2 * Copyright (c) 2015 Cisco and/or its affiliates.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at:
7 * http://www.apache.org/licenses/LICENSE-2.0
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
16 #include <vlib/vlib.h>
17 #include <vlib/unix/plugin.h>
18 #include <vlibmemory/api.h>
19 #include <vpp/app/version.h>
20 #include <vnet/vnet.h>
21 #include <vnet/pg/pg.h>
22 #include <vppinfra/error.h>
23 #include <vppinfra/random.h>
24 #include <vnet/udp/udp.h>
25 #include <vnet/ipsec/ipsec.h>
26 #include <vnet/ipsec/ipsec_tun.h>
27 #include <vnet/ipip/ipip.h>
28 #include <plugins/ikev2/ikev2.h>
29 #include <plugins/ikev2/ikev2_priv.h>
30 #include <openssl/sha.h>
31 #include <vnet/ipsec/ipsec_punt.h>
33 #define IKEV2_LIVENESS_RETRIES 3
34 #define IKEV2_LIVENESS_PERIOD_CHECK 30
36 ikev2_main_t ikev2_main;
38 static int ikev2_delete_tunnel_interface (vnet_main_t * vnm,
40 ikev2_child_sa_t * child);
42 #define ikev2_set_state(sa, v) do { \
44 ikev2_elog_sa_state("ispi %lx SA state changed to " #v, sa->ispi); \
54 format_ikev2_trace (u8 * s, va_list * args)
56 CLIB_UNUSED (vlib_main_t * vm) = va_arg (*args, vlib_main_t *);
57 CLIB_UNUSED (vlib_node_t * node) = va_arg (*args, vlib_node_t *);
58 ikev2_trace_t *t = va_arg (*args, ikev2_trace_t *);
60 s = format (s, "ikev2: sw_if_index %d, next index %d",
61 t->sw_if_index, t->next_index);
65 static vlib_node_registration_t ikev2_node;
67 #define foreach_ikev2_error \
68 _(PROCESSED, "IKEv2 packets processed") \
69 _(IKE_SA_INIT_RETRANSMIT, "IKE_SA_INIT retransmit ") \
70 _(IKE_SA_INIT_IGNORE, "IKE_SA_INIT ignore (IKE SA already auth)") \
71 _(IKE_REQ_RETRANSMIT, "IKE request retransmit") \
72 _(IKE_REQ_IGNORE, "IKE request ignore (old msgid)") \
73 _(NOT_IKEV2, "Non IKEv2 packets received") \
74 _(BAD_LENGTH, "Bad packet length")
78 #define _(sym,str) IKEV2_ERROR_##sym,
84 static char *ikev2_error_strings[] = {
85 #define _(sym,string) string,
92 IKEV2_NEXT_IP4_LOOKUP,
93 IKEV2_NEXT_ERROR_DROP,
97 typedef u32 ikev2_non_esp_marker;
99 static_always_inline u16
100 ikev2_get_port (ikev2_sa_t * sa)
102 return sa->natt ? IKEV2_PORT_NATT : IKEV2_PORT;
105 static_always_inline int
106 ikev2_insert_non_esp_marker (ike_header_t * ike, int len)
108 memmove ((u8 *) ike + sizeof (ikev2_non_esp_marker), ike, len);
109 clib_memset (ike, 0, sizeof (ikev2_non_esp_marker));
110 return len + sizeof (ikev2_non_esp_marker);
113 static ikev2_sa_transform_t *
114 ikev2_find_transform_data (ikev2_sa_transform_t * t)
116 ikev2_main_t *km = &ikev2_main;
117 ikev2_sa_transform_t *td;
119 vec_foreach (td, km->supported_transforms)
121 if (td->type != t->type)
124 if (td->transform_id != t->transform_id)
127 if (td->type == IKEV2_TRANSFORM_TYPE_ENCR)
129 if (vec_len (t->attrs) != 4 || t->attrs[0] != 0x80
130 || t->attrs[1] != 14)
133 if (((t->attrs[2] << 8 | t->attrs[3]) / 8) != td->key_len)
141 static ikev2_sa_proposal_t *
142 ikev2_select_proposal (ikev2_sa_proposal_t * proposals,
143 ikev2_protocol_id_t prot_id)
145 ikev2_sa_proposal_t *rv = 0;
146 ikev2_sa_proposal_t *proposal;
147 ikev2_sa_transform_t *transform, *new_t;
148 u8 mandatory_bitmap, optional_bitmap;
150 if (prot_id == IKEV2_PROTOCOL_IKE)
152 mandatory_bitmap = (1 << IKEV2_TRANSFORM_TYPE_ENCR) |
153 (1 << IKEV2_TRANSFORM_TYPE_PRF) | (1 << IKEV2_TRANSFORM_TYPE_DH);
154 optional_bitmap = mandatory_bitmap | (1 << IKEV2_TRANSFORM_TYPE_INTEG);
156 else if (prot_id == IKEV2_PROTOCOL_ESP)
158 mandatory_bitmap = (1 << IKEV2_TRANSFORM_TYPE_ENCR) |
159 (1 << IKEV2_TRANSFORM_TYPE_ESN);
160 optional_bitmap = mandatory_bitmap |
161 (1 << IKEV2_TRANSFORM_TYPE_INTEG) | (1 << IKEV2_TRANSFORM_TYPE_DH);
163 else if (prot_id == IKEV2_PROTOCOL_AH)
165 mandatory_bitmap = (1 << IKEV2_TRANSFORM_TYPE_INTEG) |
166 (1 << IKEV2_TRANSFORM_TYPE_ESN);
167 optional_bitmap = mandatory_bitmap | (1 << IKEV2_TRANSFORM_TYPE_DH);
172 vec_add2 (rv, proposal, 1);
174 vec_foreach (proposal, proposals)
177 if (proposal->protocol_id != prot_id)
180 vec_foreach (transform, proposal->transforms)
182 if ((1 << transform->type) & bitmap)
185 if (ikev2_find_transform_data (transform))
187 bitmap |= 1 << transform->type;
188 vec_add2 (rv->transforms, new_t, 1);
189 clib_memcpy_fast (new_t, transform, sizeof (*new_t));
190 new_t->attrs = vec_dup (transform->attrs);
194 if ((bitmap & mandatory_bitmap) == mandatory_bitmap &&
195 (bitmap & ~optional_bitmap) == 0)
197 rv->proposal_num = proposal->proposal_num;
198 rv->protocol_id = proposal->protocol_id;
199 RAND_bytes ((u8 *) & rv->spi, sizeof (rv->spi));
204 vec_free (rv->transforms);
213 ikev2_sa_transform_t *
214 ikev2_sa_get_td_for_type (ikev2_sa_proposal_t * p,
215 ikev2_transform_type_t type)
217 ikev2_sa_transform_t *t;
222 vec_foreach (t, p->transforms)
225 return ikev2_find_transform_data (t);
231 ikev2_sa_get_child (ikev2_sa_t * sa, u32 spi, ikev2_protocol_id_t prot_id,
235 vec_foreach (c, sa->childs)
237 ikev2_sa_proposal_t *proposal =
238 by_initiator ? &c->i_proposals[0] : &c->r_proposals[0];
239 if (proposal && proposal->spi == spi && proposal->protocol_id == prot_id)
247 ikev2_sa_free_proposal_vector (ikev2_sa_proposal_t ** v)
249 ikev2_sa_proposal_t *p;
250 ikev2_sa_transform_t *t;
257 vec_foreach (t, p->transforms)
261 vec_free (p->transforms);
267 ikev2_sa_free_child_sa (ikev2_child_sa_t * c)
269 ikev2_sa_free_proposal_vector (&c->r_proposals);
270 ikev2_sa_free_proposal_vector (&c->i_proposals);
280 ikev2_sa_free_all_child_sa (ikev2_child_sa_t ** childs)
283 vec_foreach (c, *childs) ikev2_sa_free_child_sa (c);
289 ikev2_sa_del_child_sa (ikev2_sa_t * sa, ikev2_child_sa_t * child)
291 ikev2_sa_free_child_sa (child);
292 vec_del1 (sa->childs, child - sa->childs);
296 ikev2_sa_free_all_vec (ikev2_sa_t * sa)
298 vec_free (sa->i_nonce);
299 vec_free (sa->r_nonce);
301 vec_free (sa->dh_shared_key);
302 vec_free (sa->dh_private_key);
303 vec_free (sa->i_dh_data);
304 vec_free (sa->r_dh_data);
306 ikev2_sa_free_proposal_vector (&sa->r_proposals);
307 ikev2_sa_free_proposal_vector (&sa->i_proposals);
310 vec_free (sa->sk_ai);
311 vec_free (sa->sk_ar);
312 vec_free (sa->sk_ei);
313 vec_free (sa->sk_er);
314 vec_free (sa->sk_pi);
315 vec_free (sa->sk_pr);
317 vec_free (sa->i_id.data);
318 vec_free (sa->r_id.data);
320 vec_free (sa->i_auth.data);
322 EVP_PKEY_free (sa->i_auth.key);
323 vec_free (sa->r_auth.data);
325 EVP_PKEY_free (sa->r_auth.key);
329 vec_free (sa->rekey);
331 vec_free (sa->last_sa_init_req_packet_data);
332 vec_free (sa->last_sa_init_res_packet_data);
334 vec_free (sa->last_res_packet_data);
336 ikev2_sa_free_all_child_sa (&sa->childs);
340 ikev2_delete_sa (ikev2_sa_t * sa)
342 ikev2_main_t *km = &ikev2_main;
343 u32 thread_index = vlib_get_thread_index ();
346 ikev2_sa_free_all_vec (sa);
348 p = hash_get (km->per_thread_data[thread_index].sa_by_rspi, sa->rspi);
351 hash_unset (km->per_thread_data[thread_index].sa_by_rspi, sa->rspi);
352 pool_put (km->per_thread_data[thread_index].sas, sa);
357 ikev2_generate_sa_init_data (ikev2_sa_t * sa)
359 ikev2_sa_transform_t *t = 0, *t2;
360 ikev2_main_t *km = &ikev2_main;
362 if (sa->dh_group == IKEV2_TRANSFORM_DH_TYPE_NONE)
367 /* check if received DH group is on our list of supported groups */
368 vec_foreach (t2, km->supported_transforms)
370 if (t2->type == IKEV2_TRANSFORM_TYPE_DH && sa->dh_group == t2->dh_type)
379 sa->dh_group = IKEV2_TRANSFORM_DH_TYPE_NONE;
383 if (sa->is_initiator)
386 RAND_bytes ((u8 *) & sa->ispi, 8);
389 sa->i_nonce = vec_new (u8, IKEV2_NONCE_SIZE);
390 RAND_bytes ((u8 *) sa->i_nonce, IKEV2_NONCE_SIZE);
395 RAND_bytes ((u8 *) & sa->rspi, 8);
398 sa->r_nonce = vec_new (u8, IKEV2_NONCE_SIZE);
399 RAND_bytes ((u8 *) sa->r_nonce, IKEV2_NONCE_SIZE);
402 /* generate dh keys */
403 ikev2_generate_dh (sa, t);
408 ikev2_complete_sa_data (ikev2_sa_t * sa, ikev2_sa_t * sai)
410 ikev2_sa_transform_t *t = 0, *t2;
411 ikev2_main_t *km = &ikev2_main;
413 /*move some data to the new SA */
414 #define _(A) ({void* __tmp__ = (A); (A) = 0; __tmp__;})
415 sa->i_nonce = _(sai->i_nonce);
416 sa->i_dh_data = _(sai->i_dh_data);
417 sa->dh_private_key = _(sai->dh_private_key);
418 sa->iaddr.as_u32 = sai->iaddr.as_u32;
419 sa->raddr.as_u32 = sai->raddr.as_u32;
420 sa->is_initiator = sai->is_initiator;
421 sa->i_id.type = sai->i_id.type;
422 sa->r_id.type = sai->r_id.type;
423 sa->profile_index = sai->profile_index;
424 sa->tun_itf = sai->tun_itf;
425 sa->is_tun_itf_set = sai->is_tun_itf_set;
426 sa->i_id.data = _(sai->i_id.data);
427 sa->r_id.data = _(sai->r_id.data);
428 sa->i_auth.method = sai->i_auth.method;
429 sa->i_auth.hex = sai->i_auth.hex;
430 sa->i_auth.data = _(sai->i_auth.data);
431 sa->i_auth.key = _(sai->i_auth.key);
432 sa->last_sa_init_req_packet_data = _(sai->last_sa_init_req_packet_data);
433 sa->childs = _(sai->childs);
434 sa->udp_encap = sai->udp_encap;
435 sa->ipsec_over_udp_port = sai->ipsec_over_udp_port;
436 sa->dst_port = sai->dst_port;
437 sa->sw_if_index = sai->sw_if_index;
441 if (sa->dh_group == IKEV2_TRANSFORM_DH_TYPE_NONE)
446 /* check if received DH group is on our list of supported groups */
447 vec_foreach (t2, km->supported_transforms)
449 if (t2->type == IKEV2_TRANSFORM_TYPE_DH && sa->dh_group == t2->dh_type)
458 sa->dh_group = IKEV2_TRANSFORM_DH_TYPE_NONE;
463 /* generate dh keys */
464 ikev2_complete_dh (sa, t);
469 ikev2_calc_keys (ikev2_sa_t * sa)
472 /* calculate SKEYSEED = prf(Ni | Nr, g^ir) */
475 u16 integ_key_len = 0, salt_len = 0;
476 ikev2_sa_transform_t *tr_encr, *tr_prf, *tr_integ;
478 ikev2_sa_get_td_for_type (sa->r_proposals, IKEV2_TRANSFORM_TYPE_ENCR);
480 ikev2_sa_get_td_for_type (sa->r_proposals, IKEV2_TRANSFORM_TYPE_PRF);
482 ikev2_sa_get_td_for_type (sa->r_proposals, IKEV2_TRANSFORM_TYPE_INTEG);
485 integ_key_len = tr_integ->key_len;
487 salt_len = sizeof (u32);
489 vec_append (s, sa->i_nonce);
490 vec_append (s, sa->r_nonce);
491 skeyseed = ikev2_calc_prf (tr_prf, s, sa->dh_shared_key);
493 /* Calculate S = Ni | Nr | SPIi | SPIr */
495 vec_add2 (s, tmp, 2 * sizeof (*spi));
497 spi[0] = clib_host_to_net_u64 (sa->ispi);
498 spi[1] = clib_host_to_net_u64 (sa->rspi);
500 /* calculate PRFplus */
502 int len = tr_prf->key_trunc + /* SK_d */
503 integ_key_len * 2 + /* SK_ai, SK_ar */
504 tr_encr->key_len * 2 + /* SK_ei, SK_er */
505 tr_prf->key_len * 2 + /* SK_pi, SK_pr */
508 keymat = ikev2_calc_prfplus (tr_prf, skeyseed, s, len);
515 sa->sk_d = vec_new (u8, tr_prf->key_trunc);
516 clib_memcpy_fast (sa->sk_d, keymat + pos, tr_prf->key_trunc);
517 pos += tr_prf->key_trunc;
522 sa->sk_ai = vec_new (u8, integ_key_len);
523 clib_memcpy_fast (sa->sk_ai, keymat + pos, integ_key_len);
524 pos += integ_key_len;
527 sa->sk_ar = vec_new (u8, integ_key_len);
528 clib_memcpy_fast (sa->sk_ar, keymat + pos, integ_key_len);
529 pos += integ_key_len;
533 sa->sk_ei = vec_new (u8, tr_encr->key_len + salt_len);
534 clib_memcpy_fast (sa->sk_ei, keymat + pos, tr_encr->key_len + salt_len);
535 pos += tr_encr->key_len + salt_len;
538 sa->sk_er = vec_new (u8, tr_encr->key_len + salt_len);
539 clib_memcpy_fast (sa->sk_er, keymat + pos, tr_encr->key_len + salt_len);
540 pos += tr_encr->key_len + salt_len;
543 sa->sk_pi = vec_new (u8, tr_prf->key_len);
544 clib_memcpy_fast (sa->sk_pi, keymat + pos, tr_prf->key_len);
545 pos += tr_prf->key_len;
548 sa->sk_pr = vec_new (u8, tr_prf->key_len);
549 clib_memcpy_fast (sa->sk_pr, keymat + pos, tr_prf->key_len);
550 pos += tr_prf->key_len;
553 sa->keys_generated = 1;
557 ikev2_calc_child_keys (ikev2_sa_t * sa, ikev2_child_sa_t * child)
560 u16 integ_key_len = 0;
563 ikev2_sa_transform_t *tr_prf, *ctr_encr, *ctr_integ;
565 ikev2_sa_get_td_for_type (sa->r_proposals, IKEV2_TRANSFORM_TYPE_PRF);
567 ikev2_sa_get_td_for_type (child->r_proposals, IKEV2_TRANSFORM_TYPE_ENCR);
569 ikev2_sa_get_td_for_type (child->r_proposals, IKEV2_TRANSFORM_TYPE_INTEG);
572 integ_key_len = ctr_integ->key_len;
574 salt_len = sizeof (u32);
576 vec_append (s, sa->i_nonce);
577 vec_append (s, sa->r_nonce);
578 /* calculate PRFplus */
580 int len = ctr_encr->key_len * 2 + integ_key_len * 2 + salt_len * 2;
582 keymat = ikev2_calc_prfplus (tr_prf, sa->sk_d, s, len);
587 child->sk_ei = vec_new (u8, ctr_encr->key_len);
588 clib_memcpy_fast (child->sk_ei, keymat + pos, ctr_encr->key_len);
589 pos += ctr_encr->key_len;
594 child->sk_ai = vec_new (u8, ctr_integ->key_len);
595 clib_memcpy_fast (child->sk_ai, keymat + pos, ctr_integ->key_len);
596 pos += ctr_integ->key_len;
600 clib_memcpy (&child->salt_ei, keymat + pos, salt_len);
605 child->sk_er = vec_new (u8, ctr_encr->key_len);
606 clib_memcpy_fast (child->sk_er, keymat + pos, ctr_encr->key_len);
607 pos += ctr_encr->key_len;
612 child->sk_ar = vec_new (u8, integ_key_len);
613 clib_memcpy_fast (child->sk_ar, keymat + pos, integ_key_len);
614 pos += integ_key_len;
618 clib_memcpy (&child->salt_er, keymat + pos, salt_len);
627 static_always_inline u8 *
628 ikev2_compute_nat_sha1 (u64 ispi, u64 rspi, u32 ip, u16 port)
630 /* ispi, rspi, ip, port */
631 u8 buf[8 + 8 + 4 + 2];
632 u8 *res = vec_new (u8, 20);
634 clib_memcpy_fast (&buf[0], &ispi, sizeof (ispi));
635 clib_memcpy_fast (&buf[8], &rspi, sizeof (rspi));
636 clib_memcpy_fast (&buf[8 + 8], &ip, sizeof (ip));
637 clib_memcpy_fast (&buf[8 + 8 + 4], &port, sizeof (port));
638 SHA1 (buf, sizeof (buf), res);
643 ikev2_process_sa_init_req (vlib_main_t * vm, ikev2_sa_t * sa,
644 ike_header_t * ike, udp_header_t * udp, u32 len)
647 u8 payload = ike->nextpayload;
649 ikev2_elog_exchange ("ispi %lx rspi %lx IKE_INIT request received "
651 clib_net_to_host_u64 (ike->ispi),
652 clib_net_to_host_u64 (ike->rspi), sa->iaddr.as_u32);
654 sa->ispi = clib_net_to_host_u64 (ike->ispi);
656 /* store whole IKE payload - needed for PSK auth */
657 vec_reset_length (sa->last_sa_init_req_packet_data);
658 vec_add (sa->last_sa_init_req_packet_data, ike, len);
660 while (p < len && payload != IKEV2_PAYLOAD_NONE)
662 ike_payload_header_t *ikep = (ike_payload_header_t *) & ike->payload[p];
663 u32 plen = clib_net_to_host_u16 (ikep->length);
665 if (plen < sizeof (ike_payload_header_t))
668 if (payload == IKEV2_PAYLOAD_SA)
670 ikev2_sa_free_proposal_vector (&sa->i_proposals);
671 sa->i_proposals = ikev2_parse_sa_payload (ikep);
673 else if (payload == IKEV2_PAYLOAD_KE)
675 ike_ke_payload_header_t *ke = (ike_ke_payload_header_t *) ikep;
676 sa->dh_group = clib_net_to_host_u16 (ke->dh_group);
677 vec_free (sa->i_dh_data);
678 vec_add (sa->i_dh_data, ke->payload, plen - sizeof (*ke));
680 else if (payload == IKEV2_PAYLOAD_NONCE)
682 vec_free (sa->i_nonce);
683 vec_add (sa->i_nonce, ikep->payload, plen - sizeof (*ikep));
685 else if (payload == IKEV2_PAYLOAD_NOTIFY)
687 ikev2_notify_t *n = ikev2_parse_notify_payload (ikep);
688 if (n->msg_type == IKEV2_NOTIFY_MSG_NAT_DETECTION_SOURCE_IP)
691 ikev2_compute_nat_sha1 (clib_net_to_host_u64 (ike->ispi), 0,
692 clib_net_to_host_u32 (sa->
695 if (clib_memcmp (src_sha, n->data, vec_len (src_sha)))
698 ikev2_elog_uint (IKEV2_LOG_DEBUG, "ispi %lx initiator"
699 " behind NAT", sa->ispi);
703 else if (n->msg_type ==
704 IKEV2_NOTIFY_MSG_NAT_DETECTION_DESTINATION_IP)
707 ikev2_compute_nat_sha1 (clib_net_to_host_u64 (ike->ispi), 0,
708 clib_net_to_host_u32 (sa->
711 if (clib_memcmp (dst_sha, n->data, vec_len (dst_sha)))
714 ikev2_elog_uint (IKEV2_LOG_DEBUG, "ispi %lx responder"
715 " (self) behind NAT", sa->ispi);
721 else if (payload == IKEV2_PAYLOAD_VENDOR)
723 ikev2_parse_vendor_payload (ikep);
727 ikev2_elog_uint (IKEV2_LOG_ERROR, "Unknown payload! type=%d",
729 if (ikep->flags & IKEV2_PAYLOAD_FLAG_CRITICAL)
731 ikev2_set_state (sa, IKEV2_STATE_NOTIFY_AND_DELETE);
732 sa->unsupported_cp = payload;
737 payload = ikep->nextpayload;
741 ikev2_set_state (sa, IKEV2_STATE_SA_INIT);
745 ikev2_process_sa_init_resp (vlib_main_t * vm, ikev2_sa_t * sa,
746 ike_header_t * ike, udp_header_t * udp, u32 len)
749 u8 payload = ike->nextpayload;
751 sa->ispi = clib_net_to_host_u64 (ike->ispi);
752 sa->rspi = clib_net_to_host_u64 (ike->rspi);
754 ikev2_elog_exchange ("ispi %lx rspi %lx IKE_INIT response received "
755 "from %d.%d.%d.%d", sa->ispi, sa->rspi,
758 /* store whole IKE payload - needed for PSK auth */
759 vec_reset_length (sa->last_sa_init_res_packet_data);
760 vec_add (sa->last_sa_init_res_packet_data, ike, len);
762 while (p < len && payload != IKEV2_PAYLOAD_NONE)
764 ike_payload_header_t *ikep = (ike_payload_header_t *) & ike->payload[p];
765 u32 plen = clib_net_to_host_u16 (ikep->length);
767 if (plen < sizeof (ike_payload_header_t))
770 if (payload == IKEV2_PAYLOAD_SA)
772 ikev2_sa_free_proposal_vector (&sa->r_proposals);
773 sa->r_proposals = ikev2_parse_sa_payload (ikep);
776 ikev2_set_state (sa, IKEV2_STATE_SA_INIT);
778 clib_host_to_net_u32 (clib_net_to_host_u32 (ike->msgid) + 1);
781 else if (payload == IKEV2_PAYLOAD_KE)
783 ike_ke_payload_header_t *ke = (ike_ke_payload_header_t *) ikep;
784 sa->dh_group = clib_net_to_host_u16 (ke->dh_group);
785 vec_free (sa->r_dh_data);
786 vec_add (sa->r_dh_data, ke->payload, plen - sizeof (*ke));
788 else if (payload == IKEV2_PAYLOAD_NONCE)
790 vec_free (sa->r_nonce);
791 vec_add (sa->r_nonce, ikep->payload, plen - sizeof (*ikep));
793 else if (payload == IKEV2_PAYLOAD_NOTIFY)
795 ikev2_notify_t *n = ikev2_parse_notify_payload (ikep);
796 if (n->msg_type == IKEV2_NOTIFY_MSG_NAT_DETECTION_SOURCE_IP)
798 u8 *src_sha = ikev2_compute_nat_sha1 (ike->ispi,
803 if (clib_memcmp (src_sha, n->data, vec_len (src_sha)))
805 ikev2_elog_uint (IKEV2_LOG_DEBUG, "ispi %lx responder"
806 " behind NAT, unsupported", sa->ispi);
810 else if (n->msg_type ==
811 IKEV2_NOTIFY_MSG_NAT_DETECTION_DESTINATION_IP)
813 u8 *dst_sha = ikev2_compute_nat_sha1 (ike->ispi,
817 if (clib_memcmp (dst_sha, n->data, vec_len (dst_sha)))
820 ikev2_elog_uint (IKEV2_LOG_DEBUG, "ispi %lx initiator"
821 " (self) behind NAT", sa->ispi);
827 else if (payload == IKEV2_PAYLOAD_VENDOR)
829 ikev2_parse_vendor_payload (ikep);
833 ikev2_elog_uint (IKEV2_LOG_ERROR, "Unknown payload! type=%d",
835 if (ikep->flags & IKEV2_PAYLOAD_FLAG_CRITICAL)
837 ikev2_set_state (sa, IKEV2_STATE_NOTIFY_AND_DELETE);
838 sa->unsupported_cp = payload;
843 payload = ikep->nextpayload;
849 ikev2_decrypt_sk_payload (ikev2_sa_t * sa, ike_header_t * ike, u8 * payload,
852 ikev2_main_per_thread_data_t *ptd = ikev2_get_per_thread_data ();
854 u8 last_payload = 0, *plaintext = 0;
856 ike_payload_header_t *ikep = 0;
858 ikev2_sa_transform_t *tr_integ;
859 ikev2_sa_transform_t *tr_encr;
861 ikev2_sa_get_td_for_type (sa->r_proposals, IKEV2_TRANSFORM_TYPE_INTEG);
863 ikev2_sa_get_td_for_type (sa->r_proposals, IKEV2_TRANSFORM_TYPE_ENCR);
864 int is_aead = tr_encr->encr_type == IKEV2_TRANSFORM_ENCR_TYPE_AES_GCM_16;
866 if ((!sa->sk_ar || !sa->sk_ai) && !is_aead)
870 *payload != IKEV2_PAYLOAD_NONE && last_payload != IKEV2_PAYLOAD_SK)
872 ikep = (ike_payload_header_t *) & ike->payload[p];
873 plen = clib_net_to_host_u16 (ikep->length);
875 if (plen < sizeof (*ikep))
878 if (*payload == IKEV2_PAYLOAD_SK)
880 last_payload = *payload;
884 ikev2_elog_uint (IKEV2_LOG_ERROR, "Unknown payload! type=%d",
886 if (ikep->flags & IKEV2_PAYLOAD_FLAG_CRITICAL)
888 sa->unsupported_cp = *payload;
893 *payload = ikep->nextpayload;
897 if (last_payload != IKEV2_PAYLOAD_SK)
899 ikev2_elog_error ("Last payload must be SK");
905 if (plen < sizeof (*ikep) + IKEV2_GCM_ICV_SIZE)
908 plen -= sizeof (*ikep) + IKEV2_GCM_ICV_SIZE;
909 u8 *aad = (u8 *) ike;
910 u32 aad_len = ikep->payload - aad;
911 u8 *tag = ikep->payload + plen;
913 plaintext = ikev2_decrypt_aead_data (ptd, sa, tr_encr, ikep->payload,
914 plen, aad, aad_len, tag);
918 if (len < tr_integ->key_trunc)
922 ikev2_calc_integr (tr_integ, sa->is_initiator ? sa->sk_ar : sa->sk_ai,
923 (u8 *) ike, len - tr_integ->key_trunc);
925 if (plen < sizeof (*ikep) + tr_integ->key_trunc)
928 plen = plen - sizeof (*ikep) - tr_integ->key_trunc;
930 if (memcmp (hmac, &ikep->payload[plen], tr_integ->key_trunc))
932 ikev2_elog_error ("message integrity check failed");
938 plaintext = ikev2_decrypt_data (ptd, sa, tr_encr, ikep->payload, plen);
944 static_always_inline int
945 ikev2_is_id_equal (ikev2_id_t * i1, ikev2_id_t * i2)
947 if (i1->type != i2->type)
950 if (vec_len (i1->data) != vec_len (i2->data))
953 if (memcmp (i1->data, i2->data, vec_len (i1->data)))
960 ikev2_initial_contact_cleanup (ikev2_sa_t * sa)
962 ikev2_main_t *km = &ikev2_main;
966 u32 thread_index = vlib_get_thread_index ();
968 if (!sa->initial_contact)
971 /* find old IKE SAs with the same authenticated identity */
973 pool_foreach (tmp, km->per_thread_data[thread_index].sas, ({
974 if (!ikev2_is_id_equal (&tmp->i_id, &sa->i_id)
975 || !ikev2_is_id_equal(&tmp->r_id, &sa->r_id))
978 if (sa->rspi != tmp->rspi)
979 vec_add1(delete, tmp - km->per_thread_data[thread_index].sas);
983 for (i = 0; i < vec_len (delete); i++)
986 pool_elt_at_index (km->per_thread_data[thread_index].sas, delete[i]);
988 tmp->childs) ikev2_delete_tunnel_interface (km->vnet_main,
990 ikev2_delete_sa (tmp);
994 sa->initial_contact = 0;
998 ikev2_process_auth_req (vlib_main_t * vm, ikev2_sa_t * sa, ike_header_t * ike,
1001 ikev2_child_sa_t *first_child_sa;
1003 u8 payload = ike->nextpayload;
1005 ike_payload_header_t *ikep;
1008 ikev2_elog_exchange ("ispi %lx rspi %lx EXCHANGE_IKE_AUTH received "
1009 "from %d.%d.%d.%d", clib_host_to_net_u64 (ike->ispi),
1010 clib_host_to_net_u64 (ike->rspi),
1011 sa->is_initiator ? sa->raddr.as_u32 : sa->
1014 ikev2_calc_keys (sa);
1016 plaintext = ikev2_decrypt_sk_payload (sa, ike, &payload, len);
1020 if (sa->unsupported_cp)
1021 ikev2_set_state (sa, IKEV2_STATE_NOTIFY_AND_DELETE);
1022 goto cleanup_and_exit;
1025 /* select or create 1st child SA */
1026 if (sa->is_initiator)
1028 first_child_sa = &sa->childs[0];
1032 ikev2_sa_free_all_child_sa (&sa->childs);
1033 vec_add2 (sa->childs, first_child_sa, 1);
1037 /* process encrypted payload */
1039 while (p < vec_len (plaintext) && payload != IKEV2_PAYLOAD_NONE)
1041 ikep = (ike_payload_header_t *) & plaintext[p];
1042 plen = clib_net_to_host_u16 (ikep->length);
1044 if (plen < sizeof (ike_payload_header_t))
1045 goto cleanup_and_exit;
1047 if (payload == IKEV2_PAYLOAD_SA) /* 33 */
1049 if (sa->is_initiator)
1051 ikev2_sa_free_proposal_vector (&first_child_sa->r_proposals);
1052 first_child_sa->r_proposals = ikev2_parse_sa_payload (ikep);
1056 ikev2_sa_free_proposal_vector (&first_child_sa->i_proposals);
1057 first_child_sa->i_proposals = ikev2_parse_sa_payload (ikep);
1060 else if (payload == IKEV2_PAYLOAD_IDI) /* 35 */
1062 ike_id_payload_header_t *id = (ike_id_payload_header_t *) ikep;
1064 sa->i_id.type = id->id_type;
1065 vec_free (sa->i_id.data);
1066 vec_add (sa->i_id.data, id->payload, plen - sizeof (*id));
1068 else if (payload == IKEV2_PAYLOAD_IDR) /* 36 */
1070 ike_id_payload_header_t *id = (ike_id_payload_header_t *) ikep;
1072 sa->r_id.type = id->id_type;
1073 vec_free (sa->r_id.data);
1074 vec_add (sa->r_id.data, id->payload, plen - sizeof (*id));
1076 else if (payload == IKEV2_PAYLOAD_AUTH) /* 39 */
1078 ike_auth_payload_header_t *a = (ike_auth_payload_header_t *) ikep;
1080 if (sa->is_initiator)
1082 sa->r_auth.method = a->auth_method;
1083 vec_free (sa->r_auth.data);
1084 vec_add (sa->r_auth.data, a->payload, plen - sizeof (*a));
1088 sa->i_auth.method = a->auth_method;
1089 vec_free (sa->i_auth.data);
1090 vec_add (sa->i_auth.data, a->payload, plen - sizeof (*a));
1093 else if (payload == IKEV2_PAYLOAD_NOTIFY) /* 41 */
1095 ikev2_notify_t *n = ikev2_parse_notify_payload (ikep);
1096 if (n->msg_type == IKEV2_NOTIFY_MSG_INITIAL_CONTACT)
1098 sa->initial_contact = 1;
1102 else if (payload == IKEV2_PAYLOAD_VENDOR) /* 43 */
1104 ikev2_parse_vendor_payload (ikep);
1106 else if (payload == IKEV2_PAYLOAD_TSI) /* 44 */
1108 vec_free (first_child_sa->tsi);
1109 first_child_sa->tsi = ikev2_parse_ts_payload (ikep);
1111 else if (payload == IKEV2_PAYLOAD_TSR) /* 45 */
1113 vec_free (first_child_sa->tsr);
1114 first_child_sa->tsr = ikev2_parse_ts_payload (ikep);
1118 ikev2_elog_uint (IKEV2_LOG_ERROR, "Unknown payload! type=%d",
1121 if (ikep->flags & IKEV2_PAYLOAD_FLAG_CRITICAL)
1123 ikev2_set_state (sa, IKEV2_STATE_NOTIFY_AND_DELETE);
1124 sa->unsupported_cp = payload;
1129 payload = ikep->nextpayload;
1134 vec_free (plaintext);
1138 ikev2_process_informational_req (vlib_main_t * vm, ikev2_sa_t * sa,
1139 ike_header_t * ike, u32 len)
1142 u8 payload = ike->nextpayload;
1144 ike_payload_header_t *ikep;
1147 sa->liveness_retries = 0;
1148 ikev2_elog_exchange ("ispi %lx rspi %lx INFORMATIONAL received "
1149 "from %d.%d.%d.%d", clib_host_to_net_u64 (ike->ispi),
1150 clib_host_to_net_u64 (ike->rspi), sa->iaddr.as_u32);
1152 plaintext = ikev2_decrypt_sk_payload (sa, ike, &payload, len);
1155 goto cleanup_and_exit;
1157 /* process encrypted payload */
1159 while (p < vec_len (plaintext) && payload != IKEV2_PAYLOAD_NONE)
1161 ikep = (ike_payload_header_t *) & plaintext[p];
1162 plen = clib_net_to_host_u16 (ikep->length);
1164 if (plen < sizeof (ike_payload_header_t))
1165 goto cleanup_and_exit;
1167 if (payload == IKEV2_PAYLOAD_NOTIFY) /* 41 */
1169 ikev2_notify_t *n = ikev2_parse_notify_payload (ikep);
1170 if (n->msg_type == IKEV2_NOTIFY_MSG_AUTHENTICATION_FAILED)
1171 ikev2_set_state (sa, IKEV2_STATE_AUTH_FAILED);
1174 else if (payload == IKEV2_PAYLOAD_DELETE) /* 42 */
1176 sa->del = ikev2_parse_delete_payload (ikep);
1178 else if (payload == IKEV2_PAYLOAD_VENDOR) /* 43 */
1180 ikev2_parse_vendor_payload (ikep);
1184 ikev2_elog_uint (IKEV2_LOG_ERROR, "Unknown payload! type=%d",
1186 if (ikep->flags & IKEV2_PAYLOAD_FLAG_CRITICAL)
1188 sa->unsupported_cp = payload;
1193 payload = ikep->nextpayload;
1198 vec_free (plaintext);
1202 ikev2_process_create_child_sa_req (vlib_main_t * vm, ikev2_sa_t * sa,
1203 ike_header_t * ike, u32 len)
1206 u8 payload = ike->nextpayload;
1209 u8 nonce[IKEV2_NONCE_SIZE];
1211 ike_payload_header_t *ikep;
1213 ikev2_notify_t *n = 0;
1214 ikev2_ts_t *tsi = 0;
1215 ikev2_ts_t *tsr = 0;
1216 ikev2_sa_proposal_t *proposal = 0;
1217 ikev2_child_sa_t *child_sa;
1219 ikev2_elog_exchange ("ispi %lx rspi %lx CREATE_CHILD_SA received "
1220 "from %d.%d.%d.%d", clib_host_to_net_u64 (ike->ispi),
1221 clib_host_to_net_u64 (ike->rspi), sa->raddr.as_u32);
1223 plaintext = ikev2_decrypt_sk_payload (sa, ike, &payload, len);
1226 goto cleanup_and_exit;
1228 /* process encrypted payload */
1230 while (p < vec_len (plaintext) && payload != IKEV2_PAYLOAD_NONE)
1232 ikep = (ike_payload_header_t *) & plaintext[p];
1233 plen = clib_net_to_host_u16 (ikep->length);
1235 if (plen < sizeof (ike_payload_header_t))
1236 goto cleanup_and_exit;
1238 else if (payload == IKEV2_PAYLOAD_SA)
1240 proposal = ikev2_parse_sa_payload (ikep);
1242 else if (payload == IKEV2_PAYLOAD_NOTIFY)
1244 n = ikev2_parse_notify_payload (ikep);
1245 if (n->msg_type == IKEV2_NOTIFY_MSG_REKEY_SA)
1250 else if (payload == IKEV2_PAYLOAD_DELETE)
1252 sa->del = ikev2_parse_delete_payload (ikep);
1254 else if (payload == IKEV2_PAYLOAD_VENDOR)
1256 ikev2_parse_vendor_payload (ikep);
1258 else if (payload == IKEV2_PAYLOAD_NONCE)
1260 clib_memcpy_fast (nonce, ikep->payload, plen - sizeof (*ikep));
1262 else if (payload == IKEV2_PAYLOAD_TSI)
1264 tsi = ikev2_parse_ts_payload (ikep);
1266 else if (payload == IKEV2_PAYLOAD_TSR)
1268 tsr = ikev2_parse_ts_payload (ikep);
1272 ikev2_elog_uint (IKEV2_LOG_ERROR, "Unknown payload! type=%d",
1274 if (ikep->flags & IKEV2_PAYLOAD_FLAG_CRITICAL)
1276 sa->unsupported_cp = payload;
1277 goto cleanup_and_exit;
1281 payload = ikep->nextpayload;
1285 if (sa->is_initiator && proposal->protocol_id == IKEV2_PROTOCOL_ESP)
1287 ikev2_rekey_t *rekey = &sa->rekey[0];
1288 rekey->protocol_id = proposal->protocol_id;
1290 ikev2_select_proposal (proposal, IKEV2_PROTOCOL_ESP);
1291 rekey->i_proposal->spi = rekey->spi;
1292 rekey->r_proposal = proposal;
1296 vec_free (sa->r_nonce);
1297 vec_add (sa->r_nonce, nonce, IKEV2_NONCE_SIZE);
1298 child_sa = ikev2_sa_get_child (sa, rekey->ispi, IKEV2_PROTOCOL_ESP, 1);
1301 child_sa->rekey_retries = 0;
1306 ikev2_rekey_t *rekey;
1307 child_sa = ikev2_sa_get_child (sa, n->spi, n->protocol_id, 1);
1310 ikev2_elog_uint (IKEV2_LOG_ERROR, "child SA spi %lx not found",
1312 goto cleanup_and_exit;
1314 vec_add2 (sa->rekey, rekey, 1);
1315 rekey->protocol_id = n->protocol_id;
1316 rekey->spi = n->spi;
1317 rekey->i_proposal = proposal;
1319 ikev2_select_proposal (proposal, IKEV2_PROTOCOL_ESP);
1323 vec_free (sa->i_nonce);
1324 vec_add (sa->i_nonce, nonce, IKEV2_NONCE_SIZE);
1325 /* generate new Nr */
1326 vec_free (sa->r_nonce);
1327 sa->r_nonce = vec_new (u8, IKEV2_NONCE_SIZE);
1328 RAND_bytes ((u8 *) sa->r_nonce, IKEV2_NONCE_SIZE);
1332 vec_free (plaintext);
1337 ikev2_sa_generate_authmsg (ikev2_sa_t * sa, int is_responder)
1345 ikev2_sa_transform_t *tr_prf;
1348 ikev2_sa_get_td_for_type (sa->r_proposals, IKEV2_TRANSFORM_TYPE_PRF);
1354 nonce = sa->i_nonce;
1355 packet_data = sa->last_sa_init_res_packet_data;
1361 nonce = sa->r_nonce;
1362 packet_data = sa->last_sa_init_req_packet_data;
1365 data = vec_new (u8, 4);
1367 vec_append (data, id->data);
1369 u8 *id_hash = ikev2_calc_prf (tr_prf, key, data);
1370 vec_append (authmsg, packet_data);
1371 vec_append (authmsg, nonce);
1372 vec_append (authmsg, id_hash);
1380 ikev2_ts_cmp (ikev2_ts_t * ts1, ikev2_ts_t * ts2)
1382 if (ts1->ts_type == ts2->ts_type && ts1->protocol_id == ts2->protocol_id &&
1383 ts1->start_port == ts2->start_port && ts1->end_port == ts2->end_port &&
1384 ts1->start_addr.as_u32 == ts2->start_addr.as_u32 &&
1385 ts1->end_addr.as_u32 == ts2->end_addr.as_u32)
1392 ikev2_sa_match_ts (ikev2_sa_t * sa)
1394 ikev2_main_t *km = &ikev2_main;
1396 ikev2_ts_t *ts, *p_tsi, *p_tsr, *tsi = 0, *tsr = 0;
1397 ikev2_id_t *id_rem, *id_loc;
1400 pool_foreach (p, km->profiles, ({
1402 if (sa->is_initiator)
1418 if (!ikev2_is_id_equal (&p->rem_id, id_rem)
1419 || !ikev2_is_id_equal (&p->loc_id, id_loc))
1422 sa->profile_index = p - km->profiles;
1424 vec_foreach(ts, sa->childs[0].tsi)
1426 if (ikev2_ts_cmp(p_tsi, ts))
1428 vec_add1 (tsi, ts[0]);
1433 vec_foreach(ts, sa->childs[0].tsr)
1435 if (ikev2_ts_cmp(p_tsr, ts))
1437 vec_add1 (tsr, ts[0]);
1448 vec_free (sa->childs[0].tsi);
1449 vec_free (sa->childs[0].tsr);
1450 sa->childs[0].tsi = tsi;
1451 sa->childs[0].tsr = tsr;
1457 ikev2_set_state (sa, IKEV2_STATE_TS_UNACCEPTABLE);
1462 ikev2_sa_auth (ikev2_sa_t * sa)
1464 ikev2_main_t *km = &ikev2_main;
1465 ikev2_profile_t *p, *sel_p = 0;
1466 u8 *authmsg, *key_pad, *psk = 0, *auth = 0;
1467 ikev2_sa_transform_t *tr_prf;
1470 ikev2_sa_get_td_for_type (sa->r_proposals, IKEV2_TRANSFORM_TYPE_PRF);
1472 /* only shared key and rsa signature */
1473 if (!(sa->i_auth.method == IKEV2_AUTH_METHOD_SHARED_KEY_MIC ||
1474 sa->i_auth.method == IKEV2_AUTH_METHOD_RSA_SIG))
1476 ikev2_elog_uint (IKEV2_LOG_ERROR,
1477 "unsupported authentication method %u",
1479 ikev2_set_state (sa, IKEV2_STATE_AUTH_FAILED);
1483 key_pad = format (0, "%s", IKEV2_KEY_PAD);
1484 authmsg = ikev2_sa_generate_authmsg (sa, sa->is_initiator);
1486 ikev2_id_t *id_rem, *id_loc;
1487 ikev2_auth_t *sa_auth;
1489 if (sa->is_initiator)
1493 sa_auth = &sa->r_auth;
1499 sa_auth = &sa->i_auth;
1503 pool_foreach (p, km->profiles, ({
1506 if (!ikev2_is_id_equal (&p->rem_id, id_rem)
1507 || !ikev2_is_id_equal (&p->loc_id, id_loc))
1510 if (sa_auth->method == IKEV2_AUTH_METHOD_SHARED_KEY_MIC)
1512 if (!p->auth.data ||
1513 p->auth.method != IKEV2_AUTH_METHOD_SHARED_KEY_MIC)
1516 psk = ikev2_calc_prf(tr_prf, p->auth.data, key_pad);
1517 auth = ikev2_calc_prf(tr_prf, psk, authmsg);
1519 if (!memcmp(auth, sa_auth->data, vec_len(sa_auth->data)))
1521 ikev2_set_state(sa, IKEV2_STATE_AUTHENTICATED);
1528 else if (sa_auth->method == IKEV2_AUTH_METHOD_RSA_SIG)
1530 if (p->auth.method != IKEV2_AUTH_METHOD_RSA_SIG)
1533 if (ikev2_verify_sign(p->auth.key, sa_auth->data, authmsg) == 1)
1535 ikev2_set_state(sa, IKEV2_STATE_AUTHENTICATED);
1548 sa->udp_encap = sel_p->udp_encap;
1549 sa->ipsec_over_udp_port = sel_p->ipsec_over_udp_port;
1553 if (sa->state == IKEV2_STATE_AUTHENTICATED)
1555 if (!sa->is_initiator)
1557 vec_free (sa->r_id.data);
1558 sa->r_id.data = vec_dup (sel_p->loc_id.data);
1559 sa->r_id.type = sel_p->loc_id.type;
1560 sa->i_id.data = vec_dup (sel_p->rem_id.data);
1561 sa->i_id.type = sel_p->rem_id.type;
1563 /* generate our auth data */
1564 authmsg = ikev2_sa_generate_authmsg (sa, 1);
1565 if (sel_p->auth.method == IKEV2_AUTH_METHOD_SHARED_KEY_MIC)
1567 sa->r_auth.data = ikev2_calc_prf (tr_prf, psk, authmsg);
1568 sa->r_auth.method = IKEV2_AUTH_METHOD_SHARED_KEY_MIC;
1570 else if (sel_p->auth.method == IKEV2_AUTH_METHOD_RSA_SIG)
1572 sa->r_auth.data = ikev2_calc_sign (km->pkey, authmsg);
1573 sa->r_auth.method = IKEV2_AUTH_METHOD_RSA_SIG;
1577 /* select transforms for 1st child sa */
1578 ikev2_sa_free_proposal_vector (&sa->childs[0].r_proposals);
1579 sa->childs[0].r_proposals =
1580 ikev2_select_proposal (sa->childs[0].i_proposals,
1581 IKEV2_PROTOCOL_ESP);
1583 if (~0 != sel_p->tun_itf)
1585 sa->is_tun_itf_set = 1;
1586 sa->tun_itf = sel_p->tun_itf;
1592 ikev2_elog_uint (IKEV2_LOG_ERROR, "authentication failed, no matching "
1593 "profile found! ispi %lx", sa->ispi);
1594 ikev2_set_state (sa, IKEV2_STATE_AUTH_FAILED);
1602 ikev2_sa_auth_init (ikev2_sa_t * sa)
1604 ikev2_main_t *km = &ikev2_main;
1605 u8 *authmsg, *key_pad, *psk = 0;
1606 ikev2_sa_transform_t *tr_prf;
1609 ikev2_sa_get_td_for_type (sa->r_proposals, IKEV2_TRANSFORM_TYPE_PRF);
1611 /* only shared key and rsa signature */
1612 if (!(sa->i_auth.method == IKEV2_AUTH_METHOD_SHARED_KEY_MIC ||
1613 sa->i_auth.method == IKEV2_AUTH_METHOD_RSA_SIG))
1615 ikev2_elog_uint (IKEV2_LOG_ERROR,
1616 "unsupported authentication method %u",
1618 ikev2_set_state (sa, IKEV2_STATE_AUTH_FAILED);
1622 key_pad = format (0, "%s", IKEV2_KEY_PAD);
1623 authmsg = ikev2_sa_generate_authmsg (sa, 0);
1624 psk = ikev2_calc_prf (tr_prf, sa->i_auth.data, key_pad);
1626 if (sa->i_auth.method == IKEV2_AUTH_METHOD_SHARED_KEY_MIC)
1628 sa->i_auth.data = ikev2_calc_prf (tr_prf, psk, authmsg);
1629 sa->i_auth.method = IKEV2_AUTH_METHOD_SHARED_KEY_MIC;
1631 else if (sa->i_auth.method == IKEV2_AUTH_METHOD_RSA_SIG)
1633 sa->i_auth.data = ikev2_calc_sign (km->pkey, authmsg);
1634 sa->i_auth.method = IKEV2_AUTH_METHOD_RSA_SIG;
1643 ikev2_mk_local_sa_id (u32 sai, u32 ci, u32 ti)
1645 return (0x80000000 | (ti << 24) | (sai << 12) | ci);
1649 ikev2_mk_remote_sa_id (u32 sai, u32 ci, u32 ti)
1651 return (0xc0000000 | (ti << 24) | (sai << 12) | ci);
1661 ipsec_sa_flags_t flags;
1664 ipsec_crypto_alg_t encr_type;
1665 ipsec_integ_alg_t integ_type;
1666 ip46_address_t local_ip;
1667 ip46_address_t remote_ip;
1668 ipsec_key_t loc_ckey, rem_ckey, loc_ikey, rem_ikey;
1670 u32 old_remote_sa_id;
1671 u16 ipsec_over_udp_port;
1674 } ikev2_add_ipsec_tunnel_args_t;
1677 ikev2_add_tunnel_from_main (ikev2_add_ipsec_tunnel_args_t * a)
1679 ikev2_main_t *km = &ikev2_main;
1683 if (~0 == a->sw_if_index)
1685 /* no tunnel associated with the SA/profile - create a new one */
1686 rv = ipip_add_tunnel (IPIP_TRANSPORT_IP4, ~0,
1687 &a->local_ip, &a->remote_ip, 0,
1688 TUNNEL_ENCAP_DECAP_FLAG_NONE, IP_DSCP_CS0,
1689 TUNNEL_MODE_P2P, &sw_if_index);
1691 if (rv == VNET_API_ERROR_IF_ALREADY_EXISTS)
1693 if (hash_get (km->sw_if_indices, sw_if_index))
1694 /* interface is managed by IKE; proceed with updating SAs */
1697 hash_set1 (km->sw_if_indices, sw_if_index);
1701 sw_if_index = a->sw_if_index;
1702 vnet_sw_interface_admin_up (vnet_get_main (), sw_if_index);
1707 ikev2_elog_peers (IKEV2_LOG_ERROR, "installing ipip tunnel failed! "
1708 "loc:%d.%d.%d.%d rem:%d.%d.%d.%d",
1709 a->local_ip.ip4.as_u32, a->remote_ip.ip4.as_u32);
1714 vec_add1 (sas_in, a->remote_sa_id);
1717 ipsec_tun_protect_del (sw_if_index, NULL);
1719 /* replace local SA immediately */
1720 ipsec_sa_unlock_id (a->local_sa_id);
1722 /* keep the old sa */
1723 vec_add1 (sas_in, a->old_remote_sa_id);
1726 rv |= ipsec_sa_add_and_lock (a->local_sa_id,
1728 IPSEC_PROTOCOL_ESP, a->encr_type,
1729 &a->loc_ckey, a->integ_type, &a->loc_ikey,
1730 a->flags, 0, a->salt_local, &a->local_ip,
1731 &a->remote_ip, NULL, a->src_port, a->dst_port);
1732 rv |= ipsec_sa_add_and_lock (a->remote_sa_id, a->remote_spi,
1733 IPSEC_PROTOCOL_ESP, a->encr_type, &a->rem_ckey,
1734 a->integ_type, &a->rem_ikey,
1735 (a->flags | IPSEC_SA_FLAG_IS_INBOUND), 0,
1736 a->salt_remote, &a->remote_ip,
1737 &a->local_ip, NULL, a->ipsec_over_udp_port,
1738 a->ipsec_over_udp_port);
1740 rv |= ipsec_tun_protect_update (sw_if_index, NULL, a->local_sa_id, sas_in);
1744 ikev2_create_tunnel_interface (vlib_main_t * vm,
1747 ikev2_child_sa_t * child, u32 sa_index,
1748 u32 child_index, u8 is_rekey)
1750 ikev2_main_t *km = &ikev2_main;
1751 ipsec_crypto_alg_t encr_type;
1752 ipsec_integ_alg_t integ_type;
1753 ikev2_profile_t *p = 0;
1754 ikev2_sa_transform_t *tr;
1755 ikev2_sa_proposal_t *proposals;
1757 ikev2_add_ipsec_tunnel_args_t a;
1759 clib_memset (&a, 0, sizeof (a));
1761 if (!child->r_proposals)
1763 ikev2_set_state (sa, IKEV2_STATE_NO_PROPOSAL_CHOSEN);
1767 if (sa->is_initiator)
1769 ip46_address_set_ip4 (&a.local_ip, &sa->iaddr);
1770 ip46_address_set_ip4 (&a.remote_ip, &sa->raddr);
1771 proposals = child->r_proposals;
1772 a.local_spi = child->r_proposals[0].spi;
1773 a.remote_spi = child->i_proposals[0].spi;
1777 ip46_address_set_ip4 (&a.local_ip, &sa->raddr);
1778 ip46_address_set_ip4 (&a.remote_ip, &sa->iaddr);
1779 proposals = child->i_proposals;
1780 a.local_spi = child->i_proposals[0].spi;
1781 a.remote_spi = child->r_proposals[0].spi;
1784 a.flags = IPSEC_SA_FLAG_USE_ANTI_REPLAY;
1787 a.flags |= IPSEC_SA_FLAG_IS_TUNNEL;
1788 a.flags |= IPSEC_SA_FLAG_UDP_ENCAP;
1791 a.flags |= IPSEC_SA_FLAG_UDP_ENCAP;
1792 a.is_rekey = is_rekey;
1794 tr = ikev2_sa_get_td_for_type (proposals, IKEV2_TRANSFORM_TYPE_ESN);
1795 if (tr && tr->esn_type)
1796 a.flags |= IPSEC_SA_FLAG_USE_ESN;
1798 tr = ikev2_sa_get_td_for_type (proposals, IKEV2_TRANSFORM_TYPE_ENCR);
1801 if (tr->encr_type == IKEV2_TRANSFORM_ENCR_TYPE_AES_CBC && tr->key_len)
1803 switch (tr->key_len)
1806 encr_type = IPSEC_CRYPTO_ALG_AES_CBC_128;
1809 encr_type = IPSEC_CRYPTO_ALG_AES_CBC_192;
1812 encr_type = IPSEC_CRYPTO_ALG_AES_CBC_256;
1815 ikev2_set_state (sa, IKEV2_STATE_NO_PROPOSAL_CHOSEN);
1820 else if (tr->encr_type == IKEV2_TRANSFORM_ENCR_TYPE_AES_GCM_16
1823 switch (tr->key_len)
1826 encr_type = IPSEC_CRYPTO_ALG_AES_GCM_128;
1829 encr_type = IPSEC_CRYPTO_ALG_AES_GCM_192;
1832 encr_type = IPSEC_CRYPTO_ALG_AES_GCM_256;
1835 ikev2_set_state (sa, IKEV2_STATE_NO_PROPOSAL_CHOSEN);
1843 ikev2_set_state (sa, IKEV2_STATE_NO_PROPOSAL_CHOSEN);
1849 ikev2_set_state (sa, IKEV2_STATE_NO_PROPOSAL_CHOSEN);
1852 a.encr_type = encr_type;
1856 tr = ikev2_sa_get_td_for_type (proposals, IKEV2_TRANSFORM_TYPE_INTEG);
1859 switch (tr->integ_type)
1861 case IKEV2_TRANSFORM_INTEG_TYPE_AUTH_HMAC_SHA2_256_128:
1862 integ_type = IPSEC_INTEG_ALG_SHA_256_128;
1864 case IKEV2_TRANSFORM_INTEG_TYPE_AUTH_HMAC_SHA2_384_192:
1865 integ_type = IPSEC_INTEG_ALG_SHA_384_192;
1867 case IKEV2_TRANSFORM_INTEG_TYPE_AUTH_HMAC_SHA2_512_256:
1868 integ_type = IPSEC_INTEG_ALG_SHA_512_256;
1870 case IKEV2_TRANSFORM_INTEG_TYPE_AUTH_HMAC_SHA1_96:
1871 integ_type = IPSEC_INTEG_ALG_SHA1_96;
1874 ikev2_set_state (sa, IKEV2_STATE_NO_PROPOSAL_CHOSEN);
1880 ikev2_set_state (sa, IKEV2_STATE_NO_PROPOSAL_CHOSEN);
1886 integ_type = IPSEC_INTEG_ALG_NONE;
1889 a.integ_type = integ_type;
1890 ikev2_calc_child_keys (sa, child);
1892 if (sa->is_initiator)
1894 ipsec_mk_key (&a.loc_ikey, child->sk_ai, vec_len (child->sk_ai));
1895 ipsec_mk_key (&a.rem_ikey, child->sk_ar, vec_len (child->sk_ar));
1896 ipsec_mk_key (&a.loc_ckey, child->sk_ei, vec_len (child->sk_ei));
1897 ipsec_mk_key (&a.rem_ckey, child->sk_er, vec_len (child->sk_er));
1900 a.salt_remote = child->salt_er;
1901 a.salt_local = child->salt_ei;
1903 a.dst_port = a.src_port = sa->ipsec_over_udp_port;
1907 ipsec_mk_key (&a.loc_ikey, child->sk_ar, vec_len (child->sk_ar));
1908 ipsec_mk_key (&a.rem_ikey, child->sk_ai, vec_len (child->sk_ai));
1909 ipsec_mk_key (&a.loc_ckey, child->sk_er, vec_len (child->sk_er));
1910 ipsec_mk_key (&a.rem_ckey, child->sk_ei, vec_len (child->sk_ei));
1913 a.salt_remote = child->salt_ei;
1914 a.salt_local = child->salt_er;
1916 a.dst_port = sa->natt ? sa->dst_port : sa->ipsec_over_udp_port;
1917 a.src_port = sa->ipsec_over_udp_port;
1920 if (sa->is_initiator && sa->profile_index != ~0)
1921 p = pool_elt_at_index (km->profiles, sa->profile_index);
1923 if (p && p->lifetime)
1925 child->time_to_expiration = vlib_time_now (vm) + p->lifetime;
1926 if (p->lifetime_jitter)
1928 // This is not much better than rand(3), which Coverity warns
1929 // is unsuitable for security applications; random_u32 is
1930 // however fast. If this perturbance to the expiration time
1931 // needs to use a better RNG then we may need to use something
1932 // like /dev/urandom which has significant overhead.
1933 u32 rnd = (u32) (vlib_time_now (vm) * 1e6);
1934 rnd = random_u32 (&rnd);
1936 child->time_to_expiration += 1 + (rnd % p->lifetime_jitter);
1940 if (thread_index & 0xffffffc0)
1941 ikev2_elog_error ("error: thread index exceeds max range 0x3f!");
1943 if (child_index & 0xfffff000 || sa_index & 0xfffff000)
1944 ikev2_elog_error ("error: sa/child index exceeds max range 0xfff!");
1946 child->local_sa_id =
1948 ikev2_mk_local_sa_id (sa_index, child_index, thread_index);
1950 u32 remote_sa_id = ikev2_mk_remote_sa_id (sa_index, child_index,
1955 /* create a new remote SA ID to keep the old SA for a bit longer
1956 * so the peer has some time to swap their SAs */
1958 /* use most significat bit of child index part in id */
1960 if (sa->current_remote_id_mask)
1962 sa->old_remote_id = a.old_remote_sa_id = remote_sa_id | mask;
1963 sa->current_remote_id_mask = 0;
1967 sa->old_remote_id = a.old_remote_sa_id = remote_sa_id;
1968 sa->current_remote_id_mask = mask;
1969 remote_sa_id |= mask;
1971 sa->old_id_expiration = 3.0;
1972 sa->old_remote_id_present = 1;
1975 child->remote_sa_id = a.remote_sa_id = remote_sa_id;
1977 a.sw_if_index = (sa->is_tun_itf_set ? sa->tun_itf : ~0);
1978 a.ipsec_over_udp_port = sa->ipsec_over_udp_port;
1980 vl_api_rpc_call_main_thread (ikev2_add_tunnel_from_main,
1981 (u8 *) & a, sizeof (a));
1987 ip46_address_t local_ip;
1988 ip46_address_t remote_ip;
1992 } ikev2_del_ipsec_tunnel_args_t;
1994 static_always_inline u32
1995 ikev2_flip_alternate_sa_bit (u32 id)
2004 ikev2_del_tunnel_from_main (ikev2_del_ipsec_tunnel_args_t * a)
2006 ikev2_main_t *km = &ikev2_main;
2007 ipip_tunnel_t *ipip = NULL;
2010 if (~0 == a->sw_if_index)
2013 ipip_tunnel_key_t key = {
2015 .dst = a->remote_ip,
2016 .transport = IPIP_TRANSPORT_IP4,
2021 ipip = ipip_tunnel_db_find (&key);
2025 sw_if_index = ipip->sw_if_index;
2026 hash_unset (km->sw_if_indices, ipip->sw_if_index);
2033 sw_if_index = a->sw_if_index;
2034 vnet_sw_interface_admin_down (vnet_get_main (), sw_if_index);
2037 if (~0 != sw_if_index)
2038 ipsec_tun_protect_del (sw_if_index, NULL);
2040 ipsec_sa_unlock_id (a->remote_sa_id);
2041 ipsec_sa_unlock_id (a->local_sa_id);
2042 ipsec_sa_unlock_id (ikev2_flip_alternate_sa_bit (a->remote_sa_id));
2045 ipip_del_tunnel (ipip->sw_if_index);
2049 ikev2_delete_tunnel_interface (vnet_main_t * vnm, ikev2_sa_t * sa,
2050 ikev2_child_sa_t * child)
2052 ikev2_del_ipsec_tunnel_args_t a;
2054 clib_memset (&a, 0, sizeof (a));
2056 if (sa->is_initiator)
2058 ip46_address_set_ip4 (&a.local_ip, &sa->iaddr);
2059 ip46_address_set_ip4 (&a.remote_ip, &sa->raddr);
2063 ip46_address_set_ip4 (&a.local_ip, &sa->raddr);
2064 ip46_address_set_ip4 (&a.remote_ip, &sa->iaddr);
2067 a.remote_sa_id = child->remote_sa_id;
2068 a.local_sa_id = child->local_sa_id;
2069 a.sw_if_index = (sa->is_tun_itf_set ? sa->tun_itf : ~0);
2071 vl_api_rpc_call_main_thread (ikev2_del_tunnel_from_main, (u8 *) & a,
2077 ikev2_generate_message (ikev2_sa_t * sa, ike_header_t * ike, void *user,
2081 ike_payload_header_t *ph;
2085 ikev2_sa_transform_t *tr_encr, *tr_integ;
2087 ikev2_sa_get_td_for_type (sa->r_proposals, IKEV2_TRANSFORM_TYPE_ENCR);
2089 ikev2_sa_get_td_for_type (sa->r_proposals, IKEV2_TRANSFORM_TYPE_INTEG);
2091 ikev2_payload_chain_t *chain = 0;
2092 ikev2_payload_new_chain (chain);
2094 if (ike->exchange == IKEV2_EXCHANGE_SA_INIT)
2096 if (sa->r_proposals == 0)
2098 ikev2_payload_add_notify (chain,
2099 IKEV2_NOTIFY_MSG_NO_PROPOSAL_CHOSEN, 0);
2100 ikev2_set_state (sa, IKEV2_STATE_NOTIFY_AND_DELETE);
2102 else if (sa->dh_group == IKEV2_TRANSFORM_DH_TYPE_NONE)
2104 u8 *data = vec_new (u8, 2);
2105 ikev2_sa_transform_t *tr_dh;
2107 ikev2_sa_get_td_for_type (sa->r_proposals,
2108 IKEV2_TRANSFORM_TYPE_DH);
2109 ASSERT (tr_dh && tr_dh->dh_type);
2111 data[0] = (tr_dh->dh_type >> 8) & 0xff;
2112 data[1] = (tr_dh->dh_type) & 0xff;
2114 ikev2_payload_add_notify (chain,
2115 IKEV2_NOTIFY_MSG_INVALID_KE_PAYLOAD,
2118 ikev2_set_state (sa, IKEV2_STATE_NOTIFY_AND_DELETE);
2120 else if (sa->state == IKEV2_STATE_NOTIFY_AND_DELETE)
2122 u8 *data = vec_new (u8, 1);
2124 data[0] = sa->unsupported_cp;
2125 ikev2_payload_add_notify (chain,
2126 IKEV2_NOTIFY_MSG_UNSUPPORTED_CRITICAL_PAYLOAD,
2134 ike->rspi = clib_host_to_net_u64 (sa->rspi);
2135 ikev2_payload_add_sa (chain, sa->r_proposals);
2136 ikev2_payload_add_ke (chain, sa->dh_group, sa->r_dh_data);
2137 ikev2_payload_add_nonce (chain, sa->r_nonce);
2139 u8 *nat_detection_sha1 =
2140 ikev2_compute_nat_sha1 (clib_host_to_net_u64 (sa->ispi),
2141 clib_host_to_net_u64 (sa->rspi),
2142 clib_host_to_net_u32 (sa->raddr.as_u32),
2144 ikev2_payload_add_notify (chain,
2145 IKEV2_NOTIFY_MSG_NAT_DETECTION_SOURCE_IP,
2146 nat_detection_sha1);
2147 vec_free (nat_detection_sha1);
2148 nat_detection_sha1 =
2149 ikev2_compute_nat_sha1 (clib_host_to_net_u64 (sa->ispi),
2150 clib_host_to_net_u64 (sa->rspi),
2151 sa->iaddr.as_u32, udp->src_port);
2152 ikev2_payload_add_notify (chain,
2153 IKEV2_NOTIFY_MSG_NAT_DETECTION_DESTINATION_IP,
2154 nat_detection_sha1);
2155 vec_free (nat_detection_sha1);
2158 else if (ike->exchange == IKEV2_EXCHANGE_IKE_AUTH)
2160 if (sa->state == IKEV2_STATE_AUTHENTICATED)
2162 ikev2_payload_add_id (chain, &sa->r_id, IKEV2_PAYLOAD_IDR);
2163 ikev2_payload_add_id (chain, &sa->i_id, IKEV2_PAYLOAD_IDI);
2164 ikev2_payload_add_auth (chain, &sa->r_auth);
2165 ikev2_payload_add_sa (chain, sa->childs[0].r_proposals);
2166 ikev2_payload_add_ts (chain, sa->childs[0].tsi, IKEV2_PAYLOAD_TSI);
2167 ikev2_payload_add_ts (chain, sa->childs[0].tsr, IKEV2_PAYLOAD_TSR);
2169 else if (sa->state == IKEV2_STATE_AUTH_FAILED)
2171 ikev2_payload_add_notify (chain,
2172 IKEV2_NOTIFY_MSG_AUTHENTICATION_FAILED,
2174 ikev2_set_state (sa, IKEV2_STATE_NOTIFY_AND_DELETE);
2176 else if (sa->state == IKEV2_STATE_TS_UNACCEPTABLE)
2178 ikev2_payload_add_notify (chain, IKEV2_NOTIFY_MSG_TS_UNACCEPTABLE,
2180 ikev2_payload_add_id (chain, &sa->r_id, IKEV2_PAYLOAD_IDR);
2181 ikev2_payload_add_auth (chain, &sa->r_auth);
2183 else if (sa->state == IKEV2_STATE_NO_PROPOSAL_CHOSEN)
2185 ikev2_payload_add_notify (chain,
2186 IKEV2_NOTIFY_MSG_NO_PROPOSAL_CHOSEN, 0);
2187 ikev2_payload_add_id (chain, &sa->r_id, IKEV2_PAYLOAD_IDR);
2188 ikev2_payload_add_auth (chain, &sa->r_auth);
2189 ikev2_payload_add_ts (chain, sa->childs[0].tsi, IKEV2_PAYLOAD_TSI);
2190 ikev2_payload_add_ts (chain, sa->childs[0].tsr, IKEV2_PAYLOAD_TSR);
2192 else if (sa->state == IKEV2_STATE_NOTIFY_AND_DELETE)
2194 u8 *data = vec_new (u8, 1);
2196 data[0] = sa->unsupported_cp;
2197 ikev2_payload_add_notify (chain,
2198 IKEV2_NOTIFY_MSG_UNSUPPORTED_CRITICAL_PAYLOAD,
2202 else if (sa->state == IKEV2_STATE_SA_INIT)
2204 ikev2_payload_add_id (chain, &sa->i_id, IKEV2_PAYLOAD_IDI);
2205 ikev2_payload_add_id (chain, &sa->r_id, IKEV2_PAYLOAD_IDR);
2206 ikev2_payload_add_auth (chain, &sa->i_auth);
2207 ikev2_payload_add_sa (chain, sa->childs[0].i_proposals);
2208 ikev2_payload_add_ts (chain, sa->childs[0].tsi, IKEV2_PAYLOAD_TSI);
2209 ikev2_payload_add_ts (chain, sa->childs[0].tsr, IKEV2_PAYLOAD_TSR);
2210 ikev2_payload_add_notify (chain, IKEV2_NOTIFY_MSG_INITIAL_CONTACT,
2215 ikev2_set_state (sa, IKEV2_STATE_DELETED);
2219 else if (ike->exchange == IKEV2_EXCHANGE_INFORMATIONAL)
2221 /* if pending delete */
2224 if (sa->del[0].protocol_id == IKEV2_PROTOCOL_IKE)
2226 if (sa->is_initiator)
2227 ikev2_payload_add_delete (chain, sa->del);
2229 /* The response to a request that deletes the IKE SA is an empty
2230 INFORMATIONAL response. */
2231 ikev2_set_state (sa, IKEV2_STATE_NOTIFY_AND_DELETE);
2233 /* The response to a request that deletes ESP or AH SAs will contain
2234 delete payloads for the paired SAs going in the other direction. */
2237 ikev2_payload_add_delete (chain, sa->del);
2242 /* received N(AUTHENTICATION_FAILED) */
2243 else if (sa->state == IKEV2_STATE_AUTH_FAILED)
2245 ikev2_set_state (sa, IKEV2_STATE_DELETED);
2248 /* received unsupported critical payload */
2249 else if (sa->unsupported_cp)
2251 u8 *data = vec_new (u8, 1);
2253 data[0] = sa->unsupported_cp;
2254 ikev2_payload_add_notify (chain,
2255 IKEV2_NOTIFY_MSG_UNSUPPORTED_CRITICAL_PAYLOAD,
2258 sa->unsupported_cp = 0;
2260 /* else send empty response */
2262 else if (ike->exchange == IKEV2_EXCHANGE_CREATE_CHILD_SA)
2264 if (sa->is_initiator)
2267 ikev2_sa_proposal_t *proposals = (ikev2_sa_proposal_t *) user;
2268 ikev2_notify_t notify;
2269 u8 *data = vec_new (u8, 4);
2270 clib_memset (¬ify, 0, sizeof (notify));
2271 notify.protocol_id = IKEV2_PROTOCOL_ESP;
2272 notify.spi = sa->childs[0].i_proposals->spi;
2273 *(u32 *) data = clib_host_to_net_u32 (notify.spi);
2275 ikev2_payload_add_sa (chain, proposals);
2276 ikev2_payload_add_nonce (chain, sa->i_nonce);
2277 ikev2_payload_add_ts (chain, sa->childs[0].tsi, IKEV2_PAYLOAD_TSI);
2278 ikev2_payload_add_ts (chain, sa->childs[0].tsr, IKEV2_PAYLOAD_TSR);
2279 ikev2_payload_add_notify_2 (chain, IKEV2_NOTIFY_MSG_REKEY_SA, data,
2286 if (vec_len (sa->rekey) > 0)
2288 ikev2_payload_add_sa (chain, sa->rekey[0].r_proposal);
2289 ikev2_payload_add_nonce (chain, sa->r_nonce);
2290 ikev2_payload_add_ts (chain, sa->rekey[0].tsi,
2292 ikev2_payload_add_ts (chain, sa->rekey[0].tsr,
2294 vec_del1 (sa->rekey, 0);
2296 else if (sa->unsupported_cp)
2298 u8 *data = vec_new (u8, 1);
2300 data[0] = sa->unsupported_cp;
2301 ikev2_payload_add_notify (chain,
2302 IKEV2_NOTIFY_MSG_UNSUPPORTED_CRITICAL_PAYLOAD,
2305 sa->unsupported_cp = 0;
2309 ikev2_payload_add_notify (chain,
2310 IKEV2_NOTIFY_MSG_NO_ADDITIONAL_SAS,
2317 ike->version = IKE_VERSION_2;
2318 ike->nextpayload = IKEV2_PAYLOAD_SK;
2319 tlen = sizeof (*ike);
2320 if (sa->is_initiator)
2322 ike->flags = IKEV2_HDR_FLAG_INITIATOR;
2323 sa->last_init_msg_id = clib_net_to_host_u32 (ike->msgid);
2327 ike->flags = IKEV2_HDR_FLAG_RESPONSE;
2331 if (ike->exchange == IKEV2_EXCHANGE_SA_INIT)
2333 tlen += vec_len (chain->data);
2334 ike->nextpayload = chain->first_payload_type;
2335 ike->length = clib_host_to_net_u32 (tlen);
2336 clib_memcpy_fast (ike->payload, chain->data, vec_len (chain->data));
2338 /* store whole IKE payload - needed for PSK auth */
2339 vec_reset_length (sa->last_sa_init_res_packet_data);
2340 vec_add (sa->last_sa_init_res_packet_data, ike, tlen);
2344 ikev2_main_per_thread_data_t *ptd = ikev2_get_per_thread_data ();
2345 ikev2_payload_chain_add_padding (chain, tr_encr->block_size);
2348 plen = sizeof (*ph);
2349 ph = (ike_payload_header_t *) & ike->payload[0];
2350 ph->nextpayload = chain->first_payload_type;
2353 tr_encr->encr_type == IKEV2_TRANSFORM_ENCR_TYPE_AES_GCM_16;
2354 int iv_len = is_aead ? IKEV2_GCM_IV_SIZE : tr_encr->block_size;
2355 plen += vec_len (chain->data) + iv_len;
2357 /* add space for hmac/tag */
2359 plen += tr_integ->key_trunc;
2361 plen += IKEV2_GCM_ICV_SIZE;
2364 /* payload and total length */
2365 ph->length = clib_host_to_net_u16 (plen);
2366 ike->length = clib_host_to_net_u32 (tlen);
2370 ikev2_encrypt_aead_data (ptd, sa, tr_encr, chain->data,
2371 ph->payload, (u8 *) ike,
2372 sizeof (*ike) + sizeof (*ph),
2373 ph->payload + plen - sizeof (*ph) -
2374 IKEV2_GCM_ICV_SIZE);
2378 ikev2_encrypt_data (ptd, sa, tr_encr, chain->data, ph->payload);
2380 ikev2_calc_integr (tr_integ,
2381 sa->is_initiator ? sa->sk_ai : sa->sk_ar,
2382 (u8 *) ike, tlen - tr_integ->key_trunc);
2383 clib_memcpy_fast (ike->payload + tlen - tr_integ->key_trunc -
2384 sizeof (*ike), integ, tr_integ->key_trunc);
2387 /* store whole IKE payload - needed for retransmit */
2388 vec_reset_length (sa->last_res_packet_data);
2389 vec_add (sa->last_res_packet_data, ike, tlen);
2393 ikev2_payload_destroy_chain (chain);
2399 ikev2_retransmit_sa_init (ike_header_t * ike,
2400 ip4_address_t iaddr, ip4_address_t raddr, u32 rlen)
2402 ikev2_main_t *km = &ikev2_main;
2404 u32 thread_index = vlib_get_thread_index ();
2407 pool_foreach (sa, km->per_thread_data[thread_index].sas, ({
2408 if (sa->ispi == clib_net_to_host_u64(ike->ispi) &&
2409 sa->iaddr.as_u32 == iaddr.as_u32 &&
2410 sa->raddr.as_u32 == raddr.as_u32)
2413 u8 payload = ike->nextpayload;
2415 while (p < rlen && payload!= IKEV2_PAYLOAD_NONE) {
2416 ike_payload_header_t * ikep = (ike_payload_header_t *) &ike->payload[p];
2417 u32 plen = clib_net_to_host_u16(ikep->length);
2419 if (plen < sizeof(ike_payload_header_t))
2422 if (payload == IKEV2_PAYLOAD_NONCE)
2424 if (!memcmp(sa->i_nonce, ikep->payload, plen - sizeof(*ikep)))
2426 /* req is retransmit */
2427 if (sa->state == IKEV2_STATE_SA_INIT)
2429 ike_header_t * tmp = (ike_header_t*)sa->last_sa_init_res_packet_data;
2430 u32 slen = clib_net_to_host_u32(tmp->length);
2431 ike->ispi = tmp->ispi;
2432 ike->rspi = tmp->rspi;
2433 ike->nextpayload = tmp->nextpayload;
2434 ike->version = tmp->version;
2435 ike->exchange = tmp->exchange;
2436 ike->flags = tmp->flags;
2437 ike->msgid = tmp->msgid;
2438 ike->length = tmp->length;
2439 clib_memcpy_fast(ike->payload, tmp->payload, slen - sizeof(*ike));
2440 ikev2_elog_uint_peers (IKEV2_LOG_DEBUG,
2441 "ispi %lx IKE_SA_INIT retransmit "
2442 "from %d.%d.%d.%d to %d.%d.%d.%d",
2444 raddr.as_u32, iaddr.as_u32);
2447 /* else ignore req */
2450 ikev2_elog_uint_peers (IKEV2_LOG_DEBUG,
2451 "ispi %lx IKE_SA_INIT ignore "
2452 "from %d.%d.%d.%d to %d.%d.%d.%d",
2454 raddr.as_u32, iaddr.as_u32);
2459 payload = ikep->nextpayload;
2466 /* req is not retransmit */
2471 ikev2_retransmit_resp (ikev2_sa_t * sa, ike_header_t * ike, u32 rlen)
2473 u32 msg_id = clib_net_to_host_u32 (ike->msgid);
2476 if (msg_id > sa->last_msg_id)
2478 sa->last_msg_id = msg_id;
2482 /* retransmitted req */
2483 if (msg_id == sa->last_msg_id)
2485 ike_header_t *tmp = (ike_header_t *) sa->last_res_packet_data;
2486 u32 slen = clib_net_to_host_u32 (tmp->length);
2487 ike->ispi = tmp->ispi;
2488 ike->rspi = tmp->rspi;
2489 ike->nextpayload = tmp->nextpayload;
2490 ike->version = tmp->version;
2491 ike->exchange = tmp->exchange;
2492 ike->flags = tmp->flags;
2493 ike->msgid = tmp->msgid;
2494 ike->length = tmp->length;
2495 clib_memcpy_fast (ike->payload, tmp->payload, slen - sizeof (*ike));
2496 ikev2_elog_uint_peers (IKEV2_LOG_DEBUG, "IKE retransmit msgid %d",
2497 msg_id, sa->raddr.as_u32, sa->iaddr.as_u32);
2501 /* old req ignore */
2502 ikev2_elog_uint_peers (IKEV2_LOG_DEBUG, "IKE req ignore msgid %d",
2503 msg_id, sa->raddr.as_u32, sa->iaddr.as_u32);
2508 ikev2_init_sa (vlib_main_t * vm, ikev2_sa_t * sa)
2510 ikev2_main_t *km = &ikev2_main;
2511 sa->liveness_period_check = vlib_time_now (vm) + km->liveness_period;
2512 sa->profile_index = ~0;
2516 ikev2_del_sa_init_from_main (u64 * ispi)
2518 ikev2_main_t *km = &ikev2_main;
2519 uword *p = hash_get (km->sa_by_ispi, *ispi);
2522 ikev2_sa_t *sai = pool_elt_at_index (km->sais, p[0]);
2523 hash_unset (km->sa_by_ispi, sai->ispi);
2524 ikev2_sa_free_all_vec (sai);
2525 pool_put (km->sais, sai);
2530 ikev2_del_sa_init (u64 ispi)
2532 vl_api_rpc_call_main_thread (ikev2_del_sa_init_from_main, (u8 *) & ispi,
2537 ikev2_node_fn (vlib_main_t * vm,
2538 vlib_node_runtime_t * node, vlib_frame_t * frame)
2540 u32 n_left_from, *from, *to_next;
2541 ikev2_next_t next_index;
2542 ikev2_main_t *km = &ikev2_main;
2543 u32 thread_index = vlib_get_thread_index ();
2545 from = vlib_frame_vector_args (frame);
2546 n_left_from = frame->n_vectors;
2547 next_index = node->cached_next_index;
2549 while (n_left_from > 0)
2553 vlib_get_next_frame (vm, node, next_index, to_next, n_left_to_next);
2555 while (n_left_from > 0 && n_left_to_next > 0)
2559 u32 next0 = IKEV2_NEXT_ERROR_DROP;
2564 ikev2_sa_t *sa0 = 0;
2565 ikev2_sa_t sa; /* temporary store for SA */
2567 int is_req = 0, has_non_esp_marker = 0;
2569 /* speculatively enqueue b0 to the current next frame */
2575 n_left_to_next -= 1;
2577 b0 = vlib_get_buffer (vm, bi0);
2579 if (b0->punt_reason == ipsec_punt_reason[IPSEC_PUNT_IP4_SPI_UDP_0])
2581 u8 *ptr = vlib_buffer_get_current (b0);
2582 ip40 = (ip4_header_t *) ptr;
2583 ptr += sizeof (*ip40);
2584 udp0 = (udp_header_t *) ptr;
2585 ptr += sizeof (*udp0);
2586 ike0 = (ike_header_t *) ptr;
2590 ike0 = vlib_buffer_get_current (b0);
2591 vlib_buffer_advance (b0, -sizeof (*udp0));
2592 udp0 = vlib_buffer_get_current (b0);
2593 vlib_buffer_advance (b0, -sizeof (*ip40));
2594 ip40 = vlib_buffer_get_current (b0);
2597 rlen = b0->current_length - sizeof (*ip40) - sizeof (*udp0);
2599 /* check for non-esp marker */
2600 if (*((u32 *) ike0) == 0)
2603 (ike_header_t *) ((u8 *) ike0 +
2604 sizeof (ikev2_non_esp_marker));
2605 rlen -= sizeof (ikev2_non_esp_marker);
2606 has_non_esp_marker = 1;
2609 if (clib_net_to_host_u32 (ike0->length) != rlen)
2611 vlib_node_increment_counter (vm, ikev2_node.index,
2612 IKEV2_ERROR_BAD_LENGTH, 1);
2616 if (ike0->version != IKE_VERSION_2)
2618 vlib_node_increment_counter (vm, ikev2_node.index,
2619 IKEV2_ERROR_NOT_IKEV2, 1);
2623 if (ike0->exchange == IKEV2_EXCHANGE_SA_INIT)
2626 clib_memset (sa0, 0, sizeof (*sa0));
2628 if (ike0->flags & IKEV2_HDR_FLAG_INITIATOR)
2630 if (ike0->rspi == 0)
2632 sa0->raddr.as_u32 = ip40->dst_address.as_u32;
2633 sa0->iaddr.as_u32 = ip40->src_address.as_u32;
2634 sa0->dst_port = clib_net_to_host_u16 (udp0->src_port);
2637 ikev2_retransmit_sa_init (ike0, sa0->iaddr,
2641 vlib_node_increment_counter (vm, ikev2_node.index,
2644 IKEV2_ERROR_IKE_SA_INIT_IGNORE
2646 IKEV2_ERROR_IKE_SA_INIT_RETRANSMIT,
2651 ikev2_process_sa_init_req (vm, sa0, ike0, udp0, rlen);
2653 if (sa0->state == IKEV2_STATE_SA_INIT)
2655 ikev2_sa_free_proposal_vector (&sa0->r_proposals);
2657 ikev2_select_proposal (sa0->i_proposals,
2658 IKEV2_PROTOCOL_IKE);
2659 ikev2_generate_sa_init_data (sa0);
2662 if (sa0->state == IKEV2_STATE_SA_INIT
2663 || sa0->state == IKEV2_STATE_NOTIFY_AND_DELETE)
2665 slen = ikev2_generate_message (sa0, ike0, 0, udp0);
2668 if (sa0->state == IKEV2_STATE_SA_INIT)
2670 /* add SA to the pool */
2671 pool_get (km->per_thread_data[thread_index].sas,
2673 clib_memcpy_fast (sa0, &sa, sizeof (*sa0));
2674 ikev2_init_sa (vm, sa0);
2676 per_thread_data[thread_index].sa_by_rspi,
2679 km->per_thread_data[thread_index].sas);
2683 ikev2_sa_free_all_vec (sa0);
2687 else //received sa_init without initiator flag
2689 sa0->raddr.as_u32 = ip40->src_address.as_u32;
2690 sa0->iaddr.as_u32 = ip40->dst_address.as_u32;
2691 ikev2_process_sa_init_resp (vm, sa0, ike0, udp0, rlen);
2693 if (sa0->state == IKEV2_STATE_SA_INIT)
2696 ike0->exchange = IKEV2_EXCHANGE_IKE_AUTH;
2697 uword *p = hash_get (km->sa_by_ispi, ike0->ispi);
2701 pool_elt_at_index (km->sais, p[0]);
2703 if (clib_atomic_bool_cmp_and_swap
2704 (&sai->init_response_received, 0, 1))
2706 ikev2_complete_sa_data (sa0, sai);
2707 ikev2_calc_keys (sa0);
2708 ikev2_sa_auth_init (sa0);
2710 ikev2_generate_message (sa0, ike0, 0, udp0);
2714 /* we've already processed sa-init response */
2715 sa0->state = IKEV2_STATE_UNKNOWN;
2720 if (sa0->state == IKEV2_STATE_SA_INIT)
2722 /* add SA to the pool */
2723 pool_get (km->per_thread_data[thread_index].sas, sa0);
2724 clib_memcpy_fast (sa0, &sa, sizeof (*sa0));
2725 hash_set (km->per_thread_data[thread_index].sa_by_rspi,
2727 sa0 - km->per_thread_data[thread_index].sas);
2731 ikev2_sa_free_all_vec (sa0);
2735 else if (ike0->exchange == IKEV2_EXCHANGE_IKE_AUTH)
2738 p = hash_get (km->per_thread_data[thread_index].sa_by_rspi,
2739 clib_net_to_host_u64 (ike0->rspi));
2743 pool_elt_at_index (km->per_thread_data[thread_index].sas,
2746 slen = ikev2_retransmit_resp (sa0, ike0, rlen);
2749 vlib_node_increment_counter (vm, ikev2_node.index,
2752 IKEV2_ERROR_IKE_REQ_IGNORE
2754 IKEV2_ERROR_IKE_REQ_RETRANSMIT,
2759 sa0->dst_port = clib_net_to_host_u16 (udp0->src_port);
2760 ikev2_process_auth_req (vm, sa0, ike0, rlen);
2761 ikev2_sa_auth (sa0);
2762 if (sa0->state == IKEV2_STATE_AUTHENTICATED)
2764 ikev2_initial_contact_cleanup (sa0);
2765 ikev2_sa_match_ts (sa0);
2766 if (sa0->state != IKEV2_STATE_TS_UNACCEPTABLE)
2767 ikev2_create_tunnel_interface (vm, thread_index, sa0,
2772 if (sa0->is_initiator)
2774 ikev2_del_sa_init (ike0->ispi);
2778 slen = ikev2_generate_message (sa0, ike0, 0, udp0);
2782 else if (ike0->exchange == IKEV2_EXCHANGE_INFORMATIONAL)
2785 p = hash_get (km->per_thread_data[thread_index].sa_by_rspi,
2786 clib_net_to_host_u64 (ike0->rspi));
2790 pool_elt_at_index (km->per_thread_data[thread_index].sas,
2793 slen = ikev2_retransmit_resp (sa0, ike0, rlen);
2796 vlib_node_increment_counter (vm, ikev2_node.index,
2799 IKEV2_ERROR_IKE_REQ_IGNORE
2801 IKEV2_ERROR_IKE_REQ_RETRANSMIT,
2806 ikev2_process_informational_req (vm, sa0, ike0, rlen);
2809 if (sa0->del[0].protocol_id != IKEV2_PROTOCOL_IKE)
2811 ikev2_delete_t *d, *tmp, *resp = 0;
2812 vec_foreach (d, sa0->del)
2814 ikev2_child_sa_t *ch_sa;
2815 ch_sa = ikev2_sa_get_child (sa0, d->spi,
2817 !sa0->is_initiator);
2820 ikev2_delete_tunnel_interface (km->vnet_main,
2822 if (!sa0->is_initiator)
2824 vec_add2 (resp, tmp, 1);
2825 tmp->protocol_id = d->protocol_id;
2826 tmp->spi = ch_sa->r_proposals[0].spi;
2828 ikev2_sa_del_child_sa (sa0, ch_sa);
2831 if (!sa0->is_initiator)
2833 vec_free (sa0->del);
2838 if (!(ike0->flags & IKEV2_HDR_FLAG_RESPONSE))
2840 ike0->flags |= IKEV2_HDR_FLAG_RESPONSE;
2841 slen = ikev2_generate_message (sa0, ike0, 0, udp0);
2845 else if (ike0->exchange == IKEV2_EXCHANGE_CREATE_CHILD_SA)
2848 p = hash_get (km->per_thread_data[thread_index].sa_by_rspi,
2849 clib_net_to_host_u64 (ike0->rspi));
2853 pool_elt_at_index (km->per_thread_data[thread_index].sas,
2856 slen = ikev2_retransmit_resp (sa0, ike0, rlen);
2859 vlib_node_increment_counter (vm, ikev2_node.index,
2862 IKEV2_ERROR_IKE_REQ_IGNORE
2864 IKEV2_ERROR_IKE_REQ_RETRANSMIT,
2869 ikev2_process_create_child_sa_req (vm, sa0, ike0, rlen);
2872 if (sa0->rekey[0].protocol_id != IKEV2_PROTOCOL_IKE)
2875 ikev2_sa_free_all_child_sa (&sa0->childs);
2876 ikev2_child_sa_t *child;
2877 vec_add2 (sa0->childs, child, 1);
2878 clib_memset (child, 0, sizeof (*child));
2879 child->r_proposals = sa0->rekey[0].r_proposal;
2880 child->i_proposals = sa0->rekey[0].i_proposal;
2881 child->tsi = sa0->rekey[0].tsi;
2882 child->tsr = sa0->rekey[0].tsr;
2883 ikev2_create_tunnel_interface (vm, thread_index,
2885 child - sa0->childs,
2888 if (sa0->is_initiator)
2890 vec_free (sa0->rekey);
2894 slen = ikev2_generate_message (sa0, ike0, 0, udp0);
2901 ikev2_elog_uint_peers (IKEV2_LOG_WARNING, "IKEv2 exchange %d "
2902 "received from %d.%d.%d.%d to %d.%d.%d.%d",
2904 ip40->src_address.as_u32,
2905 ip40->dst_address.as_u32);
2909 /* if we are sending packet back, rewrite headers */
2910 if (slen && ~0 != slen)
2912 next0 = IKEV2_NEXT_IP4_LOOKUP;
2913 if (sa0->is_initiator)
2915 ip40->dst_address.as_u32 = sa0->raddr.as_u32;
2916 ip40->src_address.as_u32 = sa0->iaddr.as_u32;
2920 ip40->dst_address.as_u32 = sa0->iaddr.as_u32;
2921 ip40->src_address.as_u32 = sa0->raddr.as_u32;
2926 udp0->dst_port = udp0->src_port =
2927 clib_net_to_host_u16 (ikev2_get_port (sa0));
2929 if (udp0->dst_port == clib_net_to_host_u16 (IKEV2_PORT_NATT)
2932 if (!has_non_esp_marker)
2933 slen = ikev2_insert_non_esp_marker (ike0, slen);
2938 if (has_non_esp_marker)
2939 slen += sizeof (ikev2_non_esp_marker);
2941 u16 tp = udp0->dst_port;
2942 udp0->dst_port = udp0->src_port;
2943 udp0->src_port = tp;
2947 clib_host_to_net_u16 (slen + sizeof (udp_header_t));
2949 b0->current_length =
2950 slen + sizeof (ip4_header_t) + sizeof (udp_header_t);
2951 ip40->length = clib_host_to_net_u16 (b0->current_length);
2952 ip40->checksum = ip4_header_checksum (ip40);
2955 if (sa0 && (sa0->state == IKEV2_STATE_DELETED ||
2956 sa0->state == IKEV2_STATE_NOTIFY_AND_DELETE))
2958 ikev2_child_sa_t *c;
2960 vec_foreach (c, sa0->childs)
2961 ikev2_delete_tunnel_interface (km->vnet_main, sa0, c);
2963 ikev2_delete_sa (sa0);
2965 sw_if_index0 = vnet_buffer (b0)->sw_if_index[VLIB_RX];
2967 if (PREDICT_FALSE ((node->flags & VLIB_NODE_FLAG_TRACE)
2968 && (b0->flags & VLIB_BUFFER_IS_TRACED)))
2970 ikev2_trace_t *t = vlib_add_trace (vm, node, b0, sizeof (*t));
2971 t->sw_if_index = sw_if_index0;
2972 t->next_index = next0;
2975 vlib_validate_buffer_enqueue_x1 (vm, node, next_index, to_next,
2976 n_left_to_next, bi0, next0);
2979 vlib_put_next_frame (vm, node, next_index, n_left_to_next);
2982 vlib_node_increment_counter (vm, ikev2_node.index,
2983 IKEV2_ERROR_PROCESSED, frame->n_vectors);
2984 return frame->n_vectors;
2988 VLIB_REGISTER_NODE (ikev2_node,static) = {
2989 .function = ikev2_node_fn,
2991 .vector_size = sizeof (u32),
2992 .format_trace = format_ikev2_trace,
2993 .type = VLIB_NODE_TYPE_INTERNAL,
2995 .n_errors = ARRAY_LEN(ikev2_error_strings),
2996 .error_strings = ikev2_error_strings,
2998 .n_next_nodes = IKEV2_N_NEXT,
3001 [IKEV2_NEXT_IP4_LOOKUP] = "ip4-lookup",
3002 [IKEV2_NEXT_ERROR_DROP] = "error-drop",
3007 // set ikev2 proposals when vpp is used as initiator
3008 static clib_error_t *
3009 ikev2_set_initiator_proposals (vlib_main_t * vm, ikev2_sa_t * sa,
3010 ikev2_transforms_set * ts,
3011 ikev2_sa_proposal_t ** proposals, int is_ike)
3014 ikev2_main_t *km = &ikev2_main;
3015 ikev2_sa_proposal_t *proposal;
3016 vec_add2 (*proposals, proposal, 1);
3017 ikev2_sa_transform_t *td;
3022 vec_foreach (td, km->supported_transforms)
3024 if (td->type == IKEV2_TRANSFORM_TYPE_ENCR
3025 && td->encr_type == ts->crypto_alg
3026 && td->key_len == ts->crypto_key_size / 8)
3029 attr[0] = clib_host_to_net_u16 (14 | (1 << 15));
3030 attr[1] = clib_host_to_net_u16 (td->key_len << 3);
3031 vec_add (td->attrs, (u8 *) attr, 4);
3032 vec_add1 (proposal->transforms, *td);
3041 r = clib_error_return (0, "Unsupported algorithm");
3045 if (IKEV2_TRANSFORM_INTEG_TYPE_NONE != ts->integ_alg)
3049 vec_foreach (td, km->supported_transforms)
3051 if (td->type == IKEV2_TRANSFORM_TYPE_INTEG
3052 && td->integ_type == ts->integ_alg)
3054 vec_add1 (proposal->transforms, *td);
3062 ("Didn't find any supported algorithm for IKEV2_TRANSFORM_TYPE_INTEG");
3063 r = clib_error_return (0, "Unsupported algorithm");
3072 vec_foreach (td, km->supported_transforms)
3074 if (td->type == IKEV2_TRANSFORM_TYPE_PRF
3075 && td->prf_type == IKEV2_TRANSFORM_PRF_TYPE_PRF_HMAC_SHA2_256)
3077 vec_add1 (proposal->transforms, *td);
3084 r = clib_error_return (0, "Unsupported algorithm");
3093 vec_foreach (td, km->supported_transforms)
3095 if (td->type == IKEV2_TRANSFORM_TYPE_DH && td->dh_type == ts->dh_type)
3097 vec_add1 (proposal->transforms, *td);
3100 sa->dh_group = td->dh_type;
3108 r = clib_error_return (0, "Unsupported algorithm");
3116 vec_foreach (td, km->supported_transforms)
3118 if (td->type == IKEV2_TRANSFORM_TYPE_ESN)
3120 vec_add1 (proposal->transforms, *td);
3126 r = clib_error_return (0, "Unsupported algorithm");
3135 static ikev2_profile_t *
3136 ikev2_profile_index_by_name (u8 * name)
3138 ikev2_main_t *km = &ikev2_main;
3141 p = mhash_get (&km->profile_index_by_name, name);
3145 return pool_elt_at_index (km->profiles, p[0]);
3150 ikev2_send_ike (vlib_main_t * vm, ip4_address_t * src, ip4_address_t * dst,
3151 u32 bi0, u32 len, u16 src_port, u16 dst_port, u32 sw_if_index)
3159 b0 = vlib_get_buffer (vm, bi0);
3160 vlib_buffer_advance (b0, -sizeof (udp_header_t));
3161 udp0 = vlib_buffer_get_current (b0);
3162 vlib_buffer_advance (b0, -sizeof (ip4_header_t));
3163 ip40 = vlib_buffer_get_current (b0);
3166 ip40->ip_version_and_header_length = 0x45;
3168 ip40->fragment_id = 0;
3169 ip40->flags_and_fragment_offset = 0;
3171 ip40->protocol = IP_PROTOCOL_UDP;
3172 ip40->dst_address.as_u32 = dst->as_u32;
3173 ip40->src_address.as_u32 = src->as_u32;
3174 udp0->dst_port = clib_host_to_net_u16 (dst_port);
3175 udp0->src_port = clib_host_to_net_u16 (src_port);
3176 udp0->length = clib_host_to_net_u16 (len + sizeof (udp_header_t));
3178 b0->current_length = len + sizeof (ip4_header_t) + sizeof (udp_header_t);
3179 ip40->length = clib_host_to_net_u16 (b0->current_length);
3180 ip40->checksum = ip4_header_checksum (ip40);
3182 vnet_buffer (b0)->sw_if_index[VLIB_RX] = sw_if_index;
3183 vnet_buffer (b0)->sw_if_index[VLIB_TX] = ~0;
3185 /* send the request */
3186 f = vlib_get_frame_to_node (vm, ip4_lookup_node.index);
3187 to_next = vlib_frame_vector_args (f);
3190 vlib_put_frame_to_node (vm, ip4_lookup_node.index, f);
3195 ikev2_get_new_ike_header_buff (vlib_main_t * vm, ike_header_t ** ike)
3198 if (vlib_buffer_alloc (vm, &bi0, 1) != 1)
3203 vlib_buffer_t *b0 = vlib_get_buffer (vm, bi0);
3204 *ike = vlib_buffer_get_current (b0);
3209 ikev2_set_local_key (vlib_main_t * vm, u8 * file)
3211 ikev2_main_t *km = &ikev2_main;
3214 EVP_PKEY_free (km->pkey);
3215 km->pkey = ikev2_load_key_file (file);
3216 if (km->pkey == NULL)
3217 return clib_error_return (0, "load key '%s' failed", file);
3222 static_always_inline vnet_api_error_t
3223 ikev2_register_udp_port (ikev2_profile_t * p, u16 port)
3225 ikev2_main_t *km = &ikev2_main;
3226 udp_dst_port_info_t *pi;
3228 uword *v = hash_get (km->udp_ports, port);
3229 pi = udp_get_dst_port_info (&udp_main, port, UDP_IP4);
3233 /* IKE already uses this port, only increment reference counter */
3240 return VNET_API_ERROR_UDP_PORT_TAKEN;
3242 udp_register_dst_port (km->vlib_main, port,
3243 ipsec4_tun_input_node.index, 1);
3244 hash_set (km->udp_ports, port, 1);
3246 p->ipsec_over_udp_port = port;
3250 static_always_inline void
3251 ikev2_unregister_udp_port (ikev2_profile_t * p)
3253 ikev2_main_t *km = &ikev2_main;
3256 if (p->ipsec_over_udp_port == IPSEC_UDP_PORT_NONE)
3259 v = hash_get (km->udp_ports, p->ipsec_over_udp_port);
3267 udp_unregister_dst_port (km->vlib_main, p->ipsec_over_udp_port, 1);
3268 hash_unset (km->udp_ports, p->ipsec_over_udp_port);
3271 p->ipsec_over_udp_port = IPSEC_UDP_PORT_NONE;
3275 ikev2_initiate_delete_ike_sa_internal (vlib_main_t * vm,
3276 ikev2_main_per_thread_data_t * tkm,
3279 ikev2_main_t *km = &ikev2_main;
3280 ip4_address_t *src, *dst;
3282 /* Create the Initiator notification for IKE SA removal */
3287 bi0 = ikev2_get_new_ike_header_buff (vm, &ike0);
3290 ikev2_log_error ("buffer alloc failure");
3294 ike0->exchange = IKEV2_EXCHANGE_INFORMATIONAL;
3295 ike0->ispi = clib_host_to_net_u64 (sa->ispi);
3296 ike0->rspi = clib_host_to_net_u64 (sa->rspi);
3297 vec_resize (sa->del, 1);
3298 sa->del->protocol_id = IKEV2_PROTOCOL_IKE;
3299 sa->del->spi = sa->ispi;
3300 ike0->msgid = clib_host_to_net_u32 (sa->last_init_msg_id + 1);
3301 sa->last_init_msg_id = clib_net_to_host_u32 (ike0->msgid);
3302 len = ikev2_generate_message (sa, ike0, 0, 0);
3304 if (sa->is_initiator)
3315 ikev2_send_ike (vm, src, dst, bi0, len,
3316 ikev2_get_port (sa), sa->dst_port, 0);
3318 /* delete local SA */
3319 ikev2_child_sa_t *c;
3320 vec_foreach (c, sa->childs)
3321 ikev2_delete_tunnel_interface (km->vnet_main, sa, c);
3323 u64 rspi = sa->rspi;
3324 ikev2_sa_free_all_vec (sa);
3325 uword *p = hash_get (tkm->sa_by_rspi, rspi);
3328 hash_unset (tkm->sa_by_rspi, rspi);
3329 pool_put (tkm->sas, sa);
3334 ikev2_cleanup_profile_sessions (ikev2_main_t * km, ikev2_profile_t * p)
3336 ikev2_main_per_thread_data_t *tkm;
3338 u32 pi = p - km->profiles;
3342 vec_foreach (tkm, km->per_thread_data)
3345 pool_foreach (sa, tkm->sas, ({
3346 if (sa->profile_index != ~0 && pi == sa->profile_index)
3347 vec_add1 (del_sai, sa - tkm->sas);
3351 vec_foreach (sai, del_sai)
3353 sa = pool_elt_at_index (tkm->sas, sai[0]);
3354 ikev2_initiate_delete_ike_sa_internal (km->vlib_main, tkm, sa);
3357 vec_reset_length (del_sai);
3364 ikev2_profile_free (ikev2_profile_t * p)
3368 vec_free (p->auth.data);
3370 EVP_PKEY_free (p->auth.key);
3372 vec_free (p->loc_id.data);
3373 vec_free (p->rem_id.data);
3377 ikev2_add_del_profile (vlib_main_t * vm, u8 * name, int is_add)
3379 ikev2_main_t *km = &ikev2_main;
3384 if (ikev2_profile_index_by_name (name))
3385 return clib_error_return (0, "policy %v already exists", name);
3387 pool_get (km->profiles, p);
3388 clib_memset (p, 0, sizeof (*p));
3389 p->name = vec_dup (name);
3390 p->ipsec_over_udp_port = IPSEC_UDP_PORT_NONE;
3391 p->responder.sw_if_index = ~0;
3393 uword index = p - km->profiles;
3394 mhash_set_mem (&km->profile_index_by_name, name, &index, 0);
3398 p = ikev2_profile_index_by_name (name);
3400 return clib_error_return (0, "policy %v does not exists", name);
3402 ikev2_unregister_udp_port (p);
3403 ikev2_cleanup_profile_sessions (km, p);
3405 ikev2_profile_free (p);
3406 pool_put (km->profiles, p);
3407 mhash_unset (&km->profile_index_by_name, name, 0);
3413 ikev2_set_profile_auth (vlib_main_t * vm, u8 * name, u8 auth_method,
3414 u8 * auth_data, u8 data_hex_format)
3419 p = ikev2_profile_index_by_name (name);
3423 r = clib_error_return (0, "unknown profile %v", name);
3428 EVP_PKEY_free (p->auth.key);
3429 vec_free (p->auth.data);
3431 p->auth.method = auth_method;
3432 p->auth.data = vec_dup (auth_data);
3433 p->auth.hex = data_hex_format;
3435 if (auth_method == IKEV2_AUTH_METHOD_RSA_SIG)
3437 vec_add1 (p->auth.data, 0);
3438 p->auth.key = ikev2_load_cert_file (p->auth.data);
3439 if (p->auth.key == NULL)
3440 return clib_error_return (0, "load cert '%s' failed", p->auth.data);
3447 ikev2_set_profile_id (vlib_main_t * vm, u8 * name, u8 id_type, u8 * data,
3453 if (id_type > IKEV2_ID_TYPE_ID_RFC822_ADDR
3454 && id_type < IKEV2_ID_TYPE_ID_KEY_ID)
3456 r = clib_error_return (0, "unsupported identity type %U",
3457 format_ikev2_id_type, id_type);
3461 p = ikev2_profile_index_by_name (name);
3465 r = clib_error_return (0, "unknown profile %v", name);
3471 vec_free (p->loc_id.data);
3472 p->loc_id.type = id_type;
3473 p->loc_id.data = vec_dup (data);
3477 vec_free (p->rem_id.data);
3478 p->rem_id.type = id_type;
3479 p->rem_id.data = vec_dup (data);
3486 ikev2_set_profile_ts (vlib_main_t * vm, u8 * name, u8 protocol_id,
3487 u16 start_port, u16 end_port, ip4_address_t start_addr,
3488 ip4_address_t end_addr, int is_local)
3493 p = ikev2_profile_index_by_name (name);
3497 r = clib_error_return (0, "unknown profile %v", name);
3503 p->loc_ts.start_addr.as_u32 = start_addr.as_u32;
3504 p->loc_ts.end_addr.as_u32 = end_addr.as_u32;
3505 p->loc_ts.start_port = start_port;
3506 p->loc_ts.end_port = end_port;
3507 p->loc_ts.protocol_id = protocol_id;
3508 p->loc_ts.ts_type = 7;
3512 p->rem_ts.start_addr.as_u32 = start_addr.as_u32;
3513 p->rem_ts.end_addr.as_u32 = end_addr.as_u32;
3514 p->rem_ts.start_port = start_port;
3515 p->rem_ts.end_port = end_port;
3516 p->rem_ts.protocol_id = protocol_id;
3517 p->rem_ts.ts_type = 7;
3525 ikev2_set_profile_responder (vlib_main_t * vm, u8 * name,
3526 u32 sw_if_index, ip4_address_t ip4)
3531 p = ikev2_profile_index_by_name (name);
3535 r = clib_error_return (0, "unknown profile %v", name);
3539 p->responder.sw_if_index = sw_if_index;
3540 p->responder.ip4 = ip4;
3546 ikev2_set_profile_ike_transforms (vlib_main_t * vm, u8 * name,
3547 ikev2_transform_encr_type_t crypto_alg,
3548 ikev2_transform_integ_type_t integ_alg,
3549 ikev2_transform_dh_type_t dh_type,
3550 u32 crypto_key_size)
3555 p = ikev2_profile_index_by_name (name);
3559 r = clib_error_return (0, "unknown profile %v", name);
3563 p->ike_ts.crypto_alg = crypto_alg;
3564 p->ike_ts.integ_alg = integ_alg;
3565 p->ike_ts.dh_type = dh_type;
3566 p->ike_ts.crypto_key_size = crypto_key_size;
3571 ikev2_set_profile_esp_transforms (vlib_main_t * vm, u8 * name,
3572 ikev2_transform_encr_type_t crypto_alg,
3573 ikev2_transform_integ_type_t integ_alg,
3574 u32 crypto_key_size)
3579 p = ikev2_profile_index_by_name (name);
3583 r = clib_error_return (0, "unknown profile %v", name);
3587 p->esp_ts.crypto_alg = crypto_alg;
3588 p->esp_ts.integ_alg = integ_alg;
3589 p->esp_ts.crypto_key_size = crypto_key_size;
3594 ikev2_set_profile_tunnel_interface (vlib_main_t * vm,
3595 u8 * name, u32 sw_if_index)
3600 p = ikev2_profile_index_by_name (name);
3604 r = clib_error_return (0, "unknown profile %v", name);
3608 p->tun_itf = sw_if_index;
3614 ikev2_set_profile_ipsec_udp_port (vlib_main_t * vm, u8 * name, u16 port,
3617 ikev2_profile_t *p = ikev2_profile_index_by_name (name);
3618 ikev2_main_t *km = &ikev2_main;
3619 vnet_api_error_t rv = 0;
3623 return VNET_API_ERROR_INVALID_VALUE;
3627 if (p->ipsec_over_udp_port != IPSEC_UDP_PORT_NONE)
3628 return VNET_API_ERROR_VALUE_EXIST;
3630 rv = ikev2_register_udp_port (p, port);
3634 v = hash_get (km->udp_ports, port);
3636 return VNET_API_ERROR_IKE_NO_PORT;
3638 if (p->ipsec_over_udp_port == IPSEC_UDP_PORT_NONE)
3639 return VNET_API_ERROR_INVALID_VALUE;
3641 ikev2_unregister_udp_port (p);
3647 ikev2_set_profile_udp_encap (vlib_main_t * vm, u8 * name)
3649 ikev2_profile_t *p = ikev2_profile_index_by_name (name);
3654 r = clib_error_return (0, "unknown profile %v", name);
3663 ikev2_set_profile_sa_lifetime (vlib_main_t * vm, u8 * name,
3664 u64 lifetime, u32 jitter, u32 handover,
3670 p = ikev2_profile_index_by_name (name);
3674 r = clib_error_return (0, "unknown profile %v", name);
3678 p->lifetime = lifetime;
3679 p->lifetime_jitter = jitter;
3680 p->handover = handover;
3681 p->lifetime_maxdata = maxdata;
3686 ikev2_initiate_sa_init (vlib_main_t * vm, u8 * name)
3690 ip4_main_t *im = &ip4_main;
3691 ikev2_main_t *km = &ikev2_main;
3693 p = ikev2_profile_index_by_name (name);
3697 r = clib_error_return (0, "unknown profile %v", name);
3701 if (p->responder.sw_if_index == ~0 || p->responder.ip4.data_u32 == 0)
3703 r = clib_error_return (0, "responder not set for profile %v", name);
3708 /* Create the Initiator Request */
3712 ip_lookup_main_t *lm = &im->lookup_main;
3714 int len = sizeof (ike_header_t);
3716 /* Get own iface IP */
3718 lm->if_address_pool_index_by_sw_if_index[p->responder.sw_if_index];
3719 ip_interface_address_t *if_add =
3720 pool_elt_at_index (lm->if_address_pool, if_add_index0);
3721 ip4_address_t *if_ip = ip_interface_address_get_address (lm, if_add);
3723 bi0 = ikev2_get_new_ike_header_buff (vm, &ike0);
3726 char *errmsg = "buffer alloc failure";
3727 ikev2_log_error (errmsg);
3728 return clib_error_return (0, errmsg);
3731 /* Prepare the SA and the IKE payload */
3733 clib_memset (&sa, 0, sizeof (ikev2_sa_t));
3734 ikev2_payload_chain_t *chain = 0;
3735 ikev2_payload_new_chain (chain);
3737 /* Build the IKE proposal payload */
3738 ikev2_sa_proposal_t *proposals = 0;
3739 ikev2_set_initiator_proposals (vm, &sa, &p->ike_ts, &proposals, 1);
3740 proposals[0].proposal_num = 1;
3741 proposals[0].protocol_id = IKEV2_PROTOCOL_IKE;
3743 /* Add and then cleanup proposal data */
3744 ikev2_payload_add_sa (chain, proposals);
3745 ikev2_sa_free_proposal_vector (&proposals);
3747 sa.is_initiator = 1;
3748 sa.profile_index = p - km->profiles;
3749 sa.state = IKEV2_STATE_SA_INIT;
3750 sa.tun_itf = p->tun_itf;
3751 sa.udp_encap = p->udp_encap;
3752 sa.ipsec_over_udp_port = p->ipsec_over_udp_port;
3753 sa.is_tun_itf_set = 1;
3754 sa.initial_contact = 1;
3755 sa.dst_port = IKEV2_PORT;
3756 ikev2_generate_sa_init_data (&sa);
3757 ikev2_payload_add_ke (chain, sa.dh_group, sa.i_dh_data);
3758 ikev2_payload_add_nonce (chain, sa.i_nonce);
3760 /* Build the child SA proposal */
3761 vec_resize (sa.childs, 1);
3762 ikev2_set_initiator_proposals (vm, &sa, &p->esp_ts,
3763 &sa.childs[0].i_proposals, 0);
3764 sa.childs[0].i_proposals[0].proposal_num = 1;
3765 sa.childs[0].i_proposals[0].protocol_id = IKEV2_PROTOCOL_ESP;
3766 RAND_bytes ((u8 *) & sa.childs[0].i_proposals[0].spi,
3767 sizeof (sa.childs[0].i_proposals[0].spi));
3769 /* Add NAT detection notification messages (mandatory) */
3770 u8 *nat_detection_sha1 =
3771 ikev2_compute_nat_sha1 (clib_host_to_net_u64 (sa.ispi),
3772 clib_host_to_net_u64 (sa.rspi),
3773 clib_host_to_net_u32 (if_ip->as_u32),
3774 clib_host_to_net_u16 (IKEV2_PORT));
3776 ikev2_payload_add_notify (chain, IKEV2_NOTIFY_MSG_NAT_DETECTION_SOURCE_IP,
3777 nat_detection_sha1);
3778 vec_free (nat_detection_sha1);
3779 nat_detection_sha1 =
3780 ikev2_compute_nat_sha1 (clib_host_to_net_u64 (sa.ispi),
3781 clib_host_to_net_u64 (sa.rspi),
3782 clib_host_to_net_u32 (p->responder.ip4.as_u32),
3783 clib_host_to_net_u16 (sa.dst_port));
3784 ikev2_payload_add_notify (chain,
3785 IKEV2_NOTIFY_MSG_NAT_DETECTION_DESTINATION_IP,
3786 nat_detection_sha1);
3787 vec_free (nat_detection_sha1);
3789 u8 *sig_hash_algo = vec_new (u8, 8);
3790 u64 tmpsig = clib_host_to_net_u64 (0x0001000200030004);
3791 clib_memcpy_fast (sig_hash_algo, &tmpsig, sizeof (tmpsig));
3792 ikev2_payload_add_notify (chain,
3793 IKEV2_NOTIFY_MSG_SIGNATURE_HASH_ALGORITHMS,
3795 vec_free (sig_hash_algo);
3798 /* Buffer update and boilerplate */
3799 len += vec_len (chain->data);
3800 ike0->nextpayload = chain->first_payload_type;
3801 ike0->length = clib_host_to_net_u32 (len);
3802 clib_memcpy_fast (ike0->payload, chain->data, vec_len (chain->data));
3803 ikev2_payload_destroy_chain (chain);
3805 ike0->version = IKE_VERSION_2;
3806 ike0->flags = IKEV2_HDR_FLAG_INITIATOR;
3807 ike0->exchange = IKEV2_EXCHANGE_SA_INIT;
3808 ike0->ispi = sa.ispi;
3812 /* store whole IKE payload - needed for PSK auth */
3813 vec_reset_length (sa.last_sa_init_req_packet_data);
3814 vec_add (sa.last_sa_init_req_packet_data, ike0, len);
3816 /* add data to the SA then add it to the pool */
3817 sa.iaddr.as_u32 = if_ip->as_u32;
3818 sa.raddr.as_u32 = p->responder.ip4.as_u32;
3819 sa.i_id.type = p->loc_id.type;
3820 sa.i_id.data = vec_dup (p->loc_id.data);
3821 sa.r_id.type = p->rem_id.type;
3822 sa.r_id.data = vec_dup (p->rem_id.data);
3823 sa.i_auth.method = p->auth.method;
3824 sa.i_auth.hex = p->auth.hex;
3825 sa.i_auth.data = vec_dup (p->auth.data);
3826 sa.sw_if_index = p->responder.sw_if_index;
3827 vec_add (sa.childs[0].tsi, &p->loc_ts, 1);
3828 vec_add (sa.childs[0].tsr, &p->rem_ts, 1);
3830 ikev2_initial_contact_cleanup (&sa);
3832 /* add SA to the pool */
3833 ikev2_sa_t *sa0 = 0;
3834 pool_get (km->sais, sa0);
3835 clib_memcpy_fast (sa0, &sa, sizeof (*sa0));
3836 hash_set (km->sa_by_ispi, sa0->ispi, sa0 - km->sais);
3838 ikev2_send_ike (vm, if_ip, &p->responder.ip4, bi0, len,
3839 IKEV2_PORT, sa.dst_port, sa.sw_if_index);
3841 ikev2_elog_exchange ("ispi %lx rspi %lx IKEV2_EXCHANGE_SA_INIT sent to "
3842 "%d.%d.%d.%d", clib_host_to_net_u64 (sa0->ispi), 0,
3843 p->responder.ip4.as_u32);
3850 ikev2_delete_child_sa_internal (vlib_main_t * vm, ikev2_sa_t * sa,
3851 ikev2_child_sa_t * csa)
3853 /* Create the Initiator notification for child SA removal */
3854 ikev2_main_t *km = &ikev2_main;
3859 bi0 = ikev2_get_new_ike_header_buff (vm, &ike0);
3862 ikev2_log_error ("buffer alloc failure");
3866 ike0->exchange = IKEV2_EXCHANGE_INFORMATIONAL;
3867 ike0->ispi = clib_host_to_net_u64 (sa->ispi);
3868 ike0->rspi = clib_host_to_net_u64 (sa->rspi);
3869 vec_resize (sa->del, 1);
3870 sa->del->protocol_id = IKEV2_PROTOCOL_ESP;
3871 sa->del->spi = csa->i_proposals->spi;
3872 ike0->msgid = clib_host_to_net_u32 (sa->last_init_msg_id + 1);
3873 sa->last_init_msg_id = clib_net_to_host_u32 (ike0->msgid);
3874 len = ikev2_generate_message (sa, ike0, 0, 0);
3876 len = ikev2_insert_non_esp_marker (ike0, len);
3877 ikev2_send_ike (vm, &sa->iaddr, &sa->raddr, bi0, len,
3878 ikev2_get_port (sa), sa->dst_port, sa->sw_if_index);
3880 /* delete local child SA */
3881 ikev2_delete_tunnel_interface (km->vnet_main, sa, csa);
3882 ikev2_sa_del_child_sa (sa, csa);
3886 ikev2_initiate_delete_child_sa (vlib_main_t * vm, u32 ispi)
3889 ikev2_main_t *km = &ikev2_main;
3890 ikev2_main_per_thread_data_t *tkm;
3891 ikev2_sa_t *fsa = 0;
3892 ikev2_child_sa_t *fchild = 0;
3894 /* Search for the child SA */
3895 vec_foreach (tkm, km->per_thread_data)
3901 pool_foreach (sa, tkm->sas, ({
3902 fchild = ikev2_sa_get_child(sa, ispi, IKEV2_PROTOCOL_ESP, 1);
3912 if (!fchild || !fsa)
3914 r = clib_error_return (0, "Child SA not found");
3919 ikev2_delete_child_sa_internal (vm, fsa, fchild);
3926 ikev2_initiate_delete_ike_sa (vlib_main_t * vm, u64 ispi)
3929 ikev2_main_t *km = &ikev2_main;
3930 ikev2_main_per_thread_data_t *tkm;
3931 ikev2_sa_t *fsa = 0;
3932 ikev2_main_per_thread_data_t *ftkm = 0;
3934 /* Search for the IKE SA */
3935 vec_foreach (tkm, km->per_thread_data)
3941 pool_foreach (sa, tkm->sas, ({
3942 if (sa->ispi == ispi)
3954 r = clib_error_return (0, "IKE SA not found");
3958 ikev2_initiate_delete_ike_sa_internal (vm, ftkm, fsa);
3963 ikev2_rekey_child_sa_internal (vlib_main_t * vm, ikev2_sa_t * sa,
3964 ikev2_child_sa_t * csa)
3966 /* Create the Initiator request for create child SA */
3971 bi0 = ikev2_get_new_ike_header_buff (vm, &ike0);
3974 ikev2_log_error ("buffer alloc failure");
3978 ike0->version = IKE_VERSION_2;
3979 ike0->flags = IKEV2_HDR_FLAG_INITIATOR;
3980 ike0->exchange = IKEV2_EXCHANGE_CREATE_CHILD_SA;
3981 ike0->ispi = clib_host_to_net_u64 (sa->ispi);
3982 ike0->rspi = clib_host_to_net_u64 (sa->rspi);
3983 ike0->msgid = clib_host_to_net_u32 (sa->last_init_msg_id + 1);
3984 sa->last_init_msg_id = clib_net_to_host_u32 (ike0->msgid);
3986 ikev2_rekey_t *rekey;
3987 vec_add2 (sa->rekey, rekey, 1);
3988 ikev2_sa_proposal_t *proposals = vec_dup (csa->i_proposals);
3991 RAND_bytes ((u8 *) & proposals[0].spi, sizeof (proposals[0].spi));
3992 rekey->spi = proposals[0].spi;
3993 rekey->ispi = csa->i_proposals->spi;
3994 len = ikev2_generate_message (sa, ike0, proposals, 0);
3996 len = ikev2_insert_non_esp_marker (ike0, len);
3997 ikev2_send_ike (vm, &sa->iaddr, &sa->raddr, bi0, len,
3998 ikev2_get_port (sa), ikev2_get_port (sa), sa->sw_if_index);
3999 vec_free (proposals);
4003 ikev2_initiate_rekey_child_sa (vlib_main_t * vm, u32 ispi)
4006 ikev2_main_t *km = &ikev2_main;
4007 ikev2_main_per_thread_data_t *tkm;
4008 ikev2_sa_t *fsa = 0;
4009 ikev2_child_sa_t *fchild = 0;
4011 /* Search for the child SA */
4012 vec_foreach (tkm, km->per_thread_data)
4018 pool_foreach (sa, tkm->sas, ({
4019 fchild = ikev2_sa_get_child(sa, ispi, IKEV2_PROTOCOL_ESP, 1);
4029 if (!fchild || !fsa)
4031 r = clib_error_return (0, "Child SA not found");
4036 ikev2_rekey_child_sa_internal (vm, fsa, fchild);
4043 ikev2_init (vlib_main_t * vm)
4045 ikev2_main_t *km = &ikev2_main;
4046 vlib_thread_main_t *tm = vlib_get_thread_main ();
4049 clib_memset (km, 0, sizeof (ikev2_main_t));
4050 km->vnet_main = vnet_get_main ();
4053 km->liveness_period = IKEV2_LIVENESS_PERIOD_CHECK;
4054 km->liveness_max_retries = IKEV2_LIVENESS_RETRIES;
4055 ikev2_crypto_init (km);
4057 mhash_init_vec_string (&km->profile_index_by_name, sizeof (uword));
4059 vec_validate_aligned (km->per_thread_data, tm->n_vlib_mains - 1,
4060 CLIB_CACHE_LINE_BYTES);
4061 for (thread_id = 0; thread_id < tm->n_vlib_mains; thread_id++)
4063 ikev2_main_per_thread_data_t *ptd =
4064 vec_elt_at_index (km->per_thread_data, thread_id);
4066 ptd->sa_by_rspi = hash_create (0, sizeof (uword));
4068 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
4069 ptd->evp_ctx = EVP_CIPHER_CTX_new ();
4070 ptd->hmac_ctx = HMAC_CTX_new ();
4072 EVP_CIPHER_CTX_init (&ptd->_evp_ctx);
4073 ptd->evp_ctx = &ptd->_evp_ctx;
4074 HMAC_CTX_init (&(ptd->_hmac_ctx));
4075 ptd->hmac_ctx = &ptd->_hmac_ctx;
4079 km->sa_by_ispi = hash_create (0, sizeof (uword));
4080 km->sw_if_indices = hash_create (0, 0);
4081 km->udp_ports = hash_create (0, sizeof (uword));
4083 udp_register_dst_port (vm, IKEV2_PORT, ikev2_node.index, 1);
4084 udp_register_dst_port (vm, IKEV2_PORT_NATT, ikev2_node.index, 1);
4086 vlib_punt_hdl_t punt_hdl = vlib_punt_client_register ("ikev2");
4087 vlib_punt_register (punt_hdl, ipsec_punt_reason[IPSEC_PUNT_IP4_SPI_UDP_0],
4089 ikev2_cli_reference ();
4091 km->log_level = IKEV2_LOG_ERROR;
4092 km->log_class = vlib_log_register_class ("ikev2", 0);
4097 VLIB_INIT_FUNCTION (ikev2_init) =
4099 .runs_after = VLIB_INITS("ipsec_init", "ipsec_punt_init"),
4104 ikev2_mngr_process_child_sa (ikev2_sa_t * sa, ikev2_child_sa_t * csa,
4107 ikev2_main_t *km = &ikev2_main;
4108 ikev2_profile_t *p = 0;
4109 vlib_main_t *vm = km->vlib_main;
4110 f64 now = vlib_time_now (vm);
4113 if (sa->profile_index != ~0)
4114 p = pool_elt_at_index (km->profiles, sa->profile_index);
4116 if (sa->is_initiator && p && csa->time_to_expiration
4117 && now > csa->time_to_expiration)
4119 if (!csa->is_expired || csa->rekey_retries > 0)
4121 ikev2_rekey_child_sa_internal (vm, sa, csa);
4122 csa->time_to_expiration = now + p->handover;
4123 csa->is_expired = 1;
4124 if (csa->rekey_retries == 0)
4126 csa->rekey_retries = 5;
4128 else if (csa->rekey_retries > 0)
4130 csa->rekey_retries--;
4131 ikev2_log_debug ("Rekeying Child SA 0x%x, retries left %d",
4132 csa->i_proposals->spi, csa->rekey_retries);
4133 if (csa->rekey_retries == 0)
4135 csa->rekey_retries = -1;
4142 csa->time_to_expiration = 0;
4143 ikev2_delete_child_sa_internal (vm, sa, csa);
4151 ipip_tunnel_t *ipip = NULL;
4152 u32 sw_if_index = sa->is_tun_itf_set ? sa->tun_itf : ~0;
4153 if (~0 == sw_if_index)
4155 ip46_address_t local_ip;
4156 ip46_address_t remote_ip;
4157 if (sa->is_initiator)
4159 ip46_address_set_ip4 (&local_ip, &sa->iaddr);
4160 ip46_address_set_ip4 (&remote_ip, &sa->raddr);
4164 ip46_address_set_ip4 (&local_ip, &sa->raddr);
4165 ip46_address_set_ip4 (&remote_ip, &sa->iaddr);
4169 ipip_tunnel_key_t key = {
4172 .transport = IPIP_TRANSPORT_IP4,
4177 ipip = ipip_tunnel_db_find (&key);
4180 sw_if_index = ipip->sw_if_index;
4186 vec_add1 (sas_in, csa->remote_sa_id);
4187 vlib_worker_thread_barrier_sync (vm);
4188 ipsec_tun_protect_update (sw_if_index, NULL, csa->local_sa_id, sas_in);
4189 ipsec_sa_unlock_id (ikev2_flip_alternate_sa_bit (csa->remote_sa_id));
4190 vlib_worker_thread_barrier_release (vm);
4197 ikev2_set_log_level (ikev2_log_level_t log_level)
4199 ikev2_main_t *km = &ikev2_main;
4201 if (log_level >= IKEV2_LOG_MAX)
4203 ikev2_log_error ("unknown logging level %d", log_level);
4207 km->log_level = log_level;
4212 ikev2_set_liveness_params (u32 period, u32 max_retries)
4214 ikev2_main_t *km = &ikev2_main;
4216 if (period == 0 || max_retries == 0)
4217 return clib_error_return (0, "invalid args");
4219 km->liveness_period = period;
4220 km->liveness_max_retries = max_retries;
4225 ikev2_mngr_process_ipsec_sa (ipsec_sa_t * ipsec_sa)
4227 ikev2_main_t *km = &ikev2_main;
4228 vlib_main_t *vm = km->vlib_main;
4229 ikev2_main_per_thread_data_t *tkm;
4230 ikev2_sa_t *fsa = 0;
4231 ikev2_profile_t *p = 0;
4232 ikev2_child_sa_t *fchild = 0;
4233 f64 now = vlib_time_now (vm);
4234 vlib_counter_t counts;
4236 /* Search for the SA and child SA */
4237 vec_foreach (tkm, km->per_thread_data)
4243 pool_foreach (sa, tkm->sas, ({
4244 fchild = ikev2_sa_get_child(sa, ipsec_sa->spi, IKEV2_PROTOCOL_ESP, 1);
4253 vlib_get_combined_counter (&ipsec_sa_counters,
4254 ipsec_sa->stat_index, &counts);
4256 if (fsa && fsa->profile_index != ~0 && fsa->is_initiator)
4257 p = pool_elt_at_index (km->profiles, fsa->profile_index);
4259 if (fchild && p && p->lifetime_maxdata)
4261 if (!fchild->is_expired && counts.bytes > p->lifetime_maxdata)
4263 fchild->time_to_expiration = now;
4269 ikev2_process_pending_sa_init (ikev2_main_t * km)
4276 hash_foreach (ispi, sai, km->sa_by_ispi,
4278 sa = pool_elt_at_index (km->sais, sai);
4279 if (sa->init_response_received)
4283 if (vlib_buffer_alloc (km->vlib_main, &bi0, 1) != 1)
4286 vlib_buffer_t * b = vlib_get_buffer (km->vlib_main, bi0);
4287 clib_memcpy_fast (vlib_buffer_get_current (b),
4288 sa->last_sa_init_req_packet_data,
4289 vec_len (sa->last_sa_init_req_packet_data));
4290 ikev2_send_ike (km->vlib_main, &sa->iaddr, &sa->raddr, bi0,
4291 vec_len (sa->last_sa_init_req_packet_data),
4292 ikev2_get_port (sa), IKEV2_PORT, sa->sw_if_index);
4297 static vlib_node_registration_t ikev2_mngr_process_node;
4300 ikev2_send_informational_request (ikev2_sa_t * sa)
4302 ikev2_main_t *km = &ikev2_main;
4303 ip4_address_t *src, *dst;
4309 bi0 = ikev2_get_new_ike_header_buff (km->vlib_main, &ike0);
4312 ikev2_log_error ("buffer alloc failure");
4316 ike0->exchange = IKEV2_EXCHANGE_INFORMATIONAL;
4317 ike0->ispi = clib_host_to_net_u64 (sa->ispi);
4318 ike0->rspi = clib_host_to_net_u64 (sa->rspi);
4319 ike0->msgid = clib_host_to_net_u32 (sa->last_init_msg_id + 1);
4320 sa->last_init_msg_id = clib_net_to_host_u32 (ike0->msgid);
4321 len = ikev2_generate_message (sa, ike0, 0, 0);
4323 len = ikev2_insert_non_esp_marker (ike0, len);
4325 if (sa->is_initiator)
4336 dp = sa->dst_port ? sa->dst_port : ikev2_get_port (sa);
4337 ikev2_send_ike (km->vlib_main, src, dst, bi0, len, ikev2_get_port (sa), dp,
4341 static_always_inline int
4342 ikev2_mngr_process_responder_sas (ikev2_sa_t * sa)
4344 ikev2_main_t *km = &ikev2_main;
4345 vlib_main_t *vm = km->vlib_main;
4347 if (!sa->keys_generated)
4350 if (sa->liveness_retries >= km->liveness_max_retries)
4353 f64 now = vlib_time_now (vm);
4355 if (sa->liveness_period_check < now)
4357 sa->liveness_retries++;
4358 sa->liveness_period_check = now + km->liveness_period;
4359 ikev2_send_informational_request (sa);
4365 ikev2_mngr_process_fn (vlib_main_t * vm, vlib_node_runtime_t * rt,
4368 ikev2_main_t *km = &ikev2_main;
4369 ipsec_main_t *im = &ipsec_main;
4371 ikev2_child_sa_t *c;
4377 vlib_process_wait_for_event_or_clock (vm, 1);
4378 vlib_process_get_events (vm, NULL);
4380 /* process ike child sas */
4381 ikev2_main_per_thread_data_t *tkm;
4382 vec_foreach (tkm, km->per_thread_data)
4385 u32 *to_be_deleted = 0;
4388 pool_foreach (sa, tkm->sas, ({
4389 ikev2_child_sa_t *c;
4391 if (sa->old_remote_id_present && 0 > sa->old_id_expiration)
4393 sa->old_remote_id_present = 0;
4397 sa->old_id_expiration -= 1;
4399 vec_foreach (c, sa->childs)
4401 req_sent |= ikev2_mngr_process_child_sa(sa, c, del_old_ids);
4404 if (ikev2_mngr_process_responder_sas (sa))
4405 vec_add1 (to_be_deleted, sa - tkm->sas);
4409 vec_foreach (sai, to_be_deleted)
4411 sa = pool_elt_at_index (tkm->sas, sai[0]);
4412 u8 reinitiate = (sa->is_initiator && sa->profile_index != ~0);
4413 vec_foreach (c, sa->childs)
4415 ikev2_delete_tunnel_interface (km->vnet_main, sa, c);
4416 ikev2_sa_del_child_sa (sa, c);
4418 ikev2_sa_free_all_vec (sa);
4419 hash_unset (tkm->sa_by_rspi, sa->rspi);
4420 pool_put (tkm->sas, sa);
4424 p = pool_elt_at_index (km->profiles, sa->profile_index);
4427 ikev2_initiate_sa_init (vm, p->name);
4431 vec_free (to_be_deleted);
4434 /* process ipsec sas */
4437 pool_foreach (sa, im->sad, ({
4438 ikev2_mngr_process_ipsec_sa(sa);
4442 ikev2_process_pending_sa_init (km);
4446 vlib_process_wait_for_event_or_clock (vm, 5);
4447 vlib_process_get_events (vm, NULL);
4456 VLIB_REGISTER_NODE (ikev2_mngr_process_node, static) = {
4457 .function = ikev2_mngr_process_fn,
4458 .type = VLIB_NODE_TYPE_PROCESS,
4460 "ikev2-manager-process",
4463 VLIB_PLUGIN_REGISTER () = {
4464 .version = VPP_BUILD_VER,
4465 .description = "Internet Key Exchange (IKEv2) Protocol",
4470 * fd.io coding-style-patch-verification: ON
4473 * eval: (c-set-style "gnu")
Code Review / vpp.git / blob