2 ** $Id: //Department/DaVinci/BRANCHES/MT6620_WIFI_DRIVER_V2_3/mgmt/wapi.c#1 $
6 \brief This file including the WAPI related function.
8 This file provided the macros and functions library support the wapi ie parsing,
9 cipher and AKM check to help the AP seleced deciding.
18 ** [ALPS00376392] [klocwork 9.1] in wapi.c, line 344
19 ** Use MAX_NUM_SUPPORTED_WAPI_AKM_SUITESfor avoid Klocwork warning.
22 ** [ALPS00376391] [klocwork 9.1] in wapi.c, line 311
23 ** Use the MAX_NUM_SUPPORTED_WAPI_CIPHER_SUITES for avoid Klccwork waring.
26 * [WCXRP00001078] [MT6620 Wi-Fi][Driver] Adding the mediatek log improment support : XLOG
27 * change the debug module level.
30 * [WCXRP00000067] [MT6620 Wi-Fi][Driver] Support the android+ WAPI function
31 * fixed the network type
35 * adding the wapi support for integration test.
42 * [BORA00000680][MT6620] Support the statistic for Microsoft os query
43 * fixed the firmware return the broadcast frame at wrong tc.
46 * [BORA00000637][MT6620 Wi-Fi] [Bug] WPA2 pre-authentication timer not correctly initialize
47 * move the AIS specific variable for security to AIS specific structure.
50 * [BORA00000018]Integrate WIFI part into BORA for the 1st time
54 * [BORA00000476] [Wi-Fi][firmware] Add the security module initialize code
55 * adding the function to check and update the default wapi tx
58 * [BORA00000476] [Wi-Fi][firmware] Add the security module initialize code
59 * adding the generate wapi ie function, and replace the tabe by space
61 * Nov 23 2009 mtk01088
62 * [BORA00000476] [Wi-Fi][firmware] Add the security module initialize code
66 /*******************************************************************************
67 * C O M P I L E R F L A G S
68 ********************************************************************************
71 /*******************************************************************************
72 * E X T E R N A L R E F E R E N C E S
73 ********************************************************************************
79 /*******************************************************************************
81 ********************************************************************************
84 /*******************************************************************************
86 ********************************************************************************
89 /*******************************************************************************
91 ********************************************************************************
94 /*******************************************************************************
95 * P R I V A T E D A T A
96 ********************************************************************************
99 /*******************************************************************************
101 ********************************************************************************
104 /*******************************************************************************
105 * F U N C T I O N D E C L A R A T I O N S
106 ********************************************************************************
109 /*******************************************************************************
111 ********************************************************************************
114 /*----------------------------------------------------------------------------*/
117 * \brief This routine is called to generate WPA IE for
118 * associate request frame.
120 * \param[in] prCurrentBss The Selected BSS description
122 * \retval The append WPA IE length
125 * Called by: AIS module, Associate request
127 /*----------------------------------------------------------------------------*/
130 IN P_ADAPTER_T prAdapter,
131 IN P_MSDU_INFO_T prMsduInfo
139 if (prMsduInfo->ucNetworkType != NETWORK_TYPE_AIS_INDEX)
142 pucBuffer = (PUINT_8)((UINT_32)prMsduInfo->prPacket +
143 (UINT_32)prMsduInfo->u2FrameLength);
145 /* ASSOC INFO IE ID: 68 :0x44 */
146 if (/* prWlanInfo->fgWapiMode && */ prAdapter->prGlueInfo->u2WapiAssocInfoIESz) {
147 kalMemCopy(pucBuffer, &prAdapter->prGlueInfo->aucWapiAssocInfoIEs, prAdapter->prGlueInfo->u2WapiAssocInfoIESz);
148 prMsduInfo->u2FrameLength += prAdapter->prGlueInfo->u2WapiAssocInfoIESz;
154 /*----------------------------------------------------------------------------*/
156 * \brief This routine is called to parse WAPI IE.
158 * \param[in] prInfoElem Pointer to the RSN IE
159 * \param[out] prRsnInfo Pointer to the BSSDescription structure to store the
160 ** WAPI information from the given WAPI IE
162 * \retval TRUE - Succeeded
163 * \retval FALSE - Failed
165 /*----------------------------------------------------------------------------*/
168 IN P_WAPI_INFO_ELEM_T prInfoElem,
169 OUT P_WAPI_INFO_T prWapiInfo
173 INT_32 u4RemainWapiIeLen;
176 UINT_32 u4GroupSuite = WAPI_CIPHER_SUITE_WPI;
177 UINT_16 u2PairSuiteCount = 0;
178 UINT_16 u2AuthSuiteCount = 0;
179 PUCHAR pucPairSuite = NULL;
180 PUCHAR pucAuthSuite = NULL;
183 DEBUGFUNC("wapiParseWapiIE");
188 /* Verify the length of the WAPI IE. */
189 if (prInfoElem->ucLength < 6) {
190 DBGLOG(SEC, TRACE, ("WAPI IE length too short (length=%d)\n", prInfoElem->ucLength));
194 /* Check WAPI version: currently, we only support version 1. */
195 WLAN_GET_FIELD_16(&prInfoElem->u2Version, &u2Version);
196 if (u2Version != 1) {
197 DBGLOG(SEC, TRACE, ("Unsupported WAPI IE version: %d\n", u2Version));
201 cp = (PUCHAR) &prInfoElem->u2AuthKeyMgtSuiteCount;
202 u4RemainWapiIeLen = (INT_32) prInfoElem->ucLength - 2;
205 if (u4RemainWapiIeLen == 0) {
211 AuthSuite : 4 * authSuiteCount
213 PairwiseSuite: 4 * pairSuiteCount
217 /* Parse the Authentication and Key Management Cipher Suite Count
219 if (u4RemainWapiIeLen < 2) {
220 DBGLOG(SEC, TRACE, ("Fail to parse WAPI IE in auth & key mgt suite count (IE len: %d)\n",
221 prInfoElem->ucLength));
225 WLAN_GET_FIELD_16(cp, &u2AuthSuiteCount);
227 u4RemainWapiIeLen -= 2;
229 /* Parse the Authentication and Key Management Cipher Suite List
231 i = (UINT_32) u2AuthSuiteCount * 4;
232 if (u4RemainWapiIeLen < (INT_32) i) {
233 DBGLOG(SEC, TRACE, ("Fail to parse WAPI IE in auth & key mgt suite list (IE len: %d)\n",
234 prInfoElem->ucLength));
241 u4RemainWapiIeLen -= (INT_32) i;
243 if (u4RemainWapiIeLen == 0) {
247 /* Parse the Pairwise Key Cipher Suite Count field. */
248 if (u4RemainWapiIeLen < 2) {
249 DBGLOG(SEC, TRACE, ("Fail to parse WAPI IE in pairwise cipher suite count (IE len: %d)\n",
250 prInfoElem->ucLength));
254 WLAN_GET_FIELD_16(cp, &u2PairSuiteCount);
256 u4RemainWapiIeLen -= 2;
258 /* Parse the Pairwise Key Cipher Suite List field. */
259 i = (UINT_32) u2PairSuiteCount * 4;
260 if (u4RemainWapiIeLen < (INT_32) i) {
261 DBGLOG(SEC, TRACE, ("Fail to parse WAPI IE in pairwise cipher suite list (IE len: %d)\n",
262 prInfoElem->ucLength));
269 u4RemainWapiIeLen -= (INT_32) i;
271 /* Parse the Group Key Cipher Suite field. */
272 if (u4RemainWapiIeLen < 4) {
273 DBGLOG(SEC, TRACE, ("Fail to parse WAPI IE in group cipher suite (IE len: %d)\n",
274 prInfoElem->ucLength));
278 WLAN_GET_FIELD_32(cp, &u4GroupSuite);
280 u4RemainWapiIeLen -= 4;
282 /* Parse the WAPI u2Capabilities field. */
283 if (u4RemainWapiIeLen < 2) {
284 DBGLOG(SEC, TRACE, ("Fail to parse WAPI IE in WAPI capabilities (IE len: %d)\n",
285 prInfoElem->ucLength));
289 WLAN_GET_FIELD_16(cp, &u2Cap);
290 u4RemainWapiIeLen -= 2;
292 /* Todo:: BKID support */
295 /* Save the WAPI information for the BSS. */
297 prWapiInfo->ucElemId = ELEM_ID_WAPI;
299 prWapiInfo->u2Version = u2Version;
301 prWapiInfo->u4GroupKeyCipherSuite = u4GroupSuite;
303 DBGLOG(SEC, LOUD, ("WAPI: version %d, group key cipher suite %02x-%02x-%02x-%02x\n",
304 u2Version, (UCHAR) (u4GroupSuite & 0x000000FF),
305 (UCHAR) ((u4GroupSuite >> 8) & 0x000000FF),
306 (UCHAR) ((u4GroupSuite >> 16) & 0x000000FF),
307 (UCHAR) ((u4GroupSuite >> 24) & 0x000000FF)));
310 /* The information about the pairwise key cipher suites is present. */
311 if (u2PairSuiteCount > MAX_NUM_SUPPORTED_WAPI_CIPHER_SUITES) {
312 u2PairSuiteCount = MAX_NUM_SUPPORTED_WAPI_CIPHER_SUITES;
315 prWapiInfo->u4PairwiseKeyCipherSuiteCount = (UINT_32) u2PairSuiteCount;
317 for (i = 0; i < (UINT_32) u2PairSuiteCount; i++) {
318 WLAN_GET_FIELD_32(pucPairSuite,
319 &prWapiInfo->au4PairwiseKeyCipherSuite[i]);
322 DBGLOG(SEC, LOUD,("WAPI: pairwise key cipher suite [%d]: %02x-%02x-%02x-%02x\n",
323 (UINT_8)i, (UCHAR) (prWapiInfo->au4PairwiseKeyCipherSuite[i] & 0x000000FF),
324 (UCHAR) ((prWapiInfo->au4PairwiseKeyCipherSuite[i] >> 8) & 0x000000FF),
325 (UCHAR) ((prWapiInfo->au4PairwiseKeyCipherSuite[i] >> 16) & 0x000000FF),
326 (UCHAR) ((prWapiInfo->au4PairwiseKeyCipherSuite[i] >> 24) & 0x000000FF)));
330 /* The information about the pairwise key cipher suites is not present.
331 Use the default chipher suite for WAPI: WPI. */
332 prWapiInfo->u4PairwiseKeyCipherSuiteCount = 1;
333 prWapiInfo->au4PairwiseKeyCipherSuite[0] = WAPI_CIPHER_SUITE_WPI;
335 DBGLOG(SEC, LOUD, ("WAPI: pairwise key cipher suite: %02x-%02x-%02x-%02x (default)\n",
336 (UCHAR) (prWapiInfo->au4PairwiseKeyCipherSuite[0] & 0x000000FF),
337 (UCHAR) ((prWapiInfo->au4PairwiseKeyCipherSuite[0] >> 8) & 0x000000FF),
338 (UCHAR) ((prWapiInfo->au4PairwiseKeyCipherSuite[0] >> 16) & 0x000000FF),
339 (UCHAR) ((prWapiInfo->au4PairwiseKeyCipherSuite[0] >> 24) & 0x000000FF)));
343 /* The information about the authentication and key management suites
345 if (u2AuthSuiteCount > MAX_NUM_SUPPORTED_WAPI_AKM_SUITES) {
346 u2AuthSuiteCount = MAX_NUM_SUPPORTED_WAPI_AKM_SUITES;
349 prWapiInfo->u4AuthKeyMgtSuiteCount = (UINT_32) u2AuthSuiteCount;
351 for (i = 0; i < (UINT_32) u2AuthSuiteCount; i++) {
352 WLAN_GET_FIELD_32(pucAuthSuite, &prWapiInfo->au4AuthKeyMgtSuite[i]);
355 DBGLOG(SEC, LOUD, ("WAPI: AKM suite [%d]: %02x-%02x-%02x-%02x\n",
356 (UINT_8)i, (UCHAR) (prWapiInfo->au4AuthKeyMgtSuite[i] & 0x000000FF),
357 (UCHAR) ((prWapiInfo->au4AuthKeyMgtSuite[i] >> 8) & 0x000000FF),
358 (UCHAR) ((prWapiInfo->au4AuthKeyMgtSuite[i] >> 16) & 0x000000FF),
359 (UCHAR) ((prWapiInfo->au4AuthKeyMgtSuite[i] >> 24) & 0x000000FF)));
363 /* The information about the authentication and key management suites
364 is not present. Use the default AKM suite for WAPI. */
365 prWapiInfo->u4AuthKeyMgtSuiteCount = 1;
366 prWapiInfo->au4AuthKeyMgtSuite[0] = WAPI_AKM_SUITE_802_1X;
368 DBGLOG(SEC, LOUD, ("WAPI: AKM suite: %02x-%02x-%02x-%02x (default)\n",
369 (UCHAR) (prWapiInfo->au4AuthKeyMgtSuite[0] & 0x000000FF),
370 (UCHAR) ((prWapiInfo->au4AuthKeyMgtSuite[0] >> 8) & 0x000000FF),
371 (UCHAR) ((prWapiInfo->au4AuthKeyMgtSuite[0] >> 16) & 0x000000FF),
372 (UCHAR) ((prWapiInfo->au4AuthKeyMgtSuite[0] >> 24) & 0x000000FF)));
375 prWapiInfo->u2WapiCap = u2Cap;
376 DBGLOG(SEC, LOUD, ("WAPI: cap: 0x%04x\n", prWapiInfo->u2WapiCap));
379 } /* wapiParseWapiIE */
382 /*----------------------------------------------------------------------------*/
384 * \brief This routine is called to perform WAPI policy selection for a given BSS.
386 * \param[in] prAdapter Pointer to the adapter object data area.
387 * \param[in] prBss Pointer to the BSS description
389 * \retval TRUE - The WAPI policy selection for the given BSS is
390 * successful. The selected pairwise and group cipher suites
391 * are returned in the BSS description.
392 * \retval FALSE - The WAPI policy selection for the given BSS is failed.
393 * The driver shall not attempt to join the given BSS.
395 * \note The Encrypt status matched score will save to bss for final ap select.
397 /*----------------------------------------------------------------------------*/
399 wapiPerformPolicySelection (
400 IN P_ADAPTER_T prAdapter,
401 IN P_BSS_DESC_T prBss
405 UINT_32 u4PairwiseCipher = 0;
406 UINT_32 u4GroupCipher = 0;
407 UINT_32 u4AkmSuite = 0;
408 P_WAPI_INFO_T prBssWapiInfo;
409 P_WLAN_INFO_T prWlanInfo;
411 DEBUGFUNC("wapiPerformPolicySelection");
415 /* Notice!!!! WAPI AP not set the privacy bit for WAI and WAI-PSK at WZC configuration mode */
416 prWlanInfo = &prAdapter->rWlanInfo;
418 if (prBss->fgIEWAPI) {
419 prBssWapiInfo = &prBss->rIEWAPI;
422 if (prAdapter->rWifiVar.rConnSettings.fgWapiMode == FALSE) {
423 DBGLOG(SEC, TRACE,("-- No Protected BSS\n"));
427 DBGLOG(SEC, TRACE, ("WAPI Information Element does not exist.\n"));
432 /* Select pairwise/group ciphers */
433 for (i = 0; i < prBssWapiInfo->u4PairwiseKeyCipherSuiteCount; i++) {
434 if (prBssWapiInfo->au4PairwiseKeyCipherSuite[i] ==
435 prAdapter->rWifiVar.rConnSettings.u4WapiSelectedPairwiseCipher) {
436 u4PairwiseCipher = prBssWapiInfo->au4PairwiseKeyCipherSuite[i];
439 if (prBssWapiInfo->u4GroupKeyCipherSuite ==
440 prAdapter->rWifiVar.rConnSettings.u4WapiSelectedGroupCipher)
441 u4GroupCipher = prBssWapiInfo->u4GroupKeyCipherSuite;
443 /* Exception handler */
444 /* If we cannot find proper pairwise and group cipher suites to join the
445 BSS, do not check the supported AKM suites. */
446 if (u4PairwiseCipher == 0 || u4GroupCipher == 0) {
447 DBGLOG(SEC, TRACE, ("Failed to select pairwise/group cipher (0x%08lx/0x%08lx)\n",
448 u4PairwiseCipher, u4GroupCipher));
453 /* If the driver cannot support any authentication suites advertised in
454 the given BSS, we fail to perform RSNA policy selection. */
455 /* Attempt to find any overlapping supported AKM suite. */
456 for (i = 0; i < prBssWapiInfo->u4AuthKeyMgtSuiteCount; i++) {
457 if (prBssWapiInfo->au4AuthKeyMgtSuite[i] == prAdapter->rWifiVar.rConnSettings.u4WapiSelectedAKMSuite) {
458 u4AkmSuite = prBssWapiInfo->au4AuthKeyMgtSuite[i];
463 if (u4AkmSuite == 0) {
464 DBGLOG(SEC, TRACE, ("Cannot support any AKM suites\n"));
468 DBGLOG(SEC, TRACE, ("Selected pairwise/group cipher: %02x-%02x-%02x-%02x/%02x-%02x-%02x-%02x\n",
469 (UINT_8) (u4PairwiseCipher & 0x000000FF),
470 (UINT_8) ((u4PairwiseCipher >> 8) & 0x000000FF),
471 (UINT_8) ((u4PairwiseCipher >> 16) & 0x000000FF),
472 (UINT_8) ((u4PairwiseCipher >> 24) & 0x000000FF),
473 (UINT_8) (u4GroupCipher & 0x000000FF),
474 (UINT_8) ((u4GroupCipher >> 8) & 0x000000FF),
475 (UINT_8) ((u4GroupCipher >> 16) & 0x000000FF),
476 (UINT_8) ((u4GroupCipher >> 24) & 0x000000FF)));
478 DBGLOG(SEC, TRACE, ("Selected AKM suite: %02x-%02x-%02x-%02x\n",
479 (UINT_8) (u4AkmSuite & 0x000000FF),
480 (UINT_8) ((u4AkmSuite >> 8) & 0x000000FF),
481 (UINT_8) ((u4AkmSuite >> 16) & 0x000000FF),
482 (UINT_8) ((u4AkmSuite >> 24) & 0x000000FF)));
485 } /* wapiPerformPolicySelection */
488 /*----------------------------------------------------------------------------*/
490 * \brief This routine is use for wapi mode, to update the current wpi tx idx ? 0 :1 .
492 * \param[in] prStaRec Pointer to the Sta record
493 * \param[out] ucWlanIdx The Rx status->wlanidx field
495 * \retval TRUE - Succeeded
496 * \retval FALSE - Failed
498 /*----------------------------------------------------------------------------*/
501 IN P_STA_RECORD_T prStaRec,
507 if ((ucWlanIdx & BITS(0, 3)) == CIPHER_SUITE_WPI) {
509 ucKeyId = ((ucWlanIdx & BITS(4, 5)) >> 4);
511 if (ucKeyId != g_prWifiVar->rAisSpecificBssInfo.ucWpiActivedPWKey) {
512 DBGLOG(RSN, STATE, ("Change wapi key index from %d->%d\n", g_prWifiVar->rAisSpecificBssInfo.ucWpiActivedPWKey, ucKeyId));
513 g_prWifiVar->rAisSpecificBssInfo.ucWpiActivedPWKey = ucKeyId;
515 prStaRec->ucWTEntry =
516 (ucKeyId == WTBL_AIS_BSSID_WAPI_IDX_0) ? WTBL_AIS_BSSID_WAPI_IDX_0 : WTBL_AIS_BSSID_WAPI_IDX_1;