projects / GitHub / mt8127 / android_kernel_alcatel_ttab.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Merge tag 'staging-3.7-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh...
[GitHub/mt8127/android_kernel_alcatel_ttab.git] / drivers / staging / rtl8192e / rtllib_crypt_tkip.c
CommitLineData
ecdfa446
GKH		 1/*
2 * Host AP crypt: host-based TKIP encryption implementation for Host AP driver
3 *
4 * Copyright (c) 2003-2004, Jouni Malinen <jkmaline@cc.hut.fi>
5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License version 2 as
8 * published by the Free Software Foundation. See README and COPYING for
9 * more details.
10 */
11
ecdfa446
GKH		 12#include <linux/module.h>
13#include <linux/init.h>
14#include <linux/slab.h>
15#include <linux/random.h>
16#include <linux/skbuff.h>
17#include <linux/netdevice.h>
18#include <linux/if_ether.h>
19#include <linux/if_arp.h>
a44325f9 20#include <linux/string.h>
ecdfa446 21#include <linux/crypto.h>
cb762154 22#include <linux/scatterlist.h>
ecdfa446
GKH		 23#include <linux/crc32.h>
24
a44325f9
LF		 25#include "rtllib.h"
26
94a79942 27struct rtllib_tkip_data {
ecdfa446
GKH		 28#define TKIP_KEY_LEN 32
29 u8 key[TKIP_KEY_LEN];
30 int key_set;
31
32 u32 tx_iv32;
33 u16 tx_iv16;
34 u16 tx_ttak[5];
35 int tx_phase1_done;
36
37 u32 rx_iv32;
38 u16 rx_iv16;
a44325f9 39 bool initialized;
ecdfa446
GKH		 40 u16 rx_ttak[5];
41 int rx_phase1_done;
42 u32 rx_iv32_new;
43 u16 rx_iv16_new;
44
45 u32 dot11RSNAStatsTKIPReplays;
46 u32 dot11RSNAStatsTKIPICVErrors;
47 u32 dot11RSNAStatsTKIPLocalMICFailures;
48
49 int key_idx;
ecdfa446
GKH		 50 struct crypto_blkcipher *rx_tfm_arc4;
51 struct crypto_hash *rx_tfm_michael;
52 struct crypto_blkcipher *tx_tfm_arc4;
53 struct crypto_hash *tx_tfm_michael;
ecdfa446
GKH		 54 /* scratch buffers for virt_to_page() (crypto API) */
55 u8 rx_hdr[16], tx_hdr[16];
56};
57
a44325f9 58static void *rtllib_tkip_init(int key_idx)
ecdfa446 59{
94a79942 60 struct rtllib_tkip_data *priv;
ecdfa446 61
929fa2a4 62 priv = kzalloc(sizeof(*priv), GFP_ATOMIC);
ecdfa446
GKH		 63 if (priv == NULL)
64 goto fail;
ecdfa446 65 priv->key_idx = key_idx;
ecdfa446
GKH		 66 priv->tx_tfm_arc4 = crypto_alloc_blkcipher("ecb(arc4)", 0,
67 CRYPTO_ALG_ASYNC);
68 if (IS_ERR(priv->tx_tfm_arc4)) {
94a79942 69 printk(KERN_DEBUG "rtllib_crypt_tkip: could not allocate "
ecdfa446
GKH		 70 "crypto API arc4\n");
71 priv->tx_tfm_arc4 = NULL;
72 goto fail;
73 }
74
75 priv->tx_tfm_michael = crypto_alloc_hash("michael_mic", 0,
76 CRYPTO_ALG_ASYNC);
77 if (IS_ERR(priv->tx_tfm_michael)) {
94a79942 78 printk(KERN_DEBUG "rtllib_crypt_tkip: could not allocate "
ecdfa446
GKH		 79 "crypto API michael_mic\n");
80 priv->tx_tfm_michael = NULL;
81 goto fail;
82 }
83
84 priv->rx_tfm_arc4 = crypto_alloc_blkcipher("ecb(arc4)", 0,
85 CRYPTO_ALG_ASYNC);
86 if (IS_ERR(priv->rx_tfm_arc4)) {
94a79942 87 printk(KERN_DEBUG "rtllib_crypt_tkip: could not allocate "
ecdfa446
GKH		 88 "crypto API arc4\n");
89 priv->rx_tfm_arc4 = NULL;
90 goto fail;
91 }
92
93 priv->rx_tfm_michael = crypto_alloc_hash("michael_mic", 0,
94 CRYPTO_ALG_ASYNC);
95 if (IS_ERR(priv->rx_tfm_michael)) {
94a79942 96 printk(KERN_DEBUG "rtllib_crypt_tkip: could not allocate "
ecdfa446
GKH		 97 "crypto API michael_mic\n");
98 priv->rx_tfm_michael = NULL;
99 goto fail;
100 }
ecdfa446
GKH		 101 return priv;
102
103fail:
104 if (priv) {
ecdfa446
GKH		 105 if (priv->tx_tfm_michael)
106 crypto_free_hash(priv->tx_tfm_michael);
107 if (priv->tx_tfm_arc4)
108 crypto_free_blkcipher(priv->tx_tfm_arc4);
109 if (priv->rx_tfm_michael)
110 crypto_free_hash(priv->rx_tfm_michael);
111 if (priv->rx_tfm_arc4)
112 crypto_free_blkcipher(priv->rx_tfm_arc4);
ecdfa446
GKH		 113 kfree(priv);
114 }
115
116 return NULL;
117}
118
119
94a79942 120static void rtllib_tkip_deinit(void *priv)
ecdfa446 121{
94a79942 122 struct rtllib_tkip_data *_priv = priv;
cb762154 123
ecdfa446
GKH		 124 if (_priv) {
125 if (_priv->tx_tfm_michael)
126 crypto_free_hash(_priv->tx_tfm_michael);
127 if (_priv->tx_tfm_arc4)
128 crypto_free_blkcipher(_priv->tx_tfm_arc4);
129 if (_priv->rx_tfm_michael)
130 crypto_free_hash(_priv->rx_tfm_michael);
131 if (_priv->rx_tfm_arc4)
132 crypto_free_blkcipher(_priv->rx_tfm_arc4);
133 }
ecdfa446
GKH		 134 kfree(priv);
135}
136
137
138static inline u16 RotR1(u16 val)
139{
140 return (val >> 1) | (val << 15);
141}
142
143
144static inline u8 Lo8(u16 val)
145{
146 return val & 0xff;
147}
148
149
150static inline u8 Hi8(u16 val)
151{
152 return val >> 8;
153}
154
155
156static inline u16 Lo16(u32 val)
157{
158 return val & 0xffff;
159}
160
161
162static inline u16 Hi16(u32 val)
163{
164 return val >> 16;
165}
166
167
168static inline u16 Mk16(u8 hi, u8 lo)
169{
170 return lo | (((u16) hi) << 8);
171}
172
173
174static inline u16 Mk16_le(u16 *v)
175{
176 return le16_to_cpu(*v);
177}
178
179
a44325f9 180static const u16 Sbox[256] = {
ecdfa446
GKH		 181 0xC6A5, 0xF884, 0xEE99, 0xF68D, 0xFF0D, 0xD6BD, 0xDEB1, 0x9154,
182 0x6050, 0x0203, 0xCEA9, 0x567D, 0xE719, 0xB562, 0x4DE6, 0xEC9A,
183 0x8F45, 0x1F9D, 0x8940, 0xFA87, 0xEF15, 0xB2EB, 0x8EC9, 0xFB0B,
184 0x41EC, 0xB367, 0x5FFD, 0x45EA, 0x23BF, 0x53F7, 0xE496, 0x9B5B,
185 0x75C2, 0xE11C, 0x3DAE, 0x4C6A, 0x6C5A, 0x7E41, 0xF502, 0x834F,
186 0x685C, 0x51F4, 0xD134, 0xF908, 0xE293, 0xAB73, 0x6253, 0x2A3F,
187 0x080C, 0x9552, 0x4665, 0x9D5E, 0x3028, 0x37A1, 0x0A0F, 0x2FB5,
188 0x0E09, 0x2436, 0x1B9B, 0xDF3D, 0xCD26, 0x4E69, 0x7FCD, 0xEA9F,
189 0x121B, 0x1D9E, 0x5874, 0x342E, 0x362D, 0xDCB2, 0xB4EE, 0x5BFB,
190 0xA4F6, 0x764D, 0xB761, 0x7DCE, 0x527B, 0xDD3E, 0x5E71, 0x1397,
191 0xA6F5, 0xB968, 0x0000, 0xC12C, 0x4060, 0xE31F, 0x79C8, 0xB6ED,
192 0xD4BE, 0x8D46, 0x67D9, 0x724B, 0x94DE, 0x98D4, 0xB0E8, 0x854A,
193 0xBB6B, 0xC52A, 0x4FE5, 0xED16, 0x86C5, 0x9AD7, 0x6655, 0x1194,
194 0x8ACF, 0xE910, 0x0406, 0xFE81, 0xA0F0, 0x7844, 0x25BA, 0x4BE3,
195 0xA2F3, 0x5DFE, 0x80C0, 0x058A, 0x3FAD, 0x21BC, 0x7048, 0xF104,
196 0x63DF, 0x77C1, 0xAF75, 0x4263, 0x2030, 0xE51A, 0xFD0E, 0xBF6D,
197 0x814C, 0x1814, 0x2635, 0xC32F, 0xBEE1, 0x35A2, 0x88CC, 0x2E39,
198 0x9357, 0x55F2, 0xFC82, 0x7A47, 0xC8AC, 0xBAE7, 0x322B, 0xE695,
199 0xC0A0, 0x1998, 0x9ED1, 0xA37F, 0x4466, 0x547E, 0x3BAB, 0x0B83,
200 0x8CCA, 0xC729, 0x6BD3, 0x283C, 0xA779, 0xBCE2, 0x161D, 0xAD76,
201 0xDB3B, 0x6456, 0x744E, 0x141E, 0x92DB, 0x0C0A, 0x486C, 0xB8E4,
202 0x9F5D, 0xBD6E, 0x43EF, 0xC4A6, 0x39A8, 0x31A4, 0xD337, 0xF28B,
203 0xD532, 0x8B43, 0x6E59, 0xDAB7, 0x018C, 0xB164, 0x9CD2, 0x49E0,
204 0xD8B4, 0xACFA, 0xF307, 0xCF25, 0xCAAF, 0xF48E, 0x47E9, 0x1018,
205 0x6FD5, 0xF088, 0x4A6F, 0x5C72, 0x3824, 0x57F1, 0x73C7, 0x9751,
206 0xCB23, 0xA17C, 0xE89C, 0x3E21, 0x96DD, 0x61DC, 0x0D86, 0x0F85,
207 0xE090, 0x7C42, 0x71C4, 0xCCAA, 0x90D8, 0x0605, 0xF701, 0x1C12,
208 0xC2A3, 0x6A5F, 0xAEF9, 0x69D0, 0x1791, 0x9958, 0x3A27, 0x27B9,
209 0xD938, 0xEB13, 0x2BB3, 0x2233, 0xD2BB, 0xA970, 0x0789, 0x33A7,
210 0x2DB6, 0x3C22, 0x1592, 0xC920, 0x8749, 0xAAFF, 0x5078, 0xA57A,
211 0x038F, 0x59F8, 0x0980, 0x1A17, 0x65DA, 0xD731, 0x84C6, 0xD0B8,
212 0x82C3, 0x29B0, 0x5A77, 0x1E11, 0x7BCB, 0xA8FC, 0x6DD6, 0x2C3A,
213};
214
215
216static inline u16 _S_(u16 v)
217{
218 u16 t = Sbox[Hi8(v)];
219 return Sbox[Lo8(v)] ^ ((t << 8) | (t >> 8));
220}
221
222
223#define PHASE1_LOOP_COUNT 8
224
225
226static void tkip_mixing_phase1(u16 *TTAK, const u8 *TK, const u8 *TA, u32 IV32)
227{
228 int i, j;
229
230 /* Initialize the 80-bit TTAK from TSC (IV32) and TA[0..5] */
231 TTAK[0] = Lo16(IV32);
232 TTAK[1] = Hi16(IV32);
233 TTAK[2] = Mk16(TA[1], TA[0]);
234 TTAK[3] = Mk16(TA[3], TA[2]);
235 TTAK[4] = Mk16(TA[5], TA[4]);
236
237 for (i = 0; i < PHASE1_LOOP_COUNT; i++) {
238 j = 2 * (i & 1);
239 TTAK[0] += _S_(TTAK[4] ^ Mk16(TK[1 + j], TK[0 + j]));
240 TTAK[1] += _S_(TTAK[0] ^ Mk16(TK[5 + j], TK[4 + j]));
241 TTAK[2] += _S_(TTAK[1] ^ Mk16(TK[9 + j], TK[8 + j]));
242 TTAK[3] += _S_(TTAK[2] ^ Mk16(TK[13 + j], TK[12 + j]));
243 TTAK[4] += _S_(TTAK[3] ^ Mk16(TK[1 + j], TK[0 + j])) + i;
244 }
245}
246
247
248static void tkip_mixing_phase2(u8 *WEPSeed, const u8 *TK, const u16 *TTAK,
249 u16 IV16)
250{
251 /* Make temporary area overlap WEP seed so that the final copy can be
252 * avoided on little endian hosts. */
253 u16 *PPK = (u16 *) &WEPSeed[4];
254
255 /* Step 1 - make copy of TTAK and bring in TSC */
256 PPK[0] = TTAK[0];
257 PPK[1] = TTAK[1];
258 PPK[2] = TTAK[2];
259 PPK[3] = TTAK[3];
260 PPK[4] = TTAK[4];
261 PPK[5] = TTAK[4] + IV16;
262
263 /* Step 2 - 96-bit bijective mixing using S-box */
264 PPK[0] += _S_(PPK[5] ^ Mk16_le((u16 *) &TK[0]));
265 PPK[1] += _S_(PPK[0] ^ Mk16_le((u16 *) &TK[2]));
266 PPK[2] += _S_(PPK[1] ^ Mk16_le((u16 *) &TK[4]));
267 PPK[3] += _S_(PPK[2] ^ Mk16_le((u16 *) &TK[6]));
268 PPK[4] += _S_(PPK[3] ^ Mk16_le((u16 *) &TK[8]));
269 PPK[5] += _S_(PPK[4] ^ Mk16_le((u16 *) &TK[10]));
270
271 PPK[0] += RotR1(PPK[5] ^ Mk16_le((u16 *) &TK[12]));
272 PPK[1] += RotR1(PPK[0] ^ Mk16_le((u16 *) &TK[14]));
273 PPK[2] += RotR1(PPK[1]);
274 PPK[3] += RotR1(PPK[2]);
275 PPK[4] += RotR1(PPK[3]);
276 PPK[5] += RotR1(PPK[4]);
277
278 /* Step 3 - bring in last of TK bits, assign 24-bit WEP IV value
279 * WEPSeed[0..2] is transmitted as WEP IV */
280 WEPSeed[0] = Hi8(IV16);
281 WEPSeed[1] = (Hi8(IV16) | 0x20) & 0x7F;
282 WEPSeed[2] = Lo8(IV16);
283 WEPSeed[3] = Lo8((PPK[5] ^ Mk16_le((u16 *) &TK[0])) >> 1);
284
285#ifdef __BIG_ENDIAN
286 {
287 int i;
288 for (i = 0; i < 6; i++)
289 PPK[i] = (PPK[i] << 8) | (PPK[i] >> 8);
290 }
291#endif
292}
293
294
94a79942 295static int rtllib_tkip_encrypt(struct sk_buff *skb, int hdr_len, void *priv)
ecdfa446 296{
94a79942 297 struct rtllib_tkip_data *tkey = priv;
ecdfa446
GKH		 298 int len;
299 u8 *pos;
94a79942 300 struct rtllib_hdr_4addr *hdr;
a44325f9
LF		 301 struct cb_desc *tcb_desc = (struct cb_desc *)(skb->cb +
302 MAX_DEV_ADDR_SIZE);
ecdfa446
GKH		 303 struct blkcipher_desc desc = {.tfm = tkey->tx_tfm_arc4};
304 int ret = 0;
ecdfa446
GKH		 305 u8 rc4key[16], *icv;
306 u32 crc;
307 struct scatterlist sg;
308
309 if (skb_headroom(skb) < 8 || skb_tailroom(skb) < 4 ||
310 skb->len < hdr_len)
311 return -1;
312
94a79942 313 hdr = (struct rtllib_hdr_4addr *) skb->data;
ecdfa446 314
94a79942 315 if (!tcb_desc->bHwSec) {
ecdfa446
GKH		 316 if (!tkey->tx_phase1_done) {
317 tkip_mixing_phase1(tkey->tx_ttak, tkey->key, hdr->addr2,
318 tkey->tx_iv32);
319 tkey->tx_phase1_done = 1;
320 }
a44325f9
LF		 321 tkip_mixing_phase2(rc4key, tkey->key, tkey->tx_ttak,
322 tkey->tx_iv16);
94a79942 323 } else
ecdfa446
GKH		 324 tkey->tx_phase1_done = 1;
325
326
327 len = skb->len - hdr_len;
328 pos = skb_push(skb, 8);
329 memmove(pos, pos + 8, hdr_len);
330 pos += hdr_len;
331
94a79942 332 if (tcb_desc->bHwSec) {
ecdfa446
GKH		 333 *pos++ = Hi8(tkey->tx_iv16);
334 *pos++ = (Hi8(tkey->tx_iv16) | 0x20) & 0x7F;
335 *pos++ = Lo8(tkey->tx_iv16);
94a79942 336 } else {
ecdfa446
GKH		 337 *pos++ = rc4key[0];
338 *pos++ = rc4key[1];
339 *pos++ = rc4key[2];
340 }
341
342 *pos++ = (tkey->key_idx << 6) | (1 << 5) /* Ext IV included */;
343 *pos++ = tkey->tx_iv32 & 0xff;
344 *pos++ = (tkey->tx_iv32 >> 8) & 0xff;
345 *pos++ = (tkey->tx_iv32 >> 16) & 0xff;
346 *pos++ = (tkey->tx_iv32 >> 24) & 0xff;
347
94a79942 348 if (!tcb_desc->bHwSec) {
ecdfa446 349 icv = skb_put(skb, 4);
ecdfa446 350 crc = ~crc32_le(~0, pos, len);
ecdfa446
GKH		 351 icv[0] = crc;
352 icv[1] = crc >> 8;
353 icv[2] = crc >> 16;
354 icv[3] = crc >> 24;
94a79942 355
ecdfa446 356 sg_init_one(&sg, pos, len+4);
94a79942
LF		 357
358
94a79942 359 crypto_blkcipher_setkey(tkey->tx_tfm_arc4, rc4key, 16);
a44325f9 360 ret = crypto_blkcipher_encrypt(&desc, &sg, &sg, len + 4);
ecdfa446
GKH		 361 }
362
363 tkey->tx_iv16++;
364 if (tkey->tx_iv16 == 0) {
365 tkey->tx_phase1_done = 0;
366 tkey->tx_iv32++;
367 }
368
369 if (!tcb_desc->bHwSec)
ecdfa446 370 return ret;
ecdfa446 371 else
94a79942 372 return 0;
ecdfa446
GKH		 373
374
375}
376
94a79942 377static int rtllib_tkip_decrypt(struct sk_buff *skb, int hdr_len, void *priv)
ecdfa446 378{
94a79942 379 struct rtllib_tkip_data *tkey = priv;
ecdfa446
GKH		 380 u8 keyidx, *pos;
381 u32 iv32;
382 u16 iv16;
94a79942 383 struct rtllib_hdr_4addr *hdr;
a44325f9
LF		 384 struct cb_desc *tcb_desc = (struct cb_desc *)(skb->cb +
385 MAX_DEV_ADDR_SIZE);
ecdfa446 386 struct blkcipher_desc desc = {.tfm = tkey->rx_tfm_arc4};
ecdfa446
GKH		 387 u8 rc4key[16];
388 u8 icv[4];
389 u32 crc;
390 struct scatterlist sg;
391 int plen;
392 if (skb->len < hdr_len + 8 + 4)
393 return -1;
394
94a79942 395 hdr = (struct rtllib_hdr_4addr *) skb->data;
ecdfa446
GKH		 396 pos = skb->data + hdr_len;
397 keyidx = pos[3];
398 if (!(keyidx & (1 << 5))) {
399 if (net_ratelimit()) {
400 printk(KERN_DEBUG "TKIP: received packet without ExtIV"
ac50ddaa 401 " flag from %pM\n", hdr->addr2);
ecdfa446
GKH		 402 }
403 return -2;
404 }
405 keyidx >>= 6;
406 if (tkey->key_idx != keyidx) {
407 printk(KERN_DEBUG "TKIP: RX tkey->key_idx=%d frame "
408 "keyidx=%d priv=%p\n", tkey->key_idx, keyidx, priv);
409 return -6;
410 }
411 if (!tkey->key_set) {
412 if (net_ratelimit()) {
ac50ddaa 413 printk(KERN_DEBUG "TKIP: received packet from %pM"
ecdfa446 414 " with keyid=%d that does not have a configured"
ac50ddaa 415 " key\n", hdr->addr2, keyidx);
ecdfa446
GKH		 416 }
417 return -3;
418 }
419 iv16 = (pos[0] << 8) | pos[2];
420 iv32 = pos[4] | (pos[5] << 8) | (pos[6] << 16) | (pos[7] << 24);
421 pos += 8;
422
a44325f9 423 if (!tcb_desc->bHwSec || (skb->cb[0] == 1)) {
94a79942 424 if ((iv32 < tkey->rx_iv32 ||
a44325f9
LF		 425 (iv32 == tkey->rx_iv32 && iv16 <= tkey->rx_iv16)) &&
426 tkey->initialized) {
ecdfa446 427 if (net_ratelimit()) {
a44325f9 428 printk(KERN_DEBUG "TKIP: replay detected: STA="
ac50ddaa
LF		 429 " %pM previous TSC %08x%04x received "
430 "TSC %08x%04x\n",hdr->addr2,
a44325f9 431 tkey->rx_iv32, tkey->rx_iv16, iv32, iv16);
ecdfa446
GKH		 432 }
433 tkey->dot11RSNAStatsTKIPReplays++;
434 return -4;
435 }
a44325f9 436 tkey->initialized = true;
ecdfa446
GKH		 437
438 if (iv32 != tkey->rx_iv32 || !tkey->rx_phase1_done) {
a44325f9
LF		 439 tkip_mixing_phase1(tkey->rx_ttak, tkey->key,
440 hdr->addr2, iv32);
ecdfa446
GKH		 441 tkey->rx_phase1_done = 1;
442 }
443 tkip_mixing_phase2(rc4key, tkey->key, tkey->rx_ttak, iv16);
444
445 plen = skb->len - hdr_len - 12;
446
ecdfa446 447 sg_init_one(&sg, pos, plen+4);
94a79942 448
94a79942 449 crypto_blkcipher_setkey(tkey->rx_tfm_arc4, rc4key, 16);
ecdfa446
GKH		 450 if (crypto_blkcipher_decrypt(&desc, &sg, &sg, plen + 4)) {
451 if (net_ratelimit()) {
452 printk(KERN_DEBUG ": TKIP: failed to decrypt "
ac50ddaa
LF		 453 "received packet from %pM\n",
454 hdr->addr2);
ecdfa446
GKH		 455 }
456 return -7;
457 }
ecdfa446 458
ecdfa446 459 crc = ~crc32_le(~0, pos, plen);
ecdfa446
GKH		 460 icv[0] = crc;
461 icv[1] = crc >> 8;
462 icv[2] = crc >> 16;
463 icv[3] = crc >> 24;
464
465 if (memcmp(icv, pos + plen, 4) != 0) {
466 if (iv32 != tkey->rx_iv32) {
a44325f9
LF		 467 /* Previously cached Phase1 result was already
468 * lost, so it needs to be recalculated for the
469 * next packet. */
ecdfa446
GKH		 470 tkey->rx_phase1_done = 0;
471 }
472 if (net_ratelimit()) {
94a79942 473 printk(KERN_DEBUG "TKIP: ICV error detected: STA="
ac50ddaa 474 " %pM\n", hdr->addr2);
ecdfa446
GKH		 475 }
476 tkey->dot11RSNAStatsTKIPICVErrors++;
477 return -5;
478 }
479
480 }
481
482 /* Update real counters only after Michael MIC verification has
483 * completed */
484 tkey->rx_iv32_new = iv32;
485 tkey->rx_iv16_new = iv16;
486
487 /* Remove IV and ICV */
488 memmove(skb->data + 8, skb->data, hdr_len);
489 skb_pull(skb, 8);
490 skb_trim(skb, skb->len - 4);
491
ecdfa446
GKH		 492 return keyidx;
493}
494
495
a44325f9
LF		 496static int michael_mic(struct crypto_hash *tfm_michael, u8 *key, u8 *hdr,
497 u8 *data, size_t data_len, u8 *mic)
ecdfa446 498{
a44325f9
LF		 499 struct hash_desc desc;
500 struct scatterlist sg[2];
501
502 if (tfm_michael == NULL) {
503 printk(KERN_WARNING "michael_mic: tfm_michael == NULL\n");
504 return -1;
505 }
506 sg_init_table(sg, 2);
507 sg_set_buf(&sg[0], hdr, 16);
508 sg_set_buf(&sg[1], data, data_len);
509
510 if (crypto_hash_setkey(tfm_michael, key, 8))
511 return -1;
512
513 desc.tfm = tfm_michael;
514 desc.flags = 0;
515 return crypto_hash_digest(&desc, sg, data_len + 16, mic);
ecdfa446 516}
ecdfa446
GKH		 517
518static void michael_mic_hdr(struct sk_buff *skb, u8 *hdr)
519{
94a79942 520 struct rtllib_hdr_4addr *hdr11;
ecdfa446 521
94a79942 522 hdr11 = (struct rtllib_hdr_4addr *) skb->data;
ecdfa446 523 switch (le16_to_cpu(hdr11->frame_ctl) &
94a79942
LF		 524 (RTLLIB_FCTL_FROMDS | RTLLIB_FCTL_TODS)) {
525 case RTLLIB_FCTL_TODS:
ecdfa446
GKH		 526 memcpy(hdr, hdr11->addr3, ETH_ALEN); /* DA */
527 memcpy(hdr + ETH_ALEN, hdr11->addr2, ETH_ALEN); /* SA */
528 break;
94a79942 529 case RTLLIB_FCTL_FROMDS:
ecdfa446
GKH		 530 memcpy(hdr, hdr11->addr1, ETH_ALEN); /* DA */
531 memcpy(hdr + ETH_ALEN, hdr11->addr3, ETH_ALEN); /* SA */
532 break;
94a79942 533 case RTLLIB_FCTL_FROMDS | RTLLIB_FCTL_TODS:
ecdfa446
GKH		 534 memcpy(hdr, hdr11->addr3, ETH_ALEN); /* DA */
535 memcpy(hdr + ETH_ALEN, hdr11->addr4, ETH_ALEN); /* SA */
536 break;
537 case 0:
538 memcpy(hdr, hdr11->addr1, ETH_ALEN); /* DA */
539 memcpy(hdr + ETH_ALEN, hdr11->addr2, ETH_ALEN); /* SA */
540 break;
541 }
542
543 hdr[12] = 0; /* priority */
544
545 hdr[13] = hdr[14] = hdr[15] = 0; /* reserved */
546}
547
548
94a79942 549static int rtllib_michael_mic_add(struct sk_buff *skb, int hdr_len, void *priv)
ecdfa446 550{
94a79942 551 struct rtllib_tkip_data *tkey = priv;
ecdfa446 552 u8 *pos;
94a79942 553 struct rtllib_hdr_4addr *hdr;
ecdfa446 554
94a79942 555 hdr = (struct rtllib_hdr_4addr *) skb->data;
ecdfa446
GKH		 556
557 if (skb_tailroom(skb) < 8 || skb->len < hdr_len) {
558 printk(KERN_DEBUG "Invalid packet for Michael MIC add "
559 "(tailroom=%d hdr_len=%d skb->len=%d)\n",
560 skb_tailroom(skb), hdr_len, skb->len);
561 return -1;
562 }
563
564 michael_mic_hdr(skb, tkey->tx_hdr);
565
a44325f9 566 if (RTLLIB_QOS_HAS_SEQ(le16_to_cpu(hdr->frame_ctl)))
ecdfa446 567 tkey->tx_hdr[12] = *(skb->data + hdr_len - 2) & 0x07;
ecdfa446 568 pos = skb_put(skb, 8);
ecdfa446 569 if (michael_mic(tkey->tx_tfm_michael, &tkey->key[16], tkey->tx_hdr,
a44325f9 570 skb->data + hdr_len, skb->len - 8 - hdr_len, pos))
ecdfa446
GKH		 571 return -1;
572
573 return 0;
574}
575
576
94a79942
LF		 577static void rtllib_michael_mic_failure(struct net_device *dev,
578 struct rtllib_hdr_4addr *hdr,
ecdfa446
GKH		 579 int keyidx)
580{
581 union iwreq_data wrqu;
582 struct iw_michaelmicfailure ev;
583
584 /* TODO: needed parameters: count, keyid, key type, TSC */
585 memset(&ev, 0, sizeof(ev));
586 ev.flags = keyidx & IW_MICFAILURE_KEY_ID;
587 if (hdr->addr1[0] & 0x01)
588 ev.flags |= IW_MICFAILURE_GROUP;
589 else
590 ev.flags |= IW_MICFAILURE_PAIRWISE;
591 ev.src_addr.sa_family = ARPHRD_ETHER;
592 memcpy(ev.src_addr.sa_data, hdr->addr2, ETH_ALEN);
593 memset(&wrqu, 0, sizeof(wrqu));
594 wrqu.data.length = sizeof(ev);
595 wireless_send_event(dev, IWEVMICHAELMICFAILURE, &wrqu, (char *) &ev);
596}
ecdfa446 597
94a79942 598static int rtllib_michael_mic_verify(struct sk_buff *skb, int keyidx,
32c44cb5 599 int hdr_len, void *priv)
ecdfa446 600{
94a79942 601 struct rtllib_tkip_data *tkey = priv;
ecdfa446 602 u8 mic[8];
94a79942 603 struct rtllib_hdr_4addr *hdr;
ecdfa446 604
94a79942 605 hdr = (struct rtllib_hdr_4addr *) skb->data;
ecdfa446
GKH		 606
607 if (!tkey->key_set)
608 return -1;
609
610 michael_mic_hdr(skb, tkey->rx_hdr);
a44325f9 611 if (RTLLIB_QOS_HAS_SEQ(le16_to_cpu(hdr->frame_ctl)))
ecdfa446 612 tkey->rx_hdr[12] = *(skb->data + hdr_len - 2) & 0x07;
ecdfa446 613
ecdfa446 614 if (michael_mic(tkey->rx_tfm_michael, &tkey->key[24], tkey->rx_hdr,
a44325f9 615 skb->data + hdr_len, skb->len - 8 - hdr_len, mic))
94a79942
LF		 616 return -1;
617
32c44cb5 618 if (memcmp(mic, skb->data + skb->len - 8, 8) != 0) {
94a79942
LF		 619 struct rtllib_hdr_4addr *hdr;
620 hdr = (struct rtllib_hdr_4addr *) skb->data;
ecdfa446 621 printk(KERN_DEBUG "%s: Michael MIC verification failed for "
ac50ddaa
LF		 622 "MSDU from %pM keyidx=%d\n",
623 skb->dev ? skb->dev->name : "N/A", hdr->addr2,
ecdfa446 624 keyidx);
32c44cb5
SM		 625 printk(KERN_DEBUG "%d\n",
626 memcmp(mic, skb->data + skb->len - 8, 8) != 0);
94a79942 627 if (skb->dev) {
a44325f9 628 printk(KERN_INFO "skb->dev != NULL\n");
94a79942 629 rtllib_michael_mic_failure(skb->dev, hdr, keyidx);
a44325f9 630 }
ecdfa446
GKH		 631 tkey->dot11RSNAStatsTKIPLocalMICFailures++;
632 return -1;
633 }
634
635 /* Update TSC counters for RX now that the packet verification has
636 * completed. */
637 tkey->rx_iv32 = tkey->rx_iv32_new;
638 tkey->rx_iv16 = tkey->rx_iv16_new;
639
640 skb_trim(skb, skb->len - 8);
641
642 return 0;
643}
644
645
94a79942 646static int rtllib_tkip_set_key(void *key, int len, u8 *seq, void *priv)
ecdfa446 647{
94a79942 648 struct rtllib_tkip_data *tkey = priv;
ecdfa446 649 int keyidx;
ecdfa446
GKH		 650 struct crypto_hash *tfm = tkey->tx_tfm_michael;
651 struct crypto_blkcipher *tfm2 = tkey->tx_tfm_arc4;
652 struct crypto_hash *tfm3 = tkey->rx_tfm_michael;
653 struct crypto_blkcipher *tfm4 = tkey->rx_tfm_arc4;
ecdfa446
GKH		 654
655 keyidx = tkey->key_idx;
656 memset(tkey, 0, sizeof(*tkey));
657 tkey->key_idx = keyidx;
ecdfa446
GKH		 658 tkey->tx_tfm_michael = tfm;
659 tkey->tx_tfm_arc4 = tfm2;
660 tkey->rx_tfm_michael = tfm3;
661 tkey->rx_tfm_arc4 = tfm4;
ecdfa446
GKH		 662
663 if (len == TKIP_KEY_LEN) {
664 memcpy(tkey->key, key, TKIP_KEY_LEN);
665 tkey->key_set = 1;
666 tkey->tx_iv16 = 1; /* TSC is initialized to 1 */
667 if (seq) {
668 tkey->rx_iv32 = (seq[5] << 24) | (seq[4] << 16) |
669 (seq[3] << 8) | seq[2];
670 tkey->rx_iv16 = (seq[1] << 8) | seq[0];
671 }
672 } else if (len == 0)
673 tkey->key_set = 0;
674 else
675 return -1;
676
677 return 0;
678}
679
680
94a79942 681static int rtllib_tkip_get_key(void *key, int len, u8 *seq, void *priv)
ecdfa446 682{
94a79942 683 struct rtllib_tkip_data *tkey = priv;
ecdfa446
GKH		 684
685 if (len < TKIP_KEY_LEN)
686 return -1;
687
688 if (!tkey->key_set)
689 return 0;
690 memcpy(key, tkey->key, TKIP_KEY_LEN);
691
692 if (seq) {
693 /* Return the sequence number of the last transmitted frame. */
694 u16 iv16 = tkey->tx_iv16;
695 u32 iv32 = tkey->tx_iv32;
696 if (iv16 == 0)
697 iv32--;
698 iv16--;
699 seq[0] = tkey->tx_iv16;
700 seq[1] = tkey->tx_iv16 >> 8;
701 seq[2] = tkey->tx_iv32;
702 seq[3] = tkey->tx_iv32 >> 8;
703 seq[4] = tkey->tx_iv32 >> 16;
704 seq[5] = tkey->tx_iv32 >> 24;
705 }
706
707 return TKIP_KEY_LEN;
708}
709
710
a44325f9 711static char *rtllib_tkip_print_stats(char *p, void *priv)
ecdfa446 712{
94a79942 713 struct rtllib_tkip_data *tkip = priv;
ecdfa446
GKH		 714 p += sprintf(p, "key[%d] alg=TKIP key_set=%d "
715 "tx_pn=%02x%02x%02x%02x%02x%02x "
716 "rx_pn=%02x%02x%02x%02x%02x%02x "
717 "replays=%d icv_errors=%d local_mic_failures=%d\n",
718 tkip->key_idx, tkip->key_set,
719 (tkip->tx_iv32 >> 24) & 0xff,
720 (tkip->tx_iv32 >> 16) & 0xff,
721 (tkip->tx_iv32 >> 8) & 0xff,
722 tkip->tx_iv32 & 0xff,
723 (tkip->tx_iv16 >> 8) & 0xff,
724 tkip->tx_iv16 & 0xff,
725 (tkip->rx_iv32 >> 24) & 0xff,
726 (tkip->rx_iv32 >> 16) & 0xff,
727 (tkip->rx_iv32 >> 8) & 0xff,
728 tkip->rx_iv32 & 0xff,
729 (tkip->rx_iv16 >> 8) & 0xff,
730 tkip->rx_iv16 & 0xff,
731 tkip->dot11RSNAStatsTKIPReplays,
732 tkip->dot11RSNAStatsTKIPICVErrors,
733 tkip->dot11RSNAStatsTKIPLocalMICFailures);
734 return p;
735}
736
32c44cb5 737static struct lib80211_crypto_ops rtllib_crypt_tkip = {
3b148be0 738 .name = "R-TKIP",
94a79942
LF		 739 .init = rtllib_tkip_init,
740 .deinit = rtllib_tkip_deinit,
741 .encrypt_mpdu = rtllib_tkip_encrypt,
742 .decrypt_mpdu = rtllib_tkip_decrypt,
743 .encrypt_msdu = rtllib_michael_mic_add,
744 .decrypt_msdu = rtllib_michael_mic_verify,
745 .set_key = rtllib_tkip_set_key,
746 .get_key = rtllib_tkip_get_key,
747 .print_stats = rtllib_tkip_print_stats,
32c44cb5
SM		 748 .extra_mpdu_prefix_len = 4 + 4, /* IV + ExtIV */
749 .extra_mpdu_postfix_len = 4, /* ICV */
750 .extra_msdu_postfix_len = 8, /* MIC */
a44325f9 751 .owner = THIS_MODULE,
ecdfa446
GKH		 752};
753
754
94a79942 755int __init rtllib_crypto_tkip_init(void)
ecdfa446 756{
3b148be0 757 return lib80211_register_crypto_ops(&rtllib_crypt_tkip);
ecdfa446
GKH		 758}
759
760
94a79942 761void __exit rtllib_crypto_tkip_exit(void)
ecdfa446 762{
3b148be0 763 lib80211_unregister_crypto_ops(&rtllib_crypt_tkip);
ecdfa446
GKH		 764}
765
d37e0208
SM		 766module_init(rtllib_crypto_tkip_init);
767module_exit(rtllib_crypto_tkip_exit);
768
769MODULE_LICENSE("GPL");
kernel source for telekom puls (alcatel/mediatek)