * all. | |
33 | * | 33 | * | |
34 | * THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR | 34 | * THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR | |
35 | * IMPLIED WARRANTY. IN PARTICULAR, NONE OF THE AUTHORS MAKES ANY | 35 | * IMPLIED WARRANTY. IN PARTICULAR, NONE OF THE AUTHORS MAKES ANY | |
36 | * REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE | 36 | * REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE | |
37 | * MERCHANTABILITY OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR | 37 | * MERCHANTABILITY OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR | |
38 | * PURPOSE. | 38 | * PURPOSE. | |
39 | */ | 39 | */ | |
40 | 40 | |||
41 | #include <sys/cdefs.h> | 41 | #include <sys/cdefs.h> | |
42 | __KERNEL_RCSID(0, "$NetBSD: xform_ah.c,v 1.103 2018/05/29 16:50:38 maxv Exp $"); | 42 | __KERNEL_RCSID(0, "$NetBSD: xform_ah.c,v 1.104 2018/05/30 17:17:11 maxv Exp $"); | |
43 | 43 | |||
44 | #if defined(_KERNEL_OPT) | 44 | #if defined(_KERNEL_OPT) | |
45 | #include "opt_inet.h" | 45 | #include "opt_inet.h" | |
46 | #include "opt_ipsec.h" | 46 | #include "opt_ipsec.h" | |
47 | #endif | 47 | #endif | |
48 | 48 | |||
49 | #include <sys/param.h> | 49 | #include <sys/param.h> | |
50 | #include <sys/systm.h> | 50 | #include <sys/systm.h> | |
51 | #include <sys/mbuf.h> | 51 | #include <sys/mbuf.h> | |
52 | #include <sys/socket.h> | 52 | #include <sys/socket.h> | |
53 | #include <sys/syslog.h> | 53 | #include <sys/syslog.h> | |
54 | #include <sys/kernel.h> | 54 | #include <sys/kernel.h> | |
55 | #include <sys/sysctl.h> | 55 | #include <sys/sysctl.h> | |
@@ -139,26 +139,39 @@ ah_algorithm_lookup(int alg) | @@ -139,26 +139,39 @@ ah_algorithm_lookup(int alg) | |||
139 | case SADB_X_AALG_SHA2_256: | 139 | case SADB_X_AALG_SHA2_256: | |
140 | return &auth_hash_hmac_sha2_256; | 140 | return &auth_hash_hmac_sha2_256; | |
141 | case SADB_X_AALG_SHA2_384: | 141 | case SADB_X_AALG_SHA2_384: | |
142 | return &auth_hash_hmac_sha2_384; | 142 | return &auth_hash_hmac_sha2_384; | |
143 | case SADB_X_AALG_SHA2_512: | 143 | case SADB_X_AALG_SHA2_512: | |
144 | return &auth_hash_hmac_sha2_512; | 144 | return &auth_hash_hmac_sha2_512; | |
145 | case SADB_X_AALG_AES_XCBC_MAC: | 145 | case SADB_X_AALG_AES_XCBC_MAC: | |
146 | return &auth_hash_aes_xcbc_mac_96; | 146 | return &auth_hash_aes_xcbc_mac_96; | |
147 | } | 147 | } | |
148 | return NULL; | 148 | return NULL; | |
149 | } | 149 | } | |
150 | 150 | |||
151 | size_t | 151 | size_t | |
152 | ah_authsiz(const struct secasvar *sav) | |||
153 | { | |||
154 | size_t size; | |||
155 | ||||
156 | if (sav == NULL) { | |||
157 | return ah_max_authsize; | |||
158 | } | |||
159 | ||||
160 | size = AUTHSIZE(sav); | |||
161 | return roundup(size, sizeof(uint32_t)); | |||
162 | } | |||
163 | ||||
164 | size_t | |||
152 | ah_hdrsiz(const struct secasvar *sav) | 165 | ah_hdrsiz(const struct secasvar *sav) | |
153 | { | 166 | { | |
154 | size_t size; | 167 | size_t size; | |
155 | 168 | |||
156 | if (sav != NULL) { | 169 | if (sav != NULL) { | |
157 | int authsize; | 170 | int authsize; | |
158 | KASSERT(sav->tdb_authalgxform != NULL); | 171 | KASSERT(sav->tdb_authalgxform != NULL); | |
159 | /*XXX not right for null algorithm--does it matter??*/ | 172 | /*XXX not right for null algorithm--does it matter??*/ | |
160 | authsize = AUTHSIZE(sav); | 173 | authsize = AUTHSIZE(sav); | |
161 | size = roundup(authsize, sizeof(uint32_t)) + HDRSIZE(sav); | 174 | size = roundup(authsize, sizeof(uint32_t)) + HDRSIZE(sav); | |
162 | } else { | 175 | } else { | |
163 | /* default guess */ | 176 | /* default guess */ | |
164 | size = sizeof(struct ah) + sizeof(uint32_t) + ah_max_authsize; | 177 | size = sizeof(struct ah) + sizeof(uint32_t) + ah_max_authsize; |
--- src/sys/netipsec/xform_esp.c 2018/05/30 16:49:38 1.93
+++ src/sys/netipsec/xform_esp.c 2018/05/30 17:17:11 1.94
@@ -1,14 +1,14 @@ | @@ -1,14 +1,14 @@ | |||
1 | /* $NetBSD: xform_esp.c,v 1.93 2018/05/30 16:49:38 maxv Exp $ */ | 1 | /* $NetBSD: xform_esp.c,v 1.94 2018/05/30 17:17:11 maxv Exp $ */ | |
2 | /* $FreeBSD: xform_esp.c,v 1.2.2.1 2003/01/24 05:11:36 sam Exp $ */ | 2 | /* $FreeBSD: xform_esp.c,v 1.2.2.1 2003/01/24 05:11:36 sam Exp $ */ | |
3 | /* $OpenBSD: ip_esp.c,v 1.69 2001/06/26 06:18:59 angelos Exp $ */ | 3 | /* $OpenBSD: ip_esp.c,v 1.69 2001/06/26 06:18:59 angelos Exp $ */ | |
4 | 4 | |||
5 | /* | 5 | /* | |
6 | * The authors of this code are John Ioannidis (ji@tla.org), | 6 | * The authors of this code are John Ioannidis (ji@tla.org), | |
7 | * Angelos D. Keromytis (kermit@csd.uch.gr) and | 7 | * Angelos D. Keromytis (kermit@csd.uch.gr) and | |
8 | * Niels Provos (provos@physnet.uni-hamburg.de). | 8 | * Niels Provos (provos@physnet.uni-hamburg.de). | |
9 | * | 9 | * | |
10 | * The original version of this code was written by John Ioannidis | 10 | * The original version of this code was written by John Ioannidis | |
11 | * for BSD/OS in Athens, Greece, in November 1995. | 11 | * for BSD/OS in Athens, Greece, in November 1995. | |
12 | * | 12 | * | |
13 | * Ported to OpenBSD and NetBSD, with additional transforms, in December 1996, | 13 | * Ported to OpenBSD and NetBSD, with additional transforms, in December 1996, | |
14 | * by Angelos D. Keromytis. | 14 | * by Angelos D. Keromytis. | |
@@ -29,27 +29,27 @@ | @@ -29,27 +29,27 @@ | |||
29 | * You may use this code under the GNU public license if you so wish. Please | 29 | * You may use this code under the GNU public license if you so wish. Please | |
30 | * contribute changes back to the authors under this freer than GPL license | 30 | * contribute changes back to the authors under this freer than GPL license | |
31 | * so that we may further the use of strong encryption without limitations to | 31 | * so that we may further the use of strong encryption without limitations to | |
32 | * all. | 32 | * all. | |
33 | * | 33 | * | |
34 | * THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR | 34 | * THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR | |
35 | * IMPLIED WARRANTY. IN PARTICULAR, NONE OF THE AUTHORS MAKES ANY | 35 | * IMPLIED WARRANTY. IN PARTICULAR, NONE OF THE AUTHORS MAKES ANY | |
36 | * REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE | 36 | * REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE | |
37 | * MERCHANTABILITY OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR | 37 | * MERCHANTABILITY OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR | |
38 | * PURPOSE. | 38 | * PURPOSE. | |
39 | */ | 39 | */ | |
40 | 40 | |||
41 | #include <sys/cdefs.h> | 41 | #include <sys/cdefs.h> | |
42 | __KERNEL_RCSID(0, "$NetBSD: xform_esp.c,v 1.93 2018/05/30 16:49:38 maxv Exp $"); | 42 | __KERNEL_RCSID(0, "$NetBSD: xform_esp.c,v 1.94 2018/05/30 17:17:11 maxv Exp $"); | |
43 | 43 | |||
44 | #if defined(_KERNEL_OPT) | 44 | #if defined(_KERNEL_OPT) | |
45 | #include "opt_inet.h" | 45 | #include "opt_inet.h" | |
46 | #include "opt_ipsec.h" | 46 | #include "opt_ipsec.h" | |
47 | #endif | 47 | #endif | |
48 | 48 | |||
49 | #include <sys/param.h> | 49 | #include <sys/param.h> | |
50 | #include <sys/systm.h> | 50 | #include <sys/systm.h> | |
51 | #include <sys/mbuf.h> | 51 | #include <sys/mbuf.h> | |
52 | #include <sys/socket.h> | 52 | #include <sys/socket.h> | |
53 | #include <sys/syslog.h> | 53 | #include <sys/syslog.h> | |
54 | #include <sys/kernel.h> | 54 | #include <sys/kernel.h> | |
55 | #include <sys/sysctl.h> | 55 | #include <sys/sysctl.h> | |
@@ -131,45 +131,54 @@ esp_algorithm_lookup(int alg) | @@ -131,45 +131,54 @@ esp_algorithm_lookup(int alg) | |||
131 | return &enc_xform_null; | 131 | return &enc_xform_null; | |
132 | } | 132 | } | |
133 | return NULL; | 133 | return NULL; | |
134 | } | 134 | } | |
135 | 135 | |||
136 | size_t | 136 | size_t | |
137 | esp_hdrsiz(const struct secasvar *sav) | 137 | esp_hdrsiz(const struct secasvar *sav) | |
138 | { | 138 | { | |
139 | size_t size; | 139 | size_t size; | |
140 | 140 | |||
141 | if (sav != NULL) { | 141 | if (sav != NULL) { | |
142 | /*XXX not right for null algorithm--does it matter??*/ | 142 | /*XXX not right for null algorithm--does it matter??*/ | |
143 | KASSERT(sav->tdb_encalgxform != NULL); | 143 | KASSERT(sav->tdb_encalgxform != NULL); | |
144 | ||||
145 | /* | |||
146 | * base header size | |||
147 | * + iv length for CBC mode | |||
148 | * + max pad length | |||
149 | * + sizeof(esp trailer) | |||
150 | * + icv length (if any). | |||
151 | */ | |||
144 | if (sav->flags & SADB_X_EXT_OLD) | 152 | if (sav->flags & SADB_X_EXT_OLD) | |
145 | size = sizeof(struct esp); | 153 | size = sizeof(struct esp); | |
146 | else | 154 | else | |
147 | size = sizeof(struct newesp); | 155 | size = sizeof(struct newesp); | |
148 | size += sav->tdb_encalgxform->ivsize + 9; | 156 | size += sav->tdb_encalgxform->ivsize + 9 + | |
157 | sizeof(struct esptail); | |||
158 | ||||
149 | /*XXX need alg check???*/ | 159 | /*XXX need alg check???*/ | |
150 | if (sav->tdb_authalgxform != NULL && sav->replay) | 160 | if (sav->tdb_authalgxform != NULL && sav->replay) | |
151 | size += ah_hdrsiz(sav); | 161 | size += ah_authsiz(sav); | |
152 | } else { | 162 | } else { | |
153 | /* | 163 | /* | |
154 | * base header size | 164 | * base header size | |
155 | * + max iv length for CBC mode | 165 | * + max iv length for CBC mode | |
156 | * + max pad length | 166 | * + max pad length | |
157 | * + sizeof(pad length field) | 167 | * + sizeof(esp trailer) | |
158 | * + sizeof(next header field) | |||
159 | * + max icv supported. | 168 | * + max icv supported. | |
160 | */ | 169 | */ | |
161 | size = sizeof(struct newesp) + esp_max_ivlen + 9 + | 170 | size = sizeof(struct newesp) + esp_max_ivlen + 9 + | |
162 | ah_hdrsiz(NULL); | 171 | sizeof(struct esptail) + ah_authsiz(NULL); | |
163 | } | 172 | } | |
164 | return size; | 173 | return size; | |
165 | } | 174 | } | |
166 | 175 | |||
167 | /* | 176 | /* | |
168 | * esp_init() is called when an SPI is being set up. | 177 | * esp_init() is called when an SPI is being set up. | |
169 | */ | 178 | */ | |
170 | static int | 179 | static int | |
171 | esp_init(struct secasvar *sav, const struct xformsw *xsp) | 180 | esp_init(struct secasvar *sav, const struct xformsw *xsp) | |
172 | { | 181 | { | |
173 | const struct enc_xform *txform; | 182 | const struct enc_xform *txform; | |
174 | struct cryptoini cria, crie, *cr; | 183 | struct cryptoini cria, crie, *cr; | |
175 | int keylen; | 184 | int keylen; |