drivers/staging/rtl8188eu/include/rtw_security.h

   1 /******************************************************************************
   2  *
   3  * Copyright(c) 2007 - 2011 Realtek Corporation. All rights reserved.
   4  *
   5  * This program is free software; you can redistribute it and/or modify it
   6  * under the terms of version 2 of the GNU General Public License as
   7  * published by the Free Software Foundation.
   8  *
   9  * This program is distributed in the hope that it will be useful, but WITHOUT
  10  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  11  * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
  12  * more details.
  13  *
  14  ******************************************************************************/
  15 #ifndef __RTW_SECURITY_H_
  16 #define __RTW_SECURITY_H_
  17
  18 #include <osdep_service.h>
  19 #include <drv_types.h>
  20
  21 #define _NO_PRIVACY_                    0x0
  22 #define _WEP40_                         0x1
  23 #define _TKIP_                          0x2
  24 #define _TKIP_WTMIC_                    0x3
  25 #define _AES_                           0x4
  26 #define _WEP104_                        0x5
  27 #define _WEP_WPA_MIXED_                 0x07  /*  WEP + WPA */
  28 #define _SMS4_                          0x06
  29
  30 #define is_wep_enc(alg) (((alg) == _WEP40_) || ((alg) == _WEP104_))
  31
  32 #define _WPA_IE_ID_     0xdd
  33 #define _WPA2_IE_ID_    0x30
  34
  35 #define SHA256_MAC_LEN 32
  36 #define AES_BLOCK_SIZE 16
  37 #define AES_PRIV_SIZE (4 * 44)
  38
  39 enum {
  40         ENCRYP_PROTOCOL_OPENSYS,   /* open system */
  41         ENCRYP_PROTOCOL_WEP,       /* WEP */
  42         ENCRYP_PROTOCOL_WPA,       /* WPA */
  43         ENCRYP_PROTOCOL_WPA2,      /* WPA2 */
  44         ENCRYP_PROTOCOL_WAPI,      /* WAPI: Not support in this version */
  45         ENCRYP_PROTOCOL_MAX
  46 };
  47
  48
  49 #ifndef Ndis802_11AuthModeWPA2
  50 #define Ndis802_11AuthModeWPA2 (Ndis802_11AuthModeWPANone + 1)
  51 #endif
  52
  53 #ifndef Ndis802_11AuthModeWPA2PSK
  54 #define Ndis802_11AuthModeWPA2PSK (Ndis802_11AuthModeWPANone + 2)
  55 #endif
  56
  57 union pn48      {
  58         u64     val;
  59
  60 #ifdef __LITTLE_ENDIAN
  61         struct {
  62                 u8 TSC0;
  63                 u8 TSC1;
  64                 u8 TSC2;
  65                 u8 TSC3;
  66                 u8 TSC4;
  67                 u8 TSC5;
  68                 u8 TSC6;
  69                 u8 TSC7;
  70         } _byte_;
  71
  72 #elif defined(__BIG_ENDIAN)
  73
  74         struct {
  75                 u8 TSC7;
  76                 u8 TSC6;
  77                 u8 TSC5;
  78                 u8 TSC4;
  79                 u8 TSC3;
  80                 u8 TSC2;
  81                 u8 TSC1;
  82                 u8 TSC0;
  83         } _byte_;
  84 #endif
  85 };
  86
  87 union Keytype {
  88         u8   skey[16];
  89         u32    lkey[4];
  90 };
  91
  92 struct rt_pmkid_list {
  93         u8      bUsed;
  94         u8      Bssid[6];
  95         u8      PMKID[16];
  96         u8      SsidBuf[33];
  97         u8      *ssid_octet;
  98         u16     ssid_length;
  99 };
 100
 101 struct security_priv {
 102         u32       dot11AuthAlgrthm;     /*  802.11 auth, could be open,
 103                                          * shared, 8021x and authswitch */
 104         u32       dot11PrivacyAlgrthm;  /*  This specify the privacy for
 105                                          * shared auth. algorithm. */
 106         /* WEP */
 107         u32       dot11PrivacyKeyIndex; /*  this is only valid for legendary
 108                                          * wep, 0~3 for key id.(tx key index) */
 109         union Keytype dot11DefKey[4];   /*  this is only valid for def. key */
 110         u32     dot11DefKeylen[4];
 111         u32 dot118021XGrpPrivacy;       /*  This specify the privacy algthm.
 112                                          * used for Grp key */
 113         u32     dot118021XGrpKeyid;     /*  key id used for Grp Key
 114                                          * ( tx key index) */
 115         union Keytype   dot118021XGrpKey[4];    /*  802.1x Group Key,
 116                                                  * for inx0 and inx1 */
 117         union Keytype   dot118021XGrptxmickey[4];
 118         union Keytype   dot118021XGrprxmickey[4];
 119         union pn48      dot11Grptxpn;           /* PN48 used for Grp Key xmit.*/
 120         union pn48      dot11Grprxpn;           /* PN48 used for Grp Key recv.*/
 121 #ifdef CONFIG_88EU_AP_MODE
 122         /* extend security capabilities for AP_MODE */
 123         unsigned int dot8021xalg;/* 0:disable, 1:psk, 2:802.1x */
 124         unsigned int wpa_psk;/* 0:disable, bit(0): WPA, bit(1):WPA2 */
 125         unsigned int wpa_group_cipher;
 126         unsigned int wpa2_group_cipher;
 127         unsigned int wpa_pairwise_cipher;
 128         unsigned int wpa2_pairwise_cipher;
 129 #endif
 130         u8 wps_ie[MAX_WPS_IE_LEN];/* added in assoc req */
 131         int wps_ie_len;
 132         u8      binstallGrpkey;
 133         u8      busetkipkey;
 134         u8      bcheck_grpkey;
 135         u8      bgrpkey_handshake;
 136         s32     hw_decrypted;/* if the rx packets is hw_decrypted==false,i
 137                               * it means the hw has not been ready. */
 138
 139         /* keeps the auth_type & enc_status from upper layer
 140          * ioctl(wpa_supplicant or wzc) */
 141         u32 ndisauthtype;       /*  NDIS_802_11_AUTHENTICATION_MODE */
 142         u32 ndisencryptstatus;  /*  NDIS_802_11_ENCRYPTION_STATUS */
 143         struct wlan_bssid_ex sec_bss;  /* for joinbss (h2c buffer) usage */
 144         struct ndis_802_11_wep ndiswep;
 145         u8 assoc_info[600];
 146         u8 szofcapability[256]; /* for wpa2 usage */
 147         u8 oidassociation[512]; /* for wpa/wpa2 usage */
 148         u8 authenticator_ie[256];  /* store ap security information element */
 149         u8 supplicant_ie[256];  /* store sta security information element */
 150
 151         /* for tkip countermeasure */
 152         u32 last_mic_err_time;
 153         u8      btkip_countermeasure;
 154         u8      btkip_wait_report;
 155         u32 btkip_countermeasure_time;
 156
 157         /*  */
 158         /*  For WPA2 Pre-Authentication. */
 159         /*  */
 160         struct rt_pmkid_list PMKIDList[NUM_PMKID_CACHE];
 161         u8      PMKIDIndex;
 162         u8 bWepDefaultKeyIdxSet;
 163 };
 164
 165 #define GET_ENCRY_ALGO(psecuritypriv, psta, encry_algo, bmcst)          \
 166 do {                                                                    \
 167         switch (psecuritypriv->dot11AuthAlgrthm) {                      \
 168         case dot11AuthAlgrthm_Open:                                     \
 169         case dot11AuthAlgrthm_Shared:                                   \
 170         case dot11AuthAlgrthm_Auto:                                     \
 171                 encry_algo = (u8)psecuritypriv->dot11PrivacyAlgrthm;    \
 172                 break;                                                  \
 173         case dot11AuthAlgrthm_8021X:                                    \
 174                 if (bmcst)                                              \
 175                         encry_algo = (u8)psecuritypriv->dot118021XGrpPrivacy;\
 176                 else                                                    \
 177                         encry_algo = (u8)psta->dot118021XPrivacy;       \
 178                 break;                                                  \
 179         case dot11AuthAlgrthm_WAPI:                                     \
 180                 encry_algo = (u8)psecuritypriv->dot11PrivacyAlgrthm;    \
 181                 break;                                                  \
 182         }                                                               \
 183 } while (0)
 184
 185 #define SET_ICE_IV_LEN(iv_len, icv_len, encrypt)                        \
 186 do {                                                                    \
 187         switch (encrypt) {                                              \
 188         case _WEP40_:                                                   \
 189         case _WEP104_:                                                  \
 190                 iv_len = 4;                                             \
 191                 icv_len = 4;                                            \
 192                 break;                                                  \
 193         case _TKIP_:                                                    \
 194                 iv_len = 8;                                             \
 195                 icv_len = 4;                                            \
 196                 break;                                                  \
 197         case _AES_:                                                     \
 198                 iv_len = 8;                                             \
 199                 icv_len = 8;                                            \
 200                 break;                                                  \
 201         case _SMS4_:                                                    \
 202                 iv_len = 18;                                            \
 203                 icv_len = 16;                                           \
 204                 break;                                                  \
 205         default:                                                        \
 206                 iv_len = 0;                                             \
 207                 icv_len = 0;                                            \
 208                 break;                                                  \
 209         }                                                               \
 210 } while (0)
 211
 212
 213 #define GET_TKIP_PN(iv, dot11txpn)                                      \
 214 do {                                                                    \
 215         dot11txpn._byte_.TSC0 = iv[2];                                  \
 216         dot11txpn._byte_.TSC1 = iv[0];                                  \
 217         dot11txpn._byte_.TSC2 = iv[4];                                  \
 218         dot11txpn._byte_.TSC3 = iv[5];                                  \
 219         dot11txpn._byte_.TSC4 = iv[6];                                  \
 220         dot11txpn._byte_.TSC5 = iv[7];                                  \
 221 } while (0)
 222
 223
 224 #define ROL32(A, n)     (((A) << (n)) | (((A)>>(32-(n)))  & ((1UL << (n)) - 1)))
 225 #define ROR32(A, n)     ROL32((A), 32-(n))
 226
 227 struct mic_data {
 228         u32  K0, K1;         /*  Key */
 229         u32  L, R;           /*  Current state */
 230         u32  M;              /*  Message accumulator (single word) */
 231         u32  nBytesInM;      /*  # bytes in M */
 232 };
 233
 234 extern const u32 Te0[256];
 235 extern const u32 Td0[256];
 236 extern const u32 Td1[256];
 237 extern const u32 Td2[256];
 238 extern const u32 Td3[256];
 239 extern const u32 Td4[256];
 240 extern const u32 rcon[10];
 241 extern const u8 Td4s[256];
 242 extern const u8 rcons[10];
 243
 244 #define RCON(i) (rcons[(i)] << 24)
 245
 246 static inline u32 rotr(u32 val, int bits)
 247 {
 248         return (val >> bits) | (val << (32 - bits));
 249 }
 250
 251 #define TE0(i) Te0[((i) >> 24) & 0xff]
 252 #define TE1(i) rotr(Te0[((i) >> 16) & 0xff], 8)
 253 #define TE2(i) rotr(Te0[((i) >> 8) & 0xff], 16)
 254 #define TE3(i) rotr(Te0[(i) & 0xff], 24)
 255
 256 /* ===== start - public domain SHA256 implementation ===== */
 257
 258 /* This is based on SHA256 implementation in LibTomCrypt that was released into
 259  * public domain by Tom St Denis. */
 260
 261 /* the K array */
 262 static const unsigned long K[64] = {
 263         0x428a2f98UL, 0x71374491UL, 0xb5c0fbcfUL, 0xe9b5dba5UL, 0x3956c25bUL,
 264         0x59f111f1UL, 0x923f82a4UL, 0xab1c5ed5UL, 0xd807aa98UL, 0x12835b01UL,
 265         0x243185beUL, 0x550c7dc3UL, 0x72be5d74UL, 0x80deb1feUL, 0x9bdc06a7UL,
 266         0xc19bf174UL, 0xe49b69c1UL, 0xefbe4786UL, 0x0fc19dc6UL, 0x240ca1ccUL,
 267         0x2de92c6fUL, 0x4a7484aaUL, 0x5cb0a9dcUL, 0x76f988daUL, 0x983e5152UL,
 268         0xa831c66dUL, 0xb00327c8UL, 0xbf597fc7UL, 0xc6e00bf3UL, 0xd5a79147UL,
 269         0x06ca6351UL, 0x14292967UL, 0x27b70a85UL, 0x2e1b2138UL, 0x4d2c6dfcUL,
 270         0x53380d13UL, 0x650a7354UL, 0x766a0abbUL, 0x81c2c92eUL, 0x92722c85UL,
 271         0xa2bfe8a1UL, 0xa81a664bUL, 0xc24b8b70UL, 0xc76c51a3UL, 0xd192e819UL,
 272         0xd6990624UL, 0xf40e3585UL, 0x106aa070UL, 0x19a4c116UL, 0x1e376c08UL,
 273         0x2748774cUL, 0x34b0bcb5UL, 0x391c0cb3UL, 0x4ed8aa4aUL, 0x5b9cca4fUL,
 274         0x682e6ff3UL, 0x748f82eeUL, 0x78a5636fUL, 0x84c87814UL, 0x8cc70208UL,
 275         0x90befffaUL, 0xa4506cebUL, 0xbef9a3f7UL, 0xc67178f2UL
 276 };
 277
 278 /* Various logical functions */
 279 #define RORc(x, y) \
 280         (((((unsigned long)(x) & 0xFFFFFFFFUL) >> (unsigned long)((y)&31)) | \
 281          ((unsigned long)(x) << (unsigned long)(32-((y)&31)))) & 0xFFFFFFFFUL)
 282 #define Ch(x, y, z)       (z ^ (x & (y ^ z)))
 283 #define Maj(x, y, z)      (((x | y) & z) | (x & y))
 284 #define S(x, n)         RORc((x), (n))
 285 #define R(x, n)         (((x)&0xFFFFFFFFUL)>>(n))
 286 #define Sigma0(x)       (S(x, 2) ^ S(x, 13) ^ S(x, 22))
 287 #define Sigma1(x)       (S(x, 6) ^ S(x, 11) ^ S(x, 25))
 288 #define Gamma0(x)       (S(x, 7) ^ S(x, 18) ^ R(x, 3))
 289 #define Gamma1(x)       (S(x, 17) ^ S(x, 19) ^ R(x, 10))
 290
 291 void rtw_secmicsetkey(struct mic_data *pmicdata, u8 *key);
 292 void rtw_secmicappendbyte(struct mic_data *pmicdata, u8 b);
 293 void rtw_secmicappend(struct mic_data *pmicdata, u8 *src, u32 nBytes);
 294 void rtw_secgetmic(struct mic_data *pmicdata, u8 *dst);
 295 void rtw_seccalctkipmic(u8 *key, u8 *header, u8 *data, u32 data_len,
 296                         u8 *Miccode, u8   priority);
 297 u32 rtw_aes_encrypt(struct adapter *padapter, u8 *pxmitframe);
 298 u32 rtw_tkip_encrypt(struct adapter *padapter, u8 *pxmitframe);
 299 void rtw_wep_encrypt(struct adapter *padapter, u8  *pxmitframe);
 300 u32 rtw_aes_decrypt(struct adapter *padapter, u8  *precvframe);
 301 u32 rtw_tkip_decrypt(struct adapter *padapter, u8  *precvframe);
 302 void rtw_wep_decrypt(struct adapter *padapter, u8  *precvframe);
 303
 304 #endif  /* __RTL871X_SECURITY_H_ */