1a364ee04SAaron LI /*- 2a364ee04SAaron LI * SPDX-License-Identifier: ISC 3a6bca3d2SAaron LI * 4a6bca3d2SAaron LI * Copyright (C) 2015-2021 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved. 5a6bca3d2SAaron LI * Copyright (C) 2019-2021 Matt Dunwoodie <ncon@noconroy.net> 6a364ee04SAaron LI * 7a364ee04SAaron LI * Permission to use, copy, modify, and distribute this software for any 8a364ee04SAaron LI * purpose with or without fee is hereby granted, provided that the above 9a364ee04SAaron LI * copyright notice and this permission notice appear in all copies. 10a364ee04SAaron LI * 11a364ee04SAaron LI * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 12a364ee04SAaron LI * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 13a364ee04SAaron LI * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 14a364ee04SAaron LI * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 15a364ee04SAaron LI * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 16a364ee04SAaron LI * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 17a364ee04SAaron LI * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 18a6bca3d2SAaron LI */ 19a6bca3d2SAaron LI 20a364ee04SAaron LI #ifndef _NET_WG_COOKIE_H_ 21a364ee04SAaron LI #define _NET_WG_COOKIE_H_ 22a6bca3d2SAaron LI 235aabec17SAaron LI #ifndef _KERNEL 245aabec17SAaron LI #error "This file should not be included by userland programs." 255aabec17SAaron LI #endif 265aabec17SAaron LI 27cfdd69bcSAaron LI #include <crypto/chachapoly.h> 28a6bca3d2SAaron LI 29a6bca3d2SAaron LI #define COOKIE_MAC_SIZE 16 30a6bca3d2SAaron LI #define COOKIE_COOKIE_SIZE 16 31a6bca3d2SAaron LI #define COOKIE_INPUT_SIZE 32 32*03c3b87eSAaron LI #define COOKIE_NONCE_SIZE XCHACHA20POLY1305_NONCE_SIZE 33a6bca3d2SAaron LI #define COOKIE_ENCRYPTED_SIZE (COOKIE_COOKIE_SIZE + COOKIE_MAC_SIZE) 34a6bca3d2SAaron LI 35a6bca3d2SAaron LI struct cookie_macs { 36a6bca3d2SAaron LI uint8_t mac1[COOKIE_MAC_SIZE]; 37a6bca3d2SAaron LI uint8_t mac2[COOKIE_MAC_SIZE]; 38a6bca3d2SAaron LI }; 39a6bca3d2SAaron LI 40*03c3b87eSAaron LI struct cookie_maker; 41*03c3b87eSAaron LI struct cookie_checker; 42a6bca3d2SAaron LI 43a6bca3d2SAaron LI int cookie_init(void); 44a6bca3d2SAaron LI void cookie_deinit(void); 451ef0d803SAaron LI 46*03c3b87eSAaron LI struct cookie_checker * 47*03c3b87eSAaron LI cookie_checker_alloc(void); 48a6bca3d2SAaron LI void cookie_checker_free(struct cookie_checker *); 49a6bca3d2SAaron LI void cookie_checker_update(struct cookie_checker *, 50a6bca3d2SAaron LI const uint8_t[COOKIE_INPUT_SIZE]); 51a6bca3d2SAaron LI void cookie_checker_create_payload(struct cookie_checker *, 521ef0d803SAaron LI const struct cookie_macs *, 531ef0d803SAaron LI uint8_t[COOKIE_NONCE_SIZE], 541ef0d803SAaron LI uint8_t[COOKIE_ENCRYPTED_SIZE], 551ef0d803SAaron LI const struct sockaddr *); 561ef0d803SAaron LI int cookie_checker_validate_macs(struct cookie_checker *, 571ef0d803SAaron LI const struct cookie_macs *, const void *, 581ef0d803SAaron LI size_t, bool, const struct sockaddr *); 591ef0d803SAaron LI 60*03c3b87eSAaron LI struct cookie_maker * 61*03c3b87eSAaron LI cookie_maker_alloc(const uint8_t[COOKIE_INPUT_SIZE]); 62a6bca3d2SAaron LI void cookie_maker_free(struct cookie_maker *); 63a6bca3d2SAaron LI int cookie_maker_consume_payload(struct cookie_maker *, 641ef0d803SAaron LI const uint8_t[COOKIE_NONCE_SIZE], 651ef0d803SAaron LI const uint8_t[COOKIE_ENCRYPTED_SIZE]); 66a6bca3d2SAaron LI void cookie_maker_mac(struct cookie_maker *, struct cookie_macs *, 671ef0d803SAaron LI const void *, size_t); 68a6bca3d2SAaron LI 69e6c44b2eSAaron LI #ifdef WG_SELFTESTS 70a6bca3d2SAaron LI bool cookie_selftest(void); 71e6c44b2eSAaron LI #endif /* WG_SELFTESTS */ 72a6bca3d2SAaron LI 73a364ee04SAaron LI #endif /* _NET_WG_COOKIE_H_ */ 74