Commit cfcf1682 authored by Jouni Malinen's avatar Jouni Malinen Committed by Johannes Berg

cfg80211: Add new GCMP, CCMP-256, BIP-GMAC, BIP-CMAC-256 ciphers

This makes cfg80211 aware of the GCMP, GCMP-256, CCMP-256, BIP-GMAC-128,
BIP-GMAC-256, and BIP-CMAC-256 cipher suites. These new cipher suites
were defined in IEEE Std 802.11ac-2013.
Signed-off-by: default avatarJouni Malinen <jouni@qca.qualcomm.com>
Signed-off-by: default avatarJohannes Berg <johannes.berg@intel.com>
parent 37720569
...@@ -1994,9 +1994,15 @@ enum ieee80211_key_len { ...@@ -1994,9 +1994,15 @@ enum ieee80211_key_len {
WLAN_KEY_LEN_WEP40 = 5, WLAN_KEY_LEN_WEP40 = 5,
WLAN_KEY_LEN_WEP104 = 13, WLAN_KEY_LEN_WEP104 = 13,
WLAN_KEY_LEN_CCMP = 16, WLAN_KEY_LEN_CCMP = 16,
WLAN_KEY_LEN_CCMP_256 = 32,
WLAN_KEY_LEN_TKIP = 32, WLAN_KEY_LEN_TKIP = 32,
WLAN_KEY_LEN_AES_CMAC = 16, WLAN_KEY_LEN_AES_CMAC = 16,
WLAN_KEY_LEN_SMS4 = 32, WLAN_KEY_LEN_SMS4 = 32,
WLAN_KEY_LEN_GCMP = 16,
WLAN_KEY_LEN_GCMP_256 = 32,
WLAN_KEY_LEN_BIP_CMAC_256 = 32,
WLAN_KEY_LEN_BIP_GMAC_128 = 16,
WLAN_KEY_LEN_BIP_GMAC_256 = 32,
}; };
#define IEEE80211_WEP_IV_LEN 4 #define IEEE80211_WEP_IV_LEN 4
...@@ -2004,9 +2010,16 @@ enum ieee80211_key_len { ...@@ -2004,9 +2010,16 @@ enum ieee80211_key_len {
#define IEEE80211_CCMP_HDR_LEN 8 #define IEEE80211_CCMP_HDR_LEN 8
#define IEEE80211_CCMP_MIC_LEN 8 #define IEEE80211_CCMP_MIC_LEN 8
#define IEEE80211_CCMP_PN_LEN 6 #define IEEE80211_CCMP_PN_LEN 6
#define IEEE80211_CCMP_256_HDR_LEN 8
#define IEEE80211_CCMP_256_MIC_LEN 16
#define IEEE80211_CCMP_256_PN_LEN 6
#define IEEE80211_TKIP_IV_LEN 8 #define IEEE80211_TKIP_IV_LEN 8
#define IEEE80211_TKIP_ICV_LEN 4 #define IEEE80211_TKIP_ICV_LEN 4
#define IEEE80211_CMAC_PN_LEN 6 #define IEEE80211_CMAC_PN_LEN 6
#define IEEE80211_GMAC_PN_LEN 6
#define IEEE80211_GCMP_HDR_LEN 8
#define IEEE80211_GCMP_MIC_LEN 16
#define IEEE80211_GCMP_PN_LEN 6
/* Public action codes */ /* Public action codes */
enum ieee80211_pub_actioncode { enum ieee80211_pub_actioncode {
...@@ -2230,6 +2243,11 @@ enum ieee80211_sa_query_action { ...@@ -2230,6 +2243,11 @@ enum ieee80211_sa_query_action {
#define WLAN_CIPHER_SUITE_WEP104 0x000FAC05 #define WLAN_CIPHER_SUITE_WEP104 0x000FAC05
#define WLAN_CIPHER_SUITE_AES_CMAC 0x000FAC06 #define WLAN_CIPHER_SUITE_AES_CMAC 0x000FAC06
#define WLAN_CIPHER_SUITE_GCMP 0x000FAC08 #define WLAN_CIPHER_SUITE_GCMP 0x000FAC08
#define WLAN_CIPHER_SUITE_GCMP_256 0x000FAC09
#define WLAN_CIPHER_SUITE_CCMP_256 0x000FAC0A
#define WLAN_CIPHER_SUITE_BIP_GMAC_128 0x000FAC0B
#define WLAN_CIPHER_SUITE_BIP_GMAC_256 0x000FAC0C
#define WLAN_CIPHER_SUITE_BIP_CMAC_256 0x000FAC0D
#define WLAN_CIPHER_SUITE_SMS4 0x00147201 #define WLAN_CIPHER_SUITE_SMS4 0x00147201
......
...@@ -230,6 +230,9 @@ int cfg80211_validate_key_settings(struct cfg80211_registered_device *rdev, ...@@ -230,6 +230,9 @@ int cfg80211_validate_key_settings(struct cfg80211_registered_device *rdev,
switch (params->cipher) { switch (params->cipher) {
case WLAN_CIPHER_SUITE_TKIP: case WLAN_CIPHER_SUITE_TKIP:
case WLAN_CIPHER_SUITE_CCMP: case WLAN_CIPHER_SUITE_CCMP:
case WLAN_CIPHER_SUITE_CCMP_256:
case WLAN_CIPHER_SUITE_GCMP:
case WLAN_CIPHER_SUITE_GCMP_256:
/* Disallow pairwise keys with non-zero index unless it's WEP /* Disallow pairwise keys with non-zero index unless it's WEP
* or a vendor specific cipher (because current deployments use * or a vendor specific cipher (because current deployments use
* pairwise WEP keys with non-zero indices and for vendor * pairwise WEP keys with non-zero indices and for vendor
...@@ -240,6 +243,9 @@ int cfg80211_validate_key_settings(struct cfg80211_registered_device *rdev, ...@@ -240,6 +243,9 @@ int cfg80211_validate_key_settings(struct cfg80211_registered_device *rdev,
return -EINVAL; return -EINVAL;
break; break;
case WLAN_CIPHER_SUITE_AES_CMAC: case WLAN_CIPHER_SUITE_AES_CMAC:
case WLAN_CIPHER_SUITE_BIP_CMAC_256:
case WLAN_CIPHER_SUITE_BIP_GMAC_128:
case WLAN_CIPHER_SUITE_BIP_GMAC_256:
/* Disallow BIP (group-only) cipher as pairwise cipher */ /* Disallow BIP (group-only) cipher as pairwise cipher */
if (pairwise) if (pairwise)
return -EINVAL; return -EINVAL;
...@@ -261,6 +267,18 @@ int cfg80211_validate_key_settings(struct cfg80211_registered_device *rdev, ...@@ -261,6 +267,18 @@ int cfg80211_validate_key_settings(struct cfg80211_registered_device *rdev,
if (params->key_len != WLAN_KEY_LEN_CCMP) if (params->key_len != WLAN_KEY_LEN_CCMP)
return -EINVAL; return -EINVAL;
break; break;
case WLAN_CIPHER_SUITE_CCMP_256:
if (params->key_len != WLAN_KEY_LEN_CCMP_256)
return -EINVAL;
break;
case WLAN_CIPHER_SUITE_GCMP:
if (params->key_len != WLAN_KEY_LEN_GCMP)
return -EINVAL;
break;
case WLAN_CIPHER_SUITE_GCMP_256:
if (params->key_len != WLAN_KEY_LEN_GCMP_256)
return -EINVAL;
break;
case WLAN_CIPHER_SUITE_WEP104: case WLAN_CIPHER_SUITE_WEP104:
if (params->key_len != WLAN_KEY_LEN_WEP104) if (params->key_len != WLAN_KEY_LEN_WEP104)
return -EINVAL; return -EINVAL;
...@@ -269,6 +287,18 @@ int cfg80211_validate_key_settings(struct cfg80211_registered_device *rdev, ...@@ -269,6 +287,18 @@ int cfg80211_validate_key_settings(struct cfg80211_registered_device *rdev,
if (params->key_len != WLAN_KEY_LEN_AES_CMAC) if (params->key_len != WLAN_KEY_LEN_AES_CMAC)
return -EINVAL; return -EINVAL;
break; break;
case WLAN_CIPHER_SUITE_BIP_CMAC_256:
if (params->key_len != WLAN_KEY_LEN_BIP_CMAC_256)
return -EINVAL;
break;
case WLAN_CIPHER_SUITE_BIP_GMAC_128:
if (params->key_len != WLAN_KEY_LEN_BIP_GMAC_128)
return -EINVAL;
break;
case WLAN_CIPHER_SUITE_BIP_GMAC_256:
if (params->key_len != WLAN_KEY_LEN_BIP_GMAC_256)
return -EINVAL;
break;
default: default:
/* /*
* We don't know anything about this algorithm, * We don't know anything about this algorithm,
...@@ -288,7 +318,13 @@ int cfg80211_validate_key_settings(struct cfg80211_registered_device *rdev, ...@@ -288,7 +318,13 @@ int cfg80211_validate_key_settings(struct cfg80211_registered_device *rdev,
return -EINVAL; return -EINVAL;
case WLAN_CIPHER_SUITE_TKIP: case WLAN_CIPHER_SUITE_TKIP:
case WLAN_CIPHER_SUITE_CCMP: case WLAN_CIPHER_SUITE_CCMP:
case WLAN_CIPHER_SUITE_CCMP_256:
case WLAN_CIPHER_SUITE_GCMP:
case WLAN_CIPHER_SUITE_GCMP_256:
case WLAN_CIPHER_SUITE_AES_CMAC: case WLAN_CIPHER_SUITE_AES_CMAC:
case WLAN_CIPHER_SUITE_BIP_CMAC_256:
case WLAN_CIPHER_SUITE_BIP_GMAC_128:
case WLAN_CIPHER_SUITE_BIP_GMAC_256:
if (params->seq_len != 6) if (params->seq_len != 6)
return -EINVAL; return -EINVAL;
break; break;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment