1 /* $OpenBSD: ieee80211_crypto.h,v 1.27 2020/05/15 14:21:09 stsp Exp $ */ 2 3 /*- 4 * Copyright (c) 2007,2008 Damien Bergamini <damien.bergamini@free.fr> 5 * 6 * Permission to use, copy, modify, and distribute this software for any 7 * purpose with or without fee is hereby granted, provided that the above 8 * copyright notice and this permission notice appear in all copies. 9 * 10 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 11 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 12 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 13 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 14 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 15 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 16 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 17 */ 18 19 #ifndef _NET80211_IEEE80211_CRYPTO_H_ 20 #define _NET80211_IEEE80211_CRYPTO_H_ 21 22 /* 23 * 802.11 protocol crypto-related definitions. 24 */ 25 26 /* 27 * 802.11 ciphers. 28 */ 29 enum ieee80211_cipher { 30 IEEE80211_CIPHER_NONE = 0x00000000, 31 IEEE80211_CIPHER_USEGROUP = 0x00000001, 32 IEEE80211_CIPHER_WEP40 = 0x00000002, 33 IEEE80211_CIPHER_TKIP = 0x00000004, 34 IEEE80211_CIPHER_CCMP = 0x00000008, 35 IEEE80211_CIPHER_WEP104 = 0x00000010, 36 IEEE80211_CIPHER_BIP = 0x00000020 /* 11w */ 37 }; 38 39 /* 40 * 802.11 Authentication and Key Management Protocols. 41 */ 42 enum ieee80211_akm { 43 IEEE80211_AKM_NONE = 0x00000000, 44 IEEE80211_AKM_8021X = 0x00000001, 45 IEEE80211_AKM_PSK = 0x00000002, 46 IEEE80211_AKM_SHA256_8021X = 0x00000004, /* 11w */ 47 IEEE80211_AKM_SHA256_PSK = 0x00000008 /* 11w */ 48 }; 49 50 #define IEEE80211_TKIP_HDRLEN 8 51 #define IEEE80211_TKIP_MICLEN 8 52 #define IEEE80211_TKIP_ICVLEN 4 53 #define IEEE80211_CCMP_HDRLEN 8 54 #define IEEE80211_CCMP_MICLEN 8 55 56 #define IEEE80211_PMK_LEN 32 57 58 #ifdef _KERNEL 59 60 static __inline int 61 ieee80211_is_8021x_akm(enum ieee80211_akm akm) 62 { 63 return akm == IEEE80211_AKM_8021X || 64 akm == IEEE80211_AKM_SHA256_8021X; 65 } 66 67 static __inline int 68 ieee80211_is_sha256_akm(enum ieee80211_akm akm) 69 { 70 return akm == IEEE80211_AKM_SHA256_8021X || 71 akm == IEEE80211_AKM_SHA256_PSK; 72 } 73 74 struct ieee80211_key { 75 u_int8_t k_id; /* identifier (0-5) */ 76 enum ieee80211_cipher k_cipher; 77 u_int k_flags; 78 #define IEEE80211_KEY_GROUP 0x00000001 /* group data key */ 79 #define IEEE80211_KEY_TX 0x00000002 /* Tx+Rx */ 80 #define IEEE80211_KEY_IGTK 0x00000004 /* integrity group key */ 81 #define IEEE80211_KEY_SWCRYPTO 0x00000080 /* loaded for software crypto */ 82 83 u_int k_len; 84 u_int64_t k_rsc[IEEE80211_NUM_TID]; 85 u_int64_t k_mgmt_rsc; 86 u_int64_t k_tsc; 87 u_int8_t k_key[32]; 88 void *k_priv; 89 }; 90 91 #define IEEE80211_KEYBUF_SIZE 16 92 93 /* 94 * Entry in the PMKSA cache. 95 */ 96 struct ieee80211_pmk { 97 enum ieee80211_akm pmk_akm; 98 u_int32_t pmk_lifetime; 99 #define IEEE80211_PMK_INFINITE 0 100 101 u_int8_t pmk_pmkid[IEEE80211_PMKID_LEN]; 102 u_int8_t pmk_macaddr[IEEE80211_ADDR_LEN]; 103 u_int8_t pmk_key[IEEE80211_PMK_LEN]; 104 105 TAILQ_ENTRY(ieee80211_pmk) pmk_next; 106 }; 107 108 /* forward references */ 109 struct ieee80211com; 110 struct ieee80211_node; 111 112 void ieee80211_crypto_attach(struct ifnet *); 113 void ieee80211_crypto_detach(struct ifnet *); 114 115 void ieee80211_crypto_clear_groupkeys(struct ieee80211com *); 116 struct ieee80211_key *ieee80211_get_txkey(struct ieee80211com *, 117 const struct ieee80211_frame *, struct ieee80211_node *); 118 struct ieee80211_key *ieee80211_get_rxkey(struct ieee80211com *, 119 struct mbuf *, struct ieee80211_node *); 120 struct mbuf *ieee80211_encrypt(struct ieee80211com *, struct mbuf *, 121 struct ieee80211_key *); 122 struct mbuf *ieee80211_decrypt(struct ieee80211com *, struct mbuf *, 123 struct ieee80211_node *); 124 125 int ieee80211_set_key(struct ieee80211com *, struct ieee80211_node *, 126 struct ieee80211_key *); 127 void ieee80211_delete_key(struct ieee80211com *, struct ieee80211_node *, 128 struct ieee80211_key *); 129 130 void ieee80211_eapol_key_mic(struct ieee80211_eapol_key *, 131 const u_int8_t *); 132 int ieee80211_eapol_key_check_mic(struct ieee80211_eapol_key *, 133 const u_int8_t *); 134 #ifndef IEEE80211_STA_ONLY 135 void ieee80211_eapol_key_encrypt(struct ieee80211com *, 136 struct ieee80211_eapol_key *, const u_int8_t *); 137 #endif 138 int ieee80211_eapol_key_decrypt(struct ieee80211_eapol_key *, 139 const u_int8_t *); 140 141 struct ieee80211_pmk *ieee80211_pmksa_add(struct ieee80211com *, 142 enum ieee80211_akm, const u_int8_t *, const u_int8_t *, u_int32_t); 143 struct ieee80211_pmk *ieee80211_pmksa_find(struct ieee80211com *, 144 struct ieee80211_node *, const u_int8_t *); 145 void ieee80211_derive_ptk(enum ieee80211_akm, const u_int8_t *, 146 const u_int8_t *, const u_int8_t *, const u_int8_t *, 147 const u_int8_t *, struct ieee80211_ptk *); 148 int ieee80211_cipher_keylen(enum ieee80211_cipher); 149 150 int ieee80211_wep_set_key(struct ieee80211com *, struct ieee80211_key *); 151 void ieee80211_wep_delete_key(struct ieee80211com *, 152 struct ieee80211_key *); 153 struct mbuf *ieee80211_wep_encrypt(struct ieee80211com *, struct mbuf *, 154 struct ieee80211_key *); 155 struct mbuf *ieee80211_wep_decrypt(struct ieee80211com *, struct mbuf *, 156 struct ieee80211_key *); 157 158 int ieee80211_tkip_set_key(struct ieee80211com *, struct ieee80211_key *); 159 void ieee80211_tkip_delete_key(struct ieee80211com *, 160 struct ieee80211_key *); 161 struct mbuf *ieee80211_tkip_encrypt(struct ieee80211com *, 162 struct mbuf *, struct ieee80211_key *); 163 int ieee80211_tkip_get_tsc(uint64_t *, uint64_t **, struct mbuf *, 164 struct ieee80211_key *); 165 struct mbuf *ieee80211_tkip_decrypt(struct ieee80211com *, 166 struct mbuf *, struct ieee80211_key *); 167 void ieee80211_tkip_mic(struct mbuf *, int, const u_int8_t *, 168 u_int8_t[IEEE80211_TKIP_MICLEN]); 169 void ieee80211_michael_mic_failure(struct ieee80211com *, u_int64_t); 170 #ifndef IEEE80211_STA_ONLY 171 void ieee80211_michael_mic_failure_timeout(void *); 172 #endif 173 174 int ieee80211_ccmp_set_key(struct ieee80211com *, struct ieee80211_key *); 175 void ieee80211_ccmp_delete_key(struct ieee80211com *, 176 struct ieee80211_key *); 177 struct mbuf *ieee80211_ccmp_encrypt(struct ieee80211com *, struct mbuf *, 178 struct ieee80211_key *); 179 int ieee80211_ccmp_get_pn(uint64_t *, uint64_t **, struct mbuf *, 180 struct ieee80211_key *); 181 struct mbuf *ieee80211_ccmp_decrypt(struct ieee80211com *, struct mbuf *, 182 struct ieee80211_key *); 183 184 int ieee80211_bip_set_key(struct ieee80211com *, struct ieee80211_key *); 185 void ieee80211_bip_delete_key(struct ieee80211com *, 186 struct ieee80211_key *); 187 struct mbuf *ieee80211_bip_encap(struct ieee80211com *, struct mbuf *, 188 struct ieee80211_key *); 189 struct mbuf *ieee80211_bip_decap(struct ieee80211com *, struct mbuf *, 190 struct ieee80211_key *); 191 192 #endif /* _KERNEL */ 193 #endif /* _NET80211_IEEE80211_CRYPTO_H_ */ 194