LXR linux/drivers/staging/r8188eu/include/rtw

   1/* SPDX-License-Identifier: GPL-2.0 OR BSD-3-Clause */
   2/* Copyright(c) 2007 - 2011 Realtek Corporation. */
   3
   4#ifndef __RTW_SECURITY_H_
   5#define __RTW_SECURITY_H_
   6
   7#include "osdep_service.h"
   8#include "drv_types.h"
   9
  10#define _NO_PRIVACY_                    0x0
  11#define _WEP40_                         0x1
  12#define _TKIP_                          0x2
  13#define _TKIP_WTMIC_                    0x3
  14#define _AES_                           0x4
  15#define _WEP104_                        0x5
  16#define _WEP_WPA_MIXED_                 0x07  /*  WEP + WPA */
  17#define _SMS4_                          0x06
  18
  19#define is_wep_enc(alg) (((alg) == _WEP40_) || ((alg) == _WEP104_))
  20
  21#define _WPA_IE_ID_     0xdd
  22#define _WPA2_IE_ID_    0x30
  23
  24#define SHA256_MAC_LEN 32
  25#define AES_BLOCK_SIZE 16
  26#define AES_PRIV_SIZE (4 * 44)
  27
  28enum {
  29        ENCRYP_PROTOCOL_OPENSYS,   /* open system */
  30        ENCRYP_PROTOCOL_WEP,       /* WEP */
  31        ENCRYP_PROTOCOL_WPA,       /* WPA */
  32        ENCRYP_PROTOCOL_WPA2,      /* WPA2 */
  33        ENCRYP_PROTOCOL_WAPI,      /* WAPI: Not support in this version */
  34        ENCRYP_PROTOCOL_MAX
  35};
  36
  37#ifndef Ndis802_11AuthModeWPA2
  38#define Ndis802_11AuthModeWPA2 (Ndis802_11AuthModeWPANone + 1)
  39#endif
  40
  41#ifndef Ndis802_11AuthModeWPA2PSK
  42#define Ndis802_11AuthModeWPA2PSK (Ndis802_11AuthModeWPANone + 2)
  43#endif
  44
  45union pn48      {
  46        u64     val;
  47
  48#ifdef __LITTLE_ENDIAN
  49        struct {
  50                u8 TSC0;
  51                u8 TSC1;
  52                u8 TSC2;
  53                u8 TSC3;
  54                u8 TSC4;
  55                u8 TSC5;
  56                u8 TSC6;
  57                u8 TSC7;
  58        } _byte_;
  59
  60#elif defined(__BIG_ENDIAN)
  61
  62        struct {
  63                u8 TSC7;
  64                u8 TSC6;
  65                u8 TSC5;
  66                u8 TSC4;
  67                u8 TSC3;
  68                u8 TSC2;
  69                u8 TSC1;
  70                u8 TSC0;
  71        } _byte_;
  72#endif
  73};
  74
  75union Keytype {
  76        u8   skey[16];
  77        u32    lkey[4];
  78};
  79
  80struct rt_pmkid_list {
  81        u8      bUsed;
  82        u8      Bssid[6];
  83        u8      PMKID[16];
  84        u8      SsidBuf[33];
  85        u8      *ssid_octet;
  86        u16     ssid_length;
  87};
  88
  89struct security_priv {
  90        u32       dot11AuthAlgrthm;     /*  802.11 auth, could be open,
  91                                         * shared, 8021x and authswitch */
  92        u32       dot11PrivacyAlgrthm;  /*  This specify the privacy for
  93                                         * shared auth. algorithm. */
  94        /* WEP */
  95        u32       dot11PrivacyKeyIndex; /*  this is only valid for legendary
  96                                         * wep, 0~3 for key id.(tx key index) */
  97        union Keytype dot11DefKey[4];   /*  this is only valid for def. key */
  98        u32     dot11DefKeylen[4];
  99        u32 dot118021XGrpPrivacy;       /*  This specify the privacy algthm.
 100                                         * used for Grp key */
 101        u32     dot118021XGrpKeyid;     /*  key id used for Grp Key
 102                                         * ( tx key index) */
 103        union Keytype   dot118021XGrpKey[4];    /*  802.1x Group Key,
 104                                                 * for inx0 and inx1 */
 105        union Keytype   dot118021XGrptxmickey[4];
 106        union Keytype   dot118021XGrprxmickey[4];
 107        union pn48      dot11Grptxpn;           /* PN48 used for Grp Key xmit.*/
 108        union pn48      dot11Grprxpn;           /* PN48 used for Grp Key recv.*/
 109#ifdef CONFIG_88EU_AP_MODE
 110        /* extend security capabilities for AP_MODE */
 111        unsigned int dot8021xalg;/* 0:disable, 1:psk, 2:802.1x */
 112        unsigned int wpa_psk;/* 0:disable, bit(0): WPA, bit(1):WPA2 */
 113        unsigned int wpa_group_cipher;
 114        unsigned int wpa2_group_cipher;
 115        unsigned int wpa_pairwise_cipher;
 116        unsigned int wpa2_pairwise_cipher;
 117#endif
 118        u8 wps_ie[MAX_WPS_IE_LEN];/* added in assoc req */
 119        int wps_ie_len;
 120        u8      binstallGrpkey;
 121        u8      busetkipkey;
 122        u8      bcheck_grpkey;
 123        u8      bgrpkey_handshake;
 124        s32     sw_encrypt;/* from registry_priv */
 125        s32     sw_decrypt;/* from registry_priv */
 126        s32     hw_decrypted;/* if the rx packets is hw_decrypted==false,i
 127                              * it means the hw has not been ready. */
 128
 129        /* keeps the auth_type & enc_status from upper layer
 130         * ioctl(wpa_supplicant or wzc) */
 131        u32 ndisauthtype;       /*  NDIS_802_11_AUTHENTICATION_MODE */
 132        u32 ndisencryptstatus;  /*  NDIS_802_11_ENCRYPTION_STATUS */
 133        struct wlan_bssid_ex sec_bss;  /* for joinbss (h2c buffer) usage */
 134        struct ndis_802_11_wep ndiswep;
 135        u8 assoc_info[600];
 136        u8 szofcapability[256]; /* for wpa2 usage */
 137        u8 oidassociation[512]; /* for wpa/wpa2 usage */
 138        u8 authenticator_ie[256];  /* store ap security information element */
 139        u8 supplicant_ie[256];  /* store sta security information element */
 140
 141        /* for tkip countermeasure */
 142        u32 last_mic_err_time;
 143        u8      btkip_countermeasure;
 144        u8      btkip_wait_report;
 145        u32 btkip_countermeasure_time;
 146
 147        /*  */
 148        /*  For WPA2 Pre-Authentication. */
 149        /*  */
 150        struct rt_pmkid_list PMKIDList[NUM_PMKID_CACHE];
 151        u8      PMKIDIndex;
 152        u8 bWepDefaultKeyIdxSet;
 153};
 154
 155#define GET_ENCRY_ALGO(psecuritypriv, psta, encry_algo, bmcst)          \
 156do {                                                                    \
 157        switch (psecuritypriv->dot11AuthAlgrthm) {                      \
 158        case dot11AuthAlgrthm_Open:                                     \
 159        case dot11AuthAlgrthm_Shared:                                   \
 160        case dot11AuthAlgrthm_Auto:                                     \
 161                encry_algo = (u8)psecuritypriv->dot11PrivacyAlgrthm;    \
 162                break;                                                  \
 163        case dot11AuthAlgrthm_8021X:                                    \
 164                if (bmcst)                                              \
 165                        encry_algo = (u8)psecuritypriv->dot118021XGrpPrivacy;\
 166                else                                                    \
 167                        encry_algo = (u8)psta->dot118021XPrivacy;       \
 168                break;                                                  \
 169        case dot11AuthAlgrthm_WAPI:                                     \
 170                encry_algo = (u8)psecuritypriv->dot11PrivacyAlgrthm;    \
 171                break;                                                  \
 172        }                                                               \
 173} while (0)
 174
 175#define SET_ICE_IV_LEN(iv_len, icv_len, encrypt)                        \
 176do {                                                                    \
 177        switch (encrypt) {                                              \
 178        case _WEP40_:                                                   \
 179        case _WEP104_:                                                  \
 180                iv_len = 4;                                             \
 181                icv_len = 4;                                            \
 182                break;                                                  \
 183        case _TKIP_:                                                    \
 184                iv_len = 8;                                             \
 185                icv_len = 4;                                            \
 186                break;                                                  \
 187        case _AES_:                                                     \
 188                iv_len = 8;                                             \
 189                icv_len = 8;                                            \
 190                break;                                                  \
 191        case _SMS4_:                                                    \
 192                iv_len = 18;                                            \
 193                icv_len = 16;                                           \
 194                break;                                                  \
 195        default:                                                        \
 196                iv_len = 0;                                             \
 197                icv_len = 0;                                            \
 198                break;                                                  \
 199        }                                                               \
 200} while (0)
 201
 202#define GET_TKIP_PN(iv, dot11txpn)                                      \
 203do {                                                                    \
 204        dot11txpn._byte_.TSC0 = iv[2];                                  \
 205        dot11txpn._byte_.TSC1 = iv[0];                                  \
 206        dot11txpn._byte_.TSC2 = iv[4];                                  \
 207        dot11txpn._byte_.TSC3 = iv[5];                                  \
 208        dot11txpn._byte_.TSC4 = iv[6];                                  \
 209        dot11txpn._byte_.TSC5 = iv[7];                                  \
 210} while (0)
 211
 212#define ROL32(A, n)     (((A) << (n)) | (((A)>>(32-(n)))  & ((1UL << (n)) - 1)))
 213#define ROR32(A, n)     ROL32((A), 32-(n))
 214
 215struct mic_data {
 216        u32  K0, K1;         /*  Key */
 217        u32  L, R;           /*  Current state */
 218        u32  M;              /*  Message accumulator (single word) */
 219        u32  nBytesInM;      /*  # bytes in M */
 220};
 221
 222extern const u32 Te0[256];
 223extern const u32 Te1[256];
 224extern const u32 Te2[256];
 225extern const u32 Te3[256];
 226extern const u32 Te4[256];
 227extern const u32 Td0[256];
 228extern const u32 Td1[256];
 229extern const u32 Td2[256];
 230extern const u32 Td3[256];
 231extern const u32 Td4[256];
 232extern const u32 rcon[10];
 233extern const u8 Td4s[256];
 234extern const u8 rcons[10];
 235
 236#define RCON(i) (rcons[(i)] << 24)
 237
 238static inline u32 rotr(u32 val, int bits)
 239{
 240        return (val >> bits) | (val << (32 - bits));
 241}
 242
 243#define TE0(i) Te0[((i) >> 24) & 0xff]
 244#define TE1(i) rotr(Te0[((i) >> 16) & 0xff], 8)
 245#define TE2(i) rotr(Te0[((i) >> 8) & 0xff], 16)
 246#define TE3(i) rotr(Te0[(i) & 0xff], 24)
 247#define TE41(i) ((Te0[((i) >> 24) & 0xff] << 8) & 0xff000000)
 248#define TE42(i) (Te0[((i) >> 16) & 0xff] & 0x00ff0000)
 249#define TE43(i) (Te0[((i) >> 8) & 0xff] & 0x0000ff00)
 250#define TE44(i) ((Te0[(i) & 0xff] >> 8) & 0x000000ff)
 251#define TE421(i) ((Te0[((i) >> 16) & 0xff] << 8) & 0xff000000)
 252#define TE432(i) (Te0[((i) >> 8) & 0xff] & 0x00ff0000)
 253#define TE443(i) (Te0[(i) & 0xff] & 0x0000ff00)
 254#define TE414(i) ((Te0[((i) >> 24) & 0xff] >> 8) & 0x000000ff)
 255#define TE4(i) ((Te0[(i)] >> 8) & 0x000000ff)
 256
 257#define TD0(i) Td0[((i) >> 24) & 0xff]
 258#define TD1(i) rotr(Td0[((i) >> 16) & 0xff], 8)
 259#define TD2(i) rotr(Td0[((i) >> 8) & 0xff], 16)
 260#define TD3(i) rotr(Td0[(i) & 0xff], 24)
 261#define TD41(i) (Td4s[((i) >> 24) & 0xff] << 24)
 262#define TD42(i) (Td4s[((i) >> 16) & 0xff] << 16)
 263#define TD43(i) (Td4s[((i) >> 8) & 0xff] << 8)
 264#define TD44(i) (Td4s[(i) & 0xff])
 265#define TD0_(i) Td0[(i) & 0xff]
 266#define TD1_(i) rotr(Td0[(i) & 0xff], 8)
 267#define TD2_(i) rotr(Td0[(i) & 0xff], 16)
 268#define TD3_(i) rotr(Td0[(i) & 0xff], 24)
 269
 270#define GETU32(pt) (((u32)(pt)[0] << 24) ^ ((u32)(pt)[1] << 16) ^ \
 271                        ((u32)(pt)[2] <<  8) ^ ((u32)(pt)[3]))
 272
 273#define PUTU32(ct, st) { \
 274(ct)[0] = (u8)((st) >> 24); (ct)[1] = (u8)((st) >> 16); \
 275(ct)[2] = (u8)((st) >>  8); (ct)[3] = (u8)(st); }
 276
 277#define WPA_GET_BE32(a) ((((u32)(a)[0]) << 24) | (((u32)(a)[1]) << 16) | \
 278                         (((u32)(a)[2]) << 8) | ((u32)(a)[3]))
 279
 280#define WPA_PUT_LE16(a, val)                    \
 281        do {                                    \
 282                (a)[1] = ((u16)(val)) >> 8;     \
 283                (a)[0] = ((u16)(val)) & 0xff;   \
 284        } while (0)
 285
 286#define WPA_PUT_BE32(a, val)                                    \
 287        do {                                                    \
 288                (a)[0] = (u8)((((u32)(val)) >> 24) & 0xff);     \
 289                (a)[1] = (u8)((((u32)(val)) >> 16) & 0xff);     \
 290                (a)[2] = (u8)((((u32)(val)) >> 8) & 0xff);      \
 291                (a)[3] = (u8)(((u32)(val)) & 0xff);             \
 292        } while (0)
 293
 294#define WPA_PUT_BE64(a, val)                            \
 295        do {                                            \
 296                (a)[0] = (u8)(((u64)(val)) >> 56);      \
 297                (a)[1] = (u8)(((u64)(val)) >> 48);      \
 298                (a)[2] = (u8)(((u64)(val)) >> 40);      \
 299                (a)[3] = (u8)(((u64)(val)) >> 32);      \
 300                (a)[4] = (u8)(((u64)(val)) >> 24);      \
 301                (a)[5] = (u8)(((u64)(val)) >> 16);      \
 302                (a)[6] = (u8)(((u64)(val)) >> 8);       \
 303                (a)[7] = (u8)(((u64)(val)) & 0xff);     \
 304        } while (0)
 305
 306/* ===== start - public domain SHA256 implementation ===== */
 307
 308/* This is based on SHA256 implementation in LibTomCrypt that was released into
 309 * public domain by Tom St Denis. */
 310
 311/* Various logical functions */
 312#define RORc(x, y) \
 313        (((((unsigned long)(x) & 0xFFFFFFFFUL) >> (unsigned long)((y)&31)) | \
 314         ((unsigned long)(x) << (unsigned long)(32-((y)&31)))) & 0xFFFFFFFFUL)
 315#define Ch(x, y ,z)       (z ^ (x & (y ^ z)))
 316#define Maj(x, y, z)      (((x | y) & z) | (x & y))
 317#define S(x, n)         RORc((x), (n))
 318#define R(x, n)         (((x)&0xFFFFFFFFUL)>>(n))
 319#define Sigma0(x)       (S(x, 2) ^ S(x, 13) ^ S(x, 22))
 320#define Sigma1(x)       (S(x, 6) ^ S(x, 11) ^ S(x, 25))
 321#define Gamma0(x)       (S(x, 7) ^ S(x, 18) ^ R(x, 3))
 322#define Gamma1(x)       (S(x, 17) ^ S(x, 19) ^ R(x, 10))
 323#ifndef MIN
 324#define MIN(x, y) (((x) < (y)) ? (x) : (y))
 325#endif
 326
 327void rtw_secmicsetkey(struct mic_data *pmicdata, u8 *key);
 328void rtw_secmicappendbyte(struct mic_data *pmicdata, u8 b);
 329void rtw_secmicappend(struct mic_data *pmicdata, u8 *src, u32 nBytes);
 330void rtw_secgetmic(struct mic_data *pmicdata, u8 *dst);
 331void rtw_seccalctkipmic(u8 *key, u8 *header, u8 *data, u32 data_len,
 332                        u8 *Miccode, u8   priority);
 333u32 rtw_aes_encrypt(struct adapter *padapter, u8 *pxmitframe);
 334u32 rtw_tkip_encrypt(struct adapter *padapter, u8 *pxmitframe);
 335void rtw_wep_encrypt(struct adapter *padapter, u8  *pxmitframe);
 336u32 rtw_aes_decrypt(struct adapter *padapter, u8  *precvframe);
 337u32 rtw_tkip_decrypt(struct adapter *padapter, u8  *precvframe);
 338void rtw_wep_decrypt(struct adapter *padapter, u8  *precvframe);
 339void rtw_use_tkipkey_handler(void *FunctionContext);
 340
 341#endif  /* __RTL871X_SECURITY_H_ */
 342