1 /* $OpenBSD: ieee80211_crypto.h,v 1.22 2009/01/26 19:09:41 damien Exp $ */ 2 3 /*- 4 * Copyright (c) 2007,2008 Damien Bergamini <damien.bergamini@free.fr> 5 * 6 * Permission to use, copy, modify, and distribute this software for any 7 * purpose with or without fee is hereby granted, provided that the above 8 * copyright notice and this permission notice appear in all copies. 9 * 10 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 11 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 12 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 13 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 14 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 15 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 16 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 17 */ 18 19 #ifndef _NET80211_IEEE80211_CRYPTO_H_ 20 #define _NET80211_IEEE80211_CRYPTO_H_ 21 22 /* 23 * 802.11 protocol crypto-related definitions. 24 */ 25 26 /* 27 * 802.11 ciphers. 28 */ 29 enum ieee80211_cipher { 30 IEEE80211_CIPHER_NONE = 0x00000000, 31 IEEE80211_CIPHER_USEGROUP = 0x00000001, 32 IEEE80211_CIPHER_WEP40 = 0x00000002, 33 IEEE80211_CIPHER_TKIP = 0x00000004, 34 IEEE80211_CIPHER_CCMP = 0x00000008, 35 IEEE80211_CIPHER_WEP104 = 0x00000010, 36 IEEE80211_CIPHER_BIP = 0x00000020 /* 11w */ 37 }; 38 39 /* 40 * 802.11 Authentication and Key Management Protocols. 41 */ 42 enum ieee80211_akm { 43 IEEE80211_AKM_NONE = 0x00000000, 44 IEEE80211_AKM_8021X = 0x00000001, 45 IEEE80211_AKM_PSK = 0x00000002, 46 IEEE80211_AKM_SHA256_8021X = 0x00000004, /* 11w */ 47 IEEE80211_AKM_SHA256_PSK = 0x00000008 /* 11w */ 48 }; 49 50 static __inline int 51 ieee80211_is_8021x_akm(enum ieee80211_akm akm) 52 { 53 return akm == IEEE80211_AKM_8021X || 54 akm == IEEE80211_AKM_SHA256_8021X; 55 } 56 57 static __inline int 58 ieee80211_is_sha256_akm(enum ieee80211_akm akm) 59 { 60 return akm == IEEE80211_AKM_SHA256_8021X || 61 akm == IEEE80211_AKM_SHA256_PSK; 62 } 63 64 #define IEEE80211_KEYBUF_SIZE 16 65 66 #define IEEE80211_TKIP_HDRLEN 8 67 #define IEEE80211_TKIP_MICLEN 8 68 #define IEEE80211_TKIP_ICVLEN 4 69 #define IEEE80211_CCMP_HDRLEN 8 70 #define IEEE80211_CCMP_MICLEN 8 71 72 #define IEEE80211_PMK_LEN 32 73 74 struct ieee80211_key { 75 u_int8_t k_id; /* identifier (0-5) */ 76 enum ieee80211_cipher k_cipher; 77 u_int k_flags; 78 #define IEEE80211_KEY_GROUP 0x00000001 /* group data key */ 79 #define IEEE80211_KEY_TX 0x00000002 /* Tx+Rx */ 80 #define IEEE80211_KEY_IGTK 0x00000004 /* integrity group key */ 81 82 u_int k_len; 83 u_int64_t k_rsc[IEEE80211_NUM_TID]; 84 u_int64_t k_mgmt_rsc; 85 u_int64_t k_tsc; 86 u_int8_t k_key[32]; 87 void *k_priv; 88 }; 89 90 /* 91 * Entry in the PMKSA cache. 92 */ 93 struct ieee80211_pmk { 94 enum ieee80211_akm pmk_akm; 95 u_int32_t pmk_lifetime; 96 #define IEEE80211_PMK_INFINITE 0 97 98 u_int8_t pmk_pmkid[IEEE80211_PMKID_LEN]; 99 u_int8_t pmk_macaddr[IEEE80211_ADDR_LEN]; 100 u_int8_t pmk_key[IEEE80211_PMK_LEN]; 101 102 TAILQ_ENTRY(ieee80211_pmk) pmk_next; 103 }; 104 105 /* forward references */ 106 struct ieee80211com; 107 struct ieee80211_node; 108 109 void ieee80211_crypto_attach(struct ifnet *); 110 void ieee80211_crypto_detach(struct ifnet *); 111 112 struct ieee80211_key *ieee80211_get_txkey(struct ieee80211com *, 113 const struct ieee80211_frame *, struct ieee80211_node *); 114 struct ieee80211_key *ieee80211_get_rxkey(struct ieee80211com *, 115 struct mbuf *, struct ieee80211_node *); 116 struct mbuf *ieee80211_encrypt(struct ieee80211com *, struct mbuf *, 117 struct ieee80211_key *); 118 struct mbuf *ieee80211_decrypt(struct ieee80211com *, struct mbuf *, 119 struct ieee80211_node *); 120 121 int ieee80211_set_key(struct ieee80211com *, struct ieee80211_node *, 122 struct ieee80211_key *); 123 void ieee80211_delete_key(struct ieee80211com *, struct ieee80211_node *, 124 struct ieee80211_key *); 125 126 void ieee80211_eapol_key_mic(struct ieee80211_eapol_key *, 127 const u_int8_t *); 128 int ieee80211_eapol_key_check_mic(struct ieee80211_eapol_key *, 129 const u_int8_t *); 130 #ifndef IEEE80211_STA_ONLY 131 void ieee80211_eapol_key_encrypt(struct ieee80211com *, 132 struct ieee80211_eapol_key *, const u_int8_t *); 133 #endif 134 int ieee80211_eapol_key_decrypt(struct ieee80211_eapol_key *, 135 const u_int8_t *); 136 137 struct ieee80211_pmk *ieee80211_pmksa_add(struct ieee80211com *, 138 enum ieee80211_akm, const u_int8_t *, const u_int8_t *, u_int32_t); 139 struct ieee80211_pmk *ieee80211_pmksa_find(struct ieee80211com *, 140 struct ieee80211_node *, const u_int8_t *); 141 void ieee80211_derive_ptk(enum ieee80211_akm, const u_int8_t *, 142 const u_int8_t *, const u_int8_t *, const u_int8_t *, 143 const u_int8_t *, struct ieee80211_ptk *); 144 int ieee80211_cipher_keylen(enum ieee80211_cipher); 145 146 int ieee80211_wep_set_key(struct ieee80211com *, struct ieee80211_key *); 147 void ieee80211_wep_delete_key(struct ieee80211com *, 148 struct ieee80211_key *); 149 struct mbuf *ieee80211_wep_encrypt(struct ieee80211com *, struct mbuf *, 150 struct ieee80211_key *); 151 struct mbuf *ieee80211_wep_decrypt(struct ieee80211com *, struct mbuf *, 152 struct ieee80211_key *); 153 154 int ieee80211_tkip_set_key(struct ieee80211com *, struct ieee80211_key *); 155 void ieee80211_tkip_delete_key(struct ieee80211com *, 156 struct ieee80211_key *); 157 struct mbuf *ieee80211_tkip_encrypt(struct ieee80211com *, 158 struct mbuf *, struct ieee80211_key *); 159 struct mbuf *ieee80211_tkip_decrypt(struct ieee80211com *, 160 struct mbuf *, struct ieee80211_key *); 161 void ieee80211_tkip_mic(struct mbuf *, int, const u_int8_t *, 162 u_int8_t[IEEE80211_TKIP_MICLEN]); 163 void ieee80211_michael_mic_failure(struct ieee80211com *, u_int64_t); 164 165 int ieee80211_ccmp_set_key(struct ieee80211com *, struct ieee80211_key *); 166 void ieee80211_ccmp_delete_key(struct ieee80211com *, 167 struct ieee80211_key *); 168 struct mbuf *ieee80211_ccmp_encrypt(struct ieee80211com *, struct mbuf *, 169 struct ieee80211_key *); 170 struct mbuf *ieee80211_ccmp_decrypt(struct ieee80211com *, struct mbuf *, 171 struct ieee80211_key *); 172 173 int ieee80211_bip_set_key(struct ieee80211com *, struct ieee80211_key *); 174 void ieee80211_bip_delete_key(struct ieee80211com *, 175 struct ieee80211_key *); 176 struct mbuf *ieee80211_bip_encap(struct ieee80211com *, struct mbuf *, 177 struct ieee80211_key *); 178 struct mbuf *ieee80211_bip_decap(struct ieee80211com *, struct mbuf *, 179 struct ieee80211_key *); 180 181 #endif /* _NET80211_IEEE80211_CRYPTO_H_ */ 182