ieee80211_crypto.c revision 139506
1238384Sjkim/*- 2238384Sjkim * Copyright (c) 2001 Atsushi Onoe 3238384Sjkim * Copyright (c) 2002-2004 Sam Leffler, Errno Consulting 4238384Sjkim * All rights reserved. 5238384Sjkim * 6238384Sjkim * Redistribution and use in source and binary forms, with or without 7238384Sjkim * modification, are permitted provided that the following conditions 8238384Sjkim * are met: 9238384Sjkim * 1. Redistributions of source code must retain the above copyright 10280304Sjkim * notice, this list of conditions and the following disclaimer. 11238384Sjkim * 2. Redistributions in binary form must reproduce the above copyright 12238384Sjkim * notice, this list of conditions and the following disclaimer in the 13238384Sjkim * documentation and/or other materials provided with the distribution. 14238384Sjkim * 3. The name of the author may not be used to endorse or promote products 15238384Sjkim * derived from this software without specific prior written permission. 16238384Sjkim * 17238384Sjkim * Alternatively, this software may be distributed under the terms of the 18238384Sjkim * GNU General Public License ("GPL") version 2 as published by the Free 19238384Sjkim * Software Foundation. 20238384Sjkim * 21238384Sjkim * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 22238384Sjkim * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 23238384Sjkim * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 24238384Sjkim * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 25238384Sjkim * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 26238384Sjkim * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 27238384Sjkim * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 28238384Sjkim * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 29238384Sjkim * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 30238384Sjkim * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31238384Sjkim */ 32238384Sjkim 33238384Sjkim#include <sys/cdefs.h> 34238384Sjkim__FBSDID("$FreeBSD: head/sys/net80211/ieee80211_crypto.c 139506 2004-12-31 20:44:15Z sam $"); 35238384Sjkim 36238384Sjkim/* 37238384Sjkim * IEEE 802.11 generic crypto support. 38238384Sjkim */ 39238384Sjkim#include <sys/param.h> 40238384Sjkim#include <sys/mbuf.h> 41238384Sjkim 42238384Sjkim#include <sys/socket.h> 43238384Sjkim 44238384Sjkim#include <net/if.h> 45238384Sjkim#include <net/if_media.h> 46238384Sjkim#include <net/ethernet.h> /* XXX ETHER_HDR_LEN */ 47238384Sjkim 48238384Sjkim#include <net80211/ieee80211_var.h> 49238384Sjkim 50238384Sjkim/* 51238384Sjkim * Table of registered cipher modules. 52238384Sjkim */ 53238384Sjkimstatic const struct ieee80211_cipher *ciphers[IEEE80211_CIPHER_MAX]; 54238384Sjkim 55238384Sjkimstatic int _ieee80211_crypto_delkey(struct ieee80211com *, 56280304Sjkim struct ieee80211_key *); 57280304Sjkim 58238384Sjkim/* 59238384Sjkim * Default "null" key management routines. 60238384Sjkim */ 61238384Sjkimstatic int 62238384Sjkimnull_key_alloc(struct ieee80211com *ic, const struct ieee80211_key *k) 63238384Sjkim{ 64238384Sjkim return IEEE80211_KEYIX_NONE; 65238384Sjkim} 66238384Sjkimstatic int 67238384Sjkimnull_key_delete(struct ieee80211com *ic, const struct ieee80211_key *k) 68238384Sjkim{ 69280304Sjkim return 1; 70280304Sjkim} 71238384Sjkimstatic int 72280304Sjkimnull_key_set(struct ieee80211com *ic, const struct ieee80211_key *k, 73280304Sjkim const u_int8_t mac[IEEE80211_ADDR_LEN]) 74280304Sjkim{ 75280304Sjkim return 1; 76280304Sjkim} 77280304Sjkimstatic void null_key_update(struct ieee80211com *ic) {} 78280304Sjkim 79280304Sjkim/* 80280304Sjkim * Write-arounds for common operations. 81280304Sjkim */ 82280304Sjkimstatic __inline void 83280304Sjkimcipher_detach(struct ieee80211_key *key) 84280304Sjkim{ 85280304Sjkim key->wk_cipher->ic_detach(key); 86280304Sjkim} 87280304Sjkim 88280304Sjkimstatic __inline void * 89280304Sjkimcipher_attach(struct ieee80211com *ic, struct ieee80211_key *key) 90280304Sjkim{ 91280304Sjkim return key->wk_cipher->ic_attach(ic, key); 92280304Sjkim} 93280304Sjkim 94280304Sjkim/* 95280304Sjkim * Wrappers for driver key management methods. 96280304Sjkim */ 97280304Sjkimstatic __inline int 98280304Sjkimdev_key_alloc(struct ieee80211com *ic, 99280304Sjkim const struct ieee80211_key *key) 100280304Sjkim{ 101280304Sjkim return ic->ic_crypto.cs_key_alloc(ic, key); 102280304Sjkim} 103280304Sjkim 104280304Sjkimstatic __inline int 105280304Sjkimdev_key_delete(struct ieee80211com *ic, 106280304Sjkim const struct ieee80211_key *key) 107280304Sjkim{ 108280304Sjkim return ic->ic_crypto.cs_key_delete(ic, key); 109280304Sjkim} 110280304Sjkim 111280304Sjkimstatic __inline int 112280304Sjkimdev_key_set(struct ieee80211com *ic, const struct ieee80211_key *key, 113280304Sjkim const u_int8_t mac[IEEE80211_ADDR_LEN]) 114280304Sjkim{ 115280304Sjkim return ic->ic_crypto.cs_key_set(ic, key, mac); 116280304Sjkim} 117280304Sjkim 118280304Sjkim/* 119280304Sjkim * Setup crypto support. 120280304Sjkim */ 121280304Sjkimvoid 122280304Sjkimieee80211_crypto_attach(struct ieee80211com *ic) 123280304Sjkim{ 124280304Sjkim struct ieee80211_crypto_state *cs = &ic->ic_crypto; 125280304Sjkim int i; 126280304Sjkim 127280304Sjkim /* NB: we assume everything is pre-zero'd */ 128280304Sjkim cs->cs_def_txkey = IEEE80211_KEYIX_NONE; 129280304Sjkim ciphers[IEEE80211_CIPHER_NONE] = &ieee80211_cipher_none; 130280304Sjkim for (i = 0; i < IEEE80211_WEP_NKID; i++) 131238384Sjkim ieee80211_crypto_resetkey(ic, &cs->cs_nw_keys[i], i); 132280304Sjkim /* 133280304Sjkim * Initialize the driver key support routines to noop entries. 134280304Sjkim * This is useful especially for the cipher test modules. 135280304Sjkim */ 136280304Sjkim cs->cs_key_alloc = null_key_alloc; 137280304Sjkim cs->cs_key_set = null_key_set; 138280304Sjkim cs->cs_key_delete = null_key_delete; 139280304Sjkim cs->cs_key_update_begin = null_key_update; 140280304Sjkim cs->cs_key_update_end = null_key_update; 141280304Sjkim} 142280304Sjkim 143280304Sjkim/* 144280304Sjkim * Teardown crypto support. 145280304Sjkim */ 146280304Sjkimvoid 147280304Sjkimieee80211_crypto_detach(struct ieee80211com *ic) 148280304Sjkim{ 149280304Sjkim ieee80211_crypto_delglobalkeys(ic); 150280304Sjkim} 151280304Sjkim 152280304Sjkim/* 153280304Sjkim * Register a crypto cipher module. 154280304Sjkim */ 155280304Sjkimvoid 156280304Sjkimieee80211_crypto_register(const struct ieee80211_cipher *cip) 157280304Sjkim{ 158280304Sjkim if (cip->ic_cipher >= IEEE80211_CIPHER_MAX) { 159280304Sjkim printf("%s: cipher %s has an invalid cipher index %u\n", 160280304Sjkim __func__, cip->ic_name, cip->ic_cipher); 161280304Sjkim return; 162280304Sjkim } 163280304Sjkim if (ciphers[cip->ic_cipher] != NULL && ciphers[cip->ic_cipher] != cip) { 164280304Sjkim printf("%s: cipher %s registered with a different template\n", 165280304Sjkim __func__, cip->ic_name); 166280304Sjkim return; 167280304Sjkim } 168280304Sjkim ciphers[cip->ic_cipher] = cip; 169280304Sjkim} 170280304Sjkim 171280304Sjkim/* 172280304Sjkim * Unregister a crypto cipher module. 173280304Sjkim */ 174280304Sjkimvoid 175280304Sjkimieee80211_crypto_unregister(const struct ieee80211_cipher *cip) 176238384Sjkim{ 177238384Sjkim if (cip->ic_cipher >= IEEE80211_CIPHER_MAX) { 178238384Sjkim printf("%s: cipher %s has an invalid cipher index %u\n", 179238384Sjkim __func__, cip->ic_name, cip->ic_cipher); 180280304Sjkim return; 181238384Sjkim } 182238384Sjkim if (ciphers[cip->ic_cipher] != NULL && ciphers[cip->ic_cipher] != cip) { 183280304Sjkim printf("%s: cipher %s registered with a different template\n", 184280304Sjkim __func__, cip->ic_name); 185280304Sjkim return; 186280304Sjkim } 187238384Sjkim /* NB: don't complain about not being registered */ 188280304Sjkim /* XXX disallow if references */ 189 ciphers[cip->ic_cipher] = NULL; 190} 191 192int 193ieee80211_crypto_available(u_int cipher) 194{ 195 return cipher < IEEE80211_CIPHER_MAX && ciphers[cipher] != NULL; 196} 197 198/* XXX well-known names! */ 199static const char *cipher_modnames[] = { 200 "wlan_wep", /* IEEE80211_CIPHER_WEP */ 201 "wlan_tkip", /* IEEE80211_CIPHER_TKIP */ 202 "wlan_aes_ocb", /* IEEE80211_CIPHER_AES_OCB */ 203 "wlan_ccmp", /* IEEE80211_CIPHER_AES_CCM */ 204 "wlan_ckip", /* IEEE80211_CIPHER_CKIP */ 205}; 206 207/* 208 * Establish a relationship between the specified key and cipher 209 * and, if not a global key, allocate a hardware index from the 210 * driver. Note that we may be called for global keys but they 211 * should have a key index already setup so the only work done 212 * is to setup the cipher reference. 213 * 214 * This must be the first call applied to a key; all the other key 215 * routines assume wk_cipher is setup. 216 * 217 * Locking must be handled by the caller using: 218 * ieee80211_key_update_begin(ic); 219 * ieee80211_key_update_end(ic); 220 */ 221int 222ieee80211_crypto_newkey(struct ieee80211com *ic, 223 int cipher, struct ieee80211_key *key) 224{ 225#define N(a) (sizeof(a) / sizeof(a[0])) 226 const struct ieee80211_cipher *cip; 227 void *keyctx; 228 int oflags; 229 230 /* 231 * Validate cipher and set reference to cipher routines. 232 */ 233 if (cipher >= IEEE80211_CIPHER_MAX) { 234 IEEE80211_DPRINTF(ic, IEEE80211_MSG_CRYPTO, 235 "%s: invalid cipher %u\n", __func__, cipher); 236 ic->ic_stats.is_crypto_badcipher++; 237 return 0; 238 } 239 cip = ciphers[cipher]; 240 if (cip == NULL) { 241 /* 242 * Auto-load cipher module if we have a well-known name 243 * for it. It might be better to use string names rather 244 * than numbers and craft a module name based on the cipher 245 * name; e.g. wlan_cipher_<cipher-name>. 246 */ 247 if (cipher < N(cipher_modnames)) { 248 IEEE80211_DPRINTF(ic, IEEE80211_MSG_CRYPTO, 249 "%s: unregistered cipher %u, load module %s\n", 250 __func__, cipher, cipher_modnames[cipher]); 251 ieee80211_load_module(cipher_modnames[cipher]); 252 /* 253 * If cipher module loaded it should immediately 254 * call ieee80211_crypto_register which will fill 255 * in the entry in the ciphers array. 256 */ 257 cip = ciphers[cipher]; 258 } 259 if (cip == NULL) { 260 IEEE80211_DPRINTF(ic, IEEE80211_MSG_CRYPTO, 261 "%s: unable to load cipher %u, module %s\n", 262 __func__, cipher, 263 cipher < N(cipher_modnames) ? 264 cipher_modnames[cipher] : "<unknown>"); 265 ic->ic_stats.is_crypto_nocipher++; 266 return 0; 267 } 268 } 269 270 oflags = key->wk_flags; 271 /* 272 * If the hardware does not support the cipher then 273 * fallback to a host-based implementation. 274 */ 275 key->wk_flags &= ~(IEEE80211_KEY_SWCRYPT|IEEE80211_KEY_SWMIC); 276 if ((ic->ic_caps & (1<<cipher)) == 0) { 277 IEEE80211_DPRINTF(ic, IEEE80211_MSG_CRYPTO, 278 "%s: no h/w support for cipher %s, falling back to s/w\n", 279 __func__, cip->ic_name); 280 key->wk_flags |= IEEE80211_KEY_SWCRYPT; 281 } 282 /* 283 * Hardware TKIP with software MIC is an important 284 * combination; we handle it by flagging each key, 285 * the cipher modules honor it. 286 */ 287 if (cipher == IEEE80211_CIPHER_TKIP && 288 (ic->ic_caps & IEEE80211_C_TKIPMIC) == 0) { 289 IEEE80211_DPRINTF(ic, IEEE80211_MSG_CRYPTO, 290 "%s: no h/w support for TKIP MIC, falling back to s/w\n", 291 __func__); 292 key->wk_flags |= IEEE80211_KEY_SWMIC; 293 } 294 295 /* 296 * Bind cipher to key instance. Note we do this 297 * after checking the device capabilities so the 298 * cipher module can optimize space usage based on 299 * whether or not it needs to do the cipher work. 300 */ 301 if (key->wk_cipher != cip || key->wk_flags != oflags) { 302again: 303 keyctx = cip->ic_attach(ic, key); 304 if (keyctx == NULL) { 305 IEEE80211_DPRINTF(ic, IEEE80211_MSG_CRYPTO, 306 "%s: unable to attach cipher %s\n", 307 __func__, cip->ic_name); 308 key->wk_flags = oflags; /* restore old flags */ 309 ic->ic_stats.is_crypto_attachfail++; 310 return 0; 311 } 312 cipher_detach(key); 313 key->wk_cipher = cip; /* XXX refcnt? */ 314 key->wk_private = keyctx; 315 } 316 317 /* 318 * Ask the driver for a key index if we don't have one. 319 * Note that entries in the global key table always have 320 * an index; this means it's safe to call this routine 321 * for these entries just to setup the reference to the 322 * cipher template. Note also that when using software 323 * crypto we also call the driver to give us a key index. 324 */ 325 if (key->wk_keyix == IEEE80211_KEYIX_NONE) { 326 key->wk_keyix = dev_key_alloc(ic, key); 327 if (key->wk_keyix == IEEE80211_KEYIX_NONE) { 328 /* 329 * Driver has no room; fallback to doing crypto 330 * in the host. We change the flags and start the 331 * procedure over. If we get back here then there's 332 * no hope and we bail. Note that this can leave 333 * the key in a inconsistent state if the caller 334 * continues to use it. 335 */ 336 if ((key->wk_flags & IEEE80211_KEY_SWCRYPT) == 0) { 337 ic->ic_stats.is_crypto_swfallback++; 338 IEEE80211_DPRINTF(ic, IEEE80211_MSG_CRYPTO, 339 "%s: no h/w resources for cipher %s, " 340 "falling back to s/w\n", __func__, 341 cip->ic_name); 342 oflags = key->wk_flags; 343 key->wk_flags |= IEEE80211_KEY_SWCRYPT; 344 if (cipher == IEEE80211_CIPHER_TKIP) 345 key->wk_flags |= IEEE80211_KEY_SWMIC; 346 goto again; 347 } 348 ic->ic_stats.is_crypto_keyfail++; 349 IEEE80211_DPRINTF(ic, IEEE80211_MSG_CRYPTO, 350 "%s: unable to setup cipher %s\n", 351 __func__, cip->ic_name); 352 return 0; 353 } 354 } 355 return 1; 356#undef N 357} 358 359/* 360 * Remove the key (no locking, for internal use). 361 */ 362static int 363_ieee80211_crypto_delkey(struct ieee80211com *ic, struct ieee80211_key *key) 364{ 365 u_int16_t keyix; 366 367 KASSERT(key->wk_cipher != NULL, ("No cipher!")); 368 369 IEEE80211_DPRINTF(ic, IEEE80211_MSG_CRYPTO, 370 "%s: %s keyix %u flags 0x%x rsc %ju tsc %ju len %u\n", 371 __func__, key->wk_cipher->ic_name, 372 key->wk_keyix, key->wk_flags, 373 key->wk_keyrsc, key->wk_keytsc, key->wk_keylen); 374 375 keyix = key->wk_keyix; 376 if (keyix != IEEE80211_KEYIX_NONE) { 377 /* 378 * Remove hardware entry. 379 */ 380 /* XXX key cache */ 381 if (!dev_key_delete(ic, key)) { 382 IEEE80211_DPRINTF(ic, IEEE80211_MSG_CRYPTO, 383 "%s: driver did not delete key index %u\n", 384 __func__, keyix); 385 ic->ic_stats.is_crypto_delkey++; 386 /* XXX recovery? */ 387 } 388 } 389 cipher_detach(key); 390 memset(key, 0, sizeof(*key)); 391 key->wk_cipher = &ieee80211_cipher_none; 392 key->wk_private = cipher_attach(ic, key); 393 /* NB: cannot depend on key index to decide this */ 394 if (&ic->ic_nw_keys[0] <= key && 395 key < &ic->ic_nw_keys[IEEE80211_WEP_NKID]) 396 key->wk_keyix = keyix; /* preserve shared key state */ 397 else 398 key->wk_keyix = IEEE80211_KEYIX_NONE; 399 return 1; 400} 401 402/* 403 * Remove the specified key. 404 */ 405int 406ieee80211_crypto_delkey(struct ieee80211com *ic, struct ieee80211_key *key) 407{ 408 int status; 409 410 ieee80211_key_update_begin(ic); 411 status = _ieee80211_crypto_delkey(ic, key); 412 ieee80211_key_update_end(ic); 413 return status; 414} 415 416/* 417 * Clear the global key table. 418 */ 419void 420ieee80211_crypto_delglobalkeys(struct ieee80211com *ic) 421{ 422 int i; 423 424 ieee80211_key_update_begin(ic); 425 for (i = 0; i < IEEE80211_WEP_NKID; i++) 426 (void) _ieee80211_crypto_delkey(ic, &ic->ic_nw_keys[i]); 427 ieee80211_key_update_end(ic); 428} 429 430/* 431 * Set the contents of the specified key. 432 * 433 * Locking must be handled by the caller using: 434 * ieee80211_key_update_begin(ic); 435 * ieee80211_key_update_end(ic); 436 */ 437int 438ieee80211_crypto_setkey(struct ieee80211com *ic, struct ieee80211_key *key, 439 const u_int8_t macaddr[IEEE80211_ADDR_LEN]) 440{ 441 const struct ieee80211_cipher *cip = key->wk_cipher; 442 443 KASSERT(cip != NULL, ("No cipher!")); 444 445 IEEE80211_DPRINTF(ic, IEEE80211_MSG_CRYPTO, 446 "%s: %s keyix %u flags 0x%x mac %s rsc %ju tsc %ju len %u\n", 447 __func__, cip->ic_name, key->wk_keyix, 448 key->wk_flags, ether_sprintf(macaddr), 449 key->wk_keyrsc, key->wk_keytsc, key->wk_keylen); 450 451 /* 452 * Give cipher a chance to validate key contents. 453 * XXX should happen before modifying state. 454 */ 455 if (!cip->ic_setkey(key)) { 456 IEEE80211_DPRINTF(ic, IEEE80211_MSG_CRYPTO, 457 "%s: cipher %s rejected key index %u len %u flags 0x%x\n", 458 __func__, cip->ic_name, key->wk_keyix, 459 key->wk_keylen, key->wk_flags); 460 ic->ic_stats.is_crypto_setkey_cipher++; 461 return 0; 462 } 463 if (key->wk_keyix == IEEE80211_KEYIX_NONE) { 464 /* XXX nothing allocated, should not happen */ 465 IEEE80211_DPRINTF(ic, IEEE80211_MSG_CRYPTO, 466 "%s: no key index; should not happen!\n", __func__); 467 ic->ic_stats.is_crypto_setkey_nokey++; 468 return 0; 469 } 470 return dev_key_set(ic, key, macaddr); 471} 472 473/* 474 * Add privacy headers appropriate for the specified key. 475 */ 476struct ieee80211_key * 477ieee80211_crypto_encap(struct ieee80211com *ic, 478 struct ieee80211_node *ni, struct mbuf *m) 479{ 480 struct ieee80211_key *k; 481 struct ieee80211_frame *wh; 482 const struct ieee80211_cipher *cip; 483 u_int8_t keyix; 484 485 /* 486 * Multicast traffic always uses the multicast key. 487 * Otherwise if a unicast key is set we use that and 488 * it is always key index 0. When no unicast key is 489 * set we fall back to the default transmit key. 490 */ 491 wh = mtod(m, struct ieee80211_frame *); 492 if (IEEE80211_IS_MULTICAST(wh->i_addr1) || 493 ni->ni_ucastkey.wk_cipher == &ieee80211_cipher_none) { 494 if (ic->ic_def_txkey == IEEE80211_KEYIX_NONE) { 495 IEEE80211_DPRINTF(ic, IEEE80211_MSG_CRYPTO, 496 "[%s] no default transmit key (%s) deftxkey %u\n", 497 ether_sprintf(wh->i_addr1), __func__, 498 ic->ic_def_txkey); 499 ic->ic_stats.is_tx_nodefkey++; 500 return NULL; 501 } 502 keyix = ic->ic_def_txkey; 503 k = &ic->ic_nw_keys[ic->ic_def_txkey]; 504 } else { 505 keyix = 0; 506 k = &ni->ni_ucastkey; 507 } 508 cip = k->wk_cipher; 509 return (cip->ic_encap(k, m, keyix<<6) ? k : NULL); 510} 511 512/* 513 * Validate and strip privacy headers (and trailer) for a 514 * received frame that has the WEP/Privacy bit set. 515 */ 516struct ieee80211_key * 517ieee80211_crypto_decap(struct ieee80211com *ic, 518 struct ieee80211_node *ni, struct mbuf *m) 519{ 520#define IEEE80211_WEP_HDRLEN (IEEE80211_WEP_IVLEN + IEEE80211_WEP_KIDLEN) 521#define IEEE80211_WEP_MINLEN \ 522 (sizeof(struct ieee80211_frame) + ETHER_HDR_LEN + \ 523 IEEE80211_WEP_HDRLEN + IEEE80211_WEP_CRCLEN) 524 struct ieee80211_key *k; 525 struct ieee80211_frame *wh; 526 const struct ieee80211_cipher *cip; 527 const u_int8_t *ivp; 528 u_int8_t keyid; 529 int hdrlen; 530 531 /* NB: this minimum size data frame could be bigger */ 532 if (m->m_pkthdr.len < IEEE80211_WEP_MINLEN) { 533 IEEE80211_DPRINTF(ic, IEEE80211_MSG_ANY, 534 "%s: WEP data frame too short, len %u\n", 535 __func__, m->m_pkthdr.len); 536 ic->ic_stats.is_rx_tooshort++; /* XXX need unique stat? */ 537 return NULL; 538 } 539 540 /* 541 * Locate the key. If unicast and there is no unicast 542 * key then we fall back to the key id in the header. 543 * This assumes unicast keys are only configured when 544 * the key id in the header is meaningless (typically 0). 545 */ 546 wh = mtod(m, struct ieee80211_frame *); 547 hdrlen = ieee80211_hdrsize(wh); 548 ivp = mtod(m, const u_int8_t *) + hdrlen; /* XXX contig */ 549 keyid = ivp[IEEE80211_WEP_IVLEN]; 550 if (IEEE80211_IS_MULTICAST(wh->i_addr1) || 551 ni->ni_ucastkey.wk_cipher == &ieee80211_cipher_none) 552 k = &ic->ic_nw_keys[keyid >> 6]; 553 else 554 k = &ni->ni_ucastkey; 555 556 /* 557 * Insure crypto header is contiguous for all decap work. 558 */ 559 cip = k->wk_cipher; 560 if (m->m_len < hdrlen + cip->ic_header && 561 (m = m_pullup(m, hdrlen + cip->ic_header)) == NULL) { 562 IEEE80211_DPRINTF(ic, IEEE80211_MSG_CRYPTO, 563 "[%s] unable to pullup %s header\n", 564 ether_sprintf(wh->i_addr2), cip->ic_name); 565 ic->ic_stats.is_rx_wepfail++; /* XXX */ 566 return 0; 567 } 568 569 return (cip->ic_decap(k, m) ? k : NULL); 570#undef IEEE80211_WEP_MINLEN 571#undef IEEE80211_WEP_HDRLEN 572} 573