sysadmin/ipxe
1
0
Fork 0
mirror of https://github.com/ipxe/ipxe synced 2025-12-19 11:00:27 +03:00
Code Issues Packages Projects Releases Wiki Activity

[802.11] Add core support for detecting and using encrypted networks

Browse Source 
Signed-off-by: Marty Connor <mdc@etherboot.org>
This commit is contained in:
Joshua Oreman
2009-08-07 22:03:30 -07:00
committed by Marty Connor
parent 8d08da3a99
commit dd8a3e2e70
6 changed files with 1130 additions and 206 deletions
Download Patch File Download Diff File Expand all files Collapse all files

313
src/net/80211/net80211.c
View File

@@ -29,6 +29,7 @@ FILE_LICENCE ( GPL2_OR_LATER );
#include <gpxe/ieee80211.h>
#include <gpxe/netdevice.h>
#include <gpxe/net80211.h>
#include <gpxe/sec80211.h>
#include <gpxe/timer.h>
#include <gpxe/nap.h>
#include <unistd.h>
@@ -188,7 +189,8 @@ static void net80211_handle_auth ( struct net80211_device *dev,
struct io_buffer *iob );
static void net80211_handle_assoc_reply ( struct net80211_device *dev,
struct io_buffer *iob );
static int net80211_send_disassoc ( struct net80211_device *dev, int reason );
static int net80211_send_disassoc ( struct net80211_device *dev, int reason,
int deauth );
static void net80211_handle_mgmt ( struct net80211_device *dev,
struct io_buffer *iob, int signal );
/** @} */
@@ -208,15 +210,16 @@ static void net80211_rx_frag ( struct net80211_device *dev,
* @defgroup net80211_settings 802.11 settings handlers
* @{
*/
static int net80211_check_ssid_update ( void );
static int net80211_check_settings_update ( void );
/** 802.11 settings applicator
*
* When the SSID is changed, this will cause any open devices to
* re-associate.
* re-associate; when the encryption key is changed, we similarly
* update their state.
*/
struct settings_applicator net80211_ssid_applicator __settings_applicator = {
.apply = net80211_check_ssid_update,
struct settings_applicator net80211_applicator __settings_applicator = {
.apply = net80211_check_settings_update,
};
/** The network name to associate with
@@ -242,6 +245,18 @@ struct setting net80211_active_setting __setting = {
.type = &setting_type_int8,
};
/** The cryptographic key to use
*
* For hex WEP keys, as is common, this must be entered using the
* normal gPXE method for entering hex settings; an ASCII string of
* hex characters will not behave as expected.
*/
struct setting net80211_key_setting __setting = {
.name = "key",
.description = "Encryption key for protected 802.11 networks",
.type = &setting_type_string,
};
/** @} */
@@ -294,7 +309,16 @@ static void net80211_netdev_close ( struct net_device *netdev )
/* Send disassociation frame to AP, to be polite */
if ( dev->state & NET80211_ASSOCIATED )
net80211_send_disassoc ( dev, IEEE80211_REASON_LEAVING );
net80211_send_disassoc ( dev, IEEE80211_REASON_LEAVING, 0 );
if ( dev->handshaker && dev->handshaker->stop &&
dev->handshaker->started )
dev->handshaker->stop ( dev );
free ( dev->crypto );
free ( dev->handshaker );
dev->crypto = NULL;
dev->handshaker = NULL;
netdev_link_down ( netdev );
dev->state = 0;
@@ -317,16 +341,25 @@ static int net80211_netdev_transmit ( struct net_device *netdev,
struct io_buffer *iobuf )
{
struct net80211_device *dev = netdev->priv;
struct ieee80211_frame *hdr = iobuf->data;
int rc = -ENOSYS;
if ( dev->crypto ) {
if ( dev->crypto && ! ( hdr->fc & IEEE80211_FC_PROTECTED ) &&
( ( hdr->fc & IEEE80211_FC_TYPE ) == IEEE80211_TYPE_DATA ) ) {
struct io_buffer *niob = dev->crypto->encrypt ( dev->crypto,
iobuf );
if ( ! niob )
return -ENOMEM; /* only reason encryption could fail */
free_iob ( iobuf );
iobuf = niob;
/* Free the non-encrypted iob */
netdev_tx_complete ( netdev, iobuf );
/* Transmit the encrypted iob; the Protected flag is
set, so we won't recurse into here again */
netdev_tx ( netdev, niob );
/* Don't transmit the freed packet */
return 0;
}
if ( dev->op->transmit )
@@ -482,7 +515,7 @@ static int net80211_ll_push ( struct net_device *netdev,
( void * ) hdr + IEEE80211_TYP_FRAME_HEADER_LEN;
/* We can't send data packets if we're not associated. */
if ( ! netdev_link_ok ( netdev ) ) {
if ( ! ( dev->state & NET80211_ASSOCIATED ) ) {
if ( dev->assoc_rc )
return dev->assoc_rc;
return -ENETUNREACH;
@@ -1032,7 +1065,7 @@ static int net80211_process_ie ( struct net80211_device *dev,
int changed = 0;
int band = dev->channels[dev->channel].band;
if ( ( void * ) ie >= ie_end )
if ( ! ieee80211_ie_bound ( ie, ie_end ) )
return 0;
for ( ; ie; ie = ieee80211_next_ie ( ie, ie_end ) ) {
@@ -1103,10 +1136,6 @@ static int net80211_process_ie ( struct net80211_device *dev,
if ( ! ( ie->erp_info & IEEE80211_ERP_BARKER_LONG ) )
dev->phy_flags |= NET80211_PHY_USE_SHORT_PREAMBLE;
break;
case IEEE80211_IE_RSN:
/* XXX need to implement WPA stuff */
break;
}
}
@@ -1140,10 +1169,20 @@ static int net80211_process_ie ( struct net80211_device *dev,
exist, so insertion sort works well. */
for ( i = 1; i < dev->nr_rates; i++ ) {
u16 rate = dev->rates[i];
u32 tmp, br, mask;
for ( j = i - 1; j >= 0 && dev->rates[j] >= rate; j-- )
dev->rates[j + 1] = dev->rates[j];
dev->rates[j + 1] = rate;
/* Adjust basic_rates to match by rotating the
bits from bit j+1 to bit i left one position. */
mask = ( ( 1 << i ) - 1 ) & ~( ( 1 << ( j + 1 ) ) - 1 );
br = dev->basic_rates;
tmp = br & ( 1 << i );
br = ( br & ~( mask | tmp ) ) | ( ( br & mask ) << 1 );
br |= ( tmp >> ( i - j - 1 ) );
dev->basic_rates = br;
}
net80211_set_rtscts_rate ( dev );
@@ -1187,28 +1226,42 @@ net80211_marshal_request_info ( struct net80211_device *dev,
ie->id = IEEE80211_IE_RATES;
ie->len = dev->nr_rates;
if ( ie->len > 8 )
ie->len = 8;
for ( i = 0; i < ie->len; i++ ) {
ie->rates[i] = dev->rates[i] / 5;
if ( dev->basic_rates & ( 1 << i ) )
ie->rates[i] |= 0x80;
}
if ( ie->len > 8 ) {
/* 802.11 requires we use an Extended Basic Rates IE
for the rates beyond the eighth. */
int rates = ie->len;
memmove ( ( void * ) ie + 2 + 8 + 2, ( void * ) ie + 2 + 8,
rates - 8 );
ie->len = 8;
ie = ieee80211_next_ie ( ie, NULL );
if ( dev->rsn_ie && dev->rsn_ie->id == IEEE80211_IE_RSN ) {
memcpy ( ie, dev->rsn_ie, dev->rsn_ie->len + 2 );
ie = ieee80211_next_ie ( ie, NULL );
ie->id = IEEE80211_IE_EXT_RATES;
ie->len = rates - 8;
}
ie = ieee80211_next_ie ( ie, NULL );
if ( dev->nr_rates > 8 ) {
/* 802.11 requires we use an Extended Basic Rates IE
for the rates beyond the eighth. */
ie->id = IEEE80211_IE_EXT_RATES;
ie->len = dev->nr_rates - 8;
for ( ; i < dev->nr_rates; i++ ) {
ie->rates[i - 8] = dev->rates[i] / 5;
if ( dev->basic_rates & ( 1 << i ) )
ie->rates[i - 8] |= 0x80;
}
ie = ieee80211_next_ie ( ie, NULL );
}
if ( dev->rsn_ie && dev->rsn_ie->id == IEEE80211_IE_VENDOR ) {
memcpy ( ie, dev->rsn_ie, dev->rsn_ie->len + 2 );
ie = ieee80211_next_ie ( ie, NULL );
}
return ie;
}
@@ -1275,13 +1328,6 @@ struct net80211_probe_ctx * net80211_probe_start ( struct net80211_device *dev,
ie = net80211_marshal_request_info ( dev,
probe_req->info_element );
ie->id = IEEE80211_IE_REQUEST;
ie->len = 3;
ie->request[0] = IEEE80211_IE_COUNTRY;
ie->request[1] = IEEE80211_IE_ERP_INFO;
ie->request[2] = IEEE80211_IE_RSN;
ie = ieee80211_next_ie ( ie, NULL );
iob_put ( ctx->probe, ( void * ) ie - ctx->probe->data );
}
@@ -1404,6 +1450,10 @@ int net80211_probe_step ( struct net80211_probe_ctx *ctx )
}
ie = beacon->info_element;
if ( ! ieee80211_ie_bound ( ie, iob->tail ) )
ie = NULL;
while ( ie && ie->id != IEEE80211_IE_SSID )
ie = ieee80211_next_ie ( ie, iob->tail );
@@ -1459,10 +1509,27 @@ int net80211_probe_step ( struct net80211_probe_ctx *ctx )
memcpy ( iob_put ( wlan->beacon, iob_len ( iob ) ),
iob->data, iob_len ( iob ) );
/* XXX actually check capab and RSN ie to
figure this out */
wlan->handshaking = NET80211_SECPROT_NONE;
wlan->crypto = NET80211_CRYPT_NONE;
if ( ( rc = sec80211_detect ( wlan->beacon, &wlan->handshaking,
&wlan->crypto ) ) == -ENOTSUP ) {
struct ieee80211_beacon *beacon =
( struct ieee80211_beacon * ) hdr->data;
if ( beacon->capability & IEEE80211_CAPAB_PRIVACY ) {
DBG ( "802.11 %p probe: secured network %s but "
"encryption support not compiled in\n",
dev, wlan->essid );
wlan->handshaking = NET80211_SECPROT_UNKNOWN;
wlan->crypto = NET80211_CRYPT_UNKNOWN;
} else {
wlan->handshaking = NET80211_SECPROT_NONE;
wlan->crypto = NET80211_CRYPT_NONE;
}
} else if ( rc != 0 ) {
DBGC ( dev, "802.11 %p probe warning: network "
"%s with unidentifiable security "
"settings: %s\n", dev, wlan->essid,
strerror ( rc ) );
}
ctx->ticks_beacon = now;
@@ -1739,6 +1806,14 @@ static void net80211_step_associate ( struct process *proc )
DBGC ( dev, "802.11 %p associating\n", dev );
if ( dev->handshaker && dev->handshaker->start &&
! dev->handshaker->started ) {
rc = dev->handshaker->start ( dev );
if ( rc < 0 )
goto fail;
dev->handshaker->started = 1;
}
rc = net80211_send_assoc ( dev, dev->associating );
if ( rc )
goto fail;
@@ -1750,9 +1825,29 @@ static void net80211_step_associate ( struct process *proc )
/* state: crypto sync */
DBGC ( dev, "802.11 %p security handshaking\n", dev );
dev->state |= NET80211_CRYPTO_SYNCED;
/* XXX need to actually do something here once we
support WPA */
if ( ! dev->handshaker || ! dev->handshaker->step ) {
dev->state |= NET80211_CRYPTO_SYNCED;
return;
}
rc = dev->handshaker->step ( dev );
if ( rc < 0 ) {
/* Only record the returned error if we're
still marked as associated, because an
asynchronous error will have already been
reported to net80211_deauthenticate() and
assoc_rc thereby set. */
if ( dev->state & NET80211_ASSOCIATED )
dev->assoc_rc = rc;
rc = 0;
goto fail;
}
if ( rc > 0 ) {
dev->assoc_rc = 0;
dev->state |= NET80211_CRYPTO_SYNCED;
}
return;
}
@@ -1804,27 +1899,36 @@ static void net80211_step_associate ( struct process *proc )
}
/**
* Check for 802.11 SSID updates
* Check for 802.11 SSID or key updates
*
* This acts as a settings applicator; if the user changes netX/ssid,
* and netX is currently open, the association task will be invoked
* again.
* again. If the user changes the encryption key, the current security
* handshaker will be asked to update its state to match; if that is
* impossible without reassociation, we reassociate.
*/
static int net80211_check_ssid_update ( void )
static int net80211_check_settings_update ( void )
{
struct net80211_device *dev;
char ssid[IEEE80211_MAX_SSID_LEN + 1];
int key_reassoc;
list_for_each_entry ( dev, &net80211_devices, list ) {
if ( ! ( dev->netdev->state & NETDEV_OPEN ) )
continue;
key_reassoc = 0;
if ( dev->handshaker && dev->handshaker->change_key &&
dev->handshaker->change_key ( dev ) < 0 )
key_reassoc = 1;
fetch_string_setting ( netdev_settings ( dev->netdev ),
&net80211_ssid_setting, ssid,
IEEE80211_MAX_SSID_LEN + 1 );
if ( strcmp ( ssid, dev->essid ) != 0 &&
! ( ! ssid[0] && ( dev->state & NET80211_AUTO_SSID ) ) ) {
if ( key_reassoc ||
( ! ( ! ssid[0] && ( dev->state & NET80211_AUTO_SSID ) ) &&
strcmp ( ssid, dev->essid ) != 0 ) ) {
DBGC ( dev, "802.11 %p updating association: "
"%s -> %s\n", dev, dev->essid, ssid );
net80211_autoassociate ( dev );
@@ -1846,6 +1950,8 @@ void net80211_autoassociate ( struct net80211_device *dev )
if ( ! ( dev->state & NET80211_WORKING ) ) {
DBGC2 ( dev, "802.11 %p spawning association process\n", dev );
process_add ( &dev->proc_assoc );
} else {
DBGC2 ( dev, "802.11 %p restarting association\n", dev );
}
/* Clean up everything an earlier association process might
@@ -1865,6 +1971,7 @@ void net80211_autoassociate ( struct net80211_device *dev )
IEEE80211_MAX_SSID_LEN + 1 );
dev->ctx.probe = NULL;
dev->associating = NULL;
dev->assoc_rc = 0;
net80211_set_state ( dev, NET80211_PROBED, NET80211_WORKING, 0 );
}
@@ -2020,6 +2127,7 @@ int net80211_prepare_assoc ( struct net80211_device *dev,
struct ieee80211_frame *hdr = wlan->beacon->data;
struct ieee80211_beacon *beacon =
( struct ieee80211_beacon * ) hdr->data;
struct net80211_handshaker *handshaker;
int rc;
assert ( dev->netdev->state & NETDEV_OPEN );
@@ -2028,11 +2136,12 @@ int net80211_prepare_assoc ( struct net80211_device *dev,
memcpy ( dev->bssid, wlan->bssid, ETH_ALEN );
strcpy ( dev->essid, wlan->essid );
free ( dev->rsn_ie );
dev->rsn_ie = NULL;
dev->last_beacon_timestamp = beacon->timestamp;
dev->tx_beacon_interval = 1024 * beacon->beacon_interval;
/* XXX do crypto setup here */
/* Barring an IE that tells us the channel outright, assume
the channel we heard this AP best on is the channel it's
communicating on. */
@@ -2051,6 +2160,46 @@ int net80211_prepare_assoc ( struct net80211_device *dev,
dev->rate = 0;
dev->op->config ( dev, NET80211_CFG_RATE );
/* Free old handshaker and crypto, if they exist */
if ( dev->handshaker && dev->handshaker->stop &&
dev->handshaker->started )
dev->handshaker->stop ( dev );
free ( dev->handshaker );
dev->handshaker = NULL;
free ( dev->crypto );
free ( dev->gcrypto );
dev->crypto = dev->gcrypto = NULL;
/* Find new security handshaker to use */
for_each_table_entry ( handshaker, NET80211_HANDSHAKERS ) {
if ( handshaker->protocol == wlan->handshaking ) {
dev->handshaker = zalloc ( sizeof ( *handshaker ) +
handshaker->priv_len );
if ( ! dev->handshaker )
return -ENOMEM;
memcpy ( dev->handshaker, handshaker,
sizeof ( *handshaker ) );
dev->handshaker->priv = ( ( void * ) dev->handshaker +
sizeof ( *handshaker ) );
break;
}
}
if ( ( wlan->handshaking != NET80211_SECPROT_NONE ) &&
! dev->handshaker ) {
DBGC ( dev, "802.11 %p no support for handshaking scheme %d\n",
dev, wlan->handshaking );
return -( ENOTSUP | ( wlan->handshaking << 8 ) );
}
/* Initialize security handshaker */
if ( dev->handshaker ) {
rc = dev->handshaker->init ( dev );
if ( rc < 0 )
return rc;
}
return 0;
}
@@ -2091,8 +2240,8 @@ int net80211_send_auth ( struct net80211_device *dev,
*
* If the authentication method being used is Shared Key, and the
* frame that was received included challenge text, the frame is
* encrypted using the cryptographic algorithm currently in effect and
* sent back to the AP to complete the authentication.
* encrypted using the cryptosystem currently in effect and sent back
* to the AP to complete the authentication.
*/
static void net80211_handle_auth ( struct net80211_device *dev,
struct io_buffer *iob )
@@ -2181,8 +2330,6 @@ int net80211_send_assoc ( struct net80211_device *dev,
DBGP ( "802.11 %p about to send association request:\n", dev );
DBGP_HD ( iob->data, ( void * ) ie - iob->data );
/* XXX add RSN ie for WPA support */
iob_put ( iob, ( void * ) ie - iob->data );
return net80211_tx_mgmt ( dev, IEEE80211_STYPE_ASSOC_REQ,
@@ -2227,9 +2374,11 @@ static void net80211_handle_assoc_reply ( struct net80211_device *dev,
*
* @v dev 802.11 device
* @v reason Reason for disassociation
* @v deauth If TRUE, send deauthentication instead of disassociation
* @ret rc Return status code
*/
static int net80211_send_disassoc ( struct net80211_device *dev, int reason )
static int net80211_send_disassoc ( struct net80211_device *dev, int reason,
int deauth )
{
struct io_buffer *iob = alloc_iob ( 64 );
struct ieee80211_disassoc *disassoc;
@@ -2242,8 +2391,28 @@ static int net80211_send_disassoc ( struct net80211_device *dev, int reason )
disassoc = iob_put ( iob, sizeof ( *disassoc ) );
disassoc->reason = reason;
return net80211_tx_mgmt ( dev, IEEE80211_STYPE_DISASSOC, dev->bssid,
iob );
return net80211_tx_mgmt ( dev, deauth ? IEEE80211_STYPE_DEAUTH :
IEEE80211_STYPE_DISASSOC, dev->bssid, iob );
}
/**
* Deauthenticate from current network and try again
*
* @v dev 802.11 device
* @v rc Return status code indicating reason
*
* The deauthentication will be sent using an 802.11 "unspecified
* reason", as is common, but @a rc will be set as a link-up
* error to aid the user in debugging.
*/
void net80211_deauthenticate ( struct net80211_device *dev, int rc )
{
net80211_send_disassoc ( dev, IEEE80211_REASON_UNSPECIFIED, 1 );
dev->assoc_rc = rc;
netdev_link_err ( dev->netdev, rc );
net80211_autoassociate ( dev );
}
@@ -2557,14 +2726,29 @@ void net80211_rx ( struct net80211_device *dev, struct io_buffer *iob,
iob_unput ( iob, 4 );
}
if ( hdr->fc & IEEE80211_FC_PROTECTED ) {
/* Only decrypt packets from our BSSID, to avoid spurious errors */
if ( ( hdr->fc & IEEE80211_FC_PROTECTED ) &&
! memcmp ( hdr->addr2, dev->bssid, ETH_ALEN ) ) {
/* Decrypt packet; record and drop if it fails */
struct io_buffer *niob;
if ( ! dev->crypto )
goto drop; /* can't decrypt packets on an open network */
struct net80211_crypto *crypto = dev->crypto;
niob = dev->crypto->decrypt ( dev->crypto, iob );
if ( ! niob )
goto drop; /* drop failed decryption */
if ( ! dev->crypto ) {
DBGC ( dev, "802.11 %p cannot decrypt packet "
"without a cryptosystem\n", dev );
goto drop_crypt;
}
if ( ( hdr->addr1[0] & 1 ) && dev->gcrypto ) {
/* Use group decryption if needed */
crypto = dev->gcrypto;
}
niob = crypto->decrypt ( crypto, iob );
if ( ! niob ) {
DBGC ( dev, "802.11 %p decryption error\n", dev );
goto drop_crypt;
}
free_iob ( iob );
iob = niob;
}
@@ -2593,11 +2777,16 @@ void net80211_rx ( struct net80211_device *dev, struct io_buffer *iob,
rc80211_update_rx ( dev, hdr->fc & IEEE80211_FC_RETRY, rate );
/* Pass packet onward */
if ( netdev_link_ok ( dev->netdev ) ) {
if ( dev->state & NET80211_ASSOCIATED ) {
netdev_rx ( dev->netdev, iob );
return;
}
/* No association? Drop it. */
goto drop;
drop_crypt:
netdev_rx_err ( dev->netdev, NULL, EINVAL_CRYPTO_REQUEST );
drop:
DBGC2 ( dev, "802.11 %p dropped packet fc=%04x seq=%04x\n", dev,
hdr->fc, hdr->seq );

503
src/net/80211/sec80211.c Normal file
View File

@@ -0,0 +1,503 @@
/*
* Copyright (c) 2009 Joshua Oreman <oremanj@rwcr.net>.
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License as
* published by the Free Software Foundation; either version 2 of the
* License, or any later version.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
FILE_LICENCE ( GPL2_OR_LATER );
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <gpxe/ieee80211.h>
#include <gpxe/net80211.h>
#include <gpxe/sec80211.h>
/** @file
*
* General secured-network routines required whenever any secure
* network support at all is compiled in. This involves things like
* installing keys, determining the type of security used by a probed
* network, and some small helper functions that take advantage of
* static data in this file.
*/
/** Mapping from net80211 crypto/secprot types to RSN OUI descriptors */
struct descriptor_map {
/** Value of net80211_crypto_alg or net80211_security_proto */
u32 net80211_type;
/** OUI+type in appropriate byte order, masked to exclude vendor */
u32 oui_type;
};
/** Magic number in @a oui_type showing end of list */
#define END_MAGIC 0xFFFFFFFF
/** Mapping between net80211 cryptosystems and 802.11i cipher IDs */
static struct descriptor_map rsn_cipher_map[] = {
{ .net80211_type = NET80211_CRYPT_WEP,
.oui_type = IEEE80211_RSN_CTYPE_WEP40 },
{ .net80211_type = NET80211_CRYPT_WEP,
.oui_type = IEEE80211_RSN_CTYPE_WEP104 },
{ .net80211_type = NET80211_CRYPT_TKIP,
.oui_type = IEEE80211_RSN_CTYPE_TKIP },
{ .net80211_type = NET80211_CRYPT_CCMP,
.oui_type = IEEE80211_RSN_CTYPE_CCMP },
{ .net80211_type = NET80211_CRYPT_UNKNOWN,
.oui_type = END_MAGIC },
};
/** Mapping between net80211 handshakers and 802.11i AKM IDs */
static struct descriptor_map rsn_akm_map[] = {
{ .net80211_type = NET80211_SECPROT_EAP,
.oui_type = IEEE80211_RSN_ATYPE_8021X },
{ .net80211_type = NET80211_SECPROT_PSK,
.oui_type = IEEE80211_RSN_ATYPE_PSK },
{ .net80211_type = NET80211_SECPROT_UNKNOWN,
.oui_type = END_MAGIC },
};
/**
* Install 802.11 cryptosystem
*
* @v which Pointer to the cryptosystem structure to install in
* @v crypt Cryptosystem ID number
* @v key Encryption key to use
* @v len Length of encryption key
* @v rsc Initial receive sequence counter, if applicable
* @ret rc Return status code
*
* The encryption key will not be accessed via the provided pointer
* after this function returns, so you may keep it on the stack.
*
* @a which must point to either @c dev->crypto (for the normal case
* of installing a unicast cryptosystem) or @c dev->gcrypto (to
* install a cryptosystem that will be used only for decrypting
* group-source frames).
*/
int sec80211_install ( struct net80211_crypto **which,
enum net80211_crypto_alg crypt,
const void *key, int len, const void *rsc )
{
struct net80211_crypto *crypto = *which;
struct net80211_crypto *tbl_crypto;
/* Remove old crypto if it exists */
free ( *which );
*which = NULL;
if ( crypt == NET80211_CRYPT_NONE ) {
DBG ( "802.11-Sec not installing null cryptography\n" );
return 0;
}
/* Find cryptosystem to use */
for_each_table_entry ( tbl_crypto, NET80211_CRYPTOS ) {
if ( tbl_crypto->algorithm == crypt ) {
crypto = zalloc ( sizeof ( *crypto ) +
tbl_crypto->priv_len );
if ( ! crypto ) {
DBG ( "802.11-Sec out of memory\n" );
return -ENOMEM;
}
memcpy ( crypto, tbl_crypto, sizeof ( *crypto ) );
crypto->priv = ( ( void * ) crypto +
sizeof ( *crypto ) );
break;
}
}
if ( ! crypto ) {
DBG ( "802.11-Sec no support for cryptosystem %d\n", crypt );
return -( ENOTSUP | EUNIQ_10 | ( crypt << 8 ) );
}
*which = crypto;
DBG ( "802.11-Sec installing cryptosystem %d as %p with key of "
"length %d\n", crypt, crypto, len );
return crypto->init ( crypto, key, len, rsc );
}
/**
* Determine net80211 crypto or handshaking type value to return for RSN info
*
* @v rsnp Pointer to next descriptor count field in RSN IE
* @v rsn_end Pointer to end of RSN IE
* @v map Descriptor map to use
* @v tbl_start Start of linker table to examine for gPXE support
* @v tbl_end End of linker table to examine for gPXE support
* @ret rsnp Updated to point to first byte after descriptors
* @ret map_ent Descriptor map entry of translation to use
*
* The entries in the linker table must be either net80211_crypto or
* net80211_handshaker structures, and @a tbl_stride must be set to
* sizeof() the appropriate one.
*
* This function expects @a rsnp to point at a two-byte descriptor
* count followed by a list of four-byte cipher or AKM descriptors; it
* will return @c NULL if the input packet is malformed, and otherwise
* set @a rsnp to the first byte it has not looked at. It will return
* the first cipher in the list that is supported by the current build
* of gPXE, or the first of all if none are supported.
*
* We play rather fast and loose with type checking, because this
* function is only called from two well-defined places in the
* RSN-checking code. Don't try to use it for anything else.
*/
static struct descriptor_map * rsn_pick_desc ( u8 **rsnp, u8 *rsn_end,
struct descriptor_map *map,
void *tbl_start, void *tbl_end )
{
int ndesc;
int ok = 0;
struct descriptor_map *map_ent, *map_ret = NULL;
u8 *rsn = *rsnp;
void *tblp;
size_t tbl_stride = ( map == rsn_cipher_map ?
sizeof ( struct net80211_crypto ) :
sizeof ( struct net80211_handshaker ) );
if ( map != rsn_cipher_map && map != rsn_akm_map )
return NULL;
/* Determine which types we support */
for ( tblp = tbl_start; tblp < tbl_end; tblp += tbl_stride ) {
struct net80211_crypto *crypto = tblp;
struct net80211_handshaker *hs = tblp;
if ( map == rsn_cipher_map )
ok |= ( 1 << crypto->algorithm );
else
ok |= ( 1 << hs->protocol );
}
/* RSN sanity checks */
if ( rsn + 2 > rsn_end ) {
DBG ( "RSN detect: malformed descriptor count\n" );
return NULL;
}
ndesc = *( u16 * ) rsn;
rsn += 2;
if ( ! ndesc ) {
DBG ( "RSN detect: no descriptors\n" );
return NULL;
}
/* Determine which net80211 crypto types are listed */
while ( ndesc-- ) {
u32 desc;
if ( rsn + 4 > rsn_end ) {
DBG ( "RSN detect: malformed descriptor (%d left)\n",
ndesc );
return NULL;
}
desc = *( u32 * ) rsn;
rsn += 4;
for ( map_ent = map; map_ent->oui_type != END_MAGIC; map_ent++ )
if ( map_ent->oui_type == ( desc & OUI_TYPE_MASK ) )
break;
/* Use first cipher as a fallback */
if ( ! map_ret )
map_ret = map_ent;
/* Once we find one we support, use it */
if ( ok & ( 1 << map_ent->net80211_type ) ) {
map_ret = map_ent;
break;
}
}
if ( ndesc > 0 )
rsn += 4 * ndesc;
*rsnp = rsn;
return map_ret;
}
/**
* Find the RSN or WPA information element in the provided beacon frame
*
* @v ie Pointer to first information element to check
* @v ie_end Pointer to end of information element space
* @ret is_rsn TRUE if returned IE is RSN, FALSE if it's WPA
* @ret end Pointer to byte immediately after last byte of data
* @ret data Pointer to first byte of data (the `version' field)
*
* If both an RSN and a WPA information element are found, this
* function will return the first one seen, which by ordering rules
* should always prefer the newer RSN IE.
*
* If no RSN or WPA infomration element is found, returns @c NULL and
* leaves @a is_rsn and @a end in an undefined state.
*
* This function will not return a pointer to an information element
* that states it extends past the tail of the io_buffer, or whose @a
* version field is incorrect.
*/
u8 * sec80211_find_rsn ( union ieee80211_ie *ie, void *ie_end,
int *is_rsn, u8 **end )
{
u8 *rsn = NULL;
if ( ! ieee80211_ie_bound ( ie, ie_end ) )
return NULL;
while ( ie ) {
if ( ie->id == IEEE80211_IE_VENDOR &&
ie->vendor.oui == IEEE80211_WPA_OUI_VEN ) {
DBG ( "RSN detect: old-style WPA IE found\n" );
rsn = &ie->vendor.data[0];
*end = rsn + ie->len - 4;
*is_rsn = 0;
} else if ( ie->id == IEEE80211_IE_RSN ) {
DBG ( "RSN detect: 802.11i RSN IE found\n" );
rsn = ( u8 * ) &ie->rsn.version;
*end = rsn + ie->len;
*is_rsn = 1;
}
if ( rsn && ( *end > ( u8 * ) ie_end || rsn >= *end ||
*( u16 * ) rsn != IEEE80211_RSN_VERSION ) ) {
DBG ( "RSN detect: malformed RSN IE or unknown "
"version, keep trying\n" );
rsn = NULL;
}
if ( rsn )
break;
ie = ieee80211_next_ie ( ie, ie_end );
}
if ( ! ie ) {
DBG ( "RSN detect: no RSN IE found\n" );
return NULL;
}
return rsn;
}
/**
* Detect crypto and AKM types from RSN information element
*
* @v is_rsn If TRUE, IE is a new-style RSN information element
* @v start Pointer to first byte of @a version field
* @v end Pointer to first byte not in the RSN IE
* @ret secprot Security handshaking protocol used by network
* @ret crypt Cryptosystem used by network
* @ret rc Return status code
*
* If the IE cannot be parsed, returns an error indication and leaves
* @a secprot and @a crypt unchanged.
*/
int sec80211_detect_ie ( int is_rsn, u8 *start, u8 *end,
enum net80211_security_proto *secprot,
enum net80211_crypto_alg *crypt )
{
enum net80211_security_proto sp;
enum net80211_crypto_alg cr;
struct descriptor_map *map;
u8 *rsn = start;
/* Set some defaults */
cr = ( is_rsn ? NET80211_CRYPT_CCMP : NET80211_CRYPT_TKIP );
sp = NET80211_SECPROT_EAP;
rsn += 2; /* version - already checked */
rsn += 4; /* group cipher - we don't use it here */
if ( rsn >= end )
goto done;
/* Pick crypto algorithm */
map = rsn_pick_desc ( &rsn, end, rsn_cipher_map,
table_start ( NET80211_CRYPTOS ),
table_end ( NET80211_CRYPTOS ) );
if ( ! map )
goto invalid_rsn;
cr = map->net80211_type;
if ( rsn >= end )
goto done;
/* Pick handshaking algorithm */
map = rsn_pick_desc ( &rsn, end, rsn_akm_map,
table_start ( NET80211_HANDSHAKERS ),
table_end ( NET80211_HANDSHAKERS ) );
if ( ! map )
goto invalid_rsn;
sp = map->net80211_type;
done:
DBG ( "RSN detect: OK, crypto type %d, secprot type %d\n", cr, sp );
*secprot = sp;
*crypt = cr;
return 0;
invalid_rsn:
DBG ( "RSN detect: invalid RSN IE\n" );
return -EINVAL;
}
/**
* Detect the cryptosystem and handshaking protocol used by an 802.11 network
*
* @v iob I/O buffer containing beacon frame
* @ret secprot Security handshaking protocol used by network
* @ret crypt Cryptosystem used by network
* @ret rc Return status code
*
* This function uses weak linkage, as it must be called from generic
* contexts but should only be linked in if some encryption is
* supported; you must test its address against @c NULL before calling
* it. If it does not exist, any network with the PRIVACY bit set in
* beacon->capab should be considered unknown.
*/
int _sec80211_detect ( struct io_buffer *iob,
enum net80211_security_proto *secprot,
enum net80211_crypto_alg *crypt )
{
struct ieee80211_frame *hdr = iob->data;
struct ieee80211_beacon *beacon =
( struct ieee80211_beacon * ) hdr->data;
u8 *rsn, *rsn_end;
int is_rsn, rc;
*crypt = NET80211_CRYPT_UNKNOWN;
*secprot = NET80211_SECPROT_UNKNOWN;
/* Find RSN or WPA IE */
if ( ! ( rsn = sec80211_find_rsn ( beacon->info_element, iob->tail,
&is_rsn, &rsn_end ) ) ) {
/* No security IE at all; either WEP or no security. */
*secprot = NET80211_SECPROT_NONE;
if ( beacon->capability & IEEE80211_CAPAB_PRIVACY )
*crypt = NET80211_CRYPT_WEP;
else
*crypt = NET80211_CRYPT_NONE;
return 0;
}
/* Determine type of security */
if ( ( rc = sec80211_detect_ie ( is_rsn, rsn, rsn_end, secprot,
crypt ) ) == 0 )
return 0;
/* If we get here, the RSN IE was invalid */
*crypt = NET80211_CRYPT_UNKNOWN;
*secprot = NET80211_SECPROT_UNKNOWN;
DBG ( "Failed to handle RSN IE:\n" );
DBG_HD ( rsn, rsn_end - rsn );
return rc;
}
/**
* Determine RSN descriptor for specified net80211 ID
*
* @v id net80211 ID value
* @v rsnie Whether to return a new-format (RSN IE) descriptor
* @v map Map to use in translation
* @ret desc RSN descriptor, or 0 on error
*
* If @a rsnie is false, returns an old-format (WPA vendor IE)
* descriptor.
*/
static u32 rsn_get_desc ( unsigned id, int rsnie, struct descriptor_map *map )
{
u32 vendor = ( rsnie ? IEEE80211_RSN_OUI : IEEE80211_WPA_OUI );
for ( ; map->oui_type != END_MAGIC; map++ ) {
if ( map->net80211_type == id )
return map->oui_type | vendor;
}
return 0;
}
/**
* Determine RSN descriptor for specified net80211 cryptosystem number
*
* @v crypt Cryptosystem number
* @v rsnie Whether to return a new-format (RSN IE) descriptor
* @ret desc RSN descriptor
*
* If @a rsnie is false, returns an old-format (WPA vendor IE)
* descriptor.
*/
u32 sec80211_rsn_get_crypto_desc ( enum net80211_crypto_alg crypt, int rsnie )
{
return rsn_get_desc ( crypt, rsnie, rsn_cipher_map );
}
/**
* Determine RSN descriptor for specified net80211 handshaker number
*
* @v secprot Handshaker number
* @v rsnie Whether to return a new-format (RSN IE) descriptor
* @ret desc RSN descriptor
*
* If @a rsnie is false, returns an old-format (WPA vendor IE)
* descriptor.
*/
u32 sec80211_rsn_get_akm_desc ( enum net80211_security_proto secprot,
int rsnie )
{
return rsn_get_desc ( secprot, rsnie, rsn_akm_map );
}
/**
* Determine net80211 cryptosystem number from RSN descriptor
*
* @v desc RSN descriptor
* @ret crypt net80211 cryptosystem enumeration value
*/
enum net80211_crypto_alg sec80211_rsn_get_net80211_crypt ( u32 desc )
{
struct descriptor_map *map = rsn_cipher_map;
for ( ; map->oui_type != END_MAGIC; map++ ) {
if ( map->oui_type == ( desc & OUI_TYPE_MASK ) )
break;
}
return map->net80211_type;
}