Google Git
Sign in
gfiber / vendor / opensource / hostap / d447cd596f0a9f73850229e7fa2bdd35755dc750 / . / src / pae / ieee802_1x_secy_ops.c
blob: fbe05dc35d7cb2a1ce4df284a21af01b3a86289f [file] [log] [blame]
/*
* SecY Operations
* Copyright (c) 2013, Qualcomm Atheros, Inc.
*
* This software may be distributed under the terms of the BSD license.
* See README for more details.
*/
#include "utils/includes.h"
#include "utils/common.h"
#include "utils/eloop.h"
#include "common/defs.h"
#include "drivers/driver.h"
#include "pae/ieee802_1x_kay.h"
#include "pae/ieee802_1x_kay_i.h"
#include "pae/ieee802_1x_secy_ops.h"
int secy_cp_control_validate_frames(struct ieee802_1x_kay *kay,
enum validate_frames vf)
{
kay->vf = vf;
return 0;
}
int secy_cp_control_protect_frames(struct ieee802_1x_kay *kay, Boolean enabled)
{
struct ieee802_1x_kay_ctx *ops;
if (!kay) {
wpa_printf(MSG_ERROR, "KaY: %s params invalid", __func__);
return -1;
}
ops = kay->ctx;
if (!ops || !ops->enable_protect_frames) {
wpa_printf(MSG_ERROR,
"KaY: secy enable_protect_frames operation not supported");
return -1;
}
return ops->enable_protect_frames(ops->ctx, enabled);
}
int secy_cp_control_replay(struct ieee802_1x_kay *kay, Boolean enabled, u32 win)
{
struct ieee802_1x_kay_ctx *ops;
if (!kay) {
wpa_printf(MSG_ERROR, "KaY: %s params invalid", __func__);
return -1;
}
ops = kay->ctx;
if (!ops || !ops->set_replay_protect) {
wpa_printf(MSG_ERROR,
"KaY: secy set_replay_protect operation not supported");
return -1;
}
return ops->set_replay_protect(ops->ctx, enabled, win);
}
int secy_cp_control_current_cipher_suite(struct ieee802_1x_kay *kay,
const u8 *cs, size_t cs_len)
{
struct ieee802_1x_kay_ctx *ops;
if (!kay) {
wpa_printf(MSG_ERROR, "KaY: %s params invalid", __func__);
return -1;
}
ops = kay->ctx;
if (!ops || !ops->set_current_cipher_suite) {
wpa_printf(MSG_ERROR,
"KaY: secy set_current_cipher_suite operation not supported");
return -1;
}
return ops->set_current_cipher_suite(ops->ctx, cs, cs_len);
}
int secy_cp_control_confidentiality_offset(struct ieee802_1x_kay *kay,
enum confidentiality_offset co)
{
kay->co = co;
return 0;
}
int secy_cp_control_enable_port(struct ieee802_1x_kay *kay, Boolean enabled)
{
struct ieee802_1x_kay_ctx *ops;
if (!kay) {
wpa_printf(MSG_ERROR, "KaY: %s params invalid", __func__);
return -1;
}
ops = kay->ctx;
if (!ops || !ops->enable_controlled_port) {
wpa_printf(MSG_ERROR,
"KaY: secy enable_controlled_port operation not supported");
return -1;
}
return ops->enable_controlled_port(ops->ctx, enabled);
}
int secy_get_receive_lowest_pn(struct ieee802_1x_kay *kay,
struct receive_sa *rxsa)
{
struct ieee802_1x_kay_ctx *ops;
if (!kay || !rxsa) {
wpa_printf(MSG_ERROR, "KaY: %s params invalid", __func__);
return -1;
}
ops = kay->ctx;
if (!ops || !ops->get_receive_lowest_pn) {
wpa_printf(MSG_ERROR,
"KaY: secy get_receive_lowest_pn operation not supported");
return -1;
}
return ops->get_receive_lowest_pn(ops->ctx,
rxsa->sc->channel,
rxsa->an,
&rxsa->lowest_pn);
}
int secy_get_transmit_next_pn(struct ieee802_1x_kay *kay,
struct transmit_sa *txsa)
{
struct ieee802_1x_kay_ctx *ops;
if (!kay || !txsa) {
wpa_printf(MSG_ERROR, "KaY: %s params invalid", __func__);
return -1;
}
ops = kay->ctx;
if (!ops || !ops->get_transmit_next_pn) {
wpa_printf(MSG_ERROR,
"KaY: secy get_receive_lowest_pn operation not supported");
return -1;
}
return ops->get_transmit_next_pn(ops->ctx,
txsa->sc->channel,
txsa->an,
&txsa->next_pn);
}
int secy_set_transmit_next_pn(struct ieee802_1x_kay *kay,
struct transmit_sa *txsa)
{
struct ieee802_1x_kay_ctx *ops;
if (!kay || !txsa) {
wpa_printf(MSG_ERROR, "KaY: %s params invalid", __func__);
return -1;
}
ops = kay->ctx;
if (!ops || !ops->set_transmit_next_pn) {
wpa_printf(MSG_ERROR,
"KaY: secy get_receive_lowest_pn operation not supported");
return -1;
}
return ops->set_transmit_next_pn(ops->ctx,
txsa->sc->channel,
txsa->an,
txsa->next_pn);
}
int secy_get_available_receive_sc(struct ieee802_1x_kay *kay, u32 *channel)
{
struct ieee802_1x_kay_ctx *ops;
if (!kay) {
wpa_printf(MSG_ERROR, "KaY: %s params invalid", __func__);
return -1;
}
ops = kay->ctx;
if (!ops || !ops->get_available_receive_sc) {
wpa_printf(MSG_ERROR,
"KaY: secy get_available_receive_sc operation not supported");
return -1;
}
return ops->get_available_receive_sc(ops->ctx, channel);
}
int secy_create_receive_sc(struct ieee802_1x_kay *kay, struct receive_sc *rxsc)
{
struct ieee802_1x_kay_ctx *ops;
if (!kay || !rxsc) {
wpa_printf(MSG_ERROR, "KaY: %s params invalid", __func__);
return -1;
}
ops = kay->ctx;
if (!ops || !ops->create_receive_sc) {
wpa_printf(MSG_ERROR,
"KaY: secy create_receive_sc operation not supported");
return -1;
}
return ops->create_receive_sc(ops->ctx, rxsc->channel, &rxsc->sci,
kay->vf, kay->co);
}
int secy_delete_receive_sc(struct ieee802_1x_kay *kay, struct receive_sc *rxsc)
{
struct ieee802_1x_kay_ctx *ops;
if (!kay || !rxsc) {
wpa_printf(MSG_ERROR, "KaY: %s params invalid", __func__);
return -1;
}
ops = kay->ctx;
if (!ops || !ops->delete_receive_sc) {
wpa_printf(MSG_ERROR,
"KaY: secy delete_receive_sc operation not supported");
return -1;
}
return ops->delete_receive_sc(ops->ctx, rxsc->channel);
}
int secy_create_receive_sa(struct ieee802_1x_kay *kay, struct receive_sa *rxsa)
{
struct ieee802_1x_kay_ctx *ops;
if (!kay || !rxsa) {
wpa_printf(MSG_ERROR, "KaY: %s params invalid", __func__);
return -1;
}
ops = kay->ctx;
if (!ops || !ops->create_receive_sa) {
wpa_printf(MSG_ERROR,
"KaY: secy create_receive_sa operation not supported");
return -1;
}
return ops->create_receive_sa(ops->ctx, rxsa->sc->channel, rxsa->an,
rxsa->lowest_pn, rxsa->pkey->key);
}
int secy_enable_receive_sa(struct ieee802_1x_kay *kay, struct receive_sa *rxsa)
{
struct ieee802_1x_kay_ctx *ops;
if (!kay || !rxsa) {
wpa_printf(MSG_ERROR, "KaY: %s params invalid", __func__);
return -1;
}
ops = kay->ctx;
if (!ops || !ops->enable_receive_sa) {
wpa_printf(MSG_ERROR,
"KaY: secy enable_receive_sa operation not supported");
return -1;
}
rxsa->enable_receive = TRUE;
return ops->enable_receive_sa(ops->ctx, rxsa->sc->channel, rxsa->an);
}
int secy_disable_receive_sa(struct ieee802_1x_kay *kay, struct receive_sa *rxsa)
{
struct ieee802_1x_kay_ctx *ops;
if (!kay || !rxsa) {
wpa_printf(MSG_ERROR, "KaY: %s params invalid", __func__);
return -1;
}
ops = kay->ctx;
if (!ops || !ops->disable_receive_sa) {
wpa_printf(MSG_ERROR,
"KaY: secy disable_receive_sa operation not supported");
return -1;
}
rxsa->enable_receive = FALSE;
return ops->disable_receive_sa(ops->ctx, rxsa->sc->channel, rxsa->an);
}
int secy_get_available_transmit_sc(struct ieee802_1x_kay *kay, u32 *channel)
{
struct ieee802_1x_kay_ctx *ops;
if (!kay) {
wpa_printf(MSG_ERROR, "KaY: %s params invalid", __func__);
return -1;
}
ops = kay->ctx;
if (!ops || !ops->get_available_transmit_sc) {
wpa_printf(MSG_ERROR,
"KaY: secy get_available_transmit_sc operation not supported");
return -1;
}
return ops->get_available_transmit_sc(ops->ctx, channel);
}
int secy_create_transmit_sc(struct ieee802_1x_kay *kay,
struct transmit_sc *txsc)
{
struct ieee802_1x_kay_ctx *ops;
if (!kay || !txsc) {
wpa_printf(MSG_ERROR, "KaY: %s params invalid", __func__);
return -1;
}
ops = kay->ctx;
if (!ops || !ops->create_transmit_sc) {
wpa_printf(MSG_ERROR,
"KaY: secy create_transmit_sc operation not supported");
return -1;
}
return ops->create_transmit_sc(ops->ctx, txsc->channel, &txsc->sci,
kay->co);
}
int secy_delete_transmit_sc(struct ieee802_1x_kay *kay,
struct transmit_sc *txsc)
{
struct ieee802_1x_kay_ctx *ops;
if (!kay || !txsc) {
wpa_printf(MSG_ERROR, "KaY: %s params invalid", __func__);
return -1;
}
ops = kay->ctx;
if (!ops || !ops->delete_transmit_sc) {
wpa_printf(MSG_ERROR,
"KaY: secy delete_transmit_sc operation not supported");
return -1;
}
return ops->delete_transmit_sc(ops->ctx, txsc->channel);
}
int secy_create_transmit_sa(struct ieee802_1x_kay *kay,
struct transmit_sa *txsa)
{
struct ieee802_1x_kay_ctx *ops;
if (!kay || !txsa) {
wpa_printf(MSG_ERROR, "KaY: %s params invalid", __func__);
return -1;
}
ops = kay->ctx;
if (!ops || !ops->create_transmit_sa) {
wpa_printf(MSG_ERROR,
"KaY: secy create_transmit_sa operation not supported");
return -1;
}
return ops->create_transmit_sa(ops->ctx, txsa->sc->channel, txsa->an,
txsa->next_pn, txsa->confidentiality,
txsa->pkey->key);
}
int secy_enable_transmit_sa(struct ieee802_1x_kay *kay,
struct transmit_sa *txsa)
{
struct ieee802_1x_kay_ctx *ops;
if (!kay || !txsa) {
wpa_printf(MSG_ERROR, "KaY: %s params invalid", __func__);
return -1;
}
ops = kay->ctx;
if (!ops || !ops->enable_transmit_sa) {
wpa_printf(MSG_ERROR,
"KaY: secy enable_transmit_sa operation not supported");
return -1;
}
txsa->enable_transmit = TRUE;
return ops->enable_transmit_sa(ops->ctx, txsa->sc->channel, txsa->an);
}
int secy_disable_transmit_sa(struct ieee802_1x_kay *kay,
struct transmit_sa *txsa)
{
struct ieee802_1x_kay_ctx *ops;
if (!kay || !txsa) {
wpa_printf(MSG_ERROR, "KaY: %s params invalid", __func__);
return -1;
}
ops = kay->ctx;
if (!ops || !ops->disable_transmit_sa) {
wpa_printf(MSG_ERROR,
"KaY: secy disable_transmit_sa operation not supported");
return -1;
}
txsa->enable_transmit = FALSE;
return ops->disable_transmit_sa(ops->ctx, txsa->sc->channel, txsa->an);
}
int secy_init_macsec(struct ieee802_1x_kay *kay)
{
int ret;
struct ieee802_1x_kay_ctx *ops;
struct macsec_init_params params;
if (!kay) {
wpa_printf(MSG_ERROR, "KaY: %s params invalid", __func__);
return -1;
}
ops = kay->ctx;
if (!ops || !ops->macsec_init) {
wpa_printf(MSG_ERROR,
"KaY: secy macsec_init operation not supported");
return -1;
}
params.use_es = FALSE;
params.use_scb = FALSE;
params.always_include_sci = TRUE;
ret = ops->macsec_init(ops->ctx, &params);
return ret;
}
int secy_deinit_macsec(struct ieee802_1x_kay *kay)
{
struct ieee802_1x_kay_ctx *ops;
if (!kay) {
wpa_printf(MSG_ERROR, "KaY: %s params invalid", __func__);
return -1;
}
ops = kay->ctx;
if (!ops || !ops->macsec_deinit) {
wpa_printf(MSG_ERROR,
"KaY: secy macsec_deinit operation not supported");
return -1;
}
return ops->macsec_deinit(ops->ctx);
}