diff options
Diffstat (limited to 'gpxe/src/net/80211/sec80211.c')
| -rw-r--r-- | gpxe/src/net/80211/sec80211.c | 503 |
1 files changed, 0 insertions, 503 deletions
diff --git a/gpxe/src/net/80211/sec80211.c b/gpxe/src/net/80211/sec80211.c deleted file mode 100644 index c5aa1183..00000000 --- a/gpxe/src/net/80211/sec80211.c +++ /dev/null @@ -1,503 +0,0 @@ -/* - * Copyright (c) 2009 Joshua Oreman <oremanj@rwcr.net>. - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or any later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - */ - -FILE_LICENCE ( GPL2_OR_LATER ); - -#include <stdlib.h> -#include <string.h> -#include <errno.h> -#include <gpxe/ieee80211.h> -#include <gpxe/net80211.h> -#include <gpxe/sec80211.h> - -/** @file - * - * General secured-network routines required whenever any secure - * network support at all is compiled in. This involves things like - * installing keys, determining the type of security used by a probed - * network, and some small helper functions that take advantage of - * static data in this file. - */ - -/** Mapping from net80211 crypto/secprot types to RSN OUI descriptors */ -struct descriptor_map { - /** Value of net80211_crypto_alg or net80211_security_proto */ - u32 net80211_type; - - /** OUI+type in appropriate byte order, masked to exclude vendor */ - u32 oui_type; -}; - -/** Magic number in @a oui_type showing end of list */ -#define END_MAGIC 0xFFFFFFFF - -/** Mapping between net80211 cryptosystems and 802.11i cipher IDs */ -static struct descriptor_map rsn_cipher_map[] = { - { .net80211_type = NET80211_CRYPT_WEP, - .oui_type = IEEE80211_RSN_CTYPE_WEP40 }, - - { .net80211_type = NET80211_CRYPT_WEP, - .oui_type = IEEE80211_RSN_CTYPE_WEP104 }, - - { .net80211_type = NET80211_CRYPT_TKIP, - .oui_type = IEEE80211_RSN_CTYPE_TKIP }, - - { .net80211_type = NET80211_CRYPT_CCMP, - .oui_type = IEEE80211_RSN_CTYPE_CCMP }, - - { .net80211_type = NET80211_CRYPT_UNKNOWN, - .oui_type = END_MAGIC }, -}; - -/** Mapping between net80211 handshakers and 802.11i AKM IDs */ -static struct descriptor_map rsn_akm_map[] = { - { .net80211_type = NET80211_SECPROT_EAP, - .oui_type = IEEE80211_RSN_ATYPE_8021X }, - - { .net80211_type = NET80211_SECPROT_PSK, - .oui_type = IEEE80211_RSN_ATYPE_PSK }, - - { .net80211_type = NET80211_SECPROT_UNKNOWN, - .oui_type = END_MAGIC }, -}; - - -/** - * Install 802.11 cryptosystem - * - * @v which Pointer to the cryptosystem structure to install in - * @v crypt Cryptosystem ID number - * @v key Encryption key to use - * @v len Length of encryption key - * @v rsc Initial receive sequence counter, if applicable - * @ret rc Return status code - * - * The encryption key will not be accessed via the provided pointer - * after this function returns, so you may keep it on the stack. - * - * @a which must point to either @c dev->crypto (for the normal case - * of installing a unicast cryptosystem) or @c dev->gcrypto (to - * install a cryptosystem that will be used only for decrypting - * group-source frames). - */ -int sec80211_install ( struct net80211_crypto **which, - enum net80211_crypto_alg crypt, - const void *key, int len, const void *rsc ) -{ - struct net80211_crypto *crypto = *which; - struct net80211_crypto *tbl_crypto; - - /* Remove old crypto if it exists */ - free ( *which ); - *which = NULL; - - if ( crypt == NET80211_CRYPT_NONE ) { - DBG ( "802.11-Sec not installing null cryptography\n" ); - return 0; - } - - /* Find cryptosystem to use */ - for_each_table_entry ( tbl_crypto, NET80211_CRYPTOS ) { - if ( tbl_crypto->algorithm == crypt ) { - crypto = zalloc ( sizeof ( *crypto ) + - tbl_crypto->priv_len ); - if ( ! crypto ) { - DBG ( "802.11-Sec out of memory\n" ); - return -ENOMEM; - } - - memcpy ( crypto, tbl_crypto, sizeof ( *crypto ) ); - crypto->priv = ( ( void * ) crypto + - sizeof ( *crypto ) ); - break; - } - } - - if ( ! crypto ) { - DBG ( "802.11-Sec no support for cryptosystem %d\n", crypt ); - return -( ENOTSUP | EUNIQ_10 | ( crypt << 8 ) ); - } - - *which = crypto; - - DBG ( "802.11-Sec installing cryptosystem %d as %p with key of " - "length %d\n", crypt, crypto, len ); - - return crypto->init ( crypto, key, len, rsc ); -} - - -/** - * Determine net80211 crypto or handshaking type value to return for RSN info - * - * @v rsnp Pointer to next descriptor count field in RSN IE - * @v rsn_end Pointer to end of RSN IE - * @v map Descriptor map to use - * @v tbl_start Start of linker table to examine for gPXE support - * @v tbl_end End of linker table to examine for gPXE support - * @ret rsnp Updated to point to first byte after descriptors - * @ret map_ent Descriptor map entry of translation to use - * - * The entries in the linker table must be either net80211_crypto or - * net80211_handshaker structures, and @a tbl_stride must be set to - * sizeof() the appropriate one. - * - * This function expects @a rsnp to point at a two-byte descriptor - * count followed by a list of four-byte cipher or AKM descriptors; it - * will return @c NULL if the input packet is malformed, and otherwise - * set @a rsnp to the first byte it has not looked at. It will return - * the first cipher in the list that is supported by the current build - * of gPXE, or the first of all if none are supported. - * - * We play rather fast and loose with type checking, because this - * function is only called from two well-defined places in the - * RSN-checking code. Don't try to use it for anything else. - */ -static struct descriptor_map * rsn_pick_desc ( u8 **rsnp, u8 *rsn_end, - struct descriptor_map *map, - void *tbl_start, void *tbl_end ) -{ - int ndesc; - int ok = 0; - struct descriptor_map *map_ent, *map_ret = NULL; - u8 *rsn = *rsnp; - void *tblp; - size_t tbl_stride = ( map == rsn_cipher_map ? - sizeof ( struct net80211_crypto ) : - sizeof ( struct net80211_handshaker ) ); - - if ( map != rsn_cipher_map && map != rsn_akm_map ) - return NULL; - - /* Determine which types we support */ - for ( tblp = tbl_start; tblp < tbl_end; tblp += tbl_stride ) { - struct net80211_crypto *crypto = tblp; - struct net80211_handshaker *hs = tblp; - - if ( map == rsn_cipher_map ) - ok |= ( 1 << crypto->algorithm ); - else - ok |= ( 1 << hs->protocol ); - } - - /* RSN sanity checks */ - if ( rsn + 2 > rsn_end ) { - DBG ( "RSN detect: malformed descriptor count\n" ); - return NULL; - } - - ndesc = *( u16 * ) rsn; - rsn += 2; - - if ( ! ndesc ) { - DBG ( "RSN detect: no descriptors\n" ); - return NULL; - } - - /* Determine which net80211 crypto types are listed */ - while ( ndesc-- ) { - u32 desc; - - if ( rsn + 4 > rsn_end ) { - DBG ( "RSN detect: malformed descriptor (%d left)\n", - ndesc ); - return NULL; - } - - desc = *( u32 * ) rsn; - rsn += 4; - - for ( map_ent = map; map_ent->oui_type != END_MAGIC; map_ent++ ) - if ( map_ent->oui_type == ( desc & OUI_TYPE_MASK ) ) - break; - - /* Use first cipher as a fallback */ - if ( ! map_ret ) - map_ret = map_ent; - - /* Once we find one we support, use it */ - if ( ok & ( 1 << map_ent->net80211_type ) ) { - map_ret = map_ent; - break; - } - } - - if ( ndesc > 0 ) - rsn += 4 * ndesc; - - *rsnp = rsn; - return map_ret; -} - - -/** - * Find the RSN or WPA information element in the provided beacon frame - * - * @v ie Pointer to first information element to check - * @v ie_end Pointer to end of information element space - * @ret is_rsn TRUE if returned IE is RSN, FALSE if it's WPA - * @ret end Pointer to byte immediately after last byte of data - * @ret data Pointer to first byte of data (the `version' field) - * - * If both an RSN and a WPA information element are found, this - * function will return the first one seen, which by ordering rules - * should always prefer the newer RSN IE. - * - * If no RSN or WPA infomration element is found, returns @c NULL and - * leaves @a is_rsn and @a end in an undefined state. - * - * This function will not return a pointer to an information element - * that states it extends past the tail of the io_buffer, or whose @a - * version field is incorrect. - */ -u8 * sec80211_find_rsn ( union ieee80211_ie *ie, void *ie_end, - int *is_rsn, u8 **end ) -{ - u8 *rsn = NULL; - - if ( ! ieee80211_ie_bound ( ie, ie_end ) ) - return NULL; - - while ( ie ) { - if ( ie->id == IEEE80211_IE_VENDOR && - ie->vendor.oui == IEEE80211_WPA_OUI_VEN ) { - DBG ( "RSN detect: old-style WPA IE found\n" ); - rsn = &ie->vendor.data[0]; - *end = rsn + ie->len - 4; - *is_rsn = 0; - } else if ( ie->id == IEEE80211_IE_RSN ) { - DBG ( "RSN detect: 802.11i RSN IE found\n" ); - rsn = ( u8 * ) &ie->rsn.version; - *end = rsn + ie->len; - *is_rsn = 1; - } - - if ( rsn && ( *end > ( u8 * ) ie_end || rsn >= *end || - *( u16 * ) rsn != IEEE80211_RSN_VERSION ) ) { - DBG ( "RSN detect: malformed RSN IE or unknown " - "version, keep trying\n" ); - rsn = NULL; - } - - if ( rsn ) - break; - - ie = ieee80211_next_ie ( ie, ie_end ); - } - - if ( ! ie ) { - DBG ( "RSN detect: no RSN IE found\n" ); - return NULL; - } - - return rsn; -} - - -/** - * Detect crypto and AKM types from RSN information element - * - * @v is_rsn If TRUE, IE is a new-style RSN information element - * @v start Pointer to first byte of @a version field - * @v end Pointer to first byte not in the RSN IE - * @ret secprot Security handshaking protocol used by network - * @ret crypt Cryptosystem used by network - * @ret rc Return status code - * - * If the IE cannot be parsed, returns an error indication and leaves - * @a secprot and @a crypt unchanged. - */ -int sec80211_detect_ie ( int is_rsn, u8 *start, u8 *end, - enum net80211_security_proto *secprot, - enum net80211_crypto_alg *crypt ) -{ - enum net80211_security_proto sp; - enum net80211_crypto_alg cr; - struct descriptor_map *map; - u8 *rsn = start; - - /* Set some defaults */ - cr = ( is_rsn ? NET80211_CRYPT_CCMP : NET80211_CRYPT_TKIP ); - sp = NET80211_SECPROT_EAP; - - rsn += 2; /* version - already checked */ - rsn += 4; /* group cipher - we don't use it here */ - - if ( rsn >= end ) - goto done; - - /* Pick crypto algorithm */ - map = rsn_pick_desc ( &rsn, end, rsn_cipher_map, - table_start ( NET80211_CRYPTOS ), - table_end ( NET80211_CRYPTOS ) ); - if ( ! map ) - goto invalid_rsn; - - cr = map->net80211_type; - - if ( rsn >= end ) - goto done; - - /* Pick handshaking algorithm */ - map = rsn_pick_desc ( &rsn, end, rsn_akm_map, - table_start ( NET80211_HANDSHAKERS ), - table_end ( NET80211_HANDSHAKERS ) ); - if ( ! map ) - goto invalid_rsn; - - sp = map->net80211_type; - - done: - DBG ( "RSN detect: OK, crypto type %d, secprot type %d\n", cr, sp ); - *secprot = sp; - *crypt = cr; - return 0; - - invalid_rsn: - DBG ( "RSN detect: invalid RSN IE\n" ); - return -EINVAL; -} - - -/** - * Detect the cryptosystem and handshaking protocol used by an 802.11 network - * - * @v iob I/O buffer containing beacon frame - * @ret secprot Security handshaking protocol used by network - * @ret crypt Cryptosystem used by network - * @ret rc Return status code - * - * This function uses weak linkage, as it must be called from generic - * contexts but should only be linked in if some encryption is - * supported; you must test its address against @c NULL before calling - * it. If it does not exist, any network with the PRIVACY bit set in - * beacon->capab should be considered unknown. - */ -int _sec80211_detect ( struct io_buffer *iob, - enum net80211_security_proto *secprot, - enum net80211_crypto_alg *crypt ) -{ - struct ieee80211_frame *hdr = iob->data; - struct ieee80211_beacon *beacon = - ( struct ieee80211_beacon * ) hdr->data; - u8 *rsn, *rsn_end; - int is_rsn, rc; - - *crypt = NET80211_CRYPT_UNKNOWN; - *secprot = NET80211_SECPROT_UNKNOWN; - - /* Find RSN or WPA IE */ - if ( ! ( rsn = sec80211_find_rsn ( beacon->info_element, iob->tail, - &is_rsn, &rsn_end ) ) ) { - /* No security IE at all; either WEP or no security. */ - *secprot = NET80211_SECPROT_NONE; - - if ( beacon->capability & IEEE80211_CAPAB_PRIVACY ) - *crypt = NET80211_CRYPT_WEP; - else - *crypt = NET80211_CRYPT_NONE; - - return 0; - } - - /* Determine type of security */ - if ( ( rc = sec80211_detect_ie ( is_rsn, rsn, rsn_end, secprot, - crypt ) ) == 0 ) - return 0; - - /* If we get here, the RSN IE was invalid */ - - *crypt = NET80211_CRYPT_UNKNOWN; - *secprot = NET80211_SECPROT_UNKNOWN; - DBG ( "Failed to handle RSN IE:\n" ); - DBG_HD ( rsn, rsn_end - rsn ); - return rc; -} - - -/** - * Determine RSN descriptor for specified net80211 ID - * - * @v id net80211 ID value - * @v rsnie Whether to return a new-format (RSN IE) descriptor - * @v map Map to use in translation - * @ret desc RSN descriptor, or 0 on error - * - * If @a rsnie is false, returns an old-format (WPA vendor IE) - * descriptor. - */ -static u32 rsn_get_desc ( unsigned id, int rsnie, struct descriptor_map *map ) -{ - u32 vendor = ( rsnie ? IEEE80211_RSN_OUI : IEEE80211_WPA_OUI ); - - for ( ; map->oui_type != END_MAGIC; map++ ) { - if ( map->net80211_type == id ) - return map->oui_type | vendor; - } - - return 0; -} - -/** - * Determine RSN descriptor for specified net80211 cryptosystem number - * - * @v crypt Cryptosystem number - * @v rsnie Whether to return a new-format (RSN IE) descriptor - * @ret desc RSN descriptor - * - * If @a rsnie is false, returns an old-format (WPA vendor IE) - * descriptor. - */ -u32 sec80211_rsn_get_crypto_desc ( enum net80211_crypto_alg crypt, int rsnie ) -{ - return rsn_get_desc ( crypt, rsnie, rsn_cipher_map ); -} - -/** - * Determine RSN descriptor for specified net80211 handshaker number - * - * @v secprot Handshaker number - * @v rsnie Whether to return a new-format (RSN IE) descriptor - * @ret desc RSN descriptor - * - * If @a rsnie is false, returns an old-format (WPA vendor IE) - * descriptor. - */ -u32 sec80211_rsn_get_akm_desc ( enum net80211_security_proto secprot, - int rsnie ) -{ - return rsn_get_desc ( secprot, rsnie, rsn_akm_map ); -} - -/** - * Determine net80211 cryptosystem number from RSN descriptor - * - * @v desc RSN descriptor - * @ret crypt net80211 cryptosystem enumeration value - */ -enum net80211_crypto_alg sec80211_rsn_get_net80211_crypt ( u32 desc ) -{ - struct descriptor_map *map = rsn_cipher_map; - - for ( ; map->oui_type != END_MAGIC; map++ ) { - if ( map->oui_type == ( desc & OUI_TYPE_MASK ) ) - break; - } - - return map->net80211_type; -} |