This source file includes following definitions.
- arcfour_init
- arcfour_byte
- arcfour_encrypt
- crc32_reverseBit
- crc32_init
- getcrc32
- r8712_wep_encrypt
- r8712_wep_decrypt
- secmicgetuint32
- secmicputuint32
- secmicclear
- r8712_secmicsetkey
- secmicappendbyte
- r8712_secmicappend
- r8712_secgetmic
- seccalctkipmic
- phase1
- phase2
- r8712_tkip_encrypt
- r8712_tkip_decrypt
- xor_128
- xor_32
- sbox
- next_key
- byte_sub
- shift_row
- mix_column
- aes128k128d
- construct_mic_iv
- construct_mic_header1
- construct_mic_header2
- construct_ctr_preload
- bitwise_xor
- aes_cipher
- r8712_aes_encrypt
- aes_decipher
- r8712_aes_decrypt
- r8712_use_tkipkey_handler
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17 #define _RTL871X_SECURITY_C_
18
19 #include <linux/compiler.h>
20 #include <linux/kernel.h>
21 #include <linux/errno.h>
22 #include <linux/slab.h>
23 #include <linux/module.h>
24 #include <linux/kref.h>
25 #include <linux/netdevice.h>
26 #include <linux/skbuff.h>
27 #include <linux/circ_buf.h>
28 #include <linux/uaccess.h>
29 #include <asm/byteorder.h>
30 #include <linux/atomic.h>
31 #include <linux/crc32poly.h>
32 #include <linux/semaphore.h>
33
34 #include "osdep_service.h"
35 #include "drv_types.h"
36 #include "wifi.h"
37 #include "osdep_intf.h"
38
39
40
41 struct arc4context {
42 u32 x;
43 u32 y;
44 u8 state[256];
45 };
46
47 static void arcfour_init(struct arc4context *parc4ctx, u8 *key, u32 key_len)
48 {
49 u32 t, u;
50 u32 keyindex;
51 u32 stateindex;
52 u8 *state;
53 u32 counter;
54
55 state = parc4ctx->state;
56 parc4ctx->x = 0;
57 parc4ctx->y = 0;
58 for (counter = 0; counter < 256; counter++)
59 state[counter] = (u8)counter;
60 keyindex = 0;
61 stateindex = 0;
62 for (counter = 0; counter < 256; counter++) {
63 t = state[counter];
64 stateindex = (stateindex + key[keyindex] + t) & 0xff;
65 u = state[stateindex];
66 state[stateindex] = (u8)t;
67 state[counter] = (u8)u;
68 if (++keyindex >= key_len)
69 keyindex = 0;
70 }
71 }
72
73 static u32 arcfour_byte(struct arc4context *parc4ctx)
74 {
75 u32 x;
76 u32 y;
77 u32 sx, sy;
78 u8 *state;
79
80 state = parc4ctx->state;
81 x = (parc4ctx->x + 1) & 0xff;
82 sx = state[x];
83 y = (sx + parc4ctx->y) & 0xff;
84 sy = state[y];
85 parc4ctx->x = x;
86 parc4ctx->y = y;
87 state[y] = (u8)sx;
88 state[x] = (u8)sy;
89 return state[(sx + sy) & 0xff];
90 }
91
92 static void arcfour_encrypt(struct arc4context *parc4ctx,
93 u8 *dest, u8 *src, u32 len)
94 {
95 u32 i;
96
97 for (i = 0; i < len; i++)
98 dest[i] = src[i] ^ (unsigned char)arcfour_byte(parc4ctx);
99 }
100
101 static sint bcrc32initialized;
102 static u32 crc32_table[256];
103
104 static u8 crc32_reverseBit(u8 data)
105 {
106 return ((u8)(data << 7) & 0x80) | ((data << 5) & 0x40) | ((data << 3)
107 & 0x20) | ((data << 1) & 0x10) | ((data >> 1) & 0x08) |
108 ((data >> 3) & 0x04) | ((data >> 5) & 0x02) | ((data >> 7) &
109 0x01);
110 }
111
112 static void crc32_init(void)
113 {
114 sint i, j;
115 u32 c;
116 u8 *p = (u8 *)&c, *p1;
117 u8 k;
118
119 if (bcrc32initialized == 1)
120 return;
121
122 for (i = 0; i < 256; ++i) {
123 k = crc32_reverseBit((u8)i);
124 for (c = ((u32)k) << 24, j = 8; j > 0; --j)
125 c = c & 0x80000000 ? (c << 1) ^ CRC32_POLY_BE : (c << 1);
126 p1 = (u8 *)&crc32_table[i];
127 p1[0] = crc32_reverseBit(p[3]);
128 p1[1] = crc32_reverseBit(p[2]);
129 p1[2] = crc32_reverseBit(p[1]);
130 p1[3] = crc32_reverseBit(p[0]);
131 }
132 bcrc32initialized = 1;
133 }
134
135 static u32 getcrc32(u8 *buf, u32 len)
136 {
137 u8 *p;
138 u32 crc;
139
140 if (!bcrc32initialized)
141 crc32_init();
142 crc = 0xffffffff;
143 for (p = buf; len > 0; ++p, --len)
144 crc = crc32_table[(crc ^ *p) & 0xff] ^ (crc >> 8);
145 return ~crc;
146 }
147
148
149
150
151 void r8712_wep_encrypt(struct _adapter *padapter, u8 *pxmitframe)
152 {
153 unsigned char crc[4];
154 struct arc4context mycontext;
155 u32 curfragnum, length, keylength, pki;
156 u8 *pframe, *payload, *iv;
157 u8 wepkey[16];
158 struct pkt_attrib *pattrib = &((struct xmit_frame *)
159 pxmitframe)->attrib;
160 struct security_priv *psecuritypriv = &padapter->securitypriv;
161 struct xmit_priv *pxmitpriv = &padapter->xmitpriv;
162
163 if (((struct xmit_frame *)pxmitframe)->buf_addr == NULL)
164 return;
165 pframe = ((struct xmit_frame *)pxmitframe)->buf_addr + TXDESC_OFFSET;
166
167 if ((pattrib->encrypt == _WEP40_) || (pattrib->encrypt == _WEP104_)) {
168 pki = psecuritypriv->PrivacyKeyIndex;
169 keylength = psecuritypriv->DefKeylen[pki];
170 for (curfragnum = 0; curfragnum < pattrib->nr_frags;
171 curfragnum++) {
172 iv = pframe + pattrib->hdrlen;
173 memcpy(&wepkey[0], iv, 3);
174 memcpy(&wepkey[3], &psecuritypriv->DefKey[
175 psecuritypriv->PrivacyKeyIndex].skey[0],
176 keylength);
177 payload = pframe + pattrib->iv_len + pattrib->hdrlen;
178 if ((curfragnum + 1) == pattrib->nr_frags) {
179 length = pattrib->last_txcmdsz -
180 pattrib->hdrlen -
181 pattrib->iv_len -
182 pattrib->icv_len;
183 *((__le32 *)crc) = cpu_to_le32(getcrc32(
184 payload, length));
185 arcfour_init(&mycontext, wepkey, 3 + keylength);
186 arcfour_encrypt(&mycontext, payload, payload,
187 length);
188 arcfour_encrypt(&mycontext, payload + length,
189 crc, 4);
190 } else {
191 length = pxmitpriv->frag_len -
192 pattrib->hdrlen - pattrib->iv_len -
193 pattrib->icv_len;
194 *((__le32 *)crc) = cpu_to_le32(getcrc32(
195 payload, length));
196 arcfour_init(&mycontext, wepkey, 3 + keylength);
197 arcfour_encrypt(&mycontext, payload, payload,
198 length);
199 arcfour_encrypt(&mycontext, payload + length,
200 crc, 4);
201 pframe += pxmitpriv->frag_len;
202 pframe = (u8 *)RND4((addr_t)(pframe));
203 }
204 }
205 }
206 }
207
208 void r8712_wep_decrypt(struct _adapter *padapter, u8 *precvframe)
209 {
210
211 u8 crc[4];
212 struct arc4context mycontext;
213 u32 length, keylength;
214 u8 *pframe, *payload, *iv, wepkey[16];
215 u8 keyindex;
216 struct rx_pkt_attrib *prxattrib = &(((union recv_frame *)
217 precvframe)->u.hdr.attrib);
218 struct security_priv *psecuritypriv = &padapter->securitypriv;
219
220 pframe = (unsigned char *)((union recv_frame *)precvframe)->
221 u.hdr.rx_data;
222
223 if ((prxattrib->encrypt == _WEP40_) || (prxattrib->encrypt ==
224 _WEP104_)) {
225 iv = pframe + prxattrib->hdrlen;
226 keyindex = (iv[3] & 0x3);
227 keylength = psecuritypriv->DefKeylen[keyindex];
228 memcpy(&wepkey[0], iv, 3);
229 memcpy(&wepkey[3], &psecuritypriv->DefKey[
230 psecuritypriv->PrivacyKeyIndex].skey[0],
231 keylength);
232 length = ((union recv_frame *)precvframe)->
233 u.hdr.len - prxattrib->hdrlen - prxattrib->iv_len;
234 payload = pframe + prxattrib->iv_len + prxattrib->hdrlen;
235
236 arcfour_init(&mycontext, wepkey, 3 + keylength);
237 arcfour_encrypt(&mycontext, payload, payload, length);
238
239 *((__le32 *)crc) = cpu_to_le32(getcrc32(payload, length - 4));
240 }
241 }
242
243
244
245 static u32 secmicgetuint32(u8 *p)
246
247 {
248 s32 i;
249 u32 res = 0;
250
251 for (i = 0; i < 4; i++)
252 res |= ((u32)(*p++)) << (8 * i);
253 return res;
254 }
255
256 static void secmicputuint32(u8 *p, u32 val)
257
258 {
259 long i;
260
261 for (i = 0; i < 4; i++) {
262 *p++ = (u8) (val & 0xff);
263 val >>= 8;
264 }
265 }
266
267 static void secmicclear(struct mic_data *pmicdata)
268 {
269
270 pmicdata->L = pmicdata->K0;
271 pmicdata->R = pmicdata->K1;
272 pmicdata->nBytesInM = 0;
273 pmicdata->M = 0;
274 }
275
276 void r8712_secmicsetkey(struct mic_data *pmicdata, u8 *key)
277 {
278
279 pmicdata->K0 = secmicgetuint32(key);
280 pmicdata->K1 = secmicgetuint32(key + 4);
281
282 secmicclear(pmicdata);
283 }
284
285 static void secmicappendbyte(struct mic_data *pmicdata, u8 b)
286 {
287
288 pmicdata->M |= ((u32)b) << (8 * pmicdata->nBytesInM);
289 pmicdata->nBytesInM++;
290
291 if (pmicdata->nBytesInM >= 4) {
292 pmicdata->L ^= pmicdata->M;
293 pmicdata->R ^= ROL32(pmicdata->L, 17);
294 pmicdata->L += pmicdata->R;
295 pmicdata->R ^= ((pmicdata->L & 0xff00ff00) >> 8) |
296 ((pmicdata->L & 0x00ff00ff) << 8);
297 pmicdata->L += pmicdata->R;
298 pmicdata->R ^= ROL32(pmicdata->L, 3);
299 pmicdata->L += pmicdata->R;
300 pmicdata->R ^= ROR32(pmicdata->L, 2);
301 pmicdata->L += pmicdata->R;
302
303 pmicdata->M = 0;
304 pmicdata->nBytesInM = 0;
305 }
306 }
307
308 void r8712_secmicappend(struct mic_data *pmicdata, u8 *src, u32 nbytes)
309 {
310
311 while (nbytes > 0) {
312 secmicappendbyte(pmicdata, *src++);
313 nbytes--;
314 }
315 }
316
317 void r8712_secgetmic(struct mic_data *pmicdata, u8 *dst)
318 {
319
320 secmicappendbyte(pmicdata, 0x5a);
321 secmicappendbyte(pmicdata, 0);
322 secmicappendbyte(pmicdata, 0);
323 secmicappendbyte(pmicdata, 0);
324 secmicappendbyte(pmicdata, 0);
325
326 while (pmicdata->nBytesInM != 0)
327 secmicappendbyte(pmicdata, 0);
328
329 secmicputuint32(dst, pmicdata->L);
330 secmicputuint32(dst + 4, pmicdata->R);
331
332 secmicclear(pmicdata);
333 }
334
335 void seccalctkipmic(u8 *key, u8 *header, u8 *data, u32 data_len, u8 *mic_code,
336 u8 pri)
337 {
338
339 struct mic_data micdata;
340 u8 priority[4] = {0x0, 0x0, 0x0, 0x0};
341
342 r8712_secmicsetkey(&micdata, key);
343 priority[0] = pri;
344
345 if (header[1] & 1) {
346 r8712_secmicappend(&micdata, &header[16], 6);
347 if (header[1] & 2)
348 r8712_secmicappend(&micdata, &header[24], 6);
349 else
350 r8712_secmicappend(&micdata, &header[10], 6);
351 } else {
352 r8712_secmicappend(&micdata, &header[4], 6);
353 if (header[1] & 2)
354 r8712_secmicappend(&micdata, &header[16], 6);
355 else
356 r8712_secmicappend(&micdata, &header[10], 6);
357 }
358 r8712_secmicappend(&micdata, &priority[0], 4);
359 r8712_secmicappend(&micdata, data, data_len);
360 r8712_secgetmic(&micdata, mic_code);
361 }
362
363
364 #define RotR1(v16) ((((v16) >> 1) & 0x7FFF) ^ (((v16) & 1) << 15))
365 #define Lo8(v16) ((u8)((v16) & 0x00FF))
366 #define Hi8(v16) ((u8)(((v16) >> 8) & 0x00FF))
367 #define Lo16(v32) ((u16)((v32) & 0xFFFF))
368 #define Hi16(v32) ((u16)(((v32) >> 16) & 0xFFFF))
369 #define Mk16(hi, lo) ((lo) ^ (((u16)(hi)) << 8))
370
371
372 #define TK16(N) Mk16(tk[2 * (N) + 1], tk[2 * (N)])
373
374
375 #define _S_(v16) (Sbox1[0][Lo8(v16)] ^ Sbox1[1][Hi8(v16)])
376
377
378 #define PHASE1_LOOP_CNT 8
379 #define TA_SIZE 6
380 #define TK_SIZE 16
381 #define P1K_SIZE 10
382 #define RC4_KEY_SIZE 16
383
384
385
386 static const unsigned short Sbox1[2][256] = {
387 {
388 0xC6A5, 0xF884, 0xEE99, 0xF68D, 0xFF0D, 0xD6BD, 0xDEB1, 0x9154,
389 0x6050, 0x0203, 0xCEA9, 0x567D, 0xE719, 0xB562, 0x4DE6, 0xEC9A,
390 0x8F45, 0x1F9D, 0x8940, 0xFA87, 0xEF15, 0xB2EB, 0x8EC9, 0xFB0B,
391 0x41EC, 0xB367, 0x5FFD, 0x45EA, 0x23BF, 0x53F7, 0xE496, 0x9B5B,
392 0x75C2, 0xE11C, 0x3DAE, 0x4C6A, 0x6C5A, 0x7E41, 0xF502, 0x834F,
393 0x685C, 0x51F4, 0xD134, 0xF908, 0xE293, 0xAB73, 0x6253, 0x2A3F,
394 0x080C, 0x9552, 0x4665, 0x9D5E, 0x3028, 0x37A1, 0x0A0F, 0x2FB5,
395 0x0E09, 0x2436, 0x1B9B, 0xDF3D, 0xCD26, 0x4E69, 0x7FCD, 0xEA9F,
396 0x121B, 0x1D9E, 0x5874, 0x342E, 0x362D, 0xDCB2, 0xB4EE, 0x5BFB,
397 0xA4F6, 0x764D, 0xB761, 0x7DCE, 0x527B, 0xDD3E, 0x5E71, 0x1397,
398 0xA6F5, 0xB968, 0x0000, 0xC12C, 0x4060, 0xE31F, 0x79C8, 0xB6ED,
399 0xD4BE, 0x8D46, 0x67D9, 0x724B, 0x94DE, 0x98D4, 0xB0E8, 0x854A,
400 0xBB6B, 0xC52A, 0x4FE5, 0xED16, 0x86C5, 0x9AD7, 0x6655, 0x1194,
401 0x8ACF, 0xE910, 0x0406, 0xFE81, 0xA0F0, 0x7844, 0x25BA, 0x4BE3,
402 0xA2F3, 0x5DFE, 0x80C0, 0x058A, 0x3FAD, 0x21BC, 0x7048, 0xF104,
403 0x63DF, 0x77C1, 0xAF75, 0x4263, 0x2030, 0xE51A, 0xFD0E, 0xBF6D,
404 0x814C, 0x1814, 0x2635, 0xC32F, 0xBEE1, 0x35A2, 0x88CC, 0x2E39,
405 0x9357, 0x55F2, 0xFC82, 0x7A47, 0xC8AC, 0xBAE7, 0x322B, 0xE695,
406 0xC0A0, 0x1998, 0x9ED1, 0xA37F, 0x4466, 0x547E, 0x3BAB, 0x0B83,
407 0x8CCA, 0xC729, 0x6BD3, 0x283C, 0xA779, 0xBCE2, 0x161D, 0xAD76,
408 0xDB3B, 0x6456, 0x744E, 0x141E, 0x92DB, 0x0C0A, 0x486C, 0xB8E4,
409 0x9F5D, 0xBD6E, 0x43EF, 0xC4A6, 0x39A8, 0x31A4, 0xD337, 0xF28B,
410 0xD532, 0x8B43, 0x6E59, 0xDAB7, 0x018C, 0xB164, 0x9CD2, 0x49E0,
411 0xD8B4, 0xACFA, 0xF307, 0xCF25, 0xCAAF, 0xF48E, 0x47E9, 0x1018,
412 0x6FD5, 0xF088, 0x4A6F, 0x5C72, 0x3824, 0x57F1, 0x73C7, 0x9751,
413 0xCB23, 0xA17C, 0xE89C, 0x3E21, 0x96DD, 0x61DC, 0x0D86, 0x0F85,
414 0xE090, 0x7C42, 0x71C4, 0xCCAA, 0x90D8, 0x0605, 0xF701, 0x1C12,
415 0xC2A3, 0x6A5F, 0xAEF9, 0x69D0, 0x1791, 0x9958, 0x3A27, 0x27B9,
416 0xD938, 0xEB13, 0x2BB3, 0x2233, 0xD2BB, 0xA970, 0x0789, 0x33A7,
417 0x2DB6, 0x3C22, 0x1592, 0xC920, 0x8749, 0xAAFF, 0x5078, 0xA57A,
418 0x038F, 0x59F8, 0x0980, 0x1A17, 0x65DA, 0xD731, 0x84C6, 0xD0B8,
419 0x82C3, 0x29B0, 0x5A77, 0x1E11, 0x7BCB, 0xA8FC, 0x6DD6, 0x2C3A,
420 },
421 {
422 0xA5C6, 0x84F8, 0x99EE, 0x8DF6, 0x0DFF, 0xBDD6, 0xB1DE, 0x5491,
423 0x5060, 0x0302, 0xA9CE, 0x7D56, 0x19E7, 0x62B5, 0xE64D, 0x9AEC,
424 0x458F, 0x9D1F, 0x4089, 0x87FA, 0x15EF, 0xEBB2, 0xC98E, 0x0BFB,
425 0xEC41, 0x67B3, 0xFD5F, 0xEA45, 0xBF23, 0xF753, 0x96E4, 0x5B9B,
426 0xC275, 0x1CE1, 0xAE3D, 0x6A4C, 0x5A6C, 0x417E, 0x02F5, 0x4F83,
427 0x5C68, 0xF451, 0x34D1, 0x08F9, 0x93E2, 0x73AB, 0x5362, 0x3F2A,
428 0x0C08, 0x5295, 0x6546, 0x5E9D, 0x2830, 0xA137, 0x0F0A, 0xB52F,
429 0x090E, 0x3624, 0x9B1B, 0x3DDF, 0x26CD, 0x694E, 0xCD7F, 0x9FEA,
430 0x1B12, 0x9E1D, 0x7458, 0x2E34, 0x2D36, 0xB2DC, 0xEEB4, 0xFB5B,
431 0xF6A4, 0x4D76, 0x61B7, 0xCE7D, 0x7B52, 0x3EDD, 0x715E, 0x9713,
432 0xF5A6, 0x68B9, 0x0000, 0x2CC1, 0x6040, 0x1FE3, 0xC879, 0xEDB6,
433 0xBED4, 0x468D, 0xD967, 0x4B72, 0xDE94, 0xD498, 0xE8B0, 0x4A85,
434 0x6BBB, 0x2AC5, 0xE54F, 0x16ED, 0xC586, 0xD79A, 0x5566, 0x9411,
435 0xCF8A, 0x10E9, 0x0604, 0x81FE, 0xF0A0, 0x4478, 0xBA25, 0xE34B,
436 0xF3A2, 0xFE5D, 0xC080, 0x8A05, 0xAD3F, 0xBC21, 0x4870, 0x04F1,
437 0xDF63, 0xC177, 0x75AF, 0x6342, 0x3020, 0x1AE5, 0x0EFD, 0x6DBF,
438 0x4C81, 0x1418, 0x3526, 0x2FC3, 0xE1BE, 0xA235, 0xCC88, 0x392E,
439 0x5793, 0xF255, 0x82FC, 0x477A, 0xACC8, 0xE7BA, 0x2B32, 0x95E6,
440 0xA0C0, 0x9819, 0xD19E, 0x7FA3, 0x6644, 0x7E54, 0xAB3B, 0x830B,
441 0xCA8C, 0x29C7, 0xD36B, 0x3C28, 0x79A7, 0xE2BC, 0x1D16, 0x76AD,
442 0x3BDB, 0x5664, 0x4E74, 0x1E14, 0xDB92, 0x0A0C, 0x6C48, 0xE4B8,
443 0x5D9F, 0x6EBD, 0xEF43, 0xA6C4, 0xA839, 0xA431, 0x37D3, 0x8BF2,
444 0x32D5, 0x438B, 0x596E, 0xB7DA, 0x8C01, 0x64B1, 0xD29C, 0xE049,
445 0xB4D8, 0xFAAC, 0x07F3, 0x25CF, 0xAFCA, 0x8EF4, 0xE947, 0x1810,
446 0xD56F, 0x88F0, 0x6F4A, 0x725C, 0x2438, 0xF157, 0xC773, 0x5197,
447 0x23CB, 0x7CA1, 0x9CE8, 0x213E, 0xDD96, 0xDC61, 0x860D, 0x850F,
448 0x90E0, 0x427C, 0xC471, 0xAACC, 0xD890, 0x0506, 0x01F7, 0x121C,
449 0xA3C2, 0x5F6A, 0xF9AE, 0xD069, 0x9117, 0x5899, 0x273A, 0xB927,
450 0x38D9, 0x13EB, 0xB32B, 0x3322, 0xBBD2, 0x70A9, 0x8907, 0xA733,
451 0xB62D, 0x223C, 0x9215, 0x20C9, 0x4987, 0xFFAA, 0x7850, 0x7AA5,
452 0x8F03, 0xF859, 0x8009, 0x171A, 0xDA65, 0x31D7, 0xC684, 0xB8D0,
453 0xC382, 0xB029, 0x775A, 0x111E, 0xCB7B, 0xFCA8, 0xD66D, 0x3A2C,
454 }
455 };
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474 static void phase1(u16 *p1k, const u8 *tk, const u8 *ta, u32 iv32)
475 {
476 sint i;
477
478
479 p1k[0] = Lo16(iv32);
480 p1k[1] = Hi16(iv32);
481 p1k[2] = Mk16(ta[1], ta[0]);
482 p1k[3] = Mk16(ta[3], ta[2]);
483 p1k[4] = Mk16(ta[5], ta[4]);
484
485
486 for (i = 0; i < PHASE1_LOOP_CNT; i++) {
487 p1k[0] += _S_(p1k[4] ^ TK16((i & 1) + 0));
488 p1k[1] += _S_(p1k[0] ^ TK16((i & 1) + 2));
489 p1k[2] += _S_(p1k[1] ^ TK16((i & 1) + 4));
490 p1k[3] += _S_(p1k[2] ^ TK16((i & 1) + 6));
491 p1k[4] += _S_(p1k[3] ^ TK16((i & 1) + 0));
492 p1k[4] += (unsigned short)i;
493 }
494 }
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519 static void phase2(u8 *rc4key, const u8 *tk, const u16 *p1k, u16 iv16)
520 {
521 sint i;
522 u16 PPK[6];
523
524
525 for (i = 0; i < 5; i++)
526 PPK[i] = p1k[i];
527 PPK[5] = p1k[4] + iv16;
528
529 PPK[0] += _S_(PPK[5] ^ TK16(0));
530 PPK[1] += _S_(PPK[0] ^ TK16(1));
531 PPK[2] += _S_(PPK[1] ^ TK16(2));
532 PPK[3] += _S_(PPK[2] ^ TK16(3));
533 PPK[4] += _S_(PPK[3] ^ TK16(4));
534 PPK[5] += _S_(PPK[4] ^ TK16(5));
535
536 PPK[0] += RotR1(PPK[5] ^ TK16(6));
537 PPK[1] += RotR1(PPK[0] ^ TK16(7));
538 PPK[2] += RotR1(PPK[1]);
539 PPK[3] += RotR1(PPK[2]);
540 PPK[4] += RotR1(PPK[3]);
541 PPK[5] += RotR1(PPK[4]);
542
543
544
545
546
547 rc4key[0] = Hi8(iv16);
548 rc4key[1] = (Hi8(iv16) | 0x20) & 0x7F;
549 rc4key[2] = Lo8(iv16);
550 rc4key[3] = Lo8((PPK[5] ^ TK16(0)) >> 1);
551
552 for (i = 0; i < 6; i++) {
553 rc4key[4 + 2 * i] = Lo8(PPK[i]);
554 rc4key[5 + 2 * i] = Hi8(PPK[i]);
555 }
556 }
557
558
559 u32 r8712_tkip_encrypt(struct _adapter *padapter, u8 *pxmitframe)
560 {
561 u16 pnl;
562 u32 pnh;
563 u8 rc4key[16];
564 u8 ttkey[16];
565 u8 crc[4];
566 struct arc4context mycontext;
567 u32 curfragnum, length;
568
569 u8 *pframe, *payload, *iv, *prwskey;
570 union pn48 txpn;
571 struct sta_info *stainfo;
572 struct pkt_attrib *pattrib = &((struct xmit_frame *)pxmitframe)->attrib;
573 struct xmit_priv *pxmitpriv = &padapter->xmitpriv;
574 u32 res = _SUCCESS;
575
576 if (((struct xmit_frame *)pxmitframe)->buf_addr == NULL)
577 return _FAIL;
578
579 pframe = ((struct xmit_frame *)pxmitframe)->buf_addr + TXDESC_OFFSET;
580
581 if (pattrib->encrypt == _TKIP_) {
582 if (pattrib->psta)
583 stainfo = pattrib->psta;
584 else
585 stainfo = r8712_get_stainfo(&padapter->stapriv,
586 &pattrib->ra[0]);
587 if (stainfo != NULL) {
588 prwskey = &stainfo->x_UncstKey.skey[0];
589 for (curfragnum = 0; curfragnum < pattrib->nr_frags;
590 curfragnum++) {
591 iv = pframe + pattrib->hdrlen;
592 payload = pframe + pattrib->iv_len +
593 pattrib->hdrlen;
594 GET_TKIP_PN(iv, txpn);
595 pnl = (u16)(txpn.val);
596 pnh = (u32)(txpn.val >> 16);
597 phase1((u16 *)&ttkey[0], prwskey,
598 &pattrib->ta[0], pnh);
599 phase2(&rc4key[0], prwskey, (u16 *)&ttkey[0],
600 pnl);
601 if ((curfragnum + 1) == pattrib->nr_frags) {
602
603 length = pattrib->last_txcmdsz -
604 pattrib->hdrlen -
605 pattrib->iv_len -
606 pattrib->icv_len;
607 *((__le32 *)crc) = cpu_to_le32(
608 getcrc32(payload, length));
609 arcfour_init(&mycontext, rc4key, 16);
610 arcfour_encrypt(&mycontext, payload,
611 payload, length);
612 arcfour_encrypt(&mycontext, payload +
613 length, crc, 4);
614 } else {
615 length = pxmitpriv->frag_len -
616 pattrib->hdrlen -
617 pattrib->iv_len -
618 pattrib->icv_len;
619 *((__le32 *)crc) = cpu_to_le32(getcrc32(
620 payload, length));
621 arcfour_init(&mycontext, rc4key, 16);
622 arcfour_encrypt(&mycontext, payload,
623 payload, length);
624 arcfour_encrypt(&mycontext,
625 payload + length, crc,
626 4);
627 pframe += pxmitpriv->frag_len;
628 pframe = (u8 *)RND4((addr_t)(pframe));
629 }
630 }
631 } else {
632 res = _FAIL;
633 }
634 }
635 return res;
636 }
637
638
639 void r8712_tkip_decrypt(struct _adapter *padapter, u8 *precvframe)
640 {
641 u16 pnl;
642 u32 pnh;
643 u8 rc4key[16];
644 u8 ttkey[16];
645 u8 crc[4];
646 struct arc4context mycontext;
647 u32 length;
648 u8 *pframe, *payload, *iv, *prwskey, idx = 0;
649 union pn48 txpn;
650 struct sta_info *stainfo;
651 struct rx_pkt_attrib *prxattrib = &((union recv_frame *)
652 precvframe)->u.hdr.attrib;
653 struct security_priv *psecuritypriv = &padapter->securitypriv;
654
655 pframe = (unsigned char *)((union recv_frame *)
656 precvframe)->u.hdr.rx_data;
657
658 if (prxattrib->encrypt == _TKIP_) {
659 stainfo = r8712_get_stainfo(&padapter->stapriv,
660 &prxattrib->ta[0]);
661 if (stainfo != NULL) {
662 iv = pframe + prxattrib->hdrlen;
663 payload = pframe + prxattrib->iv_len +
664 prxattrib->hdrlen;
665 length = ((union recv_frame *)precvframe)->
666 u.hdr.len - prxattrib->hdrlen -
667 prxattrib->iv_len;
668 if (is_multicast_ether_addr(prxattrib->ra)) {
669 idx = iv[3];
670 prwskey = &psecuritypriv->XGrpKey[
671 ((idx >> 6) & 0x3) - 1].skey[0];
672 if (!psecuritypriv->binstallGrpkey)
673 return;
674 } else {
675 prwskey = &stainfo->x_UncstKey.skey[0];
676 }
677 GET_TKIP_PN(iv, txpn);
678 pnl = (u16)(txpn.val);
679 pnh = (u32)(txpn.val >> 16);
680 phase1((u16 *)&ttkey[0], prwskey, &prxattrib->ta[0],
681 pnh);
682 phase2(&rc4key[0], prwskey, (unsigned short *)
683 &ttkey[0], pnl);
684
685 arcfour_init(&mycontext, rc4key, 16);
686 arcfour_encrypt(&mycontext, payload, payload, length);
687 *((__le32 *)crc) = cpu_to_le32(getcrc32(payload,
688 length - 4));
689 }
690 }
691 }
692
693
694
695 #define MAX_MSG_SIZE 2048
696
697
698
699
700 static const u8 sbox_table[256] = {
701 0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5,
702 0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76,
703 0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0,
704 0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0,
705 0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc,
706 0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15,
707 0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a,
708 0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75,
709 0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0,
710 0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84,
711 0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b,
712 0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf,
713 0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85,
714 0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8,
715 0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5,
716 0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2,
717 0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17,
718 0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73,
719 0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88,
720 0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb,
721 0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c,
722 0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79,
723 0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9,
724 0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08,
725 0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6,
726 0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a,
727 0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e,
728 0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e,
729 0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94,
730 0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf,
731 0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68,
732 0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16
733 };
734
735
736
737
738
739
740 static void xor_128(u8 *a, u8 *b, u8 *out)
741 {
742 sint i;
743
744 for (i = 0; i < 16; i++)
745 out[i] = a[i] ^ b[i];
746 }
747
748 static void xor_32(u8 *a, u8 *b, u8 *out)
749 {
750 sint i;
751
752 for (i = 0; i < 4; i++)
753 out[i] = a[i] ^ b[i];
754 }
755
756 static u8 sbox(u8 a)
757 {
758 return sbox_table[(sint)a];
759 }
760
761 static void next_key(u8 *key, sint round)
762 {
763 u8 rcon;
764 u8 sbox_key[4];
765 u8 rcon_table[12] = {
766 0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 0x40, 0x80,
767 0x1b, 0x36, 0x36, 0x36
768 };
769
770 sbox_key[0] = sbox(key[13]);
771 sbox_key[1] = sbox(key[14]);
772 sbox_key[2] = sbox(key[15]);
773 sbox_key[3] = sbox(key[12]);
774 rcon = rcon_table[round];
775 xor_32(&key[0], sbox_key, &key[0]);
776 key[0] = key[0] ^ rcon;
777 xor_32(&key[4], &key[0], &key[4]);
778 xor_32(&key[8], &key[4], &key[8]);
779 xor_32(&key[12], &key[8], &key[12]);
780 }
781
782 static void byte_sub(u8 *in, u8 *out)
783 {
784 sint i;
785
786 for (i = 0; i < 16; i++)
787 out[i] = sbox(in[i]);
788 }
789
790 static void shift_row(u8 *in, u8 *out)
791 {
792 out[0] = in[0];
793 out[1] = in[5];
794 out[2] = in[10];
795 out[3] = in[15];
796 out[4] = in[4];
797 out[5] = in[9];
798 out[6] = in[14];
799 out[7] = in[3];
800 out[8] = in[8];
801 out[9] = in[13];
802 out[10] = in[2];
803 out[11] = in[7];
804 out[12] = in[12];
805 out[13] = in[1];
806 out[14] = in[6];
807 out[15] = in[11];
808 }
809
810 static void mix_column(u8 *in, u8 *out)
811 {
812 sint i;
813 u8 add1b[4];
814 u8 add1bf7[4];
815 u8 rotl[4];
816 u8 swap_halves[4];
817 u8 andf7[4];
818 u8 rotr[4];
819 u8 temp[4];
820 u8 tempb[4];
821
822 for (i = 0; i < 4; i++) {
823 if ((in[i] & 0x80) == 0x80)
824 add1b[i] = 0x1b;
825 else
826 add1b[i] = 0x00;
827 }
828 swap_halves[0] = in[2];
829 swap_halves[1] = in[3];
830 swap_halves[2] = in[0];
831 swap_halves[3] = in[1];
832 rotl[0] = in[3];
833 rotl[1] = in[0];
834 rotl[2] = in[1];
835 rotl[3] = in[2];
836 andf7[0] = in[0] & 0x7f;
837 andf7[1] = in[1] & 0x7f;
838 andf7[2] = in[2] & 0x7f;
839 andf7[3] = in[3] & 0x7f;
840 for (i = 3; i > 0; i--) {
841 andf7[i] = andf7[i] << 1;
842 if ((andf7[i - 1] & 0x80) == 0x80)
843 andf7[i] = (andf7[i] | 0x01);
844 }
845 andf7[0] = andf7[0] << 1;
846 andf7[0] = andf7[0] & 0xfe;
847 xor_32(add1b, andf7, add1bf7);
848 xor_32(in, add1bf7, rotr);
849 temp[0] = rotr[0];
850 rotr[0] = rotr[1];
851 rotr[1] = rotr[2];
852 rotr[2] = rotr[3];
853 rotr[3] = temp[0];
854 xor_32(add1bf7, rotr, temp);
855 xor_32(swap_halves, rotl, tempb);
856 xor_32(temp, tempb, out);
857 }
858
859 static void aes128k128d(u8 *key, u8 *data, u8 *ciphertext)
860 {
861 sint round;
862 sint i;
863 u8 intermediatea[16];
864 u8 intermediateb[16];
865 u8 round_key[16];
866
867 for (i = 0; i < 16; i++)
868 round_key[i] = key[i];
869 for (round = 0; round < 11; round++) {
870 if (round == 0) {
871 xor_128(round_key, data, ciphertext);
872 next_key(round_key, round);
873 } else if (round == 10) {
874 byte_sub(ciphertext, intermediatea);
875 shift_row(intermediatea, intermediateb);
876 xor_128(intermediateb, round_key, ciphertext);
877 } else {
878 byte_sub(ciphertext, intermediatea);
879 shift_row(intermediatea, intermediateb);
880 mix_column(&intermediateb[0], &intermediatea[0]);
881 mix_column(&intermediateb[4], &intermediatea[4]);
882 mix_column(&intermediateb[8], &intermediatea[8]);
883 mix_column(&intermediateb[12], &intermediatea[12]);
884 xor_128(intermediatea, round_key, ciphertext);
885 next_key(round_key, round);
886 }
887 }
888 }
889
890
891
892
893
894 static void construct_mic_iv(u8 *mic_iv, sint qc_exists, sint a4_exists,
895 u8 *mpdu, uint payload_length, u8 *pn_vector)
896 {
897 sint i;
898
899 mic_iv[0] = 0x59;
900 if (qc_exists && a4_exists)
901 mic_iv[1] = mpdu[30] & 0x0f;
902 if (qc_exists && !a4_exists)
903 mic_iv[1] = mpdu[24] & 0x0f;
904 if (!qc_exists)
905 mic_iv[1] = 0x00;
906 for (i = 2; i < 8; i++)
907 mic_iv[i] = mpdu[i + 8];
908 for (i = 8; i < 14; i++)
909 mic_iv[i] = pn_vector[13 - i];
910 mic_iv[14] = (unsigned char) (payload_length / 256);
911 mic_iv[15] = (unsigned char) (payload_length % 256);
912 }
913
914
915
916
917
918
919 static void construct_mic_header1(u8 *mic_header1, sint header_length, u8 *mpdu)
920 {
921 mic_header1[0] = (u8)((header_length - 2) / 256);
922 mic_header1[1] = (u8)((header_length - 2) % 256);
923 mic_header1[2] = mpdu[0] & 0xcf;
924
925 mic_header1[3] = mpdu[1] & 0xc7;
926 mic_header1[4] = mpdu[4];
927 mic_header1[5] = mpdu[5];
928 mic_header1[6] = mpdu[6];
929 mic_header1[7] = mpdu[7];
930 mic_header1[8] = mpdu[8];
931 mic_header1[9] = mpdu[9];
932 mic_header1[10] = mpdu[10];
933 mic_header1[11] = mpdu[11];
934 mic_header1[12] = mpdu[12];
935 mic_header1[13] = mpdu[13];
936 mic_header1[14] = mpdu[14];
937 mic_header1[15] = mpdu[15];
938 }
939
940
941
942
943
944
945 static void construct_mic_header2(u8 *mic_header2, u8 *mpdu, sint a4_exists,
946 sint qc_exists)
947 {
948 sint i;
949
950 for (i = 0; i < 16; i++)
951 mic_header2[i] = 0x00;
952 mic_header2[0] = mpdu[16];
953 mic_header2[1] = mpdu[17];
954 mic_header2[2] = mpdu[18];
955 mic_header2[3] = mpdu[19];
956 mic_header2[4] = mpdu[20];
957 mic_header2[5] = mpdu[21];
958 mic_header2[6] = 0x00;
959 mic_header2[7] = 0x00;
960 if (!qc_exists && a4_exists)
961 for (i = 0; i < 6; i++)
962 mic_header2[8 + i] = mpdu[24 + i];
963 if (qc_exists && !a4_exists) {
964 mic_header2[8] = mpdu[24] & 0x0f;
965 mic_header2[9] = mpdu[25] & 0x00;
966 }
967 if (qc_exists && a4_exists) {
968 for (i = 0; i < 6; i++)
969 mic_header2[8 + i] = mpdu[24 + i];
970 mic_header2[14] = mpdu[30] & 0x0f;
971 mic_header2[15] = mpdu[31] & 0x00;
972 }
973 }
974
975
976
977
978
979
980 static void construct_ctr_preload(u8 *ctr_preload,
981 sint a4_exists, sint qc_exists,
982 u8 *mpdu, u8 *pn_vector, sint c)
983 {
984 sint i;
985
986 for (i = 0; i < 16; i++)
987 ctr_preload[i] = 0x00;
988 i = 0;
989 ctr_preload[0] = 0x01;
990 if (qc_exists && a4_exists)
991 ctr_preload[1] = mpdu[30] & 0x0f;
992 if (qc_exists && !a4_exists)
993 ctr_preload[1] = mpdu[24] & 0x0f;
994 for (i = 2; i < 8; i++)
995 ctr_preload[i] = mpdu[i + 8];
996 for (i = 8; i < 14; i++)
997 ctr_preload[i] = pn_vector[13 - i];
998 ctr_preload[14] = (unsigned char) (c / 256);
999 ctr_preload[15] = (unsigned char) (c % 256);
1000 }
1001
1002
1003
1004
1005
1006 static void bitwise_xor(u8 *ina, u8 *inb, u8 *out)
1007 {
1008 sint i;
1009
1010 for (i = 0; i < 16; i++)
1011 out[i] = ina[i] ^ inb[i];
1012 }
1013
1014 static void aes_cipher(u8 *key, uint hdrlen,
1015 u8 *pframe, uint plen)
1016 {
1017 uint qc_exists, a4_exists, i, j, payload_remainder;
1018 uint num_blocks, payload_index;
1019
1020 u8 pn_vector[6];
1021 u8 mic_iv[16];
1022 u8 mic_header1[16];
1023 u8 mic_header2[16];
1024 u8 ctr_preload[16];
1025
1026
1027 u8 chain_buffer[16];
1028 u8 aes_out[16];
1029 u8 padded_buffer[16];
1030 u8 mic[8];
1031 u16 frtype = GetFrameType(pframe);
1032 u16 frsubtype = GetFrameSubType(pframe);
1033
1034 frsubtype >>= 4;
1035 memset((void *)mic_iv, 0, 16);
1036 memset((void *)mic_header1, 0, 16);
1037 memset((void *)mic_header2, 0, 16);
1038 memset((void *)ctr_preload, 0, 16);
1039 memset((void *)chain_buffer, 0, 16);
1040 memset((void *)aes_out, 0, 16);
1041 memset((void *)padded_buffer, 0, 16);
1042
1043 if ((hdrlen == WLAN_HDR_A3_LEN) || (hdrlen == WLAN_HDR_A3_QOS_LEN))
1044 a4_exists = 0;
1045 else
1046 a4_exists = 1;
1047
1048 if ((frtype == WIFI_DATA_CFACK) ||
1049 (frtype == WIFI_DATA_CFPOLL) ||
1050 (frtype == WIFI_DATA_CFACKPOLL)) {
1051 qc_exists = 1;
1052 if (hdrlen != WLAN_HDR_A3_QOS_LEN)
1053 hdrlen += 2;
1054 } else if ((frsubtype == 0x08) ||
1055 (frsubtype == 0x09) ||
1056 (frsubtype == 0x0a) ||
1057 (frsubtype == 0x0b)) {
1058 if (hdrlen != WLAN_HDR_A3_QOS_LEN)
1059 hdrlen += 2;
1060 qc_exists = 1;
1061 } else {
1062 qc_exists = 0;
1063 }
1064 pn_vector[0] = pframe[hdrlen];
1065 pn_vector[1] = pframe[hdrlen + 1];
1066 pn_vector[2] = pframe[hdrlen + 4];
1067 pn_vector[3] = pframe[hdrlen + 5];
1068 pn_vector[4] = pframe[hdrlen + 6];
1069 pn_vector[5] = pframe[hdrlen + 7];
1070 construct_mic_iv(mic_iv, qc_exists, a4_exists, pframe, plen, pn_vector);
1071 construct_mic_header1(mic_header1, hdrlen, pframe);
1072 construct_mic_header2(mic_header2, pframe, a4_exists, qc_exists);
1073 payload_remainder = plen % 16;
1074 num_blocks = plen / 16;
1075
1076 payload_index = hdrlen + 8;
1077
1078 aes128k128d(key, mic_iv, aes_out);
1079 bitwise_xor(aes_out, mic_header1, chain_buffer);
1080 aes128k128d(key, chain_buffer, aes_out);
1081 bitwise_xor(aes_out, mic_header2, chain_buffer);
1082 aes128k128d(key, chain_buffer, aes_out);
1083 for (i = 0; i < num_blocks; i++) {
1084 bitwise_xor(aes_out, &pframe[payload_index], chain_buffer);
1085 payload_index += 16;
1086 aes128k128d(key, chain_buffer, aes_out);
1087 }
1088
1089 if (payload_remainder > 0) {
1090 for (j = 0; j < 16; j++)
1091 padded_buffer[j] = 0x00;
1092 for (j = 0; j < payload_remainder; j++)
1093 padded_buffer[j] = pframe[payload_index++];
1094 bitwise_xor(aes_out, padded_buffer, chain_buffer);
1095 aes128k128d(key, chain_buffer, aes_out);
1096 }
1097 for (j = 0; j < 8; j++)
1098 mic[j] = aes_out[j];
1099
1100 for (j = 0; j < 8; j++)
1101 pframe[payload_index + j] = mic[j];
1102 payload_index = hdrlen + 8;
1103 for (i = 0; i < num_blocks; i++) {
1104 construct_ctr_preload(ctr_preload, a4_exists, qc_exists,
1105 pframe, pn_vector, i + 1);
1106 aes128k128d(key, ctr_preload, aes_out);
1107 bitwise_xor(aes_out, &pframe[payload_index], chain_buffer);
1108 for (j = 0; j < 16; j++)
1109 pframe[payload_index++] = chain_buffer[j];
1110 }
1111 if (payload_remainder > 0) {
1112
1113 construct_ctr_preload(ctr_preload, a4_exists, qc_exists,
1114 pframe, pn_vector, num_blocks + 1);
1115 for (j = 0; j < 16; j++)
1116 padded_buffer[j] = 0x00;
1117 for (j = 0; j < payload_remainder; j++)
1118 padded_buffer[j] = pframe[payload_index + j];
1119 aes128k128d(key, ctr_preload, aes_out);
1120 bitwise_xor(aes_out, padded_buffer, chain_buffer);
1121 for (j = 0; j < payload_remainder; j++)
1122 pframe[payload_index++] = chain_buffer[j];
1123 }
1124
1125 construct_ctr_preload(ctr_preload, a4_exists, qc_exists,
1126 pframe, pn_vector, 0);
1127 for (j = 0; j < 16; j++)
1128 padded_buffer[j] = 0x00;
1129 for (j = 0; j < 8; j++)
1130 padded_buffer[j] = pframe[j + hdrlen + 8 + plen];
1131 aes128k128d(key, ctr_preload, aes_out);
1132 bitwise_xor(aes_out, padded_buffer, chain_buffer);
1133 for (j = 0; j < 8; j++)
1134 pframe[payload_index++] = chain_buffer[j];
1135 }
1136
1137 u32 r8712_aes_encrypt(struct _adapter *padapter, u8 *pxmitframe)
1138 {
1139
1140 sint curfragnum, length;
1141 u8 *pframe, *prwskey;
1142 struct sta_info *stainfo;
1143 struct pkt_attrib *pattrib = &((struct xmit_frame *)
1144 pxmitframe)->attrib;
1145 struct xmit_priv *pxmitpriv = &padapter->xmitpriv;
1146 u32 res = _SUCCESS;
1147
1148 if (((struct xmit_frame *)pxmitframe)->buf_addr == NULL)
1149 return _FAIL;
1150 pframe = ((struct xmit_frame *)pxmitframe)->buf_addr + TXDESC_OFFSET;
1151
1152 if (pattrib->encrypt == _AES_) {
1153 if (pattrib->psta)
1154 stainfo = pattrib->psta;
1155 else
1156 stainfo = r8712_get_stainfo(&padapter->stapriv,
1157 &pattrib->ra[0]);
1158 if (stainfo != NULL) {
1159 prwskey = &stainfo->x_UncstKey.skey[0];
1160 for (curfragnum = 0; curfragnum < pattrib->nr_frags;
1161 curfragnum++) {
1162 if ((curfragnum + 1) == pattrib->nr_frags) {
1163 length = pattrib->last_txcmdsz -
1164 pattrib->hdrlen -
1165 pattrib->iv_len -
1166 pattrib->icv_len;
1167 aes_cipher(prwskey, pattrib->hdrlen,
1168 pframe, length);
1169 } else {
1170 length = pxmitpriv->frag_len -
1171 pattrib->hdrlen -
1172 pattrib->iv_len -
1173 pattrib->icv_len;
1174 aes_cipher(prwskey, pattrib->hdrlen,
1175 pframe, length);
1176 pframe += pxmitpriv->frag_len;
1177 pframe = (u8 *)RND4((addr_t)(pframe));
1178 }
1179 }
1180 } else {
1181 res = _FAIL;
1182 }
1183 }
1184 return res;
1185 }
1186
1187 static void aes_decipher(u8 *key, uint hdrlen,
1188 u8 *pframe, uint plen)
1189 {
1190 static u8 message[MAX_MSG_SIZE];
1191 uint qc_exists, a4_exists, i, j, payload_remainder;
1192 uint num_blocks, payload_index;
1193 u8 pn_vector[6];
1194 u8 mic_iv[16];
1195 u8 mic_header1[16];
1196 u8 mic_header2[16];
1197 u8 ctr_preload[16];
1198
1199 u8 chain_buffer[16];
1200 u8 aes_out[16];
1201 u8 padded_buffer[16];
1202 u8 mic[8];
1203 uint frtype = GetFrameType(pframe);
1204 uint frsubtype = GetFrameSubType(pframe);
1205
1206 frsubtype >>= 4;
1207 memset((void *)mic_iv, 0, 16);
1208 memset((void *)mic_header1, 0, 16);
1209 memset((void *)mic_header2, 0, 16);
1210 memset((void *)ctr_preload, 0, 16);
1211 memset((void *)chain_buffer, 0, 16);
1212 memset((void *)aes_out, 0, 16);
1213 memset((void *)padded_buffer, 0, 16);
1214
1215
1216 num_blocks = (plen - 8) / 16;
1217 payload_remainder = (plen - 8) % 16;
1218 pn_vector[0] = pframe[hdrlen];
1219 pn_vector[1] = pframe[hdrlen + 1];
1220 pn_vector[2] = pframe[hdrlen + 4];
1221 pn_vector[3] = pframe[hdrlen + 5];
1222 pn_vector[4] = pframe[hdrlen + 6];
1223 pn_vector[5] = pframe[hdrlen + 7];
1224 if ((hdrlen == WLAN_HDR_A3_LEN) || (hdrlen == WLAN_HDR_A3_QOS_LEN))
1225 a4_exists = 0;
1226 else
1227 a4_exists = 1;
1228 if ((frtype == WIFI_DATA_CFACK) ||
1229 (frtype == WIFI_DATA_CFPOLL) ||
1230 (frtype == WIFI_DATA_CFACKPOLL)) {
1231 qc_exists = 1;
1232 if (hdrlen != WLAN_HDR_A3_QOS_LEN)
1233 hdrlen += 2;
1234 } else if ((frsubtype == 0x08) ||
1235 (frsubtype == 0x09) ||
1236 (frsubtype == 0x0a) ||
1237 (frsubtype == 0x0b)) {
1238 if (hdrlen != WLAN_HDR_A3_QOS_LEN)
1239 hdrlen += 2;
1240 qc_exists = 1;
1241 } else {
1242 qc_exists = 0;
1243 }
1244
1245 payload_index = hdrlen + 8;
1246 for (i = 0; i < num_blocks; i++) {
1247 construct_ctr_preload(ctr_preload, a4_exists, qc_exists,
1248 pframe, pn_vector, i + 1);
1249 aes128k128d(key, ctr_preload, aes_out);
1250 bitwise_xor(aes_out, &pframe[payload_index], chain_buffer);
1251 for (j = 0; j < 16; j++)
1252 pframe[payload_index++] = chain_buffer[j];
1253 }
1254 if (payload_remainder > 0) {
1255
1256 construct_ctr_preload(ctr_preload, a4_exists, qc_exists,
1257 pframe, pn_vector, num_blocks + 1);
1258 for (j = 0; j < 16; j++)
1259 padded_buffer[j] = 0x00;
1260 for (j = 0; j < payload_remainder; j++)
1261 padded_buffer[j] = pframe[payload_index + j];
1262 aes128k128d(key, ctr_preload, aes_out);
1263 bitwise_xor(aes_out, padded_buffer, chain_buffer);
1264 for (j = 0; j < payload_remainder; j++)
1265 pframe[payload_index++] = chain_buffer[j];
1266 }
1267
1268 memcpy((void *)message, pframe, (hdrlen + plen + 8));
1269 pn_vector[0] = pframe[hdrlen];
1270 pn_vector[1] = pframe[hdrlen + 1];
1271 pn_vector[2] = pframe[hdrlen + 4];
1272 pn_vector[3] = pframe[hdrlen + 5];
1273 pn_vector[4] = pframe[hdrlen + 6];
1274 pn_vector[5] = pframe[hdrlen + 7];
1275 construct_mic_iv(mic_iv, qc_exists, a4_exists, message, plen - 8,
1276 pn_vector);
1277 construct_mic_header1(mic_header1, hdrlen, message);
1278 construct_mic_header2(mic_header2, message, a4_exists, qc_exists);
1279 payload_remainder = (plen - 8) % 16;
1280 num_blocks = (plen - 8) / 16;
1281
1282 payload_index = hdrlen + 8;
1283
1284 aes128k128d(key, mic_iv, aes_out);
1285 bitwise_xor(aes_out, mic_header1, chain_buffer);
1286 aes128k128d(key, chain_buffer, aes_out);
1287 bitwise_xor(aes_out, mic_header2, chain_buffer);
1288 aes128k128d(key, chain_buffer, aes_out);
1289 for (i = 0; i < num_blocks; i++) {
1290 bitwise_xor(aes_out, &message[payload_index], chain_buffer);
1291 payload_index += 16;
1292 aes128k128d(key, chain_buffer, aes_out);
1293 }
1294
1295 if (payload_remainder > 0) {
1296 for (j = 0; j < 16; j++)
1297 padded_buffer[j] = 0x00;
1298 for (j = 0; j < payload_remainder; j++)
1299 padded_buffer[j] = message[payload_index++];
1300 bitwise_xor(aes_out, padded_buffer, chain_buffer);
1301 aes128k128d(key, chain_buffer, aes_out);
1302 }
1303 for (j = 0; j < 8; j++)
1304 mic[j] = aes_out[j];
1305
1306 for (j = 0; j < 8; j++)
1307 message[payload_index + j] = mic[j];
1308 payload_index = hdrlen + 8;
1309 for (i = 0; i < num_blocks; i++) {
1310 construct_ctr_preload(ctr_preload, a4_exists, qc_exists,
1311 message, pn_vector, i + 1);
1312 aes128k128d(key, ctr_preload, aes_out);
1313 bitwise_xor(aes_out, &message[payload_index], chain_buffer);
1314 for (j = 0; j < 16; j++)
1315 message[payload_index++] = chain_buffer[j];
1316 }
1317 if (payload_remainder > 0) {
1318
1319 construct_ctr_preload(ctr_preload, a4_exists, qc_exists,
1320 message, pn_vector, num_blocks + 1);
1321 for (j = 0; j < 16; j++)
1322 padded_buffer[j] = 0x00;
1323 for (j = 0; j < payload_remainder; j++)
1324 padded_buffer[j] = message[payload_index + j];
1325 aes128k128d(key, ctr_preload, aes_out);
1326 bitwise_xor(aes_out, padded_buffer, chain_buffer);
1327 for (j = 0; j < payload_remainder; j++)
1328 message[payload_index++] = chain_buffer[j];
1329 }
1330
1331 construct_ctr_preload(ctr_preload, a4_exists, qc_exists, message,
1332 pn_vector, 0);
1333 for (j = 0; j < 16; j++)
1334 padded_buffer[j] = 0x00;
1335 for (j = 0; j < 8; j++)
1336 padded_buffer[j] = message[j + hdrlen + plen];
1337 aes128k128d(key, ctr_preload, aes_out);
1338 bitwise_xor(aes_out, padded_buffer, chain_buffer);
1339 for (j = 0; j < 8; j++)
1340 message[payload_index++] = chain_buffer[j];
1341
1342 }
1343
1344 void r8712_aes_decrypt(struct _adapter *padapter, u8 *precvframe)
1345 {
1346
1347 sint length;
1348 u8 *pframe, *prwskey, *iv, idx;
1349 struct sta_info *stainfo;
1350 struct rx_pkt_attrib *prxattrib = &((union recv_frame *)
1351 precvframe)->u.hdr.attrib;
1352 struct security_priv *psecuritypriv = &padapter->securitypriv;
1353
1354 pframe = (unsigned char *)((union recv_frame *)precvframe)->
1355 u.hdr.rx_data;
1356
1357 if (prxattrib->encrypt == _AES_) {
1358 stainfo = r8712_get_stainfo(&padapter->stapriv,
1359 &prxattrib->ta[0]);
1360 if (stainfo != NULL) {
1361 if (is_multicast_ether_addr(prxattrib->ra)) {
1362 iv = pframe + prxattrib->hdrlen;
1363 idx = iv[3];
1364 prwskey = &psecuritypriv->XGrpKey[
1365 ((idx >> 6) & 0x3) - 1].skey[0];
1366 if (!psecuritypriv->binstallGrpkey)
1367 return;
1368
1369 } else {
1370 prwskey = &stainfo->x_UncstKey.skey[0];
1371 }
1372 length = ((union recv_frame *)precvframe)->
1373 u.hdr.len - prxattrib->hdrlen -
1374 prxattrib->iv_len;
1375 aes_decipher(prwskey, prxattrib->hdrlen, pframe,
1376 length);
1377 }
1378 }
1379 }
1380
1381 void r8712_use_tkipkey_handler(struct timer_list *t)
1382 {
1383 struct _adapter *padapter =
1384 from_timer(padapter, t, securitypriv.tkip_timer);
1385
1386 padapter->securitypriv.busetkipkey = true;
1387 }