crypto/src/wlan_crypto_global_api.c

*5113495bSYour Name/*
*5113495bSYour Name * Copyright (c) 2017-2021 The Linux Foundation. All rights reserved.
*5113495bSYour Name * Copyright (c) 2021-2024 Qualcomm Innovation Center, Inc. All rights reserved.
*5113495bSYour Name *
*5113495bSYour Name * Permission to use, copy, modify, and/or distribute this software for
*5113495bSYour Name * any purpose with or without fee is hereby granted, provided that the
*5113495bSYour Name * above copyright notice and this permission notice appear in all
*5113495bSYour Name * copies.
*5113495bSYour Name *
*5113495bSYour Name * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL
*5113495bSYour Name * WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED
*5113495bSYour Name * WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE
*5113495bSYour Name * AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
*5113495bSYour Name * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
*5113495bSYour Name * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER
*5113495bSYour Name * TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
*5113495bSYour Name * PERFORMANCE OF THIS SOFTWARE.
*5113495bSYour Name */
*5113495bSYour Name
*5113495bSYour Name/**
*5113495bSYour Name * DOC: Public APIs for crypto service
*5113495bSYour Name */
*5113495bSYour Name
*5113495bSYour Name#include <qdf_types.h>
*5113495bSYour Name#include <wlan_cmn.h>
*5113495bSYour Name#include <wlan_objmgr_cmn.h>
*5113495bSYour Name#include <wlan_objmgr_global_obj.h>
*5113495bSYour Name#include <wlan_objmgr_psoc_obj.h>
*5113495bSYour Name#include <wlan_objmgr_pdev_obj.h>
*5113495bSYour Name#include <wlan_objmgr_vdev_obj.h>
*5113495bSYour Name#include <wlan_objmgr_peer_obj.h>
*5113495bSYour Name#include <wlan_utility.h>
*5113495bSYour Name#include <wlan_cp_stats_utils_api.h>
*5113495bSYour Name
*5113495bSYour Name#include "wlan_crypto_global_def.h"
*5113495bSYour Name#include "wlan_crypto_global_api.h"
*5113495bSYour Name#include "wlan_crypto_def_i.h"
*5113495bSYour Name#include "wlan_crypto_param_handling_i.h"
*5113495bSYour Name#include "wlan_crypto_obj_mgr_i.h"
*5113495bSYour Name#include "wlan_crypto_main.h"
*5113495bSYour Name#include <qdf_module.h>
*5113495bSYour Name
*5113495bSYour Nameconst struct wlan_crypto_cipher *wlan_crypto_cipher_ops[WLAN_CRYPTO_CIPHER_MAX];
*5113495bSYour Name
*5113495bSYour Name#define WPA_ADD_CIPHER_TO_SUITE(frm, cipher) \
*5113495bSYour Name	WLAN_CRYPTO_ADDSELECTOR(frm,\
*5113495bSYour Name				wlan_crypto_wpa_cipher_to_suite(cipher))
*5113495bSYour Name
*5113495bSYour Name#define RSN_ADD_CIPHER_TO_SUITE(frm, cipher) \
*5113495bSYour Name	WLAN_CRYPTO_ADDSELECTOR(frm,\
*5113495bSYour Name				wlan_crypto_rsn_cipher_to_suite(cipher))
*5113495bSYour Name
*5113495bSYour Name#define WPA_ADD_KEYMGMT_TO_SUITE(frm, keymgmt)\
*5113495bSYour Name	WLAN_CRYPTO_ADDSELECTOR(frm,\
*5113495bSYour Name				wlan_crypto_wpa_keymgmt_to_suite(keymgmt))
*5113495bSYour Name
*5113495bSYour Name#define RSN_ADD_KEYMGMT_TO_SUITE(frm, keymgmt)\
*5113495bSYour Name	WLAN_CRYPTO_ADDSELECTOR(frm,\
*5113495bSYour Name				wlan_crypto_rsn_keymgmt_to_suite(keymgmt))
*5113495bSYour Name
*5113495bSYour Namebool is_valid_keyix(uint16_t keyix)
*5113495bSYour Name{
*5113495bSYour Name	if (keyix >= (WLAN_CRYPTO_MAXKEYIDX + WLAN_CRYPTO_MAXIGTKKEYIDX
*5113495bSYour Name			+ WLAN_CRYPTO_MAXBIGTKKEYIDX))
*5113495bSYour Name		return 0;
*5113495bSYour Name	else
*5113495bSYour Name		return 1;
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour Namebool is_igtk(uint16_t keyix)
*5113495bSYour Name{
*5113495bSYour Name	if (keyix < WLAN_CRYPTO_MAXKEYIDX)
*5113495bSYour Name		return 0;
*5113495bSYour Name	else if (keyix - WLAN_CRYPTO_MAXKEYIDX >= WLAN_CRYPTO_MAXIGTKKEYIDX)
*5113495bSYour Name		return 0;
*5113495bSYour Name	else
*5113495bSYour Name		return 1;
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour Namebool is_bigtk(uint16_t keyix)
*5113495bSYour Name{
*5113495bSYour Name	if (keyix < (WLAN_CRYPTO_MAXKEYIDX + WLAN_CRYPTO_MAXIGTKKEYIDX))
*5113495bSYour Name		return 0;
*5113495bSYour Name	if (keyix - WLAN_CRYPTO_MAXKEYIDX - WLAN_CRYPTO_MAXIGTKKEYIDX
*5113495bSYour Name						>= WLAN_CRYPTO_MAXBIGTKKEYIDX)
*5113495bSYour Name		return 0;
*5113495bSYour Name	else
*5113495bSYour Name		return 1;
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour Namebool is_gtk(uint16_t keyix)
*5113495bSYour Name{
*5113495bSYour Name	if (keyix == 1 || keyix == 2)
*5113495bSYour Name		return 1;
*5113495bSYour Name	else
*5113495bSYour Name		return 0;
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour Name/**
*5113495bSYour Name * wlan_crypto_vdev_get_comp_params() - called by mlme to get crypto params
*5113495bSYour Name * @vdev: vdev
*5113495bSYour Name * @crypto_priv: location to store pointer to the crypto private data
*5113495bSYour Name *
*5113495bSYour Name * This function gets called by mlme to get crypto params
*5113495bSYour Name *
*5113495bSYour Name * Return: wlan_crypto_params or NULL in case of failure
*5113495bSYour Name */
*5113495bSYour Namestatic struct wlan_crypto_params *wlan_crypto_vdev_get_comp_params(
*5113495bSYour Name				struct wlan_objmgr_vdev *vdev,
*5113495bSYour Name				struct wlan_crypto_comp_priv **crypto_priv)
*5113495bSYour Name{
*5113495bSYour Name	*crypto_priv = (struct wlan_crypto_comp_priv *)
*5113495bSYour Name					wlan_get_vdev_crypto_obj(vdev);
*5113495bSYour Name	if (!(*crypto_priv)) {
*5113495bSYour Name		crypto_err("crypto_priv NULL");
*5113495bSYour Name		return NULL;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	return &((*crypto_priv)->crypto_params);
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour Name/**
*5113495bSYour Name * wlan_crypto_peer_get_comp_params() - called by mlme to get crypto params
*5113495bSYour Name * @peer: peer
*5113495bSYour Name * @crypto_priv: location to store pointer to the crypto private data
*5113495bSYour Name *
*5113495bSYour Name * This function gets called by mlme to get crypto params
*5113495bSYour Name *
*5113495bSYour Name * Return: wlan_crypto_params or NULL in case of failure
*5113495bSYour Name */
*5113495bSYour Namestatic struct wlan_crypto_params *wlan_crypto_peer_get_comp_params(
*5113495bSYour Name				struct wlan_objmgr_peer *peer,
*5113495bSYour Name				struct wlan_crypto_comp_priv **crypto_priv)
*5113495bSYour Name{
*5113495bSYour Name
*5113495bSYour Name	*crypto_priv = (struct wlan_crypto_comp_priv *)
*5113495bSYour Name					wlan_get_peer_crypto_obj(peer);
*5113495bSYour Name	if (!*crypto_priv) {
*5113495bSYour Name		crypto_err("crypto_priv NULL");
*5113495bSYour Name		return NULL;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	return &((*crypto_priv)->crypto_params);
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour Namestatic QDF_STATUS wlan_crypto_set_igtk_key(struct wlan_crypto_key *key)
*5113495bSYour Name{
*5113495bSYour Name	return QDF_STATUS_SUCCESS;
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour Name/**
*5113495bSYour Name * wlan_crypto_set_param() - called by ucfg to set crypto param
*5113495bSYour Name * @crypto_params: crypto_params
*5113495bSYour Name * @param: param to be set.
*5113495bSYour Name * @value: value
*5113495bSYour Name *
*5113495bSYour Name * This function gets called from ucfg to set param
*5113495bSYour Name *
*5113495bSYour Name * Return: QDF_STATUS_SUCCESS - in case of success
*5113495bSYour Name */
*5113495bSYour Namestatic QDF_STATUS wlan_crypto_set_param(struct wlan_crypto_params *crypto_params,
*5113495bSYour Name					wlan_crypto_param_type param,
*5113495bSYour Name					uint32_t value)
*5113495bSYour Name{
*5113495bSYour Name	QDF_STATUS status = QDF_STATUS_E_INVAL;
*5113495bSYour Name
*5113495bSYour Name	crypto_debug("param %d, value %d", param, value);
*5113495bSYour Name	switch (param) {
*5113495bSYour Name	case WLAN_CRYPTO_PARAM_AUTH_MODE:
*5113495bSYour Name		status = wlan_crypto_set_authmode(crypto_params, value);
*5113495bSYour Name		break;
*5113495bSYour Name	case WLAN_CRYPTO_PARAM_UCAST_CIPHER:
*5113495bSYour Name		status = wlan_crypto_set_ucastciphers(crypto_params, value);
*5113495bSYour Name		break;
*5113495bSYour Name	case WLAN_CRYPTO_PARAM_MCAST_CIPHER:
*5113495bSYour Name		status = wlan_crypto_set_mcastcipher(crypto_params, value);
*5113495bSYour Name		break;
*5113495bSYour Name	case WLAN_CRYPTO_PARAM_MGMT_CIPHER:
*5113495bSYour Name		status = wlan_crypto_set_mgmtcipher(crypto_params, value);
*5113495bSYour Name		break;
*5113495bSYour Name	case WLAN_CRYPTO_PARAM_CIPHER_CAP:
*5113495bSYour Name		status = wlan_crypto_set_cipher_cap(crypto_params, value);
*5113495bSYour Name		break;
*5113495bSYour Name	case WLAN_CRYPTO_PARAM_RSN_CAP:
*5113495bSYour Name		status = wlan_crypto_set_rsn_cap(crypto_params,	value);
*5113495bSYour Name		break;
*5113495bSYour Name	case WLAN_CRYPTO_PARAM_RSNX_CAP:
*5113495bSYour Name		status = wlan_crypto_set_rsnx_cap(crypto_params, value);
*5113495bSYour Name		break;
*5113495bSYour Name	case WLAN_CRYPTO_PARAM_KEY_MGMT:
*5113495bSYour Name		status = wlan_crypto_set_key_mgmt(crypto_params, value);
*5113495bSYour Name		break;
*5113495bSYour Name	default:
*5113495bSYour Name		status = QDF_STATUS_E_INVAL;
*5113495bSYour Name	}
*5113495bSYour Name	return status;
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour NameQDF_STATUS wlan_crypto_set_vdev_param(struct wlan_objmgr_vdev *vdev,
*5113495bSYour Name					wlan_crypto_param_type param,
*5113495bSYour Name					uint32_t value)
*5113495bSYour Name{
*5113495bSYour Name	QDF_STATUS status = QDF_STATUS_E_INVAL;
*5113495bSYour Name	struct wlan_crypto_comp_priv *crypto_priv;
*5113495bSYour Name	struct wlan_crypto_params *crypto_params;
*5113495bSYour Name
*5113495bSYour Name	crypto_priv = (struct wlan_crypto_comp_priv *)
*5113495bSYour Name					wlan_get_vdev_crypto_obj(vdev);
*5113495bSYour Name
*5113495bSYour Name	if (!crypto_priv) {
*5113495bSYour Name		crypto_err("crypto_priv NULL");
*5113495bSYour Name		return QDF_STATUS_E_INVAL;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	crypto_params = &(crypto_priv->crypto_params);
*5113495bSYour Name
*5113495bSYour Name	status = wlan_crypto_set_param(crypto_params, param, value);
*5113495bSYour Name
*5113495bSYour Name	return status;
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour NameQDF_STATUS wlan_crypto_set_peer_param(struct wlan_objmgr_peer *peer,
*5113495bSYour Name				wlan_crypto_param_type param,
*5113495bSYour Name				uint32_t value)
*5113495bSYour Name{
*5113495bSYour Name	QDF_STATUS status = QDF_STATUS_E_INVAL;
*5113495bSYour Name	struct wlan_crypto_comp_priv *crypto_priv;
*5113495bSYour Name	struct wlan_crypto_params *crypto_params;
*5113495bSYour Name
*5113495bSYour Name	crypto_params = wlan_crypto_peer_get_comp_params(peer,
*5113495bSYour Name							&crypto_priv);
*5113495bSYour Name
*5113495bSYour Name	if (!crypto_priv) {
*5113495bSYour Name		crypto_err("crypto_priv NULL");
*5113495bSYour Name		return QDF_STATUS_E_INVAL;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	crypto_params = &(crypto_priv->crypto_params);
*5113495bSYour Name
*5113495bSYour Name	status = wlan_crypto_set_param(crypto_params, param, value);
*5113495bSYour Name
*5113495bSYour Name	return status;
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour Name/**
*5113495bSYour Name * wlan_crypto_get_param_value() - called by crypto APIs to get value for param
*5113495bSYour Name * @param: Crypto param type
*5113495bSYour Name * @crypto_params: Crypto params struct
*5113495bSYour Name *
*5113495bSYour Name * This function gets called from in-within crypto layer
*5113495bSYour Name *
*5113495bSYour Name * Return: value or -1 for failure
*5113495bSYour Name */
*5113495bSYour Namestatic int32_t wlan_crypto_get_param_value(wlan_crypto_param_type param,
*5113495bSYour Name				struct wlan_crypto_params *crypto_params)
*5113495bSYour Name{
*5113495bSYour Name	int32_t value;
*5113495bSYour Name
*5113495bSYour Name	switch (param) {
*5113495bSYour Name	case WLAN_CRYPTO_PARAM_AUTH_MODE:
*5113495bSYour Name		value = wlan_crypto_get_authmode(crypto_params);
*5113495bSYour Name		break;
*5113495bSYour Name	case WLAN_CRYPTO_PARAM_UCAST_CIPHER:
*5113495bSYour Name		value = wlan_crypto_get_ucastciphers(crypto_params);
*5113495bSYour Name		break;
*5113495bSYour Name	case WLAN_CRYPTO_PARAM_MCAST_CIPHER:
*5113495bSYour Name		value = wlan_crypto_get_mcastcipher(crypto_params);
*5113495bSYour Name		break;
*5113495bSYour Name	case WLAN_CRYPTO_PARAM_MGMT_CIPHER:
*5113495bSYour Name		value = wlan_crypto_get_mgmtciphers(crypto_params);
*5113495bSYour Name		break;
*5113495bSYour Name	case WLAN_CRYPTO_PARAM_CIPHER_CAP:
*5113495bSYour Name		value = wlan_crypto_get_cipher_cap(crypto_params);
*5113495bSYour Name		break;
*5113495bSYour Name	case WLAN_CRYPTO_PARAM_RSN_CAP:
*5113495bSYour Name		value = wlan_crypto_get_rsn_cap(crypto_params);
*5113495bSYour Name		break;
*5113495bSYour Name	case WLAN_CRYPTO_PARAM_KEY_MGMT:
*5113495bSYour Name		value = wlan_crypto_get_key_mgmt(crypto_params);
*5113495bSYour Name		break;
*5113495bSYour Name	default:
*5113495bSYour Name		value = -1;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	return value;
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour Nameint32_t wlan_crypto_get_param(struct wlan_objmgr_vdev *vdev,
*5113495bSYour Name			      wlan_crypto_param_type param)
*5113495bSYour Name{
*5113495bSYour Name	int32_t value = -1;
*5113495bSYour Name	struct wlan_crypto_comp_priv *crypto_priv;
*5113495bSYour Name	struct wlan_crypto_params *crypto_params;
*5113495bSYour Name	crypto_priv = (struct wlan_crypto_comp_priv *)
*5113495bSYour Name				wlan_get_vdev_crypto_obj(vdev);
*5113495bSYour Name
*5113495bSYour Name	if (!crypto_priv) {
*5113495bSYour Name		crypto_err("crypto_priv NULL");
*5113495bSYour Name		return value;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	crypto_params = &(crypto_priv->crypto_params);
*5113495bSYour Name	value = wlan_crypto_get_param_value(param, crypto_params);
*5113495bSYour Name
*5113495bSYour Name	return value;
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour Nameint32_t wlan_crypto_get_peer_param(struct wlan_objmgr_peer *peer,
*5113495bSYour Name				   wlan_crypto_param_type param)
*5113495bSYour Name{
*5113495bSYour Name	int32_t value = -1;
*5113495bSYour Name	struct wlan_crypto_comp_priv *crypto_priv;
*5113495bSYour Name	struct wlan_crypto_params *crypto_params;
*5113495bSYour Name
*5113495bSYour Name	crypto_params = wlan_crypto_peer_get_comp_params(peer,
*5113495bSYour Name							&crypto_priv);
*5113495bSYour Name
*5113495bSYour Name	if (!crypto_params) {
*5113495bSYour Name		crypto_err("crypto_params NULL");
*5113495bSYour Name		return value;
*5113495bSYour Name	}
*5113495bSYour Name	value = wlan_crypto_get_param_value(param, crypto_params);
*5113495bSYour Name
*5113495bSYour Name	return value;
*5113495bSYour Name}
*5113495bSYour Nameqdf_export_symbol(wlan_crypto_get_peer_param);
*5113495bSYour Name
*5113495bSYour Namestatic
*5113495bSYour NameQDF_STATUS wlan_crypto_del_pmksa(struct wlan_crypto_params *crypto_params,
*5113495bSYour Name				 struct wlan_crypto_pmksa *pmksa);
*5113495bSYour Name
*5113495bSYour Namestatic
*5113495bSYour NameQDF_STATUS wlan_crypto_set_pmksa(struct wlan_crypto_params *crypto_params,
*5113495bSYour Name				 struct wlan_crypto_pmksa *pmksa)
*5113495bSYour Name{
*5113495bSYour Name	uint8_t i, first_available_slot = 0;
*5113495bSYour Name	bool slot_found = false;
*5113495bSYour Name
*5113495bSYour Name	/* Delete the old entry and then Add new entry */
*5113495bSYour Name	wlan_crypto_del_pmksa(crypto_params, pmksa);
*5113495bSYour Name
*5113495bSYour Name	/* find the empty slot as duplicate is already deleted */
*5113495bSYour Name	for (i = 0; i < WLAN_CRYPTO_MAX_PMKID; i++) {
*5113495bSYour Name		if (!crypto_params->pmksa[i]) {
*5113495bSYour Name			slot_found = true;
*5113495bSYour Name			first_available_slot = i;
*5113495bSYour Name			break;
*5113495bSYour Name		}
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	if (i == WLAN_CRYPTO_MAX_PMKID && !slot_found) {
*5113495bSYour Name		crypto_err("no entry available for pmksa");
*5113495bSYour Name		return QDF_STATUS_E_INVAL;
*5113495bSYour Name	}
*5113495bSYour Name	crypto_params->pmksa[first_available_slot] = pmksa;
*5113495bSYour Name	crypto_debug("PMKSA: Added the PMKSA entry at index=%d",
*5113495bSYour Name		     first_available_slot);
*5113495bSYour Name
*5113495bSYour Name	return QDF_STATUS_SUCCESS;
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour Namestatic
*5113495bSYour NameQDF_STATUS wlan_crypto_del_pmksa(struct wlan_crypto_params *crypto_params,
*5113495bSYour Name				 struct wlan_crypto_pmksa *pmksa)
*5113495bSYour Name{
*5113495bSYour Name	uint8_t i, j, valid_entries_in_table = 0;
*5113495bSYour Name	bool match_found = false;
*5113495bSYour Name	u8 del_pmk[MAX_PMK_LEN] = {0};
*5113495bSYour Name
*5113495bSYour Name	/* find slot with same bssid */
*5113495bSYour Name	for (i = 0; i < WLAN_CRYPTO_MAX_PMKID; i++) {
*5113495bSYour Name		if (!crypto_params->pmksa[i])
*5113495bSYour Name			continue;
*5113495bSYour Name
*5113495bSYour Name		valid_entries_in_table++;
*5113495bSYour Name
*5113495bSYour Name		if (!pmksa->ssid_len &&
*5113495bSYour Name		    !qdf_is_macaddr_zero(&pmksa->bssid) &&
*5113495bSYour Name		    qdf_is_macaddr_equal(&pmksa->bssid,
*5113495bSYour Name					 &crypto_params->pmksa[i]->bssid)) {
*5113495bSYour Name			match_found = true;
*5113495bSYour Name		} else if (pmksa->ssid_len &&
*5113495bSYour Name			   !qdf_mem_cmp(pmksa->ssid,
*5113495bSYour Name					crypto_params->pmksa[i]->ssid,
*5113495bSYour Name					pmksa->ssid_len) &&
*5113495bSYour Name			   !qdf_mem_cmp(pmksa->cache_id,
*5113495bSYour Name					crypto_params->pmksa[i]->cache_id,
*5113495bSYour Name					WLAN_CACHE_ID_LEN)) {
*5113495bSYour Name			match_found = true;
*5113495bSYour Name		}
*5113495bSYour Name
*5113495bSYour Name		if (match_found) {
*5113495bSYour Name			qdf_mem_copy(del_pmk, crypto_params->pmksa[i]->pmk,
*5113495bSYour Name				     crypto_params->pmksa[i]->pmk_len);
*5113495bSYour Name			/* Free matching entry */
*5113495bSYour Name			qdf_mem_zero(crypto_params->pmksa[i],
*5113495bSYour Name				     sizeof(struct wlan_crypto_pmksa));
*5113495bSYour Name			qdf_mem_free(crypto_params->pmksa[i]);
*5113495bSYour Name			crypto_params->pmksa[i] = NULL;
*5113495bSYour Name			crypto_debug("PMKSA: Deleted PMKSA entry at index=%d",
*5113495bSYour Name				     i);
*5113495bSYour Name
*5113495bSYour Name			/* Find and remove the entries matching the pmk */
*5113495bSYour Name			for (j = 0; j < WLAN_CRYPTO_MAX_PMKID; j++) {
*5113495bSYour Name				if (!crypto_params->pmksa[j])
*5113495bSYour Name					continue;
*5113495bSYour Name				if (crypto_params->pmksa[j]->pmk_len &&
*5113495bSYour Name				    (!qdf_mem_cmp(crypto_params->pmksa[j]->pmk,
*5113495bSYour Name				     del_pmk,
*5113495bSYour Name				     crypto_params->pmksa[j]->pmk_len))) {
*5113495bSYour Name					qdf_mem_zero(crypto_params->pmksa[j],
*5113495bSYour Name					sizeof(struct wlan_crypto_pmksa));
*5113495bSYour Name					qdf_mem_free(crypto_params->pmksa[j]);
*5113495bSYour Name					crypto_params->pmksa[j] = NULL;
*5113495bSYour Name					crypto_debug("PMKSA: Deleted PMKSA at idx=%d",
*5113495bSYour Name						     j);
*5113495bSYour Name				}
*5113495bSYour Name			}
*5113495bSYour Name			/* reset stored pmk */
*5113495bSYour Name			qdf_mem_zero(del_pmk, MAX_PMK_LEN);
*5113495bSYour Name
*5113495bSYour Name			return QDF_STATUS_SUCCESS;
*5113495bSYour Name		}
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	if (i == WLAN_CRYPTO_MAX_PMKID && !match_found)
*5113495bSYour Name		crypto_debug("No such pmksa entry exists: valid entries:%d",
*5113495bSYour Name			     valid_entries_in_table);
*5113495bSYour Name
*5113495bSYour Name	return QDF_STATUS_SUCCESS;
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour NameQDF_STATUS wlan_crypto_pmksa_flush(struct wlan_crypto_params *crypto_params)
*5113495bSYour Name{
*5113495bSYour Name	uint8_t i;
*5113495bSYour Name
*5113495bSYour Name	for (i = 0; i < WLAN_CRYPTO_MAX_PMKID; i++) {
*5113495bSYour Name		if (!crypto_params->pmksa[i])
*5113495bSYour Name			continue;
*5113495bSYour Name		qdf_mem_zero(crypto_params->pmksa[i],
*5113495bSYour Name			     sizeof(struct wlan_crypto_pmksa));
*5113495bSYour Name		qdf_mem_free(crypto_params->pmksa[i]);
*5113495bSYour Name		crypto_params->pmksa[i] = NULL;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	crypto_debug("Flushed the pmksa table");
*5113495bSYour Name
*5113495bSYour Name	return QDF_STATUS_SUCCESS;
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour NameQDF_STATUS wlan_crypto_set_del_pmksa(struct wlan_objmgr_vdev *vdev,
*5113495bSYour Name				     struct wlan_crypto_pmksa *pmksa,
*5113495bSYour Name				     bool set)
*5113495bSYour Name{
*5113495bSYour Name	QDF_STATUS status = QDF_STATUS_E_INVAL;
*5113495bSYour Name	struct wlan_crypto_comp_priv *crypto_priv;
*5113495bSYour Name	struct wlan_crypto_params *crypto_params;
*5113495bSYour Name	struct wlan_crypto_pmksa *pmkid_cache = NULL;
*5113495bSYour Name	enum QDF_OPMODE op_mode;
*5113495bSYour Name
*5113495bSYour Name	op_mode = wlan_vdev_mlme_get_opmode(vdev);
*5113495bSYour Name
*5113495bSYour Name	if (op_mode != QDF_STA_MODE && op_mode != QDF_SAP_MODE)
*5113495bSYour Name		return QDF_STATUS_E_NOSUPPORT;
*5113495bSYour Name
*5113495bSYour Name	if (!pmksa && set) {
*5113495bSYour Name		crypto_err("pmksa is NULL for set operation");
*5113495bSYour Name		return QDF_STATUS_E_INVAL;
*5113495bSYour Name	}
*5113495bSYour Name	crypto_priv = (struct wlan_crypto_comp_priv *)
*5113495bSYour Name					wlan_get_vdev_crypto_obj(vdev);
*5113495bSYour Name
*5113495bSYour Name	if (!crypto_priv) {
*5113495bSYour Name		crypto_err("crypto_priv NULL");
*5113495bSYour Name		return QDF_STATUS_E_INVAL;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	crypto_params = &crypto_priv->crypto_params;
*5113495bSYour Name	if (set) {
*5113495bSYour Name		pmkid_cache = wlan_crypto_get_pmksa(vdev, &pmksa->bssid);
*5113495bSYour Name		if (pmkid_cache && (pmksa->pmk_len &&
*5113495bSYour Name				    pmksa->pmk_len == pmkid_cache->pmk_len &&
*5113495bSYour Name				    !qdf_mem_cmp(pmkid_cache->pmk, pmksa->pmk,
*5113495bSYour Name						 pmksa->pmk_len))) {
*5113495bSYour Name			crypto_debug("PMKSA entry found with same PMK");
*5113495bSYour Name			pmkid_cache = NULL;
*5113495bSYour Name			return QDF_STATUS_E_EXISTS;
*5113495bSYour Name		}
*5113495bSYour Name
*5113495bSYour Name		status = wlan_crypto_set_pmksa(crypto_params, pmksa);
*5113495bSYour Name		/* Set pmksa */
*5113495bSYour Name	} else {
*5113495bSYour Name		/* del pmksa */
*5113495bSYour Name		if (!pmksa)
*5113495bSYour Name			status = wlan_crypto_pmksa_flush(crypto_params);
*5113495bSYour Name		else
*5113495bSYour Name			status = wlan_crypto_del_pmksa(crypto_params, pmksa);
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	return status;
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour NameQDF_STATUS wlan_crypto_update_pmk_cache_ft(struct wlan_objmgr_vdev *vdev,
*5113495bSYour Name					   struct wlan_crypto_pmksa *pmksa)
*5113495bSYour Name{
*5113495bSYour Name	QDF_STATUS status = QDF_STATUS_E_INVAL;
*5113495bSYour Name	struct wlan_crypto_pmksa *cached_pmksa;
*5113495bSYour Name	struct wlan_crypto_comp_priv *crypto_priv;
*5113495bSYour Name	struct wlan_crypto_params *crypto_params;
*5113495bSYour Name	uint8_t mdie_present, i;
*5113495bSYour Name	uint16_t mobility_domain;
*5113495bSYour Name
*5113495bSYour Name	if (!pmksa) {
*5113495bSYour Name		crypto_err("pmksa is NULL for set operation");
*5113495bSYour Name		return status;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	crypto_priv = (struct wlan_crypto_comp_priv *)
*5113495bSYour Name					wlan_get_vdev_crypto_obj(vdev);
*5113495bSYour Name	if (!crypto_priv) {
*5113495bSYour Name		crypto_err("crypto_priv NULL");
*5113495bSYour Name		return status;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	crypto_params = &crypto_priv->crypto_params;
*5113495bSYour Name
*5113495bSYour Name	if (pmksa->mdid.mdie_present) {
*5113495bSYour Name		for (i = 0; i < WLAN_CRYPTO_MAX_PMKID; i++) {
*5113495bSYour Name			if (!crypto_params->pmksa[i])
*5113495bSYour Name				continue;
*5113495bSYour Name			cached_pmksa = crypto_params->pmksa[i];
*5113495bSYour Name			mdie_present = cached_pmksa->mdid.mdie_present;
*5113495bSYour Name			mobility_domain = cached_pmksa->mdid.mobility_domain;
*5113495bSYour Name
*5113495bSYour Name			/* In FT connection when STA connects to AP1 then PMK1
*5113495bSYour Name			 * gets cached. And if STA disconnects from AP1 and
*5113495bSYour Name			 * connects to AP2 then PMK2 gets cached. This will
*5113495bSYour Name			 * result in having multiple PMK cache entries for the
*5113495bSYour Name			 * same MDID. So delete the old/stale PMK cache entries
*5113495bSYour Name			 * for the same mobility domain as of the newly added
*5113495bSYour Name			 * entry. And Update the MDID for the matching BSSID or
*5113495bSYour Name			 * SSID PMKSA entry.
*5113495bSYour Name			 */
*5113495bSYour Name			if (qdf_is_macaddr_equal
*5113495bSYour Name				(&cached_pmksa->bssid, &pmksa->bssid)) {
*5113495bSYour Name				cached_pmksa->mdid.mdie_present = 1;
*5113495bSYour Name				cached_pmksa->mdid.mobility_domain =
*5113495bSYour Name						pmksa->mdid.mobility_domain;
*5113495bSYour Name				crypto_debug("Updated the MDID at index=%d", i);
*5113495bSYour Name				status = QDF_STATUS_SUCCESS;
*5113495bSYour Name			} else if (pmksa->ssid_len &&
*5113495bSYour Name				   !qdf_mem_cmp(pmksa->ssid,
*5113495bSYour Name						cached_pmksa->ssid,
*5113495bSYour Name						pmksa->ssid_len) &&
*5113495bSYour Name				   !qdf_mem_cmp(pmksa->cache_id,
*5113495bSYour Name						cached_pmksa->cache_id,
*5113495bSYour Name						WLAN_CACHE_ID_LEN)) {
*5113495bSYour Name				cached_pmksa->mdid.mdie_present = 1;
*5113495bSYour Name				cached_pmksa->mdid.mobility_domain =
*5113495bSYour Name						pmksa->mdid.mobility_domain;
*5113495bSYour Name				crypto_debug("Updated the MDID at index=%d", i);
*5113495bSYour Name				status = QDF_STATUS_SUCCESS;
*5113495bSYour Name			} else if (mdie_present &&
*5113495bSYour Name				   (pmksa->mdid.mobility_domain ==
*5113495bSYour Name				    mobility_domain)) {
*5113495bSYour Name				qdf_mem_zero(crypto_params->pmksa[i],
*5113495bSYour Name					     sizeof(struct wlan_crypto_pmksa));
*5113495bSYour Name				qdf_mem_free(crypto_params->pmksa[i]);
*5113495bSYour Name				crypto_params->pmksa[i] = NULL;
*5113495bSYour Name				crypto_debug("Deleted PMKSA at index=%d", i);
*5113495bSYour Name				status = QDF_STATUS_SUCCESS;
*5113495bSYour Name			}
*5113495bSYour Name		}
*5113495bSYour Name	}
*5113495bSYour Name	return status;
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour Namestruct wlan_crypto_pmksa *
*5113495bSYour Namewlan_crypto_get_peer_pmksa(struct wlan_objmgr_vdev *vdev,
*5113495bSYour Name			   struct wlan_crypto_pmksa *pmksa)
*5113495bSYour Name{
*5113495bSYour Name	struct wlan_crypto_comp_priv *crypto_priv;
*5113495bSYour Name	struct wlan_crypto_params *crypto_params;
*5113495bSYour Name	uint8_t i;
*5113495bSYour Name
*5113495bSYour Name	if (!pmksa) {
*5113495bSYour Name		crypto_err("pmksa is NULL");
*5113495bSYour Name		return NULL;
*5113495bSYour Name	}
*5113495bSYour Name	crypto_priv = (struct wlan_crypto_comp_priv *)
*5113495bSYour Name					wlan_get_vdev_crypto_obj(vdev);
*5113495bSYour Name
*5113495bSYour Name	if (!crypto_priv) {
*5113495bSYour Name		crypto_err("crypto_priv NULL");
*5113495bSYour Name		return NULL;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	crypto_params = &crypto_priv->crypto_params;
*5113495bSYour Name
*5113495bSYour Name	for (i = 0; i < WLAN_CRYPTO_MAX_PMKID; i++) {
*5113495bSYour Name		if (!crypto_params->pmksa[i])
*5113495bSYour Name			continue;
*5113495bSYour Name
*5113495bSYour Name		if (pmksa->ssid_len &&
*5113495bSYour Name		    !qdf_mem_cmp(pmksa->ssid,
*5113495bSYour Name				 crypto_params->pmksa[i]->ssid,
*5113495bSYour Name				 pmksa->ssid_len) &&
*5113495bSYour Name		    !qdf_mem_cmp(pmksa->cache_id,
*5113495bSYour Name				 crypto_params->pmksa[i]->cache_id,
*5113495bSYour Name				 WLAN_CACHE_ID_LEN)) {
*5113495bSYour Name			return crypto_params->pmksa[i];
*5113495bSYour Name		} else if (!pmksa->ssid_len &&
*5113495bSYour Name			   !qdf_is_macaddr_zero(&pmksa->bssid) &&
*5113495bSYour Name			   qdf_is_macaddr_equal(&pmksa->bssid,
*5113495bSYour Name					 &crypto_params->pmksa[i]->bssid)) {
*5113495bSYour Name			return crypto_params->pmksa[i];
*5113495bSYour Name		}
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	return NULL;
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour Namestruct wlan_crypto_pmksa *
*5113495bSYour Namewlan_crypto_get_pmksa(struct wlan_objmgr_vdev *vdev, struct qdf_mac_addr *bssid)
*5113495bSYour Name{
*5113495bSYour Name	struct wlan_crypto_comp_priv *crypto_priv;
*5113495bSYour Name	struct wlan_crypto_params *crypto_params;
*5113495bSYour Name	uint8_t i;
*5113495bSYour Name
*5113495bSYour Name	if (!bssid) {
*5113495bSYour Name		crypto_err("bssid is NULL");
*5113495bSYour Name		return NULL;
*5113495bSYour Name	}
*5113495bSYour Name	crypto_priv = (struct wlan_crypto_comp_priv *)
*5113495bSYour Name					wlan_get_vdev_crypto_obj(vdev);
*5113495bSYour Name
*5113495bSYour Name	if (!crypto_priv) {
*5113495bSYour Name		crypto_err("crypto_priv NULL");
*5113495bSYour Name		return NULL;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	crypto_params = &crypto_priv->crypto_params;
*5113495bSYour Name
*5113495bSYour Name	for (i = 0; i < WLAN_CRYPTO_MAX_PMKID; i++) {
*5113495bSYour Name		if (!crypto_params->pmksa[i])
*5113495bSYour Name			continue;
*5113495bSYour Name		if (qdf_is_macaddr_equal(bssid,
*5113495bSYour Name					 &crypto_params->pmksa[i]->bssid)) {
*5113495bSYour Name			crypto_debug("PMKSA: Entry found at index %d", i);
*5113495bSYour Name			return crypto_params->pmksa[i];
*5113495bSYour Name		}
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	return NULL;
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour Namestruct wlan_crypto_pmksa *
*5113495bSYour Namewlan_crypto_get_fils_pmksa(struct wlan_objmgr_vdev *vdev,
*5113495bSYour Name			   uint8_t *cache_id, uint8_t *ssid,
*5113495bSYour Name			   uint8_t ssid_len)
*5113495bSYour Name{
*5113495bSYour Name	struct wlan_crypto_comp_priv *crypto_priv;
*5113495bSYour Name	struct wlan_crypto_params *crypto_params;
*5113495bSYour Name	uint8_t i;
*5113495bSYour Name
*5113495bSYour Name	crypto_priv = (struct wlan_crypto_comp_priv *)
*5113495bSYour Name					wlan_get_vdev_crypto_obj(vdev);
*5113495bSYour Name
*5113495bSYour Name	if (!crypto_priv) {
*5113495bSYour Name		crypto_err("crypto_priv NULL");
*5113495bSYour Name		return NULL;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	crypto_params = &crypto_priv->crypto_params;
*5113495bSYour Name	for (i = 0; i < WLAN_CRYPTO_MAX_PMKID; i++) {
*5113495bSYour Name		if (!crypto_params->pmksa[i])
*5113495bSYour Name			continue;
*5113495bSYour Name
*5113495bSYour Name		if (!qdf_mem_cmp(cache_id,
*5113495bSYour Name				 crypto_params->pmksa[i]->cache_id,
*5113495bSYour Name				 WLAN_CACHE_ID_LEN) &&
*5113495bSYour Name		    !qdf_mem_cmp(ssid, crypto_params->pmksa[i]->ssid,
*5113495bSYour Name				 ssid_len) &&
*5113495bSYour Name		    ssid_len == crypto_params->pmksa[i]->ssid_len)
*5113495bSYour Name			return crypto_params->pmksa[i];
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	return NULL;
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour Nameuint8_t wlan_crypto_is_htallowed(struct wlan_objmgr_vdev *vdev,
*5113495bSYour Name				 struct wlan_objmgr_peer *peer)
*5113495bSYour Name{
*5113495bSYour Name	int32_t ucast_cipher;
*5113495bSYour Name
*5113495bSYour Name	if (!(vdev || peer)) {
*5113495bSYour Name		crypto_err("Invalid params");
*5113495bSYour Name		return 0;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	if (vdev)
*5113495bSYour Name		ucast_cipher = wlan_crypto_get_param(vdev,
*5113495bSYour Name				WLAN_CRYPTO_PARAM_UCAST_CIPHER);
*5113495bSYour Name	else
*5113495bSYour Name		ucast_cipher = wlan_crypto_get_peer_param(peer,
*5113495bSYour Name				WLAN_CRYPTO_PARAM_UCAST_CIPHER);
*5113495bSYour Name
*5113495bSYour Name	if (ucast_cipher == -1) {
*5113495bSYour Name		crypto_err("Invalid params");
*5113495bSYour Name		return 0;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	return (ucast_cipher & (1 << WLAN_CRYPTO_CIPHER_WEP)) ||
*5113495bSYour Name		((ucast_cipher & (1 << WLAN_CRYPTO_CIPHER_TKIP)) &&
*5113495bSYour Name		!(ucast_cipher & (1 << WLAN_CRYPTO_CIPHER_AES_CCM)) &&
*5113495bSYour Name		!(ucast_cipher & (1 << WLAN_CRYPTO_CIPHER_AES_GCM)) &&
*5113495bSYour Name		!(ucast_cipher & (1 << WLAN_CRYPTO_CIPHER_AES_GCM_256)) &&
*5113495bSYour Name		!(ucast_cipher & (1 << WLAN_CRYPTO_CIPHER_AES_CCM_256)));
*5113495bSYour Name}
*5113495bSYour Nameqdf_export_symbol(wlan_crypto_is_htallowed);
*5113495bSYour Name
*5113495bSYour Name/**
*5113495bSYour Name * wlan_crypto_store_def_keyix - store default keyix
*5113495bSYour Name * @vdev: vdev
*5113495bSYour Name * @object: Peer object
*5113495bSYour Name * @arg: Argument passed by caller
*5113495bSYour Name *
*5113495bSYour Name * This function gets called from wlan_crypto_setkey
*5113495bSYour Name *
*5113495bSYour Name * Return: None
*5113495bSYour Name */
*5113495bSYour Namestatic void wlan_crypto_store_def_keyix(struct wlan_objmgr_vdev *vdev,
*5113495bSYour Name					void *object, void *arg)
*5113495bSYour Name{
*5113495bSYour Name	struct wlan_objmgr_peer *peer = object;
*5113495bSYour Name	struct wlan_crypto_comp_priv *crypto_priv;
*5113495bSYour Name	struct wlan_crypto_params *crypto_params;
*5113495bSYour Name
*5113495bSYour Name	uint16_t kid = *(uint16_t *)arg;
*5113495bSYour Name
*5113495bSYour Name	crypto_params = wlan_crypto_peer_get_comp_params(peer, &crypto_priv);
*5113495bSYour Name	if (!crypto_priv) {
*5113495bSYour Name		crypto_err("crypto_priv NULL");
*5113495bSYour Name		return;
*5113495bSYour Name	}
*5113495bSYour Name	crypto_priv->crypto_key.def_tx_keyid = kid;
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour Name/**
*5113495bSYour Name * wlan_crypto_setkey - called by ucfg to setkey
*5113495bSYour Name * @vdev: vdev
*5113495bSYour Name * @req_key: req_key with cipher type, key macaddress
*5113495bSYour Name *
*5113495bSYour Name * This function gets called from ucfg to sey key
*5113495bSYour Name *
*5113495bSYour Name * Return: QDF_STATUS_SUCCESS - in case of success
*5113495bSYour Name */
*5113495bSYour NameQDF_STATUS wlan_crypto_setkey(struct wlan_objmgr_vdev *vdev,
*5113495bSYour Name				struct wlan_crypto_req_key *req_key)
*5113495bSYour Name{
*5113495bSYour Name	QDF_STATUS status = QDF_STATUS_E_INVAL;
*5113495bSYour Name	struct wlan_crypto_comp_priv *crypto_priv;
*5113495bSYour Name	struct wlan_crypto_params *crypto_params;
*5113495bSYour Name	struct wlan_objmgr_psoc *psoc;
*5113495bSYour Name	struct wlan_objmgr_peer *peer = NULL;
*5113495bSYour Name	struct wlan_crypto_key *key = NULL;
*5113495bSYour Name	struct wlan_crypto_keys *priv_key = NULL;
*5113495bSYour Name	const struct wlan_crypto_cipher *cipher;
*5113495bSYour Name	uint8_t macaddr[QDF_MAC_ADDR_SIZE] =
*5113495bSYour Name			{0xff, 0xff, 0xff, 0xff, 0xff, 0xff};
*5113495bSYour Name	bool isbcast;
*5113495bSYour Name	enum QDF_OPMODE vdev_mode;
*5113495bSYour Name	uint8_t igtk_idx = 0;
*5113495bSYour Name	uint8_t bigtk_idx = 0;
*5113495bSYour Name	struct wlan_lmac_if_tx_ops *tx_ops;
*5113495bSYour Name
*5113495bSYour Name	if (!vdev || !req_key || req_key->keylen > (sizeof(req_key->keydata))) {
*5113495bSYour Name		crypto_err("Invalid params vdev%pK, req_key%pK", vdev, req_key);
*5113495bSYour Name		return QDF_STATUS_E_INVAL;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	isbcast = qdf_is_macaddr_group(
*5113495bSYour Name				(struct qdf_mac_addr *)req_key->macaddr);
*5113495bSYour Name	if ((req_key->keylen == 0) && !IS_FILS_CIPHER(req_key->type)) {
*5113495bSYour Name		/* zero length keys, only set default key id if flags are set*/
*5113495bSYour Name		if ((req_key->flags & WLAN_CRYPTO_KEY_DEFAULT)
*5113495bSYour Name			&& (req_key->keyix != WLAN_CRYPTO_KEYIX_NONE)
*5113495bSYour Name			&& (!IS_MGMT_CIPHER(req_key->type))) {
*5113495bSYour Name			wlan_crypto_default_key(vdev,
*5113495bSYour Name				req_key->macaddr,
*5113495bSYour Name				req_key->keyix,
*5113495bSYour Name				!isbcast);
*5113495bSYour Name			return QDF_STATUS_SUCCESS;
*5113495bSYour Name		}
*5113495bSYour Name		crypto_err("req_key len zero");
*5113495bSYour Name		return QDF_STATUS_CRYPTO_INVALID_KEYLEN;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	cipher = wlan_crypto_cipher_ops[req_key->type];
*5113495bSYour Name
*5113495bSYour Name	if (!cipher && !IS_MGMT_CIPHER(req_key->type)) {
*5113495bSYour Name		crypto_err("cipher invalid");
*5113495bSYour Name		return QDF_STATUS_CRYPTO_INVALID_CIPHERTYPE;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	if (cipher && (!IS_FILS_CIPHER(req_key->type)) &&
*5113495bSYour Name	    (!IS_MGMT_CIPHER(req_key->type)) &&
*5113495bSYour Name	    ((req_key->keylen != (cipher->keylen / CRYPTO_NBBY)) &&
*5113495bSYour Name	    (req_key->type != WLAN_CRYPTO_CIPHER_WEP))) {
*5113495bSYour Name		crypto_err("cipher invalid");
*5113495bSYour Name		return QDF_STATUS_CRYPTO_INVALID_CIPHERTYPE;
*5113495bSYour Name	} else if ((req_key->type == WLAN_CRYPTO_CIPHER_WEP) &&
*5113495bSYour Name		!((req_key->keylen == WLAN_CRYPTO_KEY_WEP40_LEN)
*5113495bSYour Name		|| (req_key->keylen == WLAN_CRYPTO_KEY_WEP104_LEN)
*5113495bSYour Name		|| (req_key->keylen == WLAN_CRYPTO_KEY_WEP128_LEN))) {
*5113495bSYour Name		crypto_err("wep key len invalid. keylen: %d", req_key->keylen);
*5113495bSYour Name		return QDF_STATUS_CRYPTO_INVALID_KEYLEN;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	if (req_key->keyix == WLAN_CRYPTO_KEYIX_NONE) {
*5113495bSYour Name		if (req_key->flags != (WLAN_CRYPTO_KEY_XMIT
*5113495bSYour Name						| WLAN_CRYPTO_KEY_RECV)) {
*5113495bSYour Name			req_key->flags |= (WLAN_CRYPTO_KEY_XMIT
*5113495bSYour Name						| WLAN_CRYPTO_KEY_RECV);
*5113495bSYour Name		}
*5113495bSYour Name	} else {
*5113495bSYour Name		if ((req_key->keyix >= WLAN_CRYPTO_MAX_VLANKEYIX)
*5113495bSYour Name			&& (!IS_MGMT_CIPHER(req_key->type))) {
*5113495bSYour Name			return QDF_STATUS_CRYPTO_INVALID_KEYID;
*5113495bSYour Name		}
*5113495bSYour Name
*5113495bSYour Name		req_key->flags |= (WLAN_CRYPTO_KEY_XMIT
*5113495bSYour Name					| WLAN_CRYPTO_KEY_RECV);
*5113495bSYour Name		if (isbcast)
*5113495bSYour Name			req_key->flags |= WLAN_CRYPTO_KEY_GROUP;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	vdev_mode = wlan_vdev_mlme_get_opmode(vdev);
*5113495bSYour Name
*5113495bSYour Name	wlan_vdev_obj_lock(vdev);
*5113495bSYour Name	qdf_mem_copy(macaddr, wlan_vdev_mlme_get_macaddr(vdev),
*5113495bSYour Name		    QDF_MAC_ADDR_SIZE);
*5113495bSYour Name	psoc = wlan_vdev_get_psoc(vdev);
*5113495bSYour Name	if (!psoc) {
*5113495bSYour Name		wlan_vdev_obj_unlock(vdev);
*5113495bSYour Name		crypto_err("psoc NULL");
*5113495bSYour Name		return QDF_STATUS_E_INVAL;
*5113495bSYour Name	}
*5113495bSYour Name	wlan_vdev_obj_unlock(vdev);
*5113495bSYour Name
*5113495bSYour Name	if (req_key->type == WLAN_CRYPTO_CIPHER_WEP) {
*5113495bSYour Name		if (wlan_crypto_vdev_has_auth_mode(vdev,
*5113495bSYour Name					(1 << WLAN_CRYPTO_AUTH_8021X))) {
*5113495bSYour Name			req_key->flags |= WLAN_CRYPTO_KEY_DEFAULT;
*5113495bSYour Name		}
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	if (isbcast) {
*5113495bSYour Name		crypto_params = wlan_crypto_vdev_get_comp_params(vdev,
*5113495bSYour Name								&crypto_priv);
*5113495bSYour Name		if (!crypto_priv) {
*5113495bSYour Name			crypto_err("crypto_priv NULL");
*5113495bSYour Name			return QDF_STATUS_E_INVAL;
*5113495bSYour Name		}
*5113495bSYour Name
*5113495bSYour Name		priv_key = &crypto_priv->crypto_key;
*5113495bSYour Name
*5113495bSYour Name		if (IS_MGMT_CIPHER(req_key->type)) {
*5113495bSYour Name			struct wlan_crypto_key *crypto_key = NULL;
*5113495bSYour Name
*5113495bSYour Name			igtk_idx = req_key->keyix - WLAN_CRYPTO_MAXKEYIDX;
*5113495bSYour Name			bigtk_idx = igtk_idx - WLAN_CRYPTO_MAXIGTKKEYIDX;
*5113495bSYour Name			if (!is_igtk(req_key->keyix) &&
*5113495bSYour Name			    !(is_bigtk(req_key->keyix))) {
*5113495bSYour Name				crypto_err("igtk/bigtk key invalid keyid %d",
*5113495bSYour Name					   req_key->keyix);
*5113495bSYour Name				return QDF_STATUS_CRYPTO_INVALID_KEYID;
*5113495bSYour Name			}
*5113495bSYour Name			key = qdf_mem_malloc(sizeof(struct wlan_crypto_key));
*5113495bSYour Name			if (!key)
*5113495bSYour Name				return QDF_STATUS_E_NOMEM;
*5113495bSYour Name
*5113495bSYour Name
*5113495bSYour Name			if (is_igtk(req_key->keyix)) {
*5113495bSYour Name				crypto_key = priv_key->igtk_key[igtk_idx];
*5113495bSYour Name				if (crypto_key)
*5113495bSYour Name					qdf_mem_free(crypto_key);
*5113495bSYour Name
*5113495bSYour Name				priv_key->igtk_key[igtk_idx] = key;
*5113495bSYour Name				priv_key->igtk_key_type = req_key->type;
*5113495bSYour Name				priv_key->def_igtk_tx_keyid = igtk_idx;
*5113495bSYour Name				bigtk_idx = 0;
*5113495bSYour Name			} else {
*5113495bSYour Name				crypto_key = priv_key->bigtk_key[bigtk_idx];
*5113495bSYour Name				if (crypto_key)
*5113495bSYour Name					qdf_mem_free(crypto_key);
*5113495bSYour Name
*5113495bSYour Name				priv_key->bigtk_key[bigtk_idx] = key;
*5113495bSYour Name				priv_key->def_bigtk_tx_keyid = bigtk_idx;
*5113495bSYour Name				igtk_idx = 0;
*5113495bSYour Name			}
*5113495bSYour Name		} else {
*5113495bSYour Name			if (IS_FILS_CIPHER(req_key->type)) {
*5113495bSYour Name				crypto_err("FILS key is not for BroadCast pkt");
*5113495bSYour Name				return QDF_STATUS_CRYPTO_INVALID_CIPHERTYPE;
*5113495bSYour Name			}
*5113495bSYour Name			if (!HAS_MCAST_CIPHER(crypto_params, req_key->type)
*5113495bSYour Name				&& (req_key->type != WLAN_CRYPTO_CIPHER_WEP)) {
*5113495bSYour Name				return QDF_STATUS_CRYPTO_INVALID_CIPHERTYPE;
*5113495bSYour Name			}
*5113495bSYour Name			if (!priv_key->key[req_key->keyix]) {
*5113495bSYour Name				priv_key->key[req_key->keyix]
*5113495bSYour Name					= qdf_mem_malloc(
*5113495bSYour Name						sizeof(struct wlan_crypto_key));
*5113495bSYour Name				if (!priv_key->key[req_key->keyix])
*5113495bSYour Name					return QDF_STATUS_E_NOMEM;
*5113495bSYour Name			}
*5113495bSYour Name			key = priv_key->key[req_key->keyix];
*5113495bSYour Name			priv_key->def_tx_keyid = req_key->keyix;
*5113495bSYour Name		}
*5113495bSYour Name		if (vdev_mode == QDF_STA_MODE) {
*5113495bSYour Name			peer = wlan_objmgr_vdev_try_get_bsspeer(vdev,
*5113495bSYour Name								WLAN_CRYPTO_ID);
*5113495bSYour Name			if (!peer) {
*5113495bSYour Name				crypto_err("peer NULL");
*5113495bSYour Name				if (IS_MGMT_CIPHER(req_key->type)) {
*5113495bSYour Name					priv_key->igtk_key[igtk_idx] = NULL;
*5113495bSYour Name					priv_key->bigtk_key[bigtk_idx]
*5113495bSYour Name						= NULL;
*5113495bSYour Name					priv_key->igtk_key_type
*5113495bSYour Name						= WLAN_CRYPTO_CIPHER_NONE;
*5113495bSYour Name				} else
*5113495bSYour Name					priv_key->key[req_key->keyix] = NULL;
*5113495bSYour Name				if (key)
*5113495bSYour Name					qdf_mem_free(key);
*5113495bSYour Name				return QDF_STATUS_E_INVAL;
*5113495bSYour Name			}
*5113495bSYour Name			qdf_mem_copy(macaddr, wlan_peer_get_macaddr(peer),
*5113495bSYour Name				    QDF_MAC_ADDR_SIZE);
*5113495bSYour Name			wlan_objmgr_peer_release_ref(peer, WLAN_CRYPTO_ID);
*5113495bSYour Name			peer = NULL;
*5113495bSYour Name		}
*5113495bSYour Name	} else {
*5113495bSYour Name		uint8_t pdev_id;
*5113495bSYour Name
*5113495bSYour Name		pdev_id = wlan_objmgr_pdev_get_pdev_id(
*5113495bSYour Name				wlan_vdev_get_pdev(vdev));
*5113495bSYour Name		peer = wlan_objmgr_get_peer_by_mac_n_vdev(
*5113495bSYour Name					psoc,
*5113495bSYour Name					pdev_id,
*5113495bSYour Name					macaddr,
*5113495bSYour Name					req_key->macaddr,
*5113495bSYour Name					WLAN_CRYPTO_ID);
*5113495bSYour Name
*5113495bSYour Name		if (!peer) {
*5113495bSYour Name			crypto_err("peer NULL");
*5113495bSYour Name			return QDF_STATUS_E_INVAL;
*5113495bSYour Name		}
*5113495bSYour Name
*5113495bSYour Name		qdf_mem_copy(macaddr, req_key->macaddr, QDF_MAC_ADDR_SIZE);
*5113495bSYour Name		crypto_params = wlan_crypto_peer_get_comp_params(peer,
*5113495bSYour Name								&crypto_priv);
*5113495bSYour Name
*5113495bSYour Name		if (!crypto_priv) {
*5113495bSYour Name			crypto_err("crypto_priv NULL");
*5113495bSYour Name			status = QDF_STATUS_E_INVAL;
*5113495bSYour Name			goto err;
*5113495bSYour Name		}
*5113495bSYour Name
*5113495bSYour Name		priv_key = &crypto_priv->crypto_key;
*5113495bSYour Name
*5113495bSYour Name		if (IS_MGMT_CIPHER(req_key->type)) {
*5113495bSYour Name			struct wlan_crypto_key *crypto_key = NULL;
*5113495bSYour Name
*5113495bSYour Name			igtk_idx = req_key->keyix - WLAN_CRYPTO_MAXKEYIDX;
*5113495bSYour Name			bigtk_idx = igtk_idx - WLAN_CRYPTO_MAXIGTKKEYIDX;
*5113495bSYour Name
*5113495bSYour Name			if (!is_igtk(req_key->keyix) &&
*5113495bSYour Name			    !(is_bigtk(req_key->keyix))) {
*5113495bSYour Name				crypto_err("igtk/bigtk key invalid keyid %d",
*5113495bSYour Name					   req_key->keyix);
*5113495bSYour Name				status = QDF_STATUS_CRYPTO_INVALID_KEYID;
*5113495bSYour Name				goto err;
*5113495bSYour Name			}
*5113495bSYour Name			key = qdf_mem_malloc(sizeof(struct wlan_crypto_key));
*5113495bSYour Name			if (!key) {
*5113495bSYour Name				status = QDF_STATUS_E_NOMEM;
*5113495bSYour Name				goto err;
*5113495bSYour Name			}
*5113495bSYour Name
*5113495bSYour Name			if (is_igtk(req_key->keyix)) {
*5113495bSYour Name				crypto_key = priv_key->igtk_key[igtk_idx];
*5113495bSYour Name				if (crypto_key)
*5113495bSYour Name					qdf_mem_free(crypto_key);
*5113495bSYour Name
*5113495bSYour Name				priv_key->igtk_key[igtk_idx] = key;
*5113495bSYour Name				priv_key->igtk_key_type = req_key->type;
*5113495bSYour Name				priv_key->def_igtk_tx_keyid = igtk_idx;
*5113495bSYour Name			} else {
*5113495bSYour Name				crypto_key = priv_key->bigtk_key[bigtk_idx];
*5113495bSYour Name				if (crypto_key)
*5113495bSYour Name					qdf_mem_free(crypto_key);
*5113495bSYour Name
*5113495bSYour Name				priv_key->bigtk_key[bigtk_idx] = key;
*5113495bSYour Name				priv_key->def_bigtk_tx_keyid = bigtk_idx;
*5113495bSYour Name			}
*5113495bSYour Name		} else {
*5113495bSYour Name			uint16_t kid = req_key->keyix;
*5113495bSYour Name			if (kid == WLAN_CRYPTO_KEYIX_NONE)
*5113495bSYour Name				kid = 0;
*5113495bSYour Name			if (kid >= WLAN_CRYPTO_MAX_VLANKEYIX) {
*5113495bSYour Name				crypto_err("invalid keyid %d", kid);
*5113495bSYour Name				status = QDF_STATUS_CRYPTO_INVALID_KEYID;
*5113495bSYour Name				goto err;
*5113495bSYour Name			}
*5113495bSYour Name			if (!priv_key->key[kid]) {
*5113495bSYour Name				priv_key->key[kid]
*5113495bSYour Name					= qdf_mem_malloc(
*5113495bSYour Name						sizeof(struct wlan_crypto_key));
*5113495bSYour Name				if (!priv_key->key[kid]) {
*5113495bSYour Name					status = QDF_STATUS_E_NOMEM;
*5113495bSYour Name					goto err;
*5113495bSYour Name				}
*5113495bSYour Name			}
*5113495bSYour Name			key = priv_key->key[kid];
*5113495bSYour Name		}
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	/* alloc key might not required as it is already there */
*5113495bSYour Name	key->cipher_table = (void *)cipher;
*5113495bSYour Name	key->keylen = req_key->keylen;
*5113495bSYour Name	key->flags = req_key->flags;
*5113495bSYour Name
*5113495bSYour Name	if (req_key->keyix == WLAN_CRYPTO_KEYIX_NONE)
*5113495bSYour Name		key->keyix = 0;
*5113495bSYour Name	else
*5113495bSYour Name		key->keyix = req_key->keyix;
*5113495bSYour Name
*5113495bSYour Name	if (req_key->flags & WLAN_CRYPTO_KEY_DEFAULT
*5113495bSYour Name		&& (!IS_MGMT_CIPHER(req_key->type)))  {
*5113495bSYour Name		crypto_priv->crypto_key.def_tx_keyid = key->keyix;
*5113495bSYour Name		key->flags |= WLAN_CRYPTO_KEY_DEFAULT;
*5113495bSYour Name	}
*5113495bSYour Name	if ((req_key->type == WLAN_CRYPTO_CIPHER_WAPI_SMS4)
*5113495bSYour Name		|| (req_key->type == WLAN_CRYPTO_CIPHER_WAPI_GCM4)) {
*5113495bSYour Name		uint8_t iv_AP[16] = {	0x5c, 0x36, 0x5c, 0x36,
*5113495bSYour Name					0x5c, 0x36, 0x5c, 0x36,
*5113495bSYour Name					0x5c, 0x36, 0x5c, 0x36,
*5113495bSYour Name					0x5c, 0x36, 0x5c, 0x37};
*5113495bSYour Name		uint8_t iv_STA[16] = {	0x5c, 0x36, 0x5c, 0x36,
*5113495bSYour Name					0x5c, 0x36, 0x5c, 0x36,
*5113495bSYour Name					0x5c, 0x36, 0x5c, 0x36,
*5113495bSYour Name					0x5c, 0x36, 0x5c, 0x36};
*5113495bSYour Name
*5113495bSYour Name		/* During Tx PN should be increment and
*5113495bSYour Name		 * send but as per our implementation we increment only after
*5113495bSYour Name		 * Tx complete. So First packet PN check will be failed.
*5113495bSYour Name		 * To compensate increment the PN here by 2
*5113495bSYour Name		 */
*5113495bSYour Name		if (vdev_mode == QDF_SAP_MODE) {
*5113495bSYour Name			iv_AP[15] += 2;
*5113495bSYour Name			qdf_mem_copy(key->recviv, iv_STA,
*5113495bSYour Name						WLAN_CRYPTO_WAPI_IV_SIZE);
*5113495bSYour Name			qdf_mem_copy(key->txiv, iv_AP,
*5113495bSYour Name						WLAN_CRYPTO_WAPI_IV_SIZE);
*5113495bSYour Name		} else {
*5113495bSYour Name			iv_STA[15] += 2;
*5113495bSYour Name			qdf_mem_copy(key->recviv, iv_AP,
*5113495bSYour Name						WLAN_CRYPTO_WAPI_IV_SIZE);
*5113495bSYour Name			qdf_mem_copy(key->txiv, iv_STA,
*5113495bSYour Name						WLAN_CRYPTO_WAPI_IV_SIZE);
*5113495bSYour Name		}
*5113495bSYour Name	} else {
*5113495bSYour Name		uint8_t i = 0;
*5113495bSYour Name		qdf_mem_copy((uint8_t *)(&key->keytsc),
*5113495bSYour Name			(uint8_t *)(&req_key->keytsc), sizeof(key->keytsc));
*5113495bSYour Name		for (i = 0; i < WLAN_CRYPTO_TID_SIZE; i++) {
*5113495bSYour Name			qdf_mem_copy((uint8_t *)(&key->keyrsc[i]),
*5113495bSYour Name					(uint8_t *)(&req_key->keyrsc),
*5113495bSYour Name					sizeof(key->keyrsc[0]));
*5113495bSYour Name		}
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	tx_ops = wlan_psoc_get_lmac_if_txops(psoc);
*5113495bSYour Name	if (!tx_ops) {
*5113495bSYour Name		crypto_err("tx_ops is NULL");
*5113495bSYour Name		status = QDF_STATUS_E_INVAL;
*5113495bSYour Name		goto err;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	qdf_mem_copy(key->keyval, req_key->keydata, sizeof(key->keyval));
*5113495bSYour Name	key->valid = 1;
*5113495bSYour Name	if ((IS_MGMT_CIPHER(req_key->type))) {
*5113495bSYour Name		uint32_t mgmt_cipher = 0;
*5113495bSYour Name
*5113495bSYour Name		if (HAS_CIPHER_CAP(crypto_params,
*5113495bSYour Name					WLAN_CRYPTO_CAP_PMF_OFFLOAD) ||
*5113495bSYour Name					is_bigtk(req_key->keyix)) {
*5113495bSYour Name			if (WLAN_CRYPTO_TX_OPS_SETKEY(tx_ops)) {
*5113495bSYour Name				WLAN_CRYPTO_TX_OPS_SETKEY(tx_ops)(vdev,
*5113495bSYour Name						key, macaddr, req_key->type);
*5113495bSYour Name			}
*5113495bSYour Name		}
*5113495bSYour Name		QDF_SET_PARAM(mgmt_cipher, req_key->type);
*5113495bSYour Name		wlan_crypto_set_mgmtcipher(crypto_params, mgmt_cipher);
*5113495bSYour Name		status = wlan_crypto_set_igtk_key(key);
*5113495bSYour Name	} else if (IS_FILS_CIPHER(req_key->type)) {
*5113495bSYour Name		/* Take request key object to FILS setkey */
*5113495bSYour Name		key->private = req_key;
*5113495bSYour Name	} else {
*5113495bSYour Name		if (WLAN_CRYPTO_TX_OPS_SETKEY(tx_ops)) {
*5113495bSYour Name			if (WLAN_CRYPTO_TX_OPS_SETKEY(tx_ops)(vdev, key,
*5113495bSYour Name							      macaddr,
*5113495bSYour Name							      req_key->type)) {
*5113495bSYour Name				status = QDF_STATUS_E_INVAL;
*5113495bSYour Name				goto err;
*5113495bSYour Name			}
*5113495bSYour Name		}
*5113495bSYour Name	}
*5113495bSYour Name	if (cipher)
*5113495bSYour Name		status = cipher->setkey(key);
*5113495bSYour Name
*5113495bSYour Name	if ((req_key->flags & WLAN_CRYPTO_KEY_DEFAULT) &&
*5113495bSYour Name	    (req_key->keyix != WLAN_CRYPTO_KEYIX_NONE) &&
*5113495bSYour Name	    (!IS_MGMT_CIPHER(req_key->type)) && isbcast) {
*5113495bSYour Name		/* default xmit key */
*5113495bSYour Name		wlan_crypto_default_key(vdev,
*5113495bSYour Name					req_key->macaddr,
*5113495bSYour Name					req_key->keyix,
*5113495bSYour Name					!isbcast);
*5113495bSYour Name		/*Iterate through the peer list on this vdev
*5113495bSYour Name		 *and store the keyix in the peer's crypto_priv
*5113495bSYour Name		 */
*5113495bSYour Name		wlan_objmgr_iterate_peerobj_list(vdev,
*5113495bSYour Name						 wlan_crypto_store_def_keyix,
*5113495bSYour Name						 (void *)&req_key->keyix,
*5113495bSYour Name						 WLAN_CRYPTO_ID);
*5113495bSYour Name
*5113495bSYour Name		}
*5113495bSYour Nameerr:
*5113495bSYour Name	if (peer)
*5113495bSYour Name		wlan_objmgr_peer_release_ref(peer, WLAN_CRYPTO_ID);
*5113495bSYour Name	return status;
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour Name/**
*5113495bSYour Name * wlan_crypto_get_key_type - get keytype
*5113495bSYour Name * @key: key
*5113495bSYour Name *
*5113495bSYour Name * This function gets keytype from key
*5113495bSYour Name *
*5113495bSYour Name * Return: keytype
*5113495bSYour Name */
*5113495bSYour Namewlan_crypto_cipher_type wlan_crypto_get_key_type(struct wlan_crypto_key *key)
*5113495bSYour Name{
*5113495bSYour Name	if (key && key->cipher_table) {
*5113495bSYour Name		return ((struct wlan_crypto_cipher *)
*5113495bSYour Name						(key->cipher_table))->cipher;
*5113495bSYour Name	}
*5113495bSYour Name	return WLAN_CRYPTO_CIPHER_NONE;
*5113495bSYour Name}
*5113495bSYour Nameqdf_export_symbol(wlan_crypto_get_key_type);
*5113495bSYour Name
*5113495bSYour Namestruct wlan_crypto_key *wlan_crypto_vdev_getkey(struct wlan_objmgr_vdev *vdev,
*5113495bSYour Name						uint16_t keyix)
*5113495bSYour Name{
*5113495bSYour Name	struct wlan_crypto_comp_priv *crypto_priv;
*5113495bSYour Name	struct wlan_crypto_params *crypto_params;
*5113495bSYour Name	struct wlan_crypto_key *key = NULL;
*5113495bSYour Name	struct wlan_crypto_keys *priv_key = NULL;
*5113495bSYour Name
*5113495bSYour Name	crypto_params = wlan_crypto_vdev_get_comp_params(vdev, &crypto_priv);
*5113495bSYour Name
*5113495bSYour Name	if (!crypto_priv) {
*5113495bSYour Name		crypto_err("crypto_priv NULL");
*5113495bSYour Name		return NULL;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	priv_key = &crypto_priv->crypto_key;
*5113495bSYour Name
*5113495bSYour Name	/* for keyix 4,5 we return the igtk keys for keyix more than 5
*5113495bSYour Name	 * we return the default key, for all other keyix we return the
*5113495bSYour Name	 * key accordingly.
*5113495bSYour Name	 */
*5113495bSYour Name	if ((keyix == WLAN_CRYPTO_KEYIX_NONE) ||
*5113495bSYour Name	    !is_valid_keyix(keyix))
*5113495bSYour Name		key = priv_key->key[crypto_priv->crypto_key.def_tx_keyid];
*5113495bSYour Name	else if (is_bigtk(keyix))
*5113495bSYour Name		key = priv_key->bigtk_key[keyix - WLAN_CRYPTO_MAXKEYIDX
*5113495bSYour Name						- WLAN_CRYPTO_MAXIGTKKEYIDX];
*5113495bSYour Name	else if (is_igtk(keyix))
*5113495bSYour Name		key = priv_key->igtk_key[keyix - WLAN_CRYPTO_MAXKEYIDX];
*5113495bSYour Name	else
*5113495bSYour Name		key = priv_key->key[keyix];
*5113495bSYour Name
*5113495bSYour Name	if (key && key->valid)
*5113495bSYour Name		return key;
*5113495bSYour Name
*5113495bSYour Name	return NULL;
*5113495bSYour Name}
*5113495bSYour Nameqdf_export_symbol(wlan_crypto_vdev_getkey);
*5113495bSYour Name
*5113495bSYour Namestruct wlan_crypto_key *wlan_crypto_peer_getkey(struct wlan_objmgr_peer *peer,
*5113495bSYour Name						uint16_t keyix)
*5113495bSYour Name{
*5113495bSYour Name	struct wlan_crypto_comp_priv *crypto_priv;
*5113495bSYour Name	struct wlan_crypto_params *crypto_params;
*5113495bSYour Name	struct wlan_crypto_key *key = NULL;
*5113495bSYour Name	struct wlan_crypto_keys *priv_key = NULL;
*5113495bSYour Name
*5113495bSYour Name	crypto_params = wlan_crypto_peer_get_comp_params(peer, &crypto_priv);
*5113495bSYour Name
*5113495bSYour Name	if (!crypto_priv) {
*5113495bSYour Name		crypto_err("crypto_priv NULL");
*5113495bSYour Name		return NULL;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	priv_key = &crypto_priv->crypto_key;
*5113495bSYour Name
*5113495bSYour Name	/* for keyix 4,5 we return the igtk keys for keyix more than 5
*5113495bSYour Name	 * we return the default key, for all other keyix we return the
*5113495bSYour Name	 * key accordingly.
*5113495bSYour Name	 */
*5113495bSYour Name	if (keyix == WLAN_CRYPTO_KEYIX_NONE ||
*5113495bSYour Name	    !is_valid_keyix(keyix))
*5113495bSYour Name		key = priv_key->key[crypto_priv->crypto_key.def_tx_keyid];
*5113495bSYour Name	else if (is_bigtk(keyix))
*5113495bSYour Name		key = priv_key->bigtk_key[keyix - WLAN_CRYPTO_MAXKEYIDX
*5113495bSYour Name						- WLAN_CRYPTO_MAXIGTKKEYIDX];
*5113495bSYour Name	else if (is_igtk(keyix))
*5113495bSYour Name		key = priv_key->igtk_key[keyix - WLAN_CRYPTO_MAXKEYIDX];
*5113495bSYour Name	else
*5113495bSYour Name		key = priv_key->key[keyix];
*5113495bSYour Name
*5113495bSYour Name	if (key && key->valid)
*5113495bSYour Name		return key;
*5113495bSYour Name
*5113495bSYour Name	return NULL;
*5113495bSYour Name}
*5113495bSYour Nameqdf_export_symbol(wlan_crypto_peer_getkey);
*5113495bSYour Name
*5113495bSYour NameQDF_STATUS wlan_crypto_getkey(struct wlan_objmgr_vdev *vdev,
*5113495bSYour Name				struct wlan_crypto_req_key *req_key,
*5113495bSYour Name				uint8_t *mac_addr)
*5113495bSYour Name{
*5113495bSYour Name	struct wlan_crypto_cipher *cipher_table;
*5113495bSYour Name	struct wlan_crypto_key *key;
*5113495bSYour Name	struct wlan_objmgr_psoc *psoc;
*5113495bSYour Name	struct wlan_lmac_if_tx_ops *tx_ops;
*5113495bSYour Name	struct wlan_lmac_if_rx_ops *rx_ops;
*5113495bSYour Name	uint8_t macaddr[QDF_MAC_ADDR_SIZE] =
*5113495bSYour Name			{0xff, 0xff, 0xff, 0xff, 0xff, 0xff};
*5113495bSYour Name	QDF_STATUS status = QDF_STATUS_E_INVAL;
*5113495bSYour Name	struct wlan_objmgr_peer *peer = NULL;
*5113495bSYour Name	uint8_t pdev_id;
*5113495bSYour Name	uint16_t get_pn_enable;
*5113495bSYour Name	bool is_bcast;
*5113495bSYour Name	uint8_t *pn_mac_addr;
*5113495bSYour Name
*5113495bSYour Name	if (!req_key) {
*5113495bSYour Name		crypto_err("req_key NULL");
*5113495bSYour Name		return QDF_STATUS_E_INVAL;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	get_pn_enable = req_key->flags & WLAN_CRYPTO_KEY_GET_PN;
*5113495bSYour Name
*5113495bSYour Name	wlan_vdev_obj_lock(vdev);
*5113495bSYour Name	qdf_mem_copy(macaddr, wlan_vdev_mlme_get_macaddr(vdev),
*5113495bSYour Name		    QDF_MAC_ADDR_SIZE);
*5113495bSYour Name	psoc = wlan_vdev_get_psoc(vdev);
*5113495bSYour Name	if (!psoc) {
*5113495bSYour Name		wlan_vdev_obj_unlock(vdev);
*5113495bSYour Name		crypto_err("psoc NULL");
*5113495bSYour Name		return QDF_STATUS_E_INVAL;
*5113495bSYour Name	}
*5113495bSYour Name	wlan_vdev_obj_unlock(vdev);
*5113495bSYour Name
*5113495bSYour Name	tx_ops = wlan_psoc_get_lmac_if_txops(psoc);
*5113495bSYour Name	if (!tx_ops) {
*5113495bSYour Name		crypto_err("tx_ops is NULL");
*5113495bSYour Name		return QDF_STATUS_E_INVAL;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	rx_ops = wlan_psoc_get_lmac_if_rxops(psoc);
*5113495bSYour Name	if (!rx_ops) {
*5113495bSYour Name		crypto_err("rx_ops is NULL");
*5113495bSYour Name		return QDF_STATUS_E_INVAL;
*5113495bSYour Name	}
*5113495bSYour Name	is_bcast = qdf_is_macaddr_broadcast((struct qdf_mac_addr *)mac_addr);
*5113495bSYour Name
*5113495bSYour Name	if (is_bcast) {
*5113495bSYour Name		key = wlan_crypto_vdev_getkey(vdev, req_key->keyix);
*5113495bSYour Name		if (!key)
*5113495bSYour Name			return QDF_STATUS_E_INVAL;
*5113495bSYour Name	} else {
*5113495bSYour Name
*5113495bSYour Name		pdev_id = wlan_objmgr_pdev_get_pdev_id(
*5113495bSYour Name				wlan_vdev_get_pdev(vdev));
*5113495bSYour Name		peer = wlan_objmgr_get_peer_by_mac_n_vdev(
*5113495bSYour Name					psoc,
*5113495bSYour Name					pdev_id,
*5113495bSYour Name					macaddr,
*5113495bSYour Name					mac_addr,
*5113495bSYour Name					WLAN_CRYPTO_ID);
*5113495bSYour Name		if (!peer) {
*5113495bSYour Name			crypto_err("peer NULL");
*5113495bSYour Name			return QDF_STATUS_E_NOENT;
*5113495bSYour Name		}
*5113495bSYour Name		key = wlan_crypto_peer_getkey(peer, req_key->keyix);
*5113495bSYour Name
*5113495bSYour Name		if (!key) {
*5113495bSYour Name			crypto_err("Key is NULL");
*5113495bSYour Name			status = QDF_STATUS_E_INVAL;
*5113495bSYour Name			goto err;
*5113495bSYour Name		}
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	if (key->valid) {
*5113495bSYour Name		qdf_mem_copy(req_key->keydata,
*5113495bSYour Name				key->keyval, key->keylen);
*5113495bSYour Name		req_key->keylen = key->keylen;
*5113495bSYour Name		req_key->keyix = key->keyix;
*5113495bSYour Name		req_key->flags = key->flags;
*5113495bSYour Name
*5113495bSYour Name		if (is_igtk(req_key->keyix) || is_bigtk(req_key->keyix)) {
*5113495bSYour Name			req_key->type = key->cipher_type;
*5113495bSYour Name		} else {
*5113495bSYour Name			cipher_table = key->cipher_table;
*5113495bSYour Name
*5113495bSYour Name			if (!cipher_table) {
*5113495bSYour Name				status = QDF_STATUS_SUCCESS;
*5113495bSYour Name				goto err;
*5113495bSYour Name			}
*5113495bSYour Name
*5113495bSYour Name			req_key->type = cipher_table->cipher;
*5113495bSYour Name		}
*5113495bSYour Name
*5113495bSYour Name		if (req_key->type == WLAN_CRYPTO_CIPHER_WAPI_SMS4) {
*5113495bSYour Name			qdf_mem_copy((uint8_t *)(&req_key->txiv),
*5113495bSYour Name					(uint8_t *)(key->txiv),
*5113495bSYour Name					sizeof(req_key->txiv));
*5113495bSYour Name			qdf_mem_copy((uint8_t *)(&req_key->recviv),
*5113495bSYour Name					(uint8_t *)(key->recviv),
*5113495bSYour Name					sizeof(req_key->recviv));
*5113495bSYour Name		}
*5113495bSYour Name
*5113495bSYour Name		if (get_pn_enable) {
*5113495bSYour Name			pn_mac_addr = ((is_gtk(req_key->keyix) ||
*5113495bSYour Name					is_bigtk(req_key->keyix)) && is_bcast) ?
*5113495bSYour Name					macaddr : mac_addr;
*5113495bSYour Name
*5113495bSYour Name			if (WLAN_CRYPTO_TX_OPS_GETPN(tx_ops))
*5113495bSYour Name				WLAN_CRYPTO_TX_OPS_GETPN(tx_ops)(vdev,
*5113495bSYour Name								 pn_mac_addr,
*5113495bSYour Name								 req_key->keyix,
*5113495bSYour Name								 req_key->type);
*5113495bSYour Name			if (WLAN_CRYPTO_RX_OPS_GET_RXPN(&rx_ops->crypto_rx_ops))
*5113495bSYour Name				WLAN_CRYPTO_RX_OPS_GET_RXPN(&rx_ops->crypto_rx_ops)(
*5113495bSYour Name						vdev, mac_addr, req_key->keyix);
*5113495bSYour Name
*5113495bSYour Name			qdf_mem_copy((uint8_t *)(&req_key->keytsc),
*5113495bSYour Name				     (uint8_t *)(&key->keytsc),
*5113495bSYour Name				     sizeof(req_key->keytsc));
*5113495bSYour Name			qdf_mem_copy((uint8_t *)(&req_key->keyrsc),
*5113495bSYour Name				     (uint8_t *)(&key->keyrsc[0]),
*5113495bSYour Name				     sizeof(req_key->keyrsc));
*5113495bSYour Name		}
*5113495bSYour Name
*5113495bSYour Name	}
*5113495bSYour Name	status = QDF_STATUS_SUCCESS;
*5113495bSYour Name
*5113495bSYour Nameerr:
*5113495bSYour Name	if (peer)
*5113495bSYour Name		wlan_objmgr_peer_release_ref(peer, WLAN_CRYPTO_ID);
*5113495bSYour Name
*5113495bSYour Name	return status;
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour NameQDF_STATUS wlan_crypto_delkey(struct wlan_objmgr_vdev *vdev,
*5113495bSYour Name				uint8_t *macaddr,
*5113495bSYour Name				uint8_t key_idx)
*5113495bSYour Name{
*5113495bSYour Name	struct wlan_crypto_comp_priv *crypto_priv;
*5113495bSYour Name	struct wlan_crypto_params *crypto_params;
*5113495bSYour Name	struct wlan_crypto_key *key;
*5113495bSYour Name	struct wlan_crypto_cipher *cipher_table;
*5113495bSYour Name	struct wlan_objmgr_psoc *psoc;
*5113495bSYour Name	struct wlan_lmac_if_tx_ops *tx_ops;
*5113495bSYour Name	uint8_t bssid_mac[QDF_MAC_ADDR_SIZE];
*5113495bSYour Name	struct wlan_objmgr_peer *peer = NULL;
*5113495bSYour Name	QDF_STATUS ret = QDF_STATUS_SUCCESS;
*5113495bSYour Name
*5113495bSYour Name	if (!vdev || !macaddr ||
*5113495bSYour Name		!is_valid_keyix(key_idx)) {
*5113495bSYour Name		crypto_err("Invalid param vdev %pK macaddr %pK keyidx %d",
*5113495bSYour Name			   vdev, macaddr, key_idx);
*5113495bSYour Name		return QDF_STATUS_E_INVAL;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	wlan_vdev_obj_lock(vdev);
*5113495bSYour Name	qdf_mem_copy(bssid_mac, wlan_vdev_mlme_get_macaddr(vdev),
*5113495bSYour Name		    QDF_MAC_ADDR_SIZE);
*5113495bSYour Name	psoc = wlan_vdev_get_psoc(vdev);
*5113495bSYour Name	if (!psoc) {
*5113495bSYour Name		wlan_vdev_obj_unlock(vdev);
*5113495bSYour Name		crypto_err("psoc NULL");
*5113495bSYour Name		return QDF_STATUS_E_INVAL;
*5113495bSYour Name	}
*5113495bSYour Name	wlan_vdev_obj_unlock(vdev);
*5113495bSYour Name
*5113495bSYour Name	if (qdf_is_macaddr_broadcast((struct qdf_mac_addr *)macaddr)) {
*5113495bSYour Name		crypto_params = wlan_crypto_vdev_get_comp_params(vdev,
*5113495bSYour Name								&crypto_priv);
*5113495bSYour Name		if (!crypto_priv) {
*5113495bSYour Name			crypto_err("crypto_priv NULL");
*5113495bSYour Name			return QDF_STATUS_E_INVAL;
*5113495bSYour Name		}
*5113495bSYour Name	} else {
*5113495bSYour Name		uint8_t pdev_id;
*5113495bSYour Name
*5113495bSYour Name		pdev_id = wlan_objmgr_pdev_get_pdev_id(
*5113495bSYour Name				wlan_vdev_get_pdev(vdev));
*5113495bSYour Name		peer = wlan_objmgr_get_peer_by_mac_n_vdev(
*5113495bSYour Name				psoc, pdev_id,
*5113495bSYour Name				bssid_mac,
*5113495bSYour Name				macaddr,
*5113495bSYour Name				WLAN_CRYPTO_ID);
*5113495bSYour Name		if (!peer) {
*5113495bSYour Name			return QDF_STATUS_E_INVAL;
*5113495bSYour Name		}
*5113495bSYour Name		crypto_params = wlan_crypto_peer_get_comp_params(peer,
*5113495bSYour Name								&crypto_priv);
*5113495bSYour Name		if (!crypto_priv) {
*5113495bSYour Name			crypto_err("crypto_priv NULL");
*5113495bSYour Name			ret = QDF_STATUS_E_INVAL;
*5113495bSYour Name			goto ret_rel_ref;
*5113495bSYour Name		}
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	if (key_idx >= WLAN_CRYPTO_MAXKEYIDX) {
*5113495bSYour Name		uint8_t igtk_idx = key_idx - WLAN_CRYPTO_MAXKEYIDX;
*5113495bSYour Name		uint8_t bigtk_idx = igtk_idx - WLAN_CRYPTO_MAXIGTKKEYIDX;
*5113495bSYour Name
*5113495bSYour Name		if (!is_igtk(key_idx) && !(is_bigtk(key_idx))) {
*5113495bSYour Name			crypto_err("igtk/bigtk key invalid keyid %d", key_idx);
*5113495bSYour Name			ret = QDF_STATUS_E_INVAL;
*5113495bSYour Name			goto ret_rel_ref;
*5113495bSYour Name		}
*5113495bSYour Name		if (is_igtk(key_idx)) {
*5113495bSYour Name			key = crypto_priv->crypto_key.igtk_key[igtk_idx];
*5113495bSYour Name			crypto_priv->crypto_key.igtk_key[igtk_idx] = NULL;
*5113495bSYour Name		} else {
*5113495bSYour Name			key = crypto_priv->crypto_key.bigtk_key[bigtk_idx];
*5113495bSYour Name			crypto_priv->crypto_key.bigtk_key[bigtk_idx] = NULL;
*5113495bSYour Name		}
*5113495bSYour Name		if (key)
*5113495bSYour Name			key->valid = 0;
*5113495bSYour Name	} else {
*5113495bSYour Name		key = crypto_priv->crypto_key.key[key_idx];
*5113495bSYour Name		crypto_priv->crypto_key.key[key_idx] = NULL;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	if (!key) {
*5113495bSYour Name		ret = QDF_STATUS_E_INVAL;
*5113495bSYour Name		goto ret_rel_ref;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	if (key->valid) {
*5113495bSYour Name		cipher_table = (struct wlan_crypto_cipher *)key->cipher_table;
*5113495bSYour Name		qdf_mem_zero(key->keyval, sizeof(key->keyval));
*5113495bSYour Name
*5113495bSYour Name		tx_ops = wlan_psoc_get_lmac_if_txops(psoc);
*5113495bSYour Name		if (!tx_ops) {
*5113495bSYour Name			crypto_err("tx_ops is NULL");
*5113495bSYour Name			ret = QDF_STATUS_E_INVAL;
*5113495bSYour Name			goto ret_rel_ref;
*5113495bSYour Name		}
*5113495bSYour Name
*5113495bSYour Name		if (!IS_FILS_CIPHER(cipher_table->cipher) &&
*5113495bSYour Name		    WLAN_CRYPTO_TX_OPS_DELKEY(tx_ops)) {
*5113495bSYour Name			WLAN_CRYPTO_TX_OPS_DELKEY(tx_ops)(vdev, key, macaddr,
*5113495bSYour Name							  cipher_table->cipher);
*5113495bSYour Name		} else if (IS_FILS_CIPHER(cipher_table->cipher)) {
*5113495bSYour Name			if (key->private)
*5113495bSYour Name				qdf_mem_free(key->private);
*5113495bSYour Name		}
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	/* Zero-out local key variables */
*5113495bSYour Name	qdf_mem_zero(key, sizeof(struct wlan_crypto_key));
*5113495bSYour Name	qdf_mem_free(key);
*5113495bSYour Name	key = NULL;
*5113495bSYour Name
*5113495bSYour Nameret_rel_ref:
*5113495bSYour Name	if (peer)
*5113495bSYour Name		wlan_objmgr_peer_release_ref(peer, WLAN_CRYPTO_ID);
*5113495bSYour Name
*5113495bSYour Name	return ret;
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour Name#ifdef CRYPTO_SET_KEY_CONVERGED
*5113495bSYour Namestatic QDF_STATUS wlan_crypto_set_default_key(struct wlan_objmgr_vdev *vdev,
*5113495bSYour Name					      uint8_t key_idx, uint8_t *macaddr)
*5113495bSYour Name{
*5113495bSYour Name	return QDF_STATUS_SUCCESS;
*5113495bSYour Name}
*5113495bSYour Name#else
*5113495bSYour Namestatic QDF_STATUS wlan_crypto_set_default_key(struct wlan_objmgr_vdev *vdev,
*5113495bSYour Name					      uint8_t key_idx, uint8_t *macaddr)
*5113495bSYour Name{
*5113495bSYour Name	struct wlan_objmgr_psoc *psoc;
*5113495bSYour Name	struct wlan_lmac_if_tx_ops *tx_ops;
*5113495bSYour Name
*5113495bSYour Name	psoc = wlan_vdev_get_psoc(vdev);
*5113495bSYour Name	if (!psoc) {
*5113495bSYour Name		crypto_err("psoc is NULL");
*5113495bSYour Name		return QDF_STATUS_E_INVAL;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	tx_ops = wlan_psoc_get_lmac_if_txops(psoc);
*5113495bSYour Name	if (!tx_ops) {
*5113495bSYour Name		crypto_err("tx_ops is NULL");
*5113495bSYour Name		return QDF_STATUS_E_INVAL;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	if (WLAN_CRYPTO_TX_OPS_DEFAULTKEY(tx_ops))
*5113495bSYour Name		WLAN_CRYPTO_TX_OPS_DEFAULTKEY(tx_ops)(vdev, key_idx, macaddr);
*5113495bSYour Name
*5113495bSYour Name	return QDF_STATUS_SUCCESS;
*5113495bSYour Name}
*5113495bSYour Name#endif
*5113495bSYour Name
*5113495bSYour NameQDF_STATUS wlan_crypto_default_key(struct wlan_objmgr_vdev *vdev,
*5113495bSYour Name					uint8_t *macaddr,
*5113495bSYour Name					uint8_t key_idx,
*5113495bSYour Name					bool unicast)
*5113495bSYour Name{
*5113495bSYour Name	struct wlan_crypto_comp_priv *crypto_priv;
*5113495bSYour Name	struct wlan_crypto_params *crypto_params;
*5113495bSYour Name	struct wlan_crypto_key *key;
*5113495bSYour Name	struct wlan_objmgr_psoc *psoc;
*5113495bSYour Name	uint8_t bssid_mac[QDF_MAC_ADDR_SIZE];
*5113495bSYour Name
*5113495bSYour Name	if (!vdev || !macaddr || (key_idx >= WLAN_CRYPTO_MAXKEYIDX)) {
*5113495bSYour Name		crypto_err("Invalid param vdev %pK macaddr %pK keyidx %d",
*5113495bSYour Name			   vdev, macaddr, key_idx);
*5113495bSYour Name		return QDF_STATUS_E_INVAL;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	wlan_vdev_obj_lock(vdev);
*5113495bSYour Name	qdf_mem_copy(bssid_mac, wlan_vdev_mlme_get_macaddr(vdev),
*5113495bSYour Name		    QDF_MAC_ADDR_SIZE);
*5113495bSYour Name	psoc = wlan_vdev_get_psoc(vdev);
*5113495bSYour Name	if (!psoc) {
*5113495bSYour Name		wlan_vdev_obj_unlock(vdev);
*5113495bSYour Name		crypto_err("psoc NULL");
*5113495bSYour Name		return QDF_STATUS_E_INVAL;
*5113495bSYour Name	}
*5113495bSYour Name	wlan_vdev_obj_unlock(vdev);
*5113495bSYour Name
*5113495bSYour Name	if (qdf_is_macaddr_broadcast((struct qdf_mac_addr *)macaddr)) {
*5113495bSYour Name		crypto_params = wlan_crypto_vdev_get_comp_params(vdev,
*5113495bSYour Name								&crypto_priv);
*5113495bSYour Name		if (!crypto_priv) {
*5113495bSYour Name			crypto_err("crypto_priv NULL");
*5113495bSYour Name			return QDF_STATUS_E_INVAL;
*5113495bSYour Name		}
*5113495bSYour Name
*5113495bSYour Name		key = crypto_priv->crypto_key.key[key_idx];
*5113495bSYour Name		if (!key)
*5113495bSYour Name			return QDF_STATUS_E_INVAL;
*5113495bSYour Name	} else {
*5113495bSYour Name		struct wlan_objmgr_peer *peer;
*5113495bSYour Name		uint8_t pdev_id;
*5113495bSYour Name
*5113495bSYour Name		pdev_id = wlan_objmgr_pdev_get_pdev_id(
*5113495bSYour Name				wlan_vdev_get_pdev(vdev));
*5113495bSYour Name		peer = wlan_objmgr_get_peer_by_mac_n_vdev(
*5113495bSYour Name				psoc, pdev_id,
*5113495bSYour Name				bssid_mac,
*5113495bSYour Name				macaddr,
*5113495bSYour Name				WLAN_CRYPTO_ID);
*5113495bSYour Name
*5113495bSYour Name		if (!peer) {
*5113495bSYour Name			crypto_err("peer NULL");
*5113495bSYour Name			return QDF_STATUS_E_INVAL;
*5113495bSYour Name		}
*5113495bSYour Name		crypto_params = wlan_crypto_peer_get_comp_params(peer,
*5113495bSYour Name								&crypto_priv);
*5113495bSYour Name		wlan_objmgr_peer_release_ref(peer, WLAN_CRYPTO_ID);
*5113495bSYour Name		if (!crypto_priv) {
*5113495bSYour Name			crypto_err("crypto_priv NULL");
*5113495bSYour Name			return QDF_STATUS_E_INVAL;
*5113495bSYour Name		}
*5113495bSYour Name
*5113495bSYour Name		key = crypto_priv->crypto_key.key[key_idx];
*5113495bSYour Name		if (!key)
*5113495bSYour Name			return QDF_STATUS_E_INVAL;
*5113495bSYour Name	}
*5113495bSYour Name	if (!key->valid)
*5113495bSYour Name		return QDF_STATUS_E_INVAL;
*5113495bSYour Name
*5113495bSYour Name	if (wlan_crypto_set_default_key(vdev, key_idx, macaddr) !=
*5113495bSYour Name			QDF_STATUS_SUCCESS)
*5113495bSYour Name		return QDF_STATUS_E_INVAL;
*5113495bSYour Name	crypto_priv->crypto_key.def_tx_keyid = key_idx;
*5113495bSYour Name
*5113495bSYour Name	return QDF_STATUS_SUCCESS;
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour NameQDF_STATUS wlan_crypto_encap(struct wlan_objmgr_vdev *vdev,
*5113495bSYour Name				qdf_nbuf_t wbuf,
*5113495bSYour Name				uint8_t *mac_addr,
*5113495bSYour Name				uint8_t encapdone)
*5113495bSYour Name{
*5113495bSYour Name	struct wlan_crypto_comp_priv *crypto_priv;
*5113495bSYour Name	struct wlan_crypto_params *crypto_params;
*5113495bSYour Name	struct wlan_crypto_key *key;
*5113495bSYour Name	struct wlan_crypto_keys *priv_key = NULL;
*5113495bSYour Name	QDF_STATUS status;
*5113495bSYour Name	struct wlan_crypto_cipher *cipher_table;
*5113495bSYour Name	struct wlan_objmgr_psoc *psoc;
*5113495bSYour Name	struct wlan_objmgr_peer *peer;
*5113495bSYour Name	uint8_t bssid_mac[QDF_MAC_ADDR_SIZE];
*5113495bSYour Name	uint8_t pdev_id;
*5113495bSYour Name	uint8_t hdrlen;
*5113495bSYour Name	enum QDF_OPMODE opmode;
*5113495bSYour Name
*5113495bSYour Name	opmode = wlan_vdev_mlme_get_opmode(vdev);
*5113495bSYour Name	wlan_vdev_obj_lock(vdev);
*5113495bSYour Name	qdf_mem_copy(bssid_mac, wlan_vdev_mlme_get_macaddr(vdev),
*5113495bSYour Name		    QDF_MAC_ADDR_SIZE);
*5113495bSYour Name	psoc = wlan_vdev_get_psoc(vdev);
*5113495bSYour Name	if (!psoc) {
*5113495bSYour Name		wlan_vdev_obj_unlock(vdev);
*5113495bSYour Name		crypto_err("psoc NULL");
*5113495bSYour Name		return QDF_STATUS_E_INVAL;
*5113495bSYour Name	}
*5113495bSYour Name	wlan_vdev_obj_unlock(vdev);
*5113495bSYour Name
*5113495bSYour Name	pdev_id = wlan_objmgr_pdev_get_pdev_id(wlan_vdev_get_pdev(vdev));
*5113495bSYour Name	/* FILS Encap required only for (Re-)Assoc response */
*5113495bSYour Name	peer = wlan_objmgr_get_peer(psoc, pdev_id, mac_addr, WLAN_CRYPTO_ID);
*5113495bSYour Name
*5113495bSYour Name	if (!wlan_crypto_is_data_protected((uint8_t *)qdf_nbuf_data(wbuf)) &&
*5113495bSYour Name	    peer && !wlan_crypto_get_peer_fils_aead(peer)) {
*5113495bSYour Name		wlan_objmgr_peer_release_ref(peer, WLAN_CRYPTO_ID);
*5113495bSYour Name		return QDF_STATUS_E_INVAL;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	if (peer)
*5113495bSYour Name		wlan_objmgr_peer_release_ref(peer, WLAN_CRYPTO_ID);
*5113495bSYour Name	peer = NULL;
*5113495bSYour Name
*5113495bSYour Name	if (qdf_is_macaddr_group((struct qdf_mac_addr *)mac_addr)) {
*5113495bSYour Name		crypto_params = wlan_crypto_vdev_get_comp_params(vdev,
*5113495bSYour Name								&crypto_priv);
*5113495bSYour Name		if (!crypto_priv) {
*5113495bSYour Name			crypto_err("crypto_priv NULL");
*5113495bSYour Name			return QDF_STATUS_E_INVAL;
*5113495bSYour Name		}
*5113495bSYour Name
*5113495bSYour Name		priv_key = &crypto_priv->crypto_key;
*5113495bSYour Name
*5113495bSYour Name		key = priv_key->key[priv_key->def_tx_keyid];
*5113495bSYour Name		if (!key)
*5113495bSYour Name			return QDF_STATUS_E_INVAL;
*5113495bSYour Name
*5113495bSYour Name	} else {
*5113495bSYour Name		peer = wlan_objmgr_get_peer_by_mac_n_vdev(psoc, pdev_id,
*5113495bSYour Name							  bssid_mac, mac_addr,
*5113495bSYour Name							  WLAN_CRYPTO_ID);
*5113495bSYour Name		if (!peer) {
*5113495bSYour Name			crypto_err("crypto_priv NULL");
*5113495bSYour Name			return QDF_STATUS_E_INVAL;
*5113495bSYour Name		}
*5113495bSYour Name
*5113495bSYour Name		crypto_params = wlan_crypto_peer_get_comp_params(peer,
*5113495bSYour Name								&crypto_priv);
*5113495bSYour Name
*5113495bSYour Name		if (!crypto_priv) {
*5113495bSYour Name			crypto_err("crypto_priv NULL");
*5113495bSYour Name			status = QDF_STATUS_E_INVAL;
*5113495bSYour Name			goto err;
*5113495bSYour Name		}
*5113495bSYour Name
*5113495bSYour Name		priv_key = &crypto_priv->crypto_key;
*5113495bSYour Name
*5113495bSYour Name		key = priv_key->key[priv_key->def_tx_keyid];
*5113495bSYour Name		if (!key) {
*5113495bSYour Name			crypto_err("Key is NULL");
*5113495bSYour Name			status = QDF_STATUS_E_INVAL;
*5113495bSYour Name			goto err;
*5113495bSYour Name		}
*5113495bSYour Name	}
*5113495bSYour Name	if (opmode == QDF_MONITOR_MODE)
*5113495bSYour Name		hdrlen = ieee80211_hdrsize((uint8_t *)qdf_nbuf_data(wbuf));
*5113495bSYour Name	else
*5113495bSYour Name		hdrlen = ieee80211_hdrspace(wlan_vdev_get_pdev(vdev),
*5113495bSYour Name					    (uint8_t *)qdf_nbuf_data(wbuf));
*5113495bSYour Name
*5113495bSYour Name	if (!key->valid || !key->cipher_table) {
*5113495bSYour Name		status = QDF_STATUS_E_INVAL;
*5113495bSYour Name		goto err;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	/* if tkip, is counter measures enabled, then drop the frame */
*5113495bSYour Name	cipher_table = (struct wlan_crypto_cipher *)key->cipher_table;
*5113495bSYour Name	status = cipher_table->encap(key, wbuf, encapdone,
*5113495bSYour Name				     hdrlen);
*5113495bSYour Name
*5113495bSYour Nameerr:
*5113495bSYour Name	if (peer)
*5113495bSYour Name		wlan_objmgr_peer_release_ref(peer, WLAN_CRYPTO_ID);
*5113495bSYour Name
*5113495bSYour Name	return status;
*5113495bSYour Name}
*5113495bSYour Nameqdf_export_symbol(wlan_crypto_encap);
*5113495bSYour Name
*5113495bSYour NameQDF_STATUS wlan_crypto_decap(struct wlan_objmgr_vdev *vdev,
*5113495bSYour Name				qdf_nbuf_t wbuf,
*5113495bSYour Name				uint8_t *mac_addr,
*5113495bSYour Name				uint8_t tid)
*5113495bSYour Name{
*5113495bSYour Name	struct wlan_crypto_comp_priv *crypto_priv;
*5113495bSYour Name	struct wlan_crypto_params *crypto_params;
*5113495bSYour Name	struct wlan_crypto_key *key;
*5113495bSYour Name	QDF_STATUS status;
*5113495bSYour Name	struct wlan_crypto_cipher *cipher_table;
*5113495bSYour Name	struct wlan_objmgr_psoc *psoc;
*5113495bSYour Name	struct wlan_objmgr_peer *peer;
*5113495bSYour Name	uint8_t bssid_mac[QDF_MAC_ADDR_SIZE];
*5113495bSYour Name	uint8_t keyid;
*5113495bSYour Name	uint8_t pdev_id;
*5113495bSYour Name	uint8_t hdrlen;
*5113495bSYour Name	enum QDF_OPMODE opmode;
*5113495bSYour Name
*5113495bSYour Name	opmode = wlan_vdev_mlme_get_opmode(vdev);
*5113495bSYour Name	wlan_vdev_obj_lock(vdev);
*5113495bSYour Name	qdf_mem_copy(bssid_mac, wlan_vdev_mlme_get_macaddr(vdev),
*5113495bSYour Name		    QDF_MAC_ADDR_SIZE);
*5113495bSYour Name	psoc = wlan_vdev_get_psoc(vdev);
*5113495bSYour Name	if (!psoc) {
*5113495bSYour Name		wlan_vdev_obj_unlock(vdev);
*5113495bSYour Name		crypto_err("psoc NULL");
*5113495bSYour Name		return QDF_STATUS_E_INVAL;
*5113495bSYour Name	}
*5113495bSYour Name	wlan_vdev_obj_unlock(vdev);
*5113495bSYour Name
*5113495bSYour Name	if (opmode == QDF_MONITOR_MODE)
*5113495bSYour Name		hdrlen = ieee80211_hdrsize((uint8_t *)qdf_nbuf_data(wbuf));
*5113495bSYour Name	else
*5113495bSYour Name		hdrlen = ieee80211_hdrspace(wlan_vdev_get_pdev(vdev),
*5113495bSYour Name					    (uint8_t *)qdf_nbuf_data(wbuf));
*5113495bSYour Name
*5113495bSYour Name	keyid = wlan_crypto_get_keyid((uint8_t *)qdf_nbuf_data(wbuf), hdrlen);
*5113495bSYour Name
*5113495bSYour Name	if (keyid >= WLAN_CRYPTO_MAXKEYIDX)
*5113495bSYour Name		return QDF_STATUS_E_INVAL;
*5113495bSYour Name
*5113495bSYour Name	pdev_id = wlan_objmgr_pdev_get_pdev_id(wlan_vdev_get_pdev(vdev));
*5113495bSYour Name	/* FILS Decap required only for (Re-)Assoc request */
*5113495bSYour Name	peer = wlan_objmgr_get_peer(psoc, pdev_id, mac_addr, WLAN_CRYPTO_ID);
*5113495bSYour Name
*5113495bSYour Name	if (!wlan_crypto_is_data_protected((uint8_t *)qdf_nbuf_data(wbuf)) &&
*5113495bSYour Name	    peer && !wlan_crypto_get_peer_fils_aead(peer)) {
*5113495bSYour Name		wlan_objmgr_peer_release_ref(peer, WLAN_CRYPTO_ID);
*5113495bSYour Name		return QDF_STATUS_E_INVAL;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	if (peer)
*5113495bSYour Name		wlan_objmgr_peer_release_ref(peer, WLAN_CRYPTO_ID);
*5113495bSYour Name	peer = NULL;
*5113495bSYour Name
*5113495bSYour Name	if (qdf_is_macaddr_group((struct qdf_mac_addr *)mac_addr)) {
*5113495bSYour Name		crypto_params = wlan_crypto_vdev_get_comp_params(vdev,
*5113495bSYour Name								&crypto_priv);
*5113495bSYour Name		if (!crypto_priv) {
*5113495bSYour Name			crypto_err("crypto_priv NULL");
*5113495bSYour Name			return QDF_STATUS_E_INVAL;
*5113495bSYour Name		}
*5113495bSYour Name
*5113495bSYour Name		key = crypto_priv->crypto_key.key[keyid];
*5113495bSYour Name		if (!key)
*5113495bSYour Name			return QDF_STATUS_E_INVAL;
*5113495bSYour Name	} else {
*5113495bSYour Name		peer = wlan_objmgr_get_peer_by_mac_n_vdev(
*5113495bSYour Name					psoc, pdev_id, bssid_mac,
*5113495bSYour Name					mac_addr, WLAN_CRYPTO_ID);
*5113495bSYour Name		if (!peer) {
*5113495bSYour Name			crypto_err("peer NULL");
*5113495bSYour Name			return QDF_STATUS_E_INVAL;
*5113495bSYour Name		}
*5113495bSYour Name
*5113495bSYour Name		crypto_params = wlan_crypto_peer_get_comp_params(peer,
*5113495bSYour Name								&crypto_priv);
*5113495bSYour Name
*5113495bSYour Name		if (!crypto_priv) {
*5113495bSYour Name			crypto_err("crypto_priv NULL");
*5113495bSYour Name			status = QDF_STATUS_E_INVAL;
*5113495bSYour Name			goto err;
*5113495bSYour Name		}
*5113495bSYour Name
*5113495bSYour Name		key = crypto_priv->crypto_key.key[keyid];
*5113495bSYour Name		if (!key) {
*5113495bSYour Name			crypto_err("Key is NULL");
*5113495bSYour Name			status = QDF_STATUS_E_INVAL;
*5113495bSYour Name			goto err;
*5113495bSYour Name		}
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	if (!key->valid || !key->cipher_table) {
*5113495bSYour Name		status = QDF_STATUS_E_INVAL;
*5113495bSYour Name		goto err;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	/* if tkip, is counter measures enabled, then drop the frame */
*5113495bSYour Name	cipher_table = (struct wlan_crypto_cipher *)key->cipher_table;
*5113495bSYour Name	status = cipher_table->decap(key, wbuf, tid, hdrlen);
*5113495bSYour Name
*5113495bSYour Nameerr:
*5113495bSYour Name	if (peer)
*5113495bSYour Name		wlan_objmgr_peer_release_ref(peer, WLAN_CRYPTO_ID);
*5113495bSYour Name
*5113495bSYour Name	return status;
*5113495bSYour Name}
*5113495bSYour Nameqdf_export_symbol(wlan_crypto_decap);
*5113495bSYour Name
*5113495bSYour NameQDF_STATUS wlan_crypto_enmic(struct wlan_objmgr_vdev *vdev,
*5113495bSYour Name				qdf_nbuf_t wbuf,
*5113495bSYour Name				uint8_t *mac_addr,
*5113495bSYour Name				uint8_t encapdone)
*5113495bSYour Name{
*5113495bSYour Name	struct wlan_crypto_comp_priv *crypto_priv;
*5113495bSYour Name	struct wlan_crypto_params *crypto_params;
*5113495bSYour Name	struct wlan_crypto_key *key;
*5113495bSYour Name	struct wlan_crypto_keys *priv_key = NULL;
*5113495bSYour Name	QDF_STATUS status;
*5113495bSYour Name	struct wlan_crypto_cipher *cipher_table;
*5113495bSYour Name	struct wlan_objmgr_psoc *psoc;
*5113495bSYour Name	uint8_t bssid_mac[QDF_MAC_ADDR_SIZE];
*5113495bSYour Name	uint8_t hdrlen;
*5113495bSYour Name	enum QDF_OPMODE opmode;
*5113495bSYour Name
*5113495bSYour Name	opmode = wlan_vdev_mlme_get_opmode(vdev);
*5113495bSYour Name
*5113495bSYour Name
*5113495bSYour Name	wlan_vdev_obj_lock(vdev);
*5113495bSYour Name	qdf_mem_copy(bssid_mac, wlan_vdev_mlme_get_macaddr(vdev),
*5113495bSYour Name		    QDF_MAC_ADDR_SIZE);
*5113495bSYour Name	psoc = wlan_vdev_get_psoc(vdev);
*5113495bSYour Name	if (!psoc) {
*5113495bSYour Name		wlan_vdev_obj_unlock(vdev);
*5113495bSYour Name		crypto_err("psoc NULL");
*5113495bSYour Name		return QDF_STATUS_E_INVAL;
*5113495bSYour Name	}
*5113495bSYour Name	wlan_vdev_obj_unlock(vdev);
*5113495bSYour Name
*5113495bSYour Name	if (qdf_is_macaddr_broadcast((struct qdf_mac_addr *)mac_addr)) {
*5113495bSYour Name		crypto_params = wlan_crypto_vdev_get_comp_params(vdev,
*5113495bSYour Name								&crypto_priv);
*5113495bSYour Name		if (!crypto_priv) {
*5113495bSYour Name			crypto_err("crypto_priv NULL");
*5113495bSYour Name			return QDF_STATUS_E_INVAL;
*5113495bSYour Name		}
*5113495bSYour Name
*5113495bSYour Name		priv_key = &crypto_priv->crypto_key;
*5113495bSYour Name
*5113495bSYour Name		key = priv_key->key[crypto_priv->crypto_key.def_tx_keyid];
*5113495bSYour Name		if (!key)
*5113495bSYour Name			return QDF_STATUS_E_INVAL;
*5113495bSYour Name
*5113495bSYour Name	} else {
*5113495bSYour Name		struct wlan_objmgr_peer *peer;
*5113495bSYour Name		uint8_t pdev_id;
*5113495bSYour Name
*5113495bSYour Name		pdev_id = wlan_objmgr_pdev_get_pdev_id(
*5113495bSYour Name				wlan_vdev_get_pdev(vdev));
*5113495bSYour Name		peer = wlan_objmgr_get_peer_by_mac_n_vdev(
*5113495bSYour Name					psoc, pdev_id, bssid_mac,
*5113495bSYour Name					mac_addr, WLAN_CRYPTO_ID);
*5113495bSYour Name		if (!peer) {
*5113495bSYour Name			crypto_err("crypto_priv NULL");
*5113495bSYour Name			return QDF_STATUS_E_INVAL;
*5113495bSYour Name		}
*5113495bSYour Name
*5113495bSYour Name		crypto_params = wlan_crypto_peer_get_comp_params(peer,
*5113495bSYour Name								&crypto_priv);
*5113495bSYour Name		wlan_objmgr_peer_release_ref(peer, WLAN_CRYPTO_ID);
*5113495bSYour Name
*5113495bSYour Name		if (!crypto_priv) {
*5113495bSYour Name			crypto_err("crypto_priv NULL");
*5113495bSYour Name			return QDF_STATUS_E_INVAL;
*5113495bSYour Name		}
*5113495bSYour Name
*5113495bSYour Name		priv_key = &crypto_priv->crypto_key;
*5113495bSYour Name
*5113495bSYour Name		key = priv_key->key[crypto_priv->crypto_key.def_tx_keyid];
*5113495bSYour Name		if (!key)
*5113495bSYour Name			return QDF_STATUS_E_INVAL;
*5113495bSYour Name	}
*5113495bSYour Name	if (opmode == QDF_MONITOR_MODE)
*5113495bSYour Name		hdrlen = ieee80211_hdrsize((uint8_t *)qdf_nbuf_data(wbuf));
*5113495bSYour Name	else
*5113495bSYour Name		hdrlen = ieee80211_hdrspace(wlan_vdev_get_pdev(vdev),
*5113495bSYour Name					    (uint8_t *)qdf_nbuf_data(wbuf));
*5113495bSYour Name
*5113495bSYour Name	/* if tkip, is counter measures enabled, then drop the frame */
*5113495bSYour Name	cipher_table = (struct wlan_crypto_cipher *)key->cipher_table;
*5113495bSYour Name	status = cipher_table->enmic(key, wbuf, encapdone, hdrlen);
*5113495bSYour Name
*5113495bSYour Name	return status;
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour NameQDF_STATUS wlan_crypto_demic(struct wlan_objmgr_vdev *vdev,
*5113495bSYour Name			     qdf_nbuf_t wbuf,
*5113495bSYour Name			     uint8_t *mac_addr,
*5113495bSYour Name			     uint8_t tid,
*5113495bSYour Name			     uint8_t keyid)
*5113495bSYour Name{
*5113495bSYour Name	struct wlan_crypto_comp_priv *crypto_priv;
*5113495bSYour Name	struct wlan_crypto_params *crypto_params;
*5113495bSYour Name	struct wlan_crypto_key *key;
*5113495bSYour Name	QDF_STATUS status;
*5113495bSYour Name	struct wlan_crypto_cipher *cipher_table;
*5113495bSYour Name	struct wlan_objmgr_psoc *psoc;
*5113495bSYour Name	uint8_t bssid_mac[QDF_MAC_ADDR_SIZE];
*5113495bSYour Name	uint8_t hdrlen;
*5113495bSYour Name	enum QDF_OPMODE opmode;
*5113495bSYour Name
*5113495bSYour Name	opmode = wlan_vdev_mlme_get_opmode(vdev);
*5113495bSYour Name
*5113495bSYour Name	if (opmode == QDF_MONITOR_MODE)
*5113495bSYour Name		hdrlen = ieee80211_hdrsize((uint8_t *)qdf_nbuf_data(wbuf));
*5113495bSYour Name	else
*5113495bSYour Name		hdrlen = ieee80211_hdrspace(wlan_vdev_get_pdev(vdev),
*5113495bSYour Name					    (uint8_t *)qdf_nbuf_data(wbuf));
*5113495bSYour Name
*5113495bSYour Name	wlan_vdev_obj_lock(vdev);
*5113495bSYour Name	qdf_mem_copy(bssid_mac, wlan_vdev_mlme_get_macaddr(vdev),
*5113495bSYour Name		    QDF_MAC_ADDR_SIZE);
*5113495bSYour Name	psoc = wlan_vdev_get_psoc(vdev);
*5113495bSYour Name	if (!psoc) {
*5113495bSYour Name		wlan_vdev_obj_unlock(vdev);
*5113495bSYour Name		crypto_err("psoc NULL");
*5113495bSYour Name		return QDF_STATUS_E_INVAL;
*5113495bSYour Name	}
*5113495bSYour Name	wlan_vdev_obj_unlock(vdev);
*5113495bSYour Name
*5113495bSYour Name	if (qdf_is_macaddr_broadcast((struct qdf_mac_addr *)mac_addr)) {
*5113495bSYour Name		crypto_params = wlan_crypto_vdev_get_comp_params(vdev,
*5113495bSYour Name								&crypto_priv);
*5113495bSYour Name		if (!crypto_priv) {
*5113495bSYour Name			crypto_err("crypto_priv NULL");
*5113495bSYour Name			return QDF_STATUS_E_INVAL;
*5113495bSYour Name		}
*5113495bSYour Name
*5113495bSYour Name		key = crypto_priv->crypto_key.key[keyid];
*5113495bSYour Name		if (!key)
*5113495bSYour Name			return QDF_STATUS_E_INVAL;
*5113495bSYour Name
*5113495bSYour Name	} else {
*5113495bSYour Name		struct wlan_objmgr_peer *peer;
*5113495bSYour Name		uint8_t pdev_id;
*5113495bSYour Name
*5113495bSYour Name		pdev_id = wlan_objmgr_pdev_get_pdev_id(
*5113495bSYour Name				wlan_vdev_get_pdev(vdev));
*5113495bSYour Name		peer = wlan_objmgr_get_peer_by_mac_n_vdev(
*5113495bSYour Name					psoc, pdev_id, bssid_mac,
*5113495bSYour Name					mac_addr, WLAN_CRYPTO_ID);
*5113495bSYour Name		if (!peer) {
*5113495bSYour Name			crypto_err("peer NULL");
*5113495bSYour Name			return QDF_STATUS_E_INVAL;
*5113495bSYour Name		}
*5113495bSYour Name
*5113495bSYour Name		crypto_params = wlan_crypto_peer_get_comp_params(peer,
*5113495bSYour Name								&crypto_priv);
*5113495bSYour Name		wlan_objmgr_peer_release_ref(peer, WLAN_CRYPTO_ID);
*5113495bSYour Name
*5113495bSYour Name		if (!crypto_priv) {
*5113495bSYour Name			crypto_err("crypto_priv NULL");
*5113495bSYour Name			return QDF_STATUS_E_INVAL;
*5113495bSYour Name		}
*5113495bSYour Name
*5113495bSYour Name		key = crypto_priv->crypto_key.key[keyid];
*5113495bSYour Name		if (!key)
*5113495bSYour Name			return QDF_STATUS_E_INVAL;
*5113495bSYour Name	}
*5113495bSYour Name	/* if tkip, is counter measures enabled, then drop the frame */
*5113495bSYour Name	cipher_table = (struct wlan_crypto_cipher *)key->cipher_table;
*5113495bSYour Name	status = cipher_table->demic(key, wbuf, tid, hdrlen);
*5113495bSYour Name
*5113495bSYour Name	return status;
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour Namebool wlan_crypto_vdev_is_pmf_enabled(struct wlan_objmgr_vdev *vdev)
*5113495bSYour Name{
*5113495bSYour Name
*5113495bSYour Name	struct wlan_crypto_comp_priv *crypto_priv;
*5113495bSYour Name	struct wlan_crypto_params *vdev_crypto_params;
*5113495bSYour Name
*5113495bSYour Name	if (!vdev)
*5113495bSYour Name		return false;
*5113495bSYour Name	vdev_crypto_params = wlan_crypto_vdev_get_comp_params(vdev,
*5113495bSYour Name							&crypto_priv);
*5113495bSYour Name	if (!crypto_priv) {
*5113495bSYour Name		crypto_err("crypto_priv NULL");
*5113495bSYour Name		return false;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	if ((vdev_crypto_params->rsn_caps &
*5113495bSYour Name					WLAN_CRYPTO_RSN_CAP_MFP_ENABLED)
*5113495bSYour Name		|| (vdev_crypto_params->rsn_caps &
*5113495bSYour Name					WLAN_CRYPTO_RSN_CAP_MFP_REQUIRED)) {
*5113495bSYour Name		return true;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	return false;
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour Namebool wlan_crypto_vdev_is_pmf_required(struct wlan_objmgr_vdev *vdev)
*5113495bSYour Name{
*5113495bSYour Name	struct wlan_crypto_comp_priv *crypto_priv;
*5113495bSYour Name	struct wlan_crypto_params *vdev_crypto_params;
*5113495bSYour Name
*5113495bSYour Name	if (!vdev)
*5113495bSYour Name		return false;
*5113495bSYour Name
*5113495bSYour Name	vdev_crypto_params = wlan_crypto_vdev_get_comp_params(vdev,
*5113495bSYour Name							      &crypto_priv);
*5113495bSYour Name	if (!crypto_priv) {
*5113495bSYour Name		crypto_err("crypto_priv NULL");
*5113495bSYour Name		return false;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	if (vdev_crypto_params->rsn_caps & WLAN_CRYPTO_RSN_CAP_MFP_REQUIRED)
*5113495bSYour Name		return true;
*5113495bSYour Name
*5113495bSYour Name	return false;
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour Namebool wlan_crypto_is_pmf_enabled(struct wlan_objmgr_vdev *vdev,
*5113495bSYour Name				struct wlan_objmgr_peer *peer)
*5113495bSYour Name{
*5113495bSYour Name	struct wlan_crypto_comp_priv *crypto_priv;
*5113495bSYour Name	struct wlan_crypto_params *vdev_crypto_params;
*5113495bSYour Name	struct wlan_crypto_params *peer_crypto_params;
*5113495bSYour Name
*5113495bSYour Name	if (!vdev || !peer)
*5113495bSYour Name		return false;
*5113495bSYour Name	vdev_crypto_params = wlan_crypto_vdev_get_comp_params(vdev,
*5113495bSYour Name							&crypto_priv);
*5113495bSYour Name	if (!crypto_priv) {
*5113495bSYour Name		crypto_err("crypto_priv NULL");
*5113495bSYour Name		return false;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	peer_crypto_params = wlan_crypto_peer_get_comp_params(peer,
*5113495bSYour Name							&crypto_priv);
*5113495bSYour Name	if (!crypto_priv) {
*5113495bSYour Name		crypto_err("crypto_priv NULL");
*5113495bSYour Name		return false;
*5113495bSYour Name	}
*5113495bSYour Name	if (((vdev_crypto_params->rsn_caps &
*5113495bSYour Name					WLAN_CRYPTO_RSN_CAP_MFP_ENABLED) &&
*5113495bSYour Name		(peer_crypto_params->rsn_caps &
*5113495bSYour Name					WLAN_CRYPTO_RSN_CAP_MFP_ENABLED))
*5113495bSYour Name		|| (vdev_crypto_params->rsn_caps &
*5113495bSYour Name					WLAN_CRYPTO_RSN_CAP_MFP_REQUIRED)) {
*5113495bSYour Name		return true;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	return false;
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour Namebool wlan_crypto_is_key_valid(struct wlan_objmgr_vdev *vdev,
*5113495bSYour Name			      struct wlan_objmgr_peer *peer,
*5113495bSYour Name			      uint16_t keyidx)
*5113495bSYour Name{
*5113495bSYour Name	struct wlan_crypto_key *key = NULL;
*5113495bSYour Name
*5113495bSYour Name	if (!vdev && !peer)
*5113495bSYour Name		return false;
*5113495bSYour Name
*5113495bSYour Name	if (peer)
*5113495bSYour Name		key = wlan_crypto_peer_getkey(peer, keyidx);
*5113495bSYour Name	else if (vdev)
*5113495bSYour Name		key = wlan_crypto_vdev_getkey(vdev, keyidx);
*5113495bSYour Name
*5113495bSYour Name	if ((key) && key->valid)
*5113495bSYour Name		return true;
*5113495bSYour Name
*5113495bSYour Name	return false;
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour Namestatic void wlan_crypto_gmac_pn_swap(uint8_t *a, uint8_t *b)
*5113495bSYour Name{
*5113495bSYour Name	a[0] = b[5];
*5113495bSYour Name	a[1] = b[4];
*5113495bSYour Name	a[2] = b[3];
*5113495bSYour Name	a[3] = b[2];
*5113495bSYour Name	a[4] = b[1];
*5113495bSYour Name	a[5] = b[0];
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour Nameuint8_t *wlan_crypto_add_mmie(struct wlan_objmgr_vdev *vdev,
*5113495bSYour Name				uint8_t *bfrm,
*5113495bSYour Name				uint32_t len)
*5113495bSYour Name{
*5113495bSYour Name	struct wlan_crypto_key *key;
*5113495bSYour Name	struct wlan_crypto_keys *priv_key = NULL;
*5113495bSYour Name	struct wlan_crypto_mmie *mmie;
*5113495bSYour Name	uint8_t *pn, *aad, *buf, *efrm, nonce[12];
*5113495bSYour Name	struct wlan_frame_hdr *hdr;
*5113495bSYour Name	uint32_t i, hdrlen, mic_len, aad_len;
*5113495bSYour Name	uint8_t mic[16];
*5113495bSYour Name	struct wlan_crypto_comp_priv *crypto_priv;
*5113495bSYour Name	struct wlan_crypto_params *crypto_params;
*5113495bSYour Name	int32_t ret = -1;
*5113495bSYour Name
*5113495bSYour Name	if (!bfrm) {
*5113495bSYour Name		crypto_err("frame is NULL");
*5113495bSYour Name		return NULL;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	crypto_params = wlan_crypto_vdev_get_comp_params(vdev,
*5113495bSYour Name							&crypto_priv);
*5113495bSYour Name	if (!crypto_priv) {
*5113495bSYour Name		crypto_err("crypto_priv NULL");
*5113495bSYour Name		return NULL;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	priv_key = &crypto_priv->crypto_key;
*5113495bSYour Name
*5113495bSYour Name	if (priv_key->def_igtk_tx_keyid >= WLAN_CRYPTO_MAXIGTKKEYIDX) {
*5113495bSYour Name		crypto_err("igtk key invalid keyid %d",
*5113495bSYour Name			   priv_key->def_igtk_tx_keyid);
*5113495bSYour Name		return NULL;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	key = priv_key->igtk_key[priv_key->def_igtk_tx_keyid];
*5113495bSYour Name	if (!key) {
*5113495bSYour Name		crypto_err("No igtk key present");
*5113495bSYour Name		return NULL;
*5113495bSYour Name	}
*5113495bSYour Name	mic_len = (priv_key->igtk_key_type
*5113495bSYour Name			== WLAN_CRYPTO_CIPHER_AES_CMAC) ? 8 : 16;
*5113495bSYour Name
*5113495bSYour Name	efrm = bfrm + len;
*5113495bSYour Name	aad_len = 20;
*5113495bSYour Name	hdrlen = sizeof(struct wlan_frame_hdr);
*5113495bSYour Name	len += sizeof(struct wlan_crypto_mmie);
*5113495bSYour Name
*5113495bSYour Name	mmie = (struct wlan_crypto_mmie *) efrm;
*5113495bSYour Name	qdf_mem_zero((unsigned char *)mmie, sizeof(*mmie));
*5113495bSYour Name	mmie->element_id = WLAN_ELEMID_MMIE;
*5113495bSYour Name	mmie->length = sizeof(*mmie) - 2;
*5113495bSYour Name	mmie->key_id = qdf_cpu_to_le16(key->keyix);
*5113495bSYour Name
*5113495bSYour Name	mic_len = (priv_key->igtk_key_type
*5113495bSYour Name			== WLAN_CRYPTO_CIPHER_AES_CMAC) ? 8 : 16;
*5113495bSYour Name	if (mic_len == 8) {
*5113495bSYour Name		mmie->length -= 8;
*5113495bSYour Name		len -= 8;
*5113495bSYour Name	}
*5113495bSYour Name	/* PN = PN + 1 */
*5113495bSYour Name	pn = (uint8_t *)&key->keytsc;
*5113495bSYour Name
*5113495bSYour Name	for (i = 0; i <= 5; i++) {
*5113495bSYour Name		pn[i]++;
*5113495bSYour Name		if (pn[i])
*5113495bSYour Name			break;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	/* Copy IPN */
*5113495bSYour Name	qdf_mem_copy(mmie->sequence_number, pn, 6);
*5113495bSYour Name
*5113495bSYour Name	hdr = (struct wlan_frame_hdr *) bfrm;
*5113495bSYour Name
*5113495bSYour Name	buf = qdf_mem_malloc(len - hdrlen + 20);
*5113495bSYour Name	if (!buf)
*5113495bSYour Name		return NULL;
*5113495bSYour Name
*5113495bSYour Name	qdf_mem_zero(buf, len - hdrlen + 20);
*5113495bSYour Name	aad = buf;
*5113495bSYour Name	/* generate BIP AAD: FC(masked) || A1 || A2 || A3 */
*5113495bSYour Name
*5113495bSYour Name	/* FC type/subtype */
*5113495bSYour Name	aad[0] = hdr->i_fc[0];
*5113495bSYour Name	/* Mask FC Retry, PwrMgt, MoreData flags to zero */
*5113495bSYour Name	aad[1] = (hdr->i_fc[1] & ~(WLAN_FC1_RETRY | WLAN_FC1_PWRMGT
*5113495bSYour Name						| WLAN_FC1_MOREDATA));
*5113495bSYour Name	/* A1 || A2 || A3 */
*5113495bSYour Name	qdf_mem_copy(aad + 2, hdr->i_addr1, QDF_MAC_ADDR_SIZE);
*5113495bSYour Name	qdf_mem_copy(aad + 8, hdr->i_addr2, QDF_MAC_ADDR_SIZE);
*5113495bSYour Name	qdf_mem_copy(aad + 14, hdr->i_addr3, QDF_MAC_ADDR_SIZE);
*5113495bSYour Name	qdf_mem_zero(mic, 16);
*5113495bSYour Name
*5113495bSYour Name	/*
*5113495bSYour Name	 * MIC = AES-128-CMAC(IGTK, AAD || Management Frame Body || MMIE, 64)
*5113495bSYour Name	 */
*5113495bSYour Name
*5113495bSYour Name	qdf_mem_copy(buf + aad_len, bfrm + hdrlen, len - hdrlen);
*5113495bSYour Name	if (priv_key->igtk_key_type == WLAN_CRYPTO_CIPHER_AES_CMAC) {
*5113495bSYour Name
*5113495bSYour Name		ret = omac1_aes_128(key->keyval, buf,
*5113495bSYour Name					len + aad_len - hdrlen, mic);
*5113495bSYour Name		qdf_mem_copy(mmie->mic, mic, 8);
*5113495bSYour Name
*5113495bSYour Name	} else if (priv_key->igtk_key_type
*5113495bSYour Name				== WLAN_CRYPTO_CIPHER_AES_CMAC_256) {
*5113495bSYour Name
*5113495bSYour Name		ret = omac1_aes_256(key->keyval, buf,
*5113495bSYour Name					len + aad_len - hdrlen, mmie->mic);
*5113495bSYour Name	} else if ((priv_key->igtk_key_type == WLAN_CRYPTO_CIPHER_AES_GMAC) ||
*5113495bSYour Name			(priv_key->igtk_key_type
*5113495bSYour Name					== WLAN_CRYPTO_CIPHER_AES_GMAC_256)) {
*5113495bSYour Name
*5113495bSYour Name		qdf_mem_copy(nonce, hdr->i_addr2, QDF_MAC_ADDR_SIZE);
*5113495bSYour Name		wlan_crypto_gmac_pn_swap(nonce + 6, pn);
*5113495bSYour Name		ret = wlan_crypto_aes_gmac(key->keyval, key->keylen, nonce,
*5113495bSYour Name					sizeof(nonce), buf,
*5113495bSYour Name					len + aad_len - hdrlen, mmie->mic);
*5113495bSYour Name	}
*5113495bSYour Name	qdf_mem_free(buf);
*5113495bSYour Name	if (ret < 0) {
*5113495bSYour Name		crypto_err("add mmie failed");
*5113495bSYour Name		return NULL;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	return bfrm + len;
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour Name#define MAX_MIC_LEN 16
*5113495bSYour Namebool wlan_crypto_is_mmie_valid(struct wlan_objmgr_vdev *vdev,
*5113495bSYour Name					uint8_t *frm,
*5113495bSYour Name					uint8_t *efrm)
*5113495bSYour Name{
*5113495bSYour Name	struct wlan_crypto_mmie   *mmie = NULL;
*5113495bSYour Name	uint8_t *ipn, *aad, *buf, *mic, nonce[12];
*5113495bSYour Name	struct wlan_crypto_key *key;
*5113495bSYour Name	struct wlan_crypto_keys *priv_key = NULL;
*5113495bSYour Name	struct wlan_frame_hdr *hdr;
*5113495bSYour Name	uint16_t mic_len, hdrlen, len;
*5113495bSYour Name	struct wlan_crypto_comp_priv *crypto_priv;
*5113495bSYour Name	struct wlan_crypto_params *crypto_params;
*5113495bSYour Name	uint8_t aad_len = 20;
*5113495bSYour Name	int32_t ret = -1;
*5113495bSYour Name
*5113495bSYour Name	/* check if frame is illegal length */
*5113495bSYour Name	if (!frm || !efrm || (efrm < frm)
*5113495bSYour Name			|| ((efrm - frm) < sizeof(struct wlan_frame_hdr))) {
*5113495bSYour Name		crypto_err("Invalid params");
*5113495bSYour Name		return false;
*5113495bSYour Name	}
*5113495bSYour Name	len = efrm - frm;
*5113495bSYour Name	crypto_priv = (struct wlan_crypto_comp_priv *)
*5113495bSYour Name				wlan_get_vdev_crypto_obj(vdev);
*5113495bSYour Name	if (!crypto_priv) {
*5113495bSYour Name		crypto_err("crypto_priv NULL");
*5113495bSYour Name		return false;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	priv_key = &crypto_priv->crypto_key;
*5113495bSYour Name
*5113495bSYour Name	crypto_params = &(crypto_priv->crypto_params);
*5113495bSYour Name
*5113495bSYour Name
*5113495bSYour Name	mic_len = (priv_key->igtk_key_type
*5113495bSYour Name			== WLAN_CRYPTO_CIPHER_AES_CMAC) ? 8 : 16;
*5113495bSYour Name	hdrlen = sizeof(struct wlan_frame_hdr);
*5113495bSYour Name
*5113495bSYour Name	if (mic_len == 8)
*5113495bSYour Name		mmie = (struct wlan_crypto_mmie *)(efrm - sizeof(*mmie) + 8);
*5113495bSYour Name	else
*5113495bSYour Name		mmie = (struct wlan_crypto_mmie *)(efrm - sizeof(*mmie));
*5113495bSYour Name
*5113495bSYour Name
*5113495bSYour Name	/* check Elem ID*/
*5113495bSYour Name	if ((!mmie) || (mmie->element_id != WLAN_ELEMID_MMIE)) {
*5113495bSYour Name		crypto_err("IE is not MMIE");
*5113495bSYour Name		return false;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	if (mmie->key_id >= (WLAN_CRYPTO_MAXKEYIDX +
*5113495bSYour Name				WLAN_CRYPTO_MAXIGTKKEYIDX) ||
*5113495bSYour Name				(mmie->key_id < WLAN_CRYPTO_MAXKEYIDX)) {
*5113495bSYour Name		crypto_err("keyid not valid");
*5113495bSYour Name		return false;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	key = priv_key->igtk_key[mmie->key_id - WLAN_CRYPTO_MAXKEYIDX];
*5113495bSYour Name	if (!key) {
*5113495bSYour Name		crypto_err("No igtk key present");
*5113495bSYour Name		return false;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	/* validate ipn */
*5113495bSYour Name	ipn = mmie->sequence_number;
*5113495bSYour Name	if (qdf_mem_cmp(ipn, key->keyrsc, 6) <= 0) {
*5113495bSYour Name		uint8_t *su = (uint8_t *)key->keyrsc;
*5113495bSYour Name		uint8_t *end = ipn + 6;
*5113495bSYour Name		struct wlan_objmgr_peer *peer = wlan_vdev_get_selfpeer(vdev);
*5113495bSYour Name
*5113495bSYour Name		crypto_err("replay error :");
*5113495bSYour Name		while (ipn < end) {
*5113495bSYour Name			crypto_err("expected pn = %x received pn = %x",
*5113495bSYour Name				   *ipn++, *su++);
*5113495bSYour Name		}
*5113495bSYour Name		wlan_cp_stats_vdev_mcast_rx_pnerr(vdev);
*5113495bSYour Name		wlan_cp_stats_peer_rx_pnerr(peer);
*5113495bSYour Name		return false;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	buf = qdf_mem_malloc(len - hdrlen + 20);
*5113495bSYour Name	if (!buf)
*5113495bSYour Name		return false;
*5113495bSYour Name
*5113495bSYour Name	aad = buf;
*5113495bSYour Name
*5113495bSYour Name	/* construct AAD */
*5113495bSYour Name	hdr = (struct wlan_frame_hdr *)frm;
*5113495bSYour Name	/* generate BIP AAD: FC(masked) || A1 || A2 || A3 */
*5113495bSYour Name
*5113495bSYour Name	/* FC type/subtype */
*5113495bSYour Name	aad[0] = hdr->i_fc[0];
*5113495bSYour Name	/* Mask FC Retry, PwrMgt, MoreData flags to zero */
*5113495bSYour Name	aad[1] = (hdr->i_fc[1] & ~(WLAN_FC1_RETRY | WLAN_FC1_PWRMGT
*5113495bSYour Name						| WLAN_FC1_MOREDATA));
*5113495bSYour Name	/* A1 || A2 || A3 */
*5113495bSYour Name	qdf_mem_copy(aad + 2, hdr->i_addr1, 3 * QDF_MAC_ADDR_SIZE);
*5113495bSYour Name
*5113495bSYour Name	/*
*5113495bSYour Name	 * MIC = AES-128-CMAC(IGTK, AAD || Management Frame Body || MMIE, 64)
*5113495bSYour Name	 */
*5113495bSYour Name	qdf_mem_copy(buf + 20, frm + hdrlen, len - hdrlen);
*5113495bSYour Name	qdf_mem_zero(buf + (len - hdrlen + 20 - mic_len), mic_len);
*5113495bSYour Name	mic = qdf_mem_malloc(MAX_MIC_LEN);
*5113495bSYour Name	if (!mic) {
*5113495bSYour Name		qdf_mem_free(buf);
*5113495bSYour Name		return false;
*5113495bSYour Name	}
*5113495bSYour Name	if (priv_key->igtk_key_type == WLAN_CRYPTO_CIPHER_AES_CMAC) {
*5113495bSYour Name		ret = omac1_aes_128(key->keyval, buf,
*5113495bSYour Name					len - hdrlen + aad_len, mic);
*5113495bSYour Name	} else if (priv_key->igtk_key_type
*5113495bSYour Name				== WLAN_CRYPTO_CIPHER_AES_CMAC_256) {
*5113495bSYour Name		ret = omac1_aes_256(key->keyval, buf,
*5113495bSYour Name					len + aad_len - hdrlen, mic);
*5113495bSYour Name	} else if ((priv_key->igtk_key_type == WLAN_CRYPTO_CIPHER_AES_GMAC) ||
*5113495bSYour Name			(priv_key->igtk_key_type
*5113495bSYour Name					== WLAN_CRYPTO_CIPHER_AES_GMAC_256)) {
*5113495bSYour Name		qdf_mem_copy(nonce, hdr->i_addr2, QDF_MAC_ADDR_SIZE);
*5113495bSYour Name		wlan_crypto_gmac_pn_swap(nonce + 6, ipn);
*5113495bSYour Name		ret = wlan_crypto_aes_gmac(key->keyval, key->keylen, nonce,
*5113495bSYour Name					sizeof(nonce), buf,
*5113495bSYour Name					len + aad_len - hdrlen, mic);
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	qdf_mem_free(buf);
*5113495bSYour Name
*5113495bSYour Name	if (ret < 0) {
*5113495bSYour Name		qdf_mem_free(mic);
*5113495bSYour Name		crypto_err("generate mmie failed");
*5113495bSYour Name		return false;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	if (qdf_mem_cmp(mic, mmie->mic, mic_len) != 0) {
*5113495bSYour Name		qdf_mem_free(mic);
*5113495bSYour Name		crypto_err("mmie mismatch");
*5113495bSYour Name		/* MMIE MIC mismatch */
*5113495bSYour Name		return false;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	qdf_mem_free(mic);
*5113495bSYour Name	/* Update the receive sequence number */
*5113495bSYour Name	qdf_mem_copy(key->keyrsc, ipn, 6);
*5113495bSYour Name	crypto_debug("mmie matched");
*5113495bSYour Name
*5113495bSYour Name	return true;
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour Name
*5113495bSYour Namestatic int32_t wlan_crypto_wpa_cipher_to_suite(uint32_t cipher)
*5113495bSYour Name{
*5113495bSYour Name	int32_t status = -1;
*5113495bSYour Name
*5113495bSYour Name	switch (cipher) {
*5113495bSYour Name	case WLAN_CRYPTO_CIPHER_TKIP:
*5113495bSYour Name		return WPA_CIPHER_SUITE_TKIP;
*5113495bSYour Name	case WLAN_CRYPTO_CIPHER_AES_CCM:
*5113495bSYour Name		return WPA_CIPHER_SUITE_CCMP;
*5113495bSYour Name	case WLAN_CRYPTO_CIPHER_NONE:
*5113495bSYour Name		return WPA_CIPHER_SUITE_NONE;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	return status;
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour Namestatic int32_t wlan_crypto_rsn_cipher_to_suite(uint32_t cipher)
*5113495bSYour Name{
*5113495bSYour Name	int32_t status = -1;
*5113495bSYour Name
*5113495bSYour Name	switch (cipher) {
*5113495bSYour Name	case WLAN_CRYPTO_CIPHER_TKIP:
*5113495bSYour Name		return RSN_CIPHER_SUITE_TKIP;
*5113495bSYour Name	case WLAN_CRYPTO_CIPHER_AES_CCM:
*5113495bSYour Name		return RSN_CIPHER_SUITE_CCMP;
*5113495bSYour Name	case WLAN_CRYPTO_CIPHER_AES_CCM_256:
*5113495bSYour Name		return RSN_CIPHER_SUITE_CCMP_256;
*5113495bSYour Name	case WLAN_CRYPTO_CIPHER_AES_GCM:
*5113495bSYour Name		return RSN_CIPHER_SUITE_GCMP;
*5113495bSYour Name	case WLAN_CRYPTO_CIPHER_AES_GCM_256:
*5113495bSYour Name		return RSN_CIPHER_SUITE_GCMP_256;
*5113495bSYour Name	case WLAN_CRYPTO_CIPHER_AES_CMAC:
*5113495bSYour Name		return RSN_CIPHER_SUITE_AES_CMAC;
*5113495bSYour Name	case WLAN_CRYPTO_CIPHER_AES_CMAC_256:
*5113495bSYour Name		return RSN_CIPHER_SUITE_BIP_CMAC_256;
*5113495bSYour Name	case WLAN_CRYPTO_CIPHER_AES_GMAC:
*5113495bSYour Name		return RSN_CIPHER_SUITE_BIP_GMAC_128;
*5113495bSYour Name	case WLAN_CRYPTO_CIPHER_AES_GMAC_256:
*5113495bSYour Name		return RSN_CIPHER_SUITE_BIP_GMAC_256;
*5113495bSYour Name	case WLAN_CRYPTO_CIPHER_NONE:
*5113495bSYour Name		return RSN_CIPHER_SUITE_NONE;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	return status;
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour Name/*
*5113495bSYour Name * Convert an RSN key management/authentication algorithm
*5113495bSYour Name * to an internal code.
*5113495bSYour Name */
*5113495bSYour Namestatic int32_t
*5113495bSYour Namewlan_crypto_rsn_keymgmt_to_suite(uint32_t keymgmt)
*5113495bSYour Name{
*5113495bSYour Name	int32_t status = -1;
*5113495bSYour Name
*5113495bSYour Name	switch (keymgmt) {
*5113495bSYour Name	case WLAN_CRYPTO_KEY_MGMT_NONE:
*5113495bSYour Name		return RSN_AUTH_KEY_MGMT_NONE;
*5113495bSYour Name	case WLAN_CRYPTO_KEY_MGMT_IEEE8021X:
*5113495bSYour Name		return RSN_AUTH_KEY_MGMT_UNSPEC_802_1X;
*5113495bSYour Name	case WLAN_CRYPTO_KEY_MGMT_PSK:
*5113495bSYour Name		return RSN_AUTH_KEY_MGMT_PSK_OVER_802_1X;
*5113495bSYour Name	case WLAN_CRYPTO_KEY_MGMT_FT_IEEE8021X:
*5113495bSYour Name		return RSN_AUTH_KEY_MGMT_FT_802_1X;
*5113495bSYour Name	case WLAN_CRYPTO_KEY_MGMT_FT_PSK:
*5113495bSYour Name		return RSN_AUTH_KEY_MGMT_FT_PSK;
*5113495bSYour Name	case WLAN_CRYPTO_KEY_MGMT_IEEE8021X_SHA256:
*5113495bSYour Name		return RSN_AUTH_KEY_MGMT_802_1X_SHA256;
*5113495bSYour Name	case WLAN_CRYPTO_KEY_MGMT_PSK_SHA256:
*5113495bSYour Name		return RSN_AUTH_KEY_MGMT_PSK_SHA256;
*5113495bSYour Name	case WLAN_CRYPTO_KEY_MGMT_SAE:
*5113495bSYour Name		return RSN_AUTH_KEY_MGMT_SAE;
*5113495bSYour Name	case WLAN_CRYPTO_KEY_MGMT_FT_SAE:
*5113495bSYour Name		return RSN_AUTH_KEY_MGMT_FT_SAE;
*5113495bSYour Name	case WLAN_CRYPTO_KEY_MGMT_IEEE8021X_SUITE_B:
*5113495bSYour Name		return RSN_AUTH_KEY_MGMT_802_1X_SUITE_B;
*5113495bSYour Name	case WLAN_CRYPTO_KEY_MGMT_IEEE8021X_SUITE_B_192:
*5113495bSYour Name		return RSN_AUTH_KEY_MGMT_802_1X_SUITE_B_192;
*5113495bSYour Name	case WLAN_CRYPTO_KEY_MGMT_CCKM:
*5113495bSYour Name		return RSN_AUTH_KEY_MGMT_CCKM;
*5113495bSYour Name	case WLAN_CRYPTO_KEY_MGMT_OSEN:
*5113495bSYour Name		return RSN_AUTH_KEY_MGMT_OSEN;
*5113495bSYour Name	case WLAN_CRYPTO_KEY_MGMT_FILS_SHA256:
*5113495bSYour Name		return RSN_AUTH_KEY_MGMT_FILS_SHA256;
*5113495bSYour Name	case WLAN_CRYPTO_KEY_MGMT_FILS_SHA384:
*5113495bSYour Name		return RSN_AUTH_KEY_MGMT_FILS_SHA384;
*5113495bSYour Name	case WLAN_CRYPTO_KEY_MGMT_FT_FILS_SHA256:
*5113495bSYour Name		return RSN_AUTH_KEY_MGMT_FT_FILS_SHA256;
*5113495bSYour Name	case WLAN_CRYPTO_KEY_MGMT_FT_FILS_SHA384:
*5113495bSYour Name		return RSN_AUTH_KEY_MGMT_FT_FILS_SHA384;
*5113495bSYour Name	case WLAN_CRYPTO_KEY_MGMT_OWE:
*5113495bSYour Name		return RSN_AUTH_KEY_MGMT_OWE;
*5113495bSYour Name	case WLAN_CRYPTO_KEY_MGMT_DPP:
*5113495bSYour Name		return RSN_AUTH_KEY_MGMT_DPP;
*5113495bSYour Name	case WLAN_CRYPTO_KEY_MGMT_FT_IEEE8021X_SHA384:
*5113495bSYour Name		return RSN_AUTH_KEY_MGMT_FT_802_1X_SUITE_B_384;
*5113495bSYour Name	case WLAN_CRYPTO_KEY_MGMT_SAE_EXT_KEY:
*5113495bSYour Name		return RSN_AUTH_KEY_MGMT_SAE_EXT_KEY;
*5113495bSYour Name	case WLAN_CRYPTO_KEY_MGMT_FT_SAE_EXT_KEY:
*5113495bSYour Name		return RSN_AUTH_KEY_MGMT_FT_SAE_EXT_KEY;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	return status;
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour Name/*
*5113495bSYour Name * Convert an RSN key management/authentication algorithm
*5113495bSYour Name * to an internal code.
*5113495bSYour Name */
*5113495bSYour Namestatic int32_t
*5113495bSYour Namewlan_crypto_wpa_keymgmt_to_suite(uint32_t keymgmt)
*5113495bSYour Name{
*5113495bSYour Name	int32_t status = -1;
*5113495bSYour Name
*5113495bSYour Name	switch (keymgmt) {
*5113495bSYour Name	case WLAN_CRYPTO_KEY_MGMT_NONE:
*5113495bSYour Name		return WPA_AUTH_KEY_MGMT_NONE;
*5113495bSYour Name	case WLAN_CRYPTO_KEY_MGMT_IEEE8021X:
*5113495bSYour Name		return WPA_AUTH_KEY_MGMT_UNSPEC_802_1X;
*5113495bSYour Name	case WLAN_CRYPTO_KEY_MGMT_PSK:
*5113495bSYour Name		return WPA_AUTH_KEY_MGMT_PSK_OVER_802_1X;
*5113495bSYour Name	case WLAN_CRYPTO_KEY_MGMT_CCKM:
*5113495bSYour Name		return WPA_AUTH_KEY_MGMT_CCKM;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	return status;
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour Name/*
*5113495bSYour Name * Convert a WPA cipher selector OUI to an internal
*5113495bSYour Name * cipher algorithm.  Where appropriate we also
*5113495bSYour Name * record any key length.
*5113495bSYour Name */
*5113495bSYour Namestatic int32_t wlan_crypto_wpa_suite_to_cipher(const uint8_t *sel)
*5113495bSYour Name{
*5113495bSYour Name	uint32_t w = LE_READ_4(sel);
*5113495bSYour Name	int32_t status = -1;
*5113495bSYour Name
*5113495bSYour Name	switch (w) {
*5113495bSYour Name	case WPA_CIPHER_SUITE_TKIP:
*5113495bSYour Name		return WLAN_CRYPTO_CIPHER_TKIP;
*5113495bSYour Name	case WPA_CIPHER_SUITE_CCMP:
*5113495bSYour Name		return WLAN_CRYPTO_CIPHER_AES_CCM;
*5113495bSYour Name	case WPA_CIPHER_SUITE_NONE:
*5113495bSYour Name		return WLAN_CRYPTO_CIPHER_NONE;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	return status;
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour Name/*
*5113495bSYour Name * Convert a WPA key management/authentication algorithm
*5113495bSYour Name * to an internal code.
*5113495bSYour Name */
*5113495bSYour Namestatic int32_t wlan_crypto_wpa_suite_to_keymgmt(const uint8_t *sel)
*5113495bSYour Name{
*5113495bSYour Name	uint32_t w = LE_READ_4(sel);
*5113495bSYour Name	int32_t status = -1;
*5113495bSYour Name
*5113495bSYour Name	switch (w) {
*5113495bSYour Name	case WPA_AUTH_KEY_MGMT_UNSPEC_802_1X:
*5113495bSYour Name		return WLAN_CRYPTO_KEY_MGMT_IEEE8021X;
*5113495bSYour Name	case WPA_AUTH_KEY_MGMT_PSK_OVER_802_1X:
*5113495bSYour Name		return WLAN_CRYPTO_KEY_MGMT_PSK;
*5113495bSYour Name	case WPA_AUTH_KEY_MGMT_CCKM:
*5113495bSYour Name		return WLAN_CRYPTO_KEY_MGMT_CCKM;
*5113495bSYour Name	case WPA_AUTH_KEY_MGMT_NONE:
*5113495bSYour Name		return WLAN_CRYPTO_KEY_MGMT_NONE;
*5113495bSYour Name	}
*5113495bSYour Name	return status;
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour Name/*
*5113495bSYour Name * Convert a RSN cipher selector OUI to an internal
*5113495bSYour Name * cipher algorithm.  Where appropriate we also
*5113495bSYour Name * record any key length.
*5113495bSYour Name */
*5113495bSYour Namestatic int32_t wlan_crypto_rsn_suite_to_cipher(const uint8_t *sel)
*5113495bSYour Name{
*5113495bSYour Name	uint32_t w = LE_READ_4(sel);
*5113495bSYour Name	int32_t status = -1;
*5113495bSYour Name
*5113495bSYour Name	switch (w) {
*5113495bSYour Name	case RSN_CIPHER_SUITE_TKIP:
*5113495bSYour Name		return WLAN_CRYPTO_CIPHER_TKIP;
*5113495bSYour Name	case RSN_CIPHER_SUITE_CCMP:
*5113495bSYour Name		return WLAN_CRYPTO_CIPHER_AES_CCM;
*5113495bSYour Name	case RSN_CIPHER_SUITE_CCMP_256:
*5113495bSYour Name		return WLAN_CRYPTO_CIPHER_AES_CCM_256;
*5113495bSYour Name	case RSN_CIPHER_SUITE_GCMP:
*5113495bSYour Name		return WLAN_CRYPTO_CIPHER_AES_GCM;
*5113495bSYour Name	case RSN_CIPHER_SUITE_GCMP_256:
*5113495bSYour Name		return WLAN_CRYPTO_CIPHER_AES_GCM_256;
*5113495bSYour Name	case RSN_CIPHER_SUITE_AES_CMAC:
*5113495bSYour Name		return WLAN_CRYPTO_CIPHER_AES_CMAC;
*5113495bSYour Name	case RSN_CIPHER_SUITE_BIP_CMAC_256:
*5113495bSYour Name		return WLAN_CRYPTO_CIPHER_AES_CMAC_256;
*5113495bSYour Name	case RSN_CIPHER_SUITE_BIP_GMAC_128:
*5113495bSYour Name		return WLAN_CRYPTO_CIPHER_AES_GMAC;
*5113495bSYour Name	case RSN_CIPHER_SUITE_BIP_GMAC_256:
*5113495bSYour Name		return WLAN_CRYPTO_CIPHER_AES_GMAC_256;
*5113495bSYour Name	case RSN_CIPHER_SUITE_NONE:
*5113495bSYour Name		return WLAN_CRYPTO_CIPHER_NONE;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	return status;
*5113495bSYour Name}
*5113495bSYour Name/*
*5113495bSYour Name * Convert an RSN key management/authentication algorithm
*5113495bSYour Name * to an internal code.
*5113495bSYour Name */
*5113495bSYour Namestatic int32_t wlan_crypto_rsn_suite_to_keymgmt(const uint8_t *sel)
*5113495bSYour Name{
*5113495bSYour Name	uint32_t w = LE_READ_4(sel);
*5113495bSYour Name	int32_t status = -1;
*5113495bSYour Name
*5113495bSYour Name	switch (w) {
*5113495bSYour Name	case RSN_AUTH_KEY_MGMT_UNSPEC_802_1X:
*5113495bSYour Name		return WLAN_CRYPTO_KEY_MGMT_IEEE8021X;
*5113495bSYour Name	case RSN_AUTH_KEY_MGMT_PSK_OVER_802_1X:
*5113495bSYour Name		return WLAN_CRYPTO_KEY_MGMT_PSK;
*5113495bSYour Name	case RSN_AUTH_KEY_MGMT_FT_802_1X:
*5113495bSYour Name		return WLAN_CRYPTO_KEY_MGMT_FT_IEEE8021X;
*5113495bSYour Name	case RSN_AUTH_KEY_MGMT_FT_PSK:
*5113495bSYour Name		return WLAN_CRYPTO_KEY_MGMT_FT_PSK;
*5113495bSYour Name	case RSN_AUTH_KEY_MGMT_802_1X_SHA256:
*5113495bSYour Name		return WLAN_CRYPTO_KEY_MGMT_IEEE8021X_SHA256;
*5113495bSYour Name	case RSN_AUTH_KEY_MGMT_PSK_SHA256:
*5113495bSYour Name		return WLAN_CRYPTO_KEY_MGMT_PSK_SHA256;
*5113495bSYour Name	case RSN_AUTH_KEY_MGMT_SAE:
*5113495bSYour Name		return WLAN_CRYPTO_KEY_MGMT_SAE;
*5113495bSYour Name	case RSN_AUTH_KEY_MGMT_FT_SAE:
*5113495bSYour Name		return WLAN_CRYPTO_KEY_MGMT_FT_SAE;
*5113495bSYour Name	case RSN_AUTH_KEY_MGMT_802_1X_SUITE_B:
*5113495bSYour Name		return WLAN_CRYPTO_KEY_MGMT_IEEE8021X_SUITE_B;
*5113495bSYour Name	case RSN_AUTH_KEY_MGMT_802_1X_SUITE_B_192:
*5113495bSYour Name		return WLAN_CRYPTO_KEY_MGMT_IEEE8021X_SUITE_B_192;
*5113495bSYour Name	case RSN_AUTH_KEY_MGMT_CCKM:
*5113495bSYour Name		return WLAN_CRYPTO_KEY_MGMT_CCKM;
*5113495bSYour Name	case RSN_AUTH_KEY_MGMT_OSEN:
*5113495bSYour Name		return WLAN_CRYPTO_KEY_MGMT_OSEN;
*5113495bSYour Name	case RSN_AUTH_KEY_MGMT_FILS_SHA256:
*5113495bSYour Name		return WLAN_CRYPTO_KEY_MGMT_FILS_SHA256;
*5113495bSYour Name	case RSN_AUTH_KEY_MGMT_FILS_SHA384:
*5113495bSYour Name		return WLAN_CRYPTO_KEY_MGMT_FILS_SHA384;
*5113495bSYour Name	case RSN_AUTH_KEY_MGMT_FT_FILS_SHA256:
*5113495bSYour Name		return WLAN_CRYPTO_KEY_MGMT_FT_FILS_SHA256;
*5113495bSYour Name	case RSN_AUTH_KEY_MGMT_FT_FILS_SHA384:
*5113495bSYour Name		return WLAN_CRYPTO_KEY_MGMT_FT_FILS_SHA384;
*5113495bSYour Name	case RSN_AUTH_KEY_MGMT_OWE:
*5113495bSYour Name		return WLAN_CRYPTO_KEY_MGMT_OWE;
*5113495bSYour Name	case RSN_AUTH_KEY_MGMT_DPP:
*5113495bSYour Name		return WLAN_CRYPTO_KEY_MGMT_DPP;
*5113495bSYour Name	case RSN_AUTH_KEY_MGMT_FT_802_1X_SUITE_B_384:
*5113495bSYour Name		return WLAN_CRYPTO_KEY_MGMT_FT_IEEE8021X_SHA384;
*5113495bSYour Name	case RSN_AUTH_KEY_MGMT_FT_PSK_SHA384:
*5113495bSYour Name		return WLAN_CRYPTO_KEY_MGMT_FT_PSK_SHA384;
*5113495bSYour Name	case RSN_AUTH_KEY_MGMT_PSK_SHA384:
*5113495bSYour Name		return WLAN_CRYPTO_KEY_MGMT_PSK_SHA384;
*5113495bSYour Name	case RSN_AUTH_KEY_MGMT_SAE_EXT_KEY:
*5113495bSYour Name		return WLAN_CRYPTO_KEY_MGMT_SAE_EXT_KEY;
*5113495bSYour Name	case RSN_AUTH_KEY_MGMT_FT_SAE_EXT_KEY:
*5113495bSYour Name		return WLAN_CRYPTO_KEY_MGMT_FT_SAE_EXT_KEY;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	return status;
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour NameQDF_STATUS wlan_crypto_wpaie_check(struct wlan_crypto_params *crypto_params,
*5113495bSYour Name				   const uint8_t *frm)
*5113495bSYour Name{
*5113495bSYour Name	uint8_t len = frm[1];
*5113495bSYour Name	int32_t w;
*5113495bSYour Name	int n;
*5113495bSYour Name
*5113495bSYour Name	/*
*5113495bSYour Name	 * Check the length once for fixed parts: OUI, type,
*5113495bSYour Name	 * version, mcast cipher, and 2 selector counts.
*5113495bSYour Name	 * Other, variable-length data, must be checked separately.
*5113495bSYour Name	 */
*5113495bSYour Name	SET_AUTHMODE(crypto_params, WLAN_CRYPTO_AUTH_WPA);
*5113495bSYour Name
*5113495bSYour Name	if (len < 14)
*5113495bSYour Name		return QDF_STATUS_E_INVAL;
*5113495bSYour Name
*5113495bSYour Name	frm += 6, len -= 4;
*5113495bSYour Name
*5113495bSYour Name	w = LE_READ_2(frm);
*5113495bSYour Name	if (w != WPA_VERSION)
*5113495bSYour Name		return QDF_STATUS_E_INVAL;
*5113495bSYour Name
*5113495bSYour Name	frm += 2, len -= 2;
*5113495bSYour Name
*5113495bSYour Name	/* multicast/group cipher */
*5113495bSYour Name	w = wlan_crypto_wpa_suite_to_cipher(frm);
*5113495bSYour Name	if (w < 0)
*5113495bSYour Name		return QDF_STATUS_E_INVAL;
*5113495bSYour Name	SET_MCAST_CIPHER(crypto_params, w);
*5113495bSYour Name	frm += 4, len -= 4;
*5113495bSYour Name
*5113495bSYour Name	/* unicast ciphers */
*5113495bSYour Name	n = LE_READ_2(frm);
*5113495bSYour Name	frm += 2, len -= 2;
*5113495bSYour Name	if (len < n*4+2)
*5113495bSYour Name		return QDF_STATUS_E_INVAL;
*5113495bSYour Name
*5113495bSYour Name	for (; n > 0; n--) {
*5113495bSYour Name		w = wlan_crypto_wpa_suite_to_cipher(frm);
*5113495bSYour Name		if (w < 0)
*5113495bSYour Name			return QDF_STATUS_E_INVAL;
*5113495bSYour Name		SET_UCAST_CIPHER(crypto_params, w);
*5113495bSYour Name		frm += 4, len -= 4;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	if (!crypto_params->ucastcipherset)
*5113495bSYour Name		return QDF_STATUS_E_INVAL;
*5113495bSYour Name
*5113495bSYour Name	/* key management algorithms */
*5113495bSYour Name	n = LE_READ_2(frm);
*5113495bSYour Name	frm += 2, len -= 2;
*5113495bSYour Name	if (len < n*4)
*5113495bSYour Name		return QDF_STATUS_E_INVAL;
*5113495bSYour Name
*5113495bSYour Name	w = 0;
*5113495bSYour Name	for (; n > 0; n--) {
*5113495bSYour Name		w = wlan_crypto_wpa_suite_to_keymgmt(frm);
*5113495bSYour Name		if (w < 0)
*5113495bSYour Name			return QDF_STATUS_E_INVAL;
*5113495bSYour Name		SET_KEY_MGMT(crypto_params, w);
*5113495bSYour Name		frm += 4, len -= 4;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	/* optional capabilities */
*5113495bSYour Name	if (len >= 2) {
*5113495bSYour Name		crypto_params->rsn_caps = LE_READ_2(frm);
*5113495bSYour Name		frm += 2, len -= 2;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	return QDF_STATUS_SUCCESS;
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour Name#ifdef WLAN_ADAPTIVE_11R
*5113495bSYour Name/**
*5113495bSYour Name * wlan_crypto_store_akm_list_in_order() - store AMK list in order
*5113495bSYour Name * @crypto_params: crypto param structure
*5113495bSYour Name * @key_mgmt: key management
*5113495bSYour Name * @akm_index: place at which AMK present in RSN IE of Beacon/Probe response
*5113495bSYour Name *
*5113495bSYour Name * Return: none
*5113495bSYour Name */
*5113495bSYour Namestatic void
*5113495bSYour Namewlan_crypto_store_akm_list_in_order(struct wlan_crypto_params *crypto_params,
*5113495bSYour Name				    int32_t key_mgmt, int akm_index)
*5113495bSYour Name{
*5113495bSYour Name	if (akm_index >= WLAN_CRYPTO_KEY_MGMT_MAX) {
*5113495bSYour Name		crypto_debug("Invalid AKM Index");
*5113495bSYour Name		return;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	crypto_params->akm_list[akm_index].key_mgmt = key_mgmt;
*5113495bSYour Name}
*5113495bSYour Name#else
*5113495bSYour Namestatic inline void
*5113495bSYour Namewlan_crypto_store_akm_list_in_order(struct wlan_crypto_params *crypto_params,
*5113495bSYour Name				    int32_t key_mgmt, int akm_index)
*5113495bSYour Name{
*5113495bSYour Name}
*5113495bSYour Name#endif
*5113495bSYour Name
*5113495bSYour Namevoid wlan_crypto_rsnxie_check(struct wlan_crypto_params *crypto_params,
*5113495bSYour Name			      const uint8_t *rsnxe)
*5113495bSYour Name{
*5113495bSYour Name	uint8_t i = 0, len = rsnxe[1];
*5113495bSYour Name
*5113495bSYour Name	for (; len > 0 ; len--) {
*5113495bSYour Name		((uint8_t *)(&crypto_params->rsnx_caps))[i] = rsnxe[2 + i];
*5113495bSYour Name		i++;
*5113495bSYour Name	}
*5113495bSYour Name	/*First 4bits of RSNX capabilitities field is the length of
*5113495bSYour Name	 *the Extended RSN capabilities field -1
*5113495bSYour Name	 *Hence Ignoring them
*5113495bSYour Name	 */
*5113495bSYour Name	((uint8_t *)(&crypto_params->rsnx_caps))[0] &= 0xf0;
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour NameQDF_STATUS wlan_crypto_rsnie_check(struct wlan_crypto_params *crypto_params,
*5113495bSYour Name				   const uint8_t *frm)
*5113495bSYour Name{
*5113495bSYour Name	uint8_t len = frm[1];
*5113495bSYour Name	int32_t w;
*5113495bSYour Name	int n, akm_index;
*5113495bSYour Name
*5113495bSYour Name	/* Check the length once for fixed parts: OUI, type & version */
*5113495bSYour Name	if (len < 2)
*5113495bSYour Name		return QDF_STATUS_E_INVAL;
*5113495bSYour Name
*5113495bSYour Name	/* initialize crypto params */
*5113495bSYour Name	qdf_mem_zero(crypto_params, sizeof(struct wlan_crypto_params));
*5113495bSYour Name
*5113495bSYour Name	SET_AUTHMODE(crypto_params, WLAN_CRYPTO_AUTH_RSNA);
*5113495bSYour Name
*5113495bSYour Name	frm += 2;
*5113495bSYour Name	/* NB: iswapoui already validated the OUI and type */
*5113495bSYour Name	w = LE_READ_2(frm);
*5113495bSYour Name	if (w != RSN_VERSION)
*5113495bSYour Name		return QDF_STATUS_E_INVAL;
*5113495bSYour Name
*5113495bSYour Name	frm += 2, len -= 2;
*5113495bSYour Name
*5113495bSYour Name	if (!len) {
*5113495bSYour Name		/* set defaults */
*5113495bSYour Name		/* default group cipher CCMP-128 */
*5113495bSYour Name		SET_MCAST_CIPHER(crypto_params, WLAN_CRYPTO_CIPHER_AES_CCM);
*5113495bSYour Name		/* default ucast cipher CCMP-128 */
*5113495bSYour Name		SET_UCAST_CIPHER(crypto_params, WLAN_CRYPTO_CIPHER_AES_CCM);
*5113495bSYour Name		/* default key mgmt 8021x */
*5113495bSYour Name		SET_KEY_MGMT(crypto_params, WLAN_CRYPTO_KEY_MGMT_IEEE8021X);
*5113495bSYour Name		return QDF_STATUS_SUCCESS;
*5113495bSYour Name	} else if (len < 4) {
*5113495bSYour Name		return QDF_STATUS_E_INVAL;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	/* multicast/group cipher */
*5113495bSYour Name	w = wlan_crypto_rsn_suite_to_cipher(frm);
*5113495bSYour Name	if (w < 0)
*5113495bSYour Name		return QDF_STATUS_E_INVAL;
*5113495bSYour Name	else {
*5113495bSYour Name		SET_MCAST_CIPHER(crypto_params, w);
*5113495bSYour Name		frm += 4, len -= 4;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	if (crypto_params->mcastcipherset == 0)
*5113495bSYour Name		return QDF_STATUS_E_INVAL;
*5113495bSYour Name
*5113495bSYour Name	if (!len) {
*5113495bSYour Name		/* default ucast cipher CCMP-128 */
*5113495bSYour Name		SET_UCAST_CIPHER(crypto_params, WLAN_CRYPTO_CIPHER_AES_CCM);
*5113495bSYour Name		/* default key mgmt 8021x */
*5113495bSYour Name		SET_KEY_MGMT(crypto_params, WLAN_CRYPTO_KEY_MGMT_IEEE8021X);
*5113495bSYour Name		return QDF_STATUS_SUCCESS;
*5113495bSYour Name	} else if (len < 2) {
*5113495bSYour Name		return QDF_STATUS_E_INVAL;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	/* unicast ciphers */
*5113495bSYour Name	n = LE_READ_2(frm);
*5113495bSYour Name	frm += 2, len -= 2;
*5113495bSYour Name	if (n) {
*5113495bSYour Name		if (len < n * 4)
*5113495bSYour Name			return QDF_STATUS_E_INVAL;
*5113495bSYour Name
*5113495bSYour Name		for (; n > 0; n--) {
*5113495bSYour Name			w = wlan_crypto_rsn_suite_to_cipher(frm);
*5113495bSYour Name			if (w >= 0)
*5113495bSYour Name				SET_UCAST_CIPHER(crypto_params, w);
*5113495bSYour Name			frm += 4, len -= 4;
*5113495bSYour Name		}
*5113495bSYour Name	} else {
*5113495bSYour Name		/* default ucast cipher CCMP-128 */
*5113495bSYour Name		SET_UCAST_CIPHER(crypto_params, WLAN_CRYPTO_CIPHER_AES_CCM);
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	if (crypto_params->ucastcipherset == 0)
*5113495bSYour Name		return QDF_STATUS_E_INVAL;
*5113495bSYour Name
*5113495bSYour Name	if (!len) {
*5113495bSYour Name		/* default key mgmt 8021x */
*5113495bSYour Name		SET_KEY_MGMT(crypto_params, WLAN_CRYPTO_KEY_MGMT_IEEE8021X);
*5113495bSYour Name		return QDF_STATUS_SUCCESS;
*5113495bSYour Name	} else if (len < 2) {
*5113495bSYour Name		return QDF_STATUS_E_INVAL;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	/* key management algorithms */
*5113495bSYour Name	n = LE_READ_2(frm);
*5113495bSYour Name	frm += 2, len -= 2;
*5113495bSYour Name
*5113495bSYour Name	if (n) {
*5113495bSYour Name		if (len < n * 4)
*5113495bSYour Name			return QDF_STATUS_E_INVAL;
*5113495bSYour Name		akm_index = 0;
*5113495bSYour Name		for (; n > 0; n--) {
*5113495bSYour Name			w = wlan_crypto_rsn_suite_to_keymgmt(frm);
*5113495bSYour Name			if (w >= 0) {
*5113495bSYour Name				SET_KEY_MGMT(crypto_params, w);
*5113495bSYour Name				wlan_crypto_store_akm_list_in_order(
*5113495bSYour Name						crypto_params, w, akm_index);
*5113495bSYour Name				akm_index++;
*5113495bSYour Name			}
*5113495bSYour Name
*5113495bSYour Name			frm += 4, len -= 4;
*5113495bSYour Name		}
*5113495bSYour Name	} else {
*5113495bSYour Name		/* default key mgmt 8021x */
*5113495bSYour Name		SET_KEY_MGMT(crypto_params, WLAN_CRYPTO_KEY_MGMT_IEEE8021X);
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	if (crypto_params->key_mgmt == 0)
*5113495bSYour Name		return QDF_STATUS_E_INVAL;
*5113495bSYour Name
*5113495bSYour Name	/* optional capabilities */
*5113495bSYour Name	if (len >= 2) {
*5113495bSYour Name		crypto_params->rsn_caps = LE_READ_2(frm);
*5113495bSYour Name		frm += 2, len -= 2;
*5113495bSYour Name	} else if (len && len < 2) {
*5113495bSYour Name		return QDF_STATUS_E_INVAL;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name
*5113495bSYour Name	/* PMKID */
*5113495bSYour Name	if (len >= 2) {
*5113495bSYour Name		n = LE_READ_2(frm);
*5113495bSYour Name		frm += 2, len -= 2;
*5113495bSYour Name		if (n && len) {
*5113495bSYour Name			if (len >= n * PMKID_LEN)
*5113495bSYour Name				frm += (n * PMKID_LEN), len -= (n * PMKID_LEN);
*5113495bSYour Name			else
*5113495bSYour Name				return QDF_STATUS_E_INVAL;
*5113495bSYour Name		} else if (n && !len) {
*5113495bSYour Name			return QDF_STATUS_E_INVAL;
*5113495bSYour Name		}
*5113495bSYour Name		/*TODO: Save pmkid in params for further reference */
*5113495bSYour Name	} else if (len == 1) {
*5113495bSYour Name		crypto_err("PMKID is truncated");
*5113495bSYour Name		return QDF_STATUS_E_INVAL;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	/* BIP */
*5113495bSYour Name	if (!len) {
*5113495bSYour Name		/* when no BIP mentioned and MFP capable use CMAC as default*/
*5113495bSYour Name		if (crypto_params->rsn_caps & WLAN_CRYPTO_RSN_CAP_MFP_ENABLED)
*5113495bSYour Name			SET_MGMT_CIPHER(crypto_params,
*5113495bSYour Name					WLAN_CRYPTO_CIPHER_AES_CMAC);
*5113495bSYour Name		return QDF_STATUS_SUCCESS;
*5113495bSYour Name	} else if (len < 4) {
*5113495bSYour Name		crypto_err("Mgmt cipher is truncated");
*5113495bSYour Name		return QDF_STATUS_E_INVAL;
*5113495bSYour Name	}
*5113495bSYour Name	w = wlan_crypto_rsn_suite_to_cipher(frm);
*5113495bSYour Name	frm += 4, len -= 4;
*5113495bSYour Name	SET_MGMT_CIPHER(crypto_params, w);
*5113495bSYour Name
*5113495bSYour Name	return QDF_STATUS_SUCCESS;
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour Nameuint8_t *wlan_crypto_build_wpaie(struct wlan_objmgr_vdev *vdev,
*5113495bSYour Name					uint8_t *iebuf)
*5113495bSYour Name{
*5113495bSYour Name	uint8_t *frm = iebuf;
*5113495bSYour Name	uint8_t *selcnt;
*5113495bSYour Name	struct wlan_crypto_comp_priv *crypto_priv;
*5113495bSYour Name	struct wlan_crypto_params *crypto_params;
*5113495bSYour Name
*5113495bSYour Name	if (!frm)
*5113495bSYour Name		return NULL;
*5113495bSYour Name
*5113495bSYour Name	crypto_params = wlan_crypto_vdev_get_comp_params(vdev, &crypto_priv);
*5113495bSYour Name
*5113495bSYour Name	if (!crypto_params)
*5113495bSYour Name		return NULL;
*5113495bSYour Name
*5113495bSYour Name	*frm++ = WLAN_ELEMID_VENDOR;
*5113495bSYour Name	*frm++ = 0;
*5113495bSYour Name	WLAN_CRYPTO_ADDSELECTOR(frm, WPA_TYPE_OUI);
*5113495bSYour Name	WLAN_CRYPTO_ADDSHORT(frm, WPA_VERSION);
*5113495bSYour Name
*5113495bSYour Name
*5113495bSYour Name	/* multicast cipher */
*5113495bSYour Name	if (MCIPHER_IS_TKIP(crypto_params))
*5113495bSYour Name		WPA_ADD_CIPHER_TO_SUITE(frm, WLAN_CRYPTO_CIPHER_TKIP);
*5113495bSYour Name	else if (MCIPHER_IS_CCMP128(crypto_params))
*5113495bSYour Name		WPA_ADD_CIPHER_TO_SUITE(frm, WLAN_CRYPTO_CIPHER_AES_CCM);
*5113495bSYour Name
*5113495bSYour Name	/* unicast cipher list */
*5113495bSYour Name	selcnt = frm;
*5113495bSYour Name	WLAN_CRYPTO_ADDSHORT(frm, 0);
*5113495bSYour Name	/* do not use CCMP unicast cipher in WPA mode */
*5113495bSYour Name	if (UCIPHER_IS_CCMP128(crypto_params)) {
*5113495bSYour Name		selcnt[0]++;
*5113495bSYour Name		WPA_ADD_CIPHER_TO_SUITE(frm, WLAN_CRYPTO_CIPHER_AES_CCM);
*5113495bSYour Name	}
*5113495bSYour Name	if (UCIPHER_IS_TKIP(crypto_params)) {
*5113495bSYour Name		selcnt[0]++;
*5113495bSYour Name		WPA_ADD_CIPHER_TO_SUITE(frm, WLAN_CRYPTO_CIPHER_TKIP);
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	/* authenticator selector list */
*5113495bSYour Name	selcnt = frm;
*5113495bSYour Name	WLAN_CRYPTO_ADDSHORT(frm, 0);
*5113495bSYour Name
*5113495bSYour Name	if (HAS_KEY_MGMT(crypto_params, WLAN_CRYPTO_KEY_MGMT_IEEE8021X)) {
*5113495bSYour Name		selcnt[0]++;
*5113495bSYour Name		WPA_ADD_KEYMGMT_TO_SUITE(frm, WLAN_CRYPTO_KEY_MGMT_IEEE8021X);
*5113495bSYour Name	} else if (HAS_KEY_MGMT(crypto_params, WLAN_CRYPTO_KEY_MGMT_PSK)) {
*5113495bSYour Name		selcnt[0]++;
*5113495bSYour Name		WPA_ADD_KEYMGMT_TO_SUITE(frm, WLAN_CRYPTO_KEY_MGMT_PSK);
*5113495bSYour Name	} else if (HAS_KEY_MGMT(crypto_params, WLAN_CRYPTO_KEY_MGMT_CCKM)) {
*5113495bSYour Name		selcnt[0]++;
*5113495bSYour Name		WPA_ADD_KEYMGMT_TO_SUITE(frm, WLAN_CRYPTO_KEY_MGMT_CCKM);
*5113495bSYour Name	} else {
*5113495bSYour Name		selcnt[0]++;
*5113495bSYour Name		WPA_ADD_KEYMGMT_TO_SUITE(frm, WLAN_CRYPTO_KEY_MGMT_NONE);
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	/* optional capabilities */
*5113495bSYour Name	if (crypto_params->rsn_caps != 0 &&
*5113495bSYour Name	    crypto_params->rsn_caps != WLAN_CRYPTO_RSN_CAP_PREAUTH) {
*5113495bSYour Name		WLAN_CRYPTO_ADDSHORT(frm, crypto_params->rsn_caps);
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	/* calculate element length */
*5113495bSYour Name	iebuf[1] = frm - iebuf - 2;
*5113495bSYour Name
*5113495bSYour Name	return frm;
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour Nameuint8_t *wlan_crypto_build_rsnie_with_pmksa(struct wlan_objmgr_vdev *vdev,
*5113495bSYour Name					    uint8_t *iebuf,
*5113495bSYour Name					    struct wlan_crypto_pmksa *pmksa)
*5113495bSYour Name{
*5113495bSYour Name	uint8_t *frm = iebuf;
*5113495bSYour Name	uint8_t *selcnt;
*5113495bSYour Name	struct wlan_crypto_comp_priv *crypto_priv;
*5113495bSYour Name	struct wlan_crypto_params *crypto_params;
*5113495bSYour Name
*5113495bSYour Name	if (!frm) {
*5113495bSYour Name		return NULL;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	crypto_params = wlan_crypto_vdev_get_comp_params(vdev, &crypto_priv);
*5113495bSYour Name
*5113495bSYour Name	if (!crypto_params) {
*5113495bSYour Name		return NULL;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	*frm++ = WLAN_ELEMID_RSN;
*5113495bSYour Name	*frm++ = 0;
*5113495bSYour Name	WLAN_CRYPTO_ADDSHORT(frm, RSN_VERSION);
*5113495bSYour Name
*5113495bSYour Name
*5113495bSYour Name	/* multicast cipher */
*5113495bSYour Name	if (MCIPHER_IS_TKIP(crypto_params))
*5113495bSYour Name		RSN_ADD_CIPHER_TO_SUITE(frm, WLAN_CRYPTO_CIPHER_TKIP);
*5113495bSYour Name	else if (MCIPHER_IS_CCMP128(crypto_params))
*5113495bSYour Name		RSN_ADD_CIPHER_TO_SUITE(frm, WLAN_CRYPTO_CIPHER_AES_CCM);
*5113495bSYour Name	else if (MCIPHER_IS_CCMP256(crypto_params))
*5113495bSYour Name		RSN_ADD_CIPHER_TO_SUITE(frm, WLAN_CRYPTO_CIPHER_AES_CCM_256);
*5113495bSYour Name	else if (MCIPHER_IS_GCMP128(crypto_params))
*5113495bSYour Name		RSN_ADD_CIPHER_TO_SUITE(frm, WLAN_CRYPTO_CIPHER_AES_GCM);
*5113495bSYour Name	else if (MCIPHER_IS_GCMP256(crypto_params))
*5113495bSYour Name		RSN_ADD_CIPHER_TO_SUITE(frm, WLAN_CRYPTO_CIPHER_AES_GCM_256);
*5113495bSYour Name
*5113495bSYour Name	/* unicast cipher list */
*5113495bSYour Name	selcnt = frm;
*5113495bSYour Name	WLAN_CRYPTO_ADDSHORT(frm, 0);
*5113495bSYour Name
*5113495bSYour Name	if (UCIPHER_IS_CCMP256(crypto_params)) {
*5113495bSYour Name		selcnt[0]++;
*5113495bSYour Name		RSN_ADD_CIPHER_TO_SUITE(frm, WLAN_CRYPTO_CIPHER_AES_CCM_256);
*5113495bSYour Name	}
*5113495bSYour Name	if (UCIPHER_IS_GCMP256(crypto_params)) {
*5113495bSYour Name		selcnt[0]++;
*5113495bSYour Name		RSN_ADD_CIPHER_TO_SUITE(frm, WLAN_CRYPTO_CIPHER_AES_GCM_256);
*5113495bSYour Name	}
*5113495bSYour Name	if (UCIPHER_IS_CCMP128(crypto_params)) {
*5113495bSYour Name		selcnt[0]++;
*5113495bSYour Name		RSN_ADD_CIPHER_TO_SUITE(frm, WLAN_CRYPTO_CIPHER_AES_CCM);
*5113495bSYour Name	}
*5113495bSYour Name	if (UCIPHER_IS_GCMP128(crypto_params)) {
*5113495bSYour Name		selcnt[0]++;
*5113495bSYour Name		RSN_ADD_CIPHER_TO_SUITE(frm, WLAN_CRYPTO_CIPHER_AES_GCM);
*5113495bSYour Name	}
*5113495bSYour Name	if (UCIPHER_IS_TKIP(crypto_params)) {
*5113495bSYour Name		selcnt[0]++;
*5113495bSYour Name		RSN_ADD_CIPHER_TO_SUITE(frm, WLAN_CRYPTO_CIPHER_TKIP);
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	/* authenticator selector list */
*5113495bSYour Name	selcnt = frm;
*5113495bSYour Name	WLAN_CRYPTO_ADDSHORT(frm, 0);
*5113495bSYour Name	if (HAS_KEY_MGMT(crypto_params, WLAN_CRYPTO_KEY_MGMT_CCKM)) {
*5113495bSYour Name		selcnt[0]++;
*5113495bSYour Name		RSN_ADD_KEYMGMT_TO_SUITE(frm, WLAN_CRYPTO_KEY_MGMT_CCKM);
*5113495bSYour Name		/* Other key mgmt should not be added after CCKM */
*5113495bSYour Name		goto add_rsn_caps;
*5113495bSYour Name	}
*5113495bSYour Name	if (HAS_KEY_MGMT(crypto_params, WLAN_CRYPTO_KEY_MGMT_IEEE8021X)) {
*5113495bSYour Name		selcnt[0]++;
*5113495bSYour Name		RSN_ADD_KEYMGMT_TO_SUITE(frm, WLAN_CRYPTO_KEY_MGMT_IEEE8021X);
*5113495bSYour Name	}
*5113495bSYour Name	if (HAS_KEY_MGMT(crypto_params, WLAN_CRYPTO_KEY_MGMT_PSK)) {
*5113495bSYour Name		selcnt[0]++;
*5113495bSYour Name		RSN_ADD_KEYMGMT_TO_SUITE(frm, WLAN_CRYPTO_KEY_MGMT_PSK);
*5113495bSYour Name	}
*5113495bSYour Name	if (HAS_KEY_MGMT(crypto_params, WLAN_CRYPTO_KEY_MGMT_FT_IEEE8021X)) {
*5113495bSYour Name		selcnt[0]++;
*5113495bSYour Name		RSN_ADD_KEYMGMT_TO_SUITE(frm,
*5113495bSYour Name					 WLAN_CRYPTO_KEY_MGMT_FT_IEEE8021X);
*5113495bSYour Name	}
*5113495bSYour Name	if (HAS_KEY_MGMT(crypto_params, WLAN_CRYPTO_KEY_MGMT_FT_PSK)) {
*5113495bSYour Name		selcnt[0]++;
*5113495bSYour Name		RSN_ADD_KEYMGMT_TO_SUITE(frm, WLAN_CRYPTO_KEY_MGMT_FT_PSK);
*5113495bSYour Name	}
*5113495bSYour Name	if (HAS_KEY_MGMT(crypto_params,
*5113495bSYour Name			 WLAN_CRYPTO_KEY_MGMT_IEEE8021X_SHA256)) {
*5113495bSYour Name		selcnt[0]++;
*5113495bSYour Name		RSN_ADD_KEYMGMT_TO_SUITE(frm,
*5113495bSYour Name					 WLAN_CRYPTO_KEY_MGMT_IEEE8021X_SHA256);
*5113495bSYour Name	}
*5113495bSYour Name	if (HAS_KEY_MGMT(crypto_params, WLAN_CRYPTO_KEY_MGMT_PSK_SHA256)) {
*5113495bSYour Name		selcnt[0]++;
*5113495bSYour Name		RSN_ADD_KEYMGMT_TO_SUITE(frm, WLAN_CRYPTO_KEY_MGMT_PSK_SHA256);
*5113495bSYour Name	}
*5113495bSYour Name	if (HAS_KEY_MGMT(crypto_params, WLAN_CRYPTO_KEY_MGMT_SAE)) {
*5113495bSYour Name		selcnt[0]++;
*5113495bSYour Name		RSN_ADD_KEYMGMT_TO_SUITE(frm, WLAN_CRYPTO_KEY_MGMT_SAE);
*5113495bSYour Name	}
*5113495bSYour Name	if (HAS_KEY_MGMT(crypto_params, WLAN_CRYPTO_KEY_MGMT_FT_SAE)) {
*5113495bSYour Name		selcnt[0]++;
*5113495bSYour Name		RSN_ADD_KEYMGMT_TO_SUITE(frm, WLAN_CRYPTO_KEY_MGMT_FT_SAE);
*5113495bSYour Name	}
*5113495bSYour Name	if (HAS_KEY_MGMT(crypto_params,
*5113495bSYour Name			 WLAN_CRYPTO_KEY_MGMT_IEEE8021X_SUITE_B)) {
*5113495bSYour Name		uint32_t kmgmt = WLAN_CRYPTO_KEY_MGMT_IEEE8021X_SUITE_B;
*5113495bSYour Name
*5113495bSYour Name		selcnt[0]++;
*5113495bSYour Name		RSN_ADD_KEYMGMT_TO_SUITE(frm, kmgmt);
*5113495bSYour Name	}
*5113495bSYour Name	if (HAS_KEY_MGMT(crypto_params,
*5113495bSYour Name			 WLAN_CRYPTO_KEY_MGMT_IEEE8021X_SUITE_B_192)) {
*5113495bSYour Name		uint32_t kmgmt =  WLAN_CRYPTO_KEY_MGMT_IEEE8021X_SUITE_B_192;
*5113495bSYour Name
*5113495bSYour Name		selcnt[0]++;
*5113495bSYour Name		RSN_ADD_KEYMGMT_TO_SUITE(frm, kmgmt);
*5113495bSYour Name	}
*5113495bSYour Name	if (HAS_KEY_MGMT(crypto_params, WLAN_CRYPTO_KEY_MGMT_FILS_SHA256)) {
*5113495bSYour Name		selcnt[0]++;
*5113495bSYour Name		RSN_ADD_KEYMGMT_TO_SUITE(frm, WLAN_CRYPTO_KEY_MGMT_FILS_SHA256);
*5113495bSYour Name	}
*5113495bSYour Name	if (HAS_KEY_MGMT(crypto_params,	WLAN_CRYPTO_KEY_MGMT_FILS_SHA384)) {
*5113495bSYour Name		selcnt[0]++;
*5113495bSYour Name		RSN_ADD_KEYMGMT_TO_SUITE(frm, WLAN_CRYPTO_KEY_MGMT_FILS_SHA384);
*5113495bSYour Name	}
*5113495bSYour Name	if (HAS_KEY_MGMT(crypto_params, WLAN_CRYPTO_KEY_MGMT_FT_FILS_SHA256)) {
*5113495bSYour Name		selcnt[0]++;
*5113495bSYour Name		RSN_ADD_KEYMGMT_TO_SUITE(frm,
*5113495bSYour Name					 WLAN_CRYPTO_KEY_MGMT_FT_FILS_SHA256);
*5113495bSYour Name	}
*5113495bSYour Name	if (HAS_KEY_MGMT(crypto_params, WLAN_CRYPTO_KEY_MGMT_FT_FILS_SHA384)) {
*5113495bSYour Name		selcnt[0]++;
*5113495bSYour Name		RSN_ADD_KEYMGMT_TO_SUITE(frm,
*5113495bSYour Name					 WLAN_CRYPTO_KEY_MGMT_FT_FILS_SHA384);
*5113495bSYour Name	}
*5113495bSYour Name	if (HAS_KEY_MGMT(crypto_params, WLAN_CRYPTO_KEY_MGMT_OWE)) {
*5113495bSYour Name		selcnt[0]++;
*5113495bSYour Name		RSN_ADD_KEYMGMT_TO_SUITE(frm, WLAN_CRYPTO_KEY_MGMT_OWE);
*5113495bSYour Name	}
*5113495bSYour Name	if (HAS_KEY_MGMT(crypto_params, WLAN_CRYPTO_KEY_MGMT_DPP)) {
*5113495bSYour Name		selcnt[0]++;
*5113495bSYour Name		RSN_ADD_KEYMGMT_TO_SUITE(frm, WLAN_CRYPTO_KEY_MGMT_DPP);
*5113495bSYour Name	}
*5113495bSYour Name	if (HAS_KEY_MGMT(crypto_params, WLAN_CRYPTO_KEY_MGMT_OSEN)) {
*5113495bSYour Name		selcnt[0]++;
*5113495bSYour Name		RSN_ADD_KEYMGMT_TO_SUITE(frm, WLAN_CRYPTO_KEY_MGMT_OSEN);
*5113495bSYour Name	}
*5113495bSYour Name	if (HAS_KEY_MGMT(crypto_params, WLAN_CRYPTO_KEY_MGMT_SAE_EXT_KEY)) {
*5113495bSYour Name		selcnt[0]++;
*5113495bSYour Name		RSN_ADD_KEYMGMT_TO_SUITE(frm, WLAN_CRYPTO_KEY_MGMT_SAE_EXT_KEY);
*5113495bSYour Name	}
*5113495bSYour Name	if (HAS_KEY_MGMT(crypto_params,
*5113495bSYour Name			 WLAN_CRYPTO_KEY_MGMT_FT_IEEE8021X_SHA384)) {
*5113495bSYour Name		uint32_t kmgmt = WLAN_CRYPTO_KEY_MGMT_FT_IEEE8021X_SHA384;
*5113495bSYour Name
*5113495bSYour Name		selcnt[0]++;
*5113495bSYour Name		RSN_ADD_KEYMGMT_TO_SUITE(frm, kmgmt);
*5113495bSYour Name	}
*5113495bSYour Name	if (HAS_KEY_MGMT(crypto_params, WLAN_CRYPTO_KEY_MGMT_FT_SAE_EXT_KEY)) {
*5113495bSYour Name		selcnt[0]++;
*5113495bSYour Name		RSN_ADD_KEYMGMT_TO_SUITE(frm,
*5113495bSYour Name					 WLAN_CRYPTO_KEY_MGMT_FT_SAE_EXT_KEY);
*5113495bSYour Name	}
*5113495bSYour Nameadd_rsn_caps:
*5113495bSYour Name	WLAN_CRYPTO_ADDSHORT(frm, crypto_params->rsn_caps);
*5113495bSYour Name	/* optional capabilities */
*5113495bSYour Name	if (crypto_params->rsn_caps & WLAN_CRYPTO_RSN_CAP_MFP_ENABLED) {
*5113495bSYour Name		/* PMK list */
*5113495bSYour Name		if (pmksa) {
*5113495bSYour Name			WLAN_CRYPTO_ADDSHORT(frm, 1);
*5113495bSYour Name			qdf_mem_copy(frm, pmksa->pmkid, PMKID_LEN);
*5113495bSYour Name			frm += PMKID_LEN;
*5113495bSYour Name		} else {
*5113495bSYour Name			WLAN_CRYPTO_ADDSHORT(frm, 0);
*5113495bSYour Name		}
*5113495bSYour Name
*5113495bSYour Name		if (HAS_MGMT_CIPHER(crypto_params,
*5113495bSYour Name						WLAN_CRYPTO_CIPHER_AES_CMAC)) {
*5113495bSYour Name			RSN_ADD_CIPHER_TO_SUITE(frm,
*5113495bSYour Name						WLAN_CRYPTO_CIPHER_AES_CMAC);
*5113495bSYour Name		}
*5113495bSYour Name		if (HAS_MGMT_CIPHER(crypto_params,
*5113495bSYour Name						WLAN_CRYPTO_CIPHER_AES_GMAC)) {
*5113495bSYour Name			RSN_ADD_CIPHER_TO_SUITE(frm,
*5113495bSYour Name						WLAN_CRYPTO_CIPHER_AES_GMAC);
*5113495bSYour Name		}
*5113495bSYour Name		if (HAS_MGMT_CIPHER(crypto_params,
*5113495bSYour Name					 WLAN_CRYPTO_CIPHER_AES_CMAC_256)) {
*5113495bSYour Name			RSN_ADD_CIPHER_TO_SUITE(frm,
*5113495bSYour Name						WLAN_CRYPTO_CIPHER_AES_CMAC_256
*5113495bSYour Name						);
*5113495bSYour Name		}
*5113495bSYour Name
*5113495bSYour Name		if (HAS_MGMT_CIPHER(crypto_params,
*5113495bSYour Name					WLAN_CRYPTO_CIPHER_AES_GMAC_256)) {
*5113495bSYour Name			RSN_ADD_CIPHER_TO_SUITE(frm,
*5113495bSYour Name						WLAN_CRYPTO_CIPHER_AES_GMAC_256
*5113495bSYour Name						);
*5113495bSYour Name		}
*5113495bSYour Name	} else {
*5113495bSYour Name		/* PMK list */
*5113495bSYour Name		if (pmksa) {
*5113495bSYour Name			WLAN_CRYPTO_ADDSHORT(frm, 1);
*5113495bSYour Name			qdf_mem_copy(frm, pmksa->pmkid, PMKID_LEN);
*5113495bSYour Name			frm += PMKID_LEN;
*5113495bSYour Name		}
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	/* calculate element length */
*5113495bSYour Name	iebuf[1] = frm - iebuf - 2;
*5113495bSYour Name
*5113495bSYour Name	return frm;
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour Nameuint8_t *wlan_crypto_build_rsnie(struct wlan_objmgr_vdev *vdev,
*5113495bSYour Name				 uint8_t *iebuf,
*5113495bSYour Name				 struct qdf_mac_addr *bssid)
*5113495bSYour Name{
*5113495bSYour Name	struct wlan_crypto_pmksa *pmksa = NULL;
*5113495bSYour Name
*5113495bSYour Name	if (bssid)
*5113495bSYour Name		pmksa = wlan_crypto_get_pmksa(vdev, bssid);
*5113495bSYour Name
*5113495bSYour Name	return wlan_crypto_build_rsnie_with_pmksa(vdev, iebuf, pmksa);
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour Namebool wlan_crypto_rsn_info(struct wlan_objmgr_vdev *vdev,
*5113495bSYour Name				struct wlan_crypto_params *crypto_params)
*5113495bSYour Name{
*5113495bSYour Name	struct wlan_crypto_params *my_crypto_params;
*5113495bSYour Name	my_crypto_params = wlan_crypto_vdev_get_crypto_params(vdev);
*5113495bSYour Name
*5113495bSYour Name	if (!my_crypto_params) {
*5113495bSYour Name		crypto_debug("vdev crypto params is NULL");
*5113495bSYour Name		return false;
*5113495bSYour Name	}
*5113495bSYour Name	/*
*5113495bSYour Name	 * Check peer's pairwise ciphers.
*5113495bSYour Name	 * At least one must match with our unicast cipher
*5113495bSYour Name	 */
*5113495bSYour Name	if (!UCAST_CIPHER_MATCH(crypto_params, my_crypto_params)) {
*5113495bSYour Name		crypto_debug("Unicast cipher match failed");
*5113495bSYour Name		return false;
*5113495bSYour Name	}
*5113495bSYour Name	/*
*5113495bSYour Name	 * Check peer's group cipher is our enabled multicast cipher.
*5113495bSYour Name	 */
*5113495bSYour Name	if (!MCAST_CIPHER_MATCH(crypto_params, my_crypto_params)) {
*5113495bSYour Name		crypto_debug("Multicast cipher match failed");
*5113495bSYour Name		return false;
*5113495bSYour Name	}
*5113495bSYour Name	/*
*5113495bSYour Name	 * Check peer's key management class set (PSK or UNSPEC)
*5113495bSYour Name	 */
*5113495bSYour Name	if (!KEY_MGMTSET_MATCH(crypto_params, my_crypto_params)) {
*5113495bSYour Name		crypto_debug("Key mgmt match failed");
*5113495bSYour Name		return false;
*5113495bSYour Name	}
*5113495bSYour Name	if (wlan_crypto_vdev_is_pmf_required(vdev) &&
*5113495bSYour Name	    !(crypto_params->rsn_caps & WLAN_CRYPTO_RSN_CAP_MFP_ENABLED)) {
*5113495bSYour Name		crypto_debug("Peer is not PMF capable");
*5113495bSYour Name		return false;
*5113495bSYour Name	}
*5113495bSYour Name	if (!wlan_crypto_vdev_is_pmf_enabled(vdev) &&
*5113495bSYour Name	    (crypto_params->rsn_caps & WLAN_CRYPTO_RSN_CAP_MFP_REQUIRED)) {
*5113495bSYour Name		crypto_debug("Peer needs PMF, but vdev is not capable");
*5113495bSYour Name		return false;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	return true;
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour Name/*
*5113495bSYour Name * Convert an WAPI CIPHER suite to to an internal code.
*5113495bSYour Name */
*5113495bSYour Namestatic int32_t wlan_crypto_wapi_suite_to_cipher(const uint8_t *sel)
*5113495bSYour Name{
*5113495bSYour Name	uint32_t w = LE_READ_4(sel);
*5113495bSYour Name	int32_t status = -1;
*5113495bSYour Name
*5113495bSYour Name	switch (w) {
*5113495bSYour Name	case (WLAN_WAPI_SEL(WLAN_CRYPTO_WAPI_SMS4_CIPHER)):
*5113495bSYour Name		return WLAN_CRYPTO_CIPHER_WAPI_SMS4;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	return status;
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour Name/*
*5113495bSYour Name * Convert an WAPI key management/authentication algorithm
*5113495bSYour Name * to an internal code.
*5113495bSYour Name */
*5113495bSYour Namestatic int32_t wlan_crypto_wapi_keymgmt(const u_int8_t *sel)
*5113495bSYour Name{
*5113495bSYour Name	uint32_t w = LE_READ_4(sel);
*5113495bSYour Name	int32_t status = -1;
*5113495bSYour Name
*5113495bSYour Name	switch (w) {
*5113495bSYour Name	case (WLAN_WAPI_SEL(WLAN_WAI_PSK)):
*5113495bSYour Name		return WLAN_CRYPTO_KEY_MGMT_WAPI_PSK;
*5113495bSYour Name	case (WLAN_WAPI_SEL(WLAN_WAI_CERT_OR_SMS4)):
*5113495bSYour Name		return WLAN_CRYPTO_KEY_MGMT_WAPI_CERT;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	return status;
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour NameQDF_STATUS wlan_crypto_wapiie_check(struct wlan_crypto_params *crypto_params,
*5113495bSYour Name				    const uint8_t *frm)
*5113495bSYour Name{
*5113495bSYour Name	uint8_t len = frm[1];
*5113495bSYour Name	int32_t w;
*5113495bSYour Name	int n;
*5113495bSYour Name
*5113495bSYour Name	/*
*5113495bSYour Name	 * Check the length once for fixed parts: OUI, type,
*5113495bSYour Name	 * version, mcast cipher, and 2 selector counts.
*5113495bSYour Name	 * Other, variable-length data, must be checked separately.
*5113495bSYour Name	 */
*5113495bSYour Name	SET_AUTHMODE(crypto_params, WLAN_CRYPTO_AUTH_WAPI);
*5113495bSYour Name
*5113495bSYour Name	if (len < WLAN_CRYPTO_WAPI_IE_LEN)
*5113495bSYour Name		return QDF_STATUS_E_INVAL;
*5113495bSYour Name
*5113495bSYour Name
*5113495bSYour Name	frm += 2;
*5113495bSYour Name
*5113495bSYour Name	w = LE_READ_2(frm);
*5113495bSYour Name	frm += 2, len -= 2;
*5113495bSYour Name	if (w != WAPI_VERSION)
*5113495bSYour Name		return QDF_STATUS_E_INVAL;
*5113495bSYour Name
*5113495bSYour Name	n = LE_READ_2(frm);
*5113495bSYour Name	frm += 2, len -= 2;
*5113495bSYour Name	if (len < n*4+2)
*5113495bSYour Name		return QDF_STATUS_E_INVAL;
*5113495bSYour Name
*5113495bSYour Name	for (; n > 0; n--) {
*5113495bSYour Name		w = wlan_crypto_wapi_keymgmt(frm);
*5113495bSYour Name		if (w < 0)
*5113495bSYour Name			return QDF_STATUS_E_INVAL;
*5113495bSYour Name
*5113495bSYour Name		SET_KEY_MGMT(crypto_params, w);
*5113495bSYour Name		frm += 4, len -= 4;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	/* unicast ciphers */
*5113495bSYour Name	n = LE_READ_2(frm);
*5113495bSYour Name	frm += 2, len -= 2;
*5113495bSYour Name	if (len < n*4+2)
*5113495bSYour Name		return QDF_STATUS_E_INVAL;
*5113495bSYour Name
*5113495bSYour Name	for (; n > 0; n--) {
*5113495bSYour Name		w = wlan_crypto_wapi_suite_to_cipher(frm);
*5113495bSYour Name		if (w < 0)
*5113495bSYour Name			return QDF_STATUS_E_INVAL;
*5113495bSYour Name		SET_UCAST_CIPHER(crypto_params, w);
*5113495bSYour Name		frm += 4, len -= 4;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	if (!crypto_params->ucastcipherset)
*5113495bSYour Name		return QDF_STATUS_E_INVAL;
*5113495bSYour Name
*5113495bSYour Name	/* multicast/group cipher */
*5113495bSYour Name	w = wlan_crypto_wapi_suite_to_cipher(frm);
*5113495bSYour Name
*5113495bSYour Name	if (w < 0)
*5113495bSYour Name		return QDF_STATUS_E_INVAL;
*5113495bSYour Name
*5113495bSYour Name	SET_MCAST_CIPHER(crypto_params, w);
*5113495bSYour Name	frm += 4, len -= 4;
*5113495bSYour Name
*5113495bSYour Name	return QDF_STATUS_SUCCESS;
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour Nameuint8_t *wlan_crypto_build_wapiie(struct wlan_objmgr_vdev *vdev,
*5113495bSYour Name				uint8_t *iebuf)
*5113495bSYour Name{
*5113495bSYour Name	uint8_t *frm;
*5113495bSYour Name	uint8_t *selcnt;
*5113495bSYour Name	struct wlan_crypto_comp_priv *crypto_priv;
*5113495bSYour Name	struct wlan_crypto_params *crypto_params;
*5113495bSYour Name
*5113495bSYour Name	frm = iebuf;
*5113495bSYour Name	if (!frm) {
*5113495bSYour Name		crypto_err("ie buffer NULL");
*5113495bSYour Name		return NULL;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	crypto_params = wlan_crypto_vdev_get_comp_params(vdev, &crypto_priv);
*5113495bSYour Name
*5113495bSYour Name	if (!crypto_params) {
*5113495bSYour Name		crypto_err("crypto_params NULL");
*5113495bSYour Name		return NULL;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	*frm++ = WLAN_ELEMID_WAPI;
*5113495bSYour Name	*frm++ = 0;
*5113495bSYour Name
*5113495bSYour Name	WLAN_CRYPTO_ADDSHORT(frm, WAPI_VERSION);
*5113495bSYour Name
*5113495bSYour Name	/* authenticator selector list */
*5113495bSYour Name	selcnt = frm;
*5113495bSYour Name	WLAN_CRYPTO_ADDSHORT(frm, 0);
*5113495bSYour Name
*5113495bSYour Name	if (HAS_KEY_MGMT(crypto_params, WLAN_CRYPTO_KEY_MGMT_WAPI_PSK)) {
*5113495bSYour Name		selcnt[0]++;
*5113495bSYour Name		WLAN_CRYPTO_ADDSELECTOR(frm,
*5113495bSYour Name				WLAN_WAPI_SEL(WLAN_WAI_PSK));
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	if (HAS_KEY_MGMT(crypto_params, WLAN_CRYPTO_KEY_MGMT_WAPI_CERT)) {
*5113495bSYour Name		selcnt[0]++;
*5113495bSYour Name		WLAN_CRYPTO_ADDSELECTOR(frm,
*5113495bSYour Name				WLAN_WAPI_SEL(WLAN_WAI_CERT_OR_SMS4));
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	/* unicast cipher list */
*5113495bSYour Name	selcnt = frm;
*5113495bSYour Name	WLAN_CRYPTO_ADDSHORT(frm, 0);
*5113495bSYour Name
*5113495bSYour Name	if (UCIPHER_IS_SMS4(crypto_params)) {
*5113495bSYour Name		selcnt[0]++;
*5113495bSYour Name		WLAN_CRYPTO_ADDSELECTOR(frm,
*5113495bSYour Name				WLAN_WAPI_SEL(WLAN_CRYPTO_WAPI_SMS4_CIPHER));
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	WLAN_CRYPTO_ADDSELECTOR(frm,
*5113495bSYour Name				WLAN_WAPI_SEL(WLAN_CRYPTO_WAPI_SMS4_CIPHER));
*5113495bSYour Name
*5113495bSYour Name	/* optional capabilities */
*5113495bSYour Name	WLAN_CRYPTO_ADDSHORT(frm, crypto_params->rsn_caps);
*5113495bSYour Name
*5113495bSYour Name	/* bkid count */
*5113495bSYour Name	if (vdev->vdev_mlme.vdev_opmode == QDF_STA_MODE ||
*5113495bSYour Name	    vdev->vdev_mlme.vdev_opmode == QDF_P2P_CLIENT_MODE)
*5113495bSYour Name		WLAN_CRYPTO_ADDSHORT(frm, 0);
*5113495bSYour Name
*5113495bSYour Name	/* calculate element length */
*5113495bSYour Name	iebuf[1] = frm - iebuf - 2;
*5113495bSYour Name
*5113495bSYour Name	return frm;
*5113495bSYour Name
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour NameQDF_STATUS wlan_crypto_pn_check(struct wlan_objmgr_vdev *vdev,
*5113495bSYour Name				qdf_nbuf_t wbuf)
*5113495bSYour Name{
*5113495bSYour Name	/* Need to check is there real requirement for this function
*5113495bSYour Name	 * as PN check is already handled in decap function.
*5113495bSYour Name	 */
*5113495bSYour Name	return QDF_STATUS_SUCCESS;
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour Namestruct wlan_crypto_params *wlan_crypto_vdev_get_crypto_params(
*5113495bSYour Name						struct wlan_objmgr_vdev *vdev)
*5113495bSYour Name{
*5113495bSYour Name	struct wlan_crypto_comp_priv *crypto_priv;
*5113495bSYour Name
*5113495bSYour Name	return wlan_crypto_vdev_get_comp_params(vdev, &crypto_priv);
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour Namestruct wlan_crypto_params *wlan_crypto_peer_get_crypto_params(
*5113495bSYour Name						struct wlan_objmgr_peer *peer)
*5113495bSYour Name{
*5113495bSYour Name	struct wlan_crypto_comp_priv *crypto_priv;
*5113495bSYour Name
*5113495bSYour Name	return wlan_crypto_peer_get_comp_params(peer, &crypto_priv);
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour Name
*5113495bSYour NameQDF_STATUS wlan_crypto_set_peer_wep_keys(struct wlan_objmgr_vdev *vdev,
*5113495bSYour Name					struct wlan_objmgr_peer *peer)
*5113495bSYour Name{
*5113495bSYour Name	struct wlan_crypto_comp_priv *crypto_priv;
*5113495bSYour Name	struct wlan_crypto_comp_priv *sta_crypto_priv;
*5113495bSYour Name	struct wlan_crypto_params *crypto_params;
*5113495bSYour Name	struct wlan_crypto_key *key;
*5113495bSYour Name	struct wlan_crypto_key *sta_key;
*5113495bSYour Name	struct wlan_crypto_keys *sta_priv = NULL;
*5113495bSYour Name	struct wlan_crypto_cipher *cipher_table;
*5113495bSYour Name	struct wlan_objmgr_psoc *psoc;
*5113495bSYour Name	struct wlan_lmac_if_tx_ops *tx_ops;
*5113495bSYour Name	uint8_t *mac_addr;
*5113495bSYour Name	int i;
*5113495bSYour Name	enum QDF_OPMODE opmode;
*5113495bSYour Name	QDF_STATUS status = QDF_STATUS_SUCCESS;
*5113495bSYour Name
*5113495bSYour Name	if (!vdev)
*5113495bSYour Name		return QDF_STATUS_E_NULL_VALUE;
*5113495bSYour Name
*5113495bSYour Name	if (!peer) {
*5113495bSYour Name		crypto_debug("peer NULL");
*5113495bSYour Name		return QDF_STATUS_E_INVAL;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	opmode = wlan_vdev_mlme_get_opmode(vdev);
*5113495bSYour Name	psoc = wlan_vdev_get_psoc(vdev);
*5113495bSYour Name
*5113495bSYour Name	if (!psoc) {
*5113495bSYour Name		crypto_err("psoc NULL");
*5113495bSYour Name		return QDF_STATUS_E_NULL_VALUE;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	wlan_peer_obj_lock(peer);
*5113495bSYour Name	mac_addr = wlan_peer_get_macaddr(peer);
*5113495bSYour Name	wlan_peer_obj_unlock(peer);
*5113495bSYour Name
*5113495bSYour Name	crypto_params = wlan_crypto_vdev_get_comp_params(vdev,
*5113495bSYour Name							&crypto_priv);
*5113495bSYour Name	if (!crypto_priv) {
*5113495bSYour Name		crypto_err("crypto_priv NULL");
*5113495bSYour Name		return QDF_STATUS_E_NULL_VALUE;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	/* push only valid static WEP keys from vap */
*5113495bSYour Name	if (AUTH_IS_8021X(crypto_params))
*5113495bSYour Name		return QDF_STATUS_E_INVAL;
*5113495bSYour Name
*5113495bSYour Name	if (opmode == QDF_STA_MODE) {
*5113495bSYour Name		peer = wlan_objmgr_vdev_try_get_bsspeer(vdev, WLAN_CRYPTO_ID);
*5113495bSYour Name		if (!peer) {
*5113495bSYour Name			crypto_debug("peer NULL");
*5113495bSYour Name			return QDF_STATUS_E_INVAL;
*5113495bSYour Name		}
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	wlan_crypto_peer_get_comp_params(peer, &sta_crypto_priv);
*5113495bSYour Name	if (!sta_crypto_priv) {
*5113495bSYour Name		crypto_err("sta priv is null");
*5113495bSYour Name		status = QDF_STATUS_E_INVAL;
*5113495bSYour Name		goto exit;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	sta_priv = &sta_crypto_priv->crypto_key;
*5113495bSYour Name
*5113495bSYour Name	for (i = 0; i < WLAN_CRYPTO_MAXKEYIDX; i++) {
*5113495bSYour Name		if (crypto_priv->crypto_key.key[i]) {
*5113495bSYour Name			key = crypto_priv->crypto_key.key[i];
*5113495bSYour Name			if (!key || !key->valid)
*5113495bSYour Name				continue;
*5113495bSYour Name
*5113495bSYour Name			cipher_table = (struct wlan_crypto_cipher *)
*5113495bSYour Name							key->cipher_table;
*5113495bSYour Name
*5113495bSYour Name			if (!cipher_table)
*5113495bSYour Name				continue;
*5113495bSYour Name			if (cipher_table->cipher == WLAN_CRYPTO_CIPHER_WEP) {
*5113495bSYour Name				tx_ops = wlan_psoc_get_lmac_if_txops(psoc);
*5113495bSYour Name				if (!tx_ops) {
*5113495bSYour Name					crypto_err("tx_ops is NULL");
*5113495bSYour Name					return QDF_STATUS_E_INVAL;
*5113495bSYour Name				}
*5113495bSYour Name
*5113495bSYour Name				sta_key = qdf_mem_malloc(
*5113495bSYour Name						sizeof(struct wlan_crypto_key));
*5113495bSYour Name				if (!sta_key) {
*5113495bSYour Name					status = QDF_STATUS_E_NOMEM;
*5113495bSYour Name					goto exit;
*5113495bSYour Name				}
*5113495bSYour Name
*5113495bSYour Name				sta_priv->key[i] = sta_key;
*5113495bSYour Name				qdf_mem_copy(sta_key, key,
*5113495bSYour Name						sizeof(struct wlan_crypto_key));
*5113495bSYour Name
*5113495bSYour Name				sta_key->flags &= ~WLAN_CRYPTO_KEY_DEFAULT;
*5113495bSYour Name
*5113495bSYour Name				if (crypto_priv->crypto_key.def_tx_keyid == i) {
*5113495bSYour Name					sta_key->flags
*5113495bSYour Name						|= WLAN_CRYPTO_KEY_DEFAULT;
*5113495bSYour Name					sta_priv->def_tx_keyid =
*5113495bSYour Name					crypto_priv->crypto_key.def_tx_keyid;
*5113495bSYour Name				}
*5113495bSYour Name				/* setting the broadcast/multicast key for sta*/
*5113495bSYour Name				if (opmode == QDF_STA_MODE ||
*5113495bSYour Name						opmode == QDF_IBSS_MODE){
*5113495bSYour Name					if (WLAN_CRYPTO_TX_OPS_SETKEY(tx_ops)) {
*5113495bSYour Name						WLAN_CRYPTO_TX_OPS_SETKEY(
*5113495bSYour Name							tx_ops)(vdev, sta_key,
*5113495bSYour Name							mac_addr,
*5113495bSYour Name							cipher_table->cipher);
*5113495bSYour Name					}
*5113495bSYour Name				}
*5113495bSYour Name
*5113495bSYour Name				/* setting unicast key */
*5113495bSYour Name				sta_key->flags &= ~WLAN_CRYPTO_KEY_GROUP;
*5113495bSYour Name				if (WLAN_CRYPTO_TX_OPS_SETKEY(tx_ops)) {
*5113495bSYour Name					WLAN_CRYPTO_TX_OPS_SETKEY(tx_ops)(
*5113495bSYour Name							vdev, sta_key,
*5113495bSYour Name							mac_addr,
*5113495bSYour Name							cipher_table->cipher);
*5113495bSYour Name				}
*5113495bSYour Name			}
*5113495bSYour Name		}
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Nameexit:
*5113495bSYour Name	if (opmode == QDF_STA_MODE)
*5113495bSYour Name		wlan_objmgr_peer_release_ref(peer, WLAN_CRYPTO_ID);
*5113495bSYour Name
*5113495bSYour Name	return status;
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour NameQDF_STATUS wlan_crypto_register_crypto_rx_ops(
*5113495bSYour Name			struct wlan_lmac_if_crypto_rx_ops *crypto_rx_ops)
*5113495bSYour Name{
*5113495bSYour Name	crypto_rx_ops->crypto_encap      = wlan_crypto_encap;
*5113495bSYour Name	crypto_rx_ops->crypto_decap      = wlan_crypto_decap;
*5113495bSYour Name	crypto_rx_ops->crypto_enmic      = wlan_crypto_enmic;
*5113495bSYour Name	crypto_rx_ops->crypto_demic      = wlan_crypto_demic;
*5113495bSYour Name	crypto_rx_ops->set_peer_wep_keys = wlan_crypto_set_peer_wep_keys;
*5113495bSYour Name
*5113495bSYour Name	return QDF_STATUS_SUCCESS;
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour Namestruct wlan_lmac_if_crypto_rx_ops *wlan_crypto_get_crypto_rx_ops(
*5113495bSYour Name					struct wlan_objmgr_psoc *psoc)
*5113495bSYour Name{
*5113495bSYour Name	struct wlan_lmac_if_rx_ops *rx_ops;
*5113495bSYour Name
*5113495bSYour Name	rx_ops = wlan_psoc_get_lmac_if_rxops(psoc);
*5113495bSYour Name
*5113495bSYour Name	if (!rx_ops) {
*5113495bSYour Name		crypto_err("rx_ops is NULL");
*5113495bSYour Name		return NULL;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	return &rx_ops->crypto_rx_ops;
*5113495bSYour Name}
*5113495bSYour Nameqdf_export_symbol(wlan_crypto_get_crypto_rx_ops);
*5113495bSYour Name
*5113495bSYour Namebool wlan_crypto_vdev_has_auth_mode(struct wlan_objmgr_vdev *vdev,
*5113495bSYour Name					wlan_crypto_auth_mode authvalue)
*5113495bSYour Name{
*5113495bSYour Name	int res;
*5113495bSYour Name
*5113495bSYour Name	res = wlan_crypto_get_param(vdev, WLAN_CRYPTO_PARAM_AUTH_MODE);
*5113495bSYour Name
*5113495bSYour Name	if (res != -1)
*5113495bSYour Name		return (res & authvalue) ? true : false;
*5113495bSYour Name	return false;
*5113495bSYour Name}
*5113495bSYour Nameqdf_export_symbol(wlan_crypto_vdev_has_auth_mode);
*5113495bSYour Name
*5113495bSYour Namebool wlan_crypto_peer_has_auth_mode(struct wlan_objmgr_peer *peer,
*5113495bSYour Name					wlan_crypto_auth_mode authvalue)
*5113495bSYour Name{
*5113495bSYour Name	int res;
*5113495bSYour Name
*5113495bSYour Name	res = wlan_crypto_get_peer_param(peer, WLAN_CRYPTO_PARAM_AUTH_MODE);
*5113495bSYour Name
*5113495bSYour Name	if (res != -1)
*5113495bSYour Name		return (res & authvalue) ? true : false;
*5113495bSYour Name
*5113495bSYour Name	return false;
*5113495bSYour Name}
*5113495bSYour Nameqdf_export_symbol(wlan_crypto_peer_has_auth_mode);
*5113495bSYour Name
*5113495bSYour Namebool wlan_crypto_vdev_has_ucastcipher(struct wlan_objmgr_vdev *vdev,
*5113495bSYour Name					wlan_crypto_cipher_type ucastcipher)
*5113495bSYour Name{
*5113495bSYour Name	int res;
*5113495bSYour Name
*5113495bSYour Name	res = wlan_crypto_get_param(vdev, WLAN_CRYPTO_PARAM_UCAST_CIPHER);
*5113495bSYour Name
*5113495bSYour Name	if (res != -1)
*5113495bSYour Name		return (res & ucastcipher) ? true : false;
*5113495bSYour Name
*5113495bSYour Name	return false;
*5113495bSYour Name}
*5113495bSYour Nameqdf_export_symbol(wlan_crypto_vdev_has_ucastcipher);
*5113495bSYour Name
*5113495bSYour Namebool wlan_crypto_peer_has_ucastcipher(struct wlan_objmgr_peer *peer,
*5113495bSYour Name					wlan_crypto_cipher_type ucastcipher)
*5113495bSYour Name{
*5113495bSYour Name	int res;
*5113495bSYour Name
*5113495bSYour Name	res = wlan_crypto_get_peer_param(peer, WLAN_CRYPTO_PARAM_UCAST_CIPHER);
*5113495bSYour Name
*5113495bSYour Name	if (res != -1)
*5113495bSYour Name		return (res & ucastcipher) ? true : false;
*5113495bSYour Name
*5113495bSYour Name	return false;
*5113495bSYour Name}
*5113495bSYour Nameqdf_export_symbol(wlan_crypto_peer_has_ucastcipher);
*5113495bSYour Name
*5113495bSYour Namebool wlan_crypto_vdev_has_mcastcipher(struct wlan_objmgr_vdev *vdev,
*5113495bSYour Name					wlan_crypto_cipher_type mcastcipher)
*5113495bSYour Name{
*5113495bSYour Name	int res;
*5113495bSYour Name
*5113495bSYour Name	res = wlan_crypto_get_param(vdev, WLAN_CRYPTO_PARAM_MCAST_CIPHER);
*5113495bSYour Name
*5113495bSYour Name	if (res != -1)
*5113495bSYour Name		return (res & mcastcipher) ? true : false;
*5113495bSYour Name
*5113495bSYour Name	return false;
*5113495bSYour Name}
*5113495bSYour Nameqdf_export_symbol(wlan_crypto_vdev_has_mcastcipher);
*5113495bSYour Name
*5113495bSYour Namebool wlan_crypto_peer_has_mcastcipher(struct wlan_objmgr_peer *peer,
*5113495bSYour Name					wlan_crypto_cipher_type mcastcipher)
*5113495bSYour Name{
*5113495bSYour Name	int res;
*5113495bSYour Name
*5113495bSYour Name	res = wlan_crypto_get_peer_param(peer, WLAN_CRYPTO_PARAM_MCAST_CIPHER);
*5113495bSYour Name
*5113495bSYour Name	if (res != -1)
*5113495bSYour Name		return (res & mcastcipher) ? true : false;
*5113495bSYour Name
*5113495bSYour Name	return false;
*5113495bSYour Name}
*5113495bSYour Nameqdf_export_symbol(wlan_crypto_peer_has_mcastcipher);
*5113495bSYour Name
*5113495bSYour Namebool wlan_crypto_vdev_has_mgmtcipher(struct wlan_objmgr_vdev *vdev,
*5113495bSYour Name				     uint32_t mgmtcipher)
*5113495bSYour Name{
*5113495bSYour Name	int res;
*5113495bSYour Name
*5113495bSYour Name	res = wlan_crypto_get_param(vdev, WLAN_CRYPTO_PARAM_MGMT_CIPHER);
*5113495bSYour Name
*5113495bSYour Name	if (res != -1)
*5113495bSYour Name		return (res & mgmtcipher) ? true : false;
*5113495bSYour Name
*5113495bSYour Name	return false;
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour Nameqdf_export_symbol(wlan_crypto_vdev_has_mgmtcipher);
*5113495bSYour Name
*5113495bSYour Namebool wlan_crypto_peer_has_mgmtcipher(struct wlan_objmgr_peer *peer,
*5113495bSYour Name				     uint32_t mgmtcipher)
*5113495bSYour Name{
*5113495bSYour Name	int res;
*5113495bSYour Name
*5113495bSYour Name	res = wlan_crypto_get_peer_param(peer, WLAN_CRYPTO_PARAM_MGMT_CIPHER);
*5113495bSYour Name
*5113495bSYour Name	if (res != -1)
*5113495bSYour Name		return (res & mgmtcipher) ? true : false;
*5113495bSYour Name
*5113495bSYour Name	return false;
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour Nameqdf_export_symbol(wlan_crypto_peer_has_mgmtcipher);
*5113495bSYour Name
*5113495bSYour Nameuint8_t wlan_crypto_get_peer_fils_aead(struct wlan_objmgr_peer *peer)
*5113495bSYour Name{
*5113495bSYour Name	struct wlan_crypto_comp_priv *crypto_priv = NULL;
*5113495bSYour Name
*5113495bSYour Name	if (!peer) {
*5113495bSYour Name		crypto_err("Invalid Input");
*5113495bSYour Name		return 0;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	crypto_priv = wlan_get_peer_crypto_obj(peer);
*5113495bSYour Name	if (!crypto_priv) {
*5113495bSYour Name		crypto_err("crypto_priv NULL");
*5113495bSYour Name		return 0;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	return crypto_priv->fils_aead_set;
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour Namevoid
*5113495bSYour Namewlan_crypto_set_peer_fils_aead(struct wlan_objmgr_peer *peer, uint8_t value)
*5113495bSYour Name{
*5113495bSYour Name	struct wlan_crypto_comp_priv *crypto_priv = NULL;
*5113495bSYour Name
*5113495bSYour Name	if (!peer) {
*5113495bSYour Name		crypto_err("Invalid Input");
*5113495bSYour Name		return;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	crypto_priv = wlan_get_peer_crypto_obj(peer);
*5113495bSYour Name	if (!crypto_priv) {
*5113495bSYour Name		crypto_err("crypto_priv NULL");
*5113495bSYour Name		return;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	crypto_priv->fils_aead_set = value;
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour Nameuint8_t wlan_crypto_get_key_header(struct wlan_crypto_key *key)
*5113495bSYour Name{
*5113495bSYour Name	struct wlan_crypto_cipher *cipher_table;
*5113495bSYour Name
*5113495bSYour Name	cipher_table = (struct wlan_crypto_cipher *)key->cipher_table;
*5113495bSYour Name	if (cipher_table)
*5113495bSYour Name		return cipher_table->header;
*5113495bSYour Name	else
*5113495bSYour Name		return 0;
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour Nameqdf_export_symbol(wlan_crypto_get_key_header);
*5113495bSYour Name
*5113495bSYour Nameuint8_t wlan_crypto_get_key_trailer(struct wlan_crypto_key *key)
*5113495bSYour Name{
*5113495bSYour Name	struct wlan_crypto_cipher *cipher_table;
*5113495bSYour Name
*5113495bSYour Name	cipher_table = (struct wlan_crypto_cipher *)key->cipher_table;
*5113495bSYour Name	if (cipher_table)
*5113495bSYour Name		return cipher_table->trailer;
*5113495bSYour Name	else
*5113495bSYour Name		return 0;
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour Nameqdf_export_symbol(wlan_crypto_get_key_trailer);
*5113495bSYour Name
*5113495bSYour Nameuint8_t wlan_crypto_get_key_miclen(struct wlan_crypto_key *key)
*5113495bSYour Name{
*5113495bSYour Name	struct wlan_crypto_cipher *cipher_table;
*5113495bSYour Name
*5113495bSYour Name	cipher_table = (struct wlan_crypto_cipher *)key->cipher_table;
*5113495bSYour Name	if (cipher_table)
*5113495bSYour Name		return cipher_table->miclen;
*5113495bSYour Name	else
*5113495bSYour Name		return 0;
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour Nameqdf_export_symbol(wlan_crypto_get_key_miclen);
*5113495bSYour Name
*5113495bSYour Nameuint16_t wlan_crypto_get_keyid(uint8_t *data, int hdrlen)
*5113495bSYour Name{
*5113495bSYour Name	struct wlan_frame_hdr *hdr = (struct wlan_frame_hdr *)data;
*5113495bSYour Name	uint8_t *iv;
*5113495bSYour Name	uint8_t stype = WLAN_FC0_GET_STYPE(hdr->i_fc[0]);
*5113495bSYour Name	uint8_t type = WLAN_FC0_GET_TYPE(hdr->i_fc[0]);
*5113495bSYour Name
*5113495bSYour Name	/*
*5113495bSYour Name	 * In FILS SK (Re)Association request/response frame has
*5113495bSYour Name	 * to be decrypted
*5113495bSYour Name	 */
*5113495bSYour Name	if ((type == WLAN_FC0_TYPE_MGMT) &&
*5113495bSYour Name	    ((stype == WLAN_FC0_STYPE_ASSOC_REQ) ||
*5113495bSYour Name	    (stype == WLAN_FC0_STYPE_REASSOC_REQ) ||
*5113495bSYour Name	    (stype == WLAN_FC0_STYPE_ASSOC_RESP) ||
*5113495bSYour Name	    (stype == WLAN_FC0_STYPE_REASSOC_RESP))) {
*5113495bSYour Name		return 0;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	if (hdr->i_fc[1] & WLAN_FC1_ISWEP) {
*5113495bSYour Name		iv = data + hdrlen;
*5113495bSYour Name		/*
*5113495bSYour Name		 * iv[3] is the Key ID octet in the CCMP/TKIP/WEP headers
*5113495bSYour Name		 * Bits 6–7 of the Key ID octet are for the Key ID subfield
*5113495bSYour Name		 */
*5113495bSYour Name		return ((iv[3] >> 6) & 0x3);
*5113495bSYour Name	} else {
*5113495bSYour Name		return WLAN_CRYPTO_KEYIX_NONE;
*5113495bSYour Name	}
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour Nameqdf_export_symbol(wlan_crypto_get_keyid);
*5113495bSYour Name
*5113495bSYour Name/**
*5113495bSYour Name * crypto_plumb_peer_keys() - called during radio reset
*5113495bSYour Name * @vdev: vdev
*5113495bSYour Name * @object: peer
*5113495bSYour Name * @arg: psoc
*5113495bSYour Name *
*5113495bSYour Name * Restore unicast and persta hardware keys
*5113495bSYour Name *
*5113495bSYour Name * Return: void
*5113495bSYour Name */
*5113495bSYour Namestatic void crypto_plumb_peer_keys(struct wlan_objmgr_vdev *vdev,
*5113495bSYour Name				   void *object, void *arg)
*5113495bSYour Name{
*5113495bSYour Name	struct wlan_objmgr_peer *peer = (struct wlan_objmgr_peer *)object;
*5113495bSYour Name	struct wlan_objmgr_psoc *psoc = (struct wlan_objmgr_psoc *)arg;
*5113495bSYour Name	struct wlan_crypto_comp_priv *crypto_priv;
*5113495bSYour Name	struct wlan_crypto_params *crypto_params;
*5113495bSYour Name	struct wlan_crypto_key *key = NULL;
*5113495bSYour Name	struct wlan_lmac_if_tx_ops *tx_ops;
*5113495bSYour Name	int i;
*5113495bSYour Name
*5113495bSYour Name	if ((!peer) || (!vdev) || (!psoc)) {
*5113495bSYour Name		crypto_err("Peer or vdev or psoc objects are null!");
*5113495bSYour Name		return;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	crypto_params = wlan_crypto_peer_get_comp_params(peer,
*5113495bSYour Name							 &crypto_priv);
*5113495bSYour Name
*5113495bSYour Name	if (!crypto_priv) {
*5113495bSYour Name		crypto_err("crypto_priv NULL");
*5113495bSYour Name		return;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	for (i = 0; i < WLAN_CRYPTO_MAXKEYIDX; i++) {
*5113495bSYour Name		key = crypto_priv->crypto_key.key[i];
*5113495bSYour Name		if (key && key->valid) {
*5113495bSYour Name			tx_ops = wlan_psoc_get_lmac_if_txops(psoc);
*5113495bSYour Name
*5113495bSYour Name			if (!tx_ops) {
*5113495bSYour Name				crypto_err("tx_ops is NULL");
*5113495bSYour Name				return;
*5113495bSYour Name			}
*5113495bSYour Name			if (WLAN_CRYPTO_TX_OPS_SETKEY(tx_ops)) {
*5113495bSYour Name				WLAN_CRYPTO_TX_OPS_SETKEY(tx_ops)
*5113495bSYour Name					(
*5113495bSYour Name					 vdev,
*5113495bSYour Name					 key,
*5113495bSYour Name					 wlan_peer_get_macaddr(peer),
*5113495bSYour Name					 wlan_crypto_get_key_type(key)
*5113495bSYour Name					);
*5113495bSYour Name			}
*5113495bSYour Name		}
*5113495bSYour Name	}
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour Namevoid wlan_crypto_restore_keys(struct wlan_objmgr_vdev *vdev)
*5113495bSYour Name{
*5113495bSYour Name	int i;
*5113495bSYour Name	struct wlan_crypto_comp_priv *crypto_priv;
*5113495bSYour Name	struct wlan_crypto_params *crypto_params;
*5113495bSYour Name	struct wlan_crypto_key *key;
*5113495bSYour Name	uint8_t macaddr[QDF_MAC_ADDR_SIZE] =
*5113495bSYour Name			{0xff, 0xff, 0xff, 0xff, 0xff, 0xff};
*5113495bSYour Name	struct wlan_objmgr_pdev *pdev = NULL;
*5113495bSYour Name	struct wlan_objmgr_psoc *psoc = NULL;
*5113495bSYour Name	struct wlan_lmac_if_tx_ops *tx_ops;
*5113495bSYour Name
*5113495bSYour Name	pdev = wlan_vdev_get_pdev(vdev);
*5113495bSYour Name	psoc = wlan_vdev_get_psoc(vdev);
*5113495bSYour Name	if (!pdev) {
*5113495bSYour Name		crypto_err("pdev is NULL");
*5113495bSYour Name		return;
*5113495bSYour Name	}
*5113495bSYour Name	if (!psoc) {
*5113495bSYour Name		crypto_err("psoc is NULL");
*5113495bSYour Name		return;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	/* TBD: QWRAP key restore*/
*5113495bSYour Name	/* crypto is on */
*5113495bSYour Name	if (wlan_vdev_mlme_feat_cap_get(vdev, WLAN_VDEV_F_PRIVACY)) {
*5113495bSYour Name		/* restore static shared keys */
*5113495bSYour Name		for (i = 0; i < WLAN_CRYPTO_MAXKEYIDX; i++) {
*5113495bSYour Name			crypto_params = wlan_crypto_vdev_get_comp_params
*5113495bSYour Name				(
*5113495bSYour Name				 vdev,
*5113495bSYour Name				 &crypto_priv
*5113495bSYour Name				);
*5113495bSYour Name			if (!crypto_priv) {
*5113495bSYour Name				crypto_err("crypto_priv is NULL");
*5113495bSYour Name				return;
*5113495bSYour Name			}
*5113495bSYour Name			key = crypto_priv->crypto_key.key[i];
*5113495bSYour Name			if (key && key->valid) {
*5113495bSYour Name				tx_ops = wlan_psoc_get_lmac_if_txops(psoc);
*5113495bSYour Name				if (!tx_ops) {
*5113495bSYour Name					crypto_err("tx_ops is NULL");
*5113495bSYour Name					return;
*5113495bSYour Name				}
*5113495bSYour Name				if (WLAN_CRYPTO_TX_OPS_SETKEY(tx_ops)) {
*5113495bSYour Name					WLAN_CRYPTO_TX_OPS_SETKEY(tx_ops)
*5113495bSYour Name						(
*5113495bSYour Name						 vdev,
*5113495bSYour Name						 key,
*5113495bSYour Name						 macaddr,
*5113495bSYour Name						 wlan_crypto_get_key_type(key)
*5113495bSYour Name						 );
*5113495bSYour Name				}
*5113495bSYour Name			}
*5113495bSYour Name		}
*5113495bSYour Name
*5113495bSYour Name		wlan_objmgr_iterate_peerobj_list(vdev,
*5113495bSYour Name						 crypto_plumb_peer_keys,
*5113495bSYour Name						 psoc,
*5113495bSYour Name						 WLAN_CRYPTO_ID);
*5113495bSYour Name	}
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour NameQDF_STATUS
*5113495bSYour Namewlan_get_crypto_params_from_rsn_ie(struct wlan_crypto_params *crypto_params,
*5113495bSYour Name				   const uint8_t *ie_ptr, uint16_t ie_len)
*5113495bSYour Name{
*5113495bSYour Name	const uint8_t *rsn_ie = NULL;
*5113495bSYour Name	QDF_STATUS status;
*5113495bSYour Name
*5113495bSYour Name	qdf_mem_zero(crypto_params, sizeof(struct wlan_crypto_params));
*5113495bSYour Name	rsn_ie = wlan_get_ie_ptr_from_eid(WLAN_ELEMID_RSN, ie_ptr, ie_len);
*5113495bSYour Name	if (!rsn_ie) {
*5113495bSYour Name		crypto_debug("RSN IE not present");
*5113495bSYour Name		return QDF_STATUS_E_INVAL;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	status = wlan_crypto_rsnie_check(crypto_params, rsn_ie);
*5113495bSYour Name	if (QDF_STATUS_SUCCESS != status) {
*5113495bSYour Name		crypto_err("RSN IE check failed");
*5113495bSYour Name		return status;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	return QDF_STATUS_SUCCESS;
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour NameQDF_STATUS
*5113495bSYour Namewlan_get_crypto_params_from_wpa_ie(struct wlan_crypto_params *crypto_params,
*5113495bSYour Name				   const uint8_t *ie_ptr, uint16_t ie_len)
*5113495bSYour Name{
*5113495bSYour Name	const uint8_t *wpa_ie = NULL;
*5113495bSYour Name	uint32_t wpa_oui;
*5113495bSYour Name	QDF_STATUS status;
*5113495bSYour Name
*5113495bSYour Name	qdf_mem_zero(crypto_params, sizeof(struct wlan_crypto_params));
*5113495bSYour Name
*5113495bSYour Name	wpa_oui = WLAN_WPA_SEL(WLAN_WPA_OUI_TYPE);
*5113495bSYour Name	wpa_ie = wlan_get_vendor_ie_ptr_from_oui((uint8_t *)&wpa_oui,
*5113495bSYour Name						 WLAN_OUI_SIZE, ie_ptr, ie_len);
*5113495bSYour Name	if (!wpa_ie) {
*5113495bSYour Name		crypto_debug("WPA IE not present");
*5113495bSYour Name		return QDF_STATUS_E_INVAL;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	status = wlan_crypto_wpaie_check(crypto_params, wpa_ie);
*5113495bSYour Name	if (QDF_STATUS_SUCCESS != status) {
*5113495bSYour Name		crypto_err("WPA IE check failed");
*5113495bSYour Name		return status;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	return QDF_STATUS_SUCCESS;
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour Name#ifdef FEATURE_WLAN_WAPI
*5113495bSYour NameQDF_STATUS
*5113495bSYour Namewlan_get_crypto_params_from_wapi_ie(struct wlan_crypto_params *crypto_params,
*5113495bSYour Name				    const uint8_t *ie_ptr, uint16_t ie_len)
*5113495bSYour Name{
*5113495bSYour Name	const uint8_t *wapi_ie;
*5113495bSYour Name	QDF_STATUS status;
*5113495bSYour Name
*5113495bSYour Name	qdf_mem_zero(crypto_params, sizeof(*crypto_params));
*5113495bSYour Name	wapi_ie = wlan_get_ie_ptr_from_eid(WLAN_ELEMID_WAPI, ie_ptr, ie_len);
*5113495bSYour Name	if (!wapi_ie) {
*5113495bSYour Name		crypto_debug("WAPI ie not present");
*5113495bSYour Name		return QDF_STATUS_E_INVAL;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	status = wlan_crypto_wapiie_check(crypto_params, wapi_ie);
*5113495bSYour Name	if (QDF_IS_STATUS_ERROR(status)) {
*5113495bSYour Name		crypto_err("WAPI IE check failed");
*5113495bSYour Name		return status;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	return QDF_STATUS_SUCCESS;
*5113495bSYour Name}
*5113495bSYour Name#endif
*5113495bSYour Name
*5113495bSYour Namebool wlan_crypto_check_rsn_match(struct wlan_objmgr_psoc *psoc,
*5113495bSYour Name				 uint8_t vdev_id, uint8_t *ie_ptr,
*5113495bSYour Name				 uint16_t ie_len, struct wlan_crypto_params *
*5113495bSYour Name				 peer_crypto_params)
*5113495bSYour Name{
*5113495bSYour Name	struct wlan_objmgr_vdev *vdev;
*5113495bSYour Name	bool match = true;
*5113495bSYour Name	QDF_STATUS status;
*5113495bSYour Name
*5113495bSYour Name	if (!psoc) {
*5113495bSYour Name		crypto_err("PSOC is NULL");
*5113495bSYour Name		return false;
*5113495bSYour Name	}
*5113495bSYour Name	status = wlan_get_crypto_params_from_rsn_ie(peer_crypto_params,
*5113495bSYour Name						    ie_ptr, ie_len);
*5113495bSYour Name	if (QDF_STATUS_SUCCESS != status) {
*5113495bSYour Name		crypto_err("get crypto prarams from RSN IE failed");
*5113495bSYour Name		return false;
*5113495bSYour Name	}
*5113495bSYour Name	vdev = wlan_objmgr_get_vdev_by_id_from_psoc(psoc, vdev_id,
*5113495bSYour Name						    WLAN_CRYPTO_ID);
*5113495bSYour Name	if (!vdev) {
*5113495bSYour Name		crypto_err("vdev is NULL");
*5113495bSYour Name		return false;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	match = wlan_crypto_rsn_info(vdev, peer_crypto_params);
*5113495bSYour Name
*5113495bSYour Name	wlan_objmgr_vdev_release_ref(vdev, WLAN_CRYPTO_ID);
*5113495bSYour Name
*5113495bSYour Name	return match;
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour Namebool wlan_crypto_check_wpa_match(struct wlan_objmgr_psoc *psoc,
*5113495bSYour Name				 uint8_t vdev_id, uint8_t *ie_ptr,
*5113495bSYour Name				 uint16_t ie_len, struct wlan_crypto_params *
*5113495bSYour Name				 peer_crypto_params)
*5113495bSYour Name{
*5113495bSYour Name	struct wlan_objmgr_vdev *vdev;
*5113495bSYour Name	bool match = true;
*5113495bSYour Name	QDF_STATUS status;
*5113495bSYour Name
*5113495bSYour Name	if (!psoc) {
*5113495bSYour Name		crypto_err("PSOC is NULL");
*5113495bSYour Name		return false;
*5113495bSYour Name	}
*5113495bSYour Name	vdev = wlan_objmgr_get_vdev_by_id_from_psoc(psoc, vdev_id,
*5113495bSYour Name						    WLAN_CRYPTO_ID);
*5113495bSYour Name	if (!vdev) {
*5113495bSYour Name		crypto_err("vdev is NULL");
*5113495bSYour Name		return false;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	status = wlan_get_crypto_params_from_wpa_ie(peer_crypto_params,
*5113495bSYour Name						    ie_ptr, ie_len);
*5113495bSYour Name	if (QDF_STATUS_SUCCESS != status) {
*5113495bSYour Name		crypto_err("get crypto prarams from WPA IE failed");
*5113495bSYour Name		match = false;
*5113495bSYour Name		goto send_res;
*5113495bSYour Name	}
*5113495bSYour Name	match = wlan_crypto_rsn_info(vdev, peer_crypto_params);
*5113495bSYour Name
*5113495bSYour Namesend_res:
*5113495bSYour Name	wlan_objmgr_vdev_release_ref(vdev, WLAN_CRYPTO_ID);
*5113495bSYour Name
*5113495bSYour Name	return match;
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour Name
*5113495bSYour Namestatic void
*5113495bSYour Namewlan_crypto_merge_prarams(struct wlan_crypto_params *dst_params,
*5113495bSYour Name			  struct wlan_crypto_params *src_params)
*5113495bSYour Name{
*5113495bSYour Name	dst_params->authmodeset |= src_params->authmodeset;
*5113495bSYour Name	dst_params->ucastcipherset |= src_params->ucastcipherset;
*5113495bSYour Name	dst_params->mcastcipherset |= src_params->mcastcipherset;
*5113495bSYour Name	dst_params->mgmtcipherset |= src_params->mgmtcipherset;
*5113495bSYour Name	dst_params->cipher_caps |= src_params->cipher_caps;
*5113495bSYour Name	dst_params->key_mgmt |= src_params->key_mgmt;
*5113495bSYour Name	dst_params->rsn_caps |= src_params->rsn_caps;
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour Namestatic void
*5113495bSYour Namewlan_crypto_reset_prarams(struct wlan_crypto_params *params)
*5113495bSYour Name{
*5113495bSYour Name	params->authmodeset = 0;
*5113495bSYour Name	params->ucastcipherset = 0;
*5113495bSYour Name	params->mcastcipherset = 0;
*5113495bSYour Name	params->mgmtcipherset = 0;
*5113495bSYour Name	params->key_mgmt = 0;
*5113495bSYour Name	params->rsn_caps = 0;
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour Nameconst uint8_t *
*5113495bSYour Namewlan_crypto_parse_rsnxe_ie(const uint8_t *rsnxe_ie, uint8_t *cap_len)
*5113495bSYour Name{
*5113495bSYour Name	uint8_t len;
*5113495bSYour Name	const uint8_t *ie;
*5113495bSYour Name
*5113495bSYour Name	if (!rsnxe_ie)
*5113495bSYour Name		return NULL;
*5113495bSYour Name
*5113495bSYour Name	ie = rsnxe_ie;
*5113495bSYour Name	len = ie[1];
*5113495bSYour Name	ie += 2;
*5113495bSYour Name
*5113495bSYour Name	if (!len)
*5113495bSYour Name		return NULL;
*5113495bSYour Name
*5113495bSYour Name	*cap_len = ie[0] & 0xf;
*5113495bSYour Name
*5113495bSYour Name	return ie;
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour NameQDF_STATUS wlan_set_vdev_crypto_prarams_from_ie(struct wlan_objmgr_vdev *vdev,
*5113495bSYour Name						uint8_t *ie_ptr,
*5113495bSYour Name						uint16_t ie_len)
*5113495bSYour Name{
*5113495bSYour Name	struct wlan_crypto_params crypto_params;
*5113495bSYour Name	QDF_STATUS status;
*5113495bSYour Name	struct wlan_crypto_params *vdev_crypto_params;
*5113495bSYour Name	struct wlan_crypto_comp_priv *crypto_priv;
*5113495bSYour Name	bool send_fail = false;
*5113495bSYour Name
*5113495bSYour Name	if (!vdev) {
*5113495bSYour Name		crypto_err("VDEV is NULL");
*5113495bSYour Name		return QDF_STATUS_E_FAILURE;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	if (!ie_ptr) {
*5113495bSYour Name		crypto_err("IE ptr is NULL");
*5113495bSYour Name		return QDF_STATUS_E_FAILURE;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	crypto_priv = (struct wlan_crypto_comp_priv *)
*5113495bSYour Name		       wlan_get_vdev_crypto_obj(vdev);
*5113495bSYour Name
*5113495bSYour Name	if (!crypto_priv) {
*5113495bSYour Name		crypto_err("crypto_priv NULL");
*5113495bSYour Name		return QDF_STATUS_E_FAILURE;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	vdev_crypto_params = &crypto_priv->crypto_params;
*5113495bSYour Name
*5113495bSYour Name	wlan_crypto_reset_prarams(vdev_crypto_params);
*5113495bSYour Name	status = wlan_get_crypto_params_from_rsn_ie(&crypto_params,
*5113495bSYour Name						    ie_ptr, ie_len);
*5113495bSYour Name	if (QDF_IS_STATUS_SUCCESS(status))
*5113495bSYour Name		wlan_crypto_merge_prarams(vdev_crypto_params, &crypto_params);
*5113495bSYour Name	else
*5113495bSYour Name		send_fail = true;
*5113495bSYour Name
*5113495bSYour Name	status = wlan_get_crypto_params_from_wpa_ie(&crypto_params,
*5113495bSYour Name						    ie_ptr, ie_len);
*5113495bSYour Name	if (QDF_IS_STATUS_SUCCESS(status)) {
*5113495bSYour Name		wlan_crypto_merge_prarams(vdev_crypto_params, &crypto_params);
*5113495bSYour Name		send_fail = false;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	status = wlan_get_crypto_params_from_wapi_ie(&crypto_params,
*5113495bSYour Name						     ie_ptr, ie_len);
*5113495bSYour Name	if (QDF_IS_STATUS_SUCCESS(status)) {
*5113495bSYour Name		wlan_crypto_merge_prarams(vdev_crypto_params, &crypto_params);
*5113495bSYour Name		send_fail = false;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	return send_fail ? QDF_STATUS_E_FAILURE : QDF_STATUS_SUCCESS;
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour Nameint8_t wlan_crypto_get_default_key_idx(struct wlan_objmgr_vdev *vdev, bool igtk)
*5113495bSYour Name{
*5113495bSYour Name	struct wlan_crypto_comp_priv *crypto_priv;
*5113495bSYour Name
*5113495bSYour Name	crypto_priv = wlan_get_vdev_crypto_obj(vdev);
*5113495bSYour Name	if (!crypto_priv) {
*5113495bSYour Name		crypto_err("crypto_priv NULL");
*5113495bSYour Name		return QDF_STATUS_E_FAILURE;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	if (igtk)
*5113495bSYour Name		return crypto_priv->crypto_key.def_igtk_tx_keyid;
*5113495bSYour Name	else
*5113495bSYour Name		return crypto_priv->crypto_key.def_tx_keyid;
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour Nameenum wlan_crypto_cipher_type
*5113495bSYour Namewlan_crypto_get_cipher(struct wlan_objmgr_vdev *vdev,
*5113495bSYour Name		       bool pairwise, uint8_t key_index)
*5113495bSYour Name{
*5113495bSYour Name	struct wlan_crypto_key *crypto_key;
*5113495bSYour Name
*5113495bSYour Name	crypto_key = wlan_crypto_get_key(vdev, key_index);
*5113495bSYour Name
*5113495bSYour Name	if (crypto_key)
*5113495bSYour Name		return crypto_key->cipher_type;
*5113495bSYour Name	else
*5113495bSYour Name		return WLAN_CRYPTO_CIPHER_INVALID;
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour Namewlan_crypto_key_mgmt wlan_crypto_get_secure_akm_available(uint32_t akm)
*5113495bSYour Name{
*5113495bSYour Name	if (!akm)
*5113495bSYour Name		return WLAN_CRYPTO_KEY_MGMT_MAX;
*5113495bSYour Name	else if (QDF_HAS_PARAM(akm, WLAN_CRYPTO_KEY_MGMT_FT_FILS_SHA384))
*5113495bSYour Name		return WLAN_CRYPTO_KEY_MGMT_FT_FILS_SHA384;
*5113495bSYour Name	else if (QDF_HAS_PARAM(akm, WLAN_CRYPTO_KEY_MGMT_FT_FILS_SHA256))
*5113495bSYour Name		return WLAN_CRYPTO_KEY_MGMT_FT_FILS_SHA256;
*5113495bSYour Name	else if (QDF_HAS_PARAM(akm, WLAN_CRYPTO_KEY_MGMT_FILS_SHA384))
*5113495bSYour Name		return WLAN_CRYPTO_KEY_MGMT_FILS_SHA384;
*5113495bSYour Name	else if (QDF_HAS_PARAM(akm, WLAN_CRYPTO_KEY_MGMT_FILS_SHA256))
*5113495bSYour Name		return WLAN_CRYPTO_KEY_MGMT_FILS_SHA256;
*5113495bSYour Name	else if (QDF_HAS_PARAM(akm, WLAN_CRYPTO_KEY_MGMT_FT_IEEE8021X_SHA384))
*5113495bSYour Name		return WLAN_CRYPTO_KEY_MGMT_FT_IEEE8021X_SHA384;
*5113495bSYour Name	else if (QDF_HAS_PARAM(akm, WLAN_CRYPTO_KEY_MGMT_IEEE8021X_SUITE_B_192))
*5113495bSYour Name		return WLAN_CRYPTO_KEY_MGMT_IEEE8021X_SUITE_B_192;
*5113495bSYour Name	else if (QDF_HAS_PARAM(akm, WLAN_CRYPTO_KEY_MGMT_IEEE8021X_SUITE_B))
*5113495bSYour Name		return WLAN_CRYPTO_KEY_MGMT_IEEE8021X_SUITE_B;
*5113495bSYour Name	else if (QDF_HAS_PARAM(akm, WLAN_CRYPTO_KEY_MGMT_FT_SAE_EXT_KEY))
*5113495bSYour Name		return WLAN_CRYPTO_KEY_MGMT_FT_SAE_EXT_KEY;
*5113495bSYour Name	else if (QDF_HAS_PARAM(akm, WLAN_CRYPTO_KEY_MGMT_SAE_EXT_KEY))
*5113495bSYour Name		return WLAN_CRYPTO_KEY_MGMT_SAE_EXT_KEY;
*5113495bSYour Name	else if (QDF_HAS_PARAM(akm, WLAN_CRYPTO_KEY_MGMT_FT_SAE))
*5113495bSYour Name		return WLAN_CRYPTO_KEY_MGMT_FT_SAE;
*5113495bSYour Name	else if (QDF_HAS_PARAM(akm, WLAN_CRYPTO_KEY_MGMT_SAE))
*5113495bSYour Name		return WLAN_CRYPTO_KEY_MGMT_SAE;
*5113495bSYour Name	else if (QDF_HAS_PARAM(akm, WLAN_CRYPTO_KEY_MGMT_OWE))
*5113495bSYour Name		return WLAN_CRYPTO_KEY_MGMT_OWE;
*5113495bSYour Name	else if (QDF_HAS_PARAM(akm, WLAN_CRYPTO_KEY_MGMT_DPP))
*5113495bSYour Name		return WLAN_CRYPTO_KEY_MGMT_DPP;
*5113495bSYour Name	else if (QDF_HAS_PARAM(akm, WLAN_CRYPTO_KEY_MGMT_IEEE8021X_SHA256))
*5113495bSYour Name		return WLAN_CRYPTO_KEY_MGMT_IEEE8021X_SHA256;
*5113495bSYour Name	else if (QDF_HAS_PARAM(akm, WLAN_CRYPTO_KEY_MGMT_FT_IEEE8021X))
*5113495bSYour Name		return WLAN_CRYPTO_KEY_MGMT_FT_IEEE8021X;
*5113495bSYour Name	else if (QDF_HAS_PARAM(akm, WLAN_CRYPTO_KEY_MGMT_IEEE8021X))
*5113495bSYour Name		return WLAN_CRYPTO_KEY_MGMT_IEEE8021X;
*5113495bSYour Name	else if (QDF_HAS_PARAM(akm, WLAN_CRYPTO_KEY_MGMT_FT_PSK_SHA384))
*5113495bSYour Name		return WLAN_CRYPTO_KEY_MGMT_FT_PSK_SHA384;
*5113495bSYour Name	else if (QDF_HAS_PARAM(akm, WLAN_CRYPTO_KEY_MGMT_PSK_SHA384))
*5113495bSYour Name		return WLAN_CRYPTO_KEY_MGMT_PSK_SHA384;
*5113495bSYour Name	else if (QDF_HAS_PARAM(akm, WLAN_CRYPTO_KEY_MGMT_PSK_SHA256))
*5113495bSYour Name		return WLAN_CRYPTO_KEY_MGMT_PSK_SHA256;
*5113495bSYour Name	else if (QDF_HAS_PARAM(akm, WLAN_CRYPTO_KEY_MGMT_FT_PSK))
*5113495bSYour Name		return WLAN_CRYPTO_KEY_MGMT_FT_PSK;
*5113495bSYour Name	else if (QDF_HAS_PARAM(akm, WLAN_CRYPTO_KEY_MGMT_PSK))
*5113495bSYour Name		return WLAN_CRYPTO_KEY_MGMT_PSK;
*5113495bSYour Name	else if (QDF_HAS_PARAM(akm, WLAN_CRYPTO_KEY_MGMT_WAPI_PSK))
*5113495bSYour Name		return WLAN_CRYPTO_KEY_MGMT_WAPI_PSK;
*5113495bSYour Name	else if (QDF_HAS_PARAM(akm, WLAN_CRYPTO_KEY_MGMT_WAPI_CERT))
*5113495bSYour Name		return WLAN_CRYPTO_KEY_MGMT_WAPI_CERT;
*5113495bSYour Name	else if (QDF_HAS_PARAM(akm, WLAN_CRYPTO_KEY_MGMT_CCKM))
*5113495bSYour Name		return WLAN_CRYPTO_KEY_MGMT_CCKM;
*5113495bSYour Name	else if (QDF_HAS_PARAM(akm, WLAN_CRYPTO_KEY_MGMT_OSEN))
*5113495bSYour Name		return WLAN_CRYPTO_KEY_MGMT_OSEN;
*5113495bSYour Name	else if (QDF_HAS_PARAM(akm, WLAN_CRYPTO_KEY_MGMT_WPS))
*5113495bSYour Name		return WLAN_CRYPTO_KEY_MGMT_WPS;
*5113495bSYour Name	else if (QDF_HAS_PARAM(akm, WLAN_CRYPTO_KEY_MGMT_IEEE8021X_NO_WPA))
*5113495bSYour Name		return WLAN_CRYPTO_KEY_MGMT_IEEE8021X_NO_WPA;
*5113495bSYour Name	else if (QDF_HAS_PARAM(akm, WLAN_CRYPTO_KEY_MGMT_WPA_NONE))
*5113495bSYour Name		return WLAN_CRYPTO_KEY_MGMT_WPA_NONE;
*5113495bSYour Name	else /* Return MAX if no AKM matches */
*5113495bSYour Name		return WLAN_CRYPTO_KEY_MGMT_MAX;
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour Name#ifdef CRYPTO_SET_KEY_CONVERGED
*5113495bSYour NameQDF_STATUS wlan_crypto_validate_key_params(enum wlan_crypto_cipher_type cipher,
*5113495bSYour Name					   uint8_t key_index, uint8_t key_len,
*5113495bSYour Name					   uint8_t seq_len)
*5113495bSYour Name{
*5113495bSYour Name	if (!is_valid_keyix(key_index)) {
*5113495bSYour Name		crypto_err("Invalid Key index %d", key_index);
*5113495bSYour Name		return QDF_STATUS_E_INVAL;
*5113495bSYour Name	}
*5113495bSYour Name	if (cipher == WLAN_CRYPTO_CIPHER_INVALID) {
*5113495bSYour Name		crypto_err("Invalid Cipher %d", cipher);
*5113495bSYour Name		return QDF_STATUS_E_INVAL;
*5113495bSYour Name	}
*5113495bSYour Name	if ((!(cipher == WLAN_CRYPTO_CIPHER_AES_CMAC ||
*5113495bSYour Name	       cipher == WLAN_CRYPTO_CIPHER_AES_CMAC_256 ||
*5113495bSYour Name	       cipher == WLAN_CRYPTO_CIPHER_AES_GMAC ||
*5113495bSYour Name	       cipher == WLAN_CRYPTO_CIPHER_AES_GMAC_256)) &&
*5113495bSYour Name	    (key_index >= WLAN_CRYPTO_MAXKEYIDX)) {
*5113495bSYour Name		crypto_err("Invalid key index %d for cipher %d",
*5113495bSYour Name			   key_index, cipher);
*5113495bSYour Name		return QDF_STATUS_E_INVAL;
*5113495bSYour Name	}
*5113495bSYour Name	if (key_len > (WLAN_CRYPTO_KEYBUF_SIZE + WLAN_CRYPTO_MICBUF_SIZE)) {
*5113495bSYour Name		crypto_err("Invalid key length %d", key_len);
*5113495bSYour Name		return QDF_STATUS_E_INVAL;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	if (seq_len > WLAN_CRYPTO_RSC_SIZE) {
*5113495bSYour Name		crypto_err("Invalid seq length %d", seq_len);
*5113495bSYour Name		return QDF_STATUS_E_INVAL;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	crypto_debug("key: idx:%d, len:%d, seq len:%d",
*5113495bSYour Name		     key_index, key_len, seq_len);
*5113495bSYour Name
*5113495bSYour Name	return QDF_STATUS_SUCCESS;
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour Name#ifdef WLAN_FEATURE_11BE_MLO_ADV_FEATURE
*5113495bSYour Namestatic bool is_mlo_adv_enable(void)
*5113495bSYour Name{
*5113495bSYour Name	return true;
*5113495bSYour Name}
*5113495bSYour Name#else
*5113495bSYour Namestatic bool is_mlo_adv_enable(void)
*5113495bSYour Name{
*5113495bSYour Name	return false;
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour Name#endif
*5113495bSYour Name
*5113495bSYour Name#ifdef WLAN_FEATURE_11BE_MLO_ADV_FEATURE
*5113495bSYour NameQDF_STATUS wlan_crypto_save_ml_sta_key(
*5113495bSYour Name				struct wlan_objmgr_psoc *psoc,
*5113495bSYour Name				uint8_t key_index,
*5113495bSYour Name				struct wlan_crypto_key *crypto_key,
*5113495bSYour Name				struct qdf_mac_addr *link_addr, uint8_t link_id)
*5113495bSYour Name{
*5113495bSYour Name	struct crypto_psoc_priv_obj *crypto_psoc_obj;
*5113495bSYour Name	int status = QDF_STATUS_SUCCESS;
*5113495bSYour Name
*5113495bSYour Name	crypto_debug("save crypto key index %d link_id %d link addr "
*5113495bSYour Name		     QDF_MAC_ADDR_FMT, key_index, link_id,
*5113495bSYour Name		     QDF_MAC_ADDR_REF(link_addr->bytes));
*5113495bSYour Name	if (!is_valid_keyix(key_index)) {
*5113495bSYour Name		crypto_err("Invalid Key index %d", key_index);
*5113495bSYour Name		return QDF_STATUS_E_FAILURE;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	crypto_psoc_obj = wlan_objmgr_psoc_get_comp_private_obj(
*5113495bSYour Name						psoc,
*5113495bSYour Name						WLAN_UMAC_COMP_CRYPTO);
*5113495bSYour Name	if (!crypto_psoc_obj) {
*5113495bSYour Name		crypto_err("crypto_psoc_obj NULL");
*5113495bSYour Name		return QDF_STATUS_E_FAILURE;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	crypto_key->valid = true;
*5113495bSYour Name
*5113495bSYour Name	status = crypto_add_entry(crypto_psoc_obj,
*5113495bSYour Name				  link_id, (uint8_t *)link_addr,
*5113495bSYour Name				  crypto_key, key_index);
*5113495bSYour Name	if (QDF_IS_STATUS_ERROR(status)) {
*5113495bSYour Name		crypto_err("failed to add crypto entry %d", status);
*5113495bSYour Name		return status;
*5113495bSYour Name	}
*5113495bSYour Name	crypto_key->valid = true;
*5113495bSYour Name	return QDF_STATUS_SUCCESS;
*5113495bSYour Name}
*5113495bSYour Name#else
*5113495bSYour NameQDF_STATUS wlan_crypto_save_ml_sta_key(
*5113495bSYour Name			struct wlan_objmgr_psoc *psoc,
*5113495bSYour Name			uint8_t key_index,
*5113495bSYour Name			struct wlan_crypto_key *crypto_key,
*5113495bSYour Name			struct qdf_mac_addr *link_addr, uint8_t link_id)
*5113495bSYour Name{
*5113495bSYour Name	return QDF_STATUS_SUCCESS;
*5113495bSYour Name}
*5113495bSYour Name#endif
*5113495bSYour Name
*5113495bSYour Name/**
*5113495bSYour Name * wlan_crypto_save_key_at_psoc() - Allocate memory for storing key in PSOC
*5113495bSYour Name * @vdev: vdev object
*5113495bSYour Name * @key_index: the index of the key that needs to be allocated
*5113495bSYour Name * @crypto_key: Pointer to crypto key
*5113495bSYour Name *
*5113495bSYour Name * Return: QDF_STATUS
*5113495bSYour Name */
*5113495bSYour Namestatic QDF_STATUS
*5113495bSYour Namewlan_crypto_save_key_at_psoc(struct wlan_objmgr_vdev *vdev, uint8_t key_index,
*5113495bSYour Name			     struct wlan_crypto_key *crypto_key)
*5113495bSYour Name{
*5113495bSYour Name	struct wlan_objmgr_psoc *psoc;
*5113495bSYour Name	struct crypto_psoc_priv_obj *crypto_psoc_obj;
*5113495bSYour Name	struct qdf_mac_addr *link_addr;
*5113495bSYour Name	uint8_t link_id = CRYPTO_MAX_LINK_IDX;
*5113495bSYour Name	int status = QDF_STATUS_SUCCESS;
*5113495bSYour Name
*5113495bSYour Name	psoc = wlan_vdev_get_psoc(vdev);
*5113495bSYour Name	crypto_psoc_obj = wlan_objmgr_psoc_get_comp_private_obj(
*5113495bSYour Name			psoc,
*5113495bSYour Name			WLAN_UMAC_COMP_CRYPTO);
*5113495bSYour Name	if (!crypto_psoc_obj) {
*5113495bSYour Name		crypto_err("crypto_psoc_obj NULL");
*5113495bSYour Name		return QDF_STATUS_E_FAILURE;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	if (wlan_vdev_mlme_is_mlo_vdev(vdev))
*5113495bSYour Name		link_id = wlan_vdev_get_link_id(vdev);
*5113495bSYour Name
*5113495bSYour Name	link_addr = (struct qdf_mac_addr *)wlan_vdev_mlme_get_linkaddr(vdev);
*5113495bSYour Name	if (!link_addr) {
*5113495bSYour Name		crypto_err("link_addr NULL");
*5113495bSYour Name		return QDF_STATUS_E_FAILURE;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	crypto_debug("save crypto key index %d link_id %d link addr "
*5113495bSYour Name		     QDF_MAC_ADDR_FMT, key_index, link_id,
*5113495bSYour Name		     QDF_MAC_ADDR_REF(link_addr->bytes));
*5113495bSYour Name	status = crypto_add_entry(crypto_psoc_obj,
*5113495bSYour Name				  link_id, (uint8_t *)link_addr,
*5113495bSYour Name				  crypto_key, key_index);
*5113495bSYour Name	if (QDF_IS_STATUS_ERROR(status)) {
*5113495bSYour Name		crypto_err("failed to add crypto entry %d", status);
*5113495bSYour Name		return status;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	crypto_key->valid = true;
*5113495bSYour Name	return QDF_STATUS_SUCCESS;
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour NameQDF_STATUS wlan_crypto_save_key(struct wlan_objmgr_vdev *vdev,
*5113495bSYour Name				uint8_t key_index,
*5113495bSYour Name				struct wlan_crypto_key *crypto_key)
*5113495bSYour Name{
*5113495bSYour Name	struct wlan_crypto_comp_priv *crypto_priv;
*5113495bSYour Name	struct wlan_crypto_keys *priv_key = NULL;
*5113495bSYour Name
*5113495bSYour Name	crypto_priv = wlan_get_vdev_crypto_obj(vdev);
*5113495bSYour Name	if (!crypto_priv) {
*5113495bSYour Name		crypto_err("crypto_priv NULL");
*5113495bSYour Name		return QDF_STATUS_E_FAILURE;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	if (!is_valid_keyix(key_index)) {
*5113495bSYour Name		crypto_err("Invalid Key index %d", key_index);
*5113495bSYour Name		return QDF_STATUS_E_FAILURE;
*5113495bSYour Name	}
*5113495bSYour Name	if ((wlan_vdev_mlme_get_opmode(vdev) == QDF_STA_MODE ||
*5113495bSYour Name	     wlan_vdev_mlme_get_opmode(vdev) == QDF_SAP_MODE) &&
*5113495bSYour Name	    wlan_vdev_mlme_is_mlo_vdev(vdev) &&
*5113495bSYour Name	    is_mlo_adv_enable()) {
*5113495bSYour Name		wlan_crypto_save_key_at_psoc(vdev, key_index, crypto_key);
*5113495bSYour Name	} else {
*5113495bSYour Name		priv_key = &crypto_priv->crypto_key;
*5113495bSYour Name		if (key_index < WLAN_CRYPTO_MAXKEYIDX) {
*5113495bSYour Name			priv_key->key[key_index] = crypto_key;
*5113495bSYour Name		} else if (is_igtk(key_index)) {
*5113495bSYour Name			priv_key->igtk_key[key_index - WLAN_CRYPTO_MAXKEYIDX] =
*5113495bSYour Name			crypto_key;
*5113495bSYour Name			priv_key->def_igtk_tx_keyid =
*5113495bSYour Name				key_index - WLAN_CRYPTO_MAXKEYIDX;
*5113495bSYour Name			priv_key->igtk_key_type = crypto_key->cipher_type;
*5113495bSYour Name		} else {
*5113495bSYour Name			priv_key->bigtk_key[key_index - WLAN_CRYPTO_MAXKEYIDX
*5113495bSYour Name				- WLAN_CRYPTO_MAXIGTKKEYIDX] = crypto_key;
*5113495bSYour Name			priv_key->def_bigtk_tx_keyid =
*5113495bSYour Name				key_index - WLAN_CRYPTO_MAXKEYIDX
*5113495bSYour Name				- WLAN_CRYPTO_MAXIGTKKEYIDX;
*5113495bSYour Name		}
*5113495bSYour Name		crypto_key->valid = true;
*5113495bSYour Name	}
*5113495bSYour Name	return QDF_STATUS_SUCCESS;
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour Name#ifdef WLAN_FEATURE_11BE_MLO_ADV_FEATURE
*5113495bSYour Namestruct wlan_crypto_key *wlan_crypto_get_ml_sta_link_key(
*5113495bSYour Name			struct wlan_objmgr_psoc *psoc,
*5113495bSYour Name			uint8_t key_index,
*5113495bSYour Name			struct qdf_mac_addr *link_addr, uint8_t link_id)
*5113495bSYour Name{
*5113495bSYour Name	struct crypto_psoc_priv_obj *crypto_psoc_obj;
*5113495bSYour Name	struct wlan_crypto_key_entry *key_entry = NULL;
*5113495bSYour Name
*5113495bSYour Name	crypto_debug("crypto get key index %d link_id %d ", key_index, link_id);
*5113495bSYour Name
*5113495bSYour Name	if (!psoc) {
*5113495bSYour Name		crypto_err("psoc NULL");
*5113495bSYour Name		return NULL;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	if (!link_addr) {
*5113495bSYour Name		crypto_err("link_addr NULL");
*5113495bSYour Name		return NULL;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	crypto_psoc_obj = wlan_objmgr_psoc_get_comp_private_obj(
*5113495bSYour Name							psoc,
*5113495bSYour Name							WLAN_UMAC_COMP_CRYPTO);
*5113495bSYour Name	if (!crypto_psoc_obj) {
*5113495bSYour Name		crypto_err("crypto_psoc_obj NULL");
*5113495bSYour Name		return NULL;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	key_entry = crypto_hash_find_by_linkid_and_macaddr(
*5113495bSYour Name							crypto_psoc_obj,
*5113495bSYour Name							link_id,
*5113495bSYour Name							(uint8_t *)link_addr);
*5113495bSYour Name	if (key_entry) {
*5113495bSYour Name		if (key_index < WLAN_CRYPTO_MAXKEYIDX)
*5113495bSYour Name			return key_entry->keys.key[key_index];
*5113495bSYour Name		else if (is_igtk(key_index))
*5113495bSYour Name			return key_entry->keys.igtk_key[key_index
*5113495bSYour Name						- WLAN_CRYPTO_MAXKEYIDX];
*5113495bSYour Name		else
*5113495bSYour Name			return key_entry->keys.bigtk_key[key_index
*5113495bSYour Name						- WLAN_CRYPTO_MAXKEYIDX
*5113495bSYour Name						- WLAN_CRYPTO_MAXIGTKKEYIDX];
*5113495bSYour Name	}
*5113495bSYour Name	return NULL;
*5113495bSYour Name}
*5113495bSYour Name#else
*5113495bSYour Namestruct wlan_crypto_key *wlan_crypto_get_ml_sta_link_key(
*5113495bSYour Name			struct wlan_objmgr_psoc *psoc,
*5113495bSYour Name			uint8_t key_index,
*5113495bSYour Name			struct qdf_mac_addr *link_addr, uint8_t link_id)
*5113495bSYour Name{
*5113495bSYour Name	return NULL;
*5113495bSYour Name}
*5113495bSYour Name#endif
*5113495bSYour Name
*5113495bSYour Name/**
*5113495bSYour Name * wlan_crypto_get_ml_keys_from_index() - Get the stored key information from
*5113495bSYour Name * key index
*5113495bSYour Name * @vdev: vdev object
*5113495bSYour Name * @key_index: the index of the key that needs to be retrieved
*5113495bSYour Name *
*5113495bSYour Name * Return: Key material
*5113495bSYour Name */
*5113495bSYour Namestatic struct wlan_crypto_key *
*5113495bSYour Namewlan_crypto_get_ml_keys_from_index(struct wlan_objmgr_vdev *vdev,
*5113495bSYour Name				   uint8_t key_index)
*5113495bSYour Name{
*5113495bSYour Name	struct wlan_objmgr_psoc *psoc;
*5113495bSYour Name	struct crypto_psoc_priv_obj *crypto_psoc_obj;
*5113495bSYour Name	struct qdf_mac_addr *link_addr;
*5113495bSYour Name	struct wlan_crypto_key_entry *key_entry = NULL;
*5113495bSYour Name	uint8_t link_id = CRYPTO_MAX_LINK_IDX;
*5113495bSYour Name
*5113495bSYour Name	crypto_debug("crypto get key index %d", key_index);
*5113495bSYour Name	psoc = wlan_vdev_get_psoc(vdev);
*5113495bSYour Name	if (!psoc) {
*5113495bSYour Name		crypto_err("psoc NULL");
*5113495bSYour Name		return NULL;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	crypto_psoc_obj = wlan_objmgr_psoc_get_comp_private_obj(
*5113495bSYour Name							psoc,
*5113495bSYour Name							WLAN_UMAC_COMP_CRYPTO);
*5113495bSYour Name	if (!crypto_psoc_obj) {
*5113495bSYour Name		crypto_err("crypto_psoc_obj NULL");
*5113495bSYour Name		return NULL;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	if (wlan_vdev_mlme_is_mlo_vdev(vdev))
*5113495bSYour Name		link_id = wlan_vdev_get_link_id(vdev);
*5113495bSYour Name
*5113495bSYour Name	link_addr =
*5113495bSYour Name		(struct qdf_mac_addr *)wlan_vdev_mlme_get_linkaddr(vdev);
*5113495bSYour Name	if (!link_addr) {
*5113495bSYour Name		crypto_err("link_addr NULL");
*5113495bSYour Name		return NULL;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	key_entry = crypto_hash_find_by_linkid_and_macaddr(
*5113495bSYour Name						       crypto_psoc_obj,
*5113495bSYour Name						       link_id,
*5113495bSYour Name						       (uint8_t *)link_addr);
*5113495bSYour Name	if (key_entry) {
*5113495bSYour Name		if (key_index < WLAN_CRYPTO_MAXKEYIDX)
*5113495bSYour Name			return key_entry->keys.key[key_index];
*5113495bSYour Name		else if (is_igtk(key_index))
*5113495bSYour Name			return key_entry->keys.igtk_key[key_index
*5113495bSYour Name						- WLAN_CRYPTO_MAXKEYIDX];
*5113495bSYour Name		else
*5113495bSYour Name			return key_entry->keys.bigtk_key[key_index
*5113495bSYour Name						- WLAN_CRYPTO_MAXKEYIDX
*5113495bSYour Name						- WLAN_CRYPTO_MAXIGTKKEYIDX];
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	return NULL;
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour Namestruct wlan_crypto_key *wlan_crypto_get_key(struct wlan_objmgr_vdev *vdev,
*5113495bSYour Name					    uint8_t key_index)
*5113495bSYour Name{
*5113495bSYour Name	struct wlan_crypto_comp_priv *crypto_priv;
*5113495bSYour Name	struct wlan_crypto_keys *priv_key = NULL;
*5113495bSYour Name
*5113495bSYour Name	crypto_priv = wlan_get_vdev_crypto_obj(vdev);
*5113495bSYour Name	if (!crypto_priv) {
*5113495bSYour Name		crypto_err("crypto_priv NULL");
*5113495bSYour Name		return NULL;
*5113495bSYour Name	}
*5113495bSYour Name	priv_key = &crypto_priv->crypto_key;
*5113495bSYour Name
*5113495bSYour Name	if (!is_valid_keyix(key_index)) {
*5113495bSYour Name		crypto_err("Invalid Key index %d", key_index);
*5113495bSYour Name		return NULL;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	if ((wlan_vdev_mlme_get_opmode(vdev) == QDF_STA_MODE ||
*5113495bSYour Name	     wlan_vdev_mlme_get_opmode(vdev) == QDF_SAP_MODE) &&
*5113495bSYour Name	    wlan_vdev_mlme_is_mlo_vdev(vdev) &&
*5113495bSYour Name	    is_mlo_adv_enable()) {
*5113495bSYour Name		return wlan_crypto_get_ml_keys_from_index(vdev, key_index);
*5113495bSYour Name	} else {
*5113495bSYour Name		if (key_index < WLAN_CRYPTO_MAXKEYIDX)
*5113495bSYour Name			return priv_key->key[key_index];
*5113495bSYour Name		else if (is_igtk(key_index))
*5113495bSYour Name			return priv_key->igtk_key[key_index
*5113495bSYour Name					- WLAN_CRYPTO_MAXKEYIDX];
*5113495bSYour Name		else
*5113495bSYour Name			return priv_key->bigtk_key[key_index
*5113495bSYour Name					- WLAN_CRYPTO_MAXKEYIDX
*5113495bSYour Name						- WLAN_CRYPTO_MAXIGTKKEYIDX];
*5113495bSYour Name	}
*5113495bSYour Name	return NULL;
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour NameQDF_STATUS wlan_crypto_set_key_req(struct wlan_objmgr_vdev *vdev,
*5113495bSYour Name				   struct wlan_crypto_key *req,
*5113495bSYour Name				   enum wlan_crypto_key_type key_type)
*5113495bSYour Name{
*5113495bSYour Name	struct wlan_objmgr_psoc *psoc;
*5113495bSYour Name	struct wlan_lmac_if_tx_ops *tx_ops;
*5113495bSYour Name	QDF_STATUS status = QDF_STATUS_E_FAILURE;
*5113495bSYour Name
*5113495bSYour Name	psoc = wlan_vdev_get_psoc(vdev);
*5113495bSYour Name
*5113495bSYour Name	tx_ops = wlan_psoc_get_lmac_if_txops(psoc);
*5113495bSYour Name	if (!tx_ops) {
*5113495bSYour Name		crypto_err("tx_ops is NULL");
*5113495bSYour Name		return QDF_STATUS_E_FAILURE;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	if (psoc && WLAN_CRYPTO_TX_OPS_SET_KEY(tx_ops))
*5113495bSYour Name		status = WLAN_CRYPTO_TX_OPS_SET_KEY(tx_ops)(vdev, req,
*5113495bSYour Name							    key_type);
*5113495bSYour Name
*5113495bSYour Name	return status;
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour Namevoid wlan_crypto_update_set_key_peer(struct wlan_objmgr_vdev *vdev,
*5113495bSYour Name				     bool pairwise, uint8_t key_index,
*5113495bSYour Name				     struct qdf_mac_addr *peer_mac)
*5113495bSYour Name{
*5113495bSYour Name	struct wlan_crypto_key *crypto_key;
*5113495bSYour Name
*5113495bSYour Name	crypto_key = wlan_crypto_get_key(vdev, key_index);
*5113495bSYour Name	if (!crypto_key) {
*5113495bSYour Name		crypto_err("crypto_key not present for key_idx %d", key_index);
*5113495bSYour Name		return;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	qdf_mem_copy(crypto_key->macaddr, peer_mac, QDF_MAC_ADDR_SIZE);
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour Name#if defined(WLAN_SAE_SINGLE_PMK) && defined(WLAN_FEATURE_ROAM_OFFLOAD)
*5113495bSYour Namevoid wlan_crypto_selective_clear_sae_single_pmk_entries(
*5113495bSYour Name			struct wlan_objmgr_vdev *vdev,
*5113495bSYour Name			struct qdf_mac_addr *conn_bssid)
*5113495bSYour Name{
*5113495bSYour Name	struct wlan_crypto_params *crypto_params;
*5113495bSYour Name	struct wlan_crypto_comp_priv *crypto_priv;
*5113495bSYour Name	int i;
*5113495bSYour Name
*5113495bSYour Name	crypto_priv = (struct wlan_crypto_comp_priv *)
*5113495bSYour Name					wlan_get_vdev_crypto_obj(vdev);
*5113495bSYour Name
*5113495bSYour Name	if (!crypto_priv) {
*5113495bSYour Name		crypto_err("crypto_priv NULL");
*5113495bSYour Name		return;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	crypto_params = &crypto_priv->crypto_params;
*5113495bSYour Name
*5113495bSYour Name	for (i = 0; i < WLAN_CRYPTO_MAX_PMKID; i++) {
*5113495bSYour Name		if (!crypto_params->pmksa[i])
*5113495bSYour Name			continue;
*5113495bSYour Name
*5113495bSYour Name		if (crypto_params->pmksa[i]->single_pmk_supported &&
*5113495bSYour Name		    !qdf_is_macaddr_equal(conn_bssid,
*5113495bSYour Name					  &crypto_params->pmksa[i]->bssid)) {
*5113495bSYour Name			qdf_mem_zero(crypto_params->pmksa[i],
*5113495bSYour Name				     sizeof(struct wlan_crypto_pmksa));
*5113495bSYour Name			qdf_mem_free(crypto_params->pmksa[i]);
*5113495bSYour Name			crypto_params->pmksa[i] = NULL;
*5113495bSYour Name		}
*5113495bSYour Name	}
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour Namevoid wlan_crypto_set_sae_single_pmk_bss_cap(struct wlan_objmgr_vdev *vdev,
*5113495bSYour Name					    struct qdf_mac_addr *bssid,
*5113495bSYour Name					    bool single_pmk_capable_bss)
*5113495bSYour Name{
*5113495bSYour Name	struct wlan_crypto_params *crypto_params;
*5113495bSYour Name	struct wlan_crypto_comp_priv *crypto_priv;
*5113495bSYour Name	int i;
*5113495bSYour Name
*5113495bSYour Name	crypto_priv = (struct wlan_crypto_comp_priv *)
*5113495bSYour Name					wlan_get_vdev_crypto_obj(vdev);
*5113495bSYour Name
*5113495bSYour Name	if (!crypto_priv) {
*5113495bSYour Name		crypto_err("crypto_priv NULL");
*5113495bSYour Name		return;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	crypto_params = &crypto_priv->crypto_params;
*5113495bSYour Name
*5113495bSYour Name	for (i = 0; i < WLAN_CRYPTO_MAX_PMKID; i++) {
*5113495bSYour Name		if (!crypto_params->pmksa[i])
*5113495bSYour Name			continue;
*5113495bSYour Name
*5113495bSYour Name		if (qdf_is_macaddr_equal(bssid,
*5113495bSYour Name					 &crypto_params->pmksa[i]->bssid))
*5113495bSYour Name			crypto_params->pmksa[i]->single_pmk_supported =
*5113495bSYour Name					single_pmk_capable_bss;
*5113495bSYour Name	}
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour Namevoid
*5113495bSYour Namewlan_crypto_set_sae_single_pmk_info(struct wlan_objmgr_vdev *vdev,
*5113495bSYour Name				    struct wlan_crypto_pmksa *roam_sync_pmksa)
*5113495bSYour Name{
*5113495bSYour Name	struct wlan_crypto_params *crypto_params;
*5113495bSYour Name	struct wlan_crypto_comp_priv *crypto_priv;
*5113495bSYour Name	int i;
*5113495bSYour Name
*5113495bSYour Name	crypto_priv = (struct wlan_crypto_comp_priv *)
*5113495bSYour Name					wlan_get_vdev_crypto_obj(vdev);
*5113495bSYour Name
*5113495bSYour Name	if (!crypto_priv) {
*5113495bSYour Name		crypto_err("crypto_priv NULL");
*5113495bSYour Name		return;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	crypto_params = &crypto_priv->crypto_params;
*5113495bSYour Name
*5113495bSYour Name	for (i = 0; i < WLAN_CRYPTO_MAX_PMKID; i++) {
*5113495bSYour Name		if (!crypto_params->pmksa[i])
*5113495bSYour Name			continue;
*5113495bSYour Name		if (qdf_is_macaddr_equal(&roam_sync_pmksa->bssid,
*5113495bSYour Name					 &crypto_params->pmksa[i]->bssid) &&
*5113495bSYour Name		    roam_sync_pmksa->single_pmk_supported &&
*5113495bSYour Name		    roam_sync_pmksa->pmk_len) {
*5113495bSYour Name			crypto_params->pmksa[i]->single_pmk_supported =
*5113495bSYour Name					roam_sync_pmksa->single_pmk_supported;
*5113495bSYour Name			crypto_params->pmksa[i]->pmk_len =
*5113495bSYour Name						roam_sync_pmksa->pmk_len;
*5113495bSYour Name			qdf_mem_copy(crypto_params->pmksa[i]->pmk,
*5113495bSYour Name				     roam_sync_pmksa->pmk,
*5113495bSYour Name				     roam_sync_pmksa->pmk_len);
*5113495bSYour Name		}
*5113495bSYour Name	}
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour Name#endif
*5113495bSYour Name
*5113495bSYour Namevoid wlan_crypto_reset_vdev_params(struct wlan_objmgr_vdev *vdev)
*5113495bSYour Name{
*5113495bSYour Name	struct wlan_crypto_comp_priv *crypto_priv;
*5113495bSYour Name
*5113495bSYour Name	crypto_debug("reset params for vdev %d", wlan_vdev_get_id(vdev));
*5113495bSYour Name	crypto_priv = (struct wlan_crypto_comp_priv *)
*5113495bSYour Name		       wlan_get_vdev_crypto_obj(vdev);
*5113495bSYour Name
*5113495bSYour Name	if (!crypto_priv) {
*5113495bSYour Name		crypto_err("crypto_priv NULL");
*5113495bSYour Name		return;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	wlan_crypto_reset_prarams(&crypto_priv->crypto_params);
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour NameQDF_STATUS wlan_crypto_psoc_enable(struct wlan_objmgr_psoc *psoc)
*5113495bSYour Name{
*5113495bSYour Name	struct wlan_lmac_if_tx_ops *tx_ops;
*5113495bSYour Name
*5113495bSYour Name	tx_ops = wlan_psoc_get_lmac_if_txops(psoc);
*5113495bSYour Name	if (!tx_ops) {
*5113495bSYour Name		crypto_err("tx_ops is NULL");
*5113495bSYour Name		return QDF_STATUS_E_FAILURE;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	if (WLAN_CRYPTO_TX_OPS_REGISTER_EVENTS(tx_ops))
*5113495bSYour Name		return WLAN_CRYPTO_TX_OPS_REGISTER_EVENTS(tx_ops)(psoc);
*5113495bSYour Name
*5113495bSYour Name	return QDF_STATUS_E_FAILURE;
*5113495bSYour Name}
*5113495bSYour Name
*5113495bSYour NameQDF_STATUS wlan_crypto_psoc_disable(struct wlan_objmgr_psoc *psoc)
*5113495bSYour Name{
*5113495bSYour Name	struct wlan_lmac_if_tx_ops *tx_ops;
*5113495bSYour Name
*5113495bSYour Name	tx_ops = wlan_psoc_get_lmac_if_txops(psoc);
*5113495bSYour Name	if (!tx_ops) {
*5113495bSYour Name		crypto_err("tx_ops is NULL");
*5113495bSYour Name		return QDF_STATUS_E_FAILURE;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	if (WLAN_CRYPTO_TX_OPS_DEREGISTER_EVENTS(tx_ops))
*5113495bSYour Name		return WLAN_CRYPTO_TX_OPS_DEREGISTER_EVENTS(tx_ops)(psoc);
*5113495bSYour Name
*5113495bSYour Name	return QDF_STATUS_E_FAILURE;
*5113495bSYour Name}
*5113495bSYour Name#endif
*5113495bSYour Name
*5113495bSYour Name#ifdef WLAN_FEATURE_FILS_SK
*5113495bSYour NameQDF_STATUS wlan_crypto_create_fils_rik(uint8_t *rrk, uint8_t rrk_len,
*5113495bSYour Name				       uint8_t *rik, uint32_t *rik_len)
*5113495bSYour Name{
*5113495bSYour Name	uint8_t optional_data[WLAN_CRYPTO_FILS_OPTIONAL_DATA_LEN];
*5113495bSYour Name	uint8_t label[] = WLAN_CRYPTO_FILS_RIK_LABEL;
*5113495bSYour Name	QDF_STATUS status;
*5113495bSYour Name
*5113495bSYour Name	if (!rrk || !rik) {
*5113495bSYour Name		crypto_err("FILS rrk/rik NULL");
*5113495bSYour Name		return QDF_STATUS_E_FAILURE;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	optional_data[0] = HMAC_SHA256_128;
*5113495bSYour Name	/* basic validation */
*5113495bSYour Name	if (rrk_len <= 0) {
*5113495bSYour Name		crypto_err("invalid r_rk length %d", rrk_len);
*5113495bSYour Name		return QDF_STATUS_E_FAILURE;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	wlan_crypto_put_be16(&optional_data[1], rrk_len);
*5113495bSYour Name	status = qdf_default_hmac_sha256_kdf(rrk, rrk_len, label, optional_data,
*5113495bSYour Name					     sizeof(optional_data), rik,
*5113495bSYour Name					     rrk_len);
*5113495bSYour Name	if (QDF_IS_STATUS_ERROR(status)) {
*5113495bSYour Name		crypto_err("failed to create rik");
*5113495bSYour Name		return status;
*5113495bSYour Name	}
*5113495bSYour Name	*rik_len = rrk_len;
*5113495bSYour Name
*5113495bSYour Name	return QDF_STATUS_SUCCESS;
*5113495bSYour Name}
*5113495bSYour Name#endif /* WLAN_FEATURE_FILS_SK */
*5113495bSYour Name
*5113495bSYour Name#if defined(WIFI_POS_CONVERGED) && defined(WLAN_FEATURE_RTT_11AZ_SUPPORT)
*5113495bSYour NameQDF_STATUS
*5113495bSYour Namewlan_crypto_set_ltf_keyseed(struct wlan_objmgr_psoc *psoc,
*5113495bSYour Name			    struct wlan_crypto_ltf_keyseed_data *data)
*5113495bSYour Name{
*5113495bSYour Name	QDF_STATUS status = QDF_STATUS_SUCCESS;
*5113495bSYour Name	struct wlan_lmac_if_tx_ops *tx_ops;
*5113495bSYour Name
*5113495bSYour Name	tx_ops = wlan_psoc_get_lmac_if_txops(psoc);
*5113495bSYour Name	if (!tx_ops) {
*5113495bSYour Name		crypto_err("tx_ops is NULL");
*5113495bSYour Name		return QDF_STATUS_E_INVAL;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	if (WLAN_CRYPTO_TX_OPS_SET_LTF_KEYSEED(tx_ops))
*5113495bSYour Name		status = WLAN_CRYPTO_TX_OPS_SET_LTF_KEYSEED(tx_ops)(psoc, data);
*5113495bSYour Name
*5113495bSYour Name	return status;
*5113495bSYour Name}
*5113495bSYour Name#endif
*5113495bSYour Name
*5113495bSYour NameQDF_STATUS
*5113495bSYour Namewlan_crypto_vdev_set_param(struct wlan_objmgr_psoc *psoc, uint32_t vdev_id,
*5113495bSYour Name			   uint32_t param_id, uint32_t param_value)
*5113495bSYour Name{
*5113495bSYour Name	QDF_STATUS status = QDF_STATUS_SUCCESS;
*5113495bSYour Name	struct wlan_lmac_if_tx_ops *tx_ops;
*5113495bSYour Name
*5113495bSYour Name	tx_ops = wlan_psoc_get_lmac_if_txops(psoc);
*5113495bSYour Name	if (!tx_ops) {
*5113495bSYour Name		crypto_err("tx_ops is NULL");
*5113495bSYour Name		return QDF_STATUS_E_INVAL;
*5113495bSYour Name	}
*5113495bSYour Name
*5113495bSYour Name	if (WLAN_CRYPTO_TX_OPS_SET_VDEV_PARAM(tx_ops))
*5113495bSYour Name		status = WLAN_CRYPTO_TX_OPS_SET_VDEV_PARAM(tx_ops) (psoc,
*5113495bSYour Name								    vdev_id,
*5113495bSYour Name								    param_id,
*5113495bSYour Name								    param_value);
*5113495bSYour Name
*5113495bSYour Name	return status;
*5113495bSYour Name}