39 #define ENOTSUP_WEP __einfo_error ( EINFO_ENOTSUP_WEP ) 40 #define EINFO_ENOTSUP_WEP __einfo_uniqify ( EINFO_ENOTSUP, \ 41 ( 0x10 | NET80211_CRYPT_WEP ), "WEP not supported" ) 42 #define ENOTSUP_TKIP __einfo_error ( EINFO_ENOTSUP_TKIP ) 43 #define EINFO_ENOTSUP_TKIP __einfo_uniqify ( EINFO_ENOTSUP, \ 44 ( 0x10 | NET80211_CRYPT_TKIP ), "TKIP not supported" ) 45 #define ENOTSUP_CCMP __einfo_error ( EINFO_ENOTSUP_CCMP ) 46 #define EINFO_ENOTSUP_CCMP __einfo_uniqify ( EINFO_ENOTSUP, \ 47 ( 0x10 | NET80211_CRYPT_CCMP ), "CCMP not supported" ) 48 #define ENOTSUP_CRYPT( crypt ) \ 49 EUNIQ ( EINFO_ENOTSUP, ( 0x10 | (crypt) ), \ 50 ENOTSUP_WEP, ENOTSUP_TKIP, ENOTSUP_CCMP ) 62 #define END_MAGIC 0xFFFFFFFF 115 const void *
key,
int len,
const void *
rsc )
125 DBG (
"802.11-Sec not installing null cryptography\n" );
132 crypto =
zalloc (
sizeof ( *crypto ) +
135 DBG (
"802.11-Sec out of memory\n" );
139 memcpy ( crypto, tbl_crypto,
sizeof ( *crypto ) );
140 crypto->
priv = ( (
void * ) crypto +
141 sizeof ( *crypto ) );
147 DBG (
"802.11-Sec no support for cryptosystem %d\n", crypt );
153 DBG (
"802.11-Sec installing cryptosystem %d as %p with key of " 154 "length %d\n", crypt, crypto,
len );
188 void *tbl_start,
void *tbl_end )
197 sizeof ( struct net80211_handshaker ) );
199 if ( map != rsn_cipher_map && map != rsn_akm_map )
203 for ( tblp = tbl_start; tblp < tbl_end; tblp += tbl_stride ) {
204 struct net80211_crypto *crypto = tblp;
205 struct net80211_handshaker *hs = tblp;
207 if ( map == rsn_cipher_map )
208 ok |= ( 1 << crypto->algorithm );
210 ok |= ( 1 << hs->protocol );
214 if ( rsn + 2 > rsn_end ) {
215 DBG ( "RSN detect: malformed descriptor count\n" );
219 ndesc = *( u16 * ) rsn;
223 DBG ( "RSN detect: no descriptors\n" );
231 if ( rsn + 4 > rsn_end ) {
232 DBG ( "RSN detect: malformed descriptor (%d left)\n",
237 desc = *( u32 * ) rsn;
240 for ( map_ent = map; map_ent->oui_type != END_MAGIC; map_ent++ )
241 if ( map_ent->
oui_type == ( desc & OUI_TYPE_MASK ) )
249 if ( ok & ( 1 << map_ent->net80211_type ) ) {
284 int *is_rsn, u8 **end )
294 DBG (
"RSN detect: old-style WPA IE found\n" );
295 rsn = &ie->vendor.data[0];
296 *
end = rsn + ie->len - 4;
299 DBG (
"RSN detect: 802.11i RSN IE found\n" );
300 rsn = (
u8 * ) &ie->rsn.version;
301 *
end = rsn + ie->len;
305 if ( rsn && ( *
end > (
u8 * ) ie_end || rsn >= *
end ||
307 DBG (
"RSN detect: malformed RSN IE or unknown " 308 "version, keep trying\n" );
319 DBG (
"RSN detect: no RSN IE found\n" );
366 cr =
map->net80211_type;
378 sp =
map->net80211_type;
381 DBG (
"RSN detect: OK, crypto type %d, secprot type %d\n",
cr,
sp );
387 DBG (
"RSN detect: invalid RSN IE\n" );
421 &is_rsn, &rsn_end ) ) ) {
442 DBG (
"Failed to handle RSN IE:\n" );
443 DBG_HD ( rsn, rsn_end - rsn );
464 if (
map->net80211_type ==
id )
517 return map->net80211_type;
#define IEEE80211_RSN_CTYPE_CCMP
802.11 RSN IE: cipher type for CCMP ("WPA2")
#define IEEE80211_RSN_OUI
Organization part for OUIs in standard RSN IE.
#define EINVAL
Invalid argument.
u32 oui_type
OUI+type in appropriate byte order, masked to exclude vendor.
struct arbelprm_rc_send_wqe rc
Network protected with CCMP (AES-based system)
#define IEEE80211_RSN_ATYPE_8021X
802.11 RSN IE: auth method type for using an 802.1X server
static union ieee80211_ie * ieee80211_next_ie(union ieee80211_ie *ie, void *end)
Advance to next 802.11 information element.
#define table_start(table)
Get start of linker table.
Dummy value used when the cryptosystem can't be detected.
struct golan_inbox_hdr hdr
Message header.
#define IEEE80211_CAPAB_PRIVACY
Set if the network is encrypted (by any method)
static unsigned short vendor
Constants and data structures defined in IEEE 802.11, subsetted according to what iPXE knows how to u...
uint64_t desc
Microcode descriptor list physical address.
An 802.11 data or management frame without QoS or WDS header fields.
net80211_security_proto
An 802.11 security handshaking protocol.
Full EAP 802.1X handshaking.
#define IEEE80211_RSN_CTYPE_WEP104
802.11 RSN IE: cipher type for 104-bit WEP
FILE_LICENCE(GPL2_OR_LATER)
#define IEEE80211_RSN_CTYPE_WEP40
802.11 RSN IE: cipher type for 40-bit WEP
Network protected with WEP (awful RC4-based system)
int(* init)(struct net80211_crypto *crypto, const void *key, int keylen, const void *rsc)
Initialize cryptosystem using a given key.
int priv_len
Length of private data requested to be allocated.
Dummy value used when the handshaking type can't be detected.
#define END_MAGIC
Magic number in oui_type showing end of list.
Definitions for general secured-network routines.
static struct descriptor_map * rsn_pick_desc(u8 **rsnp, u8 *rsn_end, struct descriptor_map *map, void *tbl_start, void *tbl_end)
Determine net80211 crypto or handshaking type value to return for RSN info.
#define IEEE80211_RSN_ATYPE_PSK
802.11 RSN IE: auth method type for using a pre-shared key
#define ENOTSUP_CRYPT(crypt)
uint32_t start
Starting offset.
#define ENOMEM
Not enough space.
enum net80211_crypto_alg algorithm
The cryptographic algorithm implemented.
void * memcpy(void *dest, const void *src, size_t len) __nonnull
static u32 rsn_get_desc(unsigned id, int rsnie, struct descriptor_map *map)
Determine RSN descriptor for specified net80211 ID.
#define IEEE80211_WPA_OUI_VEN
Old vendor-type WPA IE OUI type + subtype.
Pre-shared key handshaking.
u8 rsc[8]
Receive sequence counter for GTK.
#define IEEE80211_WPA_OUI
Organization part for OUIs in old WPA IE.
int sec80211_install(struct net80211_crypto **which, enum net80211_crypto_alg crypt, const void *key, int len, const void *rsc)
Install 802.11 cryptosystem.
Mapping from net80211 crypto/secprot types to RSN OUI descriptors.
#define IEEE80211_IE_VENDOR
Information element ID for Vendor Specific information element.
static void(* free)(struct refcnt *refcnt))
void * zalloc(size_t size)
Allocate cleared memory.
#define NET80211_HANDSHAKERS
The iPXE 802.11 MAC layer.
#define IEEE80211_IE_RSN
Information element ID for Robust Security Network information element.
static struct descriptor_map rsn_cipher_map[]
Mapping between net80211 cryptosystems and 802.11i cipher IDs.
No security, an "Open" network.
#define for_each_table_entry(pointer, table)
Iterate through all entries within a linker table.
static int ieee80211_ie_bound(union ieee80211_ie *ie, void *end)
Check that 802.11 information element is bounded by buffer.
#define IEEE80211_RSN_CTYPE_TKIP
802.11 RSN IE: cipher type for TKIP ("WPA")
static __always_inline int struct dma_mapping * map
u32 oui_type
OUI + type byte.
void * priv
Private data for the algorithm to store key and state info.
int sec80211_detect_ie(int is_rsn, u8 *start, u8 *end, enum net80211_security_proto *secprot, enum net80211_crypto_alg *crypt)
Detect crypto and AKM types from RSN information element.
u32 sec80211_rsn_get_crypto_desc(enum net80211_crypto_alg crypt, int rsnie)
Determine RSN descriptor for specified net80211 cryptosystem number.
u32 sec80211_rsn_get_akm_desc(enum net80211_security_proto secprot, int rsnie)
Determine RSN descriptor for specified net80211 handshaker number.
static struct descriptor_map rsn_akm_map[]
Mapping between net80211 handshakers and 802.11i AKM IDs.
net80211_crypto_alg
An 802.11 data encryption algorithm.
void * data
Start of data.
u32 net80211_type
Value of net80211_crypto_alg or net80211_security_proto.
uint32_t end
Ending offset.
#define IEEE80211_RSN_VERSION
802.11 RSN IE: expected version number
enum net80211_crypto_alg sec80211_rsn_get_net80211_crypt(u32 desc)
Determine net80211 cryptosystem number from RSN descriptor.
#define table_end(table)
Get end of linker table.
int sec80211_detect(struct io_buffer *iob, enum net80211_security_proto *secprot, enum net80211_crypto_alg *crypt)
Detect the cryptosystem and handshaking protocol used by an 802.11 network.
Network protected with TKIP (better RC4-based system)
#define DBG(...)
Print a debugging message.
Interface to an 802.11 cryptosystem.
u8 * sec80211_find_rsn(union ieee80211_ie *ie, void *ie_end, int *is_rsn, u8 **end)
Find the RSN or WPA information element in the provided beacon frame.
#define NULL
NULL pointer (VOID *)
struct bofm_section_header done
if(natsemi->flags &NATSEMI_64BIT) return 1