1 /******************************************************************************
2 *
3 * Copyright(c) 2007 - 2017 Realtek Corporation.
4 *
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of version 2 of the GNU General Public License as
7 * published by the Free Software Foundation.
8 *
9 * This program is distributed in the hope that it will be useful, but WITHOUT
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
12 * more details.
13 *
14 *****************************************************************************/
15 #define _RTW_SECURITY_C_
16
17 #include <drv_types.h>
18 #include <rtw_swcrypto.h>
19
20 static const char *_security_type_str[] = {
21 "N/A",
22 "WEP40",
23 "TKIP",
24 "TKIP_WM",
25 "AES",
26 "WEP104",
27 "SMS4",
28 "GCMP",
29 };
30
31 static const char *_security_type_bip_str[] = {
32 "BIP_CMAC_128",
33 "BIP_GMAC_128",
34 "BIP_GMAC_256",
35 "BIP_CMAC_256",
36 };
37
security_type_str(u8 value)38 const char *security_type_str(u8 value)
39 {
40 #ifdef CONFIG_IEEE80211W
41 if ((_BIP_MAX_ > value) && (value >= _BIP_CMAC_128_))
42 return _security_type_bip_str[value & ~_SEC_TYPE_BIT_];
43 #endif
44
45 if (_CCMP_256_ == value)
46 return "CCMP_256";
47 if (_GCMP_256_ == value)
48 return "GCMP_256";
49
50 if (_SEC_TYPE_MAX_ > value)
51 return _security_type_str[value];
52
53 return NULL;
54 }
55
56 #ifdef CONFIG_IEEE80211W
security_type_bip_to_gmcs(enum security_type type)57 u32 security_type_bip_to_gmcs(enum security_type type)
58 {
59 switch (type) {
60 case _BIP_CMAC_128_:
61 return WPA_CIPHER_BIP_CMAC_128;
62 case _BIP_GMAC_128_:
63 return WPA_CIPHER_BIP_GMAC_128;
64 case _BIP_GMAC_256_:
65 return WPA_CIPHER_BIP_GMAC_256;
66 case _BIP_CMAC_256_:
67 return WPA_CIPHER_BIP_CMAC_256;
68 default:
69 return 0;
70 }
71 }
72 #endif
73
74 #ifdef DBG_SW_SEC_CNT
75 #define WEP_SW_ENC_CNT_INC(sec, ra) do {\
76 if (is_broadcast_mac_addr(ra)) \
77 sec->wep_sw_enc_cnt_bc++; \
78 else if (is_multicast_mac_addr(ra)) \
79 sec->wep_sw_enc_cnt_mc++; \
80 else \
81 sec->wep_sw_enc_cnt_uc++; \
82 } while (0)
83
84 #define WEP_SW_DEC_CNT_INC(sec, ra) do {\
85 if (is_broadcast_mac_addr(ra)) \
86 sec->wep_sw_dec_cnt_bc++; \
87 else if (is_multicast_mac_addr(ra)) \
88 sec->wep_sw_dec_cnt_mc++; \
89 else \
90 sec->wep_sw_dec_cnt_uc++; \
91 } while (0)
92
93 #define TKIP_SW_ENC_CNT_INC(sec, ra) do {\
94 if (is_broadcast_mac_addr(ra)) \
95 sec->tkip_sw_enc_cnt_bc++; \
96 else if (is_multicast_mac_addr(ra)) \
97 sec->tkip_sw_enc_cnt_mc++; \
98 else \
99 sec->tkip_sw_enc_cnt_uc++; \
100 } while (0)
101
102 #define TKIP_SW_DEC_CNT_INC(sec, ra) do {\
103 if (is_broadcast_mac_addr(ra)) \
104 sec->tkip_sw_dec_cnt_bc++; \
105 else if (is_multicast_mac_addr(ra)) \
106 sec->tkip_sw_dec_cnt_mc++; \
107 else \
108 sec->tkip_sw_dec_cnt_uc++; \
109 } while (0)
110
111 #define AES_SW_ENC_CNT_INC(sec, ra) do {\
112 if (is_broadcast_mac_addr(ra)) \
113 sec->aes_sw_enc_cnt_bc++; \
114 else if (is_multicast_mac_addr(ra)) \
115 sec->aes_sw_enc_cnt_mc++; \
116 else \
117 sec->aes_sw_enc_cnt_uc++; \
118 } while (0)
119
120 #define AES_SW_DEC_CNT_INC(sec, ra) do {\
121 if (is_broadcast_mac_addr(ra)) \
122 sec->aes_sw_dec_cnt_bc++; \
123 else if (is_multicast_mac_addr(ra)) \
124 sec->aes_sw_dec_cnt_mc++; \
125 else \
126 sec->aes_sw_dec_cnt_uc++; \
127 } while (0)
128
129 #define GCMP_SW_ENC_CNT_INC(sec, ra) do {\
130 if (is_broadcast_mac_addr(ra)) \
131 sec->gcmp_sw_enc_cnt_bc++; \
132 else if (is_multicast_mac_addr(ra)) \
133 sec->gcmp_sw_enc_cnt_mc++; \
134 else \
135 sec->gcmp_sw_enc_cnt_uc++; \
136 } while (0)
137
138 #define GCMP_SW_DEC_CNT_INC(sec, ra) do {\
139 if (is_broadcast_mac_addr(ra)) \
140 sec->gcmp_sw_dec_cnt_bc++; \
141 else if (is_multicast_mac_addr(ra)) \
142 sec->gcmp_sw_dec_cnt_mc++; \
143 else \
144 sec->gcmp_sw_dec_cnt_uc++; \
145 } while (0)
146 #else
147 #define WEP_SW_ENC_CNT_INC(sec, ra)
148 #define WEP_SW_DEC_CNT_INC(sec, ra)
149 #define TKIP_SW_ENC_CNT_INC(sec, ra)
150 #define TKIP_SW_DEC_CNT_INC(sec, ra)
151 #define AES_SW_ENC_CNT_INC(sec, ra)
152 #define AES_SW_DEC_CNT_INC(sec, ra)
153 #define GCMP_SW_ENC_CNT_INC(sec, ra)
154 #define GCMP_SW_DEC_CNT_INC(sec, ra)
155 #endif /* DBG_SW_SEC_CNT */
156
157 /* *****WEP related***** */
158
159 #define CRC32_POLY 0x04c11db7
160
161 struct arc4context {
162 u32 x;
163 u32 y;
164 u8 state[256];
165 };
166
167
arcfour_init(struct arc4context * parc4ctx,u8 * key,u32 key_len)168 static void arcfour_init(struct arc4context *parc4ctx, u8 *key, u32 key_len)
169 {
170 u32 t, u;
171 u32 keyindex;
172 u32 stateindex;
173 u8 *state;
174 u32 counter;
175 state = parc4ctx->state;
176 parc4ctx->x = 0;
177 parc4ctx->y = 0;
178 for (counter = 0; counter < 256; counter++)
179 state[counter] = (u8)counter;
180 keyindex = 0;
181 stateindex = 0;
182 for (counter = 0; counter < 256; counter++) {
183 t = state[counter];
184 stateindex = (stateindex + key[keyindex] + t) & 0xff;
185 u = state[stateindex];
186 state[stateindex] = (u8)t;
187 state[counter] = (u8)u;
188 if (++keyindex >= key_len)
189 keyindex = 0;
190 }
191 }
arcfour_byte(struct arc4context * parc4ctx)192 static u32 arcfour_byte(struct arc4context *parc4ctx)
193 {
194 u32 x;
195 u32 y;
196 u32 sx, sy;
197 u8 *state;
198 state = parc4ctx->state;
199 x = (parc4ctx->x + 1) & 0xff;
200 sx = state[x];
201 y = (sx + parc4ctx->y) & 0xff;
202 sy = state[y];
203 parc4ctx->x = x;
204 parc4ctx->y = y;
205 state[y] = (u8)sx;
206 state[x] = (u8)sy;
207 return state[(sx + sy) & 0xff];
208 }
209
210
arcfour_encrypt(struct arc4context * parc4ctx,u8 * dest,u8 * src,u32 len)211 static void arcfour_encrypt(struct arc4context *parc4ctx,
212 u8 *dest,
213 u8 *src,
214 u32 len)
215 {
216 u32 i;
217 for (i = 0; i < len; i++)
218 dest[i] = src[i] ^ (unsigned char)arcfour_byte(parc4ctx);
219 }
220
221 static sint bcrc32initialized = 0;
222 static u32 crc32_table[256];
223
224
crc32_reverseBit(u8 data)225 static u8 crc32_reverseBit(u8 data)
226 {
227 return (u8)((data << 7) & 0x80) | ((data << 5) & 0x40) | ((data << 3) & 0x20) | ((data << 1) & 0x10) | ((data >> 1) & 0x08) | ((data >> 3) & 0x04) | ((data >> 5) & 0x02) | ((
228 data >> 7) & 0x01) ;
229 }
230
crc32_init(void)231 static void crc32_init(void)
232 {
233 if (bcrc32initialized == 1)
234 goto exit;
235 else {
236 sint i, j;
237 u32 c;
238 u8 *p = (u8 *)&c, *p1;
239 u8 k;
240
241 c = 0x12340000;
242
243 for (i = 0; i < 256; ++i) {
244 k = crc32_reverseBit((u8)i);
245 for (c = ((u32)k) << 24, j = 8; j > 0; --j)
246 c = c & 0x80000000 ? (c << 1) ^ CRC32_POLY : (c << 1);
247 p1 = (u8 *)&crc32_table[i];
248
249 p1[0] = crc32_reverseBit(p[3]);
250 p1[1] = crc32_reverseBit(p[2]);
251 p1[2] = crc32_reverseBit(p[1]);
252 p1[3] = crc32_reverseBit(p[0]);
253 }
254 bcrc32initialized = 1;
255 }
256 exit:
257 return;
258 }
259
getcrc32(u8 * buf,sint len)260 static u32 getcrc32(u8 *buf, sint len)
261 {
262 u8 *p;
263 u32 crc;
264 if (bcrc32initialized == 0)
265 crc32_init();
266
267 crc = 0xffffffff; /* preload shift register, per CRC-32 spec */
268
269 for (p = buf; len > 0; ++p, --len)
270 crc = crc32_table[(crc ^ *p) & 0xff] ^ (crc >> 8);
271 return ~crc; /* transmit complement, per CRC-32 spec */
272 }
273
274
275 /*
276 Need to consider the fragment situation
277 */
rtw_wep_encrypt(_adapter * padapter,u8 * pxmitframe)278 void rtw_wep_encrypt(_adapter *padapter, u8 *pxmitframe)
279 {
280 /* exclude ICV */
281
282 unsigned char crc[4];
283 struct arc4context mycontext;
284
285 sint curfragnum, length;
286 u32 keylength;
287
288 u8 *pframe, *payload, *iv; /* ,*wepkey */
289 u8 wepkey[16];
290 u8 hw_hdr_offset = 0;
291 struct pkt_attrib *pattrib = &((struct xmit_frame *)pxmitframe)->attrib;
292 struct security_priv *psecuritypriv = &padapter->securitypriv;
293 struct xmit_priv *pxmitpriv = &padapter->xmitpriv;
294
295
296
297 if (((struct xmit_frame *)pxmitframe)->buf_addr == NULL)
298 return;
299
300 #ifdef CONFIG_USB_TX_AGGREGATION
301 hw_hdr_offset = TXDESC_SIZE +
302 (((struct xmit_frame *)pxmitframe)->pkt_offset * PACKET_OFFSET_SZ);
303 #else
304 #ifdef CONFIG_TX_EARLY_MODE
305 hw_hdr_offset = TXDESC_OFFSET + EARLY_MODE_INFO_SIZE;
306 #else
307 hw_hdr_offset = TXDESC_OFFSET;
308 #endif
309 #endif
310
311 pframe = ((struct xmit_frame *)pxmitframe)->buf_addr + hw_hdr_offset;
312
313 /* start to encrypt each fragment */
314 if ((pattrib->encrypt == _WEP40_) || (pattrib->encrypt == _WEP104_)) {
315 keylength = psecuritypriv->dot11DefKeylen[psecuritypriv->dot11PrivacyKeyIndex];
316
317 for (curfragnum = 0; curfragnum < pattrib->nr_frags; curfragnum++) {
318 iv = pframe + pattrib->hdrlen;
319 _rtw_memcpy(&wepkey[0], iv, 3);
320 _rtw_memcpy(&wepkey[3], &psecuritypriv->dot11DefKey[psecuritypriv->dot11PrivacyKeyIndex].skey[0], keylength);
321 payload = pframe + pattrib->iv_len + pattrib->hdrlen;
322
323 if ((curfragnum + 1) == pattrib->nr_frags) {
324 /* the last fragment */
325
326 length = pattrib->last_txcmdsz - pattrib->hdrlen - pattrib->iv_len - pattrib->icv_len;
327
328 *((u32 *)crc) = cpu_to_le32(getcrc32(payload, length));
329
330 arcfour_init(&mycontext, wepkey, 3 + keylength);
331 arcfour_encrypt(&mycontext, payload, payload, length);
332 arcfour_encrypt(&mycontext, payload + length, crc, 4);
333
334 } else {
335 length = pxmitpriv->frag_len - pattrib->hdrlen - pattrib->iv_len - pattrib->icv_len ;
336 *((u32 *)crc) = cpu_to_le32(getcrc32(payload, length));
337 arcfour_init(&mycontext, wepkey, 3 + keylength);
338 arcfour_encrypt(&mycontext, payload, payload, length);
339 arcfour_encrypt(&mycontext, payload + length, crc, 4);
340
341 pframe += pxmitpriv->frag_len;
342 pframe = (u8 *)RND4((SIZE_PTR)(pframe));
343
344 }
345
346 }
347
348 WEP_SW_ENC_CNT_INC(psecuritypriv, pattrib->ra);
349 }
350
351
352 }
353
rtw_wep_decrypt(_adapter * padapter,u8 * precvframe)354 void rtw_wep_decrypt(_adapter *padapter, u8 *precvframe)
355 {
356 /* exclude ICV */
357 u8 crc[4];
358 struct arc4context mycontext;
359 sint length;
360 u32 keylength;
361 u8 *pframe, *payload, *iv, wepkey[16];
362 u8 keyindex;
363 struct rx_pkt_attrib *prxattrib = &(((union recv_frame *)precvframe)->u.hdr.attrib);
364 struct security_priv *psecuritypriv = &padapter->securitypriv;
365
366
367 pframe = (unsigned char *)((union recv_frame *)precvframe)->u.hdr.rx_data;
368
369 /* start to decrypt recvframe */
370 if ((prxattrib->encrypt == _WEP40_) || (prxattrib->encrypt == _WEP104_)) {
371 iv = pframe + prxattrib->hdrlen;
372 /* keyindex=(iv[3]&0x3); */
373 keyindex = prxattrib->key_index;
374 keylength = psecuritypriv->dot11DefKeylen[keyindex];
375 _rtw_memcpy(&wepkey[0], iv, 3);
376 /* _rtw_memcpy(&wepkey[3], &psecuritypriv->dot11DefKey[psecuritypriv->dot11PrivacyKeyIndex].skey[0],keylength); */
377 _rtw_memcpy(&wepkey[3], &psecuritypriv->dot11DefKey[keyindex].skey[0], keylength);
378 length = ((union recv_frame *)precvframe)->u.hdr.len - prxattrib->hdrlen - prxattrib->iv_len;
379
380 payload = pframe + prxattrib->iv_len + prxattrib->hdrlen;
381
382 /* decrypt payload include icv */
383 arcfour_init(&mycontext, wepkey, 3 + keylength);
384 arcfour_encrypt(&mycontext, payload, payload, length);
385
386 /* calculate icv and compare the icv */
387 *((u32 *)crc) = le32_to_cpu(getcrc32(payload, length - 4));
388
389
390 WEP_SW_DEC_CNT_INC(psecuritypriv, prxattrib->ra);
391 }
392
393
394 return;
395
396 }
397
398 /* 3 =====TKIP related===== */
399
secmicgetuint32(u8 * p)400 static u32 secmicgetuint32(u8 *p)
401 /* Convert from Byte[] to Us4Byte32 in a portable way */
402 {
403 s32 i;
404 u32 res = 0;
405 for (i = 0; i < 4; i++)
406 res |= ((u32)(*p++)) << (8 * i);
407 return res;
408 }
409
secmicputuint32(u8 * p,u32 val)410 static void secmicputuint32(u8 *p, u32 val)
411 /* Convert from Us4Byte32 to Byte[] in a portable way */
412 {
413 long i;
414 for (i = 0; i < 4; i++) {
415 *p++ = (u8)(val & 0xff);
416 val >>= 8;
417 }
418 }
419
secmicclear(struct mic_data * pmicdata)420 static void secmicclear(struct mic_data *pmicdata)
421 {
422 /* Reset the state to the empty message. */
423 pmicdata->L = pmicdata->K0;
424 pmicdata->R = pmicdata->K1;
425 pmicdata->nBytesInM = 0;
426 pmicdata->M = 0;
427 }
428
rtw_secmicsetkey(struct mic_data * pmicdata,u8 * key)429 void rtw_secmicsetkey(struct mic_data *pmicdata, u8 *key)
430 {
431 /* Set the key */
432 pmicdata->K0 = secmicgetuint32(key);
433 pmicdata->K1 = secmicgetuint32(key + 4);
434 /* and reset the message */
435 secmicclear(pmicdata);
436 }
437
rtw_secmicappendbyte(struct mic_data * pmicdata,u8 b)438 void rtw_secmicappendbyte(struct mic_data *pmicdata, u8 b)
439 {
440 /* Append the byte to our word-sized buffer */
441 pmicdata->M |= ((unsigned long)b) << (8 * pmicdata->nBytesInM);
442 pmicdata->nBytesInM++;
443 /* Process the word if it is full. */
444 if (pmicdata->nBytesInM >= 4) {
445 pmicdata->L ^= pmicdata->M;
446 pmicdata->R ^= ROL32(pmicdata->L, 17);
447 pmicdata->L += pmicdata->R;
448 pmicdata->R ^= ((pmicdata->L & 0xff00ff00) >> 8) | ((pmicdata->L & 0x00ff00ff) << 8);
449 pmicdata->L += pmicdata->R;
450 pmicdata->R ^= ROL32(pmicdata->L, 3);
451 pmicdata->L += pmicdata->R;
452 pmicdata->R ^= ROR32(pmicdata->L, 2);
453 pmicdata->L += pmicdata->R;
454 /* Clear the buffer */
455 pmicdata->M = 0;
456 pmicdata->nBytesInM = 0;
457 }
458 }
459
rtw_secmicappend(struct mic_data * pmicdata,u8 * src,u32 nbytes)460 void rtw_secmicappend(struct mic_data *pmicdata, u8 *src, u32 nbytes)
461 {
462 /* This is simple */
463 while (nbytes > 0) {
464 rtw_secmicappendbyte(pmicdata, *src++);
465 nbytes--;
466 }
467 }
468
rtw_secgetmic(struct mic_data * pmicdata,u8 * dst)469 void rtw_secgetmic(struct mic_data *pmicdata, u8 *dst)
470 {
471 /* Append the minimum padding */
472 rtw_secmicappendbyte(pmicdata, 0x5a);
473 rtw_secmicappendbyte(pmicdata, 0);
474 rtw_secmicappendbyte(pmicdata, 0);
475 rtw_secmicappendbyte(pmicdata, 0);
476 rtw_secmicappendbyte(pmicdata, 0);
477 /* and then zeroes until the length is a multiple of 4 */
478 while (pmicdata->nBytesInM != 0)
479 rtw_secmicappendbyte(pmicdata, 0);
480 /* The appendByte function has already computed the result. */
481 secmicputuint32(dst, pmicdata->L);
482 secmicputuint32(dst + 4, pmicdata->R);
483 /* Reset to the empty message. */
484 secmicclear(pmicdata);
485 }
486
487
rtw_seccalctkipmic(u8 * key,u8 * header,u8 * data,u32 data_len,u8 * mic_code,u8 pri)488 void rtw_seccalctkipmic(u8 *key, u8 *header, u8 *data, u32 data_len, u8 *mic_code, u8 pri)
489 {
490
491 struct mic_data micdata;
492 u8 priority[4] = {0x0, 0x0, 0x0, 0x0};
493 rtw_secmicsetkey(&micdata, key);
494 priority[0] = pri;
495
496 /* Michael MIC pseudo header: DA, SA, 3 x 0, Priority */
497 if (header[1] & 1) { /* ToDS==1 */
498 rtw_secmicappend(&micdata, &header[16], 6); /* DA */
499 if (header[1] & 2) /* From Ds==1 */
500 rtw_secmicappend(&micdata, &header[24], 6);
501 else
502 rtw_secmicappend(&micdata, &header[10], 6);
503 } else { /* ToDS==0 */
504 rtw_secmicappend(&micdata, &header[4], 6); /* DA */
505 if (header[1] & 2) /* From Ds==1 */
506 rtw_secmicappend(&micdata, &header[16], 6);
507 else
508 rtw_secmicappend(&micdata, &header[10], 6);
509
510 }
511 rtw_secmicappend(&micdata, &priority[0], 4);
512
513
514 rtw_secmicappend(&micdata, data, data_len);
515
516 rtw_secgetmic(&micdata, mic_code);
517 }
518
519
520
521
522 /* macros for extraction/creation of unsigned char/unsigned short values */
523 #define RotR1(v16) ((((v16) >> 1) & 0x7FFF) ^ (((v16) & 1) << 15))
524 #define Lo8(v16) ((u8)((v16) & 0x00FF))
525 #define Hi8(v16) ((u8)(((v16) >> 8) & 0x00FF))
526 #define Lo16(v32) ((u16)((v32) & 0xFFFF))
527 #define Hi16(v32) ((u16)(((v32) >> 16) & 0xFFFF))
528 #define Mk16(hi, lo) ((lo) ^ (((u16)(hi)) << 8))
529
530 /* select the Nth 16-bit word of the temporal key unsigned char array TK[] */
531 #define TK16(N) Mk16(tk[2*(N)+1], tk[2*(N)])
532
533 /* S-box lookup: 16 bits --> 16 bits */
534 #define _S_(v16) (Sbox1[0][Lo8(v16)] ^ Sbox1[1][Hi8(v16)])
535
536 /* fixed algorithm "parameters" */
537 #define PHASE1_LOOP_CNT 8 /* this needs to be "big enough" */
538 #define TA_SIZE 6 /* 48-bit transmitter address */
539 #define TK_SIZE 16 /* 128-bit temporal key */
540 #define P1K_SIZE 10 /* 80-bit Phase1 key */
541 #define RC4_KEY_SIZE 16 /* 128-bit RC4KEY (104 bits unknown) */
542
543
544 /* 2-unsigned char by 2-unsigned char subset of the full AES S-box table */
545 static const unsigned short Sbox1[2][256] = /* Sbox for hash (can be in ROM) */
546 { {
547 0xC6A5, 0xF884, 0xEE99, 0xF68D, 0xFF0D, 0xD6BD, 0xDEB1, 0x9154,
548 0x6050, 0x0203, 0xCEA9, 0x567D, 0xE719, 0xB562, 0x4DE6, 0xEC9A,
549 0x8F45, 0x1F9D, 0x8940, 0xFA87, 0xEF15, 0xB2EB, 0x8EC9, 0xFB0B,
550 0x41EC, 0xB367, 0x5FFD, 0x45EA, 0x23BF, 0x53F7, 0xE496, 0x9B5B,
551 0x75C2, 0xE11C, 0x3DAE, 0x4C6A, 0x6C5A, 0x7E41, 0xF502, 0x834F,
552 0x685C, 0x51F4, 0xD134, 0xF908, 0xE293, 0xAB73, 0x6253, 0x2A3F,
553 0x080C, 0x9552, 0x4665, 0x9D5E, 0x3028, 0x37A1, 0x0A0F, 0x2FB5,
554 0x0E09, 0x2436, 0x1B9B, 0xDF3D, 0xCD26, 0x4E69, 0x7FCD, 0xEA9F,
555 0x121B, 0x1D9E, 0x5874, 0x342E, 0x362D, 0xDCB2, 0xB4EE, 0x5BFB,
556 0xA4F6, 0x764D, 0xB761, 0x7DCE, 0x527B, 0xDD3E, 0x5E71, 0x1397,
557 0xA6F5, 0xB968, 0x0000, 0xC12C, 0x4060, 0xE31F, 0x79C8, 0xB6ED,
558 0xD4BE, 0x8D46, 0x67D9, 0x724B, 0x94DE, 0x98D4, 0xB0E8, 0x854A,
559 0xBB6B, 0xC52A, 0x4FE5, 0xED16, 0x86C5, 0x9AD7, 0x6655, 0x1194,
560 0x8ACF, 0xE910, 0x0406, 0xFE81, 0xA0F0, 0x7844, 0x25BA, 0x4BE3,
561 0xA2F3, 0x5DFE, 0x80C0, 0x058A, 0x3FAD, 0x21BC, 0x7048, 0xF104,
562 0x63DF, 0x77C1, 0xAF75, 0x4263, 0x2030, 0xE51A, 0xFD0E, 0xBF6D,
563 0x814C, 0x1814, 0x2635, 0xC32F, 0xBEE1, 0x35A2, 0x88CC, 0x2E39,
564 0x9357, 0x55F2, 0xFC82, 0x7A47, 0xC8AC, 0xBAE7, 0x322B, 0xE695,
565 0xC0A0, 0x1998, 0x9ED1, 0xA37F, 0x4466, 0x547E, 0x3BAB, 0x0B83,
566 0x8CCA, 0xC729, 0x6BD3, 0x283C, 0xA779, 0xBCE2, 0x161D, 0xAD76,
567 0xDB3B, 0x6456, 0x744E, 0x141E, 0x92DB, 0x0C0A, 0x486C, 0xB8E4,
568 0x9F5D, 0xBD6E, 0x43EF, 0xC4A6, 0x39A8, 0x31A4, 0xD337, 0xF28B,
569 0xD532, 0x8B43, 0x6E59, 0xDAB7, 0x018C, 0xB164, 0x9CD2, 0x49E0,
570 0xD8B4, 0xACFA, 0xF307, 0xCF25, 0xCAAF, 0xF48E, 0x47E9, 0x1018,
571 0x6FD5, 0xF088, 0x4A6F, 0x5C72, 0x3824, 0x57F1, 0x73C7, 0x9751,
572 0xCB23, 0xA17C, 0xE89C, 0x3E21, 0x96DD, 0x61DC, 0x0D86, 0x0F85,
573 0xE090, 0x7C42, 0x71C4, 0xCCAA, 0x90D8, 0x0605, 0xF701, 0x1C12,
574 0xC2A3, 0x6A5F, 0xAEF9, 0x69D0, 0x1791, 0x9958, 0x3A27, 0x27B9,
575 0xD938, 0xEB13, 0x2BB3, 0x2233, 0xD2BB, 0xA970, 0x0789, 0x33A7,
576 0x2DB6, 0x3C22, 0x1592, 0xC920, 0x8749, 0xAAFF, 0x5078, 0xA57A,
577 0x038F, 0x59F8, 0x0980, 0x1A17, 0x65DA, 0xD731, 0x84C6, 0xD0B8,
578 0x82C3, 0x29B0, 0x5A77, 0x1E11, 0x7BCB, 0xA8FC, 0x6DD6, 0x2C3A,
579 },
580
581
582 { /* second half of table is unsigned char-reversed version of first! */
583 0xA5C6, 0x84F8, 0x99EE, 0x8DF6, 0x0DFF, 0xBDD6, 0xB1DE, 0x5491,
584 0x5060, 0x0302, 0xA9CE, 0x7D56, 0x19E7, 0x62B5, 0xE64D, 0x9AEC,
585 0x458F, 0x9D1F, 0x4089, 0x87FA, 0x15EF, 0xEBB2, 0xC98E, 0x0BFB,
586 0xEC41, 0x67B3, 0xFD5F, 0xEA45, 0xBF23, 0xF753, 0x96E4, 0x5B9B,
587 0xC275, 0x1CE1, 0xAE3D, 0x6A4C, 0x5A6C, 0x417E, 0x02F5, 0x4F83,
588 0x5C68, 0xF451, 0x34D1, 0x08F9, 0x93E2, 0x73AB, 0x5362, 0x3F2A,
589 0x0C08, 0x5295, 0x6546, 0x5E9D, 0x2830, 0xA137, 0x0F0A, 0xB52F,
590 0x090E, 0x3624, 0x9B1B, 0x3DDF, 0x26CD, 0x694E, 0xCD7F, 0x9FEA,
591 0x1B12, 0x9E1D, 0x7458, 0x2E34, 0x2D36, 0xB2DC, 0xEEB4, 0xFB5B,
592 0xF6A4, 0x4D76, 0x61B7, 0xCE7D, 0x7B52, 0x3EDD, 0x715E, 0x9713,
593 0xF5A6, 0x68B9, 0x0000, 0x2CC1, 0x6040, 0x1FE3, 0xC879, 0xEDB6,
594 0xBED4, 0x468D, 0xD967, 0x4B72, 0xDE94, 0xD498, 0xE8B0, 0x4A85,
595 0x6BBB, 0x2AC5, 0xE54F, 0x16ED, 0xC586, 0xD79A, 0x5566, 0x9411,
596 0xCF8A, 0x10E9, 0x0604, 0x81FE, 0xF0A0, 0x4478, 0xBA25, 0xE34B,
597 0xF3A2, 0xFE5D, 0xC080, 0x8A05, 0xAD3F, 0xBC21, 0x4870, 0x04F1,
598 0xDF63, 0xC177, 0x75AF, 0x6342, 0x3020, 0x1AE5, 0x0EFD, 0x6DBF,
599 0x4C81, 0x1418, 0x3526, 0x2FC3, 0xE1BE, 0xA235, 0xCC88, 0x392E,
600 0x5793, 0xF255, 0x82FC, 0x477A, 0xACC8, 0xE7BA, 0x2B32, 0x95E6,
601 0xA0C0, 0x9819, 0xD19E, 0x7FA3, 0x6644, 0x7E54, 0xAB3B, 0x830B,
602 0xCA8C, 0x29C7, 0xD36B, 0x3C28, 0x79A7, 0xE2BC, 0x1D16, 0x76AD,
603 0x3BDB, 0x5664, 0x4E74, 0x1E14, 0xDB92, 0x0A0C, 0x6C48, 0xE4B8,
604 0x5D9F, 0x6EBD, 0xEF43, 0xA6C4, 0xA839, 0xA431, 0x37D3, 0x8BF2,
605 0x32D5, 0x438B, 0x596E, 0xB7DA, 0x8C01, 0x64B1, 0xD29C, 0xE049,
606 0xB4D8, 0xFAAC, 0x07F3, 0x25CF, 0xAFCA, 0x8EF4, 0xE947, 0x1810,
607 0xD56F, 0x88F0, 0x6F4A, 0x725C, 0x2438, 0xF157, 0xC773, 0x5197,
608 0x23CB, 0x7CA1, 0x9CE8, 0x213E, 0xDD96, 0xDC61, 0x860D, 0x850F,
609 0x90E0, 0x427C, 0xC471, 0xAACC, 0xD890, 0x0506, 0x01F7, 0x121C,
610 0xA3C2, 0x5F6A, 0xF9AE, 0xD069, 0x9117, 0x5899, 0x273A, 0xB927,
611 0x38D9, 0x13EB, 0xB32B, 0x3322, 0xBBD2, 0x70A9, 0x8907, 0xA733,
612 0xB62D, 0x223C, 0x9215, 0x20C9, 0x4987, 0xFFAA, 0x7850, 0x7AA5,
613 0x8F03, 0xF859, 0x8009, 0x171A, 0xDA65, 0x31D7, 0xC684, 0xB8D0,
614 0xC382, 0xB029, 0x775A, 0x111E, 0xCB7B, 0xFCA8, 0xD66D, 0x3A2C,
615 }
616 };
617
618 /*
619 **********************************************************************
620 * Routine: Phase 1 -- generate P1K, given TA, TK, IV32
621 *
622 * Inputs:
623 * tk[] = temporal key [128 bits]
624 * ta[] = transmitter's MAC address [ 48 bits]
625 * iv32 = upper 32 bits of IV [ 32 bits]
626 * Output:
627 * p1k[] = Phase 1 key [ 80 bits]
628 *
629 * Note:
630 * This function only needs to be called every 2**16 packets,
631 * although in theory it could be called every packet.
632 *
633 **********************************************************************
634 */
phase1(u16 * p1k,const u8 * tk,const u8 * ta,u32 iv32)635 static void phase1(u16 *p1k, const u8 *tk, const u8 *ta, u32 iv32)
636 {
637 sint i;
638 /* Initialize the 80 bits of P1K[] from IV32 and TA[0..5] */
639 p1k[0] = Lo16(iv32);
640 p1k[1] = Hi16(iv32);
641 p1k[2] = Mk16(ta[1], ta[0]); /* use TA[] as little-endian */
642 p1k[3] = Mk16(ta[3], ta[2]);
643 p1k[4] = Mk16(ta[5], ta[4]);
644
645 /* Now compute an unbalanced Feistel cipher with 80-bit block */
646 /* size on the 80-bit block P1K[], using the 128-bit key TK[] */
647 for (i = 0; i < PHASE1_LOOP_CNT ; i++) {
648 /* Each add operation here is mod 2**16 */
649 p1k[0] += _S_(p1k[4] ^ TK16((i & 1) + 0));
650 p1k[1] += _S_(p1k[0] ^ TK16((i & 1) + 2));
651 p1k[2] += _S_(p1k[1] ^ TK16((i & 1) + 4));
652 p1k[3] += _S_(p1k[2] ^ TK16((i & 1) + 6));
653 p1k[4] += _S_(p1k[3] ^ TK16((i & 1) + 0));
654 p1k[4] += (unsigned short)i; /* avoid "slide attacks" */
655 }
656 }
657
658
659 /*
660 **********************************************************************
661 * Routine: Phase 2 -- generate RC4KEY, given TK, P1K, IV16
662 *
663 * Inputs:
664 * tk[] = Temporal key [128 bits]
665 * p1k[] = Phase 1 output key [ 80 bits]
666 * iv16 = low 16 bits of IV counter [ 16 bits]
667 * Output:
668 * rc4key[] = the key used to encrypt the packet [128 bits]
669 *
670 * Note:
671 * The value {TA,IV32,IV16} for Phase1/Phase2 must be unique
672 * across all packets using the same key TK value. Then, for a
673 * given value of TK[], this TKIP48 construction guarantees that
674 * the final RC4KEY value is unique across all packets.
675 *
676 * Suggested implementation optimization: if PPK[] is "overlaid"
677 * appropriately on RC4KEY[], there is no need for the final
678 * for loop below that copies the PPK[] result into RC4KEY[].
679 *
680 **********************************************************************
681 */
phase2(u8 * rc4key,const u8 * tk,const u16 * p1k,u16 iv16)682 static void phase2(u8 *rc4key, const u8 *tk, const u16 *p1k, u16 iv16)
683 {
684 sint i;
685 u16 PPK[6]; /* temporary key for mixing */
686 /* Note: all adds in the PPK[] equations below are mod 2**16 */
687 for (i = 0; i < 5; i++)
688 PPK[i] = p1k[i]; /* first, copy P1K to PPK */
689 PPK[5] = p1k[4] + iv16; /* next, add in IV16 */
690
691 /* Bijective non-linear mixing of the 96 bits of PPK[0..5] */
692 PPK[0] += _S_(PPK[5] ^ TK16(0)); /* Mix key in each "round" */
693 PPK[1] += _S_(PPK[0] ^ TK16(1));
694 PPK[2] += _S_(PPK[1] ^ TK16(2));
695 PPK[3] += _S_(PPK[2] ^ TK16(3));
696 PPK[4] += _S_(PPK[3] ^ TK16(4));
697 PPK[5] += _S_(PPK[4] ^ TK16(5)); /* Total # S-box lookups == 6 */
698
699 /* Final sweep: bijective, "linear". Rotates kill LSB correlations */
700 PPK[0] += RotR1(PPK[5] ^ TK16(6));
701 PPK[1] += RotR1(PPK[0] ^ TK16(7)); /* Use all of TK[] in Phase2 */
702 PPK[2] += RotR1(PPK[1]);
703 PPK[3] += RotR1(PPK[2]);
704 PPK[4] += RotR1(PPK[3]);
705 PPK[5] += RotR1(PPK[4]);
706 /* Note: At this point, for a given key TK[0..15], the 96-bit output */
707 /* value PPK[0..5] is guaranteed to be unique, as a function */
708 /* of the 96-bit "input" value {TA,IV32,IV16}. That is, P1K */
709 /* is now a keyed permutation of {TA,IV32,IV16}. */
710
711 /* Set RC4KEY[0..3], which includes "cleartext" portion of RC4 key */
712 rc4key[0] = Hi8(iv16); /* RC4KEY[0..2] is the WEP IV */
713 rc4key[1] = (Hi8(iv16) | 0x20) & 0x7F; /* Help avoid weak (FMS) keys */
714 rc4key[2] = Lo8(iv16);
715 rc4key[3] = Lo8((PPK[5] ^ TK16(0)) >> 1);
716
717
718 /* Copy 96 bits of PPK[0..5] to RC4KEY[4..15] (little-endian) */
719 for (i = 0; i < 6; i++) {
720 rc4key[4 + 2 * i] = Lo8(PPK[i]);
721 rc4key[5 + 2 * i] = Hi8(PPK[i]);
722 }
723 }
724
725
726 /* The hlen isn't include the IV */
rtw_tkip_encrypt(_adapter * padapter,u8 * pxmitframe)727 u32 rtw_tkip_encrypt(_adapter *padapter, u8 *pxmitframe)
728 {
729 /* exclude ICV */
730 u16 pnl;
731 u32 pnh;
732 u8 rc4key[16];
733 u8 ttkey[16];
734 u8 crc[4];
735 u8 hw_hdr_offset = 0;
736 struct arc4context mycontext;
737 sint curfragnum, length;
738 u32 prwskeylen;
739
740 u8 *pframe, *payload, *iv, *prwskey;
741 union pn48 dot11txpn;
742 /* struct sta_info *stainfo; */
743 struct pkt_attrib *pattrib = &((struct xmit_frame *)pxmitframe)->attrib;
744 struct security_priv *psecuritypriv = &padapter->securitypriv;
745 struct xmit_priv *pxmitpriv = &padapter->xmitpriv;
746 u32 res = _SUCCESS;
747
748 if (((struct xmit_frame *)pxmitframe)->buf_addr == NULL)
749 return _FAIL;
750
751 #ifdef CONFIG_USB_TX_AGGREGATION
752 hw_hdr_offset = TXDESC_SIZE +
753 (((struct xmit_frame *)pxmitframe)->pkt_offset * PACKET_OFFSET_SZ);
754 #else
755 #ifdef CONFIG_TX_EARLY_MODE
756 hw_hdr_offset = TXDESC_OFFSET + EARLY_MODE_INFO_SIZE;
757 #else
758 hw_hdr_offset = TXDESC_OFFSET;
759 #endif
760 #endif
761
762 pframe = ((struct xmit_frame *)pxmitframe)->buf_addr + hw_hdr_offset;
763 /* 4 start to encrypt each fragment */
764 if (pattrib->encrypt == _TKIP_) {
765
766 /*
767 if(pattrib->psta)
768 {
769 stainfo = pattrib->psta;
770 }
771 else
772 {
773 RTW_INFO("%s, call rtw_get_stainfo()\n", __func__);
774 stainfo=rtw_get_stainfo(&padapter->stapriv ,&pattrib->ra[0] );
775 }
776 */
777 /* if (stainfo!=NULL) */
778 {
779 /*
780 if(!(stainfo->state &WIFI_ASOC_STATE))
781 {
782 RTW_INFO("%s, psta->state(0x%x) != WIFI_ASOC_STATE\n", __func__, stainfo->state);
783 return _FAIL;
784 }
785 */
786
787 if (IS_MCAST(pattrib->ra))
788 prwskey = psecuritypriv->dot118021XGrpKey[psecuritypriv->dot118021XGrpKeyid].skey;
789 else {
790 /* prwskey=&stainfo->dot118021x_UncstKey.skey[0]; */
791 prwskey = pattrib->dot118021x_UncstKey.skey;
792 }
793
794 prwskeylen = 16;
795
796 for (curfragnum = 0; curfragnum < pattrib->nr_frags; curfragnum++) {
797 iv = pframe + pattrib->hdrlen;
798 payload = pframe + pattrib->iv_len + pattrib->hdrlen;
799
800 GET_TKIP_PN(iv, dot11txpn);
801
802 pnl = (u16)(dot11txpn.val);
803 pnh = (u32)(dot11txpn.val >> 16);
804
805 phase1((u16 *)&ttkey[0], prwskey, &pattrib->ta[0], pnh);
806
807 phase2(&rc4key[0], prwskey, (u16 *)&ttkey[0], pnl);
808
809 if ((curfragnum + 1) == pattrib->nr_frags) { /* 4 the last fragment */
810 length = pattrib->last_txcmdsz - pattrib->hdrlen - pattrib->iv_len - pattrib->icv_len;
811 *((u32 *)crc) = cpu_to_le32(getcrc32(payload, length)); /* modified by Amy*/
812
813 arcfour_init(&mycontext, rc4key, 16);
814 arcfour_encrypt(&mycontext, payload, payload, length);
815 arcfour_encrypt(&mycontext, payload + length, crc, 4);
816
817 } else {
818 length = pxmitpriv->frag_len - pattrib->hdrlen - pattrib->iv_len - pattrib->icv_len ;
819 *((u32 *)crc) = cpu_to_le32(getcrc32(payload, length)); /* modified by Amy*/
820 arcfour_init(&mycontext, rc4key, 16);
821 arcfour_encrypt(&mycontext, payload, payload, length);
822 arcfour_encrypt(&mycontext, payload + length, crc, 4);
823
824 pframe += pxmitpriv->frag_len;
825 pframe = (u8 *)RND4((SIZE_PTR)(pframe));
826
827 }
828 }
829
830 TKIP_SW_ENC_CNT_INC(psecuritypriv, pattrib->ra);
831 }
832 /*
833 else{
834 RTW_INFO("%s, psta==NUL\n", __func__);
835 res=_FAIL;
836 }
837 */
838
839 }
840 return res;
841
842 }
843
844
845 /* The hlen isn't include the IV */
rtw_tkip_decrypt(_adapter * padapter,u8 * precvframe)846 u32 rtw_tkip_decrypt(_adapter *padapter, u8 *precvframe)
847 {
848 /* exclude ICV */
849 u16 pnl;
850 u32 pnh;
851 u8 rc4key[16];
852 u8 ttkey[16];
853 u8 crc[4];
854 struct arc4context mycontext;
855 sint length;
856 u32 prwskeylen;
857
858 u8 *pframe, *payload, *iv, *prwskey;
859 union pn48 dot11txpn;
860 struct sta_info *stainfo;
861 struct rx_pkt_attrib *prxattrib = &((union recv_frame *)precvframe)->u.hdr.attrib;
862 struct security_priv *psecuritypriv = &padapter->securitypriv;
863 /* struct recv_priv *precvpriv=&padapter->recvpriv; */
864 u32 res = _SUCCESS;
865
866
867 pframe = (unsigned char *)((union recv_frame *)precvframe)->u.hdr.rx_data;
868
869 /* 4 start to decrypt recvframe */
870 if (prxattrib->encrypt == _TKIP_) {
871
872 stainfo = rtw_get_stainfo(&padapter->stapriv , &prxattrib->ta[0]);
873 if (stainfo != NULL) {
874
875 if (IS_MCAST(prxattrib->ra)) {
876 static systime start = 0;
877 static u32 no_gkey_bc_cnt = 0;
878 static u32 no_gkey_mc_cnt = 0;
879
880 if (psecuritypriv->binstallGrpkey == _FALSE) {
881 res = _FAIL;
882
883 if (start == 0)
884 start = rtw_get_current_time();
885
886 if (is_broadcast_mac_addr(prxattrib->ra))
887 no_gkey_bc_cnt++;
888 else
889 no_gkey_mc_cnt++;
890
891 if (rtw_get_passing_time_ms(start) > 1000) {
892 if (no_gkey_bc_cnt || no_gkey_mc_cnt) {
893 RTW_PRINT(FUNC_ADPT_FMT" no_gkey_bc_cnt:%u, no_gkey_mc_cnt:%u\n",
894 FUNC_ADPT_ARG(padapter), no_gkey_bc_cnt, no_gkey_mc_cnt);
895 }
896 start = rtw_get_current_time();
897 no_gkey_bc_cnt = 0;
898 no_gkey_mc_cnt = 0;
899 }
900 goto exit;
901 }
902
903 if (no_gkey_bc_cnt || no_gkey_mc_cnt) {
904 RTW_PRINT(FUNC_ADPT_FMT" gkey installed. no_gkey_bc_cnt:%u, no_gkey_mc_cnt:%u\n",
905 FUNC_ADPT_ARG(padapter), no_gkey_bc_cnt, no_gkey_mc_cnt);
906 }
907 start = 0;
908 no_gkey_bc_cnt = 0;
909 no_gkey_mc_cnt = 0;
910
911 /* RTW_INFO("rx bc/mc packets, to perform sw rtw_tkip_decrypt\n"); */
912 /* prwskey = psecuritypriv->dot118021XGrpKey[psecuritypriv->dot118021XGrpKeyid].skey; */
913 prwskey = psecuritypriv->dot118021XGrpKey[prxattrib->key_index].skey;
914 prwskeylen = 16;
915 } else {
916 prwskey = &stainfo->dot118021x_UncstKey.skey[0];
917 prwskeylen = 16;
918 }
919
920 iv = pframe + prxattrib->hdrlen;
921 payload = pframe + prxattrib->iv_len + prxattrib->hdrlen;
922 length = ((union recv_frame *)precvframe)->u.hdr.len - prxattrib->hdrlen - prxattrib->iv_len;
923
924 GET_TKIP_PN(iv, dot11txpn);
925
926 pnl = (u16)(dot11txpn.val);
927 pnh = (u32)(dot11txpn.val >> 16);
928
929 phase1((u16 *)&ttkey[0], prwskey, &prxattrib->ta[0], pnh);
930 phase2(&rc4key[0], prwskey, (unsigned short *)&ttkey[0], pnl);
931
932 /* 4 decrypt payload include icv */
933
934 arcfour_init(&mycontext, rc4key, 16);
935 arcfour_encrypt(&mycontext, payload, payload, length);
936
937 *((u32 *)crc) = le32_to_cpu(getcrc32(payload, length - 4));
938
939 if (crc[3] != payload[length - 1] || crc[2] != payload[length - 2] || crc[1] != payload[length - 3] || crc[0] != payload[length - 4]) {
940 res = _FAIL;
941 }
942
943 TKIP_SW_DEC_CNT_INC(psecuritypriv, prxattrib->ra);
944 } else {
945 res = _FAIL;
946 }
947
948 }
949 exit:
950 return res;
951
952 }
953
954
955 /* 3 =====AES related===== */
956 #if (NEW_CRYPTO == 0)
957
958 #define MAX_MSG_SIZE 2048
959 /*****************************/
960 /******** SBOX Table *********/
961 /*****************************/
962
963 static u8 sbox_table[256] = {
964 0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5,
965 0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76,
966 0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0,
967 0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0,
968 0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc,
969 0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15,
970 0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a,
971 0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75,
972 0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0,
973 0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84,
974 0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b,
975 0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf,
976 0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85,
977 0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8,
978 0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5,
979 0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2,
980 0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17,
981 0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73,
982 0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88,
983 0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb,
984 0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c,
985 0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79,
986 0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9,
987 0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08,
988 0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6,
989 0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a,
990 0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e,
991 0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e,
992 0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94,
993 0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf,
994 0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68,
995 0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16
996 };
997
998 /*****************************/
999 /**** Function Prototypes ****/
1000 /*****************************/
1001
1002 static void bitwise_xor(u8 *ina, u8 *inb, u8 *out);
1003 static void construct_mic_iv(
1004 u8 *mic_header1,
1005 sint qc_exists,
1006 sint a4_exists,
1007 u8 *mpdu,
1008 uint payload_length,
1009 u8 *pn_vector,
1010 uint frtype);/* add for CONFIG_IEEE80211W, none 11w also can use */
1011 static void construct_mic_header1(
1012 u8 *mic_header1,
1013 sint header_length,
1014 u8 *mpdu,
1015 uint frtype);/* add for CONFIG_IEEE80211W, none 11w also can use */
1016 static void construct_mic_header2(
1017 u8 *mic_header2,
1018 u8 *mpdu,
1019 sint a4_exists,
1020 sint qc_exists);
1021 static void construct_ctr_preload(
1022 u8 *ctr_preload,
1023 sint a4_exists,
1024 sint qc_exists,
1025 u8 *mpdu,
1026 u8 *pn_vector,
1027 sint c,
1028 uint frtype);/* add for CONFIG_IEEE80211W, none 11w also can use */
1029 static void xor_128(u8 *a, u8 *b, u8 *out);
1030 static void xor_32(u8 *a, u8 *b, u8 *out);
1031 static u8 sbox(u8 a);
1032 static void next_key(u8 *key, sint round);
1033 static void byte_sub(u8 *in, u8 *out);
1034 static void shift_row(u8 *in, u8 *out);
1035 static void mix_column(u8 *in, u8 *out);
1036 static void aes128k128d(u8 *key, u8 *data, u8 *ciphertext);
1037
1038
1039 /****************************************/
1040 /* aes128k128d() */
1041 /* Performs a 128 bit AES encrypt with */
1042 /* 128 bit data. */
1043 /****************************************/
xor_128(u8 * a,u8 * b,u8 * out)1044 static void xor_128(u8 *a, u8 *b, u8 *out)
1045 {
1046 sint i;
1047 for (i = 0; i < 16; i++)
1048 out[i] = a[i] ^ b[i];
1049 }
1050
1051
xor_32(u8 * a,u8 * b,u8 * out)1052 static void xor_32(u8 *a, u8 *b, u8 *out)
1053 {
1054 sint i;
1055 for (i = 0; i < 4; i++)
1056 out[i] = a[i] ^ b[i];
1057 }
1058
1059
sbox(u8 a)1060 static u8 sbox(u8 a)
1061 {
1062 return sbox_table[(sint)a];
1063 }
1064
1065
next_key(u8 * key,sint round)1066 static void next_key(u8 *key, sint round)
1067 {
1068 u8 rcon;
1069 u8 sbox_key[4];
1070 u8 rcon_table[12] = {
1071 0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 0x40, 0x80,
1072 0x1b, 0x36, 0x36, 0x36
1073 };
1074 sbox_key[0] = sbox(key[13]);
1075 sbox_key[1] = sbox(key[14]);
1076 sbox_key[2] = sbox(key[15]);
1077 sbox_key[3] = sbox(key[12]);
1078
1079 rcon = rcon_table[round];
1080
1081 xor_32(&key[0], sbox_key, &key[0]);
1082 key[0] = key[0] ^ rcon;
1083
1084 xor_32(&key[4], &key[0], &key[4]);
1085 xor_32(&key[8], &key[4], &key[8]);
1086 xor_32(&key[12], &key[8], &key[12]);
1087 }
1088
1089
byte_sub(u8 * in,u8 * out)1090 static void byte_sub(u8 *in, u8 *out)
1091 {
1092 sint i;
1093 for (i = 0; i < 16; i++)
1094 out[i] = sbox(in[i]);
1095 }
1096
1097
shift_row(u8 * in,u8 * out)1098 static void shift_row(u8 *in, u8 *out)
1099 {
1100 out[0] = in[0];
1101 out[1] = in[5];
1102 out[2] = in[10];
1103 out[3] = in[15];
1104 out[4] = in[4];
1105 out[5] = in[9];
1106 out[6] = in[14];
1107 out[7] = in[3];
1108 out[8] = in[8];
1109 out[9] = in[13];
1110 out[10] = in[2];
1111 out[11] = in[7];
1112 out[12] = in[12];
1113 out[13] = in[1];
1114 out[14] = in[6];
1115 out[15] = in[11];
1116 }
1117
1118
mix_column(u8 * in,u8 * out)1119 static void mix_column(u8 *in, u8 *out)
1120 {
1121 sint i;
1122 u8 add1b[4];
1123 u8 add1bf7[4];
1124 u8 rotl[4];
1125 u8 swap_halfs[4];
1126 u8 andf7[4];
1127 u8 rotr[4];
1128 u8 temp[4];
1129 u8 tempb[4];
1130 for (i = 0 ; i < 4; i++) {
1131 if ((in[i] & 0x80) == 0x80)
1132 add1b[i] = 0x1b;
1133 else
1134 add1b[i] = 0x00;
1135 }
1136
1137 swap_halfs[0] = in[2]; /* Swap halfs */
1138 swap_halfs[1] = in[3];
1139 swap_halfs[2] = in[0];
1140 swap_halfs[3] = in[1];
1141
1142 rotl[0] = in[3]; /* Rotate left 8 bits */
1143 rotl[1] = in[0];
1144 rotl[2] = in[1];
1145 rotl[3] = in[2];
1146
1147 andf7[0] = in[0] & 0x7f;
1148 andf7[1] = in[1] & 0x7f;
1149 andf7[2] = in[2] & 0x7f;
1150 andf7[3] = in[3] & 0x7f;
1151
1152 for (i = 3; i > 0; i--) { /* logical shift left 1 bit */
1153 andf7[i] = andf7[i] << 1;
1154 if ((andf7[i - 1] & 0x80) == 0x80)
1155 andf7[i] = (andf7[i] | 0x01);
1156 }
1157 andf7[0] = andf7[0] << 1;
1158 andf7[0] = andf7[0] & 0xfe;
1159
1160 xor_32(add1b, andf7, add1bf7);
1161
1162 xor_32(in, add1bf7, rotr);
1163
1164 temp[0] = rotr[0]; /* Rotate right 8 bits */
1165 rotr[0] = rotr[1];
1166 rotr[1] = rotr[2];
1167 rotr[2] = rotr[3];
1168 rotr[3] = temp[0];
1169
1170 xor_32(add1bf7, rotr, temp);
1171 xor_32(swap_halfs, rotl, tempb);
1172 xor_32(temp, tempb, out);
1173 }
1174
1175
aes128k128d(u8 * key,u8 * data,u8 * ciphertext)1176 static void aes128k128d(u8 *key, u8 *data, u8 *ciphertext)
1177 {
1178 sint round;
1179 sint i;
1180 u8 intermediatea[16];
1181 u8 intermediateb[16];
1182 u8 round_key[16];
1183 for (i = 0; i < 16; i++)
1184 round_key[i] = key[i];
1185
1186 for (round = 0; round < 11; round++) {
1187 if (round == 0) {
1188 xor_128(round_key, data, ciphertext);
1189 next_key(round_key, round);
1190 } else if (round == 10) {
1191 byte_sub(ciphertext, intermediatea);
1192 shift_row(intermediatea, intermediateb);
1193 xor_128(intermediateb, round_key, ciphertext);
1194 } else { /* 1 - 9 */
1195 byte_sub(ciphertext, intermediatea);
1196 shift_row(intermediatea, intermediateb);
1197 mix_column(&intermediateb[0], &intermediatea[0]);
1198 mix_column(&intermediateb[4], &intermediatea[4]);
1199 mix_column(&intermediateb[8], &intermediatea[8]);
1200 mix_column(&intermediateb[12], &intermediatea[12]);
1201 xor_128(intermediatea, round_key, ciphertext);
1202 next_key(round_key, round);
1203 }
1204 }
1205 }
1206
1207
1208 /************************************************/
1209 /* construct_mic_iv() */
1210 /* Builds the MIC IV from header fields and PN */
1211 /* Baron think the function is construct CCM */
1212 /* nonce */
1213 /************************************************/
construct_mic_iv(u8 * mic_iv,sint qc_exists,sint a4_exists,u8 * mpdu,uint payload_length,u8 * pn_vector,uint frtype)1214 static void construct_mic_iv(
1215 u8 *mic_iv,
1216 sint qc_exists,
1217 sint a4_exists,
1218 u8 *mpdu,
1219 uint payload_length,
1220 u8 *pn_vector,
1221 uint frtype/* add for CONFIG_IEEE80211W, none 11w also can use */
1222 )
1223 {
1224 sint i;
1225 mic_iv[0] = 0x59;
1226 if (qc_exists && a4_exists)
1227 mic_iv[1] = mpdu[30] & 0x0f; /* QoS_TC */
1228 if (qc_exists && !a4_exists)
1229 mic_iv[1] = mpdu[24] & 0x0f; /* mute bits 7-4 */
1230 if (!qc_exists)
1231 mic_iv[1] = 0x00;
1232 #if defined(CONFIG_IEEE80211W) || defined(CONFIG_RTW_MESH)
1233 /* 802.11w management frame should set management bit(4) */
1234 if (frtype == WIFI_MGT_TYPE)
1235 mic_iv[1] |= BIT(4);
1236 #endif
1237 for (i = 2; i < 8; i++)
1238 mic_iv[i] = mpdu[i + 8]; /* mic_iv[2:7] = A2[0:5] = mpdu[10:15] */
1239 #ifdef CONSISTENT_PN_ORDER
1240 for (i = 8; i < 14; i++)
1241 mic_iv[i] = pn_vector[i - 8]; /* mic_iv[8:13] = PN[0:5] */
1242 #else
1243 for (i = 8; i < 14; i++)
1244 mic_iv[i] = pn_vector[13 - i]; /* mic_iv[8:13] = PN[5:0] */
1245 #endif
1246 mic_iv[14] = (unsigned char)(payload_length / 256);
1247 mic_iv[15] = (unsigned char)(payload_length % 256);
1248 }
1249
1250
1251 /************************************************/
1252 /* construct_mic_header1() */
1253 /* Builds the first MIC header block from */
1254 /* header fields. */
1255 /* Build AAD SC,A1,A2 */
1256 /************************************************/
construct_mic_header1(u8 * mic_header1,sint header_length,u8 * mpdu,uint frtype)1257 static void construct_mic_header1(
1258 u8 *mic_header1,
1259 sint header_length,
1260 u8 *mpdu,
1261 uint frtype/* add for CONFIG_IEEE80211W, none 11w also can use */
1262 )
1263 {
1264 mic_header1[0] = (u8)((header_length - 2) / 256);
1265 mic_header1[1] = (u8)((header_length - 2) % 256);
1266 #if defined(CONFIG_IEEE80211W) || defined(CONFIG_RTW_MESH)
1267 /* 802.11w management frame don't AND subtype bits 4,5,6 of frame control field */
1268 if (frtype == WIFI_MGT_TYPE)
1269 mic_header1[2] = mpdu[0];
1270 else
1271 #endif
1272 mic_header1[2] = mpdu[0] & 0xcf; /* Mute CF poll & CF ack bits */
1273
1274 mic_header1[3] = mpdu[1] & 0xc7; /* Mute retry, more data and pwr mgt bits */
1275 mic_header1[4] = mpdu[4]; /* A1 */
1276 mic_header1[5] = mpdu[5];
1277 mic_header1[6] = mpdu[6];
1278 mic_header1[7] = mpdu[7];
1279 mic_header1[8] = mpdu[8];
1280 mic_header1[9] = mpdu[9];
1281 mic_header1[10] = mpdu[10]; /* A2 */
1282 mic_header1[11] = mpdu[11];
1283 mic_header1[12] = mpdu[12];
1284 mic_header1[13] = mpdu[13];
1285 mic_header1[14] = mpdu[14];
1286 mic_header1[15] = mpdu[15];
1287 }
1288
1289
1290 /************************************************/
1291 /* construct_mic_header2() */
1292 /* Builds the last MIC header block from */
1293 /* header fields. */
1294 /************************************************/
construct_mic_header2(u8 * mic_header2,u8 * mpdu,sint a4_exists,sint qc_exists)1295 static void construct_mic_header2(
1296 u8 *mic_header2,
1297 u8 *mpdu,
1298 sint a4_exists,
1299 sint qc_exists
1300 )
1301 {
1302 sint i;
1303 for (i = 0; i < 16; i++)
1304 mic_header2[i] = 0x00;
1305
1306 mic_header2[0] = mpdu[16]; /* A3 */
1307 mic_header2[1] = mpdu[17];
1308 mic_header2[2] = mpdu[18];
1309 mic_header2[3] = mpdu[19];
1310 mic_header2[4] = mpdu[20];
1311 mic_header2[5] = mpdu[21];
1312
1313 /* mic_header2[6] = mpdu[22] & 0xf0; SC */
1314 mic_header2[6] = 0x00;
1315 mic_header2[7] = 0x00; /* mpdu[23]; */
1316
1317
1318 if (!qc_exists && a4_exists) {
1319 for (i = 0; i < 6; i++)
1320 mic_header2[8 + i] = mpdu[24 + i]; /* A4 */
1321
1322 }
1323
1324 if (qc_exists && !a4_exists) {
1325 mic_header2[8] = mpdu[24] & 0x0f; /* mute bits 15 - 4 */
1326 mic_header2[9] = mpdu[25] & 0x00;
1327 }
1328
1329 if (qc_exists && a4_exists) {
1330 for (i = 0; i < 6; i++)
1331 mic_header2[8 + i] = mpdu[24 + i]; /* A4 */
1332
1333 mic_header2[14] = mpdu[30] & 0x0f;
1334 mic_header2[15] = mpdu[31] & 0x00;
1335 }
1336
1337 }
1338
1339
1340 /************************************************/
1341 /* construct_mic_header2() */
1342 /* Builds the last MIC header block from */
1343 /* header fields. */
1344 /* Baron think the function is construct CCM */
1345 /* nonce */
1346 /************************************************/
construct_ctr_preload(u8 * ctr_preload,sint a4_exists,sint qc_exists,u8 * mpdu,u8 * pn_vector,sint c,uint frtype)1347 static void construct_ctr_preload(
1348 u8 *ctr_preload,
1349 sint a4_exists,
1350 sint qc_exists,
1351 u8 *mpdu,
1352 u8 *pn_vector,
1353 sint c,
1354 uint frtype /* add for CONFIG_IEEE80211W, none 11w also can use */
1355 )
1356 {
1357 sint i = 0;
1358 for (i = 0; i < 16; i++)
1359 ctr_preload[i] = 0x00;
1360 i = 0;
1361
1362 ctr_preload[0] = 0x01; /* flag */
1363 if (qc_exists && a4_exists)
1364 ctr_preload[1] = mpdu[30] & 0x0f; /* QoC_Control */
1365 if (qc_exists && !a4_exists)
1366 ctr_preload[1] = mpdu[24] & 0x0f;
1367 #if defined(CONFIG_IEEE80211W) || defined(CONFIG_RTW_MESH)
1368 /* 802.11w management frame should set management bit(4) */
1369 if (frtype == WIFI_MGT_TYPE)
1370 ctr_preload[1] |= BIT(4);
1371 #endif
1372 for (i = 2; i < 8; i++)
1373 ctr_preload[i] = mpdu[i + 8]; /* ctr_preload[2:7] = A2[0:5] = mpdu[10:15] */
1374 #ifdef CONSISTENT_PN_ORDER
1375 for (i = 8; i < 14; i++)
1376 ctr_preload[i] = pn_vector[i - 8]; /* ctr_preload[8:13] = PN[0:5] */
1377 #else
1378 for (i = 8; i < 14; i++)
1379 ctr_preload[i] = pn_vector[13 - i]; /* ctr_preload[8:13] = PN[5:0] */
1380 #endif
1381 ctr_preload[14] = (unsigned char)(c / 256); /* Ctr */
1382 ctr_preload[15] = (unsigned char)(c % 256);
1383 }
1384
1385
1386 /************************************/
1387 /* bitwise_xor() */
1388 /* A 128 bit, bitwise exclusive or */
1389 /************************************/
bitwise_xor(u8 * ina,u8 * inb,u8 * out)1390 static void bitwise_xor(u8 *ina, u8 *inb, u8 *out)
1391 {
1392 sint i;
1393 for (i = 0; i < 16; i++)
1394 out[i] = ina[i] ^ inb[i];
1395 }
1396
1397
aes_cipher(u8 * key,uint hdrlen,u8 * pframe,uint plen)1398 static sint aes_cipher(u8 *key, uint hdrlen,
1399 u8 *pframe, uint plen)
1400 {
1401 /* static unsigned char message[MAX_MSG_SIZE]; */
1402 uint qc_exists, a4_exists, i, j, payload_remainder,
1403 num_blocks, payload_index;
1404
1405 u8 pn_vector[6];
1406 u8 mic_iv[16];
1407 u8 mic_header1[16];
1408 u8 mic_header2[16];
1409 u8 ctr_preload[16];
1410
1411 /* Intermediate Buffers */
1412 u8 chain_buffer[16];
1413 u8 aes_out[16];
1414 u8 padded_buffer[16];
1415 u8 mic[8];
1416 /* uint offset = 0; */
1417 uint frtype = GetFrameType(pframe);
1418 uint frsubtype = get_frame_sub_type(pframe);
1419
1420 frsubtype = frsubtype >> 4;
1421
1422
1423 _rtw_memset((void *)mic_iv, 0, 16);
1424 _rtw_memset((void *)mic_header1, 0, 16);
1425 _rtw_memset((void *)mic_header2, 0, 16);
1426 _rtw_memset((void *)ctr_preload, 0, 16);
1427 _rtw_memset((void *)chain_buffer, 0, 16);
1428 _rtw_memset((void *)aes_out, 0, 16);
1429 _rtw_memset((void *)padded_buffer, 0, 16);
1430
1431 if ((hdrlen == WLAN_HDR_A3_LEN) || (hdrlen == WLAN_HDR_A3_QOS_LEN))
1432 a4_exists = 0;
1433 else
1434 a4_exists = 1;
1435
1436 if (
1437 ((frtype | frsubtype) == WIFI_DATA_CFACK) ||
1438 ((frtype | frsubtype) == WIFI_DATA_CFPOLL) ||
1439 ((frtype | frsubtype) == WIFI_DATA_CFACKPOLL)) {
1440 qc_exists = 1;
1441 if (hdrlen != WLAN_HDR_A3_QOS_LEN && hdrlen != WLAN_HDR_A4_QOS_LEN)
1442 hdrlen += 2;
1443 }
1444 /* add for CONFIG_IEEE80211W, none 11w also can use */
1445 else if ((frtype == WIFI_DATA) &&
1446 ((frsubtype == 0x08) ||
1447 (frsubtype == 0x09) ||
1448 (frsubtype == 0x0a) ||
1449 (frsubtype == 0x0b))) {
1450 if (hdrlen != WLAN_HDR_A3_QOS_LEN && hdrlen != WLAN_HDR_A4_QOS_LEN)
1451 hdrlen += 2;
1452 qc_exists = 1;
1453 } else
1454 qc_exists = 0;
1455
1456 pn_vector[0] = pframe[hdrlen];
1457 pn_vector[1] = pframe[hdrlen + 1];
1458 pn_vector[2] = pframe[hdrlen + 4];
1459 pn_vector[3] = pframe[hdrlen + 5];
1460 pn_vector[4] = pframe[hdrlen + 6];
1461 pn_vector[5] = pframe[hdrlen + 7];
1462
1463 construct_mic_iv(
1464 mic_iv,
1465 qc_exists,
1466 a4_exists,
1467 pframe, /* message, */
1468 plen,
1469 pn_vector,
1470 frtype /* add for CONFIG_IEEE80211W, none 11w also can use */
1471 );
1472
1473 construct_mic_header1(
1474 mic_header1,
1475 hdrlen,
1476 pframe, /* message */
1477 frtype /* add for CONFIG_IEEE80211W, none 11w also can use */
1478 );
1479 construct_mic_header2(
1480 mic_header2,
1481 pframe, /* message, */
1482 a4_exists,
1483 qc_exists
1484 );
1485
1486
1487 payload_remainder = plen % 16;
1488 num_blocks = plen / 16;
1489
1490 /* Find start of payload */
1491 payload_index = (hdrlen + 8);
1492
1493 /* Calculate MIC */
1494 aes128k128d(key, mic_iv, aes_out);
1495 bitwise_xor(aes_out, mic_header1, chain_buffer);
1496 aes128k128d(key, chain_buffer, aes_out);
1497 bitwise_xor(aes_out, mic_header2, chain_buffer);
1498 aes128k128d(key, chain_buffer, aes_out);
1499
1500 for (i = 0; i < num_blocks; i++) {
1501 bitwise_xor(aes_out, &pframe[payload_index], chain_buffer);/* bitwise_xor(aes_out, &message[payload_index], chain_buffer); */
1502
1503 payload_index += 16;
1504 aes128k128d(key, chain_buffer, aes_out);
1505 }
1506
1507 /* Add on the final payload block if it needs padding */
1508 if (payload_remainder > 0) {
1509 for (j = 0; j < 16; j++)
1510 padded_buffer[j] = 0x00;
1511 for (j = 0; j < payload_remainder; j++) {
1512 padded_buffer[j] = pframe[payload_index++];/* padded_buffer[j] = message[payload_index++]; */
1513 }
1514 bitwise_xor(aes_out, padded_buffer, chain_buffer);
1515 aes128k128d(key, chain_buffer, aes_out);
1516
1517 }
1518
1519 for (j = 0 ; j < 8; j++)
1520 mic[j] = aes_out[j];
1521
1522 /* Insert MIC into payload */
1523 for (j = 0; j < 8; j++)
1524 pframe[payload_index + j] = mic[j]; /* message[payload_index+j] = mic[j]; */
1525
1526 payload_index = hdrlen + 8;
1527 for (i = 0; i < num_blocks; i++) {
1528 construct_ctr_preload(
1529 ctr_preload,
1530 a4_exists,
1531 qc_exists,
1532 pframe, /* message, */
1533 pn_vector,
1534 i + 1,
1535 frtype); /* add for CONFIG_IEEE80211W, none 11w also can use */
1536 aes128k128d(key, ctr_preload, aes_out);
1537 bitwise_xor(aes_out, &pframe[payload_index], chain_buffer);/* bitwise_xor(aes_out, &message[payload_index], chain_buffer); */
1538 for (j = 0; j < 16; j++)
1539 pframe[payload_index++] = chain_buffer[j];/* for (j=0; j<16;j++) message[payload_index++] = chain_buffer[j]; */
1540 }
1541
1542 if (payload_remainder > 0) { /* If there is a short final block, then pad it,*/
1543 /* encrypt it and copy the unpadded part back */
1544 construct_ctr_preload(
1545 ctr_preload,
1546 a4_exists,
1547 qc_exists,
1548 pframe, /* message, */
1549 pn_vector,
1550 num_blocks + 1,
1551 frtype); /* add for CONFIG_IEEE80211W, none 11w also can use */
1552
1553 for (j = 0; j < 16; j++)
1554 padded_buffer[j] = 0x00;
1555 for (j = 0; j < payload_remainder; j++) {
1556 padded_buffer[j] = pframe[payload_index + j]; /* padded_buffer[j] = message[payload_index+j]; */
1557 }
1558 aes128k128d(key, ctr_preload, aes_out);
1559 bitwise_xor(aes_out, padded_buffer, chain_buffer);
1560 for (j = 0; j < payload_remainder; j++)
1561 pframe[payload_index++] = chain_buffer[j];/* for (j=0; j<payload_remainder;j++) message[payload_index++] = chain_buffer[j]; */
1562 }
1563
1564 /* Encrypt the MIC */
1565 construct_ctr_preload(
1566 ctr_preload,
1567 a4_exists,
1568 qc_exists,
1569 pframe, /* message, */
1570 pn_vector,
1571 0,
1572 frtype); /* add for CONFIG_IEEE80211W, none 11w also can use */
1573
1574 for (j = 0; j < 16; j++)
1575 padded_buffer[j] = 0x00;
1576 for (j = 0; j < 8; j++) {
1577 padded_buffer[j] = pframe[j + hdrlen + 8 + plen]; /* padded_buffer[j] = message[j+hdrlen+8+plen]; */
1578 }
1579
1580 aes128k128d(key, ctr_preload, aes_out);
1581 bitwise_xor(aes_out, padded_buffer, chain_buffer);
1582 for (j = 0; j < 8; j++)
1583 pframe[payload_index++] = chain_buffer[j];/* for (j=0; j<8;j++) message[payload_index++] = chain_buffer[j]; */
1584 return _SUCCESS;
1585 }
1586 #endif /* (NEW_CRYPTO == 0) */
1587
1588
1589 #if NEW_CRYPTO
rtw_aes_encrypt(_adapter * padapter,u8 * pxmitframe)1590 u32 rtw_aes_encrypt(_adapter *padapter, u8 *pxmitframe)
1591 {
1592 /* Intermediate Buffers */
1593 struct pkt_attrib *pattrib = &((struct xmit_frame *)pxmitframe)->attrib;
1594 struct security_priv *psecuritypriv = &padapter->securitypriv;
1595 struct xmit_priv *pxmitpriv = &padapter->xmitpriv;
1596 sint curfragnum, plen;
1597 u32 prwskeylen;
1598 u8 *pframe;
1599 u8 *prwskey;
1600 u8 hw_hdr_offset = 0;
1601
1602 u32 res = _SUCCESS;
1603
1604 if (((struct xmit_frame *)pxmitframe)->buf_addr == NULL)
1605 return _FAIL;
1606
1607 #ifdef CONFIG_USB_TX_AGGREGATION
1608 hw_hdr_offset = TXDESC_SIZE +
1609 (((struct xmit_frame *)pxmitframe)->pkt_offset * PACKET_OFFSET_SZ);
1610 #else
1611 #ifdef CONFIG_TX_EARLY_MODE
1612 hw_hdr_offset = TXDESC_OFFSET + EARLY_MODE_INFO_SIZE;
1613 #else
1614 hw_hdr_offset = TXDESC_OFFSET;
1615 #endif
1616 #endif
1617
1618 pframe = ((struct xmit_frame *)pxmitframe)->buf_addr + hw_hdr_offset;
1619
1620 /* start to encrypt each fragment */
1621 if ((pattrib->encrypt == _AES_) ||
1622 (pattrib->encrypt == _CCMP_256_)) {
1623
1624 if (IS_MCAST(pattrib->ra))
1625 prwskey = psecuritypriv->dot118021XGrpKey[psecuritypriv->dot118021XGrpKeyid].skey;
1626 else {
1627 prwskey = pattrib->dot118021x_UncstKey.skey;
1628 }
1629
1630 #ifdef CONFIG_TDLS
1631 {
1632 /* Swencryption */
1633 struct sta_info *ptdls_sta;
1634 ptdls_sta = rtw_get_stainfo(&padapter->stapriv, &pattrib->dst[0]);
1635 if ((ptdls_sta != NULL) && (ptdls_sta->tdls_sta_state & TDLS_LINKED_STATE)) {
1636 RTW_INFO("[%s] for tdls link\n", __FUNCTION__);
1637 prwskey = &ptdls_sta->tpk.tk[0];
1638 }
1639 }
1640 #endif /* CONFIG_TDLS */
1641
1642 prwskeylen = (pattrib->encrypt == _CCMP_256_) ? 32 : 16;
1643
1644 for (curfragnum = 0; curfragnum < pattrib->nr_frags; curfragnum++) {
1645
1646 if ((curfragnum + 1) == pattrib->nr_frags) { /* the last fragment */
1647 plen = pattrib->last_txcmdsz - pattrib->hdrlen - pattrib->iv_len - pattrib->icv_len;
1648
1649 _rtw_ccmp_encrypt(padapter, prwskey, prwskeylen, pattrib->hdrlen, pframe, plen);
1650 } else {
1651 plen = pxmitpriv->frag_len - pattrib->hdrlen - pattrib->iv_len - pattrib->icv_len;
1652
1653 _rtw_ccmp_encrypt(padapter, prwskey, prwskeylen, pattrib->hdrlen, pframe, plen);
1654 pframe += pxmitpriv->frag_len;
1655 pframe = (u8 *)RND4((SIZE_PTR)(pframe));
1656
1657 }
1658 }
1659
1660 AES_SW_ENC_CNT_INC(psecuritypriv, pattrib->ra);
1661
1662 }
1663
1664
1665
1666 return res;
1667 }
1668 #else
rtw_aes_encrypt(_adapter * padapter,u8 * pxmitframe)1669 u32 rtw_aes_encrypt(_adapter *padapter, u8 *pxmitframe)
1670 {
1671 /* exclude ICV */
1672
1673
1674 /*static*/
1675 /* unsigned char message[MAX_MSG_SIZE]; */
1676
1677 /* Intermediate Buffers */
1678 sint curfragnum, length;
1679 u32 prwskeylen;
1680 u8 *pframe, *prwskey; /* , *payload,*iv */
1681 u8 hw_hdr_offset = 0;
1682 /* struct sta_info *stainfo=NULL; */
1683 struct pkt_attrib *pattrib = &((struct xmit_frame *)pxmitframe)->attrib;
1684 struct security_priv *psecuritypriv = &padapter->securitypriv;
1685 struct xmit_priv *pxmitpriv = &padapter->xmitpriv;
1686
1687 /* uint offset = 0; */
1688 u32 res = _SUCCESS;
1689
1690 if (((struct xmit_frame *)pxmitframe)->buf_addr == NULL)
1691 return _FAIL;
1692
1693 #ifdef CONFIG_USB_TX_AGGREGATION
1694 hw_hdr_offset = TXDESC_SIZE +
1695 (((struct xmit_frame *)pxmitframe)->pkt_offset * PACKET_OFFSET_SZ);
1696 #else
1697 #ifdef CONFIG_TX_EARLY_MODE
1698 hw_hdr_offset = TXDESC_OFFSET + EARLY_MODE_INFO_SIZE;
1699 #else
1700 hw_hdr_offset = TXDESC_OFFSET;
1701 #endif
1702 #endif
1703
1704 pframe = ((struct xmit_frame *)pxmitframe)->buf_addr + hw_hdr_offset;
1705
1706 /* 4 start to encrypt each fragment */
1707 if ((pattrib->encrypt == _AES_)) {
1708 /*
1709 if(pattrib->psta)
1710 {
1711 stainfo = pattrib->psta;
1712 }
1713 else
1714 {
1715 RTW_INFO("%s, call rtw_get_stainfo()\n", __func__);
1716 stainfo=rtw_get_stainfo(&padapter->stapriv ,&pattrib->ra[0] );
1717 }
1718 */
1719 /* if (stainfo!=NULL) */
1720 {
1721 /*
1722 if(!(stainfo->state &WIFI_ASOC_STATE))
1723 {
1724 RTW_INFO("%s, psta->state(0x%x) != WIFI_ASOC_STATE\n", __func__, stainfo->state);
1725 return _FAIL;
1726 }
1727 */
1728
1729 if (IS_MCAST(pattrib->ra))
1730 prwskey = psecuritypriv->dot118021XGrpKey[psecuritypriv->dot118021XGrpKeyid].skey;
1731 else {
1732 /* prwskey=&stainfo->dot118021x_UncstKey.skey[0]; */
1733 prwskey = pattrib->dot118021x_UncstKey.skey;
1734 }
1735
1736 #ifdef CONFIG_TDLS
1737 {
1738 /* Swencryption */
1739 struct sta_info *ptdls_sta;
1740 ptdls_sta = rtw_get_stainfo(&padapter->stapriv , &pattrib->dst[0]);
1741 if ((ptdls_sta != NULL) && (ptdls_sta->tdls_sta_state & TDLS_LINKED_STATE)) {
1742 RTW_INFO("[%s] for tdls link\n", __FUNCTION__);
1743 prwskey = &ptdls_sta->tpk.tk[0];
1744 }
1745 }
1746 #endif /* CONFIG_TDLS */
1747
1748 prwskeylen = 16;
1749
1750 for (curfragnum = 0; curfragnum < pattrib->nr_frags; curfragnum++) {
1751
1752 if ((curfragnum + 1) == pattrib->nr_frags) { /* 4 the last fragment */
1753 length = pattrib->last_txcmdsz - pattrib->hdrlen - pattrib->iv_len - pattrib->icv_len;
1754
1755 aes_cipher(prwskey, pattrib->hdrlen, pframe, length);
1756 } else {
1757 length = pxmitpriv->frag_len - pattrib->hdrlen - pattrib->iv_len - pattrib->icv_len ;
1758
1759 aes_cipher(prwskey, pattrib->hdrlen, pframe, length);
1760 pframe += pxmitpriv->frag_len;
1761 pframe = (u8 *)RND4((SIZE_PTR)(pframe));
1762
1763 }
1764 }
1765
1766 AES_SW_ENC_CNT_INC(psecuritypriv, pattrib->ra);
1767 }
1768 /*
1769 else{
1770 RTW_INFO("%s, psta==NUL\n", __func__);
1771 res=_FAIL;
1772 }
1773 */
1774 }
1775
1776
1777
1778 return res;
1779 }
1780 #endif
1781
1782 #if (NEW_CRYPTO == 0)
aes_decipher(u8 * key,uint hdrlen,u8 * pframe,uint plen)1783 static sint aes_decipher(u8 *key, uint hdrlen,
1784 u8 *pframe, uint plen)
1785 {
1786 static u8 message[MAX_MSG_SIZE];
1787 uint qc_exists, a4_exists, i, j, payload_remainder,
1788 num_blocks, payload_index;
1789 sint res = _SUCCESS;
1790 u8 pn_vector[6];
1791 u8 mic_iv[16];
1792 u8 mic_header1[16];
1793 u8 mic_header2[16];
1794 u8 ctr_preload[16];
1795
1796 /* Intermediate Buffers */
1797 u8 chain_buffer[16];
1798 u8 aes_out[16];
1799 u8 padded_buffer[16];
1800 u8 mic[8];
1801
1802
1803 /* uint offset = 0; */
1804 uint frtype = GetFrameType(pframe);
1805 uint frsubtype = get_frame_sub_type(pframe);
1806 frsubtype = frsubtype >> 4;
1807
1808
1809 _rtw_memset((void *)mic_iv, 0, 16);
1810 _rtw_memset((void *)mic_header1, 0, 16);
1811 _rtw_memset((void *)mic_header2, 0, 16);
1812 _rtw_memset((void *)ctr_preload, 0, 16);
1813 _rtw_memset((void *)chain_buffer, 0, 16);
1814 _rtw_memset((void *)aes_out, 0, 16);
1815 _rtw_memset((void *)padded_buffer, 0, 16);
1816
1817 /* start to decrypt the payload */
1818
1819 num_blocks = (plen - 8) / 16; /* (plen including LLC, payload_length and mic ) */
1820
1821 payload_remainder = (plen - 8) % 16;
1822
1823 pn_vector[0] = pframe[hdrlen];
1824 pn_vector[1] = pframe[hdrlen + 1];
1825 pn_vector[2] = pframe[hdrlen + 4];
1826 pn_vector[3] = pframe[hdrlen + 5];
1827 pn_vector[4] = pframe[hdrlen + 6];
1828 pn_vector[5] = pframe[hdrlen + 7];
1829
1830 if ((hdrlen == WLAN_HDR_A3_LEN) || (hdrlen == WLAN_HDR_A3_QOS_LEN))
1831 a4_exists = 0;
1832 else
1833 a4_exists = 1;
1834
1835 if (
1836 ((frtype | frsubtype) == WIFI_DATA_CFACK) ||
1837 ((frtype | frsubtype) == WIFI_DATA_CFPOLL) ||
1838 ((frtype | frsubtype) == WIFI_DATA_CFACKPOLL)) {
1839 qc_exists = 1;
1840 if (hdrlen != WLAN_HDR_A3_QOS_LEN && hdrlen != WLAN_HDR_A4_QOS_LEN)
1841 hdrlen += 2;
1842 } /* only for data packet . add for CONFIG_IEEE80211W, none 11w also can use */
1843 else if ((frtype == WIFI_DATA) &&
1844 ((frsubtype == 0x08) ||
1845 (frsubtype == 0x09) ||
1846 (frsubtype == 0x0a) ||
1847 (frsubtype == 0x0b))) {
1848 if (hdrlen != WLAN_HDR_A3_QOS_LEN && hdrlen != WLAN_HDR_A4_QOS_LEN)
1849 hdrlen += 2;
1850 qc_exists = 1;
1851 } else
1852 qc_exists = 0;
1853
1854
1855 /* now, decrypt pframe with hdrlen offset and plen long */
1856
1857 payload_index = hdrlen + 8; /* 8 is for extiv */
1858
1859 for (i = 0; i < num_blocks; i++) {
1860 construct_ctr_preload(
1861 ctr_preload,
1862 a4_exists,
1863 qc_exists,
1864 pframe,
1865 pn_vector,
1866 i + 1,
1867 frtype /* add for CONFIG_IEEE80211W, none 11w also can use */
1868 );
1869
1870 aes128k128d(key, ctr_preload, aes_out);
1871 bitwise_xor(aes_out, &pframe[payload_index], chain_buffer);
1872
1873 for (j = 0; j < 16; j++)
1874 pframe[payload_index++] = chain_buffer[j];
1875 }
1876
1877 if (payload_remainder > 0) { /* If there is a short final block, then pad it,*/
1878 /* encrypt it and copy the unpadded part back */
1879 construct_ctr_preload(
1880 ctr_preload,
1881 a4_exists,
1882 qc_exists,
1883 pframe,
1884 pn_vector,
1885 num_blocks + 1,
1886 frtype /* add for CONFIG_IEEE80211W, none 11w also can use */
1887 );
1888
1889 for (j = 0; j < 16; j++)
1890 padded_buffer[j] = 0x00;
1891 for (j = 0; j < payload_remainder; j++)
1892 padded_buffer[j] = pframe[payload_index + j];
1893 aes128k128d(key, ctr_preload, aes_out);
1894 bitwise_xor(aes_out, padded_buffer, chain_buffer);
1895 for (j = 0; j < payload_remainder; j++)
1896 pframe[payload_index++] = chain_buffer[j];
1897 }
1898
1899 /* start to calculate the mic */
1900 if ((hdrlen + plen + 8) <= MAX_MSG_SIZE)
1901 _rtw_memcpy((void *)message, pframe, (hdrlen + plen + 8)); /* 8 is for ext iv len */
1902
1903
1904 pn_vector[0] = pframe[hdrlen];
1905 pn_vector[1] = pframe[hdrlen + 1];
1906 pn_vector[2] = pframe[hdrlen + 4];
1907 pn_vector[3] = pframe[hdrlen + 5];
1908 pn_vector[4] = pframe[hdrlen + 6];
1909 pn_vector[5] = pframe[hdrlen + 7];
1910
1911
1912
1913 construct_mic_iv(
1914 mic_iv,
1915 qc_exists,
1916 a4_exists,
1917 message,
1918 plen - 8,
1919 pn_vector,
1920 frtype /* add for CONFIG_IEEE80211W, none 11w also can use */
1921 );
1922
1923 construct_mic_header1(
1924 mic_header1,
1925 hdrlen,
1926 message,
1927 frtype /* add for CONFIG_IEEE80211W, none 11w also can use */
1928 );
1929 construct_mic_header2(
1930 mic_header2,
1931 message,
1932 a4_exists,
1933 qc_exists
1934 );
1935
1936
1937 payload_remainder = (plen - 8) % 16;
1938 num_blocks = (plen - 8) / 16;
1939
1940 /* Find start of payload */
1941 payload_index = (hdrlen + 8);
1942
1943 /* Calculate MIC */
1944 aes128k128d(key, mic_iv, aes_out);
1945 bitwise_xor(aes_out, mic_header1, chain_buffer);
1946 aes128k128d(key, chain_buffer, aes_out);
1947 bitwise_xor(aes_out, mic_header2, chain_buffer);
1948 aes128k128d(key, chain_buffer, aes_out);
1949
1950 for (i = 0; i < num_blocks; i++) {
1951 bitwise_xor(aes_out, &message[payload_index], chain_buffer);
1952
1953 payload_index += 16;
1954 aes128k128d(key, chain_buffer, aes_out);
1955 }
1956
1957 /* Add on the final payload block if it needs padding */
1958 if (payload_remainder > 0) {
1959 for (j = 0; j < 16; j++)
1960 padded_buffer[j] = 0x00;
1961 for (j = 0; j < payload_remainder; j++)
1962 padded_buffer[j] = message[payload_index++];
1963 bitwise_xor(aes_out, padded_buffer, chain_buffer);
1964 aes128k128d(key, chain_buffer, aes_out);
1965
1966 }
1967
1968 for (j = 0 ; j < 8; j++)
1969 mic[j] = aes_out[j];
1970
1971 /* Insert MIC into payload */
1972 for (j = 0; j < 8; j++)
1973 message[payload_index + j] = mic[j];
1974
1975 payload_index = hdrlen + 8;
1976 for (i = 0; i < num_blocks; i++) {
1977 construct_ctr_preload(
1978 ctr_preload,
1979 a4_exists,
1980 qc_exists,
1981 message,
1982 pn_vector,
1983 i + 1,
1984 frtype); /* add for CONFIG_IEEE80211W, none 11w also can use */
1985 aes128k128d(key, ctr_preload, aes_out);
1986 bitwise_xor(aes_out, &message[payload_index], chain_buffer);
1987 for (j = 0; j < 16; j++)
1988 message[payload_index++] = chain_buffer[j];
1989 }
1990
1991 if (payload_remainder > 0) { /* If there is a short final block, then pad it,*/
1992 /* encrypt it and copy the unpadded part back */
1993 construct_ctr_preload(
1994 ctr_preload,
1995 a4_exists,
1996 qc_exists,
1997 message,
1998 pn_vector,
1999 num_blocks + 1,
2000 frtype); /* add for CONFIG_IEEE80211W, none 11w also can use */
2001
2002 for (j = 0; j < 16; j++)
2003 padded_buffer[j] = 0x00;
2004 for (j = 0; j < payload_remainder; j++)
2005 padded_buffer[j] = message[payload_index + j];
2006 aes128k128d(key, ctr_preload, aes_out);
2007 bitwise_xor(aes_out, padded_buffer, chain_buffer);
2008 for (j = 0; j < payload_remainder; j++)
2009 message[payload_index++] = chain_buffer[j];
2010 }
2011
2012 /* Encrypt the MIC */
2013 construct_ctr_preload(
2014 ctr_preload,
2015 a4_exists,
2016 qc_exists,
2017 message,
2018 pn_vector,
2019 0,
2020 frtype); /* add for CONFIG_IEEE80211W, none 11w also can use */
2021
2022 for (j = 0; j < 16; j++)
2023 padded_buffer[j] = 0x00;
2024 for (j = 0; j < 8; j++)
2025 padded_buffer[j] = message[j + hdrlen + 8 + plen - 8];
2026
2027 aes128k128d(key, ctr_preload, aes_out);
2028 bitwise_xor(aes_out, padded_buffer, chain_buffer);
2029 for (j = 0; j < 8; j++)
2030 message[payload_index++] = chain_buffer[j];
2031
2032 /* compare the mic */
2033 for (i = 0; i < 8; i++) {
2034 if (pframe[hdrlen + 8 + plen - 8 + i] != message[hdrlen + 8 + plen - 8 + i]) {
2035 RTW_INFO("aes_decipher:mic check error mic[%d]: pframe(%x) != message(%x)\n",
2036 i, pframe[hdrlen + 8 + plen - 8 + i], message[hdrlen + 8 + plen - 8 + i]);
2037 res = _FAIL;
2038 }
2039 }
2040 return res;
2041 }
2042 #endif /* (NEW_CRYPTO == 0) */
2043
2044 #if NEW_CRYPTO
rtw_aes_decrypt(_adapter * padapter,u8 * precvframe)2045 u32 rtw_aes_decrypt(_adapter *padapter, u8 *precvframe)
2046 {
2047 struct sta_info *stainfo;
2048 struct rx_pkt_attrib *prxattrib = &((union recv_frame *)precvframe)->u.hdr.attrib;
2049 struct security_priv *psecuritypriv = &padapter->securitypriv;
2050 u8 *pframe;
2051 u8 *prwskey;
2052 u32 res = _SUCCESS;
2053
2054 pframe = (unsigned char *)((union recv_frame *)precvframe)->u.hdr.rx_data;
2055 /* start to encrypt each fragment */
2056 if ((prxattrib->encrypt == _AES_) ||
2057 (prxattrib->encrypt == _CCMP_256_)) {
2058
2059 stainfo = rtw_get_stainfo(&padapter->stapriv, &prxattrib->ta[0]);
2060 if (stainfo != NULL) {
2061
2062 if (IS_MCAST(prxattrib->ra)) {
2063 static systime start = 0;
2064 static u32 no_gkey_bc_cnt = 0;
2065 static u32 no_gkey_mc_cnt = 0;
2066
2067 if ((!MLME_IS_MESH(padapter) && psecuritypriv->binstallGrpkey == _FALSE)
2068 #ifdef CONFIG_RTW_MESH
2069 || !(stainfo->gtk_bmp | BIT(prxattrib->key_index))
2070 #endif
2071 ) {
2072 res = _FAIL;
2073
2074 if (start == 0)
2075 start = rtw_get_current_time();
2076
2077 if (is_broadcast_mac_addr(prxattrib->ra))
2078 no_gkey_bc_cnt++;
2079 else
2080 no_gkey_mc_cnt++;
2081
2082 if (rtw_get_passing_time_ms(start) > 1000) {
2083 if (no_gkey_bc_cnt || no_gkey_mc_cnt) {
2084 RTW_PRINT(FUNC_ADPT_FMT" no_gkey_bc_cnt:%u, no_gkey_mc_cnt:%u\n",
2085 FUNC_ADPT_ARG(padapter), no_gkey_bc_cnt, no_gkey_mc_cnt);
2086 }
2087 start = rtw_get_current_time();
2088 no_gkey_bc_cnt = 0;
2089 no_gkey_mc_cnt = 0;
2090 }
2091
2092 goto exit;
2093 }
2094
2095 if (no_gkey_bc_cnt || no_gkey_mc_cnt) {
2096 RTW_PRINT(FUNC_ADPT_FMT" gkey installed. no_gkey_bc_cnt:%u, no_gkey_mc_cnt:%u\n",
2097 FUNC_ADPT_ARG(padapter), no_gkey_bc_cnt, no_gkey_mc_cnt);
2098 }
2099 start = 0;
2100 no_gkey_bc_cnt = 0;
2101 no_gkey_mc_cnt = 0;
2102
2103 #ifdef CONFIG_RTW_MESH
2104 if (MLME_IS_MESH(padapter)) {
2105 /* TODO: multiple GK? */
2106 prwskey = &stainfo->gtk.skey[0];
2107 } else
2108 #endif
2109 {
2110 prwskey = psecuritypriv->dot118021XGrpKey[prxattrib->key_index].skey;
2111 if (psecuritypriv->dot118021XGrpKeyid != prxattrib->key_index) {
2112 RTW_DBG("not match packet_index=%d, install_index=%d\n"
2113 , prxattrib->key_index, psecuritypriv->dot118021XGrpKeyid);
2114 res = _FAIL;
2115 goto exit;
2116 }
2117 }
2118 } else
2119 prwskey = &stainfo->dot118021x_UncstKey.skey[0];
2120
2121 res = _rtw_ccmp_decrypt(padapter, prwskey,
2122 prxattrib->encrypt == _CCMP_256_ ? 32 : 16,
2123 prxattrib->hdrlen, pframe,
2124 ((union recv_frame *)precvframe)->u.hdr.len);
2125
2126 AES_SW_DEC_CNT_INC(psecuritypriv, prxattrib->ra);
2127 } else {
2128 res = _FAIL;
2129 }
2130
2131 }
2132 exit:
2133 return res;
2134 }
2135 #else
rtw_aes_decrypt(_adapter * padapter,u8 * precvframe)2136 u32 rtw_aes_decrypt(_adapter *padapter, u8 *precvframe)
2137 {
2138 /* exclude ICV */
2139
2140
2141 /*static*/
2142 /* unsigned char message[MAX_MSG_SIZE]; */
2143
2144
2145 /* Intermediate Buffers */
2146
2147
2148 sint length;
2149 u8 *pframe, *prwskey; /* , *payload,*iv */
2150 struct sta_info *stainfo;
2151 struct rx_pkt_attrib *prxattrib = &((union recv_frame *)precvframe)->u.hdr.attrib;
2152 struct security_priv *psecuritypriv = &padapter->securitypriv;
2153 /* struct recv_priv *precvpriv=&padapter->recvpriv; */
2154 u32 res = _SUCCESS;
2155 pframe = (unsigned char *)((union recv_frame *)precvframe)->u.hdr.rx_data;
2156 /* 4 start to encrypt each fragment */
2157 if ((prxattrib->encrypt == _AES_)) {
2158
2159 stainfo = rtw_get_stainfo(&padapter->stapriv , &prxattrib->ta[0]);
2160 if (stainfo != NULL) {
2161
2162 if (IS_MCAST(prxattrib->ra)) {
2163 static systime start = 0;
2164 static u32 no_gkey_bc_cnt = 0;
2165 static u32 no_gkey_mc_cnt = 0;
2166
2167 /* RTW_INFO("rx bc/mc packets, to perform sw rtw_aes_decrypt\n"); */
2168 /* prwskey = psecuritypriv->dot118021XGrpKey[psecuritypriv->dot118021XGrpKeyid].skey; */
2169 if ((!MLME_IS_MESH(padapter) && psecuritypriv->binstallGrpkey == _FALSE)
2170 #ifdef CONFIG_RTW_MESH
2171 || !(stainfo->gtk_bmp | BIT(prxattrib->key_index))
2172 #endif
2173 ) {
2174 res = _FAIL;
2175
2176 if (start == 0)
2177 start = rtw_get_current_time();
2178
2179 if (is_broadcast_mac_addr(prxattrib->ra))
2180 no_gkey_bc_cnt++;
2181 else
2182 no_gkey_mc_cnt++;
2183
2184 if (rtw_get_passing_time_ms(start) > 1000) {
2185 if (no_gkey_bc_cnt || no_gkey_mc_cnt) {
2186 RTW_PRINT(FUNC_ADPT_FMT" no_gkey_bc_cnt:%u, no_gkey_mc_cnt:%u\n",
2187 FUNC_ADPT_ARG(padapter), no_gkey_bc_cnt, no_gkey_mc_cnt);
2188 }
2189 start = rtw_get_current_time();
2190 no_gkey_bc_cnt = 0;
2191 no_gkey_mc_cnt = 0;
2192 }
2193
2194 goto exit;
2195 }
2196
2197 if (no_gkey_bc_cnt || no_gkey_mc_cnt) {
2198 RTW_PRINT(FUNC_ADPT_FMT" gkey installed. no_gkey_bc_cnt:%u, no_gkey_mc_cnt:%u\n",
2199 FUNC_ADPT_ARG(padapter), no_gkey_bc_cnt, no_gkey_mc_cnt);
2200 }
2201 start = 0;
2202 no_gkey_bc_cnt = 0;
2203 no_gkey_mc_cnt = 0;
2204
2205 #ifdef CONFIG_RTW_MESH
2206 if (MLME_IS_MESH(padapter)) {
2207 /* TODO: multiple GK? */
2208 prwskey = &stainfo->gtk.skey[0];
2209 } else
2210 #endif
2211 {
2212 prwskey = psecuritypriv->dot118021XGrpKey[prxattrib->key_index].skey;
2213 if (psecuritypriv->dot118021XGrpKeyid != prxattrib->key_index) {
2214 RTW_DBG("not match packet_index=%d, install_index=%d\n"
2215 , prxattrib->key_index, psecuritypriv->dot118021XGrpKeyid);
2216 res = _FAIL;
2217 goto exit;
2218 }
2219 }
2220 } else
2221 prwskey = &stainfo->dot118021x_UncstKey.skey[0];
2222
2223 length = ((union recv_frame *)precvframe)->u.hdr.len - prxattrib->hdrlen - prxattrib->iv_len;
2224 #if 0
2225 /* add for CONFIG_IEEE80211W, debug */
2226 if (0)
2227 printk("@@@@@@@@@@@@@@@@@@ length=%d, prxattrib->hdrlen=%d, prxattrib->pkt_len=%d\n"
2228 , length, prxattrib->hdrlen, prxattrib->pkt_len);
2229 if (0) {
2230 int no;
2231 /* test print PSK */
2232 printk("PSK key below:\n");
2233 for (no = 0; no < 16; no++)
2234 printk(" %02x ", prwskey[no]);
2235 printk("\n");
2236 }
2237 if (0) {
2238 int no;
2239 /* test print PSK */
2240 printk("frame:\n");
2241 for (no = 0; no < prxattrib->pkt_len; no++)
2242 printk(" %02x ", pframe[no]);
2243 printk("\n");
2244 }
2245 #endif
2246
2247 res = aes_decipher(prwskey, prxattrib->hdrlen, pframe, length);
2248
2249 AES_SW_DEC_CNT_INC(psecuritypriv, prxattrib->ra);
2250 } else {
2251 res = _FAIL;
2252 }
2253
2254 }
2255 exit:
2256 return res;
2257 }
2258 #endif
2259
2260 #ifdef CONFIG_RTW_MESH_AEK
2261 /* for AES-SIV, wrapper to ase_siv_encrypt and aes_siv_decrypt */
rtw_aes_siv_encrypt(const u8 * key,size_t key_len,const u8 * pw,size_t pwlen,size_t num_elem,const u8 * addr[],const size_t * len,u8 * out)2262 int rtw_aes_siv_encrypt(const u8 *key, size_t key_len, const u8 *pw,
2263 size_t pwlen, size_t num_elem,
2264 const u8 *addr[], const size_t *len, u8 *out)
2265 {
2266 return _aes_siv_encrypt(key, key_len, pw, pwlen,
2267 num_elem, addr, len, out);
2268 }
2269
rtw_aes_siv_decrypt(const u8 * key,size_t key_len,const u8 * iv_crypt,size_t iv_c_len,size_t num_elem,const u8 * addr[],const size_t * len,u8 * out)2270 int rtw_aes_siv_decrypt(const u8 *key, size_t key_len, const u8 *iv_crypt, size_t iv_c_len,
2271 size_t num_elem, const u8 *addr[], const size_t *len, u8 *out)
2272 {
2273 return _aes_siv_decrypt(key, key_len, iv_crypt,
2274 iv_c_len, num_elem, addr, len, out);
2275 }
2276 #endif /* CONFIG_RTW_MESH_AEK */
2277
2278 #ifdef CONFIG_TDLS
wpa_tdls_generate_tpk(_adapter * padapter,void * sta)2279 void wpa_tdls_generate_tpk(_adapter *padapter, void *sta)
2280 {
2281 struct sta_info *psta = (struct sta_info *)sta;
2282 struct mlme_priv *pmlmepriv = &padapter->mlmepriv;
2283
2284 _tdls_generate_tpk(psta, adapter_mac_addr(padapter), get_bssid(pmlmepriv));
2285 }
2286
2287 /**
2288 * wpa_tdls_ftie_mic - Calculate TDLS FTIE MIC
2289 * @kck: TPK-KCK
2290 * @lnkid: Pointer to the beginning of Link Identifier IE
2291 * @rsnie: Pointer to the beginning of RSN IE used for handshake
2292 * @timeoutie: Pointer to the beginning of Timeout IE used for handshake
2293 * @ftie: Pointer to the beginning of FT IE
2294 * @mic: Pointer for writing MIC
2295 *
2296 * Calculate MIC for TDLS frame.
2297 */
wpa_tdls_ftie_mic(u8 * kck,u8 trans_seq,u8 * lnkid,u8 * rsnie,u8 * timeoutie,u8 * ftie,u8 * mic)2298 int wpa_tdls_ftie_mic(u8 *kck, u8 trans_seq,
2299 u8 *lnkid, u8 *rsnie, u8 *timeoutie, u8 *ftie,
2300 u8 *mic)
2301 {
2302 u8 *buf, *pos;
2303 struct wpa_tdls_ftie *_ftie;
2304 struct wpa_tdls_lnkid *_lnkid;
2305 int ret;
2306 int len = 2 * ETH_ALEN + 1 + 2 + lnkid[1] + 2 + rsnie[1] +
2307 2 + timeoutie[1] + 2 + ftie[1];
2308 buf = rtw_zmalloc(len);
2309 if (!buf) {
2310 RTW_INFO("TDLS: No memory for MIC calculation\n");
2311 return -1;
2312 }
2313
2314 pos = buf;
2315 _lnkid = (struct wpa_tdls_lnkid *) lnkid;
2316 /* 1) TDLS initiator STA MAC address */
2317 _rtw_memcpy(pos, _lnkid->init_sta, ETH_ALEN);
2318 pos += ETH_ALEN;
2319 /* 2) TDLS responder STA MAC address */
2320 _rtw_memcpy(pos, _lnkid->resp_sta, ETH_ALEN);
2321 pos += ETH_ALEN;
2322 /* 3) Transaction Sequence number */
2323 *pos++ = trans_seq;
2324 /* 4) Link Identifier IE */
2325 _rtw_memcpy(pos, lnkid, 2 + lnkid[1]);
2326 pos += 2 + lnkid[1];
2327 /* 5) RSN IE */
2328 _rtw_memcpy(pos, rsnie, 2 + rsnie[1]);
2329 pos += 2 + rsnie[1];
2330 /* 6) Timeout Interval IE */
2331 _rtw_memcpy(pos, timeoutie, 2 + timeoutie[1]);
2332 pos += 2 + timeoutie[1];
2333 /* 7) FTIE, with the MIC field of the FTIE set to 0 */
2334 _rtw_memcpy(pos, ftie, 2 + ftie[1]);
2335 _ftie = (struct wpa_tdls_ftie *) pos;
2336 _rtw_memset(_ftie->mic, 0, TDLS_MIC_LEN);
2337 pos += 2 + ftie[1];
2338
2339 /* ret = omac1_aes_128(kck, buf, pos - buf, mic); */
2340 ret = _bip_ccmp_protect(kck, 16, buf, pos - buf, mic);
2341 rtw_mfree(buf, len);
2342 return ret;
2343
2344 }
2345
2346 /**
2347 * wpa_tdls_teardown_ftie_mic - Calculate TDLS TEARDOWN FTIE MIC
2348 * @kck: TPK-KCK
2349 * @lnkid: Pointer to the beginning of Link Identifier IE
2350 * @reason: Reason code of TDLS Teardown
2351 * @dialog_token: Dialog token that was used in the MIC calculation for TPK Handshake Message 3
2352 * @trans_seq: Transaction Sequence number (1 octet) which shall be set to the value 4
2353 * @ftie: Pointer to the beginning of FT IE
2354 * @mic: Pointer for writing MIC
2355 *
2356 * Calculate MIC for TDLS TEARDOWN frame according to Section 10.22.5 in IEEE 802.11 - 2012.
2357 */
wpa_tdls_teardown_ftie_mic(u8 * kck,u8 * lnkid,u16 reason,u8 dialog_token,u8 trans_seq,u8 * ftie,u8 * mic)2358 int wpa_tdls_teardown_ftie_mic(u8 *kck, u8 *lnkid, u16 reason,
2359 u8 dialog_token, u8 trans_seq, u8 *ftie, u8 *mic)
2360 {
2361 u8 *buf, *pos;
2362 struct wpa_tdls_ftie *_ftie;
2363 int ret;
2364 int len = 2 + lnkid[1] + 2 + 1 + 1 + 2 + ftie[1];
2365
2366 buf = rtw_zmalloc(len);
2367 if (!buf) {
2368 RTW_INFO("TDLS: No memory for MIC calculation\n");
2369 return -1;
2370 }
2371
2372 pos = buf;
2373 /* 1) Link Identifier IE */
2374 _rtw_memcpy(pos, lnkid, 2 + lnkid[1]);
2375 pos += 2 + lnkid[1];
2376 /* 2) Reason Code */
2377 _rtw_memcpy(pos, (u8 *)&reason, 2);
2378 pos += 2;
2379 /* 3) Dialog Token */
2380 *pos++ = dialog_token;
2381 /* 4) Transaction Sequence number */
2382 *pos++ = trans_seq;
2383 /* 5) FTIE, with the MIC field of the FTIE set to 0 */
2384 _rtw_memcpy(pos, ftie, 2 + ftie[1]);
2385 _ftie = (struct wpa_tdls_ftie *) pos;
2386 _rtw_memset(_ftie->mic, 0, TDLS_MIC_LEN);
2387 pos += 2 + ftie[1];
2388
2389 /* ret = omac1_aes_128(kck, buf, pos - buf, mic); */
2390 ret = _bip_ccmp_protect(kck, 16, buf, pos - buf, mic);
2391 rtw_mfree(buf, len);
2392 return ret;
2393
2394 }
2395
tdls_verify_mic(u8 * kck,u8 trans_seq,u8 * lnkid,u8 * rsnie,u8 * timeoutie,u8 * ftie)2396 int tdls_verify_mic(u8 *kck, u8 trans_seq,
2397 u8 *lnkid, u8 *rsnie, u8 *timeoutie, u8 *ftie)
2398 {
2399 u8 *buf, *pos;
2400 int len;
2401 u8 mic[16];
2402 int ret;
2403 u8 *rx_ftie, *tmp_ftie;
2404
2405 if (lnkid == NULL || rsnie == NULL ||
2406 timeoutie == NULL || ftie == NULL)
2407 return _FAIL;
2408
2409 len = 2 * ETH_ALEN + 1 + 2 + 18 + 2 + *(rsnie + 1) + 2 + *(timeoutie + 1) + 2 + *(ftie + 1);
2410
2411 buf = rtw_zmalloc(len);
2412 if (buf == NULL)
2413 return _FAIL;
2414
2415 pos = buf;
2416 /* 1) TDLS initiator STA MAC address */
2417 _rtw_memcpy(pos, lnkid + ETH_ALEN + 2, ETH_ALEN);
2418 pos += ETH_ALEN;
2419 /* 2) TDLS responder STA MAC address */
2420 _rtw_memcpy(pos, lnkid + 2 * ETH_ALEN + 2, ETH_ALEN);
2421 pos += ETH_ALEN;
2422 /* 3) Transaction Sequence number */
2423 *pos++ = trans_seq;
2424 /* 4) Link Identifier IE */
2425 _rtw_memcpy(pos, lnkid, 2 + 18);
2426 pos += 2 + 18;
2427 /* 5) RSN IE */
2428 _rtw_memcpy(pos, rsnie, 2 + *(rsnie + 1));
2429 pos += 2 + *(rsnie + 1);
2430 /* 6) Timeout Interval IE */
2431 _rtw_memcpy(pos, timeoutie, 2 + *(timeoutie + 1));
2432 pos += 2 + *(timeoutie + 1);
2433 /* 7) FTIE, with the MIC field of the FTIE set to 0 */
2434 _rtw_memcpy(pos, ftie, 2 + *(ftie + 1));
2435 pos += 2;
2436 tmp_ftie = (u8 *)(pos + 2);
2437 _rtw_memset(tmp_ftie, 0, 16);
2438 pos += *(ftie + 1);
2439
2440 /* ret = omac1_aes_128(kck, buf, pos - buf, mic); */
2441 ret = _bip_ccmp_protect(kck, 16, buf, pos - buf, mic);
2442 rtw_mfree(buf, len);
2443 if (ret == _FAIL)
2444 return _FAIL;
2445 rx_ftie = ftie + 4;
2446
2447 if (_rtw_memcmp2(mic, rx_ftie, 16) == 0) {
2448 /* Valid MIC */
2449 return _SUCCESS;
2450 }
2451
2452 /* Invalid MIC */
2453 RTW_INFO("[%s] Invalid MIC\n", __FUNCTION__);
2454 return _FAIL;
2455
2456 }
2457 #endif /* CONFIG_TDLS */
2458
2459 /* Restore HW wep key setting according to key_mask */
rtw_sec_restore_wep_key(_adapter * adapter)2460 void rtw_sec_restore_wep_key(_adapter *adapter)
2461 {
2462 struct security_priv *securitypriv = &(adapter->securitypriv);
2463 sint keyid;
2464
2465 if ((_WEP40_ == securitypriv->dot11PrivacyAlgrthm) || (_WEP104_ == securitypriv->dot11PrivacyAlgrthm)) {
2466 for (keyid = 0; keyid < 4; keyid++) {
2467 if (securitypriv->key_mask & BIT(keyid)) {
2468 if (keyid == securitypriv->dot11PrivacyKeyIndex)
2469 rtw_set_key(adapter, securitypriv, keyid, 1, _FALSE);
2470 else
2471 rtw_set_key(adapter, securitypriv, keyid, 0, _FALSE);
2472 }
2473 }
2474 }
2475 }
2476
rtw_handle_tkip_countermeasure(_adapter * adapter,const char * caller)2477 u8 rtw_handle_tkip_countermeasure(_adapter *adapter, const char *caller)
2478 {
2479 struct security_priv *securitypriv = &(adapter->securitypriv);
2480 u8 status = _SUCCESS;
2481
2482 if (securitypriv->btkip_countermeasure == _TRUE) {
2483 u32 passing_ms = rtw_get_passing_time_ms(securitypriv->btkip_countermeasure_time);
2484 if (passing_ms > 60 * 1000) {
2485 RTW_PRINT("%s("ADPT_FMT") countermeasure time:%ds > 60s\n",
2486 caller, ADPT_ARG(adapter), passing_ms / 1000);
2487 securitypriv->btkip_countermeasure = _FALSE;
2488 securitypriv->btkip_countermeasure_time = 0;
2489 } else {
2490 RTW_PRINT("%s("ADPT_FMT") countermeasure time:%ds < 60s\n",
2491 caller, ADPT_ARG(adapter), passing_ms / 1000);
2492 status = _FAIL;
2493 }
2494 }
2495
2496 return status;
2497 }
2498
2499 #ifdef CONFIG_WOWLAN
rtw_cal_crc16(u8 data,u16 crc)2500 u16 rtw_cal_crc16(u8 data, u16 crc)
2501 {
2502 u8 shift_in, data_bit;
2503 u8 crc_bit4, crc_bit11, crc_bit15;
2504 u16 crc_result;
2505 int index;
2506
2507 for (index = 0; index < 8; index++) {
2508 crc_bit15 = ((crc & BIT15) ? 1 : 0);
2509 data_bit = (data & (BIT0 << index) ? 1 : 0);
2510 shift_in = crc_bit15 ^ data_bit;
2511 /*printf("crc_bit15=%d, DataBit=%d, shift_in=%d\n",
2512 * crc_bit15, data_bit, shift_in);*/
2513
2514 crc_result = crc << 1;
2515
2516 if (shift_in == 0)
2517 crc_result &= (~BIT0);
2518 else
2519 crc_result |= BIT0;
2520 /*printf("CRC =%x\n",CRC_Result);*/
2521
2522 crc_bit11 = ((crc & BIT11) ? 1 : 0) ^ shift_in;
2523
2524 if (crc_bit11 == 0)
2525 crc_result &= (~BIT12);
2526 else
2527 crc_result |= BIT12;
2528
2529 /*printf("bit12 CRC =%x\n",CRC_Result);*/
2530
2531 crc_bit4 = ((crc & BIT4) ? 1 : 0) ^ shift_in;
2532
2533 if (crc_bit4 == 0)
2534 crc_result &= (~BIT5);
2535 else
2536 crc_result |= BIT5;
2537
2538 /* printf("bit5 CRC =%x\n",CRC_Result); */
2539 /* repeat using the last result*/
2540 crc = crc_result;
2541 }
2542 return crc;
2543 }
2544
2545 /*
2546 * function name :rtw_calc_crc
2547 *
2548 * input: char* pattern , pattern size
2549 *
2550 */
rtw_calc_crc(u8 * pdata,int length)2551 u16 rtw_calc_crc(u8 *pdata, int length)
2552 {
2553 u16 crc = 0xffff;
2554 int i;
2555
2556 for (i = 0; i < length; i++)
2557 crc = rtw_cal_crc16(pdata[i], crc);
2558 /* get 1' complement */
2559 crc = ~crc;
2560
2561 return crc;
2562 }
2563 #endif /*CONFIG_WOWLAN*/
2564
rtw_calc_crc32(u8 * data,size_t len)2565 u32 rtw_calc_crc32(u8 *data, size_t len)
2566 {
2567 size_t i;
2568 u32 crc = 0xFFFFFFFF;
2569
2570 if (bcrc32initialized == 0)
2571 crc32_init();
2572
2573 for (i = 0; i < len; i++)
2574 crc = crc32_table[(crc ^ data[i]) & 0xff] ^ (crc >> 8);
2575
2576 /* return 1' complement */
2577 return ~crc;
2578 }
2579
2580
2581 /**
2582 * rtw_gcmp_encrypt -
2583 * @padapter:
2584 * @pxmitframe:
2585 *
2586 */
rtw_gcmp_encrypt(_adapter * padapter,u8 * pxmitframe)2587 u32 rtw_gcmp_encrypt(_adapter *padapter, u8 *pxmitframe)
2588 {
2589 struct pkt_attrib *pattrib = &((struct xmit_frame *)pxmitframe)->attrib;
2590 struct security_priv *psecuritypriv = &padapter->securitypriv;
2591 struct xmit_priv *pxmitpriv = &padapter->xmitpriv;
2592 /* Intermediate Buffers */
2593 sint curfragnum, plen;
2594 u32 prwskeylen;
2595 u8 *pframe = NULL;
2596 u8 *prwskey = NULL;
2597 u8 hw_hdr_offset = 0;
2598 u32 res = _SUCCESS;
2599
2600 if (((struct xmit_frame *)pxmitframe)->buf_addr == NULL)
2601 return _FAIL;
2602
2603 #ifdef CONFIG_USB_TX_AGGREGATION
2604 hw_hdr_offset = TXDESC_SIZE +
2605 (((struct xmit_frame *)pxmitframe)->pkt_offset * PACKET_OFFSET_SZ);
2606 #else
2607 #ifdef CONFIG_TX_EARLY_MODE
2608 hw_hdr_offset = TXDESC_OFFSET + EARLY_MODE_INFO_SIZE;
2609 #else
2610 hw_hdr_offset = TXDESC_OFFSET;
2611 #endif
2612 #endif
2613
2614 pframe = ((struct xmit_frame *)pxmitframe)->buf_addr + hw_hdr_offset;
2615
2616 /* start to encrypt each fragment */
2617 if ((pattrib->encrypt == _GCMP_) ||
2618 (pattrib->encrypt == _GCMP_256_)) {
2619
2620 if (IS_MCAST(pattrib->ra))
2621 prwskey = psecuritypriv->dot118021XGrpKey[psecuritypriv->dot118021XGrpKeyid].skey;
2622 else
2623 prwskey = pattrib->dot118021x_UncstKey.skey;
2624
2625 prwskeylen = (pattrib->encrypt == _GCMP_256_) ? 32 : 16;
2626
2627 for (curfragnum = 0; curfragnum < pattrib->nr_frags; curfragnum++) {
2628 if ((curfragnum + 1) == pattrib->nr_frags) {
2629 /* the last fragment */
2630 plen = pattrib->last_txcmdsz - pattrib->hdrlen - pattrib->iv_len - pattrib->icv_len;
2631
2632 _rtw_gcmp_encrypt(padapter, prwskey, prwskeylen, pattrib->hdrlen, pframe, plen);
2633 } else {
2634 plen = pxmitpriv->frag_len - pattrib->hdrlen - pattrib->iv_len - pattrib->icv_len;
2635
2636 _rtw_gcmp_encrypt(padapter, prwskey, prwskeylen, pattrib->hdrlen, pframe, plen);
2637 pframe += pxmitpriv->frag_len;
2638 pframe = (u8 *)RND4((SIZE_PTR)(pframe));
2639 }
2640 }
2641
2642 GCMP_SW_ENC_CNT_INC(psecuritypriv, pattrib->ra);
2643 }
2644
2645 return res;
2646 }
2647
rtw_gcmp_decrypt(_adapter * padapter,u8 * precvframe)2648 u32 rtw_gcmp_decrypt(_adapter *padapter, u8 *precvframe)
2649 {
2650 u32 prwskeylen;
2651 u8 * pframe,*prwskey;
2652 struct sta_info *stainfo;
2653 struct rx_pkt_attrib *prxattrib = &((union recv_frame *)precvframe)->u.hdr.attrib;
2654 struct security_priv *psecuritypriv = &padapter->securitypriv;
2655 u32 res = _SUCCESS;
2656 pframe = (unsigned char *)((union recv_frame *)precvframe)->u.hdr.rx_data;
2657
2658 if ((prxattrib->encrypt == _GCMP_) ||
2659 (prxattrib->encrypt == _GCMP_256_)) {
2660 stainfo = rtw_get_stainfo(&padapter->stapriv, &prxattrib->ta[0]);
2661 if (stainfo != NULL) {
2662 if (IS_MCAST(prxattrib->ra)) {
2663 static systime start = 0;
2664 static u32 no_gkey_bc_cnt = 0;
2665 static u32 no_gkey_mc_cnt = 0;
2666
2667 if ((!MLME_IS_MESH(padapter) && psecuritypriv->binstallGrpkey == _FALSE)
2668 #ifdef CONFIG_RTW_MESH
2669 || !(stainfo->gtk_bmp | BIT(prxattrib->key_index))
2670 #endif
2671 ) {
2672 res = _FAIL;
2673
2674 if (start == 0)
2675 start = rtw_get_current_time();
2676
2677 if (is_broadcast_mac_addr(prxattrib->ra))
2678 no_gkey_bc_cnt++;
2679 else
2680 no_gkey_mc_cnt++;
2681
2682 if (rtw_get_passing_time_ms(start) > 1000) {
2683 if (no_gkey_bc_cnt || no_gkey_mc_cnt) {
2684 RTW_PRINT(FUNC_ADPT_FMT" no_gkey_bc_cnt:%u, no_gkey_mc_cnt:%u\n",
2685 FUNC_ADPT_ARG(padapter), no_gkey_bc_cnt, no_gkey_mc_cnt);
2686 }
2687 start = rtw_get_current_time();
2688 no_gkey_bc_cnt = 0;
2689 no_gkey_mc_cnt = 0;
2690 }
2691
2692 goto exit;
2693 }
2694
2695 if (no_gkey_bc_cnt || no_gkey_mc_cnt) {
2696 RTW_PRINT(FUNC_ADPT_FMT" gkey installed. no_gkey_bc_cnt:%u, no_gkey_mc_cnt:%u\n",
2697 FUNC_ADPT_ARG(padapter), no_gkey_bc_cnt, no_gkey_mc_cnt);
2698 }
2699 start = 0;
2700 no_gkey_bc_cnt = 0;
2701 no_gkey_mc_cnt = 0;
2702
2703 #ifdef CONFIG_RTW_MESH
2704 if (MLME_IS_MESH(padapter)) {
2705 /* TODO: multiple GK? */
2706 prwskey = &stainfo->gtk.skey[0];
2707 } else
2708 #endif
2709 {
2710 prwskey = psecuritypriv->dot118021XGrpKey[prxattrib->key_index].skey;
2711 if (psecuritypriv->dot118021XGrpKeyid != prxattrib->key_index) {
2712 RTW_DBG("not match packet_index=%d, install_index=%d\n"
2713 , prxattrib->key_index, psecuritypriv->dot118021XGrpKeyid);
2714 res = _FAIL;
2715 goto exit;
2716 }
2717 }
2718 } else
2719 prwskey = &stainfo->dot118021x_UncstKey.skey[0];
2720
2721 res = _rtw_gcmp_decrypt(padapter, prwskey,
2722 prxattrib->encrypt == _GCMP_256_ ? 32 : 16,
2723 prxattrib->hdrlen, pframe,
2724 ((union recv_frame *)precvframe)->u.hdr.len);
2725
2726 GCMP_SW_DEC_CNT_INC(psecuritypriv, prxattrib->ra);
2727 } else {
2728 res = _FAIL;
2729 }
2730
2731 }
2732 exit:
2733 return res;
2734 }
2735
2736
2737 #ifdef CONFIG_IEEE80211W
rtw_calculate_bip_mic(enum security_type gmcs,u8 * whdr_pos,s32 len,const u8 * key,const u8 * data,size_t data_len,u8 * mic)2738 u8 rtw_calculate_bip_mic(enum security_type gmcs, u8 *whdr_pos, s32 len,
2739 const u8 *key, const u8 *data, size_t data_len, u8 *mic)
2740 {
2741 u8 res = _SUCCESS;
2742
2743 if (gmcs == _BIP_CMAC_128_) {
2744 if (_bip_ccmp_protect(key, 16, data, data_len, mic) == _FALSE) {
2745 res = _FAIL;
2746 RTW_ERR("%s : _bip_ccmp_protect(128) fail!", __func__);
2747 }
2748 } else if (gmcs == _BIP_CMAC_256_) {
2749 if (_bip_ccmp_protect(key, 32, data, data_len, mic) == _FALSE) {
2750 res = _FAIL;
2751 RTW_ERR("%s : _bip_ccmp_protect(256) fail!", __func__);
2752 }
2753 } else if (gmcs == _BIP_GMAC_128_) {
2754 if (_bip_gcmp_protect(whdr_pos, len, key, 16,
2755 data, data_len, mic) == _FALSE) {
2756 res = _FAIL;
2757 RTW_ERR("%s : _bip_gcmp_protect(128) fail!", __func__);
2758 }
2759 } else if (gmcs == _BIP_GMAC_256_) {
2760 if (_bip_gcmp_protect(whdr_pos, len, key, 32,
2761 data, data_len, mic) == _FALSE) {
2762 res = _FAIL;
2763 RTW_ERR("%s : _bip_gcmp_protect(256) fail!", __func__);
2764 }
2765 } else {
2766 res = _FAIL;
2767 RTW_ERR("%s : unsupport dot11wCipher !\n", __func__);
2768 }
2769
2770 return res;
2771 }
2772
2773
rtw_bip_verify(enum security_type gmcs,u16 pkt_len,u8 * whdr_pos,sint flen,const u8 * key,u16 keyid,u64 * ipn)2774 u32 rtw_bip_verify(enum security_type gmcs, u16 pkt_len,
2775 u8 *whdr_pos, sint flen, const u8 *key, u16 keyid, u64 *ipn)
2776 {
2777 u8 * BIP_AAD,*mme;
2778 u32 res = _FAIL;
2779 uint len, ori_len;
2780 u16 pkt_keyid = 0;
2781 u64 pkt_ipn = 0;
2782 struct rtw_ieee80211_hdr *pwlanhdr;
2783 u8 mic[16];
2784 u8 mic_len, mme_offset;
2785
2786 mic_len = (gmcs == _BIP_CMAC_128_) ? 8 : 16;
2787
2788 if (flen < WLAN_HDR_A3_LEN || flen - WLAN_HDR_A3_LEN < mic_len)
2789 return RTW_RX_HANDLED;
2790
2791 mme_offset = (mic_len == 8) ? 18 : 26;
2792 mme = whdr_pos + flen - mme_offset;
2793 if (*mme != _MME_IE_)
2794 return RTW_RX_HANDLED;
2795
2796 /* copy key index */
2797 _rtw_memcpy(&pkt_keyid, mme + 2, 2);
2798 pkt_keyid = le16_to_cpu(pkt_keyid);
2799 if (pkt_keyid != keyid) {
2800 RTW_INFO("BIP key index error!\n");
2801 return _FAIL;
2802 }
2803
2804 /* save packet number */
2805 _rtw_memcpy(&pkt_ipn, mme + 4, 6);
2806 pkt_ipn = le64_to_cpu(pkt_ipn);
2807 /* BIP packet number should bigger than previous BIP packet */
2808 if (pkt_ipn <= *ipn) { /* wrap around? */
2809 RTW_INFO("replay BIP packet\n");
2810 return _FAIL;
2811 }
2812
2813 ori_len = flen - WLAN_HDR_A3_LEN + BIP_AAD_SIZE;
2814 BIP_AAD = rtw_zmalloc(ori_len);
2815 if (BIP_AAD == NULL) {
2816 RTW_INFO("BIP AAD allocate fail\n");
2817 return _FAIL;
2818 }
2819
2820 /* mapping to wlan header */
2821 pwlanhdr = (struct rtw_ieee80211_hdr *)whdr_pos;
2822
2823 /* save the frame body + MME (w/o mic) */
2824 _rtw_memcpy(BIP_AAD + BIP_AAD_SIZE,
2825 whdr_pos + WLAN_HDR_A3_LEN,
2826 flen - WLAN_HDR_A3_LEN - mic_len);
2827
2828 /* conscruct AAD, copy frame control field */
2829 _rtw_memcpy(BIP_AAD, &pwlanhdr->frame_ctl, 2);
2830 ClearRetry(BIP_AAD);
2831 ClearPwrMgt(BIP_AAD);
2832 ClearMData(BIP_AAD);
2833 /* conscruct AAD, copy address 1 to address 3 */
2834 _rtw_memcpy(BIP_AAD + 2, GetAddr1Ptr((u8 *)pwlanhdr), 18);
2835
2836 if (rtw_calculate_bip_mic(gmcs, whdr_pos,
2837 pkt_len, key, BIP_AAD, ori_len, mic) == _FAIL)
2838 goto BIP_exit;
2839
2840 /* MIC field should be last 8 bytes of packet (packet without FCS) */
2841 if (_rtw_memcmp(mic, whdr_pos + flen - mic_len, mic_len)) {
2842 *ipn = pkt_ipn;
2843 res = _SUCCESS;
2844 } else
2845 RTW_INFO("BIP MIC error!\n");
2846
2847 #if 0
2848 /* management packet content */
2849 {
2850 int pp;
2851 RTW_INFO("pkt: ");
2852 RTW_INFO_DUMP("", whdr_pos, flen);
2853 RTW_INFO("\n");
2854 /* BIP AAD + management frame body + MME(MIC is zero) */
2855 RTW_INFO("AAD+PKT: ");
2856 RTW_INFO_DUMP("", BIP_AAD, ori_len);
2857 RTW_INFO("\n");
2858 /* show the MIC result */
2859 RTW_INFO("mic: ");
2860 RTW_INFO_DUMP("", mic, mic_len);
2861 RTW_INFO("\n");
2862 }
2863 #endif
2864
2865 BIP_exit:
2866
2867 rtw_mfree(BIP_AAD, ori_len);
2868 return res;
2869 }
2870
2871 #endif /* CONFIG_IEEE80211W */
2872
2873