The Design and Implementation of the FreeBSD Operating System, Second Edition
Now available: The Design and Implementation of the FreeBSD Operating System (Second Edition)


[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]

FreeBSD/Linux Kernel Cross Reference
sys/net80211/ieee80211_crypto.h

Version: -  FREEBSD  -  FREEBSD-13-STABLE  -  FREEBSD-13-0  -  FREEBSD-12-STABLE  -  FREEBSD-12-0  -  FREEBSD-11-STABLE  -  FREEBSD-11-0  -  FREEBSD-10-STABLE  -  FREEBSD-10-0  -  FREEBSD-9-STABLE  -  FREEBSD-9-0  -  FREEBSD-8-STABLE  -  FREEBSD-8-0  -  FREEBSD-7-STABLE  -  FREEBSD-7-0  -  FREEBSD-6-STABLE  -  FREEBSD-6-0  -  FREEBSD-5-STABLE  -  FREEBSD-5-0  -  FREEBSD-4-STABLE  -  FREEBSD-3-STABLE  -  FREEBSD22  -  l41  -  OPENBSD  -  linux-2.6  -  MK84  -  PLAN9  -  xnu-8792 
SearchContext: -  none  -  3  -  10 

    1 /*-
    2  * Copyright (c) 2001 Atsushi Onoe
    3  * Copyright (c) 2002-2005 Sam Leffler, Errno Consulting
    4  * All rights reserved.
    5  *
    6  * Redistribution and use in source and binary forms, with or without
    7  * modification, are permitted provided that the following conditions
    8  * are met:
    9  * 1. Redistributions of source code must retain the above copyright
   10  *    notice, this list of conditions and the following disclaimer.
   11  * 2. Redistributions in binary form must reproduce the above copyright
   12  *    notice, this list of conditions and the following disclaimer in the
   13  *    documentation and/or other materials provided with the distribution.
   14  * 3. The name of the author may not be used to endorse or promote products
   15  *    derived from this software without specific prior written permission.
   16  *
   17  * Alternatively, this software may be distributed under the terms of the
   18  * GNU General Public License ("GPL") version 2 as published by the Free
   19  * Software Foundation.
   20  *
   21  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
   22  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
   23  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
   24  * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
   25  * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
   26  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
   27  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
   28  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
   29  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
   30  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
   31  *
   32  * $FreeBSD: releng/6.2/sys/net80211/ieee80211_crypto.h 149772 2005-09-03 22:40:02Z sam $
   33  */
   34 #ifndef _NET80211_IEEE80211_CRYPTO_H_
   35 #define _NET80211_IEEE80211_CRYPTO_H_
   36 
   37 /*
   38  * 802.11 protocol crypto-related definitions.
   39  */
   40 #define IEEE80211_KEYBUF_SIZE   16
   41 #define IEEE80211_MICBUF_SIZE   (8+8)   /* space for both tx+rx keys */
   42 
   43 /*
   44  * Old WEP-style key.  Deprecated.
   45  */
   46 struct ieee80211_wepkey {
   47         u_int           wk_len;         /* key length in bytes */
   48         u_int8_t        wk_key[IEEE80211_KEYBUF_SIZE];
   49 };
   50 
   51 struct ieee80211_cipher;
   52 
   53 /*
   54  * Crypto key state.  There is sufficient room for all supported
   55  * ciphers (see below).  The underlying ciphers are handled
   56  * separately through loadable cipher modules that register with
   57  * the generic crypto support.  A key has a reference to an instance
   58  * of the cipher; any per-key state is hung off wk_private by the
   59  * cipher when it is attached.  Ciphers are automatically called
   60  * to detach and cleanup any such state when the key is deleted.
   61  *
   62  * The generic crypto support handles encap/decap of cipher-related
   63  * frame contents for both hardware- and software-based implementations.
   64  * A key requiring software crypto support is automatically flagged and
   65  * the cipher is expected to honor this and do the necessary work.
   66  * Ciphers such as TKIP may also support mixed hardware/software
   67  * encrypt/decrypt and MIC processing.
   68  */
   69 typedef u_int16_t ieee80211_keyix;      /* h/w key index */
   70 
   71 struct ieee80211_key {
   72         u_int8_t        wk_keylen;      /* key length in bytes */
   73         u_int8_t        wk_pad;
   74         u_int16_t       wk_flags;
   75 #define IEEE80211_KEY_XMIT      0x01    /* key used for xmit */
   76 #define IEEE80211_KEY_RECV      0x02    /* key used for recv */
   77 #define IEEE80211_KEY_GROUP     0x04    /* key used for WPA group operation */
   78 #define IEEE80211_KEY_SWCRYPT   0x10    /* host-based encrypt/decrypt */
   79 #define IEEE80211_KEY_SWMIC     0x20    /* host-based enmic/demic */
   80         ieee80211_keyix wk_keyix;       /* h/w key index */
   81         ieee80211_keyix wk_rxkeyix;     /* optional h/w rx key index */
   82         u_int8_t        wk_key[IEEE80211_KEYBUF_SIZE+IEEE80211_MICBUF_SIZE];
   83 #define wk_txmic        wk_key+IEEE80211_KEYBUF_SIZE+0  /* XXX can't () right */
   84 #define wk_rxmic        wk_key+IEEE80211_KEYBUF_SIZE+8  /* XXX can't () right */
   85         u_int64_t       wk_keyrsc;      /* key receive sequence counter */
   86         u_int64_t       wk_keytsc;      /* key transmit sequence counter */
   87         const struct ieee80211_cipher *wk_cipher;
   88         void            *wk_private;    /* private cipher state */
   89 };
   90 #define IEEE80211_KEY_COMMON            /* common flags passed in by apps */\
   91         (IEEE80211_KEY_XMIT | IEEE80211_KEY_RECV | IEEE80211_KEY_GROUP)
   92 
   93 /*
   94  * NB: these values are ordered carefully; there are lots of
   95  * of implications in any reordering.  In particular beware
   96  * that 4 is not used to avoid conflicting with IEEE80211_F_PRIVACY.
   97  */
   98 #define IEEE80211_CIPHER_WEP            0
   99 #define IEEE80211_CIPHER_TKIP           1
  100 #define IEEE80211_CIPHER_AES_OCB        2
  101 #define IEEE80211_CIPHER_AES_CCM        3
  102 #define IEEE80211_CIPHER_CKIP           5
  103 #define IEEE80211_CIPHER_NONE           6       /* pseudo value */
  104 
  105 #define IEEE80211_CIPHER_MAX            (IEEE80211_CIPHER_NONE+1)
  106 
  107 #define IEEE80211_KEYIX_NONE    ((ieee80211_keyix) -1)
  108 
  109 #if defined(__KERNEL__) || defined(_KERNEL)
  110 
  111 struct ieee80211com;
  112 struct ieee80211_node;
  113 struct mbuf;
  114 
  115 /*
  116  * Crypto state kept in each ieee80211com.  Some of this
  117  * can/should be shared when virtual AP's are supported.
  118  *
  119  * XXX save reference to ieee80211com to properly encapsulate state.
  120  * XXX split out crypto capabilities from ic_caps
  121  */
  122 struct ieee80211_crypto_state {
  123         struct ieee80211_key    cs_nw_keys[IEEE80211_WEP_NKID];
  124         ieee80211_keyix         cs_def_txkey;   /* default/group tx key index */
  125         u_int16_t               cs_max_keyix;   /* max h/w key index */
  126 
  127         int                     (*cs_key_alloc)(struct ieee80211com *,
  128                                         const struct ieee80211_key *,
  129                                         ieee80211_keyix *, ieee80211_keyix *);
  130         int                     (*cs_key_delete)(struct ieee80211com *, 
  131                                         const struct ieee80211_key *);
  132         int                     (*cs_key_set)(struct ieee80211com *,
  133                                         const struct ieee80211_key *,
  134                                         const u_int8_t mac[IEEE80211_ADDR_LEN]);
  135         void                    (*cs_key_update_begin)(struct ieee80211com *);
  136         void                    (*cs_key_update_end)(struct ieee80211com *);
  137 };
  138 
  139 void    ieee80211_crypto_attach(struct ieee80211com *);
  140 void    ieee80211_crypto_detach(struct ieee80211com *);
  141 int     ieee80211_crypto_newkey(struct ieee80211com *,
  142                 int cipher, int flags, struct ieee80211_key *);
  143 int     ieee80211_crypto_delkey(struct ieee80211com *,
  144                 struct ieee80211_key *);
  145 int     ieee80211_crypto_setkey(struct ieee80211com *,
  146                 struct ieee80211_key *, const u_int8_t macaddr[IEEE80211_ADDR_LEN]);
  147 void    ieee80211_crypto_delglobalkeys(struct ieee80211com *);
  148 
  149 /*
  150  * Template for a supported cipher.  Ciphers register with the
  151  * crypto code and are typically loaded as separate modules
  152  * (the null cipher is always present).
  153  * XXX may need refcnts
  154  */
  155 struct ieee80211_cipher {
  156         const char *ic_name;            /* printable name */
  157         u_int   ic_cipher;              /* IEEE80211_CIPHER_* */
  158         u_int   ic_header;              /* size of privacy header (bytes) */
  159         u_int   ic_trailer;             /* size of privacy trailer (bytes) */
  160         u_int   ic_miclen;              /* size of mic trailer (bytes) */
  161         void*   (*ic_attach)(struct ieee80211com *, struct ieee80211_key *);
  162         void    (*ic_detach)(struct ieee80211_key *);
  163         int     (*ic_setkey)(struct ieee80211_key *);
  164         int     (*ic_encap)(struct ieee80211_key *, struct mbuf *,
  165                         u_int8_t keyid);
  166         int     (*ic_decap)(struct ieee80211_key *, struct mbuf *, int);
  167         int     (*ic_enmic)(struct ieee80211_key *, struct mbuf *, int);
  168         int     (*ic_demic)(struct ieee80211_key *, struct mbuf *, int);
  169 };
  170 extern  const struct ieee80211_cipher ieee80211_cipher_none;
  171 
  172 void    ieee80211_crypto_register(const struct ieee80211_cipher *);
  173 void    ieee80211_crypto_unregister(const struct ieee80211_cipher *);
  174 int     ieee80211_crypto_available(u_int cipher);
  175 
  176 struct ieee80211_key *ieee80211_crypto_encap(struct ieee80211com *,
  177                 struct ieee80211_node *, struct mbuf *);
  178 struct ieee80211_key *ieee80211_crypto_decap(struct ieee80211com *,
  179                 struct ieee80211_node *, struct mbuf *, int);
  180 
  181 /*
  182  * Check and remove any MIC.
  183  */
  184 static __inline int
  185 ieee80211_crypto_demic(struct ieee80211com *ic, struct ieee80211_key *k,
  186         struct mbuf *m, int force)
  187 {
  188         const struct ieee80211_cipher *cip = k->wk_cipher;
  189         return (cip->ic_miclen > 0 ? cip->ic_demic(k, m, force) : 1);
  190 }
  191 
  192 /*
  193  * Add any MIC.
  194  */
  195 static __inline int
  196 ieee80211_crypto_enmic(struct ieee80211com *ic,
  197         struct ieee80211_key *k, struct mbuf *m, int force)
  198 {
  199         const struct ieee80211_cipher *cip = k->wk_cipher;
  200         return (cip->ic_miclen > 0 ? cip->ic_enmic(k, m, force) : 1);
  201 }
  202 
  203 /* 
  204  * Reset key state to an unused state.  The crypto
  205  * key allocation mechanism insures other state (e.g.
  206  * key data) is properly setup before a key is used.
  207  */
  208 static __inline void
  209 ieee80211_crypto_resetkey(struct ieee80211com *ic,
  210         struct ieee80211_key *k, ieee80211_keyix ix)
  211 {
  212         k->wk_cipher = &ieee80211_cipher_none;;
  213         k->wk_private = k->wk_cipher->ic_attach(ic, k);
  214         k->wk_keyix = k->wk_rxkeyix = ix;
  215         k->wk_flags = IEEE80211_KEY_XMIT | IEEE80211_KEY_RECV;
  216 }
  217 
  218 /*
  219  * Crypt-related notification methods.
  220  */
  221 void    ieee80211_notify_replay_failure(struct ieee80211com *,
  222                 const struct ieee80211_frame *, const struct ieee80211_key *,
  223                 u_int64_t rsc);
  224 void    ieee80211_notify_michael_failure(struct ieee80211com *,
  225                 const struct ieee80211_frame *, u_int keyix);
  226 #endif /* defined(__KERNEL__) || defined(_KERNEL) */
  227 #endif /* _NET80211_IEEE80211_CRYPTO_H_ */

Cache object: 42d99afc9756ff18c906d0510cbc9cfb


[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]


This page is part of the FreeBSD/Linux Linux Kernel Cross-Reference, and was automatically generated using a modified version of the LXR engine.