Home | History | Annotate | Line # | Download | only in net80211
ieee80211_crypto.c revision 1.5
      1 /*	$NetBSD: ieee80211_crypto.c,v 1.5 2003/12/14 09:56:53 dyoung Exp $	*/
      2 /*-
      3  * Copyright (c) 2001 Atsushi Onoe
      4  * Copyright (c) 2002, 2003 Sam Leffler, Errno Consulting
      5  * All rights reserved.
      6  *
      7  * Redistribution and use in source and binary forms, with or without
      8  * modification, are permitted provided that the following conditions
      9  * are met:
     10  * 1. Redistributions of source code must retain the above copyright
     11  *    notice, this list of conditions and the following disclaimer.
     12  * 2. Redistributions in binary form must reproduce the above copyright
     13  *    notice, this list of conditions and the following disclaimer in the
     14  *    documentation and/or other materials provided with the distribution.
     15  * 3. The name of the author may not be used to endorse or promote products
     16  *    derived from this software without specific prior written permission.
     17  *
     18  * Alternatively, this software may be distributed under the terms of the
     19  * GNU General Public License ("GPL") version 2 as published by the Free
     20  * Software Foundation.
     21  *
     22  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
     23  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
     24  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
     25  * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
     26  * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
     27  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
     28  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
     29  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
     30  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
     31  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
     32  */
     33 
     34 #include <sys/cdefs.h>
     35 #ifdef __FreeBSD__
     36 __FBSDID("$FreeBSD: src/sys/net80211/ieee80211_crypto.c,v 1.3 2003/10/17 23:15:30 sam Exp $");
     37 #else
     38 __KERNEL_RCSID(0, "$NetBSD: ieee80211_crypto.c,v 1.5 2003/12/14 09:56:53 dyoung Exp $");
     39 #endif
     40 
     41 #include "opt_inet.h"
     42 
     43 #include <sys/param.h>
     44 #include <sys/systm.h>
     45 #include <sys/mbuf.h>
     46 #include <sys/malloc.h>
     47 #include <sys/kernel.h>
     48 #include <sys/socket.h>
     49 #include <sys/sockio.h>
     50 #include <sys/endian.h>
     51 #include <sys/errno.h>
     52 #ifdef __FreeBSD__
     53 #include <sys/bus.h>
     54 #endif
     55 #include <sys/proc.h>
     56 #include <sys/sysctl.h>
     57 
     58 #ifdef __FreeBSD__
     59 #include <machine/atomic.h>
     60 #endif
     61 
     62 #include <net/if.h>
     63 #include <net/if_dl.h>
     64 #include <net/if_media.h>
     65 #include <net/if_arp.h>
     66 #ifdef __FreeBSD__
     67 #include <net/ethernet.h>
     68 #else
     69 #include <net/if_ether.h>
     70 #endif
     71 #include <net/if_llc.h>
     72 
     73 #include <net80211/ieee80211_var.h>
     74 #include <net80211/ieee80211_compat.h>
     75 
     76 #include <net/bpf.h>
     77 
     78 #ifdef INET
     79 #include <netinet/in.h>
     80 #ifdef __FreeBSD__
     81 #include <netinet/if_ether.h>
     82 #else
     83 #include <net/if_ether.h>
     84 #endif
     85 #endif
     86 
     87 #ifdef __FreeBSD__
     88 #include <crypto/rc4/rc4.h>
     89 #define	arc4_ctxlen()			sizeof (struct rc4_state)
     90 #define	arc4_setkey(_c,_k,_l)		rc4_init(_c,_k,_l)
     91 #define	arc4_encrypt(_c,_d,_s,_l)	rc4_crypt(_c,_s,_d,_l)
     92 #else
     93 #include <crypto/arc4/arc4.h>
     94 #endif
     95 
     96 static	void ieee80211_crc_init(void);
     97 static	u_int32_t ieee80211_crc_update(u_int32_t crc, u_int8_t *buf, int len);
     98 
     99 void
    100 ieee80211_crypto_attach(struct ifnet *ifp)
    101 {
    102 	struct ieee80211com *ic = (void *)ifp;
    103 
    104 	/*
    105 	 * Setup crypto support.
    106 	 */
    107 	ieee80211_crc_init();
    108 	ic->ic_iv = arc4random();
    109 }
    110 
    111 void
    112 ieee80211_crypto_detach(struct ifnet *ifp)
    113 {
    114 	struct ieee80211com *ic = (void *)ifp;
    115 
    116 	if (ic->ic_wep_ctx != NULL) {
    117 		free(ic->ic_wep_ctx, M_DEVBUF);
    118 		ic->ic_wep_ctx = NULL;
    119 	}
    120 }
    121 
    122 struct mbuf *
    123 ieee80211_wep_crypt(struct ifnet *ifp, struct mbuf *m0, int txflag)
    124 {
    125 	struct ieee80211com *ic = (void *)ifp;
    126 	struct mbuf *m, *n, *n0;
    127 	struct ieee80211_frame *wh;
    128 	int i, left, len, moff, noff, kid;
    129 	u_int32_t iv, crc;
    130 	u_int8_t *ivp;
    131 	void *ctx;
    132 	u_int8_t keybuf[IEEE80211_WEP_IVLEN + IEEE80211_KEYBUF_SIZE];
    133 	u_int8_t crcbuf[IEEE80211_WEP_CRCLEN];
    134 
    135 	n0 = NULL;
    136 	if ((ctx = ic->ic_wep_ctx) == NULL) {
    137 		ctx = malloc(arc4_ctxlen(), M_DEVBUF, M_NOWAIT);
    138 		if (ctx == NULL) {
    139 			ic->ic_stats.is_crypto_nomem++;
    140 			goto fail;
    141 		}
    142 		ic->ic_wep_ctx = ctx;
    143 	}
    144 	m = m0;
    145 	left = m->m_pkthdr.len;
    146 	MGET(n, M_DONTWAIT, m->m_type);
    147 	n0 = n;
    148 	if (n == NULL) {
    149 		if (txflag)
    150 			ic->ic_stats.is_tx_nombuf++;
    151 		else
    152 			ic->ic_stats.is_rx_nombuf++;
    153 		goto fail;
    154 	}
    155 #ifdef __FreeBSD__
    156 	M_MOVE_PKTHDR(n, m);
    157 #else
    158 	M_COPY_PKTHDR(n, m);
    159 #endif
    160 	len = IEEE80211_WEP_IVLEN + IEEE80211_WEP_KIDLEN + IEEE80211_WEP_CRCLEN;
    161 	if (txflag) {
    162 		n->m_pkthdr.len += len;
    163 	} else {
    164 		n->m_pkthdr.len -= len;
    165 		left -= len;
    166 	}
    167 	n->m_len = MHLEN;
    168 	if (n->m_pkthdr.len >= MINCLSIZE) {
    169 		MCLGET(n, M_DONTWAIT);
    170 		if (n->m_flags & M_EXT)
    171 			n->m_len = n->m_ext.ext_size;
    172 	}
    173 	len = sizeof(struct ieee80211_frame);
    174 	memcpy(mtod(n, caddr_t), mtod(m, caddr_t), len);
    175 	wh = mtod(n, struct ieee80211_frame *);
    176 	left -= len;
    177 	moff = len;
    178 	noff = len;
    179 	if (txflag) {
    180 		kid = ic->ic_wep_txkey;
    181 		wh->i_fc[1] |= IEEE80211_FC1_WEP;
    182                 iv = ic->ic_iv;
    183 		/*
    184 		 * Skip 'bad' IVs from Fluhrer/Mantin/Shamir:
    185 		 * (B, 255, N) with 3 <= B < 8
    186 		 */
    187 		if (iv >= 0x03ff00 &&
    188 		    (iv & 0xf8ff00) == 0x00ff00)
    189 			iv += 0x000100;
    190 		ic->ic_iv = iv + 1;
    191 		/* put iv in little endian to prepare 802.11i */
    192 		ivp = mtod(n, u_int8_t *) + noff;
    193 		for (i = 0; i < IEEE80211_WEP_IVLEN; i++) {
    194 			ivp[i] = iv & 0xff;
    195 			iv >>= 8;
    196 		}
    197 		ivp[IEEE80211_WEP_IVLEN] = kid << 6;	/* pad and keyid */
    198 		noff += IEEE80211_WEP_IVLEN + IEEE80211_WEP_KIDLEN;
    199 	} else {
    200 		wh->i_fc[1] &= ~IEEE80211_FC1_WEP;
    201 		ivp = mtod(m, u_int8_t *) + moff;
    202 		kid = ivp[IEEE80211_WEP_IVLEN] >> 6;
    203 		moff += IEEE80211_WEP_IVLEN + IEEE80211_WEP_KIDLEN;
    204 	}
    205 	memcpy(keybuf, ivp, IEEE80211_WEP_IVLEN);
    206 	memcpy(keybuf + IEEE80211_WEP_IVLEN, ic->ic_nw_keys[kid].wk_key,
    207 	    ic->ic_nw_keys[kid].wk_len);
    208 	arc4_setkey(ctx, keybuf,
    209 	    IEEE80211_WEP_IVLEN + ic->ic_nw_keys[kid].wk_len);
    210 
    211 	/* encrypt with calculating CRC */
    212 	crc = ~0;
    213 	while (left > 0) {
    214 		len = m->m_len - moff;
    215 		if (len == 0) {
    216 			m = m->m_next;
    217 			moff = 0;
    218 			continue;
    219 		}
    220 		if (len > n->m_len - noff) {
    221 			len = n->m_len - noff;
    222 			if (len == 0) {
    223 				MGET(n->m_next, M_DONTWAIT, n->m_type);
    224 				if (n->m_next == NULL) {
    225 					if (txflag)
    226 						ic->ic_stats.is_tx_nombuf++;
    227 					else
    228 						ic->ic_stats.is_rx_nombuf++;
    229 					goto fail;
    230 				}
    231 				n = n->m_next;
    232 				n->m_len = MLEN;
    233 				if (left >= MINCLSIZE) {
    234 					MCLGET(n, M_DONTWAIT);
    235 					if (n->m_flags & M_EXT)
    236 						n->m_len = n->m_ext.ext_size;
    237 				}
    238 				noff = 0;
    239 				continue;
    240 			}
    241 		}
    242 		if (len > left)
    243 			len = left;
    244 		arc4_encrypt(ctx, mtod(n, caddr_t) + noff,
    245 		    mtod(m, caddr_t) + moff, len);
    246 		if (txflag)
    247 			crc = ieee80211_crc_update(crc,
    248 			    mtod(m, u_int8_t *) + moff, len);
    249 		else
    250 			crc = ieee80211_crc_update(crc,
    251 			    mtod(n, u_int8_t *) + noff, len);
    252 		left -= len;
    253 		moff += len;
    254 		noff += len;
    255 	}
    256 	crc = ~crc;
    257 	if (txflag) {
    258 		*(u_int32_t *)crcbuf = htole32(crc);
    259 		if (n->m_len >= noff + sizeof(crcbuf))
    260 			n->m_len = noff + sizeof(crcbuf);
    261 		else {
    262 			n->m_len = noff;
    263 			MGET(n->m_next, M_DONTWAIT, n->m_type);
    264 			if (n->m_next == NULL) {
    265 				ic->ic_stats.is_tx_nombuf++;
    266 				goto fail;
    267 			}
    268 			n = n->m_next;
    269 			n->m_len = sizeof(crcbuf);
    270 			noff = 0;
    271 		}
    272 		arc4_encrypt(ctx, mtod(n, caddr_t) + noff, crcbuf,
    273 		    sizeof(crcbuf));
    274 	} else {
    275 		n->m_len = noff;
    276 		for (noff = 0; noff < sizeof(crcbuf); noff += len) {
    277 			len = sizeof(crcbuf) - noff;
    278 			if (len > m->m_len - moff)
    279 				len = m->m_len - moff;
    280 			if (len > 0)
    281 				arc4_encrypt(ctx, crcbuf + noff,
    282 				    mtod(m, caddr_t) + moff, len);
    283 			m = m->m_next;
    284 			moff = 0;
    285 		}
    286 		if (crc != le32toh(*(u_int32_t *)crcbuf)) {
    287 #ifdef IEEE80211_DEBUG
    288 			if (ieee80211_debug) {
    289 				if_printf(ifp, "decrypt CRC error\n");
    290 				if (ieee80211_debug > 1)
    291 					ieee80211_dump_pkt(n0->m_data,
    292 					    n0->m_len, -1, -1);
    293 			}
    294 #endif
    295 			ic->ic_stats.is_rx_decryptcrc++;
    296 			goto fail;
    297 		}
    298 	}
    299 	m_freem(m0);
    300 	return n0;
    301 
    302   fail:
    303 	m_freem(m0);
    304 	m_freem(n0);
    305 	return NULL;
    306 }
    307 
    308 /*
    309  * CRC 32 -- routine from RFC 2083
    310  */
    311 
    312 /* Table of CRCs of all 8-bit messages */
    313 static u_int32_t ieee80211_crc_table[256];
    314 
    315 /* Make the table for a fast CRC. */
    316 static void
    317 ieee80211_crc_init(void)
    318 {
    319 	u_int32_t c;
    320 	int n, k;
    321 
    322 	for (n = 0; n < 256; n++) {
    323 		c = (u_int32_t)n;
    324 		for (k = 0; k < 8; k++) {
    325 			if (c & 1)
    326 				c = 0xedb88320UL ^ (c >> 1);
    327 			else
    328 				c = c >> 1;
    329 		}
    330 		ieee80211_crc_table[n] = c;
    331 	}
    332 }
    333 
    334 /*
    335  * Update a running CRC with the bytes buf[0..len-1]--the CRC
    336  * should be initialized to all 1's, and the transmitted value
    337  * is the 1's complement of the final running CRC
    338  */
    339 
    340 static u_int32_t
    341 ieee80211_crc_update(u_int32_t crc, u_int8_t *buf, int len)
    342 {
    343 	u_int8_t *endbuf;
    344 
    345 	for (endbuf = buf + len; buf < endbuf; buf++)
    346 		crc = ieee80211_crc_table[(crc ^ *buf) & 0xff] ^ (crc >> 8);
    347 	return crc;
    348 }
    349