Lines Matching defs:key
3 * net/tipc/crypto.c: TIPC crypto for key handling & packet en/decryption
88 /* Max TFMs number per key */
98 * key: | (reserved)|passive idx| active idx|pending idx|
126 * @tfm: cipher handle/key
135 * struct tipc_aead - TIPC AEAD key structure
137 * @crypto: TIPC crypto owns this key
138 * @cloned: reference to the source key in case cloning
139 * @users: the number of the key users (TX/RX)
140 * @salt: the key's SALT value
142 * @mode: crypto mode is applied to the key
143 * @hint: a hint for user key
145 * @key: the aead key
146 * @gen: the key's generation
147 * @seqno: the key seqno (cluster scope)
148 * @refcnt: the key reference counter
161 struct tipc_aead_key *key;
182 * @peer_rx_active: replicated peer RX active key index
183 * @key_gen: TX/RX key generation
184 * @key: the key states
185 * @skey_mode: session key's mode
186 * @skey: received session key
189 * @key_distr: key distributing state
197 * @key_master: flag indicates if master key exists
198 * @legacy_user: flag indicates if a peer joins w/o master key (for bwd comp.)
199 * @nokey: no key indication
209 struct tipc_key key;
330 * tipc_aead_key_validate - Validate a AEAD user key
331 * @ukey: pointer to user key data
350 /* Check if key size is correct */
355 GENL_SET_ERR_MSG(info, "incorrect key length (20, 28 or 36 octets?)");
363 * tipc_aead_key_generate - Generate new session key
364 * @skey: input/output key with new content
372 /* Fill the key's content with a random value via RNG cipher */
375 rc = crypto_rng_get_bytes(crypto_default_rng, skey->key,
403 * tipc_aead_free - Release AEAD key incl. all the TFMs in the list
427 kfree_sensitive(aead->key);
486 * @aead: the AEAD key pointer
503 * @aead: returned new TIPC AEAD key handle pointer
504 * @ukey: pointer to user key data
505 * @mode: the key mode
508 * key data if valid. The number of the allocated TFMs can be set via the sysfs
531 /* The key consists of two parts: [AES-KEY][SALT] */
541 /* Make a list of TFMs with the user key data */
557 err |= crypto_aead_setkey(tfm, ukey->key, keylen);
591 /* Form a hex string of some last bytes as the key's hint */
592 bin2hex(tmp->hint, ukey->key + keylen - TIPC_AEAD_HINT_LEN,
599 tmp->key = kmemdup(ukey, tipc_aead_key_size(ukey), GFP_KERNEL);
600 if (!tmp->key) {
604 memcpy(&tmp->salt, ukey->key + keylen, TIPC_AES_GCM_SALT_SIZE);
614 * tipc_aead_clone - Clone a TIPC AEAD key
615 * @dst: dest key for the cloning
616 * @src: source key to clone from
618 * Make a "copy" of the source AEAD key data to the dest, the TFMs list is
623 * Note: this must be done in cluster-key mode only!
721 * @aead: TIPC AEAD key for the message encryption
787 * In case we're in cluster-key mode, SALT is varied by xor-ing with
1023 * @aead: TX AEAD key to be used for the message encryption
1024 * @tx_key: key id used for the message encryption
1046 * Use the key seqno (= cluster wise) if dest is unknown or we're in
1047 * cluster key mode, otherwise it's better for a per-peer seqno!
1054 /* Revoke the key if seqno is wrapped around */
1067 ehdr->rx_key_active = (__rx) ? __rx->key.active : 0;
1095 struct tipc_key old = c->key;
1098 c->key.keys = ((new_passive & KEY_MASK) << (KEY_BITS * 2)) |
1102 pr_debug("%s: key changing %s ::%pS\n", c->name,
1103 tipc_key_change_dump(old, c->key, buf),
1108 * tipc_crypto_key_init - Initiate a new user / AEAD key
1109 * @c: TIPC crypto to which new key is attached
1110 * @ukey: the user key
1111 * @mode: the key mode (CLUSTER_KEY or PER_NODE_KEY)
1112 * @master_key: specify this is a cluster master key
1114 * A new TIPC AEAD key will be allocated and initiated with the specified user
1115 * key, then attached to the TIPC crypto.
1117 * Return: new key id in case of success, otherwise: < 0
1125 /* Initiate with the new user key */
1139 * tipc_crypto_key_attach - Attach a new AEAD key to TIPC crypto
1140 * @c: TIPC crypto to which the new AEAD key is attached
1141 * @aead: the new AEAD key pointer
1142 * @pos: desired slot in the crypto key array, = 0 if any!
1143 * @master_key: specify this is a cluster master key
1145 * Return: new key id in case of success, otherwise: -EBUSY
1151 struct tipc_key key;
1156 key = c->key;
1161 if (key.active && key.passive)
1163 if (key.pending) {
1164 if (tipc_aead_users(c->aead[key.pending]) > 0)
1168 new_key = key.pending;
1171 if (key.active && pos != key_next(key.active)) {
1172 key.passive = pos;
1175 } else if (!key.active && !key.passive) {
1176 key.pending = pos;
1181 key.pending = key_next(key.active ?: key.passive);
1182 new_key = key.pending;
1189 if (likely(c->key.keys != key.keys))
1190 tipc_crypto_key_set_state(c, key.passive, key.active,
1191 key.pending);
1218 /* RX stopping => decrease TX key users if any */
1222 /* Mark the point TX key users changed */
1238 * @new_pending: new pending slot if aligned (= TX key from peer)
1240 * Peer has used an unknown key slot, this only happens when peer has left and
1242 * That means, there must be no active key but a pending key at unaligned slot.
1243 * If so, we try to move the pending key to the new slot.
1244 * Note: A potential passive key can exist, it will be shifted correspondingly!
1246 * Return: "true" if key is successfully aligned, otherwise "false"
1251 struct tipc_key key;
1257 key = rx->key;
1258 if (key.pending == new_pending) {
1262 if (key.active)
1264 if (!key.pending)
1266 if (tipc_aead_users(rx->aead[key.pending]) > 0)
1269 /* Try to "isolate" this pending key first */
1270 tmp1 = tipc_aead_rcu_ptr(rx->aead[key.pending], &rx->lock);
1273 rcu_assign_pointer(rx->aead[key.pending], NULL);
1275 /* Move passive key if any */
1276 if (key.passive) {
1277 tmp2 = rcu_replace_pointer(rx->aead[key.passive], tmp2, lockdep_is_held(&rx->lock));
1278 x = (key.passive - key.pending + new_pending) % KEY_MAX;
1282 /* Re-allocate the key(s) */
1289 pr_info_ratelimited("%s: key[%d] -> key[%d]\n", rx->name, key.pending,
1298 * tipc_crypto_key_pick_tx - Pick one TX key for message decryption
1302 * @tx_key: peer TX key id
1305 * for the message decryption, that must be a cluster key and not used before
1308 * Return: the TX AEAD key handle in case of success, otherwise NULL
1317 struct tipc_key key = tx->key;
1330 /* Pick one TX key */
1337 k = (i == 0) ? key.pending :
1338 ((i == 1) ? key.active : key.passive);
1349 /* Ok, found one cluster key */
1367 * tipc_crypto_key_synch: Synch own key data according to peer key status
1371 * This function updates the peer node related data as the peer RX active key
1375 * It also considers if peer has no key, then we need to make own master key
1376 * (if any) taking over i.e. starting grace period and also trigger key
1379 * The "per-peer" sndnxt is also reset when the peer key has switched.
1391 * a peer has no master key.
1401 /* Case 1: Peer has no keys, let's make master key take over */
1405 /* Schedule key distributing for the peer if not yet */
1406 if (tx->key.keys &&
1415 /* Cancel a pending key distributing if any */
1419 /* Case 2: Peer RX active key has changed, let's update own TX users */
1422 if (tx->key.keys &&
1431 /* Mark the point TX key users changed */
1434 pr_debug("%s: key users changed %d-- %d++, peer %s\n",
1442 struct tipc_key key;
1445 key = tx->key;
1446 WARN_ON(!key.active || tx_key != key.active);
1448 /* Free the active key */
1449 tipc_crypto_key_set_state(tx, key.passive, 0, key.pending);
1450 tipc_crypto_key_detach(tx->aead[key.active], &tx->lock);
1453 pr_warn("%s: key is revoked\n", tx->name);
1546 struct tipc_key key;
1551 key = tx->key;
1552 if (key.active && tipc_aead_users(tx->aead[key.active]) > 0)
1554 if (!key.pending || tipc_aead_users(tx->aead[key.pending]) <= 0)
1559 tipc_crypto_key_set_state(tx, key.passive, key.pending, 0);
1560 if (key.active)
1561 tipc_crypto_key_detach(tx->aead[key.active], &tx->lock);
1563 pr_info("%s: key[%d] is activated\n", tx->name, key.pending);
1570 key = rx->key;
1571 if (!key.pending || tipc_aead_users(rx->aead[key.pending]) <= 0)
1574 if (key.active)
1575 key.passive = key.active;
1576 key.active = key.pending;
1578 tipc_crypto_key_set_state(rx, key.passive, key.active, 0);
1580 pr_info("%s: key[%d] is activated\n", rx->name, key.pending);
1585 if (!key.pending || tipc_aead_users(rx->aead[key.pending]) > -10)
1588 tipc_crypto_key_set_state(rx, key.passive, key.active, 0);
1589 tipc_crypto_key_detach(rx->aead[key.pending], &rx->lock);
1590 pr_debug("%s: key[%d] is removed\n", rx->name, key.pending);
1595 if (!key.active)
1598 tipc_aead_users(rx->aead[key.active]) > 0)
1601 if (key.pending)
1602 key.passive = key.active;
1604 key.pending = key.active;
1606 tipc_crypto_key_set_state(rx, key.passive, 0, key.pending);
1607 tipc_aead_users_set(rx->aead[key.pending], 0);
1608 pr_debug("%s: key[%d] is deactivated\n", rx->name, key.active);
1613 if (!key.passive)
1616 tipc_aead_users(rx->aead[key.passive]) > -10)
1619 tipc_crypto_key_set_state(rx, 0, key.active, key.pending);
1620 tipc_crypto_key_detach(rx->aead[key.passive], &rx->lock);
1621 pr_debug("%s: key[%d] is freed\n", rx->name, key.passive);
1667 * key with this preference order.
1675 * * -ENOKEK : the encryption has failed due to no key
1676 * * -EKEYREVOKED : the encryption has failed due to key revoked
1688 struct tipc_key key = tx->key;
1699 /* Pending key if peer has active on it or probing time */
1700 if (unlikely(key.pending)) {
1701 tx_key = key.pending;
1702 if (!tx->key_master && !key.active)
1707 pr_debug("%s: probing for key[%d]\n", tx->name,
1708 key.pending);
1716 /* Master key if this is a *vital* message or in grace period */
1719 if (!key.active)
1742 /* Else, use the active key if any */
1743 if (likely(key.active)) {
1744 tx_key = key.active;
1794 * Note: RX key(s) can be re-aligned, or in case of no key suitable, TX
1795 * cluster key(s) can be taken for decryption (- recursive).
1800 * * -ENOKEY : the decryption has failed due to no key
1811 struct tipc_key key;
1818 * Let's try with TX key (i.e. cluster mode) & verify the skb first!
1823 /* Pick RX key according to TX key if any */
1824 key = rx->key;
1825 if (tx_key == key.active || tx_key == key.pending ||
1826 tx_key == key.passive)
1829 /* Unknown key, let's try to align RX key(s) */
1834 /* No key suitable? Try to pick one from TX... */
1865 * pending received session key, nor a newer
1871 pr_debug_ratelimited("%s: nokey %d, key %d/%x\n",
1873 tx_key, rx->key.keys);
1928 /* Ignore cloning if it was TX master key */
1947 /* Set the RX key's user */
1958 if (rx->key.passive && ehdr->tx_key == rx->key.passive)
2019 /* Print key status */
2073 struct tipc_key key = c->key;
2088 if (k == key.passive)
2090 else if (k == key.active)
2092 else if (k == key.pending)
2122 struct tipc_key *key = &old;
2130 if (k == key->passive)
2132 else if (k == key->active)
2134 else if (k == key->pending)
2141 if (key != &new) {
2143 key = &new;
2184 * tipc_crypto_key_distr - Distribute a TX key
2186 * @key: the key's index
2191 int tipc_crypto_key_distr(struct tipc_crypto *tx, u8 key,
2201 if (key) {
2203 aead = tipc_aead_get(tx->aead[key]);
2205 rc = tipc_crypto_key_xmit(tx->net, aead->key,
2217 * tipc_crypto_key_xmit - Send a session key
2219 * @skey: the session key to be sent
2220 * @gen: the key's generation
2221 * @mode: the key's mode
2224 * The session key 'skey' is packed in a TIPC v2 'MSG_CRYPTO/KEY_DISTR_MSG'
2254 memcpy(data + TIPC_AEAD_ALG_NAME + sizeof(__be32), skey->key,
2268 * tipc_crypto_key_rcv - Receive a session key
2270 * @hdr: the TIPC v2 message incl. the receiving session key in its data
2272 * This function retrieves the session key in the message from peer, then
2273 * schedules a RX work to attach the key to the corresponding RX crypto.
2275 * Return: "true" if the key has been scheduled for attaching, otherwise
2298 pr_debug("%s: invalid MSG_CRYPTO key size\n", rx->name);
2303 if (unlikely(rx->skey || (key_gen == rx->key_gen && rx->key.keys))) {
2304 pr_err("%s: key existed <%p>, gen %d vs %d\n", rx->name,
2309 /* Allocate memory for the key */
2316 /* Copy key from msg data */
2319 memcpy(skey->key, data + TIPC_AEAD_ALG_NAME + sizeof(__be32),
2332 /* Schedule the key attaching on this crypto */
2343 * The function processes the previous scheduled works i.e. distributing TX key
2344 * or attaching a received session key on RX crypto.
2353 u8 key;
2356 /* Case 1: Distribute TX key to peer if scheduled */
2361 key = tx->key.pending ?: tx->key.active;
2362 rc = tipc_crypto_key_distr(tx, key, rx->node);
2364 pr_warn("%s: unable to distr key[%d] to %s, err %d\n",
2365 tx->name, key, tipc_node_get_id_str(rx->node),
2374 /* Case 2: Attach a pending received session key from peer if any */
2383 /* Resched the key attaching */
2430 * The function processes the previous scheduled work, i.e. key rekeying, by
2431 * generating a new session key based on current one, then attaching it to the
2440 struct tipc_key key = tx->key;
2444 if (unlikely(key.pending))
2447 /* Take current key as a template */
2449 aead = rcu_dereference(tx->aead[key.active ?: KEY_MASTER]);
2452 /* At least one key should exist for securing */
2457 skey = kmemdup(aead->key, tipc_aead_key_size(aead->key), GFP_ATOMIC);
2460 /* Now, generate new key, initiate & distribute it */