[GitHub/mt8127/android_kernel_alcatel_ttab.git] / drivers / misc / mediatek / connectivity / conn_soc / drv_wlan / mt_wifi / wlan / mgmt / wapi.c

/*
** $Id: //Department/DaVinci/BRANCHES/MT6620_WIFI_DRIVER_V2_3/mgmt/wapi.c#1 $
*/

/*! \file   "wapi.c"
    \brief  This file including the WAPI related function.

    This file provided the macros and functions library support the wapi ie parsing,
    cipher and AKM check to help the AP seleced deciding.
*/


/*
** $Log: wapi.c $
** 
** 10 24 2012 wh.su
** [ALPS00376392] [klocwork 9.1]  in  wapi.c, line 344
** Use MAX_NUM_SUPPORTED_WAPI_AKM_SUITESfor avoid Klocwork warning.
** 
** 10 24 2012 wh.su
** [ALPS00376391] [klocwork 9.1]  in  wapi.c, line 311
** Use the MAX_NUM_SUPPORTED_WAPI_CIPHER_SUITES for avoid Klccwork waring.
 *
 * 11 10 2011 wh.su
 * [WCXRP00001078] [MT6620 Wi-Fi][Driver] Adding the mediatek log improment support : XLOG
 * change the debug module level.
 *
 * 10 20 2010 wh.su
 * [WCXRP00000067] [MT6620 Wi-Fi][Driver] Support the android+ WAPI function
 * fixed the network type
 *
 * 09 01 2010 wh.su
 * NULL
 * adding the wapi support for integration test.
 *
 * 07 20 2010 wh.su
 *
 * .
 *
 * 04 06 2010 wh.su
 * [BORA00000680][MT6620] Support the statistic for Micxxsoft os query
 * fixed the firmware return the broadcast frame at wrong tc.
 *
 * 03 03 2010 wh.su
 * [BORA00000637][MT6620 Wi-Fi] [Bug] WPA2 pre-authentication timer not correctly initialize
 * move the AIS specific variable for security to AIS specific structure.
 *
 * 12 18 2009 cm.chang
 * [BORA00000018]Integrate WIFI part into BORA for the 1st time
 * .
 *
 * Dec 8 2009 mtk01088
 * [BORA00000476] [Wi-Fi][firmware] Add the security module initialize code
 * adding the function to check and update the default wapi tx
 *
 * Dec 7 2009 mtk01088
 * [BORA00000476] [Wi-Fi][firmware] Add the security module initialize code
 * adding the generate wapi ie function, and replace the tabe by space
 *
 * Nov 23 2009 mtk01088
 * [BORA00000476] [Wi-Fi][firmware] Add the security module initialize code
 *
*/

/*******************************************************************************
*                         C O M P I L E R   F L A G S
********************************************************************************
*/

/*******************************************************************************
*                    E X T E R N A L   R E F E R E N C E S
********************************************************************************
*/

#include "precomp.h"
#if CFG_SUPPORT_WAPI

/*******************************************************************************
*                              C O N S T A N T S
********************************************************************************
*/

/*******************************************************************************
*                             D A T A   T Y P E S
********************************************************************************
*/

/*******************************************************************************
*                            P U B L I C   D A T A
********************************************************************************
*/

/*******************************************************************************
*                           P R I V A T E   D A T A
********************************************************************************
*/

/*******************************************************************************
*                                 M A C R O S
********************************************************************************
*/

/*******************************************************************************
*                   F U N C T I O N   D E C L A R A T I O N S
********************************************************************************
*/

/*******************************************************************************
*                              F U N C T I O N S
********************************************************************************
*/

/*----------------------------------------------------------------------------*/
/*!
*
* \brief This routine is called to generate WPA IE for
*        associate request frame.
*
* \param[in]  prCurrentBss     The Selected BSS description
*
* \retval The append WPA IE length
*
* \note
*      Called by: AIS module, Associate request
*/
/*----------------------------------------------------------------------------*/
VOID
wapiGenerateWAPIIE (
    IN P_ADAPTER_T          prAdapter,
    IN P_MSDU_INFO_T        prMsduInfo
    )
{
    PUINT_8                 pucBuffer;

    ASSERT(prAdapter);
    ASSERT(prMsduInfo);

    if (prMsduInfo->ucNetworkType != NETWORK_TYPE_AIS_INDEX)
        return;

    pucBuffer = (PUINT_8)((ULONG)prMsduInfo->prPacket +
                          prMsduInfo->u2FrameLength);

    /* ASSOC INFO IE ID: 68 :0x44 */
    if (/* prWlanInfo->fgWapiMode && */ prAdapter->prGlueInfo->u2WapiAssocInfoIESz) {
        kalMemCopy(pucBuffer, &prAdapter->prGlueInfo->aucWapiAssocInfoIEs, prAdapter->prGlueInfo->u2WapiAssocInfoIESz);
        prMsduInfo->u2FrameLength += prAdapter->prGlueInfo->u2WapiAssocInfoIESz;
    }

}


/*----------------------------------------------------------------------------*/
/*!
* \brief This routine is called to parse WAPI IE.
*
* \param[in]  prInfoElem Pointer to the RSN IE
* \param[out] prRsnInfo Pointer to the BSSDescription structure to store the
**                  WAPI information from the given WAPI IE
*
* \retval TRUE - Succeeded
* \retval FALSE - Failed
*/
/*----------------------------------------------------------------------------*/
BOOLEAN
wapiParseWapiIE (
    IN  P_WAPI_INFO_ELEM_T prInfoElem,
    OUT P_WAPI_INFO_T      prWapiInfo
    )
{
    UINT_32                i;
    INT_32                 u4RemainWapiIeLen;
    UINT_16                u2Version;
    UINT_16                u2Cap = 0;
    UINT_32                u4GroupSuite = WAPI_CIPHER_SUITE_WPI;
    UINT_16                u2PairSuiteCount = 0;
    UINT_16                u2AuthSuiteCount = 0;
    PUCHAR                 pucPairSuite = NULL;
    PUCHAR                 pucAuthSuite = NULL;
    PUCHAR                 cp;

    DEBUGFUNC("wapiParseWapiIE");

    ASSERT(prInfoElem);
    ASSERT(prWapiInfo);

    /* Verify the length of the WAPI IE. */
    if (prInfoElem->ucLength < 6) {
        DBGLOG(SEC, TRACE, ("WAPI IE length too short (length=%d)\n", prInfoElem->ucLength));
        return FALSE;
    }

    /* Check WAPI version: currently, we only support version 1. */
    WLAN_GET_FIELD_16(&prInfoElem->u2Version, &u2Version);
    if (u2Version != 1) {
        DBGLOG(SEC, TRACE, ("Unsupported WAPI IE version: %d\n", u2Version));
        return FALSE;
    }

    cp = (PUCHAR) &prInfoElem->u2AuthKeyMgtSuiteCount;
    u4RemainWapiIeLen = (INT_32) prInfoElem->ucLength - 2;

    do {
        if (u4RemainWapiIeLen == 0) {
            break;
        }

        /*
           AuthCount    : 2
           AuthSuite    : 4 * authSuiteCount
           PairwiseCount: 2
           PairwiseSuite: 4 * pairSuiteCount
           GroupSuite   : 4
           Cap          : 2 */

        /* Parse the Authentication and Key Management Cipher Suite Count
           field. */
        if (u4RemainWapiIeLen < 2) {
            DBGLOG(SEC, TRACE, ("Fail to parse WAPI IE in auth & key mgt suite count (IE len: %d)\n",
                prInfoElem->ucLength));
            return FALSE;
        }

        WLAN_GET_FIELD_16(cp, &u2AuthSuiteCount);
        cp += 2;
        u4RemainWapiIeLen -= 2;

        /* Parse the Authentication and Key Management Cipher Suite List
           field. */
        i = (UINT_32) u2AuthSuiteCount * 4;
        if (u4RemainWapiIeLen < (INT_32) i) {
            DBGLOG(SEC, TRACE, ("Fail to parse WAPI IE in auth & key mgt suite list (IE len: %d)\n",
                prInfoElem->ucLength));
            return FALSE;
        }

        pucAuthSuite = cp;

        cp += i;
        u4RemainWapiIeLen -= (INT_32) i;

        if (u4RemainWapiIeLen == 0) {
            break;
        }

        /* Parse the Pairwise Key Cipher Suite Count field. */
        if (u4RemainWapiIeLen < 2) {
            DBGLOG(SEC, TRACE, ("Fail to parse WAPI IE in pairwise cipher suite count (IE len: %d)\n",
                prInfoElem->ucLength));
            return FALSE;
        }

        WLAN_GET_FIELD_16(cp, &u2PairSuiteCount);
        cp += 2;
        u4RemainWapiIeLen -= 2;

        /* Parse the Pairwise Key Cipher Suite List field. */
        i = (UINT_32) u2PairSuiteCount * 4;
        if (u4RemainWapiIeLen < (INT_32) i) {
            DBGLOG(SEC, TRACE, ("Fail to parse WAPI IE in pairwise cipher suite list (IE len: %d)\n",
                prInfoElem->ucLength));
            return FALSE;
        }

        pucPairSuite = cp;

        cp += i;
        u4RemainWapiIeLen -= (INT_32) i;

        /* Parse the Group Key Cipher Suite field. */
        if (u4RemainWapiIeLen < 4) {
            DBGLOG(SEC, TRACE, ("Fail to parse WAPI IE in group cipher suite (IE len: %d)\n",
                prInfoElem->ucLength));
            return FALSE;
        }

        WLAN_GET_FIELD_32(cp, &u4GroupSuite);
        cp += 4;
        u4RemainWapiIeLen -= 4;

        /* Parse the WAPI u2Capabilities field. */
        if (u4RemainWapiIeLen < 2) {
            DBGLOG(SEC, TRACE, ("Fail to parse WAPI IE in WAPI capabilities (IE len: %d)\n",
                prInfoElem->ucLength));
            return FALSE;
        }

        WLAN_GET_FIELD_16(cp, &u2Cap);
        u4RemainWapiIeLen -= 2;

        /* Todo:: BKID support */
    } while (FALSE);

    /* Save the WAPI information for the BSS. */

    prWapiInfo->ucElemId = ELEM_ID_WAPI;

    prWapiInfo->u2Version = u2Version;

    prWapiInfo->u4GroupKeyCipherSuite = u4GroupSuite;

    DBGLOG(SEC, LOUD, ("WAPI: version %d, group key cipher suite %02x-%02x-%02x-%02x\n",
        u2Version, (UCHAR) (u4GroupSuite & 0x000000FF),
        (UCHAR) ((u4GroupSuite >> 8) & 0x000000FF),
        (UCHAR) ((u4GroupSuite >> 16) & 0x000000FF),
        (UCHAR) ((u4GroupSuite >> 24) & 0x000000FF)));

    if (pucPairSuite) {
        /* The information about the pairwise key cipher suites is present. */
        if (u2PairSuiteCount > MAX_NUM_SUPPORTED_WAPI_CIPHER_SUITES) {
            u2PairSuiteCount = MAX_NUM_SUPPORTED_WAPI_CIPHER_SUITES;
        }

        prWapiInfo->u4PairwiseKeyCipherSuiteCount = (UINT_32) u2PairSuiteCount;

        for (i = 0; i < (UINT_32) u2PairSuiteCount; i++) {
            WLAN_GET_FIELD_32(pucPairSuite,
                              &prWapiInfo->au4PairwiseKeyCipherSuite[i]);
            pucPairSuite += 4;

            DBGLOG(SEC, LOUD,("WAPI: pairwise key cipher suite [%d]: %02x-%02x-%02x-%02x\n",
                (UINT_8)i, (UCHAR) (prWapiInfo->au4PairwiseKeyCipherSuite[i] & 0x000000FF),
                (UCHAR) ((prWapiInfo->au4PairwiseKeyCipherSuite[i] >> 8) & 0x000000FF),
                (UCHAR) ((prWapiInfo->au4PairwiseKeyCipherSuite[i] >> 16) & 0x000000FF),
                (UCHAR) ((prWapiInfo->au4PairwiseKeyCipherSuite[i] >> 24) & 0x000000FF)));
        }
    }
    else {
        /* The information about the pairwise key cipher suites is not present.
           Use the default chipher suite for WAPI: WPI. */
        prWapiInfo->u4PairwiseKeyCipherSuiteCount = 1;
        prWapiInfo->au4PairwiseKeyCipherSuite[0] = WAPI_CIPHER_SUITE_WPI;

        DBGLOG(SEC, LOUD, ("WAPI: pairwise key cipher suite: %02x-%02x-%02x-%02x (default)\n",
            (UCHAR) (prWapiInfo->au4PairwiseKeyCipherSuite[0] & 0x000000FF),
            (UCHAR) ((prWapiInfo->au4PairwiseKeyCipherSuite[0] >> 8) & 0x000000FF),
            (UCHAR) ((prWapiInfo->au4PairwiseKeyCipherSuite[0] >> 16) & 0x000000FF),
            (UCHAR) ((prWapiInfo->au4PairwiseKeyCipherSuite[0] >> 24) & 0x000000FF)));
    }

    if (pucAuthSuite) {
        /* The information about the authentication and key management suites
           is present. */
        if (u2AuthSuiteCount > MAX_NUM_SUPPORTED_WAPI_AKM_SUITES) {
            u2AuthSuiteCount = MAX_NUM_SUPPORTED_WAPI_AKM_SUITES;
        }

        prWapiInfo->u4AuthKeyMgtSuiteCount = (UINT_32) u2AuthSuiteCount;

        for (i = 0; i < (UINT_32) u2AuthSuiteCount; i++) {
            WLAN_GET_FIELD_32(pucAuthSuite, &prWapiInfo->au4AuthKeyMgtSuite[i]);
            pucAuthSuite += 4;

            DBGLOG(SEC, LOUD, ("WAPI: AKM suite [%d]: %02x-%02x-%02x-%02x\n",
                (UINT_8)i, (UCHAR) (prWapiInfo->au4AuthKeyMgtSuite[i] & 0x000000FF),
                (UCHAR) ((prWapiInfo->au4AuthKeyMgtSuite[i] >> 8) & 0x000000FF),
                (UCHAR) ((prWapiInfo->au4AuthKeyMgtSuite[i] >> 16) & 0x000000FF),
                (UCHAR) ((prWapiInfo->au4AuthKeyMgtSuite[i] >> 24) & 0x000000FF)));
        }
    }
    else {
        /* The information about the authentication and key management suites
           is not present. Use the default AKM suite for WAPI. */
        prWapiInfo->u4AuthKeyMgtSuiteCount = 1;
        prWapiInfo->au4AuthKeyMgtSuite[0] = WAPI_AKM_SUITE_802_1X;

        DBGLOG(SEC, LOUD, ("WAPI: AKM suite: %02x-%02x-%02x-%02x (default)\n",
            (UCHAR) (prWapiInfo->au4AuthKeyMgtSuite[0] & 0x000000FF),
            (UCHAR) ((prWapiInfo->au4AuthKeyMgtSuite[0] >> 8) & 0x000000FF),
            (UCHAR) ((prWapiInfo->au4AuthKeyMgtSuite[0] >> 16) & 0x000000FF),
            (UCHAR) ((prWapiInfo->au4AuthKeyMgtSuite[0] >> 24) & 0x000000FF)));
    }

    prWapiInfo->u2WapiCap = u2Cap;
    DBGLOG(SEC, LOUD, ("WAPI: cap: 0x%04x\n", prWapiInfo->u2WapiCap));

    return TRUE;
}   /* wapiParseWapiIE */


/*----------------------------------------------------------------------------*/
/*!
* \brief This routine is called to perform WAPI policy selection for a given BSS.
*
* \param[in]  prAdapter Pointer to the adapter object data area.
* \param[in]  prBss Pointer to the BSS description
*
* \retval TRUE - The WAPI policy selection for the given BSS is
*                successful. The selected pairwise and group cipher suites
*                are returned in the BSS description.
* \retval FALSE - The WAPI policy selection for the given BSS is failed.
*                 The driver shall not attempt to join the given BSS.
*
* \note The Encrypt status matched score will save to bss for final ap select.
*/
/*----------------------------------------------------------------------------*/
BOOLEAN
wapiPerformPolicySelection (
    IN  P_ADAPTER_T         prAdapter,
    IN  P_BSS_DESC_T        prBss
    )
{
    UINT_32                 i;
    UINT_32                 u4PairwiseCipher = 0;
    UINT_32                 u4GroupCipher = 0;
    UINT_32                 u4AkmSuite = 0;
    P_WAPI_INFO_T           prBssWapiInfo;
    P_WLAN_INFO_T           prWlanInfo;

    DEBUGFUNC("wapiPerformPolicySelection");

    ASSERT(prBss);

    /* Notice!!!! WAPI AP not set the privacy bit for WAI and WAI-PSK at WZC configuration mode */
    prWlanInfo = &prAdapter->rWlanInfo;

    if (prBss->fgIEWAPI) {
        prBssWapiInfo = &prBss->rIEWAPI;
    }
    else {
        if (prAdapter->rWifiVar.rConnSettings.fgWapiMode == FALSE) {
            DBGLOG(SEC, TRACE,("-- No Protected BSS\n"));
            return TRUE;
        }
        else {
            DBGLOG(SEC, TRACE, ("WAPI Information Element does not exist.\n"));
            return FALSE;
        }
    }

    /* Select pairwise/group ciphers */
    for (i = 0; i < prBssWapiInfo->u4PairwiseKeyCipherSuiteCount; i++) {
        if (prBssWapiInfo->au4PairwiseKeyCipherSuite[i] ==
            prAdapter->rWifiVar.rConnSettings.u4WapiSelectedPairwiseCipher) {
                u4PairwiseCipher = prBssWapiInfo->au4PairwiseKeyCipherSuite[i];
        }
    }
    if (prBssWapiInfo->u4GroupKeyCipherSuite ==
        prAdapter->rWifiVar.rConnSettings.u4WapiSelectedGroupCipher)
        u4GroupCipher = prBssWapiInfo->u4GroupKeyCipherSuite;

    /* Exception handler */
    /* If we cannot find proper pairwise and group cipher suites to join the
       BSS, do not check the supported AKM suites. */
    if (u4PairwiseCipher == 0 || u4GroupCipher == 0) {
        DBGLOG(SEC, TRACE, ("Failed to select pairwise/group cipher (0x%08x/0x%08x)\n",
            u4PairwiseCipher, u4GroupCipher));
        return FALSE;
    }

    /* Select AKM */
    /* If the driver cannot support any authentication suites advertised in
       the given BSS, we fail to perform RSNA policy selection. */
    /* Attempt to find any overlapping supported AKM suite. */
    for (i = 0; i < prBssWapiInfo->u4AuthKeyMgtSuiteCount; i++) {
        if (prBssWapiInfo->au4AuthKeyMgtSuite[i] == prAdapter->rWifiVar.rConnSettings.u4WapiSelectedAKMSuite) {
            u4AkmSuite = prBssWapiInfo->au4AuthKeyMgtSuite[i];
            break;
        }
    }

    if (u4AkmSuite == 0) {
        DBGLOG(SEC, TRACE, ("Cannot support any AKM suites\n"));
        return FALSE;
    }

    DBGLOG(SEC, TRACE, ("Selected pairwise/group cipher: %02x-%02x-%02x-%02x/%02x-%02x-%02x-%02x\n",
        (UINT_8) (u4PairwiseCipher & 0x000000FF),
        (UINT_8) ((u4PairwiseCipher >> 8) & 0x000000FF),
        (UINT_8) ((u4PairwiseCipher >> 16) & 0x000000FF),
        (UINT_8) ((u4PairwiseCipher >> 24) & 0x000000FF),
        (UINT_8) (u4GroupCipher & 0x000000FF),
        (UINT_8) ((u4GroupCipher >> 8) & 0x000000FF),
        (UINT_8) ((u4GroupCipher >> 16) & 0x000000FF),
        (UINT_8) ((u4GroupCipher >> 24) & 0x000000FF)));

    DBGLOG(SEC, TRACE, ("Selected AKM suite: %02x-%02x-%02x-%02x\n",
        (UINT_8) (u4AkmSuite & 0x000000FF),
        (UINT_8) ((u4AkmSuite >> 8) & 0x000000FF),
        (UINT_8) ((u4AkmSuite >> 16) & 0x000000FF),
        (UINT_8) ((u4AkmSuite >> 24) & 0x000000FF)));

    return TRUE;
}  /* wapiPerformPolicySelection */

#if 0
/*----------------------------------------------------------------------------*/
/*!
* \brief This routine is use for wapi mode, to update the current wpi tx idx ? 0 :1 .
*
* \param[in]  prStaRec Pointer to the Sta record
* \param[out] ucWlanIdx The Rx status->wlanidx field
*
* \retval TRUE - Succeeded
* \retval FALSE - Failed
*/
/*----------------------------------------------------------------------------*/
BOOLEAN
wapiUpdateTxKeyIdx (
    IN  P_STA_RECORD_T     prStaRec,
    IN  UINT_8             ucWlanIdx
    )
{
    UINT_8 ucKeyId;

    if ((ucWlanIdx & BITS(0, 3)) == CIPHER_SUITE_WPI) {

        ucKeyId = ((ucWlanIdx & BITS(4, 5)) >> 4);

        if (ucKeyId != g_prWifiVar->rAisSpecificBssInfo.ucWpiActivedPWKey) {
            DBGLOG(RSN, STATE, ("Change wapi key index from %d->%d\n", g_prWifiVar->rAisSpecificBssInfo.ucWpiActivedPWKey, ucKeyId));
            g_prWifiVar->rAisSpecificBssInfo.ucWpiActivedPWKey = ucKeyId;

            prStaRec->ucWTEntry =
                (ucKeyId == WTBL_AIS_BSSID_WAPI_IDX_0) ? WTBL_AIS_BSSID_WAPI_IDX_0 : WTBL_AIS_BSSID_WAPI_IDX_1;
        }
    }
}
#endif
#endif
Commit	Line	Data
6fa3eb70 S	1	/*
	2	** $Id: //Department/DaVinci/BRANCHES/MT6620_WIFI_DRIVER_V2_3/mgmt/wapi.c#1 $
	3	*/
	4
	5	/*! \file "wapi.c"
	6	\brief This file including the WAPI related function.
	7
	8	This file provided the macros and functions library support the wapi ie parsing,
	9	cipher and AKM check to help the AP seleced deciding.
	10	*/
	11
	12
	13
	14	/*
	15	** $Log: wapi.c $
	16	**
	17	** 10 24 2012 wh.su
	18	** [ALPS00376392] [klocwork 9.1] in wapi.c, line 344
	19	** Use MAX_NUM_SUPPORTED_WAPI_AKM_SUITESfor avoid Klocwork warning.
	20	**
	21	** 10 24 2012 wh.su
	22	** [ALPS00376391] [klocwork 9.1] in wapi.c, line 311
	23	** Use the MAX_NUM_SUPPORTED_WAPI_CIPHER_SUITES for avoid Klccwork waring.
	24	*
	25	* 11 10 2011 wh.su
	26	* [WCXRP00001078] [MT6620 Wi-Fi][Driver] Adding the mediatek log improment support : XLOG
	27	* change the debug module level.
	28	*
	29	* 10 20 2010 wh.su
	30	* [WCXRP00000067] [MT6620 Wi-Fi][Driver] Support the android+ WAPI function
	31	* fixed the network type
	32	*
	33	* 09 01 2010 wh.su
	34	* NULL
	35	* adding the wapi support for integration test.
	36	*
	37	* 07 20 2010 wh.su
	38	*
	39	* .
	40	*
	41	* 04 06 2010 wh.su
	42	* [BORA00000680][MT6620] Support the statistic for Micxxsoft os query
	43	* fixed the firmware return the broadcast frame at wrong tc.
	44	*
	45	* 03 03 2010 wh.su
	46	* [BORA00000637][MT6620 Wi-Fi] [Bug] WPA2 pre-authentication timer not correctly initialize
	47	* move the AIS specific variable for security to AIS specific structure.
	48	*
	49	* 12 18 2009 cm.chang
	50	* [BORA00000018]Integrate WIFI part into BORA for the 1st time
	51	* .
	52	*
	53	* Dec 8 2009 mtk01088
	54	* [BORA00000476] [Wi-Fi][firmware] Add the security module initialize code
	55	* adding the function to check and update the default wapi tx
	56	*
	57	* Dec 7 2009 mtk01088
	58	* [BORA00000476] [Wi-Fi][firmware] Add the security module initialize code
	59	* adding the generate wapi ie function, and replace the tabe by space
	60	*
	61	* Nov 23 2009 mtk01088
	62	* [BORA00000476] [Wi-Fi][firmware] Add the security module initialize code
	63	*
	64	*/
65
66	/*******************************************************************************
67	* C O M P I L E R F L A G S
68	********************************************************************************
69	*/
70
71	/*******************************************************************************
72	* E X T E R N A L R E F E R E N C E S
73	********************************************************************************
74	*/
75
76	#include "precomp.h"
77	#if CFG_SUPPORT_WAPI
78
79	/*******************************************************************************
80	* C O N S T A N T S
81	********************************************************************************
82	*/
83
84	/*******************************************************************************
85	* D A T A T Y P E S
86	********************************************************************************
87	*/
88
89	/*******************************************************************************
90	* P U B L I C D A T A
91	********************************************************************************
92	*/
93
94	/*******************************************************************************
95	* P R I V A T E D A T A
96	********************************************************************************
97	*/
98
99	/*******************************************************************************
100	* M A C R O S
101	********************************************************************************
102	*/
103
104	/*******************************************************************************
105	* F U N C T I O N D E C L A R A T I O N S
106	********************************************************************************
107	*/
108
109	/*******************************************************************************
110	* F U N C T I O N S
111	********************************************************************************
112	*/
113
114	/----------------------------------------------------------------------------/
115	/*!
116	*
117	* \brief This routine is called to generate WPA IE for
118	* associate request frame.
119	*
120	* \param[in] prCurrentBss The Selected BSS description
121	*
122	* \retval The append WPA IE length
123	*
124	* \note
125	* Called by: AIS module, Associate request
126	*/
127	/----------------------------------------------------------------------------/
128	VOID
129	wapiGenerateWAPIIE (
130	IN P_ADAPTER_T prAdapter,
131	IN P_MSDU_INFO_T prMsduInfo
132	)
133	{
134	PUINT_8 pucBuffer;
135
136	ASSERT(prAdapter);
137	ASSERT(prMsduInfo);
138
139	if (prMsduInfo->ucNetworkType != NETWORK_TYPE_AIS_INDEX)
140	return;
141
142	pucBuffer = (PUINT_8)((ULONG)prMsduInfo->prPacket +
143	prMsduInfo->u2FrameLength);
144
145	/* ASSOC INFO IE ID: 68 :0x44 */
146	if (/* prWlanInfo->fgWapiMode && */ prAdapter->prGlueInfo->u2WapiAssocInfoIESz) {
147	kalMemCopy(pucBuffer, &prAdapter->prGlueInfo->aucWapiAssocInfoIEs, prAdapter->prGlueInfo->u2WapiAssocInfoIESz);
148	prMsduInfo->u2FrameLength += prAdapter->prGlueInfo->u2WapiAssocInfoIESz;
149	}
150
151	}
152
153
154	/----------------------------------------------------------------------------/
155	/*!
156	* \brief This routine is called to parse WAPI IE.
157	*
158	* \param[in] prInfoElem Pointer to the RSN IE
159	* \param[out] prRsnInfo Pointer to the BSSDescription structure to store the
160	** WAPI information from the given WAPI IE
161	*
162	* \retval TRUE - Succeeded
163	* \retval FALSE - Failed
164	*/
165	/----------------------------------------------------------------------------/
166	BOOLEAN
167	wapiParseWapiIE (
168	IN P_WAPI_INFO_ELEM_T prInfoElem,
169	OUT P_WAPI_INFO_T prWapiInfo
170	)
171	{
172	UINT_32 i;
173	INT_32 u4RemainWapiIeLen;
174	UINT_16 u2Version;
175	UINT_16 u2Cap = 0;
176	UINT_32 u4GroupSuite = WAPI_CIPHER_SUITE_WPI;
177	UINT_16 u2PairSuiteCount = 0;
178	UINT_16 u2AuthSuiteCount = 0;
179	PUCHAR pucPairSuite = NULL;
180	PUCHAR pucAuthSuite = NULL;
181	PUCHAR cp;
182
183	DEBUGFUNC("wapiParseWapiIE");
184
185	ASSERT(prInfoElem);
186	ASSERT(prWapiInfo);
187
188	/* Verify the length of the WAPI IE. */
189	if (prInfoElem->ucLength < 6) {
190	DBGLOG(SEC, TRACE, ("WAPI IE length too short (length=%d)\n", prInfoElem->ucLength));
191	return FALSE;
192	}
193
194	/* Check WAPI version: currently, we only support version 1. */
195	WLAN_GET_FIELD_16(&prInfoElem->u2Version, &u2Version);
196	if (u2Version != 1) {
197	DBGLOG(SEC, TRACE, ("Unsupported WAPI IE version: %d\n", u2Version));
198	return FALSE;
199	}
200
201	cp = (PUCHAR) &prInfoElem->u2AuthKeyMgtSuiteCount;
202	u4RemainWapiIeLen = (INT_32) prInfoElem->ucLength - 2;
203
204	do {
205	if (u4RemainWapiIeLen == 0) {
206	break;
207	}
208
209	/*
210	AuthCount : 2
211	AuthSuite : 4 * authSuiteCount
212	PairwiseCount: 2
213	PairwiseSuite: 4 * pairSuiteCount
214	GroupSuite : 4
215	Cap : 2 */
216
217	/* Parse the Authentication and Key Management Cipher Suite Count
218	field. */
219	if (u4RemainWapiIeLen < 2) {
220	DBGLOG(SEC, TRACE, ("Fail to parse WAPI IE in auth & key mgt suite count (IE len: %d)\n",
221	prInfoElem->ucLength));
222	return FALSE;
223	}
224
225	WLAN_GET_FIELD_16(cp, &u2AuthSuiteCount);
226	cp += 2;
227	u4RemainWapiIeLen -= 2;
228
229	/* Parse the Authentication and Key Management Cipher Suite List
230	field. */
231	i = (UINT_32) u2AuthSuiteCount * 4;
232	if (u4RemainWapiIeLen < (INT_32) i) {
233	DBGLOG(SEC, TRACE, ("Fail to parse WAPI IE in auth & key mgt suite list (IE len: %d)\n",
234	prInfoElem->ucLength));
235	return FALSE;
236	}
237
238	pucAuthSuite = cp;
239
240	cp += i;
241	u4RemainWapiIeLen -= (INT_32) i;
242
243	if (u4RemainWapiIeLen == 0) {
244	break;
245	}
246
247	/* Parse the Pairwise Key Cipher Suite Count field. */
248	if (u4RemainWapiIeLen < 2) {
249	DBGLOG(SEC, TRACE, ("Fail to parse WAPI IE in pairwise cipher suite count (IE len: %d)\n",
250	prInfoElem->ucLength));
251	return FALSE;
252	}
253
254	WLAN_GET_FIELD_16(cp, &u2PairSuiteCount);
255	cp += 2;
256	u4RemainWapiIeLen -= 2;
257
258	/* Parse the Pairwise Key Cipher Suite List field. */
259	i = (UINT_32) u2PairSuiteCount * 4;
260	if (u4RemainWapiIeLen < (INT_32) i) {
261	DBGLOG(SEC, TRACE, ("Fail to parse WAPI IE in pairwise cipher suite list (IE len: %d)\n",
262	prInfoElem->ucLength));
263	return FALSE;
264	}
265
266	pucPairSuite = cp;
267
268	cp += i;
269	u4RemainWapiIeLen -= (INT_32) i;
270
271	/* Parse the Group Key Cipher Suite field. */
272	if (u4RemainWapiIeLen < 4) {
273	DBGLOG(SEC, TRACE, ("Fail to parse WAPI IE in group cipher suite (IE len: %d)\n",
274	prInfoElem->ucLength));
275	return FALSE;
276	}
277
278	WLAN_GET_FIELD_32(cp, &u4GroupSuite);
279	cp += 4;
280	u4RemainWapiIeLen -= 4;
281
282	/* Parse the WAPI u2Capabilities field. */
283	if (u4RemainWapiIeLen < 2) {
284	DBGLOG(SEC, TRACE, ("Fail to parse WAPI IE in WAPI capabilities (IE len: %d)\n",
285	prInfoElem->ucLength));
286	return FALSE;
287	}
288
289	WLAN_GET_FIELD_16(cp, &u2Cap);
290	u4RemainWapiIeLen -= 2;
291
292	/* Todo:: BKID support */
293	} while (FALSE);
294
295	/* Save the WAPI information for the BSS. */
296
297	prWapiInfo->ucElemId = ELEM_ID_WAPI;
298
299	prWapiInfo->u2Version = u2Version;
300
301	prWapiInfo->u4GroupKeyCipherSuite = u4GroupSuite;
302
303	DBGLOG(SEC, LOUD, ("WAPI: version %d, group key cipher suite %02x-%02x-%02x-%02x\n",
304	u2Version, (UCHAR) (u4GroupSuite & 0x000000FF),
305	(UCHAR) ((u4GroupSuite >> 8) & 0x000000FF),
306	(UCHAR) ((u4GroupSuite >> 16) & 0x000000FF),
307	(UCHAR) ((u4GroupSuite >> 24) & 0x000000FF)));
308
309	if (pucPairSuite) {
310	/* The information about the pairwise key cipher suites is present. */
311	if (u2PairSuiteCount > MAX_NUM_SUPPORTED_WAPI_CIPHER_SUITES) {
312	u2PairSuiteCount = MAX_NUM_SUPPORTED_WAPI_CIPHER_SUITES;
313	}
314
315	prWapiInfo->u4PairwiseKeyCipherSuiteCount = (UINT_32) u2PairSuiteCount;
316
317	for (i = 0; i < (UINT_32) u2PairSuiteCount; i++) {
318	WLAN_GET_FIELD_32(pucPairSuite,
319	&prWapiInfo->au4PairwiseKeyCipherSuite[i]);
320	pucPairSuite += 4;
321
322	DBGLOG(SEC, LOUD,("WAPI: pairwise key cipher suite [%d]: %02x-%02x-%02x-%02x\n",
323	(UINT_8)i, (UCHAR) (prWapiInfo->au4PairwiseKeyCipherSuite[i] & 0x000000FF),
324	(UCHAR) ((prWapiInfo->au4PairwiseKeyCipherSuite[i] >> 8) & 0x000000FF),
325	(UCHAR) ((prWapiInfo->au4PairwiseKeyCipherSuite[i] >> 16) & 0x000000FF),
326	(UCHAR) ((prWapiInfo->au4PairwiseKeyCipherSuite[i] >> 24) & 0x000000FF)));
327	}
328	}
329	else {
330	/* The information about the pairwise key cipher suites is not present.
331	Use the default chipher suite for WAPI: WPI. */
332	prWapiInfo->u4PairwiseKeyCipherSuiteCount = 1;
333	prWapiInfo->au4PairwiseKeyCipherSuite[0] = WAPI_CIPHER_SUITE_WPI;
334
335	DBGLOG(SEC, LOUD, ("WAPI: pairwise key cipher suite: %02x-%02x-%02x-%02x (default)\n",
336	(UCHAR) (prWapiInfo->au4PairwiseKeyCipherSuite[0] & 0x000000FF),
337	(UCHAR) ((prWapiInfo->au4PairwiseKeyCipherSuite[0] >> 8) & 0x000000FF),
338	(UCHAR) ((prWapiInfo->au4PairwiseKeyCipherSuite[0] >> 16) & 0x000000FF),
339	(UCHAR) ((prWapiInfo->au4PairwiseKeyCipherSuite[0] >> 24) & 0x000000FF)));
340	}
341
342	if (pucAuthSuite) {
343	/* The information about the authentication and key management suites
344	is present. */
345	if (u2AuthSuiteCount > MAX_NUM_SUPPORTED_WAPI_AKM_SUITES) {
346	u2AuthSuiteCount = MAX_NUM_SUPPORTED_WAPI_AKM_SUITES;
347	}
348
349	prWapiInfo->u4AuthKeyMgtSuiteCount = (UINT_32) u2AuthSuiteCount;
350
351	for (i = 0; i < (UINT_32) u2AuthSuiteCount; i++) {
352	WLAN_GET_FIELD_32(pucAuthSuite, &prWapiInfo->au4AuthKeyMgtSuite[i]);
353	pucAuthSuite += 4;
354
355	DBGLOG(SEC, LOUD, ("WAPI: AKM suite [%d]: %02x-%02x-%02x-%02x\n",
356	(UINT_8)i, (UCHAR) (prWapiInfo->au4AuthKeyMgtSuite[i] & 0x000000FF),
357	(UCHAR) ((prWapiInfo->au4AuthKeyMgtSuite[i] >> 8) & 0x000000FF),
358	(UCHAR) ((prWapiInfo->au4AuthKeyMgtSuite[i] >> 16) & 0x000000FF),
359	(UCHAR) ((prWapiInfo->au4AuthKeyMgtSuite[i] >> 24) & 0x000000FF)));
360	}
361	}
362	else {
363	/* The information about the authentication and key management suites
364	is not present. Use the default AKM suite for WAPI. */
365	prWapiInfo->u4AuthKeyMgtSuiteCount = 1;
366	prWapiInfo->au4AuthKeyMgtSuite[0] = WAPI_AKM_SUITE_802_1X;
367
368	DBGLOG(SEC, LOUD, ("WAPI: AKM suite: %02x-%02x-%02x-%02x (default)\n",
369	(UCHAR) (prWapiInfo->au4AuthKeyMgtSuite[0] & 0x000000FF),
370	(UCHAR) ((prWapiInfo->au4AuthKeyMgtSuite[0] >> 8) & 0x000000FF),
371	(UCHAR) ((prWapiInfo->au4AuthKeyMgtSuite[0] >> 16) & 0x000000FF),
372	(UCHAR) ((prWapiInfo->au4AuthKeyMgtSuite[0] >> 24) & 0x000000FF)));
373	}
374
375	prWapiInfo->u2WapiCap = u2Cap;
376	DBGLOG(SEC, LOUD, ("WAPI: cap: 0x%04x\n", prWapiInfo->u2WapiCap));
377
378	return TRUE;
379	} /* wapiParseWapiIE */
380
381
382	/----------------------------------------------------------------------------/
383	/*!
384	* \brief This routine is called to perform WAPI policy selection for a given BSS.
385	*
386	* \param[in] prAdapter Pointer to the adapter object data area.
387	* \param[in] prBss Pointer to the BSS description
388	*
389	* \retval TRUE - The WAPI policy selection for the given BSS is
390	* successful. The selected pairwise and group cipher suites
391	* are returned in the BSS description.
392	* \retval FALSE - The WAPI policy selection for the given BSS is failed.
393	* The driver shall not attempt to join the given BSS.
394	*
395	* \note The Encrypt status matched score will save to bss for final ap select.
396	*/
397	/----------------------------------------------------------------------------/
398	BOOLEAN
399	wapiPerformPolicySelection (
400	IN P_ADAPTER_T prAdapter,
401	IN P_BSS_DESC_T prBss
402	)
403	{
404	UINT_32 i;
405	UINT_32 u4PairwiseCipher = 0;
406	UINT_32 u4GroupCipher = 0;
407	UINT_32 u4AkmSuite = 0;
408	P_WAPI_INFO_T prBssWapiInfo;
409	P_WLAN_INFO_T prWlanInfo;
410
411	DEBUGFUNC("wapiPerformPolicySelection");
412
413	ASSERT(prBss);
414
415	/* Notice!!!! WAPI AP not set the privacy bit for WAI and WAI-PSK at WZC configuration mode */
416	prWlanInfo = &prAdapter->rWlanInfo;
417
418	if (prBss->fgIEWAPI) {
419	prBssWapiInfo = &prBss->rIEWAPI;
420	}
421	else {
422	if (prAdapter->rWifiVar.rConnSettings.fgWapiMode == FALSE) {
423	DBGLOG(SEC, TRACE,("-- No Protected BSS\n"));
424	return TRUE;
425	}
426	else {
427	DBGLOG(SEC, TRACE, ("WAPI Information Element does not exist.\n"));
428	return FALSE;
429	}
430	}
431
432	/* Select pairwise/group ciphers */
433	for (i = 0; i < prBssWapiInfo->u4PairwiseKeyCipherSuiteCount; i++) {
434	if (prBssWapiInfo->au4PairwiseKeyCipherSuite[i] ==
435	prAdapter->rWifiVar.rConnSettings.u4WapiSelectedPairwiseCipher) {
436	u4PairwiseCipher = prBssWapiInfo->au4PairwiseKeyCipherSuite[i];
437	}
438	}
439	if (prBssWapiInfo->u4GroupKeyCipherSuite ==
440	prAdapter->rWifiVar.rConnSettings.u4WapiSelectedGroupCipher)
441	u4GroupCipher = prBssWapiInfo->u4GroupKeyCipherSuite;
442
443	/* Exception handler */
444	/* If we cannot find proper pairwise and group cipher suites to join the
445	BSS, do not check the supported AKM suites. */
446	if (u4PairwiseCipher == 0 \|\| u4GroupCipher == 0) {
447	DBGLOG(SEC, TRACE, ("Failed to select pairwise/group cipher (0x%08x/0x%08x)\n",
448	u4PairwiseCipher, u4GroupCipher));
449	return FALSE;
450	}
451
452	/* Select AKM */
453	/* If the driver cannot support any authentication suites advertised in
454	the given BSS, we fail to perform RSNA policy selection. */
455	/* Attempt to find any overlapping supported AKM suite. */
456	for (i = 0; i < prBssWapiInfo->u4AuthKeyMgtSuiteCount; i++) {
457	if (prBssWapiInfo->au4AuthKeyMgtSuite[i] == prAdapter->rWifiVar.rConnSettings.u4WapiSelectedAKMSuite) {
458	u4AkmSuite = prBssWapiInfo->au4AuthKeyMgtSuite[i];
459	break;
460	}
461	}
462
463	if (u4AkmSuite == 0) {
464	DBGLOG(SEC, TRACE, ("Cannot support any AKM suites\n"));
465	return FALSE;
466	}
467
468	DBGLOG(SEC, TRACE, ("Selected pairwise/group cipher: %02x-%02x-%02x-%02x/%02x-%02x-%02x-%02x\n",
469	(UINT_8) (u4PairwiseCipher & 0x000000FF),
470	(UINT_8) ((u4PairwiseCipher >> 8) & 0x000000FF),
471	(UINT_8) ((u4PairwiseCipher >> 16) & 0x000000FF),
472	(UINT_8) ((u4PairwiseCipher >> 24) & 0x000000FF),
473	(UINT_8) (u4GroupCipher & 0x000000FF),
474	(UINT_8) ((u4GroupCipher >> 8) & 0x000000FF),
475	(UINT_8) ((u4GroupCipher >> 16) & 0x000000FF),
476	(UINT_8) ((u4GroupCipher >> 24) & 0x000000FF)));
477
478	DBGLOG(SEC, TRACE, ("Selected AKM suite: %02x-%02x-%02x-%02x\n",
479	(UINT_8) (u4AkmSuite & 0x000000FF),
480	(UINT_8) ((u4AkmSuite >> 8) & 0x000000FF),
481	(UINT_8) ((u4AkmSuite >> 16) & 0x000000FF),
482	(UINT_8) ((u4AkmSuite >> 24) & 0x000000FF)));
483
484	return TRUE;
485	} /* wapiPerformPolicySelection */
486
487	#if 0
488	/----------------------------------------------------------------------------/
489	/*!
490	* \brief This routine is use for wapi mode, to update the current wpi tx idx ? 0 :1 .
491	*
492	* \param[in] prStaRec Pointer to the Sta record
493	* \param[out] ucWlanIdx The Rx status->wlanidx field
494	*
495	* \retval TRUE - Succeeded
496	* \retval FALSE - Failed
497	*/
498	/----------------------------------------------------------------------------/
499	BOOLEAN
500	wapiUpdateTxKeyIdx (
501	IN P_STA_RECORD_T prStaRec,
502	IN UINT_8 ucWlanIdx
503	)
504	{
505	UINT_8 ucKeyId;
506
507	if ((ucWlanIdx & BITS(0, 3)) == CIPHER_SUITE_WPI) {
508
509	ucKeyId = ((ucWlanIdx & BITS(4, 5)) >> 4);
510
511	if (ucKeyId != g_prWifiVar->rAisSpecificBssInfo.ucWpiActivedPWKey) {
512	DBGLOG(RSN, STATE, ("Change wapi key index from %d->%d\n", g_prWifiVar->rAisSpecificBssInfo.ucWpiActivedPWKey, ucKeyId));
513	g_prWifiVar->rAisSpecificBssInfo.ucWpiActivedPWKey = ucKeyId;
514
515	prStaRec->ucWTEntry =
516	(ucKeyId == WTBL_AIS_BSSID_WAPI_IDX_0) ? WTBL_AIS_BSSID_WAPI_IDX_0 : WTBL_AIS_BSSID_WAPI_IDX_1;
517	}
518	}
519	}
520	#endif
521	#endif
522