drivers/staging/rtl8188eu/include/rtw_security.h

   1 /******************************************************************************
   2  *
   3  * Copyright(c) 2007 - 2011 Realtek Corporation. All rights reserved.
   4  *
   5  * This program is free software; you can redistribute it and/or modify it
   6  * under the terms of version 2 of the GNU General Public License as
   7  * published by the Free Software Foundation.
   8  *
   9  * This program is distributed in the hope that it will be useful, but WITHOUT
  10  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  11  * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
  12  * more details.
  13  *
  14  ******************************************************************************/
  15 #ifndef __RTW_SECURITY_H_
  16 #define __RTW_SECURITY_H_
  17
  18 #include <osdep_service.h>
  19 #include <drv_types.h>
  20
  21 #define _NO_PRIVACY_                    0x0
  22 #define _WEP40_                         0x1
  23 #define _TKIP_                          0x2
  24 #define _TKIP_WTMIC_                    0x3
  25 #define _AES_                           0x4
  26 #define _WEP104_                        0x5
  27 #define _WEP_WPA_MIXED_                 0x07  /*  WEP + WPA */
  28 #define _SMS4_                          0x06
  29
  30 #define is_wep_enc(alg) (((alg) == _WEP40_) || ((alg) == _WEP104_))
  31
  32 #define _WPA_IE_ID_     0xdd
  33 #define _WPA2_IE_ID_    0x30
  34
  35 #define SHA256_MAC_LEN 32
  36 #define AES_BLOCK_SIZE 16
  37 #define AES_PRIV_SIZE (4 * 44)
  38
  39 enum {
  40         ENCRYP_PROTOCOL_OPENSYS,   /* open system */
  41         ENCRYP_PROTOCOL_WEP,       /* WEP */
  42         ENCRYP_PROTOCOL_WPA,       /* WPA */
  43         ENCRYP_PROTOCOL_WPA2,      /* WPA2 */
  44         ENCRYP_PROTOCOL_WAPI,      /* WAPI: Not support in this version */
  45         ENCRYP_PROTOCOL_MAX
  46 };
  47
  48
  49 #ifndef Ndis802_11AuthModeWPA2
  50 #define Ndis802_11AuthModeWPA2 (Ndis802_11AuthModeWPANone + 1)
  51 #endif
  52
  53 #ifndef Ndis802_11AuthModeWPA2PSK
  54 #define Ndis802_11AuthModeWPA2PSK (Ndis802_11AuthModeWPANone + 2)
  55 #endif
  56
  57 union pn48      {
  58         u64     val;
  59
  60 #ifdef __LITTLE_ENDIAN
  61         struct {
  62                 u8 TSC0;
  63                 u8 TSC1;
  64                 u8 TSC2;
  65                 u8 TSC3;
  66                 u8 TSC4;
  67                 u8 TSC5;
  68                 u8 TSC6;
  69                 u8 TSC7;
  70         } _byte_;
  71
  72 #elif defined(__BIG_ENDIAN)
  73
  74         struct {
  75                 u8 TSC7;
  76                 u8 TSC6;
  77                 u8 TSC5;
  78                 u8 TSC4;
  79                 u8 TSC3;
  80                 u8 TSC2;
  81                 u8 TSC1;
  82                 u8 TSC0;
  83         } _byte_;
  84 #endif
  85 };
  86
  87 union Keytype {
  88         u8   skey[16];
  89         u32    lkey[4];
  90 };
  91
  92 struct rt_pmkid_list {
  93         u8      bUsed;
  94         u8      Bssid[6];
  95         u8      PMKID[16];
  96         u8      SsidBuf[33];
  97         u8      *ssid_octet;
  98         u16     ssid_length;
  99 };
 100
 101 struct security_priv {
 102         u32       dot11AuthAlgrthm;     /*  802.11 auth, could be open,
 103                                          * shared, 8021x and authswitch */
 104         u32       dot11PrivacyAlgrthm;  /*  This specify the privacy for
 105                                          * shared auth. algorithm. */
 106         /* WEP */
 107         u32       dot11PrivacyKeyIndex; /*  this is only valid for legendary
 108                                          * wep, 0~3 for key id.(tx key index) */
 109         union Keytype dot11DefKey[4];   /*  this is only valid for def. key */
 110         u32     dot11DefKeylen[4];
 111         u32 dot118021XGrpPrivacy;       /*  This specify the privacy algthm.
 112                                          * used for Grp key */
 113         u32     dot118021XGrpKeyid;     /*  key id used for Grp Key
 114                                          * ( tx key index) */
 115         union Keytype   dot118021XGrpKey[4];    /*  802.1x Group Key,
 116                                                  * for inx0 and inx1 */
 117         union Keytype   dot118021XGrptxmickey[4];
 118         union Keytype   dot118021XGrprxmickey[4];
 119         union pn48      dot11Grptxpn;           /* PN48 used for Grp Key xmit.*/
 120         union pn48      dot11Grprxpn;           /* PN48 used for Grp Key recv.*/
 121 #ifdef CONFIG_88EU_AP_MODE
 122         /* extend security capabilities for AP_MODE */
 123         unsigned int dot8021xalg;/* 0:disable, 1:psk, 2:802.1x */
 124         unsigned int wpa_psk;/* 0:disable, bit(0): WPA, bit(1):WPA2 */
 125         unsigned int wpa_group_cipher;
 126         unsigned int wpa2_group_cipher;
 127         unsigned int wpa_pairwise_cipher;
 128         unsigned int wpa2_pairwise_cipher;
 129 #endif
 130         u8 wps_ie[MAX_WPS_IE_LEN];/* added in assoc req */
 131         int wps_ie_len;
 132         u8      binstallGrpkey;
 133         u8      busetkipkey;
 134         u8      bcheck_grpkey;
 135         u8      bgrpkey_handshake;
 136         s32     sw_encrypt;/* from registry_priv */
 137         s32     sw_decrypt;/* from registry_priv */
 138         s32     hw_decrypted;/* if the rx packets is hw_decrypted==false,i
 139                               * it means the hw has not been ready. */
 140
 141         /* keeps the auth_type & enc_status from upper layer
 142          * ioctl(wpa_supplicant or wzc) */
 143         u32 ndisauthtype;       /*  NDIS_802_11_AUTHENTICATION_MODE */
 144         u32 ndisencryptstatus;  /*  NDIS_802_11_ENCRYPTION_STATUS */
 145         struct wlan_bssid_ex sec_bss;  /* for joinbss (h2c buffer) usage */
 146         struct ndis_802_11_wep ndiswep;
 147         u8 assoc_info[600];
 148         u8 szofcapability[256]; /* for wpa2 usage */
 149         u8 oidassociation[512]; /* for wpa/wpa2 usage */
 150         u8 authenticator_ie[256];  /* store ap security information element */
 151         u8 supplicant_ie[256];  /* store sta security information element */
 152
 153         /* for tkip countermeasure */
 154         u32 last_mic_err_time;
 155         u8      btkip_countermeasure;
 156         u8      btkip_wait_report;
 157         u32 btkip_countermeasure_time;
 158
 159         /*  */
 160         /*  For WPA2 Pre-Authentication. */
 161         /*  */
 162         struct rt_pmkid_list PMKIDList[NUM_PMKID_CACHE];
 163         u8      PMKIDIndex;
 164         u8 bWepDefaultKeyIdxSet;
 165 };
 166
 167 #define GET_ENCRY_ALGO(psecuritypriv, psta, encry_algo, bmcst)          \
 168 do {                                                                    \
 169         switch (psecuritypriv->dot11AuthAlgrthm) {                      \
 170         case dot11AuthAlgrthm_Open:                                     \
 171         case dot11AuthAlgrthm_Shared:                                   \
 172         case dot11AuthAlgrthm_Auto:                                     \
 173                 encry_algo = (u8)psecuritypriv->dot11PrivacyAlgrthm;    \
 174                 break;                                                  \
 175         case dot11AuthAlgrthm_8021X:                                    \
 176                 if (bmcst)                                              \
 177                         encry_algo = (u8)psecuritypriv->dot118021XGrpPrivacy;\
 178                 else                                                    \
 179                         encry_algo = (u8)psta->dot118021XPrivacy;       \
 180                 break;                                                  \
 181         case dot11AuthAlgrthm_WAPI:                                     \
 182                 encry_algo = (u8)psecuritypriv->dot11PrivacyAlgrthm;    \
 183                 break;                                                  \
 184         }                                                               \
 185 } while (0)
 186
 187 #define SET_ICE_IV_LEN(iv_len, icv_len, encrypt)                        \
 188 do {                                                                    \
 189         switch (encrypt) {                                              \
 190         case _WEP40_:                                                   \
 191         case _WEP104_:                                                  \
 192                 iv_len = 4;                                             \
 193                 icv_len = 4;                                            \
 194                 break;                                                  \
 195         case _TKIP_:                                                    \
 196                 iv_len = 8;                                             \
 197                 icv_len = 4;                                            \
 198                 break;                                                  \
 199         case _AES_:                                                     \
 200                 iv_len = 8;                                             \
 201                 icv_len = 8;                                            \
 202                 break;                                                  \
 203         case _SMS4_:                                                    \
 204                 iv_len = 18;                                            \
 205                 icv_len = 16;                                           \
 206                 break;                                                  \
 207         default:                                                        \
 208                 iv_len = 0;                                             \
 209                 icv_len = 0;                                            \
 210                 break;                                                  \
 211         }                                                               \
 212 } while (0)
 213
 214
 215 #define GET_TKIP_PN(iv, dot11txpn)                                      \
 216 do {                                                                    \
 217         dot11txpn._byte_.TSC0 = iv[2];                                  \
 218         dot11txpn._byte_.TSC1 = iv[0];                                  \
 219         dot11txpn._byte_.TSC2 = iv[4];                                  \
 220         dot11txpn._byte_.TSC3 = iv[5];                                  \
 221         dot11txpn._byte_.TSC4 = iv[6];                                  \
 222         dot11txpn._byte_.TSC5 = iv[7];                                  \
 223 } while (0)
 224
 225
 226 #define ROL32(A, n)     (((A) << (n)) | (((A)>>(32-(n)))  & ((1UL << (n)) - 1)))
 227 #define ROR32(A, n)     ROL32((A), 32-(n))
 228
 229 struct mic_data {
 230         u32  K0, K1;         /*  Key */
 231         u32  L, R;           /*  Current state */
 232         u32  M;              /*  Message accumulator (single word) */
 233         u32  nBytesInM;      /*  # bytes in M */
 234 };
 235
 236 extern const u32 Te0[256];
 237 extern const u32 Td0[256];
 238 extern const u32 Td1[256];
 239 extern const u32 Td2[256];
 240 extern const u32 Td3[256];
 241 extern const u32 Td4[256];
 242 extern const u32 rcon[10];
 243 extern const u8 Td4s[256];
 244 extern const u8 rcons[10];
 245
 246 #define RCON(i) (rcons[(i)] << 24)
 247
 248 static inline u32 rotr(u32 val, int bits)
 249 {
 250         return (val >> bits) | (val << (32 - bits));
 251 }
 252
 253 #define TE0(i) Te0[((i) >> 24) & 0xff]
 254 #define TE1(i) rotr(Te0[((i) >> 16) & 0xff], 8)
 255 #define TE2(i) rotr(Te0[((i) >> 8) & 0xff], 16)
 256 #define TE3(i) rotr(Te0[(i) & 0xff], 24)
 257
 258 #define GETU32(pt) (((u32)(pt)[0] << 24) ^ ((u32)(pt)[1] << 16) ^ \
 259                         ((u32)(pt)[2] <<  8) ^ ((u32)(pt)[3]))
 260
 261 #define PUTU32(ct, st) { \
 262 (ct)[0] = (u8)((st) >> 24); (ct)[1] = (u8)((st) >> 16); \
 263 (ct)[2] = (u8)((st) >>  8); (ct)[3] = (u8)(st); }
 264
 265 #define WPA_GET_BE32(a) ((((u32)(a)[0]) << 24) | (((u32)(a)[1]) << 16) | \
 266                          (((u32)(a)[2]) << 8) | ((u32)(a)[3]))
 267
 268 #define WPA_PUT_LE16(a, val)                    \
 269         do {                                    \
 270                 (a)[1] = ((u16)(val)) >> 8;     \
 271                 (a)[0] = ((u16)(val)) & 0xff;   \
 272         } while (0)
 273
 274 #define WPA_PUT_BE32(a, val)                                    \
 275         do {                                                    \
 276                 (a)[0] = (u8)((((u32)(val)) >> 24) & 0xff);     \
 277                 (a)[1] = (u8)((((u32)(val)) >> 16) & 0xff);     \
 278                 (a)[2] = (u8)((((u32)(val)) >> 8) & 0xff);      \
 279                 (a)[3] = (u8)(((u32)(val)) & 0xff);             \
 280         } while (0)
 281
 282 #define WPA_PUT_BE64(a, val)                            \
 283         do {                                            \
 284                 (a)[0] = (u8)(((u64)(val)) >> 56);      \
 285                 (a)[1] = (u8)(((u64)(val)) >> 48);      \
 286                 (a)[2] = (u8)(((u64)(val)) >> 40);      \
 287                 (a)[3] = (u8)(((u64)(val)) >> 32);      \
 288                 (a)[4] = (u8)(((u64)(val)) >> 24);      \
 289                 (a)[5] = (u8)(((u64)(val)) >> 16);      \
 290                 (a)[6] = (u8)(((u64)(val)) >> 8);       \
 291                 (a)[7] = (u8)(((u64)(val)) & 0xff);     \
 292         } while (0)
 293
 294 /* ===== start - public domain SHA256 implementation ===== */
 295
 296 /* This is based on SHA256 implementation in LibTomCrypt that was released into
 297  * public domain by Tom St Denis. */
 298
 299 /* the K array */
 300 static const unsigned long K[64] = {
 301         0x428a2f98UL, 0x71374491UL, 0xb5c0fbcfUL, 0xe9b5dba5UL, 0x3956c25bUL,
 302         0x59f111f1UL, 0x923f82a4UL, 0xab1c5ed5UL, 0xd807aa98UL, 0x12835b01UL,
 303         0x243185beUL, 0x550c7dc3UL, 0x72be5d74UL, 0x80deb1feUL, 0x9bdc06a7UL,
 304         0xc19bf174UL, 0xe49b69c1UL, 0xefbe4786UL, 0x0fc19dc6UL, 0x240ca1ccUL,
 305         0x2de92c6fUL, 0x4a7484aaUL, 0x5cb0a9dcUL, 0x76f988daUL, 0x983e5152UL,
 306         0xa831c66dUL, 0xb00327c8UL, 0xbf597fc7UL, 0xc6e00bf3UL, 0xd5a79147UL,
 307         0x06ca6351UL, 0x14292967UL, 0x27b70a85UL, 0x2e1b2138UL, 0x4d2c6dfcUL,
 308         0x53380d13UL, 0x650a7354UL, 0x766a0abbUL, 0x81c2c92eUL, 0x92722c85UL,
 309         0xa2bfe8a1UL, 0xa81a664bUL, 0xc24b8b70UL, 0xc76c51a3UL, 0xd192e819UL,
 310         0xd6990624UL, 0xf40e3585UL, 0x106aa070UL, 0x19a4c116UL, 0x1e376c08UL,
 311         0x2748774cUL, 0x34b0bcb5UL, 0x391c0cb3UL, 0x4ed8aa4aUL, 0x5b9cca4fUL,
 312         0x682e6ff3UL, 0x748f82eeUL, 0x78a5636fUL, 0x84c87814UL, 0x8cc70208UL,
 313         0x90befffaUL, 0xa4506cebUL, 0xbef9a3f7UL, 0xc67178f2UL
 314 };
 315
 316 /* Various logical functions */
 317 #define RORc(x, y) \
 318         (((((unsigned long)(x) & 0xFFFFFFFFUL) >> (unsigned long)((y)&31)) | \
 319          ((unsigned long)(x) << (unsigned long)(32-((y)&31)))) & 0xFFFFFFFFUL)
 320 #define Ch(x, y, z)       (z ^ (x & (y ^ z)))
 321 #define Maj(x, y, z)      (((x | y) & z) | (x & y))
 322 #define S(x, n)         RORc((x), (n))
 323 #define R(x, n)         (((x)&0xFFFFFFFFUL)>>(n))
 324 #define Sigma0(x)       (S(x, 2) ^ S(x, 13) ^ S(x, 22))
 325 #define Sigma1(x)       (S(x, 6) ^ S(x, 11) ^ S(x, 25))
 326 #define Gamma0(x)       (S(x, 7) ^ S(x, 18) ^ R(x, 3))
 327 #define Gamma1(x)       (S(x, 17) ^ S(x, 19) ^ R(x, 10))
 328
 329 void rtw_secmicsetkey(struct mic_data *pmicdata, u8 *key);
 330 void rtw_secmicappendbyte(struct mic_data *pmicdata, u8 b);
 331 void rtw_secmicappend(struct mic_data *pmicdata, u8 *src, u32 nBytes);
 332 void rtw_secgetmic(struct mic_data *pmicdata, u8 *dst);
 333 void rtw_seccalctkipmic(u8 *key, u8 *header, u8 *data, u32 data_len,
 334                         u8 *Miccode, u8   priority);
 335 u32 rtw_aes_encrypt(struct adapter *padapter, u8 *pxmitframe);
 336 u32 rtw_tkip_encrypt(struct adapter *padapter, u8 *pxmitframe);
 337 void rtw_wep_encrypt(struct adapter *padapter, u8  *pxmitframe);
 338 u32 rtw_aes_decrypt(struct adapter *padapter, u8  *precvframe);
 339 u32 rtw_tkip_decrypt(struct adapter *padapter, u8  *precvframe);
 340 void rtw_wep_decrypt(struct adapter *padapter, u8  *precvframe);
 341
 342 #endif  /* __RTL871X_SECURITY_H_ */