Conditionally reset AE context in keymat destroy

The responsibility to reset an authenticated endpoint context is passed
from a parent IKE SA keymat to the new keymat by including it in the ISA
info data contained in the skd chunk. The last IKE SA to be destroyed
will also reset the associated AE context.

diff --git a/src/charon-tkm/src/tkm/tkm_keymat.c b/src/charon-tkm/src/tkm/tkm_keymat.c
index 9f3faf536e0c1aac0dfb79095fb60cef173e632b..c310d22003aa3696d19dbb5b429471c9f79978ce 100644 (file)
--- a/src/charon-tkm/src/tkm/tkm_keymat.c
+++ b/src/charon-tkm/src/tkm/tkm_keymat.c
@@ -234,6 +234,12 @@ METHOD(keymat_v2_t, derive_ike_keys, bool,
        key_type sk_ai, sk_ar, sk_ei, sk_er;
        if (rekey_function == PRF_UNDEFINED)
        {
+               this->ae_ctx_id = tkm->idmgr->acquire_id(tkm->idmgr, TKM_CTX_AE);
+               if (!this->ae_ctx_id)
+               {
+                       DBG1(DBG_IKE, "unable to acquire ae context id");
+                       return FALSE;
+               }
                DBG1(DBG_IKE, "deriving IKE keys (nc: %llu, dh: %llu, spi_loc: %llx, "
                         "spi_rem: %llx)", nc_id, dh_id, spi_loc, spi_rem);
                res = ike_isa_create(this->isa_ctx_id, this->ae_ctx_id, 1, dh_id, nc_id,
@@ -242,18 +248,20 @@ METHOD(keymat_v2_t, derive_ike_keys, bool,
        }
        else
        {
-               if (rekey_skd.ptr == NULL || rekey_skd.len != sizeof(isa_id_type))
+               if (rekey_skd.ptr == NULL || rekey_skd.len != sizeof(isa_info_t))
                {
-                       DBG1(DBG_IKE, "unable to retrieve parent isa context id");
+                       DBG1(DBG_IKE, "unable to retrieve parent isa info");
                        return FALSE;
                }
-               const isa_id_type parent_isa_id = *((isa_id_type *)(rekey_skd.ptr));
-               DBG1(DBG_IKE, "deriving IKE keys (parent_isa: %llu, nc: %llu, dh: %llu,"
-                        "spi_loc: %llx, spi_rem: %llx)", parent_isa_id, nc_id, dh_id,
-                        spi_loc, spi_rem);
-               res = ike_isa_create_child(this->isa_ctx_id, parent_isa_id, 1, dh_id,
-                                                                  nc_id, nonce_rem, this->initiator, spi_loc,
-                                                                  spi_rem, &sk_ai, &sk_ar, &sk_ei, &sk_er);
+               const isa_info_t isa_info = *((isa_info_t *)(rekey_skd.ptr));
+               DBG1(DBG_IKE, "deriving IKE keys (parent_isa: %llu, ae: %llu, nc: %llu,"
+                        "dh: %llu, spi_loc: %llx, spi_rem: %llx)", isa_info.parent_isa_id,
+                        isa_info.ae_id, nc_id, dh_id, spi_loc, spi_rem);
+               this->ae_ctx_id = isa_info.ae_id;
+               res = ike_isa_create_child(this->isa_ctx_id, isa_info.parent_isa_id, 1,
+                                                                  dh_id, nc_id, nonce_rem, this->initiator,
+                                                                  spi_loc, spi_rem, &sk_ai, &sk_ar, &sk_ei,
+                                                                  &sk_er);
                chunk_free(&rekey_skd);
        }
 
@@ -357,7 +365,20 @@ METHOD(keymat_v2_t, get_auth_octets, bool,
 METHOD(keymat_v2_t, get_skd, pseudo_random_function_t,
        private_tkm_keymat_t *this, chunk_t *skd)
 {
-       *skd = chunk_clone(chunk_from_thing(this->isa_ctx_id));
+       isa_info_t *isa_info;
+
+       INIT(isa_info,
+                .parent_isa_id = this->isa_ctx_id,
+                .ae_id = this->ae_ctx_id,
+       );
+
+       *skd = chunk_create((u_char *)isa_info, sizeof(isa_info_t));
+
+       /*
+        * remove ae context id, since control has now been handed over to the new
+        * IKE SA keymat
+        */
+       this->ae_ctx_id = 0;
        return PRF_HMAC_SHA2_512;
 }
 
@@ -398,6 +419,15 @@ METHOD(keymat_t, destroy, void,
                DBG1(DBG_IKE, "failed to reset ISA context %d", this->isa_ctx_id);
        }
        tkm->idmgr->release_id(tkm->idmgr, TKM_CTX_ISA, this->isa_ctx_id);
+       /* only reset ae context if set */
+       if (this->ae_ctx_id != 0)
+       {
+               if (ike_ae_reset(this->ae_ctx_id) != TKM_OK)
+               {
+                       DBG1(DBG_IKE, "failed to reset AE context %d", this->ae_ctx_id);
+               }
+               tkm->idmgr->release_id(tkm->idmgr, TKM_CTX_AE, this->ae_ctx_id);
+       }
 
        DESTROY_IF(this->aead_in);
        DESTROY_IF(this->aead_out);
@@ -452,11 +482,11 @@ tkm_keymat_t *tkm_keymat_create(bool initiator)
                },
                .initiator = initiator,
                .isa_ctx_id = tkm->idmgr->acquire_id(tkm->idmgr, TKM_CTX_ISA),
-               .ae_ctx_id = tkm->idmgr->acquire_id(tkm->idmgr, TKM_CTX_AE),
+               .ae_ctx_id = 0,
                .auth_payload = chunk_empty,
        );
 
-       if (!this->isa_ctx_id || !this->ae_ctx_id)
+       if (!this->isa_ctx_id)
        {
                free(this);
                return NULL;

diff --git a/src/charon-tkm/src/tkm/tkm_types.h b/src/charon-tkm/src/tkm/tkm_types.h
index 65f45cf68e7b487abf91d3000cd7579d944be30b..28c4d9948b21d63b79aa7f2d8363c384d05cbe2e 100644 (file)
--- a/src/charon-tkm/src/tkm/tkm_types.h
+++ b/src/charon-tkm/src/tkm/tkm_types.h
@@ -70,4 +70,28 @@ struct esa_info_t {
 
 };
 
+typedef struct isa_info_t isa_info_t;
+
+/**
+ * IKE SA info data structure.
+ * This type is used to transfer ISA information from the keymat of the parent
+ * SA to the keymat of the new IKE SA. For this purpose the skd data chunk is
+ * (ab)used. This is possible since the sk_d chunk is treated as an opaque value
+ * and handed to the derive_ike_keys procedure of the new keymat as-is without
+ * any processing.
+ */
+struct isa_info_t {
+
+       /**
+        * Parent isa context id.
+        */
+       isa_id_type parent_isa_id;
+
+       /**
+        * Authenticated endpoint context id.
+        */
+       ae_id_type ae_id;
+
+};
+
 #endif /** TKM_TYPES_H_ */