linux/net/mac80211/wpa.c
<<
>>
Prefs
   1/*
   2 * Copyright 2002-2004, Instant802 Networks, Inc.
   3 * Copyright 2008, Jouni Malinen <j@w1.fi>
   4 *
   5 * This program is free software; you can redistribute it and/or modify
   6 * it under the terms of the GNU General Public License version 2 as
   7 * published by the Free Software Foundation.
   8 */
   9
  10#include <linux/netdevice.h>
  11#include <linux/types.h>
  12#include <linux/skbuff.h>
  13#include <linux/compiler.h>
  14#include <linux/ieee80211.h>
  15#include <linux/gfp.h>
  16#include <asm/unaligned.h>
  17#include <net/mac80211.h>
  18#include <crypto/aes.h>
  19
  20#include "ieee80211_i.h"
  21#include "michael.h"
  22#include "tkip.h"
  23#include "aes_ccm.h"
  24#include "aes_cmac.h"
  25#include "wpa.h"
  26
  27ieee80211_tx_result
  28ieee80211_tx_h_michael_mic_add(struct ieee80211_tx_data *tx)
  29{
  30        u8 *data, *key, *mic;
  31        size_t data_len;
  32        unsigned int hdrlen;
  33        struct ieee80211_hdr *hdr;
  34        struct sk_buff *skb = tx->skb;
  35        struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
  36        int tail;
  37
  38        hdr = (struct ieee80211_hdr *)skb->data;
  39        if (!tx->key || tx->key->conf.cipher != WLAN_CIPHER_SUITE_TKIP ||
  40            skb->len < 24 || !ieee80211_is_data_present(hdr->frame_control))
  41                return TX_CONTINUE;
  42
  43        hdrlen = ieee80211_hdrlen(hdr->frame_control);
  44        if (skb->len < hdrlen)
  45                return TX_DROP;
  46
  47        data = skb->data + hdrlen;
  48        data_len = skb->len - hdrlen;
  49
  50        if (unlikely(info->flags & IEEE80211_TX_INTFL_TKIP_MIC_FAILURE)) {
  51                /* Need to use software crypto for the test */
  52                info->control.hw_key = NULL;
  53        }
  54
  55        if (info->control.hw_key &&
  56            (info->flags & IEEE80211_TX_CTL_DONTFRAG ||
  57             tx->local->ops->set_frag_threshold) &&
  58            !(tx->key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_MMIC)) {
  59                /* hwaccel - with no need for SW-generated MMIC */
  60                return TX_CONTINUE;
  61        }
  62
  63        tail = MICHAEL_MIC_LEN;
  64        if (!info->control.hw_key)
  65                tail += TKIP_ICV_LEN;
  66
  67        if (WARN_ON(skb_tailroom(skb) < tail ||
  68                    skb_headroom(skb) < TKIP_IV_LEN))
  69                return TX_DROP;
  70
  71        key = &tx->key->conf.key[NL80211_TKIP_DATA_OFFSET_TX_MIC_KEY];
  72        mic = skb_put(skb, MICHAEL_MIC_LEN);
  73        michael_mic(key, hdr, data, data_len, mic);
  74        if (unlikely(info->flags & IEEE80211_TX_INTFL_TKIP_MIC_FAILURE))
  75                mic[0]++;
  76
  77        return TX_CONTINUE;
  78}
  79
  80
  81ieee80211_rx_result
  82ieee80211_rx_h_michael_mic_verify(struct ieee80211_rx_data *rx)
  83{
  84        u8 *data, *key = NULL;
  85        size_t data_len;
  86        unsigned int hdrlen;
  87        u8 mic[MICHAEL_MIC_LEN];
  88        struct sk_buff *skb = rx->skb;
  89        struct ieee80211_rx_status *status = IEEE80211_SKB_RXCB(skb);
  90        struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
  91
  92        /*
  93         * it makes no sense to check for MIC errors on anything other
  94         * than data frames.
  95         */
  96        if (!ieee80211_is_data_present(hdr->frame_control))
  97                return RX_CONTINUE;
  98
  99        /*
 100         * No way to verify the MIC if the hardware stripped it or
 101         * the IV with the key index. In this case we have solely rely
 102         * on the driver to set RX_FLAG_MMIC_ERROR in the event of a
 103         * MIC failure report.
 104         */
 105        if (status->flag & (RX_FLAG_MMIC_STRIPPED | RX_FLAG_IV_STRIPPED)) {
 106                if (status->flag & RX_FLAG_MMIC_ERROR)
 107                        goto mic_fail;
 108
 109                if (!(status->flag & RX_FLAG_IV_STRIPPED) && rx->key)
 110                        goto update_iv;
 111
 112                return RX_CONTINUE;
 113        }
 114
 115        /*
 116         * Some hardware seems to generate Michael MIC failure reports; even
 117         * though, the frame was not encrypted with TKIP and therefore has no
 118         * MIC. Ignore the flag them to avoid triggering countermeasures.
 119         */
 120        if (!rx->key || rx->key->conf.cipher != WLAN_CIPHER_SUITE_TKIP ||
 121            !(status->flag & RX_FLAG_DECRYPTED))
 122                return RX_CONTINUE;
 123
 124        if (rx->sdata->vif.type == NL80211_IFTYPE_AP && rx->key->conf.keyidx) {
 125                /*
 126                 * APs with pairwise keys should never receive Michael MIC
 127                 * errors for non-zero keyidx because these are reserved for
 128                 * group keys and only the AP is sending real multicast
 129                 * frames in the BSS. (
 130                 */
 131                return RX_DROP_UNUSABLE;
 132        }
 133
 134        if (status->flag & RX_FLAG_MMIC_ERROR)
 135                goto mic_fail;
 136
 137        hdrlen = ieee80211_hdrlen(hdr->frame_control);
 138        if (skb->len < hdrlen + MICHAEL_MIC_LEN)
 139                return RX_DROP_UNUSABLE;
 140
 141        data = skb->data + hdrlen;
 142        data_len = skb->len - hdrlen - MICHAEL_MIC_LEN;
 143        key = &rx->key->conf.key[NL80211_TKIP_DATA_OFFSET_RX_MIC_KEY];
 144        michael_mic(key, hdr, data, data_len, mic);
 145        if (memcmp(mic, data + data_len, MICHAEL_MIC_LEN) != 0)
 146                goto mic_fail;
 147
 148        /* remove Michael MIC from payload */
 149        skb_trim(skb, skb->len - MICHAEL_MIC_LEN);
 150
 151update_iv:
 152        /* update IV in key information to be able to detect replays */
 153        rx->key->u.tkip.rx[rx->security_idx].iv32 = rx->tkip_iv32;
 154        rx->key->u.tkip.rx[rx->security_idx].iv16 = rx->tkip_iv16;
 155
 156        return RX_CONTINUE;
 157
 158mic_fail:
 159        /*
 160         * In some cases the key can be unset - e.g. a multicast packet, in
 161         * a driver that supports HW encryption. Send up the key idx only if
 162         * the key is set.
 163         */
 164        mac80211_ev_michael_mic_failure(rx->sdata,
 165                                        rx->key ? rx->key->conf.keyidx : -1,
 166                                        (void *) skb->data, NULL, GFP_ATOMIC);
 167        return RX_DROP_UNUSABLE;
 168}
 169
 170
 171static int tkip_encrypt_skb(struct ieee80211_tx_data *tx, struct sk_buff *skb)
 172{
 173        struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
 174        struct ieee80211_key *key = tx->key;
 175        struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
 176        unsigned long flags;
 177        unsigned int hdrlen;
 178        int len, tail;
 179        u8 *pos;
 180
 181        if (info->control.hw_key &&
 182            !(info->control.hw_key->flags & IEEE80211_KEY_FLAG_GENERATE_IV)) {
 183                /* hwaccel - with no need for software-generated IV */
 184                return 0;
 185        }
 186
 187        hdrlen = ieee80211_hdrlen(hdr->frame_control);
 188        len = skb->len - hdrlen;
 189
 190        if (info->control.hw_key)
 191                tail = 0;
 192        else
 193                tail = TKIP_ICV_LEN;
 194
 195        if (WARN_ON(skb_tailroom(skb) < tail ||
 196                    skb_headroom(skb) < TKIP_IV_LEN))
 197                return -1;
 198
 199        pos = skb_push(skb, TKIP_IV_LEN);
 200        memmove(pos, pos + TKIP_IV_LEN, hdrlen);
 201        pos += hdrlen;
 202
 203        /* Increase IV for the frame */
 204        spin_lock_irqsave(&key->u.tkip.txlock, flags);
 205        key->u.tkip.tx.iv16++;
 206        if (key->u.tkip.tx.iv16 == 0)
 207                key->u.tkip.tx.iv32++;
 208        pos = ieee80211_tkip_add_iv(pos, key);
 209        spin_unlock_irqrestore(&key->u.tkip.txlock, flags);
 210
 211        /* hwaccel - with software IV */
 212        if (info->control.hw_key)
 213                return 0;
 214
 215        /* Add room for ICV */
 216        skb_put(skb, TKIP_ICV_LEN);
 217
 218        return ieee80211_tkip_encrypt_data(tx->local->wep_tx_tfm,
 219                                           key, skb, pos, len);
 220}
 221
 222
 223ieee80211_tx_result
 224ieee80211_crypto_tkip_encrypt(struct ieee80211_tx_data *tx)
 225{
 226        struct sk_buff *skb;
 227
 228        ieee80211_tx_set_protected(tx);
 229
 230        skb_queue_walk(&tx->skbs, skb) {
 231                if (tkip_encrypt_skb(tx, skb) < 0)
 232                        return TX_DROP;
 233        }
 234
 235        return TX_CONTINUE;
 236}
 237
 238
 239ieee80211_rx_result
 240ieee80211_crypto_tkip_decrypt(struct ieee80211_rx_data *rx)
 241{
 242        struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) rx->skb->data;
 243        int hdrlen, res, hwaccel = 0;
 244        struct ieee80211_key *key = rx->key;
 245        struct sk_buff *skb = rx->skb;
 246        struct ieee80211_rx_status *status = IEEE80211_SKB_RXCB(skb);
 247
 248        hdrlen = ieee80211_hdrlen(hdr->frame_control);
 249
 250        if (!ieee80211_is_data(hdr->frame_control))
 251                return RX_CONTINUE;
 252
 253        if (!rx->sta || skb->len - hdrlen < 12)
 254                return RX_DROP_UNUSABLE;
 255
 256        /*
 257         * Let TKIP code verify IV, but skip decryption.
 258         * In the case where hardware checks the IV as well,
 259         * we don't even get here, see ieee80211_rx_h_decrypt()
 260         */
 261        if (status->flag & RX_FLAG_DECRYPTED)
 262                hwaccel = 1;
 263
 264        res = ieee80211_tkip_decrypt_data(rx->local->wep_rx_tfm,
 265                                          key, skb->data + hdrlen,
 266                                          skb->len - hdrlen, rx->sta->sta.addr,
 267                                          hdr->addr1, hwaccel, rx->security_idx,
 268                                          &rx->tkip_iv32,
 269                                          &rx->tkip_iv16);
 270        if (res != TKIP_DECRYPT_OK)
 271                return RX_DROP_UNUSABLE;
 272
 273        /* Trim ICV */
 274        skb_trim(skb, skb->len - TKIP_ICV_LEN);
 275
 276        /* Remove IV */
 277        memmove(skb->data + TKIP_IV_LEN, skb->data, hdrlen);
 278        skb_pull(skb, TKIP_IV_LEN);
 279
 280        return RX_CONTINUE;
 281}
 282
 283
 284static void ccmp_special_blocks(struct sk_buff *skb, u8 *pn, u8 *scratch,
 285                                int encrypted)
 286{
 287        __le16 mask_fc;
 288        int a4_included, mgmt;
 289        u8 qos_tid;
 290        u8 *b_0, *aad;
 291        u16 data_len, len_a;
 292        unsigned int hdrlen;
 293        struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
 294
 295        memset(scratch, 0, 6 * AES_BLOCK_SIZE);
 296
 297        b_0 = scratch + 3 * AES_BLOCK_SIZE;
 298        aad = scratch + 4 * AES_BLOCK_SIZE;
 299
 300        /*
 301         * Mask FC: zero subtype b4 b5 b6 (if not mgmt)
 302         * Retry, PwrMgt, MoreData; set Protected
 303         */
 304        mgmt = ieee80211_is_mgmt(hdr->frame_control);
 305        mask_fc = hdr->frame_control;
 306        mask_fc &= ~cpu_to_le16(IEEE80211_FCTL_RETRY |
 307                                IEEE80211_FCTL_PM | IEEE80211_FCTL_MOREDATA);
 308        if (!mgmt)
 309                mask_fc &= ~cpu_to_le16(0x0070);
 310        mask_fc |= cpu_to_le16(IEEE80211_FCTL_PROTECTED);
 311
 312        hdrlen = ieee80211_hdrlen(hdr->frame_control);
 313        len_a = hdrlen - 2;
 314        a4_included = ieee80211_has_a4(hdr->frame_control);
 315
 316        if (ieee80211_is_data_qos(hdr->frame_control))
 317                qos_tid = *ieee80211_get_qos_ctl(hdr) & IEEE80211_QOS_CTL_TID_MASK;
 318        else
 319                qos_tid = 0;
 320
 321        data_len = skb->len - hdrlen - CCMP_HDR_LEN;
 322        if (encrypted)
 323                data_len -= CCMP_MIC_LEN;
 324
 325        /* First block, b_0 */
 326        b_0[0] = 0x59; /* flags: Adata: 1, M: 011, L: 001 */
 327        /* Nonce: Nonce Flags | A2 | PN
 328         * Nonce Flags: Priority (b0..b3) | Management (b4) | Reserved (b5..b7)
 329         */
 330        b_0[1] = qos_tid | (mgmt << 4);
 331        memcpy(&b_0[2], hdr->addr2, ETH_ALEN);
 332        memcpy(&b_0[8], pn, CCMP_PN_LEN);
 333        /* l(m) */
 334        put_unaligned_be16(data_len, &b_0[14]);
 335
 336        /* AAD (extra authenticate-only data) / masked 802.11 header
 337         * FC | A1 | A2 | A3 | SC | [A4] | [QC] */
 338        put_unaligned_be16(len_a, &aad[0]);
 339        put_unaligned(mask_fc, (__le16 *)&aad[2]);
 340        memcpy(&aad[4], &hdr->addr1, 3 * ETH_ALEN);
 341
 342        /* Mask Seq#, leave Frag# */
 343        aad[22] = *((u8 *) &hdr->seq_ctrl) & 0x0f;
 344        aad[23] = 0;
 345
 346        if (a4_included) {
 347                memcpy(&aad[24], hdr->addr4, ETH_ALEN);
 348                aad[30] = qos_tid;
 349                aad[31] = 0;
 350        } else {
 351                memset(&aad[24], 0, ETH_ALEN + IEEE80211_QOS_CTL_LEN);
 352                aad[24] = qos_tid;
 353        }
 354}
 355
 356
 357static inline void ccmp_pn2hdr(u8 *hdr, u8 *pn, int key_id)
 358{
 359        hdr[0] = pn[5];
 360        hdr[1] = pn[4];
 361        hdr[2] = 0;
 362        hdr[3] = 0x20 | (key_id << 6);
 363        hdr[4] = pn[3];
 364        hdr[5] = pn[2];
 365        hdr[6] = pn[1];
 366        hdr[7] = pn[0];
 367}
 368
 369
 370static inline void ccmp_hdr2pn(u8 *pn, u8 *hdr)
 371{
 372        pn[0] = hdr[7];
 373        pn[1] = hdr[6];
 374        pn[2] = hdr[5];
 375        pn[3] = hdr[4];
 376        pn[4] = hdr[1];
 377        pn[5] = hdr[0];
 378}
 379
 380
 381static int ccmp_encrypt_skb(struct ieee80211_tx_data *tx, struct sk_buff *skb)
 382{
 383        struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
 384        struct ieee80211_key *key = tx->key;
 385        struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
 386        int hdrlen, len, tail;
 387        u8 *pos;
 388        u8 pn[6];
 389        u64 pn64;
 390        u8 scratch[6 * AES_BLOCK_SIZE];
 391
 392        if (info->control.hw_key &&
 393            !(info->control.hw_key->flags & IEEE80211_KEY_FLAG_GENERATE_IV) &&
 394            !(info->control.hw_key->flags & IEEE80211_KEY_FLAG_PUT_IV_SPACE)) {
 395                /*
 396                 * hwaccel has no need for preallocated room for CCMP
 397                 * header or MIC fields
 398                 */
 399                return 0;
 400        }
 401
 402        hdrlen = ieee80211_hdrlen(hdr->frame_control);
 403        len = skb->len - hdrlen;
 404
 405        if (info->control.hw_key)
 406                tail = 0;
 407        else
 408                tail = CCMP_MIC_LEN;
 409
 410        if (WARN_ON(skb_tailroom(skb) < tail ||
 411                    skb_headroom(skb) < CCMP_HDR_LEN))
 412                return -1;
 413
 414        pos = skb_push(skb, CCMP_HDR_LEN);
 415        memmove(pos, pos + CCMP_HDR_LEN, hdrlen);
 416
 417        /* the HW only needs room for the IV, but not the actual IV */
 418        if (info->control.hw_key &&
 419            (info->control.hw_key->flags & IEEE80211_KEY_FLAG_PUT_IV_SPACE))
 420                return 0;
 421
 422        hdr = (struct ieee80211_hdr *) pos;
 423        pos += hdrlen;
 424
 425        pn64 = atomic64_inc_return(&key->u.ccmp.tx_pn);
 426
 427        pn[5] = pn64;
 428        pn[4] = pn64 >> 8;
 429        pn[3] = pn64 >> 16;
 430        pn[2] = pn64 >> 24;
 431        pn[1] = pn64 >> 32;
 432        pn[0] = pn64 >> 40;
 433
 434        ccmp_pn2hdr(pos, pn, key->conf.keyidx);
 435
 436        /* hwaccel - with software CCMP header */
 437        if (info->control.hw_key)
 438                return 0;
 439
 440        pos += CCMP_HDR_LEN;
 441        ccmp_special_blocks(skb, pn, scratch, 0);
 442        ieee80211_aes_ccm_encrypt(key->u.ccmp.tfm, scratch, pos, len,
 443                                  pos, skb_put(skb, CCMP_MIC_LEN));
 444
 445        return 0;
 446}
 447
 448
 449ieee80211_tx_result
 450ieee80211_crypto_ccmp_encrypt(struct ieee80211_tx_data *tx)
 451{
 452        struct sk_buff *skb;
 453
 454        ieee80211_tx_set_protected(tx);
 455
 456        skb_queue_walk(&tx->skbs, skb) {
 457                if (ccmp_encrypt_skb(tx, skb) < 0)
 458                        return TX_DROP;
 459        }
 460
 461        return TX_CONTINUE;
 462}
 463
 464
 465ieee80211_rx_result
 466ieee80211_crypto_ccmp_decrypt(struct ieee80211_rx_data *rx)
 467{
 468        struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)rx->skb->data;
 469        int hdrlen;
 470        struct ieee80211_key *key = rx->key;
 471        struct sk_buff *skb = rx->skb;
 472        struct ieee80211_rx_status *status = IEEE80211_SKB_RXCB(skb);
 473        u8 pn[CCMP_PN_LEN];
 474        int data_len;
 475        int queue;
 476
 477        hdrlen = ieee80211_hdrlen(hdr->frame_control);
 478
 479        if (!ieee80211_is_data(hdr->frame_control) &&
 480            !ieee80211_is_robust_mgmt_frame(hdr))
 481                return RX_CONTINUE;
 482
 483        data_len = skb->len - hdrlen - CCMP_HDR_LEN - CCMP_MIC_LEN;
 484        if (!rx->sta || data_len < 0)
 485                return RX_DROP_UNUSABLE;
 486
 487        ccmp_hdr2pn(pn, skb->data + hdrlen);
 488
 489        queue = rx->security_idx;
 490
 491        if (memcmp(pn, key->u.ccmp.rx_pn[queue], CCMP_PN_LEN) <= 0) {
 492                key->u.ccmp.replays++;
 493                return RX_DROP_UNUSABLE;
 494        }
 495
 496        if (!(status->flag & RX_FLAG_DECRYPTED)) {
 497                u8 scratch[6 * AES_BLOCK_SIZE];
 498                /* hardware didn't decrypt/verify MIC */
 499                ccmp_special_blocks(skb, pn, scratch, 1);
 500
 501                if (ieee80211_aes_ccm_decrypt(
 502                            key->u.ccmp.tfm, scratch,
 503                            skb->data + hdrlen + CCMP_HDR_LEN, data_len,
 504                            skb->data + skb->len - CCMP_MIC_LEN,
 505                            skb->data + hdrlen + CCMP_HDR_LEN))
 506                        return RX_DROP_UNUSABLE;
 507        }
 508
 509        memcpy(key->u.ccmp.rx_pn[queue], pn, CCMP_PN_LEN);
 510
 511        /* Remove CCMP header and MIC */
 512        skb_trim(skb, skb->len - CCMP_MIC_LEN);
 513        memmove(skb->data + CCMP_HDR_LEN, skb->data, hdrlen);
 514        skb_pull(skb, CCMP_HDR_LEN);
 515
 516        return RX_CONTINUE;
 517}
 518
 519
 520static void bip_aad(struct sk_buff *skb, u8 *aad)
 521{
 522        /* BIP AAD: FC(masked) || A1 || A2 || A3 */
 523
 524        /* FC type/subtype */
 525        aad[0] = skb->data[0];
 526        /* Mask FC Retry, PwrMgt, MoreData flags to zero */
 527        aad[1] = skb->data[1] & ~(BIT(4) | BIT(5) | BIT(6));
 528        /* A1 || A2 || A3 */
 529        memcpy(aad + 2, skb->data + 4, 3 * ETH_ALEN);
 530}
 531
 532
 533static inline void bip_ipn_set64(u8 *d, u64 pn)
 534{
 535        *d++ = pn;
 536        *d++ = pn >> 8;
 537        *d++ = pn >> 16;
 538        *d++ = pn >> 24;
 539        *d++ = pn >> 32;
 540        *d = pn >> 40;
 541}
 542
 543static inline void bip_ipn_swap(u8 *d, const u8 *s)
 544{
 545        *d++ = s[5];
 546        *d++ = s[4];
 547        *d++ = s[3];
 548        *d++ = s[2];
 549        *d++ = s[1];
 550        *d = s[0];
 551}
 552
 553
 554ieee80211_tx_result
 555ieee80211_crypto_aes_cmac_encrypt(struct ieee80211_tx_data *tx)
 556{
 557        struct sk_buff *skb;
 558        struct ieee80211_tx_info *info;
 559        struct ieee80211_key *key = tx->key;
 560        struct ieee80211_mmie *mmie;
 561        u8 aad[20];
 562        u64 pn64;
 563
 564        if (WARN_ON(skb_queue_len(&tx->skbs) != 1))
 565                return TX_DROP;
 566
 567        skb = skb_peek(&tx->skbs);
 568
 569        info = IEEE80211_SKB_CB(skb);
 570
 571        if (info->control.hw_key)
 572                return TX_CONTINUE;
 573
 574        if (WARN_ON(skb_tailroom(skb) < sizeof(*mmie)))
 575                return TX_DROP;
 576
 577        mmie = (struct ieee80211_mmie *) skb_put(skb, sizeof(*mmie));
 578        mmie->element_id = WLAN_EID_MMIE;
 579        mmie->length = sizeof(*mmie) - 2;
 580        mmie->key_id = cpu_to_le16(key->conf.keyidx);
 581
 582        /* PN = PN + 1 */
 583        pn64 = atomic64_inc_return(&key->u.aes_cmac.tx_pn);
 584
 585        bip_ipn_set64(mmie->sequence_number, pn64);
 586
 587        bip_aad(skb, aad);
 588
 589        /*
 590         * MIC = AES-128-CMAC(IGTK, AAD || Management Frame Body || MMIE, 64)
 591         */
 592        ieee80211_aes_cmac(key->u.aes_cmac.tfm, aad,
 593                           skb->data + 24, skb->len - 24, mmie->mic);
 594
 595        return TX_CONTINUE;
 596}
 597
 598
 599ieee80211_rx_result
 600ieee80211_crypto_aes_cmac_decrypt(struct ieee80211_rx_data *rx)
 601{
 602        struct sk_buff *skb = rx->skb;
 603        struct ieee80211_rx_status *status = IEEE80211_SKB_RXCB(skb);
 604        struct ieee80211_key *key = rx->key;
 605        struct ieee80211_mmie *mmie;
 606        u8 aad[20], mic[8], ipn[6];
 607        struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
 608
 609        if (!ieee80211_is_mgmt(hdr->frame_control))
 610                return RX_CONTINUE;
 611
 612        if (skb->len < 24 + sizeof(*mmie))
 613                return RX_DROP_UNUSABLE;
 614
 615        mmie = (struct ieee80211_mmie *)
 616                (skb->data + skb->len - sizeof(*mmie));
 617        if (mmie->element_id != WLAN_EID_MMIE ||
 618            mmie->length != sizeof(*mmie) - 2)
 619                return RX_DROP_UNUSABLE; /* Invalid MMIE */
 620
 621        bip_ipn_swap(ipn, mmie->sequence_number);
 622
 623        if (memcmp(ipn, key->u.aes_cmac.rx_pn, 6) <= 0) {
 624                key->u.aes_cmac.replays++;
 625                return RX_DROP_UNUSABLE;
 626        }
 627
 628        if (!(status->flag & RX_FLAG_DECRYPTED)) {
 629                /* hardware didn't decrypt/verify MIC */
 630                bip_aad(skb, aad);
 631                ieee80211_aes_cmac(key->u.aes_cmac.tfm, aad,
 632                                   skb->data + 24, skb->len - 24, mic);
 633                if (memcmp(mic, mmie->mic, sizeof(mmie->mic)) != 0) {
 634                        key->u.aes_cmac.icverrors++;
 635                        return RX_DROP_UNUSABLE;
 636                }
 637        }
 638
 639        memcpy(key->u.aes_cmac.rx_pn, ipn, 6);
 640
 641        /* Remove MMIE */
 642        skb_trim(skb, skb->len - sizeof(*mmie));
 643
 644        return RX_CONTINUE;
 645}
 646
 647ieee80211_tx_result
 648ieee80211_crypto_hw_encrypt(struct ieee80211_tx_data *tx)
 649{
 650        struct sk_buff *skb;
 651        struct ieee80211_tx_info *info = NULL;
 652
 653        skb_queue_walk(&tx->skbs, skb) {
 654                info  = IEEE80211_SKB_CB(skb);
 655
 656                /* handle hw-only algorithm */
 657                if (!info->control.hw_key)
 658                        return TX_DROP;
 659        }
 660
 661        ieee80211_tx_set_protected(tx);
 662
 663        return TX_CONTINUE;
 664}
 665
lxr.linux.no kindly hosted by Redpill Linpro AS, provider of Linux consulting and operations services since 1995.