root/drivers/staging/rtl8192u/ieee80211/ieee80211_crypt_tkip.c

/* [<][>][^][v][top][bottom][index][help] */

DEFINITIONS

This source file includes following definitions.
  1. ieee80211_tkip_init
  2. ieee80211_tkip_deinit
  3. RotR1
  4. Lo8
  5. Hi8
  6. Lo16
  7. Hi16
  8. Mk16
  9. _S_
  10. tkip_mixing_phase1
  11. tkip_mixing_phase2
  12. ieee80211_tkip_encrypt
  13. ieee80211_tkip_decrypt
  14. michael_mic
  15. michael_mic_hdr
  16. ieee80211_michael_mic_add
  17. ieee80211_michael_mic_failure
  18. ieee80211_michael_mic_verify
  19. ieee80211_tkip_set_key
  20. ieee80211_tkip_get_key
  21. ieee80211_tkip_print_stats
  22. ieee80211_crypto_tkip_init
  23. ieee80211_crypto_tkip_exit
  24. ieee80211_tkip_null

   1 // SPDX-License-Identifier: GPL-2.0
   2 /*
   3  * Host AP crypt: host-based TKIP encryption implementation for Host AP driver
   4  *
   5  * Copyright (c) 2003-2004, Jouni Malinen <jkmaline@cc.hut.fi>
   6  */
   7 
   8 #include <linux/module.h>
   9 #include <linux/init.h>
  10 #include <linux/slab.h>
  11 #include <linux/random.h>
  12 #include <linux/skbuff.h>
  13 #include <linux/netdevice.h>
  14 #include <linux/if_ether.h>
  15 #include <linux/if_arp.h>
  16 #include <linux/string.h>
  17 
  18 #include "ieee80211.h"
  19 
  20 #include <crypto/hash.h>
  21 #include <crypto/skcipher.h>
  22         #include <linux/scatterlist.h>
  23 #include <linux/crc32.h>
  24 
  25 MODULE_AUTHOR("Jouni Malinen");
  26 MODULE_DESCRIPTION("Host AP crypt: TKIP");
  27 MODULE_LICENSE("GPL");
  28 
  29 struct ieee80211_tkip_data {
  30 #define TKIP_KEY_LEN 32
  31         u8 key[TKIP_KEY_LEN];
  32         int key_set;
  33 
  34         u32 tx_iv32;
  35         u16 tx_iv16;
  36         u16 tx_ttak[5];
  37         int tx_phase1_done;
  38 
  39         u32 rx_iv32;
  40         u16 rx_iv16;
  41         u16 rx_ttak[5];
  42         int rx_phase1_done;
  43         u32 rx_iv32_new;
  44         u16 rx_iv16_new;
  45 
  46         u32 dot11RSNAStatsTKIPReplays;
  47         u32 dot11RSNAStatsTKIPICVErrors;
  48         u32 dot11RSNAStatsTKIPLocalMICFailures;
  49 
  50         int key_idx;
  51 
  52         struct crypto_sync_skcipher *rx_tfm_arc4;
  53         struct crypto_shash *rx_tfm_michael;
  54         struct crypto_sync_skcipher *tx_tfm_arc4;
  55         struct crypto_shash *tx_tfm_michael;
  56 
  57         /* scratch buffers for virt_to_page() (crypto API) */
  58         u8 rx_hdr[16], tx_hdr[16];
  59 };
  60 
  61 static void *ieee80211_tkip_init(int key_idx)
  62 {
  63         struct ieee80211_tkip_data *priv;
  64 
  65         priv = kzalloc(sizeof(*priv), GFP_KERNEL);
  66         if (!priv)
  67                 goto fail;
  68         priv->key_idx = key_idx;
  69 
  70         priv->tx_tfm_arc4 = crypto_alloc_sync_skcipher("ecb(arc4)", 0, 0);
  71         if (IS_ERR(priv->tx_tfm_arc4)) {
  72                 printk(KERN_DEBUG "ieee80211_crypt_tkip: could not allocate "
  73                                 "crypto API arc4\n");
  74                 priv->tx_tfm_arc4 = NULL;
  75                 goto fail;
  76         }
  77 
  78         priv->tx_tfm_michael = crypto_alloc_shash("michael_mic", 0, 0);
  79         if (IS_ERR(priv->tx_tfm_michael)) {
  80                 printk(KERN_DEBUG "ieee80211_crypt_tkip: could not allocate "
  81                                 "crypto API michael_mic\n");
  82                 priv->tx_tfm_michael = NULL;
  83                 goto fail;
  84         }
  85 
  86         priv->rx_tfm_arc4 = crypto_alloc_sync_skcipher("ecb(arc4)", 0, 0);
  87         if (IS_ERR(priv->rx_tfm_arc4)) {
  88                 printk(KERN_DEBUG "ieee80211_crypt_tkip: could not allocate "
  89                                 "crypto API arc4\n");
  90                 priv->rx_tfm_arc4 = NULL;
  91                 goto fail;
  92         }
  93 
  94         priv->rx_tfm_michael = crypto_alloc_shash("michael_mic", 0, 0);
  95         if (IS_ERR(priv->rx_tfm_michael)) {
  96                 printk(KERN_DEBUG "ieee80211_crypt_tkip: could not allocate "
  97                                 "crypto API michael_mic\n");
  98                 priv->rx_tfm_michael = NULL;
  99                 goto fail;
 100         }
 101 
 102         return priv;
 103 
 104 fail:
 105         if (priv) {
 106                 crypto_free_shash(priv->tx_tfm_michael);
 107                 crypto_free_sync_skcipher(priv->tx_tfm_arc4);
 108                 crypto_free_shash(priv->rx_tfm_michael);
 109                 crypto_free_sync_skcipher(priv->rx_tfm_arc4);
 110                 kfree(priv);
 111         }
 112 
 113         return NULL;
 114 }
 115 
 116 
 117 static void ieee80211_tkip_deinit(void *priv)
 118 {
 119         struct ieee80211_tkip_data *_priv = priv;
 120 
 121         if (_priv) {
 122                 crypto_free_shash(_priv->tx_tfm_michael);
 123                 crypto_free_sync_skcipher(_priv->tx_tfm_arc4);
 124                 crypto_free_shash(_priv->rx_tfm_michael);
 125                 crypto_free_sync_skcipher(_priv->rx_tfm_arc4);
 126         }
 127         kfree(priv);
 128 }
 129 
 130 
 131 static inline u16 RotR1(u16 val)
 132 {
 133         return (val >> 1) | (val << 15);
 134 }
 135 
 136 
 137 static inline u8 Lo8(u16 val)
 138 {
 139         return val & 0xff;
 140 }
 141 
 142 
 143 static inline u8 Hi8(u16 val)
 144 {
 145         return val >> 8;
 146 }
 147 
 148 
 149 static inline u16 Lo16(u32 val)
 150 {
 151         return val & 0xffff;
 152 }
 153 
 154 
 155 static inline u16 Hi16(u32 val)
 156 {
 157         return val >> 16;
 158 }
 159 
 160 
 161 static inline u16 Mk16(u8 hi, u8 lo)
 162 {
 163         return lo | (((u16)hi) << 8);
 164 }
 165 
 166 static const u16 Sbox[256] = {
 167         0xC6A5, 0xF884, 0xEE99, 0xF68D, 0xFF0D, 0xD6BD, 0xDEB1, 0x9154,
 168         0x6050, 0x0203, 0xCEA9, 0x567D, 0xE719, 0xB562, 0x4DE6, 0xEC9A,
 169         0x8F45, 0x1F9D, 0x8940, 0xFA87, 0xEF15, 0xB2EB, 0x8EC9, 0xFB0B,
 170         0x41EC, 0xB367, 0x5FFD, 0x45EA, 0x23BF, 0x53F7, 0xE496, 0x9B5B,
 171         0x75C2, 0xE11C, 0x3DAE, 0x4C6A, 0x6C5A, 0x7E41, 0xF502, 0x834F,
 172         0x685C, 0x51F4, 0xD134, 0xF908, 0xE293, 0xAB73, 0x6253, 0x2A3F,
 173         0x080C, 0x9552, 0x4665, 0x9D5E, 0x3028, 0x37A1, 0x0A0F, 0x2FB5,
 174         0x0E09, 0x2436, 0x1B9B, 0xDF3D, 0xCD26, 0x4E69, 0x7FCD, 0xEA9F,
 175         0x121B, 0x1D9E, 0x5874, 0x342E, 0x362D, 0xDCB2, 0xB4EE, 0x5BFB,
 176         0xA4F6, 0x764D, 0xB761, 0x7DCE, 0x527B, 0xDD3E, 0x5E71, 0x1397,
 177         0xA6F5, 0xB968, 0x0000, 0xC12C, 0x4060, 0xE31F, 0x79C8, 0xB6ED,
 178         0xD4BE, 0x8D46, 0x67D9, 0x724B, 0x94DE, 0x98D4, 0xB0E8, 0x854A,
 179         0xBB6B, 0xC52A, 0x4FE5, 0xED16, 0x86C5, 0x9AD7, 0x6655, 0x1194,
 180         0x8ACF, 0xE910, 0x0406, 0xFE81, 0xA0F0, 0x7844, 0x25BA, 0x4BE3,
 181         0xA2F3, 0x5DFE, 0x80C0, 0x058A, 0x3FAD, 0x21BC, 0x7048, 0xF104,
 182         0x63DF, 0x77C1, 0xAF75, 0x4263, 0x2030, 0xE51A, 0xFD0E, 0xBF6D,
 183         0x814C, 0x1814, 0x2635, 0xC32F, 0xBEE1, 0x35A2, 0x88CC, 0x2E39,
 184         0x9357, 0x55F2, 0xFC82, 0x7A47, 0xC8AC, 0xBAE7, 0x322B, 0xE695,
 185         0xC0A0, 0x1998, 0x9ED1, 0xA37F, 0x4466, 0x547E, 0x3BAB, 0x0B83,
 186         0x8CCA, 0xC729, 0x6BD3, 0x283C, 0xA779, 0xBCE2, 0x161D, 0xAD76,
 187         0xDB3B, 0x6456, 0x744E, 0x141E, 0x92DB, 0x0C0A, 0x486C, 0xB8E4,
 188         0x9F5D, 0xBD6E, 0x43EF, 0xC4A6, 0x39A8, 0x31A4, 0xD337, 0xF28B,
 189         0xD532, 0x8B43, 0x6E59, 0xDAB7, 0x018C, 0xB164, 0x9CD2, 0x49E0,
 190         0xD8B4, 0xACFA, 0xF307, 0xCF25, 0xCAAF, 0xF48E, 0x47E9, 0x1018,
 191         0x6FD5, 0xF088, 0x4A6F, 0x5C72, 0x3824, 0x57F1, 0x73C7, 0x9751,
 192         0xCB23, 0xA17C, 0xE89C, 0x3E21, 0x96DD, 0x61DC, 0x0D86, 0x0F85,
 193         0xE090, 0x7C42, 0x71C4, 0xCCAA, 0x90D8, 0x0605, 0xF701, 0x1C12,
 194         0xC2A3, 0x6A5F, 0xAEF9, 0x69D0, 0x1791, 0x9958, 0x3A27, 0x27B9,
 195         0xD938, 0xEB13, 0x2BB3, 0x2233, 0xD2BB, 0xA970, 0x0789, 0x33A7,
 196         0x2DB6, 0x3C22, 0x1592, 0xC920, 0x8749, 0xAAFF, 0x5078, 0xA57A,
 197         0x038F, 0x59F8, 0x0980, 0x1A17, 0x65DA, 0xD731, 0x84C6, 0xD0B8,
 198         0x82C3, 0x29B0, 0x5A77, 0x1E11, 0x7BCB, 0xA8FC, 0x6DD6, 0x2C3A,
 199 };
 200 
 201 
 202 static inline u16 _S_(u16 v)
 203 {
 204         u16 t = Sbox[Hi8(v)];
 205         return Sbox[Lo8(v)] ^ ((t << 8) | (t >> 8));
 206 }
 207 
 208 
 209 #define PHASE1_LOOP_COUNT 8
 210 
 211 
 212 static void tkip_mixing_phase1(u16 *TTAK, const u8 *TK, const u8 *TA, u32 IV32)
 213 {
 214         int i, j;
 215 
 216         /* Initialize the 80-bit TTAK from TSC (IV32) and TA[0..5] */
 217         TTAK[0] = Lo16(IV32);
 218         TTAK[1] = Hi16(IV32);
 219         TTAK[2] = Mk16(TA[1], TA[0]);
 220         TTAK[3] = Mk16(TA[3], TA[2]);
 221         TTAK[4] = Mk16(TA[5], TA[4]);
 222 
 223         for (i = 0; i < PHASE1_LOOP_COUNT; i++) {
 224                 j = 2 * (i & 1);
 225                 TTAK[0] += _S_(TTAK[4] ^ Mk16(TK[1 + j], TK[0 + j]));
 226                 TTAK[1] += _S_(TTAK[0] ^ Mk16(TK[5 + j], TK[4 + j]));
 227                 TTAK[2] += _S_(TTAK[1] ^ Mk16(TK[9 + j], TK[8 + j]));
 228                 TTAK[3] += _S_(TTAK[2] ^ Mk16(TK[13 + j], TK[12 + j]));
 229                 TTAK[4] += _S_(TTAK[3] ^ Mk16(TK[1 + j], TK[0 + j])) + i;
 230         }
 231 }
 232 
 233 
 234 static void tkip_mixing_phase2(u8 *WEPSeed, const u8 *TK, const u16 *TTAK,
 235                                u16 IV16)
 236 {
 237         /*
 238          * Make temporary area overlap WEP seed so that the final copy can be
 239          * avoided on little endian hosts.
 240          */
 241         u16 *PPK = (u16 *)&WEPSeed[4];
 242 
 243         /* Step 1 - make copy of TTAK and bring in TSC */
 244         PPK[0] = TTAK[0];
 245         PPK[1] = TTAK[1];
 246         PPK[2] = TTAK[2];
 247         PPK[3] = TTAK[3];
 248         PPK[4] = TTAK[4];
 249         PPK[5] = TTAK[4] + IV16;
 250 
 251         /* Step 2 - 96-bit bijective mixing using S-box */
 252         PPK[0] += _S_(PPK[5] ^ le16_to_cpu(*(__le16 *)(&TK[0])));
 253         PPK[1] += _S_(PPK[0] ^ le16_to_cpu(*(__le16 *)(&TK[2])));
 254         PPK[2] += _S_(PPK[1] ^ le16_to_cpu(*(__le16 *)(&TK[4])));
 255         PPK[3] += _S_(PPK[2] ^ le16_to_cpu(*(__le16 *)(&TK[6])));
 256         PPK[4] += _S_(PPK[3] ^ le16_to_cpu(*(__le16 *)(&TK[8])));
 257         PPK[5] += _S_(PPK[4] ^ le16_to_cpu(*(__le16 *)(&TK[10])));
 258 
 259         PPK[0] += RotR1(PPK[5] ^ le16_to_cpu(*(__le16 *)(&TK[12])));
 260         PPK[1] += RotR1(PPK[0] ^ le16_to_cpu(*(__le16 *)(&TK[14])));
 261         PPK[2] += RotR1(PPK[1]);
 262         PPK[3] += RotR1(PPK[2]);
 263         PPK[4] += RotR1(PPK[3]);
 264         PPK[5] += RotR1(PPK[4]);
 265 
 266         /*
 267          * Step 3 - bring in last of TK bits, assign 24-bit WEP IV value
 268          * WEPSeed[0..2] is transmitted as WEP IV
 269          */
 270         WEPSeed[0] = Hi8(IV16);
 271         WEPSeed[1] = (Hi8(IV16) | 0x20) & 0x7F;
 272         WEPSeed[2] = Lo8(IV16);
 273         WEPSeed[3] = Lo8((PPK[5] ^ le16_to_cpu(*(__le16 *)(&TK[0]))) >> 1);
 274 
 275 #ifdef __BIG_ENDIAN
 276         {
 277                 int i;
 278 
 279                 for (i = 0; i < 6; i++)
 280                         PPK[i] = (PPK[i] << 8) | (PPK[i] >> 8);
 281         }
 282 #endif
 283 }
 284 
 285 
 286 static int ieee80211_tkip_encrypt(struct sk_buff *skb, int hdr_len, void *priv)
 287 {
 288         struct ieee80211_tkip_data *tkey = priv;
 289         int len;
 290         u8 *pos;
 291         struct rtl_80211_hdr_4addr *hdr;
 292         struct cb_desc *tcb_desc = (struct cb_desc *)(skb->cb + MAX_DEV_ADDR_SIZE);
 293         int ret = 0;
 294         u8 rc4key[16],  *icv;
 295         u32 crc;
 296         struct scatterlist sg;
 297 
 298         if (skb_headroom(skb) < 8 || skb_tailroom(skb) < 4 ||
 299             skb->len < hdr_len)
 300                 return -1;
 301 
 302         hdr = (struct rtl_80211_hdr_4addr *)skb->data;
 303 
 304         if (!tcb_desc->bHwSec) {
 305                 if (!tkey->tx_phase1_done) {
 306                         tkip_mixing_phase1(tkey->tx_ttak, tkey->key, hdr->addr2,
 307                                            tkey->tx_iv32);
 308                         tkey->tx_phase1_done = 1;
 309                 }
 310                 tkip_mixing_phase2(rc4key, tkey->key, tkey->tx_ttak, tkey->tx_iv16);
 311         } else
 312                 tkey->tx_phase1_done = 1;
 313 
 314 
 315         len = skb->len - hdr_len;
 316         pos = skb_push(skb, 8);
 317         memmove(pos, pos + 8, hdr_len);
 318         pos += hdr_len;
 319 
 320         if (tcb_desc->bHwSec) {
 321                 *pos++ = Hi8(tkey->tx_iv16);
 322                 *pos++ = (Hi8(tkey->tx_iv16) | 0x20) & 0x7F;
 323                 *pos++ = Lo8(tkey->tx_iv16);
 324         } else {
 325                 *pos++ = rc4key[0];
 326                 *pos++ = rc4key[1];
 327                 *pos++ = rc4key[2];
 328         }
 329 
 330         *pos++ = (tkey->key_idx << 6) | BIT(5) /* Ext IV included */;
 331         *pos++ = tkey->tx_iv32 & 0xff;
 332         *pos++ = (tkey->tx_iv32 >> 8) & 0xff;
 333         *pos++ = (tkey->tx_iv32 >> 16) & 0xff;
 334         *pos++ = (tkey->tx_iv32 >> 24) & 0xff;
 335 
 336         if (!tcb_desc->bHwSec) {
 337                 SYNC_SKCIPHER_REQUEST_ON_STACK(req, tkey->tx_tfm_arc4);
 338 
 339                 icv = skb_put(skb, 4);
 340                 crc = ~crc32_le(~0, pos, len);
 341                 icv[0] = crc;
 342                 icv[1] = crc >> 8;
 343                 icv[2] = crc >> 16;
 344                 icv[3] = crc >> 24;
 345                 crypto_sync_skcipher_setkey(tkey->tx_tfm_arc4, rc4key, 16);
 346                 sg_init_one(&sg, pos, len + 4);
 347                 skcipher_request_set_sync_tfm(req, tkey->tx_tfm_arc4);
 348                 skcipher_request_set_callback(req, 0, NULL, NULL);
 349                 skcipher_request_set_crypt(req, &sg, &sg, len + 4, NULL);
 350                 ret = crypto_skcipher_encrypt(req);
 351                 skcipher_request_zero(req);
 352         }
 353 
 354         tkey->tx_iv16++;
 355         if (tkey->tx_iv16 == 0) {
 356                 tkey->tx_phase1_done = 0;
 357                 tkey->tx_iv32++;
 358         }
 359 
 360         if (!tcb_desc->bHwSec)
 361                 return ret;
 362         else
 363                 return 0;
 364 
 365 
 366 }
 367 
 368 static int ieee80211_tkip_decrypt(struct sk_buff *skb, int hdr_len, void *priv)
 369 {
 370         struct ieee80211_tkip_data *tkey = priv;
 371         u8 keyidx, *pos;
 372         u32 iv32;
 373         u16 iv16;
 374         struct rtl_80211_hdr_4addr *hdr;
 375         struct cb_desc *tcb_desc = (struct cb_desc *)(skb->cb + MAX_DEV_ADDR_SIZE);
 376         u8 rc4key[16];
 377         u8 icv[4];
 378         u32 crc;
 379         struct scatterlist sg;
 380         int plen;
 381         int err;
 382 
 383         if (skb->len < hdr_len + 8 + 4)
 384                 return -1;
 385 
 386         hdr = (struct rtl_80211_hdr_4addr *)skb->data;
 387         pos = skb->data + hdr_len;
 388         keyidx = pos[3];
 389         if (!(keyidx & BIT(5))) {
 390                 if (net_ratelimit()) {
 391                         printk(KERN_DEBUG "TKIP: received packet without ExtIV"
 392                                " flag from %pM\n", hdr->addr2);
 393                 }
 394                 return -2;
 395         }
 396         keyidx >>= 6;
 397         if (tkey->key_idx != keyidx) {
 398                 printk(KERN_DEBUG "TKIP: RX tkey->key_idx=%d frame "
 399                        "keyidx=%d priv=%p\n", tkey->key_idx, keyidx, priv);
 400                 return -6;
 401         }
 402         if (!tkey->key_set) {
 403                 if (net_ratelimit()) {
 404                         printk(KERN_DEBUG "TKIP: received packet from %pM"
 405                                " with keyid=%d that does not have a configured"
 406                                " key\n", hdr->addr2, keyidx);
 407                 }
 408                 return -3;
 409         }
 410         iv16 = (pos[0] << 8) | pos[2];
 411         iv32 = pos[4] | (pos[5] << 8) | (pos[6] << 16) | (pos[7] << 24);
 412         pos += 8;
 413 
 414         if (!tcb_desc->bHwSec) {
 415                 SYNC_SKCIPHER_REQUEST_ON_STACK(req, tkey->rx_tfm_arc4);
 416 
 417                 if (iv32 < tkey->rx_iv32 ||
 418                 (iv32 == tkey->rx_iv32 && iv16 <= tkey->rx_iv16)) {
 419                         if (net_ratelimit()) {
 420                                 printk(KERN_DEBUG "TKIP: replay detected: STA=%pM"
 421                                 " previous TSC %08x%04x received TSC "
 422                                 "%08x%04x\n", hdr->addr2,
 423                                 tkey->rx_iv32, tkey->rx_iv16, iv32, iv16);
 424                         }
 425                         tkey->dot11RSNAStatsTKIPReplays++;
 426                         return -4;
 427                 }
 428 
 429                 if (iv32 != tkey->rx_iv32 || !tkey->rx_phase1_done) {
 430                         tkip_mixing_phase1(tkey->rx_ttak, tkey->key, hdr->addr2, iv32);
 431                         tkey->rx_phase1_done = 1;
 432                 }
 433                 tkip_mixing_phase2(rc4key, tkey->key, tkey->rx_ttak, iv16);
 434 
 435                 plen = skb->len - hdr_len - 12;
 436 
 437                 crypto_sync_skcipher_setkey(tkey->rx_tfm_arc4, rc4key, 16);
 438                 sg_init_one(&sg, pos, plen + 4);
 439 
 440                 skcipher_request_set_sync_tfm(req, tkey->rx_tfm_arc4);
 441                 skcipher_request_set_callback(req, 0, NULL, NULL);
 442                 skcipher_request_set_crypt(req, &sg, &sg, plen + 4, NULL);
 443 
 444                 err = crypto_skcipher_decrypt(req);
 445                 skcipher_request_zero(req);
 446                 if (err) {
 447                         if (net_ratelimit()) {
 448                                 printk(KERN_DEBUG ": TKIP: failed to decrypt "
 449                                                 "received packet from %pM\n",
 450                                                 hdr->addr2);
 451                         }
 452                         return -7;
 453                 }
 454 
 455                 crc = ~crc32_le(~0, pos, plen);
 456                 icv[0] = crc;
 457                 icv[1] = crc >> 8;
 458                 icv[2] = crc >> 16;
 459                 icv[3] = crc >> 24;
 460 
 461                 if (memcmp(icv, pos + plen, 4) != 0) {
 462                         if (iv32 != tkey->rx_iv32) {
 463                                 /*
 464                                  * Previously cached Phase1 result was already
 465                                  * lost, so it needs to be recalculated for the
 466                                  * next packet.
 467                                  */
 468                                 tkey->rx_phase1_done = 0;
 469                         }
 470                         if (net_ratelimit()) {
 471                                 printk(KERN_DEBUG "TKIP: ICV error detected: STA="
 472                                 "%pM\n", hdr->addr2);
 473                         }
 474                         tkey->dot11RSNAStatsTKIPICVErrors++;
 475                         return -5;
 476                 }
 477 
 478         }
 479 
 480         /*
 481          * Update real counters only after Michael MIC verification has
 482          * completed.
 483          */
 484         tkey->rx_iv32_new = iv32;
 485         tkey->rx_iv16_new = iv16;
 486 
 487         /* Remove IV and ICV */
 488         memmove(skb->data + 8, skb->data, hdr_len);
 489         skb_pull(skb, 8);
 490         skb_trim(skb, skb->len - 4);
 491 
 492         return keyidx;
 493 }
 494 
 495 static int michael_mic(struct crypto_shash *tfm_michael, u8 *key, u8 *hdr,
 496                        u8 *data, size_t data_len, u8 *mic)
 497 {
 498         SHASH_DESC_ON_STACK(desc, tfm_michael);
 499         int err;
 500 
 501         desc->tfm = tfm_michael;
 502 
 503         if (crypto_shash_setkey(tfm_michael, key, 8))
 504                 return -1;
 505 
 506         err = crypto_shash_init(desc);
 507         if (err)
 508                 goto out;
 509         err = crypto_shash_update(desc, hdr, 16);
 510         if (err)
 511                 goto out;
 512         err = crypto_shash_update(desc, data, data_len);
 513         if (err)
 514                 goto out;
 515         err = crypto_shash_final(desc, mic);
 516 
 517 out:
 518         shash_desc_zero(desc);
 519         return err;
 520 }
 521 
 522 static void michael_mic_hdr(struct sk_buff *skb, u8 *hdr)
 523 {
 524         struct rtl_80211_hdr_4addr *hdr11;
 525 
 526         hdr11 = (struct rtl_80211_hdr_4addr *)skb->data;
 527         switch (le16_to_cpu(hdr11->frame_ctl) &
 528                 (IEEE80211_FCTL_FROMDS | IEEE80211_FCTL_TODS)) {
 529         case IEEE80211_FCTL_TODS:
 530                 memcpy(hdr, hdr11->addr3, ETH_ALEN); /* DA */
 531                 memcpy(hdr + ETH_ALEN, hdr11->addr2, ETH_ALEN); /* SA */
 532                 break;
 533         case IEEE80211_FCTL_FROMDS:
 534                 memcpy(hdr, hdr11->addr1, ETH_ALEN); /* DA */
 535                 memcpy(hdr + ETH_ALEN, hdr11->addr3, ETH_ALEN); /* SA */
 536                 break;
 537         case IEEE80211_FCTL_FROMDS | IEEE80211_FCTL_TODS:
 538                 memcpy(hdr, hdr11->addr3, ETH_ALEN); /* DA */
 539                 memcpy(hdr + ETH_ALEN, hdr11->addr4, ETH_ALEN); /* SA */
 540                 break;
 541         default:
 542                 memcpy(hdr, hdr11->addr1, ETH_ALEN); /* DA */
 543                 memcpy(hdr + ETH_ALEN, hdr11->addr2, ETH_ALEN); /* SA */
 544                 break;
 545         }
 546 
 547         hdr[12] = 0; /* priority */
 548 
 549         hdr[13] = hdr[14] = hdr[15] = 0; /* reserved */
 550 }
 551 
 552 
 553 static int ieee80211_michael_mic_add(struct sk_buff *skb, int hdr_len, void *priv)
 554 {
 555         struct ieee80211_tkip_data *tkey = priv;
 556         u8 *pos;
 557         struct rtl_80211_hdr_4addr *hdr;
 558 
 559         hdr = (struct rtl_80211_hdr_4addr *)skb->data;
 560 
 561         if (skb_tailroom(skb) < 8 || skb->len < hdr_len) {
 562                 printk(KERN_DEBUG "Invalid packet for Michael MIC add "
 563                        "(tailroom=%d hdr_len=%d skb->len=%d)\n",
 564                        skb_tailroom(skb), hdr_len, skb->len);
 565                 return -1;
 566         }
 567 
 568         michael_mic_hdr(skb, tkey->tx_hdr);
 569 
 570         // { david, 2006.9.1
 571         // fix the wpa process with wmm enabled.
 572         if (IEEE80211_QOS_HAS_SEQ(le16_to_cpu(hdr->frame_ctl)))
 573                 tkey->tx_hdr[12] = *(skb->data + hdr_len - 2) & 0x07;
 574         // }
 575         pos = skb_put(skb, 8);
 576 
 577         if (michael_mic(tkey->tx_tfm_michael, &tkey->key[16], tkey->tx_hdr,
 578                                 skb->data + hdr_len, skb->len - 8 - hdr_len, pos))
 579                 return -1;
 580 
 581         return 0;
 582 }
 583 
 584 static void ieee80211_michael_mic_failure(struct net_device *dev,
 585                                        struct rtl_80211_hdr_4addr *hdr,
 586                                        int keyidx)
 587 {
 588         union iwreq_data wrqu;
 589         struct iw_michaelmicfailure ev;
 590 
 591         /* TODO: needed parameters: count, keyid, key type, TSC */
 592         memset(&ev, 0, sizeof(ev));
 593         ev.flags = keyidx & IW_MICFAILURE_KEY_ID;
 594         if (hdr->addr1[0] & 0x01)
 595                 ev.flags |= IW_MICFAILURE_GROUP;
 596         else
 597                 ev.flags |= IW_MICFAILURE_PAIRWISE;
 598         ev.src_addr.sa_family = ARPHRD_ETHER;
 599         memcpy(ev.src_addr.sa_data, hdr->addr2, ETH_ALEN);
 600         memset(&wrqu, 0, sizeof(wrqu));
 601         wrqu.data.length = sizeof(ev);
 602         wireless_send_event(dev, IWEVMICHAELMICFAILURE, &wrqu, (char *)&ev);
 603 }
 604 
 605 static int ieee80211_michael_mic_verify(struct sk_buff *skb, int keyidx,
 606                                         int hdr_len, void *priv)
 607 {
 608         struct ieee80211_tkip_data *tkey = priv;
 609         u8 mic[8];
 610         struct rtl_80211_hdr_4addr *hdr;
 611 
 612         hdr = (struct rtl_80211_hdr_4addr *)skb->data;
 613 
 614         if (!tkey->key_set)
 615                 return -1;
 616 
 617         michael_mic_hdr(skb, tkey->rx_hdr);
 618         // { david, 2006.9.1
 619         // fix the wpa process with wmm enabled.
 620         if (IEEE80211_QOS_HAS_SEQ(le16_to_cpu(hdr->frame_ctl)))
 621                 tkey->rx_hdr[12] = *(skb->data + hdr_len - 2) & 0x07;
 622         // }
 623 
 624         if (michael_mic(tkey->rx_tfm_michael, &tkey->key[24], tkey->rx_hdr,
 625                         skb->data + hdr_len, skb->len - 8 - hdr_len, mic))
 626                 return -1;
 627         if (memcmp(mic, skb->data + skb->len - 8, 8) != 0) {
 628                 struct rtl_80211_hdr_4addr *hdr;
 629                 hdr = (struct rtl_80211_hdr_4addr *)skb->data;
 630 
 631                 printk(KERN_DEBUG "%s: Michael MIC verification failed for "
 632                        "MSDU from %pM keyidx=%d\n",
 633                        skb->dev ? skb->dev->name : "N/A", hdr->addr2,
 634                        keyidx);
 635                 if (skb->dev)
 636                         ieee80211_michael_mic_failure(skb->dev, hdr, keyidx);
 637                 tkey->dot11RSNAStatsTKIPLocalMICFailures++;
 638                 return -1;
 639         }
 640 
 641         /*
 642          * Update TSC counters for RX now that the packet verification has
 643          * completed.
 644          */
 645         tkey->rx_iv32 = tkey->rx_iv32_new;
 646         tkey->rx_iv16 = tkey->rx_iv16_new;
 647 
 648         skb_trim(skb, skb->len - 8);
 649 
 650         return 0;
 651 }
 652 
 653 
 654 static int ieee80211_tkip_set_key(void *key, int len, u8 *seq, void *priv)
 655 {
 656         struct ieee80211_tkip_data *tkey = priv;
 657         int keyidx;
 658         struct crypto_shash *tfm = tkey->tx_tfm_michael;
 659         struct crypto_sync_skcipher *tfm2 = tkey->tx_tfm_arc4;
 660         struct crypto_shash *tfm3 = tkey->rx_tfm_michael;
 661         struct crypto_sync_skcipher *tfm4 = tkey->rx_tfm_arc4;
 662 
 663         keyidx = tkey->key_idx;
 664         memset(tkey, 0, sizeof(*tkey));
 665         tkey->key_idx = keyidx;
 666         tkey->tx_tfm_michael = tfm;
 667         tkey->tx_tfm_arc4 = tfm2;
 668         tkey->rx_tfm_michael = tfm3;
 669         tkey->rx_tfm_arc4 = tfm4;
 670 
 671         if (len == TKIP_KEY_LEN) {
 672                 memcpy(tkey->key, key, TKIP_KEY_LEN);
 673                 tkey->key_set = 1;
 674                 tkey->tx_iv16 = 1; /* TSC is initialized to 1 */
 675                 if (seq) {
 676                         tkey->rx_iv32 = (seq[5] << 24) | (seq[4] << 16) |
 677                                 (seq[3] << 8) | seq[2];
 678                         tkey->rx_iv16 = (seq[1] << 8) | seq[0];
 679                 }
 680         } else if (len == 0)
 681                 tkey->key_set = 0;
 682         else
 683                 return -1;
 684 
 685         return 0;
 686 }
 687 
 688 
 689 static int ieee80211_tkip_get_key(void *key, int len, u8 *seq, void *priv)
 690 {
 691         struct ieee80211_tkip_data *tkey = priv;
 692 
 693         if (len < TKIP_KEY_LEN)
 694                 return -1;
 695 
 696         if (!tkey->key_set)
 697                 return 0;
 698         memcpy(key, tkey->key, TKIP_KEY_LEN);
 699 
 700         if (seq) {
 701                 /* Return the sequence number of the last transmitted frame. */
 702                 u16 iv16 = tkey->tx_iv16;
 703                 u32 iv32 = tkey->tx_iv32;
 704 
 705                 if (iv16 == 0)
 706                         iv32--;
 707                 iv16--;
 708                 seq[0] = tkey->tx_iv16;
 709                 seq[1] = tkey->tx_iv16 >> 8;
 710                 seq[2] = tkey->tx_iv32;
 711                 seq[3] = tkey->tx_iv32 >> 8;
 712                 seq[4] = tkey->tx_iv32 >> 16;
 713                 seq[5] = tkey->tx_iv32 >> 24;
 714         }
 715 
 716         return TKIP_KEY_LEN;
 717 }
 718 
 719 
 720 static char *ieee80211_tkip_print_stats(char *p, void *priv)
 721 {
 722         struct ieee80211_tkip_data *tkip = priv;
 723 
 724         p += sprintf(p, "key[%d] alg=TKIP key_set=%d "
 725                      "tx_pn=%02x%02x%02x%02x%02x%02x "
 726                      "rx_pn=%02x%02x%02x%02x%02x%02x "
 727                      "replays=%d icv_errors=%d local_mic_failures=%d\n",
 728                      tkip->key_idx, tkip->key_set,
 729                      (tkip->tx_iv32 >> 24) & 0xff,
 730                      (tkip->tx_iv32 >> 16) & 0xff,
 731                      (tkip->tx_iv32 >> 8) & 0xff,
 732                      tkip->tx_iv32 & 0xff,
 733                      (tkip->tx_iv16 >> 8) & 0xff,
 734                      tkip->tx_iv16 & 0xff,
 735                      (tkip->rx_iv32 >> 24) & 0xff,
 736                      (tkip->rx_iv32 >> 16) & 0xff,
 737                      (tkip->rx_iv32 >> 8) & 0xff,
 738                      tkip->rx_iv32 & 0xff,
 739                      (tkip->rx_iv16 >> 8) & 0xff,
 740                      tkip->rx_iv16 & 0xff,
 741                      tkip->dot11RSNAStatsTKIPReplays,
 742                      tkip->dot11RSNAStatsTKIPICVErrors,
 743                      tkip->dot11RSNAStatsTKIPLocalMICFailures);
 744         return p;
 745 }
 746 
 747 
 748 static struct ieee80211_crypto_ops ieee80211_crypt_tkip = {
 749         .name                   = "TKIP",
 750         .init                   = ieee80211_tkip_init,
 751         .deinit                 = ieee80211_tkip_deinit,
 752         .encrypt_mpdu           = ieee80211_tkip_encrypt,
 753         .decrypt_mpdu           = ieee80211_tkip_decrypt,
 754         .encrypt_msdu           = ieee80211_michael_mic_add,
 755         .decrypt_msdu           = ieee80211_michael_mic_verify,
 756         .set_key                = ieee80211_tkip_set_key,
 757         .get_key                = ieee80211_tkip_get_key,
 758         .print_stats            = ieee80211_tkip_print_stats,
 759         .extra_prefix_len       = 4 + 4, /* IV + ExtIV */
 760         .extra_postfix_len      = 8 + 4, /* MIC + ICV */
 761         .owner                  = THIS_MODULE,
 762 };
 763 
 764 int __init ieee80211_crypto_tkip_init(void)
 765 {
 766         return ieee80211_register_crypto_ops(&ieee80211_crypt_tkip);
 767 }
 768 
 769 void __exit ieee80211_crypto_tkip_exit(void)
 770 {
 771         ieee80211_unregister_crypto_ops(&ieee80211_crypt_tkip);
 772 }
 773 
 774 void ieee80211_tkip_null(void)
 775 {
 776 //    printk("============>%s()\n", __func__);
 777         return;
 778 }

/* [<][>][^][v][top][bottom][index][help] */