1 /****************************************************************************
2 **+-----------------------------------------------------------------------+**
3 **| |**
4 **| Copyright(c) 1998 - 2008 Texas Instruments. All rights reserved. |**
5 **| All rights reserved. |**
6 **| |**
7 **| Redistribution and use in source and binary forms, with or without |**
8 **| modification, are permitted provided that the following conditions |**
9 **| are met: |**
10 **| |**
11 **| * Redistributions of source code must retain the above copyright |**
12 **| notice, this list of conditions and the following disclaimer. |**
13 **| * Redistributions in binary form must reproduce the above copyright |**
14 **| notice, this list of conditions and the following disclaimer in |**
15 **| the documentation and/or other materials provided with the |**
16 **| distribution. |**
17 **| * Neither the name Texas Instruments nor the names of its |**
18 **| contributors may be used to endorse or promote products derived |**
19 **| from this software without specific prior written permission. |**
20 **| |**
21 **| THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS |**
22 **| "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT |**
23 **| LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR |**
24 **| A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT |**
25 **| OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, |**
26 **| SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT |**
27 **| LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, |**
28 **| DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY |**
29 **| THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |**
30 **| (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE |**
31 **| OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |**
32 **| |**
33 **+-----------------------------------------------------------------------+**
34 ****************************************************************************/
35
36
37 /** \file rsn.c
38 * \brief 802.11 rsniation SM source
39 *
40 * \see rsnSM.h
41 */
42
43 #include "osApi.h"
44 #include "paramOut.h"
45 #include "paramIn.h"
46 #include "utils.h"
47 #include "report.h"
48 #include "Ethernet.h"
49 #include "whalCtrl_api.h"
50 #include "whalCtrl_prm.h"
51 #include "DataCtrl_Api.h"
52 #include "memMngrEx.h"
53 #include "siteMgrApi.h"
54 #include "smeApi.h"
55 #include "mainSecSm.h"
56 #include "admCtrl.h"
57 #include "rsnApi.h"
58 #include "rsn.h"
59 #include "keyParser.h"
60 #include "EvHandler.h"
61 #include "TI_IPC_Api.h"
62 #include "smeSmApi.h"
63 #include "apConn.h"
64 #include "802_11Defs.h"
65 #include "public_infoele.h"
66
67 #ifdef EXC_MODULE_INCLUDED
68 #include "admCtrlWpa.h"
69 #include "excMngr.h"
70 #include "admCtrlExc.h"
71 #endif
72
73 /* Constants */
74
75 /* Enumerations */
76
77 /* Typedefs */
78
79 /* Structures */
80
81 /* External data definitions */
82
83 /* External functions definitions */
84
85 /* Global variables */
86
87 /* Local function prototypes */
88 TI_STATUS rsn_sendKeysNotSet(rsn_t *pRsn);
89 void rsn_groupReKeyTimeout(TI_HANDLE hRsn);
90 void rsn_micFailureReportTimeout(TI_HANDLE hRsn);
91 static rsn_siteBanEntry_t * findEntryForInsert(TI_HANDLE hRsn);
92 static rsn_siteBanEntry_t * findBannedSiteAndCleanup(TI_HANDLE hRsn, macAddress_t siteBssid);
93 /* Comment out the call to clearBannedSiteList due to fail in WiFi mic attack test */
94 /*static void clearBannedSiteList(TI_HANDLE hRsn);*/
95
96
97
98 /* functions */
99
100 /**
101 *
102 * rsn_Create - allocate memory for rsniation SM
103 *
104 * \b Description:
105 *
106 * Allocate memory for rsniation SM. \n
107 * Allocates memory for Rsniation context. \n
108 * Allocates memory for rsniation timer. \n
109 * Allocates memory for rsniation SM matrix. \n
110 *
111 * \b ARGS:
112 *
113 * I - hOs - OS context \n
114 *
115 * \b RETURNS:
116 *
117 * OK if successful, NOK otherwise.
118 *
119 * \sa rsn_mainSecKeysOnlyStop()
120 */
rsn_create(TI_HANDLE hOs)121 TI_HANDLE rsn_create(TI_HANDLE hOs)
122 {
123 rsn_t *pRsn;
124
125 /* allocate rsniation context memory */
126 pRsn = (rsn_t*)os_memoryAlloc (hOs, sizeof(rsn_t));
127 if (pRsn == NULL)
128 {
129 return NULL;
130 }
131
132 os_memoryZero (hOs, pRsn, sizeof(rsn_t));
133
134 /* create admission control */
135 pRsn->pAdmCtrl = admCtrl_create (hOs);
136 if (pRsn->pAdmCtrl == NULL)
137 {
138 os_memoryFree (hOs, pRsn, sizeof(rsn_t));
139 return NULL;
140 }
141
142 /* create main security SM */
143 pRsn->pMainSecSm = mainSec_create (hOs);
144 if (pRsn->pMainSecSm == NULL)
145 {
146 admCtrl_unload (pRsn->pAdmCtrl);
147 os_memoryFree (hOs, pRsn, sizeof(rsn_t));
148 return NULL;
149 }
150
151 pRsn->pKeyParser = pRsn->pMainSecSm->pKeyParser;
152
153 pRsn->micFailureReportWaitTimer = os_timerCreate (hOs, rsn_micFailureReportTimeout, pRsn);
154 if (pRsn->micFailureReportWaitTimer == NULL)
155 {
156 mainSec_unload (pRsn->pMainSecSm);
157 admCtrl_unload (pRsn->pAdmCtrl);
158 os_memoryFree (hOs, pRsn, sizeof(rsn_t));
159 return NULL;
160 }
161
162 pRsn->micFailureReKeyTimer = os_timerCreate (hOs, rsn_groupReKeyTimeout, pRsn);
163 if (pRsn->micFailureReKeyTimer == NULL)
164 {
165 os_timerDestroy (hOs, pRsn->micFailureReportWaitTimer);
166 mainSec_unload (pRsn->pMainSecSm);
167 admCtrl_unload (pRsn->pAdmCtrl);
168 os_memoryFree (hOs, pRsn, sizeof(rsn_t));
169 return NULL;
170 }
171
172 pRsn->hOs = hOs;
173
174 return pRsn;
175 }
176
177
178 /**
179 *
180 * rsn_Unload - unload rsniation SM from memory
181 *
182 * \b Description:
183 *
184 * Unload rsniation SM from memory
185 *
186 * \b ARGS:
187 *
188 * I - hRsn - rsniation SM context \n
189 *
190 * \b RETURNS:
191 *
192 * OK if successful, NOK otherwise.
193 *
194 * \sa rsn_mainSecKeysOnlyStop()
195 */
rsn_unload(TI_HANDLE hRsn)196 TI_STATUS rsn_unload (TI_HANDLE hRsn)
197 {
198 rsn_t *pRsn;
199 TI_STATUS status;
200
201 if (hRsn == NULL)
202 {
203 return NOK;
204 }
205
206 pRsn = (rsn_t*)hRsn;
207
208 os_timerStop (pRsn->hOs, pRsn->micFailureReportWaitTimer);
209 os_timerDestroy (pRsn->hOs, pRsn->micFailureReportWaitTimer);
210 os_timerStop (pRsn->hOs, pRsn->micFailureReKeyTimer);
211 os_timerDestroy (pRsn->hOs, pRsn->micFailureReKeyTimer);
212
213 status = admCtrl_unload (pRsn->pAdmCtrl);
214 status = mainSec_unload (pRsn->pMainSecSm);
215
216 os_memoryFree (pRsn->hOs, hRsn, sizeof(rsn_t));
217
218 return status;
219 }
220
221
222 /**
223 *
224 * rsn_smConfig - configure a new rsniation SM
225 *
226 * \b Description:
227 *
228 * Configure a new rsniation SM.
229 *
230 * \b ARGS:
231 *
232 * I - hRsn - Rsniation SM context \n
233 * I - hMlme - MLME SM context \n
234 * I - hSiteMgr - Site manager context \n
235 * I - hCtrlData - Control data context \n
236 * I - hTxData - TX data context \n
237 * I - hHalCtrl - Hal control context \n
238 * I - hReport - Report context \n
239 * I - hOs - OS context \n
240 * I - rsnTimeout - Rsniation SM timeout \n
241 * I - rsnMaxCount - Max number of rsniation requests to send \n
242 *
243 * \b RETURNS:
244 *
245 * OK if successful, NOK otherwise.
246 *
247 * \sa rsn_Create, rsn_Unload
248 */
rsn_config(TI_HANDLE hRsn,TI_HANDLE hTx,TI_HANDLE hRx,TI_HANDLE hConn,TI_HANDLE hMlme,TI_HANDLE hCtrlData,TI_HANDLE hWhalCtrl,TI_HANDLE hMemMgr,TI_HANDLE hSiteMgr,TI_HANDLE hReport,TI_HANDLE hOs,TI_HANDLE hExcMngr,TI_HANDLE hPowerMgr,TI_HANDLE hEvHandler,TI_HANDLE hSmeSm,TI_HANDLE hAPConn,rsnInitParams_t * pInitParam)249 TI_STATUS rsn_config (TI_HANDLE hRsn,
250 TI_HANDLE hTx,
251 TI_HANDLE hRx,
252 TI_HANDLE hConn,
253 TI_HANDLE hMlme,
254 TI_HANDLE hCtrlData,
255 TI_HANDLE hWhalCtrl,
256 TI_HANDLE hMemMgr,
257 TI_HANDLE hSiteMgr,
258 TI_HANDLE hReport,
259 TI_HANDLE hOs,
260 TI_HANDLE hExcMngr,
261 TI_HANDLE hPowerMgr,
262 TI_HANDLE hEvHandler,
263 TI_HANDLE hSmeSm,
264 TI_HANDLE hAPConn,
265 rsnInitParams_t *pInitParam)
266 {
267 rsn_t *pRsn;
268 TI_STATUS status;
269 UINT8 keyIndex;
270
271 if (hRsn == NULL)
272 {
273 return NOK;
274 }
275
276 pRsn = (rsn_t*)hRsn;
277
278 pRsn->groupKeyUpdate = GROUP_KEY_UPDATE_FALSE;
279 pRsn->PrivacyOptionImplemented = TRUE;
280
281 pRsn->hTx = hTx;
282 pRsn->hRx = hRx;
283 pRsn->hConn = hConn;
284 pRsn->hWhalCtrl = hWhalCtrl;
285 pRsn->hCtrlData = hCtrlData;
286 pRsn->hMemMgr = hMemMgr;
287 pRsn->hSiteMgr= hSiteMgr;
288 pRsn->hReport = hReport;
289 pRsn->hOs = hOs;
290 pRsn->hExcMngr = hExcMngr;
291 pRsn->hEvHandler = hEvHandler;
292 pRsn->hSmeSm = hSmeSm;
293 pRsn->hAPConn = hAPConn;
294
295 pRsn->setPaeConfig = rsn_setPaeConfig;
296 pRsn->getNetworkMode = rsn_getNetworkMode;
297 pRsn->setKey = rsn_setKey;
298 pRsn->removeKey = rsn_removeKey;
299 pRsn->reportStatus = rsn_reportStatus;
300 pRsn->setDefaultKeyId = rsn_setDefaultKeyId;
301 pRsn->defaultKeysOn = TRUE;
302 pRsn->eapType = OS_EAP_TYPE_NONE;
303 pRsn->numOfBannedSites = 0;
304
305 /* config the admission control with the authentication suite selected.
306 Admission control will configure the main security SM. */
307 status = admCtrl_config (pRsn->pAdmCtrl, hMlme, hRx, hReport, hOs, pRsn, hExcMngr, hPowerMgr, hEvHandler, pInitParam);
308 if (status != OK)
309 {
310 return status;
311 }
312
313 /* Configure keys from registry */
314 if (pInitParam->privacyOn)
315 {
316 pRsn->wepStaticKey = TRUE;
317 }
318
319 pRsn->defaultKeyId = pInitParam->defaultKeyId;
320 for (keyIndex = 0; keyIndex < MAX_KEYS_NUM; keyIndex++)
321 {
322 os_memoryCopy (hOs, &pRsn->keys[keyIndex], &pInitParam->keys[keyIndex], sizeof(securityKeys_t));
323 if (pRsn->keys[keyIndex].keyType != NULL_KEY)
324 {
325 pRsn->wepDefaultKeys[keyIndex] = TRUE;
326 }
327 pRsn->keys_en [keyIndex] = FALSE;
328 }
329
330 return status;
331 }
332
333
334 /**
335 *
336 * rsn_reconfig - re-configure a rsniation
337 *
338 * \b Description:
339 *
340 * Re-configure rsniation
341 *
342 * \b ARGS:
343 *
344 * I - hRsn - Rsniation SM context \n
345 *
346 * \b RETURNS:
347 *
348 * OK if successful, NOK otherwise.
349 *
350 * \sa rsn_Create, rsn_Unload
351 */
rsn_reconfig(TI_HANDLE hRsn)352 TI_STATUS rsn_reconfig (TI_HANDLE hRsn)
353 {
354 rsn_t *pRsn = (rsn_t *)hRsn;
355 UINT8 keyIndex;
356
357 /* Mark all keys as removed */
358 for (keyIndex = 0; keyIndex < MAX_KEYS_NUM; keyIndex++)
359 pRsn->keys_en [keyIndex] = FALSE;
360
361 return OK;
362 }
363
364
365 /**
366 *
367 * rsn_setDefaultKeys -
368 *
369 * \b Description:
370 *
371 *
372 *
373 * \b ARGS:
374 *
375 * I - hRsn - Rsn SM context \n
376 *
377 * \b RETURNS:
378 *
379 * OK if successful, NOK otherwise.
380 *
381 * \sa rsn_Stop, rsn_Recv
382 */
rsn_setDefaultKeys(rsn_t * pRsn)383 TI_STATUS rsn_setDefaultKeys(rsn_t *pRsn)
384 {
385 TI_STATUS status = OK;
386 whalParamInfo_t whalParam;
387 UINT8 keyIndex;
388
389 for (keyIndex = 0; keyIndex < MAX_KEYS_NUM; keyIndex++)
390 {
391 /* Set the WEP key to the HAL */
392 if (pRsn->wepDefaultKeys[keyIndex] /*pRsn->keys[keyIndex].encLen>0*/)
393 {
394 /* Change key type to WEP-key before setting*/
395 pRsn->keys[keyIndex].keyType = WEP_KEY;
396
397 status = pRsn->pMainSecSm->setKey (pRsn->pMainSecSm, &pRsn->keys[keyIndex]);
398
399 if (status != OK)
400 {
401 WLAN_REPORT_ERROR(pRsn->hReport, RSN_MODULE_LOG,
402 ("RSN: Setting key #%d failed \n", keyIndex));
403 return status;
404 }
405 }
406 }
407
408 /* Now we configure default key ID to the HAL */
409 if (pRsn->defaultKeyId < MAX_KEYS_NUM)
410 {
411 whalParam.paramType = HAL_CTRL_RSN_DEFAULT_KEY_ID_PARAM;
412 whalParam.content.configureCmdCBParams.CB_buf = &pRsn->defaultKeyId;
413 whalParam.content.configureCmdCBParams.CB_Func = NULL;
414 whalParam.content.configureCmdCBParams.CB_handle = NULL;
415 status = whalCtrl_SetParam (pRsn->hWhalCtrl, &whalParam);
416
417 WLAN_REPORT_INFORMATION(pRsn->hReport, RSN_MODULE_LOG,
418 ("RSN: default key ID =%d \n", pRsn->defaultKeyId));
419 }
420
421 return status;
422 }
423
424
425 /**
426 *
427 * rsn_Start - Start event for the rsniation SM
428 *
429 * \b Description:
430 *
431 * Start event for the rsniation SM
432 *
433 * \b ARGS:
434 *
435 * I - hRsn - Rsniation SM context \n
436 *
437 * \b RETURNS:
438 *
439 * OK if successful, NOK otherwise.
440 *
441 * \sa rsn_Stop, rsn_Recv
442 */
rsn_start(TI_HANDLE hRsn)443 TI_STATUS rsn_start(TI_HANDLE hRsn)
444 {
445 TI_STATUS status;
446 rsn_t *pRsn;
447 cipherSuite_e suite;
448 externalAuthMode_e extAuthMode;
449 whalParamInfo_t whalParam;
450
451 pRsn = (rsn_t*)hRsn;
452
453 if (pRsn == NULL)
454 {
455 return NOK;
456 }
457
458 WLAN_REPORT_INFORMATION(pRsn->hReport, RSN_MODULE_LOG, ("rsn_start ...\n"));
459
460 pRsn->rsnStartedTs = os_timeStampMs (pRsn->hOs);
461
462 status = pRsn->pMainSecSm->start (pRsn->pMainSecSm);
463 /* Set keys that need to be set */
464 pRsn->defaultKeysOn = FALSE;
465 pRsn->pAdmCtrl->getCipherSuite (pRsn->pAdmCtrl, &suite);
466 pRsn->pAdmCtrl->getExtAuthMode (pRsn->pAdmCtrl, &extAuthMode);
467
468 if (pRsn->wepStaticKey && ((suite == RSN_CIPHER_WEP) || (suite == RSN_CIPHER_CKIP)))
469 { /* set default WEP keys */
470 status = rsn_sendKeysNotSet (pRsn);
471 pRsn->eapType = OS_EAP_TYPE_NONE;
472 }
473 else if (suite == RSN_CIPHER_NONE && extAuthMode != RSN_EXT_AUTH_MODE_OPEN)
474 { /* remove previously WEP key for SHARED */
475 pRsn->wepStaticKey = FALSE;
476 status = rsn_removedDefKeys (pRsn);
477
478 /* Set None to HAL */
479 whalParam.paramType = HAL_CTRL_RSN_SECURITY_MODE_PARAM;
480 whalParam.content.rsnEncryptionStatus = (halCtrl_CipherSuite_e)RSN_CIPHER_NONE;
481 status = whalCtrl_SetParam (pRsn->hWhalCtrl, &whalParam);
482
483 }
484 else if (suite==RSN_CIPHER_NONE)
485 {
486 pRsn->eapType = OS_EAP_TYPE_NONE;
487 }
488
489 return status;
490 }
491
492
rsn_sendKeysNotSet(rsn_t * pRsn)493 TI_STATUS rsn_sendKeysNotSet(rsn_t *pRsn)
494 {
495 UINT8 keyIndex;
496 OS_802_11_KEY rsnOsKey;
497 TI_STATUS status = OK;
498
499 for (keyIndex = 0; keyIndex < MAX_KEYS_NUM; keyIndex++)
500 {
501 if (pRsn->wepDefaultKeys[keyIndex])
502 {
503 rsnOsKey.KeyIndex = pRsn->keys[keyIndex].keyIndex;
504 rsnOsKey.KeyLength = pRsn->keys[keyIndex].encLen;
505 rsnOsKey.Length = sizeof(rsnOsKey);
506
507 /* Change key type to WEP-key before setting*/
508 pRsn->keys[keyIndex].keyType = WEP_KEY;
509
510 os_memoryCopy (pRsn->hOs, rsnOsKey.BSSID,
511 (void *)pRsn->keys[keyIndex].macAddress.addr,
512 MAC_ADDR_LEN);
513 os_memoryCopy (pRsn->hOs, &rsnOsKey.KeyRSC,
514 (void *)pRsn->keys[keyIndex].keyRsc,
515 KEY_RSC_LEN);
516 os_memoryCopy (pRsn->hOs, rsnOsKey.KeyMaterial,
517 (void *)pRsn->keys[keyIndex].encKey,
518 MAX_KEY_LEN /*pRsn->keys[keyIndex].encLen*/);
519
520 /* Set WEP transmit key mask on the default key */
521 if (keyIndex == pRsn->defaultKeyId)
522 {
523 rsnOsKey.KeyIndex |= 0x80000000;
524 }
525
526 status = pRsn->pKeyParser->recv (pRsn->pKeyParser, (UINT8*)&rsnOsKey, sizeof(rsnOsKey));
527 }
528 }
529
530 return status;
531 }
532
533
rsn_removedDefKeys(TI_HANDLE hRsn)534 TI_STATUS rsn_removedDefKeys (TI_HANDLE hRsn)
535 {
536 UINT8 keyIndex;
537 rsn_t *pRsn = (rsn_t*)hRsn;
538
539 WLAN_REPORT_INFORMATION(pRsn->hReport, RSN_MODULE_LOG,
540 ("rsn_removedDefKeys Enter \n"));
541
542 for (keyIndex = 0; keyIndex < MAX_KEYS_NUM; keyIndex++)
543 {
544 securityKeys_t key;
545
546 WLAN_REPORT_INFORMATION(pRsn->hReport, RSN_MODULE_LOG,
547 ("rsn_removedDefKeys, Remove keyId=%d\n", keyIndex));
548
549 pRsn->wepDefaultKeys[keyIndex] = FALSE;
550 os_memoryCopy (pRsn->hOs, &key, &pRsn->keys[keyIndex], sizeof(securityKeys_t));
551 pRsn->removeKey (pRsn, &key);
552
553 /* Set WEP transmit key mask on the default key */
554 if (keyIndex == pRsn->defaultKeyId)
555 {
556 pRsn->defaultKeyId = 0;
557 }
558 }
559 /* Clear the band site list */
560 /* Comment out the call to clearBannedSiteList due to fail in WiFi mic attack test */
561 /*clearBannedSiteList(hRsn);*/
562
563 return OK;
564 }
565
566
567 /**
568 *
569 * rsn_Stop - Stop event for the rsniation SM
570 *
571 * \b Description:
572 *
573 * Stop event for the rsniation SM
574 *
575 * \b ARGS:
576 *
577 * I - hRsn - Rsniation SM context \n
578 *
579 * \b RETURNS:
580 *
581 * OK if successful, NOK otherwise.
582 *
583 * \sa rsn_Start, rsn_Recv
584 */
rsn_stop(TI_HANDLE hRsn,BOOL removeKeys)585 TI_STATUS rsn_stop (TI_HANDLE hRsn, BOOL removeKeys)
586 {
587 TI_STATUS status;
588 rsn_t *pRsn;
589 UINT8 keyIndex;
590 securityKeys_t key;
591
592 pRsn = (rsn_t*)hRsn;
593
594 if (pRsn == NULL)
595 {
596 return NOK;
597 }
598
599 WLAN_REPORT_INFORMATION(pRsn->hReport, RSN_MODULE_LOG,
600 ("RSN: calling STOP... removeKeys=%d\n", removeKeys));
601
602 for (keyIndex = 0; keyIndex < MAX_KEYS_NUM; keyIndex++)
603 {
604 os_memoryCopy (pRsn->hOs, &key, &pRsn->keys[keyIndex], sizeof(securityKeys_t));
605
606 if (!pRsn->wepDefaultKeys[keyIndex])
607 { /* Remove only dynamic keys. Default keys are removed by calling: rsn_removedDefKeys() */
608 WLAN_REPORT_INFORMATION(pRsn->hReport, RSN_MODULE_LOG,
609 ("rsn_stop, Remove keyIndex=%d, key.keyIndex=%d\n",keyIndex, key.keyIndex));
610
611 WLAN_REPORT_HEX_INFORMATION(pRsn->hReport, RSN_MODULE_LOG, (UINT8 *)key.macAddress.addr, 6);
612
613 pRsn->removeKey (pRsn, &key);
614 }
615
616 }
617
618 os_timerStop (pRsn->hOs, pRsn->micFailureReportWaitTimer);
619
620 /* Stop the pre-authentication timer in case we are disconnecting */
621 os_timerStop (pRsn->hOs, pRsn->pAdmCtrl->preAuthTimerWpa2);
622
623 status = pRsn->pMainSecSm->stop (pRsn->pMainSecSm);
624
625 pRsn->groupKeyUpdate = GROUP_KEY_UPDATE_FALSE;
626 pRsn->defaultKeysOn = TRUE;
627
628 if (removeKeys)
629 { /* reset PMKID list if exist */
630 pRsn->pAdmCtrl->resetPmkidList (pRsn->pAdmCtrl);
631 }
632
633 return status;
634 }
635
636
637 /**
638 *
639 * rsn_GetParam - Get a specific parameter from the rsniation SM
640 *
641 * \b Description:
642 *
643 * Get a specific parameter from the rsniation SM.
644 *
645 * \b ARGS:
646 *
647 * I - hRsn - Rsniation SM context \n
648 * I/O - pParam - Parameter \n
649 *
650 * \b RETURNS:
651 *
652 * OK if successful, NOK otherwise.
653 *
654 * \sa rsn_Start, rsn_Stop
655 */
rsn_getParam(TI_HANDLE hRsn,paramInfo_t * pParam)656 TI_STATUS rsn_getParam(TI_HANDLE hRsn, paramInfo_t *pParam)
657 {
658 rsn_t *pRsn;
659 TI_STATUS status = OK;
660
661 pRsn = (rsn_t*)hRsn;
662
663 if ((pRsn == NULL) || (pParam == NULL))
664 {
665 return NOK;
666 }
667
668 switch (pParam->paramType)
669 {
670 case RSN_PRIVACY_OPTION_IMPLEMENTED_PARAM:
671 pParam->content.rsnPrivacyOptionImplemented = TRUE;
672 break;
673
674 case RSN_KEY_PARAM:
675 pParam->content.pRsnKey = &pRsn->keys[pParam->content.pRsnKey->keyIndex];
676 if (pParam->content.pRsnKey->keyIndex == pRsn->defaultKeyId)
677 {
678 pParam->content.pRsnKey->keyIndex |= 0x80000000;
679 WLAN_REPORT_WARNING(pRsn->hReport, RSN_MODULE_LOG, ("default Key: %d\n", pRsn->defaultKeyId));
680 }
681 break;
682
683 case RSN_SECURITY_STATE_PARAM:
684 status = pRsn->pMainSecSm->getAuthState (pRsn->pMainSecSm, (TIWLN_SECURITY_STATE*)&(pParam->content.rsnAuthState));
685 break;
686
687 case RSN_ENCRYPTION_STATUS_PARAM:
688 status = pRsn->pAdmCtrl->getCipherSuite (pRsn->pAdmCtrl, &pParam->content.rsnEncryptionStatus);
689 break;
690
691 case RSN_EXT_AUTHENTICATION_MODE:
692 status = pRsn->pAdmCtrl->getExtAuthMode (pRsn->pAdmCtrl, &pParam->content.rsnExtAuthneticationMode);
693 break;
694
695 case RSN_MIXED_MODE:
696 status = pRsn->pAdmCtrl->getMixedMode (pRsn->pAdmCtrl, &pParam->content.rsnMixedMode);
697 break;
698
699 case RSN_AUTH_ENCR_CAPABILITY:
700 status = pRsn->pAdmCtrl->getAuthEncrCap(pRsn->pAdmCtrl, pParam->content.pRsnAuthEncrCapability);
701 break;
702
703 case RSN_PMKID_LIST:
704 pParam->content.rsnPMKIDList.Length = pParam->paramLength;
705 status = pRsn->pAdmCtrl->getPmkidList (pRsn->pAdmCtrl, &pParam->content.rsnPMKIDList);
706 pParam->paramLength = pParam->content.rsnPMKIDList.Length + 2 * sizeof(UINT32);
707 break;
708
709 case RSN_PRE_AUTH_STATUS:
710 {
711 UINT8 cacheIndex;
712
713 pParam->content.rsnPreAuthStatus = pRsn->pAdmCtrl->getPreAuthStatus (pRsn->pAdmCtrl, &pParam->content.rsnApMac, &cacheIndex);
714 }
715 break;
716
717 case RSN_WPA_PROMOTE_AVAILABLE_OPTIONS:
718 status = pRsn->pAdmCtrl->getWPAMixedModeSupport (pRsn->pAdmCtrl, &pParam->content.rsnWPAMixedModeSupport);
719 WLAN_REPORT_INFORMATION(pRsn->hReport, RSN_MODULE_LOG,
720 ("RSN: Get WPA Mixed MODE support %d \n",pParam->content.rsnWPAMixedModeSupport));
721 break;
722
723 case RSN_WPA_PROMOTE_OPTIONS:
724 status = pRsn->pAdmCtrl->getPromoteFlags (pRsn->pAdmCtrl,
725 &pParam->content.rsnWPAPromoteFlags);
726 WLAN_REPORT_INFORMATION(pRsn->hReport, RSN_MODULE_LOG,
727 ("RSN: Get WPA promote flags %d \n",pParam->content.rsnWPAPromoteFlags));
728
729 break;
730
731 #ifdef EXC_MODULE_INCLUDED
732 case RSN_EXC_NETWORK_EAP:
733 status = pRsn->pAdmCtrl->getNetworkEap (pRsn->pAdmCtrl, &pParam->content.networkEap);
734 break;
735 #endif
736 case RSN_EAP_TYPE:
737 pParam->content.eapType = pRsn->eapType;
738 WLAN_REPORT_INFORMATION(pRsn->hReport, RSN_MODULE_LOG,
739 ("RSN: Get RSN_EAP_TYPE eapType %d \n",
740 pParam->content.eapType));
741 break;
742
743 case WPA_801_1X_AKM_EXISTS:
744
745 status = pRsn->pAdmCtrl->get802_1x_AkmExists(pRsn->pAdmCtrl, &pParam->content.wpa_802_1x_AkmExists);
746 WLAN_REPORT_INFORMATION(pRsn->hReport, RSN_MODULE_LOG,
747 ("RSN: Get WPA_801_1X_AKM_EXISTS %d \n",
748 pParam->content.wpa_802_1x_AkmExists));
749 break;
750
751 case RSN_DEFAULT_KEY_ID:
752 pParam->content.rsnDefaultKeyID = pRsn->defaultKeyId;
753 WLAN_REPORT_INFORMATION(pRsn->hReport, RSN_MODULE_LOG,
754 ("RSN: Get RSN_DEFAULT_KEY_ID %d \n",
755 pParam->content.rsnDefaultKeyID));
756 break;
757
758 default:
759 return NOK;
760 }
761
762 return status;
763 }
764
765
766 /**
767 *
768 * rsn_getParamPartial - Get a specific parameter from the rsniation SM
769 *
770 * \b Description:
771 *
772 * Get a specific parameter from the rsniation SM.
773 *
774 * \b ARGS:
775 *
776 * I - hRsn - Rsniation SM context \n
777 * I/O - pParam - Parameter \n
778 *
779 * \b RETURNS:
780 *
781 * OK if successful, NOK otherwise.
782 *
783 * \sa rsn_Start, rsn_Stop
784 */
785
786 /* note: rsn_getParamPartial() is part of rsn_getParam() it was implemented to reduce Stack usage */
rsn_getParamPartial(TI_HANDLE hRsn,paramInfoPartial_t * pParam)787 TI_STATUS rsn_getParamPartial(TI_HANDLE hRsn, paramInfoPartial_t *pParam)
788 {
789 rsn_t *pRsn;
790 TI_STATUS status = OK;
791
792 pRsn = (rsn_t*)hRsn;
793
794 if ((pRsn == NULL) || (pParam == NULL))
795 {
796 return NOK;
797 }
798
799 switch (pParam->paramType)
800 {
801 case RSN_PRE_AUTH_STATUS:
802 {
803 UINT8 cacheIndex;
804
805 pParam->content.rsnPreAuthStatus = pRsn->pAdmCtrl->getPreAuthStatus (pRsn->pAdmCtrl, &pParam->content.rsnApMac, &cacheIndex);
806 }
807 break;
808
809 case RSN_ENCRYPTION_STATUS_PARAM:
810 status = pRsn->pAdmCtrl->getCipherSuite (pRsn->pAdmCtrl, &pParam->content.rsnEncryptionStatus);
811 break;
812
813 case RSN_MIXED_MODE:
814 status = pRsn->pAdmCtrl->getMixedMode (pRsn->pAdmCtrl, &pParam->content.rsnMixedMode);
815 break;
816
817 default:
818 return NOK;
819 }
820
821 return status;
822 }
823 /**
824 *
825 * rsn_SetParam - Set a specific parameter to the rsniation SM
826 *
827 * \b Description:
828 *
829 * Set a specific parameter to the rsniation SM.
830 *
831 * \b ARGS:
832 *
833 * I - hRsn - Rsniation SM context \n
834 * I/O - pParam - Parameter \n
835 *
836 * \b RETURNS:
837 *
838 * OK if successful, NOK otherwise.
839 *
840 * \sa rsn_Start, rsn_Stop
841 */
rsn_setParam(TI_HANDLE hRsn,paramInfo_t * pParam)842 TI_STATUS rsn_setParam (TI_HANDLE hRsn, paramInfo_t *pParam)
843 {
844 rsn_t *pRsn;
845 TI_STATUS status=OK;
846 whalParamInfo_t whalParam;
847
848 pRsn = (rsn_t*)hRsn;
849
850 if ((pRsn == NULL) || (pParam == NULL))
851 {
852 return NOK;
853 }
854
855 WLAN_REPORT_INFORMATION(pRsn->hReport, RSN_MODULE_LOG,
856 ("RSN: Set rsn_setParam %X \n",
857 pParam->paramType));
858
859 switch (pParam->paramType)
860 {
861
862 case RSN_DEFAULT_KEY_ID:
863 {
864 UINT8 defKeyId, i;
865
866 defKeyId = pParam->content.rsnDefaultKeyID;
867
868 if(defKeyId >= MAX_KEYS_NUM)
869 {
870 WLAN_REPORT_ERROR(pRsn->hReport, RSN_MODULE_LOG,
871 ("RSN: Error - the value of the default Key Id is incorrect \n"));
872 return NOK;
873 }
874
875 /* Clean transmit flag (1 in the bit31) in the previous default key */
876 for(i = 0; i < MAX_KEYS_NUM; i++)
877 {
878 pRsn->keys[i].keyIndex &= 0x7FFFFFFF;
879 }
880
881 /* Set the default key ID value in the RSN data structure */
882 pRsn->defaultKeyId = defKeyId;
883
884 /* Set the default key ID in the HAL */
885 whalParam.paramType = HAL_CTRL_RSN_DEFAULT_KEY_ID_PARAM;
886 whalParam.content.configureCmdCBParams.CB_buf = &pRsn->defaultKeyId;
887 whalParam.content.configureCmdCBParams.CB_Func = NULL;
888 whalParam.content.configureCmdCBParams.CB_handle = NULL;
889 status = whalCtrl_SetParam (pRsn->hWhalCtrl, &whalParam);
890
891 WLAN_REPORT_INFORMATION(pRsn->hReport, RSN_MODULE_LOG,
892 ("RSN: default key ID =%d \n", pRsn->defaultKeyId));
893
894
895 status = RE_SCAN_NEEDED;
896 break;
897 }
898
899 case RSN_ADD_KEY_PARAM:
900 {
901 UINT8 keyIndex, i = 0;
902 cipherSuite_e cipherSuite;
903
904 status = pRsn->pAdmCtrl->getCipherSuite (pRsn->pAdmCtrl, &cipherSuite);
905 if (status !=OK)
906 {
907 return status;
908 }
909
910 WLAN_REPORT_INFORMATION(pRsn->hReport, RSN_MODULE_LOG,
911 ("RSN: Set RSN_ADD_KEY_PARAM KeyIndex %x , keyLength=%d\n",
912 pParam->content.rsnOsKey.KeyIndex,pParam->content.rsnOsKey.KeyLength));
913 keyIndex = (UINT8)pParam->content.rsnOsKey.KeyIndex;
914 if (keyIndex >= MAX_KEYS_NUM)
915 {
916 return NOK;
917 }
918
919 status = pRsn->pKeyParser->recv (pRsn->pKeyParser, (UINT8*)&pParam->content.rsnOsKey, sizeof(pParam->content.rsnOsKey));
920
921 if (status==STATUS_BAD_KEY_PARAM)
922 {
923 return NOK;
924 }
925 /* If the Key is not BAD, it may be that WEP key is sent before WEP status is set,
926 save the key, and set it later at rsn_start */
927 pRsn->keys[keyIndex].keyIndex = pParam->content.rsnOsKey.KeyIndex;
928 pRsn->keys[keyIndex].encLen = pParam->content.rsnOsKey.KeyLength;
929 os_memoryCopy (pRsn->hOs, (void *)pRsn->keys[keyIndex].macAddress.addr, pParam->content.rsnOsKey.BSSID, MAC_ADDR_LEN);
930 os_memoryCopy (pRsn->hOs, (void *)pRsn->keys[keyIndex].keyRsc, (UINT8*)&(pParam->content.rsnOsKey.KeyRSC), KEY_RSC_LEN);
931 os_memoryCopy (pRsn->hOs, (void *)pRsn->keys[keyIndex].encKey, pParam->content.rsnOsKey.KeyMaterial, MAX_KEY_LEN);
932
933 /* Process the transmit flag (31-st bit of keyIndex). */
934 /* If the added key has the TX bit set to TRUE (i.e. the key */
935 /* is the new transmit key (default key), update */
936 /* RSN data def.key Id and clean this bit in all other keys */
937 if (pParam->content.rsnOsKey.KeyIndex & 0x80000000)
938 {
939 pRsn->defaultKeyId = keyIndex;
940
941 for (i = 0; i < MAX_KEYS_NUM; i ++)
942 {
943 if (i != keyIndex)
944 {
945 pRsn->keys[i].keyIndex &= 0x7FFFFFFF;
946 }
947 }
948 }
949
950 if (pRsn->defaultKeysOn)
951 { /* This is a WEP default key */
952 WLAN_REPORT_INFORMATION(pRsn->hReport, RSN_MODULE_LOG,
953 ("RSN_ADD_KEY_PARAM, Default key configured - keyIndex=%d-TRUE\n", keyIndex));
954
955 pRsn->wepDefaultKeys[keyIndex] = TRUE;
956 pRsn->wepStaticKey = TRUE;
957 status = OK;
958 }
959 break;
960 }
961 case RSN_REMOVE_KEY_PARAM:
962 {
963 UINT8 keyIndex;
964 cipherSuite_e cipherSuite;
965
966 status = pRsn->pAdmCtrl->getCipherSuite (pRsn->pAdmCtrl, &cipherSuite);
967 if (status !=OK)
968 {
969 return status;
970 }
971 /*if (cipherSuite == RSN_CIPHER_NONE)
972 {
973 WLAN_REPORT_ERROR(pRsn->hReport, RSN_MODULE_LOG,
974 ("RSN: Error Remove Wep/Key when no encryption \n"));
975 return NOK;
976 }*/
977
978 WLAN_REPORT_INFORMATION(pRsn->hReport, RSN_MODULE_LOG,
979 ("RSN: Set RSN_REMOVE_KEY_PARAM KeyIndex %x \n",
980 pParam->content.rsnOsKey.KeyIndex));
981 keyIndex = (UINT8)pParam->content.rsnOsKey.KeyIndex;
982 if (keyIndex >= MAX_KEYS_NUM)
983 {
984 return NOK;
985 }
986
987 status = pRsn->pKeyParser->remove (pRsn->pKeyParser,
988 (UINT8*)&pParam->content.rsnOsKey,
989 sizeof(pParam->content.rsnOsKey));
990
991 if (status == OK)
992 {
993 pRsn->keys[keyIndex].keyType = NULL_KEY;
994 pRsn->keys[keyIndex].keyIndex &= 0x000000FF;
995 }
996
997 break;
998 }
999
1000 case RSN_ENCRYPTION_STATUS_PARAM:
1001 {
1002 cipherSuite_e cipherSuite;
1003
1004 WLAN_REPORT_INFORMATION(pRsn->hReport, RSN_MODULE_LOG,
1005 ("RSN: Set RSN_ENCRYPTION_STATUS_PARAM rsnEncryptionStatus %d \n",
1006 pParam->content.rsnEncryptionStatus));
1007
1008 pRsn->pAdmCtrl->getCipherSuite (pRsn->pAdmCtrl, &cipherSuite);
1009 if (cipherSuite != pParam->content.rsnEncryptionStatus)
1010 {
1011 status = pRsn->pAdmCtrl->setUcastSuite (pRsn->pAdmCtrl, pParam->content.rsnEncryptionStatus);
1012 status = pRsn->pAdmCtrl->setBcastSuite (pRsn->pAdmCtrl, pParam->content.rsnEncryptionStatus);
1013 WLAN_REPORT_INFORMATION(pRsn->hReport, RSN_MODULE_LOG, (" status = %d \n", status));
1014 }
1015 pRsn->defaultKeysOn = TRUE;
1016 }
1017 break;
1018
1019 case RSN_EXT_AUTHENTICATION_MODE:
1020 {
1021 externalAuthMode_e extAuthMode;
1022
1023 pRsn->pAdmCtrl->getExtAuthMode (pRsn->pAdmCtrl, &extAuthMode);
1024 if (pParam->content.rsnExtAuthneticationMode!=extAuthMode)
1025 {
1026 WLAN_REPORT_INFORMATION(pRsn->hReport, RSN_MODULE_LOG,
1027 ("RSN: Set RSN_EXT_AUTHENTICATION_MODE rsnExtAuthneticationMode %d \n",
1028 pParam->content.rsnExtAuthneticationMode));
1029
1030 /*WLAN_REPORT_INFORMATION(pRsn->hReport, RSN_MODULE_LOG,
1031 ("RSN: remove all Keys\n"));
1032
1033 for (keyIndex=0; keyIndex<MAX_KEYS_NUM; keyIndex++)
1034 {
1035 os_memoryCopy(pRsn->hOs, &key, &pRsn->keys[keyIndex], sizeof(securityKeys_t));
1036 pRsn->removeKey(pRsn, &key);
1037
1038 }*/
1039
1040 status = pRsn->pAdmCtrl->setExtAuthMode (pRsn->pAdmCtrl, pParam->content.rsnExtAuthneticationMode);
1041 }
1042 pRsn->defaultKeysOn = TRUE;
1043 }
1044 break;
1045
1046 #ifdef EXC_MODULE_INCLUDED
1047 case RSN_EXC_NETWORK_EAP:
1048 {
1049 OS_EXC_NETWORK_EAP networkEap;
1050
1051 pRsn->pAdmCtrl->getNetworkEap (pRsn->pAdmCtrl, &networkEap);
1052 if (networkEap != pParam->content.networkEap)
1053 {
1054 WLAN_REPORT_INFORMATION(pRsn->hReport, RSN_MODULE_LOG,
1055 ("RSN: Set RSN_EXC_NETWORK_EAP networkEap %d \n",
1056 pParam->content.networkEap));
1057
1058 status = pRsn->pAdmCtrl->setNetworkEap (pRsn->pAdmCtrl, pParam->content.networkEap);
1059 if (status == OK)
1060 {
1061 /*status = RE_SCAN_NEEDED;*/
1062 }
1063 }
1064 }
1065 break;
1066 #endif
1067 case RSN_MIXED_MODE:
1068 {
1069 BOOL mixedMode;
1070
1071 pRsn->pAdmCtrl->getMixedMode (pRsn->pAdmCtrl, &mixedMode);
1072 if (mixedMode!=pParam->content.rsnMixedMode)
1073 {
1074 status = pRsn->pAdmCtrl->setMixedMode (pRsn->pAdmCtrl, pParam->content.rsnMixedMode);
1075
1076 WLAN_REPORT_INFORMATION(pRsn->hReport, RSN_MODULE_LOG,
1077 ("RSN: Set RSN_MIXED_MODE mixedMode %d, status=%d \n",
1078 pParam->content.rsnMixedMode, status));
1079 }
1080 break;
1081 }
1082
1083 case RSN_PMKID_LIST:
1084 WLAN_REPORT_INFORMATION(pRsn->hReport, RSN_MODULE_LOG,
1085 ("RSN: Set RSN_PMKID_LIST \n"));
1086
1087 WLAN_REPORT_HEX_INFORMATION(pRsn->hReport, RSN_MODULE_LOG,
1088 (UINT8*)&pParam->content.rsnPMKIDList ,pParam->content.rsnPMKIDList.Length);
1089 status = pRsn->pAdmCtrl->setPmkidList (pRsn->pAdmCtrl,
1090 &pParam->content.rsnPMKIDList);
1091 if(status == OK)
1092 {
1093 WLAN_REPORT_INFORMATION(pRsn->hReport, RSN_MODULE_LOG,
1094 ("RSN: Set RSN_PMKID_LIST: %d PMKID entries has been added to the cache.\n",
1095 pParam->content.rsnPMKIDList.BSSIDInfoCount));
1096 }
1097 else
1098 {
1099 WLAN_REPORT_INFORMATION(pRsn->hReport, RSN_MODULE_LOG,
1100 ("RSN: Set RSN_PMKID_LIST failure"));
1101 }
1102 break;
1103
1104 case RSN_WPA_PROMOTE_OPTIONS:
1105 status = pRsn->pAdmCtrl->setPromoteFlags (pRsn->pAdmCtrl,
1106 pParam->content.rsnWPAPromoteFlags);
1107 if(status == OK)
1108 {
1109 WLAN_REPORT_INFORMATION(pRsn->hReport, RSN_MODULE_LOG,
1110 ("RSN: Set WPA promote options: %d \n", pParam->content.rsnWPAPromoteFlags));
1111 }
1112 else
1113 {
1114 WLAN_REPORT_INFORMATION(pRsn->hReport, RSN_MODULE_LOG,
1115 ("RSN: Set WPA promote options failure"));
1116 }
1117 break;
1118
1119 case RSN_EAP_TYPE:
1120 WLAN_REPORT_INFORMATION(pRsn->hReport, RSN_MODULE_LOG,
1121 ("RSN: Set RSN_EAP_TYPE eapType %d \n",
1122 pParam->content.eapType));
1123
1124 pRsn->eapType = pParam->content.eapType;
1125 pRsn->defaultKeysOn = TRUE;
1126 break;
1127
1128 default:
1129 return NOK;
1130 }
1131
1132 return status;
1133 }
1134
1135
1136 /**
1137 *
1138 * rsn_eventRecv - Set a specific parameter to the rsniation SM
1139 *
1140 * \b Description:
1141 *
1142 * Set a specific parameter to the rsniation SM.
1143 *
1144 * \b ARGS:
1145 *
1146 * I - hRsn - Rsniation SM context \n
1147 * I/O - pParam - Parameter \n
1148 *
1149 * \b RETURNS:
1150 *
1151 * OK if successful, NOK otherwise.
1152 *
1153 * \sa rsn_Start, rsn_Stop
1154 */
rsn_reportStatus(rsn_t * pRsn,TI_STATUS rsnStatus)1155 TI_STATUS rsn_reportStatus (rsn_t *pRsn, TI_STATUS rsnStatus)
1156 {
1157 TI_STATUS status = OK;
1158 paramInfo_t param;
1159 externalAuthMode_e extAuthMode;
1160
1161 if (pRsn == NULL)
1162 {
1163 return NOK;
1164 }
1165
1166 if (rsnStatus == OK)
1167 {
1168 /* set EAPOL encryption status according to authentication protocol */
1169 pRsn->rsnCompletedTs = os_timeStampMs (pRsn->hOs);
1170
1171 status = pRsn->pAdmCtrl->getExtAuthMode (pRsn->pAdmCtrl, &extAuthMode);
1172 if (status != OK)
1173 {
1174 return status;
1175 }
1176
1177 if (extAuthMode >= RSN_EXT_AUTH_MODE_WPA)
1178 {
1179 param.content.txDataEapolEncryptionStatus = TRUE;
1180 } else {
1181 param.content.txDataEapolEncryptionStatus = FALSE;
1182 }
1183
1184 param.paramType = TX_DATA_EAPOL_ENCRYPTION_STATUS_PARAM;
1185 txData_setParam (pRsn->hTx, ¶m);
1186
1187 /* set WEP invoked mode according to cipher suite */
1188 switch (pRsn->paeConfig.unicastSuite)
1189 {
1190 case RSN_CIPHER_NONE:
1191 param.content.txDataCurrentPrivacyInvokedMode = FALSE;
1192 break;
1193
1194 default:
1195 param.content.txDataCurrentPrivacyInvokedMode = TRUE;
1196 break;
1197 }
1198
1199 param.paramType = TX_DATA_CURRENT_PRIVACY_INVOKE_MODE_PARAM;
1200 txData_setParam (pRsn->hTx, ¶m);
1201 /* The value of exclude unencrypted should be as privacy invoked */
1202 param.paramType = RX_DATA_EXCLUDE_UNENCRYPTED_PARAM;
1203 rxData_setParam (pRsn->hRx, ¶m);
1204
1205 param.paramType = RX_DATA_EXCLUDE_BROADCAST_UNENCRYPTED_PARAM;
1206 if (pRsn->pAdmCtrl->mixedMode)
1207 { /* do not exclude Broadcast packets */
1208 param.content.txDataCurrentPrivacyInvokedMode = FALSE;
1209 }
1210 rxData_setParam (pRsn->hRx, ¶m);
1211 }
1212
1213 else
1214 rsnStatus = (TI_STATUS)STATUS_SECURITY_FAILURE;
1215
1216 status = conn_reportRsnStatus (pRsn->hConn, (mgmtStatus_e)rsnStatus);
1217
1218 if (status!=OK)
1219 {
1220 return status;
1221 }
1222
1223 if (rsnStatus == OK)
1224 {
1225 EvHandlerSendEvent (pRsn->hEvHandler, IPC_EVENT_AUTH_SUCC, NULL, 0);
1226 }
1227
1228 WLAN_REPORT_INFORMATION(pRsn->hReport, RSN_MODULE_LOG,
1229 ("RSN: rsn_reportStatus \n"));
1230
1231 return OK;
1232 }
1233
1234
1235 /**
1236 *
1237 * rsn_eventRecv - Set a specific parameter to the rsniation SM
1238 *
1239 * \b Description:
1240 *
1241 * Set a specific parameter to the rsniation SM.
1242 *
1243 * \b ARGS:
1244 *
1245 * I - hRsn - Rsniation SM context \n
1246 * I/O - pParam - Parameter \n
1247 *
1248 * \b RETURNS:
1249 *
1250 * OK if successful, NOK otherwise.
1251 *
1252 * \sa rsn_Start, rsn_Stop
1253 */
rsn_setPaeConfig(rsn_t * pRsn,rsn_paeConfig_t * pPaeConfig)1254 TI_STATUS rsn_setPaeConfig(rsn_t *pRsn, rsn_paeConfig_t *pPaeConfig)
1255 {
1256 TI_STATUS status;
1257 mainSecInitData_t initData;
1258
1259 if ((pRsn == NULL) || (pPaeConfig == NULL))
1260 {
1261 return NOK;
1262 }
1263
1264 WLAN_REPORT_INFORMATION(pRsn->hReport, RSN_MODULE_LOG,
1265 ("RSN: Calling set PAE config..., unicastSuite = %d, broadcastSuite = %d \n",
1266 pPaeConfig->unicastSuite, pPaeConfig->broadcastSuite));
1267
1268 os_memoryCopy(pRsn->hOs, &pRsn->paeConfig, pPaeConfig, sizeof(rsn_paeConfig_t));
1269
1270 initData.pPaeConfig = &pRsn->paeConfig;
1271
1272 status = mainSec_config (pRsn->pMainSecSm,
1273 &initData,
1274 pRsn,
1275 pRsn->hReport,
1276 pRsn->hOs,
1277 pRsn->hCtrlData,
1278 pRsn->hEvHandler,
1279 pRsn->hConn,
1280 pRsn->hWhalCtrl);
1281
1282 return status;
1283 }
1284
1285
1286 /**
1287 *
1288 * rsn_eventRecv - Set a specific parameter to the rsniation SM
1289 *
1290 * \b Description:
1291 *
1292 * Set a specific parameter to the rsniation SM.
1293 *
1294 * \b ARGS:
1295 *
1296 * I - hRsn - Rsniation SM context \n
1297 * I/O - pParam - Parameter \n
1298 *
1299 * \b RETURNS:
1300 *
1301 * OK if successful, NOK otherwise.
1302 *
1303 * \sa rsn_Start, rsn_Stop
1304 */
rsn_getNetworkMode(rsn_t * pRsn,rsn_networkMode_t * pNetMode)1305 TI_STATUS rsn_getNetworkMode(rsn_t *pRsn, rsn_networkMode_t *pNetMode)
1306 {
1307 paramInfo_t param;
1308 TI_STATUS status;
1309
1310 param.paramType = CTRL_DATA_CURRENT_BSS_TYPE_PARAM;
1311
1312 status = ctrlData_getParam (pRsn->hCtrlData, ¶m);
1313
1314 if (status == OK)
1315 {
1316 if (param.content.ctrlDataCurrentBssType == BSS_INFRASTRUCTURE)
1317 {
1318 *pNetMode = RSN_INFRASTRUCTURE;
1319 }
1320 else
1321 {
1322 *pNetMode = RSN_IBSS;
1323 }
1324 }
1325 else
1326 {
1327 return NOK;
1328 }
1329
1330 return OK;
1331 }
1332
1333
1334 /**
1335 *
1336 * rsn_eventRecv - Set a specific parameter to the rsniation SM
1337 *
1338 * \b Description:
1339 *
1340 * Set a specific parameter to the rsniation SM.
1341 *
1342 * \b ARGS:
1343 *
1344 * I - hRsn - Rsniation SM context \n
1345 * I/O - pParam - Parameter \n
1346 *
1347 * \b RETURNS:
1348 *
1349 * OK if successful, NOK otherwise.
1350 *
1351 * \sa rsn_Start, rsn_Stop
1352 */
rsn_evalSite(TI_HANDLE hRsn,rsnData_t * pRsnData,bssType_e bssType,macAddress_t bssid,UINT32 * pMetric)1353 TI_STATUS rsn_evalSite(TI_HANDLE hRsn, rsnData_t *pRsnData, bssType_e bssType, macAddress_t bssid, UINT32 *pMetric)
1354 {
1355 rsn_t *pRsn;
1356 TI_STATUS status;
1357
1358 if ((pRsnData == NULL) || (hRsn == NULL))
1359 {
1360 *pMetric = 0;
1361 return NOK;
1362 }
1363
1364 pRsn = (rsn_t*)hRsn;
1365
1366 if (rsn_isSiteBanned(hRsn, bssid) == TRUE)
1367 {
1368 *pMetric = 0;
1369 WLAN_REPORT_INFORMATION(pRsn->hReport, RSN_MODULE_LOG, ("%s: Site is banned!\n", __FUNCTION__));
1370 return NOK;
1371 }
1372
1373 status = pRsn->pAdmCtrl->evalSite (pRsn->pAdmCtrl, pRsnData, bssType, pMetric);
1374
1375 WLAN_REPORT_INFORMATION(pRsn->hReport, RSN_MODULE_LOG, ("%s: pMetric=%d status=%d\n", __FUNCTION__, *pMetric, status));
1376
1377 return status;
1378 }
1379
1380
1381 /**
1382 *
1383 * rsn_getInfoElement -
1384 *
1385 * \b Description:
1386 *
1387 * Get the RSN information element.
1388 *
1389 * \b ARGS:
1390 *
1391 * I - hRsn - Rsn SM context \n
1392 * I/O - pRsnIe - Pointer to the return information element \n
1393 * I/O - pRsnIeLen - Pointer to the returned IE's length \n
1394 *
1395 * \b RETURNS:
1396 *
1397 * OK if successful, NOK otherwise.
1398 *
1399 * \sa
1400 */
rsn_getInfoElement(TI_HANDLE hRsn,UINT8 * pRsnIe,UINT8 * pRsnIeLen)1401 TI_STATUS rsn_getInfoElement(TI_HANDLE hRsn, UINT8 *pRsnIe, UINT8 *pRsnIeLen)
1402 {
1403 rsn_t *pRsn;
1404 TI_STATUS status;
1405
1406 if ((hRsn == NULL) || (pRsnIe == NULL) || (pRsnIeLen == NULL))
1407 {
1408 return NOK;
1409 }
1410
1411 pRsn = (rsn_t*)hRsn;
1412
1413 status = pRsn->pAdmCtrl->getInfoElement (pRsn->pAdmCtrl, pRsnIe, pRsnIeLen);
1414
1415 WLAN_REPORT_INFORMATION(pRsn->hReport, RSN_MODULE_LOG, ("rsn_getInfoElement pRsnIeLen= %d\n",*pRsnIeLen));
1416
1417 return status;
1418 }
1419
1420
1421 #ifdef EXC_MODULE_INCLUDED
1422 /**
1423 *
1424 * rsn_getExcExtendedInfoElement -
1425 *
1426 * \b Description:
1427 *
1428 * Get the Aironet information element.
1429 *
1430 * \b ARGS:
1431 *
1432 * I - hRsn - Rsn SM context \n
1433 * I/O - pRsnIe - Pointer to the return information element \n
1434 * I/O - pRsnIeLen - Pointer to the returned IE's length \n
1435 *
1436 * \b RETURNS:
1437 *
1438 * OK if successful, NOK otherwise.
1439 *
1440 * \sa
1441 */
rsn_getExcExtendedInfoElement(TI_HANDLE hRsn,UINT8 * pRsnIe,UINT8 * pRsnIeLen)1442 TI_STATUS rsn_getExcExtendedInfoElement(TI_HANDLE hRsn, UINT8 *pRsnIe, UINT8 *pRsnIeLen)
1443 {
1444 rsn_t *pRsn;
1445 TI_STATUS status;
1446
1447 if ((hRsn == NULL) || (pRsnIe == NULL) || (pRsnIeLen == NULL))
1448 {
1449 return NOK;
1450 }
1451
1452 pRsn = (rsn_t*)hRsn;
1453
1454 status = admCtrlExc_getInfoElement (pRsn->pAdmCtrl, pRsnIe, pRsnIeLen);
1455
1456 WLAN_REPORT_INFORMATION(pRsn->hReport, RSN_MODULE_LOG, ("rsn_getExcExtendedInfoElement pRsnIeLen= %d\n",*pRsnIeLen));
1457
1458 return status;
1459 }
1460 #endif
1461
1462
1463 /**
1464 *
1465 * rsn_eventRecv - Set a specific parameter to the rsniation SM
1466 *
1467 * \b Description:
1468 *
1469 * Set a specific parameter to the rsniation SM.
1470 *
1471 * \b ARGS:
1472 *
1473 * I - hRsn - Rsniation SM context \n
1474 * I/O - pParam - Parameter \n
1475 *
1476 * \b RETURNS:
1477 *
1478 * OK if successful, NOK otherwise.
1479 *
1480 * \sa rsn_Start, rsn_Stop
1481 */
rsn_setSite(TI_HANDLE hRsn,rsnData_t * pRsnData,UINT8 * pAssocIe,UINT8 * pAssocIeLen)1482 TI_STATUS rsn_setSite(TI_HANDLE hRsn, rsnData_t *pRsnData, UINT8 *pAssocIe, UINT8 *pAssocIeLen)
1483 {
1484 rsn_t *pRsn;
1485 TI_STATUS status;
1486
1487 if ((pRsnData == NULL) || (hRsn == NULL))
1488 {
1489 *pAssocIeLen = 0;
1490 return NOK;
1491 }
1492
1493 pRsn = (rsn_t*)hRsn;
1494
1495 status = pRsn->pAdmCtrl->setSite (pRsn->pAdmCtrl, pRsnData, pAssocIe, pAssocIeLen);
1496
1497 WLAN_REPORT_INFORMATION(pRsn->hReport, RSN_MODULE_LOG, ("rsn_setSite ieLen= %d\n",pRsnData->ieLen));
1498 return status;
1499 }
1500
1501
rsn_setKey(rsn_t * pRsn,securityKeys_t * pKey)1502 TI_STATUS rsn_setKey (rsn_t *pRsn, securityKeys_t *pKey)
1503 {
1504 TI_STATUS status = OK;
1505 whalParamInfo_t whalParam;
1506 paramInfo_t param;
1507 UINT8 keyIndex;
1508 BOOL macIsBroadcast = FALSE;
1509
1510 keyIndex = (UINT8)pKey->keyIndex;
1511 if ((pRsn == NULL) || (pKey == NULL) || (keyIndex >= MAX_KEYS_NUM))
1512 {
1513 return NOK;
1514 }
1515
1516 /*
1517 * In full driver we use only WEP default keys. That's why we make sure that the macAddress is cleared.
1518 * In GWSI we use WEP mapping key if the macAddress is not NULL.
1519 */
1520 if (pKey->keyType == WEP_KEY)
1521 {
1522 os_memoryZero(pRsn->hOs,(void*)pKey->macAddress.addr,
1523 sizeof(macAddress_t));
1524 }
1525
1526 if (pKey->keyType != NULL_KEY)
1527 {
1528 /* set the size to reserve for encryption to the tx */
1529 /* update this parameter only in accordance with pairwise key setting */
1530 if (!MAC_BROADCAST((&pKey->macAddress)))
1531 {
1532 param.paramType = TX_DATA_ENCRYPTION_FIELD_SIZE;
1533 switch (pKey->keyType)
1534 {
1535 case TKIP_KEY:
1536 param.content.txDataEncryptionFieldSize = IV_FIELD_SIZE;
1537 break;
1538 case AES_KEY:
1539 param.content.txDataEncryptionFieldSize = AES_AFTER_HEADER_FIELD_SIZE;
1540 break;
1541 case NULL_KEY:
1542 case WEP_KEY:
1543 case EXC_KEY:
1544 default:
1545 param.content.txDataEncryptionFieldSize = 0;
1546 break;
1547 }
1548
1549 txData_setParam (pRsn->hTx, ¶m);
1550 }
1551 macIsBroadcast = MAC_BROADCAST((&pKey->macAddress));
1552 if ((pRsn->keys[keyIndex].keyType != NULL_KEY )&&
1553 macIsBroadcast && !MAC_BROADCAST((&pRsn->keys[keyIndex].macAddress)))
1554 { /* In case a new Group key is set instead of a Unicast key,
1555 first remove the UNIcast key from FW */
1556 rsn_removeKey(pRsn, &pRsn->keys[keyIndex]);
1557 }
1558 pRsn->keys[keyIndex].keyType = pKey->keyType;
1559 pRsn->keys[keyIndex].keyIndex = keyIndex;
1560 whalParam.paramType = HAL_CTRL_RSN_KEY_ADD_PARAM;
1561 whalParam.content.configureCmdCBParams.CB_buf = (UINT8*) pKey;
1562 whalParam.content.configureCmdCBParams.CB_Func = NULL;
1563 whalParam.content.configureCmdCBParams.CB_handle = NULL;
1564
1565 if (macIsBroadcast)
1566 {
1567 WLAN_REPORT_INFORMATION(pRsn->hReport, RSN_MODULE_LOG,
1568 ("RSN: rsn_setKey, Group ReKey timer started\n"));
1569 os_timerStop (pRsn->hOs, pRsn->micFailureReKeyTimer);
1570 os_timerStart (pRsn->hOs, pRsn->micFailureReKeyTimer, RSN_MIC_FAILURE_RE_KEY, FALSE);
1571 pRsn->groupKeyUpdate = GROUP_KEY_UPDATE_TRUE;
1572 }
1573
1574 /* Mark key as added */
1575 pRsn->keys_en [keyIndex] = TRUE;
1576
1577 status = whalCtrl_SetParam (pRsn->hWhalCtrl, &whalParam);
1578 }
1579
1580 WLAN_REPORT_INFORMATION(pRsn->hReport, RSN_MODULE_LOG,
1581 ("RSN: rsn_setKey, KeyType=%d, KeyId = 0x%lx,encLen=0x%x\n",
1582 pKey->keyType,pKey->keyIndex, pKey->encLen));
1583
1584 WLAN_REPORT_INFORMATION(pRsn->hReport, RSN_MODULE_LOG, ("\nEncKey = "));
1585
1586 WLAN_REPORT_HEX_INFORMATION(pRsn->hReport, RSN_MODULE_LOG, (UINT8 *)pKey->encKey, pKey->encLen);
1587
1588 if (pKey->keyType != WEP_KEY)
1589 {
1590 WLAN_REPORT_INFORMATION(pRsn->hReport, RSN_MODULE_LOG, ("\nMac address = "));
1591 WLAN_REPORT_HEX_INFORMATION(pRsn->hReport, RSN_MODULE_LOG, (UINT8 *)pKey->macAddress.addr, MAC_ADDR_LEN);
1592 WLAN_REPORT_INFORMATION(pRsn->hReport, RSN_MODULE_LOG, ("\nRSC = "));
1593 WLAN_REPORT_HEX_INFORMATION(pRsn->hReport, RSN_MODULE_LOG, (UINT8 *)pKey->keyRsc, KEY_RSC_LEN);
1594 WLAN_REPORT_INFORMATION(pRsn->hReport, RSN_MODULE_LOG, ("\nMic RX = "));
1595 WLAN_REPORT_HEX_INFORMATION(pRsn->hReport, RSN_MODULE_LOG, (UINT8 *)pKey->micRxKey, MAX_KEY_LEN);
1596 WLAN_REPORT_INFORMATION(pRsn->hReport, RSN_MODULE_LOG, ("\nMic TX = "));
1597 WLAN_REPORT_HEX_INFORMATION(pRsn->hReport, RSN_MODULE_LOG, (UINT8 *)pKey->micTxKey, MAX_KEY_LEN);
1598 }
1599
1600 return status;
1601 }
1602
1603
rsn_removeKey(rsn_t * pRsn,securityKeys_t * pKey)1604 TI_STATUS rsn_removeKey (rsn_t *pRsn, securityKeys_t *pKey)
1605 {
1606 TI_STATUS status = OK;
1607 whalParamInfo_t whalParam;
1608 UINT8 keyIndex;
1609
1610 keyIndex = (UINT8)pKey->keyIndex;
1611 if ((pRsn == NULL) || (pKey == NULL) || (keyIndex >= MAX_KEYS_NUM))
1612 {
1613 return NOK;
1614 }
1615
1616 WLAN_REPORT_INFORMATION(pRsn->hReport, RSN_MODULE_LOG,
1617 ("rsn_removeKey Entry, keyType=%d, keyIndex=0x%lx\n",pKey->keyType, keyIndex));
1618
1619 /* Now set to the RSN structure. */
1620 if (pKey->keyType != NULL_KEY && pRsn->keys_en[keyIndex])
1621 {
1622 whalParam.paramType = HAL_CTRL_RSN_KEY_REMOVE_PARAM;
1623 /*os_memoryCopy(pRsn->hOs, &whalParam.content.rsnKey, pKey, sizeof(securityKeys_t));*/
1624 whalParam.content.configureCmdCBParams.CB_buf = (UINT8*) pKey;
1625 whalParam.content.configureCmdCBParams.CB_Func = NULL;
1626 whalParam.content.configureCmdCBParams.CB_handle = NULL;
1627
1628 /* If keyType is TKIP or AES, set the encLen to the KEY enc len - 16 */
1629 if (pKey->keyType == TKIP_KEY || pKey->keyType == AES_KEY)
1630 {
1631 pKey->encLen = 16;
1632 if (keyIndex != 0)
1633 {
1634 const UINT8 broadcast[] = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff};
1635 /*
1636 * if keyType is TKIP or AES, and the key index is broadcast, overwrite the MAC address as broadcast
1637 * for removing the Broadcast key from the FW
1638 */
1639 os_memoryCopy (pRsn->hOs, (void *)&pKey->macAddress.addr[0], (void*)broadcast, MAC_ADDR_LEN);
1640 }
1641 }
1642 else if (pKey->keyType == WEP_KEY)
1643 {
1644 /* In full driver we use only WEP default keys. To remove it we make sure that the MAC address is NULL */
1645 os_memoryZero(pRsn->hOs,(void*)pKey->macAddress.addr,sizeof(macAddress_t));
1646 }
1647
1648 /* Mark key as deleted */
1649 pRsn->keys_en[keyIndex] = FALSE;
1650
1651 status = whalCtrl_SetParam (pRsn->hWhalCtrl, &whalParam);
1652
1653 WLAN_REPORT_INFORMATION(pRsn->hReport, RSN_MODULE_LOG,
1654 ("rsn_removeKey in whal, status =%d\n", status));
1655
1656 /* clean the key flags*/
1657 pRsn->keys[keyIndex].keyIndex &= 0x000000FF;
1658 pRsn->keys[keyIndex].keyType = NULL_KEY;
1659 pRsn->keys[keyIndex].encLen = 0;
1660 pRsn->wepDefaultKeys[keyIndex] = FALSE;
1661 }
1662
1663 return status;
1664 }
1665
1666
rsn_setDefaultKeyId(rsn_t * pRsn,UINT8 keyId)1667 TI_STATUS rsn_setDefaultKeyId(rsn_t *pRsn, UINT8 keyId)
1668 {
1669 TI_STATUS status = OK;
1670 whalParamInfo_t whalParam;
1671
1672 if (pRsn == NULL)
1673 {
1674 return NOK;
1675 }
1676 pRsn->defaultKeyId = keyId;
1677 /* Now we configure default key ID to the HAL */
1678 whalParam.paramType = HAL_CTRL_RSN_DEFAULT_KEY_ID_PARAM;
1679 whalParam.content.configureCmdCBParams.CB_buf = &keyId;
1680 whalParam.content.configureCmdCBParams.CB_Func = NULL;
1681 whalParam.content.configureCmdCBParams.CB_handle = NULL;
1682 status = whalCtrl_SetParam(pRsn->hWhalCtrl, &whalParam);
1683
1684 WLAN_REPORT_INFORMATION(pRsn->hReport, RSN_MODULE_LOG,
1685 ("RSN: rsn_setDefaultKeyId, KeyId = 0x%lx\n",
1686 keyId));
1687 return status;
1688 }
1689
1690
rsn_reportAuthFailure(TI_HANDLE hRsn,authStatus_e authStatus)1691 TI_STATUS rsn_reportAuthFailure(TI_HANDLE hRsn, authStatus_e authStatus)
1692 {
1693 TI_STATUS status = OK;
1694 rsn_t *pRsn;
1695 paramInfo_t param;
1696
1697 if (hRsn==NULL)
1698 {
1699 return NOK;
1700 }
1701
1702 pRsn = (rsn_t*)hRsn;
1703
1704 /* Remove AP from candidate list for a specified amount of time */
1705 param.paramType = CTRL_DATA_CURRENT_BSSID_PARAM;
1706 status = ctrlData_getParam(pRsn->hCtrlData, ¶m);
1707 if (status != OK)
1708 {
1709 WLAN_REPORT_ERROR(pRsn->hReport, RSN_MODULE_LOG,
1710 ("rsn_reportAuthFailure, unable to retrieve BSSID \n"));
1711 }
1712 else
1713 {
1714 WLAN_REPORT_INFORMATION(pRsn->hReport, RSN_MODULE_LOG,
1715 ("current station is banned from the roaming candidates list for %d Ms\n",
1716 RSN_AUTH_FAILURE_TIMEOUT));
1717
1718 rsn_banSite(hRsn, param.content.ctrlDataCurrentBSSID, RSN_SITE_BAN_LEVEL_FULL, RSN_AUTH_FAILURE_TIMEOUT);
1719 }
1720
1721
1722 #ifdef EXC_MODULE_INCLUDED
1723 WLAN_REPORT_INFORMATION(pRsn->hReport, RSN_MODULE_LOG,
1724 ("CALLING rougeAP, status= %d \n",authStatus));
1725 status = excMngr_rogueApDetected (pRsn->hExcMngr, authStatus);
1726 #endif
1727 UNUSED(pRsn);
1728 return status;
1729 }
1730
1731
1732 /******
1733 This is the CB function for mic failure event from the FW
1734 *******/
rsn_reportMicFailure(TI_HANDLE hRsn,UINT8 * pType,UINT32 Length)1735 TI_STATUS rsn_reportMicFailure(TI_HANDLE hRsn, UINT8 *pType, UINT32 Length)
1736 {
1737 rsn_t *pRsn = (rsn_t *) hRsn;
1738 rsn_siteBanLevel_e banLevel;
1739 OS_802_11_AUTHENTICATION_REQUEST *request;
1740 UINT8 AuthBuf[sizeof(UINT32) + sizeof(OS_802_11_AUTHENTICATION_REQUEST)];
1741 paramInfo_t param;
1742 UINT8 failureType;
1743
1744 failureType = *pType;
1745
1746 if (((pRsn->paeConfig.unicastSuite == RSN_CIPHER_TKIP) && (failureType == KEY_TKIP_MIC_PAIRWISE)) ||
1747 ((pRsn->paeConfig.broadcastSuite == RSN_CIPHER_TKIP) && (failureType == KEY_TKIP_MIC_GROUP)))
1748 {
1749 /* check if the MIC failure is group and group key update */
1750 /* was performed during the last 3 seconds */
1751 if ((failureType == KEY_TKIP_MIC_GROUP) &&
1752 (pRsn->groupKeyUpdate == GROUP_KEY_UPDATE_TRUE))
1753 {
1754 WLAN_REPORT_INFORMATION(pRsn->hReport, RSN_MODULE_LOG,
1755 ("%s: Group MIC failure ignored, key update was performed within the last 3 seconds.\n", __FUNCTION__));
1756 return OK;
1757 }
1758
1759 /* Prepare the Authentication Request */
1760 request = (OS_802_11_AUTHENTICATION_REQUEST *)(AuthBuf + sizeof(UINT32));
1761 request->Length = sizeof(OS_802_11_AUTHENTICATION_REQUEST);
1762
1763 param.paramType = CTRL_DATA_CURRENT_BSSID_PARAM;
1764 if (ctrlData_getParam (pRsn->hCtrlData, ¶m) != OK)
1765 {
1766 return NOK;
1767 }
1768
1769 /* Generate 802 Media specific indication event */
1770 *(UINT32*)AuthBuf = os802_11StatusType_Authentication;
1771
1772 os_memoryCopy (pRsn->hOs, request->BSSID, (void *)param.content.ctrlDataCurrentBSSID.addr, MAC_ADDR_LEN);
1773
1774 if (failureType == KEY_TKIP_MIC_PAIRWISE)
1775 {
1776 request->Flags = OS_802_11_REQUEST_PAIRWISE_ERROR;
1777 }
1778 else
1779 {
1780 request->Flags = OS_802_11_REQUEST_GROUP_ERROR;
1781 }
1782
1783 EvHandlerSendEvent (pRsn->hEvHandler,
1784 IPC_EVENT_MEDIA_SPECIFIC,
1785 (UINT8*)AuthBuf,
1786 sizeof(UINT32) + sizeof(OS_802_11_AUTHENTICATION_REQUEST));
1787
1788 /* Update and check the ban level to decide what actions need to take place */
1789 banLevel = rsn_banSite (hRsn, param.content.ctrlDataCurrentBSSID, RSN_SITE_BAN_LEVEL_HALF, RSN_MIC_FAILURE_TIMEOUT);
1790 if (banLevel == RSN_SITE_BAN_LEVEL_FULL)
1791 {
1792 /* Site is banned so prepare to disconnect */
1793 WLAN_REPORT_INFORMATION(pRsn->hReport, RSN_MODULE_LOG,
1794 ("%s: Second MIC failure, closing Rx port...\n", __FUNCTION__));
1795
1796 param.paramType = RX_DATA_PORT_STATUS_PARAM;
1797 param.content.rxDataPortStatus = CLOSE;
1798 rxData_setParam(pRsn->hRx, ¶m);
1799
1800 /* stop the mic failure Report timer and start a new one for 0.5 seconds */
1801 os_timerStop(pRsn->hOs, pRsn->micFailureReportWaitTimer);
1802 os_timerStart(pRsn->hOs, pRsn->micFailureReportWaitTimer, RSN_MIC_FAILURE_REPORT_WAIT, FALSE);
1803 }
1804 else
1805 {
1806 /* Site is only half banned so nothing needs to be done for now */
1807 WLAN_REPORT_INFORMATION(pRsn->hReport, RSN_MODULE_LOG,
1808 ("%s: First MIC failure, business as usual for now...\n", __FUNCTION__));
1809 }
1810 }
1811
1812 return OK;
1813 }
1814
1815
rsn_groupReKeyTimeout(TI_HANDLE hRsn)1816 void rsn_groupReKeyTimeout(TI_HANDLE hRsn)
1817 {
1818 rsn_t *pRsn;
1819
1820 pRsn = (rsn_t*)hRsn;
1821
1822 if (pRsn == NULL)
1823 {
1824 return;
1825 }
1826
1827 pRsn->groupKeyUpdate = GROUP_KEY_UPDATE_FALSE;
1828 }
1829
1830
rsn_micFailureReportTimeout(TI_HANDLE hRsn)1831 void rsn_micFailureReportTimeout(TI_HANDLE hRsn)
1832 {
1833 rsn_t *pRsn;
1834
1835 pRsn = (rsn_t*)hRsn;
1836
1837 if (pRsn == NULL)
1838 {
1839 return;
1840 }
1841
1842 WLAN_REPORT_INFORMATION(pRsn->hReport, RSN_MODULE_LOG,
1843 ("%s: MIC failure reported, disassociating...\n", __FUNCTION__));
1844
1845 apConn_reportRoamingEvent (pRsn->hAPConn, ROAMING_TRIGGER_SECURITY_ATTACK, NULL);
1846 }
1847
1848
1849 /**
1850 *
1851 * rsn_resetPMKIDList -
1852 *
1853 * \b Description:
1854 * Cleans up the PMKID cache.
1855 * Called when SSID is being changed.
1856 *
1857 * \b ARGS:
1858 *
1859 * I - hRsn - Rsniation SM context \n
1860 *
1861 * \b RETURNS:
1862 *
1863 * OK if successful, NOK otherwise.
1864 */
1865
rsn_resetPMKIDList(TI_HANDLE hRsn)1866 TI_STATUS rsn_resetPMKIDList(TI_HANDLE hRsn)
1867 {
1868 rsn_t *pRsn = (rsn_t*)hRsn;
1869
1870 if (!pRsn)
1871 return NOK;
1872
1873 return (pRsn->pAdmCtrl->resetPmkidList (pRsn->pAdmCtrl));
1874 }
1875
1876
rsn_debugFunc(TI_HANDLE hRsn)1877 void rsn_debugFunc(TI_HANDLE hRsn)
1878 {
1879 rsn_t *pRsn;
1880
1881 if (hRsn == NULL)
1882 {
1883 return;
1884 }
1885 pRsn = (rsn_t*)hRsn;
1886
1887 WLAN_OS_REPORT(("rsnStartedTs, ts = %d\n", pRsn->rsnStartedTs));
1888 WLAN_OS_REPORT(("rsnCompletedTs, ts = %d\n", pRsn->rsnCompletedTs));
1889 }
1890
1891
1892 /**
1893 *
1894 * rsn_startPreAuth -
1895 *
1896 * \b Description:
1897 *
1898 * Start pre-authentication on a list of given BSSIDs.
1899 *
1900 * \b ARGS:
1901 *
1902 * I - hRsn - Rsniation SM context \n
1903 * I/O - pBssidList - list of BSSIDs that require Pre-Auth \n
1904 *
1905 * \b RETURNS:
1906 *
1907 * OK if successful, NOK otherwise.
1908 *
1909 * \sa
1910 */
rsn_startPreAuth(TI_HANDLE hRsn,bssidList4PreAuth_t * pBssidList)1911 TI_STATUS rsn_startPreAuth(TI_HANDLE hRsn, bssidList4PreAuth_t *pBssidList)
1912 {
1913 rsn_t *pRsn;
1914 TI_STATUS status;
1915
1916 if (hRsn == NULL || pBssidList == NULL)
1917 {
1918 return NOK;
1919 }
1920
1921 pRsn = (rsn_t*)hRsn;
1922
1923 status = pRsn->pAdmCtrl->startPreAuth (pRsn->pAdmCtrl, pBssidList);
1924
1925 WLAN_REPORT_INFORMATION(pRsn->hReport, RSN_MODULE_LOG, ("rsn_startPreAuth \n"));
1926
1927 return status;
1928 }
1929
1930
1931 /**
1932 *
1933 * isSiteBanned -
1934 *
1935 * \b Description:
1936 *
1937 * Returns whether or not the site with the specified Bssid is banned or not.
1938 *
1939 * \b ARGS:
1940 *
1941 * I - hRsn - RSN module context \n
1942 * I - siteBssid - The desired site's bssid \n
1943 *
1944 * \b RETURNS:
1945 *
1946 * NOK iff site is banned.
1947 *
1948 */
rsn_isSiteBanned(TI_HANDLE hRsn,macAddress_t siteBssid)1949 BOOL rsn_isSiteBanned(TI_HANDLE hRsn, macAddress_t siteBssid)
1950 {
1951 rsn_t * pRsn = (rsn_t *) hRsn;
1952 rsn_siteBanEntry_t * entry;
1953
1954 /* Check if site is in the list */
1955 if ((entry = findBannedSiteAndCleanup(hRsn, siteBssid)) == NULL)
1956 {
1957 return FALSE;
1958 }
1959
1960 WLAN_REPORT_INFORMATION(pRsn->hReport, RSN_MODULE_LOG, ("%s: Site %02X-%02X-%02X-%02X-%02X-%02X found with ban level %d...\n", __FUNCTION__, siteBssid.addr[0], siteBssid.addr[1], siteBssid.addr[2], siteBssid.addr[3], siteBssid.addr[4], siteBssid.addr[5], entry->banLevel));
1961
1962 return (entry->banLevel == RSN_SITE_BAN_LEVEL_FULL);
1963 }
1964
1965
1966 /**
1967 *
1968 * rsn_banSite -
1969 *
1970 * \b Description:
1971 *
1972 * Bans the specified site from being associated to for the specified duration.
1973 * If a ban level of WARNING is given and no previous ban was in effect the
1974 * warning is marked down but other than that nothing happens. In case a previous
1975 * warning (or ban of course) is still in effect
1976 *
1977 * \b ARGS:
1978 *
1979 * I - hRsn - RSN module context \n
1980 * I - siteBssid - The desired site's bssid \n
1981 * I - banLevel - The desired level of ban (Warning / Ban)
1982 * I - durationMs - The duration of ban in milliseconds
1983 *
1984 * \b RETURNS:
1985 *
1986 * The level of ban (warning / banned).
1987 *
1988 */
rsn_banSite(TI_HANDLE hRsn,macAddress_t siteBssid,rsn_siteBanLevel_e banLevel,UINT32 durationMs)1989 rsn_siteBanLevel_e rsn_banSite(TI_HANDLE hRsn, macAddress_t siteBssid, rsn_siteBanLevel_e banLevel, UINT32 durationMs)
1990 {
1991 rsn_t * pRsn = (rsn_t *) hRsn;
1992 rsn_siteBanEntry_t * entry;
1993
1994 /* Try finding the site in the list */
1995 if ((entry = findBannedSiteAndCleanup(hRsn, siteBssid)) != NULL)
1996 {
1997 /* Site found so a previous ban is still in effect */
1998 WLAN_REPORT_INFORMATION(pRsn->hReport, RSN_MODULE_LOG, ("%s: Site %02X-%02X-%02X-%02X-%02X-%02X found and has been set to ban level full!\n", __FUNCTION__, siteBssid.addr[0], siteBssid.addr[1], siteBssid.addr[2], siteBssid.addr[3], siteBssid.addr[4], siteBssid.addr[5]));
1999
2000 entry->banLevel = RSN_SITE_BAN_LEVEL_FULL;
2001 }
2002 else
2003 {
2004 /* Site doesn't appear in the list, so find a place to insert it */
2005 WLAN_REPORT_INFORMATION(pRsn->hReport, RSN_MODULE_LOG, ("%s: Site %02X-%02X-%02X-%02X-%02X-%02X added with ban level %d!\n", __FUNCTION__, siteBssid.addr[0], siteBssid.addr[1], siteBssid.addr[2], siteBssid.addr[3], siteBssid.addr[4], siteBssid.addr[5], banLevel));
2006
2007 entry = findEntryForInsert (hRsn);
2008
2009 entry->siteBssid = siteBssid;
2010 entry->banLevel = banLevel;
2011
2012 pRsn->numOfBannedSites++;
2013 }
2014
2015 entry->banStartedMs = os_timeStampMs (pRsn->hOs);
2016 entry->banDurationMs = durationMs;
2017
2018 return entry->banLevel;
2019 }
2020
2021
2022 /**
2023 *
2024 * findEntryForInsert -
2025 *
2026 * \b Description:
2027 *
2028 * Returns a place to insert a new banned site.
2029 *
2030 * \b ARGS:
2031 *
2032 * I - hRsn - RSN module context \n
2033 *
2034 * \b RETURNS:
2035 *
2036 * A pointer to a suitable site entry.
2037 *
2038 */
findEntryForInsert(TI_HANDLE hRsn)2039 static rsn_siteBanEntry_t * findEntryForInsert(TI_HANDLE hRsn)
2040 {
2041 rsn_t * pRsn = (rsn_t *) hRsn;
2042
2043 /* In the extreme case that the list is full we overwrite an old entry */
2044 if (pRsn->numOfBannedSites == RSN_MAX_NUMBER_OF_BANNED_SITES)
2045 {
2046 WLAN_REPORT_ERROR(pRsn->hReport, RSN_MODULE_LOG,
2047 ("%s: No room left to insert new banned site, overwriting old one!\n", __FUNCTION__));
2048
2049 return &(pRsn->bannedSites[0]);
2050 }
2051
2052 return &(pRsn->bannedSites[pRsn->numOfBannedSites]);
2053 }
2054
2055
2056 /**
2057 *
2058 * findBannedSiteAndCleanup -
2059 *
2060 * \b Description:
2061 *
2062 * Searches the banned sites list for the desired site while cleaning up
2063 * expired sites found along the way.
2064 *
2065 * Note that this function might change the structure of the banned sites
2066 * list so old iterators into the list might be invalidated.
2067 *
2068 * \b ARGS:
2069 *
2070 * I - hRsn - RSN module context \n
2071 * I - siteBssid - The desired site's bssid \n
2072 *
2073 * \b RETURNS:
2074 *
2075 * A pointer to the desired site's entry if found,
2076 * NULL otherwise.
2077 *
2078 */
findBannedSiteAndCleanup(TI_HANDLE hRsn,macAddress_t siteBssid)2079 static rsn_siteBanEntry_t * findBannedSiteAndCleanup(TI_HANDLE hRsn, macAddress_t siteBssid)
2080 {
2081 rsn_t * pRsn = (rsn_t *) hRsn;
2082 int iter;
2083
2084 for (iter = 0; iter < pRsn->numOfBannedSites; iter++)
2085 {
2086 /* If this entry has expired we'd like to clean it up */
2087 if (os_timeStampMs(pRsn->hOs) - pRsn->bannedSites[iter].banStartedMs >= pRsn->bannedSites[iter].banDurationMs)
2088 {
2089 WLAN_REPORT_INFORMATION(pRsn->hReport, RSN_MODULE_LOG, ("%s: Found expired entry at index %d, cleaning it up...\n", __FUNCTION__, iter));
2090
2091 /* Replace this entry with the last one */
2092 pRsn->bannedSites[iter] = pRsn->bannedSites[pRsn->numOfBannedSites - 1];
2093 pRsn->numOfBannedSites--;
2094
2095 /* we now repeat the iteration on this entry */
2096 iter--;
2097
2098 continue;
2099 }
2100
2101 /* Is this the entry for the site we're looking for? */
2102 if (MAC_EQUAL (&siteBssid, &pRsn->bannedSites[iter].siteBssid))
2103 {
2104 WLAN_REPORT_INFORMATION(pRsn->hReport, RSN_MODULE_LOG, ("%s: Site %02X-%02X-%02X-%02X-%02X-%02X found at index %d!\n", __FUNCTION__, siteBssid.addr[0], siteBssid.addr[1], siteBssid.addr[2], siteBssid.addr[3], siteBssid.addr[4], siteBssid.addr[5], iter));
2105
2106 return &pRsn->bannedSites[iter];
2107 }
2108 }
2109
2110 /* Entry not found... */
2111 WLAN_REPORT_INFORMATION(pRsn->hReport, RSN_MODULE_LOG, ("%s: Site %02X-%02X-%02X-%02X-%02X-%02X not found...\n", __FUNCTION__, siteBssid.addr[0], siteBssid.addr[1], siteBssid.addr[2], siteBssid.addr[3], siteBssid.addr[4], siteBssid.addr[5], iter));
2112
2113 return NULL;
2114 }
2115
2116 /**
2117 *
2118 * clearBannedSiteList -
2119 *
2120 * \b Description:
2121 *
2122 * Clears the banned sites list.
2123 *
2124 *
2125 * \b ARGS:
2126 *
2127 * I - hRsn - RSN module context \n
2128 *
2129 * \b RETURNS:
2130 *
2131 *
2132 */
2133 /* Comment out the call to clearBannedSiteList due to fail in WiFi mic attack test */
2134 /*
2135 static void clearBannedSiteList(TI_HANDLE hRsn)
2136 {
2137 rsn_t * pRsn = (rsn_t *) hRsn;
2138
2139 pRsn->numOfBannedSites = 0;
2140 WLAN_REPORT_INFORMATION(pRsn->hReport, RSN_MODULE_LOG, ("%s\n", __FUNCTION__));
2141
2142 }
2143 */
2144
2145
2146 #ifdef RSN_NOT_USED
2147
convertAscii2Unicode(INT8 * userPwd,INT16 len)2148 static INT16 convertAscii2Unicode(INT8* userPwd, INT16 len)
2149 {
2150 INT16 i;
2151 INT8 unsiiPwd[MAX_PASSWD_LEN];
2152
2153
2154 for (i=0; i<len; i++)
2155 {
2156 unsiiPwd[i] = userPwd[i];
2157 }
2158 for (i=0; i<len; i++)
2159 {
2160 userPwd[i*2] = unsiiPwd[i];
2161 userPwd[i*2+1] = 0;
2162 }
2163 return (INT16)(len*2);
2164 }
2165
2166 #endif
2167