net/wireless/lib80211_crypt_wep.c at v5.1-rc2

tjh.dev / kernel
fork
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork
kernel / net / wireless / lib80211_crypt_wep.c
at v5.1-rc2 285 lines 6.9 kB view raw
wrap content
  1/*
  2 * lib80211 crypt: host-based WEP encryption implementation for lib80211
  3 *
  4 * Copyright (c) 2002-2004, Jouni Malinen <j@w1.fi>
  5 * Copyright (c) 2008, John W. Linville <linville@tuxdriver.com>
  6 *
  7 * This program is free software; you can redistribute it and/or modify
  8 * it under the terms of the GNU General Public License version 2 as
  9 * published by the Free Software Foundation. See README and COPYING for
 10 * more details.
 11 */
 12
 13#include <linux/err.h>
 14#include <linux/module.h>
 15#include <linux/init.h>
 16#include <linux/slab.h>
 17#include <linux/random.h>
 18#include <linux/scatterlist.h>
 19#include <linux/skbuff.h>
 20#include <linux/mm.h>
 21#include <asm/string.h>
 22
 23#include <net/lib80211.h>
 24
 25#include <linux/crypto.h>
 26#include <linux/crc32.h>
 27
 28MODULE_AUTHOR("Jouni Malinen");
 29MODULE_DESCRIPTION("lib80211 crypt: WEP");
 30MODULE_LICENSE("GPL");
 31
 32struct lib80211_wep_data {
 33	u32 iv;
 34#define WEP_KEY_LEN 13
 35	u8 key[WEP_KEY_LEN + 1];
 36	u8 key_len;
 37	u8 key_idx;
 38	struct crypto_cipher *tx_tfm;
 39	struct crypto_cipher *rx_tfm;
 40};
 41
 42static void *lib80211_wep_init(int keyidx)
 43{
 44	struct lib80211_wep_data *priv;
 45
 46	priv = kzalloc(sizeof(*priv), GFP_ATOMIC);
 47	if (priv == NULL)
 48		goto fail;
 49	priv->key_idx = keyidx;
 50
 51	priv->tx_tfm = crypto_alloc_cipher("arc4", 0, 0);
 52	if (IS_ERR(priv->tx_tfm)) {
 53		priv->tx_tfm = NULL;
 54		goto fail;
 55	}
 56
 57	priv->rx_tfm = crypto_alloc_cipher("arc4", 0, 0);
 58	if (IS_ERR(priv->rx_tfm)) {
 59		priv->rx_tfm = NULL;
 60		goto fail;
 61	}
 62	/* start WEP IV from a random value */
 63	get_random_bytes(&priv->iv, 4);
 64
 65	return priv;
 66
 67      fail:
 68	if (priv) {
 69		crypto_free_cipher(priv->tx_tfm);
 70		crypto_free_cipher(priv->rx_tfm);
 71		kfree(priv);
 72	}
 73	return NULL;
 74}
 75
 76static void lib80211_wep_deinit(void *priv)
 77{
 78	struct lib80211_wep_data *_priv = priv;
 79	if (_priv) {
 80		crypto_free_cipher(_priv->tx_tfm);
 81		crypto_free_cipher(_priv->rx_tfm);
 82	}
 83	kfree(priv);
 84}
 85
 86/* Add WEP IV/key info to a frame that has at least 4 bytes of headroom */
 87static int lib80211_wep_build_iv(struct sk_buff *skb, int hdr_len,
 88			       u8 *key, int keylen, void *priv)
 89{
 90	struct lib80211_wep_data *wep = priv;
 91	u32 klen;
 92	u8 *pos;
 93
 94	if (skb_headroom(skb) < 4 || skb->len < hdr_len)
 95		return -1;
 96
 97	pos = skb_push(skb, 4);
 98	memmove(pos, pos + 4, hdr_len);
 99	pos += hdr_len;
100
101	klen = 3 + wep->key_len;
102
103	wep->iv++;
104
105	/* Fluhrer, Mantin, and Shamir have reported weaknesses in the key
106	 * scheduling algorithm of RC4. At least IVs (KeyByte + 3, 0xff, N)
107	 * can be used to speedup attacks, so avoid using them. */
108	if ((wep->iv & 0xff00) == 0xff00) {
109		u8 B = (wep->iv >> 16) & 0xff;
110		if (B >= 3 && B < klen)
111			wep->iv += 0x0100;
112	}
113
114	/* Prepend 24-bit IV to RC4 key and TX frame */
115	*pos++ = (wep->iv >> 16) & 0xff;
116	*pos++ = (wep->iv >> 8) & 0xff;
117	*pos++ = wep->iv & 0xff;
118	*pos++ = wep->key_idx << 6;
119
120	return 0;
121}
122
123/* Perform WEP encryption on given skb that has at least 4 bytes of headroom
124 * for IV and 4 bytes of tailroom for ICV. Both IV and ICV will be transmitted,
125 * so the payload length increases with 8 bytes.
126 *
127 * WEP frame payload: IV + TX key idx, RC4(data), ICV = RC4(CRC32(data))
128 */
129static int lib80211_wep_encrypt(struct sk_buff *skb, int hdr_len, void *priv)
130{
131	struct lib80211_wep_data *wep = priv;
132	u32 crc, klen, len;
133	u8 *pos, *icv;
134	u8 key[WEP_KEY_LEN + 3];
135	int i;
136
137	/* other checks are in lib80211_wep_build_iv */
138	if (skb_tailroom(skb) < 4)
139		return -1;
140
141	/* add the IV to the frame */
142	if (lib80211_wep_build_iv(skb, hdr_len, NULL, 0, priv))
143		return -1;
144
145	/* Copy the IV into the first 3 bytes of the key */
146	skb_copy_from_linear_data_offset(skb, hdr_len, key, 3);
147
148	/* Copy rest of the WEP key (the secret part) */
149	memcpy(key + 3, wep->key, wep->key_len);
150
151	len = skb->len - hdr_len - 4;
152	pos = skb->data + hdr_len + 4;
153	klen = 3 + wep->key_len;
154
155	/* Append little-endian CRC32 over only the data and encrypt it to produce ICV */
156	crc = ~crc32_le(~0, pos, len);
157	icv = skb_put(skb, 4);
158	icv[0] = crc;
159	icv[1] = crc >> 8;
160	icv[2] = crc >> 16;
161	icv[3] = crc >> 24;
162
163	crypto_cipher_setkey(wep->tx_tfm, key, klen);
164
165	for (i = 0; i < len + 4; i++)
166		crypto_cipher_encrypt_one(wep->tx_tfm, pos + i, pos + i);
167
168	return 0;
169}
170
171/* Perform WEP decryption on given buffer. Buffer includes whole WEP part of
172 * the frame: IV (4 bytes), encrypted payload (including SNAP header),
173 * ICV (4 bytes). len includes both IV and ICV.
174 *
175 * Returns 0 if frame was decrypted successfully and ICV was correct and -1 on
176 * failure. If frame is OK, IV and ICV will be removed.
177 */
178static int lib80211_wep_decrypt(struct sk_buff *skb, int hdr_len, void *priv)
179{
180	struct lib80211_wep_data *wep = priv;
181	u32 crc, klen, plen;
182	u8 key[WEP_KEY_LEN + 3];
183	u8 keyidx, *pos, icv[4];
184	int i;
185
186	if (skb->len < hdr_len + 8)
187		return -1;
188
189	pos = skb->data + hdr_len;
190	key[0] = *pos++;
191	key[1] = *pos++;
192	key[2] = *pos++;
193	keyidx = *pos++ >> 6;
194	if (keyidx != wep->key_idx)
195		return -1;
196
197	klen = 3 + wep->key_len;
198
199	/* Copy rest of the WEP key (the secret part) */
200	memcpy(key + 3, wep->key, wep->key_len);
201
202	/* Apply RC4 to data and compute CRC32 over decrypted data */
203	plen = skb->len - hdr_len - 8;
204
205	crypto_cipher_setkey(wep->rx_tfm, key, klen);
206	for (i = 0; i < plen + 4; i++)
207		crypto_cipher_decrypt_one(wep->rx_tfm, pos + i, pos + i);
208
209	crc = ~crc32_le(~0, pos, plen);
210	icv[0] = crc;
211	icv[1] = crc >> 8;
212	icv[2] = crc >> 16;
213	icv[3] = crc >> 24;
214	if (memcmp(icv, pos + plen, 4) != 0) {
215		/* ICV mismatch - drop frame */
216		return -2;
217	}
218
219	/* Remove IV and ICV */
220	memmove(skb->data + 4, skb->data, hdr_len);
221	skb_pull(skb, 4);
222	skb_trim(skb, skb->len - 4);
223
224	return 0;
225}
226
227static int lib80211_wep_set_key(void *key, int len, u8 * seq, void *priv)
228{
229	struct lib80211_wep_data *wep = priv;
230
231	if (len < 0 || len > WEP_KEY_LEN)
232		return -1;
233
234	memcpy(wep->key, key, len);
235	wep->key_len = len;
236
237	return 0;
238}
239
240static int lib80211_wep_get_key(void *key, int len, u8 * seq, void *priv)
241{
242	struct lib80211_wep_data *wep = priv;
243
244	if (len < wep->key_len)
245		return -1;
246
247	memcpy(key, wep->key, wep->key_len);
248
249	return wep->key_len;
250}
251
252static void lib80211_wep_print_stats(struct seq_file *m, void *priv)
253{
254	struct lib80211_wep_data *wep = priv;
255	seq_printf(m, "key[%d] alg=WEP len=%d\n", wep->key_idx, wep->key_len);
256}
257
258static struct lib80211_crypto_ops lib80211_crypt_wep = {
259	.name = "WEP",
260	.init = lib80211_wep_init,
261	.deinit = lib80211_wep_deinit,
262	.encrypt_mpdu = lib80211_wep_encrypt,
263	.decrypt_mpdu = lib80211_wep_decrypt,
264	.encrypt_msdu = NULL,
265	.decrypt_msdu = NULL,
266	.set_key = lib80211_wep_set_key,
267	.get_key = lib80211_wep_get_key,
268	.print_stats = lib80211_wep_print_stats,
269	.extra_mpdu_prefix_len = 4,	/* IV */
270	.extra_mpdu_postfix_len = 4,	/* ICV */
271	.owner = THIS_MODULE,
272};
273
274static int __init lib80211_crypto_wep_init(void)
275{
276	return lib80211_register_crypto_ops(&lib80211_crypt_wep);
277}
278
279static void __exit lib80211_crypto_wep_exit(void)
280{
281	lib80211_unregister_crypto_ops(&lib80211_crypt_wep);
282}
283
284module_init(lib80211_crypto_wep_init);
285module_exit(lib80211_crypto_wep_exit);
Configure Feed

Configure Feed
