2 ** $Id: //Department/DaVinci/BRANCHES/MT6620_WIFI_DRIVER_V2_3/mgmt/privacy.c#1 $
6 \brief This file including the protocol layer privacy function.
8 This file provided the macros and functions library support for the
9 protocol layer security setting from rsn.c and nic_privacy.c
19 * [WCXRP00001078] [MT6620 Wi-Fi][Driver] Adding the mediatek log improment support : XLOG
20 * change the debug module level.
24 * Fix Hotspot deauth send failed.
27 * [WCXRP00001036] [MT6620 Wi-Fi][Driver][FW] Adding the 802.11w code for MFP
28 * adding the 802.11w related function and define .
30 * 06 28 2011 tsaiyuan.hsu
31 * [WCXRP00000819] [MT6620 Wi-Fi][Driver] check if staRec is NULL or not in secCheckClassError
32 * check if staRec is NULL or not in secCheckClassError.
34 * 06 09 2011 tsaiyuan.hsu
35 * [WCXRP00000760] [MT5931 Wi-Fi][FW] Refine rxmHandleMacRxDone to reduce code size
36 * move send_auth at rxmHandleMacRxDone in firmware to driver to reduce code size.
38 * 01 25 2011 yuche.tsai
39 * [WCXRP00000388] [Volunteer Patch][MT6620][Driver/Fw] change Station Type in station record.
40 * Change Station Type in Station Record, Modify MACRO definition for getting station type & network type index & Role.
43 * [WCXRP00000164] [MT6620 Wi-Fi][Driver] Support the p2p random SSID
44 * adding the p2p random ssid support.
47 * [WCXRP00000077] [MT6620 Wi-Fi][Driver][FW] Eliminate use of ENUM_NETWORK_TYPE_T and replaced by ENUM_NETWORK_TYPE_INDEX_T only
48 * remove ENUM_NETWORK_TYPE_T definitions
50 * 09 03 2010 kevin.huang
52 * Refine #include sequence and solve recursive/nested #include issue
56 * adding the wapi support for integration test.
60 * .support the Wi-Fi RSN
64 * adding the wapi code.
68 * [WPD00003833] [MT6620 and MT5931] Driver migration - move to new repository.
71 * [WPD00003840][MT6620 5931] Security migration
72 * modify some code for concurrent network.
75 * [WPD00003833][MT6620 and MT5931] Driver migration
76 * [WPD00003833][MT6620 and MT5931] Driver migration
77 * enable RX management frame handling.
80 * [WPD00003840][MT6620 5931] Security migration
81 * adding the compiling flag for migration.
84 * [WPD00003840][MT6620 5931] Security migration
85 * consdier the concurrent network setting.
88 * [WPD00003840][MT6620 5931] Security migration
89 * migration the security related function from firmware.
92 * [BORA00000626][MT6620] Refine the remove key flow for WHQL testing
93 * fixed the ad-hoc wpa-none send non-encrypted frame issue.
95 * 05 24 2010 kevin.huang
96 * [BORA00000794][WIFISYS][New Feature]Power Management Support
97 * Refine authSendAuthFrame() for NULL STA_RECORD_T case and minimum deauth interval.
100 * [BORA00000637][MT6620 Wi-Fi] [Bug] WPA2 pre-authentication timer not correctly initialize
101 * adjsut the pre-authentication code.
104 * [BORA00000626][MT6620] Refine the remove key flow for WHQL testing
105 * fixed the wpi same key id rx issue and fixed the remove wep key issue.
107 * 04 19 2010 kevin.huang
108 * [BORA00000714][WIFISYS][New Feature]Beacon Timeout Support
109 * Add Send Deauth for Class 3 Error and Leave Network Support
112 * [BORA00000680][MT6620] Support the statistic for Microsoft os query
113 * remove the assert code for allow ad-hoc pkt.
116 * [BORA00000680][MT6620] Support the statistic for Microsoft os query
117 * fixed the Klocwork error and refine the class error message.
120 * [BORA00000605][WIFISYS] Phase3 Integration
121 * Code refine, and remove non-used code.
124 * [BORA00000637][MT6620 Wi-Fi] [Bug] WPA2 pre-authentication timer not correctly initialize
125 * move the AIS specific variable for security to AIS specific structure.
128 * [BORA00000637][MT6620 Wi-Fi] [Bug] WPA2 pre-authentication timer not correctly initialize
129 * Fixed the pre-authentication timer not correctly init issue, and modify the security related callback function prototype.
132 * [BORA00000605][WIFISYS] Phase3 Integration
133 * Refine the variable and parameter for security.
136 * [BORA00000626][MT6620] Refine the remove key flow for WHQL testing
137 * change the waning message shown level, and clear the global transmit flag for CMD INFRASTRUCTURE.
140 * [BORA00000626][MT6620] Refine the remove key flow for WHQL testing
141 * For support the WHQL test, do the remove key code refine.
144 * [BORA00000476][Wi-Fi][firmware] Add the security module initialize code
145 * add and fixed some security function.
147 * 12 25 2009 tehuang.liu
148 * [BORA00000018]Integrate WIFI part into BORA for the 1st time
149 * Integrated modifications for 1st connection (mainly on FW modules MQM, TXM, and RXM)
150 * * * * * * * * * MQM: BA handling
151 * * * * * * * * * TXM: Macros updates
152 * * * * * * * * * RXM: Macros/Duplicate Removal updates
154 * 12 18 2009 cm.chang
155 * [BORA00000018]Integrate WIFI part into BORA for the 1st time
158 * Dec 11 2009 mtk01088
159 * [BORA00000476] [Wi-Fi][firmware] Add the security module initialize code
160 * modify the cmd with result return
162 * Dec 11 2009 mtk01088
163 * [BORA00000476] [Wi-Fi][firmware] Add the security module initialize code
164 * fixed the value not initialize issue
166 * Dec 10 2009 mtk01088
167 * [BORA00000476] [Wi-Fi][firmware] Add the security module initialize code
168 * change the cmd return type
170 * Dec 8 2009 mtk01088
171 * [BORA00000476] [Wi-Fi][firmware] Add the security module initialize code
172 * adding the function to update the auth mode and encryption status for cmd build connection
174 * Dec 7 2009 mtk01088
175 * [BORA00000476] [Wi-Fi][firmware] Add the security module initialize code
176 * adding some code for wapi mode
178 * Dec 7 2009 mtk01088
179 * [BORA00000476] [Wi-Fi][firmware] Add the security module initialize code
180 * adding the call to check the 4th and eapol error report frame
182 * Dec 7 2009 mtk01088
183 * [BORA00000476] [Wi-Fi][firmware] Add the security module initialize code
184 * rename the function name
186 * Dec 4 2009 mtk01088
187 * [BORA00000476] [Wi-Fi][firmware] Add the security module initialize code
188 * adding the code for parsing the EAPoL frame, and do some code refine
190 * Dec 3 2009 mtk01088
191 * [BORA00000476] [Wi-Fi][firmware] Add the security module initialize code
192 * adding the class error check
194 * Dec 3 2009 mtk01088
195 * [BORA00000476] [Wi-Fi][firmware] Add the security module initialize code
196 * adding the cmd_802_11_pmkid code
198 * Dec 1 2009 mtk01088
199 * [BORA00000476] [Wi-Fi][firmware] Add the security module initialize code
200 * doing some function rename, and adding the code for cmd CMD_ADD_REMOVE_KEY
202 * Nov 23 2009 mtk01088
203 * [BORA00000476] [Wi-Fi][firmware] Add the security module initialize code
204 * adding the clear pmkid function
206 * Nov 23 2009 mtk01461
207 * [BORA00000018] Integrate WIFI part into BORA for the 1st time
208 * Fix eStaType check for AIS
210 * Nov 19 2009 mtk01088
211 * [BORA00000476] [Wi-Fi][firmware] Add the security module initialize code
212 * adding the ap selection related code
214 * Nov 18 2009 mtk01088
215 * [BORA00000476] [Wi-Fi][firmware] Add the security module initialize code
219 /*******************************************************************************
220 * C O M P I L E R F L A G S
221 ********************************************************************************
224 /*******************************************************************************
225 * E X T E R N A L R E F E R E N C E S
226 ********************************************************************************
230 #if CFG_PRIVACY_MIGRATION
232 /*******************************************************************************
234 ********************************************************************************
237 /*******************************************************************************
239 ********************************************************************************
242 /*******************************************************************************
243 * P U B L I C D A T A
244 ********************************************************************************
247 /*******************************************************************************
248 * P R I V A T E D A T A
249 ********************************************************************************
252 /*******************************************************************************
254 ********************************************************************************
257 /*******************************************************************************
258 * F U N C T I O N D E C L A R A T I O N S
259 ********************************************************************************
262 /*******************************************************************************
264 ********************************************************************************
268 /*----------------------------------------------------------------------------*/
270 * \brief This routine is called to initialize the privacy-related
273 * \param[in] prAdapter Pointer to the Adapter structure
274 * \param[in] ucNetTypeIdx Pointer to netowrk type index
278 /*----------------------------------------------------------------------------*/
281 IN P_ADAPTER_T prAdapter,
282 IN UINT_8 ucNetTypeIdx
286 P_CONNECTION_SETTINGS_T prConnSettings;
287 P_BSS_INFO_T prBssInfo;
288 P_AIS_SPECIFIC_BSS_INFO_T prAisSpecBssInfo;
290 DEBUGFUNC("secInit");
294 prConnSettings = &prAdapter->rWifiVar.rConnSettings;
295 prBssInfo = &prAdapter->rWifiVar.arBssInfo[NETWORK_TYPE_AIS_INDEX];
296 prAisSpecBssInfo = &prAdapter->rWifiVar.rAisSpecificBssInfo;
298 prBssInfo->u4RsnSelectedGroupCipher = 0;
299 prBssInfo->u4RsnSelectedPairwiseCipher = 0;
300 prBssInfo->u4RsnSelectedAKMSuite = 0;
302 #if CFG_ENABLE_WIFI_DIRECT
303 prBssInfo = &prAdapter->rWifiVar.arBssInfo[NETWORK_TYPE_P2P_INDEX];
305 prBssInfo->u4RsnSelectedGroupCipher = RSN_CIPHER_SUITE_CCMP;
306 prBssInfo->u4RsnSelectedPairwiseCipher = RSN_CIPHER_SUITE_CCMP;
307 prBssInfo->u4RsnSelectedAKMSuite = RSN_AKM_SUITE_PSK;
310 #if CFG_ENABLE_BT_OVER_WIFI
311 prBssInfo = &prAdapter->rWifiVar.arBssInfo[NETWORK_TYPE_BOW_INDEX];
313 prBssInfo->u4RsnSelectedGroupCipher = RSN_CIPHER_SUITE_CCMP;
314 prBssInfo->u4RsnSelectedPairwiseCipher = RSN_CIPHER_SUITE_CCMP;
315 prBssInfo->u4RsnSelectedAKMSuite = RSN_AKM_SUITE_PSK;
318 prAdapter->rMib.dot11RSNAConfigPairwiseCiphersTable[0].dot11RSNAConfigPairwiseCipher =
319 WPA_CIPHER_SUITE_WEP40;
320 prAdapter->rMib.dot11RSNAConfigPairwiseCiphersTable[1].dot11RSNAConfigPairwiseCipher =
321 WPA_CIPHER_SUITE_TKIP;
322 prAdapter->rMib.dot11RSNAConfigPairwiseCiphersTable[2].dot11RSNAConfigPairwiseCipher =
323 WPA_CIPHER_SUITE_CCMP;
324 prAdapter->rMib.dot11RSNAConfigPairwiseCiphersTable[3].dot11RSNAConfigPairwiseCipher =
325 WPA_CIPHER_SUITE_WEP104;
327 prAdapter->rMib.dot11RSNAConfigPairwiseCiphersTable[4].dot11RSNAConfigPairwiseCipher =
328 RSN_CIPHER_SUITE_WEP40;
329 prAdapter->rMib.dot11RSNAConfigPairwiseCiphersTable[5].dot11RSNAConfigPairwiseCipher =
330 RSN_CIPHER_SUITE_TKIP;
331 prAdapter->rMib.dot11RSNAConfigPairwiseCiphersTable[6].dot11RSNAConfigPairwiseCipher =
332 RSN_CIPHER_SUITE_CCMP;
333 prAdapter->rMib.dot11RSNAConfigPairwiseCiphersTable[7].dot11RSNAConfigPairwiseCipher =
334 RSN_CIPHER_SUITE_WEP104;
336 for (i = 0; i < MAX_NUM_SUPPORTED_CIPHER_SUITES; i ++) {
337 prAdapter->rMib.dot11RSNAConfigPairwiseCiphersTable[i].dot11RSNAConfigPairwiseCipherEnabled =
341 prAdapter->rMib.dot11RSNAConfigAuthenticationSuitesTable[0].dot11RSNAConfigAuthenticationSuite =
343 prAdapter->rMib.dot11RSNAConfigAuthenticationSuitesTable[1].dot11RSNAConfigAuthenticationSuite =
344 WPA_AKM_SUITE_802_1X;
345 prAdapter->rMib.dot11RSNAConfigAuthenticationSuitesTable[2].dot11RSNAConfigAuthenticationSuite =
347 prAdapter->rMib.dot11RSNAConfigAuthenticationSuitesTable[3].dot11RSNAConfigAuthenticationSuite =
349 prAdapter->rMib.dot11RSNAConfigAuthenticationSuitesTable[4].dot11RSNAConfigAuthenticationSuite =
350 RSN_AKM_SUITE_802_1X;
351 prAdapter->rMib.dot11RSNAConfigAuthenticationSuitesTable[5].dot11RSNAConfigAuthenticationSuite =
354 #if CFG_SUPPORT_802_11W
355 prAdapter->rMib.dot11RSNAConfigAuthenticationSuitesTable[6].dot11RSNAConfigAuthenticationSuite =
356 RSN_AKM_SUITE_802_1X_SHA256;
357 prAdapter->rMib.dot11RSNAConfigAuthenticationSuitesTable[7].dot11RSNAConfigAuthenticationSuite =
358 RSN_AKM_SUITE_PSK_SHA256;
361 for (i = 0; i < MAX_NUM_SUPPORTED_AKM_SUITES; i ++) {
362 prAdapter->rMib.dot11RSNAConfigAuthenticationSuitesTable[i].dot11RSNAConfigAuthenticationSuiteEnabled =
366 secClearPmkid(prAdapter);
368 cnmTimerInitTimer(prAdapter,
369 &prAisSpecBssInfo->rPreauthenticationTimer,
370 (PFN_MGMT_TIMEOUT_FUNC)rsnIndicatePmkidCand,
373 #if CFG_SUPPORT_802_11W
374 cnmTimerInitTimer(prAdapter,
375 &prAisSpecBssInfo->rSaQueryTimer,
376 (PFN_MGMT_TIMEOUT_FUNC)rsnStartSaQueryTimer,
380 prAisSpecBssInfo->fgCounterMeasure = FALSE;
381 prAisSpecBssInfo->ucWEPDefaultKeyID = 0;
385 for (i=0;i<WTBL_SIZE;i++) {
386 g_prWifiVar->arWtbl[i].fgUsed = FALSE;
387 g_prWifiVar->arWtbl[i].prSta = NULL;
388 g_prWifiVar->arWtbl[i].ucNetTypeIdx = NETWORK_TYPE_INDEX_NUM;
391 nicPrivacyInitialize((UINT_8)NETWORK_TYPE_INDEX_NUM);
396 /*----------------------------------------------------------------------------*/
398 * \brief This function will indicate an Event of "Rx Class Error" to SEC_FSM for
401 * \param[in] prAdapter Pointer to the Adapter structure
402 * \param[in] prSwRfb Pointer to the SW RFB.
404 * \return FALSE Class Error
406 /*----------------------------------------------------------------------------*/
409 IN P_ADAPTER_T prAdapter,
410 IN P_SW_RFB_T prSwRfb,
411 IN P_STA_RECORD_T prStaRec
418 //prStaRec = &(g_arStaRec[prSwRfb->ucStaRecIdx]);
420 if ((prStaRec) && 1 /* RXM_IS_DATA_FRAME(prSwRfb) */) {
421 ENUM_NETWORK_TYPE_INDEX_T eNetTypeIndex = prStaRec->ucNetTypeIndex;
423 if (IS_NET_ACTIVE(prAdapter, eNetTypeIndex)) {
424 P_BSS_INFO_T prBssInfo;
425 prBssInfo = &prAdapter->rWifiVar.arBssInfo[eNetTypeIndex];
427 if ((STA_STATE_3 != prStaRec->ucStaState) &&
428 IS_BSS_ACTIVE(prBssInfo) &&
429 prBssInfo->fgIsNetAbsent == FALSE) {
430 /*(IS_AP_STA(prStaRec) || IS_CLIENT_STA(prStaRec))) {*/
432 if (WLAN_STATUS_SUCCESS == authSendDeauthFrame(prAdapter,
435 REASON_CODE_CLASS_3_ERR,
436 (PFN_TX_DONE_HANDLER)NULL)) {
438 DBGLOG(RSN, INFO, ("Send Deauth to MAC:["MACSTR"] for Rx Class 3 Error.\n",
439 MAC2STR(prStaRec->aucMacAddr)));
445 return secRxPortControlCheck(prAdapter, prSwRfb);
450 } /* end of secCheckClassError() */
453 /*----------------------------------------------------------------------------*/
455 * \brief This routine is used to setting the sta port status.
457 * \param[in] prAdapter Pointer to the Adapter structure
458 * \param[in] prSta Pointer to the sta
459 * \param[in] fgPortBlock The port status
464 /*----------------------------------------------------------------------------*/
467 IN P_ADAPTER_T prAdapter,
468 IN P_STA_RECORD_T prSta,
469 IN BOOLEAN fgPortBlock
475 prSta->fgPortBlock = fgPortBlock;
477 DBGLOG(RSN, TRACE, ("The STA "MACSTR" port %s\n", MAC2STR(prSta->aucMacAddr), fgPortBlock == TRUE ? "BLOCK" :" OPEN"));
481 /*----------------------------------------------------------------------------*/
483 * \brief This routine is used to report the sta port status.
485 * \param[in] prAdapter Pointer to the Adapter structure
486 * \param[in] prSta Pointer to the sta
487 * \param[out] fgPortBlock The port status
489 * \return TRUE sta exist, FALSE sta not exist
492 /*----------------------------------------------------------------------------*/
495 IN P_ADAPTER_T prAdapter,
496 IN P_STA_RECORD_T prSta,
497 OUT PBOOLEAN pfgPortStatus
503 *pfgPortStatus = prSta->fgPortBlock;
509 /*----------------------------------------------------------------------------*/
511 * \brief This routine is called to handle Peer device Tx Security process MSDU.
513 * \param[in] prMsduInfo pointer to the packet info pointer
515 * \retval TRUE Accept the packet
516 * \retval FALSE Refuse the MSDU packet due port blocked
519 /*----------------------------------------------------------------------------*/
520 BOOL /* ENUM_PORT_CONTROL_RESULT */
521 secTxPortControlCheck(
522 IN P_ADAPTER_T prAdapter,
523 IN P_MSDU_INFO_T prMsduInfo,
524 IN P_STA_RECORD_T prStaRec
534 if (prMsduInfo->fgIs802_1x)
537 if (prStaRec->fgPortBlock == TRUE) {
538 DBGLOG(INIT, TRACE, ("Drop Tx packet due Port Control!\n"));
543 if (prAdapter->rWifiVar.rConnSettings.fgWapiMode) {
547 if (IS_STA_IN_AIS(prStaRec)) {
548 if (!prAdapter->rWifiVar.rAisSpecificBssInfo.fgTransmitKeyExist &&
549 (prAdapter->rWifiVar.rConnSettings.eEncStatus == ENUM_ENCRYPTION1_ENABLED)){
550 DBGLOG(INIT, TRACE, ("Drop Tx packet due the key is removed!!!\n"));
560 /*----------------------------------------------------------------------------*/
562 * \brief This routine is called to handle The Rx Security process MSDU.
564 * \param[in] prAdapter Pointer to the Adapter structure
565 * \param[in] prSWRfb SW rfb pinter
567 * \retval TRUE Accept the packet
568 * \retval FALSE Refuse the MSDU packet due port control
570 /*----------------------------------------------------------------------------*/
572 secRxPortControlCheck (
573 IN P_ADAPTER_T prAdapter,
574 IN P_SW_RFB_T prSWRfb
580 /* whsu:Todo: Process MGMT and DATA */
581 if (prSWRfb->prStaRec) {
582 if (prSWRfb->prStaRec->fgPortBlock == TRUE) {
583 if (1 /* prSWRfb->fgIsDataFrame and not 1x*/ &&
584 (g_prWifiVar->rConnSettings.eAuthMode >= AUTH_MODE_WPA)){
585 //DBGLOG(SEC, WARN, ("Drop Rx data due port control !\r\n"));
586 return TRUE; /* Todo: whsu FALSE; */
588 //if (!RX_STATUS_IS_PROTECT(prSWRfb->prRxStatus)) {
589 // DBGLOG(RSN, WARN, ("Drop rcv non-encrypted data frame!\n"));
600 /*----------------------------------------------------------------------------*/
602 * \brief This routine will enable/disable the cipher suite
604 * \param[in] prAdapter Pointer to the adapter object data area.
605 * \param[in] u4CipherSuitesFlags flag for cipher suite
609 /*----------------------------------------------------------------------------*/
612 IN P_ADAPTER_T prAdapter,
613 IN UINT_32 u4CipherSuitesFlags
617 P_DOT11_RSNA_CONFIG_PAIRWISE_CIPHERS_ENTRY prEntry;
618 P_IEEE_802_11_MIB_T prMib;
622 prMib = &prAdapter->rMib;
626 if (u4CipherSuitesFlags == CIPHER_FLAG_NONE) {
627 /* Disable all the pairwise cipher suites. */
628 for (i = 0; i < MAX_NUM_SUPPORTED_CIPHER_SUITES; i++) {
629 prMib->dot11RSNAConfigPairwiseCiphersTable[i].dot11RSNAConfigPairwiseCipherEnabled =
633 /* Update the group cipher suite. */
634 prMib->dot11RSNAConfigGroupCipher = WPA_CIPHER_SUITE_NONE;
639 for (i = 0; i < MAX_NUM_SUPPORTED_CIPHER_SUITES; i++) {
640 prEntry = &prMib->dot11RSNAConfigPairwiseCiphersTable[i];
642 switch (prEntry->dot11RSNAConfigPairwiseCipher) {
643 case WPA_CIPHER_SUITE_WEP40:
644 case RSN_CIPHER_SUITE_WEP40:
645 if (u4CipherSuitesFlags & CIPHER_FLAG_WEP40) {
646 prEntry->dot11RSNAConfigPairwiseCipherEnabled = TRUE;
649 prEntry->dot11RSNAConfigPairwiseCipherEnabled = FALSE;
653 case WPA_CIPHER_SUITE_TKIP:
654 case RSN_CIPHER_SUITE_TKIP:
655 if (u4CipherSuitesFlags & CIPHER_FLAG_TKIP) {
656 prEntry->dot11RSNAConfigPairwiseCipherEnabled = TRUE;
659 prEntry->dot11RSNAConfigPairwiseCipherEnabled = FALSE;
663 case WPA_CIPHER_SUITE_CCMP:
664 case RSN_CIPHER_SUITE_CCMP:
665 if (u4CipherSuitesFlags & CIPHER_FLAG_CCMP) {
666 prEntry->dot11RSNAConfigPairwiseCipherEnabled = TRUE;
669 prEntry->dot11RSNAConfigPairwiseCipherEnabled = FALSE;
673 case WPA_CIPHER_SUITE_WEP104:
674 case RSN_CIPHER_SUITE_WEP104:
675 if (u4CipherSuitesFlags & CIPHER_FLAG_WEP104) {
676 prEntry->dot11RSNAConfigPairwiseCipherEnabled = TRUE;
679 prEntry->dot11RSNAConfigPairwiseCipherEnabled = FALSE;
687 /* Update the group cipher suite. */
688 if (rsnSearchSupportedCipher(prAdapter, WPA_CIPHER_SUITE_CCMP, &i)) {
689 prMib->dot11RSNAConfigGroupCipher = WPA_CIPHER_SUITE_CCMP;
691 else if (rsnSearchSupportedCipher(prAdapter, WPA_CIPHER_SUITE_TKIP, &i)) {
692 prMib->dot11RSNAConfigGroupCipher = WPA_CIPHER_SUITE_TKIP;
694 else if (rsnSearchSupportedCipher(prAdapter, WPA_CIPHER_SUITE_WEP104, &i)) {
695 prMib->dot11RSNAConfigGroupCipher = WPA_CIPHER_SUITE_WEP104;
697 else if (rsnSearchSupportedCipher(prAdapter, WPA_CIPHER_SUITE_WEP40, &i)) {
698 prMib->dot11RSNAConfigGroupCipher = WPA_CIPHER_SUITE_WEP40;
701 prMib->dot11RSNAConfigGroupCipher = WPA_CIPHER_SUITE_NONE;
704 } /* secSetCipherSuite */
707 /*----------------------------------------------------------------------------*/
709 * \brief This routine is called to handle The 2nd Tx EAPoL Frame.
711 * \param[in] prAdapter Pointer to the Adapter structure
712 * \param[in] prMsduInfo pointer to the packet info pointer
713 * \param[in] pucPayload pointer to the 1x hdr
714 * \param[in] u2PayloadLen the 1x payload length
716 * \retval TRUE Accept the packet
717 * \retval FALSE Refuse the MSDU packet due port control
720 /*----------------------------------------------------------------------------*/
723 IN P_ADAPTER_T prAdapter,
724 IN P_MSDU_INFO_T prMsduInfo,
725 IN P_STA_RECORD_T prStaRec,
726 IN PUINT_8 pucPayload,
727 IN UINT_16 u2PayloadLen
730 P_EAPOL_KEY prEapol = (P_EAPOL_KEY)NULL;
731 P_IEEE_802_1X_HDR pr1xHdr;
737 //prStaRec = &(g_arStaRec[prMsduInfo->ucStaRecIndex]);
740 if (prStaRec && IS_AP_STA(prStaRec)) {
741 pr1xHdr = (P_IEEE_802_1X_HDR)pucPayload;
742 if ((pr1xHdr->ucType == 3) /* EAPoL key */ && ((u2PayloadLen - 4) > sizeof(EAPOL_KEY))) {
743 prEapol = (P_EAPOL_KEY)((PUINT_32)(pucPayload + 4));
744 WLAN_GET_FIELD_BE16(prEapol->aucKeyInfo, &u2KeyInfo);
745 if ((prEapol->ucType == 254) && (u2KeyInfo & MASK_2ND_EAPOL)) {
746 if (u2KeyInfo & WPA_KEY_INFO_SECURE) {
747 /* 4th EAPoL check at secHandleTxDoneCallback() */
748 //DBGLOG(RSN, TRACE, ("Tx 4th EAPoL frame\r\n"));
750 else if (u2PayloadLen == 123 /* Not include LLC */) {
751 DBGLOG(RSN, INFO, ("Tx 2nd EAPoL frame\r\n"));
752 secFsmEvent2ndEapolTx(prAdapter, prStaRec);
762 /*----------------------------------------------------------------------------*/
764 * \brief This function will handle the 4th EAPoL Tx done and mic Error Report frame.
766 * \param[in] prAdapter Pointer to the Adapter structure
767 * \param[in] pMsduInfo Pointer to the Msdu Info
768 * \param[in] rStatus The Tx done status
772 /*----------------------------------------------------------------------------*/
774 secHandleTxDoneCallback(
775 IN P_ADAPTER_T prAdapter,
776 IN P_MSDU_INFO_T prMsduInfo,
777 IN P_STA_RECORD_T prStaRec,
778 IN WLAN_STATUS rStatus
782 P_IEEE_802_1X_HDR pr1xHdr = (P_IEEE_802_1X_HDR)NULL;
783 P_EAPOL_KEY prEapol = (P_EAPOL_KEY)NULL;
785 UINT_16 u2PayloadLen;
787 DEBUGFUNC("secHandleTxDoneCallback");
790 //Todo:: Notice if using the TX free immediate after send to firmware, the payload may not correcttly!!!!
794 //Todo:: This call back may not need because the order of set key and send 4th 1x can be make sure
795 //Todo:: Notice the LLC offset
797 pucPayload = (PUINT_8)prMsduInfo->prPacket;
800 u2PayloadLen = prMsduInfo->u2FrameLength;
802 if (0 /* prMsduInfo->fgIs1xFrame */) {
804 if (prStaRec && IS_AP_STA(prStaRec)) {
805 pr1xHdr = (P_IEEE_802_1X_HDR)(PUINT_32)(pucPayload + 8);
806 if ((pr1xHdr->ucType == 3) /* EAPoL key */ && ((u2PayloadLen - 4) > sizeof(EAPOL_KEY))) {
807 prEapol = (P_EAPOL_KEY)(PUINT_32)(pucPayload + 12);
808 WLAN_GET_FIELD_BE16(prEapol->aucKeyInfo, &u2KeyInfo);
809 if ((prEapol->ucType == 254) && (u2KeyInfo & MASK_2ND_EAPOL)) {
810 if (prStaRec->rSecInfo.fg2nd1xSend == TRUE && u2PayloadLen == 107 /* include LLC *//* u2KeyInfo & WPA_KEY_INFO_SECURE */) {
811 DBGLOG(RSN, INFO, ("Tx 4th EAPoL frame\r\n"));
812 secFsmEvent4ndEapolTxDone(prAdapter, prStaRec);
814 else if (prAdapter->rWifiVar.rAisSpecificBssInfo.fgCheckEAPoLTxDone){
815 DBGLOG(RSN, INFO, ("Tx EAPoL Error report frame\r\n"));
816 //secFsmEventEapolTxDone(prAdapter, (UINT_32)prMsduInfo->prStaRec);
826 /*----------------------------------------------------------------------------*/
828 * \brief This routine is called to initialize the pmkid parameters.
830 * \param[in] prAdapter Pointer to the Adapter structure
834 /*----------------------------------------------------------------------------*/
837 IN P_ADAPTER_T prAdapter
840 P_AIS_SPECIFIC_BSS_INFO_T prAisSpecBssInfo;
842 DEBUGFUNC("secClearPmkid");
844 prAisSpecBssInfo = &prAdapter->rWifiVar.rAisSpecificBssInfo;
845 DBGLOG(RSN, TRACE, ("secClearPmkid\n"));
846 prAisSpecBssInfo->u4PmkidCandicateCount = 0;
847 prAisSpecBssInfo->u4PmkidCacheCount = 0;
848 kalMemZero((PVOID)prAisSpecBssInfo->arPmkidCandicate, sizeof(PMKID_CANDICATE_T) * CFG_MAX_PMKID_CACHE);
849 kalMemZero((PVOID)prAisSpecBssInfo->arPmkidCache, sizeof(PMKID_ENTRY_T) * CFG_MAX_PMKID_CACHE);
853 /*----------------------------------------------------------------------------*/
855 * \brief Whether WPA, or WPA2 but not WPA-None is enabled.
857 * \param[in] prAdapter Pointer to the Adapter structure
861 /*----------------------------------------------------------------------------*/
863 secRsnKeyHandshakeEnabled (
864 IN P_ADAPTER_T prAdapter
867 P_CONNECTION_SETTINGS_T prConnSettings;
871 prConnSettings = &prAdapter->rWifiVar.rConnSettings;
873 ASSERT(prConnSettings);
875 ASSERT(prConnSettings->eEncStatus < ENUM_ENCRYPTION3_KEY_ABSENT);
877 if (prConnSettings->eEncStatus == ENUM_ENCRYPTION_DISABLED) {
881 ASSERT(prConnSettings->eAuthMode < AUTH_MODE_NUM);
882 if ((prConnSettings->eAuthMode >= AUTH_MODE_WPA) &&
883 (prConnSettings->eAuthMode != AUTH_MODE_WPA_NONE)) {
888 } /* secRsnKeyHandshakeEnabled */
891 /*----------------------------------------------------------------------------*/
893 * \brief Return whether the transmit key alread installed.
895 * \param[in] prAdapter Pointer to the Adapter structure
896 * \param[in] prSta Pointer the sta record
898 * \retval TRUE Default key or Transmit key installed
899 * FALSE Default key or Transmit key not installed
903 /*----------------------------------------------------------------------------*/
905 secTransmitKeyExist (
906 IN P_ADAPTER_T prAdapter,
907 IN P_STA_RECORD_T prSta
912 if (prSta->fgTransmitKeyExist){
918 } /* secTransmitKeyExist */
921 /*----------------------------------------------------------------------------*/
923 * \brief Whether 802.11 privacy is enabled.
925 * \param[in] prAdapter Pointer to the Adapter structure
929 /*----------------------------------------------------------------------------*/
932 IN P_ADAPTER_T prAdapter
935 DEBUGFUNC("secEnabled");
937 ASSERT(prAdapter->rWifiVar.rConnSettings.eEncStatus < ENUM_ENCRYPTION3_KEY_ABSENT);
939 switch (prAdapter->rWifiVar.rConnSettings.eEncStatus) {
940 case ENUM_ENCRYPTION_DISABLED:
942 case ENUM_ENCRYPTION1_ENABLED:
943 case ENUM_ENCRYPTION2_ENABLED:
944 case ENUM_ENCRYPTION3_ENABLED:
947 DBGLOG(RSN, TRACE, ("Unknown encryption setting %d\n",
948 prAdapter->rWifiVar.rConnSettings.eEncStatus));
955 /*----------------------------------------------------------------------------*/
957 * \brief This routine is called to set the privacy bit at mac header for TxM
959 * \param[in] prAdapter Pointer to the Adapter structure
960 * \param[in] prMsdu the msdu for known the sta record
962 * \return TRUE the privacy need to set
963 * FALSE the privacy no need to set
965 /*----------------------------------------------------------------------------*/
967 secIsProtectedFrame (
968 IN P_ADAPTER_T prAdapter,
969 IN P_MSDU_INFO_T prMsdu,
970 IN P_STA_RECORD_T prStaRec
978 //prStaRec = &(g_arStaRec[prMsdu->ucStaRecIndex]);
980 if (prStaRec == NULL) {
981 if (prAdapter->rWifiVar.rAisSpecificBssInfo.fgTransmitKeyExist)
983 return FALSE; /* No privacy bit */
987 if (0 /* prMsdu->fgIs1xFrame */){
988 if (IS_STA_IN_AIS(prStaRec) &&
989 prAdapter->rWifiVar.rConnSettings.eAuthMode < AUTH_MODE_WPA) {
990 DBGLOG(RSN, LOUD, ("For AIS Legacy 1x, always not encryped\n"));
993 else if (!prStaRec->fgTransmitKeyExist) {
994 DBGLOG(RSN, LOUD, ("1x Not Protected.\n"));
997 else if (prStaRec->rSecInfo.fgKeyStored) {
998 DBGLOG(RSN, LOUD, ("1x not Protected due key stored!\n"));
1002 DBGLOG(RSN, LOUD, ("1x Protected.\n"));
1007 if (!prStaRec->fgTransmitKeyExist) {
1008 /* whsu , check for AIS only */
1009 if (prAdapter->rWifiVar.rConnSettings.eAuthMode < AUTH_MODE_WPA &&
1010 prAdapter->rWifiVar.rAisSpecificBssInfo.fgTransmitKeyExist){
1011 DBGLOG(RSN, LOUD, ("Protected\n"));
1016 DBGLOG(RSN, LOUD, ("Protected.\n"));
1021 /* No sec or key is removed!!! */