FD.io VPP  v16.06
Vector Packet Processing
ikev2.c
Go to the documentation of this file.
1 /*
2  * Copyright (c) 2015 Cisco and/or its affiliates.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at:
6  *
7  * http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 #include <vlib/vlib.h>
17 #include <vnet/vnet.h>
18 #include <vnet/pg/pg.h>
19 #include <vppinfra/error.h>
20 #include <vnet/ip/udp.h>
21 #include <vnet/ipsec/ipsec.h>
22 #include <vnet/ipsec/ikev2.h>
23 #include <vnet/ipsec/ikev2_priv.h>
24 
26  ikev2_sa_t *sa,
27  ikev2_child_sa_t * child);
28 
29 #define ikev2_set_state(sa, v) do { \
30  (sa)->state = v; \
31  clib_warning("sa state changed to " #v); \
32  } while(0);
33 
34 typedef struct {
38 
39 static u8 * format_ikev2_trace (u8 * s, va_list * args)
40 {
41  CLIB_UNUSED (vlib_main_t * vm) = va_arg (*args, vlib_main_t *);
42  CLIB_UNUSED (vlib_node_t * node) = va_arg (*args, vlib_node_t *);
43  ikev2_trace_t * t = va_arg (*args, ikev2_trace_t *);
44 
45  s = format (s, "ikev2: sw_if_index %d, next index %d",
46  t->sw_if_index, t->next_index);
47  return s;
48 }
49 
51 
52 #define foreach_ikev2_error \
53 _(PROCESSED, "IKEv2 packets processed") \
54 _(IKE_SA_INIT_RETRANSMIT, "IKE_SA_INIT retransmit ") \
55 _(IKE_SA_INIT_IGNORE, "IKE_SA_INIT ignore (IKE SA already auth)") \
56 _(IKE_REQ_RETRANSMIT, "IKE request retransmit") \
57 _(IKE_REQ_IGNORE, "IKE request ignore (old msgid)") \
58 _(NOT_IKEV2, "Non IKEv2 packets received")
59 
60 typedef enum {
61 #define _(sym,str) IKEV2_ERROR_##sym,
63 #undef _
66 
67 static char * ikev2_error_strings[] = {
68 #define _(sym,string) string,
70 #undef _
71 };
72 
73 typedef enum {
77 } ikev2_next_t;
78 
79 static ikev2_sa_transform_t *
81 {
82  ikev2_main_t * km = &ikev2_main;
84 
86  {
87  if (td->type != t->type)
88  continue;
89 
90  if (td->transform_id != t->transform_id)
91  continue;
92 
93  if (td->type == IKEV2_TRANSFORM_TYPE_ENCR)
94  {
95  if (vec_len(t->attrs) != 4 || t->attrs[0] != 0x80 || t->attrs[1] != 14)
96  continue;
97 
98  if (((t->attrs[2] << 8 | t->attrs[3]) / 8) != td->key_len)
99  continue;
100  }
101  return td;
102  }
103  return 0;
104 }
105 
106 static ikev2_sa_proposal_t *
108 {
109  ikev2_sa_proposal_t * rv = 0;
110  ikev2_sa_proposal_t * proposal;
111  ikev2_sa_transform_t * transform, * new_t;
112  u8 mandatory_bitmap, optional_bitmap;
113 
114  if (prot_id == IKEV2_PROTOCOL_IKE)
115  {
116  mandatory_bitmap = (1 << IKEV2_TRANSFORM_TYPE_ENCR) |
117  (1 << IKEV2_TRANSFORM_TYPE_PRF) |
118  (1 << IKEV2_TRANSFORM_TYPE_INTEG) |
119  (1 << IKEV2_TRANSFORM_TYPE_DH);
120  optional_bitmap = mandatory_bitmap;
121  }
122  else if (prot_id == IKEV2_PROTOCOL_ESP)
123  {
124  mandatory_bitmap = (1 << IKEV2_TRANSFORM_TYPE_ENCR) |
125  (1 << IKEV2_TRANSFORM_TYPE_ESN);
126  optional_bitmap = mandatory_bitmap |
127  (1 << IKEV2_TRANSFORM_TYPE_INTEG) |
128  (1 << IKEV2_TRANSFORM_TYPE_DH);
129  }
130  else if (prot_id == IKEV2_PROTOCOL_AH)
131  {
132  mandatory_bitmap = (1 << IKEV2_TRANSFORM_TYPE_INTEG) |
133  (1 << IKEV2_TRANSFORM_TYPE_ESN);
134  optional_bitmap = mandatory_bitmap |
135  (1 << IKEV2_TRANSFORM_TYPE_DH);
136  }
137  else
138  return 0;
139 
140  vec_add2(rv, proposal, 1);
141 
142  vec_foreach(proposal, proposals)
143  {
144  u8 bitmap = 0;
145  if (proposal->protocol_id != prot_id)
146  continue;
147 
148  vec_foreach(transform, proposal->transforms)
149  {
150  if ((1 << transform->type) & bitmap)
151  continue;
152 
153  if (ikev2_find_transform_data(transform))
154  {
155  bitmap |= 1 << transform->type;
156  vec_add2(rv->transforms, new_t, 1);
157  clib_memcpy(new_t, transform, sizeof(*new_t));
158  new_t->attrs = vec_dup(transform->attrs);
159  }
160  }
161 
162  clib_warning("bitmap is %x mandatory is %x optional is %x",
163  bitmap, mandatory_bitmap, optional_bitmap);
164 
165  if ((bitmap & mandatory_bitmap) == mandatory_bitmap &&
166  (bitmap & ~optional_bitmap) == 0)
167  {
168  rv->proposal_num = proposal->proposal_num;
169  rv->protocol_id = proposal->protocol_id;
170  RAND_bytes((u8 *) &rv->spi, sizeof(rv->spi));
171  goto done;
172  }
173  else
174  {
175  vec_free(rv->transforms);
176  }
177  }
178 
179  vec_free(rv);
180 done:
181  return rv;
182 }
183 
186 {
188 
189  if (!p)
190  return 0;
191 
192  vec_foreach(t, p->transforms)
193  {
194  if (t->type == type)
195  return ikev2_find_transform_data(t);
196  }
197  return 0;
198 }
199 
202 {
203  ikev2_child_sa_t * c;
204  vec_foreach(c, sa->childs)
205  {
206  if (c->i_proposals[0].spi == spi && c->i_proposals[0].protocol_id == prot_id)
207  return c;
208  }
209 
210  return 0;
211 }
212 
213 void
215 {
218 
219  if (!*v)
220  return;
221 
222  vec_foreach(p, *v) {
223  vec_foreach(t, p->transforms) {
224  vec_free(t->attrs);
225  }
226  vec_free(p->transforms);
227  }
228  vec_free(*v);
229 };
230 
231 static void
233 {
234  ikev2_child_sa_t * c;
235  vec_foreach(c, *childs)
236  {
239  vec_free(c->sk_ai);
240  vec_free(c->sk_ar);
241  vec_free(c->sk_ei);
242  vec_free(c->sk_er);
243  }
244 
245  vec_free(*childs);
246 }
247 
248 static void
250 {
253  vec_free(child->sk_ai);
254  vec_free(child->sk_ar);
255  vec_free(child->sk_ei);
256  vec_free(child->sk_er);
257 
258  vec_del1(sa->childs, child - sa->childs);
259 }
260 
261 static void
263 {
264  vec_free(sa->i_nonce);
265  vec_free(sa->i_dh_data);
266  vec_free(sa->dh_shared_key);
267 
270 
271  vec_free(sa->sk_d);
272  vec_free(sa->sk_ai);
273  vec_free(sa->sk_ar);
274  vec_free(sa->sk_ei);
275  vec_free(sa->sk_er);
276  vec_free(sa->sk_pi);
277  vec_free(sa->sk_pr);
278 
279  vec_free(sa->i_id.data);
280  vec_free(sa->i_auth.data);
281  vec_free(sa->r_id.data);
282  vec_free(sa->r_auth.data);
283  if (sa->r_auth.key)
284  EVP_PKEY_free(sa->r_auth.key);
285 
286  vec_free(sa->del);
287 
289 }
290 
291 static void
293 {
294  ikev2_main_t * km = &ikev2_main;
295  uword * p;
296 
298 
299  p = hash_get(km->sa_by_rspi, sa->rspi);
300  if (p)
301  {
302  hash_unset(km->sa_by_rspi, sa->rspi);
303  pool_put(km->sas, sa);
304  }
305 }
306 
307 static void
309 {
310  ikev2_sa_transform_t * t = 0, * t2;
311  ikev2_main_t * km = &ikev2_main;
312 
313  if (sa->dh_group == IKEV2_TRANSFORM_DH_TYPE_NONE)
314  {
315  return;
316  }
317 
318  /* check if received DH group is on our list of supported groups */
320  {
321  if (t2->type == IKEV2_TRANSFORM_TYPE_DH &&
322  sa->dh_group == t2->dh_type)
323  {
324  t = t2;
325  break;
326  }
327  }
328 
329  if (!t)
330  {
331  clib_warning("unknown dh data group %u (data len %u)", sa->dh_group,
332  vec_len(sa->i_dh_data));
333  sa->dh_group = IKEV2_TRANSFORM_DH_TYPE_NONE;
334  return;
335  }
336 
337  /* generate rspi */
338  RAND_bytes((u8 *) &sa->rspi, 8);
339 
340  /* generate nonce */
342  RAND_bytes((u8 *) sa->r_nonce, IKEV2_NONCE_SIZE);
343 
344  /* generate dh keys */
345  ikev2_generate_dh(sa, t);
346 }
347 
348 static void
350 {
351  u8 * tmp;
352  /* calculate SKEYSEED = prf(Ni | Nr, g^ir) */
353  u8 * skeyseed = 0;
354  u8 * s = 0;
355  ikev2_sa_transform_t * tr_encr, * tr_prf, * tr_integ;
356  tr_encr = ikev2_sa_get_td_for_type(sa->r_proposals, IKEV2_TRANSFORM_TYPE_ENCR);
357  tr_prf = ikev2_sa_get_td_for_type(sa->r_proposals, IKEV2_TRANSFORM_TYPE_PRF);
358  tr_integ = ikev2_sa_get_td_for_type(sa->r_proposals, IKEV2_TRANSFORM_TYPE_INTEG);
359 
360  vec_append(s, sa->i_nonce);
361  vec_append(s, sa->r_nonce);
362  skeyseed = ikev2_calc_prf(tr_prf, s, sa->dh_shared_key);
363 
364  /* Calculate S = Ni | Nr | SPIi | SPIr*/
365  u64 * spi;
366  vec_add2(s, tmp, 2 * sizeof(*spi));
367  spi = (u64 *) tmp;
368  spi[0] = clib_host_to_net_u64(sa->ispi);
369  spi[1] = clib_host_to_net_u64(sa->rspi);
370 
371  /* calculate PRFplus */
372  u8 * keymat;
373  int len = tr_prf->key_trunc + /* SK_d */
374  tr_integ->key_len * 2 + /* SK_ai, SK_ar */
375  tr_encr->key_len * 2 + /* SK_ei, SK_er */
376  tr_prf->key_len * 2 ; /* SK_pi, SK_pr */
377 
378  keymat = ikev2_calc_prfplus(tr_prf, skeyseed, s, len);
379  vec_free(skeyseed);
380  vec_free(s);
381 
382  int pos = 0;
383 
384  /* SK_d */
385  sa->sk_d = vec_new(u8, tr_prf->key_trunc);
386  clib_memcpy(sa->sk_d, keymat + pos, tr_prf->key_trunc);
387  pos += tr_prf->key_trunc;
388 
389  /* SK_ai */
390  sa->sk_ai = vec_new(u8, tr_integ->key_len);
391  clib_memcpy(sa->sk_ai, keymat + pos, tr_integ->key_len);
392  pos += tr_integ->key_len;
393 
394  /* SK_ar */
395  sa->sk_ar = vec_new(u8, tr_integ->key_len);
396  clib_memcpy(sa->sk_ar, keymat + pos, tr_integ->key_len);
397  pos += tr_integ->key_len;
398 
399  /* SK_ei */
400  sa->sk_ei = vec_new(u8, tr_encr->key_len);
401  clib_memcpy(sa->sk_ei, keymat + pos, tr_encr->key_len);
402  pos += tr_encr->key_len;
403 
404  /* SK_er */
405  sa->sk_er = vec_new(u8, tr_encr->key_len);
406  clib_memcpy(sa->sk_er, keymat + pos, tr_encr->key_len);
407  pos += tr_encr->key_len;
408 
409  /* SK_pi */
410  sa->sk_pi = vec_new(u8, tr_prf->key_len);
411  clib_memcpy(sa->sk_pi, keymat + pos, tr_prf->key_len);
412  pos += tr_prf->key_len;
413 
414  /* SK_pr */
415  sa->sk_pr = vec_new(u8, tr_prf->key_len);
416  clib_memcpy(sa->sk_pr, keymat + pos, tr_prf->key_len);
417  pos += tr_prf->key_len;
418 
419  vec_free(keymat);
420 }
421 
422 static void
424 {
425  u8 * s = 0;
426  ikev2_sa_transform_t * tr_prf, * ctr_encr, * ctr_integ;
427  tr_prf = ikev2_sa_get_td_for_type(sa->r_proposals, IKEV2_TRANSFORM_TYPE_PRF);
428  ctr_encr = ikev2_sa_get_td_for_type(child->r_proposals, IKEV2_TRANSFORM_TYPE_ENCR);
429  ctr_integ = ikev2_sa_get_td_for_type(child->r_proposals, IKEV2_TRANSFORM_TYPE_INTEG);
430 
431  vec_append(s, sa->i_nonce);
432  vec_append(s, sa->r_nonce);
433  /* calculate PRFplus */
434  u8 * keymat;
435  int len = ctr_encr->key_len * 2 + ctr_integ->key_len * 2;
436 
437  keymat = ikev2_calc_prfplus(tr_prf, sa->sk_d, s, len);
438 
439  int pos = 0;
440 
441  /* SK_ei */
442  child->sk_ei = vec_new(u8, ctr_encr->key_len);
443  clib_memcpy(child->sk_ei, keymat + pos, ctr_encr->key_len);
444  pos += ctr_encr->key_len;
445 
446  /* SK_ai */
447  child->sk_ai = vec_new(u8, ctr_integ->key_len);
448  clib_memcpy(child->sk_ai, keymat + pos, ctr_integ->key_len);
449  pos += ctr_integ->key_len;
450 
451  /* SK_er */
452  child->sk_er = vec_new(u8, ctr_encr->key_len);
453  clib_memcpy(child->sk_er, keymat + pos, ctr_encr->key_len);
454  pos += ctr_encr->key_len;
455 
456  /* SK_ar */
457  child->sk_ar = vec_new(u8, ctr_integ->key_len);
458  clib_memcpy(child->sk_ar, keymat + pos, ctr_integ->key_len);
459  pos += ctr_integ->key_len;
460 
461  ASSERT(pos == len);
462 
463  vec_free(keymat);
464 }
465 
466 static void
467 ikev2_process_sa_init_req(vlib_main_t * vm, ikev2_sa_t *sa, ike_header_t * ike)
468 {
469  int p = 0;
470  u32 len = clib_net_to_host_u32(ike->length);
471  u8 payload = ike->nextpayload;
472 
473  clib_warning("ispi %lx rspi %lx nextpayload %x version %x "
474  "exchange %x flags %x msgid %x length %u",
475  clib_net_to_host_u64(ike->ispi),
476  clib_net_to_host_u64(ike->rspi),
477  payload, ike->version,
478  ike->exchange, ike->flags,
479  clib_net_to_host_u32(ike->msgid),
480  len);
481 
482  sa->ispi = clib_net_to_host_u64(ike->ispi);
483 
484  /* store whole IKE payload - needed for PSK auth */
486  vec_add(sa->last_sa_init_req_packet_data, ike, len);
487 
488  while (p < len && payload!= IKEV2_PAYLOAD_NONE) {
489  ike_payload_header_t * ikep = (ike_payload_header_t *) &ike->payload[p];
490  u32 plen = clib_net_to_host_u16(ikep->length);
491 
492  if (plen < sizeof(ike_payload_header_t))
493  return;
494 
495  if (payload == IKEV2_PAYLOAD_SA)
496  {
499  }
500  else if (payload == IKEV2_PAYLOAD_KE)
501  {
502  ike_ke_payload_header_t * ke = (ike_ke_payload_header_t *) ikep;
503  sa->dh_group = clib_net_to_host_u16(ke->dh_group);
504  vec_free(sa->i_dh_data);
505  vec_add(sa->i_dh_data, ke->payload, plen - sizeof(*ke));
506  }
507  else if (payload == IKEV2_PAYLOAD_NONCE)
508  {
509  vec_free(sa->i_nonce);
510  vec_add(sa->i_nonce, ikep->payload, plen - sizeof(*ikep));
511  }
512  else if (payload == IKEV2_PAYLOAD_NOTIFY)
513  {
515  vec_free(n);
516  }
517  else if (payload == IKEV2_PAYLOAD_VENDOR)
518  {
520  }
521  else
522  {
523  clib_warning("unknown payload %u flags %x length %u", payload, ikep->flags, plen);
524  if (ikep->flags & IKEV2_PAYLOAD_FLAG_CRITICAL) {
526  sa->unsupported_cp = payload;
527  return;
528  }
529  }
530 
531  payload = ikep->nextpayload;
532  p+=plen;
533  }
534 
536 }
537 
538 static u8 *
539 ikev2_decrypt_sk_payload(ikev2_sa_t * sa, ike_header_t * ike, u8 * payload)
540 {
541  int p = 0;
542  u8 last_payload = 0;
543  u8 * hmac = 0;
544  u32 len = clib_net_to_host_u32(ike->length);
545  ike_payload_header_t * ikep = 0;
546  u32 plen = 0;
547  ikev2_sa_transform_t * tr_integ;
548  tr_integ = ikev2_sa_get_td_for_type(sa->r_proposals, IKEV2_TRANSFORM_TYPE_INTEG);
549 
550  while (p < len &&
551  *payload != IKEV2_PAYLOAD_NONE && last_payload != IKEV2_PAYLOAD_SK)
552  {
553  ikep = (ike_payload_header_t *) &ike->payload[p];
554  plen = clib_net_to_host_u16(ikep->length);
555 
556  if (plen < sizeof(*ikep))
557  return 0;
558 
559  if (*payload == IKEV2_PAYLOAD_SK)
560  {
561  clib_warning("received IKEv2 payload SK, len %u", plen - 4);
562  last_payload = *payload;
563  }
564  else
565  {
566  clib_warning("unknown payload %u flags %x length %u", payload, ikep->flags, plen);
567  if (ikep->flags & IKEV2_PAYLOAD_FLAG_CRITICAL)
568  {
569  sa->unsupported_cp = *payload;
570  return 0;
571  }
572  }
573 
574  *payload = ikep->nextpayload;
575  p+=plen;
576  }
577 
578  if (last_payload != IKEV2_PAYLOAD_SK) {
579  clib_warning("Last payload must be SK");
580  return 0;
581  }
582 
583  hmac = ikev2_calc_integr(tr_integ, sa->sk_ai, (u8 *) ike,
584  len - tr_integ->key_trunc);
585 
586  plen = plen - sizeof(*ikep) - tr_integ->key_trunc;
587 
588  if (memcmp(hmac, &ikep->payload[plen], tr_integ->key_trunc))
589  {
590  clib_warning("message integrity check failed");
591  vec_free(hmac);
592  return 0;
593  }
594  vec_free(hmac);
595 
596  return ikev2_decrypt_data(sa, ikep->payload, plen);
597 }
598 
599 static void
601 {
602  ikev2_main_t * km = &ikev2_main;
603  ikev2_sa_t * tmp;
604  u32 i, * delete = 0;
605  ikev2_child_sa_t * c;
606 
607  if (!sa->initial_contact)
608  return;
609 
610  /* find old IKE SAs with the same authenticated identity */
611  pool_foreach (tmp, km->sas, ({
612  if (tmp->i_id.type != sa->i_id.type ||
613  vec_len(tmp->i_id.data) != vec_len(sa->i_id.data) ||
614  memcmp(sa->i_id.data, tmp->i_id.data, vec_len(sa->i_id.data)))
615  continue;
616 
617  if (sa->rspi != tmp->rspi)
618  vec_add1(delete, tmp - km->sas);
619  }));
620 
621  for (i = 0; i < vec_len(delete); i++)
622  {
623  tmp = pool_elt_at_index(km->sas, delete[i]);
624  vec_foreach(c, tmp->childs)
626  ikev2_delete_sa(tmp);
627  }
628 
629  vec_free(delete);
630  sa->initial_contact = 0;
631 }
632 
633 static void
634 ikev2_process_auth_req(vlib_main_t * vm, ikev2_sa_t *sa, ike_header_t * ike)
635 {
636  ikev2_child_sa_t * first_child_sa;
637  int p = 0;
638  u32 len = clib_net_to_host_u32(ike->length);
639  u8 payload = ike->nextpayload;
640  u8 * plaintext = 0;
641 
642  ike_payload_header_t * ikep;
643  u32 plen;
644 
645  clib_warning("ispi %lx rspi %lx nextpayload %x version %x "
646  "exchange %x flags %x msgid %x length %u",
647  clib_net_to_host_u64(ike->ispi),
648  clib_net_to_host_u64(ike->rspi),
649  payload, ike->version,
650  ike->exchange, ike->flags,
651  clib_net_to_host_u32(ike->msgid),
652  len);
653 
654  ikev2_calc_keys(sa);
655 
656  plaintext = ikev2_decrypt_sk_payload(sa, ike, &payload);
657 
658  if (!plaintext)
659  {
660  if (sa->unsupported_cp)
662  goto cleanup_and_exit;
663  }
664 
665  /* create 1st child SA */
667  vec_add2(sa->childs, first_child_sa, 1);
668 
669 
670  /* process encrypted payload */
671  p = 0;
672  while (p < vec_len(plaintext) && payload != IKEV2_PAYLOAD_NONE)
673  {
674  ikep = (ike_payload_header_t *) &plaintext[p];
675  plen = clib_net_to_host_u16(ikep->length);
676 
677  if (plen < sizeof(ike_payload_header_t))
678  goto cleanup_and_exit;
679 
680  if (payload == IKEV2_PAYLOAD_SA) /* 33 */
681  {
682  clib_warning("received payload SA, len %u", plen - sizeof(*ikep));
683  ikev2_sa_free_proposal_vector(&first_child_sa->i_proposals);
684  first_child_sa->i_proposals = ikev2_parse_sa_payload(ikep);
685  }
686  else if (payload == IKEV2_PAYLOAD_IDI) /* 35 */
687  {
688  ike_id_payload_header_t * id = (ike_id_payload_header_t *) ikep;
689 
690  sa->i_id.type = id->id_type;
691  vec_free(sa->i_id.data);
692  vec_add(sa->i_id.data, id->payload, plen - sizeof(*id));
693 
694  clib_warning("received payload IDi, len %u id_type %u",
695  plen - sizeof(*id), id->id_type);
696  }
697  else if (payload == IKEV2_PAYLOAD_AUTH) /* 39 */
698  {
699  ike_auth_payload_header_t * a = (ike_auth_payload_header_t *) ikep;
700 
701  sa->i_auth.method = a->auth_method;
702  vec_free(sa->i_auth.data);
703  vec_add(sa->i_auth.data, a->payload, plen - sizeof(*a));
704 
705  clib_warning("received payload AUTH, len %u auth_type %u",
706  plen - sizeof(*a), a->auth_method);
707  }
708  else if (payload == IKEV2_PAYLOAD_NOTIFY) /* 41 */
709  {
711  if (n->msg_type == IKEV2_NOTIFY_MSG_INITIAL_CONTACT)
712  {
713  sa->initial_contact = 1;
714  }
715  vec_free(n);
716  }
717  else if (payload == IKEV2_PAYLOAD_VENDOR) /* 43 */
718  {
720  }
721  else if (payload == IKEV2_PAYLOAD_TSI) /* 44 */
722  {
723  clib_warning("received payload TSi, len %u", plen - sizeof(*ikep));
724 
725  vec_free(first_child_sa->tsi);
726  first_child_sa->tsi = ikev2_parse_ts_payload(ikep);
727  }
728  else if (payload == IKEV2_PAYLOAD_TSR) /* 45 */
729  {
730  clib_warning("received payload TSr, len %u", plen - sizeof(*ikep));
731 
732  vec_free(first_child_sa->tsr);
733  first_child_sa->tsr = ikev2_parse_ts_payload(ikep);
734  }
735  else
736  {
737  clib_warning("unknown payload %u flags %x length %u data %u",
738  payload, ikep->flags, plen - 4,
739  format_hex_bytes, ikep->payload, plen - 4);
740 
741  if (ikep->flags & IKEV2_PAYLOAD_FLAG_CRITICAL) {
743  sa->unsupported_cp = payload;
744  return;
745  }
746  }
747 
748  payload = ikep->nextpayload;
749  p += plen;
750  }
751 
752 cleanup_and_exit:
753  vec_free(plaintext);
754 }
755 
756 static void
758 {
759  int p = 0;
760  u32 len = clib_net_to_host_u32(ike->length);
761  u8 payload = ike->nextpayload;
762  u8 * plaintext = 0;
763 
764  ike_payload_header_t * ikep;
765  u32 plen;
766 
767  clib_warning("ispi %lx rspi %lx nextpayload %x version %x "
768  "exchange %x flags %x msgid %x length %u",
769  clib_net_to_host_u64(ike->ispi),
770  clib_net_to_host_u64(ike->rspi),
771  payload, ike->version,
772  ike->exchange, ike->flags,
773  clib_net_to_host_u32(ike->msgid),
774  len);
775 
776  plaintext = ikev2_decrypt_sk_payload(sa, ike, &payload);
777 
778  if (!plaintext)
779  goto cleanup_and_exit;
780 
781  /* process encrypted payload */
782  p = 0;
783  while (p < vec_len(plaintext) && payload != IKEV2_PAYLOAD_NONE)
784  {
785  ikep = (ike_payload_header_t *) &plaintext[p];
786  plen = clib_net_to_host_u16(ikep->length);
787 
788  if (plen < sizeof(ike_payload_header_t))
789  goto cleanup_and_exit;
790 
791  if (payload == IKEV2_PAYLOAD_NOTIFY) /* 41 */
792  {
794  if (n->msg_type == IKEV2_NOTIFY_MSG_AUTHENTICATION_FAILED)
796  vec_free(n);
797  }
798  else if (payload == IKEV2_PAYLOAD_DELETE) /* 42 */
799  {
800  sa->del = ikev2_parse_delete_payload(ikep);
801  }
802  else if (payload == IKEV2_PAYLOAD_VENDOR) /* 43 */
803  {
805  }
806  else
807  {
808  clib_warning("unknown payload %u flags %x length %u data %u",
809  payload, ikep->flags, plen - 4,
810  format_hex_bytes, ikep->payload, plen - 4);
811 
812  if (ikep->flags & IKEV2_PAYLOAD_FLAG_CRITICAL) {
813  sa->unsupported_cp = payload;
814  return;
815  }
816  }
817 
818  payload = ikep->nextpayload;
819  p += plen;
820  }
821 
822 cleanup_and_exit:
823  vec_free(plaintext);
824 }
825 
826 static void
828 {
829  int p = 0;
830  u32 len = clib_net_to_host_u32(ike->length);
831  u8 payload = ike->nextpayload;
832  u8 * plaintext = 0;
833  u8 rekeying = 0;
834  u8 i_nonce[IKEV2_NONCE_SIZE];
835 
836  ike_payload_header_t * ikep;
837  u32 plen;
838  ikev2_notify_t * n = 0;
839  ikev2_ts_t * tsi = 0;
840  ikev2_ts_t * tsr = 0;
841  ikev2_sa_proposal_t * proposal = 0;
842  ikev2_child_sa_t * child_sa;
843 
844  clib_warning("ispi %lx rspi %lx nextpayload %x version %x "
845  "exchange %x flags %x msgid %x length %u",
846  clib_net_to_host_u64(ike->ispi),
847  clib_net_to_host_u64(ike->rspi),
848  payload, ike->version,
849  ike->exchange, ike->flags,
850  clib_net_to_host_u32(ike->msgid),
851  len);
852 
853  plaintext = ikev2_decrypt_sk_payload(sa, ike, &payload);
854 
855  if (!plaintext)
856  goto cleanup_and_exit;
857 
858  /* process encrypted payload */
859  p = 0;
860  while (p < vec_len(plaintext) && payload != IKEV2_PAYLOAD_NONE)
861  {
862  ikep = (ike_payload_header_t *) &plaintext[p];
863  plen = clib_net_to_host_u16(ikep->length);
864 
865  if (plen < sizeof(ike_payload_header_t))
866  goto cleanup_and_exit;
867 
868  else if (payload == IKEV2_PAYLOAD_SA)
869  {
870  proposal = ikev2_parse_sa_payload(ikep);
871  }
872  else if (payload == IKEV2_PAYLOAD_NOTIFY)
873  {
874  n = ikev2_parse_notify_payload(ikep);
875  if (n->msg_type == IKEV2_NOTIFY_MSG_REKEY_SA)
876  {
877  rekeying = 1;
878  }
879  }
880  else if (payload == IKEV2_PAYLOAD_DELETE)
881  {
882  sa->del = ikev2_parse_delete_payload(ikep);
883  }
884  else if (payload == IKEV2_PAYLOAD_VENDOR)
885  {
887  }
888  else if (payload == IKEV2_PAYLOAD_NONCE)
889  {
890  clib_memcpy(i_nonce, ikep->payload, plen - sizeof(*ikep));
891  }
892  else if (payload == IKEV2_PAYLOAD_TSI)
893  {
894  tsi = ikev2_parse_ts_payload(ikep);
895  }
896  else if (payload == IKEV2_PAYLOAD_TSR)
897  {
898  tsr = ikev2_parse_ts_payload(ikep);
899  }
900  else
901  {
902  clib_warning("unknown payload %u flags %x length %u data %u",
903  payload, ikep->flags, plen - 4,
904  format_hex_bytes, ikep->payload, plen - 4);
905 
906  if (ikep->flags & IKEV2_PAYLOAD_FLAG_CRITICAL) {
907  sa->unsupported_cp = payload;
908  return;
909  }
910  }
911 
912  payload = ikep->nextpayload;
913  p += plen;
914  }
915 
916  if (rekeying)
917  {
918  ikev2_rekey_t * rekey;
919  child_sa = ikev2_sa_get_child(sa, n->spi, n->protocol_id);
920  if (!child_sa)
921  {
922  clib_warning("child SA spi %lx not found", n->spi);
923  goto cleanup_and_exit;
924  }
925  vec_add2(sa->rekey, rekey, 1);
926  rekey->protocol_id = n->protocol_id;
927  rekey->spi = n->spi;
928  rekey->i_proposal = proposal;
930  rekey->tsi = tsi;
931  rekey->tsr = tsr;
932  /* update Ni */
933  vec_free(sa->i_nonce);
934  vec_add(sa->i_nonce, i_nonce, IKEV2_NONCE_SIZE);
935  /* generate new Nr */
936  vec_free(sa->r_nonce);
938  RAND_bytes((u8 *) sa->r_nonce, IKEV2_NONCE_SIZE);
939  }
940 
941 cleanup_and_exit:
942  vec_free(plaintext);
943  vec_free(n);
944 }
945 
946 static u8 *
947 ikev2_sa_generate_authmsg(ikev2_sa_t *sa, int is_responder)
948 {
949  u8 * authmsg = 0;
950  u8 * data;
951  u8 * nonce;
952  ikev2_id_t * id;
953  u8 * key;
954  u8 * packet_data;
955  ikev2_sa_transform_t * tr_prf;
956 
957  tr_prf = ikev2_sa_get_td_for_type(sa->r_proposals, IKEV2_TRANSFORM_TYPE_PRF);
958 
959  if (is_responder)
960  {
961  id = &sa->r_id;
962  key = sa->sk_pr;
963  nonce = sa->i_nonce;
964  packet_data = sa->last_sa_init_res_packet_data;
965  }
966  else
967  {
968  id = &sa->i_id;
969  key = sa->sk_pi;
970  nonce = sa->r_nonce;
971  packet_data = sa->last_sa_init_req_packet_data;
972  }
973 
974  data = vec_new(u8, 4);
975  data[0] = id->type;
976  vec_append(data, id->data);
977 
978  u8 * id_hash = ikev2_calc_prf(tr_prf, key, data);
979  vec_append(authmsg, packet_data);
980  vec_append(authmsg, nonce);
981  vec_append(authmsg, id_hash);
982  vec_free(id_hash);
983  vec_free(data);
984 
985  return authmsg;
986 }
987 
988 static int
990 {
991  if (ts1->ts_type == ts2->ts_type && ts1->protocol_id == ts2->protocol_id &&
992  ts1->start_port == ts2->start_port && ts1->end_port == ts2->end_port &&
993  ts1->start_addr.as_u32 == ts2->start_addr.as_u32 &&
994  ts1->end_addr.as_u32 == ts2->end_addr.as_u32)
995  return 1;
996 
997  return 0;
998 }
999 
1000 static void
1002 {
1003  ikev2_main_t * km = &ikev2_main;
1004  ikev2_profile_t * p;
1005  ikev2_ts_t * ts, * tsi = 0, * tsr = 0;
1006 
1007  pool_foreach (p, km->profiles, ({
1008 
1009  /* check id */
1010  if (p->rem_id.type != sa->i_id.type ||
1011  vec_len(p->rem_id.data) != vec_len(sa->i_id.data) ||
1012  memcmp(p->rem_id.data, sa->i_id.data, vec_len(p->rem_id.data)))
1013  continue;
1014 
1015  vec_foreach(ts, sa->childs[0].tsi)
1016  {
1017  if (ikev2_ts_cmp(&p->rem_ts, ts))
1018  {
1019  tsi = vec_dup(ts);
1020  break;
1021  }
1022  }
1023 
1024  vec_foreach(ts, sa->childs[0].tsr)
1025  {
1026  if (ikev2_ts_cmp(&p->loc_ts, ts))
1027  {
1028  tsr = vec_dup(ts);
1029  break;
1030  }
1031  }
1032 
1033  break;
1034  }));
1035 
1036  if (tsi && tsr)
1037  {
1038  vec_free(sa->childs[0].tsi);
1039  vec_free(sa->childs[0].tsr);
1040  sa->childs[0].tsi = tsi;
1041  sa->childs[0].tsr = tsr;
1042  }
1043  else
1044  {
1045  vec_free(tsi);
1046  vec_free(tsr);
1048  }
1049 }
1050 
1051 static void
1053 {
1054  ikev2_main_t * km = &ikev2_main;
1055  ikev2_profile_t * p, * sel_p = 0;
1056  u8 * authmsg, * key_pad, * psk = 0, * auth = 0;
1057  ikev2_sa_transform_t * tr_prf;
1058 
1059  tr_prf = ikev2_sa_get_td_for_type(sa->r_proposals, IKEV2_TRANSFORM_TYPE_PRF);
1060 
1061  /* only shared key and rsa signature */
1062  if (!(sa->i_auth.method == IKEV2_AUTH_METHOD_SHARED_KEY_MIC ||
1063  sa->i_auth.method == IKEV2_AUTH_METHOD_RSA_SIG))
1064  {
1065  clib_warning("unsupported authentication method %u", sa->i_auth.method);
1067  return;
1068  }
1069 
1070  key_pad = format(0, "%s", IKEV2_KEY_PAD);
1071  authmsg = ikev2_sa_generate_authmsg(sa, 0);
1072 
1073  pool_foreach (p, km->profiles, ({
1074 
1075  /* check id */
1076  if (p->rem_id.type != sa->i_id.type ||
1077  vec_len(p->rem_id.data) != vec_len(sa->i_id.data) ||
1078  memcmp(p->rem_id.data, sa->i_id.data, vec_len(p->rem_id.data)))
1079  continue;
1080 
1081  if (sa->i_auth.method == IKEV2_AUTH_METHOD_SHARED_KEY_MIC)
1082  {
1083  if (!p->auth.data ||
1084  p->auth.method != IKEV2_AUTH_METHOD_SHARED_KEY_MIC)
1085  continue;
1086 
1087  psk = ikev2_calc_prf(tr_prf, p->auth.data, key_pad);
1088  auth = ikev2_calc_prf(tr_prf, psk, authmsg);
1089 
1090  if (!memcmp(auth, sa->i_auth.data, vec_len(sa->i_auth.data)))
1091  {
1092  ikev2_set_state(sa, IKEV2_STATE_AUTHENTICATED);
1093  vec_free(auth);
1094  sel_p = p;
1095  break;
1096  }
1097 
1098  }
1099  else if (sa->i_auth.method == IKEV2_AUTH_METHOD_RSA_SIG)
1100  {
1101  if (p->auth.method != IKEV2_AUTH_METHOD_RSA_SIG)
1102  continue;
1103 
1104  if (ikev2_verify_sign(p->auth.key, sa->i_auth.data, authmsg) == 1)
1105  {
1106  ikev2_set_state(sa, IKEV2_STATE_AUTHENTICATED);
1107  sel_p = p;
1108  break;
1109  }
1110  }
1111 
1112  vec_free(auth);
1113  vec_free(psk);
1114  }));
1115 
1116  vec_free(authmsg);
1117 
1118  if (sa->state == IKEV2_STATE_AUTHENTICATED)
1119  {
1120  vec_free(sa->r_id.data);
1121  sa->r_id.data = vec_dup(sel_p->loc_id.data);
1122  sa->r_id.type = sel_p->loc_id.type;
1123 
1124  /* generate our auth data */
1125  authmsg = ikev2_sa_generate_authmsg(sa, 1);
1126  if (sel_p->auth.method == IKEV2_AUTH_METHOD_SHARED_KEY_MIC)
1127  {
1128  sa->r_auth.data = ikev2_calc_prf(tr_prf, psk, authmsg);
1129  sa->r_auth.method = IKEV2_AUTH_METHOD_SHARED_KEY_MIC;
1130  }
1131  else if (sel_p->auth.method == IKEV2_AUTH_METHOD_RSA_SIG)
1132  {
1133  sa->r_auth.data = ikev2_calc_sign(km->pkey, authmsg);
1134  sa->r_auth.method = IKEV2_AUTH_METHOD_RSA_SIG;
1135  }
1136  vec_free(authmsg);
1137 
1138  /* select transforms for 1st child sa */
1139  ikev2_sa_free_proposal_vector(&sa->childs[0].r_proposals);
1140  sa->childs[0].r_proposals = ikev2_select_proposal(sa->childs[0].i_proposals,
1142  }
1143  else
1144  {
1146  }
1147  vec_free(psk);
1148  vec_free(key_pad);
1149 }
1150 
1151 static int
1153 {
1155  ikev2_sa_transform_t * tr;
1156  u32 hw_if_index;
1157  u8 encr_type = 0;
1158 
1159  if (!child->r_proposals)
1160  {
1162  return 1;
1163  }
1164 
1165  a.is_add = 1;
1166  a.local_ip.as_u32 = sa->raddr.as_u32;
1167  a.remote_ip.as_u32 = sa->iaddr.as_u32;
1168  a.local_spi = child->i_proposals[0].spi;
1169  a.remote_spi = child->r_proposals[0].spi;
1170  a.anti_replay = 1;
1171 
1172  tr = ikev2_sa_get_td_for_type(child->r_proposals, IKEV2_TRANSFORM_TYPE_ESN);
1173  if (tr)
1174  a.esn = tr->esn_type;
1175  else
1176  a.esn = 0;
1177 
1178  tr = ikev2_sa_get_td_for_type(child->r_proposals, IKEV2_TRANSFORM_TYPE_ENCR);
1179  if (tr)
1180  {
1181  if (tr->encr_type == IKEV2_TRANSFORM_ENCR_TYPE_AES_CBC && tr->key_len)
1182  {
1183  switch (tr->key_len)
1184  {
1185  case 16:
1186  encr_type = IPSEC_CRYPTO_ALG_AES_CBC_128;
1187  break;
1188  case 24:
1189  encr_type = IPSEC_CRYPTO_ALG_AES_CBC_192;
1190  break;
1191  case 32:
1192  encr_type = IPSEC_CRYPTO_ALG_AES_CBC_256;
1193  break;
1194  default:
1196  return 1;
1197  break;
1198  }
1199  }
1200  else
1201  {
1203  return 1;
1204  }
1205  }
1206  else
1207  {
1209  return 1;
1210  }
1211 
1212  tr = ikev2_sa_get_td_for_type(child->r_proposals, IKEV2_TRANSFORM_TYPE_INTEG);
1213  if (tr)
1214  {
1215  if (tr->integ_type != IKEV2_TRANSFORM_INTEG_TYPE_AUTH_HMAC_SHA1_96)
1216  {
1218  return 1;
1219  }
1220  }
1221  else
1222  {
1224  return 1;
1225  }
1226 
1227  hw_if_index = ipsec_add_del_tunnel_if(vnm, &a);
1228  if (hw_if_index == VNET_API_ERROR_INVALID_VALUE)
1229  {
1230  clib_warning("create tunnel interface failed remote-ip %U remote-spi %u",
1231  format_ip4_address, &sa->raddr, child->r_proposals[0].spi);
1233  return hw_if_index;
1234  }
1235 
1236  ikev2_calc_child_keys(sa, child);
1237 
1238  ipsec_set_interface_key(vnm, hw_if_index,
1240  encr_type,
1241  child->sk_er);
1242 
1243  ipsec_set_interface_key(vnm, hw_if_index,
1245  encr_type,
1246  child->sk_ei);
1247 
1248  ipsec_set_interface_key(vnm, hw_if_index,
1250  IPSEC_INTEG_ALG_SHA1_96,
1251  child->sk_ar);
1252 
1253  ipsec_set_interface_key(vnm, hw_if_index,
1255  IPSEC_INTEG_ALG_SHA1_96,
1256  child->sk_ai);
1257 
1258  return 0;
1259 }
1260 
1261 static int
1263 {
1265 
1266  if (!vec_len(child->r_proposals))
1267  return 0;
1268 
1269  a.is_add = 0;
1270  a.local_ip.as_u32 = sa->raddr.as_u32;
1271  a.remote_ip.as_u32 = sa->iaddr.as_u32;
1272  a.local_spi = child->i_proposals[0].spi;
1273  a.remote_spi = child->r_proposals[0].spi;
1274 
1275  return ipsec_add_del_tunnel_if(vnm, &a);
1276 }
1277 
1278 static u32
1279 ikev2_generate_resp(ikev2_sa_t *sa, ike_header_t * ike)
1280 {
1281  v8 * integ = 0;
1282  ike_payload_header_t * ph;
1283  u16 plen;
1284  u32 tlen = 0;
1285 
1286  ikev2_sa_transform_t * tr_encr, *tr_integ;
1287  tr_encr = ikev2_sa_get_td_for_type(sa->r_proposals, IKEV2_TRANSFORM_TYPE_ENCR);
1288  tr_integ = ikev2_sa_get_td_for_type(sa->r_proposals, IKEV2_TRANSFORM_TYPE_INTEG);
1289 
1290  ikev2_payload_chain_t * chain = 0;
1291  ikev2_payload_new_chain(chain);
1292 
1293  if (ike->exchange == IKEV2_EXCHANGE_SA_INIT)
1294  {
1295  if (sa->r_proposals == 0)
1296  {
1297  ikev2_payload_add_notify(chain, IKEV2_NOTIFY_MSG_NO_PROPOSAL_CHOSEN, 0);
1299  }
1300  else if (sa->dh_group == IKEV2_TRANSFORM_DH_TYPE_NONE)
1301  {
1302  u8 * data = vec_new(u8, 2);
1303  ikev2_sa_transform_t * tr_dh;
1304  tr_dh = ikev2_sa_get_td_for_type(sa->r_proposals, IKEV2_TRANSFORM_TYPE_DH);
1305  ASSERT(tr_dh && tr_dh->dh_type);
1306 
1307  data[0] = (tr_dh->dh_type >> 8) & 0xff;
1308  data[1] = (tr_dh->dh_type) & 0xff;
1309 
1310  ikev2_payload_add_notify(chain, IKEV2_NOTIFY_MSG_INVALID_KE_PAYLOAD, data);
1311  vec_free(data);
1313  }
1314  else if (sa->state == IKEV2_STATE_NOTIFY_AND_DELETE)
1315  {
1316  u8 * data = vec_new(u8, 1);
1317 
1318  data[0] = sa->unsupported_cp;
1320  IKEV2_NOTIFY_MSG_UNSUPPORTED_CRITICAL_PAYLOAD,
1321  data);
1322  vec_free(data);
1323  }
1324  else
1325  {
1326  ike->rspi = clib_host_to_net_u64(sa->rspi);
1327  ikev2_payload_add_sa(chain, sa->r_proposals);
1328  ikev2_payload_add_ke(chain, sa->dh_group, sa->r_dh_data);
1329  ikev2_payload_add_nonce(chain, sa->r_nonce);
1330  }
1331  }
1332  else if (ike->exchange == IKEV2_EXCHANGE_IKE_AUTH)
1333  {
1334  if (sa->state == IKEV2_STATE_AUTHENTICATED)
1335  {
1337  ikev2_payload_add_auth(chain, &sa->r_auth);
1338  ikev2_payload_add_sa(chain, sa->childs[0].r_proposals);
1341  }
1342  else if (sa->state == IKEV2_STATE_AUTH_FAILED)
1343  {
1344  ikev2_payload_add_notify(chain, IKEV2_NOTIFY_MSG_AUTHENTICATION_FAILED, 0);
1346  }
1347  else if (sa->state == IKEV2_STATE_TS_UNACCEPTABLE)
1348  {
1349  ikev2_payload_add_notify(chain, IKEV2_NOTIFY_MSG_TS_UNACCEPTABLE, 0);
1351  ikev2_payload_add_auth(chain, &sa->r_auth);
1352  }
1353  else if (sa->state == IKEV2_STATE_NO_PROPOSAL_CHOSEN)
1354  {
1355  ikev2_payload_add_notify(chain, IKEV2_NOTIFY_MSG_NO_PROPOSAL_CHOSEN, 0);
1357  ikev2_payload_add_auth(chain, &sa->r_auth);
1360  }
1361  else if (sa->state == IKEV2_STATE_NOTIFY_AND_DELETE)
1362  {
1363  u8 * data = vec_new(u8, 1);
1364 
1365  data[0] = sa->unsupported_cp;
1367  IKEV2_NOTIFY_MSG_UNSUPPORTED_CRITICAL_PAYLOAD,
1368  data);
1369  vec_free(data);
1370  }
1371  else
1372  {
1374  goto done;
1375  }
1376  }
1377  else if (ike->exchange == IKEV2_EXCHANGE_INFORMATIONAL)
1378  {
1379  /* if pending delete */
1380  if (sa->del)
1381  {
1382  /* The response to a request that deletes the IKE SA is an empty
1383  INFORMATIONAL response. */
1384  if (sa->del[0].protocol_id == IKEV2_PROTOCOL_IKE)
1385  {
1387  }
1388  /* The response to a request that deletes ESP or AH SAs will contain
1389  delete payloads for the paired SAs going in the other direction. */
1390  else
1391  {
1392  ikev2_payload_add_delete(chain, sa->del);
1393  }
1394  vec_free(sa->del);
1395  sa->del = 0;
1396  }
1397  /* received N(AUTHENTICATION_FAILED) */
1398  else if (sa->state == IKEV2_STATE_AUTH_FAILED)
1399  {
1401  goto done;
1402  }
1403  /* received unsupported critical payload */
1404  else if (sa->unsupported_cp)
1405  {
1406  u8 * data = vec_new(u8, 1);
1407 
1408  data[0] = sa->unsupported_cp;
1410  IKEV2_NOTIFY_MSG_UNSUPPORTED_CRITICAL_PAYLOAD,
1411  data);
1412  vec_free(data);
1413  sa->unsupported_cp = 0;
1414  }
1415  /* else send empty response */
1416  }
1417  else if (ike->exchange == IKEV2_EXCHANGE_CREATE_CHILD_SA)
1418  {
1419  if (sa->rekey)
1420  {
1421  ikev2_payload_add_sa(chain, sa->rekey[0].r_proposal);
1422  ikev2_payload_add_nonce(chain, sa->r_nonce);
1425  vec_del1(sa->rekey, 0);
1426  }
1427  else if (sa->unsupported_cp)
1428  {
1429  u8 * data = vec_new(u8, 1);
1430 
1431  data[0] = sa->unsupported_cp;
1433  IKEV2_NOTIFY_MSG_UNSUPPORTED_CRITICAL_PAYLOAD,
1434  data);
1435  vec_free(data);
1436  sa->unsupported_cp = 0;
1437  }
1438  else
1439  {
1440  ikev2_payload_add_notify(chain, IKEV2_NOTIFY_MSG_NO_ADDITIONAL_SAS, 0);
1441  }
1442  }
1443 
1444  /* IKEv2 header */
1445  ike->version = IKE_VERSION_2;
1446  ike->flags = IKEV2_HDR_FLAG_RESPONSE;
1447  ike->nextpayload = IKEV2_PAYLOAD_SK;
1448  tlen = sizeof(*ike);
1449 
1450 
1451  if (ike->exchange == IKEV2_EXCHANGE_SA_INIT)
1452  {
1453  tlen += vec_len(chain->data);
1454  ike->nextpayload = chain->first_payload_type;
1455  ike->length = clib_host_to_net_u32(tlen);
1456  clib_memcpy(ike->payload, chain->data, vec_len(chain->data));
1457 
1458  /* store whole IKE payload - needed for PSK auth */
1460  vec_add(sa->last_sa_init_res_packet_data, ike, tlen);
1461  }
1462  else
1463  {
1464 
1466 
1467  /* SK payload */
1468  plen = sizeof(*ph);
1469  ph = (ike_payload_header_t *) &ike->payload[0];
1470  ph->nextpayload = chain->first_payload_type;
1471  ph->flags = 0;
1472  int enc_len = ikev2_encrypt_data(sa, chain->data, ph->payload);
1473  plen += enc_len;
1474 
1475  /* add space for hmac */
1476  plen += tr_integ->key_trunc;
1477  tlen += plen;
1478 
1479  /* payload and total length */
1480  ph->length = clib_host_to_net_u16(plen);
1481  ike->length = clib_host_to_net_u32(tlen);
1482 
1483  /* calc integrity data for whole packet except hash itself */
1484  integ = ikev2_calc_integr(tr_integ, sa->sk_ar, (u8 *) ike,
1485  tlen - tr_integ->key_trunc);
1486 
1487  clib_memcpy(ike->payload + tlen - tr_integ->key_trunc - sizeof(*ike),
1488  integ, tr_integ->key_trunc);
1489 
1490  /* store whole IKE payload - needed for retransmit */
1492  vec_add(sa->last_res_packet_data, ike, tlen);
1493  }
1494 
1495 done:
1497  vec_free(integ);
1498  return tlen;
1499 }
1500 
1501 static int
1502 ikev2_retransmit_sa_init (ike_header_t * ike,
1503  ip4_address_t iaddr,
1504  ip4_address_t raddr)
1505 {
1506  ikev2_main_t * km = &ikev2_main;
1507  ikev2_sa_t * sa;
1508 
1509  pool_foreach (sa, km->sas, ({
1510  if (sa->ispi == clib_net_to_host_u64(ike->ispi) &&
1511  sa->iaddr.as_u32 == iaddr.as_u32 &&
1512  sa->raddr.as_u32 == raddr.as_u32)
1513  {
1514  int p = 0;
1515  u32 len = clib_net_to_host_u32(ike->length);
1516  u8 payload = ike->nextpayload;
1517 
1518  while (p < len && payload!= IKEV2_PAYLOAD_NONE) {
1519  ike_payload_header_t * ikep = (ike_payload_header_t *) &ike->payload[p];
1520  u32 plen = clib_net_to_host_u16(ikep->length);
1521 
1522  if (plen < sizeof(ike_payload_header_t))
1523  return -1;
1524 
1525  if (payload == IKEV2_PAYLOAD_NONCE)
1526  {
1527  if (!memcmp(sa->i_nonce, ikep->payload, plen - sizeof(*ikep)))
1528  {
1529  /* req is retransmit */
1530  if (sa->state == IKEV2_STATE_SA_INIT)
1531  {
1532  ike_header_t * tmp;
1533  tmp = (ike_header_t*)sa->last_sa_init_res_packet_data;
1534  ike->ispi = tmp->ispi;
1535  ike->rspi = tmp->rspi;
1536  ike->nextpayload = tmp->nextpayload;
1537  ike->version = tmp->version;
1538  ike->exchange = tmp->exchange;
1539  ike->flags = tmp->flags;
1540  ike->msgid = tmp->msgid;
1541  ike->length = tmp->length;
1542  clib_memcpy(ike->payload, tmp->payload,
1543  clib_net_to_host_u32(tmp->length) - sizeof(*ike));
1544  clib_warning("IKE_SA_INIT retransmit from %U to %U",
1545  format_ip4_address, &raddr,
1546  format_ip4_address, &iaddr);
1547  return 1;
1548  }
1549  /* else ignore req */
1550  else
1551  {
1552  clib_warning("IKE_SA_INIT ignore from %U to %U",
1553  format_ip4_address, &raddr,
1554  format_ip4_address, &iaddr);
1555  return -1;
1556  }
1557  }
1558  }
1559  payload = ikep->nextpayload;
1560  p+=plen;
1561  }
1562  }
1563  }));
1564 
1565  /* req is not retransmit */
1566  return 0;
1567 }
1568 
1569 static int
1570 ikev2_retransmit_resp (ikev2_sa_t * sa, ike_header_t * ike)
1571 {
1572  u32 msg_id = clib_net_to_host_u32(ike->msgid);
1573 
1574  /* new req */
1575  if (msg_id > sa->last_msg_id)
1576  {
1577  sa->last_msg_id = msg_id;
1578  return 0;
1579  }
1580  /* retransmitted req */
1581  else if (msg_id == sa->last_msg_id)
1582  {
1583  ike_header_t * tmp;
1584  tmp = (ike_header_t*)sa->last_res_packet_data;
1585  ike->ispi = tmp->ispi;
1586  ike->rspi = tmp->rspi;
1587  ike->nextpayload = tmp->nextpayload;
1588  ike->version = tmp->version;
1589  ike->exchange = tmp->exchange;
1590  ike->flags = tmp->flags;
1591  ike->msgid = tmp->msgid;
1592  ike->length = tmp->length;
1593  clib_memcpy(ike->payload, tmp->payload,
1594  clib_net_to_host_u32(tmp->length) - sizeof(*ike));
1595  clib_warning("IKE msgid %u retransmit from %U to %U",
1596  msg_id,
1597  format_ip4_address, &sa->raddr,
1598  format_ip4_address, &sa->iaddr);
1599  return 1;
1600  }
1601  /* old req ignore */
1602  else
1603  {
1604  clib_warning("IKE msgid %u req ignore from %U to %U",
1605  msg_id,
1606  format_ip4_address, &sa->raddr,
1607  format_ip4_address, &sa->iaddr);
1608  return -1;
1609  }
1610 }
1611 
1612 static uword
1614  vlib_node_runtime_t * node,
1615  vlib_frame_t * frame)
1616 {
1617  u32 n_left_from, * from, * to_next;
1618  ikev2_next_t next_index;
1619  ikev2_main_t * km = &ikev2_main;
1620 
1621  from = vlib_frame_vector_args (frame);
1622  n_left_from = frame->n_vectors;
1623  next_index = node->cached_next_index;
1624 
1625  while (n_left_from > 0)
1626  {
1627  u32 n_left_to_next;
1628 
1629  vlib_get_next_frame (vm, node, next_index, to_next, n_left_to_next);
1630 
1631  while (n_left_from > 0 && n_left_to_next > 0)
1632  {
1633  u32 bi0;
1634  vlib_buffer_t * b0;
1635  u32 next0 = IKEV2_NEXT_ERROR_DROP;
1636  u32 sw_if_index0;
1637  ip4_header_t * ip40;
1638  udp_header_t * udp0;
1639  ike_header_t * ike0;
1640  ikev2_sa_t * sa0 = 0;
1641  int len = 0;
1642  int r;
1643 
1644  /* speculatively enqueue b0 to the current next frame */
1645  bi0 = from[0];
1646  to_next[0] = bi0;
1647  from += 1;
1648  to_next += 1;
1649  n_left_from -= 1;
1650  n_left_to_next -= 1;
1651 
1652  b0 = vlib_get_buffer (vm, bi0);
1653  ike0 = vlib_buffer_get_current (b0);
1654  vlib_buffer_advance(b0, - sizeof(*udp0));
1655  udp0 = vlib_buffer_get_current (b0);
1656  vlib_buffer_advance(b0, - sizeof(*ip40));
1657  ip40 = vlib_buffer_get_current (b0);
1658 
1659  if (ike0->version != IKE_VERSION_2)
1660  {
1662  IKEV2_ERROR_NOT_IKEV2, 1);
1663  goto dispatch0;
1664  }
1665 
1666  if (ike0->exchange == IKEV2_EXCHANGE_SA_INIT)
1667  {
1668  ikev2_sa_t sa; /* temporary store for SA */
1669  sa0 = &sa;
1670  memset (sa0, 0, sizeof (*sa0));
1671 
1672  if (ike0->rspi == 0)
1673  {
1674  sa0->raddr.as_u32 = ip40->dst_address.as_u32;
1675  sa0->iaddr.as_u32 = ip40->src_address.as_u32;
1676 
1677  r = ikev2_retransmit_sa_init(ike0, sa0->iaddr, sa0->raddr);
1678  if (r == 1)
1679  {
1681  IKEV2_ERROR_IKE_SA_INIT_RETRANSMIT,
1682  1);
1683  len = clib_net_to_host_u32(ike0->length);
1684  goto dispatch0;
1685  }
1686  else if (r == -1)
1687  {
1689  IKEV2_ERROR_IKE_SA_INIT_IGNORE,
1690  1);
1691  goto dispatch0;
1692  }
1693 
1694  ikev2_process_sa_init_req(vm, sa0, ike0);
1695 
1696  if (sa0->state == IKEV2_STATE_SA_INIT)
1697  {
1702  }
1703 
1704  if (sa0->state == IKEV2_STATE_SA_INIT ||
1706  {
1707  len = ikev2_generate_resp(sa0, ike0);
1708  }
1709 
1710  if (sa0->state == IKEV2_STATE_SA_INIT)
1711  {
1712  /* add SA to the pool */
1713  pool_get (km->sas, sa0);
1714  clib_memcpy(sa0, &sa, sizeof(*sa0));
1715  hash_set (km->sa_by_rspi, sa0->rspi, sa0 - km->sas);
1716  }
1717  else
1718  {
1719  ikev2_sa_free_all_vec(sa0);
1720  }
1721  }
1722  }
1723  else if (ike0->exchange == IKEV2_EXCHANGE_IKE_AUTH)
1724  {
1725  uword * p;
1726  p = hash_get(km->sa_by_rspi, clib_net_to_host_u64(ike0->rspi));
1727  if (p)
1728  {
1729  sa0 = pool_elt_at_index (km->sas, p[0]);
1730 
1731  r = ikev2_retransmit_resp(sa0, ike0);
1732  if (r == 1)
1733  {
1735  IKEV2_ERROR_IKE_REQ_RETRANSMIT,
1736  1);
1737  len = clib_net_to_host_u32(ike0->length);
1738  goto dispatch0;
1739  }
1740  else if (r == -1)
1741  {
1743  IKEV2_ERROR_IKE_REQ_IGNORE,
1744  1);
1745  goto dispatch0;
1746  }
1747 
1748  ikev2_process_auth_req(vm, sa0, ike0);
1749  ikev2_sa_auth(sa0);
1750  if (sa0->state == IKEV2_STATE_AUTHENTICATED)
1751  {
1753  ikev2_sa_match_ts(sa0);
1754  if (sa0->state != IKEV2_STATE_TS_UNACCEPTABLE)
1756  &sa0->childs[0]);
1757  }
1758  len = ikev2_generate_resp(sa0, ike0);
1759  }
1760  }
1761  else if (ike0->exchange == IKEV2_EXCHANGE_INFORMATIONAL)
1762  {
1763  uword * p;
1764  p = hash_get(km->sa_by_rspi, clib_net_to_host_u64(ike0->rspi));
1765  if (p)
1766  {
1767  sa0 = pool_elt_at_index (km->sas, p[0]);
1768 
1769  r = ikev2_retransmit_resp(sa0, ike0);
1770  if (r == 1)
1771  {
1773  IKEV2_ERROR_IKE_REQ_RETRANSMIT,
1774  1);
1775  len = clib_net_to_host_u32(ike0->length);
1776  goto dispatch0;
1777  }
1778  else if (r == -1)
1779  {
1781  IKEV2_ERROR_IKE_REQ_IGNORE,
1782  1);
1783  goto dispatch0;
1784  }
1785 
1786  ikev2_process_informational_req(vm, sa0, ike0);
1787  if (sa0->del)
1788  {
1789  if (sa0->del[0].protocol_id != IKEV2_PROTOCOL_IKE)
1790  {
1791  ikev2_delete_t * d, * tmp, * resp = 0;
1792  vec_foreach(d, sa0->del)
1793  {
1794  ikev2_child_sa_t * ch_sa;
1795  ch_sa = ikev2_sa_get_child(sa0, d->spi,
1796  d->protocol_id);
1797  if (ch_sa)
1798  {
1800  sa0, ch_sa);
1801  vec_add2(resp, tmp, 1);
1802  tmp->protocol_id = d->protocol_id;
1803  tmp->spi = ch_sa->r_proposals[0].spi;
1804  ikev2_sa_del_child_sa(sa0, ch_sa);
1805  }
1806  }
1807  vec_free(sa0->del);
1808  sa0->del = resp;
1809  }
1810  }
1811  len = ikev2_generate_resp(sa0, ike0);
1812  }
1813  }
1814  else if (ike0->exchange == IKEV2_EXCHANGE_CREATE_CHILD_SA)
1815  {
1816  uword * p;
1817  p = hash_get(km->sa_by_rspi, clib_net_to_host_u64(ike0->rspi));
1818  if (p)
1819  {
1820  sa0 = pool_elt_at_index (km->sas, p[0]);
1821 
1822  r = ikev2_retransmit_resp(sa0, ike0);
1823  if (r == 1)
1824  {
1826  IKEV2_ERROR_IKE_REQ_RETRANSMIT,
1827  1);
1828  len = clib_net_to_host_u32(ike0->length);
1829  goto dispatch0;
1830  }
1831  else if (r == -1)
1832  {
1834  IKEV2_ERROR_IKE_REQ_IGNORE,
1835  1);
1836  goto dispatch0;
1837  }
1838 
1839  ikev2_process_create_child_sa_req(vm, sa0, ike0);
1840  if (sa0->rekey)
1841  {
1842  if (sa0->rekey[0].protocol_id != IKEV2_PROTOCOL_IKE)
1843  {
1844  ikev2_child_sa_t * child;
1845  vec_add2(sa0->childs, child, 1);
1846  child->r_proposals = sa0->rekey[0].r_proposal;
1847  child->i_proposals = sa0->rekey[0].i_proposal;
1848  child->tsi = sa0->rekey[0].tsi;
1849  child->tsr = sa0->rekey[0].tsr;
1851  child);
1852  }
1853  len = ikev2_generate_resp(sa0, ike0);
1854  }
1855  }
1856  }
1857  else
1858  {
1859  clib_warning("IKEv2 exchange %u packet received from %U to %U",
1860  ike0->exchange,
1863  }
1864 
1865 dispatch0:
1866  /* if we are sending packet back, rewrite headers */
1867  if (len)
1868  {
1869  next0 = IKEV2_NEXT_IP4_LOOKUP;
1870  ip40->dst_address.as_u32 = sa0->iaddr.as_u32;
1871  ip40->src_address.as_u32 = sa0->raddr.as_u32;
1872  udp0->length = clib_host_to_net_u16(len + sizeof(udp_header_t));
1873  udp0->checksum = 0;
1874  b0->current_length = len + sizeof(ip4_header_t) + sizeof(udp_header_t);
1875  ip40->length = clib_host_to_net_u16(b0->current_length);
1876  ip40->checksum = ip4_header_checksum (ip40);
1877  }
1878  /* delete sa */
1879  if (sa0 && (sa0->state == IKEV2_STATE_DELETED ||
1881  {
1882  ikev2_child_sa_t * c;
1883 
1884  vec_foreach(c, sa0->childs)
1886 
1887  ikev2_delete_sa(sa0);
1888  }
1889  sw_if_index0 = vnet_buffer(b0)->sw_if_index[VLIB_RX];
1890 
1892  && (b0->flags & VLIB_BUFFER_IS_TRACED)))
1893  {
1894  ikev2_trace_t *t = vlib_add_trace (vm, node, b0, sizeof (*t));
1895  t->sw_if_index = sw_if_index0;
1896  t->next_index = next0;
1897  }
1898 
1899  vlib_validate_buffer_enqueue_x1 (vm, node, next_index, to_next,
1900  n_left_to_next, bi0, next0);
1901  }
1902 
1903  vlib_put_next_frame (vm, node, next_index, n_left_to_next);
1904  }
1905 
1907  IKEV2_ERROR_PROCESSED, frame->n_vectors);
1908  return frame->n_vectors;
1909 }
1910 
1911 VLIB_REGISTER_NODE (ikev2_node,static) = {
1912  .function = ikev2_node_fn,
1913  .name = "ikev2",
1914  .vector_size = sizeof (u32),
1915  .format_trace = format_ikev2_trace,
1917 
1918  .n_errors = ARRAY_LEN(ikev2_error_strings),
1919  .error_strings = ikev2_error_strings,
1920 
1921  .n_next_nodes = IKEV2_N_NEXT,
1922 
1923  .next_nodes = {
1924  [IKEV2_NEXT_IP4_LOOKUP] = "ip4-lookup",
1925  [IKEV2_NEXT_ERROR_DROP] = "error-drop",
1926  },
1927 };
1928 
1929 
1930 static ikev2_profile_t *
1932 {
1933  ikev2_main_t * km = &ikev2_main;
1934  uword * p;
1935 
1936  p = mhash_get (&km->profile_index_by_name, name);
1937  if (!p)
1938  return 0;
1939 
1940  return pool_elt_at_index(km->profiles, p[0]);
1941 }
1942 
1943 clib_error_t *
1945 {
1946  ikev2_main_t * km = &ikev2_main;
1947 
1948  km->pkey = ikev2_load_key_file(file);
1949  if (km->pkey == NULL)
1950  return clib_error_return(0, "load key '%s' failed", file);
1951 
1952  return 0;
1953 }
1954 
1955 clib_error_t *
1956 ikev2_add_del_profile(vlib_main_t * vm, u8 * name, int is_add)
1957 {
1958  ikev2_main_t * km = &ikev2_main;
1959  ikev2_profile_t * p;
1960 
1961  if (is_add)
1962  {
1963  if (ikev2_profile_index_by_name(name))
1964  return clib_error_return(0, "policy %v already exists", name);
1965 
1966  pool_get (km->profiles, p);
1967  memset(p, 0, sizeof(*p));
1968  p->name = vec_dup(name);
1969  uword index = p - km->profiles;
1970  mhash_set_mem (&km->profile_index_by_name, name, &index, 0);
1971  }
1972  else
1973  {
1974  p = ikev2_profile_index_by_name(name);
1975  if (!p)
1976  return clib_error_return(0, "policy %v does not exists", name);
1977 
1978  vec_free (p->name);
1979  pool_put (km->profiles, p);
1980  mhash_unset (&km->profile_index_by_name, name, 0);
1981  }
1982  return 0;
1983 }
1984 
1985 clib_error_t *
1986 ikev2_set_profile_auth(vlib_main_t * vm, u8 * name, u8 auth_method,
1987  u8 * auth_data, u8 data_hex_format)
1988 {
1989  ikev2_profile_t * p;
1990  clib_error_t * r;
1991 
1992  p = ikev2_profile_index_by_name(name);
1993 
1994  if (!p) {
1995  r = clib_error_return(0, "unknown profile %v", name);
1996  return r;
1997  }
1998  vec_free(p->auth.data);
1999  p->auth.method = auth_method;
2000  p->auth.data = vec_dup(auth_data);
2001  p->auth.hex = data_hex_format;
2002 
2003  if (auth_method == IKEV2_AUTH_METHOD_RSA_SIG)
2004  {
2005  if (p->auth.key)
2006  EVP_PKEY_free(p->auth.key);
2007  p->auth.key = ikev2_load_cert_file(auth_data);
2008  if (p->auth.key == NULL)
2009  return clib_error_return(0, "load cert '%s' failed", auth_data);
2010  }
2011 
2012  return 0;
2013 }
2014 
2015 clib_error_t *
2016 ikev2_set_profile_id(vlib_main_t * vm, u8 * name, u8 id_type, u8 * data,
2017  int is_local)
2018 {
2019  ikev2_profile_t * p;
2020  clib_error_t * r;
2021 
2022  if (id_type > IKEV2_ID_TYPE_ID_RFC822_ADDR && id_type < IKEV2_ID_TYPE_ID_KEY_ID)
2023  {
2024  r = clib_error_return(0, "unsupported identity type %U",
2025  format_ikev2_id_type, id_type);
2026  return r;
2027  }
2028 
2029  p = ikev2_profile_index_by_name(name);
2030 
2031  if (!p) {
2032  r = clib_error_return(0, "unknown profile %v", name);
2033  return r;
2034  }
2035 
2036  if (is_local)
2037  {
2038  vec_free(p->loc_id.data);
2039  p->loc_id.type = id_type;
2040  p->loc_id.data = vec_dup(data);
2041  }
2042  else
2043  {
2044  vec_free(p->rem_id.data);
2045  p->rem_id.type = id_type;
2046  p->rem_id.data = vec_dup(data);
2047  }
2048 
2049  return 0;
2050 }
2051 
2052 clib_error_t *
2053 ikev2_set_profile_ts(vlib_main_t * vm, u8 * name, u8 protocol_id,
2054  u16 start_port, u16 end_port, ip4_address_t start_addr,
2055  ip4_address_t end_addr, int is_local)
2056 {
2057  ikev2_profile_t * p;
2058  clib_error_t * r;
2059 
2060  p = ikev2_profile_index_by_name(name);
2061 
2062  if (!p) {
2063  r = clib_error_return(0, "unknown profile %v", name);
2064  return r;
2065  }
2066 
2067  if (is_local)
2068  {
2069  p->loc_ts.start_addr.as_u32= start_addr.as_u32;
2070  p->loc_ts.end_addr.as_u32 = end_addr.as_u32;
2071  p->loc_ts.start_port = start_port;
2072  p->loc_ts.end_port = end_port;
2073  p->loc_ts.protocol_id = protocol_id;
2074  p->loc_ts.ts_type = 7;
2075  }
2076  else
2077  {
2078  p->rem_ts.start_addr.as_u32 = start_addr.as_u32;
2079  p->rem_ts.end_addr.as_u32 = end_addr.as_u32;
2080  p->rem_ts.start_port = start_port;
2081  p->rem_ts.end_port = end_port;
2082  p->rem_ts.protocol_id = protocol_id;
2083  p->rem_ts.ts_type = 7;
2084  }
2085 
2086  return 0;
2087 }
2088 
2089 
2090 clib_error_t *
2092 {
2093  ikev2_main_t * km = &ikev2_main;
2094  clib_error_t * error;
2095 
2096  memset (km, 0, sizeof (ikev2_main_t));
2097  km->vnet_main = vnet_get_main();
2098  km->vlib_main = vm;
2099 
2100  ikev2_crypto_init(km);
2101 
2102  km->sa_by_rspi = hash_create (0, sizeof (uword));
2104 
2105  if ((error = vlib_call_init_function (vm, ikev2_cli_init)))
2106  return error;
2107 
2108  udp_register_dst_port (vm, 500, ikev2_node.index, 1);
2109 
2110  return 0;
2111 }
2112 
2113 
void vlib_put_next_frame(vlib_main_t *vm, vlib_node_runtime_t *r, u32 next_index, u32 n_vectors_left)
Definition: main.c:459
static int ikev2_retransmit_sa_init(ike_header_t *ike, ip4_address_t iaddr, ip4_address_t raddr)
Definition: ikev2.c:1502
u8 * dh_shared_key
Definition: ikev2_priv.h:159
void ikev2_payload_add_nonce(ikev2_payload_chain_t *c, u8 *nonce)
static u8 * format_ikev2_trace(u8 *s, va_list *args)
Definition: ikev2.c:39
ikev2_transform_type_t type
Definition: ikev2_priv.h:65
#define hash_set(h, key, value)
Definition: hash.h:237
sll srl srl sll sra u16x4 i
Definition: vector_sse2.h:267
#define IKEV2_PAYLOAD_NONCE
Definition: ikev2.h:94
ikev2_id_t r_id
Definition: ikev2_priv.h:182
ikev2_id_type_t type
Definition: ikev2_priv.h:104
#define CLIB_UNUSED(x)
Definition: clib.h:79
void ikev2_payload_add_notify(ikev2_payload_chain_t *c, u16 msg_type, u8 *data)
static int ikev2_delete_tunnel_interface(vnet_main_t *vnm, ikev2_sa_t *sa, ikev2_child_sa_t *child)
Definition: ikev2.c:1262
#define hash_unset(h, key)
Definition: hash.h:243
a
Definition: bitmap.h:393
always_inline void mhash_init_vec_string(mhash_t *h, uword n_value_bytes)
Definition: mhash.h:81
ip4_address_t src_address
Definition: ip4_packet.h:138
clib_error_t * ikev2_add_del_profile(vlib_main_t *vm, u8 *name, int is_add)
Definition: ikev2.c:1956
EVP_PKEY * pkey
Definition: ikev2_priv.h:227
bad routing header type(not 4)") sr_error (NO_MORE_SEGMENTS
void ikev2_payload_add_sa(ikev2_payload_chain_t *c, ikev2_sa_proposal_t *proposals)
static void ikev2_calc_keys(ikev2_sa_t *sa)
Definition: ikev2.c:349
ikev2_sa_proposal_t * ikev2_parse_sa_payload(ike_payload_header_t *ikep)
#define IKEV2_PAYLOAD_NONE
Definition: ikev2.h:88
ikev2_profile_t * profiles
Definition: ikev2_priv.h:217
u8 v8
Definition: ikev2.h:27
ikev2_ts_t * ikev2_parse_ts_payload(ike_payload_header_t *ikep)
#define NULL
Definition: clib.h:55
uword mhash_unset(mhash_t *h, void *key, uword *old_value)
Definition: mhash.c:350
v8 * ikev2_calc_prf(ikev2_sa_transform_t *tr, v8 *key, v8 *data)
Definition: ikev2_crypto.c:260
#define IKEV2_EXCHANGE_SA_INIT
Definition: ikev2.h:77
ikev2_transform_esn_type_t esn_type
Definition: ikev2_priv.h:72
#define IKEV2_PAYLOAD_VENDOR
Definition: ikev2.h:97
ikev2_state_t state
Definition: ikev2_priv.h:147
struct _vlib_node_registration vlib_node_registration_t
#define vec_add2(V, P, N)
Add N elements to end of vector V, return pointer to new elements in P.
Definition: vec.h:519
u8 * sk_pi
Definition: ikev2_priv.h:173
ikev2_main_t ikev2_main
Definition: ikev2_priv.h:234
void ikev2_payload_add_ke(ikev2_payload_chain_t *c, u16 dh_group, u8 *dh_data)
ikev2_next_t
Definition: ikev2.c:73
static void ikev2_generate_sa_init_data(ikev2_sa_t *sa)
Definition: ikev2.c:308
#define IKEV2_NONCE_SIZE
Definition: ikev2.h:23
u8 initial_contact
Definition: ikev2_priv.h:149
ikev2_ts_t * tsi
Definition: ikev2_priv.h:134
#define IKEV2_PAYLOAD_TSR
Definition: ikev2.h:99
ikev2_auth_t r_auth
Definition: ikev2_priv.h:178
#define pool_get(P, E)
Definition: pool.h:186
format_function_t format_ip4_address
Definition: format.h:71
static void ikev2_delete_sa(ikev2_sa_t *sa)
Definition: ikev2.c:292
u8 * last_sa_init_res_packet_data
Definition: ikev2_priv.h:192
always_inline void * vlib_buffer_get_current(vlib_buffer_t *b)
Get pointer to current data to process.
Definition: buffer.h:184
ikev2_notify_t * ikev2_parse_notify_payload(ike_payload_header_t *ikep)
ikev2_sa_transform_t * ikev2_sa_get_td_for_type(ikev2_sa_proposal_t *p, ikev2_transform_type_t type)
Definition: ikev2.c:185
ikev2_auth_t auth
Definition: ikev2_priv.h:205
ikev2_ts_t * tsr
Definition: ikev2_priv.h:135
ikev2_id_t rem_id
Definition: ikev2_priv.h:207
#define vec_add(V, E, N)
Add N elements to end of vector V (no header, unspecified alignment)
Definition: vec.h:557
int ikev2_encrypt_data(ikev2_sa_t *sa, v8 *src, u8 *dst)
Definition: ikev2_crypto.c:370
u32 ipsec_add_del_tunnel_if(vnet_main_t *vnm, ipsec_add_del_tunnel_args_t *args)
Definition: ipsec_if.c:50
vnet_main_t * vnet_get_main(void)
Definition: misc.c:45
u32 next_index
Definition: ikev2.c:35
u32 last_msg_id
Definition: ikev2_priv.h:195
#define IKEV2_PAYLOAD_DELETE
Definition: ikev2.h:96
#define pool_foreach(VAR, POOL, BODY)
Definition: pool.h:328
ikev2_sa_proposal_t * r_proposals
Definition: ikev2_priv.h:111
void ikev2_generate_dh(ikev2_sa_t *sa, ikev2_sa_transform_t *t)
Definition: ikev2_crypto.c:396
EVP_PKEY * ikev2_load_cert_file(u8 *file)
Definition: ikev2_crypto.c:499
static ikev2_sa_transform_t * ikev2_find_transform_data(ikev2_sa_transform_t *t)
Definition: ikev2.c:80
ip4_address_t dst_address
Definition: ip4_packet.h:138
#define vec_new(T, N)
Create new vector of given type and length (unspecified alignment, no header).
Definition: vec.h:268
EVP_PKEY * ikev2_load_key_file(u8 *file)
Definition: ikev2_crypto.c:529
clib_error_t * ikev2_set_profile_auth(vlib_main_t *vm, u8 *name, u8 auth_method, u8 *auth_data, u8 data_hex_format)
Definition: ikev2.c:1986
void ikev2_parse_vendor_payload(ike_payload_header_t *ikep)
ip4_address_t start_addr
Definition: ikev2_priv.h:99
ip4_address_t remote_ip
Definition: ipsec.h:107
u8 * format_hex_bytes(u8 *s, va_list *va)
Definition: std-formats.c:79
void ikev2_payload_add_id(ikev2_payload_chain_t *c, ikev2_id_t *id, u8 type)
#define IKEV2_PAYLOAD_NOTIFY
Definition: ikev2.h:95
static void ikev2_sa_match_ts(ikev2_sa_t *sa)
Definition: ikev2.c:1001
#define clib_warning(format, args...)
Definition: error.h:59
unsigned long u64
Definition: types.h:89
ikev2_sa_proposal_t * i_proposals
Definition: ikev2_priv.h:164
static void ikev2_sa_auth(ikev2_sa_t *sa)
Definition: ikev2.c:1052
ikev2_auth_t i_auth
Definition: ikev2_priv.h:177
#define vlib_call_init_function(vm, x)
Definition: init.h:159
#define ikev2_set_state(sa, v)
Definition: ikev2.c:29
#define ikev2_payload_destroy_chain(V)
Definition: ikev2_priv.h:261
always_inline void * vlib_frame_vector_args(vlib_frame_t *f)
Definition: node_funcs.h:202
ikev2_id_t loc_id
Definition: ikev2_priv.h:206
ikev2_sa_transform_t * transforms
Definition: ikev2_priv.h:90
#define IKEV2_EXCHANGE_CREATE_CHILD_SA
Definition: ikev2.h:79
u8 * sk_ar
Definition: ikev2_priv.h:170
u8 * r_dh_data
Definition: ikev2_priv.h:161
static void ikev2_initial_contact_cleanup(ikev2_sa_t *sa)
Definition: ikev2.c:600
static ikev2_profile_t * ikev2_profile_index_by_name(u8 *name)
Definition: ikev2.c:1931
#define hash_get(h, key)
Definition: hash.h:231
clib_error_t * ikev2_set_profile_id(vlib_main_t *vm, u8 *name, u8 id_type, u8 *data, int is_local)
Definition: ikev2.c:2016
u8 * ikev2_calc_prfplus(ikev2_sa_transform_t *tr, u8 *key, u8 *seed, int len)
Definition: ikev2_crypto.c:278
#define pool_elt_at_index(p, i)
Definition: pool.h:346
u8 * last_sa_init_req_packet_data
Definition: ikev2_priv.h:191
u16 current_length
Nbytes between current data and the end of this buffer.
Definition: buffer.h:81
#define IKEV2_PAYLOAD_IDR
Definition: ikev2.h:92
static int ikev2_create_tunnel_interface(vnet_main_t *vnm, ikev2_sa_t *sa, ikev2_child_sa_t *child)
Definition: ikev2.c:1152
#define IKEV2_PAYLOAD_SA
Definition: ikev2.h:89
ikev2_ts_t rem_ts
Definition: ikev2_priv.h:209
u8 * i_dh_data
Definition: ikev2_priv.h:160
uword * sa_by_rspi
Definition: ikev2_priv.h:223
uword mhash_set_mem(mhash_t *h, void *key, uword *new_value, uword *old_value)
Definition: mhash.c:272
ikev2_sa_proposal_t * i_proposals
Definition: ikev2_priv.h:110
u8 * r_nonce
Definition: ikev2_priv.h:155
#define IKEV2_HDR_FLAG_RESPONSE
Definition: ikev2.h:84
mhash_t profile_index_by_name
Definition: ikev2_priv.h:224
u16 end_port
Definition: ikev2_priv.h:98
ikev2_sa_transform_t * supported_transforms
Definition: ikev2_priv.h:220
#define pool_put(P, E)
Definition: pool.h:200
ikev2_rekey_t * rekey
Definition: ikev2_priv.h:188
#define vec_dup(V)
Return copy of vector (no header, no alignment)
Definition: vec.h:332
#define PREDICT_FALSE(x)
Definition: clib.h:97
#define vec_del1(v, i)
Delete the element at index I.
Definition: vec.h:763
#define IKEV2_PAYLOAD_FLAG_CRITICAL
Definition: ikev2.h:86
always_inline void vlib_node_increment_counter(vlib_main_t *vm, u32 node_index, u32 counter_index, u64 increment)
Definition: node_funcs.h:970
ikev2_protocol_id_t
Definition: ikev2.h:102
#define vlib_validate_buffer_enqueue_x1(vm, node, next_index, to_next, n_left_to_next, bi0, next0)
Definition: buffer_node.h:83
#define vlib_get_next_frame(vm, node, next_index, vectors, n_vectors_left)
Definition: node_funcs.h:265
ip4_address_t end_addr
Definition: ikev2_priv.h:100
ip4_address_t iaddr
Definition: ikev2_priv.h:150
always_inline u16 ip4_header_checksum(ip4_header_t *i)
Definition: ip4_packet.h:194
u8 * i_nonce
Definition: ikev2_priv.h:154
clib_error_t * ikev2_set_local_key(vlib_main_t *vm, u8 *file)
Definition: ikev2.c:1944
clib_error_t * ikev2_set_profile_ts(vlib_main_t *vm, u8 *name, u8 protocol_id, u16 start_port, u16 end_port, ip4_address_t start_addr, ip4_address_t end_addr, int is_local)
Definition: ikev2.c:2053
u8 * sk_ei
Definition: ikev2_priv.h:171
#define IKEV2_EXCHANGE_INFORMATIONAL
Definition: ikev2.h:80
void ikev2_payload_add_delete(ikev2_payload_chain_t *c, ikev2_delete_t *d)
#define IKEV2_KEY_PAD
Definition: ikev2.h:25
static u32 ikev2_generate_resp(ikev2_sa_t *sa, ike_header_t *ike)
Definition: ikev2.c:1279
ikev2_transform_dh_type_t dh_type
Definition: ikev2_priv.h:71
u16 n_vectors
Definition: node.h:307
static u8 * ikev2_decrypt_sk_payload(ikev2_sa_t *sa, ike_header_t *ike, u8 *payload)
Definition: ikev2.c:539
static void ikev2_sa_del_child_sa(ikev2_sa_t *sa, ikev2_child_sa_t *child)
Definition: ikev2.c:249
ikev2_auth_method_t method
Definition: ikev2_priv.h:53
ikev2_delete_t * del
Definition: ikev2_priv.h:185
ikev2_ts_t * tsi
Definition: ikev2_priv.h:114
#define vec_free(V)
Free vector&#39;s memory (no header).
Definition: vec.h:298
static void ikev2_process_auth_req(vlib_main_t *vm, ikev2_sa_t *sa, ike_header_t *ike)
Definition: ikev2.c:634
static uword ikev2_node_fn(vlib_main_t *vm, vlib_node_runtime_t *node, vlib_frame_t *frame)
Definition: ikev2.c:1613
ikev2_sa_t * sas
Definition: ikev2_priv.h:214
ip4_address_t raddr
Definition: ikev2_priv.h:151
#define clib_memcpy(a, b, c)
Definition: string.h:63
u8 * sk_er
Definition: ikev2_priv.h:172
#define ARRAY_LEN(x)
Definition: clib.h:59
#define IKEV2_PAYLOAD_KE
Definition: ikev2.h:90
ikev2_child_sa_t * ikev2_sa_get_child(ikev2_sa_t *sa, u32 spi, ikev2_protocol_id_t prot_id)
Definition: ikev2.c:201
ikev2_ts_t loc_ts
Definition: ikev2_priv.h:208
ikev2_sa_proposal_t * r_proposals
Definition: ikev2_priv.h:165
static u8 * ikev2_sa_generate_authmsg(ikev2_sa_t *sa, int is_responder)
Definition: ikev2.c:947
static void ikev2_calc_child_keys(ikev2_sa_t *sa, ikev2_child_sa_t *child)
Definition: ikev2.c:423
#define hash_create(elts, value_bytes)
Definition: hash.h:615
void ikev2_payload_add_auth(ikev2_payload_chain_t *c, ikev2_auth_t *auth)
ikev2_protocol_id_t protocol_id
Definition: ikev2_priv.h:88
u8 protocol_id
Definition: ikev2_priv.h:95
u16 cached_next_index
Definition: node.h:422
#define ASSERT(truth)
unsigned int u32
Definition: types.h:88
vnet_main_t * vnet_main
Definition: ikev2_priv.h:231
#define vnet_buffer(b)
Definition: buffer.h:300
static void ikev2_process_informational_req(vlib_main_t *vm, ikev2_sa_t *sa, ike_header_t *ike)
Definition: ikev2.c:757
ip4_address_t local_ip
Definition: ipsec.h:107
void ikev2_sa_free_proposal_vector(ikev2_sa_proposal_t **v)
Definition: ikev2.c:214
u8 * format(u8 *s, char *fmt,...)
Definition: format.c:405
#define IKEV2_PAYLOAD_AUTH
Definition: ikev2.h:93
#define ikev2_payload_new_chain(V)
Definition: ikev2_priv.h:260
#define IKEV2_PAYLOAD_SK
Definition: ikev2.h:100
ikev2_sa_proposal_t * r_proposal
Definition: ikev2_priv.h:133
u8 * sk_ai
Definition: ikev2_priv.h:169
#define IKE_VERSION_2
Definition: ikev2.h:75
#define vec_append(v1, v2)
Append v2 after v1.
Definition: vec.h:777
#define VLIB_NODE_FLAG_TRACE
Definition: node.h:225
u16 dh_group
Definition: ikev2_priv.h:158
ikev2_sa_proposal_t * i_proposal
Definition: ikev2_priv.h:132
#define VLIB_BUFFER_IS_TRACED
Definition: buffer.h:91
#define IKEV2_PAYLOAD_TSI
Definition: ikev2.h:98
EVP_PKEY * key
Definition: ikev2_priv.h:56
static int ikev2_retransmit_resp(ikev2_sa_t *sa, ike_header_t *ike)
Definition: ikev2.c:1570
u64 uword
Definition: types.h:112
ikev2_transform_encr_type_t encr_type
Definition: ikev2_priv.h:68
u8 * last_res_packet_data
Definition: ikev2_priv.h:196
ikev2_transform_integ_type_t integ_type
Definition: ikev2_priv.h:70
static char * ikev2_error_strings[]
Definition: ikev2.c:67
unsigned short u16
Definition: types.h:57
static void ikev2_process_sa_init_req(vlib_main_t *vm, ikev2_sa_t *sa, ike_header_t *ike)
Definition: ikev2.c:467
#define vec_len(v)
Number of elements in vector (rvalue-only, NULL tolerant)
u16 start_port
Definition: ikev2_priv.h:97
always_inline void vlib_buffer_advance(vlib_buffer_t *b, word l)
Advance current data pointer by the supplied (signed!) amount.
Definition: buffer.h:197
unsigned char u8
Definition: types.h:56
void ikev2_payload_chain_add_padding(ikev2_payload_chain_t *c, int bs)
u8 * sk_pr
Definition: ikev2_priv.h:174
#define IKEV2_PAYLOAD_IDI
Definition: ikev2.h:91
ikev2_id_t i_id
Definition: ikev2_priv.h:181
static void ikev2_process_create_child_sa_req(vlib_main_t *vm, ikev2_sa_t *sa, ike_header_t *ike)
Definition: ikev2.c:827
ikev2_ts_t * tsr
Definition: ikev2_priv.h:115
ikev2_child_sa_t * childs
Definition: ikev2_priv.h:198
#define IKEV2_EXCHANGE_IKE_AUTH
Definition: ikev2.h:78
always_inline void * vlib_add_trace(vlib_main_t *vm, vlib_node_runtime_t *r, vlib_buffer_t *b, u32 n_data_bytes)
Definition: trace_funcs.h:55
static int ikev2_ts_cmp(ikev2_ts_t *ts1, ikev2_ts_t *ts2)
Definition: ikev2.c:989
clib_error_t * ikev2_init(vlib_main_t *vm)
Definition: ikev2.c:2091
ikev2_error_t
Definition: ikev2.c:60
#define VLIB_REGISTER_NODE(x,...)
Definition: node.h:140
clib_error_t * ikev2_cli_init(vlib_main_t *vm)
Definition: ikev2_cli.c:432
#define vec_foreach(var, vec)
Vector iterator.
u8 unsupported_cp
Definition: ikev2_priv.h:148
static void ikev2_sa_free_all_child_sa(ikev2_child_sa_t **childs)
Definition: ikev2.c:232
static ikev2_sa_proposal_t * ikev2_select_proposal(ikev2_sa_proposal_t *proposals, ikev2_protocol_id_t prot_id)
Definition: ikev2.c:107
void udp_register_dst_port(vlib_main_t *vm, udp_dst_port_t dst_port, u32 node_index, u8 is_ip4)
Definition: udp_local.c:374
#define clib_error_return(e, args...)
Definition: error.h:112
ikev2_transform_type_t
Definition: ikev2.h:196
void ikev2_crypto_init(ikev2_main_t *km)
Definition: ikev2_crypto.c:551
u32 flags
buffer flags: VLIB_BUFFER_IS_TRACED: trace this buffer.
Definition: buffer.h:84
void ikev2_payload_add_ts(ikev2_payload_chain_t *c, ikev2_ts_t *ts, u8 type)
vlib_main_t * vlib_main
Definition: ikev2_priv.h:230
v8 * ikev2_decrypt_data(ikev2_sa_t *sa, u8 *data, int len)
Definition: ikev2_crypto.c:340
always_inline vlib_buffer_t * vlib_get_buffer(vlib_main_t *vm, u32 buffer_index)
Translate buffer index into buffer pointer.
Definition: buffer_funcs.h:69
static void ikev2_sa_free_all_vec(ikev2_sa_t *sa)
Definition: ikev2.c:262
u8 * ikev2_calc_sign(EVP_PKEY *pkey, u8 *data)
Definition: ikev2_crypto.c:481
always_inline uword * mhash_get(mhash_t *h, void *key)
Definition: mhash.h:104
v8 * ikev2_calc_integr(ikev2_sa_transform_t *tr, v8 *key, u8 *data, int len)
Definition: ikev2_crypto.c:317
u8 * format_ikev2_id_type(u8 *s, va_list *args)
Definition: defs.h:45
#define foreach_ikev2_error
Definition: ikev2.c:52
int ipsec_set_interface_key(vnet_main_t *vnm, u32 hw_if_index, ipsec_if_set_key_type_t type, u8 alg, u8 *key)
Definition: ipsec_if.c:142
u32 sw_if_index
Definition: ikev2.c:36
static vlib_node_registration_t ikev2_node
(constructor) VLIB_REGISTER_NODE (ikev2_node)
Definition: ikev2.c:50
ikev2_delete_t * ikev2_parse_delete_payload(ike_payload_header_t *ikep)