drivers/staging/r8188eu/include/rtw_security.h

   1 /* SPDX-License-Identifier: GPL-2.0 OR BSD-3-Clause */
   2 /* Copyright(c) 2007 - 2011 Realtek Corporation. */
   3
   4 #ifndef __RTW_SECURITY_H_
   5 #define __RTW_SECURITY_H_
   6
   7 #include <osdep_service.h>
   8 #include <drv_types.h>
   9
  10 #define _NO_PRIVACY_                    0x0
  11 #define _WEP40_                         0x1
  12 #define _TKIP_                          0x2
  13 #define _TKIP_WTMIC_                    0x3
  14 #define _AES_                           0x4
  15 #define _WEP104_                        0x5
  16 #define _WEP_WPA_MIXED_                 0x07  /*  WEP + WPA */
  17 #define _SMS4_                          0x06
  18
  19 #define is_wep_enc(alg) (((alg) == _WEP40_) || ((alg) == _WEP104_))
  20
  21 #define _WPA_IE_ID_     0xdd
  22 #define _WPA2_IE_ID_    0x30
  23
  24 #define SHA256_MAC_LEN 32
  25 #define AES_BLOCK_SIZE 16
  26 #define AES_PRIV_SIZE (4 * 44)
  27
  28 enum {
  29         ENCRYP_PROTOCOL_OPENSYS,   /* open system */
  30         ENCRYP_PROTOCOL_WEP,       /* WEP */
  31         ENCRYP_PROTOCOL_WPA,       /* WPA */
  32         ENCRYP_PROTOCOL_WPA2,      /* WPA2 */
  33         ENCRYP_PROTOCOL_WAPI,      /* WAPI: Not support in this version */
  34         ENCRYP_PROTOCOL_MAX
  35 };
  36
  37 #ifndef Ndis802_11AuthModeWPA2
  38 #define Ndis802_11AuthModeWPA2 (Ndis802_11AuthModeWPANone + 1)
  39 #endif
  40
  41 #ifndef Ndis802_11AuthModeWPA2PSK
  42 #define Ndis802_11AuthModeWPA2PSK (Ndis802_11AuthModeWPANone + 2)
  43 #endif
  44
  45 union pn48      {
  46         u64     val;
  47
  48 #ifdef __LITTLE_ENDIAN
  49         struct {
  50                 u8 TSC0;
  51                 u8 TSC1;
  52                 u8 TSC2;
  53                 u8 TSC3;
  54                 u8 TSC4;
  55                 u8 TSC5;
  56                 u8 TSC6;
  57                 u8 TSC7;
  58         } _byte_;
  59
  60 #elif defined(__BIG_ENDIAN)
  61
  62         struct {
  63                 u8 TSC7;
  64                 u8 TSC6;
  65                 u8 TSC5;
  66                 u8 TSC4;
  67                 u8 TSC3;
  68                 u8 TSC2;
  69                 u8 TSC1;
  70                 u8 TSC0;
  71         } _byte_;
  72 #endif
  73 };
  74
  75 union Keytype {
  76         u8   skey[16];
  77         u32    lkey[4];
  78 };
  79
  80 struct rt_pmkid_list {
  81         u8      bUsed;
  82         u8      Bssid[6];
  83         u8      PMKID[16];
  84         u8      SsidBuf[33];
  85         u8      *ssid_octet;
  86         u16     ssid_length;
  87 };
  88
  89 struct security_priv {
  90         u32       dot11AuthAlgrthm;     /*  802.11 auth, could be open,
  91                                          * shared, 8021x and authswitch */
  92         u32       dot11PrivacyAlgrthm;  /*  This specify the privacy for
  93                                          * shared auth. algorithm. */
  94         /* WEP */
  95         u32       dot11PrivacyKeyIndex; /*  this is only valid for legendary
  96                                          * wep, 0~3 for key id.(tx key index) */
  97         union Keytype dot11DefKey[4];   /*  this is only valid for def. key */
  98         u32     dot11DefKeylen[4];
  99         u32 dot118021XGrpPrivacy;       /*  This specify the privacy algthm.
 100                                          * used for Grp key */
 101         u32     dot118021XGrpKeyid;     /*  key id used for Grp Key
 102                                          * ( tx key index) */
 103         union Keytype   dot118021XGrpKey[4];    /*  802.1x Group Key,
 104                                                  * for inx0 and inx1 */
 105         union Keytype   dot118021XGrptxmickey[4];
 106         union Keytype   dot118021XGrprxmickey[4];
 107         union pn48      dot11Grptxpn;           /* PN48 used for Grp Key xmit.*/
 108         union pn48      dot11Grprxpn;           /* PN48 used for Grp Key recv.*/
 109 #ifdef CONFIG_88EU_AP_MODE
 110         /* extend security capabilities for AP_MODE */
 111         unsigned int dot8021xalg;/* 0:disable, 1:psk, 2:802.1x */
 112         unsigned int wpa_psk;/* 0:disable, bit(0): WPA, bit(1):WPA2 */
 113         unsigned int wpa_group_cipher;
 114         unsigned int wpa2_group_cipher;
 115         unsigned int wpa_pairwise_cipher;
 116         unsigned int wpa2_pairwise_cipher;
 117 #endif
 118         u8 wps_ie[MAX_WPS_IE_LEN];/* added in assoc req */
 119         int wps_ie_len;
 120         u8      binstallGrpkey;
 121         u8      busetkipkey;
 122         u8      bcheck_grpkey;
 123         u8      bgrpkey_handshake;
 124         s32     sw_encrypt;/* from registry_priv */
 125         s32     sw_decrypt;/* from registry_priv */
 126         s32     hw_decrypted;/* if the rx packets is hw_decrypted==false,i
 127                               * it means the hw has not been ready. */
 128
 129         /* keeps the auth_type & enc_status from upper layer
 130          * ioctl(wpa_supplicant or wzc) */
 131         u32 ndisauthtype;       /*  NDIS_802_11_AUTHENTICATION_MODE */
 132         u32 ndisencryptstatus;  /*  NDIS_802_11_ENCRYPTION_STATUS */
 133         struct wlan_bssid_ex sec_bss;  /* for joinbss (h2c buffer) usage */
 134         struct ndis_802_11_wep ndiswep;
 135         u8 assoc_info[600];
 136         u8 szofcapability[256]; /* for wpa2 usage */
 137         u8 oidassociation[512]; /* for wpa/wpa2 usage */
 138         u8 authenticator_ie[256];  /* store ap security information element */
 139         u8 supplicant_ie[256];  /* store sta security information element */
 140
 141         /* for tkip countermeasure */
 142         u32 last_mic_err_time;
 143         u8      btkip_countermeasure;
 144         u8      btkip_wait_report;
 145         u32 btkip_countermeasure_time;
 146
 147         /*  */
 148         /*  For WPA2 Pre-Authentication. */
 149         /*  */
 150         struct rt_pmkid_list PMKIDList[NUM_PMKID_CACHE];
 151         u8      PMKIDIndex;
 152         u8 bWepDefaultKeyIdxSet;
 153 };
 154
 155 #define GET_ENCRY_ALGO(psecuritypriv, psta, encry_algo, bmcst)          \
 156 do {                                                                    \
 157         switch (psecuritypriv->dot11AuthAlgrthm) {                      \
 158         case dot11AuthAlgrthm_Open:                                     \
 159         case dot11AuthAlgrthm_Shared:                                   \
 160         case dot11AuthAlgrthm_Auto:                                     \
 161                 encry_algo = (u8)psecuritypriv->dot11PrivacyAlgrthm;    \
 162                 break;                                                  \
 163         case dot11AuthAlgrthm_8021X:                                    \
 164                 if (bmcst)                                              \
 165                         encry_algo = (u8)psecuritypriv->dot118021XGrpPrivacy;\
 166                 else                                                    \
 167                         encry_algo = (u8)psta->dot118021XPrivacy;       \
 168                 break;                                                  \
 169         case dot11AuthAlgrthm_WAPI:                                     \
 170                 encry_algo = (u8)psecuritypriv->dot11PrivacyAlgrthm;    \
 171                 break;                                                  \
 172         }                                                               \
 173 } while (0)
 174
 175 #define SET_ICE_IV_LEN(iv_len, icv_len, encrypt)                        \
 176 do {                                                                    \
 177         switch (encrypt) {                                              \
 178         case _WEP40_:                                                   \
 179         case _WEP104_:                                                  \
 180                 iv_len = 4;                                             \
 181                 icv_len = 4;                                            \
 182                 break;                                                  \
 183         case _TKIP_:                                                    \
 184                 iv_len = 8;                                             \
 185                 icv_len = 4;                                            \
 186                 break;                                                  \
 187         case _AES_:                                                     \
 188                 iv_len = 8;                                             \
 189                 icv_len = 8;                                            \
 190                 break;                                                  \
 191         case _SMS4_:                                                    \
 192                 iv_len = 18;                                            \
 193                 icv_len = 16;                                           \
 194                 break;                                                  \
 195         default:                                                        \
 196                 iv_len = 0;                                             \
 197                 icv_len = 0;                                            \
 198                 break;                                                  \
 199         }                                                               \
 200 } while (0)
 201
 202 #define GET_TKIP_PN(iv, dot11txpn)                                      \
 203 do {                                                                    \
 204         dot11txpn._byte_.TSC0 = iv[2];                                  \
 205         dot11txpn._byte_.TSC1 = iv[0];                                  \
 206         dot11txpn._byte_.TSC2 = iv[4];                                  \
 207         dot11txpn._byte_.TSC3 = iv[5];                                  \
 208         dot11txpn._byte_.TSC4 = iv[6];                                  \
 209         dot11txpn._byte_.TSC5 = iv[7];                                  \
 210 } while (0)
 211
 212 #define ROL32(A, n)     (((A) << (n)) | (((A)>>(32-(n)))  & ((1UL << (n)) - 1)))
 213 #define ROR32(A, n)     ROL32((A), 32-(n))
 214
 215 struct mic_data {
 216         u32  K0, K1;         /*  Key */
 217         u32  L, R;           /*  Current state */
 218         u32  M;              /*  Message accumulator (single word) */
 219         u32  nBytesInM;      /*  # bytes in M */
 220 };
 221
 222 extern const u32 Te0[256];
 223 extern const u32 Te1[256];
 224 extern const u32 Te2[256];
 225 extern const u32 Te3[256];
 226 extern const u32 Te4[256];
 227 extern const u32 Td0[256];
 228 extern const u32 Td1[256];
 229 extern const u32 Td2[256];
 230 extern const u32 Td3[256];
 231 extern const u32 Td4[256];
 232 extern const u32 rcon[10];
 233 extern const u8 Td4s[256];
 234 extern const u8 rcons[10];
 235
 236 #define RCON(i) (rcons[(i)] << 24)
 237
 238 static inline u32 rotr(u32 val, int bits)
 239 {
 240         return (val >> bits) | (val << (32 - bits));
 241 }
 242
 243 #define TE0(i) Te0[((i) >> 24) & 0xff]
 244 #define TE1(i) rotr(Te0[((i) >> 16) & 0xff], 8)
 245 #define TE2(i) rotr(Te0[((i) >> 8) & 0xff], 16)
 246 #define TE3(i) rotr(Te0[(i) & 0xff], 24)
 247 #define TE41(i) ((Te0[((i) >> 24) & 0xff] << 8) & 0xff000000)
 248 #define TE42(i) (Te0[((i) >> 16) & 0xff] & 0x00ff0000)
 249 #define TE43(i) (Te0[((i) >> 8) & 0xff] & 0x0000ff00)
 250 #define TE44(i) ((Te0[(i) & 0xff] >> 8) & 0x000000ff)
 251 #define TE421(i) ((Te0[((i) >> 16) & 0xff] << 8) & 0xff000000)
 252 #define TE432(i) (Te0[((i) >> 8) & 0xff] & 0x00ff0000)
 253 #define TE443(i) (Te0[(i) & 0xff] & 0x0000ff00)
 254 #define TE414(i) ((Te0[((i) >> 24) & 0xff] >> 8) & 0x000000ff)
 255 #define TE4(i) ((Te0[(i)] >> 8) & 0x000000ff)
 256
 257 #define TD0(i) Td0[((i) >> 24) & 0xff]
 258 #define TD1(i) rotr(Td0[((i) >> 16) & 0xff], 8)
 259 #define TD2(i) rotr(Td0[((i) >> 8) & 0xff], 16)
 260 #define TD3(i) rotr(Td0[(i) & 0xff], 24)
 261 #define TD41(i) (Td4s[((i) >> 24) & 0xff] << 24)
 262 #define TD42(i) (Td4s[((i) >> 16) & 0xff] << 16)
 263 #define TD43(i) (Td4s[((i) >> 8) & 0xff] << 8)
 264 #define TD44(i) (Td4s[(i) & 0xff])
 265 #define TD0_(i) Td0[(i) & 0xff]
 266 #define TD1_(i) rotr(Td0[(i) & 0xff], 8)
 267 #define TD2_(i) rotr(Td0[(i) & 0xff], 16)
 268 #define TD3_(i) rotr(Td0[(i) & 0xff], 24)
 269
 270 #define GETU32(pt) (((u32)(pt)[0] << 24) ^ ((u32)(pt)[1] << 16) ^ \
 271                         ((u32)(pt)[2] <<  8) ^ ((u32)(pt)[3]))
 272
 273 #define PUTU32(ct, st) { \
 274 (ct)[0] = (u8)((st) >> 24); (ct)[1] = (u8)((st) >> 16); \
 275 (ct)[2] = (u8)((st) >>  8); (ct)[3] = (u8)(st); }
 276
 277 #define WPA_GET_BE32(a) ((((u32)(a)[0]) << 24) | (((u32)(a)[1]) << 16) | \
 278                          (((u32)(a)[2]) << 8) | ((u32)(a)[3]))
 279
 280 #define WPA_PUT_LE16(a, val)                    \
 281         do {                                    \
 282                 (a)[1] = ((u16)(val)) >> 8;     \
 283                 (a)[0] = ((u16)(val)) & 0xff;   \
 284         } while (0)
 285
 286 #define WPA_PUT_BE32(a, val)                                    \
 287         do {                                                    \
 288                 (a)[0] = (u8)((((u32)(val)) >> 24) & 0xff);     \
 289                 (a)[1] = (u8)((((u32)(val)) >> 16) & 0xff);     \
 290                 (a)[2] = (u8)((((u32)(val)) >> 8) & 0xff);      \
 291                 (a)[3] = (u8)(((u32)(val)) & 0xff);             \
 292         } while (0)
 293
 294 #define WPA_PUT_BE64(a, val)                            \
 295         do {                                            \
 296                 (a)[0] = (u8)(((u64)(val)) >> 56);      \
 297                 (a)[1] = (u8)(((u64)(val)) >> 48);      \
 298                 (a)[2] = (u8)(((u64)(val)) >> 40);      \
 299                 (a)[3] = (u8)(((u64)(val)) >> 32);      \
 300                 (a)[4] = (u8)(((u64)(val)) >> 24);      \
 301                 (a)[5] = (u8)(((u64)(val)) >> 16);      \
 302                 (a)[6] = (u8)(((u64)(val)) >> 8);       \
 303                 (a)[7] = (u8)(((u64)(val)) & 0xff);     \
 304         } while (0)
 305
 306 /* ===== start - public domain SHA256 implementation ===== */
 307
 308 /* This is based on SHA256 implementation in LibTomCrypt that was released into
 309  * public domain by Tom St Denis. */
 310
 311 /* the K array */
 312 static const unsigned long K[64] = {
 313         0x428a2f98UL, 0x71374491UL, 0xb5c0fbcfUL, 0xe9b5dba5UL, 0x3956c25bUL,
 314         0x59f111f1UL, 0x923f82a4UL, 0xab1c5ed5UL, 0xd807aa98UL, 0x12835b01UL,
 315         0x243185beUL, 0x550c7dc3UL, 0x72be5d74UL, 0x80deb1feUL, 0x9bdc06a7UL,
 316         0xc19bf174UL, 0xe49b69c1UL, 0xefbe4786UL, 0x0fc19dc6UL, 0x240ca1ccUL,
 317         0x2de92c6fUL, 0x4a7484aaUL, 0x5cb0a9dcUL, 0x76f988daUL, 0x983e5152UL,
 318         0xa831c66dUL, 0xb00327c8UL, 0xbf597fc7UL, 0xc6e00bf3UL, 0xd5a79147UL,
 319         0x06ca6351UL, 0x14292967UL, 0x27b70a85UL, 0x2e1b2138UL, 0x4d2c6dfcUL,
 320         0x53380d13UL, 0x650a7354UL, 0x766a0abbUL, 0x81c2c92eUL, 0x92722c85UL,
 321         0xa2bfe8a1UL, 0xa81a664bUL, 0xc24b8b70UL, 0xc76c51a3UL, 0xd192e819UL,
 322         0xd6990624UL, 0xf40e3585UL, 0x106aa070UL, 0x19a4c116UL, 0x1e376c08UL,
 323         0x2748774cUL, 0x34b0bcb5UL, 0x391c0cb3UL, 0x4ed8aa4aUL, 0x5b9cca4fUL,
 324         0x682e6ff3UL, 0x748f82eeUL, 0x78a5636fUL, 0x84c87814UL, 0x8cc70208UL,
 325         0x90befffaUL, 0xa4506cebUL, 0xbef9a3f7UL, 0xc67178f2UL
 326 };
 327
 328 /* Various logical functions */
 329 #define RORc(x, y) \
 330         (((((unsigned long)(x) & 0xFFFFFFFFUL) >> (unsigned long)((y)&31)) | \
 331          ((unsigned long)(x) << (unsigned long)(32-((y)&31)))) & 0xFFFFFFFFUL)
 332 #define Ch(x, y ,z)       (z ^ (x & (y ^ z)))
 333 #define Maj(x, y, z)      (((x | y) & z) | (x & y))
 334 #define S(x, n)         RORc((x), (n))
 335 #define R(x, n)         (((x)&0xFFFFFFFFUL)>>(n))
 336 #define Sigma0(x)       (S(x, 2) ^ S(x, 13) ^ S(x, 22))
 337 #define Sigma1(x)       (S(x, 6) ^ S(x, 11) ^ S(x, 25))
 338 #define Gamma0(x)       (S(x, 7) ^ S(x, 18) ^ R(x, 3))
 339 #define Gamma1(x)       (S(x, 17) ^ S(x, 19) ^ R(x, 10))
 340 #ifndef MIN
 341 #define MIN(x, y) (((x) < (y)) ? (x) : (y))
 342 #endif
 343
 344 void rtw_secmicsetkey(struct mic_data *pmicdata, u8 *key);
 345 void rtw_secmicappendbyte(struct mic_data *pmicdata, u8 b);
 346 void rtw_secmicappend(struct mic_data *pmicdata, u8 *src, u32 nBytes);
 347 void rtw_secgetmic(struct mic_data *pmicdata, u8 *dst);
 348 void rtw_seccalctkipmic(u8 *key, u8 *header, u8 *data, u32 data_len,
 349                         u8 *Miccode, u8   priority);
 350 u32 rtw_aes_encrypt(struct adapter *padapter, u8 *pxmitframe);
 351 u32 rtw_tkip_encrypt(struct adapter *padapter, u8 *pxmitframe);
 352 void rtw_wep_encrypt(struct adapter *padapter, u8  *pxmitframe);
 353 u32 rtw_aes_decrypt(struct adapter *padapter, u8  *precvframe);
 354 u32 rtw_tkip_decrypt(struct adapter *padapter, u8  *precvframe);
 355 void rtw_wep_decrypt(struct adapter *padapter, u8  *precvframe);
 356 void rtw_use_tkipkey_handler(void *FunctionContext);
 357
 358 #endif  /* __RTL871X_SECURITY_H_ */