1 /* $NetBSD: awi_wep.c,v 1.4 2000/08/14 11:28:03 onoe Exp $ */
2 /* $FreeBSD: src/sys/dev/awi/awi_wep.c,v 1.3.2.2 2003/01/23 21:06:42 sam Exp $ */
3 /* $DragonFly: src/sys/dev/netif/awi/Attic/awi_wep.c,v 1.3 2003/06/23 17:55:29 dillon Exp $ */
6 * Copyright (c) 2000 The NetBSD Foundation, Inc.
9 * This code is derived from software contributed to The NetBSD Foundation
12 * Redistribution and use in source and binary forms, with or without
13 * modification, are permitted provided that the following conditions
15 * 1. Redistributions of source code must retain the above copyright
16 * notice, this list of conditions and the following disclaimer.
17 * 2. Redistributions in binary form must reproduce the above copyright
18 * notice, this list of conditions and the following disclaimer in the
19 * documentation and/or other materials provided with the distribution.
20 * 3. All advertising materials mentioning features or use of this software
21 * must display the following acknowledgement:
22 * This product includes software developed by the NetBSD
23 * Foundation, Inc. and its contributors.
24 * 4. Neither the name of The NetBSD Foundation nor the names of its
25 * contributors may be used to endorse or promote products derived
26 * from this software without specific prior written permission.
28 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
29 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
30 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
31 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
32 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
33 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
34 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
35 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
36 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
37 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
38 * POSSIBILITY OF SUCH DAMAGE.
42 * WEP support framework for the awi driver.
44 * No actual encryption capability is provided here, but any can be added
45 * to awi_wep_algo table below.
47 * Note that IEEE802.11 specification states WEP uses RC4 with 40bit key,
48 * which is a proprietary encryption algorithm available under license
49 * from RSA Data Security Inc. Using another algorithm, includes null
50 * encryption provided here, the awi driver cannot be able to communicate
51 * with other stations.
54 #include <sys/param.h>
55 #include <sys/systm.h>
56 #include <sys/kernel.h>
58 #include <sys/malloc.h>
60 #include <sys/socket.h>
61 #include <sys/errno.h>
62 #include <sys/sockio.h>
63 #if defined(__FreeBSD__) && __FreeBSD__ >= 4
66 #include <sys/device.h>
70 #include <net/if_dl.h>
72 #include <net/ethernet.h>
73 #include <net/if_arp.h>
75 #include <net/if_ether.h>
77 #include <net/if_media.h>
78 #include <net/if_ieee80211.h>
80 #include <machine/cpu.h>
81 #include <machine/bus.h>
83 #include <machine/clock.h>
87 #include <dev/ic/am79c930reg.h>
88 #include <dev/ic/am79c930var.h>
89 #include <dev/ic/awireg.h>
90 #include <dev/ic/awivar.h>
92 #include <crypto/arc4/arc4.h>
96 #include <dev/awi/am79c930reg.h>
97 #include <dev/awi/am79c930var.h>
98 #include <dev/awi/awireg.h>
99 #include <dev/awi/awivar.h>
101 #include <crypto/rc4/rc4.h>
105 return sizeof(struct rc4_state);
109 arc4_setkey(void *ctx, u_int8_t *key, int keylen)
111 rc4_init(ctx, key, keylen);
115 arc4_encrypt(void *ctx, u_int8_t *dst, u_int8_t *src, int len)
117 rc4_crypt(ctx, src, dst, len);
121 static void awi_crc_init __P((void));
122 static u_int32_t awi_crc_update __P((u_int32_t crc, u_int8_t *buf, int len));
124 static int awi_null_ctxlen __P((void));
125 static void awi_null_setkey __P((void *ctx, u_int8_t *key, int keylen));
126 static void awi_null_copy __P((void *ctx, u_int8_t *dst, u_int8_t *src, int len));
128 /* XXX: the order should be known to wiconfig/user */
130 static struct awi_wep_algo awi_wep_algo[] = {
132 { "no" }, /* dummy for no wep */
134 /* 1: normal wep (arc4) */
135 { "arc4", arc4_ctxlen, arc4_setkey,
136 arc4_encrypt, arc4_encrypt },
138 /* 2: debug wep (null) */
139 { "null", awi_null_ctxlen, awi_null_setkey,
140 awi_null_copy, awi_null_copy },
141 /* dummy for wep without encryption */
145 awi_wep_setnwkey(sc, nwkey)
146 struct awi_softc *sc;
147 struct ieee80211_nwkey *nwkey;
150 u_int8_t keybuf[AWI_MAX_KEYLEN];
152 if (nwkey->i_defkid <= 0 ||
153 nwkey->i_defkid > IEEE80211_WEP_NKID)
156 for (i = 0; i < IEEE80211_WEP_NKID; i++) {
157 if (nwkey->i_key[i].i_keydat == NULL)
159 len = nwkey->i_key[i].i_keylen;
160 if (len > sizeof(keybuf)) {
164 error = copyin(nwkey->i_key[i].i_keydat, keybuf, len);
167 error = awi_wep_setkey(sc, i, keybuf, len);
172 sc->sc_wep_defkid = nwkey->i_defkid - 1;
173 error = awi_wep_setalgo(sc, nwkey->i_wepon);
174 if (error == 0 && sc->sc_enabled) {
176 error = awi_init(sc);
183 awi_wep_getnwkey(sc, nwkey)
184 struct awi_softc *sc;
185 struct ieee80211_nwkey *nwkey;
187 struct proc *cur = curproc;
188 int i, len, error, suerr;
189 u_int8_t keybuf[AWI_MAX_KEYLEN];
191 nwkey->i_wepon = awi_wep_getalgo(sc);
192 nwkey->i_defkid = sc->sc_wep_defkid + 1;
193 /* do not show any keys to non-root user */
195 suerr = suser_xxx(cur->p_ucred, 0);
197 suerr = suser(curproc->p_ucred, &curproc->p_acflag);
200 for (i = 0; i < IEEE80211_WEP_NKID; i++) {
201 if (nwkey->i_key[i].i_keydat == NULL)
207 len = sizeof(keybuf);
208 error = awi_wep_getkey(sc, i, keybuf, &len);
211 if (nwkey->i_key[i].i_keylen < len) {
215 nwkey->i_key[i].i_keylen = len;
216 error = copyout(keybuf, nwkey->i_key[i].i_keydat, len);
225 struct awi_softc *sc;
228 if (sc->sc_wep_algo == NULL)
230 return sc->sc_wep_algo - awi_wep_algo;
234 awi_wep_setalgo(sc, algo)
235 struct awi_softc *sc;
238 struct awi_wep_algo *awa;
241 awi_crc_init(); /* XXX: not belongs here */
242 if (algo < 0 || algo > sizeof(awi_wep_algo)/sizeof(awi_wep_algo[0]))
244 awa = &awi_wep_algo[algo];
245 if (awa->awa_name == NULL)
247 if (awa->awa_ctxlen == NULL) {
251 ctxlen = awa->awa_ctxlen();
252 if (sc->sc_wep_ctx != NULL) {
253 free(sc->sc_wep_ctx, M_DEVBUF);
254 sc->sc_wep_ctx = NULL;
257 sc->sc_wep_ctx = malloc(ctxlen, M_DEVBUF, M_NOWAIT);
258 if (sc->sc_wep_ctx == NULL)
261 sc->sc_wep_algo = awa;
266 awi_wep_setkey(sc, kid, key, keylen)
267 struct awi_softc *sc;
273 if (kid < 0 || kid >= IEEE80211_WEP_NKID)
275 if (keylen < 0 || keylen + IEEE80211_WEP_IVLEN > AWI_MAX_KEYLEN)
277 sc->sc_wep_keylen[kid] = keylen;
279 memcpy(sc->sc_wep_key[kid] + IEEE80211_WEP_IVLEN, key, keylen);
284 awi_wep_getkey(sc, kid, key, keylen)
285 struct awi_softc *sc;
291 if (kid < 0 || kid >= IEEE80211_WEP_NKID)
293 if (*keylen < sc->sc_wep_keylen[kid])
295 *keylen = sc->sc_wep_keylen[kid];
297 memcpy(key, sc->sc_wep_key[kid] + IEEE80211_WEP_IVLEN, *keylen);
302 awi_wep_encrypt(sc, m0, txflag)
303 struct awi_softc *sc;
307 struct mbuf *m, *n, *n0;
308 struct ieee80211_frame *wh;
309 struct awi_wep_algo *awa;
310 int left, len, moff, noff, keylen, kid;
314 u_int8_t crcbuf[IEEE80211_WEP_CRCLEN];
317 awa = sc->sc_wep_algo;
320 ctx = sc->sc_wep_ctx;
322 left = m->m_pkthdr.len;
323 MGET(n, M_DONTWAIT, m->m_type);
328 len = IEEE80211_WEP_IVLEN + IEEE80211_WEP_KIDLEN + IEEE80211_WEP_CRCLEN;
330 n->m_pkthdr.len += len;
332 n->m_pkthdr.len -= len;
336 if (n->m_pkthdr.len >= MINCLSIZE) {
337 MCLGET(n, M_DONTWAIT);
338 if (n->m_flags & M_EXT)
339 n->m_len = n->m_ext.ext_size;
341 len = sizeof(struct ieee80211_frame);
342 memcpy(mtod(n, caddr_t), mtod(m, caddr_t), len);
347 kid = sc->sc_wep_defkid;
348 wh = mtod(n, struct ieee80211_frame *);
349 wh->i_fc[1] |= IEEE80211_FC1_WEP;
352 * store IV, byte order is not the matter since it's random.
353 * assuming IEEE80211_WEP_IVLEN is 3
355 ivp = mtod(n, u_int8_t *) + noff;
356 ivp[0] = (iv >> 16) & 0xff;
357 ivp[1] = (iv >> 8) & 0xff;
359 ivp[3] = kid & 0x03; /* clear pad and keyid */
360 noff += IEEE80211_WEP_IVLEN + IEEE80211_WEP_KIDLEN;
362 ivp = mtod(m, u_int8_t *) + moff;
363 moff += IEEE80211_WEP_IVLEN + IEEE80211_WEP_KIDLEN;
364 kid = ivp[IEEE80211_WEP_IVLEN] & 0x03;
366 key = sc->sc_wep_key[kid];
367 keylen = sc->sc_wep_keylen[kid];
368 /* assuming IEEE80211_WEP_IVLEN is 3 */
372 awa->awa_setkey(ctx, key, IEEE80211_WEP_IVLEN + keylen);
374 /* encrypt with calculating CRC */
377 len = m->m_len - moff;
383 if (len > n->m_len - noff) {
384 len = n->m_len - noff;
386 MGET(n->m_next, M_DONTWAIT, n->m_type);
387 if (n->m_next == NULL)
391 if (left >= MINCLSIZE) {
392 MCLGET(n, M_DONTWAIT);
393 if (n->m_flags & M_EXT)
394 n->m_len = n->m_ext.ext_size;
403 awa->awa_encrypt(ctx, mtod(n, caddr_t) + noff,
404 mtod(m, caddr_t) + moff, len);
405 crc = awi_crc_update(crc, mtod(m, caddr_t) + moff, len);
407 awa->awa_decrypt(ctx, mtod(n, caddr_t) + noff,
408 mtod(m, caddr_t) + moff, len);
409 crc = awi_crc_update(crc, mtod(n, caddr_t) + noff, len);
417 LE_WRITE_4(crcbuf, crc);
418 if (n->m_len >= noff + sizeof(crcbuf))
419 n->m_len = noff + sizeof(crcbuf);
422 MGET(n->m_next, M_DONTWAIT, n->m_type);
423 if (n->m_next == NULL)
426 n->m_len = sizeof(crcbuf);
429 awa->awa_encrypt(ctx, mtod(n, caddr_t) + noff, crcbuf,
433 for (noff = 0; noff < sizeof(crcbuf); noff += len) {
434 len = sizeof(crcbuf) - noff;
435 if (len > m->m_len - moff)
436 len = m->m_len - moff;
438 awa->awa_decrypt(ctx, crcbuf + noff,
439 mtod(m, caddr_t) + moff, len);
443 if (crc != LE_READ_4(crcbuf))
456 * CRC 32 -- routine from RFC 2083
459 /* Table of CRCs of all 8-bit messages */
460 static u_int32_t awi_crc_table[256];
461 static int awi_crc_table_computed = 0;
463 /* Make the table for a fast CRC. */
470 if (awi_crc_table_computed)
472 for (n = 0; n < 256; n++) {
474 for (k = 0; k < 8; k++) {
476 c = 0xedb88320UL ^ (c >> 1);
480 awi_crc_table[n] = c;
482 awi_crc_table_computed = 1;
486 * Update a running CRC with the bytes buf[0..len-1]--the CRC
487 * should be initialized to all 1's, and the transmitted value
488 * is the 1's complement of the final running CRC
492 awi_crc_update(crc, buf, len)
499 for (endbuf = buf + len; buf < endbuf; buf++)
500 crc = awi_crc_table[(crc ^ *buf) & 0xff] ^ (crc >> 8);
505 * Null -- do nothing but copy.
516 awi_null_setkey(ctx, key, keylen)
524 awi_null_copy(ctx, dst, src, len)
531 memcpy(dst, src, len);