| blob | 679b62cacee0760f511425b4b674fd6be26284b1 |
1 /*
2 * Copyright 2009 Sun Microsystems, Inc. All rights reserved.
3 * Use is subject to license terms.
4 */
6 /*
7 * Copyright (c) 2001 Atsushi Onoe
8 * Copyright (c) 2002-2008 Sam Leffler, Errno Consulting
9 * All rights reserved.
10 *
11 * Redistribution and use in source and binary forms, with or without
12 * modification, are permitted provided that the following conditions
13 * are met:
14 * 1. Redistributions of source code must retain the above copyright
15 * notice, this list of conditions and the following disclaimer.
16 * 2. Redistributions in binary form must reproduce the above copyright
17 * notice, this list of conditions and the following disclaimer in the
18 * documentation and/or other materials provided with the distribution.
19 * 3. The name of the author may not be used to endorse or promote products
20 * derived from this software without specific prior written permission.
21 *
22 * Alternatively, this software may be distributed under the terms of the
23 * GNU General Public License ("GPL") version 2 as published by the Free
24 * Software Foundation.
25 *
26 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
27 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
28 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
29 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
30 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
31 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
32 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
33 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
34 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
35 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
36 */
38 /*
39 * IEEE 802.11i CCMP crypto support.
40 */
41 #include <sys/byteorder.h>
42 #include <sys/crypto/common.h>
43 #include <sys/crypto/api.h>
44 #include <sys/crc32.h>
45 #include <sys/random.h>
46 #include <sys/strsun.h>
51 };
53 #define AES_BLOCK_LEN 16
54 #define AES_NONCE_LEN 13
69 IEEE80211_CIPHER_AES_CCM,
71 IEEE80211_WEP_EXTIVLEN,
72 IEEE80211_WEP_MICLEN,
74 ccmp_attach,
75 ccmp_detach,
76 ccmp_setkey,
77 ccmp_encap,
78 ccmp_decap,
79 ccmp_enmic,
80 ccmp_demic,
81 };
83 /* ARGSUSED */
86 {
95 }
97 static void
99 {
104 }
106 static int
108 {
113 }
115 /*
116 * Add privacy headers appropriate for the specified key.
117 */
118 static int
120 {
126 /*
127 * Copy down 802.11 header and add the IV, KeyID, and ExtIV.
128 */
142 /*
143 * Finally, do software encrypt if neeed.
144 */
150 }
152 /*
153 * Validate and strip privacy headers (and trailer) for a
154 * received frame. The specified key should be correct but
155 * is also verified.
156 */
157 static int
159 {
163 /*
164 * Header should have extended IV and sequence number;
165 * verify the former and validate the latter.
166 */
169 /*
170 * No extended IV; discard frame.
171 */
173 }
177 /*
178 * Replay violation.
179 */
181 }
183 /*
184 * Check if the device handled the decrypt in hardware.
185 * If so we just strip the header; otherwise we need to
186 * handle the decrypt in software. Note that for the
187 * latter we leave the header in place for use in the
188 * decryption work.
189 */
194 /*
195 * Copy up 802.11 header and strip crypto bits.
196 */
201 /*
202 * Ok to update rsc now.
203 */
207 }
209 /*
210 * Add MIC to the frame as needed.
211 */
212 /* ARGSUSED */
213 static int
215 {
217 }
219 /*
220 * Verify and strip MIC from the frame.
221 */
222 /* ARGSUSED */
223 static int
225 {
227 }
229 static int
233 {
234 crypto_mechanism_t mech;
235 crypto_key_t crkey;
247 /* keys are measured in bits, not bytes, so multiply by 8 */
254 #if defined(__amd64) || defined(__sparc)
256 #else
258 #endif
280 }
282 static int
286 {
287 crypto_mechanism_t mech;
288 crypto_key_t crkey;
300 /* keys are measured in bits, not bytes, so multiply by 8 */
307 #if defined(__amd64) || defined(__sparc)
309 #else
311 #endif
333 }
335 /*
336 * For the avoidance of doubt, except that if any license choice other
337 * than GPL or LGPL is available it will apply instead, Sun elects to
338 * use only the General Public License version 2 (GPLv2) at this time
339 * for any software where a choice of GPL license versions is made
340 * available with the language indicating that GPLv2 or any later
341 * version may be used, or where a choice of which version of the GPL
342 * is applied is otherwise unspecified.
343 */
345 /*
346 * Host AP crypt: host-based CCMP encryption implementation for Host AP driver
347 *
348 * Copyright (c) 2003-2004, Jouni Malinen <jkmaline@cc.hut.fi>
349 *
350 * This program is free software; you can redistribute it and/or modify
351 * it under the terms of the GNU General Public License version 2 as
352 * published by the Free Software Foundation. See README and COPYING for
353 * more details.
354 *
355 * Alternatively, this software may be distributed under the terms of BSD
356 * license.
357 */
359 static void
362 {
363 /*
364 * CCM Initial Block:
365 * Flag (Include authentication header, M=3 (8-octet MIC),
366 * L=1 (2-octet Dlen))
367 * Nonce: 0x00 | A2 | PN
368 * Dlen
369 */
371 /* b0[1] set below */
382 /*
383 * AAD:
384 * FC with bits 4..6 and 11..13 masked to zero; 14 is always one
385 * A1 | A2 | A3
386 * SC with bits 4..15 (seq#) masked to zero
387 * A4 (if present)
388 * QC (if present)
389 */
391 /* aad[1] set below */
394 /* we know 3 addresses are contiguous */
398 /*
399 * Construct variable-length portion of AAD based
400 * on whether this is a 4-address frame/QOS frame.
401 * We always zero-pad to 32 bytes before running it
402 * through the cipher.
403 *
404 * We also fill in the priority bits of the CCM
405 * initial block as we know whether or not we have
406 * a QOS frame.
407 */
419 }
422 }
424 static int
426 {
431 CK_AES_CCM_PARAMS cmparam;
453 }
455 static int
457 {
462 CK_AES_CCM_PARAMS cmparam;
481 }