1 /* 2 * Copyright (c) 2017-2021 The Linux Foundation. All rights reserved. 3 * 4 * Permission to use, copy, modify, and/or distribute this software for 5 * any purpose with or without fee is hereby granted, provided that the 6 * above copyright notice and this permission notice appear in all 7 * copies. 8 * 9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL 10 * WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED 11 * WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE 12 * AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL 13 * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR 14 * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER 15 * TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR 16 * PERFORMANCE OF THIS SOFTWARE. 17 */ 18 19 /** 20 * DOC: Public APIs for crypto service 21 */ 22 #ifndef _WLAN_CRYPTO_GLOBAL_API_H_ 23 #define _WLAN_CRYPTO_GLOBAL_API_H_ 24 25 #include "wlan_crypto_global_def.h" 26 #include <qdf_crypto.h> 27 /** 28 * wlan_crypto_set_vdev_param - called by ucfg to set crypto param 29 * @vdev: vdev 30 * @param: param to be set. 31 * @value: value 32 * 33 * This function gets called from ucfg to set param 34 * 35 * Return: QDF_STATUS_SUCCESS - in case of success 36 */ 37 QDF_STATUS wlan_crypto_set_vdev_param(struct wlan_objmgr_vdev *vdev, 38 wlan_crypto_param_type param, 39 uint32_t value); 40 41 /** 42 * wlan_crypto_set_peer_param - called by ucfg to set crypto param 43 * 44 * @peer: peer 45 * @param: param to be set. 46 * @value: value 47 * 48 * This function gets called from ucfg to set param 49 * 50 * Return: QDF_STATUS_SUCCESS - in case of success 51 */ 52 QDF_STATUS wlan_crypto_set_peer_param(struct wlan_objmgr_peer *peer, 53 wlan_crypto_param_type param, 54 uint32_t value); 55 56 /** 57 * wlan_crypto_get_param - called by ucfg to get crypto param 58 * @vdev: vdev 59 * @param: param to be get. 60 * 61 * This function gets called from ucfg to get param 62 * 63 * Return: value or -1 for failure 64 */ 65 int32_t wlan_crypto_get_param(struct wlan_objmgr_vdev *vdev, 66 wlan_crypto_param_type param); 67 /** 68 * wlan_crypto_get_peer_param - called by ucfg to get crypto peer param 69 * @peer: peer 70 * @param: param to be get. 71 * 72 * This function gets called from ucfg to get peer param 73 * 74 * Return: value or -1 for failure 75 */ 76 int32_t wlan_crypto_get_peer_param(struct wlan_objmgr_peer *peer, 77 wlan_crypto_param_type param); 78 79 /** 80 * wlan_crypto_is_htallowed - called by ucfg to check if HT rates is allowed 81 * @vdev: Vdev 82 * @peer: Peer 83 * 84 * This function is called to check if HT rates is allowed 85 * 86 * Return: 0 for not allowed and +ve for allowed 87 */ 88 uint8_t wlan_crypto_is_htallowed(struct wlan_objmgr_vdev *vdev, 89 struct wlan_objmgr_peer *peer); 90 /** 91 * wlan_crypto_setkey - called by ucfg to setkey 92 * @vdev: vdev 93 * @req_key: req_key with cipher type, key macaddress 94 * 95 * This function gets called from ucfg to sey key 96 * 97 * Return: QDF_STATUS_SUCCESS - in case of success 98 */ 99 QDF_STATUS wlan_crypto_setkey(struct wlan_objmgr_vdev *vdev, 100 struct wlan_crypto_req_key *req_key); 101 102 /** 103 * wlan_crypto_getkey - called by ucfg to get key 104 * @vdev: vdev 105 * @req_key: key value will be copied in this req_key 106 * @mac_address: mac address of the peer for unicast key 107 * or broadcast address if group key is requested. 108 * 109 * This function gets called from ucfg to get key 110 * 111 * Return: QDF_STATUS_SUCCESS - in case of success 112 */ 113 QDF_STATUS wlan_crypto_getkey(struct wlan_objmgr_vdev *vdev, 114 struct wlan_crypto_req_key *req_key, 115 uint8_t *mac_addr); 116 117 /** 118 * wlan_crypto_delkey - called by ucfg to delete key 119 * @vdev: vdev 120 * @mac_address: mac address of the peer for unicast key 121 * or broadcast address if group key is deleted. 122 * @key_idx: key index to be deleted 123 * 124 * This function gets called from ucfg to delete key 125 * 126 * Return: QDF_STATUS_SUCCESS - in case of success 127 */ 128 QDF_STATUS wlan_crypto_delkey(struct wlan_objmgr_vdev *vdev, 129 uint8_t *macaddr, 130 uint8_t key_idx); 131 132 /** 133 * wlan_crypto_default_key - called by ucfg to set default tx key 134 * @vdev: vdev 135 * @mac_address: mac address of the peer for unicast key 136 * or broadcast address if group key need to made default. 137 * @key_idx: key index to be made as default key 138 * @unicast: is key was unicast or group key. 139 * 140 * This function gets called from ucfg to set default key 141 * 142 * Return: QDF_STATUS_SUCCESS - in case of success 143 */ 144 QDF_STATUS wlan_crypto_default_key(struct wlan_objmgr_vdev *vdev, 145 uint8_t *macaddr, 146 uint8_t key_idx, 147 bool unicast); 148 149 /** 150 * wlan_crypto_encap - called by mgmt for encap the frame based on cipher 151 * @vdev: vdev 152 * @wbuf: wbuf 153 * @macaddr: macaddr 154 * @encapdone: is encapdone already or not. 155 * 156 * This function gets called from mgmt txrx to encap frame. 157 * 158 * Return: QDF_STATUS_SUCCESS - in case of success 159 */ 160 QDF_STATUS wlan_crypto_encap(struct wlan_objmgr_vdev *vdev, 161 qdf_nbuf_t wbuf, 162 uint8_t *macaddr, 163 uint8_t encapdone); 164 165 /** 166 * wlan_crypto_decap - called by mgmt for decap the frame based on cipher 167 * @vdev: vdev 168 * @wbuf: wbuf 169 * @macaddr: macaddr 170 * @tid: tid of the packet. 171 * 172 * This function gets called from mgmt txrx to decap frame. 173 * 174 * Return: QDF_STATUS_SUCCESS - in case of success 175 */ 176 QDF_STATUS wlan_crypto_decap(struct wlan_objmgr_vdev *vdev, 177 qdf_nbuf_t wbuf, 178 uint8_t *macaddr, 179 uint8_t tid); 180 181 /** 182 * wlan_crypto_enmic - called by mgmt for adding mic in frame based on cipher 183 * @vdev: vdev 184 * @wbuf: wbuf 185 * @macaddr: macaddr 186 * @encapdone: is encapdone already or not. 187 * 188 * This function gets called from mgmt txrx to adding mic to the frame. 189 * 190 * Return: QDF_STATUS_SUCCESS - in case of success 191 */ 192 QDF_STATUS wlan_crypto_enmic(struct wlan_objmgr_vdev *vdev, 193 qdf_nbuf_t wbuf, 194 uint8_t *macaddr, 195 uint8_t encapdone); 196 197 /** 198 * wlan_crypto_demic - called by mgmt for remove and check mic for 199 * the frame based on cipher 200 * @vdev: vdev 201 * @wbuf: wbuf 202 * @macaddr: macaddr 203 * @tid: tid of the frame 204 * @keyid: keyid in the received frame 205 * 206 * This function gets called from mgmt txrx to decap frame. 207 * 208 * Return: QDF_STATUS_SUCCESS - in case of success 209 */ 210 QDF_STATUS wlan_crypto_demic(struct wlan_objmgr_vdev *vdev, 211 qdf_nbuf_t wbuf, 212 uint8_t *macaddr, 213 uint8_t tid, 214 uint8_t keyid); 215 216 /** 217 * wlan_crypto_vdev_is_pmf_enabled - called to check is pmf enabled in vdev 218 * @vdev: vdev 219 * 220 * This function gets called to check is pmf enabled or not in vdev. 221 * 222 * Return: true or false 223 */ 224 bool wlan_crypto_vdev_is_pmf_enabled(struct wlan_objmgr_vdev *vdev); 225 226 /** 227 * wlan_crypto_vdev_is_pmf_required - called to check is pmf required in vdev 228 * @vdev: vdev 229 * 230 * This function gets called to check is pmf required or not in vdev. 231 * 232 * Return: true or false 233 */ 234 bool wlan_crypto_vdev_is_pmf_required(struct wlan_objmgr_vdev *vdev); 235 236 /** 237 * wlan_crypto_is_pmf_enabled - called by mgmt txrx to check is pmf enabled 238 * @vdev: vdev 239 * @peer: peer 240 * 241 * This function gets called by mgmt txrx to check is pmf enabled or not. 242 * 243 * Return: true or false 244 */ 245 bool wlan_crypto_is_pmf_enabled(struct wlan_objmgr_vdev *vdev, 246 struct wlan_objmgr_peer *peer); 247 248 /** 249 * wlan_crypto_is_key_valid - called by mgmt txrx to check if key is valid 250 * @vdev: vdev 251 * @peer: peer 252 * @keyidx : key index 253 * 254 * This function gets called by mgmt txrx to check if key is valid 255 * 256 * Return: true or false 257 */ 258 bool wlan_crypto_is_key_valid(struct wlan_objmgr_vdev *vdev, 259 struct wlan_objmgr_peer *peer, 260 uint16_t keyidx); 261 262 /** 263 * wlan_crypto_add_mmie - called by mgmt txrx to add mmie in frame 264 * @vdev: vdev 265 * @frm: frame starting pointer 266 * @len: length of the frame 267 * 268 * This function gets called by mgmt txrx to add mmie in frame 269 * 270 * Return: end of frame or NULL in case failure 271 */ 272 uint8_t *wlan_crypto_add_mmie(struct wlan_objmgr_vdev *vdev, 273 uint8_t *frm, 274 uint32_t len); 275 276 /** 277 * wlan_crypto_is_mmie_valid - called by mgmt txrx to check mmie of the frame 278 * @vdev: vdev 279 * @frm: frame starting pointer 280 * @efrm: end of frame pointer 281 * 282 * This function gets called by mgmt txrx to check mmie of the frame 283 * 284 * Return: true or false 285 */ 286 bool wlan_crypto_is_mmie_valid(struct wlan_objmgr_vdev *vdev, 287 uint8_t *frm, 288 uint8_t *efrm); 289 290 /** 291 * wlan_crypto_wpaie_check - called by mlme to check the wpaie 292 * @crypto_params: crypto params 293 * @frm: ie buffer 294 * 295 * This function gets called by mlme to check the contents of wpa is 296 * matching with given crypto params 297 * 298 * Return: QDF_STATUS_SUCCESS - in case of success 299 */ 300 QDF_STATUS wlan_crypto_wpaie_check(struct wlan_crypto_params *crypto_params, 301 const uint8_t *frm); 302 303 /** 304 * wlan_crypto_rsnie_check - called by mlme to check the rsnie 305 * @crypto_params: crypto params 306 * @frm: ie buffer 307 * 308 * This function gets called by mlme to check the contents of rsn is 309 * matching with given crypto params 310 * 311 * Return: QDF_STATUS_SUCCESS - in case of success 312 */ 313 QDF_STATUS wlan_crypto_rsnie_check(struct wlan_crypto_params *crypto_params, 314 const uint8_t *frm); 315 /** 316 * wlan_crypto_build_wpaie - called by mlme to build wpaie 317 * @vdev: vdev 318 * @iebuf: ie buffer 319 * 320 * This function gets called by mlme to build wpaie from given vdev 321 * 322 * Return: end of buffer 323 */ 324 uint8_t *wlan_crypto_build_wpaie(struct wlan_objmgr_vdev *vdev, 325 uint8_t *iebuf); 326 327 /** 328 * wlan_crypto_build_rsnie_with_pmksa() - called by mlme to build rsnie 329 * @vdev: vdev 330 * @iebuf: ie buffer 331 * @pmksa: pmksa struct 332 * 333 * This function gets called by mlme to build rsnie from given vdev 334 * 335 * Return: end of buffer 336 */ 337 uint8_t *wlan_crypto_build_rsnie_with_pmksa(struct wlan_objmgr_vdev *vdev, 338 uint8_t *iebuf, 339 struct wlan_crypto_pmksa *pmksa); 340 341 /** 342 * wlan_crypto_build_rsnie - called by mlme to build rsnie 343 * @vdev: vdev 344 * @iebuf: ie buffer 345 * @bssid: bssid mac address to add pmkid in rsnie 346 * 347 * This function gets called by mlme to build rsnie from given vdev 348 * 349 * Return: end of buffer 350 */ 351 uint8_t *wlan_crypto_build_rsnie(struct wlan_objmgr_vdev *vdev, 352 uint8_t *iebuf, 353 struct qdf_mac_addr *bssid); 354 355 /** 356 * wlan_crypto_wapiie_check - called by mlme to check the wapiie 357 * @crypto_params: crypto params 358 * @frm: ie buffer 359 * 360 * This function gets called by mlme to check the contents of wapi is 361 * matching with given crypto params 362 * 363 * Return: QDF_STATUS_SUCCESS - in case of success 364 */ 365 QDF_STATUS wlan_crypto_wapiie_check(struct wlan_crypto_params *crypto_params, 366 const uint8_t *frm); 367 368 /** 369 * wlan_crypto_build_wapiie - called by mlme to build wapi ie 370 * @vdev: vdev 371 * @iebuf: ie buffer 372 * 373 * This function gets called by mlme to build wapi ie from given vdev 374 * 375 * Return: end of buffer 376 */ 377 uint8_t *wlan_crypto_build_wapiie(struct wlan_objmgr_vdev *vdev, 378 uint8_t *iebuf); 379 /** 380 * wlan_crypto_rsn_info - check is given params matching with vdev params. 381 * @vdev: vdev 382 * @crypto params: crypto params 383 * 384 * This function gets called by mlme to check is given params matching with 385 * vdev params. 386 * 387 * Return: true success or false for failure. 388 */ 389 bool wlan_crypto_rsn_info(struct wlan_objmgr_vdev *vdev, 390 struct wlan_crypto_params *crypto_params); 391 /** 392 * wlan_crypto_pn_check - called by data patch for PN check 393 * @vdev: vdev 394 * @wbuf: wbuf 395 * 396 * This function gets called by data patch for PN check 397 * 398 * Return: QDF_STATUS 399 */ 400 QDF_STATUS wlan_crypto_pn_check(struct wlan_objmgr_vdev *vdev, 401 qdf_nbuf_t wbuf); 402 /** 403 * wlan_crypto_vdev_get_crypto_params - called by mlme to get crypto params 404 * @vdev:vdev 405 * 406 * This function gets called by mlme to get crypto params 407 * 408 * Return: wlan_crypto_params or NULL in case of failure 409 */ 410 struct wlan_crypto_params *wlan_crypto_vdev_get_crypto_params( 411 struct wlan_objmgr_vdev *vdev); 412 /** 413 * wlan_crypto_peer_get_crypto_params - called by mlme to get crypto params 414 * @peer:peer 415 * 416 * This function gets called by mlme to get crypto params 417 * 418 * Return: wlan_crypto_params or NULL in case of failure 419 */ 420 struct wlan_crypto_params *wlan_crypto_peer_get_crypto_params( 421 struct wlan_objmgr_peer *peer); 422 423 /** 424 * wlan_crypto_set_peer_wep_keys - set wep keys into peer entries 425 * @vdev:vdev 426 * @peer:peer 427 * 428 * This function gets called by mlme, when auth frame is received. 429 * this helps in setting wep keys into peer data structure. 430 * 431 * Return: QDF_STATUS 432 */ 433 QDF_STATUS wlan_crypto_set_peer_wep_keys(struct wlan_objmgr_vdev *vdev, 434 struct wlan_objmgr_peer *peer); 435 436 /** 437 * wlan_crypto_register_crypto_rx_ops - set crypto_rx_ops 438 * @crypto_rx_ops: crypto_rx_ops 439 * 440 * This function gets called by object manger to register crypto rx ops. 441 * 442 * Return: QDF_STATUS 443 */ 444 QDF_STATUS wlan_crypto_register_crypto_rx_ops( 445 struct wlan_lmac_if_crypto_rx_ops *crypto_rx_ops); 446 447 /** 448 * wlan_crypto_get_crypto_rx_ops - get crypto_rx_ops from psoc 449 * @psoc: psoc 450 * 451 * This function gets called by umac to get the crypto_rx_ops 452 * 453 * Return: crypto_rx_ops 454 */ 455 struct wlan_lmac_if_crypto_rx_ops *wlan_crypto_get_crypto_rx_ops( 456 struct wlan_objmgr_psoc *psoc); 457 /** 458 * wlan_crypto_vdev_has_auth_mode - check authmode for vdev 459 * @vdev: vdev 460 * @authvalue: authvalue to be checked 461 * 462 * This function check is authvalue passed is set in vdev or not 463 * 464 * Return: true or false 465 */ 466 bool wlan_crypto_vdev_has_auth_mode(struct wlan_objmgr_vdev *vdev, 467 wlan_crypto_auth_mode authmode); 468 469 /** 470 * wlan_crypto_peer_has_auth_mode - check authmode for peer 471 * @peer: peer 472 * @authvalue: authvalue to be checked 473 * 474 * This function check is authvalue passed is set in peer or not 475 * 476 * Return: true or false 477 */ 478 bool wlan_crypto_peer_has_auth_mode(struct wlan_objmgr_peer *peer, 479 wlan_crypto_auth_mode authvalue); 480 481 /** 482 * wlan_crypto_vdev_has_ucastcipher - check ucastcipher for vdev 483 * @vdev: vdev 484 * @ucastcipher: ucastcipher to be checked 485 * 486 * This function check is ucastcipher passed is set in vdev or not 487 * 488 * Return: true or false 489 */ 490 bool wlan_crypto_vdev_has_ucastcipher(struct wlan_objmgr_vdev *vdev, 491 wlan_crypto_cipher_type ucastcipher); 492 493 /** 494 * wlan_crypto_peer_has_ucastcipher - check ucastcipher for peer 495 * @peer: peer 496 * @ucastcipher: ucastcipher to be checked 497 * 498 * This function check is ucastcipher passed is set in peer or not 499 * 500 * Return: true or false 501 */ 502 bool wlan_crypto_peer_has_ucastcipher(struct wlan_objmgr_peer *peer, 503 wlan_crypto_cipher_type ucastcipher); 504 505 506 /** 507 * wlan_crypto_vdev_has_mcastcipher - check mcastcipher for vdev 508 * @vdev: vdev 509 * @mcastcipher: mcastcipher to be checked 510 * 511 * This function check is mcastcipher passed is set in vdev or not 512 * 513 * Return: true or false 514 */ 515 bool wlan_crypto_vdev_has_mcastcipher(struct wlan_objmgr_vdev *vdev, 516 wlan_crypto_cipher_type mcastcipher); 517 518 /** 519 * wlan_crypto_peer_has_mcastcipher - check mcastcipher for peer 520 * @peer: peer 521 * @mcastcipher: mcastcipher to be checked 522 * 523 * This function check is mcastcipher passed is set in peer or not 524 * 525 * Return: true or false 526 */ 527 bool wlan_crypto_peer_has_mcastcipher(struct wlan_objmgr_peer *peer, 528 wlan_crypto_cipher_type mcastcipher); 529 530 /** 531 * wlan_crypto_vdev_has_mgmtcipher - check mgmtcipher for vdev 532 * @vdev: vdev 533 * @mgmtcipher: mgmtcipher to be checked 534 * 535 * This function checks any one of mgmtciphers are supported by vdev or not. 536 * 537 * Return: true or false 538 */ 539 bool wlan_crypto_vdev_has_mgmtcipher(struct wlan_objmgr_vdev *vdev, 540 uint32_t mgmtcipher); 541 542 /** 543 * wlan_crypto_peer_has_mgmtcipher - check mgmtcipher for peer 544 * @peer: peer 545 * @mgmtcipher: mgmtcipher to be checked 546 * 547 * This function checks any one of mgmtciphers are supported by peer or not. 548 * 549 * Return: true or false 550 */ 551 bool wlan_crypto_peer_has_mgmtcipher(struct wlan_objmgr_peer *peer, 552 uint32_t mgmtcipher); 553 554 /** 555 * wlan_crypto_get_keytype - get keytype 556 * @key: key 557 * 558 * This function gets keytype from key 559 * 560 * Return: keytype 561 */ 562 wlan_crypto_cipher_type wlan_crypto_get_key_type( 563 struct wlan_crypto_key *key); 564 565 /** 566 * wlan_crypto_vdev_getkey - get key from vdev 567 * @vdev: vdev 568 * @keyix: keyix 569 * 570 * This function gets key from vdev 571 * 572 * Return: key or NULL 573 */ 574 struct wlan_crypto_key *wlan_crypto_vdev_getkey(struct wlan_objmgr_vdev *vdev, 575 uint16_t keyix); 576 /** 577 * wlan_crypto_peer_getkey - get key from peer 578 * @peer: peer 579 * @keyix: keyix 580 * 581 * This function gets key from peer 582 * 583 * Return: key or NULL 584 */ 585 struct wlan_crypto_key *wlan_crypto_peer_getkey(struct wlan_objmgr_peer *peer, 586 uint16_t keyix); 587 /** 588 * wlan_crypto_get_peer_fils_aead - Get peer fils aead set flag 589 * @peer: Peer object 590 * 591 * This function returns the peer fils aead set flag value. 592 * 593 * Return: 1 for enabled, 0 for disabled 594 */ 595 uint8_t wlan_crypto_get_peer_fils_aead(struct wlan_objmgr_peer *peer); 596 597 /** 598 * wlan_crypto_set_peer_fils_aead - Set peer fils aead set flag 599 * @peer: Peer object 600 * @value: Value to set the flag 601 * 602 * This function set the peer fils aead set flag once FILS AUTH received. 603 * 604 * Return: None 605 */ 606 void wlan_crypto_set_peer_fils_aead( 607 struct wlan_objmgr_peer *peer, uint8_t value); 608 609 /** 610 * wlan_crypto_get_key_header - get header length 611 * @key: key 612 * 613 * This function gets header length based on keytype 614 * 615 * Return: header length 616 */ 617 uint8_t wlan_crypto_get_key_header(struct wlan_crypto_key *key); 618 619 /** 620 * wlan_crypto_get_key_trailer - get cipher trailer length 621 * @key: key 622 * 623 * This function gets cipher trailer length based on keytype 624 * 625 * Return: cipher trailer length 626 */ 627 uint8_t wlan_crypto_get_key_trailer(struct wlan_crypto_key *key); 628 629 /** 630 * wlan_crypto_get_key_miclen - get cipher miclen length 631 * @key: key 632 * 633 * This function gets cipher miclen length based on keytype 634 * 635 * Return: cipher miclen length 636 */ 637 uint8_t wlan_crypto_get_key_miclen(struct wlan_crypto_key *key); 638 639 /** 640 * wlan_crypto_get_keyid - get keyid from frame 641 * @data: frame 642 * @hdrlen: 802.11 header length 643 * 644 * This function parse frame and returns keyid 645 * 646 * Return: keyid 647 */ 648 uint16_t wlan_crypto_get_keyid(uint8_t *data, int hdrlen); 649 650 /** 651 * wlan_crypto_restore_keys - restore crypto keys in hw keycache 652 * @vdev: vdev 653 * 654 * This function restores keys in hw keycache 655 * 656 * Return: void 657 */ 658 void wlan_crypto_restore_keys(struct wlan_objmgr_vdev *vdev); 659 660 /** 661 * wlan_crypto_check_rsn_match - called by ucfg to check for RSN match 662 * @psoc: psoc pointer 663 * @vdev_id: vdev id 664 * @ie_ptr: pointer to IEs 665 * @ie_len: IE length 666 * @peer_crypto_params: return peer crypto parameters 667 * 668 * This function gets called from ucfg to check RSN match. 669 * 670 * Return: true or false 671 */ 672 bool wlan_crypto_check_rsn_match(struct wlan_objmgr_psoc *psoc, 673 uint8_t vedv_id, uint8_t *ie_ptr, 674 uint16_t ie_len, struct wlan_crypto_params * 675 peer_crypto_params); 676 677 /** 678 * wlan_crypto_check_rsn_match - called by ucfg to check for WPA match 679 * @psoc: psoc pointer 680 * @vdev_id: vdev id 681 * @ie_ptr: pointer to IEs 682 * @ie_len: IE length 683 * @peer_crypto_params: return peer crypto parameters 684 * 685 * This function gets called from ucfg to check WPA match. 686 * 687 * Return: true or false 688 */ 689 bool wlan_crypto_check_wpa_match(struct wlan_objmgr_psoc *psoc, 690 uint8_t vedv_id, uint8_t *ie_ptr, 691 uint16_t ie_len, struct wlan_crypto_params * 692 peer_crypto_params); 693 694 /** 695 * wlan_crypto_parse_rsnxe_ie() - parse RSNXE IE 696 * @rsnxe_ie: RSNXE IE pointer 697 * @cap_len: pointer to hold len of ext capability 698 * 699 * Return: pointer to RSNXE capability or NULL 700 */ 701 const uint8_t * 702 wlan_crypto_parse_rsnxe_ie(const uint8_t *rsnxe_ie, uint8_t *cap_len); 703 704 /** 705 * wlan_get_crypto_params_from_wapi_ie - Function to get crypto params 706 * from wapi ie 707 * @crypto_params: return crypto parameters 708 * @ie_ptr: pointer to IEs 709 * @ie_len: IE length 710 * 711 * This function is used to get the crypto parameters from wapi ie 712 * 713 * Context: Any context. 714 * Return: QDF_STATUS 715 */ 716 #ifdef FEATURE_WLAN_WAPI 717 QDF_STATUS 718 wlan_get_crypto_params_from_wapi_ie(struct wlan_crypto_params *crypto_params, 719 const uint8_t *ie_ptr, uint16_t ie_len); 720 721 #else 722 static inline QDF_STATUS 723 wlan_get_crypto_params_from_wapi_ie(struct wlan_crypto_params *crypto_params, 724 const uint8_t *ie_ptr, uint16_t ie_len) 725 { 726 return QDF_STATUS_E_NOSUPPORT; 727 } 728 #endif 729 730 /** 731 * wlan_get_crypto_params_from_wpa_ie - Function to get crypto params 732 * from wpa ie 733 * @crypto_params: return crypto parameters 734 * @ie_ptr: pointer to IEs 735 * @ie_len: IE length 736 * 737 * This function is used to get the crypto parameters from wpa ie 738 * 739 * Context: Any context. 740 * Return: QDF_STATUS 741 */ 742 QDF_STATUS 743 wlan_get_crypto_params_from_wpa_ie(struct wlan_crypto_params *crypto_params, 744 const uint8_t *ie_ptr, uint16_t ie_len); 745 746 /** 747 * wlan_get_crypto_params_from_rsn_ie - Function to get crypto params 748 * from rsn ie 749 * @crypto_params: return crypto parameters 750 * @ie_ptr: pointer to IEs 751 * @ie_len: IE length 752 * 753 * This function is used to get the crypto parameters from rsn ie 754 * 755 * Context: Any context. 756 * Return: QDF_STATUS 757 */ 758 QDF_STATUS 759 wlan_get_crypto_params_from_rsn_ie(struct wlan_crypto_params *crypto_params, 760 const uint8_t *ie_ptr, uint16_t ie_len); 761 762 /** 763 * wlan_set_vdev_crypto_prarams_from_ie - Sets vdev crypto params from IE info 764 * @vdev: vdev pointer 765 * @ie_ptr: pointer to IE 766 * @ie_len: IE length 767 * 768 * This function gets called from ucfg to set crypto params from IE data. 769 * 770 * Return: QDF_STATUS_SUCCESS or error code 771 */ 772 QDF_STATUS wlan_set_vdev_crypto_prarams_from_ie(struct wlan_objmgr_vdev *vdev, 773 uint8_t *ie_ptr, 774 uint16_t ie_len); 775 #ifdef WLAN_CRYPTO_GCM_OS_DERIVATIVE 776 static inline int wlan_crypto_aes_gmac(const uint8_t *key, size_t key_len, 777 uint8_t *iv, size_t iv_len, 778 const uint8_t *aad, size_t aad_len, 779 uint8_t *tag) 780 { 781 return qdf_crypto_aes_gmac(key, key_len, iv, aad, 782 aad + AAD_LEN, 783 aad_len - AAD_LEN - 784 IEEE80211_MMIE_GMAC_MICLEN, 785 tag); 786 } 787 #endif 788 #ifdef WLAN_CRYPTO_OMAC1_OS_DERIVATIVE 789 static inline int omac1_aes_128(const uint8_t *key, const uint8_t *data, 790 size_t data_len, uint8_t *mac) 791 { 792 return qdf_crypto_aes_128_cmac(key, data, data_len, mac); 793 } 794 795 static inline int omac1_aes_256(const uint8_t *key, const uint8_t *data, 796 size_t data_len, uint8_t *mac) 797 { 798 return 0; 799 } 800 #endif 801 802 /** 803 * ucfg_crypto_set_key_req() - Set key request to UCFG 804 * @vdev: vdev object 805 * @req: key request information 806 * @key_type: indicates the type of key to be set, unicast or group key 807 * 808 * Return: None 809 */ 810 QDF_STATUS ucfg_crypto_set_key_req(struct wlan_objmgr_vdev *vdev, 811 struct wlan_crypto_key *req, 812 enum wlan_crypto_key_type key_type); 813 814 /** 815 * wlan_crypto_get_default_key_idx() - Get the default key index 816 * @vdev: vdev object 817 * @igtk: denotes if the request is for igtk key type or not 818 * 819 * Return: Index of the requested key 820 */ 821 int8_t wlan_crypto_get_default_key_idx(struct wlan_objmgr_vdev *vdev, 822 bool igtk); 823 824 /** 825 * wlan_crypto_get_cipher() - Get the cipher type for the vdev 826 * @vdev: vdev object 827 * @pairwise: denotes if the request is for pairwise cipher or not 828 * @key_index: Index of the key whose cipher type has to be returned 829 * 830 * Return: enum wlan_crypto_cipher_type 831 */ 832 enum wlan_crypto_cipher_type 833 wlan_crypto_get_cipher(struct wlan_objmgr_vdev *vdev, 834 bool pairwise, uint8_t key_index); 835 836 #ifdef CRYPTO_SET_KEY_CONVERGED 837 /** 838 * wlan_crypto_update_set_key_peer() - Update the peer for set key 839 * @vdev: vdev object 840 * @pairwise: denotes if the request is for pairwise cipher or not 841 * @key_index: Index of the key whose peer has to be set 842 * @peer_mac: MAC address of the peer 843 * 844 * Return: None 845 */ 846 void wlan_crypto_update_set_key_peer(struct wlan_objmgr_vdev *vdev, 847 bool pairwise, uint8_t key_index, 848 struct qdf_mac_addr *peer_mac); 849 850 /** 851 * wlan_crypto_validate_key_params() - validates key parameters 852 * @cipher: cipher type 853 * @key_index: the index of the key 854 * @key_len: key length 855 * @seq_len: sequence counter length 856 * 857 * Return: QDF_STATUS 858 */ 859 QDF_STATUS wlan_crypto_validate_key_params(enum wlan_crypto_cipher_type cipher, 860 uint8_t key_index, uint8_t key_len, 861 uint8_t seq_len); 862 863 /** 864 * wlan_crypto_save_key() - Allocate memory for storing key 865 * @vdev: vdev object 866 * @key_index: the index of the key that needs to be allocated 867 * @crypto_key: Pointer to crypto key 868 * 869 * Return: QDF_STATUS 870 */ 871 QDF_STATUS wlan_crypto_save_key(struct wlan_objmgr_vdev *vdev, 872 uint8_t key_index, 873 struct wlan_crypto_key *crypto_key); 874 875 /** 876 * wlan_crypto_get_key() - Get the stored key information 877 * @vdev: vdev object 878 * @key_index: the index of the key that needs to be retrieved 879 * 880 * Return: Key material 881 */ 882 struct wlan_crypto_key *wlan_crypto_get_key(struct wlan_objmgr_vdev *vdev, 883 uint8_t key_index); 884 885 /** 886 * wlan_crypto_set_key_req() - Set key request 887 * @vdev: vdev object 888 * @req: key request information 889 * @key_type: indicates the type of key to be set, unicast or group key 890 * 891 * Return: QDF status 892 */ 893 QDF_STATUS wlan_crypto_set_key_req(struct wlan_objmgr_vdev *vdev, 894 struct wlan_crypto_key *req, 895 enum wlan_crypto_key_type key_type); 896 897 /** 898 * wlan_crypto_free_vdev_key - Free keys for vdev 899 * @vdev: vdev object 900 * 901 * This function frees keys stored in vdev crypto object. 902 * 903 * Return: None 904 */ 905 void wlan_crypto_free_vdev_key(struct wlan_objmgr_vdev *vdev); 906 907 /** 908 * wlan_crypto_reset_vdev_params - Reset params for vdev 909 * @vdev: vdev object 910 * 911 * This function reset params stored in vdev crypto object. 912 * 913 * Return: None 914 */ 915 void wlan_crypto_reset_vdev_params(struct wlan_objmgr_vdev *vdev); 916 #else 917 static inline void wlan_crypto_update_set_key_peer( 918 struct wlan_objmgr_vdev *vdev, 919 bool pairwise, 920 uint8_t key_index, 921 struct qdf_mac_addr *peer_mac) 922 { 923 } 924 925 static inline QDF_STATUS 926 wlan_crypto_save_key(struct wlan_objmgr_vdev *vdev, uint8_t key_index, 927 struct wlan_crypto_key *crypto_key) 928 { 929 return QDF_STATUS_SUCCESS; 930 } 931 932 static inline struct wlan_crypto_key * 933 wlan_crypto_get_key(struct wlan_objmgr_vdev *vdev, uint8_t key_index) 934 { 935 return NULL; 936 } 937 938 static inline 939 QDF_STATUS wlan_crypto_set_key_req(struct wlan_objmgr_vdev *vdev, 940 struct wlan_crypto_key *req, 941 enum wlan_crypto_key_type key_type) 942 { 943 return QDF_STATUS_SUCCESS; 944 } 945 946 static inline void wlan_crypto_free_vdev_key(struct wlan_objmgr_vdev *vdev) 947 { 948 } 949 950 static inline void wlan_crypto_reset_vdev_prarams(struct wlan_objmgr_vdev *vdev) 951 { 952 } 953 #endif /* CRYPTO_SET_KEY_CONVERGED */ 954 955 /** 956 * wlan_crypto_get_peer_pmksa() - called to get pmksa based on pmksa parameter 957 * @vdev: vdev 958 * @pmksa: bssid 959 * 960 * This function is to get pmksa based on pmksa parameter 961 * 962 * Return: wlan_crypto_pmksa when match found else NULL. 963 */ 964 struct wlan_crypto_pmksa * 965 wlan_crypto_get_peer_pmksa(struct wlan_objmgr_vdev *vdev, 966 struct wlan_crypto_pmksa *pmksa); 967 968 /** 969 * wlan_crypto_get_pmksa - called to get pmksa of bssid passed. 970 * @vdev: vdev 971 * @bssid: bssid 972 * 973 * This function gets called from to get pmksa for the bssid. 974 * 975 * Return: wlan_crypto_pmksa when match found else NULL. 976 */ 977 struct wlan_crypto_pmksa * 978 wlan_crypto_get_pmksa(struct wlan_objmgr_vdev *vdev, 979 struct qdf_mac_addr *bssid); 980 981 /** 982 * wlan_crypto_get_fils_pmksa - Get the PMKSA for FILS 983 * SSID, if the SSID and cache id matches 984 * @vdev: Pointer with VDEV object 985 * @cache_id: Cache id 986 * @ssid: Pointer to ssid 987 * @ssid_len: SSID length 988 * 989 * Return: PMKSA entry if the cache id and SSID matches 990 */ 991 struct wlan_crypto_pmksa * 992 wlan_crypto_get_fils_pmksa(struct wlan_objmgr_vdev *vdev, 993 uint8_t *cache_id, uint8_t *ssid, 994 uint8_t ssid_len); 995 996 /** 997 * wlan_crypto_pmksa_flush - called to flush saved pmksa 998 * @crypto_params: crypto_params 999 * 1000 * This function flush saved pmksa from crypto params. 1001 * 1002 * Return: QDF_STATUS_SUCCESS - in case of success 1003 */ 1004 QDF_STATUS wlan_crypto_pmksa_flush(struct wlan_crypto_params *crypto_params); 1005 1006 /** 1007 * wlan_crypto_set_vdev_param - called by ucfg to set crypto param 1008 * @vdev: vdev 1009 * @pmksa: pmksa to be set/del. 1010 * @set: set(set=1) or del(set=0) pmksa from the list. 1011 * 1012 * This function gets called from ucfg to set or del pmksa. 1013 * when given pmksa is NULL and set is 0, it is for flush all entries. 1014 * 1015 * Return: QDF_STATUS_SUCCESS - in case of success 1016 */ 1017 QDF_STATUS wlan_crypto_set_del_pmksa(struct wlan_objmgr_vdev *vdev, 1018 struct wlan_crypto_pmksa *pmksa, 1019 bool set); 1020 1021 /** 1022 * wlan_crypto_update_pmk_cache_ft - Updates the mobility domain information 1023 * for a BSSID in the PMKSA Cache table. 1024 * @vdev: vdev 1025 * @pmksa: pmksa to be updated. 1026 * 1027 * This function gets called from ucfg to update pmksa with mdid. 1028 * And flush the matching mdid entries. 1029 * 1030 * Return: QDF_STATUS_SUCCESS - in case of success 1031 */ 1032 QDF_STATUS wlan_crypto_update_pmk_cache_ft(struct wlan_objmgr_vdev *vdev, 1033 struct wlan_crypto_pmksa *pmksa); 1034 1035 #if defined(WLAN_SAE_SINGLE_PMK) && defined(WLAN_FEATURE_ROAM_OFFLOAD) 1036 /** 1037 * wlan_crypto_selective_clear_sae_single_pmk_entries - Clear the PMK entries 1038 * for BSS which have the single PMK flag set other than the current connected 1039 * AP 1040 * @vdev: Vdev 1041 * @conn_bssid: Connected bssid 1042 */ 1043 void 1044 wlan_crypto_selective_clear_sae_single_pmk_entries( 1045 struct wlan_objmgr_vdev *vdev, struct qdf_mac_addr *conn_bssid); 1046 1047 /** 1048 * wlan_crypto_set_sae_single_pmk_bss_cap - Set the peer SAE sinlge pmk 1049 * feature supported status 1050 * @vdev: Vdev 1051 * @bssid: BSSID for which the flag is to be set 1052 * @single_pmk_capable_bss: Flag to indicate Sae single pmk supported BSSID or 1053 * not 1054 */ 1055 void wlan_crypto_set_sae_single_pmk_bss_cap(struct wlan_objmgr_vdev *vdev, 1056 struct qdf_mac_addr *bssid, 1057 bool single_pmk_capable_bss); 1058 #else 1059 static inline void 1060 wlan_crypto_selective_clear_sae_single_pmk_entries( 1061 struct wlan_objmgr_vdev *vdev, struct qdf_mac_addr *conn_bssid) 1062 { 1063 } 1064 1065 static inline 1066 void wlan_crypto_set_sae_single_pmk_bss_cap(struct wlan_objmgr_vdev *vdev, 1067 struct qdf_mac_addr *bssid, 1068 bool single_pmk_capable_bss) 1069 { 1070 } 1071 #endif 1072 1073 #ifdef WLAN_FEATURE_FILS_SK 1074 /** 1075 * lim_create_fils_rik()- This API create rik using rrk coming from 1076 * supplicant. 1077 * @rrk: input rrk 1078 * @rrk_len: rrk length 1079 * @rik: Created rik 1080 * @rik_len: rik length to be filled 1081 * 1082 * rIK = KDF (K, S), where 1083 * K = rRK and 1084 * S = rIK Label + "\0" + cryptosuite + length 1085 * The rIK Label is the 8-bit ASCII string: 1086 * Re-authentication Integrity Key@ietf.org 1087 * 1088 * Return: QDF_STATUS 1089 */ 1090 QDF_STATUS wlan_crypto_create_fils_rik(uint8_t *rrk, uint8_t rrk_len, 1091 uint8_t *rik, uint32_t *rik_len); 1092 #endif /* WLAN_FEATURE_FILS_SK */ 1093 #endif /* end of _WLAN_CRYPTO_GLOBAL_API_H_ */ 1094