kernel/drivers/staging/rtl8188eu/include/rtw_security.h

   1 /******************************************************************************
   2  *
   3  * Copyright(c) 2007 - 2011 Realtek Corporation. All rights reserved.
   4  *
   5  * This program is free software; you can redistribute it and/or modify it
   6  * under the terms of version 2 of the GNU General Public License as
   7  * published by the Free Software Foundation.
   8  *
   9  * This program is distributed in the hope that it will be useful, but WITHOUT
  10  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  11  * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
  12  * more details.
  13  *
  14  * You should have received a copy of the GNU General Public License along with
  15  * this program; if not, write to the Free Software Foundation, Inc.,
  16  * 51 Franklin Street, Fifth Floor, Boston, MA 02110, USA
  17  *
  18  *
  19  ******************************************************************************/
  20 #ifndef __RTW_SECURITY_H_
  21 #define __RTW_SECURITY_H_
  22
  23 #include <osdep_service.h>
  24 #include <drv_types.h>
  25
  26 #define _NO_PRIVACY_                    0x0
  27 #define _WEP40_                         0x1
  28 #define _TKIP_                          0x2
  29 #define _TKIP_WTMIC_                    0x3
  30 #define _AES_                           0x4
  31 #define _WEP104_                        0x5
  32 #define _WEP_WPA_MIXED_                 0x07  /*  WEP + WPA */
  33 #define _SMS4_                          0x06
  34
  35 #define is_wep_enc(alg) (((alg) == _WEP40_) || ((alg) == _WEP104_))
  36
  37 #define _WPA_IE_ID_     0xdd
  38 #define _WPA2_IE_ID_    0x30
  39
  40 #define SHA256_MAC_LEN 32
  41 #define AES_BLOCK_SIZE 16
  42 #define AES_PRIV_SIZE (4 * 44)
  43
  44 enum {
  45         ENCRYP_PROTOCOL_OPENSYS,   /* open system */
  46         ENCRYP_PROTOCOL_WEP,       /* WEP */
  47         ENCRYP_PROTOCOL_WPA,       /* WPA */
  48         ENCRYP_PROTOCOL_WPA2,      /* WPA2 */
  49         ENCRYP_PROTOCOL_WAPI,      /* WAPI: Not support in this version */
  50         ENCRYP_PROTOCOL_MAX
  51 };
  52
  53
  54 #ifndef Ndis802_11AuthModeWPA2
  55 #define Ndis802_11AuthModeWPA2 (Ndis802_11AuthModeWPANone + 1)
  56 #endif
  57
  58 #ifndef Ndis802_11AuthModeWPA2PSK
  59 #define Ndis802_11AuthModeWPA2PSK (Ndis802_11AuthModeWPANone + 2)
  60 #endif
  61
  62 union pn48      {
  63         u64     val;
  64
  65 #ifdef __LITTLE_ENDIAN
  66         struct {
  67                 u8 TSC0;
  68                 u8 TSC1;
  69                 u8 TSC2;
  70                 u8 TSC3;
  71                 u8 TSC4;
  72                 u8 TSC5;
  73                 u8 TSC6;
  74                 u8 TSC7;
  75         } _byte_;
  76
  77 #elif defined(__BIG_ENDIAN)
  78
  79         struct {
  80                 u8 TSC7;
  81                 u8 TSC6;
  82                 u8 TSC5;
  83                 u8 TSC4;
  84                 u8 TSC3;
  85                 u8 TSC2;
  86                 u8 TSC1;
  87                 u8 TSC0;
  88         } _byte_;
  89 #endif
  90 };
  91
  92 union Keytype {
  93         u8   skey[16];
  94         u32    lkey[4];
  95 };
  96
  97 struct rt_pmkid_list {
  98         u8      bUsed;
  99         u8      Bssid[6];
 100         u8      PMKID[16];
 101         u8      SsidBuf[33];
 102         u8      *ssid_octet;
 103         u16     ssid_length;
 104 };
 105
 106 struct security_priv {
 107         u32       dot11AuthAlgrthm;     /*  802.11 auth, could be open,
 108                                          * shared, 8021x and authswitch */
 109         u32       dot11PrivacyAlgrthm;  /*  This specify the privacy for
 110                                          * shared auth. algorithm. */
 111         /* WEP */
 112         u32       dot11PrivacyKeyIndex; /*  this is only valid for legendary
 113                                          * wep, 0~3 for key id.(tx key index) */
 114         union Keytype dot11DefKey[4];   /*  this is only valid for def. key */
 115         u32     dot11DefKeylen[4];
 116         u32 dot118021XGrpPrivacy;       /*  This specify the privacy algthm.
 117                                          * used for Grp key */
 118         u32     dot118021XGrpKeyid;     /*  key id used for Grp Key
 119                                          * ( tx key index) */
 120         union Keytype   dot118021XGrpKey[4];    /*  802.1x Group Key,
 121                                                  * for inx0 and inx1 */
 122         union Keytype   dot118021XGrptxmickey[4];
 123         union Keytype   dot118021XGrprxmickey[4];
 124         union pn48      dot11Grptxpn;           /* PN48 used for Grp Key xmit.*/
 125         union pn48      dot11Grprxpn;           /* PN48 used for Grp Key recv.*/
 126 #ifdef CONFIG_88EU_AP_MODE
 127         /* extend security capabilities for AP_MODE */
 128         unsigned int dot8021xalg;/* 0:disable, 1:psk, 2:802.1x */
 129         unsigned int wpa_psk;/* 0:disable, bit(0): WPA, bit(1):WPA2 */
 130         unsigned int wpa_group_cipher;
 131         unsigned int wpa2_group_cipher;
 132         unsigned int wpa_pairwise_cipher;
 133         unsigned int wpa2_pairwise_cipher;
 134 #endif
 135         u8 wps_ie[MAX_WPS_IE_LEN];/* added in assoc req */
 136         int wps_ie_len;
 137         u8      binstallGrpkey;
 138         u8      busetkipkey;
 139         u8      bcheck_grpkey;
 140         u8      bgrpkey_handshake;
 141         s32     sw_encrypt;/* from registry_priv */
 142         s32     sw_decrypt;/* from registry_priv */
 143         s32     hw_decrypted;/* if the rx packets is hw_decrypted==false,i
 144                               * it means the hw has not been ready. */
 145
 146         /* keeps the auth_type & enc_status from upper layer
 147          * ioctl(wpa_supplicant or wzc) */
 148         u32 ndisauthtype;       /*  NDIS_802_11_AUTHENTICATION_MODE */
 149         u32 ndisencryptstatus;  /*  NDIS_802_11_ENCRYPTION_STATUS */
 150         struct wlan_bssid_ex sec_bss;  /* for joinbss (h2c buffer) usage */
 151         struct ndis_802_11_wep ndiswep;
 152         u8 assoc_info[600];
 153         u8 szofcapability[256]; /* for wpa2 usage */
 154         u8 oidassociation[512]; /* for wpa/wpa2 usage */
 155         u8 authenticator_ie[256];  /* store ap security information element */
 156         u8 supplicant_ie[256];  /* store sta security information element */
 157
 158         /* for tkip countermeasure */
 159         u32 last_mic_err_time;
 160         u8      btkip_countermeasure;
 161         u8      btkip_wait_report;
 162         u32 btkip_countermeasure_time;
 163
 164         /*  */
 165         /*  For WPA2 Pre-Authentication. */
 166         /*  */
 167         struct rt_pmkid_list PMKIDList[NUM_PMKID_CACHE];
 168         u8      PMKIDIndex;
 169         u8 bWepDefaultKeyIdxSet;
 170 };
 171
 172 struct sha256_state {
 173         u64 length;
 174         u32 state[8], curlen;
 175         u8 buf[64];
 176 };
 177
 178 #define GET_ENCRY_ALGO(psecuritypriv, psta, encry_algo, bmcst)          \
 179 do {                                                                    \
 180         switch (psecuritypriv->dot11AuthAlgrthm) {                      \
 181         case dot11AuthAlgrthm_Open:                                     \
 182         case dot11AuthAlgrthm_Shared:                                   \
 183         case dot11AuthAlgrthm_Auto:                                     \
 184                 encry_algo = (u8)psecuritypriv->dot11PrivacyAlgrthm;    \
 185                 break;                                                  \
 186         case dot11AuthAlgrthm_8021X:                                    \
 187                 if (bmcst)                                              \
 188                         encry_algo = (u8)psecuritypriv->dot118021XGrpPrivacy;\
 189                 else                                                    \
 190                         encry_algo = (u8)psta->dot118021XPrivacy;       \
 191                 break;                                                  \
 192         case dot11AuthAlgrthm_WAPI:                                     \
 193                 encry_algo = (u8)psecuritypriv->dot11PrivacyAlgrthm;    \
 194                 break;                                                  \
 195         }                                                               \
 196 } while (0)
 197
 198 #define SET_ICE_IV_LEN(iv_len, icv_len, encrypt)                        \
 199 do {                                                                    \
 200         switch (encrypt) {                                              \
 201         case _WEP40_:                                                   \
 202         case _WEP104_:                                                  \
 203                 iv_len = 4;                                             \
 204                 icv_len = 4;                                            \
 205                 break;                                                  \
 206         case _TKIP_:                                                    \
 207                 iv_len = 8;                                             \
 208                 icv_len = 4;                                            \
 209                 break;                                                  \
 210         case _AES_:                                                     \
 211                 iv_len = 8;                                             \
 212                 icv_len = 8;                                            \
 213                 break;                                                  \
 214         case _SMS4_:                                                    \
 215                 iv_len = 18;                                            \
 216                 icv_len = 16;                                           \
 217                 break;                                                  \
 218         default:                                                        \
 219                 iv_len = 0;                                             \
 220                 icv_len = 0;                                            \
 221                 break;                                                  \
 222         }                                                               \
 223 } while (0)
 224
 225
 226 #define GET_TKIP_PN(iv, dot11txpn)                                      \
 227 do {                                                                    \
 228         dot11txpn._byte_.TSC0 = iv[2];                                  \
 229         dot11txpn._byte_.TSC1 = iv[0];                                  \
 230         dot11txpn._byte_.TSC2 = iv[4];                                  \
 231         dot11txpn._byte_.TSC3 = iv[5];                                  \
 232         dot11txpn._byte_.TSC4 = iv[6];                                  \
 233         dot11txpn._byte_.TSC5 = iv[7];                                  \
 234 } while (0)
 235
 236
 237 #define ROL32(A, n)     (((A) << (n)) | (((A)>>(32-(n)))  & ((1UL << (n)) - 1)))
 238 #define ROR32(A, n)     ROL32((A), 32-(n))
 239
 240 struct mic_data {
 241         u32  K0, K1;         /*  Key */
 242         u32  L, R;           /*  Current state */
 243         u32  M;              /*  Message accumulator (single word) */
 244         u32  nBytesInM;      /*  # bytes in M */
 245 };
 246
 247 extern const u32 Te0[256];
 248 extern const u32 Td0[256];
 249 extern const u32 Td1[256];
 250 extern const u32 Td2[256];
 251 extern const u32 Td3[256];
 252 extern const u32 Td4[256];
 253 extern const u32 rcon[10];
 254 extern const u8 Td4s[256];
 255 extern const u8 rcons[10];
 256
 257 #define RCON(i) (rcons[(i)] << 24)
 258
 259 static inline u32 rotr(u32 val, int bits)
 260 {
 261         return (val >> bits) | (val << (32 - bits));
 262 }
 263
 264 #define TE0(i) Te0[((i) >> 24) & 0xff]
 265 #define TE1(i) rotr(Te0[((i) >> 16) & 0xff], 8)
 266 #define TE2(i) rotr(Te0[((i) >> 8) & 0xff], 16)
 267 #define TE3(i) rotr(Te0[(i) & 0xff], 24)
 268
 269 #define GETU32(pt) (((u32)(pt)[0] << 24) ^ ((u32)(pt)[1] << 16) ^ \
 270                         ((u32)(pt)[2] <<  8) ^ ((u32)(pt)[3]))
 271
 272 #define PUTU32(ct, st) { \
 273 (ct)[0] = (u8)((st) >> 24); (ct)[1] = (u8)((st) >> 16); \
 274 (ct)[2] = (u8)((st) >>  8); (ct)[3] = (u8)(st); }
 275
 276 #define WPA_GET_BE32(a) ((((u32)(a)[0]) << 24) | (((u32)(a)[1]) << 16) | \
 277                          (((u32)(a)[2]) << 8) | ((u32)(a)[3]))
 278
 279 #define WPA_PUT_LE16(a, val)                    \
 280         do {                                    \
 281                 (a)[1] = ((u16)(val)) >> 8;     \
 282                 (a)[0] = ((u16)(val)) & 0xff;   \
 283         } while (0)
 284
 285 #define WPA_PUT_BE32(a, val)                                    \
 286         do {                                                    \
 287                 (a)[0] = (u8)((((u32)(val)) >> 24) & 0xff);     \
 288                 (a)[1] = (u8)((((u32)(val)) >> 16) & 0xff);     \
 289                 (a)[2] = (u8)((((u32)(val)) >> 8) & 0xff);      \
 290                 (a)[3] = (u8)(((u32)(val)) & 0xff);             \
 291         } while (0)
 292
 293 #define WPA_PUT_BE64(a, val)                            \
 294         do {                                            \
 295                 (a)[0] = (u8)(((u64)(val)) >> 56);      \
 296                 (a)[1] = (u8)(((u64)(val)) >> 48);      \
 297                 (a)[2] = (u8)(((u64)(val)) >> 40);      \
 298                 (a)[3] = (u8)(((u64)(val)) >> 32);      \
 299                 (a)[4] = (u8)(((u64)(val)) >> 24);      \
 300                 (a)[5] = (u8)(((u64)(val)) >> 16);      \
 301                 (a)[6] = (u8)(((u64)(val)) >> 8);       \
 302                 (a)[7] = (u8)(((u64)(val)) & 0xff);     \
 303         } while (0)
 304
 305 /* ===== start - public domain SHA256 implementation ===== */
 306
 307 /* This is based on SHA256 implementation in LibTomCrypt that was released into
 308  * public domain by Tom St Denis. */
 309
 310 /* the K array */
 311 static const unsigned long K[64] = {
 312         0x428a2f98UL, 0x71374491UL, 0xb5c0fbcfUL, 0xe9b5dba5UL, 0x3956c25bUL,
 313         0x59f111f1UL, 0x923f82a4UL, 0xab1c5ed5UL, 0xd807aa98UL, 0x12835b01UL,
 314         0x243185beUL, 0x550c7dc3UL, 0x72be5d74UL, 0x80deb1feUL, 0x9bdc06a7UL,
 315         0xc19bf174UL, 0xe49b69c1UL, 0xefbe4786UL, 0x0fc19dc6UL, 0x240ca1ccUL,
 316         0x2de92c6fUL, 0x4a7484aaUL, 0x5cb0a9dcUL, 0x76f988daUL, 0x983e5152UL,
 317         0xa831c66dUL, 0xb00327c8UL, 0xbf597fc7UL, 0xc6e00bf3UL, 0xd5a79147UL,
 318         0x06ca6351UL, 0x14292967UL, 0x27b70a85UL, 0x2e1b2138UL, 0x4d2c6dfcUL,
 319         0x53380d13UL, 0x650a7354UL, 0x766a0abbUL, 0x81c2c92eUL, 0x92722c85UL,
 320         0xa2bfe8a1UL, 0xa81a664bUL, 0xc24b8b70UL, 0xc76c51a3UL, 0xd192e819UL,
 321         0xd6990624UL, 0xf40e3585UL, 0x106aa070UL, 0x19a4c116UL, 0x1e376c08UL,
 322         0x2748774cUL, 0x34b0bcb5UL, 0x391c0cb3UL, 0x4ed8aa4aUL, 0x5b9cca4fUL,
 323         0x682e6ff3UL, 0x748f82eeUL, 0x78a5636fUL, 0x84c87814UL, 0x8cc70208UL,
 324         0x90befffaUL, 0xa4506cebUL, 0xbef9a3f7UL, 0xc67178f2UL
 325 };
 326
 327 /* Various logical functions */
 328 #define RORc(x, y) \
 329         (((((unsigned long)(x) & 0xFFFFFFFFUL) >> (unsigned long)((y)&31)) | \
 330          ((unsigned long)(x) << (unsigned long)(32-((y)&31)))) & 0xFFFFFFFFUL)
 331 #define Ch(x, y , z)       (z ^ (x & (y ^ z)))
 332 #define Maj(x, y, z)      (((x | y) & z) | (x & y))
 333 #define S(x, n)         RORc((x), (n))
 334 #define R(x, n)         (((x)&0xFFFFFFFFUL)>>(n))
 335 #define Sigma0(x)       (S(x, 2) ^ S(x, 13) ^ S(x, 22))
 336 #define Sigma1(x)       (S(x, 6) ^ S(x, 11) ^ S(x, 25))
 337 #define Gamma0(x)       (S(x, 7) ^ S(x, 18) ^ R(x, 3))
 338 #define Gamma1(x)       (S(x, 17) ^ S(x, 19) ^ R(x, 10))
 339 #ifndef MIN
 340 #define MIN(x, y) (((x) < (y)) ? (x) : (y))
 341 #endif
 342
 343 void rtw_secmicsetkey(struct mic_data *pmicdata, u8 *key);
 344 void rtw_secmicappendbyte(struct mic_data *pmicdata, u8 b);
 345 void rtw_secmicappend(struct mic_data *pmicdata, u8 *src, u32 nBytes);
 346 void rtw_secgetmic(struct mic_data *pmicdata, u8 *dst);
 347 void rtw_seccalctkipmic(u8 *key, u8 *header, u8 *data, u32 data_len,
 348                         u8 *Miccode, u8   priority);
 349 u32 rtw_aes_encrypt(struct adapter *padapter, u8 *pxmitframe);
 350 u32 rtw_tkip_encrypt(struct adapter *padapter, u8 *pxmitframe);
 351 void rtw_wep_encrypt(struct adapter *padapter, u8  *pxmitframe);
 352 u32 rtw_aes_decrypt(struct adapter *padapter, u8  *precvframe);
 353 u32 rtw_tkip_decrypt(struct adapter *padapter, u8  *precvframe);
 354 void rtw_wep_decrypt(struct adapter *padapter, u8  *precvframe);
 355
 356 #endif  /* __RTL871X_SECURITY_H_ */