1 /* $NetBSD: awi_wep.c,v 1.4 2000/08/14 11:28:03 onoe Exp $ */
2 /* $FreeBSD: src/sys/dev/awi/awi_wep.c,v 1.3.2.2 2003/01/23 21:06:42 sam Exp $ */
5 * Copyright (c) 2000 The NetBSD Foundation, Inc.
8 * This code is derived from software contributed to The NetBSD Foundation
11 * Redistribution and use in source and binary forms, with or without
12 * modification, are permitted provided that the following conditions
14 * 1. Redistributions of source code must retain the above copyright
15 * notice, this list of conditions and the following disclaimer.
16 * 2. Redistributions in binary form must reproduce the above copyright
17 * notice, this list of conditions and the following disclaimer in the
18 * documentation and/or other materials provided with the distribution.
19 * 3. All advertising materials mentioning features or use of this software
20 * must display the following acknowledgement:
21 * This product includes software developed by the NetBSD
22 * Foundation, Inc. and its contributors.
23 * 4. Neither the name of The NetBSD Foundation nor the names of its
24 * contributors may be used to endorse or promote products derived
25 * from this software without specific prior written permission.
27 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
28 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
29 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
30 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
31 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
32 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
33 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
34 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
35 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
36 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
37 * POSSIBILITY OF SUCH DAMAGE.
41 * WEP support framework for the awi driver.
43 * No actual encryption capability is provided here, but any can be added
44 * to awi_wep_algo table below.
46 * Note that IEEE802.11 specification states WEP uses RC4 with 40bit key,
47 * which is a proprietary encryption algorithm available under license
48 * from RSA Data Security Inc. Using another algorithm, includes null
49 * encryption provided here, the awi driver cannot be able to communicate
50 * with other stations.
53 #include <sys/param.h>
54 #include <sys/systm.h>
55 #include <sys/kernel.h>
57 #include <sys/malloc.h>
59 #include <sys/socket.h>
60 #include <sys/errno.h>
61 #include <sys/sockio.h>
62 #if defined(__FreeBSD__) && __FreeBSD__ >= 4
65 #include <sys/device.h>
69 #include <net/if_dl.h>
71 #include <net/ethernet.h>
72 #include <net/if_arp.h>
74 #include <net/if_ether.h>
76 #include <net/if_media.h>
77 #include <net/if_ieee80211.h>
79 #include <machine/cpu.h>
80 #include <machine/bus.h>
82 #include <machine/clock.h>
86 #include <dev/ic/am79c930reg.h>
87 #include <dev/ic/am79c930var.h>
88 #include <dev/ic/awireg.h>
89 #include <dev/ic/awivar.h>
91 #include <crypto/arc4/arc4.h>
95 #include <dev/awi/am79c930reg.h>
96 #include <dev/awi/am79c930var.h>
97 #include <dev/awi/awireg.h>
98 #include <dev/awi/awivar.h>
100 #include <crypto/rc4/rc4.h>
104 return sizeof(struct rc4_state);
108 arc4_setkey(void *ctx, u_int8_t *key, int keylen)
110 rc4_init(ctx, key, keylen);
114 arc4_encrypt(void *ctx, u_int8_t *dst, u_int8_t *src, int len)
116 rc4_crypt(ctx, src, dst, len);
120 static void awi_crc_init __P((void));
121 static u_int32_t awi_crc_update __P((u_int32_t crc, u_int8_t *buf, int len));
123 static int awi_null_ctxlen __P((void));
124 static void awi_null_setkey __P((void *ctx, u_int8_t *key, int keylen));
125 static void awi_null_copy __P((void *ctx, u_int8_t *dst, u_int8_t *src, int len));
127 /* XXX: the order should be known to wiconfig/user */
129 static struct awi_wep_algo awi_wep_algo[] = {
131 { "no" }, /* dummy for no wep */
133 /* 1: normal wep (arc4) */
134 { "arc4", arc4_ctxlen, arc4_setkey,
135 arc4_encrypt, arc4_encrypt },
137 /* 2: debug wep (null) */
138 { "null", awi_null_ctxlen, awi_null_setkey,
139 awi_null_copy, awi_null_copy },
140 /* dummy for wep without encryption */
144 awi_wep_setnwkey(sc, nwkey)
145 struct awi_softc *sc;
146 struct ieee80211_nwkey *nwkey;
149 u_int8_t keybuf[AWI_MAX_KEYLEN];
151 if (nwkey->i_defkid <= 0 ||
152 nwkey->i_defkid > IEEE80211_WEP_NKID)
155 for (i = 0; i < IEEE80211_WEP_NKID; i++) {
156 if (nwkey->i_key[i].i_keydat == NULL)
158 len = nwkey->i_key[i].i_keylen;
159 if (len > sizeof(keybuf)) {
163 error = copyin(nwkey->i_key[i].i_keydat, keybuf, len);
166 error = awi_wep_setkey(sc, i, keybuf, len);
171 sc->sc_wep_defkid = nwkey->i_defkid - 1;
172 error = awi_wep_setalgo(sc, nwkey->i_wepon);
173 if (error == 0 && sc->sc_enabled) {
175 error = awi_init(sc);
182 awi_wep_getnwkey(sc, nwkey)
183 struct awi_softc *sc;
184 struct ieee80211_nwkey *nwkey;
186 int i, len, error, suerr;
187 u_int8_t keybuf[AWI_MAX_KEYLEN];
189 nwkey->i_wepon = awi_wep_getalgo(sc);
190 nwkey->i_defkid = sc->sc_wep_defkid + 1;
191 /* do not show any keys to non-root user */
193 suerr = suser(curproc);
195 suerr = suser(curproc->p_ucred, &curproc->p_acflag);
198 for (i = 0; i < IEEE80211_WEP_NKID; i++) {
199 if (nwkey->i_key[i].i_keydat == NULL)
205 len = sizeof(keybuf);
206 error = awi_wep_getkey(sc, i, keybuf, &len);
209 if (nwkey->i_key[i].i_keylen < len) {
213 nwkey->i_key[i].i_keylen = len;
214 error = copyout(keybuf, nwkey->i_key[i].i_keydat, len);
223 struct awi_softc *sc;
226 if (sc->sc_wep_algo == NULL)
228 return sc->sc_wep_algo - awi_wep_algo;
232 awi_wep_setalgo(sc, algo)
233 struct awi_softc *sc;
236 struct awi_wep_algo *awa;
239 awi_crc_init(); /* XXX: not belongs here */
240 if (algo < 0 || algo > sizeof(awi_wep_algo)/sizeof(awi_wep_algo[0]))
242 awa = &awi_wep_algo[algo];
243 if (awa->awa_name == NULL)
245 if (awa->awa_ctxlen == NULL) {
249 ctxlen = awa->awa_ctxlen();
250 if (sc->sc_wep_ctx != NULL) {
251 free(sc->sc_wep_ctx, M_DEVBUF);
252 sc->sc_wep_ctx = NULL;
255 sc->sc_wep_ctx = malloc(ctxlen, M_DEVBUF, M_NOWAIT);
256 if (sc->sc_wep_ctx == NULL)
259 sc->sc_wep_algo = awa;
264 awi_wep_setkey(sc, kid, key, keylen)
265 struct awi_softc *sc;
271 if (kid < 0 || kid >= IEEE80211_WEP_NKID)
273 if (keylen < 0 || keylen + IEEE80211_WEP_IVLEN > AWI_MAX_KEYLEN)
275 sc->sc_wep_keylen[kid] = keylen;
277 memcpy(sc->sc_wep_key[kid] + IEEE80211_WEP_IVLEN, key, keylen);
282 awi_wep_getkey(sc, kid, key, keylen)
283 struct awi_softc *sc;
289 if (kid < 0 || kid >= IEEE80211_WEP_NKID)
291 if (*keylen < sc->sc_wep_keylen[kid])
293 *keylen = sc->sc_wep_keylen[kid];
295 memcpy(key, sc->sc_wep_key[kid] + IEEE80211_WEP_IVLEN, *keylen);
300 awi_wep_encrypt(sc, m0, txflag)
301 struct awi_softc *sc;
305 struct mbuf *m, *n, *n0;
306 struct ieee80211_frame *wh;
307 struct awi_wep_algo *awa;
308 int left, len, moff, noff, keylen, kid;
312 u_int8_t crcbuf[IEEE80211_WEP_CRCLEN];
315 awa = sc->sc_wep_algo;
318 ctx = sc->sc_wep_ctx;
320 left = m->m_pkthdr.len;
321 MGET(n, M_DONTWAIT, m->m_type);
326 len = IEEE80211_WEP_IVLEN + IEEE80211_WEP_KIDLEN + IEEE80211_WEP_CRCLEN;
328 n->m_pkthdr.len += len;
330 n->m_pkthdr.len -= len;
334 if (n->m_pkthdr.len >= MINCLSIZE) {
335 MCLGET(n, M_DONTWAIT);
336 if (n->m_flags & M_EXT)
337 n->m_len = n->m_ext.ext_size;
339 len = sizeof(struct ieee80211_frame);
340 memcpy(mtod(n, caddr_t), mtod(m, caddr_t), len);
345 kid = sc->sc_wep_defkid;
346 wh = mtod(n, struct ieee80211_frame *);
347 wh->i_fc[1] |= IEEE80211_FC1_WEP;
350 * store IV, byte order is not the matter since it's random.
351 * assuming IEEE80211_WEP_IVLEN is 3
353 ivp = mtod(n, u_int8_t *) + noff;
354 ivp[0] = (iv >> 16) & 0xff;
355 ivp[1] = (iv >> 8) & 0xff;
357 ivp[3] = kid & 0x03; /* clear pad and keyid */
358 noff += IEEE80211_WEP_IVLEN + IEEE80211_WEP_KIDLEN;
360 ivp = mtod(m, u_int8_t *) + moff;
361 moff += IEEE80211_WEP_IVLEN + IEEE80211_WEP_KIDLEN;
362 kid = ivp[IEEE80211_WEP_IVLEN] & 0x03;
364 key = sc->sc_wep_key[kid];
365 keylen = sc->sc_wep_keylen[kid];
366 /* assuming IEEE80211_WEP_IVLEN is 3 */
370 awa->awa_setkey(ctx, key, IEEE80211_WEP_IVLEN + keylen);
372 /* encrypt with calculating CRC */
375 len = m->m_len - moff;
381 if (len > n->m_len - noff) {
382 len = n->m_len - noff;
384 MGET(n->m_next, M_DONTWAIT, n->m_type);
385 if (n->m_next == NULL)
389 if (left >= MINCLSIZE) {
390 MCLGET(n, M_DONTWAIT);
391 if (n->m_flags & M_EXT)
392 n->m_len = n->m_ext.ext_size;
401 awa->awa_encrypt(ctx, mtod(n, caddr_t) + noff,
402 mtod(m, caddr_t) + moff, len);
403 crc = awi_crc_update(crc, mtod(m, caddr_t) + moff, len);
405 awa->awa_decrypt(ctx, mtod(n, caddr_t) + noff,
406 mtod(m, caddr_t) + moff, len);
407 crc = awi_crc_update(crc, mtod(n, caddr_t) + noff, len);
415 LE_WRITE_4(crcbuf, crc);
416 if (n->m_len >= noff + sizeof(crcbuf))
417 n->m_len = noff + sizeof(crcbuf);
420 MGET(n->m_next, M_DONTWAIT, n->m_type);
421 if (n->m_next == NULL)
424 n->m_len = sizeof(crcbuf);
427 awa->awa_encrypt(ctx, mtod(n, caddr_t) + noff, crcbuf,
431 for (noff = 0; noff < sizeof(crcbuf); noff += len) {
432 len = sizeof(crcbuf) - noff;
433 if (len > m->m_len - moff)
434 len = m->m_len - moff;
436 awa->awa_decrypt(ctx, crcbuf + noff,
437 mtod(m, caddr_t) + moff, len);
441 if (crc != LE_READ_4(crcbuf))
454 * CRC 32 -- routine from RFC 2083
457 /* Table of CRCs of all 8-bit messages */
458 static u_int32_t awi_crc_table[256];
459 static int awi_crc_table_computed = 0;
461 /* Make the table for a fast CRC. */
468 if (awi_crc_table_computed)
470 for (n = 0; n < 256; n++) {
472 for (k = 0; k < 8; k++) {
474 c = 0xedb88320UL ^ (c >> 1);
478 awi_crc_table[n] = c;
480 awi_crc_table_computed = 1;
484 * Update a running CRC with the bytes buf[0..len-1]--the CRC
485 * should be initialized to all 1's, and the transmitted value
486 * is the 1's complement of the final running CRC
490 awi_crc_update(crc, buf, len)
497 for (endbuf = buf + len; buf < endbuf; buf++)
498 crc = awi_crc_table[(crc ^ *buf) & 0xff] ^ (crc >> 8);
503 * Null -- do nothing but copy.
514 awi_null_setkey(ctx, key, keylen)
522 awi_null_copy(ctx, dst, src, len)
529 memcpy(dst, src, len);