| /* |
| ************************************************************************* |
| * Ralink Tech Inc. |
| * 5F., No.36, Taiyuan St., Jhubei City, |
| * Hsinchu County 302, |
| * Taiwan, R.O.C. |
| * |
| * (c) Copyright 2002-2007, Ralink Technology, Inc. |
| * |
| * This program is free software; you can redistribute it and/or modify * |
| * it under the terms of the GNU General Public License as published by * |
| * the Free Software Foundation; either version 2 of the License, or * |
| * (at your option) any later version. * |
| * * |
| * This program is distributed in the hope that it will be useful, * |
| * but WITHOUT ANY WARRANTY; without even the implied warranty of * |
| * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * |
| * GNU General Public License for more details. * |
| * * |
| * You should have received a copy of the GNU General Public License * |
| * along with this program; if not, write to the * |
| * Free Software Foundation, Inc., * |
| * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. * |
| * * |
| ************************************************************************* |
| |
| Module Name: |
| rtmp_wep.c |
| |
| Abstract: |
| |
| Revision History: |
| Who When What |
| -------- ---------- ---------------------------------------------- |
| Paul Wu 10-28-02 Initial |
| */ |
| |
| #include "../rt_config.h" |
| |
| UINT FCSTAB_32[256] = |
| { |
| 0x00000000, 0x77073096, 0xee0e612c, 0x990951ba, |
| 0x076dc419, 0x706af48f, 0xe963a535, 0x9e6495a3, |
| 0x0edb8832, 0x79dcb8a4, 0xe0d5e91e, 0x97d2d988, |
| 0x09b64c2b, 0x7eb17cbd, 0xe7b82d07, 0x90bf1d91, |
| 0x1db71064, 0x6ab020f2, 0xf3b97148, 0x84be41de, |
| 0x1adad47d, 0x6ddde4eb, 0xf4d4b551, 0x83d385c7, |
| 0x136c9856, 0x646ba8c0, 0xfd62f97a, 0x8a65c9ec, |
| 0x14015c4f, 0x63066cd9, 0xfa0f3d63, 0x8d080df5, |
| 0x3b6e20c8, 0x4c69105e, 0xd56041e4, 0xa2677172, |
| 0x3c03e4d1, 0x4b04d447, 0xd20d85fd, 0xa50ab56b, |
| 0x35b5a8fa, 0x42b2986c, 0xdbbbc9d6, 0xacbcf940, |
| 0x32d86ce3, 0x45df5c75, 0xdcd60dcf, 0xabd13d59, |
| 0x26d930ac, 0x51de003a, 0xc8d75180, 0xbfd06116, |
| 0x21b4f4b5, 0x56b3c423, 0xcfba9599, 0xb8bda50f, |
| 0x2802b89e, 0x5f058808, 0xc60cd9b2, 0xb10be924, |
| 0x2f6f7c87, 0x58684c11, 0xc1611dab, 0xb6662d3d, |
| 0x76dc4190, 0x01db7106, 0x98d220bc, 0xefd5102a, |
| 0x71b18589, 0x06b6b51f, 0x9fbfe4a5, 0xe8b8d433, |
| 0x7807c9a2, 0x0f00f934, 0x9609a88e, 0xe10e9818, |
| 0x7f6a0dbb, 0x086d3d2d, 0x91646c97, 0xe6635c01, |
| 0x6b6b51f4, 0x1c6c6162, 0x856530d8, 0xf262004e, |
| 0x6c0695ed, 0x1b01a57b, 0x8208f4c1, 0xf50fc457, |
| 0x65b0d9c6, 0x12b7e950, 0x8bbeb8ea, 0xfcb9887c, |
| 0x62dd1ddf, 0x15da2d49, 0x8cd37cf3, 0xfbd44c65, |
| 0x4db26158, 0x3ab551ce, 0xa3bc0074, 0xd4bb30e2, |
| 0x4adfa541, 0x3dd895d7, 0xa4d1c46d, 0xd3d6f4fb, |
| 0x4369e96a, 0x346ed9fc, 0xad678846, 0xda60b8d0, |
| 0x44042d73, 0x33031de5, 0xaa0a4c5f, 0xdd0d7cc9, |
| 0x5005713c, 0x270241aa, 0xbe0b1010, 0xc90c2086, |
| 0x5768b525, 0x206f85b3, 0xb966d409, 0xce61e49f, |
| 0x5edef90e, 0x29d9c998, 0xb0d09822, 0xc7d7a8b4, |
| 0x59b33d17, 0x2eb40d81, 0xb7bd5c3b, 0xc0ba6cad, |
| 0xedb88320, 0x9abfb3b6, 0x03b6e20c, 0x74b1d29a, |
| 0xead54739, 0x9dd277af, 0x04db2615, 0x73dc1683, |
| 0xe3630b12, 0x94643b84, 0x0d6d6a3e, 0x7a6a5aa8, |
| 0xe40ecf0b, 0x9309ff9d, 0x0a00ae27, 0x7d079eb1, |
| 0xf00f9344, 0x8708a3d2, 0x1e01f268, 0x6906c2fe, |
| 0xf762575d, 0x806567cb, 0x196c3671, 0x6e6b06e7, |
| 0xfed41b76, 0x89d32be0, 0x10da7a5a, 0x67dd4acc, |
| 0xf9b9df6f, 0x8ebeeff9, 0x17b7be43, 0x60b08ed5, |
| 0xd6d6a3e8, 0xa1d1937e, 0x38d8c2c4, 0x4fdff252, |
| 0xd1bb67f1, 0xa6bc5767, 0x3fb506dd, 0x48b2364b, |
| 0xd80d2bda, 0xaf0a1b4c, 0x36034af6, 0x41047a60, |
| 0xdf60efc3, 0xa867df55, 0x316e8eef, 0x4669be79, |
| 0xcb61b38c, 0xbc66831a, 0x256fd2a0, 0x5268e236, |
| 0xcc0c7795, 0xbb0b4703, 0x220216b9, 0x5505262f, |
| 0xc5ba3bbe, 0xb2bd0b28, 0x2bb45a92, 0x5cb36a04, |
| 0xc2d7ffa7, 0xb5d0cf31, 0x2cd99e8b, 0x5bdeae1d, |
| 0x9b64c2b0, 0xec63f226, 0x756aa39c, 0x026d930a, |
| 0x9c0906a9, 0xeb0e363f, 0x72076785, 0x05005713, |
| 0x95bf4a82, 0xe2b87a14, 0x7bb12bae, 0x0cb61b38, |
| 0x92d28e9b, 0xe5d5be0d, 0x7cdcefb7, 0x0bdbdf21, |
| 0x86d3d2d4, 0xf1d4e242, 0x68ddb3f8, 0x1fda836e, |
| 0x81be16cd, 0xf6b9265b, 0x6fb077e1, 0x18b74777, |
| 0x88085ae6, 0xff0f6a70, 0x66063bca, 0x11010b5c, |
| 0x8f659eff, 0xf862ae69, 0x616bffd3, 0x166ccf45, |
| 0xa00ae278, 0xd70dd2ee, 0x4e048354, 0x3903b3c2, |
| 0xa7672661, 0xd06016f7, 0x4969474d, 0x3e6e77db, |
| 0xaed16a4a, 0xd9d65adc, 0x40df0b66, 0x37d83bf0, |
| 0xa9bcae53, 0xdebb9ec5, 0x47b2cf7f, 0x30b5ffe9, |
| 0xbdbdf21c, 0xcabac28a, 0x53b39330, 0x24b4a3a6, |
| 0xbad03605, 0xcdd70693, 0x54de5729, 0x23d967bf, |
| 0xb3667a2e, 0xc4614ab8, 0x5d681b02, 0x2a6f2b94, |
| 0xb40bbe37, 0xc30c8ea1, 0x5a05df1b, 0x2d02ef8d |
| }; |
| |
| /* |
| ======================================================================== |
| |
| Routine Description: |
| Init WEP function. |
| |
| Arguments: |
| pAd Pointer to our adapter |
| pKey Pointer to the WEP KEY |
| KeyId WEP Key ID |
| KeyLen the length of WEP KEY |
| pDest Pointer to the destination which Encryption data will store in. |
| |
| Return Value: |
| None |
| |
| IRQL = DISPATCH_LEVEL |
| |
| Note: |
| |
| ======================================================================== |
| */ |
| VOID RTMPInitWepEngine( |
| IN PRTMP_ADAPTER pAd, |
| IN PUCHAR pKey, |
| IN UCHAR KeyId, |
| IN UCHAR KeyLen, |
| IN OUT PUCHAR pDest) |
| { |
| UINT i; |
| UCHAR WEPKEY[] = { |
| //IV |
| 0x00, 0x11, 0x22, |
| //WEP KEY |
| 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0xAA, 0xBB, 0xCC |
| }; |
| |
| pAd->PrivateInfo.FCSCRC32 = PPPINITFCS32; //Init crc32. |
| |
| if (pAd->StaCfg.bCkipOn && (pAd->StaCfg.CkipFlag & 0x10) && (pAd->OpMode == OPMODE_STA)) |
| { |
| ARCFOUR_INIT(&pAd->PrivateInfo.WEPCONTEXT, pKey, KeyLen); //INIT SBOX, KEYLEN+3(IV) |
| NdisMoveMemory(pDest, pKey, 3); //Append Init Vector |
| } |
| else |
| { |
| NdisMoveMemory(WEPKEY + 3, pKey, KeyLen); |
| |
| for(i = 0; i < 3; i++) |
| WEPKEY[i] = RandomByte(pAd); //Call mlme RandomByte() function. |
| ARCFOUR_INIT(&pAd->PrivateInfo.WEPCONTEXT, WEPKEY, KeyLen + 3); //INIT SBOX, KEYLEN+3(IV) |
| |
| NdisMoveMemory(pDest, WEPKEY, 3); //Append Init Vector |
| } |
| *(pDest+3) = (KeyId << 6); //Append KEYID |
| |
| } |
| |
| /* |
| ======================================================================== |
| |
| Routine Description: |
| Encrypt transimitted data |
| |
| Arguments: |
| pAd Pointer to our adapter |
| pSrc Pointer to the transimitted source data that will be encrypt |
| pDest Pointer to the destination where entryption data will be store in. |
| Len Indicate the length of the source data |
| |
| Return Value: |
| None |
| |
| IRQL = DISPATCH_LEVEL |
| |
| Note: |
| |
| ======================================================================== |
| */ |
| VOID RTMPEncryptData( |
| IN PRTMP_ADAPTER pAd, |
| IN PUCHAR pSrc, |
| IN PUCHAR pDest, |
| IN UINT Len) |
| { |
| pAd->PrivateInfo.FCSCRC32 = RTMP_CALC_FCS32(pAd->PrivateInfo.FCSCRC32, pSrc, Len); |
| ARCFOUR_ENCRYPT(&pAd->PrivateInfo.WEPCONTEXT, pDest, pSrc, Len); |
| } |
| |
| |
| /* |
| ======================================================================== |
| |
| Routine Description: |
| Decrypt received WEP data |
| |
| Arguments: |
| pAdapter Pointer to our adapter |
| pSrc Pointer to the received data |
| Len the length of the received data |
| |
| Return Value: |
| TRUE Decrypt WEP data success |
| FALSE Decrypt WEP data failed |
| |
| Note: |
| |
| ======================================================================== |
| */ |
| BOOLEAN RTMPSoftDecryptWEP( |
| IN PRTMP_ADAPTER pAd, |
| IN PUCHAR pData, |
| IN ULONG DataByteCnt, |
| IN PCIPHER_KEY pGroupKey) |
| { |
| UINT trailfcs; |
| UINT crc32; |
| UCHAR KeyIdx; |
| UCHAR WEPKEY[] = { |
| //IV |
| 0x00, 0x11, 0x22, |
| //WEP KEY |
| 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0xAA, 0xBB, 0xCC |
| }; |
| UCHAR *pPayload = (UCHAR *)pData + LENGTH_802_11; |
| ULONG payload_len = DataByteCnt - LENGTH_802_11; |
| |
| NdisMoveMemory(WEPKEY, pPayload, 3); //Get WEP IV |
| |
| KeyIdx = (*(pPayload + 3) & 0xc0) >> 6; |
| if (pGroupKey[KeyIdx].KeyLen == 0) |
| return (FALSE); |
| |
| NdisMoveMemory(WEPKEY + 3, pGroupKey[KeyIdx].Key, pGroupKey[KeyIdx].KeyLen); |
| ARCFOUR_INIT(&pAd->PrivateInfo.WEPCONTEXT, WEPKEY, pGroupKey[KeyIdx].KeyLen + 3); |
| ARCFOUR_DECRYPT(&pAd->PrivateInfo.WEPCONTEXT, pPayload, pPayload + 4, payload_len - 4); |
| NdisMoveMemory(&trailfcs, pPayload + payload_len - 8, 4); |
| crc32 = RTMP_CALC_FCS32(PPPINITFCS32, pPayload, payload_len - 8); //Skip last 4 bytes(FCS). |
| crc32 ^= 0xffffffff; /* complement */ |
| |
| if(crc32 != cpu2le32(trailfcs)) |
| { |
| DBGPRINT(RT_DEBUG_TRACE, ("! WEP Data CRC Error !\n")); //CRC error. |
| return (FALSE); |
| } |
| return (TRUE); |
| } |
| |
| /* |
| ======================================================================== |
| |
| Routine Description: |
| The Stream Cipher Encryption Algorithm "ARCFOUR" initialize |
| |
| Arguments: |
| Ctx Pointer to ARCFOUR CONTEXT (SBOX) |
| pKey Pointer to the WEP KEY |
| KeyLen Indicate the length fo the WEP KEY |
| |
| Return Value: |
| None |
| |
| IRQL = DISPATCH_LEVEL |
| |
| Note: |
| |
| ======================================================================== |
| */ |
| VOID ARCFOUR_INIT( |
| IN PARCFOURCONTEXT Ctx, |
| IN PUCHAR pKey, |
| IN UINT KeyLen) |
| { |
| UCHAR t, u; |
| UINT keyindex; |
| UINT stateindex; |
| PUCHAR state; |
| UINT counter; |
| |
| state = Ctx->STATE; |
| Ctx->X = 0; |
| Ctx->Y = 0; |
| for (counter = 0; counter < 256; counter++) |
| state[counter] = (UCHAR)counter; |
| keyindex = 0; |
| stateindex = 0; |
| for (counter = 0; counter < 256; counter++) |
| { |
| t = state[counter]; |
| stateindex = (stateindex + pKey[keyindex] + t) & 0xff; |
| u = state[stateindex]; |
| state[stateindex] = t; |
| state[counter] = u; |
| if (++keyindex >= KeyLen) |
| keyindex = 0; |
| } |
| } |
| |
| /* |
| ======================================================================== |
| |
| Routine Description: |
| Get bytes from ARCFOUR CONTEXT (S-BOX) |
| |
| Arguments: |
| Ctx Pointer to ARCFOUR CONTEXT (SBOX) |
| |
| Return Value: |
| UCHAR - the value of the ARCFOUR CONTEXT (S-BOX) |
| |
| Note: |
| |
| ======================================================================== |
| */ |
| UCHAR ARCFOUR_BYTE( |
| IN PARCFOURCONTEXT Ctx) |
| { |
| UINT x; |
| UINT y; |
| UCHAR sx, sy; |
| PUCHAR state; |
| |
| state = Ctx->STATE; |
| x = (Ctx->X + 1) & 0xff; |
| sx = state[x]; |
| y = (sx + Ctx->Y) & 0xff; |
| sy = state[y]; |
| Ctx->X = x; |
| Ctx->Y = y; |
| state[y] = sx; |
| state[x] = sy; |
| |
| return(state[(sx + sy) & 0xff]); |
| |
| } |
| |
| /* |
| ======================================================================== |
| |
| Routine Description: |
| The Stream Cipher Decryption Algorithm |
| |
| Arguments: |
| Ctx Pointer to ARCFOUR CONTEXT (SBOX) |
| pDest Pointer to the Destination |
| pSrc Pointer to the Source data |
| Len Indicate the length of the Source data |
| |
| Return Value: |
| None |
| |
| Note: |
| |
| ======================================================================== |
| */ |
| VOID ARCFOUR_DECRYPT( |
| IN PARCFOURCONTEXT Ctx, |
| IN PUCHAR pDest, |
| IN PUCHAR pSrc, |
| IN UINT Len) |
| { |
| UINT i; |
| |
| for (i = 0; i < Len; i++) |
| pDest[i] = pSrc[i] ^ ARCFOUR_BYTE(Ctx); |
| } |
| |
| /* |
| ======================================================================== |
| |
| Routine Description: |
| The Stream Cipher Encryption Algorithm |
| |
| Arguments: |
| Ctx Pointer to ARCFOUR CONTEXT (SBOX) |
| pDest Pointer to the Destination |
| pSrc Pointer to the Source data |
| Len Indicate the length of the Source dta |
| |
| Return Value: |
| None |
| |
| IRQL = DISPATCH_LEVEL |
| |
| Note: |
| |
| ======================================================================== |
| */ |
| VOID ARCFOUR_ENCRYPT( |
| IN PARCFOURCONTEXT Ctx, |
| IN PUCHAR pDest, |
| IN PUCHAR pSrc, |
| IN UINT Len) |
| { |
| UINT i; |
| |
| for (i = 0; i < Len; i++) |
| pDest[i] = pSrc[i] ^ ARCFOUR_BYTE(Ctx); |
| } |
| |
| /* |
| ======================================================================== |
| |
| Routine Description: |
| The Stream Cipher Encryption Algorithm which conform to the special requirement to encrypt GTK. |
| |
| Arguments: |
| Ctx Pointer to ARCFOUR CONTEXT (SBOX) |
| pDest Pointer to the Destination |
| pSrc Pointer to the Source data |
| Len Indicate the length of the Source dta |
| |
| |
| ======================================================================== |
| */ |
| |
| VOID WPAARCFOUR_ENCRYPT( |
| IN PARCFOURCONTEXT Ctx, |
| IN PUCHAR pDest, |
| IN PUCHAR pSrc, |
| IN UINT Len) |
| { |
| UINT i; |
| //discard first 256 bytes |
| for (i = 0; i < 256; i++) |
| ARCFOUR_BYTE(Ctx); |
| |
| for (i = 0; i < Len; i++) |
| pDest[i] = pSrc[i] ^ ARCFOUR_BYTE(Ctx); |
| } |
| |
| |
| /* |
| ======================================================================== |
| |
| Routine Description: |
| Calculate a new FCS given the current FCS and the new data. |
| |
| Arguments: |
| Fcs the original FCS value |
| Cp pointer to the data which will be calculate the FCS |
| Len the length of the data |
| |
| Return Value: |
| UINT - FCS 32 bits |
| |
| IRQL = DISPATCH_LEVEL |
| |
| Note: |
| |
| ======================================================================== |
| */ |
| UINT RTMP_CALC_FCS32( |
| IN UINT Fcs, |
| IN PUCHAR Cp, |
| IN INT Len) |
| { |
| while (Len--) |
| Fcs = (((Fcs) >> 8) ^ FCSTAB_32[((Fcs) ^ (*Cp++)) & 0xff]); |
| |
| return (Fcs); |
| } |
| |
| |
| /* |
| ======================================================================== |
| |
| Routine Description: |
| Get last FCS and encrypt it to the destination |
| |
| Arguments: |
| pDest Pointer to the Destination |
| |
| Return Value: |
| None |
| |
| Note: |
| |
| ======================================================================== |
| */ |
| VOID RTMPSetICV( |
| IN PRTMP_ADAPTER pAd, |
| IN PUCHAR pDest) |
| { |
| pAd->PrivateInfo.FCSCRC32 ^= 0xffffffff; /* complement */ |
| pAd->PrivateInfo.FCSCRC32 = cpu2le32(pAd->PrivateInfo.FCSCRC32); |
| |
| ARCFOUR_ENCRYPT(&pAd->PrivateInfo.WEPCONTEXT, pDest, (PUCHAR) &pAd->PrivateInfo.FCSCRC32, 4); |
| } |
| |
