2 * Copyright (c) 2015 Cisco and/or its affiliates.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at:
7 * http://www.apache.org/licenses/LICENSE-2.0
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
16 #include <vlib/vlib.h>
17 #include <vlib/unix/plugin.h>
18 #include <vlibmemory/api.h>
19 #include <vpp/app/version.h>
20 #include <vnet/vnet.h>
21 #include <vnet/pg/pg.h>
22 #include <vppinfra/error.h>
23 #include <vppinfra/random.h>
24 #include <vnet/udp/udp.h>
25 #include <vnet/ipsec/ipsec.h>
26 #include <vnet/ipsec/ipsec_tun.h>
27 #include <vnet/ipip/ipip.h>
28 #include <plugins/ikev2/ikev2.h>
29 #include <plugins/ikev2/ikev2_priv.h>
30 #include <openssl/sha.h>
31 #include <vnet/ipsec/ipsec_punt.h>
33 #define IKEV2_LIVENESS_RETRIES 3
34 #define IKEV2_LIVENESS_PERIOD_CHECK 30
36 ikev2_main_t ikev2_main;
38 static int ikev2_delete_tunnel_interface (vnet_main_t * vnm,
40 ikev2_child_sa_t * child);
42 #define ikev2_set_state(sa, v) do { \
44 ikev2_elog_sa_state("ispi %lx SA state changed to " #v, sa->ispi); \
54 format_ikev2_trace (u8 * s, va_list * args)
56 CLIB_UNUSED (vlib_main_t * vm) = va_arg (*args, vlib_main_t *);
57 CLIB_UNUSED (vlib_node_t * node) = va_arg (*args, vlib_node_t *);
58 ikev2_trace_t *t = va_arg (*args, ikev2_trace_t *);
60 s = format (s, "ikev2: sw_if_index %d, next index %d",
61 t->sw_if_index, t->next_index);
65 static vlib_node_registration_t ikev2_node;
67 #define foreach_ikev2_error \
68 _(PROCESSED, "IKEv2 packets processed") \
69 _(IKE_SA_INIT_RETRANSMIT, "IKE_SA_INIT retransmit ") \
70 _(IKE_SA_INIT_IGNORE, "IKE_SA_INIT ignore (IKE SA already auth)") \
71 _(IKE_REQ_RETRANSMIT, "IKE request retransmit") \
72 _(IKE_REQ_IGNORE, "IKE request ignore (old msgid)") \
73 _(NOT_IKEV2, "Non IKEv2 packets received") \
74 _(BAD_LENGTH, "Bad packet length") \
75 _(MALFORMED_PACKET, "Malformed packet") \
76 _(NO_BUFF_SPACE, "No buffer space")
80 #define _(sym,str) IKEV2_ERROR_##sym,
86 static char *ikev2_error_strings[] = {
87 #define _(sym,string) string,
94 IKEV2_NEXT_IP4_LOOKUP,
95 IKEV2_NEXT_ERROR_DROP,
99 typedef u32 ikev2_non_esp_marker;
101 static_always_inline u16
102 ikev2_get_port (ikev2_sa_t * sa)
104 return sa->natt ? IKEV2_PORT_NATT : IKEV2_PORT;
107 static_always_inline int
108 ikev2_insert_non_esp_marker (ike_header_t * ike, int len)
110 memmove ((u8 *) ike + sizeof (ikev2_non_esp_marker), ike, len);
111 clib_memset (ike, 0, sizeof (ikev2_non_esp_marker));
112 return len + sizeof (ikev2_non_esp_marker);
115 static ikev2_sa_transform_t *
116 ikev2_find_transform_data (ikev2_sa_transform_t * t)
118 ikev2_main_t *km = &ikev2_main;
119 ikev2_sa_transform_t *td;
121 vec_foreach (td, km->supported_transforms)
123 if (td->type != t->type)
126 if (td->transform_id != t->transform_id)
129 if (td->type == IKEV2_TRANSFORM_TYPE_ENCR)
131 if (vec_len (t->attrs) != 4 || t->attrs[0] != 0x80
132 || t->attrs[1] != 14)
135 if (((t->attrs[2] << 8 | t->attrs[3]) / 8) != td->key_len)
143 static ikev2_sa_proposal_t *
144 ikev2_select_proposal (ikev2_sa_proposal_t * proposals,
145 ikev2_protocol_id_t prot_id)
147 ikev2_sa_proposal_t *rv = 0;
148 ikev2_sa_proposal_t *proposal;
149 ikev2_sa_transform_t *transform, *new_t;
150 u8 mandatory_bitmap, optional_bitmap;
152 if (prot_id == IKEV2_PROTOCOL_IKE)
154 mandatory_bitmap = (1 << IKEV2_TRANSFORM_TYPE_ENCR) |
155 (1 << IKEV2_TRANSFORM_TYPE_PRF) | (1 << IKEV2_TRANSFORM_TYPE_DH);
156 optional_bitmap = mandatory_bitmap | (1 << IKEV2_TRANSFORM_TYPE_INTEG);
158 else if (prot_id == IKEV2_PROTOCOL_ESP)
160 mandatory_bitmap = (1 << IKEV2_TRANSFORM_TYPE_ENCR) |
161 (1 << IKEV2_TRANSFORM_TYPE_ESN);
162 optional_bitmap = mandatory_bitmap |
163 (1 << IKEV2_TRANSFORM_TYPE_INTEG) | (1 << IKEV2_TRANSFORM_TYPE_DH);
165 else if (prot_id == IKEV2_PROTOCOL_AH)
167 mandatory_bitmap = (1 << IKEV2_TRANSFORM_TYPE_INTEG) |
168 (1 << IKEV2_TRANSFORM_TYPE_ESN);
169 optional_bitmap = mandatory_bitmap | (1 << IKEV2_TRANSFORM_TYPE_DH);
174 vec_add2 (rv, proposal, 1);
176 vec_foreach (proposal, proposals)
179 if (proposal->protocol_id != prot_id)
182 vec_foreach (transform, proposal->transforms)
184 if ((1 << transform->type) & bitmap)
187 if (ikev2_find_transform_data (transform))
189 bitmap |= 1 << transform->type;
190 vec_add2 (rv->transforms, new_t, 1);
191 clib_memcpy_fast (new_t, transform, sizeof (*new_t));
192 new_t->attrs = vec_dup (transform->attrs);
196 if ((bitmap & mandatory_bitmap) == mandatory_bitmap &&
197 (bitmap & ~optional_bitmap) == 0)
199 rv->proposal_num = proposal->proposal_num;
200 rv->protocol_id = proposal->protocol_id;
201 RAND_bytes ((u8 *) & rv->spi, sizeof (rv->spi));
206 vec_free (rv->transforms);
215 ikev2_sa_transform_t *
216 ikev2_sa_get_td_for_type (ikev2_sa_proposal_t * p,
217 ikev2_transform_type_t type)
219 ikev2_sa_transform_t *t;
224 vec_foreach (t, p->transforms)
227 return ikev2_find_transform_data (t);
233 ikev2_sa_get_child (ikev2_sa_t * sa, u32 spi, ikev2_protocol_id_t prot_id,
237 vec_foreach (c, sa->childs)
239 ikev2_sa_proposal_t *proposal =
240 by_initiator ? &c->i_proposals[0] : &c->r_proposals[0];
241 if (proposal && proposal->spi == spi && proposal->protocol_id == prot_id)
249 ikev2_sa_free_proposal_vector (ikev2_sa_proposal_t ** v)
251 ikev2_sa_proposal_t *p;
252 ikev2_sa_transform_t *t;
259 vec_foreach (t, p->transforms)
263 vec_free (p->transforms);
269 ikev2_sa_free_child_sa (ikev2_child_sa_t * c)
271 ikev2_sa_free_proposal_vector (&c->r_proposals);
272 ikev2_sa_free_proposal_vector (&c->i_proposals);
282 ikev2_sa_free_all_child_sa (ikev2_child_sa_t ** childs)
285 vec_foreach (c, *childs) ikev2_sa_free_child_sa (c);
291 ikev2_sa_del_child_sa (ikev2_sa_t * sa, ikev2_child_sa_t * child)
293 ikev2_sa_free_child_sa (child);
294 vec_del1 (sa->childs, child - sa->childs);
298 ikev2_sa_free_all_vec (ikev2_sa_t * sa)
300 vec_free (sa->i_nonce);
301 vec_free (sa->r_nonce);
303 vec_free (sa->dh_shared_key);
304 vec_free (sa->dh_private_key);
305 vec_free (sa->i_dh_data);
306 vec_free (sa->r_dh_data);
308 ikev2_sa_free_proposal_vector (&sa->r_proposals);
309 ikev2_sa_free_proposal_vector (&sa->i_proposals);
312 vec_free (sa->sk_ai);
313 vec_free (sa->sk_ar);
314 vec_free (sa->sk_ei);
315 vec_free (sa->sk_er);
316 vec_free (sa->sk_pi);
317 vec_free (sa->sk_pr);
319 vec_free (sa->i_id.data);
320 vec_free (sa->r_id.data);
322 vec_free (sa->i_auth.data);
324 EVP_PKEY_free (sa->i_auth.key);
325 vec_free (sa->r_auth.data);
327 EVP_PKEY_free (sa->r_auth.key);
331 vec_free (sa->rekey);
333 vec_free (sa->last_sa_init_req_packet_data);
334 vec_free (sa->last_sa_init_res_packet_data);
336 vec_free (sa->last_res_packet_data);
338 ikev2_sa_free_all_child_sa (&sa->childs);
342 ikev2_delete_sa (ikev2_sa_t * sa)
344 ikev2_main_t *km = &ikev2_main;
345 u32 thread_index = vlib_get_thread_index ();
348 ikev2_sa_free_all_vec (sa);
350 p = hash_get (km->per_thread_data[thread_index].sa_by_rspi, sa->rspi);
353 hash_unset (km->per_thread_data[thread_index].sa_by_rspi, sa->rspi);
354 pool_put (km->per_thread_data[thread_index].sas, sa);
359 ikev2_generate_sa_init_data (ikev2_sa_t * sa)
361 ikev2_sa_transform_t *t = 0, *t2;
362 ikev2_main_t *km = &ikev2_main;
364 if (sa->dh_group == IKEV2_TRANSFORM_DH_TYPE_NONE)
369 /* check if received DH group is on our list of supported groups */
370 vec_foreach (t2, km->supported_transforms)
372 if (t2->type == IKEV2_TRANSFORM_TYPE_DH && sa->dh_group == t2->dh_type)
381 sa->dh_group = IKEV2_TRANSFORM_DH_TYPE_NONE;
385 if (sa->is_initiator)
388 RAND_bytes ((u8 *) & sa->ispi, 8);
391 sa->i_nonce = vec_new (u8, IKEV2_NONCE_SIZE);
392 RAND_bytes ((u8 *) sa->i_nonce, IKEV2_NONCE_SIZE);
397 RAND_bytes ((u8 *) & sa->rspi, 8);
400 sa->r_nonce = vec_new (u8, IKEV2_NONCE_SIZE);
401 RAND_bytes ((u8 *) sa->r_nonce, IKEV2_NONCE_SIZE);
404 /* generate dh keys */
405 ikev2_generate_dh (sa, t);
410 ikev2_complete_sa_data (ikev2_sa_t * sa, ikev2_sa_t * sai)
412 ikev2_sa_transform_t *t = 0, *t2;
413 ikev2_main_t *km = &ikev2_main;
415 /*move some data to the new SA */
416 #define _(A) ({void* __tmp__ = (A); (A) = 0; __tmp__;})
417 sa->i_nonce = _(sai->i_nonce);
418 sa->i_dh_data = _(sai->i_dh_data);
419 sa->dh_private_key = _(sai->dh_private_key);
420 sa->iaddr.as_u32 = sai->iaddr.as_u32;
421 sa->raddr.as_u32 = sai->raddr.as_u32;
422 sa->is_initiator = sai->is_initiator;
423 sa->i_id.type = sai->i_id.type;
424 sa->r_id.type = sai->r_id.type;
425 sa->profile_index = sai->profile_index;
426 sa->tun_itf = sai->tun_itf;
427 sa->is_tun_itf_set = sai->is_tun_itf_set;
428 sa->i_id.data = _(sai->i_id.data);
429 sa->r_id.data = _(sai->r_id.data);
430 sa->i_auth.method = sai->i_auth.method;
431 sa->i_auth.hex = sai->i_auth.hex;
432 sa->i_auth.data = _(sai->i_auth.data);
433 sa->i_auth.key = _(sai->i_auth.key);
434 sa->last_sa_init_req_packet_data = _(sai->last_sa_init_req_packet_data);
435 sa->childs = _(sai->childs);
436 sa->udp_encap = sai->udp_encap;
437 sa->ipsec_over_udp_port = sai->ipsec_over_udp_port;
438 sa->dst_port = sai->dst_port;
439 sa->sw_if_index = sai->sw_if_index;
443 if (sa->dh_group == IKEV2_TRANSFORM_DH_TYPE_NONE)
448 /* check if received DH group is on our list of supported groups */
449 vec_foreach (t2, km->supported_transforms)
451 if (t2->type == IKEV2_TRANSFORM_TYPE_DH && sa->dh_group == t2->dh_type)
460 sa->dh_group = IKEV2_TRANSFORM_DH_TYPE_NONE;
465 /* generate dh keys */
466 ikev2_complete_dh (sa, t);
471 ikev2_calc_keys (ikev2_sa_t * sa)
474 /* calculate SKEYSEED = prf(Ni | Nr, g^ir) */
477 u16 integ_key_len = 0, salt_len = 0;
478 ikev2_sa_transform_t *tr_encr, *tr_prf, *tr_integ;
480 ikev2_sa_get_td_for_type (sa->r_proposals, IKEV2_TRANSFORM_TYPE_ENCR);
482 ikev2_sa_get_td_for_type (sa->r_proposals, IKEV2_TRANSFORM_TYPE_PRF);
484 ikev2_sa_get_td_for_type (sa->r_proposals, IKEV2_TRANSFORM_TYPE_INTEG);
487 integ_key_len = tr_integ->key_len;
489 salt_len = sizeof (u32);
491 vec_append (s, sa->i_nonce);
492 vec_append (s, sa->r_nonce);
493 skeyseed = ikev2_calc_prf (tr_prf, s, sa->dh_shared_key);
495 /* Calculate S = Ni | Nr | SPIi | SPIr */
497 vec_add2 (s, tmp, 2 * sizeof (*spi));
499 spi[0] = clib_host_to_net_u64 (sa->ispi);
500 spi[1] = clib_host_to_net_u64 (sa->rspi);
502 /* calculate PRFplus */
504 int len = tr_prf->key_trunc + /* SK_d */
505 integ_key_len * 2 + /* SK_ai, SK_ar */
506 tr_encr->key_len * 2 + /* SK_ei, SK_er */
507 tr_prf->key_len * 2 + /* SK_pi, SK_pr */
510 keymat = ikev2_calc_prfplus (tr_prf, skeyseed, s, len);
517 sa->sk_d = vec_new (u8, tr_prf->key_trunc);
518 clib_memcpy_fast (sa->sk_d, keymat + pos, tr_prf->key_trunc);
519 pos += tr_prf->key_trunc;
524 sa->sk_ai = vec_new (u8, integ_key_len);
525 clib_memcpy_fast (sa->sk_ai, keymat + pos, integ_key_len);
526 pos += integ_key_len;
529 sa->sk_ar = vec_new (u8, integ_key_len);
530 clib_memcpy_fast (sa->sk_ar, keymat + pos, integ_key_len);
531 pos += integ_key_len;
535 sa->sk_ei = vec_new (u8, tr_encr->key_len + salt_len);
536 clib_memcpy_fast (sa->sk_ei, keymat + pos, tr_encr->key_len + salt_len);
537 pos += tr_encr->key_len + salt_len;
540 sa->sk_er = vec_new (u8, tr_encr->key_len + salt_len);
541 clib_memcpy_fast (sa->sk_er, keymat + pos, tr_encr->key_len + salt_len);
542 pos += tr_encr->key_len + salt_len;
545 sa->sk_pi = vec_new (u8, tr_prf->key_len);
546 clib_memcpy_fast (sa->sk_pi, keymat + pos, tr_prf->key_len);
547 pos += tr_prf->key_len;
550 sa->sk_pr = vec_new (u8, tr_prf->key_len);
551 clib_memcpy_fast (sa->sk_pr, keymat + pos, tr_prf->key_len);
552 pos += tr_prf->key_len;
555 sa->keys_generated = 1;
559 ikev2_calc_child_keys (ikev2_sa_t * sa, ikev2_child_sa_t * child)
562 u16 integ_key_len = 0;
565 ikev2_sa_transform_t *tr_prf, *ctr_encr, *ctr_integ;
567 ikev2_sa_get_td_for_type (sa->r_proposals, IKEV2_TRANSFORM_TYPE_PRF);
569 ikev2_sa_get_td_for_type (child->r_proposals, IKEV2_TRANSFORM_TYPE_ENCR);
571 ikev2_sa_get_td_for_type (child->r_proposals, IKEV2_TRANSFORM_TYPE_INTEG);
574 integ_key_len = ctr_integ->key_len;
576 salt_len = sizeof (u32);
578 vec_append (s, sa->i_nonce);
579 vec_append (s, sa->r_nonce);
580 /* calculate PRFplus */
582 int len = ctr_encr->key_len * 2 + integ_key_len * 2 + salt_len * 2;
584 keymat = ikev2_calc_prfplus (tr_prf, sa->sk_d, s, len);
589 child->sk_ei = vec_new (u8, ctr_encr->key_len);
590 clib_memcpy_fast (child->sk_ei, keymat + pos, ctr_encr->key_len);
591 pos += ctr_encr->key_len;
596 child->sk_ai = vec_new (u8, ctr_integ->key_len);
597 clib_memcpy_fast (child->sk_ai, keymat + pos, ctr_integ->key_len);
598 pos += ctr_integ->key_len;
602 clib_memcpy (&child->salt_ei, keymat + pos, salt_len);
607 child->sk_er = vec_new (u8, ctr_encr->key_len);
608 clib_memcpy_fast (child->sk_er, keymat + pos, ctr_encr->key_len);
609 pos += ctr_encr->key_len;
614 child->sk_ar = vec_new (u8, integ_key_len);
615 clib_memcpy_fast (child->sk_ar, keymat + pos, integ_key_len);
616 pos += integ_key_len;
620 clib_memcpy (&child->salt_er, keymat + pos, salt_len);
629 static_always_inline u8 *
630 ikev2_compute_nat_sha1 (u64 ispi, u64 rspi, u32 ip, u16 port)
632 /* ispi, rspi, ip, port */
633 u8 buf[8 + 8 + 4 + 2];
634 u8 *res = vec_new (u8, 20);
636 clib_memcpy_fast (&buf[0], &ispi, sizeof (ispi));
637 clib_memcpy_fast (&buf[8], &rspi, sizeof (rspi));
638 clib_memcpy_fast (&buf[8 + 8], &ip, sizeof (ip));
639 clib_memcpy_fast (&buf[8 + 8 + 4], &port, sizeof (port));
640 SHA1 (buf, sizeof (buf), res);
645 ikev2_parse_ke_payload (const void *p, u32 rlen, ikev2_sa_t * sa,
648 const ike_ke_payload_header_t *ke = p;
649 u16 plen = clib_net_to_host_u16 (ke->length);
650 ASSERT (plen >= sizeof (*ke) && plen <= rlen);
651 if (sizeof (*ke) > rlen)
654 sa->dh_group = clib_net_to_host_u16 (ke->dh_group);
655 vec_reset_length (ke_data[0]);
656 vec_add (ke_data[0], ke->payload, plen - sizeof (*ke));
661 ikev2_parse_nonce_payload (const void *p, u32 rlen, u8 * nonce)
663 const ike_payload_header_t *ikep = p;
664 u16 plen = clib_net_to_host_u16 (ikep->length);
665 ASSERT (plen >= sizeof (*ikep) && plen <= rlen);
666 clib_memcpy_fast (nonce, ikep->payload, plen - sizeof (*ikep));
671 ikev2_check_payload_length (const ike_payload_header_t * ikep, int rlen,
674 if (sizeof (*ikep) > rlen)
676 *plen = clib_net_to_host_u16 (ikep->length);
677 if (*plen < sizeof (*ikep) || *plen > rlen)
683 ikev2_process_sa_init_req (vlib_main_t * vm,
684 ikev2_sa_t * sa, ike_header_t * ike,
685 udp_header_t * udp, u32 len)
687 u8 nonce[IKEV2_NONCE_SIZE];
689 u8 payload = ike->nextpayload;
690 ike_payload_header_t *ikep;
693 ikev2_elog_exchange ("ispi %lx rspi %lx IKE_INIT request received "
695 clib_net_to_host_u64 (ike->ispi),
696 clib_net_to_host_u64 (ike->rspi), sa->iaddr.as_u32);
698 sa->ispi = clib_net_to_host_u64 (ike->ispi);
700 /* store whole IKE payload - needed for PSK auth */
701 vec_reset_length (sa->last_sa_init_req_packet_data);
702 vec_add (sa->last_sa_init_req_packet_data, ike, len);
704 if (len < sizeof (*ike))
707 len -= sizeof (*ike);
708 while (p < len && payload != IKEV2_PAYLOAD_NONE)
710 ikep = (ike_payload_header_t *) & ike->payload[p];
711 int current_length = len - p;
712 if (!ikev2_check_payload_length (ikep, current_length, &plen))
715 if (payload == IKEV2_PAYLOAD_SA)
717 ikev2_sa_free_proposal_vector (&sa->i_proposals);
718 sa->i_proposals = ikev2_parse_sa_payload (ikep, current_length);
720 else if (payload == IKEV2_PAYLOAD_KE)
722 if (!ikev2_parse_ke_payload (ikep, current_length, sa,
726 else if (payload == IKEV2_PAYLOAD_NONCE)
728 vec_reset_length (sa->i_nonce);
729 if (ikev2_parse_nonce_payload (ikep, current_length, nonce))
730 vec_add (sa->i_nonce, nonce, plen - sizeof (*ikep));
732 else if (payload == IKEV2_PAYLOAD_NOTIFY)
735 ikev2_parse_notify_payload (ikep, current_length);
736 if (n->msg_type == IKEV2_NOTIFY_MSG_NAT_DETECTION_SOURCE_IP)
738 u8 *src_sha = ikev2_compute_nat_sha1 (ike->ispi, 0,
741 if (clib_memcmp (src_sha, n->data, vec_len (src_sha)))
744 ikev2_elog_uint (IKEV2_LOG_DEBUG, "ispi %lx initiator"
745 " behind NAT", sa->ispi);
749 else if (n->msg_type ==
750 IKEV2_NOTIFY_MSG_NAT_DETECTION_DESTINATION_IP)
752 u8 *dst_sha = ikev2_compute_nat_sha1 (ike->ispi, 0,
755 if (clib_memcmp (dst_sha, n->data, vec_len (dst_sha)))
758 ikev2_elog_uint (IKEV2_LOG_DEBUG, "ispi %lx responder"
759 " (self) behind NAT", sa->ispi);
765 else if (payload == IKEV2_PAYLOAD_VENDOR)
767 ikev2_parse_vendor_payload (ikep);
771 ikev2_elog_uint (IKEV2_LOG_ERROR, "Unknown payload! type=%d",
773 if (ikep->flags & IKEV2_PAYLOAD_FLAG_CRITICAL)
775 ikev2_set_state (sa, IKEV2_STATE_NOTIFY_AND_DELETE);
776 sa->unsupported_cp = payload;
781 payload = ikep->nextpayload;
785 ikev2_set_state (sa, IKEV2_STATE_SA_INIT);
790 ikev2_process_sa_init_resp (vlib_main_t * vm,
791 ikev2_sa_t * sa, ike_header_t * ike,
792 udp_header_t * udp, u32 len)
794 u8 nonce[IKEV2_NONCE_SIZE];
796 u8 payload = ike->nextpayload;
797 ike_payload_header_t *ikep;
800 sa->ispi = clib_net_to_host_u64 (ike->ispi);
801 sa->rspi = clib_net_to_host_u64 (ike->rspi);
803 ikev2_elog_exchange ("ispi %lx rspi %lx IKE_INIT response received "
804 "from %d.%d.%d.%d", sa->ispi, sa->rspi,
807 /* store whole IKE payload - needed for PSK auth */
808 vec_reset_length (sa->last_sa_init_res_packet_data);
809 vec_add (sa->last_sa_init_res_packet_data, ike, len);
811 if (sizeof (*ike) > len)
814 len -= sizeof (*ike);
815 while (p < len && payload != IKEV2_PAYLOAD_NONE)
817 int current_length = len - p;
818 ikep = (ike_payload_header_t *) & ike->payload[p];
819 if (!ikev2_check_payload_length (ikep, current_length, &plen))
822 if (payload == IKEV2_PAYLOAD_SA)
824 ikev2_sa_free_proposal_vector (&sa->r_proposals);
825 sa->r_proposals = ikev2_parse_sa_payload (ikep, current_length);
828 ikev2_set_state (sa, IKEV2_STATE_SA_INIT);
830 clib_host_to_net_u32 (clib_net_to_host_u32 (ike->msgid) + 1);
833 else if (payload == IKEV2_PAYLOAD_KE)
835 if (!ikev2_parse_ke_payload (ikep, current_length, sa,
839 else if (payload == IKEV2_PAYLOAD_NONCE)
841 vec_reset_length (sa->r_nonce);
842 if (ikev2_parse_nonce_payload (ikep, current_length, nonce))
843 vec_add (sa->r_nonce, nonce, plen - sizeof (*ikep));
845 else if (payload == IKEV2_PAYLOAD_NOTIFY)
848 ikev2_parse_notify_payload (ikep, current_length);
849 if (n->msg_type == IKEV2_NOTIFY_MSG_NAT_DETECTION_SOURCE_IP)
851 u8 *src_sha = ikev2_compute_nat_sha1 (ike->ispi,
855 if (clib_memcmp (src_sha, n->data, vec_len (src_sha)))
857 ikev2_elog_uint (IKEV2_LOG_DEBUG, "ispi %lx responder"
858 " behind NAT, unsupported", sa->ispi);
862 else if (n->msg_type ==
863 IKEV2_NOTIFY_MSG_NAT_DETECTION_DESTINATION_IP)
865 u8 *dst_sha = ikev2_compute_nat_sha1 (ike->ispi,
869 if (clib_memcmp (dst_sha, n->data, vec_len (dst_sha)))
872 ikev2_elog_uint (IKEV2_LOG_DEBUG, "ispi %lx initiator"
873 " (self) behind NAT", sa->ispi);
879 else if (payload == IKEV2_PAYLOAD_VENDOR)
881 ikev2_parse_vendor_payload (ikep);
885 ikev2_elog_uint (IKEV2_LOG_ERROR, "Unknown payload! type=%d",
887 if (ikep->flags & IKEV2_PAYLOAD_FLAG_CRITICAL)
889 ikev2_set_state (sa, IKEV2_STATE_NOTIFY_AND_DELETE);
890 sa->unsupported_cp = payload;
895 payload = ikep->nextpayload;
901 ikev2_decrypt_sk_payload (ikev2_sa_t * sa, ike_header_t * ike,
902 u8 * payload, u32 rlen, u32 * out_len)
904 ikev2_main_per_thread_data_t *ptd = ikev2_get_per_thread_data ();
906 u8 last_payload = 0, *hmac = 0, *plaintext = 0;
907 ike_payload_header_t *ikep = 0;
910 ikev2_sa_transform_t *tr_integ;
911 ikev2_sa_transform_t *tr_encr;
913 ikev2_sa_get_td_for_type (sa->r_proposals, IKEV2_TRANSFORM_TYPE_INTEG);
915 ikev2_sa_get_td_for_type (sa->r_proposals, IKEV2_TRANSFORM_TYPE_ENCR);
916 int is_aead = tr_encr->encr_type == IKEV2_TRANSFORM_ENCR_TYPE_AES_GCM_16;
918 if ((!sa->sk_ar || !sa->sk_ai) && !is_aead)
921 if (rlen <= sizeof (*ike))
924 int len = rlen - sizeof (*ike);
926 *payload != IKEV2_PAYLOAD_NONE && last_payload != IKEV2_PAYLOAD_SK)
928 ikep = (ike_payload_header_t *) & ike->payload[p];
929 int current_length = len - p;
930 if (!ikev2_check_payload_length (ikep, current_length, &plen))
933 if (*payload == IKEV2_PAYLOAD_SK)
935 last_payload = *payload;
939 ikev2_elog_uint (IKEV2_LOG_ERROR, "Unknown payload! type=%d",
941 if (ikep->flags & IKEV2_PAYLOAD_FLAG_CRITICAL)
943 sa->unsupported_cp = *payload;
948 *payload = ikep->nextpayload;
952 if (last_payload != IKEV2_PAYLOAD_SK)
954 ikev2_elog_error ("Last payload must be SK");
960 if (plen < sizeof (*ikep) + IKEV2_GCM_ICV_SIZE)
963 plen -= sizeof (*ikep) + IKEV2_GCM_ICV_SIZE;
964 u8 *aad = (u8 *) ike;
965 u32 aad_len = ikep->payload - aad;
966 u8 *tag = ikep->payload + plen;
968 int rc = ikev2_decrypt_aead_data (ptd, sa, tr_encr, ikep->payload,
969 plen, aad, aad_len, tag, &dlen);
973 plaintext = ikep->payload + IKEV2_GCM_IV_SIZE;
978 if (rlen < tr_integ->key_trunc)
982 ikev2_calc_integr (tr_integ, sa->is_initiator ? sa->sk_ar : sa->sk_ai,
983 (u8 *) ike, rlen - tr_integ->key_trunc);
985 if (plen < sizeof (*ikep) + tr_integ->key_trunc)
988 plen = plen - sizeof (*ikep) - tr_integ->key_trunc;
990 if (clib_memcmp (hmac, &ikep->payload[plen], tr_integ->key_trunc))
992 ikev2_elog_error ("message integrity check failed");
998 int rc = ikev2_decrypt_data (ptd, sa, tr_encr, ikep->payload, plen,
1003 plaintext = ikep->payload + tr_encr->block_size;
1010 static_always_inline int
1011 ikev2_is_id_equal (ikev2_id_t * i1, ikev2_id_t * i2)
1013 if (i1->type != i2->type)
1016 if (vec_len (i1->data) != vec_len (i2->data))
1019 if (clib_memcmp (i1->data, i2->data, vec_len (i1->data)))
1026 ikev2_initial_contact_cleanup (ikev2_sa_t * sa)
1028 ikev2_main_t *km = &ikev2_main;
1031 ikev2_child_sa_t *c;
1032 u32 thread_index = vlib_get_thread_index ();
1034 if (!sa->initial_contact)
1037 /* find old IKE SAs with the same authenticated identity */
1039 pool_foreach (tmp, km->per_thread_data[thread_index].sas, ({
1040 if (!ikev2_is_id_equal (&tmp->i_id, &sa->i_id)
1041 || !ikev2_is_id_equal(&tmp->r_id, &sa->r_id))
1044 if (sa->rspi != tmp->rspi)
1045 vec_add1(delete, tmp - km->per_thread_data[thread_index].sas);
1049 for (i = 0; i < vec_len (delete); i++)
1052 pool_elt_at_index (km->per_thread_data[thread_index].sas, delete[i]);
1054 tmp->childs) ikev2_delete_tunnel_interface (km->vnet_main,
1056 ikev2_delete_sa (tmp);
1060 sa->initial_contact = 0;
1064 ikev2_parse_id_payload (const void *p, u16 rlen, ikev2_id_t * sa_id)
1066 const ike_id_payload_header_t *id = p;
1067 u16 plen = clib_net_to_host_u16 (id->length);
1068 if (plen < sizeof (*id) || plen > rlen)
1071 sa_id->type = id->id_type;
1072 vec_reset_length (sa_id->data);
1073 vec_add (sa_id->data, id->payload, plen - sizeof (*id));
1079 ikev2_parse_auth_payload (const void *p, u32 rlen, ikev2_auth_t * a)
1081 const ike_auth_payload_header_t *ah = p;
1082 u16 plen = clib_net_to_host_u16 (ah->length);
1084 a->method = ah->auth_method;
1085 vec_reset_length (a->data);
1086 vec_add (a->data, ah->payload, plen - sizeof (*ah));
1091 ikev2_process_auth_req (vlib_main_t * vm, ikev2_sa_t * sa,
1092 ike_header_t * ike, u32 len)
1095 ikev2_child_sa_t *first_child_sa;
1096 u8 payload = ike->nextpayload;
1098 ike_payload_header_t *ikep;
1102 ikev2_elog_exchange ("ispi %lx rspi %lx EXCHANGE_IKE_AUTH received "
1103 "from %d.%d.%d.%d", clib_host_to_net_u64 (ike->ispi),
1104 clib_host_to_net_u64 (ike->rspi),
1105 sa->is_initiator ? sa->raddr.as_u32 : sa->
1108 ikev2_calc_keys (sa);
1110 plaintext = ikev2_decrypt_sk_payload (sa, ike, &payload, len, &dlen);
1114 if (sa->unsupported_cp)
1116 ikev2_set_state (sa, IKEV2_STATE_NOTIFY_AND_DELETE);
1122 /* select or create 1st child SA */
1123 if (sa->is_initiator)
1125 first_child_sa = &sa->childs[0];
1129 ikev2_sa_free_all_child_sa (&sa->childs);
1130 vec_add2 (sa->childs, first_child_sa, 1);
1134 /* process encrypted payload */
1135 while (p < dlen && payload != IKEV2_PAYLOAD_NONE)
1137 ikep = (ike_payload_header_t *) & plaintext[p];
1138 int current_length = dlen - p;
1139 if (!ikev2_check_payload_length (ikep, current_length, &plen))
1142 if (payload == IKEV2_PAYLOAD_SA) /* 33 */
1144 if (sa->is_initiator)
1146 ikev2_sa_free_proposal_vector (&first_child_sa->r_proposals);
1147 first_child_sa->r_proposals = ikev2_parse_sa_payload (ikep,
1152 ikev2_sa_free_proposal_vector (&first_child_sa->i_proposals);
1153 first_child_sa->i_proposals = ikev2_parse_sa_payload (ikep,
1157 else if (payload == IKEV2_PAYLOAD_IDI) /* 35 */
1159 if (!ikev2_parse_id_payload (ikep, current_length, &sa->i_id))
1162 else if (payload == IKEV2_PAYLOAD_IDR) /* 36 */
1164 if (!ikev2_parse_id_payload (ikep, current_length, &sa->r_id))
1167 else if (payload == IKEV2_PAYLOAD_AUTH) /* 39 */
1169 if (sa->is_initiator)
1171 if (!ikev2_parse_auth_payload (ikep, current_length,
1177 if (!ikev2_parse_auth_payload (ikep, current_length,
1182 else if (payload == IKEV2_PAYLOAD_NOTIFY) /* 41 */
1185 ikev2_parse_notify_payload (ikep, current_length);
1186 if (n->msg_type == IKEV2_NOTIFY_MSG_INITIAL_CONTACT)
1188 sa->initial_contact = 1;
1192 else if (payload == IKEV2_PAYLOAD_VENDOR) /* 43 */
1194 ikev2_parse_vendor_payload (ikep);
1196 else if (payload == IKEV2_PAYLOAD_TSI) /* 44 */
1198 vec_free (first_child_sa->tsi);
1199 first_child_sa->tsi = ikev2_parse_ts_payload (ikep, current_length);
1201 else if (payload == IKEV2_PAYLOAD_TSR) /* 45 */
1203 vec_free (first_child_sa->tsr);
1204 first_child_sa->tsr = ikev2_parse_ts_payload (ikep, current_length);
1208 ikev2_elog_uint (IKEV2_LOG_ERROR, "Unknown payload! type=%d",
1211 if (ikep->flags & IKEV2_PAYLOAD_FLAG_CRITICAL)
1213 ikev2_set_state (sa, IKEV2_STATE_NOTIFY_AND_DELETE);
1214 sa->unsupported_cp = payload;
1219 payload = ikep->nextpayload;
1226 ikev2_set_state (sa, IKEV2_STATE_DELETED);
1231 ikev2_process_informational_req (vlib_main_t * vm,
1232 ikev2_sa_t * sa, ike_header_t * ike, u32 len)
1235 u8 payload = ike->nextpayload;
1237 ike_payload_header_t *ikep;
1239 ikev2_notify_t *n = 0;
1241 sa->liveness_retries = 0;
1242 ikev2_elog_exchange ("ispi %lx rspi %lx INFORMATIONAL received "
1243 "from %d.%d.%d.%d", clib_host_to_net_u64 (ike->ispi),
1244 clib_host_to_net_u64 (ike->rspi), sa->iaddr.as_u32);
1246 plaintext = ikev2_decrypt_sk_payload (sa, ike, &payload, len, &dlen);
1251 /* process encrypted payload */
1253 while (p < dlen && payload != IKEV2_PAYLOAD_NONE)
1255 u32 current_length = dlen - p;
1256 if (p + sizeof (*ikep) > dlen)
1259 ikep = (ike_payload_header_t *) & plaintext[p];
1260 u16 plen = clib_net_to_host_u16 (ikep->length);
1262 if (plen < sizeof (*ikep) || plen > current_length)
1265 if (payload == IKEV2_PAYLOAD_NOTIFY) /* 41 */
1267 n = ikev2_parse_notify_payload (ikep, current_length);
1270 if (n->msg_type == IKEV2_NOTIFY_MSG_AUTHENTICATION_FAILED)
1271 ikev2_set_state (sa, IKEV2_STATE_AUTH_FAILED);
1274 else if (payload == IKEV2_PAYLOAD_DELETE) /* 42 */
1276 sa->del = ikev2_parse_delete_payload (ikep, current_length);
1278 else if (payload == IKEV2_PAYLOAD_VENDOR) /* 43 */
1280 ikev2_parse_vendor_payload (ikep);
1284 ikev2_elog_uint (IKEV2_LOG_ERROR, "Unknown payload! type=%d",
1286 if (ikep->flags & IKEV2_PAYLOAD_FLAG_CRITICAL)
1288 sa->unsupported_cp = payload;
1292 payload = ikep->nextpayload;
1299 ikev2_process_create_child_sa_req (vlib_main_t * vm,
1300 ikev2_sa_t * sa, ike_header_t * ike,
1304 u8 payload = ike->nextpayload;
1307 u8 nonce[IKEV2_NONCE_SIZE];
1309 ike_payload_header_t *ikep;
1310 ikev2_notify_t *n = 0;
1311 ikev2_ts_t *tsi = 0;
1312 ikev2_ts_t *tsr = 0;
1313 ikev2_sa_proposal_t *proposal = 0;
1314 ikev2_child_sa_t *child_sa;
1318 ikev2_elog_exchange ("ispi %lx rspi %lx CREATE_CHILD_SA received "
1319 "from %d.%d.%d.%d", clib_host_to_net_u64 (ike->ispi),
1320 clib_host_to_net_u64 (ike->rspi), sa->raddr.as_u32);
1322 plaintext = ikev2_decrypt_sk_payload (sa, ike, &payload, len, &dlen);
1325 goto cleanup_and_exit;
1327 /* process encrypted payload */
1329 while (payload != IKEV2_PAYLOAD_NONE)
1331 ikep = (ike_payload_header_t *) & plaintext[p];
1332 int current_length = dlen - p;
1333 if (!ikev2_check_payload_length (ikep, current_length, &plen))
1334 goto cleanup_and_exit;
1336 if (payload == IKEV2_PAYLOAD_SA)
1338 proposal = ikev2_parse_sa_payload (ikep, current_length);
1340 else if (payload == IKEV2_PAYLOAD_NOTIFY)
1342 n = ikev2_parse_notify_payload (ikep, current_length);
1343 if (n->msg_type == IKEV2_NOTIFY_MSG_REKEY_SA)
1348 else if (payload == IKEV2_PAYLOAD_DELETE)
1350 sa->del = ikev2_parse_delete_payload (ikep, current_length);
1352 else if (payload == IKEV2_PAYLOAD_VENDOR)
1354 ikev2_parse_vendor_payload (ikep);
1356 else if (payload == IKEV2_PAYLOAD_NONCE)
1358 ikev2_parse_nonce_payload (ikep, current_length, nonce);
1360 else if (payload == IKEV2_PAYLOAD_TSI)
1362 tsi = ikev2_parse_ts_payload (ikep, current_length);
1364 else if (payload == IKEV2_PAYLOAD_TSR)
1366 tsr = ikev2_parse_ts_payload (ikep, current_length);
1370 ikev2_elog_uint (IKEV2_LOG_ERROR, "Unknown payload! type=%d",
1372 if (ikep->flags & IKEV2_PAYLOAD_FLAG_CRITICAL)
1374 sa->unsupported_cp = payload;
1375 goto cleanup_and_exit;
1378 payload = ikep->nextpayload;
1382 if (sa->is_initiator && proposal->protocol_id == IKEV2_PROTOCOL_ESP)
1384 ikev2_rekey_t *rekey = &sa->rekey[0];
1385 rekey->protocol_id = proposal->protocol_id;
1387 ikev2_select_proposal (proposal, IKEV2_PROTOCOL_ESP);
1388 rekey->i_proposal->spi = rekey->spi;
1389 rekey->r_proposal = proposal;
1393 vec_reset_length (sa->r_nonce);
1394 vec_add (sa->r_nonce, nonce, IKEV2_NONCE_SIZE);
1395 child_sa = ikev2_sa_get_child (sa, rekey->ispi, IKEV2_PROTOCOL_ESP, 1);
1398 child_sa->rekey_retries = 0;
1403 ikev2_rekey_t *rekey;
1404 child_sa = ikev2_sa_get_child (sa, n->spi, n->protocol_id, 1);
1407 ikev2_elog_uint (IKEV2_LOG_ERROR, "child SA spi %lx not found",
1409 goto cleanup_and_exit;
1411 vec_add2 (sa->rekey, rekey, 1);
1412 rekey->protocol_id = n->protocol_id;
1413 rekey->spi = n->spi;
1414 rekey->i_proposal = proposal;
1416 ikev2_select_proposal (proposal, IKEV2_PROTOCOL_ESP);
1420 vec_free (sa->i_nonce);
1421 vec_add (sa->i_nonce, nonce, IKEV2_NONCE_SIZE);
1422 /* generate new Nr */
1423 vec_validate (sa->r_nonce, IKEV2_NONCE_SIZE - 1);
1424 RAND_bytes ((u8 *) sa->r_nonce, IKEV2_NONCE_SIZE);
1435 ikev2_sa_generate_authmsg (ikev2_sa_t * sa, int is_responder)
1443 ikev2_sa_transform_t *tr_prf;
1446 ikev2_sa_get_td_for_type (sa->r_proposals, IKEV2_TRANSFORM_TYPE_PRF);
1452 nonce = sa->i_nonce;
1453 packet_data = sa->last_sa_init_res_packet_data;
1459 nonce = sa->r_nonce;
1460 packet_data = sa->last_sa_init_req_packet_data;
1463 data = vec_new (u8, 4);
1465 vec_append (data, id->data);
1467 u8 *id_hash = ikev2_calc_prf (tr_prf, key, data);
1468 vec_append (authmsg, packet_data);
1469 vec_append (authmsg, nonce);
1470 vec_append (authmsg, id_hash);
1478 ikev2_ts_cmp (ikev2_ts_t * ts1, ikev2_ts_t * ts2)
1480 if (ts1->ts_type == ts2->ts_type && ts1->protocol_id == ts2->protocol_id &&
1481 ts1->start_port == ts2->start_port && ts1->end_port == ts2->end_port &&
1482 ts1->start_addr.as_u32 == ts2->start_addr.as_u32 &&
1483 ts1->end_addr.as_u32 == ts2->end_addr.as_u32)
1490 ikev2_sa_match_ts (ikev2_sa_t * sa)
1492 ikev2_main_t *km = &ikev2_main;
1494 ikev2_ts_t *ts, *p_tsi, *p_tsr, *tsi = 0, *tsr = 0;
1495 ikev2_id_t *id_rem, *id_loc;
1498 pool_foreach (p, km->profiles, ({
1500 if (sa->is_initiator)
1516 if (!ikev2_is_id_equal (&p->rem_id, id_rem)
1517 || !ikev2_is_id_equal (&p->loc_id, id_loc))
1520 sa->profile_index = p - km->profiles;
1522 vec_foreach(ts, sa->childs[0].tsi)
1524 if (ikev2_ts_cmp(p_tsi, ts))
1526 vec_add1 (tsi, ts[0]);
1531 vec_foreach(ts, sa->childs[0].tsr)
1533 if (ikev2_ts_cmp(p_tsr, ts))
1535 vec_add1 (tsr, ts[0]);
1546 vec_free (sa->childs[0].tsi);
1547 vec_free (sa->childs[0].tsr);
1548 sa->childs[0].tsi = tsi;
1549 sa->childs[0].tsr = tsr;
1555 ikev2_set_state (sa, IKEV2_STATE_TS_UNACCEPTABLE);
1560 ikev2_sa_auth (ikev2_sa_t * sa)
1562 ikev2_main_t *km = &ikev2_main;
1563 ikev2_profile_t *p, *sel_p = 0;
1564 u8 *authmsg, *key_pad, *psk = 0, *auth = 0;
1565 ikev2_sa_transform_t *tr_prf;
1568 ikev2_sa_get_td_for_type (sa->r_proposals, IKEV2_TRANSFORM_TYPE_PRF);
1570 /* only shared key and rsa signature */
1571 if (!(sa->i_auth.method == IKEV2_AUTH_METHOD_SHARED_KEY_MIC ||
1572 sa->i_auth.method == IKEV2_AUTH_METHOD_RSA_SIG))
1574 ikev2_elog_uint (IKEV2_LOG_ERROR,
1575 "unsupported authentication method %u",
1577 ikev2_set_state (sa, IKEV2_STATE_AUTH_FAILED);
1581 key_pad = format (0, "%s", IKEV2_KEY_PAD);
1582 authmsg = ikev2_sa_generate_authmsg (sa, sa->is_initiator);
1584 ikev2_id_t *id_rem, *id_loc;
1585 ikev2_auth_t *sa_auth;
1587 if (sa->is_initiator)
1591 sa_auth = &sa->r_auth;
1597 sa_auth = &sa->i_auth;
1601 pool_foreach (p, km->profiles, ({
1604 if (!ikev2_is_id_equal (&p->rem_id, id_rem)
1605 || !ikev2_is_id_equal (&p->loc_id, id_loc))
1608 if (sa_auth->method == IKEV2_AUTH_METHOD_SHARED_KEY_MIC)
1610 if (!p->auth.data ||
1611 p->auth.method != IKEV2_AUTH_METHOD_SHARED_KEY_MIC)
1614 psk = ikev2_calc_prf(tr_prf, p->auth.data, key_pad);
1615 auth = ikev2_calc_prf(tr_prf, psk, authmsg);
1617 if (!clib_memcmp(auth, sa_auth->data, vec_len(sa_auth->data)))
1619 ikev2_set_state(sa, IKEV2_STATE_AUTHENTICATED);
1626 else if (sa_auth->method == IKEV2_AUTH_METHOD_RSA_SIG)
1628 if (p->auth.method != IKEV2_AUTH_METHOD_RSA_SIG)
1631 if (ikev2_verify_sign(p->auth.key, sa_auth->data, authmsg) == 1)
1633 ikev2_set_state(sa, IKEV2_STATE_AUTHENTICATED);
1646 sa->udp_encap = sel_p->udp_encap;
1647 sa->ipsec_over_udp_port = sel_p->ipsec_over_udp_port;
1651 if (sa->state == IKEV2_STATE_AUTHENTICATED)
1653 if (!sa->is_initiator)
1655 vec_free (sa->r_id.data);
1656 sa->r_id.data = vec_dup (sel_p->loc_id.data);
1657 sa->r_id.type = sel_p->loc_id.type;
1658 sa->i_id.data = vec_dup (sel_p->rem_id.data);
1659 sa->i_id.type = sel_p->rem_id.type;
1661 /* generate our auth data */
1662 authmsg = ikev2_sa_generate_authmsg (sa, 1);
1663 if (sel_p->auth.method == IKEV2_AUTH_METHOD_SHARED_KEY_MIC)
1665 sa->r_auth.data = ikev2_calc_prf (tr_prf, psk, authmsg);
1666 sa->r_auth.method = IKEV2_AUTH_METHOD_SHARED_KEY_MIC;
1668 else if (sel_p->auth.method == IKEV2_AUTH_METHOD_RSA_SIG)
1670 sa->r_auth.data = ikev2_calc_sign (km->pkey, authmsg);
1671 sa->r_auth.method = IKEV2_AUTH_METHOD_RSA_SIG;
1675 /* select transforms for 1st child sa */
1676 ikev2_sa_free_proposal_vector (&sa->childs[0].r_proposals);
1677 sa->childs[0].r_proposals =
1678 ikev2_select_proposal (sa->childs[0].i_proposals,
1679 IKEV2_PROTOCOL_ESP);
1681 if (~0 != sel_p->tun_itf)
1683 sa->is_tun_itf_set = 1;
1684 sa->tun_itf = sel_p->tun_itf;
1690 ikev2_elog_uint (IKEV2_LOG_ERROR, "authentication failed, no matching "
1691 "profile found! ispi %lx", sa->ispi);
1692 ikev2_set_state (sa, IKEV2_STATE_AUTH_FAILED);
1700 ikev2_sa_auth_init (ikev2_sa_t * sa)
1702 ikev2_main_t *km = &ikev2_main;
1703 u8 *authmsg, *key_pad, *psk = 0;
1704 ikev2_sa_transform_t *tr_prf;
1707 ikev2_sa_get_td_for_type (sa->r_proposals, IKEV2_TRANSFORM_TYPE_PRF);
1709 /* only shared key and rsa signature */
1710 if (!(sa->i_auth.method == IKEV2_AUTH_METHOD_SHARED_KEY_MIC ||
1711 sa->i_auth.method == IKEV2_AUTH_METHOD_RSA_SIG))
1713 ikev2_elog_uint (IKEV2_LOG_ERROR,
1714 "unsupported authentication method %u",
1716 ikev2_set_state (sa, IKEV2_STATE_AUTH_FAILED);
1720 key_pad = format (0, "%s", IKEV2_KEY_PAD);
1721 authmsg = ikev2_sa_generate_authmsg (sa, 0);
1722 psk = ikev2_calc_prf (tr_prf, sa->i_auth.data, key_pad);
1724 if (sa->i_auth.method == IKEV2_AUTH_METHOD_SHARED_KEY_MIC)
1726 sa->i_auth.data = ikev2_calc_prf (tr_prf, psk, authmsg);
1727 sa->i_auth.method = IKEV2_AUTH_METHOD_SHARED_KEY_MIC;
1729 else if (sa->i_auth.method == IKEV2_AUTH_METHOD_RSA_SIG)
1731 sa->i_auth.data = ikev2_calc_sign (km->pkey, authmsg);
1732 sa->i_auth.method = IKEV2_AUTH_METHOD_RSA_SIG;
1741 ikev2_mk_local_sa_id (u32 sai, u32 ci, u32 ti)
1743 return (0x80000000 | (ti << 24) | (sai << 12) | ci);
1747 ikev2_mk_remote_sa_id (u32 sai, u32 ci, u32 ti)
1749 return (0xc0000000 | (ti << 24) | (sai << 12) | ci);
1759 ipsec_sa_flags_t flags;
1762 ipsec_crypto_alg_t encr_type;
1763 ipsec_integ_alg_t integ_type;
1764 ip46_address_t local_ip;
1765 ip46_address_t remote_ip;
1766 ipsec_key_t loc_ckey, rem_ckey, loc_ikey, rem_ikey;
1768 u32 old_remote_sa_id;
1769 u16 ipsec_over_udp_port;
1772 } ikev2_add_ipsec_tunnel_args_t;
1775 ikev2_add_tunnel_from_main (ikev2_add_ipsec_tunnel_args_t * a)
1777 ikev2_main_t *km = &ikev2_main;
1781 if (~0 == a->sw_if_index)
1783 /* no tunnel associated with the SA/profile - create a new one */
1784 rv = ipip_add_tunnel (IPIP_TRANSPORT_IP4, ~0,
1785 &a->local_ip, &a->remote_ip, 0,
1786 TUNNEL_ENCAP_DECAP_FLAG_NONE, IP_DSCP_CS0,
1787 TUNNEL_MODE_P2P, &sw_if_index);
1789 if (rv == VNET_API_ERROR_IF_ALREADY_EXISTS)
1791 if (hash_get (km->sw_if_indices, sw_if_index))
1792 /* interface is managed by IKE; proceed with updating SAs */
1795 hash_set1 (km->sw_if_indices, sw_if_index);
1799 sw_if_index = a->sw_if_index;
1800 vnet_sw_interface_admin_up (vnet_get_main (), sw_if_index);
1805 ikev2_elog_peers (IKEV2_LOG_ERROR, "installing ipip tunnel failed! "
1806 "loc:%d.%d.%d.%d rem:%d.%d.%d.%d",
1807 a->local_ip.ip4.as_u32, a->remote_ip.ip4.as_u32);
1812 vec_add1 (sas_in, a->remote_sa_id);
1815 ipsec_tun_protect_del (sw_if_index, NULL);
1817 /* replace local SA immediately */
1818 ipsec_sa_unlock_id (a->local_sa_id);
1820 /* keep the old sa */
1821 vec_add1 (sas_in, a->old_remote_sa_id);
1824 rv |= ipsec_sa_add_and_lock (a->local_sa_id,
1826 IPSEC_PROTOCOL_ESP, a->encr_type,
1827 &a->loc_ckey, a->integ_type, &a->loc_ikey,
1828 a->flags, 0, a->salt_local, &a->local_ip,
1829 &a->remote_ip, NULL, a->src_port, a->dst_port);
1830 rv |= ipsec_sa_add_and_lock (a->remote_sa_id, a->remote_spi,
1831 IPSEC_PROTOCOL_ESP, a->encr_type, &a->rem_ckey,
1832 a->integ_type, &a->rem_ikey,
1833 (a->flags | IPSEC_SA_FLAG_IS_INBOUND), 0,
1834 a->salt_remote, &a->remote_ip,
1835 &a->local_ip, NULL, a->ipsec_over_udp_port,
1836 a->ipsec_over_udp_port);
1838 rv |= ipsec_tun_protect_update (sw_if_index, NULL, a->local_sa_id, sas_in);
1842 ikev2_create_tunnel_interface (vlib_main_t * vm,
1845 ikev2_child_sa_t * child, u32 sa_index,
1846 u32 child_index, u8 is_rekey)
1848 ikev2_main_t *km = &ikev2_main;
1849 ipsec_crypto_alg_t encr_type;
1850 ipsec_integ_alg_t integ_type;
1851 ikev2_profile_t *p = 0;
1852 ikev2_sa_transform_t *tr;
1853 ikev2_sa_proposal_t *proposals;
1855 ikev2_add_ipsec_tunnel_args_t a;
1857 clib_memset (&a, 0, sizeof (a));
1859 if (!child->r_proposals)
1861 ikev2_set_state (sa, IKEV2_STATE_NO_PROPOSAL_CHOSEN);
1865 if (sa->is_initiator)
1867 ip46_address_set_ip4 (&a.local_ip, &sa->iaddr);
1868 ip46_address_set_ip4 (&a.remote_ip, &sa->raddr);
1869 proposals = child->r_proposals;
1870 a.local_spi = child->r_proposals[0].spi;
1871 a.remote_spi = child->i_proposals[0].spi;
1875 ip46_address_set_ip4 (&a.local_ip, &sa->raddr);
1876 ip46_address_set_ip4 (&a.remote_ip, &sa->iaddr);
1877 proposals = child->i_proposals;
1878 a.local_spi = child->i_proposals[0].spi;
1879 a.remote_spi = child->r_proposals[0].spi;
1882 a.flags = IPSEC_SA_FLAG_USE_ANTI_REPLAY;
1885 a.flags |= IPSEC_SA_FLAG_IS_TUNNEL;
1886 a.flags |= IPSEC_SA_FLAG_UDP_ENCAP;
1889 a.flags |= IPSEC_SA_FLAG_UDP_ENCAP;
1890 a.is_rekey = is_rekey;
1892 tr = ikev2_sa_get_td_for_type (proposals, IKEV2_TRANSFORM_TYPE_ESN);
1893 if (tr && tr->esn_type)
1894 a.flags |= IPSEC_SA_FLAG_USE_ESN;
1896 tr = ikev2_sa_get_td_for_type (proposals, IKEV2_TRANSFORM_TYPE_ENCR);
1899 if (tr->encr_type == IKEV2_TRANSFORM_ENCR_TYPE_AES_CBC && tr->key_len)
1901 switch (tr->key_len)
1904 encr_type = IPSEC_CRYPTO_ALG_AES_CBC_128;
1907 encr_type = IPSEC_CRYPTO_ALG_AES_CBC_192;
1910 encr_type = IPSEC_CRYPTO_ALG_AES_CBC_256;
1913 ikev2_set_state (sa, IKEV2_STATE_NO_PROPOSAL_CHOSEN);
1918 else if (tr->encr_type == IKEV2_TRANSFORM_ENCR_TYPE_AES_GCM_16
1921 switch (tr->key_len)
1924 encr_type = IPSEC_CRYPTO_ALG_AES_GCM_128;
1927 encr_type = IPSEC_CRYPTO_ALG_AES_GCM_192;
1930 encr_type = IPSEC_CRYPTO_ALG_AES_GCM_256;
1933 ikev2_set_state (sa, IKEV2_STATE_NO_PROPOSAL_CHOSEN);
1941 ikev2_set_state (sa, IKEV2_STATE_NO_PROPOSAL_CHOSEN);
1947 ikev2_set_state (sa, IKEV2_STATE_NO_PROPOSAL_CHOSEN);
1950 a.encr_type = encr_type;
1954 tr = ikev2_sa_get_td_for_type (proposals, IKEV2_TRANSFORM_TYPE_INTEG);
1957 switch (tr->integ_type)
1959 case IKEV2_TRANSFORM_INTEG_TYPE_AUTH_HMAC_SHA2_256_128:
1960 integ_type = IPSEC_INTEG_ALG_SHA_256_128;
1962 case IKEV2_TRANSFORM_INTEG_TYPE_AUTH_HMAC_SHA2_384_192:
1963 integ_type = IPSEC_INTEG_ALG_SHA_384_192;
1965 case IKEV2_TRANSFORM_INTEG_TYPE_AUTH_HMAC_SHA2_512_256:
1966 integ_type = IPSEC_INTEG_ALG_SHA_512_256;
1968 case IKEV2_TRANSFORM_INTEG_TYPE_AUTH_HMAC_SHA1_96:
1969 integ_type = IPSEC_INTEG_ALG_SHA1_96;
1972 ikev2_set_state (sa, IKEV2_STATE_NO_PROPOSAL_CHOSEN);
1978 ikev2_set_state (sa, IKEV2_STATE_NO_PROPOSAL_CHOSEN);
1984 integ_type = IPSEC_INTEG_ALG_NONE;
1987 a.integ_type = integ_type;
1988 ikev2_calc_child_keys (sa, child);
1990 if (sa->is_initiator)
1992 ipsec_mk_key (&a.loc_ikey, child->sk_ai, vec_len (child->sk_ai));
1993 ipsec_mk_key (&a.rem_ikey, child->sk_ar, vec_len (child->sk_ar));
1994 ipsec_mk_key (&a.loc_ckey, child->sk_ei, vec_len (child->sk_ei));
1995 ipsec_mk_key (&a.rem_ckey, child->sk_er, vec_len (child->sk_er));
1998 a.salt_remote = child->salt_er;
1999 a.salt_local = child->salt_ei;
2001 a.dst_port = a.src_port = sa->ipsec_over_udp_port;
2005 ipsec_mk_key (&a.loc_ikey, child->sk_ar, vec_len (child->sk_ar));
2006 ipsec_mk_key (&a.rem_ikey, child->sk_ai, vec_len (child->sk_ai));
2007 ipsec_mk_key (&a.loc_ckey, child->sk_er, vec_len (child->sk_er));
2008 ipsec_mk_key (&a.rem_ckey, child->sk_ei, vec_len (child->sk_ei));
2011 a.salt_remote = child->salt_ei;
2012 a.salt_local = child->salt_er;
2014 a.dst_port = sa->natt ? sa->dst_port : sa->ipsec_over_udp_port;
2015 a.src_port = sa->ipsec_over_udp_port;
2018 if (sa->is_initiator && sa->profile_index != ~0)
2019 p = pool_elt_at_index (km->profiles, sa->profile_index);
2021 if (p && p->lifetime)
2023 child->time_to_expiration = vlib_time_now (vm) + p->lifetime;
2024 if (p->lifetime_jitter)
2026 // This is not much better than rand(3), which Coverity warns
2027 // is unsuitable for security applications; random_u32 is
2028 // however fast. If this perturbance to the expiration time
2029 // needs to use a better RNG then we may need to use something
2030 // like /dev/urandom which has significant overhead.
2031 u32 rnd = (u32) (vlib_time_now (vm) * 1e6);
2032 rnd = random_u32 (&rnd);
2034 child->time_to_expiration += 1 + (rnd % p->lifetime_jitter);
2038 if (thread_index & 0xffffffc0)
2039 ikev2_elog_error ("error: thread index exceeds max range 0x3f!");
2041 if (child_index & 0xfffff000 || sa_index & 0xfffff000)
2042 ikev2_elog_error ("error: sa/child index exceeds max range 0xfff!");
2044 child->local_sa_id =
2046 ikev2_mk_local_sa_id (sa_index, child_index, thread_index);
2048 u32 remote_sa_id = ikev2_mk_remote_sa_id (sa_index, child_index,
2053 /* create a new remote SA ID to keep the old SA for a bit longer
2054 * so the peer has some time to swap their SAs */
2056 /* use most significat bit of child index part in id */
2058 if (sa->current_remote_id_mask)
2060 sa->old_remote_id = a.old_remote_sa_id = remote_sa_id | mask;
2061 sa->current_remote_id_mask = 0;
2065 sa->old_remote_id = a.old_remote_sa_id = remote_sa_id;
2066 sa->current_remote_id_mask = mask;
2067 remote_sa_id |= mask;
2069 sa->old_id_expiration = 3.0;
2070 sa->old_remote_id_present = 1;
2073 child->remote_sa_id = a.remote_sa_id = remote_sa_id;
2075 a.sw_if_index = (sa->is_tun_itf_set ? sa->tun_itf : ~0);
2076 a.ipsec_over_udp_port = sa->ipsec_over_udp_port;
2078 vl_api_rpc_call_main_thread (ikev2_add_tunnel_from_main,
2079 (u8 *) & a, sizeof (a));
2085 ip46_address_t local_ip;
2086 ip46_address_t remote_ip;
2090 } ikev2_del_ipsec_tunnel_args_t;
2092 static_always_inline u32
2093 ikev2_flip_alternate_sa_bit (u32 id)
2102 ikev2_del_tunnel_from_main (ikev2_del_ipsec_tunnel_args_t * a)
2104 ikev2_main_t *km = &ikev2_main;
2105 ipip_tunnel_t *ipip = NULL;
2108 if (~0 == a->sw_if_index)
2111 ipip_tunnel_key_t key = {
2113 .dst = a->remote_ip,
2114 .transport = IPIP_TRANSPORT_IP4,
2119 ipip = ipip_tunnel_db_find (&key);
2123 sw_if_index = ipip->sw_if_index;
2124 hash_unset (km->sw_if_indices, ipip->sw_if_index);
2131 sw_if_index = a->sw_if_index;
2132 vnet_sw_interface_admin_down (vnet_get_main (), sw_if_index);
2135 if (~0 != sw_if_index)
2136 ipsec_tun_protect_del (sw_if_index, NULL);
2138 ipsec_sa_unlock_id (a->remote_sa_id);
2139 ipsec_sa_unlock_id (a->local_sa_id);
2140 ipsec_sa_unlock_id (ikev2_flip_alternate_sa_bit (a->remote_sa_id));
2143 ipip_del_tunnel (ipip->sw_if_index);
2147 ikev2_delete_tunnel_interface (vnet_main_t * vnm, ikev2_sa_t * sa,
2148 ikev2_child_sa_t * child)
2150 ikev2_del_ipsec_tunnel_args_t a;
2152 clib_memset (&a, 0, sizeof (a));
2154 if (sa->is_initiator)
2156 ip46_address_set_ip4 (&a.local_ip, &sa->iaddr);
2157 ip46_address_set_ip4 (&a.remote_ip, &sa->raddr);
2161 ip46_address_set_ip4 (&a.local_ip, &sa->raddr);
2162 ip46_address_set_ip4 (&a.remote_ip, &sa->iaddr);
2165 a.remote_sa_id = child->remote_sa_id;
2166 a.local_sa_id = child->local_sa_id;
2167 a.sw_if_index = (sa->is_tun_itf_set ? sa->tun_itf : ~0);
2169 vl_api_rpc_call_main_thread (ikev2_del_tunnel_from_main, (u8 *) & a,
2175 ikev2_generate_message (vlib_buffer_t * b, ikev2_sa_t * sa,
2176 ike_header_t * ike, void *user, udp_header_t * udp)
2178 ikev2_main_t *km = &ikev2_main;
2179 u16 buffer_data_size = vlib_buffer_get_default_data_size (km->vlib_main);
2181 ike_payload_header_t *ph;
2185 ikev2_sa_transform_t *tr_encr, *tr_integ;
2187 ikev2_sa_get_td_for_type (sa->r_proposals, IKEV2_TRANSFORM_TYPE_ENCR);
2189 ikev2_sa_get_td_for_type (sa->r_proposals, IKEV2_TRANSFORM_TYPE_INTEG);
2191 ikev2_payload_chain_t *chain = 0;
2192 ikev2_payload_new_chain (chain);
2194 if (ike->exchange == IKEV2_EXCHANGE_SA_INIT)
2196 if (sa->r_proposals == 0)
2198 ikev2_payload_add_notify (chain,
2199 IKEV2_NOTIFY_MSG_NO_PROPOSAL_CHOSEN, 0);
2200 ikev2_set_state (sa, IKEV2_STATE_NOTIFY_AND_DELETE);
2202 else if (sa->dh_group == IKEV2_TRANSFORM_DH_TYPE_NONE)
2204 u8 *data = vec_new (u8, 2);
2205 ikev2_sa_transform_t *tr_dh;
2207 ikev2_sa_get_td_for_type (sa->r_proposals,
2208 IKEV2_TRANSFORM_TYPE_DH);
2209 ASSERT (tr_dh && tr_dh->dh_type);
2211 data[0] = (tr_dh->dh_type >> 8) & 0xff;
2212 data[1] = (tr_dh->dh_type) & 0xff;
2214 ikev2_payload_add_notify (chain,
2215 IKEV2_NOTIFY_MSG_INVALID_KE_PAYLOAD,
2218 ikev2_set_state (sa, IKEV2_STATE_NOTIFY_AND_DELETE);
2220 else if (sa->state == IKEV2_STATE_NOTIFY_AND_DELETE)
2222 u8 *data = vec_new (u8, 1);
2224 data[0] = sa->unsupported_cp;
2225 ikev2_payload_add_notify (chain,
2226 IKEV2_NOTIFY_MSG_UNSUPPORTED_CRITICAL_PAYLOAD,
2234 ike->rspi = clib_host_to_net_u64 (sa->rspi);
2235 ikev2_payload_add_sa (chain, sa->r_proposals);
2236 ikev2_payload_add_ke (chain, sa->dh_group, sa->r_dh_data);
2237 ikev2_payload_add_nonce (chain, sa->r_nonce);
2239 u8 *nat_detection_sha1 =
2240 ikev2_compute_nat_sha1 (clib_host_to_net_u64 (sa->ispi),
2241 clib_host_to_net_u64 (sa->rspi),
2244 ikev2_payload_add_notify (chain,
2245 IKEV2_NOTIFY_MSG_NAT_DETECTION_SOURCE_IP,
2246 nat_detection_sha1);
2247 vec_free (nat_detection_sha1);
2248 nat_detection_sha1 =
2249 ikev2_compute_nat_sha1 (clib_host_to_net_u64 (sa->ispi),
2250 clib_host_to_net_u64 (sa->rspi),
2251 sa->iaddr.as_u32, udp->src_port);
2252 ikev2_payload_add_notify (chain,
2253 IKEV2_NOTIFY_MSG_NAT_DETECTION_DESTINATION_IP,
2254 nat_detection_sha1);
2255 vec_free (nat_detection_sha1);
2258 else if (ike->exchange == IKEV2_EXCHANGE_IKE_AUTH)
2260 if (sa->state == IKEV2_STATE_AUTHENTICATED)
2262 ikev2_payload_add_id (chain, &sa->r_id, IKEV2_PAYLOAD_IDR);
2263 ikev2_payload_add_id (chain, &sa->i_id, IKEV2_PAYLOAD_IDI);
2264 ikev2_payload_add_auth (chain, &sa->r_auth);
2265 ikev2_payload_add_sa (chain, sa->childs[0].r_proposals);
2266 ikev2_payload_add_ts (chain, sa->childs[0].tsi, IKEV2_PAYLOAD_TSI);
2267 ikev2_payload_add_ts (chain, sa->childs[0].tsr, IKEV2_PAYLOAD_TSR);
2269 else if (sa->state == IKEV2_STATE_AUTH_FAILED)
2271 ikev2_payload_add_notify (chain,
2272 IKEV2_NOTIFY_MSG_AUTHENTICATION_FAILED,
2274 ikev2_set_state (sa, IKEV2_STATE_NOTIFY_AND_DELETE);
2276 else if (sa->state == IKEV2_STATE_TS_UNACCEPTABLE)
2278 ikev2_payload_add_notify (chain, IKEV2_NOTIFY_MSG_TS_UNACCEPTABLE,
2280 ikev2_payload_add_id (chain, &sa->r_id, IKEV2_PAYLOAD_IDR);
2281 ikev2_payload_add_auth (chain, &sa->r_auth);
2283 else if (sa->state == IKEV2_STATE_NO_PROPOSAL_CHOSEN)
2285 ikev2_payload_add_notify (chain,
2286 IKEV2_NOTIFY_MSG_NO_PROPOSAL_CHOSEN, 0);
2287 ikev2_payload_add_id (chain, &sa->r_id, IKEV2_PAYLOAD_IDR);
2288 ikev2_payload_add_auth (chain, &sa->r_auth);
2289 ikev2_payload_add_ts (chain, sa->childs[0].tsi, IKEV2_PAYLOAD_TSI);
2290 ikev2_payload_add_ts (chain, sa->childs[0].tsr, IKEV2_PAYLOAD_TSR);
2292 else if (sa->state == IKEV2_STATE_NOTIFY_AND_DELETE)
2294 u8 *data = vec_new (u8, 1);
2296 data[0] = sa->unsupported_cp;
2297 ikev2_payload_add_notify (chain,
2298 IKEV2_NOTIFY_MSG_UNSUPPORTED_CRITICAL_PAYLOAD,
2302 else if (sa->state == IKEV2_STATE_SA_INIT)
2304 ikev2_payload_add_id (chain, &sa->i_id, IKEV2_PAYLOAD_IDI);
2305 ikev2_payload_add_id (chain, &sa->r_id, IKEV2_PAYLOAD_IDR);
2306 ikev2_payload_add_auth (chain, &sa->i_auth);
2307 ikev2_payload_add_sa (chain, sa->childs[0].i_proposals);
2308 ikev2_payload_add_ts (chain, sa->childs[0].tsi, IKEV2_PAYLOAD_TSI);
2309 ikev2_payload_add_ts (chain, sa->childs[0].tsr, IKEV2_PAYLOAD_TSR);
2310 ikev2_payload_add_notify (chain, IKEV2_NOTIFY_MSG_INITIAL_CONTACT,
2315 ikev2_set_state (sa, IKEV2_STATE_DELETED);
2319 else if (ike->exchange == IKEV2_EXCHANGE_INFORMATIONAL)
2321 /* if pending delete */
2324 if (sa->del[0].protocol_id == IKEV2_PROTOCOL_IKE)
2326 if (sa->is_initiator)
2327 ikev2_payload_add_delete (chain, sa->del);
2329 /* The response to a request that deletes the IKE SA is an empty
2330 INFORMATIONAL response. */
2331 ikev2_set_state (sa, IKEV2_STATE_NOTIFY_AND_DELETE);
2333 /* The response to a request that deletes ESP or AH SAs will contain
2334 delete payloads for the paired SAs going in the other direction. */
2337 ikev2_payload_add_delete (chain, sa->del);
2342 /* received N(AUTHENTICATION_FAILED) */
2343 else if (sa->state == IKEV2_STATE_AUTH_FAILED)
2345 ikev2_set_state (sa, IKEV2_STATE_DELETED);
2348 /* received unsupported critical payload */
2349 else if (sa->unsupported_cp)
2351 u8 *data = vec_new (u8, 1);
2353 data[0] = sa->unsupported_cp;
2354 ikev2_payload_add_notify (chain,
2355 IKEV2_NOTIFY_MSG_UNSUPPORTED_CRITICAL_PAYLOAD,
2358 sa->unsupported_cp = 0;
2360 /* else send empty response */
2362 else if (ike->exchange == IKEV2_EXCHANGE_CREATE_CHILD_SA)
2364 if (sa->is_initiator)
2367 ikev2_sa_proposal_t *proposals = (ikev2_sa_proposal_t *) user;
2368 ikev2_notify_t notify;
2369 u8 *data = vec_new (u8, 4);
2370 clib_memset (¬ify, 0, sizeof (notify));
2371 notify.protocol_id = IKEV2_PROTOCOL_ESP;
2372 notify.spi = sa->childs[0].i_proposals->spi;
2373 *(u32 *) data = clib_host_to_net_u32 (notify.spi);
2375 ikev2_payload_add_sa (chain, proposals);
2376 ikev2_payload_add_nonce (chain, sa->i_nonce);
2377 ikev2_payload_add_ts (chain, sa->childs[0].tsi, IKEV2_PAYLOAD_TSI);
2378 ikev2_payload_add_ts (chain, sa->childs[0].tsr, IKEV2_PAYLOAD_TSR);
2379 ikev2_payload_add_notify_2 (chain, IKEV2_NOTIFY_MSG_REKEY_SA, data,
2386 if (vec_len (sa->rekey) > 0)
2388 ikev2_payload_add_sa (chain, sa->rekey[0].r_proposal);
2389 ikev2_payload_add_nonce (chain, sa->r_nonce);
2390 ikev2_payload_add_ts (chain, sa->rekey[0].tsi,
2392 ikev2_payload_add_ts (chain, sa->rekey[0].tsr,
2394 vec_del1 (sa->rekey, 0);
2396 else if (sa->unsupported_cp)
2398 u8 *data = vec_new (u8, 1);
2400 data[0] = sa->unsupported_cp;
2401 ikev2_payload_add_notify (chain,
2402 IKEV2_NOTIFY_MSG_UNSUPPORTED_CRITICAL_PAYLOAD,
2405 sa->unsupported_cp = 0;
2409 ikev2_payload_add_notify (chain,
2410 IKEV2_NOTIFY_MSG_NO_ADDITIONAL_SAS,
2417 ike->version = IKE_VERSION_2;
2418 ike->nextpayload = IKEV2_PAYLOAD_SK;
2419 tlen = sizeof (*ike);
2420 if (sa->is_initiator)
2422 ike->flags = IKEV2_HDR_FLAG_INITIATOR;
2423 sa->last_init_msg_id = clib_net_to_host_u32 (ike->msgid);
2427 ike->flags = IKEV2_HDR_FLAG_RESPONSE;
2431 if (ike->exchange == IKEV2_EXCHANGE_SA_INIT)
2433 tlen += vec_len (chain->data);
2434 ike->nextpayload = chain->first_payload_type;
2435 ike->length = clib_host_to_net_u32 (tlen);
2437 if (tlen + b->current_length + b->current_data > buffer_data_size)
2443 clib_memcpy_fast (ike->payload, chain->data, vec_len (chain->data));
2445 /* store whole IKE payload - needed for PSK auth */
2446 vec_reset_length (sa->last_sa_init_res_packet_data);
2447 vec_add (sa->last_sa_init_res_packet_data, ike, tlen);
2451 ikev2_main_per_thread_data_t *ptd = ikev2_get_per_thread_data ();
2452 ikev2_payload_chain_add_padding (chain, tr_encr->block_size);
2455 plen = sizeof (*ph);
2456 ph = (ike_payload_header_t *) & ike->payload[0];
2457 ph->nextpayload = chain->first_payload_type;
2460 tr_encr->encr_type == IKEV2_TRANSFORM_ENCR_TYPE_AES_GCM_16;
2461 int iv_len = is_aead ? IKEV2_GCM_IV_SIZE : tr_encr->block_size;
2462 plen += vec_len (chain->data) + iv_len;
2464 /* add space for hmac/tag */
2466 plen += tr_integ->key_trunc;
2468 plen += IKEV2_GCM_ICV_SIZE;
2471 if (tlen + b->current_length + b->current_data > buffer_data_size)
2477 /* payload and total length */
2478 ph->length = clib_host_to_net_u16 (plen);
2479 ike->length = clib_host_to_net_u32 (tlen);
2483 if (!ikev2_encrypt_aead_data (ptd, sa, tr_encr, chain->data,
2484 ph->payload, (u8 *) ike,
2485 sizeof (*ike) + sizeof (*ph),
2486 ph->payload + plen - sizeof (*ph) -
2487 IKEV2_GCM_ICV_SIZE))
2495 if (!ikev2_encrypt_data
2496 (ptd, sa, tr_encr, chain->data, ph->payload))
2502 ikev2_calc_integr (tr_integ,
2503 sa->is_initiator ? sa->sk_ai : sa->sk_ar,
2504 (u8 *) ike, tlen - tr_integ->key_trunc);
2505 clib_memcpy_fast (ike->payload + tlen - tr_integ->key_trunc -
2506 sizeof (*ike), integ, tr_integ->key_trunc);
2509 /* store whole IKE payload - needed for retransmit */
2510 vec_reset_length (sa->last_res_packet_data);
2511 vec_add (sa->last_res_packet_data, ike, tlen);
2515 ikev2_payload_destroy_chain (chain);
2521 ikev2_retransmit_sa_init (ike_header_t * ike, ip4_address_t iaddr,
2522 ip4_address_t raddr, u32 rlen)
2524 ikev2_main_t *km = &ikev2_main;
2526 u32 thread_index = vlib_get_thread_index ();
2529 pool_foreach (sa, km->per_thread_data[thread_index].sas, ({
2530 if (sa->ispi == clib_net_to_host_u64(ike->ispi) &&
2531 sa->iaddr.as_u32 == iaddr.as_u32 &&
2532 sa->raddr.as_u32 == raddr.as_u32)
2535 u8 payload = ike->nextpayload;
2537 while (p < rlen && payload!= IKEV2_PAYLOAD_NONE) {
2538 ike_payload_header_t * ikep = (ike_payload_header_t *) &ike->payload[p];
2539 u32 plen = clib_net_to_host_u16 (ikep->length);
2540 if (plen > p + sizeof (*ike))
2543 if (plen < sizeof(ike_payload_header_t))
2546 if (payload == IKEV2_PAYLOAD_NONCE)
2548 if (!clib_memcmp(sa->i_nonce, ikep->payload,
2549 plen - sizeof(*ikep)))
2551 /* req is retransmit */
2552 if (sa->state == IKEV2_STATE_SA_INIT)
2554 ike_header_t * tmp = (ike_header_t*)sa->last_sa_init_res_packet_data;
2555 u32 slen = clib_net_to_host_u32(tmp->length);
2556 ike->ispi = tmp->ispi;
2557 ike->rspi = tmp->rspi;
2558 ike->nextpayload = tmp->nextpayload;
2559 ike->version = tmp->version;
2560 ike->exchange = tmp->exchange;
2561 ike->flags = tmp->flags;
2562 ike->msgid = tmp->msgid;
2563 ike->length = tmp->length;
2564 clib_memcpy_fast(ike->payload, tmp->payload, slen - sizeof(*ike));
2565 ikev2_elog_uint_peers (IKEV2_LOG_DEBUG,
2566 "ispi %lx IKE_SA_INIT retransmit "
2567 "from %d.%d.%d.%d to %d.%d.%d.%d",
2569 raddr.as_u32, iaddr.as_u32);
2572 /* else ignore req */
2575 ikev2_elog_uint_peers (IKEV2_LOG_DEBUG,
2576 "ispi %lx IKE_SA_INIT ignore "
2577 "from %d.%d.%d.%d to %d.%d.%d.%d",
2579 raddr.as_u32, iaddr.as_u32);
2584 payload = ikep->nextpayload;
2591 /* req is not retransmit */
2596 ikev2_retransmit_resp (ikev2_sa_t * sa, ike_header_t * ike)
2598 u32 msg_id = clib_net_to_host_u32 (ike->msgid);
2601 if (msg_id > sa->last_msg_id)
2603 sa->last_msg_id = msg_id;
2607 /* retransmitted req */
2608 if (msg_id == sa->last_msg_id)
2610 ike_header_t *tmp = (ike_header_t *) sa->last_res_packet_data;
2611 u32 slen = clib_net_to_host_u32 (tmp->length);
2612 ike->ispi = tmp->ispi;
2613 ike->rspi = tmp->rspi;
2614 ike->nextpayload = tmp->nextpayload;
2615 ike->version = tmp->version;
2616 ike->exchange = tmp->exchange;
2617 ike->flags = tmp->flags;
2618 ike->msgid = tmp->msgid;
2619 ike->length = tmp->length;
2620 clib_memcpy_fast (ike->payload, tmp->payload, slen - sizeof (*ike));
2621 ikev2_elog_uint_peers (IKEV2_LOG_DEBUG, "IKE retransmit msgid %d",
2622 msg_id, sa->raddr.as_u32, sa->iaddr.as_u32);
2626 /* old req ignore */
2627 ikev2_elog_uint_peers (IKEV2_LOG_DEBUG, "IKE req ignore msgid %d",
2628 msg_id, sa->raddr.as_u32, sa->iaddr.as_u32);
2633 ikev2_init_sa (vlib_main_t * vm, ikev2_sa_t * sa)
2635 ikev2_main_t *km = &ikev2_main;
2636 sa->liveness_period_check = vlib_time_now (vm) + km->liveness_period;
2637 sa->profile_index = ~0;
2641 ikev2_del_sa_init_from_main (u64 * ispi)
2643 ikev2_main_t *km = &ikev2_main;
2644 uword *p = hash_get (km->sa_by_ispi, *ispi);
2647 ikev2_sa_t *sai = pool_elt_at_index (km->sais, p[0]);
2648 hash_unset (km->sa_by_ispi, sai->ispi);
2649 ikev2_sa_free_all_vec (sai);
2650 pool_put (km->sais, sai);
2655 ikev2_del_sa_init (u64 ispi)
2657 vl_api_rpc_call_main_thread (ikev2_del_sa_init_from_main, (u8 *) & ispi,
2662 ikev2_node_fn (vlib_main_t * vm,
2663 vlib_node_runtime_t * node, vlib_frame_t * frame)
2665 u32 n_left_from, *from, *to_next;
2666 ikev2_next_t next_index;
2667 ikev2_main_t *km = &ikev2_main;
2668 u32 thread_index = vlib_get_thread_index ();
2671 from = vlib_frame_vector_args (frame);
2672 n_left_from = frame->n_vectors;
2673 next_index = node->cached_next_index;
2675 while (n_left_from > 0)
2679 vlib_get_next_frame (vm, node, next_index, to_next, n_left_to_next);
2681 while (n_left_from > 0 && n_left_to_next > 0)
2685 u32 next0 = IKEV2_NEXT_ERROR_DROP;
2689 ikev2_sa_t *sa0 = 0;
2690 ikev2_sa_t sa; /* temporary store for SA */
2692 int is_req = 0, has_non_esp_marker = 0;
2694 /* speculatively enqueue b0 to the current next frame */
2700 n_left_to_next -= 1;
2702 b0 = vlib_get_buffer (vm, bi0);
2704 if (b0->punt_reason == ipsec_punt_reason[IPSEC_PUNT_IP4_SPI_UDP_0])
2706 u8 *ptr = vlib_buffer_get_current (b0);
2707 ip40 = (ip4_header_t *) ptr;
2708 ptr += sizeof (*ip40);
2709 udp0 = (udp_header_t *) ptr;
2710 ptr += sizeof (*udp0);
2711 ike0 = (ike_header_t *) ptr;
2715 ike0 = vlib_buffer_get_current (b0);
2716 vlib_buffer_advance (b0, -sizeof (*udp0));
2717 udp0 = vlib_buffer_get_current (b0);
2718 vlib_buffer_advance (b0, -sizeof (*ip40));
2719 ip40 = vlib_buffer_get_current (b0);
2722 rlen = b0->current_length - sizeof (*ip40) - sizeof (*udp0);
2724 /* check for non-esp marker */
2725 if (*((u32 *) ike0) == 0)
2728 (ike_header_t *) ((u8 *) ike0 +
2729 sizeof (ikev2_non_esp_marker));
2730 rlen -= sizeof (ikev2_non_esp_marker);
2731 has_non_esp_marker = 1;
2734 if (clib_net_to_host_u32 (ike0->length) != rlen)
2736 vlib_node_increment_counter (vm, ikev2_node.index,
2737 IKEV2_ERROR_BAD_LENGTH, 1);
2741 if (ike0->version != IKE_VERSION_2)
2743 vlib_node_increment_counter (vm, ikev2_node.index,
2744 IKEV2_ERROR_NOT_IKEV2, 1);
2748 if (ike0->exchange == IKEV2_EXCHANGE_SA_INIT)
2751 clib_memset (sa0, 0, sizeof (*sa0));
2753 if (ike0->flags & IKEV2_HDR_FLAG_INITIATOR)
2755 if (ike0->rspi == 0)
2757 sa0->raddr.as_u32 = ip40->dst_address.as_u32;
2758 sa0->iaddr.as_u32 = ip40->src_address.as_u32;
2759 sa0->dst_port = clib_net_to_host_u16 (udp0->src_port);
2762 ikev2_retransmit_sa_init (ike0, sa0->iaddr,
2766 vlib_node_increment_counter (vm, ikev2_node.index,
2769 IKEV2_ERROR_IKE_SA_INIT_IGNORE
2771 IKEV2_ERROR_IKE_SA_INIT_RETRANSMIT,
2776 res = ikev2_process_sa_init_req (vm, sa0,
2779 vlib_node_increment_counter (vm, ikev2_node.index,
2780 IKEV2_ERROR_MALFORMED_PACKET,
2783 if (sa0->state == IKEV2_STATE_SA_INIT)
2785 ikev2_sa_free_proposal_vector (&sa0->r_proposals);
2787 ikev2_select_proposal (sa0->i_proposals,
2788 IKEV2_PROTOCOL_IKE);
2789 ikev2_generate_sa_init_data (sa0);
2792 if (sa0->state == IKEV2_STATE_SA_INIT
2793 || sa0->state == IKEV2_STATE_NOTIFY_AND_DELETE)
2796 ikev2_generate_message (b0, sa0, ike0, 0, udp0);
2798 vlib_node_increment_counter (vm, ikev2_node.index,
2799 IKEV2_ERROR_NO_BUFF_SPACE,
2803 if (sa0->state == IKEV2_STATE_SA_INIT)
2805 /* add SA to the pool */
2806 pool_get (km->per_thread_data[thread_index].sas,
2808 clib_memcpy_fast (sa0, &sa, sizeof (*sa0));
2809 ikev2_init_sa (vm, sa0);
2811 per_thread_data[thread_index].sa_by_rspi,
2814 km->per_thread_data[thread_index].sas);
2818 ikev2_sa_free_all_vec (sa0);
2822 else //received sa_init without initiator flag
2824 sa0->raddr.as_u32 = ip40->src_address.as_u32;
2825 sa0->iaddr.as_u32 = ip40->dst_address.as_u32;
2826 ikev2_process_sa_init_resp (vm, sa0, ike0, udp0, rlen);
2828 if (sa0->state == IKEV2_STATE_SA_INIT)
2831 ike0->exchange = IKEV2_EXCHANGE_IKE_AUTH;
2832 uword *p = hash_get (km->sa_by_ispi, sa0->ispi);
2836 pool_elt_at_index (km->sais, p[0]);
2838 if (clib_atomic_bool_cmp_and_swap
2839 (&sai->init_response_received, 0, 1))
2841 ikev2_complete_sa_data (sa0, sai);
2842 ikev2_calc_keys (sa0);
2843 ikev2_sa_auth_init (sa0);
2845 ikev2_generate_message (b0, sa0, ike0, 0,
2848 vlib_node_increment_counter (vm,
2850 IKEV2_ERROR_NO_BUFF_SPACE,
2855 /* we've already processed sa-init response */
2856 sa0->state = IKEV2_STATE_UNKNOWN;
2861 if (sa0->state == IKEV2_STATE_SA_INIT)
2863 /* add SA to the pool */
2864 pool_get (km->per_thread_data[thread_index].sas, sa0);
2865 clib_memcpy_fast (sa0, &sa, sizeof (*sa0));
2866 hash_set (km->per_thread_data[thread_index].sa_by_rspi,
2868 sa0 - km->per_thread_data[thread_index].sas);
2872 ikev2_sa_free_all_vec (sa0);
2876 else if (ike0->exchange == IKEV2_EXCHANGE_IKE_AUTH)
2879 p = hash_get (km->per_thread_data[thread_index].sa_by_rspi,
2880 clib_net_to_host_u64 (ike0->rspi));
2884 pool_elt_at_index (km->per_thread_data[thread_index].sas,
2887 slen = ikev2_retransmit_resp (sa0, ike0);
2890 vlib_node_increment_counter (vm, ikev2_node.index,
2893 IKEV2_ERROR_IKE_REQ_IGNORE
2895 IKEV2_ERROR_IKE_REQ_RETRANSMIT,
2900 sa0->dst_port = clib_net_to_host_u16 (udp0->src_port);
2901 res = ikev2_process_auth_req (vm, sa0, ike0, rlen);
2903 ikev2_sa_auth (sa0);
2905 vlib_node_increment_counter (vm, ikev2_node.index,
2906 IKEV2_ERROR_MALFORMED_PACKET,
2908 if (sa0->state == IKEV2_STATE_AUTHENTICATED)
2910 ikev2_initial_contact_cleanup (sa0);
2911 ikev2_sa_match_ts (sa0);
2912 if (sa0->state != IKEV2_STATE_TS_UNACCEPTABLE)
2913 ikev2_create_tunnel_interface (vm, thread_index, sa0,
2918 if (sa0->is_initiator)
2920 ikev2_del_sa_init (sa0->ispi);
2924 slen = ikev2_generate_message (b0, sa0, ike0, 0, udp0);
2926 vlib_node_increment_counter (vm, ikev2_node.index,
2927 IKEV2_ERROR_NO_BUFF_SPACE,
2932 else if (ike0->exchange == IKEV2_EXCHANGE_INFORMATIONAL)
2935 p = hash_get (km->per_thread_data[thread_index].sa_by_rspi,
2936 clib_net_to_host_u64 (ike0->rspi));
2940 pool_elt_at_index (km->per_thread_data[thread_index].sas,
2943 slen = ikev2_retransmit_resp (sa0, ike0);
2946 vlib_node_increment_counter (vm, ikev2_node.index,
2949 IKEV2_ERROR_IKE_REQ_IGNORE
2951 IKEV2_ERROR_IKE_REQ_RETRANSMIT,
2956 res = ikev2_process_informational_req (vm, sa0, ike0, rlen);
2959 vlib_node_increment_counter (vm, ikev2_node.index,
2960 IKEV2_ERROR_MALFORMED_PACKET,
2968 if (sa0->del[0].protocol_id != IKEV2_PROTOCOL_IKE)
2970 ikev2_delete_t *d, *tmp, *resp = 0;
2971 vec_foreach (d, sa0->del)
2973 ikev2_child_sa_t *ch_sa;
2974 ch_sa = ikev2_sa_get_child (sa0, d->spi,
2976 !sa0->is_initiator);
2979 ikev2_delete_tunnel_interface (km->vnet_main,
2981 if (!sa0->is_initiator)
2983 vec_add2 (resp, tmp, 1);
2984 tmp->protocol_id = d->protocol_id;
2985 tmp->spi = ch_sa->r_proposals[0].spi;
2987 ikev2_sa_del_child_sa (sa0, ch_sa);
2990 if (!sa0->is_initiator)
2992 vec_free (sa0->del);
2997 if (!(ike0->flags & IKEV2_HDR_FLAG_RESPONSE))
2999 ike0->flags |= IKEV2_HDR_FLAG_RESPONSE;
3000 slen = ikev2_generate_message (b0, sa0, ike0, 0, udp0);
3002 vlib_node_increment_counter (vm, ikev2_node.index,
3003 IKEV2_ERROR_NO_BUFF_SPACE,
3008 else if (ike0->exchange == IKEV2_EXCHANGE_CREATE_CHILD_SA)
3011 p = hash_get (km->per_thread_data[thread_index].sa_by_rspi,
3012 clib_net_to_host_u64 (ike0->rspi));
3016 pool_elt_at_index (km->per_thread_data[thread_index].sas,
3019 slen = ikev2_retransmit_resp (sa0, ike0);
3022 vlib_node_increment_counter (vm, ikev2_node.index,
3025 IKEV2_ERROR_IKE_REQ_IGNORE
3027 IKEV2_ERROR_IKE_REQ_RETRANSMIT,
3032 res = ikev2_process_create_child_sa_req (vm, sa0,
3036 vlib_node_increment_counter (vm, ikev2_node.index,
3037 IKEV2_ERROR_MALFORMED_PACKET,
3045 if (sa0->rekey[0].protocol_id != IKEV2_PROTOCOL_IKE)
3048 ikev2_sa_free_all_child_sa (&sa0->childs);
3049 ikev2_child_sa_t *child;
3050 vec_add2 (sa0->childs, child, 1);
3051 clib_memset (child, 0, sizeof (*child));
3052 child->r_proposals = sa0->rekey[0].r_proposal;
3053 child->i_proposals = sa0->rekey[0].i_proposal;
3054 child->tsi = sa0->rekey[0].tsi;
3055 child->tsr = sa0->rekey[0].tsr;
3056 ikev2_create_tunnel_interface (vm, thread_index,
3058 child - sa0->childs,
3061 if (sa0->is_initiator)
3063 vec_free (sa0->rekey);
3068 ikev2_generate_message (b0, sa0, ike0, 0, udp0);
3070 vlib_node_increment_counter (vm, ikev2_node.index,
3071 IKEV2_ERROR_NO_BUFF_SPACE,
3079 ikev2_elog_uint_peers (IKEV2_LOG_WARNING, "IKEv2 exchange %d "
3080 "received from %d.%d.%d.%d to %d.%d.%d.%d",
3082 ip40->src_address.as_u32,
3083 ip40->dst_address.as_u32);
3087 /* if we are sending packet back, rewrite headers */
3088 if (slen && ~0 != slen)
3090 next0 = IKEV2_NEXT_IP4_LOOKUP;
3091 if (sa0->is_initiator)
3093 ip40->dst_address.as_u32 = sa0->raddr.as_u32;
3094 ip40->src_address.as_u32 = sa0->iaddr.as_u32;
3098 ip40->dst_address.as_u32 = sa0->iaddr.as_u32;
3099 ip40->src_address.as_u32 = sa0->raddr.as_u32;
3104 udp0->dst_port = udp0->src_port =
3105 clib_net_to_host_u16 (ikev2_get_port (sa0));
3107 if (udp0->dst_port == clib_net_to_host_u16 (IKEV2_PORT_NATT)
3110 if (!has_non_esp_marker)
3111 slen = ikev2_insert_non_esp_marker (ike0, slen);
3116 if (has_non_esp_marker)
3117 slen += sizeof (ikev2_non_esp_marker);
3119 u16 tp = udp0->dst_port;
3120 udp0->dst_port = udp0->src_port;
3121 udp0->src_port = tp;
3125 clib_host_to_net_u16 (slen + sizeof (udp_header_t));
3127 b0->current_length =
3128 slen + sizeof (ip4_header_t) + sizeof (udp_header_t);
3129 ip40->length = clib_host_to_net_u16 (b0->current_length);
3130 ip40->checksum = ip4_header_checksum (ip40);
3133 if (sa0 && (sa0->state == IKEV2_STATE_DELETED ||
3134 sa0->state == IKEV2_STATE_NOTIFY_AND_DELETE))
3136 ikev2_child_sa_t *c;
3138 vec_foreach (c, sa0->childs)
3139 ikev2_delete_tunnel_interface (km->vnet_main, sa0, c);
3141 ikev2_delete_sa (sa0);
3143 if (PREDICT_FALSE ((node->flags & VLIB_NODE_FLAG_TRACE)
3144 && (b0->flags & VLIB_BUFFER_IS_TRACED)))
3147 ikev2_trace_t *t = vlib_add_trace (vm, node, b0, sizeof (*t));
3148 t->sw_if_index = vnet_buffer (b0)->sw_if_index[VLIB_RX];
3149 t->next_index = next0;
3152 vlib_validate_buffer_enqueue_x1 (vm, node, next_index, to_next,
3153 n_left_to_next, bi0, next0);
3156 vlib_put_next_frame (vm, node, next_index, n_left_to_next);
3159 vlib_node_increment_counter (vm, ikev2_node.index,
3160 IKEV2_ERROR_PROCESSED, frame->n_vectors);
3161 return frame->n_vectors;
3165 VLIB_REGISTER_NODE (ikev2_node,static) = {
3166 .function = ikev2_node_fn,
3168 .vector_size = sizeof (u32),
3169 .format_trace = format_ikev2_trace,
3170 .type = VLIB_NODE_TYPE_INTERNAL,
3172 .n_errors = ARRAY_LEN(ikev2_error_strings),
3173 .error_strings = ikev2_error_strings,
3175 .n_next_nodes = IKEV2_N_NEXT,
3178 [IKEV2_NEXT_IP4_LOOKUP] = "ip4-lookup",
3179 [IKEV2_NEXT_ERROR_DROP] = "error-drop",
3184 // set ikev2 proposals when vpp is used as initiator
3185 static clib_error_t *
3186 ikev2_set_initiator_proposals (vlib_main_t * vm, ikev2_sa_t * sa,
3187 ikev2_transforms_set * ts,
3188 ikev2_sa_proposal_t ** proposals, int is_ike)
3191 ikev2_main_t *km = &ikev2_main;
3192 ikev2_sa_proposal_t *proposal;
3193 vec_add2 (*proposals, proposal, 1);
3194 ikev2_sa_transform_t *td;
3199 vec_foreach (td, km->supported_transforms)
3201 if (td->type == IKEV2_TRANSFORM_TYPE_ENCR
3202 && td->encr_type == ts->crypto_alg
3203 && td->key_len == ts->crypto_key_size / 8)
3206 attr[0] = clib_host_to_net_u16 (14 | (1 << 15));
3207 attr[1] = clib_host_to_net_u16 (td->key_len << 3);
3208 vec_add (td->attrs, (u8 *) attr, 4);
3209 vec_add1 (proposal->transforms, *td);
3218 r = clib_error_return (0, "Unsupported algorithm");
3222 if (IKEV2_TRANSFORM_INTEG_TYPE_NONE != ts->integ_alg)
3226 vec_foreach (td, km->supported_transforms)
3228 if (td->type == IKEV2_TRANSFORM_TYPE_INTEG
3229 && td->integ_type == ts->integ_alg)
3231 vec_add1 (proposal->transforms, *td);
3239 ("Didn't find any supported algorithm for IKEV2_TRANSFORM_TYPE_INTEG");
3240 r = clib_error_return (0, "Unsupported algorithm");
3249 vec_foreach (td, km->supported_transforms)
3251 if (td->type == IKEV2_TRANSFORM_TYPE_PRF
3252 && td->prf_type == IKEV2_TRANSFORM_PRF_TYPE_PRF_HMAC_SHA2_256)
3254 vec_add1 (proposal->transforms, *td);
3261 r = clib_error_return (0, "Unsupported algorithm");
3270 vec_foreach (td, km->supported_transforms)
3272 if (td->type == IKEV2_TRANSFORM_TYPE_DH && td->dh_type == ts->dh_type)
3274 vec_add1 (proposal->transforms, *td);
3277 sa->dh_group = td->dh_type;
3285 r = clib_error_return (0, "Unsupported algorithm");
3293 vec_foreach (td, km->supported_transforms)
3295 if (td->type == IKEV2_TRANSFORM_TYPE_ESN)
3297 vec_add1 (proposal->transforms, *td);
3303 r = clib_error_return (0, "Unsupported algorithm");
3312 static ikev2_profile_t *
3313 ikev2_profile_index_by_name (u8 * name)
3315 ikev2_main_t *km = &ikev2_main;
3318 p = mhash_get (&km->profile_index_by_name, name);
3322 return pool_elt_at_index (km->profiles, p[0]);
3327 ikev2_send_ike (vlib_main_t * vm, ip4_address_t * src, ip4_address_t * dst,
3328 u32 bi0, u32 len, u16 src_port, u16 dst_port, u32 sw_if_index)
3336 b0 = vlib_get_buffer (vm, bi0);
3337 vlib_buffer_advance (b0, -sizeof (udp_header_t));
3338 udp0 = vlib_buffer_get_current (b0);
3339 vlib_buffer_advance (b0, -sizeof (ip4_header_t));
3340 ip40 = vlib_buffer_get_current (b0);
3343 ip40->ip_version_and_header_length = 0x45;
3345 ip40->fragment_id = 0;
3346 ip40->flags_and_fragment_offset = 0;
3348 ip40->protocol = IP_PROTOCOL_UDP;
3349 ip40->dst_address.as_u32 = dst->as_u32;
3350 ip40->src_address.as_u32 = src->as_u32;
3351 udp0->dst_port = clib_host_to_net_u16 (dst_port);
3352 udp0->src_port = clib_host_to_net_u16 (src_port);
3353 udp0->length = clib_host_to_net_u16 (len + sizeof (udp_header_t));
3355 b0->current_length = len + sizeof (ip4_header_t) + sizeof (udp_header_t);
3356 ip40->length = clib_host_to_net_u16 (b0->current_length);
3357 ip40->checksum = ip4_header_checksum (ip40);
3359 vnet_buffer (b0)->sw_if_index[VLIB_RX] = sw_if_index;
3360 vnet_buffer (b0)->sw_if_index[VLIB_TX] = ~0;
3362 /* send the request */
3363 f = vlib_get_frame_to_node (vm, ip4_lookup_node.index);
3364 to_next = vlib_frame_vector_args (f);
3367 vlib_put_frame_to_node (vm, ip4_lookup_node.index, f);
3372 ikev2_get_new_ike_header_buff (vlib_main_t * vm, vlib_buffer_t ** b)
3375 if (vlib_buffer_alloc (vm, &bi0, 1) != 1)
3380 *b = vlib_get_buffer (vm, bi0);
3385 ikev2_set_local_key (vlib_main_t * vm, u8 * file)
3387 ikev2_main_t *km = &ikev2_main;
3390 EVP_PKEY_free (km->pkey);
3391 km->pkey = ikev2_load_key_file (file);
3392 if (km->pkey == NULL)
3393 return clib_error_return (0, "load key '%s' failed", file);
3398 static_always_inline vnet_api_error_t
3399 ikev2_register_udp_port (ikev2_profile_t * p, u16 port)
3401 ikev2_main_t *km = &ikev2_main;
3402 udp_dst_port_info_t *pi;
3404 uword *v = hash_get (km->udp_ports, port);
3405 pi = udp_get_dst_port_info (&udp_main, port, UDP_IP4);
3409 /* IKE already uses this port, only increment reference counter */
3416 return VNET_API_ERROR_UDP_PORT_TAKEN;
3418 udp_register_dst_port (km->vlib_main, port,
3419 ipsec4_tun_input_node.index, 1);
3420 hash_set (km->udp_ports, port, 1);
3422 p->ipsec_over_udp_port = port;
3426 static_always_inline void
3427 ikev2_unregister_udp_port (ikev2_profile_t * p)
3429 ikev2_main_t *km = &ikev2_main;
3432 if (p->ipsec_over_udp_port == IPSEC_UDP_PORT_NONE)
3435 v = hash_get (km->udp_ports, p->ipsec_over_udp_port);
3443 udp_unregister_dst_port (km->vlib_main, p->ipsec_over_udp_port, 1);
3444 hash_unset (km->udp_ports, p->ipsec_over_udp_port);
3447 p->ipsec_over_udp_port = IPSEC_UDP_PORT_NONE;
3451 ikev2_initiate_delete_ike_sa_internal (vlib_main_t * vm,
3452 ikev2_main_per_thread_data_t * tkm,
3455 ikev2_main_t *km = &ikev2_main;
3456 ip4_address_t *src, *dst;
3459 /* Create the Initiator notification for IKE SA removal */
3464 bi0 = ikev2_get_new_ike_header_buff (vm, &b0);
3467 ikev2_log_error ("buffer alloc failure");
3471 ike0 = vlib_buffer_get_current (b0);
3472 ike0->exchange = IKEV2_EXCHANGE_INFORMATIONAL;
3473 ike0->ispi = clib_host_to_net_u64 (sa->ispi);
3474 ike0->rspi = clib_host_to_net_u64 (sa->rspi);
3475 vec_resize (sa->del, 1);
3476 sa->del->protocol_id = IKEV2_PROTOCOL_IKE;
3477 sa->del->spi = sa->ispi;
3478 ike0->msgid = clib_host_to_net_u32 (sa->last_init_msg_id + 1);
3479 sa->last_init_msg_id = clib_net_to_host_u32 (ike0->msgid);
3480 len = ikev2_generate_message (b0, sa, ike0, 0, 0);
3484 if (sa->is_initiator)
3495 ikev2_send_ike (vm, src, dst, bi0, len,
3496 ikev2_get_port (sa), sa->dst_port, 0);
3498 /* delete local SA */
3499 ikev2_child_sa_t *c;
3500 vec_foreach (c, sa->childs)
3501 ikev2_delete_tunnel_interface (km->vnet_main, sa, c);
3503 u64 rspi = sa->rspi;
3504 ikev2_sa_free_all_vec (sa);
3505 uword *p = hash_get (tkm->sa_by_rspi, rspi);
3508 hash_unset (tkm->sa_by_rspi, rspi);
3509 pool_put (tkm->sas, sa);
3514 ikev2_cleanup_profile_sessions (ikev2_main_t * km, ikev2_profile_t * p)
3516 ikev2_main_per_thread_data_t *tkm;
3518 u32 pi = p - km->profiles;
3522 vec_foreach (tkm, km->per_thread_data)
3525 pool_foreach (sa, tkm->sas, ({
3526 if (sa->profile_index != ~0 && pi == sa->profile_index)
3527 vec_add1 (del_sai, sa - tkm->sas);
3531 vec_foreach (sai, del_sai)
3533 sa = pool_elt_at_index (tkm->sas, sai[0]);
3534 ikev2_initiate_delete_ike_sa_internal (km->vlib_main, tkm, sa);
3537 vec_reset_length (del_sai);
3544 ikev2_profile_free (ikev2_profile_t * p)
3548 vec_free (p->auth.data);
3550 EVP_PKEY_free (p->auth.key);
3552 vec_free (p->loc_id.data);
3553 vec_free (p->rem_id.data);
3557 ikev2_add_del_profile (vlib_main_t * vm, u8 * name, int is_add)
3559 ikev2_main_t *km = &ikev2_main;
3564 if (ikev2_profile_index_by_name (name))
3565 return clib_error_return (0, "policy %v already exists", name);
3567 pool_get (km->profiles, p);
3568 clib_memset (p, 0, sizeof (*p));
3569 p->name = vec_dup (name);
3570 p->ipsec_over_udp_port = IPSEC_UDP_PORT_NONE;
3571 p->responder.sw_if_index = ~0;
3573 uword index = p - km->profiles;
3574 mhash_set_mem (&km->profile_index_by_name, name, &index, 0);
3578 p = ikev2_profile_index_by_name (name);
3580 return clib_error_return (0, "policy %v does not exists", name);
3582 ikev2_unregister_udp_port (p);
3583 ikev2_cleanup_profile_sessions (km, p);
3585 ikev2_profile_free (p);
3586 pool_put (km->profiles, p);
3587 mhash_unset (&km->profile_index_by_name, name, 0);
3593 ikev2_set_profile_auth (vlib_main_t * vm, u8 * name, u8 auth_method,
3594 u8 * auth_data, u8 data_hex_format)
3599 p = ikev2_profile_index_by_name (name);
3603 r = clib_error_return (0, "unknown profile %v", name);
3608 EVP_PKEY_free (p->auth.key);
3609 vec_free (p->auth.data);
3611 p->auth.method = auth_method;
3612 p->auth.data = vec_dup (auth_data);
3613 p->auth.hex = data_hex_format;
3615 if (auth_method == IKEV2_AUTH_METHOD_RSA_SIG)
3617 vec_add1 (p->auth.data, 0);
3618 p->auth.key = ikev2_load_cert_file (p->auth.data);
3619 if (p->auth.key == NULL)
3620 return clib_error_return (0, "load cert '%s' failed", p->auth.data);
3627 ikev2_set_profile_id (vlib_main_t * vm, u8 * name, u8 id_type, u8 * data,
3633 if (id_type > IKEV2_ID_TYPE_ID_RFC822_ADDR
3634 && id_type < IKEV2_ID_TYPE_ID_KEY_ID)
3636 r = clib_error_return (0, "unsupported identity type %U",
3637 format_ikev2_id_type, id_type);
3641 p = ikev2_profile_index_by_name (name);
3645 r = clib_error_return (0, "unknown profile %v", name);
3651 vec_free (p->loc_id.data);
3652 p->loc_id.type = id_type;
3653 p->loc_id.data = vec_dup (data);
3657 vec_free (p->rem_id.data);
3658 p->rem_id.type = id_type;
3659 p->rem_id.data = vec_dup (data);
3666 ikev2_set_profile_ts (vlib_main_t * vm, u8 * name, u8 protocol_id,
3667 u16 start_port, u16 end_port, ip4_address_t start_addr,
3668 ip4_address_t end_addr, int is_local)
3673 p = ikev2_profile_index_by_name (name);
3677 r = clib_error_return (0, "unknown profile %v", name);
3683 p->loc_ts.start_addr.as_u32 = start_addr.as_u32;
3684 p->loc_ts.end_addr.as_u32 = end_addr.as_u32;
3685 p->loc_ts.start_port = start_port;
3686 p->loc_ts.end_port = end_port;
3687 p->loc_ts.protocol_id = protocol_id;
3688 p->loc_ts.ts_type = 7;
3692 p->rem_ts.start_addr.as_u32 = start_addr.as_u32;
3693 p->rem_ts.end_addr.as_u32 = end_addr.as_u32;
3694 p->rem_ts.start_port = start_port;
3695 p->rem_ts.end_port = end_port;
3696 p->rem_ts.protocol_id = protocol_id;
3697 p->rem_ts.ts_type = 7;
3705 ikev2_set_profile_responder (vlib_main_t * vm, u8 * name,
3706 u32 sw_if_index, ip4_address_t ip4)
3711 p = ikev2_profile_index_by_name (name);
3715 r = clib_error_return (0, "unknown profile %v", name);
3719 p->responder.sw_if_index = sw_if_index;
3720 p->responder.ip4 = ip4;
3726 ikev2_set_profile_ike_transforms (vlib_main_t * vm, u8 * name,
3727 ikev2_transform_encr_type_t crypto_alg,
3728 ikev2_transform_integ_type_t integ_alg,
3729 ikev2_transform_dh_type_t dh_type,
3730 u32 crypto_key_size)
3735 p = ikev2_profile_index_by_name (name);
3739 r = clib_error_return (0, "unknown profile %v", name);
3743 p->ike_ts.crypto_alg = crypto_alg;
3744 p->ike_ts.integ_alg = integ_alg;
3745 p->ike_ts.dh_type = dh_type;
3746 p->ike_ts.crypto_key_size = crypto_key_size;
3751 ikev2_set_profile_esp_transforms (vlib_main_t * vm, u8 * name,
3752 ikev2_transform_encr_type_t crypto_alg,
3753 ikev2_transform_integ_type_t integ_alg,
3754 u32 crypto_key_size)
3759 p = ikev2_profile_index_by_name (name);
3763 r = clib_error_return (0, "unknown profile %v", name);
3767 p->esp_ts.crypto_alg = crypto_alg;
3768 p->esp_ts.integ_alg = integ_alg;
3769 p->esp_ts.crypto_key_size = crypto_key_size;
3774 ikev2_set_profile_tunnel_interface (vlib_main_t * vm,
3775 u8 * name, u32 sw_if_index)
3780 p = ikev2_profile_index_by_name (name);
3784 r = clib_error_return (0, "unknown profile %v", name);
3788 p->tun_itf = sw_if_index;
3794 ikev2_set_profile_ipsec_udp_port (vlib_main_t * vm, u8 * name, u16 port,
3797 ikev2_profile_t *p = ikev2_profile_index_by_name (name);
3798 ikev2_main_t *km = &ikev2_main;
3799 vnet_api_error_t rv = 0;
3803 return VNET_API_ERROR_INVALID_VALUE;
3807 if (p->ipsec_over_udp_port != IPSEC_UDP_PORT_NONE)
3808 return VNET_API_ERROR_VALUE_EXIST;
3810 rv = ikev2_register_udp_port (p, port);
3814 v = hash_get (km->udp_ports, port);
3816 return VNET_API_ERROR_IKE_NO_PORT;
3818 if (p->ipsec_over_udp_port == IPSEC_UDP_PORT_NONE)
3819 return VNET_API_ERROR_INVALID_VALUE;
3821 ikev2_unregister_udp_port (p);
3827 ikev2_set_profile_udp_encap (vlib_main_t * vm, u8 * name)
3829 ikev2_profile_t *p = ikev2_profile_index_by_name (name);
3834 r = clib_error_return (0, "unknown profile %v", name);
3843 ikev2_set_profile_sa_lifetime (vlib_main_t * vm, u8 * name,
3844 u64 lifetime, u32 jitter, u32 handover,
3850 p = ikev2_profile_index_by_name (name);
3854 r = clib_error_return (0, "unknown profile %v", name);
3858 p->lifetime = lifetime;
3859 p->lifetime_jitter = jitter;
3860 p->handover = handover;
3861 p->lifetime_maxdata = maxdata;
3866 ikev2_initiate_sa_init (vlib_main_t * vm, u8 * name)
3870 ip4_main_t *im = &ip4_main;
3871 ikev2_main_t *km = &ikev2_main;
3873 p = ikev2_profile_index_by_name (name);
3877 r = clib_error_return (0, "unknown profile %v", name);
3881 if (p->responder.sw_if_index == ~0 || p->responder.ip4.data_u32 == 0)
3883 r = clib_error_return (0, "responder not set for profile %v", name);
3888 /* Create the Initiator Request */
3893 ip_lookup_main_t *lm = &im->lookup_main;
3895 int len = sizeof (ike_header_t);
3897 /* Get own iface IP */
3899 lm->if_address_pool_index_by_sw_if_index[p->responder.sw_if_index];
3900 ip_interface_address_t *if_add =
3901 pool_elt_at_index (lm->if_address_pool, if_add_index0);
3902 ip4_address_t *if_ip = ip_interface_address_get_address (lm, if_add);
3904 bi0 = ikev2_get_new_ike_header_buff (vm, &b0);
3907 char *errmsg = "buffer alloc failure";
3908 ikev2_log_error (errmsg);
3909 return clib_error_return (0, errmsg);
3911 ike0 = vlib_buffer_get_current (b0);
3913 /* Prepare the SA and the IKE payload */
3915 clib_memset (&sa, 0, sizeof (ikev2_sa_t));
3916 ikev2_payload_chain_t *chain = 0;
3917 ikev2_payload_new_chain (chain);
3919 /* Build the IKE proposal payload */
3920 ikev2_sa_proposal_t *proposals = 0;
3921 ikev2_set_initiator_proposals (vm, &sa, &p->ike_ts, &proposals, 1);
3922 proposals[0].proposal_num = 1;
3923 proposals[0].protocol_id = IKEV2_PROTOCOL_IKE;
3925 /* Add and then cleanup proposal data */
3926 ikev2_payload_add_sa (chain, proposals);
3927 ikev2_sa_free_proposal_vector (&proposals);
3929 sa.is_initiator = 1;
3930 sa.profile_index = p - km->profiles;
3931 sa.state = IKEV2_STATE_SA_INIT;
3932 sa.tun_itf = p->tun_itf;
3933 sa.udp_encap = p->udp_encap;
3934 sa.ipsec_over_udp_port = p->ipsec_over_udp_port;
3935 sa.is_tun_itf_set = 1;
3936 sa.initial_contact = 1;
3937 sa.dst_port = IKEV2_PORT;
3938 ikev2_generate_sa_init_data (&sa);
3939 ikev2_payload_add_ke (chain, sa.dh_group, sa.i_dh_data);
3940 ikev2_payload_add_nonce (chain, sa.i_nonce);
3942 /* Build the child SA proposal */
3943 vec_resize (sa.childs, 1);
3944 ikev2_set_initiator_proposals (vm, &sa, &p->esp_ts,
3945 &sa.childs[0].i_proposals, 0);
3946 sa.childs[0].i_proposals[0].proposal_num = 1;
3947 sa.childs[0].i_proposals[0].protocol_id = IKEV2_PROTOCOL_ESP;
3948 RAND_bytes ((u8 *) & sa.childs[0].i_proposals[0].spi,
3949 sizeof (sa.childs[0].i_proposals[0].spi));
3951 /* Add NAT detection notification messages (mandatory) */
3952 u8 *nat_detection_sha1 =
3953 ikev2_compute_nat_sha1 (clib_host_to_net_u64 (sa.ispi),
3954 clib_host_to_net_u64 (sa.rspi),
3956 clib_host_to_net_u16 (IKEV2_PORT));
3958 ikev2_payload_add_notify (chain, IKEV2_NOTIFY_MSG_NAT_DETECTION_SOURCE_IP,
3959 nat_detection_sha1);
3960 vec_free (nat_detection_sha1);
3961 nat_detection_sha1 =
3962 ikev2_compute_nat_sha1 (clib_host_to_net_u64 (sa.ispi),
3963 clib_host_to_net_u64 (sa.rspi),
3964 p->responder.ip4.as_u32,
3965 clib_host_to_net_u16 (sa.dst_port));
3966 ikev2_payload_add_notify (chain,
3967 IKEV2_NOTIFY_MSG_NAT_DETECTION_DESTINATION_IP,
3968 nat_detection_sha1);
3969 vec_free (nat_detection_sha1);
3971 u8 *sig_hash_algo = vec_new (u8, 8);
3972 u64 tmpsig = clib_host_to_net_u64 (0x0001000200030004);
3973 clib_memcpy_fast (sig_hash_algo, &tmpsig, sizeof (tmpsig));
3974 ikev2_payload_add_notify (chain,
3975 IKEV2_NOTIFY_MSG_SIGNATURE_HASH_ALGORITHMS,
3977 vec_free (sig_hash_algo);
3980 /* Buffer update and boilerplate */
3981 len += vec_len (chain->data);
3982 ike0->nextpayload = chain->first_payload_type;
3983 ike0->length = clib_host_to_net_u32 (len);
3984 clib_memcpy_fast (ike0->payload, chain->data, vec_len (chain->data));
3985 ikev2_payload_destroy_chain (chain);
3987 ike0->version = IKE_VERSION_2;
3988 ike0->flags = IKEV2_HDR_FLAG_INITIATOR;
3989 ike0->exchange = IKEV2_EXCHANGE_SA_INIT;
3990 ike0->ispi = clib_host_to_net_u64 (sa.ispi);
3994 /* store whole IKE payload - needed for PSK auth */
3995 vec_reset_length (sa.last_sa_init_req_packet_data);
3996 vec_add (sa.last_sa_init_req_packet_data, ike0, len);
3998 /* add data to the SA then add it to the pool */
3999 sa.iaddr.as_u32 = if_ip->as_u32;
4000 sa.raddr.as_u32 = p->responder.ip4.as_u32;
4001 sa.i_id.type = p->loc_id.type;
4002 sa.i_id.data = vec_dup (p->loc_id.data);
4003 sa.r_id.type = p->rem_id.type;
4004 sa.r_id.data = vec_dup (p->rem_id.data);
4005 sa.i_auth.method = p->auth.method;
4006 sa.i_auth.hex = p->auth.hex;
4007 sa.i_auth.data = vec_dup (p->auth.data);
4008 sa.sw_if_index = p->responder.sw_if_index;
4009 vec_add (sa.childs[0].tsi, &p->loc_ts, 1);
4010 vec_add (sa.childs[0].tsr, &p->rem_ts, 1);
4012 ikev2_initial_contact_cleanup (&sa);
4014 /* add SA to the pool */
4015 ikev2_sa_t *sa0 = 0;
4016 pool_get (km->sais, sa0);
4017 clib_memcpy_fast (sa0, &sa, sizeof (*sa0));
4018 hash_set (km->sa_by_ispi, sa0->ispi, sa0 - km->sais);
4020 ikev2_send_ike (vm, if_ip, &p->responder.ip4, bi0, len,
4021 IKEV2_PORT, sa.dst_port, sa.sw_if_index);
4023 ikev2_elog_exchange ("ispi %lx rspi %lx IKEV2_EXCHANGE_SA_INIT sent to "
4024 "%d.%d.%d.%d", clib_host_to_net_u64 (sa0->ispi), 0,
4025 p->responder.ip4.as_u32);
4032 ikev2_delete_child_sa_internal (vlib_main_t * vm, ikev2_sa_t * sa,
4033 ikev2_child_sa_t * csa)
4035 /* Create the Initiator notification for child SA removal */
4036 ikev2_main_t *km = &ikev2_main;
4042 bi0 = ikev2_get_new_ike_header_buff (vm, &b0);
4045 ikev2_log_error ("buffer alloc failure");
4049 ike0 = vlib_buffer_get_current (b0);
4050 ike0->exchange = IKEV2_EXCHANGE_INFORMATIONAL;
4051 ike0->ispi = clib_host_to_net_u64 (sa->ispi);
4052 ike0->rspi = clib_host_to_net_u64 (sa->rspi);
4053 vec_resize (sa->del, 1);
4054 sa->del->protocol_id = IKEV2_PROTOCOL_ESP;
4055 sa->del->spi = csa->i_proposals->spi;
4056 ike0->msgid = clib_host_to_net_u32 (sa->last_init_msg_id + 1);
4057 sa->last_init_msg_id = clib_net_to_host_u32 (ike0->msgid);
4058 len = ikev2_generate_message (b0, sa, ike0, 0, 0);
4063 len = ikev2_insert_non_esp_marker (ike0, len);
4064 ikev2_send_ike (vm, &sa->iaddr, &sa->raddr, bi0, len,
4065 ikev2_get_port (sa), sa->dst_port, sa->sw_if_index);
4067 /* delete local child SA */
4068 ikev2_delete_tunnel_interface (km->vnet_main, sa, csa);
4069 ikev2_sa_del_child_sa (sa, csa);
4073 ikev2_initiate_delete_child_sa (vlib_main_t * vm, u32 ispi)
4076 ikev2_main_t *km = &ikev2_main;
4077 ikev2_main_per_thread_data_t *tkm;
4078 ikev2_sa_t *fsa = 0;
4079 ikev2_child_sa_t *fchild = 0;
4081 /* Search for the child SA */
4082 vec_foreach (tkm, km->per_thread_data)
4088 pool_foreach (sa, tkm->sas, ({
4089 fchild = ikev2_sa_get_child(sa, ispi, IKEV2_PROTOCOL_ESP, 1);
4099 if (!fchild || !fsa)
4101 r = clib_error_return (0, "Child SA not found");
4106 ikev2_delete_child_sa_internal (vm, fsa, fchild);
4113 ikev2_initiate_delete_ike_sa (vlib_main_t * vm, u64 ispi)
4116 ikev2_main_t *km = &ikev2_main;
4117 ikev2_main_per_thread_data_t *tkm;
4118 ikev2_sa_t *fsa = 0;
4119 ikev2_main_per_thread_data_t *ftkm = 0;
4121 /* Search for the IKE SA */
4122 vec_foreach (tkm, km->per_thread_data)
4128 pool_foreach (sa, tkm->sas, ({
4129 if (sa->ispi == ispi)
4141 r = clib_error_return (0, "IKE SA not found");
4145 ikev2_initiate_delete_ike_sa_internal (vm, ftkm, fsa);
4150 ikev2_rekey_child_sa_internal (vlib_main_t * vm, ikev2_sa_t * sa,
4151 ikev2_child_sa_t * csa)
4153 /* Create the Initiator request for create child SA */
4159 bi0 = ikev2_get_new_ike_header_buff (vm, &b0);
4162 ikev2_log_error ("buffer alloc failure");
4166 ike0 = vlib_buffer_get_current (b0);
4167 ike0->version = IKE_VERSION_2;
4168 ike0->flags = IKEV2_HDR_FLAG_INITIATOR;
4169 ike0->exchange = IKEV2_EXCHANGE_CREATE_CHILD_SA;
4170 ike0->ispi = clib_host_to_net_u64 (sa->ispi);
4171 ike0->rspi = clib_host_to_net_u64 (sa->rspi);
4172 ike0->msgid = clib_host_to_net_u32 (sa->last_init_msg_id + 1);
4173 sa->last_init_msg_id = clib_net_to_host_u32 (ike0->msgid);
4175 ikev2_rekey_t *rekey;
4176 vec_add2 (sa->rekey, rekey, 1);
4177 ikev2_sa_proposal_t *proposals = vec_dup (csa->i_proposals);
4180 RAND_bytes ((u8 *) & proposals[0].spi, sizeof (proposals[0].spi));
4181 rekey->spi = proposals[0].spi;
4182 rekey->ispi = csa->i_proposals->spi;
4183 len = ikev2_generate_message (b0, sa, ike0, proposals, 0);
4188 len = ikev2_insert_non_esp_marker (ike0, len);
4189 ikev2_send_ike (vm, &sa->iaddr, &sa->raddr, bi0, len,
4190 ikev2_get_port (sa), ikev2_get_port (sa), sa->sw_if_index);
4191 vec_free (proposals);
4195 ikev2_initiate_rekey_child_sa (vlib_main_t * vm, u32 ispi)
4198 ikev2_main_t *km = &ikev2_main;
4199 ikev2_main_per_thread_data_t *tkm;
4200 ikev2_sa_t *fsa = 0;
4201 ikev2_child_sa_t *fchild = 0;
4203 /* Search for the child SA */
4204 vec_foreach (tkm, km->per_thread_data)
4210 pool_foreach (sa, tkm->sas, ({
4211 fchild = ikev2_sa_get_child(sa, ispi, IKEV2_PROTOCOL_ESP, 1);
4221 if (!fchild || !fsa)
4223 r = clib_error_return (0, "Child SA not found");
4228 ikev2_rekey_child_sa_internal (vm, fsa, fchild);
4235 ikev2_init (vlib_main_t * vm)
4237 ikev2_main_t *km = &ikev2_main;
4238 vlib_thread_main_t *tm = vlib_get_thread_main ();
4241 clib_memset (km, 0, sizeof (ikev2_main_t));
4242 km->vnet_main = vnet_get_main ();
4245 km->liveness_period = IKEV2_LIVENESS_PERIOD_CHECK;
4246 km->liveness_max_retries = IKEV2_LIVENESS_RETRIES;
4247 ikev2_crypto_init (km);
4249 mhash_init_vec_string (&km->profile_index_by_name, sizeof (uword));
4251 vec_validate_aligned (km->per_thread_data, tm->n_vlib_mains - 1,
4252 CLIB_CACHE_LINE_BYTES);
4253 for (thread_id = 0; thread_id < tm->n_vlib_mains; thread_id++)
4255 ikev2_main_per_thread_data_t *ptd =
4256 vec_elt_at_index (km->per_thread_data, thread_id);
4258 ptd->sa_by_rspi = hash_create (0, sizeof (uword));
4260 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
4261 ptd->evp_ctx = EVP_CIPHER_CTX_new ();
4262 ptd->hmac_ctx = HMAC_CTX_new ();
4264 EVP_CIPHER_CTX_init (&ptd->_evp_ctx);
4265 ptd->evp_ctx = &ptd->_evp_ctx;
4266 HMAC_CTX_init (&(ptd->_hmac_ctx));
4267 ptd->hmac_ctx = &ptd->_hmac_ctx;
4271 km->sa_by_ispi = hash_create (0, sizeof (uword));
4272 km->sw_if_indices = hash_create (0, 0);
4273 km->udp_ports = hash_create (0, sizeof (uword));
4275 udp_register_dst_port (vm, IKEV2_PORT, ikev2_node.index, 1);
4276 udp_register_dst_port (vm, IKEV2_PORT_NATT, ikev2_node.index, 1);
4278 vlib_punt_hdl_t punt_hdl = vlib_punt_client_register ("ikev2");
4279 vlib_punt_register (punt_hdl, ipsec_punt_reason[IPSEC_PUNT_IP4_SPI_UDP_0],
4281 ikev2_cli_reference ();
4283 km->log_level = IKEV2_LOG_ERROR;
4284 km->log_class = vlib_log_register_class ("ikev2", 0);
4289 VLIB_INIT_FUNCTION (ikev2_init) =
4291 .runs_after = VLIB_INITS("ipsec_init", "ipsec_punt_init"),
4296 ikev2_mngr_process_child_sa (ikev2_sa_t * sa, ikev2_child_sa_t * csa,
4299 ikev2_main_t *km = &ikev2_main;
4300 ikev2_profile_t *p = 0;
4301 vlib_main_t *vm = km->vlib_main;
4302 f64 now = vlib_time_now (vm);
4305 if (sa->profile_index != ~0)
4306 p = pool_elt_at_index (km->profiles, sa->profile_index);
4308 if (sa->is_initiator && p && csa->time_to_expiration
4309 && now > csa->time_to_expiration)
4311 if (!csa->is_expired || csa->rekey_retries > 0)
4313 ikev2_rekey_child_sa_internal (vm, sa, csa);
4314 csa->time_to_expiration = now + p->handover;
4315 csa->is_expired = 1;
4316 if (csa->rekey_retries == 0)
4318 csa->rekey_retries = 5;
4320 else if (csa->rekey_retries > 0)
4322 csa->rekey_retries--;
4323 ikev2_log_debug ("Rekeying Child SA 0x%x, retries left %d",
4324 csa->i_proposals->spi, csa->rekey_retries);
4325 if (csa->rekey_retries == 0)
4327 csa->rekey_retries = -1;
4334 csa->time_to_expiration = 0;
4335 ikev2_delete_child_sa_internal (vm, sa, csa);
4343 ipip_tunnel_t *ipip = NULL;
4344 u32 sw_if_index = sa->is_tun_itf_set ? sa->tun_itf : ~0;
4345 if (~0 == sw_if_index)
4347 ip46_address_t local_ip;
4348 ip46_address_t remote_ip;
4349 if (sa->is_initiator)
4351 ip46_address_set_ip4 (&local_ip, &sa->iaddr);
4352 ip46_address_set_ip4 (&remote_ip, &sa->raddr);
4356 ip46_address_set_ip4 (&local_ip, &sa->raddr);
4357 ip46_address_set_ip4 (&remote_ip, &sa->iaddr);
4361 ipip_tunnel_key_t key = {
4364 .transport = IPIP_TRANSPORT_IP4,
4369 ipip = ipip_tunnel_db_find (&key);
4372 sw_if_index = ipip->sw_if_index;
4378 vec_add1 (sas_in, csa->remote_sa_id);
4379 vlib_worker_thread_barrier_sync (vm);
4380 ipsec_tun_protect_update (sw_if_index, NULL, csa->local_sa_id, sas_in);
4381 ipsec_sa_unlock_id (ikev2_flip_alternate_sa_bit (csa->remote_sa_id));
4382 vlib_worker_thread_barrier_release (vm);
4389 ikev2_set_log_level (ikev2_log_level_t log_level)
4391 ikev2_main_t *km = &ikev2_main;
4393 if (log_level >= IKEV2_LOG_MAX)
4395 ikev2_log_error ("unknown logging level %d", log_level);
4399 km->log_level = log_level;
4404 ikev2_set_liveness_params (u32 period, u32 max_retries)
4406 ikev2_main_t *km = &ikev2_main;
4408 if (period == 0 || max_retries == 0)
4409 return clib_error_return (0, "invalid args");
4411 km->liveness_period = period;
4412 km->liveness_max_retries = max_retries;
4417 ikev2_mngr_process_ipsec_sa (ipsec_sa_t * ipsec_sa)
4419 ikev2_main_t *km = &ikev2_main;
4420 vlib_main_t *vm = km->vlib_main;
4421 ikev2_main_per_thread_data_t *tkm;
4422 ikev2_sa_t *fsa = 0;
4423 ikev2_profile_t *p = 0;
4424 ikev2_child_sa_t *fchild = 0;
4425 f64 now = vlib_time_now (vm);
4426 vlib_counter_t counts;
4428 /* Search for the SA and child SA */
4429 vec_foreach (tkm, km->per_thread_data)
4435 pool_foreach (sa, tkm->sas, ({
4436 fchild = ikev2_sa_get_child(sa, ipsec_sa->spi, IKEV2_PROTOCOL_ESP, 1);
4445 vlib_get_combined_counter (&ipsec_sa_counters,
4446 ipsec_sa->stat_index, &counts);
4448 if (fsa && fsa->profile_index != ~0 && fsa->is_initiator)
4449 p = pool_elt_at_index (km->profiles, fsa->profile_index);
4451 if (fchild && p && p->lifetime_maxdata)
4453 if (!fchild->is_expired && counts.bytes > p->lifetime_maxdata)
4455 fchild->time_to_expiration = now;
4461 ikev2_process_pending_sa_init (ikev2_main_t * km)
4468 hash_foreach (ispi, sai, km->sa_by_ispi,
4470 sa = pool_elt_at_index (km->sais, sai);
4471 if (sa->init_response_received)
4475 if (vlib_buffer_alloc (km->vlib_main, &bi0, 1) != 1)
4478 vlib_buffer_t * b = vlib_get_buffer (km->vlib_main, bi0);
4479 clib_memcpy_fast (vlib_buffer_get_current (b),
4480 sa->last_sa_init_req_packet_data,
4481 vec_len (sa->last_sa_init_req_packet_data));
4482 ikev2_send_ike (km->vlib_main, &sa->iaddr, &sa->raddr, bi0,
4483 vec_len (sa->last_sa_init_req_packet_data),
4484 ikev2_get_port (sa), IKEV2_PORT, sa->sw_if_index);
4489 static vlib_node_registration_t ikev2_mngr_process_node;
4492 ikev2_send_informational_request (ikev2_sa_t * sa)
4494 ikev2_main_t *km = &ikev2_main;
4495 ip4_address_t *src, *dst;
4502 bi0 = ikev2_get_new_ike_header_buff (km->vlib_main, &b0);
4505 ikev2_log_error ("buffer alloc failure");
4509 ike0 = vlib_buffer_get_current (b0);
4510 ike0->exchange = IKEV2_EXCHANGE_INFORMATIONAL;
4511 ike0->ispi = clib_host_to_net_u64 (sa->ispi);
4512 ike0->rspi = clib_host_to_net_u64 (sa->rspi);
4513 ike0->msgid = clib_host_to_net_u32 (sa->last_init_msg_id + 1);
4514 sa->last_init_msg_id = clib_net_to_host_u32 (ike0->msgid);
4515 len = ikev2_generate_message (b0, sa, ike0, 0, 0);
4520 len = ikev2_insert_non_esp_marker (ike0, len);
4522 if (sa->is_initiator)
4533 dp = sa->dst_port ? sa->dst_port : ikev2_get_port (sa);
4534 ikev2_send_ike (km->vlib_main, src, dst, bi0, len, ikev2_get_port (sa), dp,
4538 static_always_inline int
4539 ikev2_mngr_process_responder_sas (ikev2_sa_t * sa)
4541 ikev2_main_t *km = &ikev2_main;
4542 vlib_main_t *vm = km->vlib_main;
4544 if (!sa->keys_generated)
4547 if (sa->liveness_retries >= km->liveness_max_retries)
4550 f64 now = vlib_time_now (vm);
4552 if (sa->liveness_period_check < now)
4554 sa->liveness_retries++;
4555 sa->liveness_period_check = now + km->liveness_period;
4556 ikev2_send_informational_request (sa);
4562 ikev2_mngr_process_fn (vlib_main_t * vm, vlib_node_runtime_t * rt,
4565 ikev2_main_t *km = &ikev2_main;
4566 ipsec_main_t *im = &ipsec_main;
4568 ikev2_child_sa_t *c;
4574 vlib_process_wait_for_event_or_clock (vm, 1);
4575 vlib_process_get_events (vm, NULL);
4577 /* process ike child sas */
4578 ikev2_main_per_thread_data_t *tkm;
4579 vec_foreach (tkm, km->per_thread_data)
4582 u32 *to_be_deleted = 0;
4585 pool_foreach (sa, tkm->sas, ({
4586 ikev2_child_sa_t *c;
4588 if (sa->old_remote_id_present && 0 > sa->old_id_expiration)
4590 sa->old_remote_id_present = 0;
4594 sa->old_id_expiration -= 1;
4596 vec_foreach (c, sa->childs)
4598 req_sent |= ikev2_mngr_process_child_sa(sa, c, del_old_ids);
4601 if (ikev2_mngr_process_responder_sas (sa))
4602 vec_add1 (to_be_deleted, sa - tkm->sas);
4606 vec_foreach (sai, to_be_deleted)
4608 sa = pool_elt_at_index (tkm->sas, sai[0]);
4609 u8 reinitiate = (sa->is_initiator && sa->profile_index != ~0);
4610 vec_foreach (c, sa->childs)
4612 ikev2_delete_tunnel_interface (km->vnet_main, sa, c);
4613 ikev2_sa_del_child_sa (sa, c);
4615 ikev2_sa_free_all_vec (sa);
4616 hash_unset (tkm->sa_by_rspi, sa->rspi);
4617 pool_put (tkm->sas, sa);
4621 p = pool_elt_at_index (km->profiles, sa->profile_index);
4624 ikev2_initiate_sa_init (vm, p->name);
4628 vec_free (to_be_deleted);
4631 /* process ipsec sas */
4634 pool_foreach (sa, im->sad, ({
4635 ikev2_mngr_process_ipsec_sa(sa);
4639 ikev2_process_pending_sa_init (km);
4643 vlib_process_wait_for_event_or_clock (vm, 5);
4644 vlib_process_get_events (vm, NULL);
4653 VLIB_REGISTER_NODE (ikev2_mngr_process_node, static) = {
4654 .function = ikev2_mngr_process_fn,
4655 .type = VLIB_NODE_TYPE_PROCESS,
4657 "ikev2-manager-process",
4660 VLIB_PLUGIN_REGISTER () = {
4661 .version = VPP_BUILD_VER,
4662 .description = "Internet Key Exchange (IKEv2) Protocol",
4667 * fd.io coding-style-patch-verification: ON
4670 * eval: (c-set-style "gnu")
Code Review / vpp.git / blob