[SCTP]: protocol definitions for SCTP-AUTH implementation

Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
author: Vlad Yasevich <vladislav.yasevich@hp.com> 2007-09-16 22:26:06 -0400
committer: David S. Miller <davem@sunset.davemloft.net> 2007-10-10 19:51:28 -0400
commit: f7b0e93ba1a484700bd1b0e36bdaddaf4eb51b0b (patch)
tree: b2d4e47039ca99a11ca737b72e43d2bfa8efa3be /include
parent: 96793b482540f3a26e2188eaf75cb56b7829d3e3 (diff)
1 files changed, 99 insertions, 1 deletions
diff --git a/include/linux/sctp.h b/include/linux/sctp.h
index f4d717b72ddd..5eb38cc0e5a4 100644
--- a/include/linux/sctp.h
+++ b/include/linux/sctp.h
@@ -102,6 +102,9 @@ typedef enum {
        SCTP_CID_ECN_CWR                = 13,
        SCTP_CID_SHUTDOWN_COMPLETE      = 14,
+        /* AUTH Extension Section 4.1 */
+        SCTP_CID_AUTH                   = 0x0F,
        /* PR-SCTP Sec 3.2 */
        SCTP_CID_FWD_TSN                = 0xC0,
@@ -180,6 +183,11 @@ typedef enum {
        SCTP_PARAM_SUPPORTED_ADDRESS_TYPES      = __constant_htons(12),
        SCTP_PARAM_ECN_CAPABLE                  = __constant_htons(0x8000),
+        /* AUTH Extension Section 3 */
+        SCTP_PARAM_RANDOM                       = __constant_htons(0x8002),
+        SCTP_PARAM_CHUNKS                       = __constant_htons(0x8003),
+        SCTP_PARAM_HMAC_ALGO                    = __constant_htons(0x8004),
        /* Add-IP: Supported Extensions, Section 4.2 */
        SCTP_PARAM_SUPPORTED_EXT        = __constant_htons(0x8008),
@@ -305,6 +313,24 @@ typedef struct sctp_supported_ext_param {
        __u8 chunks[0];
 } __attribute__((packed)) sctp_supported_ext_param_t;
+/* AUTH Section 3.1 Random */
+typedef struct sctp_random_param {
+        sctp_paramhdr_t param_hdr;
+        __u8 random_val[0];
+} __attribute__((packed)) sctp_random_param_t;
+/* AUTH Section 3.2 Chunk List */
+typedef struct sctp_chunks_param {
+        sctp_paramhdr_t param_hdr;
+        __u8 chunks[0];
+} __attribute__((packed)) sctp_chunks_param_t;
+/* AUTH Section 3.3 HMAC Algorithm */
+typedef struct sctp_hmac_algo_param {
+        sctp_paramhdr_t param_hdr;
+        __be16 hmac_ids[0];
+} __attribute__((packed)) sctp_hmac_algo_param_t;
 /* RFC 2960.  Section 3.3.3 Initiation Acknowledgement (INIT ACK) (2):
 *   The INIT ACK chunk is used to acknowledge the initiation of an SCTP
 *   association.
@@ -471,7 +497,19 @@ typedef enum {
        SCTP_ERROR_RSRC_LOW     = __constant_htons(0x0101),
        SCTP_ERROR_DEL_SRC_IP   = __constant_htons(0x0102),
        SCTP_ERROR_ASCONF_ACK   = __constant_htons(0x0103),
-        SCTP_ERROR_REQ_REFUSED  = __constant_htons(0x0104)
+        SCTP_ERROR_REQ_REFUSED  = __constant_htons(0x0104),
+        /* AUTH Section 4.  New Error Cause
+         *
+         * This section defines a new error cause that will be sent if an AUTH
+         * chunk is received with an unsupported HMAC identifier.
+         * illustrates the new error cause.
+         *
+         * Cause Code      Error Cause Name
+         * --------------------------------------------------------------
+         * 0x0105          Unsupported HMAC Identifier
+         */
+         SCTP_ERROR_UNSUP_HMAC  = __constant_htons(0x0105)
 } sctp_error_t;
@@ -609,4 +647,64 @@ typedef struct sctp_addip_chunk {
        sctp_addiphdr_t addip_hdr;
 } __attribute__((packed)) sctp_addip_chunk_t;
+/* AUTH
+ * Section 4.1  Authentication Chunk (AUTH)
+ *
+ *   This chunk is used to hold the result of the HMAC calculation.
+ *
+ *    0                   1                   2                   3
+ *    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+ *   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ *   | Type = 0x0F   |   Flags=0     |             Length            |
+ *   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ *   |     Shared Key Identifier     |   HMAC Identifier             |
+ *   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ *   |                                                               |
+ *   \                             HMAC                              /
+ *   /                                                               \
+ *   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ *
+ *   Type: 1 byte (unsigned integer)
+ *      This value MUST be set to 0x0F for  all AUTH-chunks.
+ *
+ *   Flags: 1 byte (unsigned integer)
+ *      Set to zero on transmit and ignored on receipt.
+ *
+ *   Length: 2 bytes (unsigned integer)
+ *      This value holds the length of the HMAC in bytes plus 8.
+ *
+ *  Shared Key Identifier: 2 bytes (unsigned integer)
+ *      This value describes which endpoint pair shared key is used.
+ *
+ *   HMAC Identifier: 2 bytes (unsigned integer)
+ *      This value describes which message digest is being used.  Table 2
+ *      shows the currently defined values.
+ *
+ *    The following Table 2 shows the currently defined values for HMAC
+ *       identifiers.
+ *
+ *       +-----------------+--------------------------+
+ *       | HMAC Identifier | Message Digest Algorithm |
+ *       +-----------------+--------------------------+
+ *       | 0               | Reserved                 |
+ *       | 1               | SHA-1 defined in [8]     |
+ *       | 2               | Reserved                 |
+ *       | 3               | SHA-256 defined in [8]   |
+ *       +-----------------+--------------------------+
+ *
+ *
+ *   HMAC: n bytes (unsigned integer) This hold the result of the HMAC
+ *      calculation.
+ */
+typedef struct sctp_authhdr {
+        __be16 shkey_id;
+        __be16 hmac_id;
+        __u8   hmac[0];
+} __attribute__((packed)) sctp_authhdr_t;
+typedef struct sctp_auth_chunk {
+        sctp_chunkhdr_t chunk_hdr;
+        sctp_authhdr_t auth_hdr;
+} __attribute__((packed)) sctp_auth_chunk_t;
 #endif /* __LINUX_SCTP_H__ */
author	Vlad Yasevich <vladislav.yasevich@hp.com>	2007-09-16 22:26:06 -0400
committer	David S. Miller <davem@sunset.davemloft.net>	2007-10-10 19:51:28 -0400
commit	f7b0e93ba1a484700bd1b0e36bdaddaf4eb51b0b (patch)
tree	b2d4e47039ca99a11ca737b72e43d2bfa8efa3be /include
parent	96793b482540f3a26e2188eaf75cb56b7829d3e3 (diff)

diff --git a/include/linux/sctp.h b/include/linux/sctp.h index f4d717b72ddd..5eb38cc0e5a4 100644 --- a/include/linux/sctp.h +++ b/include/linux/sctp.h
@@ -102,6 +102,9 @@ typedef enum {
102	SCTP_CID_ECN_CWR = 13,	102	SCTP_CID_ECN_CWR = 13,
103	SCTP_CID_SHUTDOWN_COMPLETE = 14,	103	SCTP_CID_SHUTDOWN_COMPLETE = 14,
104		104
		105	/* AUTH Extension Section 4.1 */
		106	SCTP_CID_AUTH = 0x0F,
		107
105	/* PR-SCTP Sec 3.2 */	108	/* PR-SCTP Sec 3.2 */
106	SCTP_CID_FWD_TSN = 0xC0,	109	SCTP_CID_FWD_TSN = 0xC0,
107		110
@@ -180,6 +183,11 @@ typedef enum {
180	SCTP_PARAM_SUPPORTED_ADDRESS_TYPES = __constant_htons(12),	183	SCTP_PARAM_SUPPORTED_ADDRESS_TYPES = __constant_htons(12),
181	SCTP_PARAM_ECN_CAPABLE = __constant_htons(0x8000),	184	SCTP_PARAM_ECN_CAPABLE = __constant_htons(0x8000),
182		185
		186	/* AUTH Extension Section 3 */
		187	SCTP_PARAM_RANDOM = __constant_htons(0x8002),
		188	SCTP_PARAM_CHUNKS = __constant_htons(0x8003),
		189	SCTP_PARAM_HMAC_ALGO = __constant_htons(0x8004),
		190
183	/* Add-IP: Supported Extensions, Section 4.2 */	191	/* Add-IP: Supported Extensions, Section 4.2 */
184	SCTP_PARAM_SUPPORTED_EXT = __constant_htons(0x8008),	192	SCTP_PARAM_SUPPORTED_EXT = __constant_htons(0x8008),
185		193
@@ -305,6 +313,24 @@ typedef struct sctp_supported_ext_param {
305	__u8 chunks[0];	313	__u8 chunks[0];
306	} __attribute__((packed)) sctp_supported_ext_param_t;	314	} __attribute__((packed)) sctp_supported_ext_param_t;
307		315
		316	/* AUTH Section 3.1 Random */
		317	typedef struct sctp_random_param {
		318	sctp_paramhdr_t param_hdr;
		319	__u8 random_val[0];
		320	} __attribute__((packed)) sctp_random_param_t;
		321
		322	/* AUTH Section 3.2 Chunk List */
		323	typedef struct sctp_chunks_param {
		324	sctp_paramhdr_t param_hdr;
		325	__u8 chunks[0];
		326	} __attribute__((packed)) sctp_chunks_param_t;
		327
		328	/* AUTH Section 3.3 HMAC Algorithm */
		329	typedef struct sctp_hmac_algo_param {
		330	sctp_paramhdr_t param_hdr;
		331	__be16 hmac_ids[0];
		332	} __attribute__((packed)) sctp_hmac_algo_param_t;
		333
308	/* RFC 2960. Section 3.3.3 Initiation Acknowledgement (INIT ACK) (2):	334	/* RFC 2960. Section 3.3.3 Initiation Acknowledgement (INIT ACK) (2):
309	* The INIT ACK chunk is used to acknowledge the initiation of an SCTP	335	* The INIT ACK chunk is used to acknowledge the initiation of an SCTP
310	* association.	336	* association.
@@ -471,7 +497,19 @@ typedef enum {
471	SCTP_ERROR_RSRC_LOW = __constant_htons(0x0101),	497	SCTP_ERROR_RSRC_LOW = __constant_htons(0x0101),
472	SCTP_ERROR_DEL_SRC_IP = __constant_htons(0x0102),	498	SCTP_ERROR_DEL_SRC_IP = __constant_htons(0x0102),
473	SCTP_ERROR_ASCONF_ACK = __constant_htons(0x0103),	499	SCTP_ERROR_ASCONF_ACK = __constant_htons(0x0103),
474	SCTP_ERROR_REQ_REFUSED = __constant_htons(0x0104)	500	SCTP_ERROR_REQ_REFUSED = __constant_htons(0x0104),
		501
		502	/* AUTH Section 4. New Error Cause
		503	*
		504	* This section defines a new error cause that will be sent if an AUTH
		505	* chunk is received with an unsupported HMAC identifier.
		506	* illustrates the new error cause.
		507	*
		508	* Cause Code Error Cause Name
		509	* --------------------------------------------------------------
		510	* 0x0105 Unsupported HMAC Identifier
		511	*/
		512	SCTP_ERROR_UNSUP_HMAC = __constant_htons(0x0105)
475	} sctp_error_t;	513	} sctp_error_t;
476		514
477		515
@@ -609,4 +647,64 @@ typedef struct sctp_addip_chunk {
609	sctp_addiphdr_t addip_hdr;	647	sctp_addiphdr_t addip_hdr;
610	} __attribute__((packed)) sctp_addip_chunk_t;	648	} __attribute__((packed)) sctp_addip_chunk_t;
611		649
		650	/* AUTH
		651	* Section 4.1 Authentication Chunk (AUTH)
		652	*
		653	* This chunk is used to hold the result of the HMAC calculation.
		654	*
		655	* 0 1 2 3
		656	* 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
		657	* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
		658	* \| Type = 0x0F \| Flags=0 \| Length \|
		659	* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
		660	* \| Shared Key Identifier \| HMAC Identifier \|
		661	* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
		662	* \| \|
		663	* \ HMAC /
		664	* / \
		665	* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
		666	*
		667	* Type: 1 byte (unsigned integer)
		668	* This value MUST be set to 0x0F for all AUTH-chunks.
		669	*
		670	* Flags: 1 byte (unsigned integer)
		671	* Set to zero on transmit and ignored on receipt.
		672	*
		673	* Length: 2 bytes (unsigned integer)
		674	* This value holds the length of the HMAC in bytes plus 8.
		675	*
		676	* Shared Key Identifier: 2 bytes (unsigned integer)
		677	* This value describes which endpoint pair shared key is used.
		678	*
		679	* HMAC Identifier: 2 bytes (unsigned integer)
		680	* This value describes which message digest is being used. Table 2
		681	* shows the currently defined values.
		682	*
		683	* The following Table 2 shows the currently defined values for HMAC
		684	* identifiers.
		685	*
		686	* +-----------------+--------------------------+
		687	* \| HMAC Identifier \| Message Digest Algorithm \|
		688	* +-----------------+--------------------------+
		689	* \| 0 \| Reserved \|
		690	* \| 1 \| SHA-1 defined in [8] \|
		691	* \| 2 \| Reserved \|
		692	* \| 3 \| SHA-256 defined in [8] \|
		693	* +-----------------+--------------------------+
		694	*
		695	*
		696	* HMAC: n bytes (unsigned integer) This hold the result of the HMAC
		697	* calculation.
		698	*/
		699	typedef struct sctp_authhdr {
		700	__be16 shkey_id;
		701	__be16 hmac_id;
		702	__u8 hmac[0];
		703	} __attribute__((packed)) sctp_authhdr_t;
		704
		705	typedef struct sctp_auth_chunk {
		706	sctp_chunkhdr_t chunk_hdr;
		707	sctp_authhdr_t auth_hdr;
		708	} __attribute__((packed)) sctp_auth_chunk_t;
		709
612	#endif /* __LINUX_SCTP_H__ */	710	#endif /* __LINUX_SCTP_H__ */