linux/drivers/staging/rtl8187se/ieee80211/ieee80211_crypt_ccmp.c
<<
>>
Prefs
   1/*
   2 * Host AP crypt: host-based CCMP encryption implementation for Host AP driver
   3 *
   4 * Copyright (c) 2003-2004, Jouni Malinen <jkmaline@cc.hut.fi>
   5 *
   6 * This program is free software; you can redistribute it and/or modify
   7 * it under the terms of the GNU General Public License version 2 as
   8 * published by the Free Software Foundation. See README and COPYING for
   9 * more details.
  10 */
  11
  12//#include <linux/config.h>
  13#include <linux/module.h>
  14#include <linux/init.h>
  15#include <linux/slab.h>
  16#include <linux/random.h>
  17#include <linux/skbuff.h>
  18#include <linux/netdevice.h>
  19#include <linux/if_ether.h>
  20#include <linux/if_arp.h>
  21#include <asm/string.h>
  22#include <linux/wireless.h>
  23
  24#include "ieee80211.h"
  25
  26#include <linux/crypto.h>
  27#include <linux/scatterlist.h>
  28
  29MODULE_AUTHOR("Jouni Malinen");
  30MODULE_DESCRIPTION("Host AP crypt: CCMP");
  31MODULE_LICENSE("GPL");
  32
  33
  34#define AES_BLOCK_LEN 16
  35#define CCMP_HDR_LEN 8
  36#define CCMP_MIC_LEN 8
  37#define CCMP_TK_LEN 16
  38#define CCMP_PN_LEN 6
  39
  40struct ieee80211_ccmp_data {
  41        u8 key[CCMP_TK_LEN];
  42        int key_set;
  43
  44        u8 tx_pn[CCMP_PN_LEN];
  45        u8 rx_pn[CCMP_PN_LEN];
  46
  47        u32 dot11RSNAStatsCCMPFormatErrors;
  48        u32 dot11RSNAStatsCCMPReplays;
  49        u32 dot11RSNAStatsCCMPDecryptErrors;
  50
  51        int key_idx;
  52
  53        struct crypto_tfm *tfm;
  54
  55        /* scratch buffers for virt_to_page() (crypto API) */
  56        u8 tx_b0[AES_BLOCK_LEN], tx_b[AES_BLOCK_LEN],
  57                tx_e[AES_BLOCK_LEN], tx_s0[AES_BLOCK_LEN];
  58        u8 rx_b0[AES_BLOCK_LEN], rx_b[AES_BLOCK_LEN], rx_a[AES_BLOCK_LEN];
  59};
  60
  61void ieee80211_ccmp_aes_encrypt(struct crypto_tfm *tfm,
  62                             const u8 pt[16], u8 ct[16])
  63{
  64        crypto_cipher_encrypt_one((void *)tfm, ct, pt);
  65}
  66
  67static void * ieee80211_ccmp_init(int key_idx)
  68{
  69        struct ieee80211_ccmp_data *priv;
  70
  71        priv = kzalloc(sizeof(*priv), GFP_ATOMIC);
  72        if (priv == NULL)
  73                goto fail;
  74        priv->key_idx = key_idx;
  75
  76        priv->tfm = (void *)crypto_alloc_cipher("aes", 0, CRYPTO_ALG_ASYNC);
  77        if (IS_ERR(priv->tfm)) {
  78                printk(KERN_DEBUG "ieee80211_crypt_ccmp: could not allocate "
  79                       "crypto API aes\n");
  80                priv->tfm = NULL;
  81                goto fail;
  82        }
  83
  84        return priv;
  85
  86fail:
  87        if (priv) {
  88                if (priv->tfm)
  89                        crypto_free_cipher((void *)priv->tfm);
  90                kfree(priv);
  91        }
  92
  93        return NULL;
  94}
  95
  96
  97static void ieee80211_ccmp_deinit(void *priv)
  98{
  99        struct ieee80211_ccmp_data *_priv = priv;
 100
 101        if (_priv && _priv->tfm)
 102                crypto_free_cipher((void *)_priv->tfm);
 103        kfree(priv);
 104}
 105
 106
 107static inline void xor_block(u8 *b, u8 *a, size_t len)
 108{
 109        int i;
 110        for (i = 0; i < len; i++)
 111                b[i] ^= a[i];
 112}
 113
 114static void ccmp_init_blocks(struct crypto_tfm *tfm,
 115                             struct ieee80211_hdr_4addr *hdr,
 116                             u8 *pn, size_t dlen, u8 *b0, u8 *auth,
 117                             u8 *s0)
 118{
 119        u8 *pos, qc = 0;
 120        size_t aad_len;
 121        u16 fc;
 122        int a4_included, qc_included;
 123        u8 aad[2 * AES_BLOCK_LEN];
 124
 125        fc = le16_to_cpu(hdr->frame_ctl);
 126        a4_included = ((fc & (IEEE80211_FCTL_TODS | IEEE80211_FCTL_FROMDS)) ==
 127                       (IEEE80211_FCTL_TODS | IEEE80211_FCTL_FROMDS));
 128        /*
 129        qc_included = ((WLAN_FC_GET_TYPE(fc) == IEEE80211_FTYPE_DATA) &&
 130                       (WLAN_FC_GET_STYPE(fc) & 0x08));
 131        */
 132        // fixed by David :2006.9.6
 133        qc_included = ((WLAN_FC_GET_TYPE(fc) == IEEE80211_FTYPE_DATA) &&
 134                       (WLAN_FC_GET_STYPE(fc) & 0x80));
 135        aad_len = 22;
 136        if (a4_included)
 137                aad_len += 6;
 138        if (qc_included) {
 139                pos = (u8 *) &hdr->addr4;
 140                if (a4_included)
 141                        pos += 6;
 142                qc = *pos & 0x0f;
 143                aad_len += 2;
 144        }
 145        /* CCM Initial Block:
 146         * Flag (Include authentication header, M=3 (8-octet MIC),
 147         *       L=1 (2-octet Dlen))
 148         * Nonce: 0x00 | A2 | PN
 149         * Dlen */
 150        b0[0] = 0x59;
 151        b0[1] = qc;
 152        memcpy(b0 + 2, hdr->addr2, ETH_ALEN);
 153        memcpy(b0 + 8, pn, CCMP_PN_LEN);
 154        b0[14] = (dlen >> 8) & 0xff;
 155        b0[15] = dlen & 0xff;
 156
 157        /* AAD:
 158         * FC with bits 4..6 and 11..13 masked to zero; 14 is always one
 159         * A1 | A2 | A3
 160         * SC with bits 4..15 (seq#) masked to zero
 161         * A4 (if present)
 162         * QC (if present)
 163         */
 164        pos = (u8 *) hdr;
 165        aad[0] = 0; /* aad_len >> 8 */
 166        aad[1] = aad_len & 0xff;
 167        aad[2] = pos[0] & 0x8f;
 168        aad[3] = pos[1] & 0xc7;
 169        memcpy(aad + 4, hdr->addr1, 3 * ETH_ALEN);
 170        pos = (u8 *) &hdr->seq_ctl;
 171        aad[22] = pos[0] & 0x0f;
 172        aad[23] = 0; /* all bits masked */
 173        memset(aad + 24, 0, 8);
 174        if (a4_included)
 175                memcpy(aad + 24, hdr->addr4, ETH_ALEN);
 176        if (qc_included) {
 177                aad[a4_included ? 30 : 24] = qc;
 178                /* rest of QC masked */
 179        }
 180
 181        /* Start with the first block and AAD */
 182        ieee80211_ccmp_aes_encrypt(tfm, b0, auth);
 183        xor_block(auth, aad, AES_BLOCK_LEN);
 184        ieee80211_ccmp_aes_encrypt(tfm, auth, auth);
 185        xor_block(auth, &aad[AES_BLOCK_LEN], AES_BLOCK_LEN);
 186        ieee80211_ccmp_aes_encrypt(tfm, auth, auth);
 187        b0[0] &= 0x07;
 188        b0[14] = b0[15] = 0;
 189        ieee80211_ccmp_aes_encrypt(tfm, b0, s0);
 190}
 191
 192static int ieee80211_ccmp_encrypt(struct sk_buff *skb, int hdr_len, void *priv)
 193{
 194        struct ieee80211_ccmp_data *key = priv;
 195        int data_len, i;
 196        u8 *pos;
 197        struct ieee80211_hdr_4addr *hdr;
 198        int blocks, last, len;
 199        u8 *mic;
 200        u8 *b0 = key->tx_b0;
 201        u8 *b = key->tx_b;
 202        u8 *e = key->tx_e;
 203        u8 *s0 = key->tx_s0;
 204
 205        if (skb_headroom(skb) < CCMP_HDR_LEN ||
 206            skb_tailroom(skb) < CCMP_MIC_LEN ||
 207            skb->len < hdr_len)
 208                return -1;
 209
 210        data_len = skb->len - hdr_len;
 211        pos = skb_push(skb, CCMP_HDR_LEN);
 212        memmove(pos, pos + CCMP_HDR_LEN, hdr_len);
 213        pos += hdr_len;
 214//      mic = skb_put(skb, CCMP_MIC_LEN);
 215
 216        i = CCMP_PN_LEN - 1;
 217        while (i >= 0) {
 218                key->tx_pn[i]++;
 219                if (key->tx_pn[i] != 0)
 220                        break;
 221                i--;
 222        }
 223
 224        *pos++ = key->tx_pn[5];
 225        *pos++ = key->tx_pn[4];
 226        *pos++ = 0;
 227        *pos++ = (key->key_idx << 6) | (1 << 5) /* Ext IV included */;
 228        *pos++ = key->tx_pn[3];
 229        *pos++ = key->tx_pn[2];
 230        *pos++ = key->tx_pn[1];
 231        *pos++ = key->tx_pn[0];
 232
 233        hdr = (struct ieee80211_hdr_4addr *)skb->data;
 234        //mic is moved to here by john
 235        mic = skb_put(skb, CCMP_MIC_LEN);
 236
 237        ccmp_init_blocks(key->tfm, hdr, key->tx_pn, data_len, b0, b, s0);
 238
 239        blocks = (data_len + AES_BLOCK_LEN - 1) / AES_BLOCK_LEN;
 240        last = data_len % AES_BLOCK_LEN;
 241
 242        for (i = 1; i <= blocks; i++) {
 243                len = (i == blocks && last) ? last : AES_BLOCK_LEN;
 244                /* Authentication */
 245                xor_block(b, pos, len);
 246                ieee80211_ccmp_aes_encrypt(key->tfm, b, b);
 247                /* Encryption, with counter */
 248                b0[14] = (i >> 8) & 0xff;
 249                b0[15] = i & 0xff;
 250                ieee80211_ccmp_aes_encrypt(key->tfm, b0, e);
 251                xor_block(pos, e, len);
 252                pos += len;
 253        }
 254
 255        for (i = 0; i < CCMP_MIC_LEN; i++)
 256                mic[i] = b[i] ^ s0[i];
 257
 258        return 0;
 259}
 260
 261
 262static int ieee80211_ccmp_decrypt(struct sk_buff *skb, int hdr_len, void *priv)
 263{
 264        struct ieee80211_ccmp_data *key = priv;
 265        u8 keyidx, *pos;
 266        struct ieee80211_hdr_4addr *hdr;
 267        u8 pn[6];
 268        size_t data_len = skb->len - hdr_len - CCMP_HDR_LEN - CCMP_MIC_LEN;
 269        u8 *mic = skb->data + skb->len - CCMP_MIC_LEN;
 270        u8 *b0 = key->rx_b0;
 271        u8 *b = key->rx_b;
 272        u8 *a = key->rx_a;
 273        int i, blocks, last, len;
 274
 275        if (skb->len < hdr_len + CCMP_HDR_LEN + CCMP_MIC_LEN) {
 276                key->dot11RSNAStatsCCMPFormatErrors++;
 277                return -1;
 278        }
 279
 280        hdr = (struct ieee80211_hdr_4addr *)skb->data;
 281        pos = skb->data + hdr_len;
 282        keyidx = pos[3];
 283        if (!(keyidx & (1 << 5))) {
 284                if (net_ratelimit()) {
 285                        printk(KERN_DEBUG "CCMP: received packet without ExtIV"
 286                               " flag from %pM\n", hdr->addr2);
 287                }
 288                key->dot11RSNAStatsCCMPFormatErrors++;
 289                return -2;
 290        }
 291        keyidx >>= 6;
 292        if (key->key_idx != keyidx) {
 293                printk(KERN_DEBUG "CCMP: RX tkey->key_idx=%d frame "
 294                       "keyidx=%d priv=%p\n", key->key_idx, keyidx, priv);
 295                return -6;
 296        }
 297        if (!key->key_set) {
 298                if (net_ratelimit()) {
 299                        printk(KERN_DEBUG "CCMP: received packet from %pM"
 300                               " with keyid=%d that does not have a configured"
 301                               " key\n", hdr->addr2, keyidx);
 302                }
 303                return -3;
 304        }
 305
 306        pn[0] = pos[7];
 307        pn[1] = pos[6];
 308        pn[2] = pos[5];
 309        pn[3] = pos[4];
 310        pn[4] = pos[1];
 311        pn[5] = pos[0];
 312        pos += 8;
 313
 314        if (memcmp(pn, key->rx_pn, CCMP_PN_LEN) <= 0) {
 315                if (net_ratelimit()) {
 316                        printk(KERN_DEBUG "CCMP: replay detected: STA=%pM"
 317                               " previous PN %pm received PN %pm\n",
 318                               hdr->addr2, key->rx_pn, pn);
 319                }
 320                key->dot11RSNAStatsCCMPReplays++;
 321                return -4;
 322        }
 323
 324        ccmp_init_blocks(key->tfm, hdr, pn, data_len, b0, a, b);
 325        xor_block(mic, b, CCMP_MIC_LEN);
 326
 327        blocks = (data_len + AES_BLOCK_LEN - 1) / AES_BLOCK_LEN;
 328        last = data_len % AES_BLOCK_LEN;
 329
 330        for (i = 1; i <= blocks; i++) {
 331                len = (i == blocks && last) ? last : AES_BLOCK_LEN;
 332                /* Decrypt, with counter */
 333                b0[14] = (i >> 8) & 0xff;
 334                b0[15] = i & 0xff;
 335                ieee80211_ccmp_aes_encrypt(key->tfm, b0, b);
 336                xor_block(pos, b, len);
 337                /* Authentication */
 338                xor_block(a, pos, len);
 339                ieee80211_ccmp_aes_encrypt(key->tfm, a, a);
 340                pos += len;
 341        }
 342
 343        if (memcmp(mic, a, CCMP_MIC_LEN) != 0) {
 344                if (net_ratelimit()) {
 345                        printk(KERN_DEBUG "CCMP: decrypt failed: STA="
 346                               "%pM\n", hdr->addr2);
 347                }
 348                key->dot11RSNAStatsCCMPDecryptErrors++;
 349                return -5;
 350        }
 351
 352        memcpy(key->rx_pn, pn, CCMP_PN_LEN);
 353
 354        /* Remove hdr and MIC */
 355        memmove(skb->data + CCMP_HDR_LEN, skb->data, hdr_len);
 356        skb_pull(skb, CCMP_HDR_LEN);
 357        skb_trim(skb, skb->len - CCMP_MIC_LEN);
 358
 359        return keyidx;
 360}
 361
 362
 363static int ieee80211_ccmp_set_key(void *key, int len, u8 *seq, void *priv)
 364{
 365        struct ieee80211_ccmp_data *data = priv;
 366        int keyidx;
 367        struct crypto_tfm *tfm = data->tfm;
 368
 369        keyidx = data->key_idx;
 370        memset(data, 0, sizeof(*data));
 371        data->key_idx = keyidx;
 372        data->tfm = tfm;
 373        if (len == CCMP_TK_LEN) {
 374                memcpy(data->key, key, CCMP_TK_LEN);
 375                data->key_set = 1;
 376                if (seq) {
 377                        data->rx_pn[0] = seq[5];
 378                        data->rx_pn[1] = seq[4];
 379                        data->rx_pn[2] = seq[3];
 380                        data->rx_pn[3] = seq[2];
 381                        data->rx_pn[4] = seq[1];
 382                        data->rx_pn[5] = seq[0];
 383                }
 384                crypto_cipher_setkey((void *)data->tfm, data->key, CCMP_TK_LEN);
 385        } else if (len == 0)
 386                data->key_set = 0;
 387        else
 388                return -1;
 389
 390        return 0;
 391}
 392
 393
 394static int ieee80211_ccmp_get_key(void *key, int len, u8 *seq, void *priv)
 395{
 396        struct ieee80211_ccmp_data *data = priv;
 397
 398        if (len < CCMP_TK_LEN)
 399                return -1;
 400
 401        if (!data->key_set)
 402                return 0;
 403        memcpy(key, data->key, CCMP_TK_LEN);
 404
 405        if (seq) {
 406                seq[0] = data->tx_pn[5];
 407                seq[1] = data->tx_pn[4];
 408                seq[2] = data->tx_pn[3];
 409                seq[3] = data->tx_pn[2];
 410                seq[4] = data->tx_pn[1];
 411                seq[5] = data->tx_pn[0];
 412        }
 413
 414        return CCMP_TK_LEN;
 415}
 416
 417
 418static char * ieee80211_ccmp_print_stats(char *p, void *priv)
 419{
 420        struct ieee80211_ccmp_data *ccmp = priv;
 421        p += sprintf(p, "key[%d] alg=CCMP key_set=%d "
 422                     "tx_pn=%pm rx_pn=%pm "
 423                     "format_errors=%d replays=%d decrypt_errors=%d\n",
 424                     ccmp->key_idx, ccmp->key_set,
 425                     ccmp->tx_pn, ccmp->rx_pn,
 426                     ccmp->dot11RSNAStatsCCMPFormatErrors,
 427                     ccmp->dot11RSNAStatsCCMPReplays,
 428                     ccmp->dot11RSNAStatsCCMPDecryptErrors);
 429
 430        return p;
 431}
 432
 433void ieee80211_ccmp_null(void)
 434{
 435//    printk("============>%s()\n", __func__);
 436        return;
 437}
 438static struct ieee80211_crypto_ops ieee80211_crypt_ccmp = {
 439        .name                   = "CCMP",
 440        .init                   = ieee80211_ccmp_init,
 441        .deinit                 = ieee80211_ccmp_deinit,
 442        .encrypt_mpdu           = ieee80211_ccmp_encrypt,
 443        .decrypt_mpdu           = ieee80211_ccmp_decrypt,
 444        .encrypt_msdu           = NULL,
 445        .decrypt_msdu           = NULL,
 446        .set_key                = ieee80211_ccmp_set_key,
 447        .get_key                = ieee80211_ccmp_get_key,
 448        .print_stats            = ieee80211_ccmp_print_stats,
 449        .extra_prefix_len       = CCMP_HDR_LEN,
 450        .extra_postfix_len      = CCMP_MIC_LEN,
 451        .owner                  = THIS_MODULE,
 452};
 453
 454
 455int ieee80211_crypto_ccmp_init(void)
 456{
 457        return ieee80211_register_crypto_ops(&ieee80211_crypt_ccmp);
 458}
 459
 460
 461void ieee80211_crypto_ccmp_exit(void)
 462{
 463        ieee80211_unregister_crypto_ops(&ieee80211_crypt_ccmp);
 464}
 465
lxr.linux.no kindly hosted by Redpill Linpro AS, provider of Linux consulting and operations services since 1995.