Lines Matching +full:mic +full:- +full:pos
1 // SPDX-License-Identifier: GPL-2.0-only
3 * Copyright 2002-2004, Instant802 Networks, Inc.
5 * Copyright (C) 2016-2017 Intel Deutschland GmbH
6 * Copyright (C) 2020-2023 Intel Corporation
32 u8 *data, *key, *mic; in ieee80211_tx_h_michael_mic_add() local
36 struct sk_buff *skb = tx->skb; in ieee80211_tx_h_michael_mic_add()
40 hdr = (struct ieee80211_hdr *)skb->data; in ieee80211_tx_h_michael_mic_add()
41 if (!tx->key || tx->key->conf.cipher != WLAN_CIPHER_SUITE_TKIP || in ieee80211_tx_h_michael_mic_add()
42 skb->len < 24 || !ieee80211_is_data_present(hdr->frame_control)) in ieee80211_tx_h_michael_mic_add()
45 hdrlen = ieee80211_hdrlen(hdr->frame_control); in ieee80211_tx_h_michael_mic_add()
46 if (skb->len < hdrlen) in ieee80211_tx_h_michael_mic_add()
49 data = skb->data + hdrlen; in ieee80211_tx_h_michael_mic_add()
50 data_len = skb->len - hdrlen; in ieee80211_tx_h_michael_mic_add()
52 if (unlikely(info->flags & IEEE80211_TX_INTFL_TKIP_MIC_FAILURE)) { in ieee80211_tx_h_michael_mic_add()
54 info->control.hw_key = NULL; in ieee80211_tx_h_michael_mic_add()
57 if (info->control.hw_key && in ieee80211_tx_h_michael_mic_add()
58 (info->flags & IEEE80211_TX_CTL_DONTFRAG || in ieee80211_tx_h_michael_mic_add()
59 ieee80211_hw_check(&tx->local->hw, SUPPORTS_TX_FRAG)) && in ieee80211_tx_h_michael_mic_add()
60 !(tx->key->conf.flags & (IEEE80211_KEY_FLAG_GENERATE_MMIC | in ieee80211_tx_h_michael_mic_add()
62 /* hwaccel - with no need for SW-generated MMIC or MIC space */ in ieee80211_tx_h_michael_mic_add()
67 if (!info->control.hw_key) in ieee80211_tx_h_michael_mic_add()
77 mic = skb_put(skb, MICHAEL_MIC_LEN); in ieee80211_tx_h_michael_mic_add()
79 if (tx->key->conf.flags & IEEE80211_KEY_FLAG_PUT_MIC_SPACE) { in ieee80211_tx_h_michael_mic_add()
80 /* Zeroed MIC can help with debug */ in ieee80211_tx_h_michael_mic_add()
81 memset(mic, 0, MICHAEL_MIC_LEN); in ieee80211_tx_h_michael_mic_add()
85 key = &tx->key->conf.key[NL80211_TKIP_DATA_OFFSET_TX_MIC_KEY]; in ieee80211_tx_h_michael_mic_add()
86 michael_mic(key, hdr, data, data_len, mic); in ieee80211_tx_h_michael_mic_add()
87 if (unlikely(info->flags & IEEE80211_TX_INTFL_TKIP_MIC_FAILURE)) in ieee80211_tx_h_michael_mic_add()
88 mic[0]++; in ieee80211_tx_h_michael_mic_add()
100 u8 mic[MICHAEL_MIC_LEN]; in ieee80211_rx_h_michael_mic_verify() local
101 struct sk_buff *skb = rx->skb; in ieee80211_rx_h_michael_mic_verify()
103 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data; in ieee80211_rx_h_michael_mic_verify()
106 * it makes no sense to check for MIC errors on anything other in ieee80211_rx_h_michael_mic_verify()
109 if (!ieee80211_is_data_present(hdr->frame_control)) in ieee80211_rx_h_michael_mic_verify()
113 * No way to verify the MIC if the hardware stripped it or in ieee80211_rx_h_michael_mic_verify()
116 * MIC failure report. in ieee80211_rx_h_michael_mic_verify()
118 if (status->flag & (RX_FLAG_MMIC_STRIPPED | RX_FLAG_IV_STRIPPED)) { in ieee80211_rx_h_michael_mic_verify()
119 if (status->flag & RX_FLAG_MMIC_ERROR) in ieee80211_rx_h_michael_mic_verify()
122 if (!(status->flag & RX_FLAG_IV_STRIPPED) && rx->key && in ieee80211_rx_h_michael_mic_verify()
123 rx->key->conf.cipher == WLAN_CIPHER_SUITE_TKIP) in ieee80211_rx_h_michael_mic_verify()
130 * Some hardware seems to generate Michael MIC failure reports; even in ieee80211_rx_h_michael_mic_verify()
132 * MIC. Ignore the flag them to avoid triggering countermeasures. in ieee80211_rx_h_michael_mic_verify()
134 if (!rx->key || rx->key->conf.cipher != WLAN_CIPHER_SUITE_TKIP || in ieee80211_rx_h_michael_mic_verify()
135 !(status->flag & RX_FLAG_DECRYPTED)) in ieee80211_rx_h_michael_mic_verify()
138 if (rx->sdata->vif.type == NL80211_IFTYPE_AP && rx->key->conf.keyidx) { in ieee80211_rx_h_michael_mic_verify()
140 * APs with pairwise keys should never receive Michael MIC in ieee80211_rx_h_michael_mic_verify()
141 * errors for non-zero keyidx because these are reserved for in ieee80211_rx_h_michael_mic_verify()
148 if (status->flag & RX_FLAG_MMIC_ERROR) in ieee80211_rx_h_michael_mic_verify()
151 hdrlen = ieee80211_hdrlen(hdr->frame_control); in ieee80211_rx_h_michael_mic_verify()
152 if (skb->len < hdrlen + MICHAEL_MIC_LEN) in ieee80211_rx_h_michael_mic_verify()
155 if (skb_linearize(rx->skb)) in ieee80211_rx_h_michael_mic_verify()
157 hdr = (void *)skb->data; in ieee80211_rx_h_michael_mic_verify()
159 data = skb->data + hdrlen; in ieee80211_rx_h_michael_mic_verify()
160 data_len = skb->len - hdrlen - MICHAEL_MIC_LEN; in ieee80211_rx_h_michael_mic_verify()
161 key = &rx->key->conf.key[NL80211_TKIP_DATA_OFFSET_RX_MIC_KEY]; in ieee80211_rx_h_michael_mic_verify()
162 michael_mic(key, hdr, data, data_len, mic); in ieee80211_rx_h_michael_mic_verify()
163 if (crypto_memneq(mic, data + data_len, MICHAEL_MIC_LEN)) in ieee80211_rx_h_michael_mic_verify()
166 /* remove Michael MIC from payload */ in ieee80211_rx_h_michael_mic_verify()
167 skb_trim(skb, skb->len - MICHAEL_MIC_LEN); in ieee80211_rx_h_michael_mic_verify()
171 rx->key->u.tkip.rx[rx->security_idx].iv32 = rx->tkip.iv32; in ieee80211_rx_h_michael_mic_verify()
172 rx->key->u.tkip.rx[rx->security_idx].iv16 = rx->tkip.iv16; in ieee80211_rx_h_michael_mic_verify()
177 rx->key->u.tkip.mic_failures++; in ieee80211_rx_h_michael_mic_verify()
181 * In some cases the key can be unset - e.g. a multicast packet, in in ieee80211_rx_h_michael_mic_verify()
185 cfg80211_michael_mic_failure(rx->sdata->dev, hdr->addr2, in ieee80211_rx_h_michael_mic_verify()
186 is_multicast_ether_addr(hdr->addr1) ? in ieee80211_rx_h_michael_mic_verify()
189 rx->key ? rx->key->conf.keyidx : -1, in ieee80211_rx_h_michael_mic_verify()
196 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data; in tkip_encrypt_skb()
197 struct ieee80211_key *key = tx->key; in tkip_encrypt_skb()
202 u8 *pos; in tkip_encrypt_skb() local
204 if (info->control.hw_key && in tkip_encrypt_skb()
205 !(info->control.hw_key->flags & IEEE80211_KEY_FLAG_GENERATE_IV) && in tkip_encrypt_skb()
206 !(info->control.hw_key->flags & IEEE80211_KEY_FLAG_PUT_IV_SPACE)) { in tkip_encrypt_skb()
207 /* hwaccel - with no need for software-generated IV */ in tkip_encrypt_skb()
211 hdrlen = ieee80211_hdrlen(hdr->frame_control); in tkip_encrypt_skb()
212 len = skb->len - hdrlen; in tkip_encrypt_skb()
214 if (info->control.hw_key) in tkip_encrypt_skb()
221 return -1; in tkip_encrypt_skb()
223 pos = skb_push(skb, IEEE80211_TKIP_IV_LEN); in tkip_encrypt_skb()
224 memmove(pos, pos + IEEE80211_TKIP_IV_LEN, hdrlen); in tkip_encrypt_skb()
225 pos += hdrlen; in tkip_encrypt_skb()
228 if (info->control.hw_key && in tkip_encrypt_skb()
229 (info->control.hw_key->flags & IEEE80211_KEY_FLAG_PUT_IV_SPACE)) in tkip_encrypt_skb()
233 pn = atomic64_inc_return(&key->conf.tx_pn); in tkip_encrypt_skb()
234 pos = ieee80211_tkip_add_iv(pos, &key->conf, pn); in tkip_encrypt_skb()
236 /* hwaccel - with software IV */ in tkip_encrypt_skb()
237 if (info->control.hw_key) in tkip_encrypt_skb()
243 return ieee80211_tkip_encrypt_data(&tx->local->wep_tx_ctx, in tkip_encrypt_skb()
244 key, skb, pos, len); in tkip_encrypt_skb()
255 skb_queue_walk(&tx->skbs, skb) { in ieee80211_crypto_tkip_encrypt()
267 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) rx->skb->data; in ieee80211_crypto_tkip_decrypt()
269 struct ieee80211_key *key = rx->key; in ieee80211_crypto_tkip_decrypt()
270 struct sk_buff *skb = rx->skb; in ieee80211_crypto_tkip_decrypt()
273 hdrlen = ieee80211_hdrlen(hdr->frame_control); in ieee80211_crypto_tkip_decrypt()
275 if (!ieee80211_is_data(hdr->frame_control)) in ieee80211_crypto_tkip_decrypt()
278 if (!rx->sta || skb->len - hdrlen < 12) in ieee80211_crypto_tkip_decrypt()
282 if (skb_linearize(rx->skb)) in ieee80211_crypto_tkip_decrypt()
284 hdr = (void *)skb->data; in ieee80211_crypto_tkip_decrypt()
291 if (status->flag & RX_FLAG_DECRYPTED) in ieee80211_crypto_tkip_decrypt()
294 res = ieee80211_tkip_decrypt_data(&rx->local->wep_rx_ctx, in ieee80211_crypto_tkip_decrypt()
295 key, skb->data + hdrlen, in ieee80211_crypto_tkip_decrypt()
296 skb->len - hdrlen, rx->sta->sta.addr, in ieee80211_crypto_tkip_decrypt()
297 hdr->addr1, hwaccel, rx->security_idx, in ieee80211_crypto_tkip_decrypt()
298 &rx->tkip.iv32, in ieee80211_crypto_tkip_decrypt()
299 &rx->tkip.iv16); in ieee80211_crypto_tkip_decrypt()
304 if (!(status->flag & RX_FLAG_ICV_STRIPPED)) in ieee80211_crypto_tkip_decrypt()
305 skb_trim(skb, skb->len - IEEE80211_TKIP_ICV_LEN); in ieee80211_crypto_tkip_decrypt()
308 memmove(skb->data + IEEE80211_TKIP_IV_LEN, skb->data, hdrlen); in ieee80211_crypto_tkip_decrypt()
320 struct ieee80211_hdr *hdr = (void *)skb->data; in ccmp_gcmp_aad()
330 mgmt = ieee80211_is_mgmt(hdr->frame_control); in ccmp_gcmp_aad()
331 mask_fc = hdr->frame_control; in ccmp_gcmp_aad()
338 a4_included = ieee80211_has_a4(hdr->frame_control); in ccmp_gcmp_aad()
342 if (ieee80211_is_data_qos(hdr->frame_control)) { in ccmp_gcmp_aad()
357 /* AAD (extra authenticate-only data) / masked 802.11 header in ccmp_gcmp_aad()
361 memcpy(&aad[4], &hdr->addrs, 3 * ETH_ALEN); in ccmp_gcmp_aad()
364 aad[22] = *((u8 *) &hdr->seq_ctrl) & 0x0f; in ccmp_gcmp_aad()
368 memcpy(&aad[24], hdr->addr4, ETH_ALEN); in ccmp_gcmp_aad()
382 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data; in ccmp_special_blocks()
397 b_0[1] = qos_tid | (ieee80211_is_mgmt(hdr->frame_control) << 4); in ccmp_special_blocks()
398 memcpy(&b_0[2], hdr->addr2, ETH_ALEN); in ccmp_special_blocks()
429 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data; in ccmp_encrypt_skb()
430 struct ieee80211_key *key = tx->key; in ccmp_encrypt_skb()
433 u8 *pos; in ccmp_encrypt_skb() local
439 if (info->control.hw_key && in ccmp_encrypt_skb()
440 !(info->control.hw_key->flags & IEEE80211_KEY_FLAG_GENERATE_IV) && in ccmp_encrypt_skb()
441 !(info->control.hw_key->flags & IEEE80211_KEY_FLAG_PUT_IV_SPACE) && in ccmp_encrypt_skb()
442 !((info->control.hw_key->flags & in ccmp_encrypt_skb()
444 ieee80211_is_mgmt(hdr->frame_control))) { in ccmp_encrypt_skb()
447 * header or MIC fields in ccmp_encrypt_skb()
452 hdrlen = ieee80211_hdrlen(hdr->frame_control); in ccmp_encrypt_skb()
453 len = skb->len - hdrlen; in ccmp_encrypt_skb()
455 if (info->control.hw_key) in ccmp_encrypt_skb()
462 return -1; in ccmp_encrypt_skb()
464 pos = skb_push(skb, IEEE80211_CCMP_HDR_LEN); in ccmp_encrypt_skb()
465 memmove(pos, pos + IEEE80211_CCMP_HDR_LEN, hdrlen); in ccmp_encrypt_skb()
468 if (info->control.hw_key && in ccmp_encrypt_skb()
469 (info->control.hw_key->flags & IEEE80211_KEY_FLAG_PUT_IV_SPACE)) in ccmp_encrypt_skb()
472 pos += hdrlen; in ccmp_encrypt_skb()
474 pn64 = atomic64_inc_return(&key->conf.tx_pn); in ccmp_encrypt_skb()
483 ccmp_pn2hdr(pos, pn, key->conf.keyidx); in ccmp_encrypt_skb()
485 /* hwaccel - with software CCMP header */ in ccmp_encrypt_skb()
486 if (info->control.hw_key) in ccmp_encrypt_skb()
489 pos += IEEE80211_CCMP_HDR_LEN; in ccmp_encrypt_skb()
491 key->conf.flags & IEEE80211_KEY_FLAG_SPP_AMSDU); in ccmp_encrypt_skb()
492 return ieee80211_aes_ccm_encrypt(key->u.ccmp.tfm, b_0, aad, pos, len, in ccmp_encrypt_skb()
505 skb_queue_walk(&tx->skbs, skb) { in ieee80211_crypto_ccmp_encrypt()
518 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)rx->skb->data; in ieee80211_crypto_ccmp_decrypt()
520 struct ieee80211_key *key = rx->key; in ieee80211_crypto_ccmp_decrypt()
521 struct sk_buff *skb = rx->skb; in ieee80211_crypto_ccmp_decrypt()
527 hdrlen = ieee80211_hdrlen(hdr->frame_control); in ieee80211_crypto_ccmp_decrypt()
529 if (!ieee80211_is_data(hdr->frame_control) && in ieee80211_crypto_ccmp_decrypt()
533 if (status->flag & RX_FLAG_DECRYPTED) { in ieee80211_crypto_ccmp_decrypt()
534 if (!pskb_may_pull(rx->skb, hdrlen + IEEE80211_CCMP_HDR_LEN)) in ieee80211_crypto_ccmp_decrypt()
536 if (status->flag & RX_FLAG_MIC_STRIPPED) in ieee80211_crypto_ccmp_decrypt()
539 if (skb_linearize(rx->skb)) in ieee80211_crypto_ccmp_decrypt()
543 /* reload hdr - skb might have been reallocated */ in ieee80211_crypto_ccmp_decrypt()
544 hdr = (void *)rx->skb->data; in ieee80211_crypto_ccmp_decrypt()
546 data_len = skb->len - hdrlen - IEEE80211_CCMP_HDR_LEN - mic_len; in ieee80211_crypto_ccmp_decrypt()
547 if (!rx->sta || data_len < 0) in ieee80211_crypto_ccmp_decrypt()
550 if (!(status->flag & RX_FLAG_PN_VALIDATED)) { in ieee80211_crypto_ccmp_decrypt()
553 ccmp_hdr2pn(pn, skb->data + hdrlen); in ieee80211_crypto_ccmp_decrypt()
555 queue = rx->security_idx; in ieee80211_crypto_ccmp_decrypt()
557 res = memcmp(pn, key->u.ccmp.rx_pn[queue], in ieee80211_crypto_ccmp_decrypt()
560 (!res && !(status->flag & RX_FLAG_ALLOW_SAME_PN))) { in ieee80211_crypto_ccmp_decrypt()
561 key->u.ccmp.replays++; in ieee80211_crypto_ccmp_decrypt()
565 if (!(status->flag & RX_FLAG_DECRYPTED)) { in ieee80211_crypto_ccmp_decrypt()
568 /* hardware didn't decrypt/verify MIC */ in ieee80211_crypto_ccmp_decrypt()
570 key->conf.flags & IEEE80211_KEY_FLAG_SPP_AMSDU); in ieee80211_crypto_ccmp_decrypt()
573 key->u.ccmp.tfm, b_0, aad, in ieee80211_crypto_ccmp_decrypt()
574 skb->data + hdrlen + IEEE80211_CCMP_HDR_LEN, in ieee80211_crypto_ccmp_decrypt()
576 skb->data + skb->len - mic_len)) in ieee80211_crypto_ccmp_decrypt()
580 memcpy(key->u.ccmp.rx_pn[queue], pn, IEEE80211_CCMP_PN_LEN); in ieee80211_crypto_ccmp_decrypt()
582 memcpy(rx->ccm_gcm.pn, pn, IEEE80211_CCMP_PN_LEN); in ieee80211_crypto_ccmp_decrypt()
585 /* Remove CCMP header and MIC */ in ieee80211_crypto_ccmp_decrypt()
586 if (pskb_trim(skb, skb->len - mic_len)) in ieee80211_crypto_ccmp_decrypt()
588 memmove(skb->data + IEEE80211_CCMP_HDR_LEN, skb->data, hdrlen); in ieee80211_crypto_ccmp_decrypt()
597 struct ieee80211_hdr *hdr = (void *)skb->data; in gcmp_special_blocks()
599 memcpy(j_0, hdr->addr2, ETH_ALEN); in gcmp_special_blocks()
603 j_0[AES_BLOCK_SIZE - 1] = 0x01; in gcmp_special_blocks()
632 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data; in gcmp_encrypt_skb()
633 struct ieee80211_key *key = tx->key; in gcmp_encrypt_skb()
636 u8 *pos; in gcmp_encrypt_skb() local
642 if (info->control.hw_key && in gcmp_encrypt_skb()
643 !(info->control.hw_key->flags & IEEE80211_KEY_FLAG_GENERATE_IV) && in gcmp_encrypt_skb()
644 !(info->control.hw_key->flags & IEEE80211_KEY_FLAG_PUT_IV_SPACE) && in gcmp_encrypt_skb()
645 !((info->control.hw_key->flags & in gcmp_encrypt_skb()
647 ieee80211_is_mgmt(hdr->frame_control))) { in gcmp_encrypt_skb()
649 * header or MIC fields in gcmp_encrypt_skb()
654 hdrlen = ieee80211_hdrlen(hdr->frame_control); in gcmp_encrypt_skb()
655 len = skb->len - hdrlen; in gcmp_encrypt_skb()
657 if (info->control.hw_key) in gcmp_encrypt_skb()
664 return -1; in gcmp_encrypt_skb()
666 pos = skb_push(skb, IEEE80211_GCMP_HDR_LEN); in gcmp_encrypt_skb()
667 memmove(pos, pos + IEEE80211_GCMP_HDR_LEN, hdrlen); in gcmp_encrypt_skb()
672 if (info->control.hw_key && in gcmp_encrypt_skb()
673 (info->control.hw_key->flags & IEEE80211_KEY_FLAG_PUT_IV_SPACE)) in gcmp_encrypt_skb()
676 pos += hdrlen; in gcmp_encrypt_skb()
678 pn64 = atomic64_inc_return(&key->conf.tx_pn); in gcmp_encrypt_skb()
687 gcmp_pn2hdr(pos, pn, key->conf.keyidx); in gcmp_encrypt_skb()
689 /* hwaccel - with software GCMP header */ in gcmp_encrypt_skb()
690 if (info->control.hw_key) in gcmp_encrypt_skb()
693 pos += IEEE80211_GCMP_HDR_LEN; in gcmp_encrypt_skb()
695 key->conf.flags & IEEE80211_KEY_FLAG_SPP_AMSDU); in gcmp_encrypt_skb()
696 return ieee80211_aes_gcm_encrypt(key->u.gcmp.tfm, j_0, aad, pos, len, in gcmp_encrypt_skb()
707 skb_queue_walk(&tx->skbs, skb) { in ieee80211_crypto_gcmp_encrypt()
718 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)rx->skb->data; in ieee80211_crypto_gcmp_decrypt()
720 struct ieee80211_key *key = rx->key; in ieee80211_crypto_gcmp_decrypt()
721 struct sk_buff *skb = rx->skb; in ieee80211_crypto_gcmp_decrypt()
726 hdrlen = ieee80211_hdrlen(hdr->frame_control); in ieee80211_crypto_gcmp_decrypt()
728 if (!ieee80211_is_data(hdr->frame_control) && in ieee80211_crypto_gcmp_decrypt()
732 if (status->flag & RX_FLAG_DECRYPTED) { in ieee80211_crypto_gcmp_decrypt()
733 if (!pskb_may_pull(rx->skb, hdrlen + IEEE80211_GCMP_HDR_LEN)) in ieee80211_crypto_gcmp_decrypt()
735 if (status->flag & RX_FLAG_MIC_STRIPPED) in ieee80211_crypto_gcmp_decrypt()
738 if (skb_linearize(rx->skb)) in ieee80211_crypto_gcmp_decrypt()
742 /* reload hdr - skb might have been reallocated */ in ieee80211_crypto_gcmp_decrypt()
743 hdr = (void *)rx->skb->data; in ieee80211_crypto_gcmp_decrypt()
745 data_len = skb->len - hdrlen - IEEE80211_GCMP_HDR_LEN - mic_len; in ieee80211_crypto_gcmp_decrypt()
746 if (!rx->sta || data_len < 0) in ieee80211_crypto_gcmp_decrypt()
749 if (!(status->flag & RX_FLAG_PN_VALIDATED)) { in ieee80211_crypto_gcmp_decrypt()
752 gcmp_hdr2pn(pn, skb->data + hdrlen); in ieee80211_crypto_gcmp_decrypt()
754 queue = rx->security_idx; in ieee80211_crypto_gcmp_decrypt()
756 res = memcmp(pn, key->u.gcmp.rx_pn[queue], in ieee80211_crypto_gcmp_decrypt()
759 (!res && !(status->flag & RX_FLAG_ALLOW_SAME_PN))) { in ieee80211_crypto_gcmp_decrypt()
760 key->u.gcmp.replays++; in ieee80211_crypto_gcmp_decrypt()
764 if (!(status->flag & RX_FLAG_DECRYPTED)) { in ieee80211_crypto_gcmp_decrypt()
767 /* hardware didn't decrypt/verify MIC */ in ieee80211_crypto_gcmp_decrypt()
769 key->conf.flags & IEEE80211_KEY_FLAG_SPP_AMSDU); in ieee80211_crypto_gcmp_decrypt()
772 key->u.gcmp.tfm, j_0, aad, in ieee80211_crypto_gcmp_decrypt()
773 skb->data + hdrlen + IEEE80211_GCMP_HDR_LEN, in ieee80211_crypto_gcmp_decrypt()
775 skb->data + skb->len - in ieee80211_crypto_gcmp_decrypt()
780 memcpy(key->u.gcmp.rx_pn[queue], pn, IEEE80211_GCMP_PN_LEN); in ieee80211_crypto_gcmp_decrypt()
782 memcpy(rx->ccm_gcm.pn, pn, IEEE80211_CCMP_PN_LEN); in ieee80211_crypto_gcmp_decrypt()
785 /* Remove GCMP header and MIC */ in ieee80211_crypto_gcmp_decrypt()
786 if (pskb_trim(skb, skb->len - mic_len)) in ieee80211_crypto_gcmp_decrypt()
788 memmove(skb->data + IEEE80211_GCMP_HDR_LEN, skb->data, hdrlen); in ieee80211_crypto_gcmp_decrypt()
797 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data; in bip_aad()
803 mask_fc = hdr->frame_control; in bip_aad()
808 memcpy(aad + 2, &hdr->addrs, 3 * ETH_ALEN); in bip_aad()
838 struct ieee80211_key *key = tx->key; in ieee80211_crypto_aes_cmac_encrypt()
843 if (WARN_ON(skb_queue_len(&tx->skbs) != 1)) in ieee80211_crypto_aes_cmac_encrypt()
846 skb = skb_peek(&tx->skbs); in ieee80211_crypto_aes_cmac_encrypt()
850 if (info->control.hw_key && in ieee80211_crypto_aes_cmac_encrypt()
851 !(key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_MMIE)) in ieee80211_crypto_aes_cmac_encrypt()
858 mmie->element_id = WLAN_EID_MMIE; in ieee80211_crypto_aes_cmac_encrypt()
859 mmie->length = sizeof(*mmie) - 2; in ieee80211_crypto_aes_cmac_encrypt()
860 mmie->key_id = cpu_to_le16(key->conf.keyidx); in ieee80211_crypto_aes_cmac_encrypt()
863 pn64 = atomic64_inc_return(&key->conf.tx_pn); in ieee80211_crypto_aes_cmac_encrypt()
865 bip_ipn_set64(mmie->sequence_number, pn64); in ieee80211_crypto_aes_cmac_encrypt()
867 if (info->control.hw_key) in ieee80211_crypto_aes_cmac_encrypt()
873 * MIC = AES-128-CMAC(IGTK, AAD || Management Frame Body || MMIE, 64) in ieee80211_crypto_aes_cmac_encrypt()
875 ieee80211_aes_cmac(key->u.aes_cmac.tfm, aad, in ieee80211_crypto_aes_cmac_encrypt()
876 skb->data + 24, skb->len - 24, mmie->mic); in ieee80211_crypto_aes_cmac_encrypt()
886 struct ieee80211_key *key = tx->key; in ieee80211_crypto_aes_cmac_256_encrypt()
891 if (WARN_ON(skb_queue_len(&tx->skbs) != 1)) in ieee80211_crypto_aes_cmac_256_encrypt()
894 skb = skb_peek(&tx->skbs); in ieee80211_crypto_aes_cmac_256_encrypt()
898 if (info->control.hw_key && in ieee80211_crypto_aes_cmac_256_encrypt()
899 !(key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_MMIE)) in ieee80211_crypto_aes_cmac_256_encrypt()
906 mmie->element_id = WLAN_EID_MMIE; in ieee80211_crypto_aes_cmac_256_encrypt()
907 mmie->length = sizeof(*mmie) - 2; in ieee80211_crypto_aes_cmac_256_encrypt()
908 mmie->key_id = cpu_to_le16(key->conf.keyidx); in ieee80211_crypto_aes_cmac_256_encrypt()
911 pn64 = atomic64_inc_return(&key->conf.tx_pn); in ieee80211_crypto_aes_cmac_256_encrypt()
913 bip_ipn_set64(mmie->sequence_number, pn64); in ieee80211_crypto_aes_cmac_256_encrypt()
915 if (info->control.hw_key) in ieee80211_crypto_aes_cmac_256_encrypt()
920 /* MIC = AES-256-CMAC(IGTK, AAD || Management Frame Body || MMIE, 128) in ieee80211_crypto_aes_cmac_256_encrypt()
922 ieee80211_aes_cmac_256(key->u.aes_cmac.tfm, aad, in ieee80211_crypto_aes_cmac_256_encrypt()
923 skb->data + 24, skb->len - 24, mmie->mic); in ieee80211_crypto_aes_cmac_256_encrypt()
931 struct sk_buff *skb = rx->skb; in ieee80211_crypto_aes_cmac_decrypt()
933 struct ieee80211_key *key = rx->key; in ieee80211_crypto_aes_cmac_decrypt()
935 u8 aad[20], mic[8], ipn[6]; in ieee80211_crypto_aes_cmac_decrypt() local
936 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data; in ieee80211_crypto_aes_cmac_decrypt()
938 if (!ieee80211_is_mgmt(hdr->frame_control)) in ieee80211_crypto_aes_cmac_decrypt()
943 if (skb->len < 24 + sizeof(*mmie)) in ieee80211_crypto_aes_cmac_decrypt()
947 (skb->data + skb->len - sizeof(*mmie)); in ieee80211_crypto_aes_cmac_decrypt()
948 if (mmie->element_id != WLAN_EID_MMIE || in ieee80211_crypto_aes_cmac_decrypt()
949 mmie->length != sizeof(*mmie) - 2) in ieee80211_crypto_aes_cmac_decrypt()
952 bip_ipn_swap(ipn, mmie->sequence_number); in ieee80211_crypto_aes_cmac_decrypt()
954 if (memcmp(ipn, key->u.aes_cmac.rx_pn, 6) <= 0) { in ieee80211_crypto_aes_cmac_decrypt()
955 key->u.aes_cmac.replays++; in ieee80211_crypto_aes_cmac_decrypt()
959 if (!(status->flag & RX_FLAG_DECRYPTED)) { in ieee80211_crypto_aes_cmac_decrypt()
960 /* hardware didn't decrypt/verify MIC */ in ieee80211_crypto_aes_cmac_decrypt()
962 ieee80211_aes_cmac(key->u.aes_cmac.tfm, aad, in ieee80211_crypto_aes_cmac_decrypt()
963 skb->data + 24, skb->len - 24, mic); in ieee80211_crypto_aes_cmac_decrypt()
964 if (crypto_memneq(mic, mmie->mic, sizeof(mmie->mic))) { in ieee80211_crypto_aes_cmac_decrypt()
965 key->u.aes_cmac.icverrors++; in ieee80211_crypto_aes_cmac_decrypt()
970 memcpy(key->u.aes_cmac.rx_pn, ipn, 6); in ieee80211_crypto_aes_cmac_decrypt()
973 skb_trim(skb, skb->len - sizeof(*mmie)); in ieee80211_crypto_aes_cmac_decrypt()
981 struct sk_buff *skb = rx->skb; in ieee80211_crypto_aes_cmac_256_decrypt()
983 struct ieee80211_key *key = rx->key; in ieee80211_crypto_aes_cmac_256_decrypt()
985 u8 aad[20], mic[16], ipn[6]; in ieee80211_crypto_aes_cmac_256_decrypt() local
986 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data; in ieee80211_crypto_aes_cmac_256_decrypt()
988 if (!ieee80211_is_mgmt(hdr->frame_control)) in ieee80211_crypto_aes_cmac_256_decrypt()
993 if (skb->len < 24 + sizeof(*mmie)) in ieee80211_crypto_aes_cmac_256_decrypt()
997 (skb->data + skb->len - sizeof(*mmie)); in ieee80211_crypto_aes_cmac_256_decrypt()
998 if (mmie->element_id != WLAN_EID_MMIE || in ieee80211_crypto_aes_cmac_256_decrypt()
999 mmie->length != sizeof(*mmie) - 2) in ieee80211_crypto_aes_cmac_256_decrypt()
1002 bip_ipn_swap(ipn, mmie->sequence_number); in ieee80211_crypto_aes_cmac_256_decrypt()
1004 if (memcmp(ipn, key->u.aes_cmac.rx_pn, 6) <= 0) { in ieee80211_crypto_aes_cmac_256_decrypt()
1005 key->u.aes_cmac.replays++; in ieee80211_crypto_aes_cmac_256_decrypt()
1009 if (!(status->flag & RX_FLAG_DECRYPTED)) { in ieee80211_crypto_aes_cmac_256_decrypt()
1010 /* hardware didn't decrypt/verify MIC */ in ieee80211_crypto_aes_cmac_256_decrypt()
1012 ieee80211_aes_cmac_256(key->u.aes_cmac.tfm, aad, in ieee80211_crypto_aes_cmac_256_decrypt()
1013 skb->data + 24, skb->len - 24, mic); in ieee80211_crypto_aes_cmac_256_decrypt()
1014 if (crypto_memneq(mic, mmie->mic, sizeof(mmie->mic))) { in ieee80211_crypto_aes_cmac_256_decrypt()
1015 key->u.aes_cmac.icverrors++; in ieee80211_crypto_aes_cmac_256_decrypt()
1020 memcpy(key->u.aes_cmac.rx_pn, ipn, 6); in ieee80211_crypto_aes_cmac_256_decrypt()
1023 skb_trim(skb, skb->len - sizeof(*mmie)); in ieee80211_crypto_aes_cmac_256_decrypt()
1033 struct ieee80211_key *key = tx->key; in ieee80211_crypto_aes_gmac_encrypt()
1040 if (WARN_ON(skb_queue_len(&tx->skbs) != 1)) in ieee80211_crypto_aes_gmac_encrypt()
1043 skb = skb_peek(&tx->skbs); in ieee80211_crypto_aes_gmac_encrypt()
1047 if (info->control.hw_key && in ieee80211_crypto_aes_gmac_encrypt()
1048 !(key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_MMIE)) in ieee80211_crypto_aes_gmac_encrypt()
1055 mmie->element_id = WLAN_EID_MMIE; in ieee80211_crypto_aes_gmac_encrypt()
1056 mmie->length = sizeof(*mmie) - 2; in ieee80211_crypto_aes_gmac_encrypt()
1057 mmie->key_id = cpu_to_le16(key->conf.keyidx); in ieee80211_crypto_aes_gmac_encrypt()
1060 pn64 = atomic64_inc_return(&key->conf.tx_pn); in ieee80211_crypto_aes_gmac_encrypt()
1062 bip_ipn_set64(mmie->sequence_number, pn64); in ieee80211_crypto_aes_gmac_encrypt()
1064 if (info->control.hw_key) in ieee80211_crypto_aes_gmac_encrypt()
1069 hdr = (struct ieee80211_hdr *)skb->data; in ieee80211_crypto_aes_gmac_encrypt()
1070 memcpy(nonce, hdr->addr2, ETH_ALEN); in ieee80211_crypto_aes_gmac_encrypt()
1071 bip_ipn_swap(nonce + ETH_ALEN, mmie->sequence_number); in ieee80211_crypto_aes_gmac_encrypt()
1073 /* MIC = AES-GMAC(IGTK, AAD || Management Frame Body || MMIE, 128) */ in ieee80211_crypto_aes_gmac_encrypt()
1074 if (ieee80211_aes_gmac(key->u.aes_gmac.tfm, aad, nonce, in ieee80211_crypto_aes_gmac_encrypt()
1075 skb->data + 24, skb->len - 24, mmie->mic) < 0) in ieee80211_crypto_aes_gmac_encrypt()
1084 struct sk_buff *skb = rx->skb; in ieee80211_crypto_aes_gmac_decrypt()
1086 struct ieee80211_key *key = rx->key; in ieee80211_crypto_aes_gmac_decrypt()
1088 u8 aad[GMAC_AAD_LEN], *mic, ipn[6], nonce[GMAC_NONCE_LEN]; in ieee80211_crypto_aes_gmac_decrypt() local
1089 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data; in ieee80211_crypto_aes_gmac_decrypt()
1091 if (!ieee80211_is_mgmt(hdr->frame_control)) in ieee80211_crypto_aes_gmac_decrypt()
1096 if (skb->len < 24 + sizeof(*mmie)) in ieee80211_crypto_aes_gmac_decrypt()
1100 (skb->data + skb->len - sizeof(*mmie)); in ieee80211_crypto_aes_gmac_decrypt()
1101 if (mmie->element_id != WLAN_EID_MMIE || in ieee80211_crypto_aes_gmac_decrypt()
1102 mmie->length != sizeof(*mmie) - 2) in ieee80211_crypto_aes_gmac_decrypt()
1105 bip_ipn_swap(ipn, mmie->sequence_number); in ieee80211_crypto_aes_gmac_decrypt()
1107 if (memcmp(ipn, key->u.aes_gmac.rx_pn, 6) <= 0) { in ieee80211_crypto_aes_gmac_decrypt()
1108 key->u.aes_gmac.replays++; in ieee80211_crypto_aes_gmac_decrypt()
1112 if (!(status->flag & RX_FLAG_DECRYPTED)) { in ieee80211_crypto_aes_gmac_decrypt()
1113 /* hardware didn't decrypt/verify MIC */ in ieee80211_crypto_aes_gmac_decrypt()
1116 memcpy(nonce, hdr->addr2, ETH_ALEN); in ieee80211_crypto_aes_gmac_decrypt()
1119 mic = kmalloc(GMAC_MIC_LEN, GFP_ATOMIC); in ieee80211_crypto_aes_gmac_decrypt()
1120 if (!mic) in ieee80211_crypto_aes_gmac_decrypt()
1122 if (ieee80211_aes_gmac(key->u.aes_gmac.tfm, aad, nonce, in ieee80211_crypto_aes_gmac_decrypt()
1123 skb->data + 24, skb->len - 24, in ieee80211_crypto_aes_gmac_decrypt()
1124 mic) < 0 || in ieee80211_crypto_aes_gmac_decrypt()
1125 crypto_memneq(mic, mmie->mic, sizeof(mmie->mic))) { in ieee80211_crypto_aes_gmac_decrypt()
1126 key->u.aes_gmac.icverrors++; in ieee80211_crypto_aes_gmac_decrypt()
1127 kfree(mic); in ieee80211_crypto_aes_gmac_decrypt()
1130 kfree(mic); in ieee80211_crypto_aes_gmac_decrypt()
1133 memcpy(key->u.aes_gmac.rx_pn, ipn, 6); in ieee80211_crypto_aes_gmac_decrypt()
1136 skb_trim(skb, skb->len - sizeof(*mmie)); in ieee80211_crypto_aes_gmac_decrypt()