FD.io VPP  v17.10-9-gd594711
Vector Packet Processing
ikev2.c
Go to the documentation of this file.
1 /*
2  * Copyright (c) 2015 Cisco and/or its affiliates.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at:
6  *
7  * http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 #include <vlib/vlib.h>
17 #include <vnet/vnet.h>
18 #include <vnet/pg/pg.h>
19 #include <vppinfra/error.h>
20 #include <vppinfra/random.h>
21 #include <vnet/udp/udp.h>
22 #include <vnet/ipsec/ipsec.h>
23 #include <vnet/ipsec/ikev2.h>
24 #include <vnet/ipsec/ikev2_priv.h>
25 #include <openssl/sha.h>
26 
28  ikev2_sa_t * sa,
29  ikev2_child_sa_t * child);
30 
31 #define ikev2_set_state(sa, v) do { \
32  (sa)->state = v; \
33  clib_warning("sa state changed to " #v); \
34  } while(0);
35 
36 typedef struct
37 {
41 
42 static u8 *
43 format_ikev2_trace (u8 * s, va_list * args)
44 {
45  CLIB_UNUSED (vlib_main_t * vm) = va_arg (*args, vlib_main_t *);
46  CLIB_UNUSED (vlib_node_t * node) = va_arg (*args, vlib_node_t *);
47  ikev2_trace_t *t = va_arg (*args, ikev2_trace_t *);
48 
49  s = format (s, "ikev2: sw_if_index %d, next index %d",
50  t->sw_if_index, t->next_index);
51  return s;
52 }
53 
55 
56 #define foreach_ikev2_error \
57 _(PROCESSED, "IKEv2 packets processed") \
58 _(IKE_SA_INIT_RETRANSMIT, "IKE_SA_INIT retransmit ") \
59 _(IKE_SA_INIT_IGNORE, "IKE_SA_INIT ignore (IKE SA already auth)") \
60 _(IKE_REQ_RETRANSMIT, "IKE request retransmit") \
61 _(IKE_REQ_IGNORE, "IKE request ignore (old msgid)") \
62 _(NOT_IKEV2, "Non IKEv2 packets received")
63 
64 typedef enum
65 {
66 #define _(sym,str) IKEV2_ERROR_##sym,
68 #undef _
71 
72 static char *ikev2_error_strings[] = {
73 #define _(sym,string) string,
75 #undef _
76 };
77 
78 typedef enum
79 {
83 } ikev2_next_t;
84 
85 static ikev2_sa_transform_t *
87 {
88  ikev2_main_t *km = &ikev2_main;
90 
92  {
93  if (td->type != t->type)
94  continue;
95 
96  if (td->transform_id != t->transform_id)
97  continue;
98 
99  if (td->type == IKEV2_TRANSFORM_TYPE_ENCR)
100  {
101  if (vec_len (t->attrs) != 4 || t->attrs[0] != 0x80
102  || t->attrs[1] != 14)
103  continue;
104 
105  if (((t->attrs[2] << 8 | t->attrs[3]) / 8) != td->key_len)
106  continue;
107  }
108  return td;
109  }
110  return 0;
111 }
112 
113 static ikev2_sa_proposal_t *
115  ikev2_protocol_id_t prot_id)
116 {
117  ikev2_sa_proposal_t *rv = 0;
118  ikev2_sa_proposal_t *proposal;
119  ikev2_sa_transform_t *transform, *new_t;
120  u8 mandatory_bitmap, optional_bitmap;
121 
122  if (prot_id == IKEV2_PROTOCOL_IKE)
123  {
124  mandatory_bitmap = (1 << IKEV2_TRANSFORM_TYPE_ENCR) |
125  (1 << IKEV2_TRANSFORM_TYPE_PRF) |
126  (1 << IKEV2_TRANSFORM_TYPE_INTEG) | (1 << IKEV2_TRANSFORM_TYPE_DH);
127  optional_bitmap = mandatory_bitmap;
128  }
129  else if (prot_id == IKEV2_PROTOCOL_ESP)
130  {
131  mandatory_bitmap = (1 << IKEV2_TRANSFORM_TYPE_ENCR) |
132  (1 << IKEV2_TRANSFORM_TYPE_ESN);
133  optional_bitmap = mandatory_bitmap |
134  (1 << IKEV2_TRANSFORM_TYPE_INTEG) | (1 << IKEV2_TRANSFORM_TYPE_DH);
135  }
136  else if (prot_id == IKEV2_PROTOCOL_AH)
137  {
138  mandatory_bitmap = (1 << IKEV2_TRANSFORM_TYPE_INTEG) |
139  (1 << IKEV2_TRANSFORM_TYPE_ESN);
140  optional_bitmap = mandatory_bitmap | (1 << IKEV2_TRANSFORM_TYPE_DH);
141  }
142  else
143  return 0;
144 
145  vec_add2 (rv, proposal, 1);
146 
147  vec_foreach (proposal, proposals)
148  {
149  u8 bitmap = 0;
150  if (proposal->protocol_id != prot_id)
151  continue;
152 
153  vec_foreach (transform, proposal->transforms)
154  {
155  if ((1 << transform->type) & bitmap)
156  continue;
157 
158  if (ikev2_find_transform_data (transform))
159  {
160  bitmap |= 1 << transform->type;
161  vec_add2 (rv->transforms, new_t, 1);
162  clib_memcpy (new_t, transform, sizeof (*new_t));
163  new_t->attrs = vec_dup (transform->attrs);
164  }
165  }
166 
167  clib_warning ("bitmap is %x mandatory is %x optional is %x",
168  bitmap, mandatory_bitmap, optional_bitmap);
169 
170  if ((bitmap & mandatory_bitmap) == mandatory_bitmap &&
171  (bitmap & ~optional_bitmap) == 0)
172  {
173  rv->proposal_num = proposal->proposal_num;
174  rv->protocol_id = proposal->protocol_id;
175  RAND_bytes ((u8 *) & rv->spi, sizeof (rv->spi));
176  goto done;
177  }
178  else
179  {
180  vec_free (rv->transforms);
181  }
182  }
183 
184  vec_free (rv);
185 done:
186  return rv;
187 }
188 
192 {
194 
195  if (!p)
196  return 0;
197 
198  vec_foreach (t, p->transforms)
199  {
200  if (t->type == type)
201  return ikev2_find_transform_data (t);
202  }
203  return 0;
204 }
205 
208  int by_initiator)
209 {
211  vec_foreach (c, sa->childs)
212  {
213  ikev2_sa_proposal_t *proposal =
214  by_initiator ? &c->i_proposals[0] : &c->r_proposals[0];
215  if (proposal && proposal->spi == spi && proposal->protocol_id == prot_id)
216  return c;
217  }
218 
219  return 0;
220 }
221 
222 void
224 {
227 
228  if (!*v)
229  return;
230 
231  vec_foreach (p, *v)
232  {
233  vec_foreach (t, p->transforms)
234  {
235  vec_free (t->attrs);
236  }
237  vec_free (p->transforms);
238  }
239  vec_free (*v);
240 };
241 
242 static void
244 {
246  vec_foreach (c, *childs)
247  {
250  vec_free (c->sk_ai);
251  vec_free (c->sk_ar);
252  vec_free (c->sk_ei);
253  vec_free (c->sk_er);
254  }
255 
256  vec_free (*childs);
257 }
258 
259 static void
261 {
264  vec_free (child->sk_ai);
265  vec_free (child->sk_ar);
266  vec_free (child->sk_ei);
267  vec_free (child->sk_er);
268 
269  vec_del1 (sa->childs, child - sa->childs);
270 }
271 
272 static void
274 {
275  vec_free (sa->i_nonce);
276  vec_free (sa->i_dh_data);
277  vec_free (sa->dh_shared_key);
278  vec_free (sa->dh_private_key);
279 
282 
283  vec_free (sa->sk_d);
284  vec_free (sa->sk_ai);
285  vec_free (sa->sk_ar);
286  vec_free (sa->sk_ei);
287  vec_free (sa->sk_er);
288  vec_free (sa->sk_pi);
289  vec_free (sa->sk_pr);
290 
291  vec_free (sa->i_id.data);
292  vec_free (sa->i_auth.data);
293  vec_free (sa->r_id.data);
294  vec_free (sa->r_auth.data);
295  if (sa->r_auth.key)
296  EVP_PKEY_free (sa->r_auth.key);
297 
298  vec_free (sa->del);
299 
301 }
302 
303 static void
305 {
306  ikev2_main_t *km = &ikev2_main;
307  u32 thread_index = vlib_get_thread_index ();
308  uword *p;
309 
311 
312  p = hash_get (km->per_thread_data[thread_index].sa_by_rspi, sa->rspi);
313  if (p)
314  {
315  hash_unset (km->per_thread_data[thread_index].sa_by_rspi, sa->rspi);
316  pool_put (km->per_thread_data[thread_index].sas, sa);
317  }
318 }
319 
320 static void
322 {
323  ikev2_sa_transform_t *t = 0, *t2;
324  ikev2_main_t *km = &ikev2_main;
325 
326  if (sa->dh_group == IKEV2_TRANSFORM_DH_TYPE_NONE)
327  {
328  return;
329  }
330 
331  /* check if received DH group is on our list of supported groups */
333  {
334  if (t2->type == IKEV2_TRANSFORM_TYPE_DH && sa->dh_group == t2->dh_type)
335  {
336  t = t2;
337  break;
338  }
339  }
340 
341  if (!t)
342  {
343  clib_warning ("unknown dh data group %u (data len %u)", sa->dh_group,
344  vec_len (sa->i_dh_data));
345  sa->dh_group = IKEV2_TRANSFORM_DH_TYPE_NONE;
346  return;
347  }
348 
349  if (sa->is_initiator)
350  {
351  /* generate rspi */
352  RAND_bytes ((u8 *) & sa->ispi, 8);
353 
354  /* generate nonce */
356  RAND_bytes ((u8 *) sa->i_nonce, IKEV2_NONCE_SIZE);
357  }
358  else
359  {
360  /* generate rspi */
361  RAND_bytes ((u8 *) & sa->rspi, 8);
362 
363  /* generate nonce */
365  RAND_bytes ((u8 *) sa->r_nonce, IKEV2_NONCE_SIZE);
366  }
367 
368  /* generate dh keys */
369  ikev2_generate_dh (sa, t);
370 
371 }
372 
373 static void
375 {
376  ikev2_sa_transform_t *t = 0, *t2;
377  ikev2_main_t *km = &ikev2_main;
378 
379 
380  /*move some data to the new SA */
381 #define _(A) ({void* __tmp__ = (A); (A) = 0; __tmp__;})
382  sa->i_nonce = _(sai->i_nonce);
383  sa->i_dh_data = _(sai->i_dh_data);
384  sa->dh_private_key = _(sai->dh_private_key);
385  sa->iaddr.as_u32 = sai->iaddr.as_u32;
386  sa->raddr.as_u32 = sai->raddr.as_u32;
387  sa->is_initiator = sai->is_initiator;
388  sa->profile = sai->profile;
389  sa->i_id.type = sai->i_id.type;
390  sa->i_id.data = _(sai->i_id.data);
391  sa->i_auth.method = sai->i_auth.method;
392  sa->i_auth.hex = sai->i_auth.hex;
393  sa->i_auth.data = _(sai->i_auth.data);
394  sa->i_auth.key = _(sai->i_auth.key);
396  sa->childs = _(sai->childs);
397 #undef _
398 
399 
400  if (sa->dh_group == IKEV2_TRANSFORM_DH_TYPE_NONE)
401  {
402  return;
403  }
404 
405  /* check if received DH group is on our list of supported groups */
407  {
408  if (t2->type == IKEV2_TRANSFORM_TYPE_DH && sa->dh_group == t2->dh_type)
409  {
410  t = t2;
411  break;
412  }
413  }
414 
415  if (!t)
416  {
417  clib_warning ("unknown dh data group %u (data len %u)", sa->dh_group,
418  vec_len (sa->i_dh_data));
419  sa->dh_group = IKEV2_TRANSFORM_DH_TYPE_NONE;
420  return;
421  }
422 
423 
424  /* generate dh keys */
425  ikev2_complete_dh (sa, t);
426 
427 }
428 
429 static void
431 {
432  u8 *tmp;
433  /* calculate SKEYSEED = prf(Ni | Nr, g^ir) */
434  u8 *skeyseed = 0;
435  u8 *s = 0;
436  ikev2_sa_transform_t *tr_encr, *tr_prf, *tr_integ;
437  tr_encr =
438  ikev2_sa_get_td_for_type (sa->r_proposals, IKEV2_TRANSFORM_TYPE_ENCR);
439  tr_prf =
440  ikev2_sa_get_td_for_type (sa->r_proposals, IKEV2_TRANSFORM_TYPE_PRF);
441  tr_integ =
442  ikev2_sa_get_td_for_type (sa->r_proposals, IKEV2_TRANSFORM_TYPE_INTEG);
443 
444  vec_append (s, sa->i_nonce);
445  vec_append (s, sa->r_nonce);
446  skeyseed = ikev2_calc_prf (tr_prf, s, sa->dh_shared_key);
447 
448  /* Calculate S = Ni | Nr | SPIi | SPIr */
449  u64 *spi;
450  vec_add2 (s, tmp, 2 * sizeof (*spi));
451  spi = (u64 *) tmp;
452  spi[0] = clib_host_to_net_u64 (sa->ispi);
453  spi[1] = clib_host_to_net_u64 (sa->rspi);
454 
455  /* calculate PRFplus */
456  u8 *keymat;
457  int len = tr_prf->key_trunc + /* SK_d */
458  tr_integ->key_len * 2 + /* SK_ai, SK_ar */
459  tr_encr->key_len * 2 + /* SK_ei, SK_er */
460  tr_prf->key_len * 2; /* SK_pi, SK_pr */
461 
462  keymat = ikev2_calc_prfplus (tr_prf, skeyseed, s, len);
463  vec_free (skeyseed);
464  vec_free (s);
465 
466  int pos = 0;
467 
468  /* SK_d */
469  sa->sk_d = vec_new (u8, tr_prf->key_trunc);
470  clib_memcpy (sa->sk_d, keymat + pos, tr_prf->key_trunc);
471  pos += tr_prf->key_trunc;
472 
473  /* SK_ai */
474  sa->sk_ai = vec_new (u8, tr_integ->key_len);
475  clib_memcpy (sa->sk_ai, keymat + pos, tr_integ->key_len);
476  pos += tr_integ->key_len;
477 
478  /* SK_ar */
479  sa->sk_ar = vec_new (u8, tr_integ->key_len);
480  clib_memcpy (sa->sk_ar, keymat + pos, tr_integ->key_len);
481  pos += tr_integ->key_len;
482 
483  /* SK_ei */
484  sa->sk_ei = vec_new (u8, tr_encr->key_len);
485  clib_memcpy (sa->sk_ei, keymat + pos, tr_encr->key_len);
486  pos += tr_encr->key_len;
487 
488  /* SK_er */
489  sa->sk_er = vec_new (u8, tr_encr->key_len);
490  clib_memcpy (sa->sk_er, keymat + pos, tr_encr->key_len);
491  pos += tr_encr->key_len;
492 
493  /* SK_pi */
494  sa->sk_pi = vec_new (u8, tr_prf->key_len);
495  clib_memcpy (sa->sk_pi, keymat + pos, tr_prf->key_len);
496  pos += tr_prf->key_len;
497 
498  /* SK_pr */
499  sa->sk_pr = vec_new (u8, tr_prf->key_len);
500  clib_memcpy (sa->sk_pr, keymat + pos, tr_prf->key_len);
501  pos += tr_prf->key_len;
502 
503  vec_free (keymat);
504 }
505 
506 static void
508 {
509  u8 *s = 0;
510  ikev2_sa_transform_t *tr_prf, *ctr_encr, *ctr_integ;
511  tr_prf =
512  ikev2_sa_get_td_for_type (sa->r_proposals, IKEV2_TRANSFORM_TYPE_PRF);
513  ctr_encr =
514  ikev2_sa_get_td_for_type (child->r_proposals, IKEV2_TRANSFORM_TYPE_ENCR);
515  ctr_integ =
516  ikev2_sa_get_td_for_type (child->r_proposals, IKEV2_TRANSFORM_TYPE_INTEG);
517 
518  vec_append (s, sa->i_nonce);
519  vec_append (s, sa->r_nonce);
520  /* calculate PRFplus */
521  u8 *keymat;
522  int len = ctr_encr->key_len * 2 + ctr_integ->key_len * 2;
523 
524  keymat = ikev2_calc_prfplus (tr_prf, sa->sk_d, s, len);
525 
526  int pos = 0;
527 
528  /* SK_ei */
529  child->sk_ei = vec_new (u8, ctr_encr->key_len);
530  clib_memcpy (child->sk_ei, keymat + pos, ctr_encr->key_len);
531  pos += ctr_encr->key_len;
532 
533  /* SK_ai */
534  child->sk_ai = vec_new (u8, ctr_integ->key_len);
535  clib_memcpy (child->sk_ai, keymat + pos, ctr_integ->key_len);
536  pos += ctr_integ->key_len;
537 
538  /* SK_er */
539  child->sk_er = vec_new (u8, ctr_encr->key_len);
540  clib_memcpy (child->sk_er, keymat + pos, ctr_encr->key_len);
541  pos += ctr_encr->key_len;
542 
543  /* SK_ar */
544  child->sk_ar = vec_new (u8, ctr_integ->key_len);
545  clib_memcpy (child->sk_ar, keymat + pos, ctr_integ->key_len);
546  pos += ctr_integ->key_len;
547 
548  ASSERT (pos == len);
549 
550  vec_free (keymat);
551 }
552 
553 static void
555  ike_header_t * ike)
556 {
557  int p = 0;
558  u32 len = clib_net_to_host_u32 (ike->length);
559  u8 payload = ike->nextpayload;
560 
561  clib_warning ("ispi %lx rspi %lx nextpayload %x version %x "
562  "exchange %x flags %x msgid %x length %u",
563  clib_net_to_host_u64 (ike->ispi),
564  clib_net_to_host_u64 (ike->rspi),
565  payload, ike->version,
566  ike->exchange, ike->flags,
567  clib_net_to_host_u32 (ike->msgid), len);
568 
569  sa->ispi = clib_net_to_host_u64 (ike->ispi);
570 
571  /* store whole IKE payload - needed for PSK auth */
573  vec_add (sa->last_sa_init_req_packet_data, ike, len);
574 
575  while (p < len && payload != IKEV2_PAYLOAD_NONE)
576  {
577  ike_payload_header_t *ikep = (ike_payload_header_t *) & ike->payload[p];
578  u32 plen = clib_net_to_host_u16 (ikep->length);
579 
580  if (plen < sizeof (ike_payload_header_t))
581  return;
582 
583  if (payload == IKEV2_PAYLOAD_SA)
584  {
586  sa->i_proposals = ikev2_parse_sa_payload (ikep);
587  }
588  else if (payload == IKEV2_PAYLOAD_KE)
589  {
590  ike_ke_payload_header_t *ke = (ike_ke_payload_header_t *) ikep;
591  sa->dh_group = clib_net_to_host_u16 (ke->dh_group);
592  vec_free (sa->i_dh_data);
593  vec_add (sa->i_dh_data, ke->payload, plen - sizeof (*ke));
594  }
595  else if (payload == IKEV2_PAYLOAD_NONCE)
596  {
597  vec_free (sa->i_nonce);
598  vec_add (sa->i_nonce, ikep->payload, plen - sizeof (*ikep));
599  }
600  else if (payload == IKEV2_PAYLOAD_NOTIFY)
601  {
603  vec_free (n);
604  }
605  else if (payload == IKEV2_PAYLOAD_VENDOR)
606  {
608  }
609  else
610  {
611  clib_warning ("unknown payload %u flags %x length %u", payload,
612  ikep->flags, plen);
613  if (ikep->flags & IKEV2_PAYLOAD_FLAG_CRITICAL)
614  {
616  sa->unsupported_cp = payload;
617  return;
618  }
619  }
620 
621  payload = ikep->nextpayload;
622  p += plen;
623  }
624 
626 }
627 
628 static void
630  ike_header_t * ike)
631 {
632  int p = 0;
633  u32 len = clib_net_to_host_u32 (ike->length);
634  u8 payload = ike->nextpayload;
635 
636  clib_warning ("ispi %lx rspi %lx nextpayload %x version %x "
637  "exchange %x flags %x msgid %x length %u",
638  clib_net_to_host_u64 (ike->ispi),
639  clib_net_to_host_u64 (ike->rspi),
640  payload, ike->version,
641  ike->exchange, ike->flags,
642  clib_net_to_host_u32 (ike->msgid), len);
643 
644  sa->ispi = clib_net_to_host_u64 (ike->ispi);
645  sa->rspi = clib_net_to_host_u64 (ike->rspi);
646 
647  /* store whole IKE payload - needed for PSK auth */
649  vec_add (sa->last_sa_init_res_packet_data, ike, len);
650 
651  while (p < len && payload != IKEV2_PAYLOAD_NONE)
652  {
653  ike_payload_header_t *ikep = (ike_payload_header_t *) & ike->payload[p];
654  u32 plen = clib_net_to_host_u16 (ikep->length);
655 
656  if (plen < sizeof (ike_payload_header_t))
657  return;
658 
659  if (payload == IKEV2_PAYLOAD_SA)
660  {
662  sa->r_proposals = ikev2_parse_sa_payload (ikep);
663  if (sa->r_proposals)
664  {
666  ike->msgid =
667  clib_host_to_net_u32 (clib_net_to_host_u32 (ike->msgid) + 1);
668  }
669  }
670  else if (payload == IKEV2_PAYLOAD_KE)
671  {
672  ike_ke_payload_header_t *ke = (ike_ke_payload_header_t *) ikep;
673  sa->dh_group = clib_net_to_host_u16 (ke->dh_group);
674  vec_free (sa->r_dh_data);
675  vec_add (sa->r_dh_data, ke->payload, plen - sizeof (*ke));
676  }
677  else if (payload == IKEV2_PAYLOAD_NONCE)
678  {
679  vec_free (sa->r_nonce);
680  vec_add (sa->r_nonce, ikep->payload, plen - sizeof (*ikep));
681  }
682  else if (payload == IKEV2_PAYLOAD_NOTIFY)
683  {
685  vec_free (n);
686  }
687  else if (payload == IKEV2_PAYLOAD_VENDOR)
688  {
690  }
691  else
692  {
693  clib_warning ("unknown payload %u flags %x length %u", payload,
694  ikep->flags, plen);
695  if (ikep->flags & IKEV2_PAYLOAD_FLAG_CRITICAL)
696  {
698  sa->unsupported_cp = payload;
699  return;
700  }
701  }
702 
703  payload = ikep->nextpayload;
704  p += plen;
705  }
706 }
707 
708 static u8 *
709 ikev2_decrypt_sk_payload (ikev2_sa_t * sa, ike_header_t * ike, u8 * payload)
710 {
711  int p = 0;
712  u8 last_payload = 0;
713  u8 *hmac = 0;
714  u32 len = clib_net_to_host_u32 (ike->length);
715  ike_payload_header_t *ikep = 0;
716  u32 plen = 0;
717  ikev2_sa_transform_t *tr_integ;
718  tr_integ =
719  ikev2_sa_get_td_for_type (sa->r_proposals, IKEV2_TRANSFORM_TYPE_INTEG);
720 
721  while (p < len &&
722  *payload != IKEV2_PAYLOAD_NONE && last_payload != IKEV2_PAYLOAD_SK)
723  {
724  ikep = (ike_payload_header_t *) & ike->payload[p];
725  plen = clib_net_to_host_u16 (ikep->length);
726 
727  if (plen < sizeof (*ikep))
728  return 0;
729 
730  if (*payload == IKEV2_PAYLOAD_SK)
731  {
732  clib_warning ("received IKEv2 payload SK, len %u", plen - 4);
733  last_payload = *payload;
734  }
735  else
736  {
737  clib_warning ("unknown payload %u flags %x length %u", payload,
738  ikep->flags, plen);
739  if (ikep->flags & IKEV2_PAYLOAD_FLAG_CRITICAL)
740  {
741  sa->unsupported_cp = *payload;
742  return 0;
743  }
744  }
745 
746  *payload = ikep->nextpayload;
747  p += plen;
748  }
749 
750  if (last_payload != IKEV2_PAYLOAD_SK)
751  {
752  clib_warning ("Last payload must be SK");
753  return 0;
754  }
755 
756  hmac =
757  ikev2_calc_integr (tr_integ, sa->is_initiator ? sa->sk_ar : sa->sk_ai,
758  (u8 *) ike, len - tr_integ->key_trunc);
759 
760  plen = plen - sizeof (*ikep) - tr_integ->key_trunc;
761 
762  if (memcmp (hmac, &ikep->payload[plen], tr_integ->key_trunc))
763  {
764  clib_warning ("message integrity check failed");
765  vec_free (hmac);
766  return 0;
767  }
768  vec_free (hmac);
769 
770  return ikev2_decrypt_data (sa, ikep->payload, plen);
771 }
772 
773 static void
775 {
776  ikev2_main_t *km = &ikev2_main;
777  ikev2_sa_t *tmp;
778  u32 i, *delete = 0;
780  u32 thread_index = vlib_get_thread_index ();
781 
782  if (!sa->initial_contact)
783  return;
784 
785  /* find old IKE SAs with the same authenticated identity */
786  /* *INDENT-OFF* */
787  pool_foreach (tmp, km->per_thread_data[thread_index].sas, ({
788  if (tmp->i_id.type != sa->i_id.type ||
789  vec_len(tmp->i_id.data) != vec_len(sa->i_id.data) ||
790  memcmp(sa->i_id.data, tmp->i_id.data, vec_len(sa->i_id.data)))
791  continue;
792 
793  if (sa->rspi != tmp->rspi)
794  vec_add1(delete, tmp - km->per_thread_data[thread_index].sas);
795  }));
796  /* *INDENT-ON* */
797 
798  for (i = 0; i < vec_len (delete); i++)
799  {
800  tmp =
801  pool_elt_at_index (km->per_thread_data[thread_index].sas, delete[i]);
802  vec_foreach (c,
804  tmp, c);
805  ikev2_delete_sa (tmp);
806  }
807 
808  vec_free (delete);
809  sa->initial_contact = 0;
810 }
811 
812 static void
813 ikev2_process_auth_req (vlib_main_t * vm, ikev2_sa_t * sa, ike_header_t * ike)
814 {
815  ikev2_child_sa_t *first_child_sa;
816  int p = 0;
817  u32 len = clib_net_to_host_u32 (ike->length);
818  u8 payload = ike->nextpayload;
819  u8 *plaintext = 0;
820 
821  ike_payload_header_t *ikep;
822  u32 plen;
823 
824  clib_warning ("ispi %lx rspi %lx nextpayload %x version %x "
825  "exchange %x flags %x msgid %x length %u",
826  clib_net_to_host_u64 (ike->ispi),
827  clib_net_to_host_u64 (ike->rspi),
828  payload, ike->version,
829  ike->exchange, ike->flags,
830  clib_net_to_host_u32 (ike->msgid), len);
831 
832  ikev2_calc_keys (sa);
833 
834  plaintext = ikev2_decrypt_sk_payload (sa, ike, &payload);
835 
836  if (!plaintext)
837  {
838  if (sa->unsupported_cp)
840  goto cleanup_and_exit;
841  }
842 
843  /* select or create 1st child SA */
844  if (sa->is_initiator)
845  {
846  first_child_sa = &sa->childs[0];
847  }
848  else
849  {
851  vec_add2 (sa->childs, first_child_sa, 1);
852  }
853 
854 
855  /* process encrypted payload */
856  p = 0;
857  while (p < vec_len (plaintext) && payload != IKEV2_PAYLOAD_NONE)
858  {
859  ikep = (ike_payload_header_t *) & plaintext[p];
860  plen = clib_net_to_host_u16 (ikep->length);
861 
862  if (plen < sizeof (ike_payload_header_t))
863  goto cleanup_and_exit;
864 
865  if (payload == IKEV2_PAYLOAD_SA) /* 33 */
866  {
867  clib_warning ("received payload SA, len %u", plen - sizeof (*ikep));
868  if (sa->is_initiator)
869  {
870  ikev2_sa_free_proposal_vector (&first_child_sa->r_proposals);
871  first_child_sa->r_proposals = ikev2_parse_sa_payload (ikep);
872  }
873  else
874  {
875  ikev2_sa_free_proposal_vector (&first_child_sa->i_proposals);
876  first_child_sa->i_proposals = ikev2_parse_sa_payload (ikep);
877  }
878  }
879  else if (payload == IKEV2_PAYLOAD_IDI) /* 35 */
880  {
881  ike_id_payload_header_t *id = (ike_id_payload_header_t *) ikep;
882 
883  sa->i_id.type = id->id_type;
884  vec_free (sa->i_id.data);
885  vec_add (sa->i_id.data, id->payload, plen - sizeof (*id));
886 
887  clib_warning ("received payload IDi, len %u id_type %u",
888  plen - sizeof (*id), id->id_type);
889  }
890  else if (payload == IKEV2_PAYLOAD_IDR) /* 36 */
891  {
892  ike_id_payload_header_t *id = (ike_id_payload_header_t *) ikep;
893 
894  sa->r_id.type = id->id_type;
895  vec_free (sa->r_id.data);
896  vec_add (sa->r_id.data, id->payload, plen - sizeof (*id));
897 
898  clib_warning ("received payload IDr len %u id_type %u",
899  plen - sizeof (*id), id->id_type);
900  }
901  else if (payload == IKEV2_PAYLOAD_AUTH) /* 39 */
902  {
903  ike_auth_payload_header_t *a = (ike_auth_payload_header_t *) ikep;
904 
905  if (sa->is_initiator)
906  {
907  sa->r_auth.method = a->auth_method;
908  vec_free (sa->r_auth.data);
909  vec_add (sa->r_auth.data, a->payload, plen - sizeof (*a));
910  }
911  else
912  {
913  sa->i_auth.method = a->auth_method;
914  vec_free (sa->i_auth.data);
915  vec_add (sa->i_auth.data, a->payload, plen - sizeof (*a));
916  }
917 
918  clib_warning ("received payload AUTH, len %u auth_type %u",
919  plen - sizeof (*a), a->auth_method);
920  }
921  else if (payload == IKEV2_PAYLOAD_NOTIFY) /* 41 */
922  {
924  if (n->msg_type == IKEV2_NOTIFY_MSG_INITIAL_CONTACT)
925  {
926  sa->initial_contact = 1;
927  }
928  vec_free (n);
929  }
930  else if (payload == IKEV2_PAYLOAD_VENDOR) /* 43 */
931  {
933  }
934  else if (payload == IKEV2_PAYLOAD_TSI) /* 44 */
935  {
936  clib_warning ("received payload TSi, len %u",
937  plen - sizeof (*ikep));
938 
939  vec_free (first_child_sa->tsi);
940  first_child_sa->tsi = ikev2_parse_ts_payload (ikep);
941  }
942  else if (payload == IKEV2_PAYLOAD_TSR) /* 45 */
943  {
944  clib_warning ("received payload TSr, len %u",
945  plen - sizeof (*ikep));
946 
947  vec_free (first_child_sa->tsr);
948  first_child_sa->tsr = ikev2_parse_ts_payload (ikep);
949  }
950  else
951  {
952  clib_warning ("unknown payload %u flags %x length %u data %u",
953  payload, ikep->flags, plen - 4,
954  format_hex_bytes, ikep->payload, plen - 4);
955 
956  if (ikep->flags & IKEV2_PAYLOAD_FLAG_CRITICAL)
957  {
959  sa->unsupported_cp = payload;
960  return;
961  }
962  }
963 
964  payload = ikep->nextpayload;
965  p += plen;
966  }
967 
968 cleanup_and_exit:
969  vec_free (plaintext);
970 }
971 
972 static void
974  ike_header_t * ike)
975 {
976  int p = 0;
977  u32 len = clib_net_to_host_u32 (ike->length);
978  u8 payload = ike->nextpayload;
979  u8 *plaintext = 0;
980 
981  ike_payload_header_t *ikep;
982  u32 plen;
983 
984  clib_warning ("ispi %lx rspi %lx nextpayload %x version %x "
985  "exchange %x flags %x msgid %x length %u",
986  clib_net_to_host_u64 (ike->ispi),
987  clib_net_to_host_u64 (ike->rspi),
988  payload, ike->version,
989  ike->exchange, ike->flags,
990  clib_net_to_host_u32 (ike->msgid), len);
991 
992  plaintext = ikev2_decrypt_sk_payload (sa, ike, &payload);
993 
994  if (!plaintext)
995  goto cleanup_and_exit;
996 
997  /* process encrypted payload */
998  p = 0;
999  while (p < vec_len (plaintext) && payload != IKEV2_PAYLOAD_NONE)
1000  {
1001  ikep = (ike_payload_header_t *) & plaintext[p];
1002  plen = clib_net_to_host_u16 (ikep->length);
1003 
1004  if (plen < sizeof (ike_payload_header_t))
1005  goto cleanup_and_exit;
1006 
1007  if (payload == IKEV2_PAYLOAD_NOTIFY) /* 41 */
1008  {
1010  if (n->msg_type == IKEV2_NOTIFY_MSG_AUTHENTICATION_FAILED)
1012  vec_free (n);
1013  }
1014  else if (payload == IKEV2_PAYLOAD_DELETE) /* 42 */
1015  {
1016  sa->del = ikev2_parse_delete_payload (ikep);
1017  }
1018  else if (payload == IKEV2_PAYLOAD_VENDOR) /* 43 */
1019  {
1021  }
1022  else
1023  {
1024  clib_warning ("unknown payload %u flags %x length %u data %u",
1025  payload, ikep->flags, plen - 4,
1026  format_hex_bytes, ikep->payload, plen - 4);
1027 
1028  if (ikep->flags & IKEV2_PAYLOAD_FLAG_CRITICAL)
1029  {
1030  sa->unsupported_cp = payload;
1031  return;
1032  }
1033  }
1034 
1035  payload = ikep->nextpayload;
1036  p += plen;
1037  }
1038 
1039 cleanup_and_exit:
1040  vec_free (plaintext);
1041 }
1042 
1043 static void
1045  ike_header_t * ike)
1046 {
1047  int p = 0;
1048  u32 len = clib_net_to_host_u32 (ike->length);
1049  u8 payload = ike->nextpayload;
1050  u8 *plaintext = 0;
1051  u8 rekeying = 0;
1052  u8 nonce[IKEV2_NONCE_SIZE];
1053 
1054  ike_payload_header_t *ikep;
1055  u32 plen;
1056  ikev2_notify_t *n = 0;
1057  ikev2_ts_t *tsi = 0;
1058  ikev2_ts_t *tsr = 0;
1059  ikev2_sa_proposal_t *proposal = 0;
1060  ikev2_child_sa_t *child_sa;
1061 
1062  clib_warning ("ispi %lx rspi %lx nextpayload %x version %x "
1063  "exchange %x flags %x msgid %x length %u",
1064  clib_net_to_host_u64 (ike->ispi),
1065  clib_net_to_host_u64 (ike->rspi),
1066  payload, ike->version,
1067  ike->exchange, ike->flags,
1068  clib_net_to_host_u32 (ike->msgid), len);
1069 
1070  plaintext = ikev2_decrypt_sk_payload (sa, ike, &payload);
1071 
1072  if (!plaintext)
1073  goto cleanup_and_exit;
1074 
1075  /* process encrypted payload */
1076  p = 0;
1077  while (p < vec_len (plaintext) && payload != IKEV2_PAYLOAD_NONE)
1078  {
1079  ikep = (ike_payload_header_t *) & plaintext[p];
1080  plen = clib_net_to_host_u16 (ikep->length);
1081 
1082  if (plen < sizeof (ike_payload_header_t))
1083  goto cleanup_and_exit;
1084 
1085  else if (payload == IKEV2_PAYLOAD_SA)
1086  {
1087  proposal = ikev2_parse_sa_payload (ikep);
1088  }
1089  else if (payload == IKEV2_PAYLOAD_NOTIFY)
1090  {
1091  n = ikev2_parse_notify_payload (ikep);
1092  if (n->msg_type == IKEV2_NOTIFY_MSG_REKEY_SA)
1093  {
1094  rekeying = 1;
1095  }
1096  }
1097  else if (payload == IKEV2_PAYLOAD_DELETE)
1098  {
1099  sa->del = ikev2_parse_delete_payload (ikep);
1100  }
1101  else if (payload == IKEV2_PAYLOAD_VENDOR)
1102  {
1104  }
1105  else if (payload == IKEV2_PAYLOAD_NONCE)
1106  {
1107  clib_memcpy (nonce, ikep->payload, plen - sizeof (*ikep));
1108  }
1109  else if (payload == IKEV2_PAYLOAD_TSI)
1110  {
1111  tsi = ikev2_parse_ts_payload (ikep);
1112  }
1113  else if (payload == IKEV2_PAYLOAD_TSR)
1114  {
1115  tsr = ikev2_parse_ts_payload (ikep);
1116  }
1117  else
1118  {
1119  clib_warning ("unknown payload %u flags %x length %u data %u",
1120  payload, ikep->flags, plen - 4,
1121  format_hex_bytes, ikep->payload, plen - 4);
1122 
1123  if (ikep->flags & IKEV2_PAYLOAD_FLAG_CRITICAL)
1124  {
1125  sa->unsupported_cp = payload;
1126  return;
1127  }
1128  }
1129 
1130  payload = ikep->nextpayload;
1131  p += plen;
1132  }
1133 
1134  if (sa->is_initiator && proposal->protocol_id == IKEV2_PROTOCOL_ESP)
1135  {
1136  ikev2_rekey_t *rekey = &sa->rekey[0];
1137  rekey->protocol_id = proposal->protocol_id;
1138  rekey->i_proposal =
1140  rekey->i_proposal->spi = rekey->spi;
1141  rekey->r_proposal = proposal;
1142  rekey->tsi = tsi;
1143  rekey->tsr = tsr;
1144  /* update Nr */
1145  vec_free (sa->r_nonce);
1146  vec_add (sa->r_nonce, nonce, IKEV2_NONCE_SIZE);
1147  child_sa = ikev2_sa_get_child (sa, rekey->ispi, IKEV2_PROTOCOL_ESP, 1);
1148  if (child_sa)
1149  {
1150  child_sa->rekey_retries = 0;
1151  }
1152  }
1153  else if (rekeying)
1154  {
1155  ikev2_rekey_t *rekey;
1156  child_sa = ikev2_sa_get_child (sa, n->spi, n->protocol_id, 1);
1157  if (!child_sa)
1158  {
1159  clib_warning ("child SA spi %lx not found", n->spi);
1160  goto cleanup_and_exit;
1161  }
1162  vec_add2 (sa->rekey, rekey, 1);
1163  rekey->protocol_id = n->protocol_id;
1164  rekey->spi = n->spi;
1165  rekey->i_proposal = proposal;
1166  rekey->r_proposal =
1168  rekey->tsi = tsi;
1169  rekey->tsr = tsr;
1170  /* update Ni */
1171  vec_free (sa->i_nonce);
1172  vec_add (sa->i_nonce, nonce, IKEV2_NONCE_SIZE);
1173  /* generate new Nr */
1174  vec_free (sa->r_nonce);
1176  RAND_bytes ((u8 *) sa->r_nonce, IKEV2_NONCE_SIZE);
1177  }
1178 
1179 cleanup_and_exit:
1180  vec_free (plaintext);
1181  vec_free (n);
1182 }
1183 
1184 static u8 *
1185 ikev2_sa_generate_authmsg (ikev2_sa_t * sa, int is_responder)
1186 {
1187  u8 *authmsg = 0;
1188  u8 *data;
1189  u8 *nonce;
1190  ikev2_id_t *id;
1191  u8 *key;
1192  u8 *packet_data;
1193  ikev2_sa_transform_t *tr_prf;
1194 
1195  tr_prf =
1196  ikev2_sa_get_td_for_type (sa->r_proposals, IKEV2_TRANSFORM_TYPE_PRF);
1197 
1198  if (is_responder)
1199  {
1200  id = &sa->r_id;
1201  key = sa->sk_pr;
1202  nonce = sa->i_nonce;
1203  packet_data = sa->last_sa_init_res_packet_data;
1204  }
1205  else
1206  {
1207  id = &sa->i_id;
1208  key = sa->sk_pi;
1209  nonce = sa->r_nonce;
1210  packet_data = sa->last_sa_init_req_packet_data;
1211  }
1212 
1213  data = vec_new (u8, 4);
1214  data[0] = id->type;
1215  vec_append (data, id->data);
1216 
1217  u8 *id_hash = ikev2_calc_prf (tr_prf, key, data);
1218  vec_append (authmsg, packet_data);
1219  vec_append (authmsg, nonce);
1220  vec_append (authmsg, id_hash);
1221  vec_free (id_hash);
1222  vec_free (data);
1223 
1224  return authmsg;
1225 }
1226 
1227 static int
1229 {
1230  if (ts1->ts_type == ts2->ts_type && ts1->protocol_id == ts2->protocol_id &&
1231  ts1->start_port == ts2->start_port && ts1->end_port == ts2->end_port &&
1232  ts1->start_addr.as_u32 == ts2->start_addr.as_u32 &&
1233  ts1->end_addr.as_u32 == ts2->end_addr.as_u32)
1234  return 1;
1235 
1236  return 0;
1237 }
1238 
1239 static void
1241 {
1242  ikev2_main_t *km = &ikev2_main;
1243  ikev2_profile_t *p;
1244  ikev2_ts_t *ts, *p_tsi, *p_tsr, *tsi = 0, *tsr = 0;
1245  ikev2_id_t *id;
1246 
1247  /* *INDENT-OFF* */
1248  pool_foreach (p, km->profiles, ({
1249 
1250  if (sa->is_initiator)
1251  {
1252  p_tsi = &p->loc_ts;
1253  p_tsr = &p->rem_ts;
1254  id = &sa->r_id;
1255  }
1256  else
1257  {
1258  p_tsi = &p->rem_ts;
1259  p_tsr = &p->loc_ts;
1260  id = &sa->i_id;
1261  }
1262 
1263  /* check id */
1264  if (p->rem_id.type != id->type ||
1265  vec_len(p->rem_id.data) != vec_len(id->data) ||
1266  memcmp(p->rem_id.data, id->data, vec_len(p->rem_id.data)))
1267  continue;
1268 
1269  vec_foreach(ts, sa->childs[0].tsi)
1270  {
1271  if (ikev2_ts_cmp(p_tsi, ts))
1272  {
1273  tsi = vec_dup(ts);
1274  break;
1275  }
1276  }
1277 
1278  vec_foreach(ts, sa->childs[0].tsr)
1279  {
1280  if (ikev2_ts_cmp(p_tsr, ts))
1281  {
1282  tsr = vec_dup(ts);
1283  break;
1284  }
1285  }
1286 
1287  break;
1288  }));
1289  /* *INDENT-ON* */
1290 
1291  if (tsi && tsr)
1292  {
1293  vec_free (sa->childs[0].tsi);
1294  vec_free (sa->childs[0].tsr);
1295  sa->childs[0].tsi = tsi;
1296  sa->childs[0].tsr = tsr;
1297  }
1298  else
1299  {
1300  vec_free (tsi);
1301  vec_free (tsr);
1303  }
1304 }
1305 
1306 static void
1308 {
1309  ikev2_main_t *km = &ikev2_main;
1310  ikev2_profile_t *p, *sel_p = 0;
1311  u8 *authmsg, *key_pad, *psk = 0, *auth = 0;
1312  ikev2_sa_transform_t *tr_prf;
1313 
1314  tr_prf =
1315  ikev2_sa_get_td_for_type (sa->r_proposals, IKEV2_TRANSFORM_TYPE_PRF);
1316 
1317  /* only shared key and rsa signature */
1318  if (!(sa->i_auth.method == IKEV2_AUTH_METHOD_SHARED_KEY_MIC ||
1319  sa->i_auth.method == IKEV2_AUTH_METHOD_RSA_SIG))
1320  {
1321  clib_warning ("unsupported authentication method %u",
1322  sa->i_auth.method);
1324  return;
1325  }
1326 
1327  key_pad = format (0, "%s", IKEV2_KEY_PAD);
1328  authmsg = ikev2_sa_generate_authmsg (sa, sa->is_initiator);
1329 
1330  ikev2_id_t *sa_id;
1331  ikev2_auth_t *sa_auth;
1332 
1333  if (sa->is_initiator)
1334  {
1335  sa_id = &sa->r_id;
1336  sa_auth = &sa->r_auth;
1337  }
1338  else
1339  {
1340  sa_id = &sa->i_id;
1341  sa_auth = &sa->i_auth;
1342  }
1343 
1344  /* *INDENT-OFF* */
1345  pool_foreach (p, km->profiles, ({
1346 
1347  /* check id */
1348  if (p->rem_id.type != sa_id->type ||
1349  vec_len(p->rem_id.data) != vec_len(sa_id->data) ||
1350  memcmp(p->rem_id.data, sa_id->data, vec_len(p->rem_id.data)))
1351  continue;
1352 
1353  if (sa_auth->method == IKEV2_AUTH_METHOD_SHARED_KEY_MIC)
1354  {
1355  if (!p->auth.data ||
1356  p->auth.method != IKEV2_AUTH_METHOD_SHARED_KEY_MIC)
1357  continue;
1358 
1359  psk = ikev2_calc_prf(tr_prf, p->auth.data, key_pad);
1360  auth = ikev2_calc_prf(tr_prf, psk, authmsg);
1361 
1362  if (!memcmp(auth, sa_auth->data, vec_len(sa_auth->data)))
1363  {
1364  ikev2_set_state(sa, IKEV2_STATE_AUTHENTICATED);
1365  vec_free(auth);
1366  sel_p = p;
1367  break;
1368  }
1369 
1370  }
1371  else if (sa_auth->method == IKEV2_AUTH_METHOD_RSA_SIG)
1372  {
1373  if (p->auth.method != IKEV2_AUTH_METHOD_RSA_SIG)
1374  continue;
1375 
1376  if (ikev2_verify_sign(p->auth.key, sa_auth->data, authmsg) == 1)
1377  {
1378  ikev2_set_state(sa, IKEV2_STATE_AUTHENTICATED);
1379  sel_p = p;
1380  break;
1381  }
1382  }
1383 
1384  vec_free(auth);
1385  vec_free(psk);
1386  }));
1387  /* *INDENT-ON* */
1388 
1389  vec_free (authmsg);
1390 
1391  if (sa->state == IKEV2_STATE_AUTHENTICATED)
1392  {
1393  if (!sa->is_initiator)
1394  {
1395  vec_free (sa->r_id.data);
1396  sa->r_id.data = vec_dup (sel_p->loc_id.data);
1397  sa->r_id.type = sel_p->loc_id.type;
1398 
1399  /* generate our auth data */
1400  authmsg = ikev2_sa_generate_authmsg (sa, 1);
1401  if (sel_p->auth.method == IKEV2_AUTH_METHOD_SHARED_KEY_MIC)
1402  {
1403  sa->r_auth.data = ikev2_calc_prf (tr_prf, psk, authmsg);
1404  sa->r_auth.method = IKEV2_AUTH_METHOD_SHARED_KEY_MIC;
1405  }
1406  else if (sel_p->auth.method == IKEV2_AUTH_METHOD_RSA_SIG)
1407  {
1408  sa->r_auth.data = ikev2_calc_sign (km->pkey, authmsg);
1409  sa->r_auth.method = IKEV2_AUTH_METHOD_RSA_SIG;
1410  }
1411  vec_free (authmsg);
1412 
1413  /* select transforms for 1st child sa */
1414  ikev2_sa_free_proposal_vector (&sa->childs[0].r_proposals);
1415  sa->childs[0].r_proposals =
1416  ikev2_select_proposal (sa->childs[0].i_proposals,
1418  }
1419  }
1420  else
1421  {
1423  }
1424  vec_free (psk);
1425  vec_free (key_pad);
1426 }
1427 
1428 
1429 static void
1431 {
1432  ikev2_main_t *km = &ikev2_main;
1433  u8 *authmsg, *key_pad, *psk = 0, *auth = 0;
1434  ikev2_sa_transform_t *tr_prf;
1435 
1436  tr_prf =
1437  ikev2_sa_get_td_for_type (sa->r_proposals, IKEV2_TRANSFORM_TYPE_PRF);
1438 
1439  /* only shared key and rsa signature */
1440  if (!(sa->i_auth.method == IKEV2_AUTH_METHOD_SHARED_KEY_MIC ||
1441  sa->i_auth.method == IKEV2_AUTH_METHOD_RSA_SIG))
1442  {
1443  clib_warning ("unsupported authentication method %u",
1444  sa->i_auth.method);
1446  return;
1447  }
1448 
1449  key_pad = format (0, "%s", IKEV2_KEY_PAD);
1450  authmsg = ikev2_sa_generate_authmsg (sa, 0);
1451  psk = ikev2_calc_prf (tr_prf, sa->i_auth.data, key_pad);
1452  auth = ikev2_calc_prf (tr_prf, psk, authmsg);
1453 
1454 
1455  if (sa->i_auth.method == IKEV2_AUTH_METHOD_SHARED_KEY_MIC)
1456  {
1457  sa->i_auth.data = ikev2_calc_prf (tr_prf, psk, authmsg);
1458  sa->i_auth.method = IKEV2_AUTH_METHOD_SHARED_KEY_MIC;
1459  }
1460  else if (sa->i_auth.method == IKEV2_AUTH_METHOD_RSA_SIG)
1461  {
1462  sa->i_auth.data = ikev2_calc_sign (km->pkey, authmsg);
1463  sa->i_auth.method = IKEV2_AUTH_METHOD_RSA_SIG;
1464  }
1465 
1466  vec_free (psk);
1467  vec_free (key_pad);
1468  vec_free (auth);
1469  vec_free (authmsg);
1470 }
1471 
1472 
1473 static int
1475  ikev2_child_sa_t * child)
1476 {
1479  ikev2_sa_proposal_t *proposals;
1480  u8 encr_type = 0;
1481 
1482  if (!child->r_proposals)
1483  {
1485  return 1;
1486  }
1487 
1488  memset (&a, 0, sizeof (a));
1489  a.is_add = 1;
1490  if (sa->is_initiator)
1491  {
1492  a.local_ip.as_u32 = sa->iaddr.as_u32;
1493  a.remote_ip.as_u32 = sa->raddr.as_u32;
1494  proposals = child->i_proposals;
1495  a.local_spi = child->r_proposals[0].spi;
1496  a.remote_spi = child->i_proposals[0].spi;
1497  }
1498  else
1499  {
1500  a.local_ip.as_u32 = sa->raddr.as_u32;
1501  a.remote_ip.as_u32 = sa->iaddr.as_u32;
1502  proposals = child->r_proposals;
1503  a.local_spi = child->i_proposals[0].spi;
1504  a.remote_spi = child->r_proposals[0].spi;
1505  }
1506  a.anti_replay = 1;
1507 
1508  tr = ikev2_sa_get_td_for_type (proposals, IKEV2_TRANSFORM_TYPE_ESN);
1509  if (tr)
1510  a.esn = tr->esn_type;
1511  else
1512  a.esn = 0;
1513 
1514  tr = ikev2_sa_get_td_for_type (proposals, IKEV2_TRANSFORM_TYPE_ENCR);
1515  if (tr)
1516  {
1517  if (tr->encr_type == IKEV2_TRANSFORM_ENCR_TYPE_AES_CBC && tr->key_len)
1518  {
1519  switch (tr->key_len)
1520  {
1521  case 16:
1522  encr_type = IPSEC_CRYPTO_ALG_AES_CBC_128;
1523  break;
1524  case 24:
1525  encr_type = IPSEC_CRYPTO_ALG_AES_CBC_192;
1526  break;
1527  case 32:
1528  encr_type = IPSEC_CRYPTO_ALG_AES_CBC_256;
1529  break;
1530  default:
1532  return 1;
1533  break;
1534  }
1535  }
1536  else
1537  {
1539  return 1;
1540  }
1541  }
1542  else
1543  {
1545  return 1;
1546  }
1547 
1548  tr = ikev2_sa_get_td_for_type (proposals, IKEV2_TRANSFORM_TYPE_INTEG);
1549  if (tr)
1550  {
1551  if (tr->integ_type != IKEV2_TRANSFORM_INTEG_TYPE_AUTH_HMAC_SHA1_96)
1552  {
1554  return 1;
1555  }
1556  }
1557  else
1558  {
1560  return 1;
1561  }
1562 
1563  ikev2_calc_child_keys (sa, child);
1564 
1565  u8 *loc_ckey, *rem_ckey, *loc_ikey, *rem_ikey;
1566  if (sa->is_initiator)
1567  {
1568  loc_ikey = child->sk_ai;
1569  rem_ikey = child->sk_ar;
1570  loc_ckey = child->sk_ei;
1571  rem_ckey = child->sk_er;
1572  }
1573  else
1574  {
1575  loc_ikey = child->sk_ar;
1576  rem_ikey = child->sk_ai;
1577  loc_ckey = child->sk_er;
1578  rem_ckey = child->sk_ei;
1579  }
1580 
1581  a.integ_alg = IPSEC_INTEG_ALG_SHA1_96;
1582  a.local_integ_key_len = vec_len (loc_ikey);
1584  a.remote_integ_key_len = vec_len (rem_ikey);
1586 
1587  a.crypto_alg = encr_type;
1588  a.local_crypto_key_len = vec_len (loc_ckey);
1590  a.remote_crypto_key_len = vec_len (rem_ckey);
1592 
1593  if (sa->profile && sa->profile->lifetime)
1594  {
1596  + sa->profile->lifetime;
1597  if (sa->profile->lifetime_jitter)
1598  {
1599  // This is not much better than rand(3), which Coverity warns
1600  // is unsuitable for security applications; random_u32 is
1601  // however fast. If this perturbance to the expiration time
1602  // needs to use a better RNG then we may need to use something
1603  // like /dev/urandom which has significant overhead.
1604  u32 rnd = (u32) (vlib_time_now (vnm->vlib_main) * 1e6);
1605  rnd = random_u32 (&rnd);
1606 
1607  child->time_to_expiration +=
1608  1 + (rnd % sa->profile->lifetime_jitter);
1609  }
1610  }
1611 
1613 
1614  return 0;
1615 }
1616 
1617 static int
1619  ikev2_child_sa_t * child)
1620 {
1622 
1623  if (sa->is_initiator)
1624  {
1625  if (!vec_len (child->i_proposals))
1626  return 0;
1627 
1628  a.is_add = 0;
1629  a.local_ip.as_u32 = sa->iaddr.as_u32;
1630  a.remote_ip.as_u32 = sa->raddr.as_u32;
1631  a.local_spi = child->r_proposals[0].spi;
1632  a.remote_spi = child->i_proposals[0].spi;
1633  }
1634  else
1635  {
1636  if (!vec_len (child->r_proposals))
1637  return 0;
1638 
1639  a.is_add = 0;
1640  a.local_ip.as_u32 = sa->raddr.as_u32;
1641  a.remote_ip.as_u32 = sa->iaddr.as_u32;
1642  a.local_spi = child->i_proposals[0].spi;
1643  a.remote_spi = child->r_proposals[0].spi;
1644  }
1645 
1647  return 0;
1648 }
1649 
1650 static u32
1651 ikev2_generate_message (ikev2_sa_t * sa, ike_header_t * ike, void *user)
1652 {
1653  v8 *integ = 0;
1654  ike_payload_header_t *ph;
1655  u16 plen;
1656  u32 tlen = 0;
1657 
1658  ikev2_sa_transform_t *tr_encr, *tr_integ;
1659  tr_encr =
1660  ikev2_sa_get_td_for_type (sa->r_proposals, IKEV2_TRANSFORM_TYPE_ENCR);
1661  tr_integ =
1662  ikev2_sa_get_td_for_type (sa->r_proposals, IKEV2_TRANSFORM_TYPE_INTEG);
1663 
1664  ikev2_payload_chain_t *chain = 0;
1665  ikev2_payload_new_chain (chain);
1666 
1667  if (ike->exchange == IKEV2_EXCHANGE_SA_INIT)
1668  {
1669  if (sa->r_proposals == 0)
1670  {
1671  ikev2_payload_add_notify (chain,
1672  IKEV2_NOTIFY_MSG_NO_PROPOSAL_CHOSEN, 0);
1674  }
1675  else if (sa->dh_group == IKEV2_TRANSFORM_DH_TYPE_NONE)
1676  {
1677  u8 *data = vec_new (u8, 2);
1678  ikev2_sa_transform_t *tr_dh;
1679  tr_dh =
1681  IKEV2_TRANSFORM_TYPE_DH);
1682  ASSERT (tr_dh && tr_dh->dh_type);
1683 
1684  data[0] = (tr_dh->dh_type >> 8) & 0xff;
1685  data[1] = (tr_dh->dh_type) & 0xff;
1686 
1687  ikev2_payload_add_notify (chain,
1688  IKEV2_NOTIFY_MSG_INVALID_KE_PAYLOAD,
1689  data);
1690  vec_free (data);
1692  }
1693  else if (sa->state == IKEV2_STATE_NOTIFY_AND_DELETE)
1694  {
1695  u8 *data = vec_new (u8, 1);
1696 
1697  data[0] = sa->unsupported_cp;
1698  ikev2_payload_add_notify (chain,
1699  IKEV2_NOTIFY_MSG_UNSUPPORTED_CRITICAL_PAYLOAD,
1700  data);
1701  vec_free (data);
1702  }
1703  else
1704  {
1705  ike->rspi = clib_host_to_net_u64 (sa->rspi);
1706  ikev2_payload_add_sa (chain, sa->r_proposals);
1707  ikev2_payload_add_ke (chain, sa->dh_group, sa->r_dh_data);
1708  ikev2_payload_add_nonce (chain, sa->r_nonce);
1709  }
1710  }
1711  else if (ike->exchange == IKEV2_EXCHANGE_IKE_AUTH)
1712  {
1713  if (sa->state == IKEV2_STATE_AUTHENTICATED)
1714  {
1716  ikev2_payload_add_auth (chain, &sa->r_auth);
1717  ikev2_payload_add_sa (chain, sa->childs[0].r_proposals);
1720  }
1721  else if (sa->state == IKEV2_STATE_AUTH_FAILED)
1722  {
1723  ikev2_payload_add_notify (chain,
1724  IKEV2_NOTIFY_MSG_AUTHENTICATION_FAILED,
1725  0);
1727  }
1728  else if (sa->state == IKEV2_STATE_TS_UNACCEPTABLE)
1729  {
1730  ikev2_payload_add_notify (chain, IKEV2_NOTIFY_MSG_TS_UNACCEPTABLE,
1731  0);
1733  ikev2_payload_add_auth (chain, &sa->r_auth);
1734  }
1735  else if (sa->state == IKEV2_STATE_NO_PROPOSAL_CHOSEN)
1736  {
1737  ikev2_payload_add_notify (chain,
1738  IKEV2_NOTIFY_MSG_NO_PROPOSAL_CHOSEN, 0);
1740  ikev2_payload_add_auth (chain, &sa->r_auth);
1743  }
1744  else if (sa->state == IKEV2_STATE_NOTIFY_AND_DELETE)
1745  {
1746  u8 *data = vec_new (u8, 1);
1747 
1748  data[0] = sa->unsupported_cp;
1749  ikev2_payload_add_notify (chain,
1750  IKEV2_NOTIFY_MSG_UNSUPPORTED_CRITICAL_PAYLOAD,
1751  data);
1752  vec_free (data);
1753  }
1754  else if (sa->state == IKEV2_STATE_SA_INIT)
1755  {
1757  ikev2_payload_add_auth (chain, &sa->i_auth);
1758  ikev2_payload_add_sa (chain, sa->childs[0].i_proposals);
1761  }
1762  else
1763  {
1765  goto done;
1766  }
1767  }
1768  else if (ike->exchange == IKEV2_EXCHANGE_INFORMATIONAL)
1769  {
1770  /* if pending delete */
1771  if (sa->del)
1772  {
1773  if (sa->del[0].protocol_id == IKEV2_PROTOCOL_IKE)
1774  {
1775  if (sa->is_initiator)
1776  ikev2_payload_add_delete (chain, sa->del);
1777 
1778  /* The response to a request that deletes the IKE SA is an empty
1779  INFORMATIONAL response. */
1781  }
1782  /* The response to a request that deletes ESP or AH SAs will contain
1783  delete payloads for the paired SAs going in the other direction. */
1784  else
1785  {
1786  ikev2_payload_add_delete (chain, sa->del);
1787  }
1788  vec_free (sa->del);
1789  sa->del = 0;
1790  }
1791  /* received N(AUTHENTICATION_FAILED) */
1792  else if (sa->state == IKEV2_STATE_AUTH_FAILED)
1793  {
1795  goto done;
1796  }
1797  /* received unsupported critical payload */
1798  else if (sa->unsupported_cp)
1799  {
1800  u8 *data = vec_new (u8, 1);
1801 
1802  data[0] = sa->unsupported_cp;
1803  ikev2_payload_add_notify (chain,
1804  IKEV2_NOTIFY_MSG_UNSUPPORTED_CRITICAL_PAYLOAD,
1805  data);
1806  vec_free (data);
1807  sa->unsupported_cp = 0;
1808  }
1809  /* else send empty response */
1810  }
1811  else if (ike->exchange == IKEV2_EXCHANGE_CREATE_CHILD_SA)
1812  {
1813  if (sa->is_initiator)
1814  {
1815 
1816  ikev2_sa_proposal_t *proposals = (ikev2_sa_proposal_t *) user;
1817  ikev2_notify_t notify;
1818  u8 *data = vec_new (u8, 4);
1819  memset (&notify, 0, sizeof (notify));
1821  notify.spi = sa->childs[0].i_proposals->spi;
1822  *(u32 *) data = clib_host_to_net_u32 (notify.spi);
1823 
1824  ikev2_payload_add_sa (chain, proposals);
1825  ikev2_payload_add_nonce (chain, sa->i_nonce);
1828  ikev2_payload_add_notify_2 (chain, IKEV2_NOTIFY_MSG_REKEY_SA, data,
1829  &notify);
1830 
1831  vec_free (data);
1832  }
1833  else
1834  {
1835  if (sa->rekey)
1836  {
1837  ikev2_payload_add_sa (chain, sa->rekey[0].r_proposal);
1838  ikev2_payload_add_nonce (chain, sa->r_nonce);
1839  ikev2_payload_add_ts (chain, sa->rekey[0].tsi,
1841  ikev2_payload_add_ts (chain, sa->rekey[0].tsr,
1843  vec_del1 (sa->rekey, 0);
1844  }
1845  else if (sa->unsupported_cp)
1846  {
1847  u8 *data = vec_new (u8, 1);
1848 
1849  data[0] = sa->unsupported_cp;
1850  ikev2_payload_add_notify (chain,
1851  IKEV2_NOTIFY_MSG_UNSUPPORTED_CRITICAL_PAYLOAD,
1852  data);
1853  vec_free (data);
1854  sa->unsupported_cp = 0;
1855  }
1856  else
1857  {
1858  ikev2_payload_add_notify (chain,
1859  IKEV2_NOTIFY_MSG_NO_ADDITIONAL_SAS,
1860  0);
1861  }
1862  }
1863  }
1864 
1865  /* IKEv2 header */
1866  ike->version = IKE_VERSION_2;
1867  ike->nextpayload = IKEV2_PAYLOAD_SK;
1868  tlen = sizeof (*ike);
1869  if (sa->is_initiator)
1870  {
1871  ike->flags = IKEV2_HDR_FLAG_INITIATOR;
1872  sa->last_init_msg_id = clib_net_to_host_u32 (ike->msgid);
1873  }
1874  else
1875  {
1876  ike->flags = IKEV2_HDR_FLAG_RESPONSE;
1877  }
1878 
1879 
1880  if (ike->exchange == IKEV2_EXCHANGE_SA_INIT)
1881  {
1882  tlen += vec_len (chain->data);
1883  ike->nextpayload = chain->first_payload_type;
1884  ike->length = clib_host_to_net_u32 (tlen);
1885  clib_memcpy (ike->payload, chain->data, vec_len (chain->data));
1886 
1887  /* store whole IKE payload - needed for PSK auth */
1889  vec_add (sa->last_sa_init_res_packet_data, ike, tlen);
1890  }
1891  else
1892  {
1893 
1894  ikev2_payload_chain_add_padding (chain, tr_encr->block_size);
1895 
1896  /* SK payload */
1897  plen = sizeof (*ph);
1898  ph = (ike_payload_header_t *) & ike->payload[0];
1899  ph->nextpayload = chain->first_payload_type;
1900  ph->flags = 0;
1901  int enc_len = ikev2_encrypt_data (sa, chain->data, ph->payload);
1902  plen += enc_len;
1903 
1904  /* add space for hmac */
1905  plen += tr_integ->key_trunc;
1906  tlen += plen;
1907 
1908  /* payload and total length */
1909  ph->length = clib_host_to_net_u16 (plen);
1910  ike->length = clib_host_to_net_u32 (tlen);
1911 
1912  /* calc integrity data for whole packet except hash itself */
1913  integ =
1914  ikev2_calc_integr (tr_integ, sa->is_initiator ? sa->sk_ai : sa->sk_ar,
1915  (u8 *) ike, tlen - tr_integ->key_trunc);
1916 
1917  clib_memcpy (ike->payload + tlen - tr_integ->key_trunc - sizeof (*ike),
1918  integ, tr_integ->key_trunc);
1919 
1920  /* store whole IKE payload - needed for retransmit */
1922  vec_add (sa->last_res_packet_data, ike, tlen);
1923  }
1924 
1925 done:
1927  vec_free (integ);
1928  return tlen;
1929 }
1930 
1931 static int
1932 ikev2_retransmit_sa_init (ike_header_t * ike,
1933  ip4_address_t iaddr, ip4_address_t raddr)
1934 {
1935  ikev2_main_t *km = &ikev2_main;
1936  ikev2_sa_t *sa;
1937  u32 thread_index = vlib_get_thread_index ();
1938 
1939  /* *INDENT-OFF* */
1940  pool_foreach (sa, km->per_thread_data[thread_index].sas, ({
1941  if (sa->ispi == clib_net_to_host_u64(ike->ispi) &&
1942  sa->iaddr.as_u32 == iaddr.as_u32 &&
1943  sa->raddr.as_u32 == raddr.as_u32)
1944  {
1945  int p = 0;
1946  u32 len = clib_net_to_host_u32(ike->length);
1947  u8 payload = ike->nextpayload;
1948 
1949  while (p < len && payload!= IKEV2_PAYLOAD_NONE) {
1950  ike_payload_header_t * ikep = (ike_payload_header_t *) &ike->payload[p];
1951  u32 plen = clib_net_to_host_u16(ikep->length);
1952 
1953  if (plen < sizeof(ike_payload_header_t))
1954  return -1;
1955 
1956  if (payload == IKEV2_PAYLOAD_NONCE)
1957  {
1958  if (!memcmp(sa->i_nonce, ikep->payload, plen - sizeof(*ikep)))
1959  {
1960  /* req is retransmit */
1961  if (sa->state == IKEV2_STATE_SA_INIT)
1962  {
1963  ike_header_t * tmp;
1964  tmp = (ike_header_t*)sa->last_sa_init_res_packet_data;
1965  ike->ispi = tmp->ispi;
1966  ike->rspi = tmp->rspi;
1967  ike->nextpayload = tmp->nextpayload;
1968  ike->version = tmp->version;
1969  ike->exchange = tmp->exchange;
1970  ike->flags = tmp->flags;
1971  ike->msgid = tmp->msgid;
1972  ike->length = tmp->length;
1973  clib_memcpy(ike->payload, tmp->payload,
1974  clib_net_to_host_u32(tmp->length) - sizeof(*ike));
1975  clib_warning("IKE_SA_INIT retransmit from %U to %U",
1976  format_ip4_address, &raddr,
1977  format_ip4_address, &iaddr);
1978  return 1;
1979  }
1980  /* else ignore req */
1981  else
1982  {
1983  clib_warning("IKE_SA_INIT ignore from %U to %U",
1984  format_ip4_address, &raddr,
1985  format_ip4_address, &iaddr);
1986  return -1;
1987  }
1988  }
1989  }
1990  payload = ikep->nextpayload;
1991  p+=plen;
1992  }
1993  }
1994  }));
1995  /* *INDENT-ON* */
1996 
1997  /* req is not retransmit */
1998  return 0;
1999 }
2000 
2001 static int
2002 ikev2_retransmit_resp (ikev2_sa_t * sa, ike_header_t * ike)
2003 {
2004  u32 msg_id = clib_net_to_host_u32 (ike->msgid);
2005 
2006  /* new req */
2007  if (msg_id > sa->last_msg_id)
2008  {
2009  sa->last_msg_id = msg_id;
2010  return 0;
2011  }
2012  /* retransmitted req */
2013  else if (msg_id == sa->last_msg_id)
2014  {
2015  ike_header_t *tmp;
2016  tmp = (ike_header_t *) sa->last_res_packet_data;
2017  ike->ispi = tmp->ispi;
2018  ike->rspi = tmp->rspi;
2019  ike->nextpayload = tmp->nextpayload;
2020  ike->version = tmp->version;
2021  ike->exchange = tmp->exchange;
2022  ike->flags = tmp->flags;
2023  ike->msgid = tmp->msgid;
2024  ike->length = tmp->length;
2025  clib_memcpy (ike->payload, tmp->payload,
2026  clib_net_to_host_u32 (tmp->length) - sizeof (*ike));
2027  clib_warning ("IKE msgid %u retransmit from %U to %U",
2028  msg_id,
2029  format_ip4_address, &sa->raddr,
2030  format_ip4_address, &sa->iaddr);
2031  return 1;
2032  }
2033  /* old req ignore */
2034  else
2035  {
2036  clib_warning ("IKE msgid %u req ignore from %U to %U",
2037  msg_id,
2038  format_ip4_address, &sa->raddr,
2039  format_ip4_address, &sa->iaddr);
2040  return -1;
2041  }
2042 }
2043 
2044 static uword
2046  vlib_node_runtime_t * node, vlib_frame_t * frame)
2047 {
2048  u32 n_left_from, *from, *to_next;
2049  ikev2_next_t next_index;
2050  ikev2_main_t *km = &ikev2_main;
2051  u32 thread_index = vlib_get_thread_index ();
2052 
2053  from = vlib_frame_vector_args (frame);
2054  n_left_from = frame->n_vectors;
2055  next_index = node->cached_next_index;
2056 
2057  while (n_left_from > 0)
2058  {
2059  u32 n_left_to_next;
2060 
2061  vlib_get_next_frame (vm, node, next_index, to_next, n_left_to_next);
2062 
2063  while (n_left_from > 0 && n_left_to_next > 0)
2064  {
2065  u32 bi0;
2066  vlib_buffer_t *b0;
2067  u32 next0 = IKEV2_NEXT_ERROR_DROP;
2068  u32 sw_if_index0;
2069  ip4_header_t *ip40;
2070  udp_header_t *udp0;
2071  ike_header_t *ike0;
2072  ikev2_sa_t *sa0 = 0;
2073  ikev2_sa_t sa; /* temporary store for SA */
2074  int len = 0;
2075  int r;
2076 
2077  /* speculatively enqueue b0 to the current next frame */
2078  bi0 = from[0];
2079  to_next[0] = bi0;
2080  from += 1;
2081  to_next += 1;
2082  n_left_from -= 1;
2083  n_left_to_next -= 1;
2084 
2085  b0 = vlib_get_buffer (vm, bi0);
2086  ike0 = vlib_buffer_get_current (b0);
2087  vlib_buffer_advance (b0, -sizeof (*udp0));
2088  udp0 = vlib_buffer_get_current (b0);
2089  vlib_buffer_advance (b0, -sizeof (*ip40));
2090  ip40 = vlib_buffer_get_current (b0);
2091 
2092  if (ike0->version != IKE_VERSION_2)
2093  {
2095  IKEV2_ERROR_NOT_IKEV2, 1);
2096  goto dispatch0;
2097  }
2098 
2099  if (ike0->exchange == IKEV2_EXCHANGE_SA_INIT)
2100  {
2101  sa0 = &sa;
2102  memset (sa0, 0, sizeof (*sa0));
2103 
2104  if (ike0->flags & IKEV2_HDR_FLAG_INITIATOR)
2105  {
2106  if (ike0->rspi == 0)
2107  {
2108  sa0->raddr.as_u32 = ip40->dst_address.as_u32;
2109  sa0->iaddr.as_u32 = ip40->src_address.as_u32;
2110 
2111  r = ikev2_retransmit_sa_init (ike0, sa0->iaddr,
2112  sa0->raddr);
2113  if (r == 1)
2114  {
2116  IKEV2_ERROR_IKE_SA_INIT_RETRANSMIT,
2117  1);
2118  len = clib_net_to_host_u32 (ike0->length);
2119  goto dispatch0;
2120  }
2121  else if (r == -1)
2122  {
2124  IKEV2_ERROR_IKE_SA_INIT_IGNORE,
2125  1);
2126  goto dispatch0;
2127  }
2128 
2129  ikev2_process_sa_init_req (vm, sa0, ike0);
2130 
2131  if (sa0->state == IKEV2_STATE_SA_INIT)
2132  {
2134  sa0->r_proposals =
2138  }
2139 
2140  if (sa0->state == IKEV2_STATE_SA_INIT
2142  {
2143  len = ikev2_generate_message (sa0, ike0, 0);
2144  }
2145 
2146  if (sa0->state == IKEV2_STATE_SA_INIT)
2147  {
2148  /* add SA to the pool */
2149  pool_get (km->per_thread_data[thread_index].sas,
2150  sa0);
2151  clib_memcpy (sa0, &sa, sizeof (*sa0));
2152  hash_set (km->
2153  per_thread_data[thread_index].sa_by_rspi,
2154  sa0->rspi,
2155  sa0 -
2156  km->per_thread_data[thread_index].sas);
2157  }
2158  else
2159  {
2160  ikev2_sa_free_all_vec (sa0);
2161  }
2162  }
2163  }
2164  else
2165  {
2166  ikev2_process_sa_init_resp (vm, sa0, ike0);
2167 
2168  if (sa0->state == IKEV2_STATE_SA_INIT)
2169  {
2170  ike0->exchange = IKEV2_EXCHANGE_IKE_AUTH;
2171  uword *p = hash_get (km->sa_by_ispi, ike0->ispi);
2172  if (p)
2173  {
2174  ikev2_sa_t *sai =
2175  pool_elt_at_index (km->sais, p[0]);
2176 
2177  ikev2_complete_sa_data (sa0, sai);
2178  ikev2_calc_keys (sa0);
2179  ikev2_sa_auth_init (sa0);
2180  len = ikev2_generate_message (sa0, ike0, 0);
2181  }
2182  }
2183 
2184  if (sa0->state == IKEV2_STATE_SA_INIT)
2185  {
2186  /* add SA to the pool */
2187  pool_get (km->per_thread_data[thread_index].sas, sa0);
2188  clib_memcpy (sa0, &sa, sizeof (*sa0));
2189  hash_set (km->per_thread_data[thread_index].sa_by_rspi,
2190  sa0->rspi,
2191  sa0 - km->per_thread_data[thread_index].sas);
2192  }
2193  else
2194  {
2195  ikev2_sa_free_all_vec (sa0);
2196  }
2197  }
2198  }
2199  else if (ike0->exchange == IKEV2_EXCHANGE_IKE_AUTH)
2200  {
2201  uword *p;
2202  p = hash_get (km->per_thread_data[thread_index].sa_by_rspi,
2203  clib_net_to_host_u64 (ike0->rspi));
2204  if (p)
2205  {
2206  sa0 =
2207  pool_elt_at_index (km->per_thread_data[thread_index].sas,
2208  p[0]);
2209 
2210  r = ikev2_retransmit_resp (sa0, ike0);
2211  if (r == 1)
2212  {
2214  IKEV2_ERROR_IKE_REQ_RETRANSMIT,
2215  1);
2216  len = clib_net_to_host_u32 (ike0->length);
2217  goto dispatch0;
2218  }
2219  else if (r == -1)
2220  {
2222  IKEV2_ERROR_IKE_REQ_IGNORE,
2223  1);
2224  goto dispatch0;
2225  }
2226 
2227  ikev2_process_auth_req (vm, sa0, ike0);
2228  ikev2_sa_auth (sa0);
2229  if (sa0->state == IKEV2_STATE_AUTHENTICATED)
2230  {
2232  ikev2_sa_match_ts (sa0);
2233  if (sa0->state != IKEV2_STATE_TS_UNACCEPTABLE)
2235  &sa0->childs[0]);
2236  }
2237 
2238  if (sa0->is_initiator)
2239  {
2240  uword *p = hash_get (km->sa_by_ispi, ike0->ispi);
2241  if (p)
2242  {
2243  ikev2_sa_t *sai =
2244  pool_elt_at_index (km->sais, p[0]);
2245  hash_unset (km->sa_by_ispi, sai->ispi);
2246  ikev2_sa_free_all_vec (sai);
2247  pool_put (km->sais, sai);
2248  }
2249  }
2250  else
2251  {
2252  len = ikev2_generate_message (sa0, ike0, 0);
2253  }
2254  }
2255  }
2256  else if (ike0->exchange == IKEV2_EXCHANGE_INFORMATIONAL)
2257  {
2258  uword *p;
2259  p = hash_get (km->per_thread_data[thread_index].sa_by_rspi,
2260  clib_net_to_host_u64 (ike0->rspi));
2261  if (p)
2262  {
2263  sa0 =
2264  pool_elt_at_index (km->per_thread_data[thread_index].sas,
2265  p[0]);
2266 
2267  r = ikev2_retransmit_resp (sa0, ike0);
2268  if (r == 1)
2269  {
2271  IKEV2_ERROR_IKE_REQ_RETRANSMIT,
2272  1);
2273  len = clib_net_to_host_u32 (ike0->length);
2274  goto dispatch0;
2275  }
2276  else if (r == -1)
2277  {
2279  IKEV2_ERROR_IKE_REQ_IGNORE,
2280  1);
2281  goto dispatch0;
2282  }
2283 
2284  ikev2_process_informational_req (vm, sa0, ike0);
2285  if (sa0->del)
2286  {
2287  if (sa0->del[0].protocol_id != IKEV2_PROTOCOL_IKE)
2288  {
2289  ikev2_delete_t *d, *tmp, *resp = 0;
2290  vec_foreach (d, sa0->del)
2291  {
2292  ikev2_child_sa_t *ch_sa;
2293  ch_sa = ikev2_sa_get_child (sa0, d->spi,
2294  d->protocol_id,
2295  !sa0->is_initiator);
2296  if (ch_sa)
2297  {
2299  sa0, ch_sa);
2300  if (!sa0->is_initiator)
2301  {
2302  vec_add2 (resp, tmp, 1);
2303  tmp->protocol_id = d->protocol_id;
2304  tmp->spi = ch_sa->r_proposals[0].spi;
2305  }
2306  ikev2_sa_del_child_sa (sa0, ch_sa);
2307  }
2308  }
2309  if (!sa0->is_initiator)
2310  {
2311  vec_free (sa0->del);
2312  sa0->del = resp;
2313  }
2314  }
2315  }
2316  if (!sa0->is_initiator)
2317  {
2318  len = ikev2_generate_message (sa0, ike0, 0);
2319  }
2320  }
2321  }
2322  else if (ike0->exchange == IKEV2_EXCHANGE_CREATE_CHILD_SA)
2323  {
2324  uword *p;
2325  p = hash_get (km->per_thread_data[thread_index].sa_by_rspi,
2326  clib_net_to_host_u64 (ike0->rspi));
2327  if (p)
2328  {
2329  sa0 =
2330  pool_elt_at_index (km->per_thread_data[thread_index].sas,
2331  p[0]);
2332 
2333  r = ikev2_retransmit_resp (sa0, ike0);
2334  if (r == 1)
2335  {
2337  IKEV2_ERROR_IKE_REQ_RETRANSMIT,
2338  1);
2339  len = clib_net_to_host_u32 (ike0->length);
2340  goto dispatch0;
2341  }
2342  else if (r == -1)
2343  {
2345  IKEV2_ERROR_IKE_REQ_IGNORE,
2346  1);
2347  goto dispatch0;
2348  }
2349 
2350  ikev2_process_create_child_sa_req (vm, sa0, ike0);
2351  if (sa0->rekey)
2352  {
2353  if (sa0->rekey[0].protocol_id != IKEV2_PROTOCOL_IKE)
2354  {
2355  ikev2_child_sa_t *child;
2356  vec_add2 (sa0->childs, child, 1);
2357  child->r_proposals = sa0->rekey[0].r_proposal;
2358  child->i_proposals = sa0->rekey[0].i_proposal;
2359  child->tsi = sa0->rekey[0].tsi;
2360  child->tsr = sa0->rekey[0].tsr;
2362  child);
2363  }
2364  if (sa0->is_initiator)
2365  {
2366  vec_del1 (sa0->rekey, 0);
2367  }
2368  else
2369  {
2370  len = ikev2_generate_message (sa0, ike0, 0);
2371  }
2372  }
2373  }
2374  }
2375  else
2376  {
2377  clib_warning ("IKEv2 exchange %u packet received from %U to %U",
2378  ike0->exchange,
2381  }
2382 
2383  dispatch0:
2384  /* if we are sending packet back, rewrite headers */
2385  if (len)
2386  {
2387  next0 = IKEV2_NEXT_IP4_LOOKUP;
2388  if (sa0->is_initiator)
2389  {
2390  ip40->dst_address.as_u32 = sa0->raddr.as_u32;
2391  ip40->src_address.as_u32 = sa0->iaddr.as_u32;
2392  }
2393  else
2394  {
2395  ip40->dst_address.as_u32 = sa0->iaddr.as_u32;
2396  ip40->src_address.as_u32 = sa0->raddr.as_u32;
2397  }
2398  udp0->length =
2399  clib_host_to_net_u16 (len + sizeof (udp_header_t));
2400  udp0->checksum = 0;
2401  b0->current_length =
2402  len + sizeof (ip4_header_t) + sizeof (udp_header_t);
2403  ip40->length = clib_host_to_net_u16 (b0->current_length);
2404  ip40->checksum = ip4_header_checksum (ip40);
2405  }
2406  /* delete sa */
2407  if (sa0 && (sa0->state == IKEV2_STATE_DELETED ||
2409  {
2411 
2412  vec_foreach (c, sa0->childs)
2414 
2415  ikev2_delete_sa (sa0);
2416  }
2417  sw_if_index0 = vnet_buffer (b0)->sw_if_index[VLIB_RX];
2418 
2420  && (b0->flags & VLIB_BUFFER_IS_TRACED)))
2421  {
2422  ikev2_trace_t *t = vlib_add_trace (vm, node, b0, sizeof (*t));
2423  t->sw_if_index = sw_if_index0;
2424  t->next_index = next0;
2425  }
2426 
2427  vlib_validate_buffer_enqueue_x1 (vm, node, next_index, to_next,
2428  n_left_to_next, bi0, next0);
2429  }
2430 
2431  vlib_put_next_frame (vm, node, next_index, n_left_to_next);
2432  }
2433 
2435  IKEV2_ERROR_PROCESSED, frame->n_vectors);
2436  return frame->n_vectors;
2437 }
2438 
2439 /* *INDENT-OFF* */
2440 VLIB_REGISTER_NODE (ikev2_node,static) = {
2441  .function = ikev2_node_fn,
2442  .name = "ikev2",
2443  .vector_size = sizeof (u32),
2444  .format_trace = format_ikev2_trace,
2445  .type = VLIB_NODE_TYPE_INTERNAL,
2446 
2447  .n_errors = ARRAY_LEN(ikev2_error_strings),
2448  .error_strings = ikev2_error_strings,
2449 
2450  .n_next_nodes = IKEV2_N_NEXT,
2451 
2452  .next_nodes = {
2453  [IKEV2_NEXT_IP4_LOOKUP] = "ip4-lookup",
2454  [IKEV2_NEXT_ERROR_DROP] = "error-drop",
2455  },
2456 };
2457 /* *INDENT-ON* */
2458 
2459 
2460 static clib_error_t *
2462  ikev2_transforms_set * ts,
2463  ikev2_sa_proposal_t ** proposals, int is_ike)
2464 {
2465  clib_error_t *r;
2466  ikev2_main_t *km = &ikev2_main;
2467  ikev2_sa_proposal_t *proposal;
2468  vec_add2 (*proposals, proposal, 1);
2470  int error;
2471 
2472  /* Encryption */
2473  error = 1;
2475  {
2476  if (td->type == IKEV2_TRANSFORM_TYPE_ENCR
2477  && td->encr_type == IKEV2_TRANSFORM_ENCR_TYPE_AES_CBC
2478  && td->key_len == ts->crypto_key_size / 8)
2479  {
2480  u16 attr[2];
2481  attr[0] = clib_host_to_net_u16 (14 | (1 << 15));
2482  attr[1] = clib_host_to_net_u16 (td->key_len << 3);
2483  vec_add (td->attrs, (u8 *) attr, 4);
2484  vec_add1 (proposal->transforms, *td);
2485  td->attrs = 0;
2486 
2487  error = 0;
2488  break;
2489  }
2490  }
2491  if (error)
2492  {
2493  r = clib_error_return (0, "Unsupported algorithm");
2494  return r;
2495  }
2496 
2497  /* Integrity */
2498  error = 1;
2500  {
2501  if (td->type == IKEV2_TRANSFORM_TYPE_INTEG
2502  && td->integ_type == IKEV2_TRANSFORM_INTEG_TYPE_AUTH_HMAC_SHA1_96)
2503  {
2504  vec_add1 (proposal->transforms, *td);
2505  error = 0;
2506  break;
2507  }
2508  }
2509  if (error)
2510  {
2511  r = clib_error_return (0, "Unsupported algorithm");
2512  return r;
2513  }
2514 
2515  /* PRF */
2516  if (is_ike)
2517  {
2518  error = 1;
2520  {
2521  if (td->type == IKEV2_TRANSFORM_TYPE_PRF
2522  && td->prf_type == IKEV2_TRANSFORM_PRF_TYPE_PRF_HMAC_SHA1)
2523  {
2524  vec_add1 (proposal->transforms, *td);
2525  error = 0;
2526  break;
2527  }
2528  }
2529  if (error)
2530  {
2531  r = clib_error_return (0, "Unsupported algorithm");
2532  return r;
2533  }
2534  }
2535 
2536  /* DH */
2537  error = 1;
2539  {
2540  if (td->type == IKEV2_TRANSFORM_TYPE_DH && td->dh_type == ts->dh_type)
2541  {
2542  vec_add1 (proposal->transforms, *td);
2543  if (is_ike)
2544  {
2545  sa->dh_group = td->dh_type;
2546  }
2547  error = 0;
2548  break;
2549  }
2550  }
2551  if (error)
2552  {
2553  r = clib_error_return (0, "Unsupported algorithm");
2554  return r;
2555  }
2556 
2557  if (!is_ike)
2558  {
2559  error = 1;
2561  {
2562  if (td->type == IKEV2_TRANSFORM_TYPE_ESN)
2563  {
2564  vec_add1 (proposal->transforms, *td);
2565  error = 0;
2566  break;
2567  }
2568  }
2569  if (error)
2570  {
2571  r = clib_error_return (0, "Unsupported algorithm");
2572  return r;
2573  }
2574  }
2575 
2576 
2577  return 0;
2578 }
2579 
2580 static ikev2_profile_t *
2582 {
2583  ikev2_main_t *km = &ikev2_main;
2584  uword *p;
2585 
2586  p = mhash_get (&km->profile_index_by_name, name);
2587  if (!p)
2588  return 0;
2589 
2590  return pool_elt_at_index (km->profiles, p[0]);
2591 }
2592 
2593 
2594 static void
2596  u32 bi0, u32 len)
2597 {
2598  ip4_header_t *ip40;
2599  udp_header_t *udp0;
2600  vlib_buffer_t *b0;
2601  vlib_frame_t *f;
2602  u32 *to_next;
2603 
2604  b0 = vlib_get_buffer (vm, bi0);
2605  vlib_buffer_advance (b0, -sizeof (udp_header_t));
2606  udp0 = vlib_buffer_get_current (b0);
2607  vlib_buffer_advance (b0, -sizeof (ip4_header_t));
2608  ip40 = vlib_buffer_get_current (b0);
2609 
2610 
2611  ip40->ip_version_and_header_length = 0x45;
2612  ip40->tos = 0;
2613  ip40->fragment_id = 0;
2614  ip40->flags_and_fragment_offset = 0;
2615  ip40->ttl = 0xff;
2616  ip40->protocol = IP_PROTOCOL_UDP;
2617  ip40->dst_address.as_u32 = dst->as_u32;
2618  ip40->src_address.as_u32 = src->as_u32;
2619  udp0->dst_port = clib_host_to_net_u16 (500);
2620  udp0->src_port = clib_host_to_net_u16 (500);
2621  udp0->length = clib_host_to_net_u16 (len + sizeof (udp_header_t));
2622  udp0->checksum = 0;
2623  b0->current_length = len + sizeof (ip4_header_t) + sizeof (udp_header_t);
2624  ip40->length = clib_host_to_net_u16 (b0->current_length);
2625  ip40->checksum = ip4_header_checksum (ip40);
2626 
2627 
2628  /* send the request */
2629  f = vlib_get_frame_to_node (vm, ip4_lookup_node.index);
2630  to_next = vlib_frame_vector_args (f);
2631  to_next[0] = bi0;
2632  f->n_vectors = 1;
2633  vlib_put_frame_to_node (vm, ip4_lookup_node.index, f);
2634 
2635 }
2636 
2637 static u32
2639 {
2640  u32 bi0;
2641  if (vlib_buffer_alloc (vm, &bi0, 1) != 1)
2642  {
2643  *ike = 0;
2644  return 0;
2645  }
2646  vlib_buffer_t *b0 = vlib_get_buffer (vm, bi0);
2647  *ike = vlib_buffer_get_current (b0);
2648  return bi0;
2649 }
2650 
2651 clib_error_t *
2653 {
2654  ikev2_main_t *km = &ikev2_main;
2655 
2656  km->pkey = ikev2_load_key_file (file);
2657  if (km->pkey == NULL)
2658  return clib_error_return (0, "load key '%s' failed", file);
2659 
2660  return 0;
2661 }
2662 
2663 clib_error_t *
2664 ikev2_add_del_profile (vlib_main_t * vm, u8 * name, int is_add)
2665 {
2666  ikev2_main_t *km = &ikev2_main;
2667  ikev2_profile_t *p;
2668 
2669  if (is_add)
2670  {
2671  if (ikev2_profile_index_by_name (name))
2672  return clib_error_return (0, "policy %v already exists", name);
2673 
2674  pool_get (km->profiles, p);
2675  memset (p, 0, sizeof (*p));
2676  p->name = vec_dup (name);
2677  p->responder.sw_if_index = ~0;
2678  uword index = p - km->profiles;
2679  mhash_set_mem (&km->profile_index_by_name, name, &index, 0);
2680  }
2681  else
2682  {
2683  p = ikev2_profile_index_by_name (name);
2684  if (!p)
2685  return clib_error_return (0, "policy %v does not exists", name);
2686 
2687  vec_free (p->name);
2688  pool_put (km->profiles, p);
2689  mhash_unset (&km->profile_index_by_name, name, 0);
2690  }
2691  return 0;
2692 }
2693 
2694 clib_error_t *
2695 ikev2_set_profile_auth (vlib_main_t * vm, u8 * name, u8 auth_method,
2696  u8 * auth_data, u8 data_hex_format)
2697 {
2698  ikev2_profile_t *p;
2699  clib_error_t *r;
2700 
2701  p = ikev2_profile_index_by_name (name);
2702 
2703  if (!p)
2704  {
2705  r = clib_error_return (0, "unknown profile %v", name);
2706  return r;
2707  }
2708  vec_free (p->auth.data);
2709  p->auth.method = auth_method;
2710  p->auth.data = vec_dup (auth_data);
2711  p->auth.hex = data_hex_format;
2712 
2713  if (auth_method == IKEV2_AUTH_METHOD_RSA_SIG)
2714  {
2715  vec_add1 (p->auth.data, 0);
2716  if (p->auth.key)
2717  EVP_PKEY_free (p->auth.key);
2718  p->auth.key = ikev2_load_cert_file (auth_data);
2719  if (p->auth.key == NULL)
2720  return clib_error_return (0, "load cert '%s' failed", auth_data);
2721  }
2722 
2723  return 0;
2724 }
2725 
2726 clib_error_t *
2727 ikev2_set_profile_id (vlib_main_t * vm, u8 * name, u8 id_type, u8 * data,
2728  int is_local)
2729 {
2730  ikev2_profile_t *p;
2731  clib_error_t *r;
2732 
2733  if (id_type > IKEV2_ID_TYPE_ID_RFC822_ADDR
2734  && id_type < IKEV2_ID_TYPE_ID_KEY_ID)
2735  {
2736  r = clib_error_return (0, "unsupported identity type %U",
2737  format_ikev2_id_type, id_type);
2738  return r;
2739  }
2740 
2741  p = ikev2_profile_index_by_name (name);
2742 
2743  if (!p)
2744  {
2745  r = clib_error_return (0, "unknown profile %v", name);
2746  return r;
2747  }
2748 
2749  if (is_local)
2750  {
2751  vec_free (p->loc_id.data);
2752  p->loc_id.type = id_type;
2753  p->loc_id.data = vec_dup (data);
2754  }
2755  else
2756  {
2757  vec_free (p->rem_id.data);
2758  p->rem_id.type = id_type;
2759  p->rem_id.data = vec_dup (data);
2760  }
2761 
2762  return 0;
2763 }
2764 
2765 clib_error_t *
2766 ikev2_set_profile_ts (vlib_main_t * vm, u8 * name, u8 protocol_id,
2767  u16 start_port, u16 end_port, ip4_address_t start_addr,
2768  ip4_address_t end_addr, int is_local)
2769 {
2770  ikev2_profile_t *p;
2771  clib_error_t *r;
2772 
2773  p = ikev2_profile_index_by_name (name);
2774 
2775  if (!p)
2776  {
2777  r = clib_error_return (0, "unknown profile %v", name);
2778  return r;
2779  }
2780 
2781  if (is_local)
2782  {
2783  p->loc_ts.start_addr.as_u32 = start_addr.as_u32;
2784  p->loc_ts.end_addr.as_u32 = end_addr.as_u32;
2785  p->loc_ts.start_port = start_port;
2786  p->loc_ts.end_port = end_port;
2787  p->loc_ts.protocol_id = protocol_id;
2788  p->loc_ts.ts_type = 7;
2789  }
2790  else
2791  {
2792  p->rem_ts.start_addr.as_u32 = start_addr.as_u32;
2793  p->rem_ts.end_addr.as_u32 = end_addr.as_u32;
2794  p->rem_ts.start_port = start_port;
2795  p->rem_ts.end_port = end_port;
2796  p->rem_ts.protocol_id = protocol_id;
2797  p->rem_ts.ts_type = 7;
2798  }
2799 
2800  return 0;
2801 }
2802 
2803 
2804 clib_error_t *
2806  u32 sw_if_index, ip4_address_t ip4)
2807 {
2808  ikev2_profile_t *p;
2809  clib_error_t *r;
2810 
2811  p = ikev2_profile_index_by_name (name);
2812 
2813  if (!p)
2814  {
2815  r = clib_error_return (0, "unknown profile %v", name);
2816  return r;
2817  }
2818 
2819  p->responder.sw_if_index = sw_if_index;
2820  p->responder.ip4 = ip4;
2821 
2822  return 0;
2823 }
2824 
2825 clib_error_t *
2827  ikev2_transform_encr_type_t crypto_alg,
2828  ikev2_transform_integ_type_t integ_alg,
2829  ikev2_transform_dh_type_t dh_type,
2830  u32 crypto_key_size)
2831 {
2832  ikev2_profile_t *p;
2833  clib_error_t *r;
2834 
2835  p = ikev2_profile_index_by_name (name);
2836 
2837  if (!p)
2838  {
2839  r = clib_error_return (0, "unknown profile %v", name);
2840  return r;
2841  }
2842 
2843  p->ike_ts.crypto_alg = crypto_alg;
2844  p->ike_ts.integ_alg = integ_alg;
2845  p->ike_ts.dh_type = dh_type;
2846  p->ike_ts.crypto_key_size = crypto_key_size;
2847  return 0;
2848 }
2849 
2850 clib_error_t *
2852  ikev2_transform_encr_type_t crypto_alg,
2853  ikev2_transform_integ_type_t integ_alg,
2854  ikev2_transform_dh_type_t dh_type,
2855  u32 crypto_key_size)
2856 {
2857  ikev2_profile_t *p;
2858  clib_error_t *r;
2859 
2860  p = ikev2_profile_index_by_name (name);
2861 
2862  if (!p)
2863  {
2864  r = clib_error_return (0, "unknown profile %v", name);
2865  return r;
2866  }
2867 
2868  p->esp_ts.crypto_alg = crypto_alg;
2869  p->esp_ts.integ_alg = integ_alg;
2870  p->esp_ts.dh_type = dh_type;
2871  p->esp_ts.crypto_key_size = crypto_key_size;
2872  return 0;
2873 }
2874 
2875 clib_error_t *
2877  u64 lifetime, u32 jitter, u32 handover,
2878  u64 maxdata)
2879 {
2880  ikev2_profile_t *p;
2881  clib_error_t *r;
2882 
2883  p = ikev2_profile_index_by_name (name);
2884 
2885  if (!p)
2886  {
2887  r = clib_error_return (0, "unknown profile %v", name);
2888  return r;
2889  }
2890 
2891  p->lifetime = lifetime;
2892  p->lifetime_jitter = jitter;
2893  p->handover = handover;
2894  p->lifetime_maxdata = maxdata;
2895  return 0;
2896 }
2897 
2898 clib_error_t *
2900 {
2901  ikev2_profile_t *p;
2902  clib_error_t *r;
2903  ip4_main_t *im = &ip4_main;
2904  ikev2_main_t *km = &ikev2_main;
2905 
2906  p = ikev2_profile_index_by_name (name);
2907 
2908  if (!p)
2909  {
2910  r = clib_error_return (0, "unknown profile %v", name);
2911  return r;
2912  }
2913 
2914  if (p->responder.sw_if_index == ~0 || p->responder.ip4.data_u32 == 0)
2915  {
2916  r = clib_error_return (0, "responder not set for profile %v", name);
2917  return r;
2918  }
2919 
2920 
2921  /* Create the Initiator Request */
2922  {
2923  ike_header_t *ike0;
2924  u32 bi0 = 0;
2925  ip_lookup_main_t *lm = &im->lookup_main;
2926  u32 if_add_index0;
2927  int len = sizeof (ike_header_t);
2928 
2929  /* Get own iface IP */
2930  if_add_index0 =
2932  ip_interface_address_t *if_add =
2933  pool_elt_at_index (lm->if_address_pool, if_add_index0);
2934  ip4_address_t *if_ip = ip_interface_address_get_address (lm, if_add);
2935 
2936  bi0 = ikev2_get_new_ike_header_buff (vm, &ike0);
2937 
2938  /* Prepare the SA and the IKE payload */
2939  ikev2_sa_t sa;
2940  memset (&sa, 0, sizeof (ikev2_sa_t));
2941  ikev2_payload_chain_t *chain = 0;
2942  ikev2_payload_new_chain (chain);
2943 
2944  /* Build the IKE proposal payload */
2945  ikev2_sa_proposal_t *proposals = 0;
2946  ikev2_set_initiator_proposals (vm, &sa, &p->ike_ts, &proposals, 1);
2947  proposals[0].proposal_num = 1;
2948  proposals[0].protocol_id = IKEV2_PROTOCOL_IKE;
2949 
2950  /* Add and then cleanup proposal data */
2951  ikev2_payload_add_sa (chain, proposals);
2952  ikev2_sa_free_proposal_vector (&proposals);
2953 
2954  sa.is_initiator = 1;
2955  sa.profile = p;
2958  ikev2_payload_add_ke (chain, sa.dh_group, sa.i_dh_data);
2959  ikev2_payload_add_nonce (chain, sa.i_nonce);
2960 
2961  /* Build the child SA proposal */
2962  vec_resize (sa.childs, 1);
2963  ikev2_set_initiator_proposals (vm, &sa, &p->esp_ts,
2964  &sa.childs[0].i_proposals, 0);
2965  sa.childs[0].i_proposals[0].proposal_num = 1;
2967  RAND_bytes ((u8 *) & sa.childs[0].i_proposals[0].spi,
2968  sizeof (sa.childs[0].i_proposals[0].spi));
2969 
2970 
2971 
2972  /* Add NAT detection notification messages (mandatory) */
2973  u8 nat_detection_source[8 + 8 + 4 + 2];
2974  u8 *nat_detection_sha1 = vec_new (u8, 20);
2975 
2976  u64 tmpspi = clib_host_to_net_u64 (sa.ispi);
2977  clib_memcpy (&nat_detection_source[0], &tmpspi, sizeof (tmpspi));
2978  tmpspi = clib_host_to_net_u64 (sa.rspi);
2979  clib_memcpy (&nat_detection_source[8], &tmpspi, sizeof (tmpspi));
2980  u16 tmpport = clib_host_to_net_u16 (500);
2981  clib_memcpy (&nat_detection_source[8 + 8 + 4], &tmpport,
2982  sizeof (tmpport));
2983  u32 tmpip = clib_host_to_net_u32 (if_ip->as_u32);
2984  clib_memcpy (&nat_detection_source[8 + 8], &tmpip, sizeof (tmpip));
2985  SHA1 (nat_detection_source, sizeof (nat_detection_source),
2986  nat_detection_sha1);
2987  ikev2_payload_add_notify (chain, IKEV2_NOTIFY_MSG_NAT_DETECTION_SOURCE_IP,
2988  nat_detection_sha1);
2989  tmpip = clib_host_to_net_u32 (p->responder.ip4.as_u32);
2990  clib_memcpy (&nat_detection_source[8 + 8], &tmpip, sizeof (tmpip));
2991  SHA1 (nat_detection_source, sizeof (nat_detection_source),
2992  nat_detection_sha1);
2993  ikev2_payload_add_notify (chain,
2994  IKEV2_NOTIFY_MSG_NAT_DETECTION_DESTINATION_IP,
2995  nat_detection_sha1);
2996  vec_free (nat_detection_sha1);
2997 
2998  u8 *sig_hash_algo = vec_new (u8, 8);
2999  u64 tmpsig = clib_host_to_net_u64 (0x0001000200030004);
3000  clib_memcpy (sig_hash_algo, &tmpsig, sizeof (tmpsig));
3001  ikev2_payload_add_notify (chain,
3002  IKEV2_NOTIFY_MSG_SIGNATURE_HASH_ALGORITHMS,
3003  sig_hash_algo);
3004  vec_free (sig_hash_algo);
3005 
3006 
3007  /* Buffer update and bolierplate */
3008  len += vec_len (chain->data);
3009  ike0->nextpayload = chain->first_payload_type;
3010  ike0->length = clib_host_to_net_u32 (len);
3011  clib_memcpy (ike0->payload, chain->data, vec_len (chain->data));
3013 
3014  ike0->version = IKE_VERSION_2;
3015  ike0->flags = IKEV2_HDR_FLAG_INITIATOR;
3016  ike0->exchange = IKEV2_EXCHANGE_SA_INIT;
3017  ike0->ispi = sa.ispi;
3018 
3019  /* store whole IKE payload - needed for PSK auth */
3021  vec_add (sa.last_sa_init_req_packet_data, ike0, len);
3022 
3023  /* add data to the SA then add it to the pool */
3024  sa.iaddr.as_u32 = if_ip->as_u32;
3025  sa.raddr.as_u32 = p->responder.ip4.as_u32;
3026  sa.i_id.type = p->loc_id.type;
3027  sa.i_id.data = vec_dup (p->loc_id.data);
3028  sa.i_auth.method = p->auth.method;
3029  sa.i_auth.hex = p->auth.hex;
3030  sa.i_auth.data = vec_dup (p->auth.data);
3031  sa.i_auth.key = vec_dup (p->auth.key);
3032  vec_add (sa.childs[0].tsi, &p->loc_ts, 1);
3033  vec_add (sa.childs[0].tsr, &p->rem_ts, 1);
3034 
3035  /* add SA to the pool */
3036  ikev2_sa_t *sa0 = 0;
3037  pool_get (km->sais, sa0);
3038  clib_memcpy (sa0, &sa, sizeof (*sa0));
3039  hash_set (km->sa_by_ispi, sa0->ispi, sa0 - km->sais);
3040 
3041  ikev2_send_ike (vm, if_ip, &p->responder.ip4, bi0, len);
3042 
3043  }
3044 
3045  return 0;
3046 }
3047 
3048 static void
3050  ikev2_child_sa_t * csa)
3051 {
3052  /* Create the Initiator notification for child SA removal */
3053  ikev2_main_t *km = &ikev2_main;
3054  ike_header_t *ike0;
3055  u32 bi0 = 0;
3056  int len;
3057 
3058  bi0 = ikev2_get_new_ike_header_buff (vm, &ike0);
3059 
3060 
3061  ike0->exchange = IKEV2_EXCHANGE_INFORMATIONAL;
3062  ike0->ispi = clib_host_to_net_u64 (sa->ispi);
3063  ike0->rspi = clib_host_to_net_u64 (sa->rspi);
3064  vec_resize (sa->del, 1);
3066  sa->del->spi = csa->i_proposals->spi;
3067  ike0->msgid = clib_host_to_net_u32 (sa->last_init_msg_id + 1);
3068  sa->last_init_msg_id = clib_net_to_host_u32 (ike0->msgid);
3069  len = ikev2_generate_message (sa, ike0, 0);
3070 
3071  ikev2_send_ike (vm, &sa->iaddr, &sa->raddr, bi0, len);
3072 
3073  /* delete local child SA */
3075  ikev2_sa_del_child_sa (sa, csa);
3076 }
3077 
3078 clib_error_t *
3080 {
3081  clib_error_t *r;
3082  ikev2_main_t *km = &ikev2_main;
3084  ikev2_sa_t *fsa = 0;
3085  ikev2_child_sa_t *fchild = 0;
3086 
3087  /* Search for the child SA */
3088  vec_foreach (tkm, km->per_thread_data)
3089  {
3090  ikev2_sa_t *sa;
3091  if (fchild)
3092  break;
3093  /* *INDENT-OFF* */
3094  pool_foreach (sa, tkm->sas, ({
3095  fchild = ikev2_sa_get_child(sa, ispi, IKEV2_PROTOCOL_ESP, 1);
3096  if (fchild)
3097  {
3098  fsa = sa;
3099  break;
3100  }
3101  }));
3102  /* *INDENT-ON* */
3103  }
3104 
3105  if (!fchild || !fsa)
3106  {
3107  r = clib_error_return (0, "Child SA not found");
3108  return r;
3109  }
3110  else
3111  {
3112  ikev2_delete_child_sa_internal (vm, fsa, fchild);
3113  }
3114 
3115  return 0;
3116 }
3117 
3118 clib_error_t *
3120 {
3121  clib_error_t *r;
3122  ikev2_main_t *km = &ikev2_main;
3124  ikev2_sa_t *fsa = 0;
3125  ikev2_main_per_thread_data_t *ftkm = 0;
3126 
3127  /* Search for the IKE SA */
3128  vec_foreach (tkm, km->per_thread_data)
3129  {
3130  ikev2_sa_t *sa;
3131  if (fsa)
3132  break;
3133  /* *INDENT-OFF* */
3134  pool_foreach (sa, tkm->sas, ({
3135  if (sa->ispi == ispi)
3136  {
3137  fsa = sa;
3138  ftkm = tkm;
3139  break;
3140  }
3141  }));
3142  /* *INDENT-ON* */
3143  }
3144 
3145  if (!fsa)
3146  {
3147  r = clib_error_return (0, "IKE SA not found");
3148  return r;
3149  }
3150 
3151 
3152  /* Create the Initiator notification for IKE SA removal */
3153  {
3154  ike_header_t *ike0;
3155  u32 bi0 = 0;
3156  int len;
3157 
3158  bi0 = ikev2_get_new_ike_header_buff (vm, &ike0);
3159 
3160 
3161  ike0->exchange = IKEV2_EXCHANGE_INFORMATIONAL;
3162  ike0->ispi = clib_host_to_net_u64 (fsa->ispi);
3163  ike0->rspi = clib_host_to_net_u64 (fsa->rspi);
3164  vec_resize (fsa->del, 1);
3165  fsa->del->protocol_id = IKEV2_PROTOCOL_IKE;
3166  fsa->del->spi = ispi;
3167  ike0->msgid = clib_host_to_net_u32 (fsa->last_init_msg_id + 1);
3168  fsa->last_init_msg_id = clib_net_to_host_u32 (ike0->msgid);
3169  len = ikev2_generate_message (fsa, ike0, 0);
3170 
3171  ikev2_send_ike (vm, &fsa->iaddr, &fsa->raddr, bi0, len);
3172  }
3173 
3174 
3175  /* delete local SA */
3177  vec_foreach (c, fsa->childs)
3178  {
3179  ikev2_delete_tunnel_interface (km->vnet_main, fsa, c);
3180  ikev2_sa_del_child_sa (fsa, c);
3181  }
3182  ikev2_sa_free_all_vec (fsa);
3183  uword *p = hash_get (ftkm->sa_by_rspi, fsa->rspi);
3184  if (p)
3185  {
3186  hash_unset (ftkm->sa_by_rspi, fsa->rspi);
3187  pool_put (ftkm->sas, fsa);
3188  }
3189 
3190 
3191  return 0;
3192 }
3193 
3194 static void
3196  ikev2_child_sa_t * csa)
3197 {
3198  /* Create the Initiator request for create child SA */
3199  ike_header_t *ike0;
3200  u32 bi0 = 0;
3201  int len;
3202 
3203 
3204  bi0 = ikev2_get_new_ike_header_buff (vm, &ike0);
3205 
3206 
3207  ike0->version = IKE_VERSION_2;
3208  ike0->flags = IKEV2_HDR_FLAG_INITIATOR;
3209  ike0->exchange = IKEV2_EXCHANGE_CREATE_CHILD_SA;
3210  ike0->ispi = clib_host_to_net_u64 (sa->ispi);
3211  ike0->rspi = clib_host_to_net_u64 (sa->rspi);
3212  ike0->msgid = clib_host_to_net_u32 (sa->last_init_msg_id + 1);
3213  sa->last_init_msg_id = clib_net_to_host_u32 (ike0->msgid);
3214 
3215  ikev2_rekey_t *rekey;
3216  vec_add2 (sa->rekey, rekey, 1);
3217  ikev2_sa_proposal_t *proposals = vec_dup (csa->i_proposals);
3218 
3219  /*need new ispi */
3220  RAND_bytes ((u8 *) & proposals[0].spi, sizeof (proposals[0].spi));
3221  rekey->spi = proposals[0].spi;
3222  rekey->ispi = csa->i_proposals->spi;
3223  len = ikev2_generate_message (sa, ike0, proposals);
3224  ikev2_send_ike (vm, &sa->iaddr, &sa->raddr, bi0, len);
3225  vec_free (proposals);
3226 }
3227 
3228 clib_error_t *
3230 {
3231  clib_error_t *r;
3232  ikev2_main_t *km = &ikev2_main;
3234  ikev2_sa_t *fsa = 0;
3235  ikev2_child_sa_t *fchild = 0;
3236 
3237  /* Search for the child SA */
3238  vec_foreach (tkm, km->per_thread_data)
3239  {
3240  ikev2_sa_t *sa;
3241  if (fchild)
3242  break;
3243  /* *INDENT-OFF* */
3244  pool_foreach (sa, tkm->sas, ({
3245  fchild = ikev2_sa_get_child(sa, ispi, IKEV2_PROTOCOL_ESP, 1);
3246  if (fchild)
3247  {
3248  fsa = sa;
3249  break;
3250  }
3251  }));
3252  /* *INDENT-ON* */
3253  }
3254 
3255  if (!fchild || !fsa)
3256  {
3257  r = clib_error_return (0, "Child SA not found");
3258  return r;
3259  }
3260  else
3261  {
3262  ikev2_rekey_child_sa_internal (vm, fsa, fchild);
3263  }
3264 
3265  return 0;
3266 }
3267 
3268 clib_error_t *
3270 {
3271  ikev2_main_t *km = &ikev2_main;
3272  clib_error_t *error;
3274  int thread_id;
3275 
3276  memset (km, 0, sizeof (ikev2_main_t));
3277  km->vnet_main = vnet_get_main ();
3278  km->vlib_main = vm;
3279 
3280  ikev2_crypto_init (km);
3281 
3283 
3284  vec_validate (km->per_thread_data, tm->n_vlib_mains - 1);
3285  for (thread_id = 0; thread_id < tm->n_vlib_mains - 1; thread_id++)
3286  {
3287  km->per_thread_data[thread_id].sa_by_rspi =
3288  hash_create (0, sizeof (uword));
3289  }
3290 
3291  km->sa_by_ispi = hash_create (0, sizeof (uword));
3292 
3293 
3294  if ((error = vlib_call_init_function (vm, ikev2_cli_init)))
3295  return error;
3296 
3297  udp_register_dst_port (vm, 500, ikev2_node.index, 1);
3298 
3299  return 0;
3300 }
3301 
3302 
3303 static u8
3305 {
3306  ikev2_main_t *km = &ikev2_main;
3307  vlib_main_t *vm = km->vlib_main;
3308  f64 now = vlib_time_now (vm);
3309  u8 res = 0;
3310 
3311  if (sa->is_initiator && sa->profile && csa->time_to_expiration
3312  && now > csa->time_to_expiration)
3313  {
3314  if (!csa->is_expired || csa->rekey_retries > 0)
3315  {
3316  ikev2_rekey_child_sa_internal (vm, sa, csa);
3317  csa->time_to_expiration = now + sa->profile->handover;
3318  csa->is_expired = 1;
3319  if (csa->rekey_retries == 0)
3320  {
3321  csa->rekey_retries = 5;
3322  }
3323  else if (csa->rekey_retries > 0)
3324  {
3325  csa->rekey_retries--;
3326  clib_warning ("Rekeing Child SA 0x%x, retries left %d",
3327  csa->i_proposals->spi, csa->rekey_retries);
3328  if (csa->rekey_retries == 0)
3329  {
3330  csa->rekey_retries = -1;
3331  }
3332  }
3333  res |= 1;
3334  }
3335  else
3336  {
3337  csa->time_to_expiration = 0;
3338  ikev2_delete_child_sa_internal (vm, sa, csa);
3339  res |= 1;
3340  }
3341  }
3342 
3343  return res;
3344 }
3345 
3346 static void
3348 {
3349  ikev2_main_t *km = &ikev2_main;
3350  vlib_main_t *vm = km->vlib_main;
3352  ikev2_sa_t *fsa = 0;
3353  ikev2_child_sa_t *fchild = 0;
3354  f64 now = vlib_time_now (vm);
3355 
3356  /* Search for the SA and child SA */
3357  vec_foreach (tkm, km->per_thread_data)
3358  {
3359  ikev2_sa_t *sa;
3360  if (fchild)
3361  break;
3362  /* *INDENT-OFF* */
3363  pool_foreach (sa, tkm->sas, ({
3364  fchild = ikev2_sa_get_child(sa, ipsec_sa->spi, IKEV2_PROTOCOL_ESP, 1);
3365  if (fchild)
3366  {
3367  fsa = sa;
3368  break;
3369  }
3370  }));
3371  /* *INDENT-ON* */
3372  }
3373 
3374  if (fchild && fsa && fsa->profile && fsa->profile->lifetime_maxdata)
3375  {
3376  if (!fchild->is_expired
3377  && ipsec_sa->total_data_size > fsa->profile->lifetime_maxdata)
3378  {
3379  fchild->time_to_expiration = now;
3380  }
3381  }
3382 }
3383 
3385 
3386 static uword
3388  vlib_frame_t * f)
3389 {
3390  ikev2_main_t *km = &ikev2_main;
3391  ipsec_main_t *im = &ipsec_main;
3392 
3393  while (1)
3394  {
3395  u8 req_sent = 0;
3398 
3399  /* process ike child sas */
3401  vec_foreach (tkm, km->per_thread_data)
3402  {
3403  ikev2_sa_t *sa;
3404  /* *INDENT-OFF* */
3405  pool_foreach (sa, tkm->sas, ({
3406  ikev2_child_sa_t *c;
3407  vec_foreach (c, sa->childs)
3408  {
3409  req_sent |= ikev2_mngr_process_child_sa(sa, c);
3410  }
3411  }));
3412  /* *INDENT-ON* */
3413  }
3414 
3415  /* process ipsec sas */
3416  ipsec_sa_t *sa;
3417  /* *INDENT-OFF* */
3418  pool_foreach (sa, im->sad, ({
3419  ikev2_mngr_process_ipsec_sa(sa);
3420  }));
3421  /* *INDENT-ON* */
3422 
3423  if (req_sent)
3424  {
3427  req_sent = 0;
3428  }
3429 
3430  }
3431  return 0;
3432 }
3433 
3434 /* *INDENT-OFF* */
3436  .function = ikev2_mngr_process_fn,
3437  .type = VLIB_NODE_TYPE_PROCESS,
3438  .name =
3439  "ikev2-manager-process",
3440 };
3441 
3442 /* *INDENT-ON* */
3443 
3444 /*
3445  * fd.io coding-style-patch-verification: ON
3446  *
3447  * Local Variables:
3448  * eval: (c-set-style "gnu")
3449  * End:
3450  */
ikev2_main_per_thread_data_t * per_thread_data
Definition: ikev2_priv.h:291
#define vec_validate(V, I)
Make sure vector is long enough for given index (no header, unspecified alignment) ...
Definition: vec.h:432
static int ikev2_retransmit_sa_init(ike_header_t *ike, ip4_address_t iaddr, ip4_address_t raddr)
Definition: ikev2.c:1932
u8 * dh_shared_key
Definition: ikev2_priv.h:211
ikev2_sa_t * sais
Definition: ikev2_priv.h:287
void ikev2_payload_add_nonce(ikev2_payload_chain_t *c, u8 *nonce)
static u8 * format_ikev2_trace(u8 *s, va_list *args)
Definition: ikev2.c:43
u8 * dh_private_key
Definition: ikev2_priv.h:212
ikev2_transform_type_t type
Definition: ikev2_priv.h:69
#define hash_set(h, key, value)
Definition: hash.h:254
sll srl srl sll sra u16x4 i
Definition: vector_sse2.h:337
#define IKEV2_PAYLOAD_NONCE
Definition: ikev2.h:99
clib_error_t * ikev2_set_profile_responder(vlib_main_t *vm, u8 *name, u32 sw_if_index, ip4_address_t ip4)
Definition: ikev2.c:2805
ikev2_id_t r_id
Definition: ikev2_priv.h:235
ikev2_id_type_t type
Definition: ikev2_priv.h:127
#define CLIB_UNUSED(x)
Definition: clib.h:79
void ikev2_payload_add_notify(ikev2_payload_chain_t *c, u16 msg_type, u8 *data)
ikev2_transforms_set ike_ts
Definition: ikev2_priv.h:189
static int ikev2_delete_tunnel_interface(vnet_main_t *vnm, ikev2_sa_t *sa, ikev2_child_sa_t *child)
Definition: ikev2.c:1618
static f64 vlib_process_wait_for_event_or_clock(vlib_main_t *vm, f64 dt)
Suspend a cooperative multi-tasking thread Waits for an event, or for the indicated number of seconds...
Definition: node_funcs.h:699
ikev2_transform_integ_type_t
Definition: ikev2.h:267
#define hash_unset(h, key)
Definition: hash.h:260
a
Definition: bitmap.h:516
static void ikev2_send_ike(vlib_main_t *vm, ip4_address_t *src, ip4_address_t *dst, u32 bi0, u32 len)
Definition: ikev2.c:2595
ip4_address_t src_address
Definition: ip4_packet.h:164
clib_error_t * ikev2_add_del_profile(vlib_main_t *vm, u8 *name, int is_add)
Definition: ikev2.c:2664
EVP_PKEY * pkey
Definition: ikev2_priv.h:280
ip_interface_address_t * if_address_pool
Pool of addresses that are assigned to interfaces.
Definition: lookup.h:122
void ikev2_payload_add_sa(ikev2_payload_chain_t *c, ikev2_sa_proposal_t *proposals)
vnet_main_t * vnet_get_main(void)
Definition: misc.c:46
static void ikev2_calc_keys(ikev2_sa_t *sa)
Definition: ikev2.c:430
ikev2_sa_proposal_t * ikev2_parse_sa_payload(ike_payload_header_t *ikep)
u32 last_init_msg_id
Definition: ikev2_priv.h:252
static u32 ikev2_generate_message(ikev2_sa_t *sa, ike_header_t *ike, void *user)
Definition: ikev2.c:1651
ikev2_transform_dh_type_t dh_type
Definition: ikev2_priv.h:120
#define IKEV2_PAYLOAD_NONE
Definition: ikev2.h:93
ikev2_profile_t * profiles
Definition: ikev2_priv.h:271
u8 v8
Definition: ikev2.h:27
clib_error_t * ikev2_initiate_delete_ike_sa(vlib_main_t *vm, u64 ispi)
Definition: ikev2.c:3119
ikev2_ts_t * ikev2_parse_ts_payload(ike_payload_header_t *ikep)
#define NULL
Definition: clib.h:55
uword mhash_unset(mhash_t *h, void *key, uword *old_value)
Definition: mhash.c:353
v8 * ikev2_calc_prf(ikev2_sa_transform_t *tr, v8 *key, v8 *data)
Definition: ikev2_crypto.c:256
static f64 vlib_time_now(vlib_main_t *vm)
Definition: main.h:221
static void ikev2_complete_sa_data(ikev2_sa_t *sa, ikev2_sa_t *sai)
Definition: ikev2.c:374
static vlib_node_registration_t ikev2_mngr_process_node
(constructor) VLIB_REGISTER_NODE (ikev2_mngr_process_node)
Definition: ikev2.c:3384
#define IKEV2_EXCHANGE_SA_INIT
Definition: ikev2.h:82
static void ikev2_delete_child_sa_internal(vlib_main_t *vm, ikev2_sa_t *sa, ikev2_child_sa_t *csa)
Definition: ikev2.c:3049
ikev2_transform_esn_type_t esn_type
Definition: ikev2_priv.h:77
#define IKEV2_PAYLOAD_VENDOR
Definition: ikev2.h:102
ikev2_state_t state
Definition: ikev2_priv.h:199
#define vec_add1(V, E)
Add 1 element to end of vector (unspecified alignment).
Definition: vec.h:518
ikev2_transform_encr_type_t crypto_alg
Definition: ikev2_priv.h:118
struct _vlib_node_registration vlib_node_registration_t
#define vec_add2(V, P, N)
Add N elements to end of vector V, return pointer to new elements in P.
Definition: vec.h:557
u8 * sk_pi
Definition: ikev2_priv.h:226
static void mhash_init_vec_string(mhash_t *h, uword n_value_bytes)
Definition: mhash.h:84
ikev2_main_t ikev2_main
Definition: ikev2_priv.h:295
ip_lookup_main_t lookup_main
Definition: ip4.h:97
ip4_address_t ip4
Definition: ikev2_priv.h:113
clib_error_t * ikev2_set_profile_sa_lifetime(vlib_main_t *vm, u8 *name, u64 lifetime, u32 jitter, u32 handover, u64 maxdata)
Definition: ikev2.c:2876
u8 * format(u8 *s, const char *fmt,...)
Definition: format.c:419
u16 flags_and_fragment_offset
Definition: ip4_packet.h:145
void ikev2_payload_add_ke(ikev2_payload_chain_t *c, u16 dh_group, u8 *dh_data)
ikev2_next_t
Definition: ikev2.c:78
static void ikev2_generate_sa_init_data(ikev2_sa_t *sa)
Definition: ikev2.c:321
#define IKEV2_NONCE_SIZE
Definition: ikev2.h:23
u8 initial_contact
Definition: ikev2_priv.h:201
ikev2_ts_t * tsi
Definition: ikev2_priv.h:166
#define IKEV2_PAYLOAD_TSR
Definition: ikev2.h:104
ikev2_auth_t r_auth
Definition: ikev2_priv.h:231
#define pool_get(P, E)
Allocate an object E from a pool P (unspecified alignment).
Definition: pool.h:225
static void ikev2_delete_sa(ikev2_sa_t *sa)
Definition: ikev2.c:304
u8 * last_sa_init_res_packet_data
Definition: ikev2_priv.h:245
ikev2_notify_t * ikev2_parse_notify_payload(ike_payload_header_t *ikep)
ikev2_profile_t * profile
Definition: ikev2_priv.h:253
ikev2_sa_transform_t * ikev2_sa_get_td_for_type(ikev2_sa_proposal_t *p, ikev2_transform_type_t type)
Definition: ikev2.c:190
ikev2_auth_t auth
Definition: ikev2_priv.h:183
ikev2_ts_t * tsr
Definition: ikev2_priv.h:167
vlib_node_registration_t ip4_lookup_node
(constructor) VLIB_REGISTER_NODE (ip4_lookup_node)
Definition: ip4_forward.c:479
static void ikev2_mngr_process_ipsec_sa(ipsec_sa_t *ipsec_sa)
Definition: ikev2.c:3347
ikev2_id_t rem_id
Definition: ikev2_priv.h:185
#define vec_add(V, E, N)
Add N elements to end of vector V (no header, unspecified alignment)
Definition: vec.h:595
ikev2_transform_dh_type_t
Definition: ikev2.h:317
int ikev2_encrypt_data(ikev2_sa_t *sa, v8 *src, u8 *dst)
Definition: ikev2_crypto.c:373
ikev2_child_sa_t * ikev2_sa_get_child(ikev2_sa_t *sa, u32 spi, ikev2_protocol_id_t prot_id, int by_initiator)
Definition: ikev2.c:207
format_function_t format_ip4_address
Definition: format.h:79
u32 next_index
Definition: ikev2.c:38
u32 last_msg_id
Definition: ikev2_priv.h:248
#define IKEV2_PAYLOAD_DELETE
Definition: ikev2.h:101
#define pool_foreach(VAR, POOL, BODY)
Iterate through pool.
Definition: pool.h:437
ikev2_sa_proposal_t * r_proposals
Definition: ikev2_priv.h:135
void ikev2_generate_dh(ikev2_sa_t *sa, ikev2_sa_transform_t *t)
Definition: ikev2_crypto.c:401
static uword vlib_process_get_events(vlib_main_t *vm, uword **data_vector)
Return the first event type which has occurred and a vector of per-event data of that type...
Definition: node_funcs.h:542
EVP_PKEY * ikev2_load_cert_file(u8 *file)
Definition: ikev2_crypto.c:612
clib_error_t * ikev2_initiate_sa_init(vlib_main_t *vm, u8 *name)
Definition: ikev2.c:2899
static ikev2_sa_transform_t * ikev2_find_transform_data(ikev2_sa_transform_t *t)
Definition: ikev2.c:86
ip4_address_t dst_address
Definition: ip4_packet.h:164
ipsec_main_t ipsec_main
Definition: ipsec.h:282
#define vec_new(T, N)
Create new vector of given type and length (unspecified alignment, no header).
Definition: vec.h:306
EVP_PKEY * ikev2_load_key_file(u8 *file)
Definition: ikev2_crypto.c:642
clib_error_t * ikev2_set_profile_auth(vlib_main_t *vm, u8 *name, u8 auth_method, u8 *auth_data, u8 data_hex_format)
Definition: ikev2.c:2695
void ikev2_parse_vendor_payload(ike_payload_header_t *ikep)
ip4_address_t start_addr
Definition: ikev2_priv.h:106
ip4_address_t remote_ip
Definition: ipsec.h:150
u8 * format_hex_bytes(u8 *s, va_list *va)
Definition: std-formats.c:84
vlib_frame_t * vlib_get_frame_to_node(vlib_main_t *vm, u32 to_node_index)
Definition: main.c:182
#define clib_error_return(e, args...)
Definition: error.h:99
static u32 ikev2_get_new_ike_header_buff(vlib_main_t *vm, ike_header_t **ike)
Definition: ikev2.c:2638
void ikev2_payload_add_id(ikev2_payload_chain_t *c, ikev2_id_t *id, u8 type)
#define IKEV2_PAYLOAD_NOTIFY
Definition: ikev2.h:100
static void ikev2_sa_match_ts(ikev2_sa_t *sa)
Definition: ikev2.c:1240
unsigned long u64
Definition: types.h:89
ikev2_sa_proposal_t * i_proposals
Definition: ikev2_priv.h:217
clib_error_t * ikev2_set_profile_esp_transforms(vlib_main_t *vm, u8 *name, ikev2_transform_encr_type_t crypto_alg, ikev2_transform_integ_type_t integ_alg, ikev2_transform_dh_type_t dh_type, u32 crypto_key_size)
Definition: ikev2.c:2851
static void ikev2_sa_auth(ikev2_sa_t *sa)
Definition: ikev2.c:1307
#define vec_resize(V, N)
Resize a vector (no header, unspecified alignment) Add N elements to end of given vector V...
Definition: vec.h:237
ikev2_transform_integ_type_t integ_alg
Definition: ikev2_priv.h:119
ikev2_auth_t i_auth
Definition: ikev2_priv.h:230
#define vlib_call_init_function(vm, x)
Definition: init.h:162
#define ikev2_set_state(sa, v)
Definition: ikev2.c:31
#define ikev2_payload_destroy_chain(V)
Definition: ikev2_priv.h:326
ikev2_id_t loc_id
Definition: ikev2_priv.h:184
ikev2_sa_transform_t * transforms
Definition: ikev2_priv.h:96
#define IKEV2_EXCHANGE_CREATE_CHILD_SA
Definition: ikev2.h:84
u8 * sk_ar
Definition: ikev2_priv.h:223
u8 * r_dh_data
Definition: ikev2_priv.h:214
static void ikev2_initial_contact_cleanup(ikev2_sa_t *sa)
Definition: ikev2.c:774
ikev2_responder_t responder
Definition: ikev2_priv.h:188
static ikev2_profile_t * ikev2_profile_index_by_name(u8 *name)
Definition: ikev2.c:2581
#define hash_get(h, key)
Definition: hash.h:248
clib_error_t * ikev2_set_profile_id(vlib_main_t *vm, u8 *name, u8 id_type, u8 *data, int is_local)
Definition: ikev2.c:2727
u8 * ikev2_calc_prfplus(ikev2_sa_transform_t *tr, u8 *key, u8 *seed, int len)
Definition: ikev2_crypto.c:275
static clib_error_t * ikev2_set_initiator_proposals(vlib_main_t *vm, ikev2_sa_t *sa, ikev2_transforms_set *ts, ikev2_sa_proposal_t **proposals, int is_ike)
Definition: ikev2.c:2461
#define pool_elt_at_index(p, i)
Returns pointer to element at given index.
Definition: pool.h:458
vlib_main_t * vlib_main
Definition: vnet.h:78
u8 * last_sa_init_req_packet_data
Definition: ikev2_priv.h:244
u16 current_length
Nbytes between current data and the end of this buffer.
Definition: buffer.h:72
#define IKEV2_PAYLOAD_IDR
Definition: ikev2.h:97
static int ikev2_create_tunnel_interface(vnet_main_t *vnm, ikev2_sa_t *sa, ikev2_child_sa_t *child)
Definition: ikev2.c:1474
#define IKEV2_PAYLOAD_SA
Definition: ikev2.h:94
ikev2_ts_t rem_ts
Definition: ikev2_priv.h:187
u8 * i_dh_data
Definition: ikev2_priv.h:213
uword mhash_set_mem(mhash_t *h, void *key, uword *new_value, uword *old_value)
Definition: mhash.c:271
#define v
Definition: acl.c:323
ikev2_sa_proposal_t * i_proposals
Definition: ikev2_priv.h:134
void vlib_put_frame_to_node(vlib_main_t *vm, u32 to_node_index, vlib_frame_t *f)
Definition: main.c:191
u8 * r_nonce
Definition: ikev2_priv.h:207
#define IKEV2_HDR_FLAG_RESPONSE
Definition: ikev2.h:89
static void * vlib_buffer_get_current(vlib_buffer_t *b)
Get pointer to current data to process.
Definition: buffer.h:193
mhash_t profile_index_by_name
Definition: ikev2_priv.h:277
u16 end_port
Definition: ikev2_priv.h:105
ikev2_sa_transform_t * supported_transforms
Definition: ikev2_priv.h:274
#define pool_put(P, E)
Free an object E in pool P.
Definition: pool.h:270
ikev2_rekey_t * rekey
Definition: ikev2_priv.h:241
#define vec_dup(V)
Return copy of vector (no header, no alignment)
Definition: vec.h:370
clib_error_t * ikev2_initiate_delete_child_sa(vlib_main_t *vm, u32 ispi)
Definition: ikev2.c:3079
static void ikev2_rekey_child_sa_internal(vlib_main_t *vm, ikev2_sa_t *sa, ikev2_child_sa_t *csa)
Definition: ikev2.c:3195
#define PREDICT_FALSE(x)
Definition: clib.h:97
#define vec_del1(v, i)
Delete the element at index I.
Definition: vec.h:801
#define IKEV2_PAYLOAD_FLAG_CRITICAL
Definition: ikev2.h:91
static void ikev2_sa_auth_init(ikev2_sa_t *sa)
Definition: ikev2.c:1430
ikev2_protocol_id_t
Definition: ikev2.h:107
#define vlib_validate_buffer_enqueue_x1(vm, node, next_index, to_next, n_left_to_next, bi0, next0)
Finish enqueueing one buffer forward in the graph.
Definition: buffer_node.h:216
#define vlib_get_next_frame(vm, node, next_index, vectors, n_vectors_left)
Get pointer to next frame vector data by (vlib_node_runtime_t, next_index).
Definition: node_funcs.h:364
ip4_address_t end_addr
Definition: ikev2_priv.h:107
ip4_address_t iaddr
Definition: ikev2_priv.h:202
u8 * i_nonce
Definition: ikev2_priv.h:206
clib_error_t * ikev2_set_local_key(vlib_main_t *vm, u8 *file)
Definition: ikev2.c:2652
static void vlib_node_increment_counter(vlib_main_t *vm, u32 node_index, u32 counter_index, u64 increment)
Definition: node_funcs.h:1158
clib_error_t * ikev2_set_profile_ts(vlib_main_t *vm, u8 *name, u8 protocol_id, u16 start_port, u16 end_port, ip4_address_t start_addr, ip4_address_t end_addr, int is_local)
Definition: ikev2.c:2766
u8 * sk_ei
Definition: ikev2_priv.h:224
#define IKEV2_EXCHANGE_INFORMATIONAL
Definition: ikev2.h:85
void ikev2_payload_add_delete(ikev2_payload_chain_t *c, ikev2_delete_t *d)
#define IKEV2_HDR_FLAG_INITIATOR
Definition: ikev2.h:87
#define IKEV2_KEY_PAD
Definition: ikev2.h:25
static uword ikev2_mngr_process_fn(vlib_main_t *vm, vlib_node_runtime_t *rt, vlib_frame_t *f)
Definition: ikev2.c:3387
clib_error_t * ikev2_initiate_rekey_child_sa(vlib_main_t *vm, u32 ispi)
Definition: ikev2.c:3229
ipsec_crypto_alg_t crypto_alg
Definition: ipsec.h:153
ikev2_transform_dh_type_t dh_type
Definition: ikev2_priv.h:76
svmdb_client_t * c
u16 n_vectors
Definition: node.h:344
static_always_inline uword vlib_get_thread_index(void)
Definition: threads.h:221
vlib_main_t * vm
Definition: buffer.c:283
static u8 * ikev2_decrypt_sk_payload(ikev2_sa_t *sa, ike_header_t *ike, u8 *payload)
Definition: ikev2.c:709
static void ikev2_sa_del_child_sa(ikev2_sa_t *sa, ikev2_child_sa_t *child)
Definition: ikev2.c:260
ikev2_auth_method_t method
Definition: ikev2_priv.h:55
ikev2_transform_encr_type_t
Definition: ikev2.h:226
ikev2_delete_t * del
Definition: ikev2_priv.h:238
ikev2_ts_t * tsi
Definition: ikev2_priv.h:138
#define vec_free(V)
Free vector&#39;s memory (no header).
Definition: vec.h:336
static void ikev2_process_auth_req(vlib_main_t *vm, ikev2_sa_t *sa, ike_header_t *ike)
Definition: ikev2.c:813
static uword ikev2_node_fn(vlib_main_t *vm, vlib_node_runtime_t *node, vlib_frame_t *frame)
Definition: ikev2.c:2045
ip4_address_t raddr
Definition: ikev2_priv.h:203
#define clib_warning(format, args...)
Definition: error.h:59
#define VLIB_BUFFER_IS_TRACED
Definition: buffer.h:93
#define clib_memcpy(a, b, c)
Definition: string.h:69
u8 * sk_er
Definition: ikev2_priv.h:225
static void ikev2_process_sa_init_resp(vlib_main_t *vm, ikev2_sa_t *sa, ike_header_t *ike)
Definition: ikev2.c:629
u8 is_initiator
Definition: ikev2_priv.h:251
#define ARRAY_LEN(x)
Definition: clib.h:59
#define IKEV2_PAYLOAD_KE
Definition: ikev2.h:95
void vlib_put_next_frame(vlib_main_t *vm, vlib_node_runtime_t *r, u32 next_index, u32 n_vectors_left)
Release pointer to next frame vector data.
Definition: main.c:454
ikev2_ts_t loc_ts
Definition: ikev2_priv.h:186
ikev2_sa_proposal_t * r_proposals
Definition: ikev2_priv.h:218
static u8 * ikev2_sa_generate_authmsg(ikev2_sa_t *sa, int is_responder)
Definition: ikev2.c:1185
static void ikev2_calc_child_keys(ikev2_sa_t *sa, ikev2_child_sa_t *child)
Definition: ikev2.c:507
u32 * if_address_pool_index_by_sw_if_index
Head of doubly linked list of interface addresses for each software interface.
Definition: lookup.h:129
#define hash_create(elts, value_bytes)
Definition: hash.h:658
void ikev2_payload_add_auth(ikev2_payload_chain_t *c, ikev2_auth_t *auth)
ikev2_protocol_id_t protocol_id
Definition: ikev2_priv.h:94
u8 protocol_id
Definition: ikev2_priv.h:102
u16 cached_next_index
Next frame index that vector arguments were last enqueued to last time this node ran.
Definition: node.h:456
#define ASSERT(truth)
unsigned int u32
Definition: types.h:88
static uword * mhash_get(mhash_t *h, const void *key)
Definition: mhash.h:110
vnet_main_t * vnet_main
Definition: ikev2_priv.h:284
static void ikev2_process_informational_req(vlib_main_t *vm, ikev2_sa_t *sa, ike_header_t *ike)
Definition: ikev2.c:973
ipsec_integ_alg_t integ_alg
Definition: ipsec.h:158
ip4_address_t local_ip
Definition: ipsec.h:150
void ikev2_sa_free_proposal_vector(ikev2_sa_proposal_t **v)
Definition: ikev2.c:223
ipsec_sa_t * sad
Definition: ipsec.h:247
#define IKEV2_PAYLOAD_AUTH
Definition: ikev2.h:98
IPv4 main type.
Definition: ip4.h:95
#define ikev2_payload_new_chain(V)
Definition: ikev2_priv.h:325
#define IKEV2_PAYLOAD_SK
Definition: ikev2.h:105
ikev2_sa_proposal_t * r_proposal
Definition: ikev2_priv.h:165
u8 * sk_ai
Definition: ikev2_priv.h:222
#define IKE_VERSION_2
Definition: ikev2.h:80
void ikev2_complete_dh(ikev2_sa_t *sa, ikev2_sa_transform_t *t)
Definition: ikev2_crypto.c:509
#define vec_append(v1, v2)
Append v2 after v1.
Definition: vec.h:815
static void vlib_buffer_advance(vlib_buffer_t *b, word l)
Advance current data pointer by the supplied (signed!) amount.
Definition: buffer.h:206
#define VLIB_NODE_FLAG_TRACE
Definition: node.h:259
static vlib_node_registration_t ikev2_node
(constructor) VLIB_REGISTER_NODE (ikev2_node)
Definition: ikev2.c:54
u16 dh_group
Definition: ikev2_priv.h:210
ikev2_sa_proposal_t * i_proposal
Definition: ikev2_priv.h:164
#define IKEV2_PAYLOAD_TSI
Definition: ikev2.h:103
EVP_PKEY * key
Definition: ikev2_priv.h:58
static int ikev2_retransmit_resp(ikev2_sa_t *sa, ike_header_t *ike)
Definition: ikev2.c:2002
u64 uword
Definition: types.h:112
static void * vlib_add_trace(vlib_main_t *vm, vlib_node_runtime_t *r, vlib_buffer_t *b, u32 n_data_bytes)
Definition: trace_funcs.h:55
ikev2_transform_encr_type_t encr_type
Definition: ikev2_priv.h:73
u8 * last_res_packet_data
Definition: ikev2_priv.h:249
ikev2_transform_integ_type_t integ_type
Definition: ikev2_priv.h:75
static char * ikev2_error_strings[]
Definition: ikev2.c:72
unsigned short u16
Definition: types.h:57
static void ikev2_process_sa_init_req(vlib_main_t *vm, ikev2_sa_t *sa, ike_header_t *ike)
Definition: ikev2.c:554
#define vec_len(v)
Number of elements in vector (rvalue-only, NULL tolerant)
double f64
Definition: types.h:142
u16 start_port
Definition: ikev2_priv.h:104
unsigned char u8
Definition: types.h:56
void ikev2_payload_chain_add_padding(ikev2_payload_chain_t *c, int bs)
u8 * sk_pr
Definition: ikev2_priv.h:227
#define IKEV2_PAYLOAD_IDI
Definition: ikev2.h:96
clib_error_t * ikev2_set_profile_ike_transforms(vlib_main_t *vm, u8 *name, ikev2_transform_encr_type_t crypto_alg, ikev2_transform_integ_type_t integ_alg, ikev2_transform_dh_type_t dh_type, u32 crypto_key_size)
Definition: ikev2.c:2826
ikev2_id_t i_id
Definition: ikev2_priv.h:234
static void * vlib_frame_vector_args(vlib_frame_t *f)
Get pointer to frame vector data.
Definition: node_funcs.h:267
static void ikev2_process_create_child_sa_req(vlib_main_t *vm, ikev2_sa_t *sa, ike_header_t *ike)
Definition: ikev2.c:1044
ikev2_ts_t * tsr
Definition: ikev2_priv.h:139
ikev2_child_sa_t * childs
Definition: ikev2_priv.h:255
ikev2_transform_prf_type_t prf_type
Definition: ikev2_priv.h:74
Linear Congruential Random Number Generator.
#define IKEV2_EXCHANGE_IKE_AUTH
Definition: ikev2.h:83
static int ikev2_ts_cmp(ikev2_ts_t *ts1, ikev2_ts_t *ts2)
Definition: ikev2.c:1228
#define vnet_buffer(b)
Definition: buffer.h:306
clib_error_t * ikev2_init(vlib_main_t *vm)
Definition: ikev2.c:3269
static u32 random_u32(u32 *seed)
32-bit random number generator
Definition: random.h:69
ikev2_error_t
Definition: ikev2.c:64
#define VLIB_REGISTER_NODE(x,...)
Definition: node.h:143
ip4_main_t ip4_main
Global ip4 main structure.
Definition: ip4_forward.c:1175
clib_error_t * ikev2_cli_init(vlib_main_t *vm)
Definition: ikev2_cli.c:589
static vlib_thread_main_t * vlib_get_thread_main()
Definition: global_funcs.h:32
static u8 ikev2_mngr_process_child_sa(ikev2_sa_t *sa, ikev2_child_sa_t *csa)
Definition: ikev2.c:3304
uword * sa_by_ispi
Definition: ikev2_priv.h:289
#define vec_foreach(var, vec)
Vector iterator.
u8 unsupported_cp
Definition: ikev2_priv.h:200
static void ikev2_sa_free_all_child_sa(ikev2_child_sa_t **childs)
Definition: ikev2.c:243
u16 flags
Copy of main node flags.
Definition: node.h:450
int ipsec_add_del_tunnel_if(ipsec_add_del_tunnel_args_t *args)
Definition: ipsec_if.c:105
static ikev2_sa_proposal_t * ikev2_select_proposal(ikev2_sa_proposal_t *proposals, ikev2_protocol_id_t prot_id)
Definition: ikev2.c:114
void udp_register_dst_port(vlib_main_t *vm, udp_dst_port_t dst_port, u32 node_index, u8 is_ip4)
Definition: udp_local.c:488
u8 ip_version_and_header_length
Definition: ip4_packet.h:132
static void * ip_interface_address_get_address(ip_lookup_main_t *lm, ip_interface_address_t *a)
Definition: lookup.h:172
ikev2_transform_type_t
Definition: ikev2.h:203
ikev2_transforms_set esp_ts
Definition: ikev2_priv.h:190
void ikev2_crypto_init(ikev2_main_t *km)
Definition: ikev2_crypto.c:664
u32 flags
buffer flags: VLIB_BUFFER_FREE_LIST_INDEX_MASK: bits used to store free list index, VLIB_BUFFER_IS_TRACED: trace this buffer.
Definition: buffer.h:75
void ikev2_payload_add_ts(ikev2_payload_chain_t *c, ikev2_ts_t *ts, u8 type)
static u32 vlib_buffer_alloc(vlib_main_t *vm, u32 *buffers, u32 n_buffers)
Allocate buffers into supplied array.
Definition: buffer_funcs.h:254
vlib_main_t * vlib_main
Definition: ikev2_priv.h:283
v8 * ikev2_decrypt_data(ikev2_sa_t *sa, u8 *data, int len)
Definition: ikev2_crypto.c:340
static void ikev2_sa_free_all_vec(ikev2_sa_t *sa)
Definition: ikev2.c:273
static vlib_buffer_t * vlib_get_buffer(vlib_main_t *vm, u32 buffer_index)
Translate buffer index into buffer pointer.
Definition: buffer_funcs.h:57
static u16 ip4_header_checksum(ip4_header_t *i)
Definition: ip4_packet.h:239
u8 * ikev2_calc_sign(EVP_PKEY *pkey, u8 *data)
Definition: ikev2_crypto.c:594
v8 * ikev2_calc_integr(ikev2_sa_transform_t *tr, v8 *key, u8 *data, int len)
Definition: ikev2_crypto.c:317
u8 * format_ikev2_id_type(u8 *s, va_list *args)
Definition: defs.h:46
#define foreach_ikev2_error
Definition: ikev2.c:56
u32 sw_if_index
Definition: ikev2.c:39
void ikev2_payload_add_notify_2(ikev2_payload_chain_t *c, u16 msg_type, u8 *data, ikev2_notify_t *notify)
ikev2_delete_t * ikev2_parse_delete_payload(ike_payload_header_t *ikep)