Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm-4.9 / ecdfa44610fa18678c3dd481af75368b9800c6c7 / . / drivers / staging / rtl8192e / ieee80211 / ieee80211_crypt_ccmp.c
blob: ab871b360b5dbd08f84bbcdaca9d94bdba8e642a [file] [log] [blame]
Greg Kroah-Hartmanecdfa442009-08-04 15:57:55 -0700[diff] [blame^]1/*
2 * Host AP crypt: host-based CCMP encryption implementation for Host AP driver
3 *
4 * Copyright (c) 2003-2004, Jouni Malinen <jkmaline@cc.hut.fi>
5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License version 2 as
8 * published by the Free Software Foundation. See README and COPYING for
9 * more details.
10 */
11
12//#include <linux/config.h>
13#include <linux/version.h>
14#include <linux/module.h>
15#include <linux/init.h>
16#include <linux/slab.h>
17#include <linux/random.h>
18#include <linux/skbuff.h>
19#include <linux/netdevice.h>
20#include <linux/if_ether.h>
21#include <linux/if_arp.h>
22#include <asm/string.h>
23#include <linux/wireless.h>
24
25#include "ieee80211.h"
26
27#if (LINUX_VERSION_CODE < KERNEL_VERSION(2,5,0))
28#include "rtl_crypto.h"
29#else
30#include <linux/crypto.h>
31#endif
32
33#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,20)
34 #include <asm/scatterlist.h>
35#else
36 #include <linux/scatterlist.h>
37#endif
38//#include <asm/scatterlist.h>
39
40MODULE_AUTHOR("Jouni Malinen");
41MODULE_DESCRIPTION("Host AP crypt: CCMP");
42MODULE_LICENSE("GPL");
43
44#ifndef OPENSUSE_SLED
45#define OPENSUSE_SLED 0
46#endif
47
48#define AES_BLOCK_LEN 16
49#define CCMP_HDR_LEN 8
50#define CCMP_MIC_LEN 8
51#define CCMP_TK_LEN 16
52#define CCMP_PN_LEN 6
53
54struct ieee80211_ccmp_data {
55 u8 key[CCMP_TK_LEN];
56 int key_set;
57
58 u8 tx_pn[CCMP_PN_LEN];
59 u8 rx_pn[CCMP_PN_LEN];
60
61 u32 dot11RSNAStatsCCMPFormatErrors;
62 u32 dot11RSNAStatsCCMPReplays;
63 u32 dot11RSNAStatsCCMPDecryptErrors;
64
65 int key_idx;
66
67 struct crypto_tfm *tfm;
68
69 /* scratch buffers for virt_to_page() (crypto API) */
70 u8 tx_b0[AES_BLOCK_LEN], tx_b[AES_BLOCK_LEN],
71 tx_e[AES_BLOCK_LEN], tx_s0[AES_BLOCK_LEN];
72 u8 rx_b0[AES_BLOCK_LEN], rx_b[AES_BLOCK_LEN], rx_a[AES_BLOCK_LEN];
73};
74
75void ieee80211_ccmp_aes_encrypt(struct crypto_tfm *tfm,
76 const u8 pt[16], u8 ct[16])
77{
78#if((LINUX_VERSION_CODE < KERNEL_VERSION(2,6,21)) && (!OPENSUSE_SLED))
79 struct scatterlist src, dst;
80
81 src.page = virt_to_page(pt);
82 src.offset = offset_in_page(pt);
83 src.length = AES_BLOCK_LEN;
84
85 dst.page = virt_to_page(ct);
86 dst.offset = offset_in_page(ct);
87 dst.length = AES_BLOCK_LEN;
88
89 crypto_cipher_encrypt(tfm, &dst, &src, AES_BLOCK_LEN);
90#else
91 crypto_cipher_encrypt_one((void*)tfm, ct, pt);
92#endif
93}
94
95static void * ieee80211_ccmp_init(int key_idx)
96{
97 struct ieee80211_ccmp_data *priv;
98
99 priv = kmalloc(sizeof(*priv), GFP_ATOMIC);
100 if (priv == NULL)
101 goto fail;
102 memset(priv, 0, sizeof(*priv));
103 priv->key_idx = key_idx;
104
105#if((LINUX_VERSION_CODE < KERNEL_VERSION(2,6,21)) && (!OPENSUSE_SLED))
106 priv->tfm = crypto_alloc_tfm("aes", 0);
107 if (priv->tfm == NULL) {
108 printk(KERN_DEBUG "ieee80211_crypt_ccmp: could not allocate "
109 "crypto API aes\n");
110 goto fail;
111 }
112 #else
113 priv->tfm = (void*)crypto_alloc_cipher("aes", 0, CRYPTO_ALG_ASYNC);
114 if (IS_ERR(priv->tfm)) {
115 printk(KERN_DEBUG "ieee80211_crypt_ccmp: could not allocate "
116 "crypto API aes\n");
117 priv->tfm = NULL;
118 goto fail;
119 }
120 #endif
121 return priv;
122
123fail:
124 if (priv) {
125 if (priv->tfm)
126 #if(LINUX_VERSION_CODE < KERNEL_VERSION(2,6,21))
127 crypto_free_tfm(priv->tfm);
128 #else
129 crypto_free_cipher((void*)priv->tfm);
130 #endif
131 kfree(priv);
132 }
133
134 return NULL;
135}
136
137
138static void ieee80211_ccmp_deinit(void *priv)
139{
140 struct ieee80211_ccmp_data *_priv = priv;
141 if (_priv && _priv->tfm)
142#if(LINUX_VERSION_CODE < KERNEL_VERSION(2,6,21))
143 crypto_free_tfm(_priv->tfm);
144#else
145 crypto_free_cipher((void*)_priv->tfm);
146#endif
147 kfree(priv);
148}
149
150
151static inline void xor_block(u8 *b, u8 *a, size_t len)
152{
153 int i;
154 for (i = 0; i < len; i++)
155 b[i] ^= a[i];
156}
157
158
159
160static void ccmp_init_blocks(struct crypto_tfm *tfm,
161 struct ieee80211_hdr_4addr *hdr,
162 u8 *pn, size_t dlen, u8 *b0, u8 *auth,
163 u8 *s0)
164{
165 u8 *pos, qc = 0;
166 size_t aad_len;
167 u16 fc;
168 int a4_included, qc_included;
169 u8 aad[2 * AES_BLOCK_LEN];
170
171 fc = le16_to_cpu(hdr->frame_ctl);
172 a4_included = ((fc & (IEEE80211_FCTL_TODS | IEEE80211_FCTL_FROMDS)) ==
173 (IEEE80211_FCTL_TODS | IEEE80211_FCTL_FROMDS));
174 /*
175 qc_included = ((WLAN_FC_GET_TYPE(fc) == IEEE80211_FTYPE_DATA) &&
176 (WLAN_FC_GET_STYPE(fc) & 0x08));
177 */
178 // fixed by David :2006.9.6
179 qc_included = ((WLAN_FC_GET_TYPE(fc) == IEEE80211_FTYPE_DATA) &&
180 (WLAN_FC_GET_STYPE(fc) & 0x80));
181 aad_len = 22;
182 if (a4_included)
183 aad_len += 6;
184 if (qc_included) {
185 pos = (u8 *) &hdr->addr4;
186 if (a4_included)
187 pos += 6;
188 qc = *pos & 0x0f;
189 aad_len += 2;
190 }
191 /* CCM Initial Block:
192 * Flag (Include authentication header, M=3 (8-octet MIC),
193 * L=1 (2-octet Dlen))
194 * Nonce: 0x00 | A2 | PN
195 * Dlen */
196 b0[0] = 0x59;
197 b0[1] = qc;
198 memcpy(b0 + 2, hdr->addr2, ETH_ALEN);
199 memcpy(b0 + 8, pn, CCMP_PN_LEN);
200 b0[14] = (dlen >> 8) & 0xff;
201 b0[15] = dlen & 0xff;
202
203 /* AAD:
204 * FC with bits 4..6 and 11..13 masked to zero; 14 is always one
205 * A1 | A2 | A3
206 * SC with bits 4..15 (seq#) masked to zero
207 * A4 (if present)
208 * QC (if present)
209 */
210 pos = (u8 *) hdr;
211 aad[0] = 0; /* aad_len >> 8 */
212 aad[1] = aad_len & 0xff;
213 aad[2] = pos[0] & 0x8f;
214 aad[3] = pos[1] & 0xc7;
215 memcpy(aad + 4, hdr->addr1, 3 * ETH_ALEN);
216 pos = (u8 *) &hdr->seq_ctl;
217 aad[22] = pos[0] & 0x0f;
218 aad[23] = 0; /* all bits masked */
219 memset(aad + 24, 0, 8);
220 if (a4_included)
221 memcpy(aad + 24, hdr->addr4, ETH_ALEN);
222 if (qc_included) {
223 aad[a4_included ? 30 : 24] = qc;
224 /* rest of QC masked */
225 }
226
227 /* Start with the first block and AAD */
228 ieee80211_ccmp_aes_encrypt(tfm, b0, auth);
229 xor_block(auth, aad, AES_BLOCK_LEN);
230 ieee80211_ccmp_aes_encrypt(tfm, auth, auth);
231 xor_block(auth, &aad[AES_BLOCK_LEN], AES_BLOCK_LEN);
232 ieee80211_ccmp_aes_encrypt(tfm, auth, auth);
233 b0[0] &= 0x07;
234 b0[14] = b0[15] = 0;
235 ieee80211_ccmp_aes_encrypt(tfm, b0, s0);
236}
237
238
239
240static int ieee80211_ccmp_encrypt(struct sk_buff *skb, int hdr_len, void *priv)
241{
242 struct ieee80211_ccmp_data *key = priv;
243 int data_len, i;
244 u8 *pos;
245 struct ieee80211_hdr_4addr *hdr;
246 cb_desc *tcb_desc = (cb_desc *)(skb->cb + MAX_DEV_ADDR_SIZE);
247
248 if (skb_headroom(skb) < CCMP_HDR_LEN ||
249 skb_tailroom(skb) < CCMP_MIC_LEN ||
250 skb->len < hdr_len)
251 return -1;
252
253 data_len = skb->len - hdr_len;
254 pos = skb_push(skb, CCMP_HDR_LEN);
255 memmove(pos, pos + CCMP_HDR_LEN, hdr_len);
256 pos += hdr_len;
257// mic = skb_put(skb, CCMP_MIC_LEN);
258
259 i = CCMP_PN_LEN - 1;
260 while (i >= 0) {
261 key->tx_pn[i]++;
262 if (key->tx_pn[i] != 0)
263 break;
264 i--;
265 }
266
267 *pos++ = key->tx_pn[5];
268 *pos++ = key->tx_pn[4];
269 *pos++ = 0;
270 *pos++ = (key->key_idx << 6) | (1 << 5) /* Ext IV included */;
271 *pos++ = key->tx_pn[3];
272 *pos++ = key->tx_pn[2];
273 *pos++ = key->tx_pn[1];
274 *pos++ = key->tx_pn[0];
275
276
277 hdr = (struct ieee80211_hdr_4addr *) skb->data;
278 if (!tcb_desc->bHwSec)
279 {
280 int blocks, last, len;
281 u8 *mic;
282 u8 *b0 = key->tx_b0;
283 u8 *b = key->tx_b;
284 u8 *e = key->tx_e;
285 u8 *s0 = key->tx_s0;
286
287 //mic is moved to here by john
288 mic = skb_put(skb, CCMP_MIC_LEN);
289
290 ccmp_init_blocks(key->tfm, hdr, key->tx_pn, data_len, b0, b, s0);
291
292 blocks = (data_len + AES_BLOCK_LEN - 1) / AES_BLOCK_LEN;
293 last = data_len % AES_BLOCK_LEN;
294
295 for (i = 1; i <= blocks; i++) {
296 len = (i == blocks && last) ? last : AES_BLOCK_LEN;
297 /* Authentication */
298 xor_block(b, pos, len);
299 ieee80211_ccmp_aes_encrypt(key->tfm, b, b);
300 /* Encryption, with counter */
301 b0[14] = (i >> 8) & 0xff;
302 b0[15] = i & 0xff;
303 ieee80211_ccmp_aes_encrypt(key->tfm, b0, e);
304 xor_block(pos, e, len);
305 pos += len;
306 }
307
308 for (i = 0; i < CCMP_MIC_LEN; i++)
309 mic[i] = b[i] ^ s0[i];
310 }
311 return 0;
312}
313
314
315static int ieee80211_ccmp_decrypt(struct sk_buff *skb, int hdr_len, void *priv)
316{
317 struct ieee80211_ccmp_data *key = priv;
318 u8 keyidx, *pos;
319 struct ieee80211_hdr_4addr *hdr;
320 cb_desc *tcb_desc = (cb_desc *)(skb->cb + MAX_DEV_ADDR_SIZE);
321 u8 pn[6];
322
323 if (skb->len < hdr_len + CCMP_HDR_LEN + CCMP_MIC_LEN) {
324 key->dot11RSNAStatsCCMPFormatErrors++;
325 return -1;
326 }
327
328 hdr = (struct ieee80211_hdr_4addr *) skb->data;
329 pos = skb->data + hdr_len;
330 keyidx = pos[3];
331 if (!(keyidx & (1 << 5))) {
332 if (net_ratelimit()) {
333 printk(KERN_DEBUG "CCMP: received packet without ExtIV"
334 " flag from " MAC_FMT "\n", MAC_ARG(hdr->addr2));
335 }
336 key->dot11RSNAStatsCCMPFormatErrors++;
337 return -2;
338 }
339 keyidx >>= 6;
340 if (key->key_idx != keyidx) {
341 printk(KERN_DEBUG "CCMP: RX tkey->key_idx=%d frame "
342 "keyidx=%d priv=%p\n", key->key_idx, keyidx, priv);
343 return -6;
344 }
345 if (!key->key_set) {
346 if (net_ratelimit()) {
347 printk(KERN_DEBUG "CCMP: received packet from " MAC_FMT
348 " with keyid=%d that does not have a configured"
349 " key\n", MAC_ARG(hdr->addr2), keyidx);
350 }
351 return -3;
352 }
353
354 pn[0] = pos[7];
355 pn[1] = pos[6];
356 pn[2] = pos[5];
357 pn[3] = pos[4];
358 pn[4] = pos[1];
359 pn[5] = pos[0];
360 pos += 8;
361
362 if (memcmp(pn, key->rx_pn, CCMP_PN_LEN) <= 0) {
363 if (net_ratelimit()) {
364 printk(KERN_DEBUG "CCMP: replay detected: STA=" MAC_FMT
365 " previous PN %02x%02x%02x%02x%02x%02x "
366 "received PN %02x%02x%02x%02x%02x%02x\n",
367 MAC_ARG(hdr->addr2), MAC_ARG(key->rx_pn),
368 MAC_ARG(pn));
369 }
370 key->dot11RSNAStatsCCMPReplays++;
371 return -4;
372 }
373 if (!tcb_desc->bHwSec)
374 {
375 size_t data_len = skb->len - hdr_len - CCMP_HDR_LEN - CCMP_MIC_LEN;
376 u8 *mic = skb->data + skb->len - CCMP_MIC_LEN;
377 u8 *b0 = key->rx_b0;
378 u8 *b = key->rx_b;
379 u8 *a = key->rx_a;
380 int i, blocks, last, len;
381
382
383 ccmp_init_blocks(key->tfm, hdr, pn, data_len, b0, a, b);
384 xor_block(mic, b, CCMP_MIC_LEN);
385
386 blocks = (data_len + AES_BLOCK_LEN - 1) / AES_BLOCK_LEN;
387 last = data_len % AES_BLOCK_LEN;
388
389 for (i = 1; i <= blocks; i++) {
390 len = (i == blocks && last) ? last : AES_BLOCK_LEN;
391 /* Decrypt, with counter */
392 b0[14] = (i >> 8) & 0xff;
393 b0[15] = i & 0xff;
394 ieee80211_ccmp_aes_encrypt(key->tfm, b0, b);
395 xor_block(pos, b, len);
396 /* Authentication */
397 xor_block(a, pos, len);
398 ieee80211_ccmp_aes_encrypt(key->tfm, a, a);
399 pos += len;
400 }
401
402 if (memcmp(mic, a, CCMP_MIC_LEN) != 0) {
403 if (net_ratelimit()) {
404 printk(KERN_DEBUG "CCMP: decrypt failed: STA="
405 MAC_FMT "\n", MAC_ARG(hdr->addr2));
406 }
407 key->dot11RSNAStatsCCMPDecryptErrors++;
408 return -5;
409 }
410
411 memcpy(key->rx_pn, pn, CCMP_PN_LEN);
412 }
413 /* Remove hdr and MIC */
414 memmove(skb->data + CCMP_HDR_LEN, skb->data, hdr_len);
415 skb_pull(skb, CCMP_HDR_LEN);
416 skb_trim(skb, skb->len - CCMP_MIC_LEN);
417
418 return keyidx;
419}
420
421
422static int ieee80211_ccmp_set_key(void *key, int len, u8 *seq, void *priv)
423{
424 struct ieee80211_ccmp_data *data = priv;
425 int keyidx;
426 struct crypto_tfm *tfm = data->tfm;
427
428 keyidx = data->key_idx;
429 memset(data, 0, sizeof(*data));
430 data->key_idx = keyidx;
431 data->tfm = tfm;
432 if (len == CCMP_TK_LEN) {
433 memcpy(data->key, key, CCMP_TK_LEN);
434 data->key_set = 1;
435 if (seq) {
436 data->rx_pn[0] = seq[5];
437 data->rx_pn[1] = seq[4];
438 data->rx_pn[2] = seq[3];
439 data->rx_pn[3] = seq[2];
440 data->rx_pn[4] = seq[1];
441 data->rx_pn[5] = seq[0];
442 }
443 crypto_cipher_setkey((void*)data->tfm, data->key, CCMP_TK_LEN);
444 } else if (len == 0)
445 data->key_set = 0;
446 else
447 return -1;
448
449 return 0;
450}
451
452
453static int ieee80211_ccmp_get_key(void *key, int len, u8 *seq, void *priv)
454{
455 struct ieee80211_ccmp_data *data = priv;
456
457 if (len < CCMP_TK_LEN)
458 return -1;
459
460 if (!data->key_set)
461 return 0;
462 memcpy(key, data->key, CCMP_TK_LEN);
463
464 if (seq) {
465 seq[0] = data->tx_pn[5];
466 seq[1] = data->tx_pn[4];
467 seq[2] = data->tx_pn[3];
468 seq[3] = data->tx_pn[2];
469 seq[4] = data->tx_pn[1];
470 seq[5] = data->tx_pn[0];
471 }
472
473 return CCMP_TK_LEN;
474}
475
476
477static char * ieee80211_ccmp_print_stats(char *p, void *priv)
478{
479 struct ieee80211_ccmp_data *ccmp = priv;
480 p += sprintf(p, "key[%d] alg=CCMP key_set=%d "
481 "tx_pn=%02x%02x%02x%02x%02x%02x "
482 "rx_pn=%02x%02x%02x%02x%02x%02x "
483 "format_errors=%d replays=%d decrypt_errors=%d\n",
484 ccmp->key_idx, ccmp->key_set,
485 MAC_ARG(ccmp->tx_pn), MAC_ARG(ccmp->rx_pn),
486 ccmp->dot11RSNAStatsCCMPFormatErrors,
487 ccmp->dot11RSNAStatsCCMPReplays,
488 ccmp->dot11RSNAStatsCCMPDecryptErrors);
489
490 return p;
491}
492
493void ieee80211_ccmp_null(void)
494{
495// printk("============>%s()\n", __FUNCTION__);
496 return;
497}
498
499static struct ieee80211_crypto_ops ieee80211_crypt_ccmp = {
500 .name = "CCMP",
501 .init = ieee80211_ccmp_init,
502 .deinit = ieee80211_ccmp_deinit,
503 .encrypt_mpdu = ieee80211_ccmp_encrypt,
504 .decrypt_mpdu = ieee80211_ccmp_decrypt,
505 .encrypt_msdu = NULL,
506 .decrypt_msdu = NULL,
507 .set_key = ieee80211_ccmp_set_key,
508 .get_key = ieee80211_ccmp_get_key,
509 .print_stats = ieee80211_ccmp_print_stats,
510 .extra_prefix_len = CCMP_HDR_LEN,
511 .extra_postfix_len = CCMP_MIC_LEN,
512 .owner = THIS_MODULE,
513};
514
515
516int __init ieee80211_crypto_ccmp_init(void)
517{
518 return ieee80211_register_crypto_ops(&ieee80211_crypt_ccmp);
519}
520
521
522void __exit ieee80211_crypto_ccmp_exit(void)
523{
524 ieee80211_unregister_crypto_ops(&ieee80211_crypt_ccmp);
525}
526
527#if (LINUX_VERSION_CODE > KERNEL_VERSION(2,5,0))
528//EXPORT_SYMBOL(ieee80211_ccmp_null);
529#else
530EXPORT_SYMBOL_NOVERS(ieee80211_ccmp_null);
531#endif
532
533//module_init(ieee80211_crypto_ccmp_init);
534//module_exit(ieee80211_crypto_ccmp_exit);