Commit | Line | Data |
---|---|---|
92b96797 FB |
1 | /* |
2 | * Copyright (c) 1996, 2003 VIA Networking Technologies, Inc. | |
3 | * All rights reserved. | |
4 | * | |
5 | * This program is free software; you can redistribute it and/or modify | |
6 | * it under the terms of the GNU General Public License as published by | |
7 | * the Free Software Foundation; either version 2 of the License, or | |
8 | * (at your option) any later version. | |
9 | * | |
10 | * This program is distributed in the hope that it will be useful, | |
11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | |
12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
13 | * GNU General Public License for more details. | |
14 | * | |
15 | * You should have received a copy of the GNU General Public License along | |
16 | * with this program; if not, write to the Free Software Foundation, Inc., | |
17 | * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. | |
18 | * | |
19 | * | |
20 | * File: wpa2.c | |
21 | * | |
22 | * Purpose: Handles the Basic Service Set & Node Database functions | |
23 | * | |
24 | * Functions: | |
25 | * | |
26 | * Revision History: | |
27 | * | |
28 | * Author: Yiching Chen | |
29 | * | |
30 | * Date: Oct. 4, 2004 | |
31 | * | |
32 | */ | |
9d26d60f | 33 | |
92b96797 | 34 | #include "device.h" |
11d404cb | 35 | #include "wpa2.h" |
92b96797 FB |
36 | |
37 | /*--------------------- Static Definitions -------------------------*/ | |
38 | static int msglevel =MSG_LEVEL_INFO; | |
39 | //static int msglevel =MSG_LEVEL_DEBUG; | |
40 | /*--------------------- Static Classes ----------------------------*/ | |
41 | ||
42 | /*--------------------- Static Variables --------------------------*/ | |
43 | ||
44 | const BYTE abyOUIGK[4] = { 0x00, 0x0F, 0xAC, 0x00 }; | |
45 | const BYTE abyOUIWEP40[4] = { 0x00, 0x0F, 0xAC, 0x01 }; | |
46 | const BYTE abyOUIWEP104[4] = { 0x00, 0x0F, 0xAC, 0x05 }; | |
47 | const BYTE abyOUITKIP[4] = { 0x00, 0x0F, 0xAC, 0x02 }; | |
48 | const BYTE abyOUICCMP[4] = { 0x00, 0x0F, 0xAC, 0x04 }; | |
49 | ||
50 | const BYTE abyOUI8021X[4] = { 0x00, 0x0F, 0xAC, 0x01 }; | |
51 | const BYTE abyOUIPSK[4] = { 0x00, 0x0F, 0xAC, 0x02 }; | |
52 | ||
53 | ||
54 | /*--------------------- Static Functions --------------------------*/ | |
55 | ||
56 | /*--------------------- Export Variables --------------------------*/ | |
57 | ||
58 | /*--------------------- Export Functions --------------------------*/ | |
59 | ||
60 | /*+ | |
61 | * | |
62 | * Description: | |
63 | * Clear RSN information in BSSList. | |
64 | * | |
65 | * Parameters: | |
66 | * In: | |
67 | * pBSSNode - BSS list. | |
68 | * Out: | |
69 | * none | |
70 | * | |
71 | * Return Value: none. | |
72 | * | |
73 | -*/ | |
8611a29a | 74 | void |
92b96797 | 75 | WPA2_ClearRSN ( |
592ccfeb | 76 | PKnownBSS pBSSNode |
92b96797 FB |
77 | ) |
78 | { | |
79 | int ii; | |
80 | ||
81 | pBSSNode->bWPA2Valid = FALSE; | |
82 | ||
83 | pBSSNode->byCSSGK = WLAN_11i_CSS_CCMP; | |
84 | for (ii=0; ii < 4; ii ++) | |
85 | pBSSNode->abyCSSPK[ii] = WLAN_11i_CSS_CCMP; | |
86 | pBSSNode->wCSSPKCount = 1; | |
87 | for (ii=0; ii < 4; ii ++) | |
88 | pBSSNode->abyAKMSSAuthType[ii] = WLAN_11i_AKMSS_802_1X; | |
89 | pBSSNode->wAKMSSAuthCount = 1; | |
90 | pBSSNode->sRSNCapObj.bRSNCapExist = FALSE; | |
91 | pBSSNode->sRSNCapObj.wRSNCap = 0; | |
92 | } | |
93 | ||
94 | /*+ | |
95 | * | |
96 | * Description: | |
97 | * Parse RSN IE. | |
98 | * | |
99 | * Parameters: | |
100 | * In: | |
101 | * pBSSNode - BSS list. | |
102 | * pRSN - Pointer to the RSN IE. | |
103 | * Out: | |
104 | * none | |
105 | * | |
106 | * Return Value: none. | |
107 | * | |
108 | -*/ | |
8611a29a | 109 | void |
92b96797 | 110 | WPA2vParseRSN ( |
592ccfeb AM |
111 | PKnownBSS pBSSNode, |
112 | PWLAN_IE_RSN pRSN | |
92b96797 FB |
113 | ) |
114 | { | |
115 | int i, j; | |
116 | WORD m = 0, n = 0; | |
117 | PBYTE pbyOUI; | |
dfdcc425 | 118 | bool bUseGK = FALSE; |
92b96797 FB |
119 | |
120 | DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"WPA2_ParseRSN: [%d]\n", pRSN->len); | |
121 | ||
122 | WPA2_ClearRSN(pBSSNode); | |
123 | ||
124 | if (pRSN->len == 2) { // ver(2) | |
125 | if ((pRSN->byElementID == WLAN_EID_RSN) && (pRSN->wVersion == 1)) { | |
126 | pBSSNode->bWPA2Valid = TRUE; | |
127 | } | |
128 | return; | |
129 | } | |
130 | ||
131 | if (pRSN->len < 6) { // ver(2) + GK(4) | |
132 | // invalid CSS, P802.11i/D10.0, p31 | |
133 | return; | |
134 | } | |
135 | ||
136 | // information element header makes sense | |
137 | if ((pRSN->byElementID == WLAN_EID_RSN) && | |
138 | (pRSN->wVersion == 1)) { | |
139 | ||
140 | DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"Legal 802.11i RSN\n"); | |
141 | ||
142 | pbyOUI = &(pRSN->abyRSN[0]); | |
3e362598 | 143 | if ( !memcmp(pbyOUI, abyOUIWEP40, 4)) |
92b96797 | 144 | pBSSNode->byCSSGK = WLAN_11i_CSS_WEP40; |
3e362598 | 145 | else if ( !memcmp(pbyOUI, abyOUITKIP, 4)) |
92b96797 | 146 | pBSSNode->byCSSGK = WLAN_11i_CSS_TKIP; |
3e362598 | 147 | else if ( !memcmp(pbyOUI, abyOUICCMP, 4)) |
92b96797 | 148 | pBSSNode->byCSSGK = WLAN_11i_CSS_CCMP; |
3e362598 | 149 | else if ( !memcmp(pbyOUI, abyOUIWEP104, 4)) |
92b96797 | 150 | pBSSNode->byCSSGK = WLAN_11i_CSS_WEP104; |
3e362598 | 151 | else if ( !memcmp(pbyOUI, abyOUIGK, 4)) { |
92b96797 FB |
152 | // invalid CSS, P802.11i/D10.0, p32 |
153 | return; | |
154 | } else | |
155 | // any vendor checks here | |
156 | pBSSNode->byCSSGK = WLAN_11i_CSS_UNKNOWN; | |
157 | ||
158 | DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"802.11i CSS: %X\n", pBSSNode->byCSSGK); | |
159 | ||
160 | if (pRSN->len == 6) { | |
161 | pBSSNode->bWPA2Valid = TRUE; | |
162 | return; | |
163 | } | |
164 | ||
165 | if (pRSN->len >= 8) { // ver(2) + GK(4) + PK count(2) | |
166 | pBSSNode->wCSSPKCount = *((PWORD) &(pRSN->abyRSN[4])); | |
167 | j = 0; | |
168 | pbyOUI = &(pRSN->abyRSN[6]); | |
169 | ||
170 | for (i = 0; (i < pBSSNode->wCSSPKCount) && (j < sizeof(pBSSNode->abyCSSPK)/sizeof(BYTE)); i++) { | |
171 | ||
172 | if (pRSN->len >= 8+i*4+4) { // ver(2)+GK(4)+PKCnt(2)+PKS(4*i) | |
3e362598 | 173 | if ( !memcmp(pbyOUI, abyOUIGK, 4)) { |
92b96797 FB |
174 | pBSSNode->abyCSSPK[j++] = WLAN_11i_CSS_USE_GROUP; |
175 | bUseGK = TRUE; | |
3e362598 | 176 | } else if ( !memcmp(pbyOUI, abyOUIWEP40, 4)) { |
a0a1f61a | 177 | // Invalid CSS, continue parsing |
3e362598 | 178 | } else if ( !memcmp(pbyOUI, abyOUITKIP, 4)) { |
92b96797 FB |
179 | if (pBSSNode->byCSSGK != WLAN_11i_CSS_CCMP) |
180 | pBSSNode->abyCSSPK[j++] = WLAN_11i_CSS_TKIP; | |
181 | else | |
a0a1f61a | 182 | ; // Invalid CSS, continue parsing |
3e362598 | 183 | } else if ( !memcmp(pbyOUI, abyOUICCMP, 4)) { |
92b96797 | 184 | pBSSNode->abyCSSPK[j++] = WLAN_11i_CSS_CCMP; |
3e362598 | 185 | } else if ( !memcmp(pbyOUI, abyOUIWEP104, 4)) { |
a0a1f61a | 186 | // Invalid CSS, continue parsing |
92b96797 FB |
187 | } else { |
188 | // any vendor checks here | |
189 | pBSSNode->abyCSSPK[j++] = WLAN_11i_CSS_UNKNOWN; | |
190 | } | |
191 | pbyOUI += 4; | |
192 | DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"abyCSSPK[%d]: %X\n", j-1, pBSSNode->abyCSSPK[j-1]); | |
193 | } else | |
194 | break; | |
195 | } //for | |
196 | ||
197 | if (bUseGK == TRUE) { | |
198 | if (j != 1) { | |
199 | // invalid CSS, This should be only PK CSS. | |
200 | return; | |
201 | } | |
202 | if (pBSSNode->byCSSGK == WLAN_11i_CSS_CCMP) { | |
203 | // invalid CSS, If CCMP is enable , PK can't be CSSGK. | |
204 | return; | |
205 | } | |
206 | } | |
207 | if ((pBSSNode->wCSSPKCount != 0) && (j == 0)) { | |
208 | // invalid CSS, No valid PK. | |
209 | return; | |
210 | } | |
211 | pBSSNode->wCSSPKCount = (WORD)j; | |
212 | DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"wCSSPKCount: %d\n", pBSSNode->wCSSPKCount); | |
213 | } | |
214 | ||
215 | m = *((PWORD) &(pRSN->abyRSN[4])); | |
216 | ||
217 | if (pRSN->len >= 10+m*4) { // ver(2) + GK(4) + PK count(2) + PKS(4*m) + AKMSS count(2) | |
859171ca | 218 | pBSSNode->wAKMSSAuthCount = *((PWORD) &(pRSN->abyRSN[6+4*m])); |
92b96797 FB |
219 | j = 0; |
220 | pbyOUI = &(pRSN->abyRSN[8+4*m]); | |
221 | for (i = 0; (i < pBSSNode->wAKMSSAuthCount) && (j < sizeof(pBSSNode->abyAKMSSAuthType)/sizeof(BYTE)); i++) { | |
222 | if (pRSN->len >= 10+(m+i)*4+4) { // ver(2)+GK(4)+PKCnt(2)+PKS(4*m)+AKMSS(2)+AKS(4*i) | |
3e362598 | 223 | if ( !memcmp(pbyOUI, abyOUI8021X, 4)) |
92b96797 | 224 | pBSSNode->abyAKMSSAuthType[j++] = WLAN_11i_AKMSS_802_1X; |
3e362598 | 225 | else if ( !memcmp(pbyOUI, abyOUIPSK, 4)) |
92b96797 FB |
226 | pBSSNode->abyAKMSSAuthType[j++] = WLAN_11i_AKMSS_PSK; |
227 | else | |
228 | // any vendor checks here | |
229 | pBSSNode->abyAKMSSAuthType[j++] = WLAN_11i_AKMSS_UNKNOWN; | |
230 | DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"abyAKMSSAuthType[%d]: %X\n", j-1, pBSSNode->abyAKMSSAuthType[j-1]); | |
231 | } else | |
232 | break; | |
233 | } | |
234 | pBSSNode->wAKMSSAuthCount = (WORD)j; | |
235 | DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"wAKMSSAuthCount: %d\n", pBSSNode->wAKMSSAuthCount); | |
236 | ||
859171ca | 237 | n = *((PWORD) &(pRSN->abyRSN[6+4*m])); |
92b96797 FB |
238 | if (pRSN->len >= 12+4*m+4*n) { // ver(2)+GK(4)+PKCnt(2)+PKS(4*m)+AKMSSCnt(2)+AKMSS(4*n)+Cap(2) |
239 | pBSSNode->sRSNCapObj.bRSNCapExist = TRUE; | |
240 | pBSSNode->sRSNCapObj.wRSNCap = *((PWORD) &(pRSN->abyRSN[8+4*m+4*n])); | |
241 | } | |
242 | } | |
243 | //ignore PMKID lists bcs only (Re)Assocrequest has this field | |
244 | pBSSNode->bWPA2Valid = TRUE; | |
245 | } | |
246 | } | |
247 | ||
248 | ||
249 | /*+ | |
250 | * | |
251 | * Description: | |
252 | * Set WPA IEs | |
253 | * | |
254 | * Parameters: | |
255 | * In: | |
256 | * pMgmtHandle - Pointer to management object | |
257 | * Out: | |
258 | * pRSNIEs - Pointer to the RSN IE to set. | |
259 | * | |
260 | * Return Value: length of IEs. | |
261 | * | |
262 | -*/ | |
d56131de | 263 | unsigned int WPA2uSetIEs(void *pMgmtHandle, PWLAN_IE_RSN pRSNIEs) |
92b96797 | 264 | { |
d56131de MP |
265 | struct vnt_manager *pMgmt = (struct vnt_manager *)pMgmtHandle; |
266 | u8 *pbyBuffer = NULL; | |
267 | int ii = 0; | |
268 | u16 *pwPMKID = NULL; | |
269 | ||
270 | if (pRSNIEs == NULL) | |
271 | return 0; | |
92b96797 | 272 | |
92b96797 FB |
273 | if (((pMgmt->eAuthenMode == WMAC_AUTH_WPA2) || |
274 | (pMgmt->eAuthenMode == WMAC_AUTH_WPA2PSK)) && | |
275 | (pMgmt->pCurrBSS != NULL)) { | |
276 | /* WPA2 IE */ | |
277 | pbyBuffer = (PBYTE) pRSNIEs; | |
278 | pRSNIEs->byElementID = WLAN_EID_RSN; | |
279 | pRSNIEs->len = 6; //Version(2)+GK(4) | |
280 | pRSNIEs->wVersion = 1; | |
281 | //Group Key Cipher Suite | |
282 | pRSNIEs->abyRSN[0] = 0x00; | |
283 | pRSNIEs->abyRSN[1] = 0x0F; | |
284 | pRSNIEs->abyRSN[2] = 0xAC; | |
285 | if (pMgmt->byCSSGK == KEY_CTL_WEP) { | |
286 | pRSNIEs->abyRSN[3] = pMgmt->pCurrBSS->byCSSGK; | |
287 | } else if (pMgmt->byCSSGK == KEY_CTL_TKIP) { | |
288 | pRSNIEs->abyRSN[3] = WLAN_11i_CSS_TKIP; | |
289 | } else if (pMgmt->byCSSGK == KEY_CTL_CCMP) { | |
290 | pRSNIEs->abyRSN[3] = WLAN_11i_CSS_CCMP; | |
291 | } else { | |
292 | pRSNIEs->abyRSN[3] = WLAN_11i_CSS_UNKNOWN; | |
293 | } | |
294 | ||
295 | // Pairwise Key Cipher Suite | |
296 | pRSNIEs->abyRSN[4] = 1; | |
297 | pRSNIEs->abyRSN[5] = 0; | |
298 | pRSNIEs->abyRSN[6] = 0x00; | |
299 | pRSNIEs->abyRSN[7] = 0x0F; | |
300 | pRSNIEs->abyRSN[8] = 0xAC; | |
301 | if (pMgmt->byCSSPK == KEY_CTL_TKIP) { | |
302 | pRSNIEs->abyRSN[9] = WLAN_11i_CSS_TKIP; | |
303 | } else if (pMgmt->byCSSPK == KEY_CTL_CCMP) { | |
304 | pRSNIEs->abyRSN[9] = WLAN_11i_CSS_CCMP; | |
305 | } else if (pMgmt->byCSSPK == KEY_CTL_NONE) { | |
306 | pRSNIEs->abyRSN[9] = WLAN_11i_CSS_USE_GROUP; | |
307 | } else { | |
308 | pRSNIEs->abyRSN[9] = WLAN_11i_CSS_UNKNOWN; | |
309 | } | |
310 | pRSNIEs->len += 6; | |
311 | ||
312 | // Auth Key Management Suite | |
313 | pRSNIEs->abyRSN[10] = 1; | |
314 | pRSNIEs->abyRSN[11] = 0; | |
315 | pRSNIEs->abyRSN[12] = 0x00; | |
316 | pRSNIEs->abyRSN[13] = 0x0F; | |
317 | pRSNIEs->abyRSN[14] = 0xAC; | |
318 | if (pMgmt->eAuthenMode == WMAC_AUTH_WPA2PSK) { | |
319 | pRSNIEs->abyRSN[15] = WLAN_11i_AKMSS_PSK; | |
320 | } else if (pMgmt->eAuthenMode == WMAC_AUTH_WPA2) { | |
321 | pRSNIEs->abyRSN[15] = WLAN_11i_AKMSS_802_1X; | |
322 | } else { | |
323 | pRSNIEs->abyRSN[15] = WLAN_11i_AKMSS_UNKNOWN; | |
324 | } | |
325 | pRSNIEs->len +=6; | |
326 | ||
327 | // RSN Capabilites | |
328 | if (pMgmt->pCurrBSS->sRSNCapObj.bRSNCapExist == TRUE) { | |
3e362598 | 329 | memcpy(&pRSNIEs->abyRSN[16], &pMgmt->pCurrBSS->sRSNCapObj.wRSNCap, 2); |
92b96797 FB |
330 | } else { |
331 | pRSNIEs->abyRSN[16] = 0; | |
332 | pRSNIEs->abyRSN[17] = 0; | |
333 | } | |
334 | pRSNIEs->len +=2; | |
335 | ||
9a0e756c AM |
336 | if ((pMgmt->gsPMKIDCache.BSSIDInfoCount > 0) && |
337 | (pMgmt->bRoaming == TRUE) && | |
92b96797 | 338 | (pMgmt->eAuthenMode == WMAC_AUTH_WPA2)) { |
9a0e756c AM |
339 | /* RSN PMKID, pointer to PMKID count */ |
340 | pwPMKID = (PWORD)(&pRSNIEs->abyRSN[18]); | |
341 | *pwPMKID = 0; /* Initialize PMKID count */ | |
342 | pbyBuffer = &pRSNIEs->abyRSN[20]; /* Point to PMKID list */ | |
343 | for (ii = 0; ii < pMgmt->gsPMKIDCache.BSSIDInfoCount; ii++) { | |
344 | if (!memcmp(&pMgmt-> | |
345 | gsPMKIDCache.BSSIDInfo[ii].abyBSSID[0], | |
346 | pMgmt->abyCurrBSSID, | |
347 | ETH_ALEN)) { | |
348 | (*pwPMKID)++; | |
349 | memcpy(pbyBuffer, | |
350 | pMgmt->gsPMKIDCache.BSSIDInfo[ii].abyPMKID, | |
351 | 16); | |
352 | pbyBuffer += 16; | |
353 | } | |
354 | } | |
92b96797 FB |
355 | if (*pwPMKID != 0) { |
356 | pRSNIEs->len += (2 + (*pwPMKID)*16); | |
357 | } else { | |
358 | pbyBuffer = &pRSNIEs->abyRSN[18]; | |
359 | } | |
360 | } | |
361 | return(pRSNIEs->len + WLAN_IEHDR_LEN); | |
362 | } | |
363 | return(0); | |
364 | } |