wlan_rsn/integrity/
mod.rs

Help
1// Copyright 2018 The Fuchsia Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5pub mod cmac_aes128;
6pub mod hmac_md5;
7pub mod hmac_sha1;
8
9use crate::integrity::cmac_aes128::CmacAes128;
10use crate::integrity::hmac_md5::HmacMd5;
11use crate::integrity::hmac_sha1::HmacSha1;
12use crate::Error;
13use mundane::bytes;
14use wlan_common::ie::rsn::akm;
15
16pub trait Algorithm {
17    // NOTE: The default implementation truncates the output if it is larger than the given
18    //       expected bytes.
19    fn verify(&self, key: &[u8], data: &[u8], expected: &[u8]) -> bool {
20        self.compute(key, data)
21            .map(|mut output| {
22                output.resize(expected.len(), 0);
23                bytes::constant_time_eq(&output, expected)
24            })
25            .unwrap_or(false)
26    }
27
28    #[allow(clippy::result_large_err, reason = "mass allow for https://fxbug.dev/381896734")]
29    fn compute(&self, key: &[u8], data: &[u8]) -> Result<Vec<u8>, Error>;
30}
31
32/// IEEE Std 802.11-2016, 12.7.2 b.1)
33pub fn integrity_algorithm(
34    key_descriptor_version: u16,
35    akm: &akm::Akm,
36) -> Option<Box<dyn Algorithm>> {
37    match key_descriptor_version {
38        1 => Some(Box::new(HmacMd5::new())),
39        2 => Some(Box::new(HmacSha1::new())),
40        // IEEE Std 802.11 does not specify a key descriptor version for SAE. In practice, 0 is used.
41        3 | 0 if akm.suite_type == akm::SAE => Some(Box::new(CmacAes128::new())),
42        _ => None,
43    }
44}
wlan_rsn/integrity/mod.rs

wlan_rsn/integrity/
mod.rs
