1 /* 2 * Copyright (c) 2017-2020 The Linux Foundation. All rights reserved. 3 * 4 * Permission to use, copy, modify, and/or distribute this software for 5 * any purpose with or without fee is hereby granted, provided that the 6 * above copyright notice and this permission notice appear in all 7 * copies. 8 * 9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL 10 * WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED 11 * WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE 12 * AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL 13 * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR 14 * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER 15 * TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR 16 * PERFORMANCE OF THIS SOFTWARE. 17 */ 18 19 /** 20 * DOC: Public definations for crypto service 21 */ 22 23 #ifndef _WLAN_CRYPTO_GLOBAL_DEF_H_ 24 #define _WLAN_CRYPTO_GLOBAL_DEF_H_ 25 26 #include <wlan_cmn.h> 27 #ifdef WLAN_CRYPTO_SUPPORT_FILS 28 #include "wlan_crypto_fils_def.h" 29 #endif 30 #include <wlan_objmgr_cmn.h> 31 #include <wlan_cmn_ieee80211.h> 32 33 #define WLAN_CRYPTO_TID_SIZE (17) 34 #define WLAN_CRYPTO_RSC_SIZE (16) 35 #define WLAN_CRYPTO_KEYBUF_SIZE (32) 36 #define WLAN_CRYPTO_MICBUF_SIZE (16) 37 #define WLAN_CRYPTO_MIC_LEN (8) 38 #define WLAN_CRYPTO_IV_SIZE (16) 39 #define WLAN_CRYPTO_MIC256_LEN (16) 40 #define WLAN_CRYPTO_TXMIC_OFFSET (0) 41 #define WLAN_CRYPTO_RXMIC_OFFSET (WLAN_CRYPTO_TXMIC_OFFSET + \ 42 WLAN_CRYPTO_MIC_LEN) 43 #define WLAN_CRYPTO_WAPI_IV_SIZE (16) 44 #define WLAN_CRYPTO_CRC_LEN (4) 45 #define WLAN_CRYPTO_IV_LEN (3) 46 #define WLAN_CRYPTO_KEYID_LEN (1) 47 #define WLAN_CRYPTO_EXT_IV_LEN (4) 48 #define WLAN_CRYPTO_EXT_IV_BIT (0x20) 49 #define WLAN_CRYPTO_KEYIX_NONE ((uint16_t)-1) 50 #define WLAN_CRYPTO_MAXKEYIDX (4) 51 #define WLAN_CRYPTO_MAXIGTKKEYIDX (2) 52 #define WLAN_CRYPTO_MAXBIGTKKEYIDX (2) 53 #ifndef WLAN_CRYPTO_MAX_VLANKEYIX 54 #define WLAN_CRYPTO_MAX_VLANKEYIX WLAN_CRYPTO_MAXKEYIDX 55 #endif 56 #define WLAN_CRYPTO_MAX_PMKID (16) 57 58 /* 40 bit wep key len */ 59 #define WLAN_CRYPTO_KEY_WEP40_LEN (5) 60 /* 104 bit wep key len */ 61 #define WLAN_CRYPTO_KEY_WEP104_LEN (13) 62 /* 128 bit wep key len */ 63 #define WLAN_CRYPTO_KEY_WEP128_LEN (16) 64 65 #define WLAN_CRYPTO_KEY_TKIP_LEN (32) 66 #define WLAN_CRYPTO_KEY_CCMP_LEN (16) 67 #define WLAN_CRYPTO_KEY_CCMP_256_LEN (32) 68 #define WLAN_CRYPTO_KEY_GCMP_LEN (16) 69 #define WLAN_CRYPTO_KEY_GCMP_256_LEN (32) 70 #define WLAN_CRYPTO_KEY_WAPI_LEN (32) 71 #define WLAN_CRYPTO_KEY_GMAC_LEN (16) 72 #define WLAN_CRYPTO_KEY_GMAC_256_LEN (32) 73 #define WLAN_CRYPTO_WPI_SMS4_IVLEN (16) 74 #define WLAN_CRYPTO_WPI_SMS4_KIDLEN (1) 75 #define WLAN_CRYPTO_WPI_SMS4_PADLEN (1) 76 #define WLAN_CRYPTO_WPI_SMS4_MICLEN (16) 77 78 /* key used for xmit */ 79 #define WLAN_CRYPTO_KEY_XMIT (0x01) 80 /* key used for recv */ 81 #define WLAN_CRYPTO_KEY_RECV (0x02) 82 /* key used for WPA group operation */ 83 #define WLAN_CRYPTO_KEY_GROUP (0x04) 84 /* key also used for management frames */ 85 #define WLAN_CRYPTO_KEY_MFP (0x08) 86 /* host-based encryption */ 87 #define WLAN_CRYPTO_KEY_SWENCRYPT (0x10) 88 /* host-based enmic */ 89 #define WLAN_CRYPTO_KEY_SWENMIC (0x20) 90 /* do not remove unless OS commands us to do so */ 91 #define WLAN_CRYPTO_KEY_PERSISTENT (0x40) 92 /* per STA default key */ 93 #define WLAN_CRYPTO_KEY_DEFAULT (0x80) 94 /* host-based decryption */ 95 #define WLAN_CRYPTO_KEY_SWDECRYPT (0x100) 96 /* host-based demic */ 97 #define WLAN_CRYPTO_KEY_SWDEMIC (0x200) 98 /* get pn from fw for key */ 99 #define WLAN_CRYPTO_KEY_GET_PN (0x400) 100 101 #define WLAN_CRYPTO_KEY_SWCRYPT (WLAN_CRYPTO_KEY_SWENCRYPT \ 102 | WLAN_CRYPTO_KEY_SWDECRYPT) 103 104 #define WLAN_CRYPTO_KEY_SWMIC (WLAN_CRYPTO_KEY_SWENMIC \ 105 | WLAN_CRYPTO_KEY_SWDEMIC) 106 107 #if LINUX_VERSION_CODE < KERNEL_VERSION(4, 12, 0) 108 #define WLAN_AKM_SUITE_FT_8021X 0x000FAC03 109 #define WLAN_AKM_SUITE_FT_PSK 0x000FAC04 110 #endif 111 112 /* 113 * Cipher types 114 */ 115 typedef enum wlan_crypto_cipher_type { 116 WLAN_CRYPTO_CIPHER_WEP = 0, 117 WLAN_CRYPTO_CIPHER_TKIP = 1, 118 WLAN_CRYPTO_CIPHER_AES_OCB = 2, 119 WLAN_CRYPTO_CIPHER_AES_CCM = 3, 120 WLAN_CRYPTO_CIPHER_WAPI_SMS4 = 4, 121 WLAN_CRYPTO_CIPHER_CKIP = 5, 122 WLAN_CRYPTO_CIPHER_AES_CMAC = 6, 123 WLAN_CRYPTO_CIPHER_AES_CCM_256 = 7, 124 WLAN_CRYPTO_CIPHER_AES_CMAC_256 = 8, 125 WLAN_CRYPTO_CIPHER_AES_GCM = 9, 126 WLAN_CRYPTO_CIPHER_AES_GCM_256 = 10, 127 WLAN_CRYPTO_CIPHER_AES_GMAC = 11, 128 WLAN_CRYPTO_CIPHER_AES_GMAC_256 = 12, 129 WLAN_CRYPTO_CIPHER_WAPI_GCM4 = 13, 130 WLAN_CRYPTO_CIPHER_FILS_AEAD = 14, 131 WLAN_CRYPTO_CIPHER_WEP_40 = 15, 132 WLAN_CRYPTO_CIPHER_WEP_104 = 16, 133 WLAN_CRYPTO_CIPHER_NONE = 17, 134 WLAN_CRYPTO_CIPHER_MAX = (WLAN_CRYPTO_CIPHER_NONE + 1), 135 WLAN_CRYPTO_CIPHER_INVALID, 136 } wlan_crypto_cipher_type; 137 138 /* Auth types */ 139 typedef enum wlan_crypto_auth_mode { 140 WLAN_CRYPTO_AUTH_NONE = 0, 141 WLAN_CRYPTO_AUTH_OPEN = 1, 142 WLAN_CRYPTO_AUTH_SHARED = 2, 143 WLAN_CRYPTO_AUTH_8021X = 3, 144 WLAN_CRYPTO_AUTH_AUTO = 4, 145 WLAN_CRYPTO_AUTH_WPA = 5, 146 WLAN_CRYPTO_AUTH_RSNA = 6, 147 WLAN_CRYPTO_AUTH_CCKM = 7, 148 WLAN_CRYPTO_AUTH_WAPI = 8, 149 WLAN_CRYPTO_AUTH_SAE = 9, 150 WLAN_CRYPTO_AUTH_FILS_SK = 10, 151 /** Keep WLAN_CRYPTO_AUTH_MAX at the end. */ 152 WLAN_CRYPTO_AUTH_MAX = WLAN_CRYPTO_AUTH_FILS_SK, 153 } wlan_crypto_auth_mode; 154 155 /* crypto capabilities */ 156 typedef enum wlan_crypto_cap { 157 WLAN_CRYPTO_CAP_PRIVACY = 0, 158 WLAN_CRYPTO_CAP_WPA1 = 1, 159 WLAN_CRYPTO_CAP_WPA2 = 2, 160 WLAN_CRYPTO_CAP_WPA = 3, 161 WLAN_CRYPTO_CAP_AES = 4, 162 WLAN_CRYPTO_CAP_WEP = 5, 163 WLAN_CRYPTO_CAP_CKIP = 6, 164 WLAN_CRYPTO_CAP_TKIP_MIC = 7, 165 WLAN_CRYPTO_CAP_CCM256 = 8, 166 WLAN_CRYPTO_CAP_GCM = 9, 167 WLAN_CRYPTO_CAP_GCM_256 = 10, 168 WLAN_CRYPTO_CAP_WAPI_SMS4 = 11, 169 WLAN_CRYPTO_CAP_WAPI_GCM4 = 12, 170 WLAN_CRYPTO_CAP_KEY_MGMT_OFFLOAD = 13, 171 WLAN_CRYPTO_CAP_PMF_OFFLOAD = 14, 172 WLAN_CRYPTO_CAP_PN_TID_BASED = 15, 173 WLAN_CRYPTO_CAP_FILS_AEAD = 16, 174 } wlan_crypto_cap; 175 176 typedef enum wlan_crypto_rsn_cap { 177 WLAN_CRYPTO_RSN_CAP_PREAUTH = 0x01, 178 WLAN_CRYPTO_RSN_CAP_MFP_ENABLED = 0x80, 179 WLAN_CRYPTO_RSN_CAP_MFP_REQUIRED = 0x40, 180 } wlan_crypto_rsn_cap; 181 182 typedef enum wlan_crypto_key_mgmt { 183 WLAN_CRYPTO_KEY_MGMT_IEEE8021X = 0, 184 WLAN_CRYPTO_KEY_MGMT_PSK = 1, 185 WLAN_CRYPTO_KEY_MGMT_NONE = 2, 186 WLAN_CRYPTO_KEY_MGMT_IEEE8021X_NO_WPA = 3, 187 WLAN_CRYPTO_KEY_MGMT_WPA_NONE = 4, 188 WLAN_CRYPTO_KEY_MGMT_FT_IEEE8021X = 5, 189 WLAN_CRYPTO_KEY_MGMT_FT_PSK = 6, 190 WLAN_CRYPTO_KEY_MGMT_IEEE8021X_SHA256 = 7, 191 WLAN_CRYPTO_KEY_MGMT_PSK_SHA256 = 8, 192 WLAN_CRYPTO_KEY_MGMT_WPS = 9, 193 WLAN_CRYPTO_KEY_MGMT_SAE = 10, 194 WLAN_CRYPTO_KEY_MGMT_FT_SAE = 11, 195 WLAN_CRYPTO_KEY_MGMT_WAPI_PSK = 12, 196 WLAN_CRYPTO_KEY_MGMT_WAPI_CERT = 13, 197 WLAN_CRYPTO_KEY_MGMT_CCKM = 14, 198 WLAN_CRYPTO_KEY_MGMT_OSEN = 15, 199 WLAN_CRYPTO_KEY_MGMT_IEEE8021X_SUITE_B = 16, 200 WLAN_CRYPTO_KEY_MGMT_IEEE8021X_SUITE_B_192 = 17, 201 WLAN_CRYPTO_KEY_MGMT_FILS_SHA256 = 18, 202 WLAN_CRYPTO_KEY_MGMT_FILS_SHA384 = 19, 203 WLAN_CRYPTO_KEY_MGMT_FT_FILS_SHA256 = 20, 204 WLAN_CRYPTO_KEY_MGMT_FT_FILS_SHA384 = 21, 205 WLAN_CRYPTO_KEY_MGMT_OWE = 22, 206 WLAN_CRYPTO_KEY_MGMT_DPP = 23, 207 WLAN_CRYPTO_KEY_MGMT_FT_IEEE8021X_SHA384 = 24, 208 /** Keep WLAN_CRYPTO_KEY_MGMT_MAX at the end. */ 209 WLAN_CRYPTO_KEY_MGMT_MAX = WLAN_CRYPTO_KEY_MGMT_FT_IEEE8021X_SHA384, 210 } wlan_crypto_key_mgmt; 211 212 enum wlan_crypto_key_type { 213 WLAN_CRYPTO_KEY_TYPE_UNICAST, 214 WLAN_CRYPTO_KEY_TYPE_GROUP, 215 }; 216 217 #define IS_WEP_CIPHER(_c) ((_c == WLAN_CRYPTO_CIPHER_WEP) || \ 218 (_c == WLAN_CRYPTO_CIPHER_WEP_40) || \ 219 (_c == WLAN_CRYPTO_CIPHER_WEP_104)) 220 /** 221 * struct wlan_crypto_pmksa - structure of crypto to contain pmkid 222 * @bssid: bssid for which pmkid is saved 223 * @pmkid: pmkid info 224 * @pmk: pmk info 225 * @pmk_len: pmk len 226 * @ssid_len: ssid length 227 * @ssid: ssid information 228 * @cache_id: cache id 229 * @single_pmk_supported: SAE single pmk supported BSS 230 */ 231 struct wlan_crypto_pmksa { 232 struct qdf_mac_addr bssid; 233 uint8_t pmkid[PMKID_LEN]; 234 uint8_t pmk[MAX_PMK_LEN]; 235 uint8_t pmk_len; 236 uint8_t ssid_len; 237 uint8_t ssid[WLAN_SSID_MAX_LEN]; 238 uint8_t cache_id[WLAN_CACHE_ID_LEN]; 239 #if defined(WLAN_SAE_SINGLE_PMK) && defined(WLAN_FEATURE_ROAM_OFFLOAD) 240 bool single_pmk_supported; 241 #endif 242 }; 243 244 /** 245 * struct wlan_crypto_params - holds crypto params 246 * @authmodeset: authentication mode 247 * @ucastcipherset: unicast ciphers 248 * @mcastcipherset: multicast cipher 249 * @mgmtcipherset: mgmt cipher 250 * @cipher_caps: cipher capability 251 * @key_mgmt: key mgmt 252 * @pmksa: pmksa 253 * @rsn_caps: rsn_capability 254 * 255 * This structure holds crypto params for peer or vdev 256 */ 257 struct wlan_crypto_params { 258 uint32_t authmodeset; 259 uint32_t ucastcipherset; 260 uint32_t mcastcipherset; 261 uint32_t mgmtcipherset; 262 uint32_t cipher_caps; 263 uint32_t key_mgmt; 264 struct wlan_crypto_pmksa *pmksa[WLAN_CRYPTO_MAX_PMKID]; 265 uint16_t rsn_caps; 266 }; 267 268 typedef enum wlan_crypto_param_type { 269 WLAN_CRYPTO_PARAM_AUTH_MODE, 270 WLAN_CRYPTO_PARAM_UCAST_CIPHER, 271 WLAN_CRYPTO_PARAM_MCAST_CIPHER, 272 WLAN_CRYPTO_PARAM_MGMT_CIPHER, 273 WLAN_CRYPTO_PARAM_CIPHER_CAP, 274 WLAN_CRYPTO_PARAM_RSN_CAP, 275 WLAN_CRYPTO_PARAM_KEY_MGMT, 276 WLAN_CRYPTO_PARAM_PMKSA, 277 } wlan_crypto_param_type; 278 279 /** 280 * struct wlan_crypto_key - key structure 281 * @keylen: length of the key 282 * @valid: is key valid or not 283 * @flags: key flags 284 * @keyix: key id 285 * @cipher_type: cipher type being used for this key 286 * @mac_addr: MAC address of the peer 287 * @cipher_table: table which stores cipher related info 288 * @private: private pointer to save cipher context 289 * @keylock: spin lock 290 * @recviv: WAPI key receive sequence counter 291 * @txiv: WAPI key transmit sequence counter 292 * @keytsc: key transmit sequence counter 293 * @keyrsc: key receive sequence counter 294 * @keyrsc_suspect: key receive sequence counter under 295 * suspect when pN jump is detected 296 * @keyglobal: key receive global sequence counter used with suspect 297 * @keyval: key value buffer 298 * 299 * This key structure to key related details. 300 */ 301 struct wlan_crypto_key { 302 uint8_t keylen; 303 bool valid; 304 uint16_t flags; 305 uint16_t keyix; 306 enum wlan_crypto_cipher_type cipher_type; 307 uint8_t macaddr[QDF_MAC_ADDR_SIZE]; 308 void *cipher_table; 309 void *private; 310 qdf_spinlock_t keylock; 311 uint8_t recviv[WLAN_CRYPTO_WAPI_IV_SIZE]; 312 uint8_t txiv[WLAN_CRYPTO_WAPI_IV_SIZE]; 313 uint64_t keytsc; 314 uint64_t keyrsc[WLAN_CRYPTO_TID_SIZE]; 315 uint64_t keyrsc_suspect[WLAN_CRYPTO_TID_SIZE]; 316 uint64_t keyglobal; 317 uint8_t keyval[WLAN_CRYPTO_KEYBUF_SIZE 318 + WLAN_CRYPTO_MICBUF_SIZE]; 319 #define txmic (keyval + WLAN_CRYPTO_KEYBUF_SIZE \ 320 + WLAN_CRYPTO_TXMIC_OFFSET) 321 #define rxmic (keyval + WLAN_CRYPTO_KEYBUF_SIZE \ 322 + WLAN_CRYPTO_RXMIC_OFFSET) 323 }; 324 325 /** 326 * struct wlan_crypto_req_key - key request structure 327 * @type: key/cipher type 328 * @pad: padding member 329 * @keyix: key index 330 * @keylen: length of the key value 331 * @flags: key flags 332 * @macaddr: macaddr of the key 333 * @keyrsc: key receive sequence counter 334 * @keytsc: key transmit sequence counter 335 * @keydata: key value 336 * @txiv: wapi key tx iv 337 * @rxiv: wapi key rx iv 338 * @filsaad: FILS AEAD data 339 * 340 * Key request structure used for setkey, getkey or delkey 341 */ 342 struct wlan_crypto_req_key { 343 uint8_t type; 344 uint8_t pad; 345 uint16_t keyix; 346 uint8_t keylen; 347 uint16_t flags; 348 uint8_t macaddr[QDF_MAC_ADDR_SIZE]; 349 uint64_t keyrsc; 350 uint64_t keytsc; 351 uint8_t keydata[WLAN_CRYPTO_KEYBUF_SIZE + WLAN_CRYPTO_MICBUF_SIZE]; 352 uint8_t txiv[WLAN_CRYPTO_WAPI_IV_SIZE]; 353 uint8_t recviv[WLAN_CRYPTO_WAPI_IV_SIZE]; 354 #ifdef WLAN_CRYPTO_SUPPORT_FILS 355 struct wlan_crypto_fils_aad_key filsaad; 356 #endif 357 }; 358 359 /** 360 * struct wlan_lmac_if_crypto_tx_ops - structure of crypto function 361 * pointers 362 * @allockey: function pointer to alloc key in hw 363 * @setkey: function pointer to setkey in hw 364 * @delkey: function pointer to delkey in hw 365 * @defaultkey: function pointer to set default key 366 * @set_key: converged function pointer to set key in hw 367 * @getpn: function pointer to get current pn value of peer 368 */ 369 370 struct wlan_lmac_if_crypto_tx_ops { 371 QDF_STATUS (*allockey)(struct wlan_objmgr_vdev *vdev, 372 struct wlan_crypto_key *key, 373 uint8_t *macaddr, uint32_t key_type); 374 QDF_STATUS (*setkey)(struct wlan_objmgr_vdev *vdev, 375 struct wlan_crypto_key *key, 376 uint8_t *macaddr, uint32_t key_type); 377 QDF_STATUS (*delkey)(struct wlan_objmgr_vdev *vdev, 378 struct wlan_crypto_key *key, 379 uint8_t *macaddr, uint32_t key_type); 380 QDF_STATUS (*defaultkey)(struct wlan_objmgr_vdev *vdev, 381 uint8_t keyix, uint8_t *macaddr); 382 QDF_STATUS (*set_key)(struct wlan_objmgr_vdev *vdev, 383 struct wlan_crypto_key *key, 384 enum wlan_crypto_key_type key_type); 385 QDF_STATUS(*getpn)(struct wlan_objmgr_vdev *vdev, 386 uint8_t *macaddr, uint32_t key_type); 387 }; 388 389 /** 390 * struct wlan_lmac_if_crypto_rx_ops - structure of crypto rx function 391 * pointers 392 * @encap: function pointer to encap tx frame 393 * @decap: function pointer to decap rx frame in hw 394 * @enmic: function pointer to enmic tx frame 395 * @demic: function pointer to demic rx frame 396 */ 397 398 struct wlan_lmac_if_crypto_rx_ops { 399 QDF_STATUS(*crypto_encap)(struct wlan_objmgr_vdev *vdev, 400 qdf_nbuf_t wbuf, uint8_t *macaddr, 401 uint8_t encapdone); 402 QDF_STATUS(*crypto_decap)(struct wlan_objmgr_vdev *vdev, 403 qdf_nbuf_t wbuf, uint8_t *macaddr, 404 uint8_t tid); 405 QDF_STATUS(*crypto_enmic)(struct wlan_objmgr_vdev *vdev, 406 qdf_nbuf_t wbuf, uint8_t *macaddr, 407 uint8_t encapdone); 408 QDF_STATUS(*crypto_demic)(struct wlan_objmgr_vdev *vdev, 409 qdf_nbuf_t wbuf, uint8_t *macaddr, 410 uint8_t tid, uint8_t keyid); 411 QDF_STATUS(*set_peer_wep_keys)(struct wlan_objmgr_vdev *vdev, 412 struct wlan_objmgr_peer *peer); 413 }; 414 415 #define WLAN_CRYPTO_RX_OPS_ENCAP(crypto_rx_ops) \ 416 (crypto_rx_ops->crypto_encap) 417 #define WLAN_CRYPTO_RX_OPS_DECAP(crypto_rx_ops) \ 418 (crypto_rx_ops->crypto_decap) 419 #define WLAN_CRYPTO_RX_OPS_ENMIC(crypto_rx_ops) \ 420 (crypto_rx_ops->crypto_enmic) 421 #define WLAN_CRYPTO_RX_OPS_DEMIC(crypto_rx_ops) \ 422 (crypto_rx_ops->crypto_demic) 423 #define WLAN_CRYPTO_RX_OPS_SET_PEER_WEP_KEYS(crypto_rx_ops) \ 424 (crypto_rx_ops->set_peer_wep_keys) 425 426 #endif /* end of _WLAN_CRYPTO_GLOBAL_DEF_H_ */ 427