| /xnu-11417.101.15/bsd/netinet6/ |
| H A D | esp_chachapoly.c | 73 esp_chachapoly_mature(struct secasvar *sav) in esp_chachapoly_mature() argument
77 ESP_CHECK_ARG(sav); in esp_chachapoly_mature()
79 if ((sav->flags & SADB_X_EXT_OLD) != 0) { in esp_chachapoly_mature()
81 ntohl(sav->spi)); in esp_chachapoly_mature()
84 if ((sav->flags & SADB_X_EXT_DERIV) != 0) { in esp_chachapoly_mature()
86 ntohl(sav->spi)); in esp_chachapoly_mature()
90 if (sav->alg_enc != SADB_X_EALG_CHACHA20POLY1305) { in esp_chachapoly_mature()
92 sav->alg_enc, ntohl(sav->spi)); in esp_chachapoly_mature()
96 if (sav->key_enc == NULL) { in esp_chachapoly_mature()
98 ntohl(sav->spi)); in esp_chachapoly_mature()
[all …]
|
| H A D | esp_core.c | 360 esp_schedule(const struct esp_algorithm *algo, struct secasvar *sav) in esp_schedule() argument
367 if (_KEYBITS(sav->key_enc) < algo->keymin || in esp_schedule()
368 _KEYBITS(sav->key_enc) > algo->keymax) { in esp_schedule()
371 "needs %d to %d bits\n", algo->name, _KEYBITS(sav->key_enc), in esp_schedule()
378 if (sav->sched_enc && sav->schedlen_enc != 0) { in esp_schedule()
384 if (((sav->flags & SADB_X_EXT_IIV) != 0) && in esp_schedule()
385 (sav->alg_enc != SADB_X_EALG_AES_GCM) && in esp_schedule()
386 (sav->alg_enc != SADB_X_EALG_CHACHA20POLY1305)) { in esp_schedule()
413 sav->sched_enc = sched; in esp_schedule()
414 sav->schedlen_enc = schedlen; in esp_schedule()
[all …]
|
| H A D | esp_input.c | 175 esp_input_log(struct mbuf *m, struct secasvar *sav, u_int32_t spi, u_int32_t seq) in esp_input_log() argument
178 (sav->sah->ipsec_if->if_xflags & IFXF_MPK_LOG) == IFXF_MPK_LOG) { in esp_input_log()
226 struct secasvar *sav = NULL; in esp4_input_extended() local
282 if ((sav = key_allocsa(&src, &dst, IPPROTO_ESP, spi, interface)) == 0) { in esp4_input_extended()
291 (uint64_t)VM_KERNEL_ADDRPERM(sav))); in esp4_input_extended()
292 if (sav->state != SADB_SASTATE_MATURE in esp4_input_extended()
293 && sav->state != SADB_SASTATE_DYING) { in esp4_input_extended()
300 algo = esp_algorithm_lookup(sav->alg_enc); in esp4_input_extended()
310 ivlen = sav->ivlen; in esp4_input_extended()
313 ipsec4_logpacketstr(ip, spi), ipsec_logsastr(sav))); in esp4_input_extended()
[all …]
|
| H A D | esp_output.c | 118 int, struct secasvar *sav);
138 struct secasvar *sav; in esp_hdrsiz()
147 sav = isr->sav; in esp_hdrsiz()
153 if (sav == NULL) { in esp_hdrsiz()
156 if (sav->state != SADB_SASTATE_MATURE in esp_hdrsiz()
157 && sav->state != SADB_SASTATE_DYING) { in esp_hdrsiz()
162 algo = esp_algorithm_lookup(sav->alg_enc); in esp_hdrsiz()
166 ivlen = sav->ivlen; in esp_hdrsiz()
178 if (sav->flags & SADB_X_EXT_OLD) { in esp_hdrsiz()
183 aalgo = ah_algorithm_lookup(sav->alg_auth); in esp_hdrsiz()
[all …]
|
| H A D | ah_output.c | 133 if (isr->sav == NULL) { in ah_hdrsiz()
136 if (isr->sav->state != SADB_SASTATE_MATURE in ah_hdrsiz()
137 && isr->sav->state != SADB_SASTATE_DYING) { in ah_hdrsiz()
142 algo = ah_algorithm_lookup(isr->sav->alg_auth); in ah_hdrsiz()
154 hdrsiz = (((*algo->sumsiz)(isr->sav) + 3) & ~(4 - 1)); in ah_hdrsiz()
155 if (isr->sav->flags & SADB_X_EXT_OLD) { in ah_hdrsiz()
185 ah4_output(struct mbuf *m, struct secasvar *sav) in ah4_output() argument
200 if ((sav->flags & SADB_X_EXT_OLD) == 0 && sav->replay[0] == NULL) { in ah4_output()
206 (u_int32_t)ntohl(sav->spi))); in ah4_output()
212 algo = ah_algorithm_lookup(sav->alg_auth); in ah4_output()
[all …]
|
| H A D | ah_input.c | 132 struct secasvar *sav = NULL; in ah4_input() local
166 if ((sav = key_allocsa(&src, &dst, IPPROTO_AH, spi, NULL)) == 0) { in ah4_input()
175 (uint64_t)VM_KERNEL_ADDRPERM(sav))); in ah4_input()
176 if (sav->state != SADB_SASTATE_MATURE in ah4_input()
177 && sav->state != SADB_SASTATE_DYING) { in ah4_input()
185 algo = ah_algorithm_lookup(sav->alg_auth); in ah4_input()
194 siz = (*algo->sumsiz)(sav); in ah4_input()
203 sizoff = (sav->flags & SADB_X_EXT_OLD) ? 0 : 4; in ah4_input()
262 if ((sav->flags & SADB_X_EXT_OLD) == 0 && sav->replay[0] != NULL) { in ah4_input()
263 if (ipsec_chkreplay(ntohl(((struct newah *)ah)->ah_seq), sav, 0)) { in ah4_input()
[all …]
|
| H A D | esp_rijndael.c | 106 struct secasvar *sav) in esp_aes_schedule() argument
109 aes_ctx *ctx = (aes_ctx*)sav->sched_enc; in esp_aes_schedule()
111 …aes_decrypt_key((const unsigned char *) _KEYBUF(sav->key_enc), _KEYLEN(sav->key_enc), &ctx->decryp… in esp_aes_schedule()
112 …aes_encrypt_key((const unsigned char *) _KEYBUF(sav->key_enc), _KEYLEN(sav->key_enc), &ctx->encryp… in esp_aes_schedule()
150 struct secasvar *sav, in esp_cbc_decrypt_aes() argument
174 if (sav->flags & SADB_X_EXT_OLD) { in esp_cbc_decrypt_aes()
321 (aes_decrypt_ctx*)(&(((aes_ctx*)sav->sched_enc)->decrypt))); in esp_cbc_decrypt_aes()
366 struct secasvar *sav, in esp_cbc_encrypt_aes() argument
390 if (sav->flags & SADB_X_EXT_OLD) { in esp_cbc_encrypt_aes()
402 m_copyback(m, (int)ivoff, ivlen, sav->iv); in esp_cbc_encrypt_aes()
[all …]
|
| H A D | ipsec.c | 254 …ic int ipsec6_update_routecache_and_output(struct ipsec_output_state *state, struct secasvar *sav);
255 static int ipsec46_encapsulate(struct ipsec_output_state *state, struct secasvar *sav);
259 int ipsec_send_natt_keepalive(struct secasvar *sav);
260 bool ipsec_fill_offload_frame(ifnet_t ifp, struct secasvar *sav, struct ifnet_keepalive_offload_fra…
1953 if (isr->sav != NULL in ipsec_in_reject()
1954 && isr->sav->flags == SADB_X_EXT_NONE in ipsec_in_reject()
1955 && isr->sav->alg_auth != SADB_AALG_NONE) { in ipsec_in_reject()
2266 ipsec4_encapsulate(struct mbuf *m, struct secasvar *sav) in ipsec4_encapsulate() argument
2274 if (SA(&sav->sah->saidx.src)->sa_family != SA(&sav->sah->saidx.dst)->sa_family in ipsec4_encapsulate()
2275 || SA(&sav->sah->saidx.src)->sa_family != AF_INET) { in ipsec4_encapsulate()
[all …]
|
| H A D | ah_core.c | 205 struct secasvar *sav) in ah_schedule() argument
213 if (sav->sched_auth != NULL && sav->schedlen_auth != 0) { in ah_schedule()
236 sav->sched_auth = sched; in ah_schedule()
237 sav->schedlen_auth = schedlen; in ah_schedule()
239 error = (*algo->schedule)(algo, sav); in ah_schedule()
243 memset(sav->sched_auth, 0, sav->schedlen_auth); in ah_schedule()
244 kfree_data_sized_by(sav->sched_auth, sav->schedlen_auth); in ah_schedule()
251 ah_hmac_mature(struct secasvar *sav) in ah_hmac_mature() argument
255 if (__improbable(sav->key_auth == NULL)) { in ah_hmac_mature()
260 algo = ah_algorithm_lookup(sav->alg_auth); in ah_hmac_mature()
[all …]
|
| /xnu-11417.101.15/bsd/netkey/ |
| H A D | key.c | 347 #define KEY_CHKSASTATE(head, sav, name) \ argument
348 if ((head) != (sav)) { \
350 (name), (head), (sav))); \
539 int ipsec_send_natt_keepalive(struct secasvar *sav);
540 bool ipsec_fill_offload_frame(ifnet_t ifp, struct secasvar *sav, struct ifnet_keepalive_offload_fra…
584 key_get_flowid(struct secasvar *sav) in key_get_flowid() argument
588 struct secashead *sah = sav->sah; in key_get_flowid()
620 ASSERT(sav->spi != 0); in key_get_flowid()
621 fk.ffk_spi = sav->spi;; in key_get_flowid()
625 flowidns_allocate_flowid(FLOWIDNS_DOMAIN_IPSEC, &fk, &sav->flowid); in key_get_flowid()
[all …]
|
| H A D | key_debug.c | 612 kdebug_secasv(sav) in kdebug_secasv() argument
613 struct secasvar *sav; in kdebug_secasv()
616 if (sav == NULL) {
621 kdebug_secasindex(&sav->sah->saidx);
624 sav->refcnt, sav->state, sav->alg_auth, sav->alg_enc);
626 (u_int32_t)ntohl(sav->spi), sav->flags);
628 if (sav->key_auth != NULL) {
629 kdebug_sadb_key((struct sadb_ext *)sav->key_auth);
631 if (sav->key_enc != NULL) {
632 kdebug_sadb_key((struct sadb_ext *)sav->key_enc);
[all …]
|
| H A D | key.h | 66 struct secasvar **sav);
90 extern void key_delsav(struct secasvar *sav);
|
| /xnu-11417.101.15/bsd/netinet/ |
| H A D | ip_input.c | 3707 struct secasvar *__single sav; in ip_forward() local
3735 sav = key_allocsa_policy(&saidx); in ip_forward()
3736 if (sav != NULL) { in ip_forward()
3738 if (sav->sah != NULL) { in ip_forward()
3739 ro = (struct route *)&sav->sah->sa_route; in ip_forward()
3750 key_freesav(sav, KEY_SADB_LOCKED); in ip_forward()
|