1 /* 2 * Copyright (c) 2017-2020 The Linux Foundation. All rights reserved. 3 * Copyright (c) 2021-2023 Qualcomm Innovation Center, Inc. All rights reserved. 4 * 5 * Permission to use, copy, modify, and/or distribute this software for 6 * any purpose with or without fee is hereby granted, provided that the 7 * above copyright notice and this permission notice appear in all 8 * copies. 9 * 10 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL 11 * WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED 12 * WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE 13 * AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL 14 * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR 15 * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER 16 * TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR 17 * PERFORMANCE OF THIS SOFTWARE. 18 */ 19 20 /** 21 * DOC: Public APIs for crypto service 22 */ 23 #ifndef _WLAN_CRYPTO_GLOBAL_API_H_ 24 #define _WLAN_CRYPTO_GLOBAL_API_H_ 25 26 #include "wlan_crypto_global_def.h" 27 #include <qdf_crypto.h> 28 29 /** 30 * wlan_crypto_set_vdev_param() - called by ucfg to set crypto param 31 * @vdev: vdev 32 * @param: param to be set. 33 * @value: value 34 * 35 * This function gets called from ucfg to set param 36 * 37 * Return: QDF_STATUS_SUCCESS - in case of success 38 */ 39 QDF_STATUS wlan_crypto_set_vdev_param(struct wlan_objmgr_vdev *vdev, 40 wlan_crypto_param_type param, 41 uint32_t value); 42 43 /** 44 * wlan_crypto_set_peer_param() - called by ucfg to set crypto param 45 * 46 * @peer: peer 47 * @param: param to be set. 48 * @value: value 49 * 50 * This function gets called from ucfg to set param 51 * 52 * Return: QDF_STATUS_SUCCESS - in case of success 53 */ 54 QDF_STATUS wlan_crypto_set_peer_param(struct wlan_objmgr_peer *peer, 55 wlan_crypto_param_type param, 56 uint32_t value); 57 58 /** 59 * wlan_crypto_get_param() - called by ucfg to get crypto param 60 * @vdev: vdev 61 * @param: param to be get. 62 * 63 * This function gets called from ucfg to get param 64 * 65 * Return: value or -1 for failure 66 */ 67 int32_t wlan_crypto_get_param(struct wlan_objmgr_vdev *vdev, 68 wlan_crypto_param_type param); 69 70 /** 71 * wlan_crypto_get_peer_param() - called by ucfg to get crypto peer param 72 * @peer: peer 73 * @param: param to be get. 74 * 75 * This function gets called from ucfg to get peer param 76 * 77 * Return: value or -1 for failure 78 */ 79 int32_t wlan_crypto_get_peer_param(struct wlan_objmgr_peer *peer, 80 wlan_crypto_param_type param); 81 82 /** 83 * wlan_crypto_is_htallowed() - called by ucfg to check if HT rates is allowed 84 * @vdev: Vdev 85 * @peer: Peer 86 * 87 * This function is called to check if HT rates is allowed 88 * 89 * Return: 0 for not allowed and +ve for allowed 90 */ 91 uint8_t wlan_crypto_is_htallowed(struct wlan_objmgr_vdev *vdev, 92 struct wlan_objmgr_peer *peer); 93 94 /** 95 * wlan_crypto_setkey() - called by ucfg to setkey 96 * @vdev: vdev 97 * @req_key: req_key with cipher type, key macaddress 98 * 99 * This function gets called from ucfg to sey key 100 * 101 * Return: QDF_STATUS_SUCCESS - in case of success 102 */ 103 QDF_STATUS wlan_crypto_setkey(struct wlan_objmgr_vdev *vdev, 104 struct wlan_crypto_req_key *req_key); 105 106 /** 107 * store_def_keyix_peer() - called by wlan_crypto_setkey 108 * to store default key index for each peer in the vdev. 109 * @vdev: vdev 110 * @object: Peer object 111 * @arg: Argument passed by caller 112 * 113 * This function gets called from wlan_crypto_setkey 114 * 115 * Return: None 116 */ 117 void store_def_keyix_peer(struct wlan_objmgr_vdev *vdev, void *object, 118 void *arg); 119 120 /** 121 * wlan_crypto_getkey() - called by ucfg to get key 122 * @vdev: vdev 123 * @req_key: key value will be copied in this req_key 124 * @mac_addr: mac address of the peer for unicast key 125 * or broadcast address if group key is requested. 126 * 127 * This function gets called from ucfg to get key 128 * 129 * Return: QDF_STATUS_SUCCESS - in case of success 130 */ 131 QDF_STATUS wlan_crypto_getkey(struct wlan_objmgr_vdev *vdev, 132 struct wlan_crypto_req_key *req_key, 133 uint8_t *mac_addr); 134 135 /** 136 * wlan_crypto_delkey() - called by ucfg to delete key 137 * @vdev: vdev 138 * @macaddr: mac address of the peer for unicast key 139 * or broadcast address if group key is deleted. 140 * @key_idx: key index to be deleted 141 * 142 * This function gets called from ucfg to delete key 143 * 144 * Return: QDF_STATUS_SUCCESS - in case of success 145 */ 146 QDF_STATUS wlan_crypto_delkey(struct wlan_objmgr_vdev *vdev, 147 uint8_t *macaddr, 148 uint8_t key_idx); 149 150 /** 151 * wlan_crypto_default_key() - called by ucfg to set default tx key 152 * @vdev: vdev 153 * @macaddr: mac address of the peer for unicast key 154 * or broadcast address if group key need to made default. 155 * @key_idx: key index to be made as default key 156 * @unicast: is key was unicast or group key. 157 * 158 * This function gets called from ucfg to set default key 159 * 160 * Return: QDF_STATUS_SUCCESS - in case of success 161 */ 162 QDF_STATUS wlan_crypto_default_key(struct wlan_objmgr_vdev *vdev, 163 uint8_t *macaddr, 164 uint8_t key_idx, 165 bool unicast); 166 167 /** 168 * wlan_crypto_encap() - called by mgmt for encap the frame based on cipher 169 * @vdev: vdev 170 * @wbuf: wbuf 171 * @macaddr: macaddr 172 * @encapdone: is encapdone already or not. 173 * 174 * This function gets called from mgmt txrx to encap frame. 175 * 176 * Return: QDF_STATUS_SUCCESS - in case of success 177 */ 178 QDF_STATUS wlan_crypto_encap(struct wlan_objmgr_vdev *vdev, 179 qdf_nbuf_t wbuf, 180 uint8_t *macaddr, 181 uint8_t encapdone); 182 183 /** 184 * wlan_crypto_decap() - called by mgmt for decap the frame based on cipher 185 * @vdev: vdev 186 * @wbuf: wbuf 187 * @macaddr: macaddr 188 * @tid: tid of the packet. 189 * 190 * This function gets called from mgmt txrx to decap frame. 191 * 192 * Return: QDF_STATUS_SUCCESS - in case of success 193 */ 194 QDF_STATUS wlan_crypto_decap(struct wlan_objmgr_vdev *vdev, 195 qdf_nbuf_t wbuf, 196 uint8_t *macaddr, 197 uint8_t tid); 198 199 /** 200 * wlan_crypto_enmic() - called by mgmt for adding mic in frame based on cipher 201 * @vdev: vdev 202 * @wbuf: wbuf 203 * @macaddr: macaddr 204 * @encapdone: is encapdone already or not. 205 * 206 * This function gets called from mgmt txrx to adding mic to the frame. 207 * 208 * Return: QDF_STATUS_SUCCESS - in case of success 209 */ 210 QDF_STATUS wlan_crypto_enmic(struct wlan_objmgr_vdev *vdev, 211 qdf_nbuf_t wbuf, 212 uint8_t *macaddr, 213 uint8_t encapdone); 214 215 /** 216 * wlan_crypto_demic() - called by mgmt for remove and check mic for 217 * the frame based on cipher 218 * @vdev: vdev 219 * @wbuf: wbuf 220 * @macaddr: macaddr 221 * @tid: tid of the frame 222 * @keyid: keyid in the received frame 223 * 224 * This function gets called from mgmt txrx to decap frame. 225 * 226 * Return: QDF_STATUS_SUCCESS - in case of success 227 */ 228 QDF_STATUS wlan_crypto_demic(struct wlan_objmgr_vdev *vdev, 229 qdf_nbuf_t wbuf, 230 uint8_t *macaddr, 231 uint8_t tid, 232 uint8_t keyid); 233 234 /** 235 * wlan_crypto_vdev_is_pmf_enabled() - called to check is pmf enabled in vdev 236 * @vdev: vdev 237 * 238 * This function gets called to check is pmf enabled or not in vdev. 239 * 240 * Return: true or false 241 */ 242 bool wlan_crypto_vdev_is_pmf_enabled(struct wlan_objmgr_vdev *vdev); 243 244 /** 245 * wlan_crypto_vdev_is_pmf_required() - called to check is pmf required in vdev 246 * @vdev: vdev 247 * 248 * This function gets called to check is pmf required or not in vdev. 249 * 250 * Return: true or false 251 */ 252 bool wlan_crypto_vdev_is_pmf_required(struct wlan_objmgr_vdev *vdev); 253 254 /** 255 * wlan_crypto_is_pmf_enabled() - called by mgmt txrx to check is pmf enabled 256 * @vdev: vdev 257 * @peer: peer 258 * 259 * This function gets called by mgmt txrx to check is pmf enabled or not. 260 * 261 * Return: true or false 262 */ 263 bool wlan_crypto_is_pmf_enabled(struct wlan_objmgr_vdev *vdev, 264 struct wlan_objmgr_peer *peer); 265 266 /** 267 * wlan_crypto_is_key_valid() - called by mgmt txrx to check if key is valid 268 * @vdev: vdev 269 * @peer: peer 270 * @keyidx : key index 271 * 272 * This function gets called by mgmt txrx to check if key is valid 273 * 274 * Return: true or false 275 */ 276 bool wlan_crypto_is_key_valid(struct wlan_objmgr_vdev *vdev, 277 struct wlan_objmgr_peer *peer, 278 uint16_t keyidx); 279 280 /** 281 * wlan_crypto_add_mmie() - called by mgmt txrx to add mmie in frame 282 * @vdev: vdev 283 * @frm: frame starting pointer 284 * @len: length of the frame 285 * 286 * This function gets called by mgmt txrx to add mmie in frame 287 * 288 * Return: end of frame or NULL in case failure 289 */ 290 uint8_t *wlan_crypto_add_mmie(struct wlan_objmgr_vdev *vdev, 291 uint8_t *frm, 292 uint32_t len); 293 294 /** 295 * wlan_crypto_is_mmie_valid() - called by mgmt txrx to check mmie of the frame 296 * @vdev: vdev 297 * @frm: frame starting pointer 298 * @efrm: end of frame pointer 299 * 300 * This function gets called by mgmt txrx to check mmie of the frame 301 * 302 * Return: true or false 303 */ 304 bool wlan_crypto_is_mmie_valid(struct wlan_objmgr_vdev *vdev, 305 uint8_t *frm, 306 uint8_t *efrm); 307 308 /** 309 * wlan_crypto_wpaie_check() - called by mlme to check the wpaie 310 * @crypto_params: crypto params 311 * @frm: ie buffer 312 * 313 * This function gets called by mlme to check the contents of wpa is 314 * matching with given crypto params 315 * 316 * Return: QDF_STATUS_SUCCESS - in case of success 317 */ 318 QDF_STATUS wlan_crypto_wpaie_check(struct wlan_crypto_params *crypto_params, 319 const uint8_t *frm); 320 321 /** 322 * wlan_crypto_rsnie_check() - called by mlme to check the rsnie 323 * @crypto_params: crypto params 324 * @frm: ie buffer 325 * 326 * This function gets called by mlme to check the contents of rsn is 327 * matching with given crypto params 328 * 329 * Return: QDF_STATUS_SUCCESS - in case of success 330 */ 331 QDF_STATUS wlan_crypto_rsnie_check(struct wlan_crypto_params *crypto_params, 332 const uint8_t *frm); 333 334 /** 335 * wlan_crypto_build_wpaie() - called by mlme to build wpaie 336 * @vdev: vdev 337 * @iebuf: ie buffer 338 * 339 * This function gets called by mlme to build wpaie from given vdev 340 * 341 * Return: end of buffer 342 */ 343 uint8_t *wlan_crypto_build_wpaie(struct wlan_objmgr_vdev *vdev, 344 uint8_t *iebuf); 345 346 /** 347 * wlan_crypto_build_rsnie_with_pmksa() - called by mlme to build rsnie 348 * @vdev: vdev 349 * @iebuf: ie buffer 350 * @pmksa: pmksa struct 351 * 352 * This function gets called by mlme to build rsnie from given vdev 353 * 354 * Return: end of buffer 355 */ 356 uint8_t *wlan_crypto_build_rsnie_with_pmksa(struct wlan_objmgr_vdev *vdev, 357 uint8_t *iebuf, 358 struct wlan_crypto_pmksa *pmksa); 359 360 /** 361 * wlan_crypto_build_rsnie() - called by mlme to build rsnie 362 * @vdev: vdev 363 * @iebuf: ie buffer 364 * @bssid: bssid mac address to add pmkid in rsnie 365 * 366 * This function gets called by mlme to build rsnie from given vdev 367 * 368 * Return: end of buffer 369 */ 370 uint8_t *wlan_crypto_build_rsnie(struct wlan_objmgr_vdev *vdev, 371 uint8_t *iebuf, 372 struct qdf_mac_addr *bssid); 373 374 /** 375 * wlan_crypto_wapiie_check() - called by mlme to check the wapiie 376 * @crypto_params: crypto params 377 * @frm: ie buffer 378 * 379 * This function gets called by mlme to check the contents of wapi is 380 * matching with given crypto params 381 * 382 * Return: QDF_STATUS_SUCCESS - in case of success 383 */ 384 QDF_STATUS wlan_crypto_wapiie_check(struct wlan_crypto_params *crypto_params, 385 const uint8_t *frm); 386 387 /** 388 * wlan_crypto_build_wapiie() - called by mlme to build wapi ie 389 * @vdev: vdev 390 * @iebuf: ie buffer 391 * 392 * This function gets called by mlme to build wapi ie from given vdev 393 * 394 * Return: end of buffer 395 */ 396 uint8_t *wlan_crypto_build_wapiie(struct wlan_objmgr_vdev *vdev, 397 uint8_t *iebuf); 398 399 /** 400 * wlan_crypto_rsn_info() - check is given params matching with vdev params. 401 * @vdev: vdev 402 * @crypto_params: crypto params 403 * 404 * This function gets called by mlme to check is given params matching with 405 * vdev params. 406 * 407 * Return: true success or false for failure. 408 */ 409 bool wlan_crypto_rsn_info(struct wlan_objmgr_vdev *vdev, 410 struct wlan_crypto_params *crypto_params); 411 412 /** 413 * wlan_crypto_pn_check() - called by data patch for PN check 414 * @vdev: vdev 415 * @wbuf: wbuf 416 * 417 * This function gets called by data patch for PN check 418 * 419 * Return: QDF_STATUS 420 */ 421 QDF_STATUS wlan_crypto_pn_check(struct wlan_objmgr_vdev *vdev, 422 qdf_nbuf_t wbuf); 423 424 /** 425 * wlan_crypto_vdev_get_crypto_params() - called by mlme to get crypto params 426 * @vdev:vdev 427 * 428 * This function gets called by mlme to get crypto params 429 * 430 * Return: wlan_crypto_params or NULL in case of failure 431 */ 432 struct wlan_crypto_params *wlan_crypto_vdev_get_crypto_params( 433 struct wlan_objmgr_vdev *vdev); 434 435 /** 436 * wlan_crypto_peer_get_crypto_params() - called by mlme to get crypto params 437 * @peer:peer 438 * 439 * This function gets called by mlme to get crypto params 440 * 441 * Return: wlan_crypto_params or NULL in case of failure 442 */ 443 struct wlan_crypto_params *wlan_crypto_peer_get_crypto_params( 444 struct wlan_objmgr_peer *peer); 445 446 /** 447 * wlan_crypto_set_peer_wep_keys() - set wep keys into peer entries 448 * @vdev:vdev 449 * @peer:peer 450 * 451 * This function gets called by mlme, when auth frame is received. 452 * this helps in setting wep keys into peer data structure. 453 * 454 * Return: QDF_STATUS 455 */ 456 QDF_STATUS wlan_crypto_set_peer_wep_keys(struct wlan_objmgr_vdev *vdev, 457 struct wlan_objmgr_peer *peer); 458 459 /** 460 * wlan_crypto_register_crypto_rx_ops() - set crypto_rx_ops 461 * @crypto_rx_ops: crypto_rx_ops 462 * 463 * This function gets called by object manager to register crypto rx ops. 464 * 465 * Return: QDF_STATUS 466 */ 467 QDF_STATUS wlan_crypto_register_crypto_rx_ops( 468 struct wlan_lmac_if_crypto_rx_ops *crypto_rx_ops); 469 470 /** 471 * wlan_crypto_get_crypto_rx_ops() - get crypto_rx_ops from psoc 472 * @psoc: psoc 473 * 474 * This function gets called by umac to get the crypto_rx_ops 475 * 476 * Return: crypto_rx_ops 477 */ 478 struct wlan_lmac_if_crypto_rx_ops *wlan_crypto_get_crypto_rx_ops( 479 struct wlan_objmgr_psoc *psoc); 480 481 /** 482 * wlan_crypto_vdev_has_auth_mode() - check authmode for vdev 483 * @vdev: vdev 484 * @authmode: authmode value to be checked 485 * 486 * This function checks if authmode passed is set in vdev or not 487 * 488 * Return: true or false 489 */ 490 bool wlan_crypto_vdev_has_auth_mode(struct wlan_objmgr_vdev *vdev, 491 wlan_crypto_auth_mode authmode); 492 493 /** 494 * wlan_crypto_peer_has_auth_mode() - check authmode for peer 495 * @peer: peer 496 * @authvalue: authvalue to be checked 497 * 498 * This function check is authvalue passed is set in peer or not 499 * 500 * Return: true or false 501 */ 502 bool wlan_crypto_peer_has_auth_mode(struct wlan_objmgr_peer *peer, 503 wlan_crypto_auth_mode authvalue); 504 505 /** 506 * wlan_crypto_vdev_has_ucastcipher() - check ucastcipher for vdev 507 * @vdev: vdev 508 * @ucastcipher: ucastcipher to be checked 509 * 510 * This function check is ucastcipher passed is set in vdev or not 511 * 512 * Return: true or false 513 */ 514 bool wlan_crypto_vdev_has_ucastcipher(struct wlan_objmgr_vdev *vdev, 515 wlan_crypto_cipher_type ucastcipher); 516 517 /** 518 * wlan_crypto_peer_has_ucastcipher() - check ucastcipher for peer 519 * @peer: peer 520 * @ucastcipher: ucastcipher to be checked 521 * 522 * This function check is ucastcipher passed is set in peer or not 523 * 524 * Return: true or false 525 */ 526 bool wlan_crypto_peer_has_ucastcipher(struct wlan_objmgr_peer *peer, 527 wlan_crypto_cipher_type ucastcipher); 528 529 530 /** 531 * wlan_crypto_vdev_has_mcastcipher() - check mcastcipher for vdev 532 * @vdev: vdev 533 * @mcastcipher: mcastcipher to be checked 534 * 535 * This function check is mcastcipher passed is set in vdev or not 536 * 537 * Return: true or false 538 */ 539 bool wlan_crypto_vdev_has_mcastcipher(struct wlan_objmgr_vdev *vdev, 540 wlan_crypto_cipher_type mcastcipher); 541 542 /** 543 * wlan_crypto_peer_has_mcastcipher() - check mcastcipher for peer 544 * @peer: peer 545 * @mcastcipher: mcastcipher to be checked 546 * 547 * This function check is mcastcipher passed is set in peer or not 548 * 549 * Return: true or false 550 */ 551 bool wlan_crypto_peer_has_mcastcipher(struct wlan_objmgr_peer *peer, 552 wlan_crypto_cipher_type mcastcipher); 553 554 /** 555 * wlan_crypto_vdev_has_mgmtcipher() - check mgmtcipher for vdev 556 * @vdev: vdev 557 * @mgmtcipher: mgmtcipher to be checked 558 * 559 * This function checks any one of mgmtciphers are supported by vdev or not. 560 * 561 * Return: true or false 562 */ 563 bool wlan_crypto_vdev_has_mgmtcipher(struct wlan_objmgr_vdev *vdev, 564 uint32_t mgmtcipher); 565 566 /** 567 * wlan_crypto_peer_has_mgmtcipher() - check mgmtcipher for peer 568 * @peer: peer 569 * @mgmtcipher: mgmtcipher to be checked 570 * 571 * This function checks any one of mgmtciphers are supported by peer or not. 572 * 573 * Return: true or false 574 */ 575 bool wlan_crypto_peer_has_mgmtcipher(struct wlan_objmgr_peer *peer, 576 uint32_t mgmtcipher); 577 578 /** 579 * wlan_crypto_get_key_type() - get keytype 580 * @key: key 581 * 582 * This function gets keytype from key 583 * 584 * Return: keytype 585 */ 586 wlan_crypto_cipher_type wlan_crypto_get_key_type(struct wlan_crypto_key *key); 587 588 /** 589 * wlan_crypto_vdev_getkey() - get key from vdev 590 * @vdev: vdev 591 * @keyix: keyix 592 * 593 * This function gets key from vdev 594 * 595 * Return: key or NULL 596 */ 597 struct wlan_crypto_key *wlan_crypto_vdev_getkey(struct wlan_objmgr_vdev *vdev, 598 uint16_t keyix); 599 600 /** 601 * wlan_crypto_peer_getkey() - get key from peer 602 * @peer: peer 603 * @keyix: keyix 604 * 605 * This function gets key from peer 606 * 607 * Return: key or NULL 608 */ 609 struct wlan_crypto_key *wlan_crypto_peer_getkey(struct wlan_objmgr_peer *peer, 610 uint16_t keyix); 611 612 /** 613 * wlan_crypto_get_peer_fils_aead() - Get peer fils aead set flag 614 * @peer: Peer object 615 * 616 * This function returns the peer fils aead set flag value. 617 * 618 * Return: 1 for enabled, 0 for disabled 619 */ 620 uint8_t wlan_crypto_get_peer_fils_aead(struct wlan_objmgr_peer *peer); 621 622 /** 623 * wlan_crypto_set_peer_fils_aead() - Set peer fils aead set flag 624 * @peer: Peer object 625 * @value: Value to set the flag 626 * 627 * This function set the peer fils aead set flag once FILS AUTH received. 628 * 629 * Return: None 630 */ 631 void wlan_crypto_set_peer_fils_aead( 632 struct wlan_objmgr_peer *peer, uint8_t value); 633 634 /** 635 * wlan_crypto_get_key_header() - get header length 636 * @key: key 637 * 638 * This function gets header length based on keytype 639 * 640 * Return: header length 641 */ 642 uint8_t wlan_crypto_get_key_header(struct wlan_crypto_key *key); 643 644 /** 645 * wlan_crypto_get_key_trailer() - get cipher trailer length 646 * @key: key 647 * 648 * This function gets cipher trailer length based on keytype 649 * 650 * Return: cipher trailer length 651 */ 652 uint8_t wlan_crypto_get_key_trailer(struct wlan_crypto_key *key); 653 654 /** 655 * wlan_crypto_get_key_miclen() - get cipher miclen length 656 * @key: key 657 * 658 * This function gets cipher miclen length based on keytype 659 * 660 * Return: cipher miclen length 661 */ 662 uint8_t wlan_crypto_get_key_miclen(struct wlan_crypto_key *key); 663 664 /** 665 * wlan_crypto_get_keyid() - get keyid from frame 666 * @data: frame 667 * @hdrlen: 802.11 header length 668 * 669 * This function parse frame and returns keyid 670 * 671 * Return: keyid 672 */ 673 uint16_t wlan_crypto_get_keyid(uint8_t *data, int hdrlen); 674 675 /** 676 * wlan_crypto_restore_keys() - restore crypto keys in hw keycache 677 * @vdev: vdev 678 * 679 * This function restores keys in hw keycache 680 * 681 * Return: void 682 */ 683 void wlan_crypto_restore_keys(struct wlan_objmgr_vdev *vdev); 684 685 /** 686 * wlan_crypto_check_rsn_match() - called by ucfg to check for RSN match 687 * @psoc: psoc pointer 688 * @vdev_id: vdev id 689 * @ie_ptr: pointer to IEs 690 * @ie_len: IE length 691 * @peer_crypto_params: return peer crypto parameters 692 * 693 * This function gets called from ucfg to check RSN match. 694 * 695 * Return: true or false 696 */ 697 bool wlan_crypto_check_rsn_match(struct wlan_objmgr_psoc *psoc, 698 uint8_t vdev_id, uint8_t *ie_ptr, 699 uint16_t ie_len, struct wlan_crypto_params * 700 peer_crypto_params); 701 702 /** 703 * wlan_crypto_check_wpa_match() - called by ucfg to check for WPA match 704 * @psoc: psoc pointer 705 * @vdev_id: vdev id 706 * @ie_ptr: pointer to IEs 707 * @ie_len: IE length 708 * @peer_crypto_params: return peer crypto parameters 709 * 710 * This function gets called from ucfg to check WPA match. 711 * 712 * Return: true or false 713 */ 714 bool wlan_crypto_check_wpa_match(struct wlan_objmgr_psoc *psoc, 715 uint8_t vdev_id, uint8_t *ie_ptr, 716 uint16_t ie_len, struct wlan_crypto_params * 717 peer_crypto_params); 718 719 /** 720 * wlan_crypto_parse_rsnxe_ie() - parse RSNXE IE 721 * @rsnxe_ie: RSNXE IE pointer 722 * @cap_len: pointer to hold len of ext capability 723 * 724 * Return: pointer to RSNXE capability or NULL 725 */ 726 const uint8_t * 727 wlan_crypto_parse_rsnxe_ie(const uint8_t *rsnxe_ie, uint8_t *cap_len); 728 729 /** 730 * wlan_get_crypto_params_from_wapi_ie() - Function to get crypto params 731 * from wapi ie 732 * @crypto_params: return crypto parameters 733 * @ie_ptr: pointer to IEs 734 * @ie_len: IE length 735 * 736 * This function is used to get the crypto parameters from wapi ie 737 * 738 * Context: Any context. 739 * Return: QDF_STATUS 740 */ 741 #ifdef FEATURE_WLAN_WAPI 742 QDF_STATUS 743 wlan_get_crypto_params_from_wapi_ie(struct wlan_crypto_params *crypto_params, 744 const uint8_t *ie_ptr, uint16_t ie_len); 745 746 #else 747 static inline QDF_STATUS 748 wlan_get_crypto_params_from_wapi_ie(struct wlan_crypto_params *crypto_params, 749 const uint8_t *ie_ptr, uint16_t ie_len) 750 { 751 return QDF_STATUS_E_NOSUPPORT; 752 } 753 #endif 754 755 /** 756 * wlan_get_crypto_params_from_wpa_ie() - Function to get crypto params 757 * from wpa ie 758 * @crypto_params: return crypto parameters 759 * @ie_ptr: pointer to IEs 760 * @ie_len: IE length 761 * 762 * This function is used to get the crypto parameters from wpa ie 763 * 764 * Context: Any context. 765 * Return: QDF_STATUS 766 */ 767 QDF_STATUS 768 wlan_get_crypto_params_from_wpa_ie(struct wlan_crypto_params *crypto_params, 769 const uint8_t *ie_ptr, uint16_t ie_len); 770 771 /** 772 * wlan_get_crypto_params_from_rsn_ie() - Function to get crypto params 773 * from rsn ie 774 * @crypto_params: return crypto parameters 775 * @ie_ptr: pointer to IEs 776 * @ie_len: IE length 777 * 778 * This function is used to get the crypto parameters from rsn ie 779 * 780 * Context: Any context. 781 * Return: QDF_STATUS 782 */ 783 QDF_STATUS 784 wlan_get_crypto_params_from_rsn_ie(struct wlan_crypto_params *crypto_params, 785 const uint8_t *ie_ptr, uint16_t ie_len); 786 787 /** 788 * wlan_set_vdev_crypto_prarams_from_ie() - Sets vdev crypto params from IE info 789 * @vdev: vdev pointer 790 * @ie_ptr: pointer to IE 791 * @ie_len: IE length 792 * 793 * This function gets called from ucfg to set crypto params from IE data. 794 * 795 * Return: QDF_STATUS_SUCCESS or error code 796 */ 797 QDF_STATUS wlan_set_vdev_crypto_prarams_from_ie(struct wlan_objmgr_vdev *vdev, 798 uint8_t *ie_ptr, 799 uint16_t ie_len); 800 #ifdef WLAN_CRYPTO_GCM_OS_DERIVATIVE 801 static inline int wlan_crypto_aes_gmac(const uint8_t *key, size_t key_len, 802 uint8_t *iv, size_t iv_len, 803 const uint8_t *aad, size_t aad_len, 804 uint8_t *tag) 805 { 806 return qdf_crypto_aes_gmac(key, key_len, iv, aad, 807 aad + AAD_LEN, 808 aad_len - AAD_LEN - 809 IEEE80211_MMIE_GMAC_MICLEN, 810 tag); 811 } 812 #endif 813 #ifdef WLAN_CRYPTO_OMAC1_OS_DERIVATIVE 814 static inline int omac1_aes_128(const uint8_t *key, const uint8_t *data, 815 size_t data_len, uint8_t *mac) 816 { 817 return qdf_crypto_aes_128_cmac(key, data, data_len, mac); 818 } 819 820 static inline int omac1_aes_256(const uint8_t *key, const uint8_t *data, 821 size_t data_len, uint8_t *mac) 822 { 823 return 0; 824 } 825 #endif 826 827 /** 828 * ucfg_crypto_set_key_req() - Set key request to UCFG 829 * @vdev: vdev object 830 * @req: key request information 831 * @key_type: indicates the type of key to be set, unicast or group key 832 * 833 * Return: None 834 */ 835 QDF_STATUS ucfg_crypto_set_key_req(struct wlan_objmgr_vdev *vdev, 836 struct wlan_crypto_key *req, 837 enum wlan_crypto_key_type key_type); 838 839 /** 840 * wlan_crypto_get_default_key_idx() - Get the default key index 841 * @vdev: vdev object 842 * @igtk: denotes if the request is for igtk key type or not 843 * 844 * Return: Index of the requested key 845 */ 846 int8_t wlan_crypto_get_default_key_idx(struct wlan_objmgr_vdev *vdev, 847 bool igtk); 848 849 /** 850 * wlan_crypto_get_cipher() - Get the cipher type for the vdev 851 * @vdev: vdev object 852 * @pairwise: denotes if the request is for pairwise cipher or not 853 * @key_index: Index of the key whose cipher type has to be returned 854 * 855 * Return: enum wlan_crypto_cipher_type 856 */ 857 enum wlan_crypto_cipher_type 858 wlan_crypto_get_cipher(struct wlan_objmgr_vdev *vdev, 859 bool pairwise, uint8_t key_index); 860 861 #ifdef CRYPTO_SET_KEY_CONVERGED 862 /** 863 * wlan_crypto_update_set_key_peer() - Update the peer for set key 864 * @vdev: vdev object 865 * @pairwise: denotes if the request is for pairwise cipher or not 866 * @key_index: Index of the key whose peer has to be set 867 * @peer_mac: MAC address of the peer 868 * 869 * Return: None 870 */ 871 void wlan_crypto_update_set_key_peer(struct wlan_objmgr_vdev *vdev, 872 bool pairwise, uint8_t key_index, 873 struct qdf_mac_addr *peer_mac); 874 875 /** 876 * wlan_crypto_validate_key_params() - validates key parameters 877 * @cipher: cipher type 878 * @key_index: the index of the key 879 * @key_len: key length 880 * @seq_len: sequence counter length 881 * 882 * Return: QDF_STATUS 883 */ 884 QDF_STATUS wlan_crypto_validate_key_params(enum wlan_crypto_cipher_type cipher, 885 uint8_t key_index, uint8_t key_len, 886 uint8_t seq_len); 887 888 /** 889 * wlan_crypto_save_key() - Allocate memory for storing key 890 * @vdev: vdev object 891 * @key_index: the index of the key that needs to be allocated 892 * @crypto_key: Pointer to crypto key 893 * 894 * Return: QDF_STATUS 895 */ 896 QDF_STATUS wlan_crypto_save_key(struct wlan_objmgr_vdev *vdev, 897 uint8_t key_index, 898 struct wlan_crypto_key *crypto_key); 899 900 /** 901 * wlan_crypto_get_key() - Get the stored key information 902 * @vdev: vdev object 903 * @key_index: the index of the key that needs to be retrieved 904 * 905 * Return: Key material 906 */ 907 struct wlan_crypto_key *wlan_crypto_get_key(struct wlan_objmgr_vdev *vdev, 908 uint8_t key_index); 909 910 /** 911 * wlan_crypto_set_key_req() - Set key request 912 * @vdev: vdev object 913 * @req: key request information 914 * @key_type: indicates the type of key to be set, unicast or group key 915 * 916 * Return: QDF status 917 */ 918 QDF_STATUS wlan_crypto_set_key_req(struct wlan_objmgr_vdev *vdev, 919 struct wlan_crypto_key *req, 920 enum wlan_crypto_key_type key_type); 921 922 /** 923 * wlan_crypto_free_vdev_key() - Free keys for vdev 924 * @vdev: vdev object 925 * 926 * This function frees keys stored in vdev crypto object. 927 * 928 * Return: None 929 */ 930 void wlan_crypto_free_vdev_key(struct wlan_objmgr_vdev *vdev); 931 932 /** 933 * wlan_crypto_reset_vdev_params() - Reset params for vdev 934 * @vdev: vdev object 935 * 936 * This function reset params stored in vdev crypto object. 937 * 938 * Return: None 939 */ 940 void wlan_crypto_reset_vdev_params(struct wlan_objmgr_vdev *vdev); 941 #else 942 static inline void wlan_crypto_update_set_key_peer( 943 struct wlan_objmgr_vdev *vdev, 944 bool pairwise, 945 uint8_t key_index, 946 struct qdf_mac_addr *peer_mac) 947 { 948 } 949 950 static inline QDF_STATUS 951 wlan_crypto_save_key(struct wlan_objmgr_vdev *vdev, uint8_t key_index, 952 struct wlan_crypto_key *crypto_key) 953 { 954 return QDF_STATUS_SUCCESS; 955 } 956 957 static inline struct wlan_crypto_key * 958 wlan_crypto_get_key(struct wlan_objmgr_vdev *vdev, uint8_t key_index) 959 { 960 return NULL; 961 } 962 963 static inline 964 QDF_STATUS wlan_crypto_set_key_req(struct wlan_objmgr_vdev *vdev, 965 struct wlan_crypto_key *req, 966 enum wlan_crypto_key_type key_type) 967 { 968 return QDF_STATUS_SUCCESS; 969 } 970 971 static inline void wlan_crypto_free_vdev_key(struct wlan_objmgr_vdev *vdev) 972 { 973 } 974 975 static inline void wlan_crypto_reset_vdev_prarams(struct wlan_objmgr_vdev *vdev) 976 { 977 } 978 #endif /* CRYPTO_SET_KEY_CONVERGED */ 979 980 /** 981 * wlan_crypto_vdev_set_param() - Send vdev set param to firmware. 982 * @psoc: Pointer to PSOC object 983 * @vdev_id: vdev id 984 * @param_id: Param id 985 * @param_value: Param value 986 * 987 * Return: QDF_STATUS 988 */ 989 QDF_STATUS 990 wlan_crypto_vdev_set_param(struct wlan_objmgr_psoc *psoc, uint32_t vdev_id, 991 uint32_t param_id, uint32_t param_value); 992 993 /** 994 * wlan_crypto_get_peer_pmksa() - called to get pmksa based on pmksa parameter 995 * @vdev: vdev 996 * @pmksa: bssid 997 * 998 * This function is to get pmksa based on pmksa parameter 999 * 1000 * Return: wlan_crypto_pmksa when match found else NULL. 1001 */ 1002 struct wlan_crypto_pmksa * 1003 wlan_crypto_get_peer_pmksa(struct wlan_objmgr_vdev *vdev, 1004 struct wlan_crypto_pmksa *pmksa); 1005 1006 /** 1007 * wlan_crypto_get_pmksa() - called to get pmksa of bssid passed. 1008 * @vdev: vdev 1009 * @bssid: bssid 1010 * 1011 * This function gets called from to get pmksa for the bssid. 1012 * 1013 * Return: wlan_crypto_pmksa when match found else NULL. 1014 */ 1015 struct wlan_crypto_pmksa * 1016 wlan_crypto_get_pmksa(struct wlan_objmgr_vdev *vdev, 1017 struct qdf_mac_addr *bssid); 1018 1019 /** 1020 * wlan_crypto_get_fils_pmksa() - Get the PMKSA for FILS 1021 * SSID, if the SSID and cache id matches 1022 * @vdev: Pointer with VDEV object 1023 * @cache_id: Cache id 1024 * @ssid: Pointer to ssid 1025 * @ssid_len: SSID length 1026 * 1027 * Return: PMKSA entry if the cache id and SSID matches 1028 */ 1029 struct wlan_crypto_pmksa * 1030 wlan_crypto_get_fils_pmksa(struct wlan_objmgr_vdev *vdev, 1031 uint8_t *cache_id, uint8_t *ssid, 1032 uint8_t ssid_len); 1033 1034 /** 1035 * wlan_crypto_pmksa_flush() - called to flush saved pmksa 1036 * @crypto_params: crypto_params 1037 * 1038 * This function flush saved pmksa from crypto params. 1039 * 1040 * Return: QDF_STATUS_SUCCESS - in case of success 1041 */ 1042 QDF_STATUS wlan_crypto_pmksa_flush(struct wlan_crypto_params *crypto_params); 1043 1044 /** 1045 * wlan_crypto_set_del_pmksa() - called by ucfg to set/delete PMKSA 1046 * @vdev: vdev 1047 * @pmksa: pmksa to be set/del. 1048 * @set: set(set=1) or del(set=0) pmksa from the list. 1049 * 1050 * This function gets called from ucfg to set or del pmksa. 1051 * when given pmksa is NULL and set is 0, it is for flush all entries. 1052 * 1053 * Return: QDF_STATUS_SUCCESS - in case of success 1054 */ 1055 QDF_STATUS wlan_crypto_set_del_pmksa(struct wlan_objmgr_vdev *vdev, 1056 struct wlan_crypto_pmksa *pmksa, 1057 bool set); 1058 1059 /** 1060 * wlan_crypto_update_pmk_cache_ft() - Updates the mobility domain information 1061 * for a BSSID in the PMKSA Cache table. 1062 * @vdev: vdev 1063 * @pmksa: pmksa to be updated. 1064 * 1065 * This function gets called from ucfg to update pmksa with mdid. 1066 * And flush the matching mdid entries. 1067 * 1068 * Return: QDF_STATUS_SUCCESS - in case of success 1069 */ 1070 QDF_STATUS wlan_crypto_update_pmk_cache_ft(struct wlan_objmgr_vdev *vdev, 1071 struct wlan_crypto_pmksa *pmksa); 1072 1073 #if defined(WLAN_SAE_SINGLE_PMK) && defined(WLAN_FEATURE_ROAM_OFFLOAD) 1074 /** 1075 * wlan_crypto_selective_clear_sae_single_pmk_entries() - Clear the PMK entries 1076 * for BSS which have the single PMK flag set other than the current connected 1077 * AP 1078 * @vdev: Vdev 1079 * @conn_bssid: Connected bssid 1080 */ 1081 void 1082 wlan_crypto_selective_clear_sae_single_pmk_entries( 1083 struct wlan_objmgr_vdev *vdev, struct qdf_mac_addr *conn_bssid); 1084 1085 /** 1086 * wlan_crypto_set_sae_single_pmk_bss_cap() - Set the peer SAE single pmk 1087 * feature supported status 1088 * @vdev: Vdev 1089 * @bssid: BSSID for which the flag is to be set 1090 * @single_pmk_capable_bss: Flag to indicate Sae single pmk supported BSSID or 1091 * not 1092 */ 1093 void wlan_crypto_set_sae_single_pmk_bss_cap(struct wlan_objmgr_vdev *vdev, 1094 struct qdf_mac_addr *bssid, 1095 bool single_pmk_capable_bss); 1096 1097 /** 1098 * wlan_crypto_set_sae_single_pmk_info() - Set the peer SAE single pmk info 1099 * @vdev: Vdev 1100 * @roam_sync_pmksa: pmk info for roamed AP 1101 */ 1102 void 1103 wlan_crypto_set_sae_single_pmk_info(struct wlan_objmgr_vdev *vdev, 1104 struct wlan_crypto_pmksa *roam_sync_pmksa); 1105 1106 #else 1107 static inline void 1108 wlan_crypto_selective_clear_sae_single_pmk_entries( 1109 struct wlan_objmgr_vdev *vdev, struct qdf_mac_addr *conn_bssid) 1110 { 1111 } 1112 1113 static inline 1114 void wlan_crypto_set_sae_single_pmk_bss_cap(struct wlan_objmgr_vdev *vdev, 1115 struct qdf_mac_addr *bssid, 1116 bool single_pmk_capable_bss) 1117 { 1118 } 1119 1120 static inline void 1121 wlan_crypto_set_sae_single_pmk_info(struct wlan_objmgr_vdev *vdev, 1122 struct wlan_crypto_pmksa *roam_sync_pmksa) 1123 { 1124 } 1125 #endif 1126 1127 #if defined(WIFI_POS_CONVERGED) && defined(WLAN_FEATURE_RTT_11AZ_SUPPORT) 1128 QDF_STATUS 1129 wlan_crypto_set_ltf_keyseed(struct wlan_objmgr_psoc *psoc, 1130 struct wlan_crypto_ltf_keyseed_data *data); 1131 #else 1132 static inline QDF_STATUS 1133 wlan_crypto_set_ltf_keyseed(struct wlan_objmgr_psoc *psoc, 1134 struct wlan_crypto_ltf_keyseed_data *data) 1135 { 1136 return QDF_STATUS_SUCCESS; 1137 } 1138 #endif 1139 1140 #ifdef WLAN_FEATURE_FILS_SK 1141 /** 1142 * wlan_crypto_create_fils_rik() - This API create rik using rrk coming from 1143 * supplicant. 1144 * @rrk: input rrk 1145 * @rrk_len: rrk length 1146 * @rik: Created rik 1147 * @rik_len: rik length to be filled 1148 * 1149 * rIK = KDF (K, S), where 1150 * K = rRK and 1151 * S = rIK Label + "\0" + cryptosuite + length 1152 * The rIK Label is the 8-bit ASCII string: 1153 * Re-authentication Integrity Key@ietf.org 1154 * 1155 * Return: QDF_STATUS 1156 */ 1157 QDF_STATUS wlan_crypto_create_fils_rik(uint8_t *rrk, uint8_t rrk_len, 1158 uint8_t *rik, uint32_t *rik_len); 1159 #endif /* WLAN_FEATURE_FILS_SK */ 1160 #endif /* end of _WLAN_CRYPTO_GLOBAL_API_H_ */ 1161