Page MenuHomeFreeBSD
Differential D44921

net80211: add 256 bit CCMP support
Needs RevisionPublic
Actions

Authored by adrian on Tue, Apr 23, 11:29 PM.
Tags
Referenced Files
Unknown Object (File)
Mon, Apr 29, 8:03 PM
Unknown Object (File)
Fri, Apr 26, 4:53 PM
Unknown Object (File)
Fri, Apr 26, 12:02 PM
Unknown Object (File)
Fri, Apr 26, 3:03 AM
Unknown Object (File)
Fri, Apr 26, 2:59 AM
Unknown Object (File)
Fri, Apr 26, 2:59 AM
Unknown Object (File)
Fri, Apr 26, 2:59 AM
Unknown Object (File)
Thu, Apr 25, 8:56 PM
Subscribers
bz
cc
emaste
glebius
imp
melifaro

Details

Reviewers
bz
cc
Group Reviewers
wireless
Summary
  • Split the ccmp support into ccmp_128 and ccmp_256 configs
  • use methods to reference the header/trailer size based on the key being used
  • Modify the CCM header to use 8 or 16 byte MIC appropriately.

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Skipped
Unit
Tests Skipped
Build Status
Buildable 57437
Build 54325: arc lint + arc unit

Event Timeline

adrian created this revision.Tue, Apr 23, 11:29 PM
Herald added subscribers: glebius, melifaro, imp. · View Herald TranscriptTue, Apr 23, 11:29 PM
adrian requested review of this revision.Tue, Apr 23, 11:29 PM
Harbormaster completed remote builds in B57314: Diff 137583.Tue, Apr 23, 11:29 PM
adrian updated this revision to Diff 137584.Tue, Apr 23, 11:30 PM

add diff url

Harbormaster completed remote builds in B57315: Diff 137584.Tue, Apr 23, 11:30 PM
adrian added a parent revision: D44920: net80211: bump maximum key size to 384 bits.Tue, Apr 23, 11:30 PM
adrian added a child revision: D44922: wpa: add cipher flag support for the new ciphers.Tue, Apr 23, 11:58 PM
adrian added a reviewer: wireless.Wed, Apr 24, 12:01 AM
adrian added a project: wireless.
adrian updated this revision to Diff 137618.Wed, Apr 24, 7:18 PM

add missing RSN parsing stuff for hostapd

Harbormaster completed remote builds in B57332: Diff 137618.Wed, Apr 24, 7:18 PM
bz requested changes to this revision.Thu, Apr 25, 3:22 AM
bz added a subscriber: bz.

I haven't reviewed the actual function changes yet; just scrolled through

sys/net80211/ieee80211_crypto_ccmp.c
160

Use the #define please and not magic numbers in this function.

412

Unbalanced ()

This revision now requires changes to proceed.Thu, Apr 25, 3:22 AM
adrian updated this revision to Diff 137806.Sun, Apr 28, 11:25 PM

update to compile w/ stack changes

Harbormaster completed remote builds in B57437: Diff 137806.Sun, Apr 28, 11:25 PM
cc mentioned this in D44901: net80211: allow a single wlan crypto module to register for >1 cipher.Mon, Apr 29, 5:01 PM
cc requested changes to this revision.Mon, Apr 29, 9:00 PM
cc added a subscriber: cc.
cc added inline comments.
sys/net80211/ieee80211_crypto_ccmp.c
156–157

The "ccm_m" meaning is opaque. Please add comment about this function's usage. And why is it returning int instead of uint32_t?

After reading rfc3610 section-2, M means Number of octets in authentication field, and the values are enumerated as 4, 6, 8, 10, 12, 14, and 16 octets. So I think better to use enum values instead of defined values. However, how to pick up a valid value is not clear to me. Would you please explain how/why the values are chosen?

https://datatracker.ietf.org/doc/html/rfc3610#section-2

249

Because there are multiple/repeated use of the ccmp_get_header_len(key) per-key, suggest use two constant variables in the beginning to make it clear.

Like this:

	int is_mgmt;
	const int h_len = ccmp_get_header_len(key);
	const int t_len = ccmp_get_trailer_len(key);
403–404

Don't need a new line for uint32_t m. Can put it ahead of the next two like this:

	uint32_t m, u_int64_t pn, size_t dlen,
417

I think "now M=3 after the above line calculation for 8-octet MIC". So M=3.

421

This comment looks to be confusing as it missed the description of the values after Encoding. I don't understand where does Adata come from or what does it mean of these 0x01 = L=2, 0x18 = M=8. Please add more explanation about if "the value L=1 is reserved" and if "0x18 = (m << 3) after m = (m - 2) / 2 when the input M is 8".

Also either add spaces between = or no spaces like above.
But don't mix spaces like this 0x01 = L=2.

529

Because there are multiple/repeated use of the ccmp_get_header_len(key) and the ccmp_get_trailer_len(key) per-key, suggest use two constant variables in the beginning.

Like this:

	uint8_t *pos;
	const int h_len = ccmp_get_header_len(key);
	const int t_len = ccmp_get_trailer_len(key);
530–533

Need re-alignment to use less new lines.

Like this:

	ccmp_init_blocks(&ctx->cc_aes, wh, ccmp_get_ccm_m(key),
			 key->wk_keytsc, data_len, b0, aad, b, s0);
679–680

Because there are multiple/repeated use of the ccmp_get_header_len(key) and the ccmp_get_trailer_len(key) per-key, suggest use two constant variables in the beginning.

Like this:

	u_int space;
	const int h_len = ccmp_get_header_len(key);
	const int t_len = ccmp_get_trailer_len(key);
681–683

Need re-alignment to use less new lines.

sys/net80211/ieee80211_hostap.c
1506–1509

Suggest keep the order of CCM-128 first, like this:

	if (w & (1 << IEEE80211_CIPHER_AES_CCM))
		rsn->rsn_ucastcipher = IEEE80211_CIPHER_AES_CCM;
	else if (w & (1 << IEEE80211_CIPHER_AES_CCM_256))
		rsn->rsn_ucastcipher = IEEE80211_CIPHER_AES_CCM_256;
This revision now requires changes to proceed.Mon, Apr 29, 9:00 PM
emaste added a subscriber: emaste.Tue, Apr 30, 4:38 PM

Revision Contents
Changeset List

PathSize
sys/
net80211/
3 lines
125 lines
9 lines

Diff 137806

View Options

sys/net80211/ieee80211_crypto.c

Loading...
View Options

sys/net80211/ieee80211_crypto_ccmp.c

Loading...
View Options

sys/net80211/ieee80211_hostap.c

Loading...