From 6be5c5b31dc02a4f03bf8981291eaf6adfce5882 Mon Sep 17 00:00:00 2001 From: sam Date: Wed, 28 May 2008 23:25:36 +0000 Subject: Split s/w crypt/mic attributes to allow future hackery; this change should be a noop. --- sys/net80211/ieee80211_crypto.h | 10 ++++++++-- sys/net80211/ieee80211_crypto_ccmp.c | 6 +++--- sys/net80211/ieee80211_crypto_tkip.c | 8 ++++---- sys/net80211/ieee80211_crypto_wep.c | 4 ++-- sys/net80211/ieee80211_output.c | 2 +- 5 files changed, 18 insertions(+), 12 deletions(-) (limited to 'sys/net80211') diff --git a/sys/net80211/ieee80211_crypto.h b/sys/net80211/ieee80211_crypto.h index 999f139..c0ae068 100644 --- a/sys/net80211/ieee80211_crypto.h +++ b/sys/net80211/ieee80211_crypto.h @@ -78,8 +78,10 @@ struct ieee80211_key { #define IEEE80211_KEY_XMIT 0x01 /* key used for xmit */ #define IEEE80211_KEY_RECV 0x02 /* key used for recv */ #define IEEE80211_KEY_GROUP 0x04 /* key used for WPA group operation */ -#define IEEE80211_KEY_SWCRYPT 0x10 /* host-based encrypt/decrypt */ -#define IEEE80211_KEY_SWMIC 0x20 /* host-based enmic/demic */ +#define IEEE80211_KEY_SWENCRYPT 0x10 /* host-based encrypt */ +#define IEEE80211_KEY_SWDECRYPT 0x20 /* host-based decrypt */ +#define IEEE80211_KEY_SWENMIC 0x40 /* host-based enmic */ +#define IEEE80211_KEY_SWDEMIC 0x80 /* host-based demic */ ieee80211_keyix wk_keyix; /* h/w key index */ ieee80211_keyix wk_rxkeyix; /* optional h/w rx key index */ uint8_t wk_key[IEEE80211_KEYBUF_SIZE+IEEE80211_MICBUF_SIZE]; @@ -94,6 +96,10 @@ struct ieee80211_key { #define IEEE80211_KEY_COMMON /* common flags passed in by apps */\ (IEEE80211_KEY_XMIT | IEEE80211_KEY_RECV | IEEE80211_KEY_GROUP) +#define IEEE80211_KEY_SWCRYPT \ + (IEEE80211_KEY_SWENCRYPT | IEEE80211_KEY_SWDECRYPT) +#define IEEE80211_KEY_SWMIC (IEEE80211_KEY_SWENMIC | IEEE80211_KEY_SWDEMIC) + #define IEEE80211_KEYIX_NONE ((ieee80211_keyix) -1) /* diff --git a/sys/net80211/ieee80211_crypto_ccmp.c b/sys/net80211/ieee80211_crypto_ccmp.c index d3b1af5..bdaf7e3 100644 --- a/sys/net80211/ieee80211_crypto_ccmp.c +++ b/sys/net80211/ieee80211_crypto_ccmp.c @@ -129,7 +129,7 @@ ccmp_setkey(struct ieee80211_key *k) __func__, k->wk_keylen, 128/NBBY); return 0; } - if (k->wk_flags & IEEE80211_KEY_SWCRYPT) + if (k->wk_flags & IEEE80211_KEY_SWENCRYPT) rijndael_set_key(&ctx->cc_aes, k->wk_key, k->wk_keylen*NBBY); return 1; } @@ -170,7 +170,7 @@ ccmp_encap(struct ieee80211_key *k, struct mbuf *m, uint8_t keyid) /* * Finally, do software encrypt if neeed. */ - if ((k->wk_flags & IEEE80211_KEY_SWCRYPT) && + if ((k->wk_flags & IEEE80211_KEY_SWENCRYPT) && !ccmp_encrypt(k, m, hdrlen)) return 0; @@ -242,7 +242,7 @@ ccmp_decap(struct ieee80211_key *k, struct mbuf *m, int hdrlen) * latter we leave the header in place for use in the * decryption work. */ - if ((k->wk_flags & IEEE80211_KEY_SWCRYPT) && + if ((k->wk_flags & IEEE80211_KEY_SWDECRYPT) && !ccmp_decrypt(k, pn, m, hdrlen)) return 0; diff --git a/sys/net80211/ieee80211_crypto_tkip.c b/sys/net80211/ieee80211_crypto_tkip.c index 398246f..0e6bc78 100644 --- a/sys/net80211/ieee80211_crypto_tkip.c +++ b/sys/net80211/ieee80211_crypto_tkip.c @@ -196,7 +196,7 @@ tkip_encap(struct ieee80211_key *k, struct mbuf *m, uint8_t keyid) /* * Finally, do software encrypt if neeed. */ - if (k->wk_flags & IEEE80211_KEY_SWCRYPT) { + if (k->wk_flags & IEEE80211_KEY_SWENCRYPT) { if (!tkip_encrypt(ctx, k, m, hdrlen)) return 0; /* NB: tkip_encrypt handles wk_keytsc */ @@ -214,7 +214,7 @@ tkip_enmic(struct ieee80211_key *k, struct mbuf *m, int force) { struct tkip_ctx *ctx = k->wk_private; - if (force || (k->wk_flags & IEEE80211_KEY_SWMIC)) { + if (force || (k->wk_flags & IEEE80211_KEY_SWENMIC)) { struct ieee80211_frame *wh = mtod(m, struct ieee80211_frame *); struct ieee80211vap *vap = ctx->tc_vap; struct ieee80211com *ic = vap->iv_ic; @@ -302,7 +302,7 @@ tkip_decap(struct ieee80211_key *k, struct mbuf *m, int hdrlen) * If so we just strip the header; otherwise we need to * handle the decrypt in software. */ - if ((k->wk_flags & IEEE80211_KEY_SWCRYPT) && + if ((k->wk_flags & IEEE80211_KEY_SWDECRYPT) && !tkip_decrypt(ctx, k, m, hdrlen)) return 0; @@ -327,7 +327,7 @@ tkip_demic(struct ieee80211_key *k, struct mbuf *m, int force) uint8_t tid; wh = mtod(m, struct ieee80211_frame *); - if (force || (k->wk_flags & IEEE80211_KEY_SWMIC)) { + if ((k->wk_flags & IEEE80211_KEY_SWDEMIC) || force) { struct ieee80211vap *vap = ctx->tc_vap; int hdrlen = ieee80211_hdrspace(vap->iv_ic, wh); u8 mic[IEEE80211_WEP_MICLEN]; diff --git a/sys/net80211/ieee80211_crypto_wep.c b/sys/net80211/ieee80211_crypto_wep.c index df988a6..7eade59 100644 --- a/sys/net80211/ieee80211_crypto_wep.c +++ b/sys/net80211/ieee80211_crypto_wep.c @@ -186,7 +186,7 @@ wep_encap(struct ieee80211_key *k, struct mbuf *m, uint8_t keyid) /* * Finally, do software encrypt if neeed. */ - if ((k->wk_flags & IEEE80211_KEY_SWCRYPT) && + if ((k->wk_flags & IEEE80211_KEY_SWENCRYPT) && !wep_encrypt(k, m, hdrlen)) return 0; @@ -222,7 +222,7 @@ wep_decap(struct ieee80211_key *k, struct mbuf *m, int hdrlen) * If so we just strip the header; otherwise we need to * handle the decrypt in software. */ - if ((k->wk_flags & IEEE80211_KEY_SWCRYPT) && + if ((k->wk_flags & IEEE80211_KEY_SWDECRYPT) && !wep_decrypt(k, m, hdrlen)) { IEEE80211_NOTE_MAC(vap, IEEE80211_MSG_CRYPTO, wh->i_addr2, "%s", "WEP ICV mismatch on decrypt"); diff --git a/sys/net80211/ieee80211_output.c b/sys/net80211/ieee80211_output.c index cc2a911..c2d8681 100644 --- a/sys/net80211/ieee80211_output.c +++ b/sys/net80211/ieee80211_output.c @@ -717,7 +717,7 @@ ieee80211_mbuf_adjust(struct ieee80211vap *vap, int hdrsize, * a writable mbuf chain. * XXX handle SWMIC specially */ - if (key->wk_flags & (IEEE80211_KEY_SWCRYPT|IEEE80211_KEY_SWMIC)) { + if (key->wk_flags & (IEEE80211_KEY_SWENCRYPT|IEEE80211_KEY_SWENMIC)) { m = m_unshare(m, M_NOWAIT); if (m == NULL) { IEEE80211_DPRINTF(vap, IEEE80211_MSG_OUTPUT, -- cgit v1.1