linux/net/ipsec/alg/ipsec_alg_sha2.c

   1 /*
   2  * ipsec_alg SHA2 hash stubs
   3  *
   4  * Author: JuanJo Ciarlante <jjo-ipsec@mendoza.gov.ar>
   5  *
   6  * $Id: ipsec_alg_sha2.c,v 1.2 2004/03/22 21:53:19 as Exp $
   7  *
   8  * This program is free software; you can redistribute it and/or modify it
   9  * under the terms of the GNU General Public License as published by the
  10  * Free Software Foundation; either version 2 of the License, or (at your
  11  * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
  12  *
  13  * This program is distributed in the hope that it will be useful, but
  14  * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
  15  * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  16  * for more details.
  17  *
  18  */
  19 #include <linux/config.h>
  20 #include <linux/version.h>
  21
  22 /*
  23  *      special case: ipsec core modular with this static algo inside:
  24  *      must avoid MODULE magic for this file
  25  */
  26 #if CONFIG_IPSEC_MODULE && CONFIG_IPSEC_ALG_SHA2
  27 #undef MODULE
  28 #endif
  29
  30 #include <linux/module.h>
  31 #include <linux/init.h>
  32
  33 #include <linux/kernel.h> /* printk() */
  34 #include <linux/errno.h>  /* error codes */
  35 #include <linux/types.h>  /* size_t */
  36 #include <linux/string.h>
  37
  38 /* Check if __exit is defined, if not null it */
  39 #ifndef __exit
  40 #define __exit
  41 #endif
  42
  43 /*      Low freeswan header coupling    */
  44 #include "freeswan/ipsec_alg.h"
  45 #include "libsha2/sha2.h"
  46 #include "libsha2/hmac_sha2.h"
  47
  48 MODULE_AUTHOR("JuanJo Ciarlante <jjo-ipsec@mendoza.gov.ar>");
  49 static int debug=0;
  50 MODULE_PARM(debug, "i");
  51 static int test=0;
  52 MODULE_PARM(test, "i");
  53 static int excl=0;
  54 MODULE_PARM(excl, "i");
  55
  56 /* almost constants ...: draft-ietf-ipsec-ciph-aes-cbc-03.txt */
  57 #define AH_SHA2_256               5
  58 #define AH_SHA2_384               6
  59 #define AH_SHA2_512               7
  60
  61 static int _sha256_hmac_set_key(struct ipsec_alg_auth *alg, __u8 * key_a, const __u8 * key, int keylen) {
  62         sha256_hmac_context *hctx=(sha256_hmac_context*)(key_a);
  63         sha256_hmac_set_key(hctx, key, keylen);
  64         if (debug > 0)
  65                 printk(KERN_DEBUG "klips_debug: _sha256_hmac_set_key(): "
  66                                 "key_a=%p key=%p keysize=%d\n",
  67                                 key_a, key, keylen);
  68         return 0;
  69 }
  70 static int _sha256_hmac_hash(struct ipsec_alg_auth *alg, __u8 * key_a, const __u8 * dat, int len, __u8 * hash, int hashlen) {
  71         sha256_hmac_context *hctx=(sha256_hmac_context*)(key_a);
  72         if (debug > 0)
  73                 printk(KERN_DEBUG "klips_debug: _sha256_hmac_hash(): "
  74                                 "key_a=%p dat=%p len=%d hash=%p hashlen=%d\n",
  75                                 key_a, dat, len, hash, hashlen);
  76         sha256_hmac_hash(hctx, dat, len, hash, hashlen);
  77         return 0;
  78 }
  79 static int _sha512_hmac_set_key(struct ipsec_alg_auth *alg, __u8 * key_a, const __u8 * key, int keylen) {
  80         sha512_hmac_context *hctx=(sha512_hmac_context*)(key_a);
  81         sha512_hmac_set_key(hctx, key, keylen);
  82         if (debug > 0)
  83                 printk(KERN_DEBUG "klips_debug: _sha512_hmac_set_key(): "
  84                                 "key_a=%p key=%p keysize=%d\n",
  85                                 key_a, key, keylen);
  86         return 0;
  87 }
  88 static int _sha512_hmac_hash(struct ipsec_alg_auth *alg, __u8 * key_a, const __u8 * dat, int len, __u8 * hash, int hashlen) {
  89         sha512_hmac_context *hctx=(sha512_hmac_context*)(key_a);
  90         if (debug > 0)
  91                 printk(KERN_DEBUG "klips_debug: _sha512_hmac_hash(): "
  92                                 "key_a=%p dat=%p len=%d hash=%p hashlen=%d\n",
  93                                 key_a, dat, len, hash, hashlen);
  94         sha512_hmac_hash(hctx, dat, len, hash, hashlen);
  95         return 0;
  96 }
  97 static struct ipsec_alg_auth ipsec_alg_SHA2_256 = {
  98         ixt_version:    IPSEC_ALG_VERSION,
  99         ixt_module:     THIS_MODULE,
 100         ixt_refcnt:     ATOMIC_INIT(0),
 101         ixt_alg_type:   IPSEC_ALG_TYPE_AUTH,
 102         ixt_alg_id:     AH_SHA2_256,
 103         ixt_name:       "sha2_256",
 104         ixt_blocksize:  SHA256_BLOCKSIZE,
 105         ixt_keyminbits: 256,
 106         ixt_keymaxbits: 256,
 107         ixt_a_keylen:   256/8,
 108         ixt_a_ctx_size: sizeof(sha256_hmac_context),
 109         ixt_a_hmac_set_key:     _sha256_hmac_set_key,
 110         ixt_a_hmac_hash:        _sha256_hmac_hash,
 111 };
 112 static struct ipsec_alg_auth ipsec_alg_SHA2_512 = {
 113         ixt_version:    IPSEC_ALG_VERSION,
 114         ixt_module:     THIS_MODULE,
 115         ixt_refcnt:     ATOMIC_INIT(0),
 116         ixt_alg_type:   IPSEC_ALG_TYPE_AUTH,
 117         ixt_alg_id:     AH_SHA2_512,
 118         ixt_name:       "sha2_512",
 119         ixt_blocksize:  SHA512_BLOCKSIZE,
 120         ixt_keyminbits: 512,
 121         ixt_keymaxbits: 512,
 122         ixt_a_keylen:   512/8,
 123         ixt_a_ctx_size: sizeof(sha512_hmac_context),
 124         ixt_a_hmac_set_key:     _sha512_hmac_set_key,
 125         ixt_a_hmac_hash:        _sha512_hmac_hash,
 126 };
 127
 128 IPSEC_ALG_MODULE_INIT( ipsec_sha2_init )
 129 {
 130         int ret, test_ret;
 131         if (excl) ipsec_alg_SHA2_256.ixt_state |= IPSEC_ALG_ST_EXCL;
 132         ret=register_ipsec_alg_auth(&ipsec_alg_SHA2_256);
 133         printk("ipsec_sha2_init(alg_type=%d alg_id=%d name=%s): ret=%d\n",
 134                         ipsec_alg_SHA2_256.ixt_alg_type,
 135                         ipsec_alg_SHA2_256.ixt_alg_id,
 136                         ipsec_alg_SHA2_256.ixt_name,
 137                         ret);
 138         if (ret != 0)
 139                 goto out;
 140         if (ret==0 && test) {
 141                 test_ret=ipsec_alg_test(
 142                                 ipsec_alg_SHA2_256.ixt_alg_type,
 143                                 ipsec_alg_SHA2_256.ixt_alg_id,
 144                                 test);
 145                 printk("ipsec_sha2_init(alg_type=%d alg_id=%d): test_ret=%d\n",
 146                                 ipsec_alg_SHA2_256.ixt_alg_type,
 147                                 ipsec_alg_SHA2_256.ixt_alg_id,
 148                                 test_ret);
 149         }
 150         if (excl) ipsec_alg_SHA2_512.ixt_state |= IPSEC_ALG_ST_EXCL;
 151         ret=register_ipsec_alg_auth(&ipsec_alg_SHA2_512);
 152         printk("ipsec_sha2_init(alg_type=%d alg_id=%d name=%s): ret=%d\n",
 153                         ipsec_alg_SHA2_512.ixt_alg_type,
 154                         ipsec_alg_SHA2_512.ixt_alg_id,
 155                         ipsec_alg_SHA2_512.ixt_name,
 156                         ret);
 157         if (ret != 0)
 158                 goto out_256;
 159         if (ret==0 && test) {
 160                 test_ret=ipsec_alg_test(
 161                                 ipsec_alg_SHA2_512.ixt_alg_type,
 162                                 ipsec_alg_SHA2_512.ixt_alg_id,
 163                                 test);
 164                 printk("ipsec_sha2_init(alg_type=%d alg_id=%d): test_ret=%d\n",
 165                                 ipsec_alg_SHA2_512.ixt_alg_type,
 166                                 ipsec_alg_SHA2_512.ixt_alg_id,
 167                                 test_ret);
 168         }
 169         goto out;
 170 out_256:
 171         unregister_ipsec_alg_auth(&ipsec_alg_SHA2_256);
 172 out:
 173         return ret;
 174 }
 175 IPSEC_ALG_MODULE_EXIT( ipsec_sha2_fini )
 176 {
 177         unregister_ipsec_alg_auth(&ipsec_alg_SHA2_512);
 178         unregister_ipsec_alg_auth(&ipsec_alg_SHA2_256);
 179         return;
 180 }
 181 #ifdef MODULE_LICENSE
 182 MODULE_LICENSE("GPL");
 183 #endif
 184
 185 EXPORT_NO_SYMBOLS;