git://bbs.cooldavid.org / net-next-2.6.git / blame
| Commit | Line | Data |
|---|---|---|
| 4bd43f50 LR |
1 | /* |
| 2 | * Copyright (c) 2007-2008 Atheros Communications Inc. | |
| 3 | * | |
| 4 | * Permission to use, copy, modify, and/or distribute this software for any | |
| 5 | * purpose with or without fee is hereby granted, provided that the above | |
| 6 | * copyright notice and this permission notice appear in all copies. | |
| 7 | * | |
| 8 | * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES | |
| 9 | * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF | |
| 10 | * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR | |
| 11 | * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES | |
| 12 | * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN | |
| 13 | * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | |
| 14 | * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | |
| 15 | */ | |
| 16 | /* */ | |
| 17 | /* Module Name : ctkip.c */ | |
| 18 | /* */ | |
| 19 | /* Abstract */ | |
| 20 | /* This module contains Tx and Rx functions. */ | |
| 21 | /* */ | |
| 22 | /* NOTES */ | |
| 23 | /* None */ | |
| 24 | /* */ | |
| 25 | /************************************************************************/ | |
| 26 | #include "cprecomp.h" | |
| 27 | ||
| 28 | u16_t zgTkipSboxLower[256] = | |
| 29 | { | |
| 30 | 0xA5,0x84,0x99,0x8D,0x0D,0xBD,0xB1,0x54, | |
| 31 | 0x50,0x03,0xA9,0x7D,0x19,0x62,0xE6,0x9A, | |
| 32 | 0x45,0x9D,0x40,0x87,0x15,0xEB,0xC9,0x0B, | |
| 33 | 0xEC,0x67,0xFD,0xEA,0xBF,0xF7,0x96,0x5B, | |
| 34 | 0xC2,0x1C,0xAE,0x6A,0x5A,0x41,0x02,0x4F, | |
| 35 | 0x5C,0xF4,0x34,0x08,0x93,0x73,0x53,0x3F, | |
| 36 | 0x0C,0x52,0x65,0x5E,0x28,0xA1,0x0F,0xB5, | |
| 37 | 0x09,0x36,0x9B,0x3D,0x26,0x69,0xCD,0x9F, | |
| 38 | 0x1B,0x9E,0x74,0x2E,0x2D,0xB2,0xEE,0xFB, | |
| 39 | 0xF6,0x4D,0x61,0xCE,0x7B,0x3E,0x71,0x97, | |
| 40 | 0xF5,0x68,0x00,0x2C,0x60,0x1F,0xC8,0xED, | |
| 41 | 0xBE,0x46,0xD9,0x4B,0xDE,0xD4,0xE8,0x4A, | |
| 42 | 0x6B,0x2A,0xE5,0x16,0xC5,0xD7,0x55,0x94, | |
| 43 | 0xCF,0x10,0x06,0x81,0xF0,0x44,0xBA,0xE3, | |
| 44 | 0xF3,0xFE,0xC0,0x8A,0xAD,0xBC,0x48,0x04, | |
| 45 | 0xDF,0xC1,0x75,0x63,0x30,0x1A,0x0E,0x6D, | |
| 46 | 0x4C,0x14,0x35,0x2F,0xE1,0xA2,0xCC,0x39, | |
| 47 | 0x57,0xF2,0x82,0x47,0xAC,0xE7,0x2B,0x95, | |
| 48 | 0xA0,0x98,0xD1,0x7F,0x66,0x7E,0xAB,0x83, | |
| 49 | 0xCA,0x29,0xD3,0x3C,0x79,0xE2,0x1D,0x76, | |
| 50 | 0x3B,0x56,0x4E,0x1E,0xDB,0x0A,0x6C,0xE4, | |
| 51 | 0x5D,0x6E,0xEF,0xA6,0xA8,0xA4,0x37,0x8B, | |
| 52 | 0x32,0x43,0x59,0xB7,0x8C,0x64,0xD2,0xE0, | |
| 53 | 0xB4,0xFA,0x07,0x25,0xAF,0x8E,0xE9,0x18, | |
| 54 | 0xD5,0x88,0x6F,0x72,0x24,0xF1,0xC7,0x51, | |
| 55 | 0x23,0x7C,0x9C,0x21,0xDD,0xDC,0x86,0x85, | |
| 56 | 0x90,0x42,0xC4,0xAA,0xD8,0x05,0x01,0x12, | |
| 57 | 0xA3,0x5F,0xF9,0xD0,0x91,0x58,0x27,0xB9, | |
| 58 | 0x38,0x13,0xB3,0x33,0xBB,0x70,0x89,0xA7, | |
| 59 | 0xB6,0x22,0x92,0x20,0x49,0xFF,0x78,0x7A, | |
| 60 | 0x8F,0xF8,0x80,0x17,0xDA,0x31,0xC6,0xB8, | |
| 61 | 0xC3,0xB0,0x77,0x11,0xCB,0xFC,0xD6,0x3A | |
| 62 | }; | |
| 63 | ||
| 64 | ||
| 65 | u16_t zgTkipSboxUpper[256] = | |
| 66 | { | |
| 67 | 0xC6,0xF8,0xEE,0xF6,0xFF,0xD6,0xDE,0x91, | |
| 68 | 0x60,0x02,0xCE,0x56,0xE7,0xB5,0x4D,0xEC, | |
| 69 | 0x8F,0x1F,0x89,0xFA,0xEF,0xB2,0x8E,0xFB, | |
| 70 | 0x41,0xB3,0x5F,0x45,0x23,0x53,0xE4,0x9B, | |
| 71 | 0x75,0xE1,0x3D,0x4C,0x6C,0x7E,0xF5,0x83, | |
| 72 | 0x68,0x51,0xD1,0xF9,0xE2,0xAB,0x62,0x2A, | |
| 73 | 0x08,0x95,0x46,0x9D,0x30,0x37,0x0A,0x2F, | |
| 74 | 0x0E,0x24,0x1B,0xDF,0xCD,0x4E,0x7F,0xEA, | |
| 75 | 0x12,0x1D,0x58,0x34,0x36,0xDC,0xB4,0x5B, | |
| 76 | 0xA4,0x76,0xB7,0x7D,0x52,0xDD,0x5E,0x13, | |
| 77 | 0xA6,0xB9,0x00,0xC1,0x40,0xE3,0x79,0xB6, | |
| 78 | 0xD4,0x8D,0x67,0x72,0x94,0x98,0xB0,0x85, | |
| 79 | 0xBB,0xC5,0x4F,0xED,0x86,0x9A,0x66,0x11, | |
| 80 | 0x8A,0xE9,0x04,0xFE,0xA0,0x78,0x25,0x4B, | |
| 81 | 0xA2,0x5D,0x80,0x05,0x3F,0x21,0x70,0xF1, | |
| 82 | 0x63,0x77,0xAF,0x42,0x20,0xE5,0xFD,0xBF, | |
| 83 | 0x81,0x18,0x26,0xC3,0xBE,0x35,0x88,0x2E, | |
| 84 | 0x93,0x55,0xFC,0x7A,0xC8,0xBA,0x32,0xE6, | |
| 85 | 0xC0,0x19,0x9E,0xA3,0x44,0x54,0x3B,0x0B, | |
| 86 | 0x8C,0xC7,0x6B,0x28,0xA7,0xBC,0x16,0xAD, | |
| 87 | 0xDB,0x64,0x74,0x14,0x92,0x0C,0x48,0xB8, | |
| 88 | 0x9F,0xBD,0x43,0xC4,0x39,0x31,0xD3,0xF2, | |
| 89 | 0xD5,0x8B,0x6E,0xDA,0x01,0xB1,0x9C,0x49, | |
| 90 | 0xD8,0xAC,0xF3,0xCF,0xCA,0xF4,0x47,0x10, | |
| 91 | 0x6F,0xF0,0x4A,0x5C,0x38,0x57,0x73,0x97, | |
| 92 | 0xCB,0xA1,0xE8,0x3E,0x96,0x61,0x0D,0x0F, | |
| 93 | 0xE0,0x7C,0x71,0xCC,0x90,0x06,0xF7,0x1C, | |
| 94 | 0xC2,0x6A,0xAE,0x69,0x17,0x99,0x3A,0x27, | |
| 95 | 0xD9,0xEB,0x2B,0x22,0xD2,0xA9,0x07,0x33, | |
| 96 | 0x2D,0x3C,0x15,0xC9,0x87,0xAA,0x50,0xA5, | |
| 97 | 0x03,0x59,0x09,0x1A,0x65,0xD7,0x84,0xD0, | |
| 98 | 0x82,0x29,0x5A,0x1E,0x7B,0xA8,0x6D,0x2C | |
| 99 | }; | |
| 100 | ||
| 101 | u16_t zfrotr1(u16_t a) | |
| 102 | // rotate right by 1 bit. | |
| 103 | { | |
| 104 | u16_t b; | |
| 105 | ||
| 106 | if (a & 0x01) | |
| 107 | { | |
| 108 | b = (a >> 1) | 0x8000; | |
| 109 | } | |
| 110 | else | |
| 111 | { | |
| 112 | b = (a >> 1) & 0x7fff; | |
| 113 | } | |
| 114 | return b; | |
| 115 | } | |
| 116 | ||
| 117 | /*************************************************************/ | |
| 118 | /* zfTkipSbox() */ | |
| 119 | /* Returns a 16 bit value from a 64K entry table. The Table */ | |
| 120 | /* is synthesized from two 256 entry byte wide tables. */ | |
| 121 | /*************************************************************/ | |
| 122 | u16_t zfTkipSbox(u16_t index) | |
| 123 | { | |
| 124 | u16_t low; | |
| 125 | u16_t high; | |
| 126 | u16_t left, right; | |
| 127 | ||
| 128 | low = (index & 0xFF); | |
| 129 | high = ((index >> 8) & 0xFF); | |
| 130 | ||
| 131 | left = zgTkipSboxLower[low] + (zgTkipSboxUpper[low] << 8 ); | |
| 132 | right = zgTkipSboxUpper[high] + (zgTkipSboxLower[high] << 8 ); | |
| 133 | ||
| 134 | return (left ^ right); | |
| 135 | } | |
| 136 | ||
| 137 | u8_t zfTkipPhase1KeyMix(u32_t iv32, struct zsTkipSeed* pSeed) | |
| 138 | { | |
| 139 | u16_t tsc0; | |
| 140 | u16_t tsc1; | |
| 141 | u16_t i, j; | |
| 142 | #if 0 | |
| 143 | /* Need not proceed this function with the same iv32 */ | |
| 144 | if ( iv32 == pSeed->iv32 ) | |
| 145 | { | |
| 146 | return 1; | |
| 147 | } | |
| 148 | #endif | |
| 149 | tsc0 = (u16_t) ((iv32 >> 16) & 0xffff); /* msb */ | |
| 150 | tsc1 = (u16_t) (iv32 & 0xffff); | |
| 151 | ||
| 152 | /* Phase 1, step 1 */ | |
| 153 | pSeed->ttak[0] = tsc1; | |
| 154 | pSeed->ttak[1] = tsc0; | |
| 155 | pSeed->ttak[2] = (u16_t) (pSeed->ta[0] + (pSeed->ta[1] <<8)); | |
| 156 | pSeed->ttak[3] = (u16_t) (pSeed->ta[2] + (pSeed->ta[3] <<8)); | |
| 157 | pSeed->ttak[4] = (u16_t) (pSeed->ta[4] + (pSeed->ta[5] <<8)); | |
| 158 | ||
| 159 | /* Phase 1, step 2 */ | |
| 160 | for (i=0; i<8; i++) | |
| 161 | { | |
| 162 | j = 2*(i & 1); | |
| 163 | pSeed->ttak[0] =(pSeed->ttak[0] + zfTkipSbox(pSeed->ttak[4] | |
| 164 | ^ ZM_BYTE_TO_WORD(pSeed->tk[1+j], pSeed->tk[j]))) | |
| 165 | & 0xffff; | |
| 166 | pSeed->ttak[1] =(pSeed->ttak[1] + zfTkipSbox(pSeed->ttak[0] | |
| 167 | ^ ZM_BYTE_TO_WORD(pSeed->tk[5+j], pSeed->tk[4+j] ))) | |
| 168 | & 0xffff; | |
| 169 | pSeed->ttak[2] =(pSeed->ttak[2] + zfTkipSbox(pSeed->ttak[1] | |
| 170 | ^ ZM_BYTE_TO_WORD(pSeed->tk[9+j], pSeed->tk[8+j] ))) | |
| 171 | & 0xffff; | |
| 172 | pSeed->ttak[3] =(pSeed->ttak[3] + zfTkipSbox(pSeed->ttak[2] | |
| 173 | ^ ZM_BYTE_TO_WORD(pSeed->tk[13+j], pSeed->tk[12+j]))) | |
| 174 | & 0xffff; | |
| 175 | pSeed->ttak[4] =(pSeed->ttak[4] + zfTkipSbox(pSeed->ttak[3] | |
| 176 | ^ ZM_BYTE_TO_WORD(pSeed->tk[1+j], pSeed->tk[j] ))) | |
| 177 | & 0xffff; | |
| 178 | pSeed->ttak[4] =(pSeed->ttak[4] + i) & 0xffff; | |
| 179 | } | |
| 180 | ||
| 181 | if ( iv32 == (pSeed->iv32+1) ) | |
| 182 | { | |
| 183 | pSeed->iv32tmp = iv32; | |
| 184 | return 1; | |
| 185 | } | |
| 186 | ||
| 187 | return 0; | |
| 188 | } | |
| 189 | ||
| 190 | u8_t zfTkipPhase2KeyMix(u16_t iv16, struct zsTkipSeed* pSeed) | |
| 191 | { | |
| 192 | u16_t tsc2; | |
| 193 | ||
| 194 | tsc2 = iv16; | |
| 195 | ||
| 196 | /* Phase 2, Step 1 */ | |
| 197 | pSeed->ppk[0] = pSeed->ttak[0]; | |
| 198 | pSeed->ppk[1] = pSeed->ttak[1]; | |
| 199 | pSeed->ppk[2] = pSeed->ttak[2]; | |
| 200 | pSeed->ppk[3] = pSeed->ttak[3]; | |
| 201 | pSeed->ppk[4] = pSeed->ttak[4]; | |
| 202 | pSeed->ppk[5] = (pSeed->ttak[4] + tsc2) & 0xffff; | |
| 203 | ||
| 204 | /* Phase2, Step 2 */ | |
| 205 | pSeed->ppk[0] = pSeed->ppk[0] | |
| 206 | + zfTkipSbox(pSeed->ppk[5] ^ ZM_BYTE_TO_WORD(pSeed->tk[1],pSeed->tk[0])); | |
| 207 | pSeed->ppk[1] = pSeed->ppk[1] | |
| 208 | + zfTkipSbox(pSeed->ppk[0] ^ ZM_BYTE_TO_WORD(pSeed->tk[3],pSeed->tk[2])); | |
| 209 | pSeed->ppk[2] = pSeed->ppk[2] | |
| 210 | + zfTkipSbox(pSeed->ppk[1] ^ ZM_BYTE_TO_WORD(pSeed->tk[5],pSeed->tk[4])); | |
| 211 | pSeed->ppk[3] = pSeed->ppk[3] | |
| 212 | + zfTkipSbox(pSeed->ppk[2] ^ ZM_BYTE_TO_WORD(pSeed->tk[7],pSeed->tk[6])); | |
| 213 | pSeed->ppk[4] = pSeed->ppk[4] | |
| 214 | + zfTkipSbox(pSeed->ppk[3] ^ ZM_BYTE_TO_WORD(pSeed->tk[9],pSeed->tk[8])); | |
| 215 | pSeed->ppk[5] = pSeed->ppk[5] | |
| 216 | + zfTkipSbox(pSeed->ppk[4] ^ ZM_BYTE_TO_WORD(pSeed->tk[11],pSeed->tk[10])); | |
| 217 | ||
| 218 | pSeed->ppk[0] = pSeed->ppk[0] | |
| 219 | + zfrotr1(pSeed->ppk[5] ^ ZM_BYTE_TO_WORD(pSeed->tk[13],pSeed->tk[12])); | |
| 220 | pSeed->ppk[1] = pSeed->ppk[1] | |
| 221 | + zfrotr1(pSeed->ppk[0] ^ ZM_BYTE_TO_WORD(pSeed->tk[15],pSeed->tk[14])); | |
| 222 | pSeed->ppk[2] = pSeed->ppk[2] + zfrotr1(pSeed->ppk[1]); | |
| 223 | pSeed->ppk[3] = pSeed->ppk[3] + zfrotr1(pSeed->ppk[2]); | |
| 224 | pSeed->ppk[4] = pSeed->ppk[4] + zfrotr1(pSeed->ppk[3]); | |
| 225 | pSeed->ppk[5] = pSeed->ppk[5] + zfrotr1(pSeed->ppk[4]); | |
| 226 | ||
| 227 | if (iv16 == 0) | |
| 228 | { | |
| 229 | if (pSeed->iv16 == 0xffff) | |
| 230 | { | |
| 231 | pSeed->iv16tmp=0; | |
| 232 | return 1; | |
| 233 | } | |
| 234 | else | |
| 235 | return 0; | |
| 236 | } | |
| 237 | else if (iv16 == (pSeed->iv16+1)) | |
| 238 | { | |
| 239 | pSeed->iv16tmp = iv16; | |
| 240 | return 1; | |
| 241 | } | |
| 242 | else | |
| 243 | return 0; | |
| 244 | } | |
| 245 | ||
| 246 | void zfTkipInit(u8_t* key, u8_t* ta, struct zsTkipSeed* pSeed, u8_t* initIv) | |
| 247 | { | |
| 248 | u16_t iv16; | |
| 249 | u32_t iv32; | |
| 250 | u16_t i; | |
| 251 | ||
| 252 | /* clear memory */ | |
| 253 | zfZeroMemory((u8_t*) pSeed, sizeof(struct zsTkipSeed)); | |
| 254 | /* set key to seed */ | |
| 255 | zfMemoryCopy(pSeed->ta, ta, 6); | |
| 256 | zfMemoryCopy(pSeed->tk, key, 16); | |
| 257 | ||
| 0daa04a5 SH |
258 | iv16 = *initIv; |
| 259 | initIv++; | |
| 4bd43f50 LR |
260 | iv16 += *initIv<<8; |
| 261 | initIv++; | |
| 262 | ||
| 263 | iv32=0; | |
| 264 | ||
| 265 | for(i=0; i<4; i++) // initiv is little endian | |
| 266 | { | |
| 267 | iv32 += *initIv<<(i*8); | |
| 0daa04a5 | 268 | initIv++; |
| 4bd43f50 LR |
269 | } |
| 270 | ||
| 271 | pSeed->iv32 = iv32+1; // Force Recalculating on Tkip Phase1 | |
| 272 | zfTkipPhase1KeyMix(iv32, pSeed); | |
| 273 | ||
| 274 | pSeed->iv16 = iv16; | |
| 275 | pSeed->iv32 = iv32; | |
| 276 | } | |
| 277 | ||
| 278 | u32_t zfGetU32t(u8_t* p) | |
| 279 | { | |
| 280 | u32_t res=0; | |
| 281 | u16_t i; | |
| 282 | ||
| 283 | for( i=0; i<4; i++ ) | |
| 284 | { | |
| 285 | res |= (*p++) << (8*i); | |
| 286 | } | |
| 287 | ||
| 288 | return res; | |
| 289 | ||
| 290 | } | |
| 291 | ||
| 292 | void zfPutU32t(u8_t* p, u32_t value) | |
| 293 | { | |
| 294 | u16_t i; | |
| 295 | ||
| 296 | for(i=0; i<4; i++) | |
| 297 | { | |
| 298 | *p++ = (u8_t) (value & 0xff); | |
| 299 | value >>= 8; | |
| 300 | } | |
| 301 | } | |
| 302 | ||
| 303 | void zfMicClear(struct zsMicVar* pMic) | |
| 304 | { | |
| 305 | pMic->left = pMic->k0; | |
| 306 | pMic->right = pMic->k1; | |
| 307 | pMic->nBytes = 0; | |
| 308 | pMic->m = 0; | |
| 309 | } | |
| 310 | ||
| 311 | void zfMicSetKey(u8_t* key, struct zsMicVar* pMic) | |
| 312 | { | |
| 313 | pMic->k0 = zfGetU32t(key); | |
| 314 | pMic->k1 = zfGetU32t(key+4); | |
| 315 | zfMicClear(pMic); | |
| 316 | } | |
| 317 | ||
| 318 | void zfMicAppendByte(u8_t b, struct zsMicVar* pMic) | |
| 319 | { | |
| 320 | // Append the byte to our word-sized buffer | |
| 321 | pMic->m |= b << (8* pMic->nBytes); | |
| 322 | pMic->nBytes++; | |
| 323 | ||
| 324 | // Process the word if it is full. | |
| 325 | if ( pMic->nBytes >= 4 ) | |
| 326 | { | |
| 327 | pMic->left ^= pMic->m; | |
| 328 | pMic->right ^= ZM_ROL32(pMic->left, 17 ); | |
| 329 | pMic->left += pMic->right; | |
| 330 | pMic->right ^= ((pMic->left & 0xff00ff00) >> 8) | | |
| 331 | ((pMic->left & 0x00ff00ff) << 8); | |
| 332 | pMic->left += pMic->right; | |
| 333 | pMic->right ^= ZM_ROL32( pMic->left, 3 ); | |
| 334 | pMic->left += pMic->right; | |
| 335 | pMic->right ^= ZM_ROR32( pMic->left, 2 ); | |
| 336 | pMic->left += pMic->right; | |
| 337 | // Clear the buffer | |
| 338 | pMic->m = 0; | |
| 339 | pMic->nBytes = 0; | |
| 340 | } | |
| 341 | } | |
| 342 | ||
| 343 | void zfMicGetMic(u8_t* dst, struct zsMicVar* pMic) | |
| 344 | { | |
| 345 | // Append the minimum padding | |
| 346 | zfMicAppendByte(0x5a, pMic); | |
| 347 | zfMicAppendByte(0, pMic); | |
| 348 | zfMicAppendByte(0, pMic); | |
| 349 | zfMicAppendByte(0, pMic); | |
| 350 | zfMicAppendByte(0, pMic); | |
| 351 | ||
| 352 | // and then zeroes until the length is a multiple of 4 | |
| 353 | while( pMic->nBytes != 0 ) | |
| 354 | { | |
| 355 | zfMicAppendByte(0, pMic); | |
| 356 | } | |
| 357 | ||
| 358 | // The appendByte function has already computed the result. | |
| 359 | zfPutU32t(dst, pMic->left); | |
| 360 | zfPutU32t(dst+4, pMic->right); | |
| 361 | ||
| 362 | // Reset to the empty message. | |
| 363 | zfMicClear(pMic); | |
| 364 | ||
| 365 | } | |
| 366 | ||
| 367 | u8_t zfMicRxVerify(zdev_t* dev, zbuf_t* buf) | |
| 368 | { | |
| 369 | struct zsMicVar* pMicKey; | |
| 370 | struct zsMicVar MyMicKey; | |
| 371 | u8_t mic[8]; | |
| 372 | u8_t da[6]; | |
| 373 | u8_t sa[6]; | |
| 374 | u8_t bValue; | |
| 375 | u16_t i, payloadOffset, tailOffset; | |
| 376 | ||
| 377 | zmw_get_wlan_dev(dev); | |
| 378 | ||
| 379 | /* need not check MIC if pMicKEy is equal to NULL */ | |
| 380 | if ( wd->wlanMode == ZM_MODE_AP ) | |
| 381 | { | |
| 382 | pMicKey = zfApGetRxMicKey(dev, buf); | |
| 383 | ||
| 384 | if ( pMicKey != NULL ) | |
| 385 | { | |
| 386 | zfCopyFromRxBuffer(dev, buf, sa, ZM_WLAN_HEADER_A2_OFFSET, 6); | |
| 387 | zfCopyFromRxBuffer(dev, buf, da, ZM_WLAN_HEADER_A3_OFFSET, 6); | |
| 388 | } | |
| 389 | else | |
| 390 | { | |
| 391 | return ZM_MIC_SUCCESS; | |
| 392 | } | |
| 393 | } | |
| 394 | else if ( wd->wlanMode == ZM_MODE_INFRASTRUCTURE ) | |
| 395 | { | |
| 396 | pMicKey = zfStaGetRxMicKey(dev, buf); | |
| 397 | ||
| 398 | if ( pMicKey != NULL ) | |
| 399 | { | |
| 400 | zfCopyFromRxBuffer(dev, buf, sa, ZM_WLAN_HEADER_A3_OFFSET, 6); | |
| 401 | zfCopyFromRxBuffer(dev, buf, da, ZM_WLAN_HEADER_A1_OFFSET, 6); | |
| 402 | } | |
| 403 | else | |
| 404 | { | |
| 405 | return ZM_MIC_SUCCESS; | |
| 406 | } | |
| 407 | } | |
| 408 | else | |
| 409 | { | |
| 410 | return ZM_MIC_SUCCESS; | |
| 411 | } | |
| 412 | ||
| 413 | MyMicKey.k0=pMicKey->k0; | |
| 414 | MyMicKey.k1=pMicKey->k1; | |
| 415 | pMicKey = &MyMicKey; | |
| 416 | ||
| 417 | zfMicClear(pMicKey); | |
| 418 | tailOffset = zfwBufGetSize(dev, buf); | |
| 419 | tailOffset -= 8; | |
| 420 | ||
| 421 | /* append DA */ | |
| 422 | for(i=0; i<6; i++) | |
| 423 | { | |
| 424 | zfMicAppendByte(da[i], pMicKey); | |
| 425 | } | |
| 426 | /* append SA */ | |
| 427 | for(i=0; i<6; i++) | |
| 428 | { | |
| 429 | zfMicAppendByte(sa[i], pMicKey); | |
| 430 | } | |
| 431 | ||
| 432 | /* append for alignment */ | |
| 433 | if ((zmw_rx_buf_readb(dev, buf, 0) & 0x80) != 0) | |
| 434 | zfMicAppendByte(zmw_rx_buf_readb(dev, buf,24)&0x7, pMicKey); | |
| 435 | else | |
| 436 | zfMicAppendByte(0, pMicKey); | |
| 437 | zfMicAppendByte(0, pMicKey); | |
| 438 | zfMicAppendByte(0, pMicKey); | |
| 439 | zfMicAppendByte(0, pMicKey); | |
| 440 | ||
| 441 | /* append payload */ | |
| 442 | payloadOffset = ZM_SIZE_OF_WLAN_DATA_HEADER + | |
| 443 | ZM_SIZE_OF_IV + | |
| 444 | ZM_SIZE_OF_EXT_IV; | |
| 445 | ||
| 446 | if ((zmw_rx_buf_readb(dev, buf, 0) & 0x80) != 0) | |
| 447 | { | |
| 448 | /* Qos Packet, Plcpheader + 2 */ | |
| 449 | if (wd->wlanMode == ZM_MODE_AP) | |
| 450 | { | |
| 451 | /* TODO : Rx Qos element offset in software MIC check */ | |
| 452 | } | |
| 453 | else if (wd->wlanMode == ZM_MODE_INFRASTRUCTURE) | |
| 454 | { | |
| 455 | if (wd->sta.wmeConnected != 0) | |
| 456 | { | |
| 457 | payloadOffset += 2; | |
| 458 | } | |
| 459 | } | |
| 460 | } | |
| 461 | ||
| 462 | for(i=payloadOffset; i<tailOffset; i++) | |
| 463 | { | |
| 464 | bValue = zmw_rx_buf_readb(dev, buf, i); | |
| 465 | zfMicAppendByte(bValue, pMicKey); | |
| 466 | } | |
| 467 | ||
| 468 | zfMicGetMic(mic, pMicKey); | |
| 469 | ||
| 470 | if ( !zfRxBufferEqualToStr(dev, buf, mic, tailOffset, 8) ) | |
| 471 | { | |
| 472 | return ZM_MIC_FAILURE; | |
| 473 | } | |
| 474 | ||
| 475 | return ZM_MIC_SUCCESS; | |
| 476 | } | |
| 477 | ||
| 478 | void zfTkipGetseeds(u16_t iv16, u8_t *RC4Key, struct zsTkipSeed *Seed) | |
| 479 | { | |
| 480 | RC4Key[0] = ZM_HI8(iv16); | |
| 481 | RC4Key[1] = (ZM_HI8(iv16) | 0x20) & 0x7f; | |
| 482 | RC4Key[2] = ZM_LO8(iv16); | |
| 483 | RC4Key[3] = ((Seed->ppk[5] ^ ZM_BYTE_TO_WORD(Seed->tk[1],Seed->tk[0]))>>1) & 0xff; | |
| 484 | RC4Key[4] = Seed->ppk[0] & 0xff; | |
| 485 | RC4Key[5] = Seed->ppk[0] >> 8; | |
| 486 | RC4Key[6] = Seed->ppk[1] & 0xff; | |
| 487 | RC4Key[7] = Seed->ppk[1] >> 8; | |
| 488 | RC4Key[8] = Seed->ppk[2] & 0xff; | |
| 489 | RC4Key[9] = Seed->ppk[2] >> 8; | |
| 490 | RC4Key[10] = Seed->ppk[3] & 0xff; | |
| 491 | RC4Key[11] = Seed->ppk[3] >> 8; | |
| 492 | RC4Key[12] = Seed->ppk[4] & 0xff; | |
| 493 | RC4Key[13] = Seed->ppk[4] >> 8; | |
| 494 | RC4Key[14] = Seed->ppk[5] & 0xff; | |
| 495 | RC4Key[15] = Seed->ppk[5] >> 8; | |
| 496 | } | |
| 497 | ||
| 498 | void zfCalTxMic(zdev_t *dev, zbuf_t *buf, u8_t *snap, u16_t snapLen, u16_t offset, u16_t *da, u16_t *sa, u8_t up, u8_t *mic) | |
| 499 | { | |
| 500 | struct zsMicVar* pMicKey; | |
| 501 | u16_t i; | |
| 502 | u16_t len; | |
| 503 | u8_t bValue; | |
| 504 | u8_t qosType; | |
| 505 | u8_t *pDa = (u8_t *)da; | |
| 506 | u8_t *pSa = (u8_t *)sa; | |
| 507 | ||
| 508 | zmw_get_wlan_dev(dev); | |
| 509 | ||
| 510 | /* need not check MIC if pMicKEy is equal to NULL */ | |
| 511 | if ( wd->wlanMode == ZM_MODE_AP ) | |
| 512 | { | |
| 513 | pMicKey = zfApGetTxMicKey(dev, buf, &qosType); | |
| 514 | ||
| 515 | if ( pMicKey == NULL ) | |
| 516 | return; | |
| 517 | } | |
| 518 | else if ( wd->wlanMode == ZM_MODE_INFRASTRUCTURE ) | |
| 519 | { | |
| 520 | pMicKey = zfStaGetTxMicKey(dev, buf); | |
| 521 | ||
| 522 | if ( pMicKey == NULL ) | |
| 523 | { | |
| 524 | zm_debug_msg0("pMicKey is NULL"); | |
| 525 | return; | |
| 526 | } | |
| 527 | } | |
| 528 | else | |
| 529 | { | |
| 530 | return; | |
| 531 | } | |
| 532 | ||
| 533 | zfMicClear(pMicKey); | |
| 534 | len = zfwBufGetSize(dev, buf); | |
| 535 | ||
| 536 | /* append DA */ | |
| 537 | for(i = 0; i < 6; i++) | |
| 538 | { | |
| 539 | zfMicAppendByte(pDa[i], pMicKey); | |
| 540 | } | |
| 541 | ||
| 542 | /* append SA */ | |
| 543 | for(i = 0; i < 6; i++) | |
| 544 | { | |
| 545 | zfMicAppendByte(pSa[i], pMicKey); | |
| 546 | } | |
| 547 | ||
| 548 | if (up != 0) | |
| 549 | zfMicAppendByte((up&0x7), pMicKey); | |
| 550 | else | |
| 551 | zfMicAppendByte(0, pMicKey); | |
| 552 | ||
| 553 | zfMicAppendByte(0, pMicKey); | |
| 554 | zfMicAppendByte(0, pMicKey); | |
| 555 | zfMicAppendByte(0, pMicKey); | |
| 556 | ||
| 557 | /* For Snap header */ | |
| 558 | for(i = 0; i < snapLen; i++) | |
| 559 | { | |
| 560 | zfMicAppendByte(snap[i], pMicKey); | |
| 561 | } | |
| 562 | ||
| 563 | for(i = offset; i < len; i++) | |
| 564 | { | |
| 565 | bValue = zmw_tx_buf_readb(dev, buf, i); | |
| 566 | zfMicAppendByte(bValue, pMicKey); | |
| 567 | } | |
| 568 | ||
| 569 | zfMicGetMic(mic, pMicKey); | |
| 570 | } | |
| 571 | ||
| 572 | void zfTKIPEncrypt(zdev_t *dev, zbuf_t *buf, u8_t *snap, u16_t snapLen, u16_t offset, u8_t keyLen, u8_t* key, u32_t* icv) | |
| 573 | { | |
| 574 | u8_t iv[3]; | |
| 575 | ||
| 576 | iv[0] = key[0]; | |
| 577 | iv[1] = key[1]; | |
| 578 | iv[2] = key[2]; | |
| 579 | ||
| 580 | keyLen -= 3; | |
| 581 | ||
| 582 | zfWEPEncrypt(dev, buf, snap, snapLen, offset, keyLen, &key[3], iv); | |
| 583 | } | |
| 584 | ||
| 585 | u16_t zfTKIPDecrypt(zdev_t *dev, zbuf_t *buf, u16_t offset, u8_t keyLen, u8_t* key) | |
| 586 | { | |
| 587 | u16_t ret = ZM_ICV_SUCCESS; | |
| 588 | u8_t iv[3]; | |
| 589 | ||
| 590 | iv[0] = key[0]; | |
| 591 | iv[1] = key[1]; | |
| 592 | iv[2] = key[2]; | |
| 593 | ||
| 594 | keyLen -= 3; | |
| 595 | ||
| 596 | ret = zfWEPDecrypt(dev, buf, offset, keyLen, &key[3], iv); | |
| 597 | ||
| 598 | return ret; | |
| 599 | } |