summaryrefslogtreecommitdiff
path: root/sys/net80211/ieee80211_crypto_ccmp.c
diff options
context:
space:
mode:
authorDamien Bergamini <damien@cvs.openbsd.org>2008-07-26 12:41:35 +0000
committerDamien Bergamini <damien@cvs.openbsd.org>2008-07-26 12:41:35 +0000
commit557fd4afe756e74c8fd2e768b6ff4bb44e348f23 (patch)
tree439c533fd6dd3a21db4dde0f94169c83d388c6a6 /sys/net80211/ieee80211_crypto_ccmp.c
parentcc19867a25cae6fed9d2690a3c73fb6de17e385e (diff)
properly handle management frames (required for future work).
remove useless #includes.
Diffstat (limited to 'sys/net80211/ieee80211_crypto_ccmp.c')
-rw-r--r--sys/net80211/ieee80211_crypto_ccmp.c43
1 files changed, 27 insertions, 16 deletions
diff --git a/sys/net80211/ieee80211_crypto_ccmp.c b/sys/net80211/ieee80211_crypto_ccmp.c
index c55e8928f35..f6eef7dca16 100644
--- a/sys/net80211/ieee80211_crypto_ccmp.c
+++ b/sys/net80211/ieee80211_crypto_ccmp.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ieee80211_crypto_ccmp.c,v 1.1 2008/04/16 18:32:15 damien Exp $ */
+/* $OpenBSD: ieee80211_crypto_ccmp.c,v 1.2 2008/07/26 12:41:34 damien Exp $ */
/*-
* Copyright (c) 2008 Damien Bergamini <damien.bergamini@free.fr>
@@ -24,9 +24,6 @@
#include <sys/socket.h>
#include <sys/sockio.h>
#include <sys/endian.h>
-#include <sys/errno.h>
-#include <sys/proc.h>
-#include <sys/sysctl.h>
#include <net/if.h>
#include <net/if_dl.h>
@@ -74,7 +71,7 @@ ieee80211_ccmp_delete_key(struct ieee80211com *ic, struct ieee80211_key *k)
k->k_priv = NULL;
}
-/*
+/*-
* Counter with CBC-MAC (CCM) - see RFC3610.
* CCMP uses the following CCM parameters: M = 8, L = 2
*/
@@ -89,11 +86,22 @@ ieee80211_ccmp_phase1(rijndael_ctx *ctx, const struct ieee80211_frame *wh,
/* construct AAD (additional authentication data) */
aad = &auth[2]; /* skip l(a), will be filled later */
- *aad++ = wh->i_fc[0] & ~IEEE80211_FC0_SUBTYPE_MASK;
- /* NB: 'Protected' bit is already set in wh->i_fc[1] */
- /* 'Order' bit was added as part of 802.11n-Draft 2.0 */
- *aad++ = wh->i_fc[1] & ~(IEEE80211_FC1_RETRY | IEEE80211_FC1_ORDER |
- IEEE80211_FC1_PWR_MGT | IEEE80211_FC1_MORE_DATA);
+ *aad = wh->i_fc[0];
+ /* 11w: conditionnally mask subtype field */
+ if ((wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) ==
+ IEEE80211_FC0_TYPE_DATA)
+ *aad &= ~IEEE80211_FC0_SUBTYPE_MASK;
+ aad++;
+ /* protected bit is already set in wh */
+ *aad = wh->i_fc[1];
+ *aad &= ~(IEEE80211_FC1_RETRY | IEEE80211_FC1_PWR_MGT |
+ IEEE80211_FC1_MORE_DATA);
+ /* 11n: conditionnally mask order bit */
+ if ((wh->i_fc[0] &
+ (IEEE80211_FC0_TYPE_MASK | IEEE80211_FC0_SUBTYPE_QOS)) ==
+ (IEEE80211_FC0_TYPE_DATA | IEEE80211_FC0_SUBTYPE_QOS))
+ *aad &= ~IEEE80211_FC1_ORDER;
+ aad++;
IEEE80211_ADDR_COPY(aad, wh->i_addr1); aad += IEEE80211_ADDR_LEN;
IEEE80211_ADDR_COPY(aad, wh->i_addr2); aad += IEEE80211_ADDR_LEN;
IEEE80211_ADDR_COPY(aad, wh->i_addr3); aad += IEEE80211_ADDR_LEN;
@@ -123,11 +131,14 @@ ieee80211_ccmp_phase1(rijndael_ctx *ctx, const struct ieee80211_frame *wh,
}
/* construct CCM nonce */
- nonce[0] = tid;
+ nonce[ 0] = tid;
+ if ((wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) ==
+ IEEE80211_FC0_TYPE_MGT)
+ nonce[0] |= 1 << 4; /* 11w: set management bit */
IEEE80211_ADDR_COPY(&nonce[1], wh->i_addr2);
- nonce[7] = pn >> 40; /* PN5 */
- nonce[8] = pn >> 32; /* PN4 */
- nonce[9] = pn >> 24; /* PN3 */
+ nonce[ 7] = pn >> 40; /* PN5 */
+ nonce[ 8] = pn >> 32; /* PN4 */
+ nonce[ 9] = pn >> 24; /* PN3 */
nonce[10] = pn >> 16; /* PN2 */
nonce[11] = pn >> 8; /* PN1 */
nonce[12] = pn; /* PN0 */
@@ -139,7 +150,7 @@ ieee80211_ccmp_phase1(rijndael_ctx *ctx, const struct ieee80211_frame *wh,
memset(aad, 0, 30 - la); /* pad AAD with zeros */
/* construct first block B_0 */
- b[0] = 89; /* Flags = 64*Adata + 8*((M-2)/2) + (L-1) */
+ b[ 0] = 89; /* Flags = 64*Adata + 8*((M-2)/2) + (L-1) */
memcpy(&b[1], nonce, 13);
b[14] = lm >> 8;
b[15] = lm & 0xff;
@@ -153,7 +164,7 @@ ieee80211_ccmp_phase1(rijndael_ctx *ctx, const struct ieee80211_frame *wh,
rijndael_encrypt(ctx, b, b);
/* construct S_0 */
- a[0] = 1; /* Flags = L' = (L-1) */
+ a[ 0] = 1; /* Flags = L' = (L-1) */
memcpy(&a[1], nonce, 13);
a[14] = a[15] = 0;
rijndael_encrypt(ctx, a, s0);