[GitHub/mt8127/android_kernel_alcatel_ttab.git] / drivers / staging / vt6655 / wpa.c

/*
 * Copyright (c) 1996, 2003 VIA Networking Technologies, Inc.
 * All rights reserved.
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License along
 * with this program; if not, write to the Free Software Foundation, Inc.,
 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 *
 *
 * File: wpa.c
 *
 * Purpose: Handles the Basic Service Set & Node Database functions
 *
 * Functions:
 *      WPA_ParseRSN - Parse RSN IE.
 *
 * Revision History:
 *
 * Author: Kyle Hsu
 *
 * Date: July 14, 2003
 *
 */

#include "ttype.h"
#include "tmacro.h"
#include "tether.h"
#include "device.h"
#include "80211hdr.h"
#include "bssdb.h"
#include "wmgr.h"
#include "wpa.h"
#include "80211mgr.h"

/*---------------------  Static Variables  --------------------------*/
static int          msglevel                =MSG_LEVEL_INFO;

const BYTE abyOUI00[4] = { 0x00, 0x50, 0xf2, 0x00 };
const BYTE abyOUI01[4] = { 0x00, 0x50, 0xf2, 0x01 };
const BYTE abyOUI02[4] = { 0x00, 0x50, 0xf2, 0x02 };
const BYTE abyOUI03[4] = { 0x00, 0x50, 0xf2, 0x03 };
const BYTE abyOUI04[4] = { 0x00, 0x50, 0xf2, 0x04 };
const BYTE abyOUI05[4] = { 0x00, 0x50, 0xf2, 0x05 };


/*+
 *
 * Description:
 *    Clear RSN information in BSSList.
 *
 * Parameters:
 *  In:
 *      pBSSList - BSS list.
 *  Out:
 *      none
 *
 * Return Value: none.
 *
-*/

void
WPA_ClearRSN (
    PKnownBSS        pBSSList
    )
{
    int ii;
    pBSSList->byGKType = WPA_TKIP;
    for (ii=0; ii < 4; ii ++)
        pBSSList->abyPKType[ii] = WPA_TKIP;
    pBSSList->wPKCount = 0;
    for (ii=0; ii < 4; ii ++)
        pBSSList->abyAuthType[ii] = WPA_AUTH_IEEE802_1X;
    pBSSList->wAuthCount = 0;
    pBSSList->byDefaultK_as_PK = 0;
    pBSSList->byReplayIdx = 0;
    pBSSList->sRSNCapObj.bRSNCapExist = FALSE;
    pBSSList->sRSNCapObj.wRSNCap = 0;
    pBSSList->bWPAValid = FALSE;
}


/*+
 *
 * Description:
 *    Parse RSN IE.
 *
 * Parameters:
 *  In:
 *      pBSSList - BSS list.
 *      pRSN - Pointer to the RSN IE.
 *  Out:
 *      none
 *
 * Return Value: none.
 *
-*/
void
WPA_ParseRSN (
    PKnownBSS        pBSSList,
    PWLAN_IE_RSN_EXT pRSN
    )
{
    PWLAN_IE_RSN_AUTH  pIE_RSN_Auth = NULL;
    int                i, j, m, n = 0;
    PBYTE              pbyCaps;

    WPA_ClearRSN(pBSSList);

    DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"WPA_ParseRSN: [%d]\n", pRSN->len);

    // information element header makes sense
    if ((pRSN->len >= 6) // oui1(4)+ver(2)
         && (pRSN->byElementID == WLAN_EID_RSN_WPA) &&  !memcmp(pRSN->abyOUI, abyOUI01, 4)
         && (pRSN->wVersion == 1)) {

        DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"Legal RSN\n");
        // update each variable if pRSN is long enough to contain the variable
        if (pRSN->len >= 10) //oui1(4)+ver(2)+GKSuite(4)
        {
            if ( !memcmp(pRSN->abyMulticast, abyOUI01, 4))
                pBSSList->byGKType = WPA_WEP40;
            else if ( !memcmp(pRSN->abyMulticast, abyOUI02, 4))
                pBSSList->byGKType = WPA_TKIP;
            else if ( !memcmp(pRSN->abyMulticast, abyOUI03, 4))
                pBSSList->byGKType = WPA_AESWRAP;
            else if ( !memcmp(pRSN->abyMulticast, abyOUI04, 4))
                pBSSList->byGKType = WPA_AESCCMP;
            else if ( !memcmp(pRSN->abyMulticast, abyOUI05, 4))
                pBSSList->byGKType = WPA_WEP104;
            else
                // any vendor checks here
                pBSSList->byGKType = WPA_NONE;

            DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"byGKType: %x\n", pBSSList->byGKType);
        }

        if (pRSN->len >= 12) //oui1(4)+ver(2)+GKS(4)+PKSCnt(2)
        {
            j = 0;
            DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"wPKCount: %d, sizeof(pBSSList->abyPKType): %zu\n", pRSN->wPKCount, sizeof(pBSSList->abyPKType));
            for(i = 0; (i < pRSN->wPKCount) && (j < sizeof(pBSSList->abyPKType)/sizeof(BYTE)); i++) {
                if(pRSN->len >= 12+i*4+4) { //oui1(4)+ver(2)+GKS(4)+PKSCnt(2)+PKS(4*i)
                    if ( !memcmp(pRSN->PKSList[i].abyOUI, abyOUI00, 4))
                        pBSSList->abyPKType[j++] = WPA_NONE;
                    else if ( !memcmp(pRSN->PKSList[i].abyOUI, abyOUI02, 4))
                        pBSSList->abyPKType[j++] = WPA_TKIP;
                    else if ( !memcmp(pRSN->PKSList[i].abyOUI, abyOUI03, 4))
                        pBSSList->abyPKType[j++] = WPA_AESWRAP;
                    else if ( !memcmp(pRSN->PKSList[i].abyOUI, abyOUI04, 4))
                        pBSSList->abyPKType[j++] = WPA_AESCCMP;
                    else
                        // any vendor checks here
                        ;
                }
                else
                    break;
                //DBG_PRN_GRP14(("abyPKType[%d]: %X\n", j-1, pBSSList->abyPKType[j-1]));
            } //for
            pBSSList->wPKCount = (WORD)j;
            DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"wPKCount: %d\n", pBSSList->wPKCount);
        }

        m = pRSN->wPKCount;
        DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"m: %d\n", m);
        DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"14+m*4: %d\n", 14+m*4);

        if (pRSN->len >= 14+m*4) { //oui1(4)+ver(2)+GKS(4)+PKSCnt(2)+PKS(4*m)+AKC(2)
            // overlay IE_RSN_Auth structure into correct place
            pIE_RSN_Auth = (PWLAN_IE_RSN_AUTH) pRSN->PKSList[m].abyOUI;
            j = 0;
            DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"wAuthCount: %d, sizeof(pBSSList->abyAuthType): %zu\n",
                          pIE_RSN_Auth->wAuthCount, sizeof(pBSSList->abyAuthType));
            for(i = 0; (i < pIE_RSN_Auth->wAuthCount) && (j < sizeof(pBSSList->abyAuthType)/sizeof(BYTE)); i++) {
                if(pRSN->len >= 14+4+(m+i)*4) { //oui1(4)+ver(2)+GKS(4)+PKSCnt(2)+PKS(4*m)+AKC(2)+AKS(4*i)
                    if ( !memcmp(pIE_RSN_Auth->AuthKSList[i].abyOUI, abyOUI01, 4))
                        pBSSList->abyAuthType[j++] = WPA_AUTH_IEEE802_1X;
                    else if ( !memcmp(pIE_RSN_Auth->AuthKSList[i].abyOUI, abyOUI02, 4))
                        pBSSList->abyAuthType[j++] = WPA_AUTH_PSK;
                    else
                    // any vendor checks here
                    ;
                }
                else
                    break;
                //DBG_PRN_GRP14(("abyAuthType[%d]: %X\n", j-1, pBSSList->abyAuthType[j-1]));
            }
            if(j > 0)
                pBSSList->wAuthCount = (WORD)j;
            DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"wAuthCount: %d\n", pBSSList->wAuthCount);
        }

        if (pIE_RSN_Auth != NULL) {

            n = pIE_RSN_Auth->wAuthCount;

            DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"n: %d\n", n);
            DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"14+4+(m+n)*4: %d\n", 14+4+(m+n)*4);

            if(pRSN->len+2 >= 14+4+(m+n)*4) { //oui1(4)+ver(2)+GKS(4)+PKSCnt(2)+PKS(4*m)+AKC(2)+AKS(4*n)+Cap(2)
                pbyCaps = (PBYTE)pIE_RSN_Auth->AuthKSList[n].abyOUI;
                pBSSList->byDefaultK_as_PK = (*pbyCaps) & WPA_GROUPFLAG;
                pBSSList->byReplayIdx = 2 << ((*pbyCaps >> WPA_REPLAYBITSSHIFT) & WPA_REPLAYBITS);
                pBSSList->sRSNCapObj.bRSNCapExist = TRUE;
                pBSSList->sRSNCapObj.wRSNCap = *(PWORD)pbyCaps;
                //DBG_PRN_GRP14(("pbyCaps: %X\n", *pbyCaps));
                //DBG_PRN_GRP14(("byDefaultK_as_PK: %X\n", pBSSList->byDefaultK_as_PK));
                //DBG_PRN_GRP14(("byReplayIdx: %X\n", pBSSList->byReplayIdx));
            }
        }
        pBSSList->bWPAValid = TRUE;
    }
}

/*+
 *
 * Description:
 *    Search RSN information in BSSList.
 *
 * Parameters:
 *  In:
 *      byCmd    - Search type
 *      byEncrypt- Encrcypt Type
 *      pBSSList - BSS list
 *  Out:
 *      none
 *
 * Return Value: none.
 *
-*/
BOOL
WPA_SearchRSN (
    BYTE                byCmd,
    BYTE                byEncrypt,
    PKnownBSS        pBSSList
    )
{
    int ii;
    BYTE byPKType = WPA_NONE;

    if (pBSSList->bWPAValid == FALSE)
        return FALSE;

    switch(byCmd) {
    case 0:

        if (byEncrypt != pBSSList->byGKType)
            return FALSE;

        if (pBSSList->wPKCount > 0) {
            for (ii = 0; ii < pBSSList->wPKCount; ii ++) {
                if (pBSSList->abyPKType[ii] == WPA_AESCCMP)
                    byPKType = WPA_AESCCMP;
                else if ((pBSSList->abyPKType[ii] == WPA_TKIP) && (byPKType != WPA_AESCCMP))
                     byPKType = WPA_TKIP;
                else if ((pBSSList->abyPKType[ii] == WPA_WEP40) && (byPKType != WPA_AESCCMP) && (byPKType != WPA_TKIP))
                     byPKType = WPA_WEP40;
                else if ((pBSSList->abyPKType[ii] == WPA_WEP104) && (byPKType != WPA_AESCCMP) && (byPKType != WPA_TKIP))
                     byPKType = WPA_WEP104;
            }
            if (byEncrypt != byPKType)
                return FALSE;
        }
        return TRUE;
//        if (pBSSList->wAuthCount > 0)
//            for (ii=0; ii < pBSSList->wAuthCount; ii ++)
//                if (byAuth == pBSSList->abyAuthType[ii])
//                    break;
        break;

    default:
        break;
    }
    return FALSE;
}

/*+
 *
 * Description:
 *    Check if RSN IE makes sense.
 *
 * Parameters:
 *  In:
 *      pRSN - Pointer to the RSN IE.
 *  Out:
 *      none
 *
 * Return Value: none.
 *
-*/
BOOL
WPAb_Is_RSN (
    PWLAN_IE_RSN_EXT pRSN
    )
{
    if (pRSN == NULL)
        return FALSE;

    if ((pRSN->len >= 6) && // oui1(4)+ver(2)
        (pRSN->byElementID == WLAN_EID_RSN_WPA) &&  !memcmp(pRSN->abyOUI, abyOUI01, 4) &&
        (pRSN->wVersion == 1)) {
        return TRUE;
    }
    else
        return FALSE;
}
Commit	Line	Data
5449c685 FB	1	/*
	2	* Copyright (c) 1996, 2003 VIA Networking Technologies, Inc.
	3	* All rights reserved.
	4	*
	5	* This program is free software; you can redistribute it and/or modify
	6	* it under the terms of the GNU General Public License as published by
	7	* the Free Software Foundation; either version 2 of the License, or
	8	* (at your option) any later version.
	9	*
	10	* This program is distributed in the hope that it will be useful,
	11	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	12	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	13	* GNU General Public License for more details.
	14	*
	15	* You should have received a copy of the GNU General Public License along
	16	* with this program; if not, write to the Free Software Foundation, Inc.,
	17	* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
	18	*
	19	*
	20	* File: wpa.c
	21	*
	22	* Purpose: Handles the Basic Service Set & Node Database functions
	23	*
	24	* Functions:
	25	* WPA_ParseRSN - Parse RSN IE.
	26	*
	27	* Revision History:
	28	*
	29	* Author: Kyle Hsu
	30	*
	31	* Date: July 14, 2003
	32	*
	33	*/
	34
5449c685	35	#include "ttype.h"
5449c685	36	#include "tmacro.h"
5449c685	37	#include "tether.h"
5449c685	38	#include "device.h"
5449c685	39	#include "80211hdr.h"
5449c685	40	#include "bssdb.h"
5449c685	41	#include "wmgr.h"
5449c685	42	#include "wpa.h"
5449c685	43	#include "80211mgr.h"
5449c685 FB	44
	45	/--------------------- Static Variables --------------------------/
	46	static int msglevel =MSG_LEVEL_INFO;
	47
	48	const BYTE abyOUI00[4] = { 0x00, 0x50, 0xf2, 0x00 };
	49	const BYTE abyOUI01[4] = { 0x00, 0x50, 0xf2, 0x01 };
	50	const BYTE abyOUI02[4] = { 0x00, 0x50, 0xf2, 0x02 };
	51	const BYTE abyOUI03[4] = { 0x00, 0x50, 0xf2, 0x03 };
	52	const BYTE abyOUI04[4] = { 0x00, 0x50, 0xf2, 0x04 };
	53	const BYTE abyOUI05[4] = { 0x00, 0x50, 0xf2, 0x05 };
	54
	55
	56	/*+
	57	*
	58	* Description:
	59	* Clear RSN information in BSSList.
	60	*
	61	* Parameters:
	62	* In:
	63	* pBSSList - BSS list.
	64	* Out:
	65	* none
	66	*
	67	* Return Value: none.
	68	*
	69	-*/
	70
6b35b7b3	71	void
5449c685	72	WPA_ClearRSN (
3a215e0f	73	PKnownBSS pBSSList
5449c685 FB	74	)
	75	{
	76	int ii;
	77	pBSSList->byGKType = WPA_TKIP;
	78	for (ii=0; ii < 4; ii ++)
	79	pBSSList->abyPKType[ii] = WPA_TKIP;
	80	pBSSList->wPKCount = 0;
	81	for (ii=0; ii < 4; ii ++)
	82	pBSSList->abyAuthType[ii] = WPA_AUTH_IEEE802_1X;
	83	pBSSList->wAuthCount = 0;
	84	pBSSList->byDefaultK_as_PK = 0;
	85	pBSSList->byReplayIdx = 0;
	86	pBSSList->sRSNCapObj.bRSNCapExist = FALSE;
	87	pBSSList->sRSNCapObj.wRSNCap = 0;
	88	pBSSList->bWPAValid = FALSE;
	89	}
	90
	91
	92	/*+
	93	*
	94	* Description:
	95	* Parse RSN IE.
	96	*
	97	* Parameters:
	98	* In:
	99	* pBSSList - BSS list.
	100	* pRSN - Pointer to the RSN IE.
	101	* Out:
	102	* none
	103	*
	104	* Return Value: none.
	105	*
	106	-*/
6b35b7b3	107	void
5449c685	108	WPA_ParseRSN (
3a215e0f CC	109	PKnownBSS pBSSList,
3a215e0f CC	110	PWLAN_IE_RSN_EXT pRSN
5449c685 FB	111	)
	112	{
	113	PWLAN_IE_RSN_AUTH pIE_RSN_Auth = NULL;
	114	int i, j, m, n = 0;
	115	PBYTE pbyCaps;
	116
	117	WPA_ClearRSN(pBSSList);
	118
7e809a9b	119	DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"WPA_ParseRSN: [%d]\n", pRSN->len);
5449c685 FB	120
	121	// information element header makes sense
	122	if ((pRSN->len >= 6) // oui1(4)+ver(2)
51b6d9c2	123	&& (pRSN->byElementID == WLAN_EID_RSN_WPA) && !memcmp(pRSN->abyOUI, abyOUI01, 4)
5449c685 FB	124	&& (pRSN->wVersion == 1)) {
5449c685 FB	125
7e809a9b	126	DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"Legal RSN\n");
5449c685 FB	127	// update each variable if pRSN is long enough to contain the variable
	128	if (pRSN->len >= 10) //oui1(4)+ver(2)+GKSuite(4)
	129	{
51b6d9c2	130	if ( !memcmp(pRSN->abyMulticast, abyOUI01, 4))
5449c685	131	pBSSList->byGKType = WPA_WEP40;
51b6d9c2	132	else if ( !memcmp(pRSN->abyMulticast, abyOUI02, 4))
5449c685	133	pBSSList->byGKType = WPA_TKIP;
51b6d9c2	134	else if ( !memcmp(pRSN->abyMulticast, abyOUI03, 4))
5449c685	135	pBSSList->byGKType = WPA_AESWRAP;
51b6d9c2	136	else if ( !memcmp(pRSN->abyMulticast, abyOUI04, 4))
5449c685	137	pBSSList->byGKType = WPA_AESCCMP;
51b6d9c2	138	else if ( !memcmp(pRSN->abyMulticast, abyOUI05, 4))
5449c685 FB	139	pBSSList->byGKType = WPA_WEP104;
	140	else
	141	// any vendor checks here
	142	pBSSList->byGKType = WPA_NONE;
	143
7e809a9b	144	DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"byGKType: %x\n", pBSSList->byGKType);
5449c685 FB	145	}
	146
	147	if (pRSN->len >= 12) //oui1(4)+ver(2)+GKS(4)+PKSCnt(2)
	148	{
	149	j = 0;
98853698	150	DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"wPKCount: %d, sizeof(pBSSList->abyPKType): %zu\n", pRSN->wPKCount, sizeof(pBSSList->abyPKType));
5449c685 FB	151	for(i = 0; (i < pRSN->wPKCount) && (j < sizeof(pBSSList->abyPKType)/sizeof(BYTE)); i++) {
5449c685 FB	152	if(pRSN->len >= 12+i4+4) { //oui1(4)+ver(2)+GKS(4)+PKSCnt(2)+PKS(4i)
51b6d9c2	153	if ( !memcmp(pRSN->PKSList[i].abyOUI, abyOUI00, 4))
5449c685	154	pBSSList->abyPKType[j++] = WPA_NONE;
51b6d9c2	155	else if ( !memcmp(pRSN->PKSList[i].abyOUI, abyOUI02, 4))
5449c685	156	pBSSList->abyPKType[j++] = WPA_TKIP;
51b6d9c2	157	else if ( !memcmp(pRSN->PKSList[i].abyOUI, abyOUI03, 4))
5449c685	158	pBSSList->abyPKType[j++] = WPA_AESWRAP;
51b6d9c2	159	else if ( !memcmp(pRSN->PKSList[i].abyOUI, abyOUI04, 4))
5449c685 FB	160	pBSSList->abyPKType[j++] = WPA_AESCCMP;
	161	else
	162	// any vendor checks here
	163	;
	164	}
	165	else
	166	break;
	167	//DBG_PRN_GRP14(("abyPKType[%d]: %X\n", j-1, pBSSList->abyPKType[j-1]));
	168	} //for
	169	pBSSList->wPKCount = (WORD)j;
7e809a9b	170	DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"wPKCount: %d\n", pBSSList->wPKCount);
5449c685 FB	171	}
	172
	173	m = pRSN->wPKCount;
7e809a9b JL	174	DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"m: %d\n", m);
7e809a9b JL	175	DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"14+m4: %d\n", 14+m4);
5449c685 FB	176
	177	if (pRSN->len >= 14+m4) { //oui1(4)+ver(2)+GKS(4)+PKSCnt(2)+PKS(4m)+AKC(2)
	178	// overlay IE_RSN_Auth structure into correct place
	179	pIE_RSN_Auth = (PWLAN_IE_RSN_AUTH) pRSN->PKSList[m].abyOUI;
	180	j = 0;
98853698	181	DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"wAuthCount: %d, sizeof(pBSSList->abyAuthType): %zu\n",
5449c685 FB	182	pIE_RSN_Auth->wAuthCount, sizeof(pBSSList->abyAuthType));
	183	for(i = 0; (i < pIE_RSN_Auth->wAuthCount) && (j < sizeof(pBSSList->abyAuthType)/sizeof(BYTE)); i++) {
	184	if(pRSN->len >= 14+4+(m+i)4) { //oui1(4)+ver(2)+GKS(4)+PKSCnt(2)+PKS(4m)+AKC(2)+AKS(4*i)
51b6d9c2	185	if ( !memcmp(pIE_RSN_Auth->AuthKSList[i].abyOUI, abyOUI01, 4))
5449c685	186	pBSSList->abyAuthType[j++] = WPA_AUTH_IEEE802_1X;
51b6d9c2	187	else if ( !memcmp(pIE_RSN_Auth->AuthKSList[i].abyOUI, abyOUI02, 4))
5449c685 FB	188	pBSSList->abyAuthType[j++] = WPA_AUTH_PSK;
	189	else
	190	// any vendor checks here
	191	;
	192	}
	193	else
	194	break;
	195	//DBG_PRN_GRP14(("abyAuthType[%d]: %X\n", j-1, pBSSList->abyAuthType[j-1]));
	196	}
	197	if(j > 0)
	198	pBSSList->wAuthCount = (WORD)j;
7e809a9b	199	DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"wAuthCount: %d\n", pBSSList->wAuthCount);
5449c685 FB	200	}
	201
	202	if (pIE_RSN_Auth != NULL) {
	203
	204	n = pIE_RSN_Auth->wAuthCount;
	205
7e809a9b JL	206	DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"n: %d\n", n);
7e809a9b JL	207	DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"14+4+(m+n)4: %d\n", 14+4+(m+n)4);
5449c685 FB	208
	209	if(pRSN->len+2 >= 14+4+(m+n)4) { //oui1(4)+ver(2)+GKS(4)+PKSCnt(2)+PKS(4m)+AKC(2)+AKS(4*n)+Cap(2)
	210	pbyCaps = (PBYTE)pIE_RSN_Auth->AuthKSList[n].abyOUI;
	211	pBSSList->byDefaultK_as_PK = (*pbyCaps) & WPA_GROUPFLAG;
	212	pBSSList->byReplayIdx = 2 << ((*pbyCaps >> WPA_REPLAYBITSSHIFT) & WPA_REPLAYBITS);
	213	pBSSList->sRSNCapObj.bRSNCapExist = TRUE;
	214	pBSSList->sRSNCapObj.wRSNCap = *(PWORD)pbyCaps;
	215	//DBG_PRN_GRP14(("pbyCaps: %X\n", *pbyCaps));
	216	//DBG_PRN_GRP14(("byDefaultK_as_PK: %X\n", pBSSList->byDefaultK_as_PK));
	217	//DBG_PRN_GRP14(("byReplayIdx: %X\n", pBSSList->byReplayIdx));
	218	}
	219	}
	220	pBSSList->bWPAValid = TRUE;
	221	}
	222	}
	223
	224	/*+
	225	*
	226	* Description:
	227	* Search RSN information in BSSList.
	228	*
	229	* Parameters:
	230	* In:
	231	* byCmd - Search type
	232	* byEncrypt- Encrcypt Type
	233	* pBSSList - BSS list
	234	* Out:
	235	* none
	236	*
	237	* Return Value: none.
	238	*
	239	-*/
	240	BOOL
	241	WPA_SearchRSN (
	242	BYTE byCmd,
	243	BYTE byEncrypt,
3a215e0f	244	PKnownBSS pBSSList
5449c685 FB	245	)
	246	{
	247	int ii;
	248	BYTE byPKType = WPA_NONE;
	249
	250	if (pBSSList->bWPAValid == FALSE)
	251	return FALSE;
	252
	253	switch(byCmd) {
	254	case 0:
	255
	256	if (byEncrypt != pBSSList->byGKType)
	257	return FALSE;
	258
	259	if (pBSSList->wPKCount > 0) {
	260	for (ii = 0; ii < pBSSList->wPKCount; ii ++) {
	261	if (pBSSList->abyPKType[ii] == WPA_AESCCMP)
	262	byPKType = WPA_AESCCMP;
	263	else if ((pBSSList->abyPKType[ii] == WPA_TKIP) && (byPKType != WPA_AESCCMP))
	264	byPKType = WPA_TKIP;
	265	else if ((pBSSList->abyPKType[ii] == WPA_WEP40) && (byPKType != WPA_AESCCMP) && (byPKType != WPA_TKIP))
	266	byPKType = WPA_WEP40;
	267	else if ((pBSSList->abyPKType[ii] == WPA_WEP104) && (byPKType != WPA_AESCCMP) && (byPKType != WPA_TKIP))
	268	byPKType = WPA_WEP104;
	269	}
	270	if (byEncrypt != byPKType)
	271	return FALSE;
	272	}
	273	return TRUE;
	274	// if (pBSSList->wAuthCount > 0)
	275	// for (ii=0; ii < pBSSList->wAuthCount; ii ++)
	276	// if (byAuth == pBSSList->abyAuthType[ii])
	277	// break;
	278	break;
	279
	280	default:
	281	break;
	282	}
	283	return FALSE;
	284	}
	285
	286	/*+
	287	*
	288	* Description:
	289	* Check if RSN IE makes sense.
	290	*
	291	* Parameters:
	292	* In:
	293	* pRSN - Pointer to the RSN IE.
	294	* Out:
	295	* none
	296	*
	297	* Return Value: none.
	298	*
	299	-*/
	300	BOOL
	301	WPAb_Is_RSN (
3a215e0f	302	PWLAN_IE_RSN_EXT pRSN
5449c685 FB	303	)
	304	{
	305	if (pRSN == NULL)
	306	return FALSE;
	307
	308	if ((pRSN->len >= 6) && // oui1(4)+ver(2)
51b6d9c2	309	(pRSN->byElementID == WLAN_EID_RSN_WPA) && !memcmp(pRSN->abyOUI, abyOUI01, 4) &&
5449c685 FB	310	(pRSN->wVersion == 1)) {
	311	return TRUE;
	312	}
	313	else
	314	return FALSE;
	315	}
	316