1/* $OpenBSD: ieee80211_crypto.h,v 1.27 2020/05/15 14:21:09 stsp Exp $ */ 2 3/*- 4 * Copyright (c) 2007,2008 Damien Bergamini <damien.bergamini@free.fr> 5 * 6 * Permission to use, copy, modify, and distribute this software for any 7 * purpose with or without fee is hereby granted, provided that the above 8 * copyright notice and this permission notice appear in all copies. 9 * 10 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 11 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 12 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 13 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 14 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 15 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 16 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 17 */ 18 19#ifndef _NET80211_IEEE80211_CRYPTO_H_ 20#define _NET80211_IEEE80211_CRYPTO_H_ 21 22/* 23 * 802.11 protocol crypto-related definitions. 24 */ 25 26/* 27 * 802.11 ciphers. 28 */ 29enum ieee80211_cipher { 30 IEEE80211_CIPHER_NONE = 0x00000000, 31 IEEE80211_CIPHER_USEGROUP = 0x00000001, 32 IEEE80211_CIPHER_WEP40 = 0x00000002, 33 IEEE80211_CIPHER_TKIP = 0x00000004, 34 IEEE80211_CIPHER_CCMP = 0x00000008, 35 IEEE80211_CIPHER_WEP104 = 0x00000010, 36 IEEE80211_CIPHER_BIP = 0x00000020 /* 11w */ 37}; 38 39/* 40 * 802.11 Authentication and Key Management Protocols. 41 */ 42enum ieee80211_akm { 43 IEEE80211_AKM_NONE = 0x00000000, 44 IEEE80211_AKM_8021X = 0x00000001, 45 IEEE80211_AKM_PSK = 0x00000002, 46 IEEE80211_AKM_SHA256_8021X = 0x00000004, /* 11w */ 47 IEEE80211_AKM_SHA256_PSK = 0x00000008 /* 11w */ 48}; 49 50#define IEEE80211_TKIP_HDRLEN 8 51#define IEEE80211_TKIP_MICLEN 8 52#define IEEE80211_TKIP_ICVLEN 4 53#define IEEE80211_CCMP_HDRLEN 8 54#define IEEE80211_CCMP_MICLEN 8 55 56#define IEEE80211_PMK_LEN 32 57 58#ifdef _KERNEL 59 60static __inline int 61ieee80211_is_8021x_akm(enum ieee80211_akm akm) 62{ 63 return akm == IEEE80211_AKM_8021X || 64 akm == IEEE80211_AKM_SHA256_8021X; 65} 66 67static __inline int 68ieee80211_is_sha256_akm(enum ieee80211_akm akm) 69{ 70 return akm == IEEE80211_AKM_SHA256_8021X || 71 akm == IEEE80211_AKM_SHA256_PSK; 72} 73 74struct ieee80211_key { 75 u_int8_t k_id; /* identifier (0-5) */ 76 enum ieee80211_cipher k_cipher; 77 u_int k_flags; 78#define IEEE80211_KEY_GROUP 0x00000001 /* group data key */ 79#define IEEE80211_KEY_TX 0x00000002 /* Tx+Rx */ 80#define IEEE80211_KEY_IGTK 0x00000004 /* integrity group key */ 81#define IEEE80211_KEY_SWCRYPTO 0x00000080 /* loaded for software crypto */ 82 83 u_int k_len; 84 u_int64_t k_rsc[IEEE80211_NUM_TID]; 85 u_int64_t k_mgmt_rsc; 86 u_int64_t k_tsc; 87 u_int8_t k_key[32]; 88 void *k_priv; 89}; 90 91#define IEEE80211_KEYBUF_SIZE 16 92 93/* 94 * Entry in the PMKSA cache. 95 */ 96struct ieee80211_pmk { 97 enum ieee80211_akm pmk_akm; 98 u_int32_t pmk_lifetime; 99#define IEEE80211_PMK_INFINITE 0 100 101 u_int8_t pmk_pmkid[IEEE80211_PMKID_LEN]; 102 u_int8_t pmk_macaddr[IEEE80211_ADDR_LEN]; 103 u_int8_t pmk_key[IEEE80211_PMK_LEN]; 104 105 TAILQ_ENTRY(ieee80211_pmk) pmk_next; 106}; 107 108/* forward references */ 109struct ieee80211com; 110struct ieee80211_node; 111 112void ieee80211_crypto_attach(struct ifnet *); 113void ieee80211_crypto_detach(struct ifnet *); 114 115void ieee80211_crypto_clear_groupkeys(struct ieee80211com *); 116struct ieee80211_key *ieee80211_get_txkey(struct ieee80211com *, 117 const struct ieee80211_frame *, struct ieee80211_node *); 118struct ieee80211_key *ieee80211_get_rxkey(struct ieee80211com *, 119 struct mbuf *, struct ieee80211_node *); 120struct mbuf *ieee80211_encrypt(struct ieee80211com *, struct mbuf *, 121 struct ieee80211_key *); 122struct mbuf *ieee80211_decrypt(struct ieee80211com *, struct mbuf *, 123 struct ieee80211_node *); 124 125int ieee80211_set_key(struct ieee80211com *, struct ieee80211_node *, 126 struct ieee80211_key *); 127void ieee80211_delete_key(struct ieee80211com *, struct ieee80211_node *, 128 struct ieee80211_key *); 129 130void ieee80211_eapol_key_mic(struct ieee80211_eapol_key *, 131 const u_int8_t *); 132int ieee80211_eapol_key_check_mic(struct ieee80211_eapol_key *, 133 const u_int8_t *); 134#ifndef IEEE80211_STA_ONLY 135void ieee80211_eapol_key_encrypt(struct ieee80211com *, 136 struct ieee80211_eapol_key *, const u_int8_t *); 137#endif 138int ieee80211_eapol_key_decrypt(struct ieee80211_eapol_key *, 139 const u_int8_t *); 140 141struct ieee80211_pmk *ieee80211_pmksa_add(struct ieee80211com *, 142 enum ieee80211_akm, const u_int8_t *, const u_int8_t *, u_int32_t); 143struct ieee80211_pmk *ieee80211_pmksa_find(struct ieee80211com *, 144 struct ieee80211_node *, const u_int8_t *); 145void ieee80211_derive_ptk(enum ieee80211_akm, const u_int8_t *, 146 const u_int8_t *, const u_int8_t *, const u_int8_t *, 147 const u_int8_t *, struct ieee80211_ptk *); 148int ieee80211_cipher_keylen(enum ieee80211_cipher); 149 150int ieee80211_wep_set_key(struct ieee80211com *, struct ieee80211_key *); 151void ieee80211_wep_delete_key(struct ieee80211com *, 152 struct ieee80211_key *); 153struct mbuf *ieee80211_wep_encrypt(struct ieee80211com *, struct mbuf *, 154 struct ieee80211_key *); 155struct mbuf *ieee80211_wep_decrypt(struct ieee80211com *, struct mbuf *, 156 struct ieee80211_key *); 157 158int ieee80211_tkip_set_key(struct ieee80211com *, struct ieee80211_key *); 159void ieee80211_tkip_delete_key(struct ieee80211com *, 160 struct ieee80211_key *); 161struct mbuf *ieee80211_tkip_encrypt(struct ieee80211com *, 162 struct mbuf *, struct ieee80211_key *); 163int ieee80211_tkip_get_tsc(uint64_t *, uint64_t **, struct mbuf *, 164 struct ieee80211_key *); 165struct mbuf *ieee80211_tkip_decrypt(struct ieee80211com *, 166 struct mbuf *, struct ieee80211_key *); 167void ieee80211_tkip_mic(struct mbuf *, int, const u_int8_t *, 168 u_int8_t[IEEE80211_TKIP_MICLEN]); 169void ieee80211_michael_mic_failure(struct ieee80211com *, u_int64_t); 170#ifndef IEEE80211_STA_ONLY 171void ieee80211_michael_mic_failure_timeout(void *); 172#endif 173 174int ieee80211_ccmp_set_key(struct ieee80211com *, struct ieee80211_key *); 175void ieee80211_ccmp_delete_key(struct ieee80211com *, 176 struct ieee80211_key *); 177struct mbuf *ieee80211_ccmp_encrypt(struct ieee80211com *, struct mbuf *, 178 struct ieee80211_key *); 179int ieee80211_ccmp_get_pn(uint64_t *, uint64_t **, struct mbuf *, 180 struct ieee80211_key *); 181struct mbuf *ieee80211_ccmp_decrypt(struct ieee80211com *, struct mbuf *, 182 struct ieee80211_key *); 183 184int ieee80211_bip_set_key(struct ieee80211com *, struct ieee80211_key *); 185void ieee80211_bip_delete_key(struct ieee80211com *, 186 struct ieee80211_key *); 187struct mbuf *ieee80211_bip_encap(struct ieee80211com *, struct mbuf *, 188 struct ieee80211_key *); 189struct mbuf *ieee80211_bip_decap(struct ieee80211com *, struct mbuf *, 190 struct ieee80211_key *); 191 192#endif /* _KERNEL */ 193#endif /* _NET80211_IEEE80211_CRYPTO_H_ */ 194