drivers/staging/rtl8723au/include/rtw_security.h

   1 /******************************************************************************
   2  *
   3  * Copyright(c) 2007 - 2011 Realtek Corporation. All rights reserved.
   4  *
   5  * This program is free software; you can redistribute it and/or modify it
   6  * under the terms of version 2 of the GNU General Public License as
   7  * published by the Free Software Foundation.
   8  *
   9  * This program is distributed in the hope that it will be useful, but WITHOUT
  10  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  11  * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
  12  * more details.
  13  *
  14  ******************************************************************************/
  15 #ifndef __RTW_SECURITY_H_
  16 #define __RTW_SECURITY_H_
  17
  18 #include <osdep_service.h>
  19 #include <drv_types.h>
  20 #include <net/lib80211.h>
  21
  22
  23 #define is_wep_enc(alg) (alg == WLAN_CIPHER_SUITE_WEP40 || \
  24                          alg == WLAN_CIPHER_SUITE_WEP104)
  25
  26 #define SHA256_MAC_LEN 32
  27 #define AES_BLOCK_SIZE 16
  28 #define AES_PRIV_SIZE (4 * 44)
  29
  30 enum ENCRYP_PROTOCOL {
  31         ENCRYP_PROTOCOL_OPENSYS,   /* open system */
  32         ENCRYP_PROTOCOL_WEP,       /* WEP */
  33         ENCRYP_PROTOCOL_WPA,       /* WPA */
  34         ENCRYP_PROTOCOL_WPA2,      /* WPA2 */
  35         ENCRYP_PROTOCOL_MAX
  36 };
  37
  38 #ifndef Ndis802_11AuthModeWPA2
  39 #define Ndis802_11AuthModeWPA2 (Ndis802_11AuthModeWPANone + 1)
  40 #endif
  41
  42 #ifndef Ndis802_11AuthModeWPA2PSK
  43 #define Ndis802_11AuthModeWPA2PSK (Ndis802_11AuthModeWPANone + 2)
  44 #endif
  45
  46 union pn48 {
  47         u64     val;
  48
  49 #ifdef __LITTLE_ENDIAN
  50
  51 struct {
  52         u8 TSC0;
  53         u8 TSC1;
  54         u8 TSC2;
  55         u8 TSC3;
  56         u8 TSC4;
  57         u8 TSC5;
  58         u8 TSC6;
  59         u8 TSC7;
  60 } _byte_;
  61
  62 #elif defined(__BIG_ENDIAN)
  63
  64 struct {
  65         u8 TSC7;
  66         u8 TSC6;
  67         u8 TSC5;
  68         u8 TSC4;
  69         u8 TSC3;
  70         u8 TSC2;
  71         u8 TSC1;
  72         u8 TSC0;
  73 } _byte_;
  74 #else
  75 #error Need BIG or LITTLE endian
  76
  77 #endif
  78
  79 };
  80
  81 union Keytype {
  82         u8   skey[16];
  83         u32    lkey[4];
  84 };
  85
  86 struct rtw_wep_key {
  87         u8 key[WLAN_KEY_LEN_WEP104 + 1]; /* 14 */
  88         u16 keylen;
  89 };
  90
  91 struct rt_pmkid_list {
  92         u8      bUsed;
  93         u8      Bssid[6];
  94         u8      PMKID[16];
  95         u8      SsidBuf[33];
  96         u8      *ssid_octet;
  97         u16     ssid_length;
  98 };
  99
 100 struct security_priv {
 101         u32       dot11AuthAlgrthm;     /*  802.11 auth, could be open, shared,
 102                                          * 8021x and authswitch */
 103         u32       dot11PrivacyAlgrthm;  /* This specifies the privacy for
 104                                          * shared auth. algorithm.
 105                                          */
 106         /* WEP */
 107         u32       dot11PrivacyKeyIndex; /*  this is only valid for legendary
 108                                          * wep, 0~3 for key id. (tx key index)
 109                                          */
 110         struct rtw_wep_key wep_key[NUM_WEP_KEYS];
 111
 112         u32 dot118021XGrpPrivacy;       /* specify the privacy algthm.
 113                                          * used for Grp key
 114                                          */
 115         u32     dot118021XGrpKeyid;     /*  key id used for Grp Key
 116                                          * (tx key index)
 117                                          */
 118         union Keytype   dot118021XGrpKey[4];/* 802.1x Grp Key, inx0 and inx1 */
 119         union Keytype   dot118021XGrptxmickey[4];
 120         union Keytype   dot118021XGrprxmickey[4];
 121         union pn48      dot11Grptxpn;           /* PN48 used for Grp Key xmit.*/
 122         union pn48      dot11Grprxpn;           /* PN48 used for Grp Key recv.*/
 123
 124 #ifdef CONFIG_8723AU_AP_MODE
 125         /* extend security capabilities for AP_MODE */
 126         unsigned int dot8021xalg;/* 0:disable, 1:psk, 2:802.1x */
 127         unsigned int wpa_psk;/* 0:disable, bit(0): WPA, bit(1):WPA2 */
 128         unsigned int wpa_group_cipher;
 129         unsigned int wpa2_group_cipher;
 130         unsigned int wpa_pairwise_cipher;
 131         unsigned int wpa2_pairwise_cipher;
 132 #endif
 133
 134         u8 wps_ie[MAX_WPS_IE_LEN];/* added in assoc req */
 135         int wps_ie_len;
 136         unsigned int binstallGrpkey:1;
 137         unsigned int busetkipkey:1;
 138         unsigned int bcheck_grpkey:1;
 139         unsigned int hw_decrypted:1;
 140         u32 ndisauthtype;       /*  enum ndis_802_11_auth_mode */
 141         u32 ndisencryptstatus;  /*  NDIS_802_11_ENCRYPTION_STATUS */
 142         struct wlan_bssid_ex sec_bss;  /* for joinbss (h2c buffer) usage */
 143         u8 assoc_info[600];
 144         u8 szofcapability[256]; /* for wpa2 usage */
 145         u8 oidassociation[512]; /* for wpa/wpa2 usage */
 146         u8 supplicant_ie[256];  /* store sta security information element */
 147
 148         /* for tkip countermeasure */
 149         unsigned long last_mic_err_time;
 150         u8      btkip_countermeasure;
 151         u8      btkip_wait_report;
 152         unsigned long btkip_countermeasure_time;
 153
 154         /*  For WPA2 Pre-Authentication. */
 155         struct rt_pmkid_list PMKIDList[NUM_PMKID_CACHE];
 156         u8 PMKIDIndex;
 157         u8 bWepDefaultKeyIdxSet;
 158 };
 159
 160 struct sha256_state {
 161         u64 length;
 162         u32 state[8], curlen;
 163         u8 buf[64];
 164 };
 165
 166 #define GET_ENCRY_ALGO(psecuritypriv, psta, encry_algo, bmcst)\
 167 do {\
 168         switch (psecuritypriv->dot11AuthAlgrthm) {\
 169         case dot11AuthAlgrthm_Open:\
 170         case dot11AuthAlgrthm_Shared:\
 171         case dot11AuthAlgrthm_Auto:\
 172                 encry_algo = psecuritypriv->dot11PrivacyAlgrthm;\
 173                 break;\
 174         case dot11AuthAlgrthm_8021X:\
 175                 if (bmcst)\
 176                         encry_algo = psecuritypriv->dot118021XGrpPrivacy;\
 177                 else\
 178                         encry_algo = psta->dot118021XPrivacy;\
 179                 break;\
 180         }       \
 181 } while (0)
 182
 183 #define GET_TKIP_PN(iv, dot11txpn)\
 184 do {\
 185         dot11txpn._byte_.TSC0 = iv[2];\
 186         dot11txpn._byte_.TSC1 = iv[0];\
 187         dot11txpn._byte_.TSC2 = iv[4];\
 188         dot11txpn._byte_.TSC3 = iv[5];\
 189         dot11txpn._byte_.TSC4 = iv[6];\
 190         dot11txpn._byte_.TSC5 = iv[7];\
 191 } while (0)
 192
 193 #define ROL32(A, n)  (((A) << (n)) | (((A)>>(32-(n)))  & ((1UL << (n)) - 1)))
 194 #define ROR32(A, n)  ROL32((A), 32-(n))
 195
 196 struct mic_data {
 197         u32  K0, K1;         /*  Key */
 198         u32  L, R;           /*  Current state */
 199         u32  M;              /*  Message accumulator (single word) */
 200         u32     nBytesInM;      /*  # bytes in M */
 201 };
 202
 203 extern const u32 Te0[256];
 204 extern const u32 Te1[256];
 205 extern const u32 Te2[256];
 206 extern const u32 Te3[256];
 207 extern const u32 Te4[256];
 208 extern const u32 Td0[256];
 209 extern const u32 Td1[256];
 210 extern const u32 Td2[256];
 211 extern const u32 Td3[256];
 212 extern const u32 Td4[256];
 213 extern const u32 rcon[10];
 214 extern const u8 Td4s[256];
 215 extern const u8 rcons[10];
 216
 217 #define RCON(i) (rcons[(i)] << 24)
 218
 219 static inline u32 rotr(u32 val, int bits)
 220 {
 221         return (val >> bits) | (val << (32 - bits));
 222 }
 223
 224 #define TE0(i) Te0[((i) >> 24) & 0xff]
 225 #define TE1(i) rotr(Te0[((i) >> 16) & 0xff], 8)
 226 #define TE2(i) rotr(Te0[((i) >> 8) & 0xff], 16)
 227 #define TE3(i) rotr(Te0[(i) & 0xff], 24)
 228 #define TE41(i) ((Te0[((i) >> 24) & 0xff] << 8) & 0xff000000)
 229 #define TE42(i) (Te0[((i) >> 16) & 0xff] & 0x00ff0000)
 230 #define TE43(i) (Te0[((i) >> 8) & 0xff] & 0x0000ff00)
 231 #define TE44(i) ((Te0[(i) & 0xff] >> 8) & 0x000000ff)
 232 #define TE421(i) ((Te0[((i) >> 16) & 0xff] << 8) & 0xff000000)
 233 #define TE432(i) (Te0[((i) >> 8) & 0xff] & 0x00ff0000)
 234 #define TE443(i) (Te0[(i) & 0xff] & 0x0000ff00)
 235 #define TE414(i) ((Te0[((i) >> 24) & 0xff] >> 8) & 0x000000ff)
 236 #define TE4(i) ((Te0[(i)] >> 8) & 0x000000ff)
 237
 238 #define TD0(i) Td0[((i) >> 24) & 0xff]
 239 #define TD1(i) rotr(Td0[((i) >> 16) & 0xff], 8)
 240 #define TD2(i) rotr(Td0[((i) >> 8) & 0xff], 16)
 241 #define TD3(i) rotr(Td0[(i) & 0xff], 24)
 242 #define TD41(i) (Td4s[((i) >> 24) & 0xff] << 24)
 243 #define TD42(i) (Td4s[((i) >> 16) & 0xff] << 16)
 244 #define TD43(i) (Td4s[((i) >> 8) & 0xff] << 8)
 245 #define TD44(i) (Td4s[(i) & 0xff])
 246 #define TD0_(i) Td0[(i) & 0xff]
 247 #define TD1_(i) rotr(Td0[(i) & 0xff], 8)
 248 #define TD2_(i) rotr(Td0[(i) & 0xff], 16)
 249 #define TD3_(i) rotr(Td0[(i) & 0xff], 24)
 250
 251 #define GETU32(pt) (((u32)(pt)[0] << 24) ^ ((u32)(pt)[1] << 16) ^ \
 252                         ((u32)(pt)[2] <<  8) ^ ((u32)(pt)[3]))
 253
 254 #define PUTU32(ct, st) { \
 255 (ct)[0] = (u8)((st) >> 24); (ct)[1] = (u8)((st) >> 16); \
 256 (ct)[2] = (u8)((st) >>  8); (ct)[3] = (u8)(st); }
 257
 258 #define WPA_GET_BE32(a) ((((u32) (a)[0]) << 24) | (((u32) (a)[1]) << 16) | \
 259                          (((u32) (a)[2]) << 8) | ((u32) (a)[3]))
 260
 261 #define WPA_PUT_LE16(a, val)                    \
 262         do {                                    \
 263                 (a)[1] = ((u16) (val)) >> 8;    \
 264                 (a)[0] = ((u16) (val)) & 0xff;  \
 265         } while (0)
 266
 267 #define WPA_PUT_BE32(a, val)                                    \
 268         do {                                                    \
 269                 (a)[0] = (u8) ((((u32) (val)) >> 24) & 0xff);   \
 270                 (a)[1] = (u8) ((((u32) (val)) >> 16) & 0xff);   \
 271                 (a)[2] = (u8) ((((u32) (val)) >> 8) & 0xff);    \
 272                 (a)[3] = (u8) (((u32) (val)) & 0xff);           \
 273         } while (0)
 274
 275 #define WPA_PUT_BE64(a, val)                            \
 276         do {                                            \
 277                 (a)[0] = (u8) (((u64) (val)) >> 56);    \
 278                 (a)[1] = (u8) (((u64) (val)) >> 48);    \
 279                 (a)[2] = (u8) (((u64) (val)) >> 40);    \
 280                 (a)[3] = (u8) (((u64) (val)) >> 32);    \
 281                 (a)[4] = (u8) (((u64) (val)) >> 24);    \
 282                 (a)[5] = (u8) (((u64) (val)) >> 16);    \
 283                 (a)[6] = (u8) (((u64) (val)) >> 8);     \
 284                 (a)[7] = (u8) (((u64) (val)) & 0xff);   \
 285         } while (0)
 286
 287 /* ===== start - public domain SHA256 implementation ===== */
 288
 289 /* This is based on SHA256 implementation in LibTomCrypt that was released into
 290  * public domain by Tom St Denis. */
 291
 292 /* the K array */
 293 static const unsigned long K[64] = {
 294         0x428a2f98UL, 0x71374491UL, 0xb5c0fbcfUL, 0xe9b5dba5UL, 0x3956c25bUL,
 295         0x59f111f1UL, 0x923f82a4UL, 0xab1c5ed5UL, 0xd807aa98UL, 0x12835b01UL,
 296         0x243185beUL, 0x550c7dc3UL, 0x72be5d74UL, 0x80deb1feUL, 0x9bdc06a7UL,
 297         0xc19bf174UL, 0xe49b69c1UL, 0xefbe4786UL, 0x0fc19dc6UL, 0x240ca1ccUL,
 298         0x2de92c6fUL, 0x4a7484aaUL, 0x5cb0a9dcUL, 0x76f988daUL, 0x983e5152UL,
 299         0xa831c66dUL, 0xb00327c8UL, 0xbf597fc7UL, 0xc6e00bf3UL, 0xd5a79147UL,
 300         0x06ca6351UL, 0x14292967UL, 0x27b70a85UL, 0x2e1b2138UL, 0x4d2c6dfcUL,
 301         0x53380d13UL, 0x650a7354UL, 0x766a0abbUL, 0x81c2c92eUL, 0x92722c85UL,
 302         0xa2bfe8a1UL, 0xa81a664bUL, 0xc24b8b70UL, 0xc76c51a3UL, 0xd192e819UL,
 303         0xd6990624UL, 0xf40e3585UL, 0x106aa070UL, 0x19a4c116UL, 0x1e376c08UL,
 304         0x2748774cUL, 0x34b0bcb5UL, 0x391c0cb3UL, 0x4ed8aa4aUL, 0x5b9cca4fUL,
 305         0x682e6ff3UL, 0x748f82eeUL, 0x78a5636fUL, 0x84c87814UL, 0x8cc70208UL,
 306         0x90befffaUL, 0xa4506cebUL, 0xbef9a3f7UL, 0xc67178f2UL
 307 };
 308
 309 void rtw_secmicsetkey23a(struct mic_data *pmicdata, u8 *key);
 310 void rtw_secmicappend23abyte23a(struct mic_data *pmicdata, u8 b);
 311 void rtw_secmicappend23a(struct mic_data *pmicdata, u8 *src, u32 nbBytes);
 312 void rtw_secgetmic23a(struct mic_data *pmicdata, u8 *dst);
 313
 314 void rtw_seccalctkipmic23a(u8 *key, u8 *header, u8 *data, u32 data_len,
 315                         u8 *Miccode, u8 priorityi);
 316
 317 int rtw_aes_encrypt23a(struct rtw_adapter *padapter,
 318                     struct xmit_frame *pxmitframe);
 319 int rtw_tkip_encrypt23a(struct rtw_adapter *padapter,
 320                      struct xmit_frame *pxmitframe);
 321 void rtw_wep_encrypt23a(struct rtw_adapter *padapter,
 322                      struct xmit_frame *pxmitframe);
 323 int rtw_aes_decrypt23a(struct rtw_adapter *padapter,
 324                     struct recv_frame *precvframe);
 325 int rtw_tkip_decrypt23a(struct rtw_adapter *padapter,
 326                      struct recv_frame *precvframe);
 327 void rtw_wep_decrypt23a(struct rtw_adapter *padapter, struct recv_frame *precvframe);
 328
 329 void rtw_use_tkipkey_handler23a(void *FunctionContext);
 330
 331 #endif  /* __RTL871X_SECURITY_H_ */