Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp803041imu; Mon, 5 Nov 2018 09:01:02 -0800 (PST) X-Google-Smtp-Source: AJdET5dSYzGv2bRNKMkiCJf18tUDjThSWkGADRS5Bz6cabA2FgQ3ZRJLAwD+1i2yoU2NZKWzfVNt X-Received: by 2002:a65:6249:: with SMTP id q9-v6mr20851134pgv.392.1541437262473; Mon, 05 Nov 2018 09:01:02 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1541437262; cv=none; d=google.com; s=arc-20160816; b=r4PKhEnZgErflR2S0RqIpItv9IXd4317g8O7xT5/BH9uABBrHnwZNfh3sA2X/ml63P Kr5b8YTHS3ZLYMxYG8kDWT99RBdAKeaork19U7WP7V0NgxUXPt7yfMhdi75UtF6rLZn8 zNrxQpL2adxDYM5+9+nE3iwkuMco59SH8kj/ExNsV8auBCLXZOFVeMiirUNt7L0JApmd 38yhTLqAZyKFFcxiiRyG/bGojBeoEjxOqt4vew4yR6V1A07dl3e0jXldkd6CDHm96f7+ 55dNbt6HcaR1XTDo2LWlu+GSY5KLZiFmiGwn5yeBuClNwCymxHLNzgwmWLcpOq+kX3Gr 1UmA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=7DP8u6/v9c8feRMreql7UvqsPhDnurFdaDHiNdwdKJQ=; b=LPDRGMH5qY9exMMJIRIs2fnqlV0lbWi0B83ksjIMnGszhCrjJ3Hymaxpx2YiUvrU50 xEV6yiKXASgNTVJ7qcNF2H4QNhj0bZXU/1ozOOpH4wS4lbiw2sphm+l0o9HufFmT9OrI 7wou3HhBpiixDNz0zcbB9mO4O1VoAKOLoYA5abNe1oHLJFeDkCWTTj/5xMGh125KFxSr D0XmknKDvHgkiOtCtGcLfDMEhyjz5D0S713W33SS3XhYbFPrY+hAhDtMry2H1vVnXGM3 fz7rDOrlO6/50SR3Bi2ZzDpHo+OGXZo3eKrv9g54jf8Xi3V2JscW2ZY28pnNDB+z30yF 17Nw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@g.ncu.edu.tw header.s=google header.b=I1swyP6O; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id n5-v6si33537490pgn.106.2018.11.05.09.00.46; Mon, 05 Nov 2018 09:01:02 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@g.ncu.edu.tw header.s=google header.b=I1swyP6O; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2387882AbeKFCSU (ORCPT + 99 others); Mon, 5 Nov 2018 21:18:20 -0500 Received: from mail-pf1-f195.google.com ([209.85.210.195]:43166 "EHLO mail-pf1-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2387871AbeKFCSU (ORCPT ); Mon, 5 Nov 2018 21:18:20 -0500 Received: by mail-pf1-f195.google.com with SMTP id g7-v6so2441948pfo.10 for ; Mon, 05 Nov 2018 08:57:45 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=g.ncu.edu.tw; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=7DP8u6/v9c8feRMreql7UvqsPhDnurFdaDHiNdwdKJQ=; b=I1swyP6Or9ilFd8+86vx+yY1OFKu0OPAas/aGPON1zwAzJYdZb3AuOWQ/S+AuWEq19 1J3YRb0qtnhSxwSag2ntGWMd9i7X7RgbRWAcfMJPF9yB0zv0Xin/ROvfFmrZ5sNPQNq9 nRUy9adn4j8+ThBVBS5vGW7dozzEk/06CVw84= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=7DP8u6/v9c8feRMreql7UvqsPhDnurFdaDHiNdwdKJQ=; b=LpzMQs45t8nBKAZ9GjTTzY6ncG0VB0W3wjdAv4ddqtmdY3I/6jVLivOzSJaDuH0uDI r0SbZCUaWbuep2ibwLbeDHzsYlxJQBZw3PWGSS6vKVxXfQK68WLRAPSiAreZMOiWeZtH YKKvhHwoghiYvJAKLJaqKWLtGTpH7ywExRS32eLZGnrw3P+0zi/vE+qoLMRnmZHbEPJE o09Xvx/bdAT3xKoQgbqytD3CL8yP1YUmtxZC2WzI+Cz2Ogy64h1Z1X2PSYaY/cLOJBo4 ZrZYADc3lav0NKrJ9TA3ZDVlD20t8CkX1yBXwJxp57FptF+GaYcACQINBLV8iT2Fb0i7 n57w== X-Gm-Message-State: AGRZ1gK3nYe11ZI0Z+8fZJGMaGsr7xGtHktCIitwkyof4luWk6kuv9nv vnbF9FfWUcP+JHZjaEAKnetk+w== X-Received: by 2002:a63:c0f:: with SMTP id b15mr20975118pgl.314.1541437065297; Mon, 05 Nov 2018 08:57:45 -0800 (PST) Received: from starnight.local ([150.116.248.145]) by smtp.gmail.com with ESMTPSA id l16-v6sm58445129pfj.179.2018.11.05.08.57.42 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 05 Nov 2018 08:57:44 -0800 (PST) From: Jian-Hong Pan To: =?UTF-8?q?Andreas=20F=C3=A4rber?= Cc: netdev@vger.kernel.org, linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org, Marcel Holtmann , "David S . Miller" , Dollar Chen , Ken Yu , linux-wpan@vger.kernel.org, Stefan Schmidt , Jian-Hong Pan Subject: [PATCH V2 5/7] net: maclorawan: Implement the crypto of maclorawan module Date: Tue, 6 Nov 2018 00:55:43 +0800 Message-Id: <20181105165544.5215-6-starnight@g.ncu.edu.tw> X-Mailer: git-send-email 2.19.1 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Implement the crypto for encryption/decryption and message integrity code (MIC) according to LoRaWAN(TM) Specification Ver. 1.0.2. Signed-off-by: Jian-Hong Pan --- V2: - Split the LoRaWAN class module patch in V1 into LoRaWAN socket and LoRaWAN Soft MAC modules - Rename the lrwsec files to crypto files - Modify for Big/Little-Endian - Use SPDX license identifiers net/maclorawan/crypto.c | 209 ++++++++++++++++++++++++++++++++++++++++ net/maclorawan/crypto.h | 27 ++++++ 2 files changed, 236 insertions(+) create mode 100644 net/maclorawan/crypto.c create mode 100644 net/maclorawan/crypto.h diff --git a/net/maclorawan/crypto.c b/net/maclorawan/crypto.c new file mode 100644 index 000000000000..a839fd074ad8 --- /dev/null +++ b/net/maclorawan/crypto.c @@ -0,0 +1,209 @@ +/* SPDX-License-Identifier: GPL-2.0-or-later OR BSD-3-Clause */ +/*- + * LoRaWAN soft MAC + * + * Copyright (c) 2018 Jian-Hong, Pan + * + */ + +#include +#include +#include +#include "crypto.h" + +struct crypto_shash * +lrw_mic_key_setup(u8 *k, size_t k_len) +{ + char *algo = "cmac(aes)"; + struct crypto_shash *tfm; + int err; + + tfm = crypto_alloc_shash(algo, 0, 0); + if (!IS_ERR(tfm)) { + err = crypto_shash_setkey(tfm, k, k_len); + if (err) { + crypto_free_shash(tfm); + tfm = NULL; + } + } + + return tfm; +} + +int +lrw_aes_cmac(struct crypto_shash *tfm, u8 *bz, u8 *data, size_t len, u8 *out) +{ + SHASH_DESC_ON_STACK(desc, tfm); + int err; + + desc->tfm = tfm; + + err = crypto_shash_init(desc); + if (err) + goto lrw_aes_cmac_end; + + err = crypto_shash_update(desc, bz, 16); + if (err) + goto lrw_aes_cmac_end; + + err = crypto_shash_update(desc, data, len); + if (err) + goto lrw_aes_cmac_end; + + err = crypto_shash_final(desc, out); + +lrw_aes_cmac_end: + return err; +} + +int +lrw_set_bzero(u8 dir, u32 devaddr, u32 fcnt, u8 len, u8 *bz) +{ + __le32 le_devaddr = cpu_to_le32(devaddr); + __le32 _fcnt = cpu_to_le32(fcnt); + + bz[0] = 0x49; + memset(bz + 1, 0x00, 4); + bz[5] = dir; + memcpy(bz + 6, &le_devaddr, 4); + memcpy(bz + 10, &_fcnt, 4); + bz[14] = 0x00; + bz[15] = len; + + return 0; +} + +int +lrw_calc_mic(struct crypto_shash *tfm, + u8 dir, u32 devaddr, u32 fcnt, u8* buf, size_t len, u8 *mic4) +{ + u8 mic[16]; + u8 bz[16]; + int err; + + /* According to LoRaWAN Specification Version 1.0.2 + * - 4.4 Massege Integrity Code (MIC) */ + lrw_set_bzero(dir, devaddr, fcnt, len, bz); + err = lrw_aes_cmac(tfm, bz, buf, len, mic); + if (!err) + memcpy(mic4, mic, 4); + + return err; +} + +void +lrw_mic_key_free(struct crypto_shash *tfm) +{ + crypto_free_shash(tfm); +} + +struct crypto_skcipher * +lrw_aes_enc_key_setup(char *algo, u8 *k, size_t k_len) +{ + struct crypto_skcipher *tfm; + int err; + + tfm = crypto_alloc_skcipher(algo, 0, CRYPTO_ALG_ASYNC); + if (!IS_ERR(tfm)) { + err = crypto_skcipher_setkey(tfm, k, k_len); + if (err) { + crypto_free_skcipher(tfm); + tfm = NULL; + } + } + + return tfm; +} + +struct crypto_skcipher * +lrw_encrypt_key_setup(u8 *k, size_t k_len) +{ + return lrw_aes_enc_key_setup("cbc(aes)", k, k_len); +} + +int +lrw_aes_enc(struct crypto_skcipher *tfm, u8 *in, size_t len, u8 *out) +{ + u8 iv[16]; + struct scatterlist src, dst; + SKCIPHER_REQUEST_ON_STACK(req, tfm); + int err; + + memset(iv, 0, 16); + /* The buffer for sg_init_one cannot be a global or const local + * (will confuse the scatterlist) */ + sg_init_one(&src, in, len); + sg_init_one(&dst, out, len); + + skcipher_request_set_tfm(req, tfm); + skcipher_request_set_callback(req, 0, NULL, NULL); + skcipher_request_set_crypt(req, &src, &dst, len, iv); + err = crypto_skcipher_encrypt(req); + skcipher_request_zero(req); + + return err; +} + +#define LRW_SEQUENCE_OF_BLOCK_LEN 16 + +int +lrw_set_sob(u8 dir, u32 devaddr, u32 fcnt, u8 index, u8 *sob) +{ + __le32 le_devaddr = cpu_to_le32(devaddr); + __le32 _fcnt = cpu_to_le32(fcnt); + + sob[0] = 0x01; + memset(sob + 1, 0x00, 4); + sob[5] = dir; + memcpy(sob + 6, &le_devaddr, 4); + memcpy(sob + 10, &_fcnt, 4); + sob[14] = 0x00; + sob[15] = index; + + return 0; +} + +int +lrw_encrypt_sob(struct crypto_skcipher *tfm, u8 *sob) +{ + return lrw_aes_enc(tfm, sob, LRW_SEQUENCE_OF_BLOCK_LEN, sob); +} + +int +lrw_encrypt_buf(struct crypto_skcipher *tfm, + u8 dir, u32 devaddr, u32 fcnt, u8 *buf, size_t len) +{ + u8 sob[LRW_SEQUENCE_OF_BLOCK_LEN]; + u8 i, j; + + /* According to LoRaWAN Specification Version 1.0.2 + * - 4.3.3 MAC Frame Payload Encryption (FRMPayload) */ + for (i = 0; (i * LRW_SEQUENCE_OF_BLOCK_LEN) < len; i++) { + lrw_set_sob(dir, devaddr, fcnt, i, sob); + lrw_encrypt_sob(tfm, sob); + for (j = 0; (i * LRW_SEQUENCE_OF_BLOCK_LEN + j) < len; j++) + buf[i * LRW_SEQUENCE_OF_BLOCK_LEN + j] ^= sob[j]; + } + + return 0; +} + +int +lrw_decrypt_buf(struct crypto_skcipher *tfm, + u8 dir, u32 devaddr, u32 fcnt, u8 *buf, size_t len) +{ + /* Accoding to XOR swap algorithm */ + return lrw_encrypt_buf(tfm, dir, devaddr, fcnt, buf, len); +} + +void +lrw_aes_enc_key_free(struct crypto_skcipher *tfm) +{ + crypto_free_skcipher(tfm); +} + +void +lrw_encrypt_key_free(struct crypto_skcipher *tfm) +{ + lrw_aes_enc_key_free(tfm); +} diff --git a/net/maclorawan/crypto.h b/net/maclorawan/crypto.h new file mode 100644 index 000000000000..2ede02efb8c6 --- /dev/null +++ b/net/maclorawan/crypto.h @@ -0,0 +1,27 @@ +/* SPDX-License-Identifier: GPL-2.0-or-later OR BSD-3-Clause */ +/*- + * LoRaWAN soft MAC + * + * Copyright (c) 2018 Jian-Hong, Pan + * + */ + +#ifndef __LORAWAN_CRYPTO_H__ +#define __LORAWAN_CRYPTO_H__ + +#include +#include + +struct crypto_shash *lrw_mic_key_setup(u8 *k, size_t k_len); +int lrw_calc_mic(struct crypto_shash *tfm, + u8 dir, u32 devaddr, u32 fcnt, u8* buf, size_t len, u8 *mic4); +void lrw_mic_key_free(struct crypto_shash *tfm); + +struct crypto_skcipher *lrw_encrypt_key_setup(u8 *k, size_t k_len); +int lrw_encrypt_buf(struct crypto_skcipher *tfm, + u8 dir, u32 devaddr, u32 fcnt, u8 *buf, size_t len); +int lrw_decrypt_buf(struct crypto_skcipher *tfm, + u8 dir, u32 devaddr, u32 fcnt, u8 *buf, size_t len); +void lrw_encrypt_key_free(struct crypto_skcipher *tfm); + +#endif -- 2.19.1