xref: /netbsd-src/sys/net80211/ieee80211_crypto.c (revision 23c8222edbfb0f0932d88a8351d3a0cf817dfb9e) 
1 /*	$NetBSD: ieee80211_crypto.c,v 1.5 2003/12/14 09:56:53 dyoung Exp $	*/
2 /*-
3  * Copyright (c) 2001 Atsushi Onoe
4  * Copyright (c) 2002, 2003 Sam Leffler, Errno Consulting
5  * All rights reserved.
6  *
7  * Redistribution and use in source and binary forms, with or without
8  * modification, are permitted provided that the following conditions
9  * are met:
10  * 1. Redistributions of source code must retain the above copyright
11  *    notice, this list of conditions and the following disclaimer.
12  * 2. Redistributions in binary form must reproduce the above copyright
13  *    notice, this list of conditions and the following disclaimer in the
14  *    documentation and/or other materials provided with the distribution.
15  * 3. The name of the author may not be used to endorse or promote products
16  *    derived from this software without specific prior written permission.
17  *
18  * Alternatively, this software may be distributed under the terms of the
19  * GNU General Public License ("GPL") version 2 as published by the Free
20  * Software Foundation.
21  *
22  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
23  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
24  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
25  * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
26  * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
27  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
28  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
29  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
30  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
31  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
32  */
33 
34 #include <sys/cdefs.h>
35 #ifdef __FreeBSD__
36 __FBSDID("$FreeBSD: src/sys/net80211/ieee80211_crypto.c,v 1.3 2003/10/17 23:15:30 sam Exp $");
37 #else
38 __KERNEL_RCSID(0, "$NetBSD: ieee80211_crypto.c,v 1.5 2003/12/14 09:56:53 dyoung Exp $");
39 #endif
40 
41 #include "opt_inet.h"
42 
43 #include <sys/param.h>
44 #include <sys/systm.h>
45 #include <sys/mbuf.h>
46 #include <sys/malloc.h>
47 #include <sys/kernel.h>
48 #include <sys/socket.h>
49 #include <sys/sockio.h>
50 #include <sys/endian.h>
51 #include <sys/errno.h>
52 #ifdef __FreeBSD__
53 #include <sys/bus.h>
54 #endif
55 #include <sys/proc.h>
56 #include <sys/sysctl.h>
57 
58 #ifdef __FreeBSD__
59 #include <machine/atomic.h>
60 #endif
61 
62 #include <net/if.h>
63 #include <net/if_dl.h>
64 #include <net/if_media.h>
65 #include <net/if_arp.h>
66 #ifdef __FreeBSD__
67 #include <net/ethernet.h>
68 #else
69 #include <net/if_ether.h>
70 #endif
71 #include <net/if_llc.h>
72 
73 #include <net80211/ieee80211_var.h>
74 #include <net80211/ieee80211_compat.h>
75 
76 #include <net/bpf.h>
77 
78 #ifdef INET
79 #include <netinet/in.h>
80 #ifdef __FreeBSD__
81 #include <netinet/if_ether.h>
82 #else
83 #include <net/if_ether.h>
84 #endif
85 #endif
86 
87 #ifdef __FreeBSD__
88 #include <crypto/rc4/rc4.h>
89 #define	arc4_ctxlen()			sizeof (struct rc4_state)
90 #define	arc4_setkey(_c,_k,_l)		rc4_init(_c,_k,_l)
91 #define	arc4_encrypt(_c,_d,_s,_l)	rc4_crypt(_c,_s,_d,_l)
92 #else
93 #include <crypto/arc4/arc4.h>
94 #endif
95 
96 static	void ieee80211_crc_init(void);
97 static	u_int32_t ieee80211_crc_update(u_int32_t crc, u_int8_t *buf, int len);
98 
99 void
100 ieee80211_crypto_attach(struct ifnet *ifp)
101 {
102 	struct ieee80211com *ic = (void *)ifp;
103 
104 	/*
105 	 * Setup crypto support.
106 	 */
107 	ieee80211_crc_init();
108 	ic->ic_iv = arc4random();
109 }
110 
111 void
112 ieee80211_crypto_detach(struct ifnet *ifp)
113 {
114 	struct ieee80211com *ic = (void *)ifp;
115 
116 	if (ic->ic_wep_ctx != NULL) {
117 		free(ic->ic_wep_ctx, M_DEVBUF);
118 		ic->ic_wep_ctx = NULL;
119 	}
120 }
121 
122 struct mbuf *
123 ieee80211_wep_crypt(struct ifnet *ifp, struct mbuf *m0, int txflag)
124 {
125 	struct ieee80211com *ic = (void *)ifp;
126 	struct mbuf *m, *n, *n0;
127 	struct ieee80211_frame *wh;
128 	int i, left, len, moff, noff, kid;
129 	u_int32_t iv, crc;
130 	u_int8_t *ivp;
131 	void *ctx;
132 	u_int8_t keybuf[IEEE80211_WEP_IVLEN + IEEE80211_KEYBUF_SIZE];
133 	u_int8_t crcbuf[IEEE80211_WEP_CRCLEN];
134 
135 	n0 = NULL;
136 	if ((ctx = ic->ic_wep_ctx) == NULL) {
137 		ctx = malloc(arc4_ctxlen(), M_DEVBUF, M_NOWAIT);
138 		if (ctx == NULL) {
139 			ic->ic_stats.is_crypto_nomem++;
140 			goto fail;
141 		}
142 		ic->ic_wep_ctx = ctx;
143 	}
144 	m = m0;
145 	left = m->m_pkthdr.len;
146 	MGET(n, M_DONTWAIT, m->m_type);
147 	n0 = n;
148 	if (n == NULL) {
149 		if (txflag)
150 			ic->ic_stats.is_tx_nombuf++;
151 		else
152 			ic->ic_stats.is_rx_nombuf++;
153 		goto fail;
154 	}
155 #ifdef __FreeBSD__
156 	M_MOVE_PKTHDR(n, m);
157 #else
158 	M_COPY_PKTHDR(n, m);
159 #endif
160 	len = IEEE80211_WEP_IVLEN + IEEE80211_WEP_KIDLEN + IEEE80211_WEP_CRCLEN;
161 	if (txflag) {
162 		n->m_pkthdr.len += len;
163 	} else {
164 		n->m_pkthdr.len -= len;
165 		left -= len;
166 	}
167 	n->m_len = MHLEN;
168 	if (n->m_pkthdr.len >= MINCLSIZE) {
169 		MCLGET(n, M_DONTWAIT);
170 		if (n->m_flags & M_EXT)
171 			n->m_len = n->m_ext.ext_size;
172 	}
173 	len = sizeof(struct ieee80211_frame);
174 	memcpy(mtod(n, caddr_t), mtod(m, caddr_t), len);
175 	wh = mtod(n, struct ieee80211_frame *);
176 	left -= len;
177 	moff = len;
178 	noff = len;
179 	if (txflag) {
180 		kid = ic->ic_wep_txkey;
181 		wh->i_fc[1] |= IEEE80211_FC1_WEP;
182                 iv = ic->ic_iv;
183 		/*
184 		 * Skip 'bad' IVs from Fluhrer/Mantin/Shamir:
185 		 * (B, 255, N) with 3 <= B < 8
186 		 */
187 		if (iv >= 0x03ff00 &&
188 		    (iv & 0xf8ff00) == 0x00ff00)
189 			iv += 0x000100;
190 		ic->ic_iv = iv + 1;
191 		/* put iv in little endian to prepare 802.11i */
192 		ivp = mtod(n, u_int8_t *) + noff;
193 		for (i = 0; i < IEEE80211_WEP_IVLEN; i++) {
194 			ivp[i] = iv & 0xff;
195 			iv >>= 8;
196 		}
197 		ivp[IEEE80211_WEP_IVLEN] = kid << 6;	/* pad and keyid */
198 		noff += IEEE80211_WEP_IVLEN + IEEE80211_WEP_KIDLEN;
199 	} else {
200 		wh->i_fc[1] &= ~IEEE80211_FC1_WEP;
201 		ivp = mtod(m, u_int8_t *) + moff;
202 		kid = ivp[IEEE80211_WEP_IVLEN] >> 6;
203 		moff += IEEE80211_WEP_IVLEN + IEEE80211_WEP_KIDLEN;
204 	}
205 	memcpy(keybuf, ivp, IEEE80211_WEP_IVLEN);
206 	memcpy(keybuf + IEEE80211_WEP_IVLEN, ic->ic_nw_keys[kid].wk_key,
207 	    ic->ic_nw_keys[kid].wk_len);
208 	arc4_setkey(ctx, keybuf,
209 	    IEEE80211_WEP_IVLEN + ic->ic_nw_keys[kid].wk_len);
210 
211 	/* encrypt with calculating CRC */
212 	crc = ~0;
213 	while (left > 0) {
214 		len = m->m_len - moff;
215 		if (len == 0) {
216 			m = m->m_next;
217 			moff = 0;
218 			continue;
219 		}
220 		if (len > n->m_len - noff) {
221 			len = n->m_len - noff;
222 			if (len == 0) {
223 				MGET(n->m_next, M_DONTWAIT, n->m_type);
224 				if (n->m_next == NULL) {
225 					if (txflag)
226 						ic->ic_stats.is_tx_nombuf++;
227 					else
228 						ic->ic_stats.is_rx_nombuf++;
229 					goto fail;
230 				}
231 				n = n->m_next;
232 				n->m_len = MLEN;
233 				if (left >= MINCLSIZE) {
234 					MCLGET(n, M_DONTWAIT);
235 					if (n->m_flags & M_EXT)
236 						n->m_len = n->m_ext.ext_size;
237 				}
238 				noff = 0;
239 				continue;
240 			}
241 		}
242 		if (len > left)
243 			len = left;
244 		arc4_encrypt(ctx, mtod(n, caddr_t) + noff,
245 		    mtod(m, caddr_t) + moff, len);
246 		if (txflag)
247 			crc = ieee80211_crc_update(crc,
248 			    mtod(m, u_int8_t *) + moff, len);
249 		else
250 			crc = ieee80211_crc_update(crc,
251 			    mtod(n, u_int8_t *) + noff, len);
252 		left -= len;
253 		moff += len;
254 		noff += len;
255 	}
256 	crc = ~crc;
257 	if (txflag) {
258 		*(u_int32_t *)crcbuf = htole32(crc);
259 		if (n->m_len >= noff + sizeof(crcbuf))
260 			n->m_len = noff + sizeof(crcbuf);
261 		else {
262 			n->m_len = noff;
263 			MGET(n->m_next, M_DONTWAIT, n->m_type);
264 			if (n->m_next == NULL) {
265 				ic->ic_stats.is_tx_nombuf++;
266 				goto fail;
267 			}
268 			n = n->m_next;
269 			n->m_len = sizeof(crcbuf);
270 			noff = 0;
271 		}
272 		arc4_encrypt(ctx, mtod(n, caddr_t) + noff, crcbuf,
273 		    sizeof(crcbuf));
274 	} else {
275 		n->m_len = noff;
276 		for (noff = 0; noff < sizeof(crcbuf); noff += len) {
277 			len = sizeof(crcbuf) - noff;
278 			if (len > m->m_len - moff)
279 				len = m->m_len - moff;
280 			if (len > 0)
281 				arc4_encrypt(ctx, crcbuf + noff,
282 				    mtod(m, caddr_t) + moff, len);
283 			m = m->m_next;
284 			moff = 0;
285 		}
286 		if (crc != le32toh(*(u_int32_t *)crcbuf)) {
287 #ifdef IEEE80211_DEBUG
288 			if (ieee80211_debug) {
289 				if_printf(ifp, "decrypt CRC error\n");
290 				if (ieee80211_debug > 1)
291 					ieee80211_dump_pkt(n0->m_data,
292 					    n0->m_len, -1, -1);
293 			}
294 #endif
295 			ic->ic_stats.is_rx_decryptcrc++;
296 			goto fail;
297 		}
298 	}
299 	m_freem(m0);
300 	return n0;
301 
302   fail:
303 	m_freem(m0);
304 	m_freem(n0);
305 	return NULL;
306 }
307 
308 /*
309  * CRC 32 -- routine from RFC 2083
310  */
311 
312 /* Table of CRCs of all 8-bit messages */
313 static u_int32_t ieee80211_crc_table[256];
314 
315 /* Make the table for a fast CRC. */
316 static void
317 ieee80211_crc_init(void)
318 {
319 	u_int32_t c;
320 	int n, k;
321 
322 	for (n = 0; n < 256; n++) {
323 		c = (u_int32_t)n;
324 		for (k = 0; k < 8; k++) {
325 			if (c & 1)
326 				c = 0xedb88320UL ^ (c >> 1);
327 			else
328 				c = c >> 1;
329 		}
330 		ieee80211_crc_table[n] = c;
331 	}
332 }
333 
334 /*
335  * Update a running CRC with the bytes buf[0..len-1]--the CRC
336  * should be initialized to all 1's, and the transmitted value
337  * is the 1's complement of the final running CRC
338  */
339 
340 static u_int32_t
341 ieee80211_crc_update(u_int32_t crc, u_int8_t *buf, int len)
342 {
343 	u_int8_t *endbuf;
344 
345 	for (endbuf = buf + len; buf < endbuf; buf++)
346 		crc = ieee80211_crc_table[(crc ^ *buf) & 0xff] ^ (crc >> 8);
347 	return crc;
348 }
349