1 /******************************************************************************
3 * Copyright(c) 2007 - 2011 Realtek Corporation. All rights reserved.
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of version 2 of the GNU General Public License as
7 * published by the Free Software Foundation.
9 * This program is distributed in the hope that it will be useful, but WITHOUT
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
14 ******************************************************************************/
15 #ifndef __RTW_SECURITY_H_
16 #define __RTW_SECURITY_H_
18 #include <osdep_service.h>
19 #include <drv_types.h>
20 #include <net/lib80211.h>
23 #define is_wep_enc(alg) (alg == WLAN_CIPHER_SUITE_WEP40 || \
24 alg == WLAN_CIPHER_SUITE_WEP104)
26 #define SHA256_MAC_LEN 32
27 #define AES_BLOCK_SIZE 16
28 #define AES_PRIV_SIZE (4 * 44)
30 enum ENCRYP_PROTOCOL
{
31 ENCRYP_PROTOCOL_OPENSYS
, /* open system */
32 ENCRYP_PROTOCOL_WEP
, /* WEP */
33 ENCRYP_PROTOCOL_WPA
, /* WPA */
34 ENCRYP_PROTOCOL_WPA2
, /* WPA2 */
38 #ifndef Ndis802_11AuthModeWPA2
39 #define Ndis802_11AuthModeWPA2 (Ndis802_11AuthModeWPANone + 1)
42 #ifndef Ndis802_11AuthModeWPA2PSK
43 #define Ndis802_11AuthModeWPA2PSK (Ndis802_11AuthModeWPANone + 2)
49 #ifdef __LITTLE_ENDIAN
62 #elif defined(__BIG_ENDIAN)
75 #error Need BIG or LITTLE endian
87 u8 key
[WLAN_KEY_LEN_WEP104
+ 1]; /* 14 */
91 struct rt_pmkid_list
{
100 struct security_priv
{
101 u32 dot11AuthAlgrthm
; /* 802.11 auth, could be open, shared,
102 * 8021x and authswitch */
103 u32 dot11PrivacyAlgrthm
; /* This specifies the privacy for
104 * shared auth. algorithm.
107 u32 dot11PrivacyKeyIndex
; /* this is only valid for legendary
108 * wep, 0~3 for key id. (tx key index)
110 struct rtw_wep_key wep_key
[NUM_WEP_KEYS
];
112 u32 dot118021XGrpPrivacy
; /* specify the privacy algthm.
115 u32 dot118021XGrpKeyid
; /* key id used for Grp Key
118 union Keytype dot118021XGrpKey
[4];/* 802.1x Grp Key, inx0 and inx1 */
119 union Keytype dot118021XGrptxmickey
[4];
120 union Keytype dot118021XGrprxmickey
[4];
121 union pn48 dot11Grptxpn
; /* PN48 used for Grp Key xmit.*/
122 union pn48 dot11Grprxpn
; /* PN48 used for Grp Key recv.*/
124 #ifdef CONFIG_8723AU_AP_MODE
125 /* extend security capabilities for AP_MODE */
126 unsigned int dot8021xalg
;/* 0:disable, 1:psk, 2:802.1x */
127 unsigned int wpa_psk
;/* 0:disable, bit(0): WPA, bit(1):WPA2 */
128 unsigned int wpa_group_cipher
;
129 unsigned int wpa2_group_cipher
;
130 unsigned int wpa_pairwise_cipher
;
131 unsigned int wpa2_pairwise_cipher
;
134 u8 wps_ie
[MAX_WPS_IE_LEN
];/* added in assoc req */
136 unsigned int binstallGrpkey
:1;
137 unsigned int busetkipkey
:1;
138 unsigned int bcheck_grpkey
:1;
139 unsigned int hw_decrypted
:1;
140 u32 ndisauthtype
; /* enum ndis_802_11_auth_mode */
141 u32 ndisencryptstatus
; /* NDIS_802_11_ENCRYPTION_STATUS */
142 struct wlan_bssid_ex sec_bss
; /* for joinbss (h2c buffer) usage */
144 u8 szofcapability
[256]; /* for wpa2 usage */
145 u8 oidassociation
[512]; /* for wpa/wpa2 usage */
146 u8 supplicant_ie
[256]; /* store sta security information element */
148 /* for tkip countermeasure */
149 unsigned long last_mic_err_time
;
150 u8 btkip_countermeasure
;
151 u8 btkip_wait_report
;
152 unsigned long btkip_countermeasure_time
;
154 /* For WPA2 Pre-Authentication. */
155 struct rt_pmkid_list PMKIDList
[NUM_PMKID_CACHE
];
157 u8 bWepDefaultKeyIdxSet
;
160 struct sha256_state
{
162 u32 state
[8], curlen
;
166 #define GET_ENCRY_ALGO(psecuritypriv, psta, encry_algo, bmcst)\
168 switch (psecuritypriv->dot11AuthAlgrthm) {\
169 case dot11AuthAlgrthm_Open:\
170 case dot11AuthAlgrthm_Shared:\
171 case dot11AuthAlgrthm_Auto:\
172 encry_algo = psecuritypriv->dot11PrivacyAlgrthm;\
174 case dot11AuthAlgrthm_8021X:\
176 encry_algo = psecuritypriv->dot118021XGrpPrivacy;\
178 encry_algo = psta->dot118021XPrivacy;\
183 #define GET_TKIP_PN(iv, dot11txpn)\
185 dot11txpn._byte_.TSC0 = iv[2];\
186 dot11txpn._byte_.TSC1 = iv[0];\
187 dot11txpn._byte_.TSC2 = iv[4];\
188 dot11txpn._byte_.TSC3 = iv[5];\
189 dot11txpn._byte_.TSC4 = iv[6];\
190 dot11txpn._byte_.TSC5 = iv[7];\
193 #define ROL32(A, n) (((A) << (n)) | (((A)>>(32-(n))) & ((1UL << (n)) - 1)))
194 #define ROR32(A, n) ROL32((A), 32-(n))
197 u32 K0
, K1
; /* Key */
198 u32 L
, R
; /* Current state */
199 u32 M
; /* Message accumulator (single word) */
200 u32 nBytesInM
; /* # bytes in M */
203 extern const u32 Te0
[256];
204 extern const u32 Te1
[256];
205 extern const u32 Te2
[256];
206 extern const u32 Te3
[256];
207 extern const u32 Te4
[256];
208 extern const u32 Td0
[256];
209 extern const u32 Td1
[256];
210 extern const u32 Td2
[256];
211 extern const u32 Td3
[256];
212 extern const u32 Td4
[256];
213 extern const u32 rcon
[10];
214 extern const u8 Td4s
[256];
215 extern const u8 rcons
[10];
217 #define RCON(i) (rcons[(i)] << 24)
219 static inline u32
rotr(u32 val
, int bits
)
221 return (val
>> bits
) | (val
<< (32 - bits
));
224 #define TE0(i) Te0[((i) >> 24) & 0xff]
225 #define TE1(i) rotr(Te0[((i) >> 16) & 0xff], 8)
226 #define TE2(i) rotr(Te0[((i) >> 8) & 0xff], 16)
227 #define TE3(i) rotr(Te0[(i) & 0xff], 24)
228 #define TE41(i) ((Te0[((i) >> 24) & 0xff] << 8) & 0xff000000)
229 #define TE42(i) (Te0[((i) >> 16) & 0xff] & 0x00ff0000)
230 #define TE43(i) (Te0[((i) >> 8) & 0xff] & 0x0000ff00)
231 #define TE44(i) ((Te0[(i) & 0xff] >> 8) & 0x000000ff)
232 #define TE421(i) ((Te0[((i) >> 16) & 0xff] << 8) & 0xff000000)
233 #define TE432(i) (Te0[((i) >> 8) & 0xff] & 0x00ff0000)
234 #define TE443(i) (Te0[(i) & 0xff] & 0x0000ff00)
235 #define TE414(i) ((Te0[((i) >> 24) & 0xff] >> 8) & 0x000000ff)
236 #define TE4(i) ((Te0[(i)] >> 8) & 0x000000ff)
238 #define TD0(i) Td0[((i) >> 24) & 0xff]
239 #define TD1(i) rotr(Td0[((i) >> 16) & 0xff], 8)
240 #define TD2(i) rotr(Td0[((i) >> 8) & 0xff], 16)
241 #define TD3(i) rotr(Td0[(i) & 0xff], 24)
242 #define TD41(i) (Td4s[((i) >> 24) & 0xff] << 24)
243 #define TD42(i) (Td4s[((i) >> 16) & 0xff] << 16)
244 #define TD43(i) (Td4s[((i) >> 8) & 0xff] << 8)
245 #define TD44(i) (Td4s[(i) & 0xff])
246 #define TD0_(i) Td0[(i) & 0xff]
247 #define TD1_(i) rotr(Td0[(i) & 0xff], 8)
248 #define TD2_(i) rotr(Td0[(i) & 0xff], 16)
249 #define TD3_(i) rotr(Td0[(i) & 0xff], 24)
251 #define GETU32(pt) (((u32)(pt)[0] << 24) ^ ((u32)(pt)[1] << 16) ^ \
252 ((u32)(pt)[2] << 8) ^ ((u32)(pt)[3]))
254 #define PUTU32(ct, st) { \
255 (ct)[0] = (u8)((st) >> 24); (ct)[1] = (u8)((st) >> 16); \
256 (ct)[2] = (u8)((st) >> 8); (ct)[3] = (u8)(st); }
258 #define WPA_GET_BE32(a) ((((u32) (a)[0]) << 24) | (((u32) (a)[1]) << 16) | \
259 (((u32) (a)[2]) << 8) | ((u32) (a)[3]))
261 #define WPA_PUT_LE16(a, val) \
263 (a)[1] = ((u16) (val)) >> 8; \
264 (a)[0] = ((u16) (val)) & 0xff; \
267 #define WPA_PUT_BE32(a, val) \
269 (a)[0] = (u8) ((((u32) (val)) >> 24) & 0xff); \
270 (a)[1] = (u8) ((((u32) (val)) >> 16) & 0xff); \
271 (a)[2] = (u8) ((((u32) (val)) >> 8) & 0xff); \
272 (a)[3] = (u8) (((u32) (val)) & 0xff); \
275 #define WPA_PUT_BE64(a, val) \
277 (a)[0] = (u8) (((u64) (val)) >> 56); \
278 (a)[1] = (u8) (((u64) (val)) >> 48); \
279 (a)[2] = (u8) (((u64) (val)) >> 40); \
280 (a)[3] = (u8) (((u64) (val)) >> 32); \
281 (a)[4] = (u8) (((u64) (val)) >> 24); \
282 (a)[5] = (u8) (((u64) (val)) >> 16); \
283 (a)[6] = (u8) (((u64) (val)) >> 8); \
284 (a)[7] = (u8) (((u64) (val)) & 0xff); \
287 /* ===== start - public domain SHA256 implementation ===== */
289 /* This is based on SHA256 implementation in LibTomCrypt that was released into
290 * public domain by Tom St Denis. */
293 static const unsigned long K
[64] = {
294 0x428a2f98UL
, 0x71374491UL
, 0xb5c0fbcfUL
, 0xe9b5dba5UL
, 0x3956c25bUL
,
295 0x59f111f1UL
, 0x923f82a4UL
, 0xab1c5ed5UL
, 0xd807aa98UL
, 0x12835b01UL
,
296 0x243185beUL
, 0x550c7dc3UL
, 0x72be5d74UL
, 0x80deb1feUL
, 0x9bdc06a7UL
,
297 0xc19bf174UL
, 0xe49b69c1UL
, 0xefbe4786UL
, 0x0fc19dc6UL
, 0x240ca1ccUL
,
298 0x2de92c6fUL
, 0x4a7484aaUL
, 0x5cb0a9dcUL
, 0x76f988daUL
, 0x983e5152UL
,
299 0xa831c66dUL
, 0xb00327c8UL
, 0xbf597fc7UL
, 0xc6e00bf3UL
, 0xd5a79147UL
,
300 0x06ca6351UL
, 0x14292967UL
, 0x27b70a85UL
, 0x2e1b2138UL
, 0x4d2c6dfcUL
,
301 0x53380d13UL
, 0x650a7354UL
, 0x766a0abbUL
, 0x81c2c92eUL
, 0x92722c85UL
,
302 0xa2bfe8a1UL
, 0xa81a664bUL
, 0xc24b8b70UL
, 0xc76c51a3UL
, 0xd192e819UL
,
303 0xd6990624UL
, 0xf40e3585UL
, 0x106aa070UL
, 0x19a4c116UL
, 0x1e376c08UL
,
304 0x2748774cUL
, 0x34b0bcb5UL
, 0x391c0cb3UL
, 0x4ed8aa4aUL
, 0x5b9cca4fUL
,
305 0x682e6ff3UL
, 0x748f82eeUL
, 0x78a5636fUL
, 0x84c87814UL
, 0x8cc70208UL
,
306 0x90befffaUL
, 0xa4506cebUL
, 0xbef9a3f7UL
, 0xc67178f2UL
309 void rtw_secmicsetkey23a(struct mic_data
*pmicdata
, u8
*key
);
310 void rtw_secmicappend23abyte23a(struct mic_data
*pmicdata
, u8 b
);
311 void rtw_secmicappend23a(struct mic_data
*pmicdata
, u8
*src
, u32 nbBytes
);
312 void rtw_secgetmic23a(struct mic_data
*pmicdata
, u8
*dst
);
314 void rtw_seccalctkipmic23a(u8
*key
, u8
*header
, u8
*data
, u32 data_len
,
315 u8
*Miccode
, u8 priorityi
);
317 int rtw_aes_encrypt23a(struct rtw_adapter
*padapter
,
318 struct xmit_frame
*pxmitframe
);
319 int rtw_tkip_encrypt23a(struct rtw_adapter
*padapter
,
320 struct xmit_frame
*pxmitframe
);
321 void rtw_wep_encrypt23a(struct rtw_adapter
*padapter
,
322 struct xmit_frame
*pxmitframe
);
323 int rtw_aes_decrypt23a(struct rtw_adapter
*padapter
,
324 struct recv_frame
*precvframe
);
325 int rtw_tkip_decrypt23a(struct rtw_adapter
*padapter
,
326 struct recv_frame
*precvframe
);
327 void rtw_wep_decrypt23a(struct rtw_adapter
*padapter
, struct recv_frame
*precvframe
);
329 void rtw_use_tkipkey_handler23a(void *FunctionContext
);
331 #endif /* __RTL871X_SECURITY_H_ */