FD.io VPP  v17.01.1-3-gc6833f8
Vector Packet Processing
ikev2.c
Go to the documentation of this file.
1 /*
2  * Copyright (c) 2015 Cisco and/or its affiliates.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at:
6  *
7  * http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 #include <vlib/vlib.h>
17 #include <vnet/vnet.h>
18 #include <vnet/pg/pg.h>
19 #include <vppinfra/error.h>
20 #include <vnet/ip/udp.h>
21 #include <vnet/ipsec/ipsec.h>
22 #include <vnet/ipsec/ikev2.h>
23 #include <vnet/ipsec/ikev2_priv.h>
24 
26  ikev2_sa_t * sa,
27  ikev2_child_sa_t * child);
28 
29 #define ikev2_set_state(sa, v) do { \
30  (sa)->state = v; \
31  clib_warning("sa state changed to " #v); \
32  } while(0);
33 
34 typedef struct
35 {
39 
40 static u8 *
41 format_ikev2_trace (u8 * s, va_list * args)
42 {
43  CLIB_UNUSED (vlib_main_t * vm) = va_arg (*args, vlib_main_t *);
44  CLIB_UNUSED (vlib_node_t * node) = va_arg (*args, vlib_node_t *);
45  ikev2_trace_t *t = va_arg (*args, ikev2_trace_t *);
46 
47  s = format (s, "ikev2: sw_if_index %d, next index %d",
48  t->sw_if_index, t->next_index);
49  return s;
50 }
51 
53 
54 #define foreach_ikev2_error \
55 _(PROCESSED, "IKEv2 packets processed") \
56 _(IKE_SA_INIT_RETRANSMIT, "IKE_SA_INIT retransmit ") \
57 _(IKE_SA_INIT_IGNORE, "IKE_SA_INIT ignore (IKE SA already auth)") \
58 _(IKE_REQ_RETRANSMIT, "IKE request retransmit") \
59 _(IKE_REQ_IGNORE, "IKE request ignore (old msgid)") \
60 _(NOT_IKEV2, "Non IKEv2 packets received")
61 
62 typedef enum
63 {
64 #define _(sym,str) IKEV2_ERROR_##sym,
66 #undef _
69 
70 static char *ikev2_error_strings[] = {
71 #define _(sym,string) string,
73 #undef _
74 };
75 
76 typedef enum
77 {
81 } ikev2_next_t;
82 
83 static ikev2_sa_transform_t *
85 {
86  ikev2_main_t *km = &ikev2_main;
88 
90  {
91  if (td->type != t->type)
92  continue;
93 
94  if (td->transform_id != t->transform_id)
95  continue;
96 
97  if (td->type == IKEV2_TRANSFORM_TYPE_ENCR)
98  {
99  if (vec_len (t->attrs) != 4 || t->attrs[0] != 0x80
100  || t->attrs[1] != 14)
101  continue;
102 
103  if (((t->attrs[2] << 8 | t->attrs[3]) / 8) != td->key_len)
104  continue;
105  }
106  return td;
107  }
108  return 0;
109 }
110 
111 static ikev2_sa_proposal_t *
113  ikev2_protocol_id_t prot_id)
114 {
115  ikev2_sa_proposal_t *rv = 0;
116  ikev2_sa_proposal_t *proposal;
117  ikev2_sa_transform_t *transform, *new_t;
118  u8 mandatory_bitmap, optional_bitmap;
119 
120  if (prot_id == IKEV2_PROTOCOL_IKE)
121  {
122  mandatory_bitmap = (1 << IKEV2_TRANSFORM_TYPE_ENCR) |
123  (1 << IKEV2_TRANSFORM_TYPE_PRF) |
124  (1 << IKEV2_TRANSFORM_TYPE_INTEG) | (1 << IKEV2_TRANSFORM_TYPE_DH);
125  optional_bitmap = mandatory_bitmap;
126  }
127  else if (prot_id == IKEV2_PROTOCOL_ESP)
128  {
129  mandatory_bitmap = (1 << IKEV2_TRANSFORM_TYPE_ENCR) |
130  (1 << IKEV2_TRANSFORM_TYPE_ESN);
131  optional_bitmap = mandatory_bitmap |
132  (1 << IKEV2_TRANSFORM_TYPE_INTEG) | (1 << IKEV2_TRANSFORM_TYPE_DH);
133  }
134  else if (prot_id == IKEV2_PROTOCOL_AH)
135  {
136  mandatory_bitmap = (1 << IKEV2_TRANSFORM_TYPE_INTEG) |
137  (1 << IKEV2_TRANSFORM_TYPE_ESN);
138  optional_bitmap = mandatory_bitmap | (1 << IKEV2_TRANSFORM_TYPE_DH);
139  }
140  else
141  return 0;
142 
143  vec_add2 (rv, proposal, 1);
144 
145  vec_foreach (proposal, proposals)
146  {
147  u8 bitmap = 0;
148  if (proposal->protocol_id != prot_id)
149  continue;
150 
151  vec_foreach (transform, proposal->transforms)
152  {
153  if ((1 << transform->type) & bitmap)
154  continue;
155 
156  if (ikev2_find_transform_data (transform))
157  {
158  bitmap |= 1 << transform->type;
159  vec_add2 (rv->transforms, new_t, 1);
160  clib_memcpy (new_t, transform, sizeof (*new_t));
161  new_t->attrs = vec_dup (transform->attrs);
162  }
163  }
164 
165  clib_warning ("bitmap is %x mandatory is %x optional is %x",
166  bitmap, mandatory_bitmap, optional_bitmap);
167 
168  if ((bitmap & mandatory_bitmap) == mandatory_bitmap &&
169  (bitmap & ~optional_bitmap) == 0)
170  {
171  rv->proposal_num = proposal->proposal_num;
172  rv->protocol_id = proposal->protocol_id;
173  RAND_bytes ((u8 *) & rv->spi, sizeof (rv->spi));
174  goto done;
175  }
176  else
177  {
178  vec_free (rv->transforms);
179  }
180  }
181 
182  vec_free (rv);
183 done:
184  return rv;
185 }
186 
190 {
192 
193  if (!p)
194  return 0;
195 
196  vec_foreach (t, p->transforms)
197  {
198  if (t->type == type)
199  return ikev2_find_transform_data (t);
200  }
201  return 0;
202 }
203 
206 {
208  vec_foreach (c, sa->childs)
209  {
210  if (c->i_proposals[0].spi == spi
211  && c->i_proposals[0].protocol_id == prot_id)
212  return c;
213  }
214 
215  return 0;
216 }
217 
218 void
220 {
223 
224  if (!*v)
225  return;
226 
227  vec_foreach (p, *v)
228  {
229  vec_foreach (t, p->transforms)
230  {
231  vec_free (t->attrs);
232  }
233  vec_free (p->transforms);
234  }
235  vec_free (*v);
236 };
237 
238 static void
240 {
242  vec_foreach (c, *childs)
243  {
246  vec_free (c->sk_ai);
247  vec_free (c->sk_ar);
248  vec_free (c->sk_ei);
249  vec_free (c->sk_er);
250  }
251 
252  vec_free (*childs);
253 }
254 
255 static void
257 {
260  vec_free (child->sk_ai);
261  vec_free (child->sk_ar);
262  vec_free (child->sk_ei);
263  vec_free (child->sk_er);
264 
265  vec_del1 (sa->childs, child - sa->childs);
266 }
267 
268 static void
270 {
271  vec_free (sa->i_nonce);
272  vec_free (sa->i_dh_data);
273  vec_free (sa->dh_shared_key);
274 
277 
278  vec_free (sa->sk_d);
279  vec_free (sa->sk_ai);
280  vec_free (sa->sk_ar);
281  vec_free (sa->sk_ei);
282  vec_free (sa->sk_er);
283  vec_free (sa->sk_pi);
284  vec_free (sa->sk_pr);
285 
286  vec_free (sa->i_id.data);
287  vec_free (sa->i_auth.data);
288  vec_free (sa->r_id.data);
289  vec_free (sa->r_auth.data);
290  if (sa->r_auth.key)
291  EVP_PKEY_free (sa->r_auth.key);
292 
293  vec_free (sa->del);
294 
296 }
297 
298 static void
300 {
301  ikev2_main_t *km = &ikev2_main;
302  u32 cpu_index = os_get_cpu_number ();
303  uword *p;
304 
306 
307  p = hash_get (km->per_thread_data[cpu_index].sa_by_rspi, sa->rspi);
308  if (p)
309  {
310  hash_unset (km->per_thread_data[cpu_index].sa_by_rspi, sa->rspi);
311  pool_put (km->per_thread_data[cpu_index].sas, sa);
312  }
313 }
314 
315 static void
317 {
318  ikev2_sa_transform_t *t = 0, *t2;
319  ikev2_main_t *km = &ikev2_main;
320 
321  if (sa->dh_group == IKEV2_TRANSFORM_DH_TYPE_NONE)
322  {
323  return;
324  }
325 
326  /* check if received DH group is on our list of supported groups */
328  {
329  if (t2->type == IKEV2_TRANSFORM_TYPE_DH && sa->dh_group == t2->dh_type)
330  {
331  t = t2;
332  break;
333  }
334  }
335 
336  if (!t)
337  {
338  clib_warning ("unknown dh data group %u (data len %u)", sa->dh_group,
339  vec_len (sa->i_dh_data));
340  sa->dh_group = IKEV2_TRANSFORM_DH_TYPE_NONE;
341  return;
342  }
343 
344  /* generate rspi */
345  RAND_bytes ((u8 *) & sa->rspi, 8);
346 
347  /* generate nonce */
349  RAND_bytes ((u8 *) sa->r_nonce, IKEV2_NONCE_SIZE);
350 
351  /* generate dh keys */
352  ikev2_generate_dh (sa, t);
353 }
354 
355 static void
357 {
358  u8 *tmp;
359  /* calculate SKEYSEED = prf(Ni | Nr, g^ir) */
360  u8 *skeyseed = 0;
361  u8 *s = 0;
362  ikev2_sa_transform_t *tr_encr, *tr_prf, *tr_integ;
363  tr_encr =
364  ikev2_sa_get_td_for_type (sa->r_proposals, IKEV2_TRANSFORM_TYPE_ENCR);
365  tr_prf =
366  ikev2_sa_get_td_for_type (sa->r_proposals, IKEV2_TRANSFORM_TYPE_PRF);
367  tr_integ =
368  ikev2_sa_get_td_for_type (sa->r_proposals, IKEV2_TRANSFORM_TYPE_INTEG);
369 
370  vec_append (s, sa->i_nonce);
371  vec_append (s, sa->r_nonce);
372  skeyseed = ikev2_calc_prf (tr_prf, s, sa->dh_shared_key);
373 
374  /* Calculate S = Ni | Nr | SPIi | SPIr */
375  u64 *spi;
376  vec_add2 (s, tmp, 2 * sizeof (*spi));
377  spi = (u64 *) tmp;
378  spi[0] = clib_host_to_net_u64 (sa->ispi);
379  spi[1] = clib_host_to_net_u64 (sa->rspi);
380 
381  /* calculate PRFplus */
382  u8 *keymat;
383  int len = tr_prf->key_trunc + /* SK_d */
384  tr_integ->key_len * 2 + /* SK_ai, SK_ar */
385  tr_encr->key_len * 2 + /* SK_ei, SK_er */
386  tr_prf->key_len * 2; /* SK_pi, SK_pr */
387 
388  keymat = ikev2_calc_prfplus (tr_prf, skeyseed, s, len);
389  vec_free (skeyseed);
390  vec_free (s);
391 
392  int pos = 0;
393 
394  /* SK_d */
395  sa->sk_d = vec_new (u8, tr_prf->key_trunc);
396  clib_memcpy (sa->sk_d, keymat + pos, tr_prf->key_trunc);
397  pos += tr_prf->key_trunc;
398 
399  /* SK_ai */
400  sa->sk_ai = vec_new (u8, tr_integ->key_len);
401  clib_memcpy (sa->sk_ai, keymat + pos, tr_integ->key_len);
402  pos += tr_integ->key_len;
403 
404  /* SK_ar */
405  sa->sk_ar = vec_new (u8, tr_integ->key_len);
406  clib_memcpy (sa->sk_ar, keymat + pos, tr_integ->key_len);
407  pos += tr_integ->key_len;
408 
409  /* SK_ei */
410  sa->sk_ei = vec_new (u8, tr_encr->key_len);
411  clib_memcpy (sa->sk_ei, keymat + pos, tr_encr->key_len);
412  pos += tr_encr->key_len;
413 
414  /* SK_er */
415  sa->sk_er = vec_new (u8, tr_encr->key_len);
416  clib_memcpy (sa->sk_er, keymat + pos, tr_encr->key_len);
417  pos += tr_encr->key_len;
418 
419  /* SK_pi */
420  sa->sk_pi = vec_new (u8, tr_prf->key_len);
421  clib_memcpy (sa->sk_pi, keymat + pos, tr_prf->key_len);
422  pos += tr_prf->key_len;
423 
424  /* SK_pr */
425  sa->sk_pr = vec_new (u8, tr_prf->key_len);
426  clib_memcpy (sa->sk_pr, keymat + pos, tr_prf->key_len);
427  pos += tr_prf->key_len;
428 
429  vec_free (keymat);
430 }
431 
432 static void
434 {
435  u8 *s = 0;
436  ikev2_sa_transform_t *tr_prf, *ctr_encr, *ctr_integ;
437  tr_prf =
438  ikev2_sa_get_td_for_type (sa->r_proposals, IKEV2_TRANSFORM_TYPE_PRF);
439  ctr_encr =
440  ikev2_sa_get_td_for_type (child->r_proposals, IKEV2_TRANSFORM_TYPE_ENCR);
441  ctr_integ =
442  ikev2_sa_get_td_for_type (child->r_proposals, IKEV2_TRANSFORM_TYPE_INTEG);
443 
444  vec_append (s, sa->i_nonce);
445  vec_append (s, sa->r_nonce);
446  /* calculate PRFplus */
447  u8 *keymat;
448  int len = ctr_encr->key_len * 2 + ctr_integ->key_len * 2;
449 
450  keymat = ikev2_calc_prfplus (tr_prf, sa->sk_d, s, len);
451 
452  int pos = 0;
453 
454  /* SK_ei */
455  child->sk_ei = vec_new (u8, ctr_encr->key_len);
456  clib_memcpy (child->sk_ei, keymat + pos, ctr_encr->key_len);
457  pos += ctr_encr->key_len;
458 
459  /* SK_ai */
460  child->sk_ai = vec_new (u8, ctr_integ->key_len);
461  clib_memcpy (child->sk_ai, keymat + pos, ctr_integ->key_len);
462  pos += ctr_integ->key_len;
463 
464  /* SK_er */
465  child->sk_er = vec_new (u8, ctr_encr->key_len);
466  clib_memcpy (child->sk_er, keymat + pos, ctr_encr->key_len);
467  pos += ctr_encr->key_len;
468 
469  /* SK_ar */
470  child->sk_ar = vec_new (u8, ctr_integ->key_len);
471  clib_memcpy (child->sk_ar, keymat + pos, ctr_integ->key_len);
472  pos += ctr_integ->key_len;
473 
474  ASSERT (pos == len);
475 
476  vec_free (keymat);
477 }
478 
479 static void
481  ike_header_t * ike)
482 {
483  int p = 0;
484  u32 len = clib_net_to_host_u32 (ike->length);
485  u8 payload = ike->nextpayload;
486 
487  clib_warning ("ispi %lx rspi %lx nextpayload %x version %x "
488  "exchange %x flags %x msgid %x length %u",
489  clib_net_to_host_u64 (ike->ispi),
490  clib_net_to_host_u64 (ike->rspi),
491  payload, ike->version,
492  ike->exchange, ike->flags,
493  clib_net_to_host_u32 (ike->msgid), len);
494 
495  sa->ispi = clib_net_to_host_u64 (ike->ispi);
496 
497  /* store whole IKE payload - needed for PSK auth */
499  vec_add (sa->last_sa_init_req_packet_data, ike, len);
500 
501  while (p < len && payload != IKEV2_PAYLOAD_NONE)
502  {
503  ike_payload_header_t *ikep = (ike_payload_header_t *) & ike->payload[p];
504  u32 plen = clib_net_to_host_u16 (ikep->length);
505 
506  if (plen < sizeof (ike_payload_header_t))
507  return;
508 
509  if (payload == IKEV2_PAYLOAD_SA)
510  {
512  sa->i_proposals = ikev2_parse_sa_payload (ikep);
513  }
514  else if (payload == IKEV2_PAYLOAD_KE)
515  {
516  ike_ke_payload_header_t *ke = (ike_ke_payload_header_t *) ikep;
517  sa->dh_group = clib_net_to_host_u16 (ke->dh_group);
518  vec_free (sa->i_dh_data);
519  vec_add (sa->i_dh_data, ke->payload, plen - sizeof (*ke));
520  }
521  else if (payload == IKEV2_PAYLOAD_NONCE)
522  {
523  vec_free (sa->i_nonce);
524  vec_add (sa->i_nonce, ikep->payload, plen - sizeof (*ikep));
525  }
526  else if (payload == IKEV2_PAYLOAD_NOTIFY)
527  {
529  vec_free (n);
530  }
531  else if (payload == IKEV2_PAYLOAD_VENDOR)
532  {
534  }
535  else
536  {
537  clib_warning ("unknown payload %u flags %x length %u", payload,
538  ikep->flags, plen);
539  if (ikep->flags & IKEV2_PAYLOAD_FLAG_CRITICAL)
540  {
542  sa->unsupported_cp = payload;
543  return;
544  }
545  }
546 
547  payload = ikep->nextpayload;
548  p += plen;
549  }
550 
552 }
553 
554 static u8 *
555 ikev2_decrypt_sk_payload (ikev2_sa_t * sa, ike_header_t * ike, u8 * payload)
556 {
557  int p = 0;
558  u8 last_payload = 0;
559  u8 *hmac = 0;
560  u32 len = clib_net_to_host_u32 (ike->length);
561  ike_payload_header_t *ikep = 0;
562  u32 plen = 0;
563  ikev2_sa_transform_t *tr_integ;
564  tr_integ =
565  ikev2_sa_get_td_for_type (sa->r_proposals, IKEV2_TRANSFORM_TYPE_INTEG);
566 
567  while (p < len &&
568  *payload != IKEV2_PAYLOAD_NONE && last_payload != IKEV2_PAYLOAD_SK)
569  {
570  ikep = (ike_payload_header_t *) & ike->payload[p];
571  plen = clib_net_to_host_u16 (ikep->length);
572 
573  if (plen < sizeof (*ikep))
574  return 0;
575 
576  if (*payload == IKEV2_PAYLOAD_SK)
577  {
578  clib_warning ("received IKEv2 payload SK, len %u", plen - 4);
579  last_payload = *payload;
580  }
581  else
582  {
583  clib_warning ("unknown payload %u flags %x length %u", payload,
584  ikep->flags, plen);
585  if (ikep->flags & IKEV2_PAYLOAD_FLAG_CRITICAL)
586  {
587  sa->unsupported_cp = *payload;
588  return 0;
589  }
590  }
591 
592  *payload = ikep->nextpayload;
593  p += plen;
594  }
595 
596  if (last_payload != IKEV2_PAYLOAD_SK)
597  {
598  clib_warning ("Last payload must be SK");
599  return 0;
600  }
601 
602  hmac = ikev2_calc_integr (tr_integ, sa->sk_ai, (u8 *) ike,
603  len - tr_integ->key_trunc);
604 
605  plen = plen - sizeof (*ikep) - tr_integ->key_trunc;
606 
607  if (memcmp (hmac, &ikep->payload[plen], tr_integ->key_trunc))
608  {
609  clib_warning ("message integrity check failed");
610  vec_free (hmac);
611  return 0;
612  }
613  vec_free (hmac);
614 
615  return ikev2_decrypt_data (sa, ikep->payload, plen);
616 }
617 
618 static void
620 {
621  ikev2_main_t *km = &ikev2_main;
622  ikev2_sa_t *tmp;
623  u32 i, *delete = 0;
625  u32 cpu_index = os_get_cpu_number ();
626 
627  if (!sa->initial_contact)
628  return;
629 
630  /* find old IKE SAs with the same authenticated identity */
631  /* *INDENT-OFF* */
632  pool_foreach (tmp, km->per_thread_data[cpu_index].sas, ({
633  if (tmp->i_id.type != sa->i_id.type ||
634  vec_len(tmp->i_id.data) != vec_len(sa->i_id.data) ||
635  memcmp(sa->i_id.data, tmp->i_id.data, vec_len(sa->i_id.data)))
636  continue;
637 
638  if (sa->rspi != tmp->rspi)
639  vec_add1(delete, tmp - km->per_thread_data[cpu_index].sas);
640  }));
641  /* *INDENT-ON* */
642 
643  for (i = 0; i < vec_len (delete); i++)
644  {
645  tmp = pool_elt_at_index (km->per_thread_data[cpu_index].sas, delete[i]);
646  vec_foreach (c, tmp->childs)
648  ikev2_delete_sa (tmp);
649  }
650 
651  vec_free (delete);
652  sa->initial_contact = 0;
653 }
654 
655 static void
656 ikev2_process_auth_req (vlib_main_t * vm, ikev2_sa_t * sa, ike_header_t * ike)
657 {
658  ikev2_child_sa_t *first_child_sa;
659  int p = 0;
660  u32 len = clib_net_to_host_u32 (ike->length);
661  u8 payload = ike->nextpayload;
662  u8 *plaintext = 0;
663 
664  ike_payload_header_t *ikep;
665  u32 plen;
666 
667  clib_warning ("ispi %lx rspi %lx nextpayload %x version %x "
668  "exchange %x flags %x msgid %x length %u",
669  clib_net_to_host_u64 (ike->ispi),
670  clib_net_to_host_u64 (ike->rspi),
671  payload, ike->version,
672  ike->exchange, ike->flags,
673  clib_net_to_host_u32 (ike->msgid), len);
674 
675  ikev2_calc_keys (sa);
676 
677  plaintext = ikev2_decrypt_sk_payload (sa, ike, &payload);
678 
679  if (!plaintext)
680  {
681  if (sa->unsupported_cp)
683  goto cleanup_and_exit;
684  }
685 
686  /* create 1st child SA */
688  vec_add2 (sa->childs, first_child_sa, 1);
689 
690 
691  /* process encrypted payload */
692  p = 0;
693  while (p < vec_len (plaintext) && payload != IKEV2_PAYLOAD_NONE)
694  {
695  ikep = (ike_payload_header_t *) & plaintext[p];
696  plen = clib_net_to_host_u16 (ikep->length);
697 
698  if (plen < sizeof (ike_payload_header_t))
699  goto cleanup_and_exit;
700 
701  if (payload == IKEV2_PAYLOAD_SA) /* 33 */
702  {
703  clib_warning ("received payload SA, len %u", plen - sizeof (*ikep));
704  ikev2_sa_free_proposal_vector (&first_child_sa->i_proposals);
705  first_child_sa->i_proposals = ikev2_parse_sa_payload (ikep);
706  }
707  else if (payload == IKEV2_PAYLOAD_IDI) /* 35 */
708  {
709  ike_id_payload_header_t *id = (ike_id_payload_header_t *) ikep;
710 
711  sa->i_id.type = id->id_type;
712  vec_free (sa->i_id.data);
713  vec_add (sa->i_id.data, id->payload, plen - sizeof (*id));
714 
715  clib_warning ("received payload IDi, len %u id_type %u",
716  plen - sizeof (*id), id->id_type);
717  }
718  else if (payload == IKEV2_PAYLOAD_AUTH) /* 39 */
719  {
720  ike_auth_payload_header_t *a = (ike_auth_payload_header_t *) ikep;
721 
722  sa->i_auth.method = a->auth_method;
723  vec_free (sa->i_auth.data);
724  vec_add (sa->i_auth.data, a->payload, plen - sizeof (*a));
725 
726  clib_warning ("received payload AUTH, len %u auth_type %u",
727  plen - sizeof (*a), a->auth_method);
728  }
729  else if (payload == IKEV2_PAYLOAD_NOTIFY) /* 41 */
730  {
732  if (n->msg_type == IKEV2_NOTIFY_MSG_INITIAL_CONTACT)
733  {
734  sa->initial_contact = 1;
735  }
736  vec_free (n);
737  }
738  else if (payload == IKEV2_PAYLOAD_VENDOR) /* 43 */
739  {
741  }
742  else if (payload == IKEV2_PAYLOAD_TSI) /* 44 */
743  {
744  clib_warning ("received payload TSi, len %u",
745  plen - sizeof (*ikep));
746 
747  vec_free (first_child_sa->tsi);
748  first_child_sa->tsi = ikev2_parse_ts_payload (ikep);
749  }
750  else if (payload == IKEV2_PAYLOAD_TSR) /* 45 */
751  {
752  clib_warning ("received payload TSr, len %u",
753  plen - sizeof (*ikep));
754 
755  vec_free (first_child_sa->tsr);
756  first_child_sa->tsr = ikev2_parse_ts_payload (ikep);
757  }
758  else
759  {
760  clib_warning ("unknown payload %u flags %x length %u data %u",
761  payload, ikep->flags, plen - 4,
762  format_hex_bytes, ikep->payload, plen - 4);
763 
764  if (ikep->flags & IKEV2_PAYLOAD_FLAG_CRITICAL)
765  {
767  sa->unsupported_cp = payload;
768  return;
769  }
770  }
771 
772  payload = ikep->nextpayload;
773  p += plen;
774  }
775 
776 cleanup_and_exit:
777  vec_free (plaintext);
778 }
779 
780 static void
782  ike_header_t * ike)
783 {
784  int p = 0;
785  u32 len = clib_net_to_host_u32 (ike->length);
786  u8 payload = ike->nextpayload;
787  u8 *plaintext = 0;
788 
789  ike_payload_header_t *ikep;
790  u32 plen;
791 
792  clib_warning ("ispi %lx rspi %lx nextpayload %x version %x "
793  "exchange %x flags %x msgid %x length %u",
794  clib_net_to_host_u64 (ike->ispi),
795  clib_net_to_host_u64 (ike->rspi),
796  payload, ike->version,
797  ike->exchange, ike->flags,
798  clib_net_to_host_u32 (ike->msgid), len);
799 
800  plaintext = ikev2_decrypt_sk_payload (sa, ike, &payload);
801 
802  if (!plaintext)
803  goto cleanup_and_exit;
804 
805  /* process encrypted payload */
806  p = 0;
807  while (p < vec_len (plaintext) && payload != IKEV2_PAYLOAD_NONE)
808  {
809  ikep = (ike_payload_header_t *) & plaintext[p];
810  plen = clib_net_to_host_u16 (ikep->length);
811 
812  if (plen < sizeof (ike_payload_header_t))
813  goto cleanup_and_exit;
814 
815  if (payload == IKEV2_PAYLOAD_NOTIFY) /* 41 */
816  {
818  if (n->msg_type == IKEV2_NOTIFY_MSG_AUTHENTICATION_FAILED)
820  vec_free (n);
821  }
822  else if (payload == IKEV2_PAYLOAD_DELETE) /* 42 */
823  {
824  sa->del = ikev2_parse_delete_payload (ikep);
825  }
826  else if (payload == IKEV2_PAYLOAD_VENDOR) /* 43 */
827  {
829  }
830  else
831  {
832  clib_warning ("unknown payload %u flags %x length %u data %u",
833  payload, ikep->flags, plen - 4,
834  format_hex_bytes, ikep->payload, plen - 4);
835 
836  if (ikep->flags & IKEV2_PAYLOAD_FLAG_CRITICAL)
837  {
838  sa->unsupported_cp = payload;
839  return;
840  }
841  }
842 
843  payload = ikep->nextpayload;
844  p += plen;
845  }
846 
847 cleanup_and_exit:
848  vec_free (plaintext);
849 }
850 
851 static void
853  ike_header_t * ike)
854 {
855  int p = 0;
856  u32 len = clib_net_to_host_u32 (ike->length);
857  u8 payload = ike->nextpayload;
858  u8 *plaintext = 0;
859  u8 rekeying = 0;
860  u8 i_nonce[IKEV2_NONCE_SIZE];
861 
862  ike_payload_header_t *ikep;
863  u32 plen;
864  ikev2_notify_t *n = 0;
865  ikev2_ts_t *tsi = 0;
866  ikev2_ts_t *tsr = 0;
867  ikev2_sa_proposal_t *proposal = 0;
868  ikev2_child_sa_t *child_sa;
869 
870  clib_warning ("ispi %lx rspi %lx nextpayload %x version %x "
871  "exchange %x flags %x msgid %x length %u",
872  clib_net_to_host_u64 (ike->ispi),
873  clib_net_to_host_u64 (ike->rspi),
874  payload, ike->version,
875  ike->exchange, ike->flags,
876  clib_net_to_host_u32 (ike->msgid), len);
877 
878  plaintext = ikev2_decrypt_sk_payload (sa, ike, &payload);
879 
880  if (!plaintext)
881  goto cleanup_and_exit;
882 
883  /* process encrypted payload */
884  p = 0;
885  while (p < vec_len (plaintext) && payload != IKEV2_PAYLOAD_NONE)
886  {
887  ikep = (ike_payload_header_t *) & plaintext[p];
888  plen = clib_net_to_host_u16 (ikep->length);
889 
890  if (plen < sizeof (ike_payload_header_t))
891  goto cleanup_and_exit;
892 
893  else if (payload == IKEV2_PAYLOAD_SA)
894  {
895  proposal = ikev2_parse_sa_payload (ikep);
896  }
897  else if (payload == IKEV2_PAYLOAD_NOTIFY)
898  {
899  n = ikev2_parse_notify_payload (ikep);
900  if (n->msg_type == IKEV2_NOTIFY_MSG_REKEY_SA)
901  {
902  rekeying = 1;
903  }
904  }
905  else if (payload == IKEV2_PAYLOAD_DELETE)
906  {
907  sa->del = ikev2_parse_delete_payload (ikep);
908  }
909  else if (payload == IKEV2_PAYLOAD_VENDOR)
910  {
912  }
913  else if (payload == IKEV2_PAYLOAD_NONCE)
914  {
915  clib_memcpy (i_nonce, ikep->payload, plen - sizeof (*ikep));
916  }
917  else if (payload == IKEV2_PAYLOAD_TSI)
918  {
919  tsi = ikev2_parse_ts_payload (ikep);
920  }
921  else if (payload == IKEV2_PAYLOAD_TSR)
922  {
923  tsr = ikev2_parse_ts_payload (ikep);
924  }
925  else
926  {
927  clib_warning ("unknown payload %u flags %x length %u data %u",
928  payload, ikep->flags, plen - 4,
929  format_hex_bytes, ikep->payload, plen - 4);
930 
931  if (ikep->flags & IKEV2_PAYLOAD_FLAG_CRITICAL)
932  {
933  sa->unsupported_cp = payload;
934  return;
935  }
936  }
937 
938  payload = ikep->nextpayload;
939  p += plen;
940  }
941 
942  if (rekeying)
943  {
944  ikev2_rekey_t *rekey;
945  child_sa = ikev2_sa_get_child (sa, n->spi, n->protocol_id);
946  if (!child_sa)
947  {
948  clib_warning ("child SA spi %lx not found", n->spi);
949  goto cleanup_and_exit;
950  }
951  vec_add2 (sa->rekey, rekey, 1);
952  rekey->protocol_id = n->protocol_id;
953  rekey->spi = n->spi;
954  rekey->i_proposal = proposal;
955  rekey->r_proposal =
957  rekey->tsi = tsi;
958  rekey->tsr = tsr;
959  /* update Ni */
960  vec_free (sa->i_nonce);
961  vec_add (sa->i_nonce, i_nonce, IKEV2_NONCE_SIZE);
962  /* generate new Nr */
963  vec_free (sa->r_nonce);
965  RAND_bytes ((u8 *) sa->r_nonce, IKEV2_NONCE_SIZE);
966  }
967 
968 cleanup_and_exit:
969  vec_free (plaintext);
970  vec_free (n);
971 }
972 
973 static u8 *
974 ikev2_sa_generate_authmsg (ikev2_sa_t * sa, int is_responder)
975 {
976  u8 *authmsg = 0;
977  u8 *data;
978  u8 *nonce;
979  ikev2_id_t *id;
980  u8 *key;
981  u8 *packet_data;
982  ikev2_sa_transform_t *tr_prf;
983 
984  tr_prf =
985  ikev2_sa_get_td_for_type (sa->r_proposals, IKEV2_TRANSFORM_TYPE_PRF);
986 
987  if (is_responder)
988  {
989  id = &sa->r_id;
990  key = sa->sk_pr;
991  nonce = sa->i_nonce;
992  packet_data = sa->last_sa_init_res_packet_data;
993  }
994  else
995  {
996  id = &sa->i_id;
997  key = sa->sk_pi;
998  nonce = sa->r_nonce;
999  packet_data = sa->last_sa_init_req_packet_data;
1000  }
1001 
1002  data = vec_new (u8, 4);
1003  data[0] = id->type;
1004  vec_append (data, id->data);
1005 
1006  u8 *id_hash = ikev2_calc_prf (tr_prf, key, data);
1007  vec_append (authmsg, packet_data);
1008  vec_append (authmsg, nonce);
1009  vec_append (authmsg, id_hash);
1010  vec_free (id_hash);
1011  vec_free (data);
1012 
1013  return authmsg;
1014 }
1015 
1016 static int
1018 {
1019  if (ts1->ts_type == ts2->ts_type && ts1->protocol_id == ts2->protocol_id &&
1020  ts1->start_port == ts2->start_port && ts1->end_port == ts2->end_port &&
1021  ts1->start_addr.as_u32 == ts2->start_addr.as_u32 &&
1022  ts1->end_addr.as_u32 == ts2->end_addr.as_u32)
1023  return 1;
1024 
1025  return 0;
1026 }
1027 
1028 static void
1030 {
1031  ikev2_main_t *km = &ikev2_main;
1032  ikev2_profile_t *p;
1033  ikev2_ts_t *ts, *tsi = 0, *tsr = 0;
1034 
1035  /* *INDENT-OFF* */
1036  pool_foreach (p, km->profiles, ({
1037 
1038  /* check id */
1039  if (p->rem_id.type != sa->i_id.type ||
1040  vec_len(p->rem_id.data) != vec_len(sa->i_id.data) ||
1041  memcmp(p->rem_id.data, sa->i_id.data, vec_len(p->rem_id.data)))
1042  continue;
1043 
1044  vec_foreach(ts, sa->childs[0].tsi)
1045  {
1046  if (ikev2_ts_cmp(&p->rem_ts, ts))
1047  {
1048  tsi = vec_dup(ts);
1049  break;
1050  }
1051  }
1052 
1053  vec_foreach(ts, sa->childs[0].tsr)
1054  {
1055  if (ikev2_ts_cmp(&p->loc_ts, ts))
1056  {
1057  tsr = vec_dup(ts);
1058  break;
1059  }
1060  }
1061 
1062  break;
1063  }));
1064  /* *INDENT-ON* */
1065 
1066  if (tsi && tsr)
1067  {
1068  vec_free (sa->childs[0].tsi);
1069  vec_free (sa->childs[0].tsr);
1070  sa->childs[0].tsi = tsi;
1071  sa->childs[0].tsr = tsr;
1072  }
1073  else
1074  {
1075  vec_free (tsi);
1076  vec_free (tsr);
1078  }
1079 }
1080 
1081 static void
1083 {
1084  ikev2_main_t *km = &ikev2_main;
1085  ikev2_profile_t *p, *sel_p = 0;
1086  u8 *authmsg, *key_pad, *psk = 0, *auth = 0;
1087  ikev2_sa_transform_t *tr_prf;
1088 
1089  tr_prf =
1090  ikev2_sa_get_td_for_type (sa->r_proposals, IKEV2_TRANSFORM_TYPE_PRF);
1091 
1092  /* only shared key and rsa signature */
1093  if (!(sa->i_auth.method == IKEV2_AUTH_METHOD_SHARED_KEY_MIC ||
1094  sa->i_auth.method == IKEV2_AUTH_METHOD_RSA_SIG))
1095  {
1096  clib_warning ("unsupported authentication method %u",
1097  sa->i_auth.method);
1099  return;
1100  }
1101 
1102  key_pad = format (0, "%s", IKEV2_KEY_PAD);
1103  authmsg = ikev2_sa_generate_authmsg (sa, 0);
1104 
1105  /* *INDENT-OFF* */
1106  pool_foreach (p, km->profiles, ({
1107 
1108  /* check id */
1109  if (p->rem_id.type != sa->i_id.type ||
1110  vec_len(p->rem_id.data) != vec_len(sa->i_id.data) ||
1111  memcmp(p->rem_id.data, sa->i_id.data, vec_len(p->rem_id.data)))
1112  continue;
1113 
1114  if (sa->i_auth.method == IKEV2_AUTH_METHOD_SHARED_KEY_MIC)
1115  {
1116  if (!p->auth.data ||
1117  p->auth.method != IKEV2_AUTH_METHOD_SHARED_KEY_MIC)
1118  continue;
1119 
1120  psk = ikev2_calc_prf(tr_prf, p->auth.data, key_pad);
1121  auth = ikev2_calc_prf(tr_prf, psk, authmsg);
1122 
1123  if (!memcmp(auth, sa->i_auth.data, vec_len(sa->i_auth.data)))
1124  {
1125  ikev2_set_state(sa, IKEV2_STATE_AUTHENTICATED);
1126  vec_free(auth);
1127  sel_p = p;
1128  break;
1129  }
1130 
1131  }
1132  else if (sa->i_auth.method == IKEV2_AUTH_METHOD_RSA_SIG)
1133  {
1134  if (p->auth.method != IKEV2_AUTH_METHOD_RSA_SIG)
1135  continue;
1136 
1137  if (ikev2_verify_sign(p->auth.key, sa->i_auth.data, authmsg) == 1)
1138  {
1139  ikev2_set_state(sa, IKEV2_STATE_AUTHENTICATED);
1140  sel_p = p;
1141  break;
1142  }
1143  }
1144 
1145  vec_free(auth);
1146  vec_free(psk);
1147  }));
1148  /* *INDENT-ON* */
1149 
1150  vec_free (authmsg);
1151 
1152  if (sa->state == IKEV2_STATE_AUTHENTICATED)
1153  {
1154  vec_free (sa->r_id.data);
1155  sa->r_id.data = vec_dup (sel_p->loc_id.data);
1156  sa->r_id.type = sel_p->loc_id.type;
1157 
1158  /* generate our auth data */
1159  authmsg = ikev2_sa_generate_authmsg (sa, 1);
1160  if (sel_p->auth.method == IKEV2_AUTH_METHOD_SHARED_KEY_MIC)
1161  {
1162  sa->r_auth.data = ikev2_calc_prf (tr_prf, psk, authmsg);
1163  sa->r_auth.method = IKEV2_AUTH_METHOD_SHARED_KEY_MIC;
1164  }
1165  else if (sel_p->auth.method == IKEV2_AUTH_METHOD_RSA_SIG)
1166  {
1167  sa->r_auth.data = ikev2_calc_sign (km->pkey, authmsg);
1168  sa->r_auth.method = IKEV2_AUTH_METHOD_RSA_SIG;
1169  }
1170  vec_free (authmsg);
1171 
1172  /* select transforms for 1st child sa */
1173  ikev2_sa_free_proposal_vector (&sa->childs[0].r_proposals);
1174  sa->childs[0].r_proposals =
1175  ikev2_select_proposal (sa->childs[0].i_proposals, IKEV2_PROTOCOL_ESP);
1176  }
1177  else
1178  {
1180  }
1181  vec_free (psk);
1182  vec_free (key_pad);
1183 }
1184 
1185 static int
1187  ikev2_child_sa_t * child)
1188 {
1191  u8 encr_type = 0;
1192 
1193  if (!child->r_proposals)
1194  {
1196  return 1;
1197  }
1198 
1199  memset (&a, 0, sizeof (a));
1200  a.is_add = 1;
1201  a.local_ip.as_u32 = sa->raddr.as_u32;
1202  a.remote_ip.as_u32 = sa->iaddr.as_u32;
1203  a.local_spi = child->i_proposals[0].spi;
1204  a.remote_spi = child->r_proposals[0].spi;
1205  a.anti_replay = 1;
1206 
1207  tr =
1208  ikev2_sa_get_td_for_type (child->r_proposals, IKEV2_TRANSFORM_TYPE_ESN);
1209  if (tr)
1210  a.esn = tr->esn_type;
1211  else
1212  a.esn = 0;
1213 
1214  tr =
1215  ikev2_sa_get_td_for_type (child->r_proposals, IKEV2_TRANSFORM_TYPE_ENCR);
1216  if (tr)
1217  {
1218  if (tr->encr_type == IKEV2_TRANSFORM_ENCR_TYPE_AES_CBC && tr->key_len)
1219  {
1220  switch (tr->key_len)
1221  {
1222  case 16:
1223  encr_type = IPSEC_CRYPTO_ALG_AES_CBC_128;
1224  break;
1225  case 24:
1226  encr_type = IPSEC_CRYPTO_ALG_AES_CBC_192;
1227  break;
1228  case 32:
1229  encr_type = IPSEC_CRYPTO_ALG_AES_CBC_256;
1230  break;
1231  default:
1233  return 1;
1234  break;
1235  }
1236  }
1237  else
1238  {
1240  return 1;
1241  }
1242  }
1243  else
1244  {
1246  return 1;
1247  }
1248 
1249  tr =
1250  ikev2_sa_get_td_for_type (child->r_proposals, IKEV2_TRANSFORM_TYPE_INTEG);
1251  if (tr)
1252  {
1253  if (tr->integ_type != IKEV2_TRANSFORM_INTEG_TYPE_AUTH_HMAC_SHA1_96)
1254  {
1256  return 1;
1257  }
1258  }
1259  else
1260  {
1262  return 1;
1263  }
1264 
1265  ikev2_calc_child_keys (sa, child);
1266 
1267  a.integ_alg = IPSEC_INTEG_ALG_SHA1_96;
1268  a.local_integ_key_len = vec_len (child->sk_ar);
1270  a.remote_integ_key_len = vec_len (child->sk_ai);
1272 
1273  a.crypto_alg = encr_type;
1274  a.local_crypto_key_len = vec_len (child->sk_er);
1276  a.remote_crypto_key_len = vec_len (child->sk_ei);
1278 
1280 
1281  return 0;
1282 }
1283 
1284 static int
1286  ikev2_child_sa_t * child)
1287 {
1289 
1290  if (!vec_len (child->r_proposals))
1291  return 0;
1292 
1293  a.is_add = 0;
1294  a.local_ip.as_u32 = sa->raddr.as_u32;
1295  a.remote_ip.as_u32 = sa->iaddr.as_u32;
1296  a.local_spi = child->i_proposals[0].spi;
1297  a.remote_spi = child->r_proposals[0].spi;
1298 
1300  return 0;
1301 }
1302 
1303 static u32
1304 ikev2_generate_resp (ikev2_sa_t * sa, ike_header_t * ike)
1305 {
1306  v8 *integ = 0;
1307  ike_payload_header_t *ph;
1308  u16 plen;
1309  u32 tlen = 0;
1310 
1311  ikev2_sa_transform_t *tr_encr, *tr_integ;
1312  tr_encr =
1313  ikev2_sa_get_td_for_type (sa->r_proposals, IKEV2_TRANSFORM_TYPE_ENCR);
1314  tr_integ =
1315  ikev2_sa_get_td_for_type (sa->r_proposals, IKEV2_TRANSFORM_TYPE_INTEG);
1316 
1317  ikev2_payload_chain_t *chain = 0;
1318  ikev2_payload_new_chain (chain);
1319 
1320  if (ike->exchange == IKEV2_EXCHANGE_SA_INIT)
1321  {
1322  if (sa->r_proposals == 0)
1323  {
1324  ikev2_payload_add_notify (chain,
1325  IKEV2_NOTIFY_MSG_NO_PROPOSAL_CHOSEN, 0);
1327  }
1328  else if (sa->dh_group == IKEV2_TRANSFORM_DH_TYPE_NONE)
1329  {
1330  u8 *data = vec_new (u8, 2);
1331  ikev2_sa_transform_t *tr_dh;
1332  tr_dh =
1334  IKEV2_TRANSFORM_TYPE_DH);
1335  ASSERT (tr_dh && tr_dh->dh_type);
1336 
1337  data[0] = (tr_dh->dh_type >> 8) & 0xff;
1338  data[1] = (tr_dh->dh_type) & 0xff;
1339 
1340  ikev2_payload_add_notify (chain,
1341  IKEV2_NOTIFY_MSG_INVALID_KE_PAYLOAD,
1342  data);
1343  vec_free (data);
1345  }
1346  else if (sa->state == IKEV2_STATE_NOTIFY_AND_DELETE)
1347  {
1348  u8 *data = vec_new (u8, 1);
1349 
1350  data[0] = sa->unsupported_cp;
1351  ikev2_payload_add_notify (chain,
1352  IKEV2_NOTIFY_MSG_UNSUPPORTED_CRITICAL_PAYLOAD,
1353  data);
1354  vec_free (data);
1355  }
1356  else
1357  {
1358  ike->rspi = clib_host_to_net_u64 (sa->rspi);
1359  ikev2_payload_add_sa (chain, sa->r_proposals);
1360  ikev2_payload_add_ke (chain, sa->dh_group, sa->r_dh_data);
1361  ikev2_payload_add_nonce (chain, sa->r_nonce);
1362  }
1363  }
1364  else if (ike->exchange == IKEV2_EXCHANGE_IKE_AUTH)
1365  {
1366  if (sa->state == IKEV2_STATE_AUTHENTICATED)
1367  {
1369  ikev2_payload_add_auth (chain, &sa->r_auth);
1370  ikev2_payload_add_sa (chain, sa->childs[0].r_proposals);
1373  }
1374  else if (sa->state == IKEV2_STATE_AUTH_FAILED)
1375  {
1376  ikev2_payload_add_notify (chain,
1377  IKEV2_NOTIFY_MSG_AUTHENTICATION_FAILED,
1378  0);
1380  }
1381  else if (sa->state == IKEV2_STATE_TS_UNACCEPTABLE)
1382  {
1383  ikev2_payload_add_notify (chain, IKEV2_NOTIFY_MSG_TS_UNACCEPTABLE,
1384  0);
1386  ikev2_payload_add_auth (chain, &sa->r_auth);
1387  }
1388  else if (sa->state == IKEV2_STATE_NO_PROPOSAL_CHOSEN)
1389  {
1390  ikev2_payload_add_notify (chain,
1391  IKEV2_NOTIFY_MSG_NO_PROPOSAL_CHOSEN, 0);
1393  ikev2_payload_add_auth (chain, &sa->r_auth);
1396  }
1397  else if (sa->state == IKEV2_STATE_NOTIFY_AND_DELETE)
1398  {
1399  u8 *data = vec_new (u8, 1);
1400 
1401  data[0] = sa->unsupported_cp;
1402  ikev2_payload_add_notify (chain,
1403  IKEV2_NOTIFY_MSG_UNSUPPORTED_CRITICAL_PAYLOAD,
1404  data);
1405  vec_free (data);
1406  }
1407  else
1408  {
1410  goto done;
1411  }
1412  }
1413  else if (ike->exchange == IKEV2_EXCHANGE_INFORMATIONAL)
1414  {
1415  /* if pending delete */
1416  if (sa->del)
1417  {
1418  /* The response to a request that deletes the IKE SA is an empty
1419  INFORMATIONAL response. */
1420  if (sa->del[0].protocol_id == IKEV2_PROTOCOL_IKE)
1421  {
1423  }
1424  /* The response to a request that deletes ESP or AH SAs will contain
1425  delete payloads for the paired SAs going in the other direction. */
1426  else
1427  {
1428  ikev2_payload_add_delete (chain, sa->del);
1429  }
1430  vec_free (sa->del);
1431  sa->del = 0;
1432  }
1433  /* received N(AUTHENTICATION_FAILED) */
1434  else if (sa->state == IKEV2_STATE_AUTH_FAILED)
1435  {
1437  goto done;
1438  }
1439  /* received unsupported critical payload */
1440  else if (sa->unsupported_cp)
1441  {
1442  u8 *data = vec_new (u8, 1);
1443 
1444  data[0] = sa->unsupported_cp;
1445  ikev2_payload_add_notify (chain,
1446  IKEV2_NOTIFY_MSG_UNSUPPORTED_CRITICAL_PAYLOAD,
1447  data);
1448  vec_free (data);
1449  sa->unsupported_cp = 0;
1450  }
1451  /* else send empty response */
1452  }
1453  else if (ike->exchange == IKEV2_EXCHANGE_CREATE_CHILD_SA)
1454  {
1455  if (sa->rekey)
1456  {
1457  ikev2_payload_add_sa (chain, sa->rekey[0].r_proposal);
1458  ikev2_payload_add_nonce (chain, sa->r_nonce);
1461  vec_del1 (sa->rekey, 0);
1462  }
1463  else if (sa->unsupported_cp)
1464  {
1465  u8 *data = vec_new (u8, 1);
1466 
1467  data[0] = sa->unsupported_cp;
1468  ikev2_payload_add_notify (chain,
1469  IKEV2_NOTIFY_MSG_UNSUPPORTED_CRITICAL_PAYLOAD,
1470  data);
1471  vec_free (data);
1472  sa->unsupported_cp = 0;
1473  }
1474  else
1475  {
1476  ikev2_payload_add_notify (chain, IKEV2_NOTIFY_MSG_NO_ADDITIONAL_SAS,
1477  0);
1478  }
1479  }
1480 
1481  /* IKEv2 header */
1482  ike->version = IKE_VERSION_2;
1483  ike->flags = IKEV2_HDR_FLAG_RESPONSE;
1484  ike->nextpayload = IKEV2_PAYLOAD_SK;
1485  tlen = sizeof (*ike);
1486 
1487 
1488  if (ike->exchange == IKEV2_EXCHANGE_SA_INIT)
1489  {
1490  tlen += vec_len (chain->data);
1491  ike->nextpayload = chain->first_payload_type;
1492  ike->length = clib_host_to_net_u32 (tlen);
1493  clib_memcpy (ike->payload, chain->data, vec_len (chain->data));
1494 
1495  /* store whole IKE payload - needed for PSK auth */
1497  vec_add (sa->last_sa_init_res_packet_data, ike, tlen);
1498  }
1499  else
1500  {
1501 
1502  ikev2_payload_chain_add_padding (chain, tr_encr->block_size);
1503 
1504  /* SK payload */
1505  plen = sizeof (*ph);
1506  ph = (ike_payload_header_t *) & ike->payload[0];
1507  ph->nextpayload = chain->first_payload_type;
1508  ph->flags = 0;
1509  int enc_len = ikev2_encrypt_data (sa, chain->data, ph->payload);
1510  plen += enc_len;
1511 
1512  /* add space for hmac */
1513  plen += tr_integ->key_trunc;
1514  tlen += plen;
1515 
1516  /* payload and total length */
1517  ph->length = clib_host_to_net_u16 (plen);
1518  ike->length = clib_host_to_net_u32 (tlen);
1519 
1520  /* calc integrity data for whole packet except hash itself */
1521  integ = ikev2_calc_integr (tr_integ, sa->sk_ar, (u8 *) ike,
1522  tlen - tr_integ->key_trunc);
1523 
1524  clib_memcpy (ike->payload + tlen - tr_integ->key_trunc - sizeof (*ike),
1525  integ, tr_integ->key_trunc);
1526 
1527  /* store whole IKE payload - needed for retransmit */
1529  vec_add (sa->last_res_packet_data, ike, tlen);
1530  }
1531 
1532 done:
1534  vec_free (integ);
1535  return tlen;
1536 }
1537 
1538 static int
1539 ikev2_retransmit_sa_init (ike_header_t * ike,
1540  ip4_address_t iaddr, ip4_address_t raddr)
1541 {
1542  ikev2_main_t *km = &ikev2_main;
1543  ikev2_sa_t *sa;
1544  u32 cpu_index = os_get_cpu_number ();
1545 
1546  /* *INDENT-OFF* */
1547  pool_foreach (sa, km->per_thread_data[cpu_index].sas, ({
1548  if (sa->ispi == clib_net_to_host_u64(ike->ispi) &&
1549  sa->iaddr.as_u32 == iaddr.as_u32 &&
1550  sa->raddr.as_u32 == raddr.as_u32)
1551  {
1552  int p = 0;
1553  u32 len = clib_net_to_host_u32(ike->length);
1554  u8 payload = ike->nextpayload;
1555 
1556  while (p < len && payload!= IKEV2_PAYLOAD_NONE) {
1557  ike_payload_header_t * ikep = (ike_payload_header_t *) &ike->payload[p];
1558  u32 plen = clib_net_to_host_u16(ikep->length);
1559 
1560  if (plen < sizeof(ike_payload_header_t))
1561  return -1;
1562 
1563  if (payload == IKEV2_PAYLOAD_NONCE)
1564  {
1565  if (!memcmp(sa->i_nonce, ikep->payload, plen - sizeof(*ikep)))
1566  {
1567  /* req is retransmit */
1568  if (sa->state == IKEV2_STATE_SA_INIT)
1569  {
1570  ike_header_t * tmp;
1571  tmp = (ike_header_t*)sa->last_sa_init_res_packet_data;
1572  ike->ispi = tmp->ispi;
1573  ike->rspi = tmp->rspi;
1574  ike->nextpayload = tmp->nextpayload;
1575  ike->version = tmp->version;
1576  ike->exchange = tmp->exchange;
1577  ike->flags = tmp->flags;
1578  ike->msgid = tmp->msgid;
1579  ike->length = tmp->length;
1580  clib_memcpy(ike->payload, tmp->payload,
1581  clib_net_to_host_u32(tmp->length) - sizeof(*ike));
1582  clib_warning("IKE_SA_INIT retransmit from %U to %U",
1583  format_ip4_address, &raddr,
1584  format_ip4_address, &iaddr);
1585  return 1;
1586  }
1587  /* else ignore req */
1588  else
1589  {
1590  clib_warning("IKE_SA_INIT ignore from %U to %U",
1591  format_ip4_address, &raddr,
1592  format_ip4_address, &iaddr);
1593  return -1;
1594  }
1595  }
1596  }
1597  payload = ikep->nextpayload;
1598  p+=plen;
1599  }
1600  }
1601  }));
1602  /* *INDENT-ON* */
1603 
1604  /* req is not retransmit */
1605  return 0;
1606 }
1607 
1608 static int
1609 ikev2_retransmit_resp (ikev2_sa_t * sa, ike_header_t * ike)
1610 {
1611  u32 msg_id = clib_net_to_host_u32 (ike->msgid);
1612 
1613  /* new req */
1614  if (msg_id > sa->last_msg_id)
1615  {
1616  sa->last_msg_id = msg_id;
1617  return 0;
1618  }
1619  /* retransmitted req */
1620  else if (msg_id == sa->last_msg_id)
1621  {
1622  ike_header_t *tmp;
1623  tmp = (ike_header_t *) sa->last_res_packet_data;
1624  ike->ispi = tmp->ispi;
1625  ike->rspi = tmp->rspi;
1626  ike->nextpayload = tmp->nextpayload;
1627  ike->version = tmp->version;
1628  ike->exchange = tmp->exchange;
1629  ike->flags = tmp->flags;
1630  ike->msgid = tmp->msgid;
1631  ike->length = tmp->length;
1632  clib_memcpy (ike->payload, tmp->payload,
1633  clib_net_to_host_u32 (tmp->length) - sizeof (*ike));
1634  clib_warning ("IKE msgid %u retransmit from %U to %U",
1635  msg_id,
1636  format_ip4_address, &sa->raddr,
1637  format_ip4_address, &sa->iaddr);
1638  return 1;
1639  }
1640  /* old req ignore */
1641  else
1642  {
1643  clib_warning ("IKE msgid %u req ignore from %U to %U",
1644  msg_id,
1645  format_ip4_address, &sa->raddr,
1646  format_ip4_address, &sa->iaddr);
1647  return -1;
1648  }
1649 }
1650 
1651 static uword
1653  vlib_node_runtime_t * node, vlib_frame_t * frame)
1654 {
1655  u32 n_left_from, *from, *to_next;
1656  ikev2_next_t next_index;
1657  ikev2_main_t *km = &ikev2_main;
1658  u32 cpu_index = os_get_cpu_number ();
1659 
1660  from = vlib_frame_vector_args (frame);
1661  n_left_from = frame->n_vectors;
1662  next_index = node->cached_next_index;
1663 
1664  while (n_left_from > 0)
1665  {
1666  u32 n_left_to_next;
1667 
1668  vlib_get_next_frame (vm, node, next_index, to_next, n_left_to_next);
1669 
1670  while (n_left_from > 0 && n_left_to_next > 0)
1671  {
1672  u32 bi0;
1673  vlib_buffer_t *b0;
1674  u32 next0 = IKEV2_NEXT_ERROR_DROP;
1675  u32 sw_if_index0;
1676  ip4_header_t *ip40;
1677  udp_header_t *udp0;
1678  ike_header_t *ike0;
1679  ikev2_sa_t *sa0 = 0;
1680  ikev2_sa_t sa; /* temporary store for SA */
1681  int len = 0;
1682  int r;
1683 
1684  /* speculatively enqueue b0 to the current next frame */
1685  bi0 = from[0];
1686  to_next[0] = bi0;
1687  from += 1;
1688  to_next += 1;
1689  n_left_from -= 1;
1690  n_left_to_next -= 1;
1691 
1692  b0 = vlib_get_buffer (vm, bi0);
1693  ike0 = vlib_buffer_get_current (b0);
1694  vlib_buffer_advance (b0, -sizeof (*udp0));
1695  udp0 = vlib_buffer_get_current (b0);
1696  vlib_buffer_advance (b0, -sizeof (*ip40));
1697  ip40 = vlib_buffer_get_current (b0);
1698 
1699  if (ike0->version != IKE_VERSION_2)
1700  {
1702  IKEV2_ERROR_NOT_IKEV2, 1);
1703  goto dispatch0;
1704  }
1705 
1706  if (ike0->exchange == IKEV2_EXCHANGE_SA_INIT)
1707  {
1708  sa0 = &sa;
1709  memset (sa0, 0, sizeof (*sa0));
1710 
1711  if (ike0->rspi == 0)
1712  {
1713  sa0->raddr.as_u32 = ip40->dst_address.as_u32;
1714  sa0->iaddr.as_u32 = ip40->src_address.as_u32;
1715 
1716  r = ikev2_retransmit_sa_init (ike0, sa0->iaddr, sa0->raddr);
1717  if (r == 1)
1718  {
1720  IKEV2_ERROR_IKE_SA_INIT_RETRANSMIT,
1721  1);
1722  len = clib_net_to_host_u32 (ike0->length);
1723  goto dispatch0;
1724  }
1725  else if (r == -1)
1726  {
1728  IKEV2_ERROR_IKE_SA_INIT_IGNORE,
1729  1);
1730  goto dispatch0;
1731  }
1732 
1733  ikev2_process_sa_init_req (vm, sa0, ike0);
1734 
1735  if (sa0->state == IKEV2_STATE_SA_INIT)
1736  {
1738  sa0->r_proposals =
1742  }
1743 
1744  if (sa0->state == IKEV2_STATE_SA_INIT ||
1746  {
1747  len = ikev2_generate_resp (sa0, ike0);
1748  }
1749 
1750  if (sa0->state == IKEV2_STATE_SA_INIT)
1751  {
1752  /* add SA to the pool */
1753  pool_get (km->per_thread_data[cpu_index].sas, sa0);
1754  clib_memcpy (sa0, &sa, sizeof (*sa0));
1755  hash_set (km->per_thread_data[cpu_index].sa_by_rspi,
1756  sa0->rspi,
1757  sa0 - km->per_thread_data[cpu_index].sas);
1758  }
1759  else
1760  {
1761  ikev2_sa_free_all_vec (sa0);
1762  }
1763  }
1764  }
1765  else if (ike0->exchange == IKEV2_EXCHANGE_IKE_AUTH)
1766  {
1767  uword *p;
1768  p = hash_get (km->per_thread_data[cpu_index].sa_by_rspi,
1769  clib_net_to_host_u64 (ike0->rspi));
1770  if (p)
1771  {
1772  sa0 = pool_elt_at_index (km->per_thread_data[cpu_index].sas,
1773  p[0]);
1774 
1775  r = ikev2_retransmit_resp (sa0, ike0);
1776  if (r == 1)
1777  {
1779  IKEV2_ERROR_IKE_REQ_RETRANSMIT,
1780  1);
1781  len = clib_net_to_host_u32 (ike0->length);
1782  goto dispatch0;
1783  }
1784  else if (r == -1)
1785  {
1787  IKEV2_ERROR_IKE_REQ_IGNORE,
1788  1);
1789  goto dispatch0;
1790  }
1791 
1792  ikev2_process_auth_req (vm, sa0, ike0);
1793  ikev2_sa_auth (sa0);
1794  if (sa0->state == IKEV2_STATE_AUTHENTICATED)
1795  {
1797  ikev2_sa_match_ts (sa0);
1798  if (sa0->state != IKEV2_STATE_TS_UNACCEPTABLE)
1800  &sa0->childs[0]);
1801  }
1802  len = ikev2_generate_resp (sa0, ike0);
1803  }
1804  }
1805  else if (ike0->exchange == IKEV2_EXCHANGE_INFORMATIONAL)
1806  {
1807  uword *p;
1808  p = hash_get (km->per_thread_data[cpu_index].sa_by_rspi,
1809  clib_net_to_host_u64 (ike0->rspi));
1810  if (p)
1811  {
1812  sa0 = pool_elt_at_index (km->per_thread_data[cpu_index].sas,
1813  p[0]);
1814 
1815  r = ikev2_retransmit_resp (sa0, ike0);
1816  if (r == 1)
1817  {
1819  IKEV2_ERROR_IKE_REQ_RETRANSMIT,
1820  1);
1821  len = clib_net_to_host_u32 (ike0->length);
1822  goto dispatch0;
1823  }
1824  else if (r == -1)
1825  {
1827  IKEV2_ERROR_IKE_REQ_IGNORE,
1828  1);
1829  goto dispatch0;
1830  }
1831 
1832  ikev2_process_informational_req (vm, sa0, ike0);
1833  if (sa0->del)
1834  {
1835  if (sa0->del[0].protocol_id != IKEV2_PROTOCOL_IKE)
1836  {
1837  ikev2_delete_t *d, *tmp, *resp = 0;
1838  vec_foreach (d, sa0->del)
1839  {
1840  ikev2_child_sa_t *ch_sa;
1841  ch_sa = ikev2_sa_get_child (sa0, d->spi,
1842  d->protocol_id);
1843  if (ch_sa)
1844  {
1846  sa0, ch_sa);
1847  vec_add2 (resp, tmp, 1);
1848  tmp->protocol_id = d->protocol_id;
1849  tmp->spi = ch_sa->r_proposals[0].spi;
1850  ikev2_sa_del_child_sa (sa0, ch_sa);
1851  }
1852  }
1853  vec_free (sa0->del);
1854  sa0->del = resp;
1855  }
1856  }
1857  len = ikev2_generate_resp (sa0, ike0);
1858  }
1859  }
1860  else if (ike0->exchange == IKEV2_EXCHANGE_CREATE_CHILD_SA)
1861  {
1862  uword *p;
1863  p = hash_get (km->per_thread_data[cpu_index].sa_by_rspi,
1864  clib_net_to_host_u64 (ike0->rspi));
1865  if (p)
1866  {
1867  sa0 = pool_elt_at_index (km->per_thread_data[cpu_index].sas,
1868  p[0]);
1869 
1870  r = ikev2_retransmit_resp (sa0, ike0);
1871  if (r == 1)
1872  {
1874  IKEV2_ERROR_IKE_REQ_RETRANSMIT,
1875  1);
1876  len = clib_net_to_host_u32 (ike0->length);
1877  goto dispatch0;
1878  }
1879  else if (r == -1)
1880  {
1882  IKEV2_ERROR_IKE_REQ_IGNORE,
1883  1);
1884  goto dispatch0;
1885  }
1886 
1887  ikev2_process_create_child_sa_req (vm, sa0, ike0);
1888  if (sa0->rekey)
1889  {
1890  if (sa0->rekey[0].protocol_id != IKEV2_PROTOCOL_IKE)
1891  {
1892  ikev2_child_sa_t *child;
1893  vec_add2 (sa0->childs, child, 1);
1894  child->r_proposals = sa0->rekey[0].r_proposal;
1895  child->i_proposals = sa0->rekey[0].i_proposal;
1896  child->tsi = sa0->rekey[0].tsi;
1897  child->tsr = sa0->rekey[0].tsr;
1899  child);
1900  }
1901  len = ikev2_generate_resp (sa0, ike0);
1902  }
1903  }
1904  }
1905  else
1906  {
1907  clib_warning ("IKEv2 exchange %u packet received from %U to %U",
1908  ike0->exchange,
1911  }
1912 
1913  dispatch0:
1914  /* if we are sending packet back, rewrite headers */
1915  if (len)
1916  {
1917  next0 = IKEV2_NEXT_IP4_LOOKUP;
1918  ip40->dst_address.as_u32 = sa0->iaddr.as_u32;
1919  ip40->src_address.as_u32 = sa0->raddr.as_u32;
1920  udp0->length =
1921  clib_host_to_net_u16 (len + sizeof (udp_header_t));
1922  udp0->checksum = 0;
1923  b0->current_length =
1924  len + sizeof (ip4_header_t) + sizeof (udp_header_t);
1925  ip40->length = clib_host_to_net_u16 (b0->current_length);
1926  ip40->checksum = ip4_header_checksum (ip40);
1927  }
1928  /* delete sa */
1929  if (sa0 && (sa0->state == IKEV2_STATE_DELETED ||
1931  {
1933 
1934  vec_foreach (c, sa0->childs)
1936 
1937  ikev2_delete_sa (sa0);
1938  }
1939  sw_if_index0 = vnet_buffer (b0)->sw_if_index[VLIB_RX];
1940 
1942  && (b0->flags & VLIB_BUFFER_IS_TRACED)))
1943  {
1944  ikev2_trace_t *t = vlib_add_trace (vm, node, b0, sizeof (*t));
1945  t->sw_if_index = sw_if_index0;
1946  t->next_index = next0;
1947  }
1948 
1949  vlib_validate_buffer_enqueue_x1 (vm, node, next_index, to_next,
1950  n_left_to_next, bi0, next0);
1951  }
1952 
1953  vlib_put_next_frame (vm, node, next_index, n_left_to_next);
1954  }
1955 
1957  IKEV2_ERROR_PROCESSED, frame->n_vectors);
1958  return frame->n_vectors;
1959 }
1960 
1961 /* *INDENT-OFF* */
1962 VLIB_REGISTER_NODE (ikev2_node,static) = {
1963  .function = ikev2_node_fn,
1964  .name = "ikev2",
1965  .vector_size = sizeof (u32),
1966  .format_trace = format_ikev2_trace,
1968 
1969  .n_errors = ARRAY_LEN(ikev2_error_strings),
1970  .error_strings = ikev2_error_strings,
1971 
1972  .n_next_nodes = IKEV2_N_NEXT,
1973 
1974  .next_nodes = {
1975  [IKEV2_NEXT_IP4_LOOKUP] = "ip4-lookup",
1976  [IKEV2_NEXT_ERROR_DROP] = "error-drop",
1977  },
1978 };
1979 /* *INDENT-ON* */
1980 
1981 
1982 static ikev2_profile_t *
1984 {
1985  ikev2_main_t *km = &ikev2_main;
1986  uword *p;
1987 
1988  p = mhash_get (&km->profile_index_by_name, name);
1989  if (!p)
1990  return 0;
1991 
1992  return pool_elt_at_index (km->profiles, p[0]);
1993 }
1994 
1995 clib_error_t *
1997 {
1998  ikev2_main_t *km = &ikev2_main;
1999 
2000  km->pkey = ikev2_load_key_file (file);
2001  if (km->pkey == NULL)
2002  return clib_error_return (0, "load key '%s' failed", file);
2003 
2004  return 0;
2005 }
2006 
2007 clib_error_t *
2008 ikev2_add_del_profile (vlib_main_t * vm, u8 * name, int is_add)
2009 {
2010  ikev2_main_t *km = &ikev2_main;
2011  ikev2_profile_t *p;
2012 
2013  if (is_add)
2014  {
2015  if (ikev2_profile_index_by_name (name))
2016  return clib_error_return (0, "policy %v already exists", name);
2017 
2018  pool_get (km->profiles, p);
2019  memset (p, 0, sizeof (*p));
2020  p->name = vec_dup (name);
2021  uword index = p - km->profiles;
2022  mhash_set_mem (&km->profile_index_by_name, name, &index, 0);
2023  }
2024  else
2025  {
2026  p = ikev2_profile_index_by_name (name);
2027  if (!p)
2028  return clib_error_return (0, "policy %v does not exists", name);
2029 
2030  vec_free (p->name);
2031  pool_put (km->profiles, p);
2032  mhash_unset (&km->profile_index_by_name, name, 0);
2033  }
2034  return 0;
2035 }
2036 
2037 clib_error_t *
2038 ikev2_set_profile_auth (vlib_main_t * vm, u8 * name, u8 auth_method,
2039  u8 * auth_data, u8 data_hex_format)
2040 {
2041  ikev2_profile_t *p;
2042  clib_error_t *r;
2043 
2044  p = ikev2_profile_index_by_name (name);
2045 
2046  if (!p)
2047  {
2048  r = clib_error_return (0, "unknown profile %v", name);
2049  return r;
2050  }
2051  vec_free (p->auth.data);
2052  p->auth.method = auth_method;
2053  p->auth.data = vec_dup (auth_data);
2054  p->auth.hex = data_hex_format;
2055 
2056  if (auth_method == IKEV2_AUTH_METHOD_RSA_SIG)
2057  {
2058  vec_add1 (p->auth.data, 0);
2059  if (p->auth.key)
2060  EVP_PKEY_free (p->auth.key);
2061  p->auth.key = ikev2_load_cert_file (auth_data);
2062  if (p->auth.key == NULL)
2063  return clib_error_return (0, "load cert '%s' failed", auth_data);
2064  }
2065 
2066  return 0;
2067 }
2068 
2069 clib_error_t *
2070 ikev2_set_profile_id (vlib_main_t * vm, u8 * name, u8 id_type, u8 * data,
2071  int is_local)
2072 {
2073  ikev2_profile_t *p;
2074  clib_error_t *r;
2075 
2076  if (id_type > IKEV2_ID_TYPE_ID_RFC822_ADDR
2077  && id_type < IKEV2_ID_TYPE_ID_KEY_ID)
2078  {
2079  r = clib_error_return (0, "unsupported identity type %U",
2080  format_ikev2_id_type, id_type);
2081  return r;
2082  }
2083 
2084  p = ikev2_profile_index_by_name (name);
2085 
2086  if (!p)
2087  {
2088  r = clib_error_return (0, "unknown profile %v", name);
2089  return r;
2090  }
2091 
2092  if (is_local)
2093  {
2094  vec_free (p->loc_id.data);
2095  p->loc_id.type = id_type;
2096  p->loc_id.data = vec_dup (data);
2097  }
2098  else
2099  {
2100  vec_free (p->rem_id.data);
2101  p->rem_id.type = id_type;
2102  p->rem_id.data = vec_dup (data);
2103  }
2104 
2105  return 0;
2106 }
2107 
2108 clib_error_t *
2109 ikev2_set_profile_ts (vlib_main_t * vm, u8 * name, u8 protocol_id,
2110  u16 start_port, u16 end_port, ip4_address_t start_addr,
2111  ip4_address_t end_addr, int is_local)
2112 {
2113  ikev2_profile_t *p;
2114  clib_error_t *r;
2115 
2116  p = ikev2_profile_index_by_name (name);
2117 
2118  if (!p)
2119  {
2120  r = clib_error_return (0, "unknown profile %v", name);
2121  return r;
2122  }
2123 
2124  if (is_local)
2125  {
2126  p->loc_ts.start_addr.as_u32 = start_addr.as_u32;
2127  p->loc_ts.end_addr.as_u32 = end_addr.as_u32;
2128  p->loc_ts.start_port = start_port;
2129  p->loc_ts.end_port = end_port;
2130  p->loc_ts.protocol_id = protocol_id;
2131  p->loc_ts.ts_type = 7;
2132  }
2133  else
2134  {
2135  p->rem_ts.start_addr.as_u32 = start_addr.as_u32;
2136  p->rem_ts.end_addr.as_u32 = end_addr.as_u32;
2137  p->rem_ts.start_port = start_port;
2138  p->rem_ts.end_port = end_port;
2139  p->rem_ts.protocol_id = protocol_id;
2140  p->rem_ts.ts_type = 7;
2141  }
2142 
2143  return 0;
2144 }
2145 
2146 
2147 clib_error_t *
2149 {
2150  ikev2_main_t *km = &ikev2_main;
2151  clib_error_t *error;
2153  int thread_id;
2154 
2155  memset (km, 0, sizeof (ikev2_main_t));
2156  km->vnet_main = vnet_get_main ();
2157  km->vlib_main = vm;
2158 
2159  ikev2_crypto_init (km);
2160 
2162 
2163  vec_validate (km->per_thread_data, tm->n_vlib_mains - 1);
2164  for (thread_id = 0; thread_id < tm->n_vlib_mains - 1; thread_id++)
2165  {
2166  km->per_thread_data[thread_id].sa_by_rspi =
2167  hash_create (0, sizeof (uword));
2168  }
2169 
2170  if ((error = vlib_call_init_function (vm, ikev2_cli_init)))
2171  return error;
2172 
2173  udp_register_dst_port (vm, 500, ikev2_node.index, 1);
2174 
2175  return 0;
2176 }
2177 
2178 
2179 
2180 /*
2181  * fd.io coding-style-patch-verification: ON
2182  *
2183  * Local Variables:
2184  * eval: (c-set-style "gnu")
2185  * End:
2186  */
ikev2_main_per_thread_data_t * per_thread_data
Definition: ikev2_priv.h:253
#define vec_validate(V, I)
Make sure vector is long enough for given index (no header, unspecified alignment) ...
Definition: vec.h:396
void vlib_put_next_frame(vlib_main_t *vm, vlib_node_runtime_t *r, u32 next_index, u32 n_vectors_left)
Release pointer to next frame vector data.
Definition: main.c:459
static int ikev2_retransmit_sa_init(ike_header_t *ike, ip4_address_t iaddr, ip4_address_t raddr)
Definition: ikev2.c:1539
u8 * dh_shared_key
Definition: ikev2_priv.h:172
void ikev2_payload_add_nonce(ikev2_payload_chain_t *c, u8 *nonce)
static u8 * format_ikev2_trace(u8 *s, va_list *args)
Definition: ikev2.c:41
ikev2_transform_type_t type
Definition: ikev2_priv.h:69
#define hash_set(h, key, value)
Definition: hash.h:254
sll srl srl sll sra u16x4 i
Definition: vector_sse2.h:343
#define IKEV2_PAYLOAD_NONCE
Definition: ikev2.h:99
ikev2_id_t r_id
Definition: ikev2_priv.h:195
ikev2_id_type_t type
Definition: ikev2_priv.h:112
#define CLIB_UNUSED(x)
Definition: clib.h:79
void ikev2_payload_add_notify(ikev2_payload_chain_t *c, u16 msg_type, u8 *data)
static int ikev2_delete_tunnel_interface(vnet_main_t *vnm, ikev2_sa_t *sa, ikev2_child_sa_t *child)
Definition: ikev2.c:1285
#define hash_unset(h, key)
Definition: hash.h:260
a
Definition: bitmap.h:516
ip4_address_t src_address
Definition: ip4_packet.h:163
clib_error_t * ikev2_add_del_profile(vlib_main_t *vm, u8 *name, int is_add)
Definition: ikev2.c:2008
EVP_PKEY * pkey
Definition: ikev2_priv.h:247
bad routing header type(not 4)") sr_error (NO_MORE_SEGMENTS
void ikev2_payload_add_sa(ikev2_payload_chain_t *c, ikev2_sa_proposal_t *proposals)
static void ikev2_calc_keys(ikev2_sa_t *sa)
Definition: ikev2.c:356
ikev2_sa_proposal_t * ikev2_parse_sa_payload(ike_payload_header_t *ikep)
#define IKEV2_PAYLOAD_NONE
Definition: ikev2.h:93
ikev2_profile_t * profiles
Definition: ikev2_priv.h:238
u8 v8
Definition: ikev2.h:27
ikev2_ts_t * ikev2_parse_ts_payload(ike_payload_header_t *ikep)
#define NULL
Definition: clib.h:55
uword mhash_unset(mhash_t *h, void *key, uword *old_value)
Definition: mhash.c:353
v8 * ikev2_calc_prf(ikev2_sa_transform_t *tr, v8 *key, v8 *data)
Definition: ikev2_crypto.c:256
#define IKEV2_EXCHANGE_SA_INIT
Definition: ikev2.h:82
ikev2_transform_esn_type_t esn_type
Definition: ikev2_priv.h:77
#define IKEV2_PAYLOAD_VENDOR
Definition: ikev2.h:102
ikev2_state_t state
Definition: ikev2_priv.h:160
#define vec_add1(V, E)
Add 1 element to end of vector (unspecified alignment).
Definition: vec.h:482
struct _vlib_node_registration vlib_node_registration_t
#define vec_add2(V, P, N)
Add N elements to end of vector V, return pointer to new elements in P.
Definition: vec.h:521
u8 * sk_pi
Definition: ikev2_priv.h:186
static void mhash_init_vec_string(mhash_t *h, uword n_value_bytes)
Definition: mhash.h:84
ikev2_main_t ikev2_main
Definition: ikev2_priv.h:257
void ikev2_payload_add_ke(ikev2_payload_chain_t *c, u16 dh_group, u8 *dh_data)
ikev2_next_t
Definition: ikev2.c:76
static void ikev2_generate_sa_init_data(ikev2_sa_t *sa)
Definition: ikev2.c:316
#define IKEV2_NONCE_SIZE
Definition: ikev2.h:23
u8 initial_contact
Definition: ikev2_priv.h:162
ikev2_ts_t * tsi
Definition: ikev2_priv.h:145
#define IKEV2_PAYLOAD_TSR
Definition: ikev2.h:104
ikev2_auth_t r_auth
Definition: ikev2_priv.h:191
#define pool_get(P, E)
Allocate an object E from a pool P (unspecified alignment).
Definition: pool.h:200
format_function_t format_ip4_address
Definition: format.h:79
static void ikev2_delete_sa(ikev2_sa_t *sa)
Definition: ikev2.c:299
u8 * last_sa_init_res_packet_data
Definition: ikev2_priv.h:205
ikev2_notify_t * ikev2_parse_notify_payload(ike_payload_header_t *ikep)
ikev2_sa_transform_t * ikev2_sa_get_td_for_type(ikev2_sa_proposal_t *p, ikev2_transform_type_t type)
Definition: ikev2.c:188
ikev2_auth_t auth
Definition: ikev2_priv.h:219
ikev2_ts_t * tsr
Definition: ikev2_priv.h:146
ikev2_id_t rem_id
Definition: ikev2_priv.h:221
#define vec_add(V, E, N)
Add N elements to end of vector V (no header, unspecified alignment)
Definition: vec.h:559
int ikev2_encrypt_data(ikev2_sa_t *sa, v8 *src, u8 *dst)
Definition: ikev2_crypto.c:372
vnet_main_t * vnet_get_main(void)
Definition: misc.c:46
u32 next_index
Definition: ikev2.c:36
u32 last_msg_id
Definition: ikev2_priv.h:208
#define IKEV2_PAYLOAD_DELETE
Definition: ikev2.h:101
#define pool_foreach(VAR, POOL, BODY)
Iterate through pool.
Definition: pool.h:348
ikev2_sa_proposal_t * r_proposals
Definition: ikev2_priv.h:120
void ikev2_generate_dh(ikev2_sa_t *sa, ikev2_sa_transform_t *t)
Definition: ikev2_crypto.c:399
EVP_PKEY * ikev2_load_cert_file(u8 *file)
Definition: ikev2_crypto.c:503
static void * vlib_buffer_get_current(vlib_buffer_t *b)
Get pointer to current data to process.
Definition: buffer.h:194
static ikev2_sa_transform_t * ikev2_find_transform_data(ikev2_sa_transform_t *t)
Definition: ikev2.c:84
ip4_address_t dst_address
Definition: ip4_packet.h:163
#define vec_new(T, N)
Create new vector of given type and length (unspecified alignment, no header).
Definition: vec.h:270
EVP_PKEY * ikev2_load_key_file(u8 *file)
Definition: ikev2_crypto.c:533
clib_error_t * ikev2_set_profile_auth(vlib_main_t *vm, u8 *name, u8 auth_method, u8 *auth_data, u8 data_hex_format)
Definition: ikev2.c:2038
void ikev2_parse_vendor_payload(ike_payload_header_t *ikep)
ip4_address_t start_addr
Definition: ikev2_priv.h:106
ip4_address_t remote_ip
Definition: ipsec.h:139
u8 * format_hex_bytes(u8 *s, va_list *va)
Definition: std-formats.c:84
void ikev2_payload_add_id(ikev2_payload_chain_t *c, ikev2_id_t *id, u8 type)
#define IKEV2_PAYLOAD_NOTIFY
Definition: ikev2.h:100
static void ikev2_sa_match_ts(ikev2_sa_t *sa)
Definition: ikev2.c:1029
#define clib_warning(format, args...)
Definition: error.h:59
unsigned long u64
Definition: types.h:89
ikev2_sa_proposal_t * i_proposals
Definition: ikev2_priv.h:177
static void ikev2_sa_auth(ikev2_sa_t *sa)
Definition: ikev2.c:1082
ikev2_auth_t i_auth
Definition: ikev2_priv.h:190
#define vlib_call_init_function(vm, x)
Definition: init.h:161
#define ikev2_set_state(sa, v)
Definition: ikev2.c:29
#define ikev2_payload_destroy_chain(V)
Definition: ikev2_priv.h:287
ikev2_id_t loc_id
Definition: ikev2_priv.h:220
ikev2_sa_transform_t * transforms
Definition: ikev2_priv.h:96
#define IKEV2_EXCHANGE_CREATE_CHILD_SA
Definition: ikev2.h:84
u8 * sk_ar
Definition: ikev2_priv.h:183
u8 * r_dh_data
Definition: ikev2_priv.h:174
static void ikev2_initial_contact_cleanup(ikev2_sa_t *sa)
Definition: ikev2.c:619
static ikev2_profile_t * ikev2_profile_index_by_name(u8 *name)
Definition: ikev2.c:1983
#define hash_get(h, key)
Definition: hash.h:248
clib_error_t * ikev2_set_profile_id(vlib_main_t *vm, u8 *name, u8 id_type, u8 *data, int is_local)
Definition: ikev2.c:2070
u8 * ikev2_calc_prfplus(ikev2_sa_transform_t *tr, u8 *key, u8 *seed, int len)
Definition: ikev2_crypto.c:275
#define pool_elt_at_index(p, i)
Returns pointer to element at given index.
Definition: pool.h:369
u8 * last_sa_init_req_packet_data
Definition: ikev2_priv.h:204
u16 current_length
Nbytes between current data and the end of this buffer.
Definition: buffer.h:82
#define IKEV2_PAYLOAD_IDR
Definition: ikev2.h:97
static int ikev2_create_tunnel_interface(vnet_main_t *vnm, ikev2_sa_t *sa, ikev2_child_sa_t *child)
Definition: ikev2.c:1186
#define IKEV2_PAYLOAD_SA
Definition: ikev2.h:94
ikev2_ts_t rem_ts
Definition: ikev2_priv.h:223
u8 * i_dh_data
Definition: ikev2_priv.h:173
uword mhash_set_mem(mhash_t *h, void *key, uword *new_value, uword *old_value)
Definition: mhash.c:271
#define v
Definition: acl.c:314
ikev2_sa_proposal_t * i_proposals
Definition: ikev2_priv.h:119
uword os_get_cpu_number(void)
Definition: unix-misc.c:224
u8 * r_nonce
Definition: ikev2_priv.h:168
#define IKEV2_HDR_FLAG_RESPONSE
Definition: ikev2.h:89
mhash_t profile_index_by_name
Definition: ikev2_priv.h:244
u16 end_port
Definition: ikev2_priv.h:105
ikev2_sa_transform_t * supported_transforms
Definition: ikev2_priv.h:241
#define pool_put(P, E)
Free an object E in pool P.
Definition: pool.h:214
ikev2_rekey_t * rekey
Definition: ikev2_priv.h:201
#define vec_dup(V)
Return copy of vector (no header, no alignment)
Definition: vec.h:334
#define PREDICT_FALSE(x)
Definition: clib.h:97
#define vec_del1(v, i)
Delete the element at index I.
Definition: vec.h:765
#define IKEV2_PAYLOAD_FLAG_CRITICAL
Definition: ikev2.h:91
ikev2_protocol_id_t
Definition: ikev2.h:107
#define vlib_validate_buffer_enqueue_x1(vm, node, next_index, to_next, n_left_to_next, bi0, next0)
Finish enqueueing one buffer forward in the graph.
Definition: buffer_node.h:216
#define vlib_get_next_frame(vm, node, next_index, vectors, n_vectors_left)
Get pointer to next frame vector data by (vlib_node_runtime_t, next_index).
Definition: node_funcs.h:350
ip4_address_t end_addr
Definition: ikev2_priv.h:107
ip4_address_t iaddr
Definition: ikev2_priv.h:163
u8 * i_nonce
Definition: ikev2_priv.h:167
clib_error_t * ikev2_set_local_key(vlib_main_t *vm, u8 *file)
Definition: ikev2.c:1996
static void vlib_node_increment_counter(vlib_main_t *vm, u32 node_index, u32 counter_index, u64 increment)
Definition: node_funcs.h:1113
clib_error_t * ikev2_set_profile_ts(vlib_main_t *vm, u8 *name, u8 protocol_id, u16 start_port, u16 end_port, ip4_address_t start_addr, ip4_address_t end_addr, int is_local)
Definition: ikev2.c:2109
u8 * sk_ei
Definition: ikev2_priv.h:184
#define IKEV2_EXCHANGE_INFORMATIONAL
Definition: ikev2.h:85
void ikev2_payload_add_delete(ikev2_payload_chain_t *c, ikev2_delete_t *d)
#define IKEV2_KEY_PAD
Definition: ikev2.h:25
ipsec_crypto_alg_t crypto_alg
Definition: ipsec.h:142
static u32 ikev2_generate_resp(ikev2_sa_t *sa, ike_header_t *ike)
Definition: ikev2.c:1304
ikev2_transform_dh_type_t dh_type
Definition: ikev2_priv.h:76
svmdb_client_t * c
u16 n_vectors
Definition: node.h:344
static u8 * ikev2_decrypt_sk_payload(ikev2_sa_t *sa, ike_header_t *ike, u8 *payload)
Definition: ikev2.c:555
static void ikev2_sa_del_child_sa(ikev2_sa_t *sa, ikev2_child_sa_t *child)
Definition: ikev2.c:256
ikev2_auth_method_t method
Definition: ikev2_priv.h:55
ikev2_delete_t * del
Definition: ikev2_priv.h:198
ikev2_ts_t * tsi
Definition: ikev2_priv.h:123
#define vec_free(V)
Free vector&#39;s memory (no header).
Definition: vec.h:300
static vlib_thread_main_t * vlib_get_thread_main()
Definition: global_funcs.h:32
static void ikev2_process_auth_req(vlib_main_t *vm, ikev2_sa_t *sa, ike_header_t *ike)
Definition: ikev2.c:656
static uword ikev2_node_fn(vlib_main_t *vm, vlib_node_runtime_t *node, vlib_frame_t *frame)
Definition: ikev2.c:1652
ip4_address_t raddr
Definition: ikev2_priv.h:164
#define clib_memcpy(a, b, c)
Definition: string.h:69
static void vlib_buffer_advance(vlib_buffer_t *b, word l)
Advance current data pointer by the supplied (signed!) amount.
Definition: buffer.h:207
u8 * sk_er
Definition: ikev2_priv.h:185
#define ARRAY_LEN(x)
Definition: clib.h:59
#define IKEV2_PAYLOAD_KE
Definition: ikev2.h:95
ikev2_child_sa_t * ikev2_sa_get_child(ikev2_sa_t *sa, u32 spi, ikev2_protocol_id_t prot_id)
Definition: ikev2.c:205
ikev2_ts_t loc_ts
Definition: ikev2_priv.h:222
ikev2_sa_proposal_t * r_proposals
Definition: ikev2_priv.h:178
static u8 * ikev2_sa_generate_authmsg(ikev2_sa_t *sa, int is_responder)
Definition: ikev2.c:974
static void ikev2_calc_child_keys(ikev2_sa_t *sa, ikev2_child_sa_t *child)
Definition: ikev2.c:433
#define hash_create(elts, value_bytes)
Definition: hash.h:658
void ikev2_payload_add_auth(ikev2_payload_chain_t *c, ikev2_auth_t *auth)
ikev2_protocol_id_t protocol_id
Definition: ikev2_priv.h:94
u8 protocol_id
Definition: ikev2_priv.h:102
u16 cached_next_index
Definition: node.h:463
#define ASSERT(truth)
unsigned int u32
Definition: types.h:88
static uword * mhash_get(mhash_t *h, const void *key)
Definition: mhash.h:110
vnet_main_t * vnet_main
Definition: ikev2_priv.h:251
#define vnet_buffer(b)
Definition: buffer.h:361
static void ikev2_process_informational_req(vlib_main_t *vm, ikev2_sa_t *sa, ike_header_t *ike)
Definition: ikev2.c:781
ipsec_integ_alg_t integ_alg
Definition: ipsec.h:147
ip4_address_t local_ip
Definition: ipsec.h:139
void ikev2_sa_free_proposal_vector(ikev2_sa_proposal_t **v)
Definition: ikev2.c:219
#define IKEV2_PAYLOAD_AUTH
Definition: ikev2.h:98
#define ikev2_payload_new_chain(V)
Definition: ikev2_priv.h:286
#define IKEV2_PAYLOAD_SK
Definition: ikev2.h:105
ikev2_sa_proposal_t * r_proposal
Definition: ikev2_priv.h:144
u8 * sk_ai
Definition: ikev2_priv.h:182
#define IKE_VERSION_2
Definition: ikev2.h:80
#define vec_append(v1, v2)
Append v2 after v1.
Definition: vec.h:779
#define VLIB_NODE_FLAG_TRACE
Definition: node.h:259
static vlib_node_registration_t ikev2_node
(constructor) VLIB_REGISTER_NODE (ikev2_node)
Definition: ikev2.c:52
u16 dh_group
Definition: ikev2_priv.h:171
ikev2_sa_proposal_t * i_proposal
Definition: ikev2_priv.h:143
#define VLIB_BUFFER_IS_TRACED
Definition: buffer.h:95
#define IKEV2_PAYLOAD_TSI
Definition: ikev2.h:103
EVP_PKEY * key
Definition: ikev2_priv.h:58
static int ikev2_retransmit_resp(ikev2_sa_t *sa, ike_header_t *ike)
Definition: ikev2.c:1609
u64 uword
Definition: types.h:112
static void * vlib_add_trace(vlib_main_t *vm, vlib_node_runtime_t *r, vlib_buffer_t *b, u32 n_data_bytes)
Definition: trace_funcs.h:55
ikev2_transform_encr_type_t encr_type
Definition: ikev2_priv.h:73
u8 * last_res_packet_data
Definition: ikev2_priv.h:209
ikev2_transform_integ_type_t integ_type
Definition: ikev2_priv.h:75
static char * ikev2_error_strings[]
Definition: ikev2.c:70
unsigned short u16
Definition: types.h:57
static void ikev2_process_sa_init_req(vlib_main_t *vm, ikev2_sa_t *sa, ike_header_t *ike)
Definition: ikev2.c:480
int ipsec_add_del_tunnel_if(ipsec_add_del_tunnel_args_t *args)
Definition: ipsec_if.c:87
#define vec_len(v)
Number of elements in vector (rvalue-only, NULL tolerant)
u16 start_port
Definition: ikev2_priv.h:104
unsigned char u8
Definition: types.h:56
void ikev2_payload_chain_add_padding(ikev2_payload_chain_t *c, int bs)
u8 * sk_pr
Definition: ikev2_priv.h:187
#define IKEV2_PAYLOAD_IDI
Definition: ikev2.h:96
ikev2_id_t i_id
Definition: ikev2_priv.h:194
static void * vlib_frame_vector_args(vlib_frame_t *f)
Get pointer to frame vector data.
Definition: node_funcs.h:253
static void ikev2_process_create_child_sa_req(vlib_main_t *vm, ikev2_sa_t *sa, ike_header_t *ike)
Definition: ikev2.c:852
ikev2_ts_t * tsr
Definition: ikev2_priv.h:124
ikev2_child_sa_t * childs
Definition: ikev2_priv.h:211
#define IKEV2_EXCHANGE_IKE_AUTH
Definition: ikev2.h:83
static int ikev2_ts_cmp(ikev2_ts_t *ts1, ikev2_ts_t *ts2)
Definition: ikev2.c:1017
clib_error_t * ikev2_init(vlib_main_t *vm)
Definition: ikev2.c:2148
ikev2_error_t
Definition: ikev2.c:62
#define VLIB_REGISTER_NODE(x,...)
Definition: node.h:143
u8 * format(u8 *s, const char *fmt,...)
Definition: format.c:418
clib_error_t * ikev2_cli_init(vlib_main_t *vm)
Definition: ikev2_cli.c:466
#define vec_foreach(var, vec)
Vector iterator.
u8 unsupported_cp
Definition: ikev2_priv.h:161
static void ikev2_sa_free_all_child_sa(ikev2_child_sa_t **childs)
Definition: ikev2.c:239
static ikev2_sa_proposal_t * ikev2_select_proposal(ikev2_sa_proposal_t *proposals, ikev2_protocol_id_t prot_id)
Definition: ikev2.c:112
void udp_register_dst_port(vlib_main_t *vm, udp_dst_port_t dst_port, u32 node_index, u8 is_ip4)
Definition: udp_local.c:495
#define clib_error_return(e, args...)
Definition: error.h:111
ikev2_transform_type_t
Definition: ikev2.h:203
void ikev2_crypto_init(ikev2_main_t *km)
Definition: ikev2_crypto.c:555
u32 flags
buffer flags: VLIB_BUFFER_IS_TRACED: trace this buffer.
Definition: buffer.h:85
void ikev2_payload_add_ts(ikev2_payload_chain_t *c, ikev2_ts_t *ts, u8 type)
vlib_main_t * vlib_main
Definition: ikev2_priv.h:250
v8 * ikev2_decrypt_data(ikev2_sa_t *sa, u8 *data, int len)
Definition: ikev2_crypto.c:340
static void ikev2_sa_free_all_vec(ikev2_sa_t *sa)
Definition: ikev2.c:269
static vlib_buffer_t * vlib_get_buffer(vlib_main_t *vm, u32 buffer_index)
Translate buffer index into buffer pointer.
Definition: buffer_funcs.h:57
static u16 ip4_header_checksum(ip4_header_t *i)
Definition: ip4_packet.h:238
u8 * ikev2_calc_sign(EVP_PKEY *pkey, u8 *data)
Definition: ikev2_crypto.c:485
v8 * ikev2_calc_integr(ikev2_sa_transform_t *tr, v8 *key, u8 *data, int len)
Definition: ikev2_crypto.c:317
u8 * format_ikev2_id_type(u8 *s, va_list *args)
Definition: defs.h:46
#define foreach_ikev2_error
Definition: ikev2.c:54
u32 sw_if_index
Definition: ikev2.c:37
ikev2_delete_t * ikev2_parse_delete_payload(ike_payload_header_t *ikep)