61 #define CCMP_HEAD_LEN 8 64 #define CCMP_MIC_LEN 8 67 #define CCMP_NONCE_LEN 13 78 #define CCMP_AAD_LEN 22 92 #define CCMP_AAD_FC_MASK 0xC38F 95 #define CCMP_AAD_SEQ_MASK 0x000F 109 for ( i = 5; i >= 0; i-- ) {
130 u8 *pnp = pn + ( msb ? 5 : 0 );
131 int delta = ( msb ? -1 : +1 );
133 for ( i = 0; i < 6; i++ ) {
157 int keylen,
const void *
rsc )
188 const void *srcv,
void *destv,
int len,
189 const void *msrcv,
void *mdestv )
194 const u8 *
src = srcv, *msrc = msrcv;
195 u8 *
dest = destv, *mdest = mdestv;
205 for ( i = 0; i < 8; i++ ) {
206 *mdest++ = *msrc++ ^
S[i];
210 for ( ctr = 1 ;; ctr++ ) {
216 for ( i = 0; i <
len && i < 16; i++ )
241 for ( i = 0; i < 16; i++ )
263 const void *aad,
void *
mic )
282 memcpy ( B + 2, aad, 14 );
287 memcpy ( B, aad + 14, 8 );
375 DBGC2 (
ctx,
"WPA-CCMP %p: encrypted packet %p -> %p\n",
ctx,
399 u8 rx_pn[6], their_mic[8], our_mic[8];
416 DBGC (
ctx,
"WPA-CCMP %p: packet received out of order " 424 DBGC2 (
ctx,
"WPA-CCMP %p: RX packet number %012llx\n",
ctx,
ctx->rx_seq );
451 DBGC2 (
ctx,
"WPA-CCMP %p: decrypted packet %p -> %p\n",
ctx,
464 .priv_len =
sizeof (
struct ccmp_ctx ),
void hmac_init(struct digest_algorithm *digest, void *ctx, const void *key, size_t key_len)
Initialise HMAC.
u16 fc
Frame Control field.
#define EINVAL
Invalid argument.
pseudo_bit_t hash[0x00010]
Network protected with CCMP (AES-based system)
u8 kid
Key ID and ExtIV byte.
#define iob_put(iobuf, len)
void msg(unsigned int row, const char *fmt,...)
Print message centred on specified row.
static u64 pn_to_u64(const u8 *pn)
Convert 6-byte LSB packet number to 64-bit integer.
FILE_LICENCE(GPL2_OR_LATER)
struct golan_inbox_hdr hdr
Message header.
void free_iob(struct io_buffer *iobuf)
Free I/O buffer.
WPA handshake key integrity and encryption handler.
u8 kck[WPA_KCK_LEN]
EAPOL-Key Key Confirmation Key (KCK)
An 802.11 data or management frame without QoS or WDS header fields.
#define AES_CTX_SIZE
AES context size.
struct golan_eq_context ctx
struct cipher_algorithm aes_algorithm
Basic AES algorithm.
struct io_buffer * alloc_iob(size_t len)
Allocate I/O buffer.
static void u64_to_pn(u64 v, u8 *pn, int msb)
Convert 64-bit integer to 6-byte packet number.
static void ccmp_kie_mic(const void *kck, const void *msg, size_t len, void *mic)
Calculate HMAC-SHA1 MIC for EAPOL-Key frame.
u8 iv[16]
Initialization vector.
static void ccmp_cbc_mac(struct ccmp_ctx *ctx, const void *nonce, const void *data, u16 datalen, const void *aad, void *mic)
Calculate MIC on plaintext data using CBC-MAC.
struct io_buffer * ccmp_encrypt(struct net80211_crypto *crypto, struct io_buffer *iob)
Encapsulate and encrypt a packet using CCMP.
#define PN_MSB
Value for msb argument of u64_to_pn() for MSB output.
static u16 S(u16 v)
Perform S-box mapping on a 16-bit value.
#define cipher_encrypt(cipher, ctx, src, dst, len)
enum net80211_crypto_alg algorithm
The cryptographic algorithm implemented.
void * memcpy(void *dest, const void *src, size_t len) __nonnull
#define __unused
Declare a variable or data structure as unused.
Common definitions for all types of WPA-protected networks.
Keyed-Hashing for Message Authentication.
#define IEEE80211_TYP_FRAME_HEADER_LEN
Frame header length for frames we might work with.
u8 rsc[8]
Receive sequence counter for GTK.
u16 datalen
Length of the data field in bytes, network byte order.
static int ccmp_init(struct net80211_crypto *crypto, const void *key, int keylen, const void *rsc)
Initialise CCMP state and install key.
int version
Value of version bits in EAPOL-Key info field for which to use.
static void ccmp_feed_cbc_mac(void *aes_ctx, u8 *B, u8 *X)
Advance one block in CBC-MAC calculation.
#define CCMP_NONCE_LEN
CCMP nonce length.
#define IEEE80211_FC_PROTECTED
802.11 Frame Control field: Protected flag
#define CCMP_AAD_SEQ_MASK
Mask for Sequence Control field in AAD.
static void hmac_update(struct digest_algorithm *digest, void *ctx, const void *data, size_t len)
Update HMAC.
The iPXE 802.11 MAC layer.
Header structure at the beginning of CCMP frame data.
static size_t iob_len(struct io_buffer *iobuf)
Calculate length of data in an I/O buffer.
u8 kek[WPA_KEK_LEN]
EAPOL-Key Key Encryption Key (KEK)
#define CCMP_AAD_LEN
CCMP additional authentication data length (for non-QoS, non-WDS frames)
u64 rx_seq
Most recently received packet number.
u64 tx_seq
Most recently sent packet number.
#define CCMP_MIC_LEN
CCMP MIC trailer overhead.
static void ccmp_ctr_xor(struct ccmp_ctx *ctx, const void *nonce, const void *srcv, void *destv, int len, const void *msrcv, void *mdestv)
Encrypt or decrypt data stream using AES in Counter mode.
u8 a2[ETH_ALEN]
Address 2 from packet header (sender)
u8 aes_ctx[AES_CTX_SIZE]
AES context - only ever used for encryption.
u8 pn_lo[2]
Bytes 0 and 1 of packet number.
#define EAPOL_KEY_VERSION_WPA2
Key descriptor version field value for WPA2 (CCMP)
void * priv
Private data for the algorithm to store key and state info.
CCMP additional authentication data structure.
#define CCMP_HEAD_LEN
CCMP header overhead.
Context for CCMP encryption and decryption.
static struct io_buffer * ccmp_decrypt(struct net80211_crypto *crypto, struct io_buffer *eiob)
Decrypt a packet using CCMP.
void * data
Start of data.
struct wpa_kie ccmp_kie __wpa_kie
CCMP-style key integrity and encryption handler.
#define SHA1_CTX_SIZE
SHA-1 context size.
if(len >=6 *4) __asm__ __volatile__("movsl" if(len >=5 *4) __asm__ __volatile__("movsl" if(len >=4 *4) __asm__ __volatile__("movsl" if(len >=3 *4) __asm__ __volatile__("movsl" if(len >=2 *4) __asm__ __volatile__("movsl" if(len >=1 *4) __asm__ __volatile__("movsl" if((len % 4) >=2) __asm__ __volatile__("movsw" if((len % 2) >=1) __asm__ __volatile__("movsb" return dest
u16 seq
Sequence Control field.
uint8_t data[48]
Additional event data.
void hmac_final(struct digest_algorithm *digest, void *ctx, void *hmac)
Finalise HMAC.
#define CCMP_AAD_FC_MASK
Mask for Frame Control field in AAD.
static int ccmp_kie_decrypt(const void *kek, const void *iv __unused, void *msg, u16 *len)
Decrypt key data in EAPOL-Key frame.
u8 prio
Packet priority, 0 for non-QoS.
int aes_unwrap(const void *kek, const void *src, void *dest, int nblk)
Unwrap a key or other data using AES Key Wrap (RFC 3394)
Interface to an 802.11 cryptosystem.
struct net80211_crypto ccmp_crypto __net80211_crypto
CCMP cryptosystem.
int memcmp(const void *first, const void *second, size_t len)
Compare memory regions.
u8 mic[16]
Message integrity code over the entire EAPOL frame.
#define NULL
NULL pointer (VOID *)
static int cipher_setkey(struct cipher_algorithm *cipher, void *ctx, const void *key, size_t keylen)
struct digest_algorithm sha1_algorithm
SHA-1 algorithm.
#define PN_LSB
Value for msb argument of u64_to_pn() for LSB output.
void * memset(void *dest, int character, size_t len) __nonnull
u8 pn_hi[4]
Bytes 2-5 (2 first) of packet number.