summaryrefslogtreecommitdiff
path: root/net/mac80211/aes_cmac.c
AgeCommit message (Collapse)AuthorFilesLines
2021-04-19mac80211: aes_cmac: check crypto_shash_setkey() return valueJohannes Berg1-2/+9
As crypto_shash_setkey() can fail, we should check the return value. Addresses-Coverity-ID: 1401813 ("Unchecked return value") Signed-off-by: Johannes Berg <johannes.berg@intel.com> Signed-off-by: Luca Coelho <luciano.coelho@intel.com> Link: https://lore.kernel.org/r/iwlwifi.20210409123755.533ff7acf1d2.I034bafa201c4a6823333f8410aeaa60cca5ee9e0@changeid Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2020-02-24mac80211: Update BIP to support Beacon framesJouni Malinen1-2/+19
When BIP is used to protect Beacon frames, the Timestamp field is masked to zero. Otherwise, the BIP processing is identical to the way it was already used with group-addressed Robust Management frames. Signed-off-by: Jouni Malinen <jouni@codeaurora.org> Link: https://lore.kernel.org/r/20200222132548.20835-4-jouni@codeaurora.org Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2019-06-19treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500Thomas Gleixner1-4/+1
Based on 2 normalized pattern(s): this program is free software you can redistribute it and or modify it under the terms of the gnu general public license version 2 as published by the free software foundation this program is free software you can redistribute it and or modify it under the terms of the gnu general public license version 2 as published by the free software foundation # extracted by the scancode license scanner the SPDX license identifier GPL-2.0-only has been chosen to replace the boilerplate/reference in 4122 file(s). Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Reviewed-by: Enrico Weigelt <info@metux.net> Reviewed-by: Kate Stewart <kstewart@linuxfoundation.org> Reviewed-by: Allison Randal <allison@lohutok.net> Cc: linux-spdx@vger.kernel.org Link: https://lkml.kernel.org/r/20190604081206.933168790@linutronix.de Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2017-02-08mac80211: aes-cmac: switch to shash CMAC driverArd Biesheuvel1-101/+25
Instead of open coding the CMAC algorithm in the mac80211 driver using byte wide xors and calls into the crypto layer for each block of data, instantiate a cmac(aes) synchronous hash and pass all the data into it directly. This does not only simplify the code, it also allows the use of more efficient and more secure implementations, especially on platforms where SIMD ciphers have a considerable setup cost. Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2016-10-27mac80211: FILS AEAD protection for station mode association framesJouni Malinen1-4/+4
This adds support for encrypting (Re)Association Request frame and decryption (Re)Association Response frame when using FILS in station mode. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com> Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2015-08-13mac80211: remove ieee80211_aes_cmac_calculate_k1_k2()Johannes Berg1-17/+0
The iwlwifi driver was the only driver that used this, but as it turns out it never needed it, so we can remove it. Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2015-01-27mac80111: Add BIP-CMAC-256 cipherJouni Malinen1-8/+26
This allows mac80211 to configure BIP-CMAC-256 to the driver and also use software-implementation within mac80211 when the driver does not support this with hardware accelaration. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com> Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2013-12-18mac80211: fix checkpatch errorsWeilong Chen1-1/+1
Fix a number of different checkpatch errors. Signed-off-by: Weilong Chen <chenweilong@huawei.com> Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2012-11-07mac80211: include export.h in aes_cmacEmmanuel Grumbach1-0/+1
This is needed since this file exports functions. Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com> Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2012-10-23mac80211: expose AES-CMAC subkey calculationAssaf Krauss1-0/+17
Expose a function for the AES-CMAC subkey calculation to drivers. This is the first step of the AES-CMAC cipher key setup and may be required for CMAC hardware offloading. Signed-off-by: Assaf Krauss <assaf.krauss@intel.com> Reviewed-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com> Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2012-08-20mac80211: simplify buffers in aes_128_cmac_vectorJohannes Berg1-5/+1
There's no need to use a single scratch buffer and calculate offsets into it, just use two separate buffers for the separate variables. Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2011-07-08mac80211: use AES_BLOCK_SIZEJohannes Berg1-1/+1
mac80211 has a defnition of AES_BLOCK_SIZE and multiple definitions of AES_BLOCK_LEN. Remove them all and use crypto/aes.h. Signed-off-by: Johannes Berg <johannes.berg@intel.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
2011-07-08mac80211: fix CMAC racesJohannes Berg1-4/+4
Just like TKIP and CCMP, CMAC has the PN race. It might not actually be possible to hit it now since there aren't multiple ACs for management frames, but fix it anyway. Also move scratch buffers onto the stack. Signed-off-by: Johannes Berg <johannes.berg@intel.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
2010-11-15mac80211: Remove redundant checks for NULL before calls to crypto_free_cipher()Jesper Juhl1-2/+1
crypto_free_cipher() is a wrapper around crypto_free_tfm() which is a wrapper around crypto_destroy_tfm() and the latter can handle being passed a NULL pointer, so checking for NULL in the ieee80211_aes_key_free()/ieee80211_aes_cmac_key_free() wrappers around crypto_free_cipher() is pointless and just increase object code size needlesly and makes us execute extra test/branch instructions that we don't need. Btw; don't we have to many wrappers around wrappers ad nauseam here? Anyway, this patch removes the redundant conditionals. Signed-off-by: Jesper Juhl <jj@chaosbits.net> Signed-off-by: John W. Linville <linville@tuxdriver.com>
2010-08-16mac80211: Don't squash error codes in key setup functionsBen Hutchings1-4/+2
ieee80211_add_key() currently returns -ENOMEM in case of any error, including a missing crypto algorithm. Change ieee80211_key_alloc() and ieee80211_aes_{key_setup_encrypt,cmac_key_setup}() to encode errors with ERR_PTR() rather than returning NULL, and change ieee80211_add_key() accordingly. Compile-tested only. Reported-by: Marcin Owsiany <porridge@debian.org> Signed-off-by: Ben Hutchings <ben@decadent.org.uk> Acked-by: Johannes Berg <johannes@sipsolutions.net> Signed-off-by: John W. Linville <linville@tuxdriver.com>
2009-01-30mac80211: 802.11w - Add BIP (AES-128-CMAC)Jouni Malinen1-0/+135
Implement Broadcast/Multicast Integrity Protocol for management frame protection. This patch adds the needed definitions for the new information element (MMIE) and implementation for the new "encryption" type (though, BIP is actually not encrypting data, it provides only integrity protection). These routines will be used by a follow-on patch that enables BIP for multicast/broadcast robust management frames. Signed-off-by: Jouni Malinen <j@w1.fi> Acked-by: Johannes Berg <johannes@sipsolutions.net> Signed-off-by: John W. Linville <linville@tuxdriver.com>