1 /**
2 * @file
3 *
4 * Reference implementation of the TCP ISN algorithm standardized in RFC 6528.
5 * Produce TCP Initial Sequence Numbers by combining an MD5-generated hash
6 * based on the new TCP connection's identity and a stable secret, with the
7 * current time at 4-microsecond granularity.
8 *
9 * Specifically, the implementation uses MD5 to compute a hash of the input
10 * buffer, which contains both the four-tuple of the new TCP connection (local
11 * and remote IP address and port), as well as a 16-byte secret to make the
12 * results unpredictable to external parties. The secret must be given at
13 * initialization time and should ideally remain the same across system
14 * reboots. To be sure: the spoofing-resistance of the resulting ISN depends
15 * mainly on the strength of the supplied secret!
16 *
17 * The implementation takes 32 bits from the computed hash, and adds to it the
18 * current time, in 4-microsecond units. The current time is computed from a
19 * boot time given at initialization, and the current uptime as provided by
20 * sys_now(). Thus, it assumes that sys_now() returns a time value that is
21 * relative to the boot time, i.e., that it starts at 0 at system boot, and
22 * only ever increases monotonically.
23 *
24 * For efficiency reasons, a single MD5 input buffer is used, and partially
25 * filled in at initialization time. Specifically, of this 64-byte buffer, the
26 * first 36 bytes are used for the four-way TCP tuple data, followed by the
27 * 16-byte secret, followed by 12-byte zero padding. The 64-byte size of the
28 * buffer should achieve the best performance for the actual MD5 computation.
29 *
30 * Basic usage:
31 *
32 * 1. in your lwipopts.h, add the following lines:
33 *
34 * #include <lwip/arch.h>
35 * struct ip_addr;
36 * u32_t lwip_hook_tcp_isn(const struct ip_addr *local_ip, u16_t local_port,
37 * const struct ip_addr *remote_ip, u16_t remote_port);
38 * "#define LWIP_HOOK_TCP_ISN lwip_hook_tcp_isn";
39 *
40 * 2. from your own code, call lwip_init_tcp_isn() at initialization time, with
41 * appropriate parameters.
42 */
43
44 /*
45 * Copyright (c) 2016 The MINIX 3 Project.
46 * All rights reserved.
47 *
48 * Redistribution and use in source and binary forms, with or without modification,
49 * are permitted provided that the following conditions are met:
50 *
51 * 1. Redistributions of source code must retain the above copyright notice,
52 * this list of conditions and the following disclaimer.
53 * 2. Redistributions in binary form must reproduce the above copyright notice,
54 * this list of conditions and the following disclaimer in the documentation
55 * and/or other materials provided with the distribution.
56 * 3. The name of the author may not be used to endorse or promote products
57 * derived from this software without specific prior written permission.
58 *
59 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED
60 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
61 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT
62 * SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
63 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
64 * OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
65 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
66 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
67 * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY
68 * OF SUCH DAMAGE.
69 *
70 * Author: David van Moolenbroek <david@minix3.org>
71 */
72
73 #include "lwip_default_hooks.h"
74 #include "lwip/ip_addr.h"
75 #include "lwip/sys.h"
76 #include <string.h>
77 #include "esp_rom_md5.h"
78
79 #ifdef CONFIG_LWIP_HOOK_TCP_ISN_DEFAULT
80
81 static u8_t input[64];
82 static u32_t base_time;
83
84 /**
85 * Initialize the TCP ISN module, with the boot time and a secret.
86 *
87 * @param boot_time Wall clock boot time of the system, in seconds.
88 * @param secret_16_bytes A 16-byte secret used to randomize the TCP ISNs.
89 */
90 void
lwip_init_tcp_isn(u32_t boot_time,const u8_t * secret_16_bytes)91 lwip_init_tcp_isn(u32_t boot_time, const u8_t *secret_16_bytes)
92 {
93 /* Initialize the input buffer with the secret and trailing zeroes. */
94 memset(input, 0, sizeof(input));
95
96 MEMCPY(&input[36], secret_16_bytes, 16);
97
98 /* Save the boot time in 4-us units. Overflow is no problem here. */
99 base_time = boot_time * 250000;
100 }
101
102 /**
103 * Hook to generate an Initial Sequence Number (ISN) for a new TCP connection.
104 *
105 * @param local_ip The local IP address.
106 * @param local_port The local port number, in host-byte order.
107 * @param remote_ip The remote IP address.
108 * @param remote_port The remote port number, in host-byte order.
109 * @return The ISN to use for the new TCP connection.
110 */
111 u32_t
lwip_hook_tcp_isn(const ip_addr_t * local_ip,u16_t local_port,const ip_addr_t * remote_ip,u16_t remote_port)112 lwip_hook_tcp_isn(const ip_addr_t *local_ip, u16_t local_port,
113 const ip_addr_t *remote_ip, u16_t remote_port)
114 {
115 u8_t output[16];
116 u32_t isn;
117
118 #if LWIP_IPV4 && LWIP_IPV6
119 if (IP_IS_V6(local_ip))
120 #endif /* LWIP_IPV4 && LWIP_IPV6 */
121 #if LWIP_IPV6
122 {
123 const ip6_addr_t *local_ip6, *remote_ip6;
124
125 local_ip6 = ip_2_ip6(local_ip);
126 remote_ip6 = ip_2_ip6(remote_ip);
127
128 SMEMCPY(&input[0], &local_ip6->addr, 16);
129 SMEMCPY(&input[16], &remote_ip6->addr, 16);
130 }
131 #endif /* LWIP_IPV6 */
132 #if LWIP_IPV4 && LWIP_IPV6
133 else
134 #endif /* LWIP_IPV4 && LWIP_IPV6 */
135 #if LWIP_IPV4
136 {
137 const ip4_addr_t *local_ip4, *remote_ip4;
138
139 local_ip4 = ip_2_ip4(local_ip);
140 remote_ip4 = ip_2_ip4(remote_ip);
141
142 /* Represent IPv4 addresses as IPv4-mapped IPv6 addresses, to ensure that
143 * the IPv4 and IPv6 address spaces are completely disjoint. */
144 memset(&input[0], 0, 10);
145 input[10] = 0xff;
146 input[11] = 0xff;
147 SMEMCPY(&input[12], &local_ip4->addr, 4);
148 memset(&input[16], 0, 10);
149 input[26] = 0xff;
150 input[27] = 0xff;
151 SMEMCPY(&input[28], &remote_ip4->addr, 4);
152 }
153 #endif /* LWIP_IPV4 */
154
155 input[32] = (u8_t)(local_port >> 8);
156 input[33] = (u8_t)(local_port & 0xff);
157 input[34] = (u8_t)(remote_port >> 8);
158 input[35] = (u8_t)(remote_port & 0xff);
159
160 /* The secret and padding are already filled in. */
161
162 /*
163 * Generate the hash using ROM MD5 APIs
164 * This hook is invoked in the context of TCP/IP (tiT) task and
165 * it is unlikely that its stack would be placed in SPIRAM. Hence
166 * even with SPIRAM enabled case and ESP32 revision < 3, using ROM
167 * APIs should not create any issues.
168 */
169 #if CONFIG_SPIRAM_ALLOW_STACK_EXTERNAL_MEMORY
170 assert(!esp_ptr_external_ram(esp_cpu_get_sp()));
171 #endif
172
173 struct MD5Context ctx;
174 esp_rom_md5_init(&ctx);
175 esp_rom_md5_update(&ctx, input, sizeof(input));
176 esp_rom_md5_final(output, &ctx);
177
178 /* Arbitrarily take the first 32 bits from the generated hash. */
179 MEMCPY(&isn, output, sizeof(isn));
180
181 /* Add the current time in 4-microsecond units. */
182 return isn + base_time + sys_now() * 250;
183 }
184
185 #endif /* LWIP_HOOK_TCP_ISN */
186
