• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /******************************************************************************
2  *
3  * Copyright(c) 2007 - 2011 Realtek Corporation. All rights reserved.
4  *
5  * This program is free software; you can redistribute it and/or modify it
6  * under the terms of version 2 of the GNU General Public License as
7  * published by the Free Software Foundation.
8  *
9  * This program is distributed in the hope that it will be useful, but WITHOUT
10  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11  * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
12  * more details.
13  *
14  * You should have received a copy of the GNU General Public License along with
15  * this program; if not, write to the Free Software Foundation, Inc.,
16  * 51 Franklin Street, Fifth Floor, Boston, MA 02110, USA
17  *
18  *
19  ******************************************************************************/
20 #ifndef __RTW_SECURITY_H_
21 #define __RTW_SECURITY_H_
22 
23 #include <osdep_service.h>
24 #include <drv_types.h>
25 
26 #define _NO_PRIVACY_			0x0
27 #define _WEP40_				0x1
28 #define _TKIP_				0x2
29 #define _TKIP_WTMIC_			0x3
30 #define _AES_				0x4
31 #define _WEP104_			0x5
32 #define _WEP_WPA_MIXED_			0x07  /*  WEP + WPA */
33 #define _SMS4_				0x06
34 
35 #define is_wep_enc(alg) (((alg) == _WEP40_) || ((alg) == _WEP104_))
36 
37 #define _WPA_IE_ID_	0xdd
38 #define _WPA2_IE_ID_	0x30
39 
40 #define SHA256_MAC_LEN 32
41 #define AES_BLOCK_SIZE 16
42 #define AES_PRIV_SIZE (4 * 44)
43 
44 enum {
45 	ENCRYP_PROTOCOL_OPENSYS,   /* open system */
46 	ENCRYP_PROTOCOL_WEP,       /* WEP */
47 	ENCRYP_PROTOCOL_WPA,       /* WPA */
48 	ENCRYP_PROTOCOL_WPA2,      /* WPA2 */
49 	ENCRYP_PROTOCOL_WAPI,      /* WAPI: Not support in this version */
50 	ENCRYP_PROTOCOL_MAX
51 };
52 
53 
54 #ifndef Ndis802_11AuthModeWPA2
55 #define Ndis802_11AuthModeWPA2 (Ndis802_11AuthModeWPANone + 1)
56 #endif
57 
58 #ifndef Ndis802_11AuthModeWPA2PSK
59 #define Ndis802_11AuthModeWPA2PSK (Ndis802_11AuthModeWPANone + 2)
60 #endif
61 
62 union pn48	{
63 	u64	val;
64 
65 #ifdef __LITTLE_ENDIAN
66 	struct {
67 		u8 TSC0;
68 		u8 TSC1;
69 		u8 TSC2;
70 		u8 TSC3;
71 		u8 TSC4;
72 		u8 TSC5;
73 		u8 TSC6;
74 		u8 TSC7;
75 	} _byte_;
76 
77 #elif defined(__BIG_ENDIAN)
78 
79 	struct {
80 		u8 TSC7;
81 		u8 TSC6;
82 		u8 TSC5;
83 		u8 TSC4;
84 		u8 TSC3;
85 		u8 TSC2;
86 		u8 TSC1;
87 		u8 TSC0;
88 	} _byte_;
89 #endif
90 };
91 
92 union Keytype {
93 	u8   skey[16];
94 	u32    lkey[4];
95 };
96 
97 struct rt_pmkid_list {
98 	u8	bUsed;
99 	u8	Bssid[6];
100 	u8	PMKID[16];
101 	u8	SsidBuf[33];
102 	u8	*ssid_octet;
103 	u16	ssid_length;
104 };
105 
106 struct security_priv {
107 	u32	  dot11AuthAlgrthm;	/*  802.11 auth, could be open,
108 					 * shared, 8021x and authswitch */
109 	u32	  dot11PrivacyAlgrthm;	/*  This specify the privacy for
110 					 * shared auth. algorithm. */
111 	/* WEP */
112 	u32	  dot11PrivacyKeyIndex;	/*  this is only valid for legendary
113 					 * wep, 0~3 for key id.(tx key index) */
114 	union Keytype dot11DefKey[4];	/*  this is only valid for def. key */
115 	u32	dot11DefKeylen[4];
116 	u32 dot118021XGrpPrivacy;	/*  This specify the privacy algthm.
117 					 * used for Grp key */
118 	u32	dot118021XGrpKeyid;	/*  key id used for Grp Key
119 					 * ( tx key index) */
120 	union Keytype	dot118021XGrpKey[4];	/*  802.1x Group Key,
121 						 * for inx0 and inx1 */
122 	union Keytype	dot118021XGrptxmickey[4];
123 	union Keytype	dot118021XGrprxmickey[4];
124 	union pn48	dot11Grptxpn;		/* PN48 used for Grp Key xmit.*/
125 	union pn48	dot11Grprxpn;		/* PN48 used for Grp Key recv.*/
126 #ifdef CONFIG_88EU_AP_MODE
127 	/* extend security capabilities for AP_MODE */
128 	unsigned int dot8021xalg;/* 0:disable, 1:psk, 2:802.1x */
129 	unsigned int wpa_psk;/* 0:disable, bit(0): WPA, bit(1):WPA2 */
130 	unsigned int wpa_group_cipher;
131 	unsigned int wpa2_group_cipher;
132 	unsigned int wpa_pairwise_cipher;
133 	unsigned int wpa2_pairwise_cipher;
134 #endif
135 	u8 wps_ie[MAX_WPS_IE_LEN];/* added in assoc req */
136 	int wps_ie_len;
137 	u8	binstallGrpkey;
138 	u8	busetkipkey;
139 	u8	bcheck_grpkey;
140 	u8	bgrpkey_handshake;
141 	s32	sw_encrypt;/* from registry_priv */
142 	s32	sw_decrypt;/* from registry_priv */
143 	s32	hw_decrypted;/* if the rx packets is hw_decrypted==false,i
144 			      * it means the hw has not been ready. */
145 
146 	/* keeps the auth_type & enc_status from upper layer
147 	 * ioctl(wpa_supplicant or wzc) */
148 	u32 ndisauthtype;	/*  NDIS_802_11_AUTHENTICATION_MODE */
149 	u32 ndisencryptstatus;	/*  NDIS_802_11_ENCRYPTION_STATUS */
150 	struct wlan_bssid_ex sec_bss;  /* for joinbss (h2c buffer) usage */
151 	struct ndis_802_11_wep ndiswep;
152 	u8 assoc_info[600];
153 	u8 szofcapability[256]; /* for wpa2 usage */
154 	u8 oidassociation[512]; /* for wpa/wpa2 usage */
155 	u8 authenticator_ie[256];  /* store ap security information element */
156 	u8 supplicant_ie[256];  /* store sta security information element */
157 
158 	/* for tkip countermeasure */
159 	u32 last_mic_err_time;
160 	u8	btkip_countermeasure;
161 	u8	btkip_wait_report;
162 	u32 btkip_countermeasure_time;
163 
164 	/*  */
165 	/*  For WPA2 Pre-Authentication. */
166 	/*  */
167 	struct rt_pmkid_list PMKIDList[NUM_PMKID_CACHE];
168 	u8	PMKIDIndex;
169 	u8 bWepDefaultKeyIdxSet;
170 };
171 
172 struct sha256_state {
173 	u64 length;
174 	u32 state[8], curlen;
175 	u8 buf[64];
176 };
177 
178 #define GET_ENCRY_ALGO(psecuritypriv, psta, encry_algo, bmcst)		\
179 do {									\
180 	switch (psecuritypriv->dot11AuthAlgrthm) {			\
181 	case dot11AuthAlgrthm_Open:					\
182 	case dot11AuthAlgrthm_Shared:					\
183 	case dot11AuthAlgrthm_Auto:					\
184 		encry_algo = (u8)psecuritypriv->dot11PrivacyAlgrthm;	\
185 		break;							\
186 	case dot11AuthAlgrthm_8021X:					\
187 		if (bmcst)						\
188 			encry_algo = (u8)psecuritypriv->dot118021XGrpPrivacy;\
189 		else							\
190 			encry_algo = (u8)psta->dot118021XPrivacy;	\
191 		break;							\
192 	case dot11AuthAlgrthm_WAPI:					\
193 		encry_algo = (u8)psecuritypriv->dot11PrivacyAlgrthm;	\
194 		break;							\
195 	}								\
196 } while (0)
197 
198 #define SET_ICE_IV_LEN(iv_len, icv_len, encrypt)			\
199 do {									\
200 	switch (encrypt) {						\
201 	case _WEP40_:							\
202 	case _WEP104_:							\
203 		iv_len = 4;						\
204 		icv_len = 4;						\
205 		break;							\
206 	case _TKIP_:							\
207 		iv_len = 8;						\
208 		icv_len = 4;						\
209 		break;							\
210 	case _AES_:							\
211 		iv_len = 8;						\
212 		icv_len = 8;						\
213 		break;							\
214 	case _SMS4_:							\
215 		iv_len = 18;						\
216 		icv_len = 16;						\
217 		break;							\
218 	default:							\
219 		iv_len = 0;						\
220 		icv_len = 0;						\
221 		break;							\
222 	}								\
223 } while (0)
224 
225 
226 #define GET_TKIP_PN(iv, dot11txpn)					\
227 do {									\
228 	dot11txpn._byte_.TSC0 = iv[2];					\
229 	dot11txpn._byte_.TSC1 = iv[0];					\
230 	dot11txpn._byte_.TSC2 = iv[4];					\
231 	dot11txpn._byte_.TSC3 = iv[5];					\
232 	dot11txpn._byte_.TSC4 = iv[6];					\
233 	dot11txpn._byte_.TSC5 = iv[7];					\
234 } while (0)
235 
236 
237 #define ROL32(A, n)	(((A) << (n)) | (((A)>>(32-(n)))  & ((1UL << (n)) - 1)))
238 #define ROR32(A, n)	ROL32((A), 32-(n))
239 
240 struct mic_data {
241 	u32  K0, K1;         /*  Key */
242 	u32  L, R;           /*  Current state */
243 	u32  M;              /*  Message accumulator (single word) */
244 	u32  nBytesInM;      /*  # bytes in M */
245 };
246 
247 extern const u32 Te0[256];
248 extern const u32 Te1[256];
249 extern const u32 Te2[256];
250 extern const u32 Te3[256];
251 extern const u32 Te4[256];
252 extern const u32 Td0[256];
253 extern const u32 Td1[256];
254 extern const u32 Td2[256];
255 extern const u32 Td3[256];
256 extern const u32 Td4[256];
257 extern const u32 rcon[10];
258 extern const u8 Td4s[256];
259 extern const u8 rcons[10];
260 
261 #define RCON(i) (rcons[(i)] << 24)
262 
rotr(u32 val,int bits)263 static inline u32 rotr(u32 val, int bits)
264 {
265 	return (val >> bits) | (val << (32 - bits));
266 }
267 
268 #define TE0(i) Te0[((i) >> 24) & 0xff]
269 #define TE1(i) rotr(Te0[((i) >> 16) & 0xff], 8)
270 #define TE2(i) rotr(Te0[((i) >> 8) & 0xff], 16)
271 #define TE3(i) rotr(Te0[(i) & 0xff], 24)
272 #define TE41(i) ((Te0[((i) >> 24) & 0xff] << 8) & 0xff000000)
273 #define TE42(i) (Te0[((i) >> 16) & 0xff] & 0x00ff0000)
274 #define TE43(i) (Te0[((i) >> 8) & 0xff] & 0x0000ff00)
275 #define TE44(i) ((Te0[(i) & 0xff] >> 8) & 0x000000ff)
276 #define TE421(i) ((Te0[((i) >> 16) & 0xff] << 8) & 0xff000000)
277 #define TE432(i) (Te0[((i) >> 8) & 0xff] & 0x00ff0000)
278 #define TE443(i) (Te0[(i) & 0xff] & 0x0000ff00)
279 #define TE414(i) ((Te0[((i) >> 24) & 0xff] >> 8) & 0x000000ff)
280 #define TE4(i) ((Te0[(i)] >> 8) & 0x000000ff)
281 
282 #define TD0(i) Td0[((i) >> 24) & 0xff]
283 #define TD1(i) rotr(Td0[((i) >> 16) & 0xff], 8)
284 #define TD2(i) rotr(Td0[((i) >> 8) & 0xff], 16)
285 #define TD3(i) rotr(Td0[(i) & 0xff], 24)
286 #define TD41(i) (Td4s[((i) >> 24) & 0xff] << 24)
287 #define TD42(i) (Td4s[((i) >> 16) & 0xff] << 16)
288 #define TD43(i) (Td4s[((i) >> 8) & 0xff] << 8)
289 #define TD44(i) (Td4s[(i) & 0xff])
290 #define TD0_(i) Td0[(i) & 0xff]
291 #define TD1_(i) rotr(Td0[(i) & 0xff], 8)
292 #define TD2_(i) rotr(Td0[(i) & 0xff], 16)
293 #define TD3_(i) rotr(Td0[(i) & 0xff], 24)
294 
295 #define GETU32(pt) (((u32)(pt)[0] << 24) ^ ((u32)(pt)[1] << 16) ^ \
296 			((u32)(pt)[2] <<  8) ^ ((u32)(pt)[3]))
297 
298 #define PUTU32(ct, st) { \
299 (ct)[0] = (u8)((st) >> 24); (ct)[1] = (u8)((st) >> 16); \
300 (ct)[2] = (u8)((st) >>  8); (ct)[3] = (u8)(st); }
301 
302 #define WPA_GET_BE32(a) ((((u32)(a)[0]) << 24) | (((u32)(a)[1]) << 16) | \
303 			 (((u32)(a)[2]) << 8) | ((u32)(a)[3]))
304 
305 #define WPA_PUT_LE16(a, val)			\
306 	do {					\
307 		(a)[1] = ((u16)(val)) >> 8;	\
308 		(a)[0] = ((u16)(val)) & 0xff;	\
309 	} while (0)
310 
311 #define WPA_PUT_BE32(a, val)					\
312 	do {							\
313 		(a)[0] = (u8)((((u32)(val)) >> 24) & 0xff);	\
314 		(a)[1] = (u8)((((u32)(val)) >> 16) & 0xff);	\
315 		(a)[2] = (u8)((((u32)(val)) >> 8) & 0xff);	\
316 		(a)[3] = (u8)(((u32)(val)) & 0xff);		\
317 	} while (0)
318 
319 #define WPA_PUT_BE64(a, val)				\
320 	do {						\
321 		(a)[0] = (u8)(((u64)(val)) >> 56);	\
322 		(a)[1] = (u8)(((u64)(val)) >> 48);	\
323 		(a)[2] = (u8)(((u64)(val)) >> 40);	\
324 		(a)[3] = (u8)(((u64)(val)) >> 32);	\
325 		(a)[4] = (u8)(((u64)(val)) >> 24);	\
326 		(a)[5] = (u8)(((u64)(val)) >> 16);	\
327 		(a)[6] = (u8)(((u64)(val)) >> 8);	\
328 		(a)[7] = (u8)(((u64)(val)) & 0xff);	\
329 	} while (0)
330 
331 /* ===== start - public domain SHA256 implementation ===== */
332 
333 /* This is based on SHA256 implementation in LibTomCrypt that was released into
334  * public domain by Tom St Denis. */
335 
336 /* the K array */
337 static const unsigned long K[64] = {
338 	0x428a2f98UL, 0x71374491UL, 0xb5c0fbcfUL, 0xe9b5dba5UL, 0x3956c25bUL,
339 	0x59f111f1UL, 0x923f82a4UL, 0xab1c5ed5UL, 0xd807aa98UL, 0x12835b01UL,
340 	0x243185beUL, 0x550c7dc3UL, 0x72be5d74UL, 0x80deb1feUL, 0x9bdc06a7UL,
341 	0xc19bf174UL, 0xe49b69c1UL, 0xefbe4786UL, 0x0fc19dc6UL, 0x240ca1ccUL,
342 	0x2de92c6fUL, 0x4a7484aaUL, 0x5cb0a9dcUL, 0x76f988daUL, 0x983e5152UL,
343 	0xa831c66dUL, 0xb00327c8UL, 0xbf597fc7UL, 0xc6e00bf3UL, 0xd5a79147UL,
344 	0x06ca6351UL, 0x14292967UL, 0x27b70a85UL, 0x2e1b2138UL, 0x4d2c6dfcUL,
345 	0x53380d13UL, 0x650a7354UL, 0x766a0abbUL, 0x81c2c92eUL, 0x92722c85UL,
346 	0xa2bfe8a1UL, 0xa81a664bUL, 0xc24b8b70UL, 0xc76c51a3UL, 0xd192e819UL,
347 	0xd6990624UL, 0xf40e3585UL, 0x106aa070UL, 0x19a4c116UL, 0x1e376c08UL,
348 	0x2748774cUL, 0x34b0bcb5UL, 0x391c0cb3UL, 0x4ed8aa4aUL, 0x5b9cca4fUL,
349 	0x682e6ff3UL, 0x748f82eeUL, 0x78a5636fUL, 0x84c87814UL, 0x8cc70208UL,
350 	0x90befffaUL, 0xa4506cebUL, 0xbef9a3f7UL, 0xc67178f2UL
351 };
352 
353 /* Various logical functions */
354 #define RORc(x, y) \
355 	(((((unsigned long)(x) & 0xFFFFFFFFUL) >> (unsigned long)((y)&31)) | \
356 	 ((unsigned long)(x) << (unsigned long)(32-((y)&31)))) & 0xFFFFFFFFUL)
357 #define Ch(x, y , z)       (z ^ (x & (y ^ z)))
358 #define Maj(x, y, z)      (((x | y) & z) | (x & y))
359 #define S(x, n)         RORc((x), (n))
360 #define R(x, n)         (((x)&0xFFFFFFFFUL)>>(n))
361 #define Sigma0(x)       (S(x, 2) ^ S(x, 13) ^ S(x, 22))
362 #define Sigma1(x)       (S(x, 6) ^ S(x, 11) ^ S(x, 25))
363 #define Gamma0(x)       (S(x, 7) ^ S(x, 18) ^ R(x, 3))
364 #define Gamma1(x)       (S(x, 17) ^ S(x, 19) ^ R(x, 10))
365 #ifndef MIN
366 #define MIN(x, y) (((x) < (y)) ? (x) : (y))
367 #endif
368 
369 void rtw_secmicsetkey(struct mic_data *pmicdata, u8 *key);
370 void rtw_secmicappendbyte(struct mic_data *pmicdata, u8 b);
371 void rtw_secmicappend(struct mic_data *pmicdata, u8 *src, u32 nBytes);
372 void rtw_secgetmic(struct mic_data *pmicdata, u8 *dst);
373 void rtw_seccalctkipmic(u8 *key, u8 *header, u8 *data, u32 data_len,
374 			u8 *Miccode, u8   priority);
375 u32 rtw_aes_encrypt(struct adapter *padapter, u8 *pxmitframe);
376 u32 rtw_tkip_encrypt(struct adapter *padapter, u8 *pxmitframe);
377 void rtw_wep_encrypt(struct adapter *padapter, u8  *pxmitframe);
378 u32 rtw_aes_decrypt(struct adapter *padapter, u8  *precvframe);
379 u32 rtw_tkip_decrypt(struct adapter *padapter, u8  *precvframe);
380 void rtw_wep_decrypt(struct adapter *padapter, u8  *precvframe);
381 
382 #endif	/* __RTL871X_SECURITY_H_ */
383