2 * Copyright (c) 2001 Atsushi Onoe
3 * Copyright (c) 2002, 2003 Sam Leffler, Errno Consulting
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in the
13 * documentation and/or other materials provided with the distribution.
14 * 3. The name of the author may not be used to endorse or promote products
15 * derived from this software without specific prior written permission.
17 * Alternatively, this software may be distributed under the terms of the
18 * GNU General Public License ("GPL") version 2 as published by the Free
19 * Software Foundation.
21 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
22 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
23 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
24 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
25 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
26 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
27 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
28 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
29 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
30 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
32 * $FreeBSD: src/sys/net80211/ieee80211_crypto.c,v 1.3 2003/10/17 23:15:30 sam Exp $
33 * $DragonFly: src/sys/netproto/802_11/Attic/ieee80211_crypto.c,v 1.1 2004/07/26 16:30:17 joerg Exp $
38 #include <sys/param.h>
39 #include <sys/systm.h>
41 #include <sys/malloc.h>
42 #include <sys/kernel.h>
43 #include <sys/socket.h>
44 #include <sys/sockio.h>
45 #include <sys/endian.h>
46 #include <sys/errno.h>
49 #include <sys/sysctl.h>
51 #include <machine/atomic.h>
54 #include <net/if_dl.h>
55 #include <net/if_media.h>
56 #include <net/if_arp.h>
57 #include <net/ethernet.h>
58 #include <net/if_llc.h>
60 #include <netproto/802_11/ieee80211_var.h>
65 #include <netinet/in.h>
66 #include <netinet/if_ether.h>
69 #include <crypto/rc4/rc4.h>
70 #define arc4_ctxlen() sizeof (struct rc4_state)
71 #define arc4_setkey(_c,_k,_l) rc4_init(_c,_k,_l)
72 #define arc4_encrypt(_c,_d,_s,_l) rc4_crypt(_c,_s,_d,_l)
74 static void ieee80211_crc_init(void);
75 static uint32_t ieee80211_crc_update(uint32_t crc, uint8_t *buf, int len);
78 ieee80211_crypto_attach(struct ifnet *ifp)
80 struct ieee80211com *ic = (void *)ifp;
83 * Setup crypto support.
86 ic->ic_iv = arc4random();
90 ieee80211_crypto_detach(struct ifnet *ifp)
92 struct ieee80211com *ic = (void *)ifp;
94 if (ic->ic_wep_ctx != NULL) {
95 free(ic->ic_wep_ctx, M_DEVBUF);
96 ic->ic_wep_ctx = NULL;
101 ieee80211_wep_crypt(struct ifnet *ifp, struct mbuf *m0, int txflag)
103 struct ieee80211com *ic = (void *)ifp;
104 struct mbuf *m, *n, *n0;
105 struct ieee80211_frame *wh;
106 int i, left, len, moff, noff, kid;
110 uint8_t keybuf[IEEE80211_WEP_IVLEN + IEEE80211_KEYBUF_SIZE];
111 uint8_t crcbuf[IEEE80211_WEP_CRCLEN];
114 if ((ctx = ic->ic_wep_ctx) == NULL) {
115 ctx = malloc(arc4_ctxlen(), M_DEVBUF, M_NOWAIT | M_ZERO); /* XXX */
117 ic->ic_stats.is_crypto_nomem++;
120 ic->ic_wep_ctx = ctx;
123 left = m->m_pkthdr.len;
124 MGET(n, MB_DONTWAIT, m->m_type);
128 ic->ic_stats.is_tx_nombuf++;
130 ic->ic_stats.is_rx_nombuf++;
134 len = IEEE80211_WEP_IVLEN + IEEE80211_WEP_KIDLEN + IEEE80211_WEP_CRCLEN;
136 n->m_pkthdr.len += len;
138 n->m_pkthdr.len -= len;
142 if (n->m_pkthdr.len >= MINCLSIZE) {
143 MCLGET(n, MB_DONTWAIT);
144 if (n->m_flags & M_EXT)
145 n->m_len = n->m_ext.ext_size;
147 len = sizeof(struct ieee80211_frame);
148 memcpy(mtod(n, caddr_t), mtod(m, caddr_t), len);
149 wh = mtod(n, struct ieee80211_frame *);
154 kid = ic->ic_wep_txkey;
155 wh->i_fc[1] |= IEEE80211_FC1_WEP;
158 * Skip 'bad' IVs from Fluhrer/Mantin/Shamir:
159 * (B, 255, N) with 3 <= B < 8
161 if (iv >= 0x03ff00 &&
162 (iv & 0xf8ff00) == 0x00ff00)
165 /* put iv in little endian to prepare 802.11i */
166 ivp = mtod(n, uint8_t *) + noff;
167 for (i = 0; i < IEEE80211_WEP_IVLEN; i++) {
171 ivp[IEEE80211_WEP_IVLEN] = kid << 6; /* pad and keyid */
172 noff += IEEE80211_WEP_IVLEN + IEEE80211_WEP_KIDLEN;
174 wh->i_fc[1] &= ~IEEE80211_FC1_WEP;
175 ivp = mtod(m, uint8_t *) + moff;
176 kid = ivp[IEEE80211_WEP_IVLEN] >> 6;
177 moff += IEEE80211_WEP_IVLEN + IEEE80211_WEP_KIDLEN;
179 memcpy(keybuf, ivp, IEEE80211_WEP_IVLEN);
180 memcpy(keybuf + IEEE80211_WEP_IVLEN, ic->ic_nw_keys[kid].wk_key,
181 ic->ic_nw_keys[kid].wk_len);
182 arc4_setkey(ctx, keybuf,
183 IEEE80211_WEP_IVLEN + ic->ic_nw_keys[kid].wk_len);
185 /* encrypt with calculating CRC */
188 len = m->m_len - moff;
194 if (len > n->m_len - noff) {
195 len = n->m_len - noff;
197 MGET(n->m_next, MB_DONTWAIT, n->m_type);
198 if (n->m_next == NULL) {
200 ic->ic_stats.is_tx_nombuf++;
202 ic->ic_stats.is_rx_nombuf++;
207 if (left >= MINCLSIZE) {
208 MCLGET(n, MB_DONTWAIT);
209 if (n->m_flags & M_EXT)
210 n->m_len = n->m_ext.ext_size;
218 arc4_encrypt(ctx, mtod(n, caddr_t) + noff,
219 mtod(m, caddr_t) + moff, len);
221 crc = ieee80211_crc_update(crc,
222 mtod(m, uint8_t *) + moff, len);
224 crc = ieee80211_crc_update(crc,
225 mtod(n, uint8_t *) + noff, len);
232 *(uint32_t *)crcbuf = htole32(crc);
233 if (n->m_len >= noff + sizeof(crcbuf))
234 n->m_len = noff + sizeof(crcbuf);
237 MGET(n->m_next, MB_DONTWAIT, n->m_type);
238 if (n->m_next == NULL) {
239 ic->ic_stats.is_tx_nombuf++;
243 n->m_len = sizeof(crcbuf);
246 arc4_encrypt(ctx, mtod(n, caddr_t) + noff, crcbuf,
250 for (noff = 0; noff < sizeof(crcbuf); noff += len) {
251 len = sizeof(crcbuf) - noff;
252 if (len > m->m_len - moff)
253 len = m->m_len - moff;
255 arc4_encrypt(ctx, crcbuf + noff,
256 mtod(m, caddr_t) + moff, len);
260 if (crc != le32toh(*(uint32_t *)crcbuf)) {
261 #ifdef IEEE80211_DEBUG
262 if (ieee80211_debug) {
263 if_printf(ifp, "decrypt CRC error\n");
264 if (ieee80211_debug > 1)
265 ieee80211_dump_pkt(n0->m_data,
269 ic->ic_stats.is_rx_decryptcrc++;
283 * CRC 32 -- routine from RFC 2083
286 /* Table of CRCs of all 8-bit messages */
287 static uint32_t ieee80211_crc_table[256];
289 /* Make the table for a fast CRC. */
291 ieee80211_crc_init(void)
296 for (n = 0; n < 256; n++) {
298 for (k = 0; k < 8; k++) {
300 c = 0xedb88320UL ^ (c >> 1);
304 ieee80211_crc_table[n] = c;
309 * Update a running CRC with the bytes buf[0..len-1]--the CRC
310 * should be initialized to all 1's, and the transmitted value
311 * is the 1's complement of the final running CRC
315 ieee80211_crc_update(uint32_t crc, uint8_t *buf, int len)
319 for (endbuf = buf + len; buf < endbuf; buf++)
320 crc = ieee80211_crc_table[(crc ^ *buf) & 0xff] ^ (crc >> 8);