diff options
| author | Jeff Garzik <jeff@garzik.org> | 2006-09-22 20:10:23 -0400 |
|---|---|---|
| committer | Jeff Garzik <jeff@garzik.org> | 2006-09-22 20:10:23 -0400 |
| commit | 28eb177dfa5982d132edceed891cb3885df258bb (patch) | |
| tree | 5f8fdc37ad1d8d0793e9c47da7d908b97c814ffb /net/ieee80211/ieee80211_crypt_tkip.c | |
| parent | fd8ae94eea9bb4269d6dff1b47b9dc741bd70d0b (diff) | |
| parent | db392219c5f572610645696e3672f6ea38783a65 (diff) | |
Merge branch 'master' into upstream
Conflicts:
net/ieee80211/ieee80211_crypt_tkip.c
net/ieee80211/ieee80211_crypt_wep.c
Diffstat (limited to 'net/ieee80211/ieee80211_crypt_tkip.c')
| -rw-r--r-- | net/ieee80211/ieee80211_crypt_tkip.c | 100 |
1 files changed, 51 insertions, 49 deletions
diff --git a/net/ieee80211/ieee80211_crypt_tkip.c b/net/ieee80211/ieee80211_crypt_tkip.c index f2df2f5b3e4c..259572dfd4f1 100644 --- a/net/ieee80211/ieee80211_crypt_tkip.c +++ b/net/ieee80211/ieee80211_crypt_tkip.c | |||
| @@ -9,6 +9,7 @@ | |||
| 9 | * more details. | 9 | * more details. |
| 10 | */ | 10 | */ |
| 11 | 11 | ||
| 12 | #include <linux/err.h> | ||
| 12 | #include <linux/module.h> | 13 | #include <linux/module.h> |
| 13 | #include <linux/init.h> | 14 | #include <linux/init.h> |
| 14 | #include <linux/slab.h> | 15 | #include <linux/slab.h> |
| @@ -52,10 +53,10 @@ struct ieee80211_tkip_data { | |||
| 52 | 53 | ||
| 53 | int key_idx; | 54 | int key_idx; |
| 54 | 55 | ||
| 55 | struct crypto_tfm *tx_tfm_arc4; | 56 | struct crypto_blkcipher *rx_tfm_arc4; |
| 56 | struct crypto_tfm *tx_tfm_michael; | 57 | struct crypto_hash *rx_tfm_michael; |
| 57 | struct crypto_tfm *rx_tfm_arc4; | 58 | struct crypto_blkcipher *tx_tfm_arc4; |
| 58 | struct crypto_tfm *rx_tfm_michael; | 59 | struct crypto_hash *tx_tfm_michael; |
| 59 | 60 | ||
| 60 | /* scratch buffers for virt_to_page() (crypto API) */ | 61 | /* scratch buffers for virt_to_page() (crypto API) */ |
| 61 | u8 rx_hdr[16], tx_hdr[16]; | 62 | u8 rx_hdr[16], tx_hdr[16]; |
| @@ -87,31 +88,37 @@ static void *ieee80211_tkip_init(int key_idx) | |||
| 87 | 88 | ||
| 88 | priv->key_idx = key_idx; | 89 | priv->key_idx = key_idx; |
| 89 | 90 | ||
| 90 | priv->tx_tfm_arc4 = crypto_alloc_tfm("arc4", 0); | 91 | priv->tx_tfm_arc4 = crypto_alloc_blkcipher("ecb(arc4)", 0, |
| 91 | if (priv->tx_tfm_arc4 == NULL) { | 92 | CRYPTO_ALG_ASYNC); |
| 93 | if (IS_ERR(priv->tx_tfm_arc4)) { | ||
| 92 | printk(KERN_DEBUG "ieee80211_crypt_tkip: could not allocate " | 94 | printk(KERN_DEBUG "ieee80211_crypt_tkip: could not allocate " |
| 93 | "crypto API arc4\n"); | 95 | "crypto API arc4\n"); |
| 96 | priv->tfm_arc4 = NULL; | ||
| 94 | goto fail; | 97 | goto fail; |
| 95 | } | 98 | } |
| 96 | 99 | ||
| 97 | priv->tx_tfm_michael = crypto_alloc_tfm("michael_mic", 0); | 100 | priv->tx_tfm_michael = crypto_alloc_hash("michael_mic", 0, |
| 98 | if (priv->tx_tfm_michael == NULL) { | 101 | CRYPTO_ALG_ASYNC); |
| 102 | if (IS_ERR(priv->tx_tfm_michael)) { | ||
| 99 | printk(KERN_DEBUG "ieee80211_crypt_tkip: could not allocate " | 103 | printk(KERN_DEBUG "ieee80211_crypt_tkip: could not allocate " |
| 100 | "crypto API michael_mic\n"); | 104 | "crypto API michael_mic\n"); |
| 101 | goto fail; | 105 | goto fail; |
| 102 | } | 106 | } |
| 103 | 107 | ||
| 104 | priv->rx_tfm_arc4 = crypto_alloc_tfm("arc4", 0); | 108 | priv->rx_tfm_arc4 = crypto_alloc_blkcipher("ecb(arc4)", 0, |
| 105 | if (priv->rx_tfm_arc4 == NULL) { | 109 | CRYPTO_ALG_ASYNC); |
| 110 | if (IS_ERR(priv->rx_tfm_arc4)) { | ||
| 106 | printk(KERN_DEBUG "ieee80211_crypt_tkip: could not allocate " | 111 | printk(KERN_DEBUG "ieee80211_crypt_tkip: could not allocate " |
| 107 | "crypto API arc4\n"); | 112 | "crypto API arc4\n"); |
| 108 | goto fail; | 113 | goto fail; |
| 109 | } | 114 | } |
| 110 | 115 | ||
| 111 | priv->rx_tfm_michael = crypto_alloc_tfm("michael_mic", 0); | 116 | priv->rx_tfm_michael = crypto_alloc_hash("michael_mic", 0, |
| 112 | if (priv->rx_tfm_michael == NULL) { | 117 | CRYPTO_ALG_ASYNC); |
| 118 | if (IS_ERR(priv->rx_tfm_michael)) { | ||
| 113 | printk(KERN_DEBUG "ieee80211_crypt_tkip: could not allocate " | 119 | printk(KERN_DEBUG "ieee80211_crypt_tkip: could not allocate " |
| 114 | "crypto API michael_mic\n"); | 120 | "crypto API michael_mic\n"); |
| 121 | priv->tfm_michael = NULL; | ||
| 115 | goto fail; | 122 | goto fail; |
| 116 | } | 123 | } |
| 117 | 124 | ||
| @@ -120,13 +127,13 @@ static void *ieee80211_tkip_init(int key_idx) | |||
| 120 | fail: | 127 | fail: |
| 121 | if (priv) { | 128 | if (priv) { |
| 122 | if (priv->tx_tfm_michael) | 129 | if (priv->tx_tfm_michael) |
| 123 | crypto_free_tfm(priv->tx_tfm_michael); | 130 | crypto_free_hash(priv->tx_tfm_michael); |
| 124 | if (priv->tx_tfm_arc4) | 131 | if (priv->tx_tfm_arc4) |
| 125 | crypto_free_tfm(priv->tx_tfm_arc4); | 132 | crypto_free_blkcipher(priv->tx_tfm_arc4); |
| 126 | if (priv->rx_tfm_michael) | 133 | if (priv->rx_tfm_michael) |
| 127 | crypto_free_tfm(priv->rx_tfm_michael); | 134 | crypto_free_hash(priv->rx_tfm_michael); |
| 128 | if (priv->rx_tfm_arc4) | 135 | if (priv->rx_tfm_arc4) |
| 129 | crypto_free_tfm(priv->rx_tfm_arc4); | 136 | crypto_free_blkcipher(priv->rx_tfm_arc4); |
| 130 | kfree(priv); | 137 | kfree(priv); |
| 131 | } | 138 | } |
| 132 | 139 | ||
| @@ -138,13 +145,13 @@ static void ieee80211_tkip_deinit(void *priv) | |||
| 138 | struct ieee80211_tkip_data *_priv = priv; | 145 | struct ieee80211_tkip_data *_priv = priv; |
| 139 | if (_priv) { | 146 | if (_priv) { |
| 140 | if (_priv->tx_tfm_michael) | 147 | if (_priv->tx_tfm_michael) |
| 141 | crypto_free_tfm(_priv->tx_tfm_michael); | 148 | crypto_free_hash(_priv->tx_tfm_michael); |
| 142 | if (_priv->tx_tfm_arc4) | 149 | if (_priv->tx_tfm_arc4) |
| 143 | crypto_free_tfm(_priv->tx_tfm_arc4); | 150 | crypto_free_blkcipher(_priv->tx_tfm_arc4); |
| 144 | if (_priv->rx_tfm_michael) | 151 | if (_priv->rx_tfm_michael) |
| 145 | crypto_free_tfm(_priv->rx_tfm_michael); | 152 | crypto_free_hash(_priv->rx_tfm_michael); |
| 146 | if (_priv->rx_tfm_arc4) | 153 | if (_priv->rx_tfm_arc4) |
| 147 | crypto_free_tfm(_priv->rx_tfm_arc4); | 154 | crypto_free_blkcipher(_priv->rx_tfm_arc4); |
| 148 | } | 155 | } |
| 149 | kfree(priv); | 156 | kfree(priv); |
| 150 | } | 157 | } |
| @@ -344,6 +351,7 @@ static int ieee80211_tkip_hdr(struct sk_buff *skb, int hdr_len, | |||
| 344 | static int ieee80211_tkip_encrypt(struct sk_buff *skb, int hdr_len, void *priv) | 351 | static int ieee80211_tkip_encrypt(struct sk_buff *skb, int hdr_len, void *priv) |
| 345 | { | 352 | { |
| 346 | struct ieee80211_tkip_data *tkey = priv; | 353 | struct ieee80211_tkip_data *tkey = priv; |
| 354 | struct blkcipher_desc desc = { .tfm = tkey->tx_tfm_arc4 }; | ||
| 347 | int len; | 355 | int len; |
| 348 | u8 rc4key[16], *pos, *icv; | 356 | u8 rc4key[16], *pos, *icv; |
| 349 | u32 crc; | 357 | u32 crc; |
| @@ -377,31 +385,17 @@ static int ieee80211_tkip_encrypt(struct sk_buff *skb, int hdr_len, void *priv) | |||
| 377 | icv[2] = crc >> 16; | 385 | icv[2] = crc >> 16; |
| 378 | icv[3] = crc >> 24; | 386 | icv[3] = crc >> 24; |
| 379 | 387 | ||
| 380 | crypto_cipher_setkey(tkey->tx_tfm_arc4, rc4key, 16); | 388 | crypto_blkcipher_setkey(tkey->tx_tfm_arc4, rc4key, 16); |
| 381 | sg.page = virt_to_page(pos); | 389 | sg.page = virt_to_page(pos); |
| 382 | sg.offset = offset_in_page(pos); | 390 | sg.offset = offset_in_page(pos); |
| 383 | sg.length = len + 4; | 391 | sg.length = len + 4; |
| 384 | crypto_cipher_encrypt(tkey->tx_tfm_arc4, &sg, &sg, len + 4); | 392 | return crypto_blkcipher_encrypt(&desc, &sg, &sg, len + 4); |
| 385 | |||
| 386 | return 0; | ||
| 387 | } | ||
| 388 | |||
| 389 | /* | ||
| 390 | * deal with seq counter wrapping correctly. | ||
| 391 | * refer to timer_after() for jiffies wrapping handling | ||
| 392 | */ | ||
| 393 | static inline int tkip_replay_check(u32 iv32_n, u16 iv16_n, | ||
| 394 | u32 iv32_o, u16 iv16_o) | ||
| 395 | { | ||
| 396 | if ((s32)iv32_n - (s32)iv32_o < 0 || | ||
| 397 | (iv32_n == iv32_o && iv16_n <= iv16_o)) | ||
| 398 | return 1; | ||
| 399 | return 0; | ||
| 400 | } | 393 | } |
| 401 | 394 | ||
| 402 | static int ieee80211_tkip_decrypt(struct sk_buff *skb, int hdr_len, void *priv) | 395 | static int ieee80211_tkip_decrypt(struct sk_buff *skb, int hdr_len, void *priv) |
| 403 | { | 396 | { |
| 404 | struct ieee80211_tkip_data *tkey = priv; | 397 | struct ieee80211_tkip_data *tkey = priv; |
| 398 | struct blkcipher_desc desc = { .tfm = tkey->rx_tfm_arc4 }; | ||
| 405 | u8 rc4key[16]; | 399 | u8 rc4key[16]; |
| 406 | u8 keyidx, *pos; | 400 | u8 keyidx, *pos; |
| 407 | u32 iv32; | 401 | u32 iv32; |
| @@ -472,11 +466,18 @@ static int ieee80211_tkip_decrypt(struct sk_buff *skb, int hdr_len, void *priv) | |||
| 472 | 466 | ||
| 473 | plen = skb->len - hdr_len - 12; | 467 | plen = skb->len - hdr_len - 12; |
| 474 | 468 | ||
| 475 | crypto_cipher_setkey(tkey->rx_tfm_arc4, rc4key, 16); | 469 | crypto_blkcipher_setkey(tkey->rx_tfm_arc4, rc4key, 16); |
| 476 | sg.page = virt_to_page(pos); | 470 | sg.page = virt_to_page(pos); |
| 477 | sg.offset = offset_in_page(pos); | 471 | sg.offset = offset_in_page(pos); |
| 478 | sg.length = plen + 4; | 472 | sg.length = plen + 4; |
| 479 | crypto_cipher_decrypt(tkey->rx_tfm_arc4, &sg, &sg, plen + 4); | 473 | if (crypto_blkcipher_decrypt(&desc, &sg, &sg, plen + 4)) { |
| 474 | if (net_ratelimit()) { | ||
| 475 | printk(KERN_DEBUG ": TKIP: failed to decrypt " | ||
| 476 | "received packet from " MAC_FMT "\n", | ||
| 477 | MAC_ARG(hdr->addr2)); | ||
| 478 | } | ||
| 479 | return -7; | ||
| 480 | } | ||
| 480 | 481 | ||
| 481 | crc = ~crc32_le(~0, pos, plen); | 482 | crc = ~crc32_le(~0, pos, plen); |
| 482 | icv[0] = crc; | 483 | icv[0] = crc; |
| @@ -510,9 +511,10 @@ static int ieee80211_tkip_decrypt(struct sk_buff *skb, int hdr_len, void *priv) | |||
| 510 | return keyidx; | 511 | return keyidx; |
| 511 | } | 512 | } |
| 512 | 513 | ||
| 513 | static int michael_mic(struct crypto_tfm *tfm_michael, u8 * key, u8 * hdr, | 514 | static int michael_mic(struct crypto_hash *tfm_michael, u8 * key, u8 * hdr, |
| 514 | u8 * data, size_t data_len, u8 * mic) | 515 | u8 * data, size_t data_len, u8 * mic) |
| 515 | { | 516 | { |
| 517 | struct hash_desc desc; | ||
| 516 | struct scatterlist sg[2]; | 518 | struct scatterlist sg[2]; |
| 517 | 519 | ||
| 518 | if (tfm_michael == NULL) { | 520 | if (tfm_michael == NULL) { |
| @@ -527,12 +529,12 @@ static int michael_mic(struct crypto_tfm *tfm_michael, u8 * key, u8 * hdr, | |||
| 527 | sg[1].offset = offset_in_page(data); | 529 | sg[1].offset = offset_in_page(data); |
| 528 | sg[1].length = data_len; | 530 | sg[1].length = data_len; |
| 529 | 531 | ||
| 530 | crypto_digest_init(tfm_michael); | 532 | if (crypto_hash_setkey(tfm_michael, key, 8)) |
| 531 | crypto_digest_setkey(tfm_michael, key, 8); | 533 | return -1; |
| 532 | crypto_digest_update(tfm_michael, sg, 2); | ||
| 533 | crypto_digest_final(tfm_michael, mic); | ||
| 534 | 534 | ||
| 535 | return 0; | 535 | desc.tfm = tfm_michael; |
| 536 | desc.flags = 0; | ||
| 537 | return crypto_hash_digest(&desc, sg, data_len + 16, mic); | ||
| 536 | } | 538 | } |
| 537 | 539 | ||
| 538 | static void michael_mic_hdr(struct sk_buff *skb, u8 * hdr) | 540 | static void michael_mic_hdr(struct sk_buff *skb, u8 * hdr) |
| @@ -656,10 +658,10 @@ static int ieee80211_tkip_set_key(void *key, int len, u8 * seq, void *priv) | |||
| 656 | { | 658 | { |
| 657 | struct ieee80211_tkip_data *tkey = priv; | 659 | struct ieee80211_tkip_data *tkey = priv; |
| 658 | int keyidx; | 660 | int keyidx; |
| 659 | struct crypto_tfm *tfm = tkey->tx_tfm_michael; | 661 | struct crypto_hash *tfm = tkey->tx_tfm_michael; |
| 660 | struct crypto_tfm *tfm2 = tkey->tx_tfm_arc4; | 662 | struct crypto_blkcipher *tfm2 = tkey->tx_tfm_arc4; |
| 661 | struct crypto_tfm *tfm3 = tkey->rx_tfm_michael; | 663 | struct crypto_hash *tfm3 = tkey->rx_tfm_michael; |
| 662 | struct crypto_tfm *tfm4 = tkey->rx_tfm_arc4; | 664 | struct crypto_blkcipher *tfm4 = tkey->rx_tfm_arc4; |
| 663 | 665 | ||
| 664 | keyidx = tkey->key_idx; | 666 | keyidx = tkey->key_idx; |
| 665 | memset(tkey, 0, sizeof(*tkey)); | 667 | memset(tkey, 0, sizeof(*tkey)); |