1 /******************************************************************************
3 * Copyright(c) 2007 - 2011 Realtek Corporation. All rights reserved.
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of version 2 of the GNU General Public License as
7 * published by the Free Software Foundation.
9 * This program is distributed in the hope that it will be useful, but WITHOUT
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
14 * You should have received a copy of the GNU General Public License along with
15 * this program; if not, write to the Free Software Foundation, Inc.,
16 * 51 Franklin Street, Fifth Floor, Boston, MA 02110, USA
19 ******************************************************************************/
20 #define _RTW_SECURITY_C_
22 #include <drv_types.h>
24 static const char *_security_type_str[] = {
36 const char *security_type_str(u8 value)
38 #ifdef CONFIG_IEEE80211W
41 if (value <= _WEP_WPA_MIXED_)
43 return _security_type_str[value];
48 #define WEP_SW_ENC_CNT_INC(sec, ra) do {\
49 if (is_broadcast_mac_addr(ra)) \
50 sec->wep_sw_enc_cnt_bc++; \
51 else if (is_multicast_mac_addr(ra)) \
52 sec->wep_sw_enc_cnt_mc++; \
54 sec->wep_sw_enc_cnt_uc++; \
57 #define WEP_SW_DEC_CNT_INC(sec, ra) do {\
58 if (is_broadcast_mac_addr(ra)) \
59 sec->wep_sw_dec_cnt_bc++; \
60 else if (is_multicast_mac_addr(ra)) \
61 sec->wep_sw_dec_cnt_mc++; \
63 sec->wep_sw_dec_cnt_uc++; \
66 #define TKIP_SW_ENC_CNT_INC(sec, ra) do {\
67 if (is_broadcast_mac_addr(ra)) \
68 sec->tkip_sw_enc_cnt_bc++; \
69 else if (is_multicast_mac_addr(ra)) \
70 sec->tkip_sw_enc_cnt_mc++; \
72 sec->tkip_sw_enc_cnt_uc++; \
75 #define TKIP_SW_DEC_CNT_INC(sec, ra) do {\
76 if (is_broadcast_mac_addr(ra)) \
77 sec->tkip_sw_dec_cnt_bc++; \
78 else if (is_multicast_mac_addr(ra)) \
79 sec->tkip_sw_dec_cnt_mc++; \
81 sec->tkip_sw_dec_cnt_uc++; \
84 #define AES_SW_ENC_CNT_INC(sec, ra) do {\
85 if (is_broadcast_mac_addr(ra)) \
86 sec->aes_sw_enc_cnt_bc++; \
87 else if (is_multicast_mac_addr(ra)) \
88 sec->aes_sw_enc_cnt_mc++; \
90 sec->aes_sw_enc_cnt_uc++; \
93 #define AES_SW_DEC_CNT_INC(sec, ra) do {\
94 if (is_broadcast_mac_addr(ra)) \
95 sec->aes_sw_dec_cnt_bc++; \
96 else if (is_multicast_mac_addr(ra)) \
97 sec->aes_sw_dec_cnt_mc++; \
99 sec->aes_sw_dec_cnt_uc++; \
102 #define WEP_SW_ENC_CNT_INC(sec, ra)
103 #define WEP_SW_DEC_CNT_INC(sec, ra)
104 #define TKIP_SW_ENC_CNT_INC(sec, ra)
105 #define TKIP_SW_DEC_CNT_INC(sec, ra)
106 #define AES_SW_ENC_CNT_INC(sec, ra)
107 #define AES_SW_DEC_CNT_INC(sec, ra)
108 #endif /* DBG_SW_SEC_CNT */
110 /* *****WEP related***** */
112 #define CRC32_POLY 0x04c11db7
121 static void arcfour_init(struct arc4context *parc4ctx, u8 *key, u32 key_len)
128 state = parc4ctx->state;
131 for (counter = 0; counter < 256; counter++)
132 state[counter] = (u8)counter;
135 for (counter = 0; counter < 256; counter++) {
137 stateindex = (stateindex + key[keyindex] + t) & 0xff;
138 u = state[stateindex];
139 state[stateindex] = (u8)t;
140 state[counter] = (u8)u;
141 if (++keyindex >= key_len)
145 static u32 arcfour_byte(struct arc4context *parc4ctx)
151 state = parc4ctx->state;
152 x = (parc4ctx->x + 1) & 0xff;
154 y = (sx + parc4ctx->y) & 0xff;
160 return state[(sx + sy) & 0xff];
164 static void arcfour_encrypt(struct arc4context *parc4ctx,
170 for (i = 0; i < len; i++)
171 dest[i] = src[i] ^ (unsigned char)arcfour_byte(parc4ctx);
174 static sint bcrc32initialized = 0;
175 static u32 crc32_table[256];
178 static u8 crc32_reverseBit(u8 data)
180 return (u8)((data << 7) & 0x80) | ((data << 5) & 0x40) | ((data << 3) & 0x20) | ((data << 1) & 0x10) | ((data >> 1) & 0x08) | ((data >> 3) & 0x04) | ((data >> 5) & 0x02) | ((
184 static void crc32_init(void)
186 if (bcrc32initialized == 1)
191 u8 *p = (u8 *)&c, *p1;
196 for (i = 0; i < 256; ++i) {
197 k = crc32_reverseBit((u8)i);
198 for (c = ((u32)k) << 24, j = 8; j > 0; --j)
199 c = c & 0x80000000 ? (c << 1) ^ CRC32_POLY : (c << 1);
200 p1 = (u8 *)&crc32_table[i];
202 p1[0] = crc32_reverseBit(p[3]);
203 p1[1] = crc32_reverseBit(p[2]);
204 p1[2] = crc32_reverseBit(p[1]);
205 p1[3] = crc32_reverseBit(p[0]);
207 bcrc32initialized = 1;
213 static u32 getcrc32(u8 *buf, sint len)
217 if (bcrc32initialized == 0)
220 crc = 0xffffffff; /* preload shift register, per CRC-32 spec */
222 for (p = buf; len > 0; ++p, --len)
223 crc = crc32_table[(crc ^ *p) & 0xff] ^ (crc >> 8);
224 return ~crc; /* transmit complement, per CRC-32 spec */
229 Need to consider the fragment situation
231 void rtw_wep_encrypt(_adapter *padapter, u8 *pxmitframe)
235 unsigned char crc[4];
236 struct arc4context mycontext;
238 sint curfragnum, length;
241 u8 *pframe, *payload, *iv; /* ,*wepkey */
243 u8 hw_hdr_offset = 0;
244 struct pkt_attrib *pattrib = &((struct xmit_frame *)pxmitframe)->attrib;
245 struct security_priv *psecuritypriv = &padapter->securitypriv;
246 struct xmit_priv *pxmitpriv = &padapter->xmitpriv;
250 if (((struct xmit_frame *)pxmitframe)->buf_addr == NULL)
253 #ifdef CONFIG_USB_TX_AGGREGATION
254 hw_hdr_offset = TXDESC_SIZE +
255 (((struct xmit_frame *)pxmitframe)->pkt_offset * PACKET_OFFSET_SZ);
257 #ifdef CONFIG_TX_EARLY_MODE
258 hw_hdr_offset = TXDESC_OFFSET + EARLY_MODE_INFO_SIZE;
260 hw_hdr_offset = TXDESC_OFFSET;
264 pframe = ((struct xmit_frame *)pxmitframe)->buf_addr + hw_hdr_offset;
266 /* start to encrypt each fragment */
267 if ((pattrib->encrypt == _WEP40_) || (pattrib->encrypt == _WEP104_)) {
268 keylength = psecuritypriv->dot11DefKeylen[psecuritypriv->dot11PrivacyKeyIndex];
270 for (curfragnum = 0; curfragnum < pattrib->nr_frags; curfragnum++) {
271 iv = pframe + pattrib->hdrlen;
272 _rtw_memcpy(&wepkey[0], iv, 3);
273 _rtw_memcpy(&wepkey[3], &psecuritypriv->dot11DefKey[psecuritypriv->dot11PrivacyKeyIndex].skey[0], keylength);
274 payload = pframe + pattrib->iv_len + pattrib->hdrlen;
276 if ((curfragnum + 1) == pattrib->nr_frags) {
277 /* the last fragment */
279 length = pattrib->last_txcmdsz - pattrib->hdrlen - pattrib->iv_len - pattrib->icv_len;
281 *((u32 *)crc) = cpu_to_le32(getcrc32(payload, length));
283 arcfour_init(&mycontext, wepkey, 3 + keylength);
284 arcfour_encrypt(&mycontext, payload, payload, length);
285 arcfour_encrypt(&mycontext, payload + length, crc, 4);
288 length = pxmitpriv->frag_len - pattrib->hdrlen - pattrib->iv_len - pattrib->icv_len ;
289 *((u32 *)crc) = cpu_to_le32(getcrc32(payload, length));
290 arcfour_init(&mycontext, wepkey, 3 + keylength);
291 arcfour_encrypt(&mycontext, payload, payload, length);
292 arcfour_encrypt(&mycontext, payload + length, crc, 4);
294 pframe += pxmitpriv->frag_len;
295 pframe = (u8 *)RND4((SIZE_PTR)(pframe));
301 WEP_SW_ENC_CNT_INC(psecuritypriv, pattrib->ra);
307 void rtw_wep_decrypt(_adapter *padapter, u8 *precvframe)
311 struct arc4context mycontext;
314 u8 *pframe, *payload, *iv, wepkey[16];
316 struct rx_pkt_attrib *prxattrib = &(((union recv_frame *)precvframe)->u.hdr.attrib);
317 struct security_priv *psecuritypriv = &padapter->securitypriv;
320 pframe = (unsigned char *)((union recv_frame *)precvframe)->u.hdr.rx_data;
322 /* start to decrypt recvframe */
323 if ((prxattrib->encrypt == _WEP40_) || (prxattrib->encrypt == _WEP104_)) {
324 iv = pframe + prxattrib->hdrlen;
325 /* keyindex=(iv[3]&0x3); */
326 keyindex = prxattrib->key_index;
327 keylength = psecuritypriv->dot11DefKeylen[keyindex];
328 _rtw_memcpy(&wepkey[0], iv, 3);
329 /* _rtw_memcpy(&wepkey[3], &psecuritypriv->dot11DefKey[psecuritypriv->dot11PrivacyKeyIndex].skey[0],keylength); */
330 _rtw_memcpy(&wepkey[3], &psecuritypriv->dot11DefKey[keyindex].skey[0], keylength);
331 length = ((union recv_frame *)precvframe)->u.hdr.len - prxattrib->hdrlen - prxattrib->iv_len;
333 payload = pframe + prxattrib->iv_len + prxattrib->hdrlen;
335 /* decrypt payload include icv */
336 arcfour_init(&mycontext, wepkey, 3 + keylength);
337 arcfour_encrypt(&mycontext, payload, payload, length);
339 /* calculate icv and compare the icv */
340 *((u32 *)crc) = le32_to_cpu(getcrc32(payload, length - 4));
343 WEP_SW_DEC_CNT_INC(psecuritypriv, prxattrib->ra);
351 /* 3 =====TKIP related===== */
353 static u32 secmicgetuint32(u8 *p)
354 /* Convert from Byte[] to Us4Byte32 in a portable way */
358 for (i = 0; i < 4; i++)
359 res |= ((u32)(*p++)) << (8 * i);
363 static void secmicputuint32(u8 *p, u32 val)
364 /* Convert from Us4Byte32 to Byte[] in a portable way */
367 for (i = 0; i < 4; i++) {
368 *p++ = (u8)(val & 0xff);
373 static void secmicclear(struct mic_data *pmicdata)
375 /* Reset the state to the empty message. */
376 pmicdata->L = pmicdata->K0;
377 pmicdata->R = pmicdata->K1;
378 pmicdata->nBytesInM = 0;
382 void rtw_secmicsetkey(struct mic_data *pmicdata, u8 *key)
385 pmicdata->K0 = secmicgetuint32(key);
386 pmicdata->K1 = secmicgetuint32(key + 4);
387 /* and reset the message */
388 secmicclear(pmicdata);
391 void rtw_secmicappendbyte(struct mic_data *pmicdata, u8 b)
393 /* Append the byte to our word-sized buffer */
394 pmicdata->M |= ((unsigned long)b) << (8 * pmicdata->nBytesInM);
395 pmicdata->nBytesInM++;
396 /* Process the word if it is full. */
397 if (pmicdata->nBytesInM >= 4) {
398 pmicdata->L ^= pmicdata->M;
399 pmicdata->R ^= ROL32(pmicdata->L, 17);
400 pmicdata->L += pmicdata->R;
401 pmicdata->R ^= ((pmicdata->L & 0xff00ff00) >> 8) | ((pmicdata->L & 0x00ff00ff) << 8);
402 pmicdata->L += pmicdata->R;
403 pmicdata->R ^= ROL32(pmicdata->L, 3);
404 pmicdata->L += pmicdata->R;
405 pmicdata->R ^= ROR32(pmicdata->L, 2);
406 pmicdata->L += pmicdata->R;
407 /* Clear the buffer */
409 pmicdata->nBytesInM = 0;
413 void rtw_secmicappend(struct mic_data *pmicdata, u8 *src, u32 nbytes)
417 rtw_secmicappendbyte(pmicdata, *src++);
422 void rtw_secgetmic(struct mic_data *pmicdata, u8 *dst)
424 /* Append the minimum padding */
425 rtw_secmicappendbyte(pmicdata, 0x5a);
426 rtw_secmicappendbyte(pmicdata, 0);
427 rtw_secmicappendbyte(pmicdata, 0);
428 rtw_secmicappendbyte(pmicdata, 0);
429 rtw_secmicappendbyte(pmicdata, 0);
430 /* and then zeroes until the length is a multiple of 4 */
431 while (pmicdata->nBytesInM != 0)
432 rtw_secmicappendbyte(pmicdata, 0);
433 /* The appendByte function has already computed the result. */
434 secmicputuint32(dst, pmicdata->L);
435 secmicputuint32(dst + 4, pmicdata->R);
436 /* Reset to the empty message. */
437 secmicclear(pmicdata);
441 void rtw_seccalctkipmic(u8 *key, u8 *header, u8 *data, u32 data_len, u8 *mic_code, u8 pri)
444 struct mic_data micdata;
445 u8 priority[4] = {0x0, 0x0, 0x0, 0x0};
446 rtw_secmicsetkey(&micdata, key);
449 /* Michael MIC pseudo header: DA, SA, 3 x 0, Priority */
450 if (header[1] & 1) { /* ToDS==1 */
451 rtw_secmicappend(&micdata, &header[16], 6); /* DA */
452 if (header[1] & 2) /* From Ds==1 */
453 rtw_secmicappend(&micdata, &header[24], 6);
455 rtw_secmicappend(&micdata, &header[10], 6);
456 } else { /* ToDS==0 */
457 rtw_secmicappend(&micdata, &header[4], 6); /* DA */
458 if (header[1] & 2) /* From Ds==1 */
459 rtw_secmicappend(&micdata, &header[16], 6);
461 rtw_secmicappend(&micdata, &header[10], 6);
464 rtw_secmicappend(&micdata, &priority[0], 4);
467 rtw_secmicappend(&micdata, data, data_len);
469 rtw_secgetmic(&micdata, mic_code);
475 /* macros for extraction/creation of unsigned char/unsigned short values */
476 #define RotR1(v16) ((((v16) >> 1) & 0x7FFF) ^ (((v16) & 1) << 15))
477 #define Lo8(v16) ((u8)((v16) & 0x00FF))
478 #define Hi8(v16) ((u8)(((v16) >> 8) & 0x00FF))
479 #define Lo16(v32) ((u16)((v32) & 0xFFFF))
480 #define Hi16(v32) ((u16)(((v32) >> 16) & 0xFFFF))
481 #define Mk16(hi, lo) ((lo) ^ (((u16)(hi)) << 8))
483 /* select the Nth 16-bit word of the temporal key unsigned char array TK[] */
484 #define TK16(N) Mk16(tk[2*(N)+1], tk[2*(N)])
486 /* S-box lookup: 16 bits --> 16 bits */
487 #define _S_(v16) (Sbox1[0][Lo8(v16)] ^ Sbox1[1][Hi8(v16)])
489 /* fixed algorithm "parameters" */
490 #define PHASE1_LOOP_CNT 8 /* this needs to be "big enough" */
491 #define TA_SIZE 6 /* 48-bit transmitter address */
492 #define TK_SIZE 16 /* 128-bit temporal key */
493 #define P1K_SIZE 10 /* 80-bit Phase1 key */
494 #define RC4_KEY_SIZE 16 /* 128-bit RC4KEY (104 bits unknown) */
497 /* 2-unsigned char by 2-unsigned char subset of the full AES S-box table */
498 static const unsigned short Sbox1[2][256] = /* Sbox for hash (can be in ROM) */
500 0xC6A5, 0xF884, 0xEE99, 0xF68D, 0xFF0D, 0xD6BD, 0xDEB1, 0x9154,
501 0x6050, 0x0203, 0xCEA9, 0x567D, 0xE719, 0xB562, 0x4DE6, 0xEC9A,
502 0x8F45, 0x1F9D, 0x8940, 0xFA87, 0xEF15, 0xB2EB, 0x8EC9, 0xFB0B,
503 0x41EC, 0xB367, 0x5FFD, 0x45EA, 0x23BF, 0x53F7, 0xE496, 0x9B5B,
504 0x75C2, 0xE11C, 0x3DAE, 0x4C6A, 0x6C5A, 0x7E41, 0xF502, 0x834F,
505 0x685C, 0x51F4, 0xD134, 0xF908, 0xE293, 0xAB73, 0x6253, 0x2A3F,
506 0x080C, 0x9552, 0x4665, 0x9D5E, 0x3028, 0x37A1, 0x0A0F, 0x2FB5,
507 0x0E09, 0x2436, 0x1B9B, 0xDF3D, 0xCD26, 0x4E69, 0x7FCD, 0xEA9F,
508 0x121B, 0x1D9E, 0x5874, 0x342E, 0x362D, 0xDCB2, 0xB4EE, 0x5BFB,
509 0xA4F6, 0x764D, 0xB761, 0x7DCE, 0x527B, 0xDD3E, 0x5E71, 0x1397,
510 0xA6F5, 0xB968, 0x0000, 0xC12C, 0x4060, 0xE31F, 0x79C8, 0xB6ED,
511 0xD4BE, 0x8D46, 0x67D9, 0x724B, 0x94DE, 0x98D4, 0xB0E8, 0x854A,
512 0xBB6B, 0xC52A, 0x4FE5, 0xED16, 0x86C5, 0x9AD7, 0x6655, 0x1194,
513 0x8ACF, 0xE910, 0x0406, 0xFE81, 0xA0F0, 0x7844, 0x25BA, 0x4BE3,
514 0xA2F3, 0x5DFE, 0x80C0, 0x058A, 0x3FAD, 0x21BC, 0x7048, 0xF104,
515 0x63DF, 0x77C1, 0xAF75, 0x4263, 0x2030, 0xE51A, 0xFD0E, 0xBF6D,
516 0x814C, 0x1814, 0x2635, 0xC32F, 0xBEE1, 0x35A2, 0x88CC, 0x2E39,
517 0x9357, 0x55F2, 0xFC82, 0x7A47, 0xC8AC, 0xBAE7, 0x322B, 0xE695,
518 0xC0A0, 0x1998, 0x9ED1, 0xA37F, 0x4466, 0x547E, 0x3BAB, 0x0B83,
519 0x8CCA, 0xC729, 0x6BD3, 0x283C, 0xA779, 0xBCE2, 0x161D, 0xAD76,
520 0xDB3B, 0x6456, 0x744E, 0x141E, 0x92DB, 0x0C0A, 0x486C, 0xB8E4,
521 0x9F5D, 0xBD6E, 0x43EF, 0xC4A6, 0x39A8, 0x31A4, 0xD337, 0xF28B,
522 0xD532, 0x8B43, 0x6E59, 0xDAB7, 0x018C, 0xB164, 0x9CD2, 0x49E0,
523 0xD8B4, 0xACFA, 0xF307, 0xCF25, 0xCAAF, 0xF48E, 0x47E9, 0x1018,
524 0x6FD5, 0xF088, 0x4A6F, 0x5C72, 0x3824, 0x57F1, 0x73C7, 0x9751,
525 0xCB23, 0xA17C, 0xE89C, 0x3E21, 0x96DD, 0x61DC, 0x0D86, 0x0F85,
526 0xE090, 0x7C42, 0x71C4, 0xCCAA, 0x90D8, 0x0605, 0xF701, 0x1C12,
527 0xC2A3, 0x6A5F, 0xAEF9, 0x69D0, 0x1791, 0x9958, 0x3A27, 0x27B9,
528 0xD938, 0xEB13, 0x2BB3, 0x2233, 0xD2BB, 0xA970, 0x0789, 0x33A7,
529 0x2DB6, 0x3C22, 0x1592, 0xC920, 0x8749, 0xAAFF, 0x5078, 0xA57A,
530 0x038F, 0x59F8, 0x0980, 0x1A17, 0x65DA, 0xD731, 0x84C6, 0xD0B8,
531 0x82C3, 0x29B0, 0x5A77, 0x1E11, 0x7BCB, 0xA8FC, 0x6DD6, 0x2C3A,
535 { /* second half of table is unsigned char-reversed version of first! */
536 0xA5C6, 0x84F8, 0x99EE, 0x8DF6, 0x0DFF, 0xBDD6, 0xB1DE, 0x5491,
537 0x5060, 0x0302, 0xA9CE, 0x7D56, 0x19E7, 0x62B5, 0xE64D, 0x9AEC,
538 0x458F, 0x9D1F, 0x4089, 0x87FA, 0x15EF, 0xEBB2, 0xC98E, 0x0BFB,
539 0xEC41, 0x67B3, 0xFD5F, 0xEA45, 0xBF23, 0xF753, 0x96E4, 0x5B9B,
540 0xC275, 0x1CE1, 0xAE3D, 0x6A4C, 0x5A6C, 0x417E, 0x02F5, 0x4F83,
541 0x5C68, 0xF451, 0x34D1, 0x08F9, 0x93E2, 0x73AB, 0x5362, 0x3F2A,
542 0x0C08, 0x5295, 0x6546, 0x5E9D, 0x2830, 0xA137, 0x0F0A, 0xB52F,
543 0x090E, 0x3624, 0x9B1B, 0x3DDF, 0x26CD, 0x694E, 0xCD7F, 0x9FEA,
544 0x1B12, 0x9E1D, 0x7458, 0x2E34, 0x2D36, 0xB2DC, 0xEEB4, 0xFB5B,
545 0xF6A4, 0x4D76, 0x61B7, 0xCE7D, 0x7B52, 0x3EDD, 0x715E, 0x9713,
546 0xF5A6, 0x68B9, 0x0000, 0x2CC1, 0x6040, 0x1FE3, 0xC879, 0xEDB6,
547 0xBED4, 0x468D, 0xD967, 0x4B72, 0xDE94, 0xD498, 0xE8B0, 0x4A85,
548 0x6BBB, 0x2AC5, 0xE54F, 0x16ED, 0xC586, 0xD79A, 0x5566, 0x9411,
549 0xCF8A, 0x10E9, 0x0604, 0x81FE, 0xF0A0, 0x4478, 0xBA25, 0xE34B,
550 0xF3A2, 0xFE5D, 0xC080, 0x8A05, 0xAD3F, 0xBC21, 0x4870, 0x04F1,
551 0xDF63, 0xC177, 0x75AF, 0x6342, 0x3020, 0x1AE5, 0x0EFD, 0x6DBF,
552 0x4C81, 0x1418, 0x3526, 0x2FC3, 0xE1BE, 0xA235, 0xCC88, 0x392E,
553 0x5793, 0xF255, 0x82FC, 0x477A, 0xACC8, 0xE7BA, 0x2B32, 0x95E6,
554 0xA0C0, 0x9819, 0xD19E, 0x7FA3, 0x6644, 0x7E54, 0xAB3B, 0x830B,
555 0xCA8C, 0x29C7, 0xD36B, 0x3C28, 0x79A7, 0xE2BC, 0x1D16, 0x76AD,
556 0x3BDB, 0x5664, 0x4E74, 0x1E14, 0xDB92, 0x0A0C, 0x6C48, 0xE4B8,
557 0x5D9F, 0x6EBD, 0xEF43, 0xA6C4, 0xA839, 0xA431, 0x37D3, 0x8BF2,
558 0x32D5, 0x438B, 0x596E, 0xB7DA, 0x8C01, 0x64B1, 0xD29C, 0xE049,
559 0xB4D8, 0xFAAC, 0x07F3, 0x25CF, 0xAFCA, 0x8EF4, 0xE947, 0x1810,
560 0xD56F, 0x88F0, 0x6F4A, 0x725C, 0x2438, 0xF157, 0xC773, 0x5197,
561 0x23CB, 0x7CA1, 0x9CE8, 0x213E, 0xDD96, 0xDC61, 0x860D, 0x850F,
562 0x90E0, 0x427C, 0xC471, 0xAACC, 0xD890, 0x0506, 0x01F7, 0x121C,
563 0xA3C2, 0x5F6A, 0xF9AE, 0xD069, 0x9117, 0x5899, 0x273A, 0xB927,
564 0x38D9, 0x13EB, 0xB32B, 0x3322, 0xBBD2, 0x70A9, 0x8907, 0xA733,
565 0xB62D, 0x223C, 0x9215, 0x20C9, 0x4987, 0xFFAA, 0x7850, 0x7AA5,
566 0x8F03, 0xF859, 0x8009, 0x171A, 0xDA65, 0x31D7, 0xC684, 0xB8D0,
567 0xC382, 0xB029, 0x775A, 0x111E, 0xCB7B, 0xFCA8, 0xD66D, 0x3A2C,
572 **********************************************************************
573 * Routine: Phase 1 -- generate P1K, given TA, TK, IV32
576 * tk[] = temporal key [128 bits]
577 * ta[] = transmitter's MAC address [ 48 bits]
578 * iv32 = upper 32 bits of IV [ 32 bits]
580 * p1k[] = Phase 1 key [ 80 bits]
583 * This function only needs to be called every 2**16 packets,
584 * although in theory it could be called every packet.
586 **********************************************************************
588 static void phase1(u16 *p1k, const u8 *tk, const u8 *ta, u32 iv32)
591 /* Initialize the 80 bits of P1K[] from IV32 and TA[0..5] */
594 p1k[2] = Mk16(ta[1], ta[0]); /* use TA[] as little-endian */
595 p1k[3] = Mk16(ta[3], ta[2]);
596 p1k[4] = Mk16(ta[5], ta[4]);
598 /* Now compute an unbalanced Feistel cipher with 80-bit block */
599 /* size on the 80-bit block P1K[], using the 128-bit key TK[] */
600 for (i = 0; i < PHASE1_LOOP_CNT ; i++) {
601 /* Each add operation here is mod 2**16 */
602 p1k[0] += _S_(p1k[4] ^ TK16((i & 1) + 0));
603 p1k[1] += _S_(p1k[0] ^ TK16((i & 1) + 2));
604 p1k[2] += _S_(p1k[1] ^ TK16((i & 1) + 4));
605 p1k[3] += _S_(p1k[2] ^ TK16((i & 1) + 6));
606 p1k[4] += _S_(p1k[3] ^ TK16((i & 1) + 0));
607 p1k[4] += (unsigned short)i; /* avoid "slide attacks" */
613 **********************************************************************
614 * Routine: Phase 2 -- generate RC4KEY, given TK, P1K, IV16
617 * tk[] = Temporal key [128 bits]
618 * p1k[] = Phase 1 output key [ 80 bits]
619 * iv16 = low 16 bits of IV counter [ 16 bits]
621 * rc4key[] = the key used to encrypt the packet [128 bits]
624 * The value {TA,IV32,IV16} for Phase1/Phase2 must be unique
625 * across all packets using the same key TK value. Then, for a
626 * given value of TK[], this TKIP48 construction guarantees that
627 * the final RC4KEY value is unique across all packets.
629 * Suggested implementation optimization: if PPK[] is "overlaid"
630 * appropriately on RC4KEY[], there is no need for the final
631 * for loop below that copies the PPK[] result into RC4KEY[].
633 **********************************************************************
635 static void phase2(u8 *rc4key, const u8 *tk, const u16 *p1k, u16 iv16)
638 u16 PPK[6]; /* temporary key for mixing */
639 /* Note: all adds in the PPK[] equations below are mod 2**16 */
640 for (i = 0; i < 5; i++)
641 PPK[i] = p1k[i]; /* first, copy P1K to PPK */
642 PPK[5] = p1k[4] + iv16; /* next, add in IV16 */
644 /* Bijective non-linear mixing of the 96 bits of PPK[0..5] */
645 PPK[0] += _S_(PPK[5] ^ TK16(0)); /* Mix key in each "round" */
646 PPK[1] += _S_(PPK[0] ^ TK16(1));
647 PPK[2] += _S_(PPK[1] ^ TK16(2));
648 PPK[3] += _S_(PPK[2] ^ TK16(3));
649 PPK[4] += _S_(PPK[3] ^ TK16(4));
650 PPK[5] += _S_(PPK[4] ^ TK16(5)); /* Total # S-box lookups == 6 */
652 /* Final sweep: bijective, "linear". Rotates kill LSB correlations */
653 PPK[0] += RotR1(PPK[5] ^ TK16(6));
654 PPK[1] += RotR1(PPK[0] ^ TK16(7)); /* Use all of TK[] in Phase2 */
655 PPK[2] += RotR1(PPK[1]);
656 PPK[3] += RotR1(PPK[2]);
657 PPK[4] += RotR1(PPK[3]);
658 PPK[5] += RotR1(PPK[4]);
659 /* Note: At this point, for a given key TK[0..15], the 96-bit output */
660 /* value PPK[0..5] is guaranteed to be unique, as a function */
661 /* of the 96-bit "input" value {TA,IV32,IV16}. That is, P1K */
662 /* is now a keyed permutation of {TA,IV32,IV16}. */
664 /* Set RC4KEY[0..3], which includes "cleartext" portion of RC4 key */
665 rc4key[0] = Hi8(iv16); /* RC4KEY[0..2] is the WEP IV */
666 rc4key[1] = (Hi8(iv16) | 0x20) & 0x7F; /* Help avoid weak (FMS) keys */
667 rc4key[2] = Lo8(iv16);
668 rc4key[3] = Lo8((PPK[5] ^ TK16(0)) >> 1);
671 /* Copy 96 bits of PPK[0..5] to RC4KEY[4..15] (little-endian) */
672 for (i = 0; i < 6; i++) {
673 rc4key[4 + 2 * i] = Lo8(PPK[i]);
674 rc4key[5 + 2 * i] = Hi8(PPK[i]);
679 /* The hlen isn't include the IV */
680 u32 rtw_tkip_encrypt(_adapter *padapter, u8 *pxmitframe)
688 u8 hw_hdr_offset = 0;
689 struct arc4context mycontext;
690 sint curfragnum, length;
693 u8 *pframe, *payload, *iv, *prwskey;
694 union pn48 dot11txpn;
695 /* struct sta_info *stainfo; */
696 struct pkt_attrib *pattrib = &((struct xmit_frame *)pxmitframe)->attrib;
697 struct security_priv *psecuritypriv = &padapter->securitypriv;
698 struct xmit_priv *pxmitpriv = &padapter->xmitpriv;
701 if (((struct xmit_frame *)pxmitframe)->buf_addr == NULL)
704 #ifdef CONFIG_USB_TX_AGGREGATION
705 hw_hdr_offset = TXDESC_SIZE +
706 (((struct xmit_frame *)pxmitframe)->pkt_offset * PACKET_OFFSET_SZ);
708 #ifdef CONFIG_TX_EARLY_MODE
709 hw_hdr_offset = TXDESC_OFFSET + EARLY_MODE_INFO_SIZE;
711 hw_hdr_offset = TXDESC_OFFSET;
715 pframe = ((struct xmit_frame *)pxmitframe)->buf_addr + hw_hdr_offset;
716 /* 4 start to encrypt each fragment */
717 if (pattrib->encrypt == _TKIP_) {
722 stainfo = pattrib->psta;
726 RTW_INFO("%s, call rtw_get_stainfo()\n", __func__);
727 stainfo=rtw_get_stainfo(&padapter->stapriv ,&pattrib->ra[0] );
730 /* if (stainfo!=NULL) */
733 if(!(stainfo->state &_FW_LINKED))
735 RTW_INFO("%s, psta->state(0x%x) != _FW_LINKED\n", __func__, stainfo->state);
740 if (IS_MCAST(pattrib->ra))
741 prwskey = psecuritypriv->dot118021XGrpKey[psecuritypriv->dot118021XGrpKeyid].skey;
743 /* prwskey=&stainfo->dot118021x_UncstKey.skey[0]; */
744 prwskey = pattrib->dot118021x_UncstKey.skey;
749 for (curfragnum = 0; curfragnum < pattrib->nr_frags; curfragnum++) {
750 iv = pframe + pattrib->hdrlen;
751 payload = pframe + pattrib->iv_len + pattrib->hdrlen;
753 GET_TKIP_PN(iv, dot11txpn);
755 pnl = (u16)(dot11txpn.val);
756 pnh = (u32)(dot11txpn.val >> 16);
758 phase1((u16 *)&ttkey[0], prwskey, &pattrib->ta[0], pnh);
760 phase2(&rc4key[0], prwskey, (u16 *)&ttkey[0], pnl);
762 if ((curfragnum + 1) == pattrib->nr_frags) { /* 4 the last fragment */
763 length = pattrib->last_txcmdsz - pattrib->hdrlen - pattrib->iv_len - pattrib->icv_len;
764 *((u32 *)crc) = cpu_to_le32(getcrc32(payload, length)); /* modified by Amy*/
766 arcfour_init(&mycontext, rc4key, 16);
767 arcfour_encrypt(&mycontext, payload, payload, length);
768 arcfour_encrypt(&mycontext, payload + length, crc, 4);
771 length = pxmitpriv->frag_len - pattrib->hdrlen - pattrib->iv_len - pattrib->icv_len ;
772 *((u32 *)crc) = cpu_to_le32(getcrc32(payload, length)); /* modified by Amy*/
773 arcfour_init(&mycontext, rc4key, 16);
774 arcfour_encrypt(&mycontext, payload, payload, length);
775 arcfour_encrypt(&mycontext, payload + length, crc, 4);
777 pframe += pxmitpriv->frag_len;
778 pframe = (u8 *)RND4((SIZE_PTR)(pframe));
783 TKIP_SW_ENC_CNT_INC(psecuritypriv, pattrib->ra);
787 RTW_INFO("%s, psta==NUL\n", __func__);
798 /* The hlen isn't include the IV */
799 u32 rtw_tkip_decrypt(_adapter *padapter, u8 *precvframe)
807 struct arc4context mycontext;
811 u8 *pframe, *payload, *iv, *prwskey;
812 union pn48 dot11txpn;
813 struct sta_info *stainfo;
814 struct rx_pkt_attrib *prxattrib = &((union recv_frame *)precvframe)->u.hdr.attrib;
815 struct security_priv *psecuritypriv = &padapter->securitypriv;
816 /* struct recv_priv *precvpriv=&padapter->recvpriv; */
820 pframe = (unsigned char *)((union recv_frame *)precvframe)->u.hdr.rx_data;
822 /* 4 start to decrypt recvframe */
823 if (prxattrib->encrypt == _TKIP_) {
825 stainfo = rtw_get_stainfo(&padapter->stapriv , &prxattrib->ta[0]);
826 if (stainfo != NULL) {
828 if (IS_MCAST(prxattrib->ra)) {
829 static u32 start = 0;
830 static u32 no_gkey_bc_cnt = 0;
831 static u32 no_gkey_mc_cnt = 0;
833 if (psecuritypriv->binstallGrpkey == _FALSE) {
837 start = rtw_get_current_time();
839 if (is_broadcast_mac_addr(prxattrib->ra))
844 if (rtw_get_passing_time_ms(start) > 1000) {
845 if (no_gkey_bc_cnt || no_gkey_mc_cnt) {
846 RTW_PRINT(FUNC_ADPT_FMT" no_gkey_bc_cnt:%u, no_gkey_mc_cnt:%u\n",
847 FUNC_ADPT_ARG(padapter), no_gkey_bc_cnt, no_gkey_mc_cnt);
849 start = rtw_get_current_time();
856 if (no_gkey_bc_cnt || no_gkey_mc_cnt) {
857 RTW_PRINT(FUNC_ADPT_FMT" gkey installed. no_gkey_bc_cnt:%u, no_gkey_mc_cnt:%u\n",
858 FUNC_ADPT_ARG(padapter), no_gkey_bc_cnt, no_gkey_mc_cnt);
864 /* RTW_INFO("rx bc/mc packets, to perform sw rtw_tkip_decrypt\n"); */
865 /* prwskey = psecuritypriv->dot118021XGrpKey[psecuritypriv->dot118021XGrpKeyid].skey; */
866 prwskey = psecuritypriv->dot118021XGrpKey[prxattrib->key_index].skey;
869 prwskey = &stainfo->dot118021x_UncstKey.skey[0];
873 iv = pframe + prxattrib->hdrlen;
874 payload = pframe + prxattrib->iv_len + prxattrib->hdrlen;
875 length = ((union recv_frame *)precvframe)->u.hdr.len - prxattrib->hdrlen - prxattrib->iv_len;
877 GET_TKIP_PN(iv, dot11txpn);
879 pnl = (u16)(dot11txpn.val);
880 pnh = (u32)(dot11txpn.val >> 16);
882 phase1((u16 *)&ttkey[0], prwskey, &prxattrib->ta[0], pnh);
883 phase2(&rc4key[0], prwskey, (unsigned short *)&ttkey[0], pnl);
885 /* 4 decrypt payload include icv */
887 arcfour_init(&mycontext, rc4key, 16);
888 arcfour_encrypt(&mycontext, payload, payload, length);
890 *((u32 *)crc) = le32_to_cpu(getcrc32(payload, length - 4));
892 if (crc[3] != payload[length - 1] || crc[2] != payload[length - 2] || crc[1] != payload[length - 3] || crc[0] != payload[length - 4]) {
896 TKIP_SW_DEC_CNT_INC(psecuritypriv, prxattrib->ra);
908 /* 3 =====AES related===== */
912 #define MAX_MSG_SIZE 2048
913 /*****************************/
914 /******** SBOX Table *********/
915 /*****************************/
917 static u8 sbox_table[256] = {
918 0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5,
919 0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76,
920 0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0,
921 0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0,
922 0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc,
923 0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15,
924 0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a,
925 0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75,
926 0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0,
927 0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84,
928 0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b,
929 0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf,
930 0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85,
931 0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8,
932 0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5,
933 0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2,
934 0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17,
935 0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73,
936 0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88,
937 0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb,
938 0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c,
939 0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79,
940 0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9,
941 0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08,
942 0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6,
943 0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a,
944 0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e,
945 0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e,
946 0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94,
947 0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf,
948 0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68,
949 0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16
952 /*****************************/
953 /**** Function Prototypes ****/
954 /*****************************/
956 static void bitwise_xor(u8 *ina, u8 *inb, u8 *out);
957 static void construct_mic_iv(
964 uint frtype);/* add for CONFIG_IEEE80211W, none 11w also can use */
965 static void construct_mic_header1(
969 uint frtype);/* add for CONFIG_IEEE80211W, none 11w also can use */
970 static void construct_mic_header2(
975 static void construct_ctr_preload(
982 uint frtype);/* add for CONFIG_IEEE80211W, none 11w also can use */
983 static void xor_128(u8 *a, u8 *b, u8 *out);
984 static void xor_32(u8 *a, u8 *b, u8 *out);
985 static u8 sbox(u8 a);
986 static void next_key(u8 *key, sint round);
987 static void byte_sub(u8 *in, u8 *out);
988 static void shift_row(u8 *in, u8 *out);
989 static void mix_column(u8 *in, u8 *out);
990 #ifndef PLATFORM_FREEBSD
991 static void add_round_key(u8 *shiftrow_in,
996 #endif /* PLATFORM_FREEBSD */
997 static void aes128k128d(u8 *key, u8 *data, u8 *ciphertext);
1000 /****************************************/
1002 /* Performs a 128 bit AES encrypt with */
1004 /****************************************/
1005 static void xor_128(u8 *a, u8 *b, u8 *out)
1008 for (i = 0; i < 16; i++)
1009 out[i] = a[i] ^ b[i];
1013 static void xor_32(u8 *a, u8 *b, u8 *out)
1016 for (i = 0; i < 4; i++)
1017 out[i] = a[i] ^ b[i];
1021 static u8 sbox(u8 a)
1023 return sbox_table[(sint)a];
1027 static void next_key(u8 *key, sint round)
1031 u8 rcon_table[12] = {
1032 0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 0x40, 0x80,
1033 0x1b, 0x36, 0x36, 0x36
1035 sbox_key[0] = sbox(key[13]);
1036 sbox_key[1] = sbox(key[14]);
1037 sbox_key[2] = sbox(key[15]);
1038 sbox_key[3] = sbox(key[12]);
1040 rcon = rcon_table[round];
1042 xor_32(&key[0], sbox_key, &key[0]);
1043 key[0] = key[0] ^ rcon;
1045 xor_32(&key[4], &key[0], &key[4]);
1046 xor_32(&key[8], &key[4], &key[8]);
1047 xor_32(&key[12], &key[8], &key[12]);
1051 static void byte_sub(u8 *in, u8 *out)
1054 for (i = 0; i < 16; i++)
1055 out[i] = sbox(in[i]);
1059 static void shift_row(u8 *in, u8 *out)
1080 static void mix_column(u8 *in, u8 *out)
1091 for (i = 0 ; i < 4; i++) {
1092 if ((in[i] & 0x80) == 0x80)
1098 swap_halfs[0] = in[2]; /* Swap halfs */
1099 swap_halfs[1] = in[3];
1100 swap_halfs[2] = in[0];
1101 swap_halfs[3] = in[1];
1103 rotl[0] = in[3]; /* Rotate left 8 bits */
1108 andf7[0] = in[0] & 0x7f;
1109 andf7[1] = in[1] & 0x7f;
1110 andf7[2] = in[2] & 0x7f;
1111 andf7[3] = in[3] & 0x7f;
1113 for (i = 3; i > 0; i--) { /* logical shift left 1 bit */
1114 andf7[i] = andf7[i] << 1;
1115 if ((andf7[i - 1] & 0x80) == 0x80)
1116 andf7[i] = (andf7[i] | 0x01);
1118 andf7[0] = andf7[0] << 1;
1119 andf7[0] = andf7[0] & 0xfe;
1121 xor_32(add1b, andf7, add1bf7);
1123 xor_32(in, add1bf7, rotr);
1125 temp[0] = rotr[0]; /* Rotate right 8 bits */
1131 xor_32(add1bf7, rotr, temp);
1132 xor_32(swap_halfs, rotl, tempb);
1133 xor_32(temp, tempb, out);
1137 static void aes128k128d(u8 *key, u8 *data, u8 *ciphertext)
1141 u8 intermediatea[16];
1142 u8 intermediateb[16];
1144 for (i = 0; i < 16; i++)
1145 round_key[i] = key[i];
1147 for (round = 0; round < 11; round++) {
1149 xor_128(round_key, data, ciphertext);
1150 next_key(round_key, round);
1151 } else if (round == 10) {
1152 byte_sub(ciphertext, intermediatea);
1153 shift_row(intermediatea, intermediateb);
1154 xor_128(intermediateb, round_key, ciphertext);
1155 } else { /* 1 - 9 */
1156 byte_sub(ciphertext, intermediatea);
1157 shift_row(intermediatea, intermediateb);
1158 mix_column(&intermediateb[0], &intermediatea[0]);
1159 mix_column(&intermediateb[4], &intermediatea[4]);
1160 mix_column(&intermediateb[8], &intermediatea[8]);
1161 mix_column(&intermediateb[12], &intermediatea[12]);
1162 xor_128(intermediatea, round_key, ciphertext);
1163 next_key(round_key, round);
1169 /************************************************/
1170 /* construct_mic_iv() */
1171 /* Builds the MIC IV from header fields and PN */
1172 /* Baron think the function is construct CCM */
1174 /************************************************/
1175 static void construct_mic_iv(
1180 uint payload_length,
1182 uint frtype/* add for CONFIG_IEEE80211W, none 11w also can use */
1187 if (qc_exists && a4_exists)
1188 mic_iv[1] = mpdu[30] & 0x0f; /* QoS_TC */
1189 if (qc_exists && !a4_exists)
1190 mic_iv[1] = mpdu[24] & 0x0f; /* mute bits 7-4 */
1193 #ifdef CONFIG_IEEE80211W
1194 /* 802.11w management frame should set management bit(4) */
1195 if (frtype == WIFI_MGT_TYPE)
1196 mic_iv[1] |= BIT(4);
1197 #endif /* CONFIG_IEEE80211W */
1198 for (i = 2; i < 8; i++)
1199 mic_iv[i] = mpdu[i + 8]; /* mic_iv[2:7] = A2[0:5] = mpdu[10:15] */
1200 #ifdef CONSISTENT_PN_ORDER
1201 for (i = 8; i < 14; i++)
1202 mic_iv[i] = pn_vector[i - 8]; /* mic_iv[8:13] = PN[0:5] */
1204 for (i = 8; i < 14; i++)
1205 mic_iv[i] = pn_vector[13 - i]; /* mic_iv[8:13] = PN[5:0] */
1207 mic_iv[14] = (unsigned char)(payload_length / 256);
1208 mic_iv[15] = (unsigned char)(payload_length % 256);
1212 /************************************************/
1213 /* construct_mic_header1() */
1214 /* Builds the first MIC header block from */
1215 /* header fields. */
1216 /* Build AAD SC,A1,A2 */
1217 /************************************************/
1218 static void construct_mic_header1(
1222 uint frtype/* add for CONFIG_IEEE80211W, none 11w also can use */
1225 mic_header1[0] = (u8)((header_length - 2) / 256);
1226 mic_header1[1] = (u8)((header_length - 2) % 256);
1227 #ifdef CONFIG_IEEE80211W
1228 /* 802.11w management frame don't AND subtype bits 4,5,6 of frame control field */
1229 if (frtype == WIFI_MGT_TYPE)
1230 mic_header1[2] = mpdu[0];
1232 #endif /* CONFIG_IEEE80211W */
1233 mic_header1[2] = mpdu[0] & 0xcf; /* Mute CF poll & CF ack bits */
1235 mic_header1[3] = mpdu[1] & 0xc7; /* Mute retry, more data and pwr mgt bits */
1236 mic_header1[4] = mpdu[4]; /* A1 */
1237 mic_header1[5] = mpdu[5];
1238 mic_header1[6] = mpdu[6];
1239 mic_header1[7] = mpdu[7];
1240 mic_header1[8] = mpdu[8];
1241 mic_header1[9] = mpdu[9];
1242 mic_header1[10] = mpdu[10]; /* A2 */
1243 mic_header1[11] = mpdu[11];
1244 mic_header1[12] = mpdu[12];
1245 mic_header1[13] = mpdu[13];
1246 mic_header1[14] = mpdu[14];
1247 mic_header1[15] = mpdu[15];
1251 /************************************************/
1252 /* construct_mic_header2() */
1253 /* Builds the last MIC header block from */
1254 /* header fields. */
1255 /************************************************/
1256 static void construct_mic_header2(
1264 for (i = 0; i < 16; i++)
1265 mic_header2[i] = 0x00;
1267 mic_header2[0] = mpdu[16]; /* A3 */
1268 mic_header2[1] = mpdu[17];
1269 mic_header2[2] = mpdu[18];
1270 mic_header2[3] = mpdu[19];
1271 mic_header2[4] = mpdu[20];
1272 mic_header2[5] = mpdu[21];
1274 /* mic_header2[6] = mpdu[22] & 0xf0; SC */
1275 mic_header2[6] = 0x00;
1276 mic_header2[7] = 0x00; /* mpdu[23]; */
1279 if (!qc_exists && a4_exists) {
1280 for (i = 0; i < 6; i++)
1281 mic_header2[8 + i] = mpdu[24 + i]; /* A4 */
1285 if (qc_exists && !a4_exists) {
1286 mic_header2[8] = mpdu[24] & 0x0f; /* mute bits 15 - 4 */
1287 mic_header2[9] = mpdu[25] & 0x00;
1290 if (qc_exists && a4_exists) {
1291 for (i = 0; i < 6; i++)
1292 mic_header2[8 + i] = mpdu[24 + i]; /* A4 */
1294 mic_header2[14] = mpdu[30] & 0x0f;
1295 mic_header2[15] = mpdu[31] & 0x00;
1301 /************************************************/
1302 /* construct_mic_header2() */
1303 /* Builds the last MIC header block from */
1304 /* header fields. */
1305 /* Baron think the function is construct CCM */
1307 /************************************************/
1308 static void construct_ctr_preload(
1315 uint frtype /* add for CONFIG_IEEE80211W, none 11w also can use */
1319 for (i = 0; i < 16; i++)
1320 ctr_preload[i] = 0x00;
1323 ctr_preload[0] = 0x01; /* flag */
1324 if (qc_exists && a4_exists)
1325 ctr_preload[1] = mpdu[30] & 0x0f; /* QoC_Control */
1326 if (qc_exists && !a4_exists)
1327 ctr_preload[1] = mpdu[24] & 0x0f;
1328 #ifdef CONFIG_IEEE80211W
1329 /* 802.11w management frame should set management bit(4) */
1330 if (frtype == WIFI_MGT_TYPE)
1331 ctr_preload[1] |= BIT(4);
1332 #endif /* CONFIG_IEEE80211W */
1333 for (i = 2; i < 8; i++)
1334 ctr_preload[i] = mpdu[i + 8]; /* ctr_preload[2:7] = A2[0:5] = mpdu[10:15] */
1335 #ifdef CONSISTENT_PN_ORDER
1336 for (i = 8; i < 14; i++)
1337 ctr_preload[i] = pn_vector[i - 8]; /* ctr_preload[8:13] = PN[0:5] */
1339 for (i = 8; i < 14; i++)
1340 ctr_preload[i] = pn_vector[13 - i]; /* ctr_preload[8:13] = PN[5:0] */
1342 ctr_preload[14] = (unsigned char)(c / 256); /* Ctr */
1343 ctr_preload[15] = (unsigned char)(c % 256);
1347 /************************************/
1349 /* A 128 bit, bitwise exclusive or */
1350 /************************************/
1351 static void bitwise_xor(u8 *ina, u8 *inb, u8 *out)
1354 for (i = 0; i < 16; i++)
1355 out[i] = ina[i] ^ inb[i];
1359 static sint aes_cipher(u8 *key, uint hdrlen,
1360 u8 *pframe, uint plen)
1362 /* static unsigned char message[MAX_MSG_SIZE]; */
1363 uint qc_exists, a4_exists, i, j, payload_remainder,
1364 num_blocks, payload_index;
1372 /* Intermediate Buffers */
1373 u8 chain_buffer[16];
1375 u8 padded_buffer[16];
1377 /* uint offset = 0; */
1378 uint frtype = GetFrameType(pframe);
1379 uint frsubtype = get_frame_sub_type(pframe);
1381 frsubtype = frsubtype >> 4;
1384 _rtw_memset((void *)mic_iv, 0, 16);
1385 _rtw_memset((void *)mic_header1, 0, 16);
1386 _rtw_memset((void *)mic_header2, 0, 16);
1387 _rtw_memset((void *)ctr_preload, 0, 16);
1388 _rtw_memset((void *)chain_buffer, 0, 16);
1389 _rtw_memset((void *)aes_out, 0, 16);
1390 _rtw_memset((void *)padded_buffer, 0, 16);
1392 if ((hdrlen == WLAN_HDR_A3_LEN) || (hdrlen == WLAN_HDR_A3_QOS_LEN))
1398 ((frtype | frsubtype) == WIFI_DATA_CFACK) ||
1399 ((frtype | frsubtype) == WIFI_DATA_CFPOLL) ||
1400 ((frtype | frsubtype) == WIFI_DATA_CFACKPOLL)) {
1402 if (hdrlen != WLAN_HDR_A3_QOS_LEN)
1406 /* add for CONFIG_IEEE80211W, none 11w also can use */
1407 else if ((frtype == WIFI_DATA) &&
1408 ((frsubtype == 0x08) ||
1409 (frsubtype == 0x09) ||
1410 (frsubtype == 0x0a) ||
1411 (frsubtype == 0x0b))) {
1412 if (hdrlen != WLAN_HDR_A3_QOS_LEN)
1419 pn_vector[0] = pframe[hdrlen];
1420 pn_vector[1] = pframe[hdrlen + 1];
1421 pn_vector[2] = pframe[hdrlen + 4];
1422 pn_vector[3] = pframe[hdrlen + 5];
1423 pn_vector[4] = pframe[hdrlen + 6];
1424 pn_vector[5] = pframe[hdrlen + 7];
1430 pframe, /* message, */
1433 frtype /* add for CONFIG_IEEE80211W, none 11w also can use */
1436 construct_mic_header1(
1439 pframe, /* message */
1440 frtype /* add for CONFIG_IEEE80211W, none 11w also can use */
1442 construct_mic_header2(
1444 pframe, /* message, */
1450 payload_remainder = plen % 16;
1451 num_blocks = plen / 16;
1453 /* Find start of payload */
1454 payload_index = (hdrlen + 8);
1457 aes128k128d(key, mic_iv, aes_out);
1458 bitwise_xor(aes_out, mic_header1, chain_buffer);
1459 aes128k128d(key, chain_buffer, aes_out);
1460 bitwise_xor(aes_out, mic_header2, chain_buffer);
1461 aes128k128d(key, chain_buffer, aes_out);
1463 for (i = 0; i < num_blocks; i++) {
1464 bitwise_xor(aes_out, &pframe[payload_index], chain_buffer);/* bitwise_xor(aes_out, &message[payload_index], chain_buffer); */
1466 payload_index += 16;
1467 aes128k128d(key, chain_buffer, aes_out);
1470 /* Add on the final payload block if it needs padding */
1471 if (payload_remainder > 0) {
1472 for (j = 0; j < 16; j++)
1473 padded_buffer[j] = 0x00;
1474 for (j = 0; j < payload_remainder; j++) {
1475 padded_buffer[j] = pframe[payload_index++];/* padded_buffer[j] = message[payload_index++]; */
1477 bitwise_xor(aes_out, padded_buffer, chain_buffer);
1478 aes128k128d(key, chain_buffer, aes_out);
1482 for (j = 0 ; j < 8; j++)
1483 mic[j] = aes_out[j];
1485 /* Insert MIC into payload */
1486 for (j = 0; j < 8; j++)
1487 pframe[payload_index + j] = mic[j]; /* message[payload_index+j] = mic[j]; */
1489 payload_index = hdrlen + 8;
1490 for (i = 0; i < num_blocks; i++) {
1491 construct_ctr_preload(
1495 pframe, /* message, */
1498 frtype); /* add for CONFIG_IEEE80211W, none 11w also can use */
1499 aes128k128d(key, ctr_preload, aes_out);
1500 bitwise_xor(aes_out, &pframe[payload_index], chain_buffer);/* bitwise_xor(aes_out, &message[payload_index], chain_buffer); */
1501 for (j = 0; j < 16; j++)
1502 pframe[payload_index++] = chain_buffer[j];/* for (j=0; j<16;j++) message[payload_index++] = chain_buffer[j]; */
1505 if (payload_remainder > 0) { /* If there is a short final block, then pad it,*/
1506 /* encrypt it and copy the unpadded part back */
1507 construct_ctr_preload(
1511 pframe, /* message, */
1514 frtype); /* add for CONFIG_IEEE80211W, none 11w also can use */
1516 for (j = 0; j < 16; j++)
1517 padded_buffer[j] = 0x00;
1518 for (j = 0; j < payload_remainder; j++) {
1519 padded_buffer[j] = pframe[payload_index + j]; /* padded_buffer[j] = message[payload_index+j]; */
1521 aes128k128d(key, ctr_preload, aes_out);
1522 bitwise_xor(aes_out, padded_buffer, chain_buffer);
1523 for (j = 0; j < payload_remainder; j++)
1524 pframe[payload_index++] = chain_buffer[j];/* for (j=0; j<payload_remainder;j++) message[payload_index++] = chain_buffer[j]; */
1527 /* Encrypt the MIC */
1528 construct_ctr_preload(
1532 pframe, /* message, */
1535 frtype); /* add for CONFIG_IEEE80211W, none 11w also can use */
1537 for (j = 0; j < 16; j++)
1538 padded_buffer[j] = 0x00;
1539 for (j = 0; j < 8; j++) {
1540 padded_buffer[j] = pframe[j + hdrlen + 8 + plen]; /* padded_buffer[j] = message[j+hdrlen+8+plen]; */
1543 aes128k128d(key, ctr_preload, aes_out);
1544 bitwise_xor(aes_out, padded_buffer, chain_buffer);
1545 for (j = 0; j < 8; j++)
1546 pframe[payload_index++] = chain_buffer[j];/* for (j=0; j<8;j++) message[payload_index++] = chain_buffer[j]; */
1554 u32 rtw_aes_encrypt(_adapter *padapter, u8 *pxmitframe)
1560 /* unsigned char message[MAX_MSG_SIZE]; */
1562 /* Intermediate Buffers */
1563 sint curfragnum, length;
1565 u8 *pframe, *prwskey; /* , *payload,*iv */
1566 u8 hw_hdr_offset = 0;
1567 /* struct sta_info *stainfo=NULL; */
1568 struct pkt_attrib *pattrib = &((struct xmit_frame *)pxmitframe)->attrib;
1569 struct security_priv *psecuritypriv = &padapter->securitypriv;
1570 struct xmit_priv *pxmitpriv = &padapter->xmitpriv;
1572 /* uint offset = 0; */
1575 if (((struct xmit_frame *)pxmitframe)->buf_addr == NULL)
1578 #ifdef CONFIG_USB_TX_AGGREGATION
1579 hw_hdr_offset = TXDESC_SIZE +
1580 (((struct xmit_frame *)pxmitframe)->pkt_offset * PACKET_OFFSET_SZ);
1582 #ifdef CONFIG_TX_EARLY_MODE
1583 hw_hdr_offset = TXDESC_OFFSET + EARLY_MODE_INFO_SIZE;
1585 hw_hdr_offset = TXDESC_OFFSET;
1589 pframe = ((struct xmit_frame *)pxmitframe)->buf_addr + hw_hdr_offset;
1591 /* 4 start to encrypt each fragment */
1592 if ((pattrib->encrypt == _AES_)) {
1596 stainfo = pattrib->psta;
1600 RTW_INFO("%s, call rtw_get_stainfo()\n", __func__);
1601 stainfo=rtw_get_stainfo(&padapter->stapriv ,&pattrib->ra[0] );
1604 /* if (stainfo!=NULL) */
1607 if(!(stainfo->state &_FW_LINKED))
1609 RTW_INFO("%s, psta->state(0x%x) != _FW_LINKED\n", __func__, stainfo->state);
1614 if (IS_MCAST(pattrib->ra))
1615 prwskey = psecuritypriv->dot118021XGrpKey[psecuritypriv->dot118021XGrpKeyid].skey;
1617 /* prwskey=&stainfo->dot118021x_UncstKey.skey[0]; */
1618 prwskey = pattrib->dot118021x_UncstKey.skey;
1624 struct sta_info *ptdls_sta;
1625 ptdls_sta = rtw_get_stainfo(&padapter->stapriv , &pattrib->dst[0]);
1626 if ((ptdls_sta != NULL) && (ptdls_sta->tdls_sta_state & TDLS_LINKED_STATE)) {
1627 RTW_INFO("[%s] for tdls link\n", __FUNCTION__);
1628 prwskey = &ptdls_sta->tpk.tk[0];
1631 #endif /* CONFIG_TDLS */
1635 for (curfragnum = 0; curfragnum < pattrib->nr_frags; curfragnum++) {
1637 if ((curfragnum + 1) == pattrib->nr_frags) { /* 4 the last fragment */
1638 length = pattrib->last_txcmdsz - pattrib->hdrlen - pattrib->iv_len - pattrib->icv_len;
1640 aes_cipher(prwskey, pattrib->hdrlen, pframe, length);
1642 length = pxmitpriv->frag_len - pattrib->hdrlen - pattrib->iv_len - pattrib->icv_len ;
1644 aes_cipher(prwskey, pattrib->hdrlen, pframe, length);
1645 pframe += pxmitpriv->frag_len;
1646 pframe = (u8 *)RND4((SIZE_PTR)(pframe));
1651 AES_SW_ENC_CNT_INC(psecuritypriv, pattrib->ra);
1655 RTW_INFO("%s, psta==NUL\n", __func__);
1666 static sint aes_decipher(u8 *key, uint hdrlen,
1667 u8 *pframe, uint plen)
1669 static u8 message[MAX_MSG_SIZE];
1670 uint qc_exists, a4_exists, i, j, payload_remainder,
1671 num_blocks, payload_index;
1672 sint res = _SUCCESS;
1679 /* Intermediate Buffers */
1680 u8 chain_buffer[16];
1682 u8 padded_buffer[16];
1686 /* uint offset = 0; */
1687 uint frtype = GetFrameType(pframe);
1688 uint frsubtype = get_frame_sub_type(pframe);
1689 frsubtype = frsubtype >> 4;
1692 _rtw_memset((void *)mic_iv, 0, 16);
1693 _rtw_memset((void *)mic_header1, 0, 16);
1694 _rtw_memset((void *)mic_header2, 0, 16);
1695 _rtw_memset((void *)ctr_preload, 0, 16);
1696 _rtw_memset((void *)chain_buffer, 0, 16);
1697 _rtw_memset((void *)aes_out, 0, 16);
1698 _rtw_memset((void *)padded_buffer, 0, 16);
1700 /* start to decrypt the payload */
1702 num_blocks = (plen - 8) / 16; /* (plen including LLC, payload_length and mic ) */
1704 payload_remainder = (plen - 8) % 16;
1706 pn_vector[0] = pframe[hdrlen];
1707 pn_vector[1] = pframe[hdrlen + 1];
1708 pn_vector[2] = pframe[hdrlen + 4];
1709 pn_vector[3] = pframe[hdrlen + 5];
1710 pn_vector[4] = pframe[hdrlen + 6];
1711 pn_vector[5] = pframe[hdrlen + 7];
1713 if ((hdrlen == WLAN_HDR_A3_LEN) || (hdrlen == WLAN_HDR_A3_QOS_LEN))
1719 ((frtype | frsubtype) == WIFI_DATA_CFACK) ||
1720 ((frtype | frsubtype) == WIFI_DATA_CFPOLL) ||
1721 ((frtype | frsubtype) == WIFI_DATA_CFACKPOLL)) {
1723 if (hdrlen != WLAN_HDR_A3_QOS_LEN)
1726 } /* only for data packet . add for CONFIG_IEEE80211W, none 11w also can use */
1727 else if ((frtype == WIFI_DATA) &&
1728 ((frsubtype == 0x08) ||
1729 (frsubtype == 0x09) ||
1730 (frsubtype == 0x0a) ||
1731 (frsubtype == 0x0b))) {
1732 if (hdrlen != WLAN_HDR_A3_QOS_LEN)
1740 /* now, decrypt pframe with hdrlen offset and plen long */
1742 payload_index = hdrlen + 8; /* 8 is for extiv */
1744 for (i = 0; i < num_blocks; i++) {
1745 construct_ctr_preload(
1752 frtype /* add for CONFIG_IEEE80211W, none 11w also can use */
1755 aes128k128d(key, ctr_preload, aes_out);
1756 bitwise_xor(aes_out, &pframe[payload_index], chain_buffer);
1758 for (j = 0; j < 16; j++)
1759 pframe[payload_index++] = chain_buffer[j];
1762 if (payload_remainder > 0) { /* If there is a short final block, then pad it,*/
1763 /* encrypt it and copy the unpadded part back */
1764 construct_ctr_preload(
1771 frtype /* add for CONFIG_IEEE80211W, none 11w also can use */
1774 for (j = 0; j < 16; j++)
1775 padded_buffer[j] = 0x00;
1776 for (j = 0; j < payload_remainder; j++)
1777 padded_buffer[j] = pframe[payload_index + j];
1778 aes128k128d(key, ctr_preload, aes_out);
1779 bitwise_xor(aes_out, padded_buffer, chain_buffer);
1780 for (j = 0; j < payload_remainder; j++)
1781 pframe[payload_index++] = chain_buffer[j];
1784 /* start to calculate the mic */
1785 if ((hdrlen + plen + 8) <= MAX_MSG_SIZE)
1786 _rtw_memcpy((void *)message, pframe, (hdrlen + plen + 8)); /* 8 is for ext iv len */
1789 pn_vector[0] = pframe[hdrlen];
1790 pn_vector[1] = pframe[hdrlen + 1];
1791 pn_vector[2] = pframe[hdrlen + 4];
1792 pn_vector[3] = pframe[hdrlen + 5];
1793 pn_vector[4] = pframe[hdrlen + 6];
1794 pn_vector[5] = pframe[hdrlen + 7];
1805 frtype /* add for CONFIG_IEEE80211W, none 11w also can use */
1808 construct_mic_header1(
1812 frtype /* add for CONFIG_IEEE80211W, none 11w also can use */
1814 construct_mic_header2(
1822 payload_remainder = (plen - 8) % 16;
1823 num_blocks = (plen - 8) / 16;
1825 /* Find start of payload */
1826 payload_index = (hdrlen + 8);
1829 aes128k128d(key, mic_iv, aes_out);
1830 bitwise_xor(aes_out, mic_header1, chain_buffer);
1831 aes128k128d(key, chain_buffer, aes_out);
1832 bitwise_xor(aes_out, mic_header2, chain_buffer);
1833 aes128k128d(key, chain_buffer, aes_out);
1835 for (i = 0; i < num_blocks; i++) {
1836 bitwise_xor(aes_out, &message[payload_index], chain_buffer);
1838 payload_index += 16;
1839 aes128k128d(key, chain_buffer, aes_out);
1842 /* Add on the final payload block if it needs padding */
1843 if (payload_remainder > 0) {
1844 for (j = 0; j < 16; j++)
1845 padded_buffer[j] = 0x00;
1846 for (j = 0; j < payload_remainder; j++)
1847 padded_buffer[j] = message[payload_index++];
1848 bitwise_xor(aes_out, padded_buffer, chain_buffer);
1849 aes128k128d(key, chain_buffer, aes_out);
1853 for (j = 0 ; j < 8; j++)
1854 mic[j] = aes_out[j];
1856 /* Insert MIC into payload */
1857 for (j = 0; j < 8; j++)
1858 message[payload_index + j] = mic[j];
1860 payload_index = hdrlen + 8;
1861 for (i = 0; i < num_blocks; i++) {
1862 construct_ctr_preload(
1869 frtype); /* add for CONFIG_IEEE80211W, none 11w also can use */
1870 aes128k128d(key, ctr_preload, aes_out);
1871 bitwise_xor(aes_out, &message[payload_index], chain_buffer);
1872 for (j = 0; j < 16; j++)
1873 message[payload_index++] = chain_buffer[j];
1876 if (payload_remainder > 0) { /* If there is a short final block, then pad it,*/
1877 /* encrypt it and copy the unpadded part back */
1878 construct_ctr_preload(
1885 frtype); /* add for CONFIG_IEEE80211W, none 11w also can use */
1887 for (j = 0; j < 16; j++)
1888 padded_buffer[j] = 0x00;
1889 for (j = 0; j < payload_remainder; j++)
1890 padded_buffer[j] = message[payload_index + j];
1891 aes128k128d(key, ctr_preload, aes_out);
1892 bitwise_xor(aes_out, padded_buffer, chain_buffer);
1893 for (j = 0; j < payload_remainder; j++)
1894 message[payload_index++] = chain_buffer[j];
1897 /* Encrypt the MIC */
1898 construct_ctr_preload(
1905 frtype); /* add for CONFIG_IEEE80211W, none 11w also can use */
1907 for (j = 0; j < 16; j++)
1908 padded_buffer[j] = 0x00;
1909 for (j = 0; j < 8; j++)
1910 padded_buffer[j] = message[j + hdrlen + 8 + plen - 8];
1912 aes128k128d(key, ctr_preload, aes_out);
1913 bitwise_xor(aes_out, padded_buffer, chain_buffer);
1914 for (j = 0; j < 8; j++)
1915 message[payload_index++] = chain_buffer[j];
1917 /* compare the mic */
1918 for (i = 0; i < 8; i++) {
1919 if (pframe[hdrlen + 8 + plen - 8 + i] != message[hdrlen + 8 + plen - 8 + i]) {
1920 RTW_INFO("aes_decipher:mic check error mic[%d]: pframe(%x) != message(%x)\n",
1921 i, pframe[hdrlen + 8 + plen - 8 + i], message[hdrlen + 8 + plen - 8 + i]);
1928 u32 rtw_aes_decrypt(_adapter *padapter, u8 *precvframe)
1934 /* unsigned char message[MAX_MSG_SIZE]; */
1937 /* Intermediate Buffers */
1942 u8 *pframe, *prwskey; /* , *payload,*iv */
1943 struct sta_info *stainfo;
1944 struct rx_pkt_attrib *prxattrib = &((union recv_frame *)precvframe)->u.hdr.attrib;
1945 struct security_priv *psecuritypriv = &padapter->securitypriv;
1946 /* struct recv_priv *precvpriv=&padapter->recvpriv; */
1948 pframe = (unsigned char *)((union recv_frame *)precvframe)->u.hdr.rx_data;
1949 /* 4 start to encrypt each fragment */
1950 if ((prxattrib->encrypt == _AES_)) {
1952 stainfo = rtw_get_stainfo(&padapter->stapriv , &prxattrib->ta[0]);
1953 if (stainfo != NULL) {
1955 if (IS_MCAST(prxattrib->ra)) {
1956 static u32 start = 0;
1957 static u32 no_gkey_bc_cnt = 0;
1958 static u32 no_gkey_mc_cnt = 0;
1960 /* RTW_INFO("rx bc/mc packets, to perform sw rtw_aes_decrypt\n"); */
1961 /* prwskey = psecuritypriv->dot118021XGrpKey[psecuritypriv->dot118021XGrpKeyid].skey; */
1962 if (psecuritypriv->binstallGrpkey == _FALSE) {
1966 start = rtw_get_current_time();
1968 if (is_broadcast_mac_addr(prxattrib->ra))
1973 if (rtw_get_passing_time_ms(start) > 1000) {
1974 if (no_gkey_bc_cnt || no_gkey_mc_cnt) {
1975 RTW_PRINT(FUNC_ADPT_FMT" no_gkey_bc_cnt:%u, no_gkey_mc_cnt:%u\n",
1976 FUNC_ADPT_ARG(padapter), no_gkey_bc_cnt, no_gkey_mc_cnt);
1978 start = rtw_get_current_time();
1986 if (no_gkey_bc_cnt || no_gkey_mc_cnt) {
1987 RTW_PRINT(FUNC_ADPT_FMT" gkey installed. no_gkey_bc_cnt:%u, no_gkey_mc_cnt:%u\n",
1988 FUNC_ADPT_ARG(padapter), no_gkey_bc_cnt, no_gkey_mc_cnt);
1994 prwskey = psecuritypriv->dot118021XGrpKey[prxattrib->key_index].skey;
1995 if (psecuritypriv->dot118021XGrpKeyid != prxattrib->key_index) {
1996 RTW_DBG("not match packet_index=%d, install_index=%d\n"
1997 , prxattrib->key_index, psecuritypriv->dot118021XGrpKeyid);
2002 prwskey = &stainfo->dot118021x_UncstKey.skey[0];
2004 length = ((union recv_frame *)precvframe)->u.hdr.len - prxattrib->hdrlen - prxattrib->iv_len;
2006 /* add for CONFIG_IEEE80211W, debug */
2008 printk("@@@@@@@@@@@@@@@@@@ length=%d, prxattrib->hdrlen=%d, prxattrib->pkt_len=%d\n"
2009 , length, prxattrib->hdrlen, prxattrib->pkt_len);
2012 /* test print PSK */
2013 printk("PSK key below:\n");
2014 for (no = 0; no < 16; no++)
2015 printk(" %02x ", prwskey[no]);
2020 /* test print PSK */
2022 for (no = 0; no < prxattrib->pkt_len; no++)
2023 printk(" %02x ", pframe[no]);
2028 res = aes_decipher(prwskey, prxattrib->hdrlen, pframe, length);
2030 AES_SW_DEC_CNT_INC(psecuritypriv, prxattrib->ra);
2040 #ifdef CONFIG_IEEE80211W
2041 u32 rtw_BIP_verify(_adapter *padapter, u8 *precvframe)
2043 struct rx_pkt_attrib *pattrib = &((union recv_frame *)precvframe)->u.hdr.attrib;
2048 struct rtw_ieee80211_hdr *pwlanhdr;
2050 struct mlme_ext_priv *pmlmeext = &padapter->mlmeextpriv;
2051 ori_len = pattrib->pkt_len - WLAN_HDR_A3_LEN + BIP_AAD_SIZE;
2052 BIP_AAD = rtw_zmalloc(ori_len);
2054 if (BIP_AAD == NULL) {
2055 RTW_INFO("BIP AAD allocate fail\n");
2059 pframe = (unsigned char *)((union recv_frame *)precvframe)->u.hdr.rx_data;
2060 /* mapping to wlan header */
2061 pwlanhdr = (struct rtw_ieee80211_hdr *)pframe;
2062 /* save the frame body + MME */
2063 _rtw_memcpy(BIP_AAD + BIP_AAD_SIZE, pframe + WLAN_HDR_A3_LEN, pattrib->pkt_len - WLAN_HDR_A3_LEN);
2064 /* find MME IE pointer */
2065 p = rtw_get_ie(BIP_AAD + BIP_AAD_SIZE, _MME_IE_, &len, pattrib->pkt_len - WLAN_HDR_A3_LEN);
2070 /* save packet number */
2071 _rtw_memcpy(&temp_ipn, p + 4, 6);
2072 temp_ipn = le64_to_cpu(temp_ipn);
2073 /* BIP packet number should bigger than previous BIP packet */
2074 if (temp_ipn < pmlmeext->mgnt_80211w_IPN_rx) {
2075 RTW_INFO("replay BIP packet\n");
2078 /* copy key index */
2079 _rtw_memcpy(&keyid, p + 2, 2);
2080 keyid = le16_to_cpu(keyid);
2081 if (keyid != padapter->securitypriv.dot11wBIPKeyid) {
2082 RTW_INFO("BIP key index error!\n");
2085 /* clear the MIC field of MME to zero */
2086 _rtw_memset(p + 2 + len - 8, 0, 8);
2088 /* conscruct AAD, copy frame control field */
2089 _rtw_memcpy(BIP_AAD, &pwlanhdr->frame_ctl, 2);
2090 ClearRetry(BIP_AAD);
2091 ClearPwrMgt(BIP_AAD);
2092 ClearMData(BIP_AAD);
2093 /* conscruct AAD, copy address 1 to address 3 */
2094 _rtw_memcpy(BIP_AAD + 2, pwlanhdr->addr1, 18);
2096 if (omac1_aes_128(padapter->securitypriv.dot11wBIPKey[padapter->securitypriv.dot11wBIPKeyid].skey
2097 , BIP_AAD, ori_len, mic))
2101 /* management packet content */
2105 for (pp = 0; pp < pattrib->pkt_len; pp++)
2106 printk(" %02x ", pframe[pp]);
2108 /* BIP AAD + management frame body + MME(MIC is zero) */
2109 RTW_INFO("AAD+PKT: ");
2110 for (pp = 0; pp < ori_len; pp++)
2111 RTW_INFO(" %02x ", BIP_AAD[pp]);
2113 /* show the MIC result */
2115 for (pp = 0; pp < 16; pp++)
2116 RTW_INFO(" %02x ", mic[pp]);
2120 /* MIC field should be last 8 bytes of packet (packet without FCS) */
2121 if (_rtw_memcmp(mic, pframe + pattrib->pkt_len - 8, 8)) {
2122 pmlmeext->mgnt_80211w_IPN_rx = temp_ipn;
2125 RTW_INFO("BIP MIC error!\n");
2128 res = RTW_RX_HANDLED;
2131 rtw_mfree(BIP_AAD, ori_len);
2134 #endif /* CONFIG_IEEE80211W */
2136 #ifndef PLATFORM_FREEBSD
2137 /* compress 512-bits */
2138 static int sha256_compress(struct sha256_state *md, unsigned char *buf)
2140 u32 S[8], W[64], t0, t1;
2144 /* copy state into S */
2145 for (i = 0; i < 8; i++)
2146 S[i] = md->state[i];
2148 /* copy the state into 512-bits into W[0..15] */
2149 for (i = 0; i < 16; i++)
2150 W[i] = WPA_GET_BE32(buf + (4 * i));
2152 /* fill W[16..63] */
2153 for (i = 16; i < 64; i++) {
2154 W[i] = Gamma1(W[i - 2]) + W[i - 7] + Gamma0(W[i - 15]) +
2159 #define RND(a, b, c, d, e, f, g, h, i) do {\
2160 t0 = h + Sigma1(e) + Ch(e, f, g) + K[i] + W[i]; \
2161 t1 = Sigma0(a) + Maj(a, b, c); \
2166 for (i = 0; i < 64; ++i) {
2167 RND(S[0], S[1], S[2], S[3], S[4], S[5], S[6], S[7], i);
2180 for (i = 0; i < 8; i++)
2181 md->state[i] = md->state[i] + S[i];
2185 /* Initialize the hash state */
2186 static void sha256_init(struct sha256_state *md)
2190 md->state[0] = 0x6A09E667UL;
2191 md->state[1] = 0xBB67AE85UL;
2192 md->state[2] = 0x3C6EF372UL;
2193 md->state[3] = 0xA54FF53AUL;
2194 md->state[4] = 0x510E527FUL;
2195 md->state[5] = 0x9B05688CUL;
2196 md->state[6] = 0x1F83D9ABUL;
2197 md->state[7] = 0x5BE0CD19UL;
2201 Process a block of memory though the hash
2202 @param md The hash state
2203 @param in The data to hash
2204 @param inlen The length of the data (octets)
2205 @return CRYPT_OK if successful
2207 static int sha256_process(struct sha256_state *md, unsigned char *in,
2208 unsigned long inlen)
2211 #define block_size 64
2213 if (md->curlen > sizeof(md->buf))
2217 if (md->curlen == 0 && inlen >= block_size) {
2218 if (sha256_compress(md, (unsigned char *) in) < 0)
2220 md->length += block_size * 8;
2222 inlen -= block_size;
2224 n = MIN(inlen, (block_size - md->curlen));
2225 _rtw_memcpy(md->buf + md->curlen, in, n);
2229 if (md->curlen == block_size) {
2230 if (sha256_compress(md, md->buf) < 0)
2232 md->length += 8 * block_size;
2243 Terminate the hash to get the digest
2244 @param md The hash state
2245 @param out [out] The destination of the hash (32 bytes)
2246 @return CRYPT_OK if successful
2248 static int sha256_done(struct sha256_state *md, unsigned char *out)
2252 if (md->curlen >= sizeof(md->buf))
2255 /* increase the length of the message */
2256 md->length += md->curlen * 8;
2258 /* append the '1' bit */
2259 md->buf[md->curlen++] = (unsigned char) 0x80;
2261 /* if the length is currently above 56 bytes we append zeros
2262 * then compress. Then we can fall back to padding zeros and length
2263 * encoding like normal.
2265 if (md->curlen > 56) {
2266 while (md->curlen < 64)
2267 md->buf[md->curlen++] = (unsigned char) 0;
2268 sha256_compress(md, md->buf);
2272 /* pad upto 56 bytes of zeroes */
2273 while (md->curlen < 56)
2274 md->buf[md->curlen++] = (unsigned char) 0;
2277 WPA_PUT_BE64(md->buf + 56, md->length);
2278 sha256_compress(md, md->buf);
2281 for (i = 0; i < 8; i++)
2282 WPA_PUT_BE32(out + (4 * i), md->state[i]);
2288 * sha256_vector - SHA256 hash for data vector
2289 * @num_elem: Number of elements in the data vector
2290 * @addr: Pointers to the data areas
2291 * @len: Lengths of the data blocks
2292 * @mac: Buffer for the hash
2293 * Returns: 0 on success, -1 of failure
2295 static int sha256_vector(size_t num_elem, u8 *addr[], size_t *len,
2298 struct sha256_state ctx;
2302 for (i = 0; i < num_elem; i++)
2303 if (sha256_process(&ctx, addr[i], len[i]))
2305 if (sha256_done(&ctx, mac))
2310 static u8 os_strlen(const char *s)
2318 static int os_memcmp(void *s1, void *s2, u8 n)
2320 unsigned char *p1 = s1, *p2 = s2;
2325 while (*p1 == *p2) {
2337 * hmac_sha256_vector - HMAC-SHA256 over data vector (RFC 2104)
2338 * @key: Key for HMAC operations
2339 * @key_len: Length of the key in bytes
2340 * @num_elem: Number of elements in the data vector
2341 * @addr: Pointers to the data areas
2342 * @len: Lengths of the data blocks
2343 * @mac: Buffer for the hash (32 bytes)
2345 static void hmac_sha256_vector(u8 *key, size_t key_len, size_t num_elem,
2346 u8 *addr[], size_t *len, u8 *mac)
2348 unsigned char k_pad[64]; /* padding - key XORd with ipad/opad */
2349 unsigned char tk[32];
2355 * Fixed limit on the number of fragments to avoid having to
2356 * allocate memory (which could fail).
2361 /* if key is longer than 64 bytes reset it to key = SHA256(key) */
2363 sha256_vector(1, &key, &key_len, tk);
2368 /* the HMAC_SHA256 transform looks like:
2370 * SHA256(K XOR opad, SHA256(K XOR ipad, text))
2372 * where K is an n byte key
2373 * ipad is the byte 0x36 repeated 64 times
2374 * opad is the byte 0x5c repeated 64 times
2375 * and text is the data being protected */
2377 /* start out by storing key in ipad */
2378 _rtw_memset(k_pad, 0, sizeof(k_pad));
2379 _rtw_memcpy(k_pad, key, key_len);
2380 /* XOR key with ipad values */
2381 for (i = 0; i < 64; i++)
2384 /* perform inner SHA256 */
2387 for (i = 0; i < num_elem; i++) {
2388 _addr[i + 1] = addr[i];
2389 _len[i + 1] = len[i];
2391 sha256_vector(1 + num_elem, _addr, _len, mac);
2393 _rtw_memset(k_pad, 0, sizeof(k_pad));
2394 _rtw_memcpy(k_pad, key, key_len);
2395 /* XOR key with opad values */
2396 for (i = 0; i < 64; i++)
2399 /* perform outer SHA256 */
2404 sha256_vector(2, _addr, _len, mac);
2406 #endif /* PLATFORM_FREEBSD */
2408 * sha256_prf - SHA256-based Pseudo-Random Function (IEEE 802.11r, 8.5.1.5.2)
2410 * @key_len: Length of the key in bytes
2411 * @label: A unique label for each purpose of the PRF
2412 * @data: Extra data to bind into the key
2413 * @data_len: Length of the data
2414 * @buf: Buffer for the generated pseudo-random key
2415 * @buf_len: Number of bytes of key to generate
2417 * This function is used to derive new, cryptographically separate keys from a
2420 #ifndef PLATFORM_FREEBSD /* Baron */
2421 static void sha256_prf(u8 *key, size_t key_len, char *label,
2422 u8 *data, size_t data_len, u8 *buf, size_t buf_len)
2426 u8 hash[SHA256_MAC_LEN];
2429 u8 counter_le[2], length_le[2];
2431 addr[0] = counter_le;
2433 addr[1] = (u8 *) label;
2434 len[1] = os_strlen(label);
2437 addr[3] = length_le;
2438 len[3] = sizeof(length_le);
2440 WPA_PUT_LE16(length_le, buf_len * 8);
2442 while (pos < buf_len) {
2443 plen = buf_len - pos;
2444 WPA_PUT_LE16(counter_le, counter);
2445 if (plen >= SHA256_MAC_LEN) {
2446 hmac_sha256_vector(key, key_len, 4, addr, len,
2448 pos += SHA256_MAC_LEN;
2450 hmac_sha256_vector(key, key_len, 4, addr, len, hash);
2451 _rtw_memcpy(&buf[pos], hash, plen);
2457 #endif /* PLATFORM_FREEBSD Baron */
2460 const u32 Te0[256] = {
2461 0xc66363a5U, 0xf87c7c84U, 0xee777799U, 0xf67b7b8dU,
2462 0xfff2f20dU, 0xd66b6bbdU, 0xde6f6fb1U, 0x91c5c554U,
2463 0x60303050U, 0x02010103U, 0xce6767a9U, 0x562b2b7dU,
2464 0xe7fefe19U, 0xb5d7d762U, 0x4dababe6U, 0xec76769aU,
2465 0x8fcaca45U, 0x1f82829dU, 0x89c9c940U, 0xfa7d7d87U,
2466 0xeffafa15U, 0xb25959ebU, 0x8e4747c9U, 0xfbf0f00bU,
2467 0x41adadecU, 0xb3d4d467U, 0x5fa2a2fdU, 0x45afafeaU,
2468 0x239c9cbfU, 0x53a4a4f7U, 0xe4727296U, 0x9bc0c05bU,
2469 0x75b7b7c2U, 0xe1fdfd1cU, 0x3d9393aeU, 0x4c26266aU,
2470 0x6c36365aU, 0x7e3f3f41U, 0xf5f7f702U, 0x83cccc4fU,
2471 0x6834345cU, 0x51a5a5f4U, 0xd1e5e534U, 0xf9f1f108U,
2472 0xe2717193U, 0xabd8d873U, 0x62313153U, 0x2a15153fU,
2473 0x0804040cU, 0x95c7c752U, 0x46232365U, 0x9dc3c35eU,
2474 0x30181828U, 0x379696a1U, 0x0a05050fU, 0x2f9a9ab5U,
2475 0x0e070709U, 0x24121236U, 0x1b80809bU, 0xdfe2e23dU,
2476 0xcdebeb26U, 0x4e272769U, 0x7fb2b2cdU, 0xea75759fU,
2477 0x1209091bU, 0x1d83839eU, 0x582c2c74U, 0x341a1a2eU,
2478 0x361b1b2dU, 0xdc6e6eb2U, 0xb45a5aeeU, 0x5ba0a0fbU,
2479 0xa45252f6U, 0x763b3b4dU, 0xb7d6d661U, 0x7db3b3ceU,
2480 0x5229297bU, 0xdde3e33eU, 0x5e2f2f71U, 0x13848497U,
2481 0xa65353f5U, 0xb9d1d168U, 0x00000000U, 0xc1eded2cU,
2482 0x40202060U, 0xe3fcfc1fU, 0x79b1b1c8U, 0xb65b5bedU,
2483 0xd46a6abeU, 0x8dcbcb46U, 0x67bebed9U, 0x7239394bU,
2484 0x944a4adeU, 0x984c4cd4U, 0xb05858e8U, 0x85cfcf4aU,
2485 0xbbd0d06bU, 0xc5efef2aU, 0x4faaaae5U, 0xedfbfb16U,
2486 0x864343c5U, 0x9a4d4dd7U, 0x66333355U, 0x11858594U,
2487 0x8a4545cfU, 0xe9f9f910U, 0x04020206U, 0xfe7f7f81U,
2488 0xa05050f0U, 0x783c3c44U, 0x259f9fbaU, 0x4ba8a8e3U,
2489 0xa25151f3U, 0x5da3a3feU, 0x804040c0U, 0x058f8f8aU,
2490 0x3f9292adU, 0x219d9dbcU, 0x70383848U, 0xf1f5f504U,
2491 0x63bcbcdfU, 0x77b6b6c1U, 0xafdada75U, 0x42212163U,
2492 0x20101030U, 0xe5ffff1aU, 0xfdf3f30eU, 0xbfd2d26dU,
2493 0x81cdcd4cU, 0x180c0c14U, 0x26131335U, 0xc3ecec2fU,
2494 0xbe5f5fe1U, 0x359797a2U, 0x884444ccU, 0x2e171739U,
2495 0x93c4c457U, 0x55a7a7f2U, 0xfc7e7e82U, 0x7a3d3d47U,
2496 0xc86464acU, 0xba5d5de7U, 0x3219192bU, 0xe6737395U,
2497 0xc06060a0U, 0x19818198U, 0x9e4f4fd1U, 0xa3dcdc7fU,
2498 0x44222266U, 0x542a2a7eU, 0x3b9090abU, 0x0b888883U,
2499 0x8c4646caU, 0xc7eeee29U, 0x6bb8b8d3U, 0x2814143cU,
2500 0xa7dede79U, 0xbc5e5ee2U, 0x160b0b1dU, 0xaddbdb76U,
2501 0xdbe0e03bU, 0x64323256U, 0x743a3a4eU, 0x140a0a1eU,
2502 0x924949dbU, 0x0c06060aU, 0x4824246cU, 0xb85c5ce4U,
2503 0x9fc2c25dU, 0xbdd3d36eU, 0x43acacefU, 0xc46262a6U,
2504 0x399191a8U, 0x319595a4U, 0xd3e4e437U, 0xf279798bU,
2505 0xd5e7e732U, 0x8bc8c843U, 0x6e373759U, 0xda6d6db7U,
2506 0x018d8d8cU, 0xb1d5d564U, 0x9c4e4ed2U, 0x49a9a9e0U,
2507 0xd86c6cb4U, 0xac5656faU, 0xf3f4f407U, 0xcfeaea25U,
2508 0xca6565afU, 0xf47a7a8eU, 0x47aeaee9U, 0x10080818U,
2509 0x6fbabad5U, 0xf0787888U, 0x4a25256fU, 0x5c2e2e72U,
2510 0x381c1c24U, 0x57a6a6f1U, 0x73b4b4c7U, 0x97c6c651U,
2511 0xcbe8e823U, 0xa1dddd7cU, 0xe874749cU, 0x3e1f1f21U,
2512 0x964b4bddU, 0x61bdbddcU, 0x0d8b8b86U, 0x0f8a8a85U,
2513 0xe0707090U, 0x7c3e3e42U, 0x71b5b5c4U, 0xcc6666aaU,
2514 0x904848d8U, 0x06030305U, 0xf7f6f601U, 0x1c0e0e12U,
2515 0xc26161a3U, 0x6a35355fU, 0xae5757f9U, 0x69b9b9d0U,
2516 0x17868691U, 0x99c1c158U, 0x3a1d1d27U, 0x279e9eb9U,
2517 0xd9e1e138U, 0xebf8f813U, 0x2b9898b3U, 0x22111133U,
2518 0xd26969bbU, 0xa9d9d970U, 0x078e8e89U, 0x339494a7U,
2519 0x2d9b9bb6U, 0x3c1e1e22U, 0x15878792U, 0xc9e9e920U,
2520 0x87cece49U, 0xaa5555ffU, 0x50282878U, 0xa5dfdf7aU,
2521 0x038c8c8fU, 0x59a1a1f8U, 0x09898980U, 0x1a0d0d17U,
2522 0x65bfbfdaU, 0xd7e6e631U, 0x844242c6U, 0xd06868b8U,
2523 0x824141c3U, 0x299999b0U, 0x5a2d2d77U, 0x1e0f0f11U,
2524 0x7bb0b0cbU, 0xa85454fcU, 0x6dbbbbd6U, 0x2c16163aU,
2526 const u32 Td0[256] = {
2527 0x51f4a750U, 0x7e416553U, 0x1a17a4c3U, 0x3a275e96U,
2528 0x3bab6bcbU, 0x1f9d45f1U, 0xacfa58abU, 0x4be30393U,
2529 0x2030fa55U, 0xad766df6U, 0x88cc7691U, 0xf5024c25U,
2530 0x4fe5d7fcU, 0xc52acbd7U, 0x26354480U, 0xb562a38fU,
2531 0xdeb15a49U, 0x25ba1b67U, 0x45ea0e98U, 0x5dfec0e1U,
2532 0xc32f7502U, 0x814cf012U, 0x8d4697a3U, 0x6bd3f9c6U,
2533 0x038f5fe7U, 0x15929c95U, 0xbf6d7aebU, 0x955259daU,
2534 0xd4be832dU, 0x587421d3U, 0x49e06929U, 0x8ec9c844U,
2535 0x75c2896aU, 0xf48e7978U, 0x99583e6bU, 0x27b971ddU,
2536 0xbee14fb6U, 0xf088ad17U, 0xc920ac66U, 0x7dce3ab4U,
2537 0x63df4a18U, 0xe51a3182U, 0x97513360U, 0x62537f45U,
2538 0xb16477e0U, 0xbb6bae84U, 0xfe81a01cU, 0xf9082b94U,
2539 0x70486858U, 0x8f45fd19U, 0x94de6c87U, 0x527bf8b7U,
2540 0xab73d323U, 0x724b02e2U, 0xe31f8f57U, 0x6655ab2aU,
2541 0xb2eb2807U, 0x2fb5c203U, 0x86c57b9aU, 0xd33708a5U,
2542 0x302887f2U, 0x23bfa5b2U, 0x02036abaU, 0xed16825cU,
2543 0x8acf1c2bU, 0xa779b492U, 0xf307f2f0U, 0x4e69e2a1U,
2544 0x65daf4cdU, 0x0605bed5U, 0xd134621fU, 0xc4a6fe8aU,
2545 0x342e539dU, 0xa2f355a0U, 0x058ae132U, 0xa4f6eb75U,
2546 0x0b83ec39U, 0x4060efaaU, 0x5e719f06U, 0xbd6e1051U,
2547 0x3e218af9U, 0x96dd063dU, 0xdd3e05aeU, 0x4de6bd46U,
2548 0x91548db5U, 0x71c45d05U, 0x0406d46fU, 0x605015ffU,
2549 0x1998fb24U, 0xd6bde997U, 0x894043ccU, 0x67d99e77U,
2550 0xb0e842bdU, 0x07898b88U, 0xe7195b38U, 0x79c8eedbU,
2551 0xa17c0a47U, 0x7c420fe9U, 0xf8841ec9U, 0x00000000U,
2552 0x09808683U, 0x322bed48U, 0x1e1170acU, 0x6c5a724eU,
2553 0xfd0efffbU, 0x0f853856U, 0x3daed51eU, 0x362d3927U,
2554 0x0a0fd964U, 0x685ca621U, 0x9b5b54d1U, 0x24362e3aU,
2555 0x0c0a67b1U, 0x9357e70fU, 0xb4ee96d2U, 0x1b9b919eU,
2556 0x80c0c54fU, 0x61dc20a2U, 0x5a774b69U, 0x1c121a16U,
2557 0xe293ba0aU, 0xc0a02ae5U, 0x3c22e043U, 0x121b171dU,
2558 0x0e090d0bU, 0xf28bc7adU, 0x2db6a8b9U, 0x141ea9c8U,
2559 0x57f11985U, 0xaf75074cU, 0xee99ddbbU, 0xa37f60fdU,
2560 0xf701269fU, 0x5c72f5bcU, 0x44663bc5U, 0x5bfb7e34U,
2561 0x8b432976U, 0xcb23c6dcU, 0xb6edfc68U, 0xb8e4f163U,
2562 0xd731dccaU, 0x42638510U, 0x13972240U, 0x84c61120U,
2563 0x854a247dU, 0xd2bb3df8U, 0xaef93211U, 0xc729a16dU,
2564 0x1d9e2f4bU, 0xdcb230f3U, 0x0d8652ecU, 0x77c1e3d0U,
2565 0x2bb3166cU, 0xa970b999U, 0x119448faU, 0x47e96422U,
2566 0xa8fc8cc4U, 0xa0f03f1aU, 0x567d2cd8U, 0x223390efU,
2567 0x87494ec7U, 0xd938d1c1U, 0x8ccaa2feU, 0x98d40b36U,
2568 0xa6f581cfU, 0xa57ade28U, 0xdab78e26U, 0x3fadbfa4U,
2569 0x2c3a9de4U, 0x5078920dU, 0x6a5fcc9bU, 0x547e4662U,
2570 0xf68d13c2U, 0x90d8b8e8U, 0x2e39f75eU, 0x82c3aff5U,
2571 0x9f5d80beU, 0x69d0937cU, 0x6fd52da9U, 0xcf2512b3U,
2572 0xc8ac993bU, 0x10187da7U, 0xe89c636eU, 0xdb3bbb7bU,
2573 0xcd267809U, 0x6e5918f4U, 0xec9ab701U, 0x834f9aa8U,
2574 0xe6956e65U, 0xaaffe67eU, 0x21bccf08U, 0xef15e8e6U,
2575 0xbae79bd9U, 0x4a6f36ceU, 0xea9f09d4U, 0x29b07cd6U,
2576 0x31a4b2afU, 0x2a3f2331U, 0xc6a59430U, 0x35a266c0U,
2577 0x744ebc37U, 0xfc82caa6U, 0xe090d0b0U, 0x33a7d815U,
2578 0xf104984aU, 0x41ecdaf7U, 0x7fcd500eU, 0x1791f62fU,
2579 0x764dd68dU, 0x43efb04dU, 0xccaa4d54U, 0xe49604dfU,
2580 0x9ed1b5e3U, 0x4c6a881bU, 0xc12c1fb8U, 0x4665517fU,
2581 0x9d5eea04U, 0x018c355dU, 0xfa877473U, 0xfb0b412eU,
2582 0xb3671d5aU, 0x92dbd252U, 0xe9105633U, 0x6dd64713U,
2583 0x9ad7618cU, 0x37a10c7aU, 0x59f8148eU, 0xeb133c89U,
2584 0xcea927eeU, 0xb761c935U, 0xe11ce5edU, 0x7a47b13cU,
2585 0x9cd2df59U, 0x55f2733fU, 0x1814ce79U, 0x73c737bfU,
2586 0x53f7cdeaU, 0x5ffdaa5bU, 0xdf3d6f14U, 0x7844db86U,
2587 0xcaaff381U, 0xb968c43eU, 0x3824342cU, 0xc2a3405fU,
2588 0x161dc372U, 0xbce2250cU, 0x283c498bU, 0xff0d9541U,
2589 0x39a80171U, 0x080cb3deU, 0xd8b4e49cU, 0x6456c190U,
2590 0x7bcb8461U, 0xd532b670U, 0x486c5c74U, 0xd0b85742U,
2592 const u8 Td4s[256] = {
2593 0x52U, 0x09U, 0x6aU, 0xd5U, 0x30U, 0x36U, 0xa5U, 0x38U,
2594 0xbfU, 0x40U, 0xa3U, 0x9eU, 0x81U, 0xf3U, 0xd7U, 0xfbU,
2595 0x7cU, 0xe3U, 0x39U, 0x82U, 0x9bU, 0x2fU, 0xffU, 0x87U,
2596 0x34U, 0x8eU, 0x43U, 0x44U, 0xc4U, 0xdeU, 0xe9U, 0xcbU,
2597 0x54U, 0x7bU, 0x94U, 0x32U, 0xa6U, 0xc2U, 0x23U, 0x3dU,
2598 0xeeU, 0x4cU, 0x95U, 0x0bU, 0x42U, 0xfaU, 0xc3U, 0x4eU,
2599 0x08U, 0x2eU, 0xa1U, 0x66U, 0x28U, 0xd9U, 0x24U, 0xb2U,
2600 0x76U, 0x5bU, 0xa2U, 0x49U, 0x6dU, 0x8bU, 0xd1U, 0x25U,
2601 0x72U, 0xf8U, 0xf6U, 0x64U, 0x86U, 0x68U, 0x98U, 0x16U,
2602 0xd4U, 0xa4U, 0x5cU, 0xccU, 0x5dU, 0x65U, 0xb6U, 0x92U,
2603 0x6cU, 0x70U, 0x48U, 0x50U, 0xfdU, 0xedU, 0xb9U, 0xdaU,
2604 0x5eU, 0x15U, 0x46U, 0x57U, 0xa7U, 0x8dU, 0x9dU, 0x84U,
2605 0x90U, 0xd8U, 0xabU, 0x00U, 0x8cU, 0xbcU, 0xd3U, 0x0aU,
2606 0xf7U, 0xe4U, 0x58U, 0x05U, 0xb8U, 0xb3U, 0x45U, 0x06U,
2607 0xd0U, 0x2cU, 0x1eU, 0x8fU, 0xcaU, 0x3fU, 0x0fU, 0x02U,
2608 0xc1U, 0xafU, 0xbdU, 0x03U, 0x01U, 0x13U, 0x8aU, 0x6bU,
2609 0x3aU, 0x91U, 0x11U, 0x41U, 0x4fU, 0x67U, 0xdcU, 0xeaU,
2610 0x97U, 0xf2U, 0xcfU, 0xceU, 0xf0U, 0xb4U, 0xe6U, 0x73U,
2611 0x96U, 0xacU, 0x74U, 0x22U, 0xe7U, 0xadU, 0x35U, 0x85U,
2612 0xe2U, 0xf9U, 0x37U, 0xe8U, 0x1cU, 0x75U, 0xdfU, 0x6eU,
2613 0x47U, 0xf1U, 0x1aU, 0x71U, 0x1dU, 0x29U, 0xc5U, 0x89U,
2614 0x6fU, 0xb7U, 0x62U, 0x0eU, 0xaaU, 0x18U, 0xbeU, 0x1bU,
2615 0xfcU, 0x56U, 0x3eU, 0x4bU, 0xc6U, 0xd2U, 0x79U, 0x20U,
2616 0x9aU, 0xdbU, 0xc0U, 0xfeU, 0x78U, 0xcdU, 0x5aU, 0xf4U,
2617 0x1fU, 0xddU, 0xa8U, 0x33U, 0x88U, 0x07U, 0xc7U, 0x31U,
2618 0xb1U, 0x12U, 0x10U, 0x59U, 0x27U, 0x80U, 0xecU, 0x5fU,
2619 0x60U, 0x51U, 0x7fU, 0xa9U, 0x19U, 0xb5U, 0x4aU, 0x0dU,
2620 0x2dU, 0xe5U, 0x7aU, 0x9fU, 0x93U, 0xc9U, 0x9cU, 0xefU,
2621 0xa0U, 0xe0U, 0x3bU, 0x4dU, 0xaeU, 0x2aU, 0xf5U, 0xb0U,
2622 0xc8U, 0xebU, 0xbbU, 0x3cU, 0x83U, 0x53U, 0x99U, 0x61U,
2623 0x17U, 0x2bU, 0x04U, 0x7eU, 0xbaU, 0x77U, 0xd6U, 0x26U,
2624 0xe1U, 0x69U, 0x14U, 0x63U, 0x55U, 0x21U, 0x0cU, 0x7dU,
2626 const u8 rcons[] = {
2627 0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 0x40, 0x80, 0x1B, 0x36
2628 /* for 128-bit blocks, Rijndael never uses more than 10 rcon values */
2632 * Expand the cipher key into the encryption key schedule.
2634 * @return the number of rounds for the given cipher key size.
2636 #ifndef PLATFORM_FREEBSD /* Baron */
2637 static void rijndaelKeySetupEnc(u32 rk[/*44*/], const u8 cipherKey[])
2642 rk[0] = GETU32(cipherKey);
2643 rk[1] = GETU32(cipherKey + 4);
2644 rk[2] = GETU32(cipherKey + 8);
2645 rk[3] = GETU32(cipherKey + 12);
2646 for (i = 0; i < 10; i++) {
2649 TE421(temp) ^ TE432(temp) ^ TE443(temp) ^ TE414(temp) ^
2651 rk[5] = rk[1] ^ rk[4];
2652 rk[6] = rk[2] ^ rk[5];
2653 rk[7] = rk[3] ^ rk[6];
2658 static void rijndaelEncrypt(u32 rk[/*44*/], u8 pt[16], u8 ct[16])
2660 u32 s0, s1, s2, s3, t0, t1, t2, t3;
2664 #endif /* ?FULL_UNROLL */
2667 * map byte array block to cipher state
2668 * and add initial round key:
2670 s0 = GETU32(pt) ^ rk[0];
2671 s1 = GETU32(pt + 4) ^ rk[1];
2672 s2 = GETU32(pt + 8) ^ rk[2];
2673 s3 = GETU32(pt + 12) ^ rk[3];
2675 #define ROUND(i, d, s) do {\
2676 d##0 = TE0(s##0) ^ TE1(s##1) ^ TE2(s##2) ^ TE3(s##3) ^ rk[4 * i]; \
2677 d##1 = TE0(s##1) ^ TE1(s##2) ^ TE2(s##3) ^ TE3(s##0) ^ rk[4 * i + 1]; \
2678 d##2 = TE0(s##2) ^ TE1(s##3) ^ TE2(s##0) ^ TE3(s##1) ^ rk[4 * i + 2]; \
2679 d##3 = TE0(s##3) ^ TE1(s##0) ^ TE2(s##1) ^ TE3(s##2) ^ rk[4 * i + 3]; \
2696 #else /* !FULL_UNROLL */
2698 /* Nr - 1 full rounds: */
2708 #endif /* ?FULL_UNROLL */
2713 * apply last round and
2714 * map cipher state to byte array block:
2716 s0 = TE41(t0) ^ TE42(t1) ^ TE43(t2) ^ TE44(t3) ^ rk[0];
2718 s1 = TE41(t1) ^ TE42(t2) ^ TE43(t3) ^ TE44(t0) ^ rk[1];
2720 s2 = TE41(t2) ^ TE42(t3) ^ TE43(t0) ^ TE44(t1) ^ rk[2];
2722 s3 = TE41(t3) ^ TE42(t0) ^ TE43(t1) ^ TE44(t2) ^ rk[3];
2723 PUTU32(ct + 12, s3);
2726 static void *aes_encrypt_init(u8 *key, size_t len)
2731 rk = (u32 *)rtw_malloc(AES_PRIV_SIZE);
2734 rijndaelKeySetupEnc(rk, key);
2738 static void aes_128_encrypt(void *ctx, u8 *plain, u8 *crypt)
2740 rijndaelEncrypt(ctx, plain, crypt);
2744 static void gf_mulx(u8 *pad)
2748 carry = pad[0] & 0x80;
2749 for (i = 0; i < AES_BLOCK_SIZE - 1; i++)
2750 pad[i] = (pad[i] << 1) | (pad[i + 1] >> 7);
2751 pad[AES_BLOCK_SIZE - 1] <<= 1;
2753 pad[AES_BLOCK_SIZE - 1] ^= 0x87;
2756 static void aes_encrypt_deinit(void *ctx)
2758 _rtw_memset(ctx, 0, AES_PRIV_SIZE);
2759 rtw_mfree(ctx, AES_PRIV_SIZE);
2764 * omac1_aes_128_vector - One-Key CBC MAC (OMAC1) hash with AES-128
2765 * @key: 128-bit key for the hash operation
2766 * @num_elem: Number of elements in the data vector
2767 * @addr: Pointers to the data areas
2768 * @len: Lengths of the data blocks
2769 * @mac: Buffer for MAC (128 bits, i.e., 16 bytes)
2770 * Returns: 0 on success, -1 on failure
2772 * This is a mode for using block cipher (AES in this case) for authentication.
2773 * OMAC1 was standardized with the name CMAC by NIST in a Special Publication
2776 static int omac1_aes_128_vector(u8 *key, size_t num_elem,
2777 u8 *addr[], size_t *len, u8 *mac)
2780 u8 cbc[AES_BLOCK_SIZE], pad[AES_BLOCK_SIZE];
2782 size_t i, e, left, total_len;
2784 ctx = aes_encrypt_init(key, 16);
2787 _rtw_memset(cbc, 0, AES_BLOCK_SIZE);
2790 for (e = 0; e < num_elem; e++)
2791 total_len += len[e];
2798 while (left >= AES_BLOCK_SIZE) {
2799 for (i = 0; i < AES_BLOCK_SIZE; i++) {
2807 if (left > AES_BLOCK_SIZE)
2808 aes_128_encrypt(ctx, cbc, cbc);
2809 left -= AES_BLOCK_SIZE;
2812 _rtw_memset(pad, 0, AES_BLOCK_SIZE);
2813 aes_128_encrypt(ctx, pad, pad);
2816 if (left || total_len == 0) {
2817 for (i = 0; i < left; i++) {
2829 for (i = 0; i < AES_BLOCK_SIZE; i++)
2831 aes_128_encrypt(ctx, pad, mac);
2832 aes_encrypt_deinit(ctx);
2838 * omac1_aes_128 - One-Key CBC MAC (OMAC1) hash with AES-128 (aka AES-CMAC)
2839 * @key: 128-bit key for the hash operation
2840 * @data: Data buffer for which a MAC is determined
2841 * @data_len: Length of data buffer in bytes
2842 * @mac: Buffer for MAC (128 bits, i.e., 16 bytes)
2843 * Returns: 0 on success, -1 on failure
2845 * This is a mode for using block cipher (AES in this case) for authentication.
2846 * OMAC1 was standardized with the name CMAC by NIST in a Special Publication
2848 */ /* modify for CONFIG_IEEE80211W */
2849 int omac1_aes_128(u8 *key, u8 *data, size_t data_len, u8 *mac)
2851 return omac1_aes_128_vector(key, 1, &data, &data_len, mac);
2853 #endif /* PLATFORM_FREEBSD Baron */
2856 void wpa_tdls_generate_tpk(_adapter *padapter, PVOID sta)
2858 struct sta_info *psta = (struct sta_info *)sta;
2859 struct mlme_priv *pmlmepriv = &padapter->mlmepriv;
2860 u8 *SNonce = psta->SNonce;
2861 u8 *ANonce = psta->ANonce;
2863 u8 key_input[SHA256_MAC_LEN];
2866 u8 data[3 * ETH_ALEN];
2868 /* IEEE Std 802.11z-2010 8.5.9.1:
2869 * TPK-Key-Input = SHA-256(min(SNonce, ANonce) || max(SNonce, ANonce))
2873 if (os_memcmp(SNonce, ANonce, 32) < 0) {
2881 sha256_vector(2, nonce, len, key_input);
2884 * TPK-Key-Data = KDF-N_KEY(TPK-Key-Input, "TDLS PMK",
2885 * min(MAC_I, MAC_R) || max(MAC_I, MAC_R) || BSSID || N_KEY)
2886 * TODO: is N_KEY really included in KDF Context and if so, in which
2887 * presentation format (little endian 16-bit?) is it used? It gets
2888 * added by the KDF anyway..
2891 if (os_memcmp(adapter_mac_addr(padapter), psta->hwaddr, ETH_ALEN) < 0) {
2892 _rtw_memcpy(data, adapter_mac_addr(padapter), ETH_ALEN);
2893 _rtw_memcpy(data + ETH_ALEN, psta->hwaddr, ETH_ALEN);
2895 _rtw_memcpy(data, psta->hwaddr, ETH_ALEN);
2896 _rtw_memcpy(data + ETH_ALEN, adapter_mac_addr(padapter), ETH_ALEN);
2898 _rtw_memcpy(data + 2 * ETH_ALEN, get_bssid(pmlmepriv), ETH_ALEN);
2900 sha256_prf(key_input, SHA256_MAC_LEN, "TDLS PMK", data, sizeof(data), (u8 *) &psta->tpk, sizeof(psta->tpk));
2906 * wpa_tdls_ftie_mic - Calculate TDLS FTIE MIC
2908 * @lnkid: Pointer to the beginning of Link Identifier IE
2909 * @rsnie: Pointer to the beginning of RSN IE used for handshake
2910 * @timeoutie: Pointer to the beginning of Timeout IE used for handshake
2911 * @ftie: Pointer to the beginning of FT IE
2912 * @mic: Pointer for writing MIC
2914 * Calculate MIC for TDLS frame.
2916 int wpa_tdls_ftie_mic(u8 *kck, u8 trans_seq,
2917 u8 *lnkid, u8 *rsnie, u8 *timeoutie, u8 *ftie,
2921 struct wpa_tdls_ftie *_ftie;
2922 struct wpa_tdls_lnkid *_lnkid;
2924 int len = 2 * ETH_ALEN + 1 + 2 + lnkid[1] + 2 + rsnie[1] +
2925 2 + timeoutie[1] + 2 + ftie[1];
2926 buf = rtw_zmalloc(len);
2928 RTW_INFO("TDLS: No memory for MIC calculation\n");
2933 _lnkid = (struct wpa_tdls_lnkid *) lnkid;
2934 /* 1) TDLS initiator STA MAC address */
2935 _rtw_memcpy(pos, _lnkid->init_sta, ETH_ALEN);
2937 /* 2) TDLS responder STA MAC address */
2938 _rtw_memcpy(pos, _lnkid->resp_sta, ETH_ALEN);
2940 /* 3) Transaction Sequence number */
2942 /* 4) Link Identifier IE */
2943 _rtw_memcpy(pos, lnkid, 2 + lnkid[1]);
2944 pos += 2 + lnkid[1];
2946 _rtw_memcpy(pos, rsnie, 2 + rsnie[1]);
2947 pos += 2 + rsnie[1];
2948 /* 6) Timeout Interval IE */
2949 _rtw_memcpy(pos, timeoutie, 2 + timeoutie[1]);
2950 pos += 2 + timeoutie[1];
2951 /* 7) FTIE, with the MIC field of the FTIE set to 0 */
2952 _rtw_memcpy(pos, ftie, 2 + ftie[1]);
2953 _ftie = (struct wpa_tdls_ftie *) pos;
2954 _rtw_memset(_ftie->mic, 0, TDLS_MIC_LEN);
2957 ret = omac1_aes_128(kck, buf, pos - buf, mic);
2958 rtw_mfree(buf, len);
2964 * wpa_tdls_teardown_ftie_mic - Calculate TDLS TEARDOWN FTIE MIC
2966 * @lnkid: Pointer to the beginning of Link Identifier IE
2967 * @reason: Reason code of TDLS Teardown
2968 * @dialog_token: Dialog token that was used in the MIC calculation for TPK Handshake Message 3
2969 * @trans_seq: Transaction Sequence number (1 octet) which shall be set to the value 4
2970 * @ftie: Pointer to the beginning of FT IE
2971 * @mic: Pointer for writing MIC
2973 * Calculate MIC for TDLS TEARDOWN frame according to Section 10.22.5 in IEEE 802.11 - 2012.
2975 int wpa_tdls_teardown_ftie_mic(u8 *kck, u8 *lnkid, u16 reason,
2976 u8 dialog_token, u8 trans_seq, u8 *ftie, u8 *mic)
2979 struct wpa_tdls_ftie *_ftie;
2981 int len = 2 + lnkid[1] + 2 + 1 + 1 + 2 + ftie[1];
2983 buf = rtw_zmalloc(len);
2985 RTW_INFO("TDLS: No memory for MIC calculation\n");
2990 /* 1) Link Identifier IE */
2991 _rtw_memcpy(pos, lnkid, 2 + lnkid[1]);
2992 pos += 2 + lnkid[1];
2993 /* 2) Reason Code */
2994 _rtw_memcpy(pos, (u8 *)&reason, 2);
2996 /* 3) Dialog Token */
2997 *pos++ = dialog_token;
2998 /* 4) Transaction Sequence number */
3000 /* 5) FTIE, with the MIC field of the FTIE set to 0 */
3001 _rtw_memcpy(pos, ftie, 2 + ftie[1]);
3002 _ftie = (struct wpa_tdls_ftie *) pos;
3003 _rtw_memset(_ftie->mic, 0, TDLS_MIC_LEN);
3006 ret = omac1_aes_128(kck, buf, pos - buf, mic);
3007 rtw_mfree(buf, len);
3012 int tdls_verify_mic(u8 *kck, u8 trans_seq,
3013 u8 *lnkid, u8 *rsnie, u8 *timeoutie, u8 *ftie)
3019 u8 *rx_ftie, *tmp_ftie;
3021 if (lnkid == NULL || rsnie == NULL ||
3022 timeoutie == NULL || ftie == NULL)
3025 len = 2 * ETH_ALEN + 1 + 2 + 18 + 2 + *(rsnie + 1) + 2 + *(timeoutie + 1) + 2 + *(ftie + 1);
3027 buf = rtw_zmalloc(len);
3032 /* 1) TDLS initiator STA MAC address */
3033 _rtw_memcpy(pos, lnkid + ETH_ALEN + 2, ETH_ALEN);
3035 /* 2) TDLS responder STA MAC address */
3036 _rtw_memcpy(pos, lnkid + 2 * ETH_ALEN + 2, ETH_ALEN);
3038 /* 3) Transaction Sequence number */
3040 /* 4) Link Identifier IE */
3041 _rtw_memcpy(pos, lnkid, 2 + 18);
3044 _rtw_memcpy(pos, rsnie, 2 + *(rsnie + 1));
3045 pos += 2 + *(rsnie + 1);
3046 /* 6) Timeout Interval IE */
3047 _rtw_memcpy(pos, timeoutie, 2 + *(timeoutie + 1));
3048 pos += 2 + *(timeoutie + 1);
3049 /* 7) FTIE, with the MIC field of the FTIE set to 0 */
3050 _rtw_memcpy(pos, ftie, 2 + *(ftie + 1));
3052 tmp_ftie = (u8 *)(pos + 2);
3053 _rtw_memset(tmp_ftie, 0, 16);
3056 ret = omac1_aes_128(kck, buf, pos - buf, mic);
3057 rtw_mfree(buf, len);
3062 if (os_memcmp(mic, rx_ftie, 16) == 0) {
3068 RTW_INFO("[%s] Invalid MIC\n", __FUNCTION__);
3072 #endif /* CONFIG_TDLS */
3074 void rtw_use_tkipkey_handler(RTW_TIMER_HDL_ARGS)
3076 _adapter *padapter = (_adapter *)FunctionContext;
3081 if (RTW_CANNOT_RUN(padapter)) {
3087 padapter->securitypriv.busetkipkey = _TRUE;
3093 /* Restore HW wep key setting according to key_mask */
3094 void rtw_sec_restore_wep_key(_adapter *adapter)
3096 struct security_priv *securitypriv = &(adapter->securitypriv);
3099 if ((_WEP40_ == securitypriv->dot11PrivacyAlgrthm) || (_WEP104_ == securitypriv->dot11PrivacyAlgrthm)) {
3100 for (keyid = 0; keyid < 4; keyid++) {
3101 if (securitypriv->key_mask & BIT(keyid)) {
3102 if (keyid == securitypriv->dot11PrivacyKeyIndex)
3103 rtw_set_key(adapter, securitypriv, keyid, 1, _FALSE);
3105 rtw_set_key(adapter, securitypriv, keyid, 0, _FALSE);
3111 u8 rtw_handle_tkip_countermeasure(_adapter *adapter, const char *caller)
3113 struct security_priv *securitypriv = &(adapter->securitypriv);
3114 u8 status = _SUCCESS;
3116 if (securitypriv->btkip_countermeasure == _TRUE) {
3117 u32 passing_ms = rtw_get_passing_time_ms(securitypriv->btkip_countermeasure_time);
3118 if (passing_ms > 60 * 1000) {
3119 RTW_PRINT("%s("ADPT_FMT") countermeasure time:%ds > 60s\n",
3120 caller, ADPT_ARG(adapter), passing_ms / 1000);
3121 securitypriv->btkip_countermeasure = _FALSE;
3122 securitypriv->btkip_countermeasure_time = 0;
3124 RTW_PRINT("%s("ADPT_FMT") countermeasure time:%ds < 60s\n",
3125 caller, ADPT_ARG(adapter), passing_ms / 1000);
3133 #ifdef CONFIG_WOWLAN
3134 u16 rtw_cal_crc16(u8 data, u16 crc)
3136 u8 shift_in, data_bit;
3137 u8 crc_bit4, crc_bit11, crc_bit15;
3141 for (index = 0; index < 8; index++) {
3142 crc_bit15 = ((crc & BIT15) ? 1 : 0);
3143 data_bit = (data & (BIT0 << index) ? 1 : 0);
3144 shift_in = crc_bit15 ^ data_bit;
3145 /*printf("crc_bit15=%d, DataBit=%d, shift_in=%d\n",
3146 * crc_bit15, data_bit, shift_in);*/
3148 crc_result = crc << 1;
3151 crc_result &= (~BIT0);
3154 /*printf("CRC =%x\n",CRC_Result);*/
3156 crc_bit11 = ((crc & BIT11) ? 1 : 0) ^ shift_in;
3159 crc_result &= (~BIT12);
3161 crc_result |= BIT12;
3163 /*printf("bit12 CRC =%x\n",CRC_Result);*/
3165 crc_bit4 = ((crc & BIT4) ? 1 : 0) ^ shift_in;
3168 crc_result &= (~BIT5);
3172 /* printf("bit5 CRC =%x\n",CRC_Result); */
3173 /* repeat using the last result*/
3180 * function name :rtw_calc_crc
3182 * input: char* pattern , pattern size
3185 u16 rtw_calc_crc(u8 *pdata, int length)
3190 for (i = 0; i < length; i++)
3191 crc = rtw_cal_crc16(pdata[i], crc);
3192 /* get 1' complement */
3197 #endif /*CONFIG_WOWLAN*/