This series adds MAC authentication support to the Babel protocol as specified in by the IETF Babel working group in draft-babel-hmac-10:
https://tools.ietf.org/html/draft-ietf-babel-hmac-10 An initial RFC patch series was posted here in July 2018[0]. Since then, the protocol specification has progressed through the IETF, to the point where it is now in the IESG publication queue as a proposed standard RFC. This version of the patch series updates the implementation to correspond to the final version of the draft, and also addresses the review comments from the initial RFC patch. The major changes are: Major updates to the specification (for a full list see the draft appendix): - Added Blake2s as a recommended algorithm - Updated terminology to use MAC everywhere instead of HMAC (since Blake is not an HMAC algorithm). - Added expiration of neighbours and rate limiting of challenge replies - Update TLV type numbers after IANA allocation In addition, the following changes have been made to the implementation: - Add wrapper function to bird sysdep code to pick a suitable source of random bytes - Import reference Blake2 implementations into lib/ - Rename function names and data structures to use an auth_ prefix instead of hmac_ - Perform a separate authentication pass before parsing the packet, and move the authentication-related code to its own source file - Enforce key length recommendation from the specification - Add a 'permissive' configuration mode where outgoing packets are signed but incoming packets are accepted even though they fail authentication - Add user documentation for the authentication configuration, and function docstrings to the main authentication functions - Fix a bunch of nits and code style issues I have performed basic interoperability testing between this implementation and the current babeld HMAC implementation[1]. The two implementations were able to successfully exchange authenticated messages with both HMAC-256 and Blake2s keys. Given the above, and the close-to-final state of the specification at the IETF, I believe this series is ready for merging (subject to review, of course). For those wanting to test the code, a version of Bird with this series applied is available on Github[2] for easy consumption. Cheers, -Toke [0] http://trubka.network.cz/pipermail/bird-users/2018-July/012536.html [1] https://github.com/jech/babeld/pull/52 [2] https://github.com/tohojo/bird/tree/babel-mac-01 --- Toke Høiland-Jørgensen (4): sysdep: Add wrapper to get random bytes nest: Add Blake2s and Blake2b hash functions babel: Refactor packet parsing code for reuse in authentication checks babel: Add MAC authentication support aclocal.m4 | 49 ++++ conf/conf.c | 1 configure.ac | 15 + doc/bird.sgml | 38 +++ lib/Makefile | 2 lib/birdlib.h | 2 lib/blake2-impl.h | 160 +++++++++++++ lib/blake2-ref.h | 112 +++++++++ lib/blake2.c | 46 ++++ lib/blake2.h | 67 ++++++ lib/blake2b-ref.c | 270 ++++++++++++++++++++++ lib/blake2s-ref.c | 263 ++++++++++++++++++++++ lib/mac.c | 7 + lib/mac.h | 2 nest/config.Y | 4 proto/babel/Doc | 1 proto/babel/Makefile | 4 proto/babel/auth.c | 593 +++++++++++++++++++++++++++++++++++++++++++++++++ proto/babel/babel.c | 33 ++- proto/babel/babel.h | 54 ++++ proto/babel/config.Y | 38 +++ proto/babel/packets.c | 294 +++++++++++++----------- proto/babel/packets.h | 96 ++++++++ sysdep/unix/random.c | 78 ++++++ 24 files changed, 2068 insertions(+), 161 deletions(-) create mode 100644 lib/blake2-impl.h create mode 100644 lib/blake2-ref.h create mode 100644 lib/blake2.c create mode 100644 lib/blake2.h create mode 100644 lib/blake2b-ref.c create mode 100644 lib/blake2s-ref.c create mode 100644 proto/babel/auth.c create mode 100644 proto/babel/packets.h
