FD.io VPP
v21.01.1
Vector Packet Processing
|
Go to the source code of this file.
Data Structures | |
struct | cookie_macs |
struct | cookie_maker |
struct | cookie_checker |
Macros | |
#define | COOKIE_MAC_SIZE 16 |
#define | COOKIE_KEY_SIZE 32 |
#define | COOKIE_NONCE_SIZE 24 |
#define | COOKIE_COOKIE_SIZE 16 |
#define | COOKIE_SECRET_SIZE 32 |
#define | COOKIE_INPUT_SIZE 32 |
#define | COOKIE_ENCRYPTED_SIZE (COOKIE_COOKIE_SIZE + COOKIE_MAC_SIZE) |
#define | COOKIE_MAC1_KEY_LABEL "mac1----" |
#define | COOKIE_COOKIE_KEY_LABEL "cookie--" |
#define | COOKIE_SECRET_MAX_AGE 120 |
#define | COOKIE_SECRET_LATENCY 5 |
#define | RATELIMIT_SIZE (1 << 13) |
#define | RATELIMIT_SIZE_MAX (RATELIMIT_SIZE * 8) |
#define | NSEC_PER_SEC 1000000000LL |
#define | INITIATIONS_PER_SECOND 20 |
#define | INITIATIONS_BURSTABLE 5 |
#define | INITIATION_COST (NSEC_PER_SEC / INITIATIONS_PER_SECOND) |
#define | TOKEN_MAX (INITIATION_COST * INITIATIONS_BURSTABLE) |
#define | ELEMENT_TIMEOUT 1 |
#define | IPV4_MASK_SIZE 4 /* Use all 4 bytes of IPv4 address */ |
#define | IPV6_MASK_SIZE 8 /* Use top 8 bytes (/64) of IPv6 address */ |
Typedefs | |
typedef struct cookie_macs | message_macs_t |
typedef struct cookie_maker | cookie_maker_t |
typedef struct cookie_checker | cookie_checker_t |
Enumerations | |
enum | cookie_mac_state { INVALID_MAC, VALID_MAC_BUT_NO_COOKIE, VALID_MAC_WITH_COOKIE } |
Functions | |
void | cookie_maker_init (cookie_maker_t *, const uint8_t[COOKIE_INPUT_SIZE]) |
void | cookie_checker_update (cookie_checker_t *, uint8_t[COOKIE_INPUT_SIZE]) |
void | cookie_maker_mac (cookie_maker_t *, message_macs_t *, void *, size_t) |
enum cookie_mac_state | cookie_checker_validate_macs (vlib_main_t *vm, cookie_checker_t *, message_macs_t *, void *, size_t, bool, ip4_address_t ip4, u16 udp_port) |
#define COOKIE_COOKIE_KEY_LABEL "cookie--" |
Definition at line 40 of file wireguard_cookie.h.
#define COOKIE_COOKIE_SIZE 16 |
Definition at line 34 of file wireguard_cookie.h.
#define COOKIE_ENCRYPTED_SIZE (COOKIE_COOKIE_SIZE + COOKIE_MAC_SIZE) |
Definition at line 37 of file wireguard_cookie.h.
#define COOKIE_INPUT_SIZE 32 |
Definition at line 36 of file wireguard_cookie.h.
#define COOKIE_KEY_SIZE 32 |
Definition at line 32 of file wireguard_cookie.h.
#define COOKIE_MAC1_KEY_LABEL "mac1----" |
Definition at line 39 of file wireguard_cookie.h.
#define COOKIE_MAC_SIZE 16 |
Definition at line 31 of file wireguard_cookie.h.
#define COOKIE_NONCE_SIZE 24 |
Definition at line 33 of file wireguard_cookie.h.
#define COOKIE_SECRET_LATENCY 5 |
Definition at line 42 of file wireguard_cookie.h.
#define COOKIE_SECRET_MAX_AGE 120 |
Definition at line 41 of file wireguard_cookie.h.
#define COOKIE_SECRET_SIZE 32 |
Definition at line 35 of file wireguard_cookie.h.
#define ELEMENT_TIMEOUT 1 |
Definition at line 52 of file wireguard_cookie.h.
#define INITIATION_COST (NSEC_PER_SEC / INITIATIONS_PER_SECOND) |
Definition at line 50 of file wireguard_cookie.h.
#define INITIATIONS_BURSTABLE 5 |
Definition at line 49 of file wireguard_cookie.h.
#define INITIATIONS_PER_SECOND 20 |
Definition at line 48 of file wireguard_cookie.h.
#define IPV4_MASK_SIZE 4 /* Use all 4 bytes of IPv4 address */ |
Definition at line 53 of file wireguard_cookie.h.
#define IPV6_MASK_SIZE 8 /* Use top 8 bytes (/64) of IPv6 address */ |
Definition at line 54 of file wireguard_cookie.h.
#define NSEC_PER_SEC 1000000000LL |
Definition at line 47 of file wireguard_cookie.h.
#define RATELIMIT_SIZE (1 << 13) |
Definition at line 45 of file wireguard_cookie.h.
#define RATELIMIT_SIZE_MAX (RATELIMIT_SIZE * 8) |
Definition at line 46 of file wireguard_cookie.h.
#define TOKEN_MAX (INITIATION_COST * INITIATIONS_BURSTABLE) |
Definition at line 51 of file wireguard_cookie.h.
typedef struct cookie_checker cookie_checker_t |
typedef struct cookie_maker cookie_maker_t |
typedef struct cookie_macs message_macs_t |
enum cookie_mac_state |
Enumerator | |
---|---|
INVALID_MAC | |
VALID_MAC_BUT_NO_COOKIE | |
VALID_MAC_WITH_COOKIE |
Definition at line 24 of file wireguard_cookie.h.
void cookie_checker_update | ( | cookie_checker_t * | , |
uint8_t | [COOKIE_INPUT_SIZE] | ||
) |
Definition at line 46 of file wireguard_cookie.c.
enum cookie_mac_state cookie_checker_validate_macs | ( | vlib_main_t * | vm, |
cookie_checker_t * | , | ||
message_macs_t * | , | ||
void * | , | ||
size_t | , | ||
bool | , | ||
ip4_address_t | ip4, | ||
u16 | udp_port | ||
) |
Definition at line 79 of file wireguard_cookie.c.
void cookie_maker_init | ( | cookie_maker_t * | , |
const uint8_t | [COOKIE_INPUT_SIZE] | ||
) |
Definition at line 38 of file wireguard_cookie.c.
void cookie_maker_mac | ( | cookie_maker_t * | , |
message_macs_t * | , | ||
void * | , | ||
size_t | |||
) |
Definition at line 61 of file wireguard_cookie.c.