1*5113495bSYour Name /* 2*5113495bSYour Name * Copyright (c) 2017-2018, 2020 The Linux Foundation. All rights reserved. 3*5113495bSYour Name * Copyright (c) 2022-2023 Qualcomm Innovation Center, Inc. All rights reserved. 4*5113495bSYour Name * 5*5113495bSYour Name * Permission to use, copy, modify, and/or distribute this software for 6*5113495bSYour Name * any purpose with or without fee is hereby granted, provided that the 7*5113495bSYour Name * above copyright notice and this permission notice appear in all 8*5113495bSYour Name * copies. 9*5113495bSYour Name * 10*5113495bSYour Name * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL 11*5113495bSYour Name * WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED 12*5113495bSYour Name * WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE 13*5113495bSYour Name * AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL 14*5113495bSYour Name * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR 15*5113495bSYour Name * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER 16*5113495bSYour Name * TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR 17*5113495bSYour Name * PERFORMANCE OF THIS SOFTWARE. 18*5113495bSYour Name */ 19*5113495bSYour Name 20*5113495bSYour Name /** 21*5113495bSYour Name * DOC: qdf_crypto.h 22*5113495bSYour Name * This file provides OS abstraction for crypto APIs. 23*5113495bSYour Name */ 24*5113495bSYour Name 25*5113495bSYour Name #if !defined(__QDF_CRYPTO_H) 26*5113495bSYour Name #define __QDF_CRYPTO_H 27*5113495bSYour Name 28*5113495bSYour Name /* Include Files */ 29*5113495bSYour Name #include "qdf_status.h" 30*5113495bSYour Name #include <qdf_types.h> 31*5113495bSYour Name #include <qdf_trace.h> 32*5113495bSYour Name 33*5113495bSYour Name /* Preprocessor definitions and constants */ 34*5113495bSYour Name #ifdef __cplusplus 35*5113495bSYour Name extern "C" { 36*5113495bSYour Name #endif /* __cplusplus */ 37*5113495bSYour Name 38*5113495bSYour Name #define AES_BLOCK_SIZE 16 39*5113495bSYour Name #define HMAC_SHA256_CRYPTO_TYPE "hmac(sha256)" 40*5113495bSYour Name #define HMAC_SHA386_CRYPTO_TYPE "hmac(sha384)" 41*5113495bSYour Name 42*5113495bSYour Name #define SHA256_CRYPTO_TYPE "sha256" 43*5113495bSYour Name #define SHA386_CRYPTO_TYPE "sha384" 44*5113495bSYour Name 45*5113495bSYour Name #define SHA256_DIGEST_SIZE 32 46*5113495bSYour Name #define SHA384_DIGEST_SIZE 48 47*5113495bSYour Name 48*5113495bSYour Name #define FIXED_PARAM_OFFSET_ASSOC_REQ 4 49*5113495bSYour Name #define FIXED_PARAM_OFFSET_ASSOC_RSP 6 50*5113495bSYour Name 51*5113495bSYour Name #define CMAC_TLEN 8 /* CMAC TLen = 64 bits (8 octets) */ 52*5113495bSYour Name #define AAD_LEN 20 53*5113495bSYour Name #define IEEE80211_MMIE_GMAC_MICLEN 16 54*5113495bSYour Name 55*5113495bSYour Name #define IS_VALID_CTR_KEY_LEN(len) ((((len) == 16) || ((len) == 32) || \ 56*5113495bSYour Name ((len) == 48)) ? 1 : 0) 57*5113495bSYour Name 58*5113495bSYour Name #define WLAN_MAX_PRF_INTERATIONS_COUNT 255 59*5113495bSYour Name 60*5113495bSYour Name /* Function declarations and documentation */ 61*5113495bSYour Name 62*5113495bSYour Name /** 63*5113495bSYour Name * qdf_get_hash: API to get hash using specific crypto and scatterlist 64*5113495bSYour Name * @type: crypto type 65*5113495bSYour Name * @element_cnt: scatterlist element count 66*5113495bSYour Name * @addr: scatterlist element array 67*5113495bSYour Name * @addr_len: element length array 68*5113495bSYour Name * @hash: new hash 69*5113495bSYour Name * 70*5113495bSYour Name * Return: 0 if success else error code 71*5113495bSYour Name */ 72*5113495bSYour Name int qdf_get_hash(uint8_t *type, uint8_t element_cnt, 73*5113495bSYour Name uint8_t *addr[], uint32_t *addr_len, 74*5113495bSYour Name int8_t *hash); 75*5113495bSYour Name 76*5113495bSYour Name /** 77*5113495bSYour Name * qdf_get_hmac_hash: API to get hmac hash using specific crypto and 78*5113495bSYour Name * scatterlist elements. 79*5113495bSYour Name * @type: crypto type 80*5113495bSYour Name * @key: key needs to be used for hmac api 81*5113495bSYour Name * @keylen: length of key 82*5113495bSYour Name * @element_cnt: scatterlist element count 83*5113495bSYour Name * @addr: scatterlist element array 84*5113495bSYour Name * @addr_len: element length array 85*5113495bSYour Name * @hash: new hash 86*5113495bSYour Name * 87*5113495bSYour Name * Return: 0 if success else error code 88*5113495bSYour Name */ 89*5113495bSYour Name int qdf_get_hmac_hash(uint8_t *type, uint8_t *key, 90*5113495bSYour Name uint32_t keylen, uint8_t element_cnt, 91*5113495bSYour Name uint8_t *addr[], uint32_t *addr_len, int8_t *hash); 92*5113495bSYour Name 93*5113495bSYour Name /** 94*5113495bSYour Name * qdf_default_hmac_sha256_kdf()- This API calculates key data using default kdf 95*5113495bSYour Name * defined in RFC4306. 96*5113495bSYour Name * @secret: key which needs to be used in crypto 97*5113495bSYour Name * @secret_len: key_len of secret 98*5113495bSYour Name * @label: PRF label 99*5113495bSYour Name * @optional_data: Data used for hash 100*5113495bSYour Name * @optional_data_len: data length 101*5113495bSYour Name * @key: key data output 102*5113495bSYour Name * @keylen: key data length 103*5113495bSYour Name * 104*5113495bSYour Name * This API creates default KDF as defined in RFC4306 105*5113495bSYour Name * PRF+ (K,S) = T1 | T2 | T3 | T4 | ... 106*5113495bSYour Name * T1 = PRF (K, S | 0x01) 107*5113495bSYour Name * T2 = PRF (K, T1 | S | 0x02) 108*5113495bSYour Name * T3 = PRF (K, T2 | S | 0x03) 109*5113495bSYour Name * T4 = PRF (K, T3 | S | 0x04) 110*5113495bSYour Name * 111*5113495bSYour Name * for every iteration its creates 32 bit of hash 112*5113495bSYour Name * 113*5113495bSYour Name * Return: QDF_STATUS 114*5113495bSYour Name */ 115*5113495bSYour Name QDF_STATUS 116*5113495bSYour Name qdf_default_hmac_sha256_kdf(uint8_t *secret, uint32_t secret_len, 117*5113495bSYour Name uint8_t *label, uint8_t *optional_data, 118*5113495bSYour Name uint32_t optional_data_len, uint8_t *key, 119*5113495bSYour Name uint32_t keylen); 120*5113495bSYour Name 121*5113495bSYour Name /** 122*5113495bSYour Name * qdf_get_keyed_hash: API to get hash using specific crypto and 123*5113495bSYour Name * scatterlist elements. 124*5113495bSYour Name * @alg: crypto type 125*5113495bSYour Name * @key: key needs to be used for hmac api 126*5113495bSYour Name * @key_len: length of key 127*5113495bSYour Name * @src: scatterlist element array 128*5113495bSYour Name * @src_len: scatterlist element length array 129*5113495bSYour Name * @num_elements: scatterlist element count 130*5113495bSYour Name * @out: calculated hash 131*5113495bSYour Name * 132*5113495bSYour Name * Return: 0 if success else error code 133*5113495bSYour Name */ 134*5113495bSYour Name int qdf_get_keyed_hash(const char *alg, const uint8_t *key, 135*5113495bSYour Name unsigned int key_len, const uint8_t *src[], 136*5113495bSYour Name size_t *src_len, size_t num_elements, uint8_t *out); 137*5113495bSYour Name 138*5113495bSYour Name /** 139*5113495bSYour Name * qdf_update_dbl: This API does the doubling operation as defined in RFC5297 140*5113495bSYour Name * @d: input for doubling 141*5113495bSYour Name * 142*5113495bSYour Name * Return: None 143*5113495bSYour Name */ 144*5113495bSYour Name void qdf_update_dbl(uint8_t *d); 145*5113495bSYour Name 146*5113495bSYour Name /** 147*5113495bSYour Name * qdf_aes_s2v: This API gets vector from AES string as defined in RFC5297 148*5113495bSYour Name * output length will be AES_BLOCK_SIZE. 149*5113495bSYour Name * @key: key used for operation 150*5113495bSYour Name * @key_len: key len 151*5113495bSYour Name * @s: addresses of elements to be used 152*5113495bSYour Name * @s_len: array of element length 153*5113495bSYour Name * @num_s: number of elements 154*5113495bSYour Name * @out: pointer to output vector 155*5113495bSYour Name * 156*5113495bSYour Name * Return: 0 if success else Error number 157*5113495bSYour Name */ 158*5113495bSYour Name int qdf_aes_s2v(const uint8_t *key, unsigned int key_len, const uint8_t *s[], 159*5113495bSYour Name size_t s_len[], size_t num_s, uint8_t *out); 160*5113495bSYour Name 161*5113495bSYour Name /** 162*5113495bSYour Name * qdf_aes_ctr: This API defines AES Counter Mode 163*5113495bSYour Name * @key: key used for operation 164*5113495bSYour Name * @key_len: key len 165*5113495bSYour Name * @siv: Initialization vector 166*5113495bSYour Name * @src: input 167*5113495bSYour Name * @src_len: input len 168*5113495bSYour Name * @dest: output 169*5113495bSYour Name * @enc: if encryption needs to be done or decryption 170*5113495bSYour Name * 171*5113495bSYour Name * Return: 0 if success else Error number 172*5113495bSYour Name */ 173*5113495bSYour Name int qdf_aes_ctr(const uint8_t *key, unsigned int key_len, uint8_t *siv, 174*5113495bSYour Name const uint8_t *src, size_t src_len, uint8_t *dest, bool enc); 175*5113495bSYour Name 176*5113495bSYour Name /** 177*5113495bSYour Name * qdf_crypto_aes_gmac: This API calculates MIC for GMAC 178*5113495bSYour Name * @key: key used for operation 179*5113495bSYour Name * @key_length: key length 180*5113495bSYour Name * @iv: Initialization vector 181*5113495bSYour Name * @aad: Additional authentication data 182*5113495bSYour Name * @data: Pointer to data 183*5113495bSYour Name * @data_len: Length of data 184*5113495bSYour Name * @mic: Pointer to MIC 185*5113495bSYour Name * 186*5113495bSYour Name * Return: 0 if success else Error number 187*5113495bSYour Name */ 188*5113495bSYour Name int qdf_crypto_aes_gmac(const uint8_t *key, uint16_t key_length, 189*5113495bSYour Name uint8_t *iv, const uint8_t *aad, 190*5113495bSYour Name const uint8_t *data, uint16_t data_len, uint8_t *mic); 191*5113495bSYour Name 192*5113495bSYour Name /** 193*5113495bSYour Name * qdf_crypto_aes_128_cmac: This API calculates MIC for AES 128 CMAC 194*5113495bSYour Name * @key: key used for operation 195*5113495bSYour Name * @data: Pointer to data 196*5113495bSYour Name * @len: Length of data 197*5113495bSYour Name * @mic: Pointer to MIC 198*5113495bSYour Name * 199*5113495bSYour Name * Return: 0 if success else Error number 200*5113495bSYour Name */ 201*5113495bSYour Name int qdf_crypto_aes_128_cmac(const uint8_t *key, const uint8_t *data, 202*5113495bSYour Name uint16_t len, uint8_t *mic); 203*5113495bSYour Name 204*5113495bSYour Name #ifdef __cplusplus 205*5113495bSYour Name } 206*5113495bSYour Name #endif /* __cplusplus */ 207*5113495bSYour Name #endif /* __QDF_CRYPTO_H */ 208