2 ** $Id: //Department/DaVinci/BRANCHES/MT6620_WIFI_DRIVER_V2_3/mgmt/rsn.c#3 $
6 \brief This file including the 802.11i, wpa and wpa2(rsn) related function.
8 This file provided the macros and functions library support the wpa/rsn ie parsing,
9 cipher and AKM check to help the AP seleced deciding, tkip mic error handler and rsn PMKID support.
17 ** 08 13 2013 terry.wu
18 ** [BORA00002207] [MT6630 Wi-Fi] TXM & MQM Implementation
22 ** [BORA00002446] [MT6630] [Wi-Fi] [Driver] Update the security function code
23 ** update some debug code
26 ** [BORA00002446] [MT6630] [Wi-Fi] [Driver] Update the security function code
27 ** Modify some security code for 11w and p2p
30 ** [BORA00002446] [MT6630] [Wi-Fi] [Driver] Update the security function code
31 ** Sync the latest jb2.mp 11w code as draft version
32 ** Not the CM bit for avoid wapi 1x drop at re-key
35 ** [BORA00002446] [MT6630] [Wi-Fi] [Driver] Update the security function code
36 ** Add some debug code, fixed some compiling warning
38 ** 03 12 2013 tsaiyuan.hsu
39 ** [BORA00002222] MT6630 unified MAC RXM
40 ** add rx data and mangement processing.
43 ** [BORA00002446] [MT6630] [Wi-Fi] [Driver] Update the security function code
44 ** Remove non-used compiling flag and code
47 ** [BORA00002227] [MT6630 Wi-Fi][Driver] Update for Makefile and HIFSYS modifications
48 ** take use of GET_BSS_INFO_BY_INDEX() and MAX_BSS_INDEX macros
49 ** for correctly indexing of BSS-INFO pointers
52 ** [BORA00002253] [MT6630 Wi-Fi][Driver][Firmware] Add NLO and timeout mechanism to SCN module
53 ** modification for ucBssIndex migration
55 ** 09 17 2012 cm.chang
56 ** [BORA00002149] [MT6630 Wi-Fi] Initial software development
57 ** Duplicate source from MT6620 v2.3 driver branch
58 ** (Davinci label: MT6620_WIFI_Driver_V2_3_120913_1942_As_MT6630_Base)
61 ** [WCXRP00001269] [MT6620 Wi-Fi][Driver] cfg80211 porting merge back to DaVinci
65 ** [WCXRP00001269] [MT6620 Wi-Fi][Driver] cfg80211 porting merge back to DaVinci
66 ** cfg80211 support merge back from ALPS.JB to DaVinci - MT6620 Driver v2.3 branch.
68 * 07 17 2012 yuche.tsai
70 * Compile no error before trial run.
72 * 03 09 2012 chinglan.wang
74 * Fix the condition error.
78 * Snc CFG80211 modification for ICS migration from branch 2.2.
82 * Sync CFG80211 modification from branch 2,2.
85 * [WCXRP00001078] [MT6620 Wi-Fi][Driver] Adding the mediatek log improment support : XLOG
86 * modify the xlog related code.
89 * [WCXRP00001078] [MT6620 Wi-Fi][Driver] Adding the mediatek log improment support : XLOG
90 * change the debug module level.
93 * [WCXRP00001036] [MT6620 Wi-Fi][Driver][FW] Adding the 802.11w code for MFP
94 * adding the 802.11w related function and define .
96 * 03 17 2011 chinglan.wang
97 * [WCXRP00000570] [MT6620 Wi-Fi][Driver] Add Wi-Fi Protected Setup v2.0 feature
101 * [WCXRP00000432] [MT6620 Wi-Fi][Driver] Add STA privacy check at hotspot mode
102 * adding the code for check STA privacy bit at AP mode, .
104 * 12 24 2010 chinglan.wang
106 * [MT6620][Wi-Fi] Modify the key management in the driver for WPS function.
109 * [WCXRP00000260] [MT6620 Wi-Fi][Driver][Firmware] Create V1.1 branch for both firmware and driver
110 * create branch for Wi-Fi driver v1.1
113 * [WCXRP00000165] [MT6620 Wi-Fi] [Pre-authentication] Assoc req rsn ie use wrong pmkid value
114 * fixed the.pmkid value mismatch issue
117 * [WCXRP00000124] [MT6620 Wi-Fi] [Driver] Support the dissolve P2P Group
118 * Refine the HT rate disallow TKIP pairwise cipher .
121 * [WCXRP00000077] [MT6620 Wi-Fi][Driver][FW] Eliminate use of ENUM_NETWORK_TYPE_T and replaced by ENUM_NETWORK_TYPE_INDEX_T only
122 * remove ENUM_NETWORK_TYPE_T definitions
124 * 09 29 2010 yuche.tsai
126 * Fix compile error, remove unused pointer in rsnGenerateRSNIE().
130 * [WCXRP00000069][MT6620 Wi-Fi][Driver] Fix some code for phase 1 P2P Demo.
134 * [WCXRP00005002][MT6620 Wi-Fi][Driver] Eliminate Linux Compile Warning.
138 * let the p2p can set the privacy bit at beacon and rsn ie at assoc req at key handshake state.
142 * remove non-used code.
146 * adding the tx pkt call back handle for countermeasure.
150 * .support the Wi-Fi RSN
154 * [WPD00003833] [MT6620 and MT5931] Driver migration - move to new repository.
157 * [WPD00003840][MT6620 5931] Security migration
158 * modify some code for concurrent network.
161 * [WPD00003833][MT6620 and MT5931] Driver migration
162 * [WPD00003833][MT6620 and MT5931] Driver migration
163 * enable RX management frame handling.
166 * [WPD00003840][MT6620 5931] Security migration
167 * consdier the concurrent network setting.
170 * [WPD00003840][MT6620 5931] Security migration
171 * [WPD00003840] [MT6620 5931] Security migration
172 * migration from firmware.
175 * [BORA00000637][MT6620 Wi-Fi] [Bug] WPA2 pre-authentication timer not correctly initialize
176 * not indiate pmkid candidate while no new one scaned.
179 * [BORA00000637][MT6620 Wi-Fi] [Bug] WPA2 pre-authentication timer not correctly initialize
180 * adjsut the pre-authentication code.
183 * [BORA00000637][MT6620 Wi-Fi] [Bug] WPA2 pre-authentication timer not correctly initialize
184 * move the AIS specific variable for security to AIS specific structure.
187 * [BORA00000637][MT6620 Wi-Fi] [Bug] WPA2 pre-authentication timer not correctly initialize
188 * Fixed the pre-authentication timer not correctly init issue, and modify the security related callback function prototype.
191 * [BORA00000476][Wi-Fi][firmware] Add the security module initialize code
192 * add and fixed some security function.
194 * 12 18 2009 cm.chang
195 * [BORA00000018]Integrate WIFI part into BORA for the 1st time
198 * Dec 8 2009 mtk01088
199 * [BORA00000476] [Wi-Fi][firmware] Add the security module initialize code
202 * Dec 7 2009 mtk01088
203 * [BORA00000476] [Wi-Fi][firmware] Add the security module initialize code
204 * using the Rx0 port to indicate event
206 * Dec 4 2009 mtk01088
207 * [BORA00000476] [Wi-Fi][firmware] Add the security module initialize code
208 * refine the code for generate the WPA/RSN IE for assoc req
210 * Dec 3 2009 mtk01088
211 * [BORA00000476] [Wi-Fi][firmware] Add the security module initialize code
212 * adjust code for pmkid event
214 * Dec 1 2009 mtk01088
215 * [BORA00000476] [Wi-Fi][firmware] Add the security module initialize code
216 * adding the code for event (mic error and pmkid indicate) and do some function rename
218 * Nov 23 2009 mtk01088
219 * [BORA00000476] [Wi-Fi][firmware] Add the security module initialize code
220 * adding some security function
222 * Nov 19 2009 mtk01088
223 * [BORA00000476] [Wi-Fi][firmware] Add the security module initialize code
224 * adding some security feature, including pmkid
226 * Nov 18 2009 mtk01088
227 * [BORA00000476] [Wi-Fi][firmware] Add the security module initialize code
232 /*******************************************************************************
233 * C O M P I L E R F L A G S
234 ********************************************************************************
237 /*******************************************************************************
238 * E X T E R N A L R E F E R E N C E S
239 ********************************************************************************
243 /*******************************************************************************
245 ********************************************************************************
248 /*******************************************************************************
250 ********************************************************************************
253 /*******************************************************************************
254 * P U B L I C D A T A
255 ********************************************************************************
258 /*******************************************************************************
259 * P R I V A T E D A T A
260 ********************************************************************************
263 /*******************************************************************************
265 ********************************************************************************
268 /*******************************************************************************
269 * F U N C T I O N D E C L A R A T I O N S
270 ********************************************************************************
273 /*******************************************************************************
275 ********************************************************************************
278 /*----------------------------------------------------------------------------*/
280 * \brief This routine is called to parse RSN IE.
282 * \param[in] prInfoElem Pointer to the RSN IE
283 * \param[out] prRsnInfo Pointer to the BSSDescription structure to store the
284 ** RSN information from the given RSN IE
286 * \retval TRUE - Succeeded
287 * \retval FALSE - Failed
289 /*----------------------------------------------------------------------------*/
291 rsnParseRsnIE(IN P_ADAPTER_T prAdapter
, IN P_RSN_INFO_ELEM_T prInfoElem
, OUT P_RSN_INFO_T prRsnInfo
)
294 INT_32 u4RemainRsnIeLen
;
297 UINT_32 u4GroupSuite
= RSN_CIPHER_SUITE_CCMP
;
298 UINT_16 u2PairSuiteCount
= 0;
299 UINT_16 u2AuthSuiteCount
= 0;
300 PUINT_8 pucPairSuite
= NULL
;
301 PUINT_8 pucAuthSuite
= NULL
;
304 DEBUGFUNC("rsnParseRsnIE");
309 /* Verify the length of the RSN IE. */
310 if (prInfoElem
->ucLength
< 2) {
311 DBGLOG(RSN
, TRACE
, ("RSN IE length too short (length=%d)\n", prInfoElem
->ucLength
));
315 /* Check RSN version: currently, we only support version 1. */
316 WLAN_GET_FIELD_16(&prInfoElem
->u2Version
, &u2Version
);
317 if (u2Version
!= 1) {
318 DBGLOG(RSN
, TRACE
, ("Unsupported RSN IE version: %d\n", u2Version
));
322 cp
= (PUCHAR
) & prInfoElem
->u4GroupKeyCipherSuite
;
323 u4RemainRsnIeLen
= (INT_32
) prInfoElem
->ucLength
- 2;
326 if (u4RemainRsnIeLen
== 0) {
330 /* Parse the Group Key Cipher Suite field. */
331 if (u4RemainRsnIeLen
< 4) {
333 ("Fail to parse RSN IE in group cipher suite (IE len: %d)\n",
334 prInfoElem
->ucLength
));
338 WLAN_GET_FIELD_32(cp
, &u4GroupSuite
);
340 u4RemainRsnIeLen
-= 4;
342 if (u4RemainRsnIeLen
== 0) {
346 /* Parse the Pairwise Key Cipher Suite Count field. */
347 if (u4RemainRsnIeLen
< 2) {
349 ("Fail to parse RSN IE in pairwise cipher suite count (IE len: %d)\n",
350 prInfoElem
->ucLength
));
354 WLAN_GET_FIELD_16(cp
, &u2PairSuiteCount
);
356 u4RemainRsnIeLen
-= 2;
358 /* Parse the Pairwise Key Cipher Suite List field. */
359 i
= (UINT_32
) u2PairSuiteCount
* 4;
360 if (u4RemainRsnIeLen
< (INT_32
) i
) {
362 ("Fail to parse RSN IE in pairwise cipher suite list (IE len: %d)\n",
363 prInfoElem
->ucLength
));
370 u4RemainRsnIeLen
-= (INT_32
) i
;
372 if (u4RemainRsnIeLen
== 0) {
376 /* Parse the Authentication and Key Management Cipher Suite Count field. */
377 if (u4RemainRsnIeLen
< 2) {
379 ("Fail to parse RSN IE in auth & key mgt suite count (IE len: %d)\n",
380 prInfoElem
->ucLength
));
384 WLAN_GET_FIELD_16(cp
, &u2AuthSuiteCount
);
386 u4RemainRsnIeLen
-= 2;
388 /* Parse the Authentication and Key Management Cipher Suite List
390 i
= (UINT_32
) u2AuthSuiteCount
* 4;
391 if (u4RemainRsnIeLen
< (INT_32
) i
) {
393 ("Fail to parse RSN IE in auth & key mgt suite list (IE len: %d)\n",
394 prInfoElem
->ucLength
));
401 u4RemainRsnIeLen
-= (INT_32
) i
;
403 if (u4RemainRsnIeLen
== 0) {
407 /* Parse the RSN u2Capabilities field. */
408 if (u4RemainRsnIeLen
< 2) {
410 ("Fail to parse RSN IE in RSN capabilities (IE len: %d)\n",
411 prInfoElem
->ucLength
));
415 WLAN_GET_FIELD_16(cp
, &u2Cap
);
418 /* Save the RSN information for the BSS. */
419 prRsnInfo
->ucElemId
= ELEM_ID_RSN
;
421 prRsnInfo
->u2Version
= u2Version
;
423 prRsnInfo
->u4GroupKeyCipherSuite
= u4GroupSuite
;
425 DBGLOG(RSN
, LOUD
, ("RSN: version %d, group key cipher suite %02x-%02x-%02x-%02x\n",
426 u2Version
, (UCHAR
) (u4GroupSuite
& 0x000000FF),
427 (UCHAR
) ((u4GroupSuite
>> 8) & 0x000000FF),
428 (UCHAR
) ((u4GroupSuite
>> 16) & 0x000000FF),
429 (UCHAR
) ((u4GroupSuite
>> 24) & 0x000000FF)));
432 /* The information about the pairwise key cipher suites is present. */
433 if (u2PairSuiteCount
> MAX_NUM_SUPPORTED_CIPHER_SUITES
) {
434 u2PairSuiteCount
= MAX_NUM_SUPPORTED_CIPHER_SUITES
;
437 prRsnInfo
->u4PairwiseKeyCipherSuiteCount
= (UINT_32
) u2PairSuiteCount
;
439 for (i
= 0; i
< (UINT_32
) u2PairSuiteCount
; i
++) {
440 WLAN_GET_FIELD_32(pucPairSuite
, &prRsnInfo
->au4PairwiseKeyCipherSuite
[i
]);
444 ("RSN: pairwise key cipher suite [%d]: %02x-%02x-%02x-%02x\n",
446 (UCHAR
) (prRsnInfo
->au4PairwiseKeyCipherSuite
[i
] & 0x000000FF),
447 (UCHAR
) ((prRsnInfo
->
448 au4PairwiseKeyCipherSuite
[i
] >> 8) & 0x000000FF),
449 (UCHAR
) ((prRsnInfo
->
450 au4PairwiseKeyCipherSuite
[i
] >> 16) & 0x000000FF),
451 (UCHAR
) ((prRsnInfo
->
452 au4PairwiseKeyCipherSuite
[i
] >> 24) & 0x000000FF)));
455 /* The information about the pairwise key cipher suites is not present.
456 Use the default chipher suite for RSN: CCMP. */
457 prRsnInfo
->u4PairwiseKeyCipherSuiteCount
= 1;
458 prRsnInfo
->au4PairwiseKeyCipherSuite
[0] = RSN_CIPHER_SUITE_CCMP
;
461 ("RSN: pairwise key cipher suite: %02x-%02x-%02x-%02x (default)\n",
462 (UCHAR
) (prRsnInfo
->au4PairwiseKeyCipherSuite
[0] & 0x000000FF),
463 (UCHAR
) ((prRsnInfo
->au4PairwiseKeyCipherSuite
[0] >> 8) & 0x000000FF),
464 (UCHAR
) ((prRsnInfo
->au4PairwiseKeyCipherSuite
[0] >> 16) & 0x000000FF),
465 (UCHAR
) ((prRsnInfo
->au4PairwiseKeyCipherSuite
[0] >> 24) & 0x000000FF)));
469 /* The information about the authentication and key management suites
471 if (u2AuthSuiteCount
> MAX_NUM_SUPPORTED_AKM_SUITES
) {
472 u2AuthSuiteCount
= MAX_NUM_SUPPORTED_AKM_SUITES
;
475 prRsnInfo
->u4AuthKeyMgtSuiteCount
= (UINT_32
) u2AuthSuiteCount
;
477 for (i
= 0; i
< (UINT_32
) u2AuthSuiteCount
; i
++) {
478 WLAN_GET_FIELD_32(pucAuthSuite
, &prRsnInfo
->au4AuthKeyMgtSuite
[i
]);
481 DBGLOG(RSN
, LOUD
, ("RSN: AKM suite [%d]: %02x-%02x-%02x-%02x\n",
483 (UCHAR
) (prRsnInfo
->au4AuthKeyMgtSuite
[i
] & 0x000000FF),
484 (UCHAR
) ((prRsnInfo
->
485 au4AuthKeyMgtSuite
[i
] >> 8) & 0x000000FF),
486 (UCHAR
) ((prRsnInfo
->
487 au4AuthKeyMgtSuite
[i
] >> 16) & 0x000000FF),
488 (UCHAR
) ((prRsnInfo
->
489 au4AuthKeyMgtSuite
[i
] >> 24) & 0x000000FF)));
492 /* The information about the authentication and key management suites
493 is not present. Use the default AKM suite for RSN. */
494 prRsnInfo
->u4AuthKeyMgtSuiteCount
= 1;
495 prRsnInfo
->au4AuthKeyMgtSuite
[0] = RSN_AKM_SUITE_802_1X
;
497 DBGLOG(RSN
, LOUD
, ("RSN: AKM suite: %02x-%02x-%02x-%02x (default)\n",
498 (UCHAR
) (prRsnInfo
->au4AuthKeyMgtSuite
[0] & 0x000000FF),
499 (UCHAR
) ((prRsnInfo
->au4AuthKeyMgtSuite
[0] >> 8) & 0x000000FF),
500 (UCHAR
) ((prRsnInfo
->au4AuthKeyMgtSuite
[0] >> 16) & 0x000000FF),
501 (UCHAR
) ((prRsnInfo
->
502 au4AuthKeyMgtSuite
[0] >> 24) & 0x000000FF)));
505 prRsnInfo
->u2RsnCap
= u2Cap
;
506 prRsnInfo
->fgRsnCapPresent
= TRUE
;
507 DBGLOG(RSN
, LOUD
, ("RSN cap: 0x%04x\n", prRsnInfo
->u2RsnCap
));
510 } /* rsnParseRsnIE */
513 /*----------------------------------------------------------------------------*/
515 * \brief This routine is called to parse WPA IE.
517 * \param[in] prInfoElem Pointer to the WPA IE.
518 * \param[out] prWpaInfo Pointer to the BSSDescription structure to store the
519 * WPA information from the given WPA IE.
521 * \retval TRUE Succeeded.
522 * \retval FALSE Failed.
524 /*----------------------------------------------------------------------------*/
526 rsnParseWpaIE(IN P_ADAPTER_T prAdapter
, IN P_WPA_INFO_ELEM_T prInfoElem
, OUT P_RSN_INFO_T prWpaInfo
)
529 INT_32 u4RemainWpaIeLen
;
532 UINT_32 u4GroupSuite
= WPA_CIPHER_SUITE_TKIP
;
533 UINT_16 u2PairSuiteCount
= 0;
534 UINT_16 u2AuthSuiteCount
= 0;
535 PUCHAR pucPairSuite
= NULL
;
536 PUCHAR pucAuthSuite
= NULL
;
538 BOOLEAN fgCapPresent
= FALSE
;
540 DEBUGFUNC("rsnParseWpaIE");
545 /* Verify the length of the WPA IE. */
546 if (prInfoElem
->ucLength
< 6) {
547 DBGLOG(RSN
, TRACE
, ("WPA IE length too short (length=%d)\n", prInfoElem
->ucLength
));
551 /* Check WPA version: currently, we only support version 1. */
552 WLAN_GET_FIELD_16(&prInfoElem
->u2Version
, &u2Version
);
553 if (u2Version
!= 1) {
554 DBGLOG(RSN
, TRACE
, ("Unsupported WPA IE version: %d\n", u2Version
));
558 cp
= (PUCHAR
) &prInfoElem
->u4GroupKeyCipherSuite
;
559 u4RemainWpaIeLen
= (INT_32
) prInfoElem
->ucLength
- 6;
562 if (u4RemainWpaIeLen
== 0) {
570 PairwiseSuite: 4 * pairSuiteCount
572 AuthSuite : 4 * authSuiteCount
575 /* Parse the Group Key Cipher Suite field. */
576 if (u4RemainWpaIeLen
< 4) {
578 ("Fail to parse WPA IE in group cipher suite (IE len: %d)\n",
579 prInfoElem
->ucLength
));
583 WLAN_GET_FIELD_32(cp
, &u4GroupSuite
);
585 u4RemainWpaIeLen
-= 4;
587 if (u4RemainWpaIeLen
== 0) {
591 /* Parse the Pairwise Key Cipher Suite Count field. */
592 if (u4RemainWpaIeLen
< 2) {
594 ("Fail to parse WPA IE in pairwise cipher suite count (IE len: %d)\n",
595 prInfoElem
->ucLength
));
599 WLAN_GET_FIELD_16(cp
, &u2PairSuiteCount
);
601 u4RemainWpaIeLen
-= 2;
603 /* Parse the Pairwise Key Cipher Suite List field. */
604 i
= (UINT_32
) u2PairSuiteCount
* 4;
605 if (u4RemainWpaIeLen
< (INT_32
) i
) {
607 ("Fail to parse WPA IE in pairwise cipher suite list (IE len: %d)\n",
608 prInfoElem
->ucLength
));
615 u4RemainWpaIeLen
-= (INT_32
) i
;
617 if (u4RemainWpaIeLen
== 0) {
621 /* Parse the Authentication and Key Management Cipher Suite Count
623 if (u4RemainWpaIeLen
< 2) {
625 ("Fail to parse WPA IE in auth & key mgt suite count (IE len: %d)\n",
626 prInfoElem
->ucLength
));
630 WLAN_GET_FIELD_16(cp
, &u2AuthSuiteCount
);
632 u4RemainWpaIeLen
-= 2;
634 /* Parse the Authentication and Key Management Cipher Suite List
636 i
= (UINT_32
) u2AuthSuiteCount
* 4;
637 if (u4RemainWpaIeLen
< (INT_32
) i
) {
639 ("Fail to parse WPA IE in auth & key mgt suite list (IE len: %d)\n",
640 prInfoElem
->ucLength
));
647 u4RemainWpaIeLen
-= (INT_32
) i
;
649 if (u4RemainWpaIeLen
== 0) {
653 /* Parse the WPA u2Capabilities field. */
654 if (u4RemainWpaIeLen
< 2) {
656 ("Fail to parse WPA IE in WPA capabilities (IE len: %d)\n",
657 prInfoElem
->ucLength
));
662 WLAN_GET_FIELD_16(cp
, &u2Cap
);
663 u4RemainWpaIeLen
-= 2;
666 /* Save the WPA information for the BSS. */
668 prWpaInfo
->ucElemId
= ELEM_ID_WPA
;
670 prWpaInfo
->u2Version
= u2Version
;
672 prWpaInfo
->u4GroupKeyCipherSuite
= u4GroupSuite
;
674 DBGLOG(RSN
, LOUD
, ("WPA: version %d, group key cipher suite %02x-%02x-%02x-%02x\n",
675 u2Version
, (UCHAR
) (u4GroupSuite
& 0x000000FF),
676 (UCHAR
) ((u4GroupSuite
>> 8) & 0x000000FF),
677 (UCHAR
) ((u4GroupSuite
>> 16) & 0x000000FF),
678 (UCHAR
) ((u4GroupSuite
>> 24) & 0x000000FF)));
681 /* The information about the pairwise key cipher suites is present. */
682 if (u2PairSuiteCount
> MAX_NUM_SUPPORTED_CIPHER_SUITES
) {
683 u2PairSuiteCount
= MAX_NUM_SUPPORTED_CIPHER_SUITES
;
686 prWpaInfo
->u4PairwiseKeyCipherSuiteCount
= (UINT_32
) u2PairSuiteCount
;
688 for (i
= 0; i
< (UINT_32
) u2PairSuiteCount
; i
++) {
689 WLAN_GET_FIELD_32(pucPairSuite
, &prWpaInfo
->au4PairwiseKeyCipherSuite
[i
]);
693 ("WPA: pairwise key cipher suite [%d]: %02x-%02x-%02x-%02x\n",
695 (UCHAR
) (prWpaInfo
->au4PairwiseKeyCipherSuite
[i
] & 0x000000FF),
696 (UCHAR
) ((prWpaInfo
->
697 au4PairwiseKeyCipherSuite
[i
] >> 8) & 0x000000FF),
698 (UCHAR
) ((prWpaInfo
->
699 au4PairwiseKeyCipherSuite
[i
] >> 16) & 0x000000FF),
700 (UCHAR
) ((prWpaInfo
->
701 au4PairwiseKeyCipherSuite
[i
] >> 24) & 0x000000FF)));
704 /* The information about the pairwise key cipher suites is not present.
705 Use the default chipher suite for WPA: TKIP. */
706 prWpaInfo
->u4PairwiseKeyCipherSuiteCount
= 1;
707 prWpaInfo
->au4PairwiseKeyCipherSuite
[0] = WPA_CIPHER_SUITE_TKIP
;
710 ("WPA: pairwise key cipher suite: %02x-%02x-%02x-%02x (default)\n",
711 (UCHAR
) (prWpaInfo
->au4PairwiseKeyCipherSuite
[0] & 0x000000FF),
712 (UCHAR
) ((prWpaInfo
->au4PairwiseKeyCipherSuite
[0] >> 8) & 0x000000FF),
713 (UCHAR
) ((prWpaInfo
->au4PairwiseKeyCipherSuite
[0] >> 16) & 0x000000FF),
714 (UCHAR
) ((prWpaInfo
->au4PairwiseKeyCipherSuite
[0] >> 24) & 0x000000FF)));
718 /* The information about the authentication and key management suites
720 if (u2AuthSuiteCount
> MAX_NUM_SUPPORTED_AKM_SUITES
) {
721 u2AuthSuiteCount
= MAX_NUM_SUPPORTED_AKM_SUITES
;
724 prWpaInfo
->u4AuthKeyMgtSuiteCount
= (UINT_32
) u2AuthSuiteCount
;
726 for (i
= 0; i
< (UINT_32
) u2AuthSuiteCount
; i
++) {
727 WLAN_GET_FIELD_32(pucAuthSuite
, &prWpaInfo
->au4AuthKeyMgtSuite
[i
]);
730 DBGLOG(RSN
, LOUD
, ("WPA: AKM suite [%d]: %02x-%02x-%02x-%02x\n",
732 (UCHAR
) (prWpaInfo
->au4AuthKeyMgtSuite
[i
] & 0x000000FF),
733 (UCHAR
) ((prWpaInfo
->
734 au4AuthKeyMgtSuite
[i
] >> 8) & 0x000000FF),
735 (UCHAR
) ((prWpaInfo
->
736 au4AuthKeyMgtSuite
[i
] >> 16) & 0x000000FF),
737 (UCHAR
) ((prWpaInfo
->
738 au4AuthKeyMgtSuite
[i
] >> 24) & 0x000000FF)));
741 /* The information about the authentication and key management suites
742 is not present. Use the default AKM suite for WPA. */
743 prWpaInfo
->u4AuthKeyMgtSuiteCount
= 1;
744 prWpaInfo
->au4AuthKeyMgtSuite
[0] = WPA_AKM_SUITE_802_1X
;
746 DBGLOG(RSN
, LOUD
, ("WPA: AKM suite: %02x-%02x-%02x-%02x (default)\n",
747 (UCHAR
) (prWpaInfo
->au4AuthKeyMgtSuite
[0] & 0x000000FF),
748 (UCHAR
) ((prWpaInfo
->au4AuthKeyMgtSuite
[0] >> 8) & 0x000000FF),
749 (UCHAR
) ((prWpaInfo
->au4AuthKeyMgtSuite
[0] >> 16) & 0x000000FF),
750 (UCHAR
) ((prWpaInfo
->
751 au4AuthKeyMgtSuite
[0] >> 24) & 0x000000FF)));
755 prWpaInfo
->fgRsnCapPresent
= TRUE
;
756 prWpaInfo
->u2RsnCap
= u2Cap
;
757 DBGLOG(RSN
, LOUD
, ("WPA: RSN cap: 0x%04x\n", prWpaInfo
->u2RsnCap
));
759 prWpaInfo
->fgRsnCapPresent
= FALSE
;
760 prWpaInfo
->u2RsnCap
= 0;
764 } /* rsnParseWpaIE */
767 /*----------------------------------------------------------------------------*/
769 * \brief This routine is called to search the desired pairwise
770 * cipher suite from the MIB Pairwise Cipher Suite
771 * configuration table.
773 * \param[in] u4Cipher The desired pairwise cipher suite to be searched
774 * \param[out] pu4Index Pointer to the index of the desired pairwise cipher in
777 * \retval TRUE - The desired pairwise cipher suite is found in the table.
778 * \retval FALSE - The desired pairwise cipher suite is not found in the
781 /*----------------------------------------------------------------------------*/
783 rsnSearchSupportedCipher(IN P_ADAPTER_T prAdapter
, IN UINT_32 u4Cipher
, OUT PUINT_32 pu4Index
)
786 P_DOT11_RSNA_CONFIG_PAIRWISE_CIPHERS_ENTRY prEntry
;
788 DEBUGFUNC("rsnSearchSupportedCipher");
792 for (i
= 0; i
< MAX_NUM_SUPPORTED_CIPHER_SUITES
; i
++) {
793 prEntry
= &prAdapter
->rMib
.dot11RSNAConfigPairwiseCiphersTable
[i
];
794 if (prEntry
->dot11RSNAConfigPairwiseCipher
== u4Cipher
&&
795 prEntry
->dot11RSNAConfigPairwiseCipherEnabled
) {
801 } /* rsnSearchSupportedCipher */
804 /*----------------------------------------------------------------------------*/
806 * \brief Whether BSS RSN is matched from upper layer set.
808 * \param[in] prAdapter Pointer to the Adapter structure, BSS RSN Information
812 /*----------------------------------------------------------------------------*/
813 BOOLEAN
rsnIsSuitableBSS(IN P_ADAPTER_T prAdapter
, IN P_RSN_INFO_T prBssRsnInfo
)
817 DEBUGFUNC("rsnIsSuitableBSS");
821 if ((prAdapter
->rWifiVar
.rConnSettings
.rRsnInfo
.
822 u4GroupKeyCipherSuite
& 0x000000FF) !=
823 GET_SELECTOR_TYPE(prBssRsnInfo
->u4GroupKeyCipherSuite
)) {
824 DBGLOG(RSN
, TRACE
, ("Break by GroupKeyCipherSuite\n"));
827 for (i
= 0; i
< prBssRsnInfo
->u4PairwiseKeyCipherSuiteCount
; i
++) {
828 if (((prAdapter
->rWifiVar
.rConnSettings
.rRsnInfo
.
829 au4PairwiseKeyCipherSuite
[0] & 0x000000FF) !=
830 GET_SELECTOR_TYPE(prBssRsnInfo
->au4PairwiseKeyCipherSuite
[i
]))
831 && (i
== prBssRsnInfo
->u4PairwiseKeyCipherSuiteCount
- 1)) {
832 DBGLOG(RSN
, TRACE
, ("Break by PairwiseKeyCipherSuite\n"));
836 for (i
= 0; i
< prBssRsnInfo
->u4AuthKeyMgtSuiteCount
; i
++) {
837 if (((prAdapter
->rWifiVar
.rConnSettings
.rRsnInfo
.
838 au4AuthKeyMgtSuite
[0] & 0x000000FF) !=
839 GET_SELECTOR_TYPE(prBssRsnInfo
->au4AuthKeyMgtSuite
[0]))
840 && (i
== prBssRsnInfo
->u4AuthKeyMgtSuiteCount
- 1)) {
841 DBGLOG(RSN
, TRACE
, ("Break by AuthKeyMgtSuite\n"));
851 /*----------------------------------------------------------------------------*/
854 * \brief This routine is called to search the desired
855 * authentication and key management (AKM) suite from the
856 * MIB Authentication and Key Management Suites table.
858 * \param[in] u4AkmSuite The desired AKM suite to be searched
859 * \param[out] pu4Index Pointer to the index of the desired AKM suite in the
862 * \retval TRUE The desired AKM suite is found in the table.
863 * \retval FALSE The desired AKM suite is not found in the table.
867 /*----------------------------------------------------------------------------*/
868 BOOLEAN
rsnSearchAKMSuite(IN P_ADAPTER_T prAdapter
, IN UINT_32 u4AkmSuite
, OUT PUINT_32 pu4Index
)
871 P_DOT11_RSNA_CONFIG_AUTHENTICATION_SUITES_ENTRY prEntry
;
873 DEBUGFUNC("rsnSearchAKMSuite");
877 for (i
= 0; i
< MAX_NUM_SUPPORTED_AKM_SUITES
; i
++) {
878 prEntry
= &prAdapter
->rMib
.dot11RSNAConfigAuthenticationSuitesTable
[i
];
879 if (prEntry
->dot11RSNAConfigAuthenticationSuite
== u4AkmSuite
&&
880 prEntry
->dot11RSNAConfigAuthenticationSuiteEnabled
) {
886 } /* rsnSearchAKMSuite */
889 /*----------------------------------------------------------------------------*/
891 * \brief This routine is called to perform RSNA or TSN policy
892 * selection for a given BSS.
894 * \param[in] prBss Pointer to the BSS description
896 * \retval TRUE - The RSNA/TSN policy selection for the given BSS is
897 * successful. The selected pairwise and group cipher suites
898 * are returned in the BSS description.
899 * \retval FALSE - The RSNA/TSN policy selection for the given BSS is failed.
900 * The driver shall not attempt to join the given BSS.
902 * \note The Encrypt status matched score will save to bss for final ap select.
904 /*----------------------------------------------------------------------------*/
905 BOOLEAN
rsnPerformPolicySelection(IN P_ADAPTER_T prAdapter
, IN P_BSS_DESC_T prBss
)
907 #if CFG_SUPPORT_802_11W
913 BOOLEAN fgSuiteSupported
;
914 UINT_32 u4PairwiseCipher
= 0;
915 UINT_32 u4GroupCipher
= 0;
916 UINT_32 u4AkmSuite
= 0;
917 P_RSN_INFO_T prBssRsnInfo
;
919 BOOLEAN fgIsWpsActive
= (BOOLEAN
) FALSE
;
921 DEBUGFUNC("rsnPerformPolicySelection");
925 DBGLOG(RSN
, TRACE
, ("rsnPerformPolicySelection\n"));
927 ucBssIndex
= prAdapter
->prAisBssInfo
->ucBssIndex
;
929 prBss
->u4RsnSelectedPairwiseCipher
= 0;
930 prBss
->u4RsnSelectedGroupCipher
= 0;
931 prBss
->u4RsnSelectedAKMSuite
= 0;
932 prBss
->ucEncLevel
= 0;
935 fgIsWpsActive
= kalWSCGetActiveState(prAdapter
->prGlueInfo
);
937 /* CR1640, disable the AP select privacy check */
939 (prAdapter
->rWifiVar
.rConnSettings
.eAuthMode
< AUTH_MODE_WPA
) &&
940 (prAdapter
->rWifiVar
.rConnSettings
.eOPMode
== NET_TYPE_INFRA
)) {
941 DBGLOG(RSN
, INFO
, ("-- Skip the Protected BSS check\n"));
946 /* Protection is not required in this BSS. */
947 if ((prBss
->u2CapInfo
& CAP_INFO_PRIVACY
) == 0) {
949 if (secEnabledInAis(prAdapter
) == FALSE
) {
950 DBGLOG(RSN
, INFO
, ("-- No Protected BSS\n"));
953 DBGLOG(RSN
, INFO
, ("-- Protected BSS\n"));
958 /* Protection is required in this BSS. */
959 if ((prBss
->u2CapInfo
& CAP_INFO_PRIVACY
) != 0) {
960 if (secEnabledInAis(prAdapter
) == FALSE
) {
961 DBGLOG(RSN
, INFO
, ("-- Protected BSS\n"));
966 if (prAdapter
->rWifiVar
.rConnSettings
.eAuthMode
== AUTH_MODE_WPA
||
967 prAdapter
->rWifiVar
.rConnSettings
.eAuthMode
== AUTH_MODE_WPA_PSK
||
968 prAdapter
->rWifiVar
.rConnSettings
.eAuthMode
== AUTH_MODE_WPA_NONE
) {
970 if (prBss
->fgIEWPA
) {
971 prBssRsnInfo
= &prBss
->rWPAInfo
;
973 DBGLOG(RSN
, INFO
, ("WPA Information Element does not exist.\n"));
976 } else if (prAdapter
->rWifiVar
.rConnSettings
.eAuthMode
== AUTH_MODE_WPA2
||
977 prAdapter
->rWifiVar
.rConnSettings
.eAuthMode
== AUTH_MODE_WPA2_PSK
) {
979 if (prBss
->fgIERSN
) {
980 prBssRsnInfo
= &prBss
->rRSNInfo
;
982 DBGLOG(RSN
, INFO
, ("RSN Information Element does not exist.\n"));
985 } else if (prAdapter
->rWifiVar
.rConnSettings
.eEncStatus
!= ENUM_ENCRYPTION1_ENABLED
) {
986 /* If the driver is configured to use WEP only, ignore this BSS. */
987 DBGLOG(RSN
, INFO
, ("-- Not WEP-only legacy BSS\n"));
989 } else if (prAdapter
->rWifiVar
.rConnSettings
.eEncStatus
== ENUM_ENCRYPTION1_ENABLED
) {
990 /* If the driver is configured to use WEP only, use this BSS. */
991 DBGLOG(RSN
, INFO
, ("-- WEP-only legacy BSS\n"));
995 if (!rsnIsSuitableBSS(prAdapter
, prBssRsnInfo
)) {
996 DBGLOG(RSN
, INFO
, ("RSN info check no matched\n"));
1000 if (prBssRsnInfo
->u4PairwiseKeyCipherSuiteCount
== 1 &&
1001 GET_SELECTOR_TYPE(prBssRsnInfo
->au4PairwiseKeyCipherSuite
[0]) == CIPHER_SUITE_NONE
) {
1002 /* Since the pairwise cipher use the same cipher suite as the group
1003 cipher in the BSS, we check the group cipher suite against the
1004 current encryption status. */
1005 fgSuiteSupported
= FALSE
;
1007 switch (prBssRsnInfo
->u4GroupKeyCipherSuite
) {
1008 case WPA_CIPHER_SUITE_CCMP
:
1009 case RSN_CIPHER_SUITE_CCMP
:
1010 if (prAdapter
->rWifiVar
.rConnSettings
.eEncStatus
==
1011 ENUM_ENCRYPTION3_ENABLED
) {
1012 fgSuiteSupported
= TRUE
;
1016 case WPA_CIPHER_SUITE_TKIP
:
1017 case RSN_CIPHER_SUITE_TKIP
:
1018 if (prAdapter
->rWifiVar
.rConnSettings
.eEncStatus
==
1019 ENUM_ENCRYPTION2_ENABLED
) {
1020 fgSuiteSupported
= TRUE
;
1024 case WPA_CIPHER_SUITE_WEP40
:
1025 case WPA_CIPHER_SUITE_WEP104
:
1026 if (prAdapter
->rWifiVar
.rConnSettings
.eEncStatus
==
1027 ENUM_ENCRYPTION1_ENABLED
) {
1028 fgSuiteSupported
= TRUE
;
1033 if (fgSuiteSupported
) {
1034 u4PairwiseCipher
= WPA_CIPHER_SUITE_NONE
;
1035 u4GroupCipher
= prBssRsnInfo
->u4GroupKeyCipherSuite
;
1040 ("Inproper encryption status %d for group-key-only BSS\n",
1041 prAdapter
->rWifiVar
.rConnSettings
.eEncStatus
));
1045 fgSuiteSupported
= FALSE
;
1048 ("eEncStatus %d %lu 0x%lx\n", prAdapter
->rWifiVar
.rConnSettings
.eEncStatus
,
1049 prBssRsnInfo
->u4PairwiseKeyCipherSuiteCount
,
1050 prBssRsnInfo
->au4PairwiseKeyCipherSuite
[0]));
1051 /* Select pairwise/group ciphers */
1052 switch (prAdapter
->rWifiVar
.rConnSettings
.eEncStatus
) {
1053 case ENUM_ENCRYPTION3_ENABLED
:
1054 for (i
= 0; i
< prBssRsnInfo
->u4PairwiseKeyCipherSuiteCount
; i
++) {
1055 if (GET_SELECTOR_TYPE(prBssRsnInfo
->au4PairwiseKeyCipherSuite
[i
])
1056 == CIPHER_SUITE_CCMP
) {
1058 prBssRsnInfo
->au4PairwiseKeyCipherSuite
[i
];
1061 u4GroupCipher
= prBssRsnInfo
->u4GroupKeyCipherSuite
;
1064 case ENUM_ENCRYPTION2_ENABLED
:
1065 for (i
= 0; i
< prBssRsnInfo
->u4PairwiseKeyCipherSuiteCount
; i
++) {
1066 if (GET_SELECTOR_TYPE(prBssRsnInfo
->au4PairwiseKeyCipherSuite
[i
])
1067 == CIPHER_SUITE_TKIP
) {
1069 prBssRsnInfo
->au4PairwiseKeyCipherSuite
[i
];
1072 if (GET_SELECTOR_TYPE(prBssRsnInfo
->u4GroupKeyCipherSuite
) ==
1073 CIPHER_SUITE_CCMP
) {
1074 DBGLOG(RSN
, TRACE
, ("Cannot join CCMP BSS\n"));
1076 u4GroupCipher
= prBssRsnInfo
->u4GroupKeyCipherSuite
;
1080 case ENUM_ENCRYPTION1_ENABLED
:
1081 for (i
= 0; i
< prBssRsnInfo
->u4PairwiseKeyCipherSuiteCount
; i
++) {
1082 if (GET_SELECTOR_TYPE(prBssRsnInfo
->au4PairwiseKeyCipherSuite
[i
])
1083 == CIPHER_SUITE_WEP40
||
1084 GET_SELECTOR_TYPE(prBssRsnInfo
->au4PairwiseKeyCipherSuite
[i
])
1085 == CIPHER_SUITE_WEP104
) {
1087 prBssRsnInfo
->au4PairwiseKeyCipherSuite
[i
];
1090 if (GET_SELECTOR_TYPE(prBssRsnInfo
->u4GroupKeyCipherSuite
) ==
1091 CIPHER_SUITE_CCMP
||
1092 GET_SELECTOR_TYPE(prBssRsnInfo
->u4GroupKeyCipherSuite
) ==
1093 CIPHER_SUITE_TKIP
) {
1094 DBGLOG(RSN
, TRACE
, ("Cannot join CCMP/TKIP BSS\n"));
1096 u4GroupCipher
= prBssRsnInfo
->u4GroupKeyCipherSuite
;
1105 /* Exception handler */
1106 /* If we cannot find proper pairwise and group cipher suites to join the
1107 BSS, do not check the supported AKM suites. */
1108 if (u4PairwiseCipher
== 0 || u4GroupCipher
== 0) {
1109 DBGLOG(RSN
, TRACE
, ("Failed to select pairwise/group cipher (0x%08lx/0x%08lx)\n",
1110 u4PairwiseCipher
, u4GroupCipher
));
1113 #if CFG_ENABLE_WIFI_DIRECT
1114 if ((prAdapter
->fgIsP2PRegistered
) &&
1115 (GET_BSS_INFO_BY_INDEX(prAdapter
, ucBssIndex
)->eNetworkType
== NETWORK_TYPE_P2P
)) {
1116 if (u4PairwiseCipher
!= RSN_CIPHER_SUITE_CCMP
||
1117 u4GroupCipher
!= RSN_CIPHER_SUITE_CCMP
|| u4AkmSuite
!= RSN_AKM_SUITE_PSK
) {
1119 ("Failed to select pairwise/group cipher for P2P network (0x%08lx/0x%08lx)\n",
1120 u4PairwiseCipher
, u4GroupCipher
));
1126 #if CFG_ENABLE_BT_OVER_WIFI
1127 if (GET_BSS_INFO_BY_INDEX(prAdapter
, ucBssIndex
)->eNetworkType
== NETWORK_TYPE_BOW
) {
1128 if (u4PairwiseCipher
!= RSN_CIPHER_SUITE_CCMP
||
1129 u4GroupCipher
!= RSN_CIPHER_SUITE_CCMP
|| u4AkmSuite
!= RSN_AKM_SUITE_PSK
) {
1132 ("Failed to select pairwise/group cipher for BT over Wi-Fi network (0x%08lx/0x%08lx)\n",
1133 u4PairwiseCipher
, u4GroupCipher
));
1139 /* Verify if selected pairwisse cipher is supported */
1140 fgSuiteSupported
= rsnSearchSupportedCipher(prAdapter
, u4PairwiseCipher
, &i
);
1142 /* Verify if selected group cipher is supported */
1143 if (fgSuiteSupported
) {
1144 fgSuiteSupported
= rsnSearchSupportedCipher(prAdapter
, u4GroupCipher
, &i
);
1147 if (!fgSuiteSupported
) {
1149 ("Failed to support selected pairwise/group cipher (0x%08lx/0x%08lx)\n",
1150 u4PairwiseCipher
, u4GroupCipher
));
1155 /* If the driver cannot support any authentication suites advertised in
1156 the given BSS, we fail to perform RSNA policy selection. */
1157 /* Attempt to find any overlapping supported AKM suite. */
1158 #if CFG_SUPPORT_802_11W
1160 for (i
= (prBssRsnInfo
->u4AuthKeyMgtSuiteCount
- 1); i
>= 0; i
--)
1162 for (i
= 0; i
< prBssRsnInfo
->u4AuthKeyMgtSuiteCount
; i
++)
1165 if (rsnSearchAKMSuite(prAdapter
, prBssRsnInfo
->au4AuthKeyMgtSuite
[i
], &j
)) {
1166 u4AkmSuite
= prBssRsnInfo
->au4AuthKeyMgtSuite
[i
];
1171 if (u4AkmSuite
== 0) {
1172 DBGLOG(RSN
, TRACE
, ("Cannot support any AKM suites\n"));
1177 ("Selected pairwise/group cipher: %02x-%02x-%02x-%02x/%02x-%02x-%02x-%02x\n",
1178 (UINT_8
) (u4PairwiseCipher
& 0x000000FF),
1179 (UINT_8
) ((u4PairwiseCipher
>> 8) & 0x000000FF),
1180 (UINT_8
) ((u4PairwiseCipher
>> 16) & 0x000000FF),
1181 (UINT_8
) ((u4PairwiseCipher
>> 24) & 0x000000FF),
1182 (UINT_8
) (u4GroupCipher
& 0x000000FF), (UINT_8
) ((u4GroupCipher
>> 8) & 0x000000FF),
1183 (UINT_8
) ((u4GroupCipher
>> 16) & 0x000000FF),
1184 (UINT_8
) ((u4GroupCipher
>> 24) & 0x000000FF)));
1186 DBGLOG(RSN
, TRACE
, ("Selected AKM suite: %02x-%02x-%02x-%02x\n",
1187 (UINT_8
) (u4AkmSuite
& 0x000000FF),
1188 (UINT_8
) ((u4AkmSuite
>> 8) & 0x000000FF),
1189 (UINT_8
) ((u4AkmSuite
>> 16) & 0x000000FF),
1190 (UINT_8
) ((u4AkmSuite
>> 24) & 0x000000FF)));
1192 #if CFG_SUPPORT_802_11W
1193 DBGLOG(RSN
, TRACE
, ("[MFP] MFP setting = %lu\n ", kalGetMfpSetting(prAdapter
->prGlueInfo
)));
1195 if (kalGetMfpSetting(prAdapter
->prGlueInfo
) == RSN_AUTH_MFP_REQUIRED
) {
1196 if (!prBssRsnInfo
->fgRsnCapPresent
) {
1197 DBGLOG(RSN
, TRACE
, ("[MFP] Skip RSN IE, No MFP Required Capability.\n"));
1199 } else if (!(prBssRsnInfo
->u2RsnCap
& ELEM_WPA_CAP_MFPC
)) {
1200 DBGLOG(RSN
, TRACE
, ("[MFP] Skip RSN IE, No MFP Required\n"));
1203 prAdapter
->rWifiVar
.rAisSpecificBssInfo
.fgMgmtProtection
= TRUE
;
1204 } else if (kalGetMfpSetting(prAdapter
->prGlueInfo
) == RSN_AUTH_MFP_OPTIONAL
) {
1205 if (prBssRsnInfo
->u2RsnCap
&& ((prBssRsnInfo
->u2RsnCap
& ELEM_WPA_CAP_MFPR
) ||
1206 (prBssRsnInfo
->u2RsnCap
& ELEM_WPA_CAP_MFPC
))) {
1207 prAdapter
->rWifiVar
.rAisSpecificBssInfo
.fgMgmtProtection
= TRUE
;
1209 prAdapter
->rWifiVar
.rAisSpecificBssInfo
.fgMgmtProtection
= FALSE
;
1212 if (prBssRsnInfo
->fgRsnCapPresent
&& prBssRsnInfo
->u2RsnCap
) {
1213 if (/* (prBssRsnInfo->u2RsnCap & ELEM_WPA_CAP_MFPR) || */
1214 (prBssRsnInfo
->u2RsnCap
& ELEM_WPA_CAP_MFPC
)) {
1215 prAdapter
->rWifiVar
.rAisSpecificBssInfo
.fgMgmtProtection
= TRUE
;
1216 prAdapter
->prGlueInfo
->rWpaInfo
.u4Mfp
= RSN_AUTH_MFP_OPTIONAL
;
1218 /* else if ((prBssRsnInfo->u2RsnCap & ELEM_WPA_CAP_MFPC) && */
1219 /* !(prBssRsnInfo->u2RsnCap & ELEM_WPA_CAP_MFPR)) { */
1220 /* prAdapter->rWifiVar.rAisSpecificBssInfo.fgMgmtProtection = TRUE; */
1221 /* prAdapter->prGlueInfo->rWpaInfo.u4Mfp = RSN_AUTH_MFP_OPTIONAL; */
1224 prAdapter
->rWifiVar
.rAisSpecificBssInfo
.fgMgmtProtection
= FALSE
;
1227 if (prBssRsnInfo
->fgRsnCapPresent
&& (prBssRsnInfo
->u2RsnCap
& ELEM_WPA_CAP_MFPR
)) {
1228 if (prAdapter
->rWifiVar
.rAisSpecificBssInfo
.fgMgmtProtection
== FALSE
) {
1230 ("[MFP] Skip RSN IE, No MFP Required Capability\n"));
1236 ("[MFP] fgMgmtProtection = %d\n ",
1237 prAdapter
->rWifiVar
.rAisSpecificBssInfo
.fgMgmtProtection
));
1239 prAdapter
->rWifiVar
.rAisSpecificBssInfo
.fgAPApplyPmfReq
= FALSE
;
1240 if (prBssRsnInfo
->fgRsnCapPresent
&& (prBssRsnInfo
->u2RsnCap
& ELEM_WPA_CAP_MFPR
))
1241 prAdapter
->rWifiVar
.rAisSpecificBssInfo
.fgAPApplyPmfReq
= TRUE
;
1244 if (GET_SELECTOR_TYPE(u4GroupCipher
) == CIPHER_SUITE_CCMP
) {
1245 prBss
->ucEncLevel
= 3;
1246 } else if (GET_SELECTOR_TYPE(u4GroupCipher
) == CIPHER_SUITE_TKIP
) {
1247 prBss
->ucEncLevel
= 2;
1248 } else if (GET_SELECTOR_TYPE(u4GroupCipher
) == CIPHER_SUITE_WEP40
||
1249 GET_SELECTOR_TYPE(u4GroupCipher
) == CIPHER_SUITE_WEP104
) {
1250 prBss
->ucEncLevel
= 1;
1254 prBss
->u4RsnSelectedPairwiseCipher
= u4PairwiseCipher
;
1255 prBss
->u4RsnSelectedGroupCipher
= u4GroupCipher
;
1256 prBss
->u4RsnSelectedAKMSuite
= u4AkmSuite
;
1260 } /* rsnPerformPolicySelection */
1263 /*----------------------------------------------------------------------------*/
1265 * \brief This routine is called to generate WPA IE for beacon frame.
1267 * \param[in] pucIeStartAddr Pointer to put the generated WPA IE.
1269 * \return The append WPA-None IE length
1271 * Called by: JOIN module, compose beacon IE
1273 /*----------------------------------------------------------------------------*/
1274 VOID
rsnGenerateWpaNoneIE(IN P_ADAPTER_T prAdapter
, IN P_MSDU_INFO_T prMsduInfo
)
1277 P_WPA_INFO_ELEM_T prWpaIE
;
1279 UINT_16 u2SuiteCount
;
1281 UINT_8 ucExpendedLen
= 0;
1285 DEBUGFUNC("rsnGenerateWpaNoneIE");
1289 if (prAdapter
->rWifiVar
.rConnSettings
.eAuthMode
!= AUTH_MODE_WPA_NONE
) {
1293 ucBssIndex
= prMsduInfo
->ucBssIndex
;
1295 if (GET_BSS_INFO_BY_INDEX(prAdapter
, ucBssIndex
)->eNetworkType
!= NETWORK_TYPE_AIS
)
1298 pucBuffer
= (PUINT_8
) ((ULONG
) prMsduInfo
->prPacket
+
1299 (ULONG
) prMsduInfo
->u2FrameLength
);
1303 prWpaIE
= (P_WPA_INFO_ELEM_T
) (pucBuffer
);
1305 /* Start to construct a WPA IE. */
1306 /* Fill the Element ID field. */
1307 prWpaIE
->ucElemId
= ELEM_ID_WPA
;
1309 /* Fill the OUI and OUI Type fields. */
1310 prWpaIE
->aucOui
[0] = 0x00;
1311 prWpaIE
->aucOui
[1] = 0x50;
1312 prWpaIE
->aucOui
[2] = 0xF2;
1313 prWpaIE
->ucOuiType
= VENDOR_OUI_TYPE_WPA
;
1315 /* Fill the Version field. */
1316 WLAN_SET_FIELD_16(&prWpaIE
->u2Version
, 1); /* version 1 */
1319 /* Fill the Pairwise Key Cipher Suite List field. */
1321 cp
= (PUINT_8
) &prWpaIE
->aucPairwiseKeyCipherSuite1
[0];
1323 if (rsnSearchSupportedCipher(prAdapter
, WPA_CIPHER_SUITE_CCMP
, &i
)) {
1324 u4Suite
= WPA_CIPHER_SUITE_CCMP
;
1325 } else if (rsnSearchSupportedCipher(prAdapter
, WPA_CIPHER_SUITE_TKIP
, &i
)) {
1326 u4Suite
= WPA_CIPHER_SUITE_TKIP
;
1327 } else if (rsnSearchSupportedCipher(prAdapter
, WPA_CIPHER_SUITE_WEP104
, &i
)) {
1328 u4Suite
= WPA_CIPHER_SUITE_WEP104
;
1329 } else if (rsnSearchSupportedCipher(prAdapter
, WPA_CIPHER_SUITE_WEP40
, &i
)) {
1330 u4Suite
= WPA_CIPHER_SUITE_WEP40
;
1332 u4Suite
= WPA_CIPHER_SUITE_TKIP
;
1335 WLAN_SET_FIELD_32(cp
, u4Suite
);
1340 /* Fill the Group Key Cipher Suite field as the same in pair-wise key. */
1341 WLAN_SET_FIELD_32(&prWpaIE
->u4GroupKeyCipherSuite
, u4Suite
);
1344 /* Fill the Pairwise Key Cipher Suite Count field. */
1345 WLAN_SET_FIELD_16(&prWpaIE
->u2PairwiseKeyCipherSuiteCount
, u2SuiteCount
);
1350 /* Fill the Authentication and Key Management Suite List field. */
1354 if (rsnSearchAKMSuite(prAdapter
, WPA_AKM_SUITE_802_1X
, &i
)) {
1355 u4Suite
= WPA_AKM_SUITE_802_1X
;
1356 } else if (rsnSearchAKMSuite(prAdapter
, WPA_AKM_SUITE_PSK
, &i
)) {
1357 u4Suite
= WPA_AKM_SUITE_PSK
;
1359 u4Suite
= WPA_AKM_SUITE_NONE
;
1362 /* This shall be the only avaiable value for current implementation */
1363 ASSERT(u4Suite
== WPA_AKM_SUITE_NONE
);
1365 WLAN_SET_FIELD_32(cp
, u4Suite
);
1370 /* Fill the Authentication and Key Management Suite Count field. */
1371 WLAN_SET_FIELD_16(cp2
, u2SuiteCount
);
1374 /* Fill the Length field. */
1375 prWpaIE
->ucLength
= (UINT_8
) ucExpendedLen
;
1377 /* Increment the total IE length for the Element ID and Length fields. */
1378 prMsduInfo
->u2FrameLength
+= IE_SIZE(pucBuffer
);
1380 } /* rsnGenerateWpaNoneIE */
1383 /*----------------------------------------------------------------------------*/
1386 * \brief This routine is called to generate WPA IE for
1387 * associate request frame.
1389 * \param[in] prCurrentBss The Selected BSS description
1391 * \retval The append WPA IE length
1394 * Called by: AIS module, Associate request
1396 /*----------------------------------------------------------------------------*/
1397 VOID
rsnGenerateWPAIE(IN P_ADAPTER_T prAdapter
, IN P_MSDU_INFO_T prMsduInfo
)
1402 P_P2P_SPECIFIC_BSS_INFO_T prP2pSpecificBssInfo
;
1404 DEBUGFUNC("rsnGenerateWPAIE");
1408 pucBuffer
= (PUINT_8
) ((ULONG
) prMsduInfo
->prPacket
+
1409 (ULONG
) prMsduInfo
->u2FrameLength
);
1413 ucBssIndex
= prMsduInfo
->ucBssIndex
;
1414 prP2pSpecificBssInfo
= prAdapter
->rWifiVar
.prP2pSpecificBssInfo
;
1416 /* if (eNetworkId != NETWORK_TYPE_AIS_INDEX) */
1419 #if CFG_ENABLE_WIFI_DIRECT
1420 if ((1 /* prCurrentBss->fgIEWPA */ &&
1421 ((prAdapter
->fgIsP2PRegistered
) &&
1422 (GET_BSS_INFO_BY_INDEX(prAdapter
, ucBssIndex
)->eNetworkType
== NETWORK_TYPE_P2P
) &&
1423 (kalP2PGetTkipCipher(prAdapter
->prGlueInfo
)))) ||
1424 ((prAdapter
->rWifiVar
.rConnSettings
.eAuthMode
== AUTH_MODE_WPA
) ||
1425 (prAdapter
->rWifiVar
.rConnSettings
.eAuthMode
== AUTH_MODE_WPA_PSK
)))
1427 if ((1 /* prCurrentBss->fgIEWPA */ &&
1428 ((prAdapter
->rWifiVar
.rConnSettings
.eAuthMode
== AUTH_MODE_WPA
) ||
1429 (prAdapter
->rWifiVar
.rConnSettings
.eAuthMode
== AUTH_MODE_WPA_PSK
))))
1432 if (prP2pSpecificBssInfo
->u2WpaIeLen
!= 0) {
1433 kalMemCopy(pucBuffer
, prP2pSpecificBssInfo
->aucWpaIeBuffer
,
1434 prP2pSpecificBssInfo
->u2WpaIeLen
);
1435 prMsduInfo
->u2FrameLength
+= prP2pSpecificBssInfo
->u2WpaIeLen
;
1438 /* Construct a WPA IE for association request frame. */
1439 WPA_IE(pucBuffer
)->ucElemId
= ELEM_ID_WPA
;
1440 WPA_IE(pucBuffer
)->ucLength
= ELEM_ID_WPA_LEN_FIXED
;
1441 WPA_IE(pucBuffer
)->aucOui
[0] = 0x00;
1442 WPA_IE(pucBuffer
)->aucOui
[1] = 0x50;
1443 WPA_IE(pucBuffer
)->aucOui
[2] = 0xF2;
1444 WPA_IE(pucBuffer
)->ucOuiType
= VENDOR_OUI_TYPE_WPA
;
1445 WLAN_SET_FIELD_16(&WPA_IE(pucBuffer
)->u2Version
, 1);
1447 #if CFG_ENABLE_WIFI_DIRECT
1448 if (prAdapter
->fgIsP2PRegistered
1449 && GET_BSS_INFO_BY_INDEX(prAdapter
,
1450 ucBssIndex
)->eNetworkType
== NETWORK_TYPE_P2P
) {
1451 WLAN_SET_FIELD_32(&WPA_IE(pucBuffer
)->u4GroupKeyCipherSuite
,
1452 WPA_CIPHER_SUITE_TKIP
);
1455 WLAN_SET_FIELD_32(&WPA_IE(pucBuffer
)->u4GroupKeyCipherSuite
,
1456 prAdapter
->prAisBssInfo
->u4RsnSelectedGroupCipher
);
1458 cp
= (PUCHAR
) &WPA_IE(pucBuffer
)->aucPairwiseKeyCipherSuite1
[0];
1460 WLAN_SET_FIELD_16(&WPA_IE(pucBuffer
)->u2PairwiseKeyCipherSuiteCount
, 1);
1461 #if CFG_ENABLE_WIFI_DIRECT
1462 if (prAdapter
->fgIsP2PRegistered
1463 && GET_BSS_INFO_BY_INDEX(prAdapter
,
1464 ucBssIndex
)->eNetworkType
== NETWORK_TYPE_P2P
) {
1465 WLAN_SET_FIELD_32(cp
, WPA_CIPHER_SUITE_TKIP
);
1468 WLAN_SET_FIELD_32(cp
, prAdapter
->prAisBssInfo
->u4RsnSelectedPairwiseCipher
);
1471 WLAN_SET_FIELD_16(cp
, 1);
1473 #if CFG_ENABLE_WIFI_DIRECT
1474 if (prAdapter
->fgIsP2PRegistered
1475 && GET_BSS_INFO_BY_INDEX(prAdapter
,
1476 ucBssIndex
)->eNetworkType
== NETWORK_TYPE_P2P
) {
1477 WLAN_SET_FIELD_32(cp
, WPA_AKM_SUITE_PSK
);
1480 WLAN_SET_FIELD_32(cp
, prAdapter
->prAisBssInfo
->u4RsnSelectedAKMSuite
);
1483 WPA_IE(pucBuffer
)->ucLength
= ELEM_ID_WPA_LEN_FIXED
;
1485 prMsduInfo
->u2FrameLength
+= IE_SIZE(pucBuffer
);
1488 } /* rsnGenerateWPAIE */
1491 /*----------------------------------------------------------------------------*/
1494 * \brief This routine is called to generate RSN IE for
1495 * associate request frame.
1497 * \param[in] prMsduInfo The Selected BSS description
1499 * \retval The append RSN IE length
1502 * Called by: AIS module, P2P module, BOW module Associate request
1504 /*----------------------------------------------------------------------------*/
1505 VOID
rsnGenerateRSNIE(IN P_ADAPTER_T prAdapter
, IN P_MSDU_INFO_T prMsduInfo
)
1509 /* UINT_8 ucExpendedLen = 0; */
1512 P_STA_RECORD_T prStaRec
;
1514 DEBUGFUNC("rsnGenerateRSNIE");
1518 pucBuffer
= (PUINT_8
) ((ULONG
) prMsduInfo
->prPacket
+
1519 (ULONG
) prMsduInfo
->u2FrameLength
);
1523 /* Todo:: network id */
1524 ucBssIndex
= prMsduInfo
->ucBssIndex
;
1527 #if CFG_ENABLE_WIFI_DIRECT
1528 ((prAdapter
->fgIsP2PRegistered
) &&
1529 (GET_BSS_INFO_BY_INDEX(prAdapter
, ucBssIndex
)->eNetworkType
== NETWORK_TYPE_P2P
)
1530 && (kalP2PGetCcmpCipher(prAdapter
->prGlueInfo
))) ||
1532 #if CFG_ENABLE_BT_OVER_WIFI
1533 (GET_BSS_INFO_BY_INDEX(prAdapter
, ucBssIndex
)->eNetworkType
== NETWORK_TYPE_BOW
)
1536 (GET_BSS_INFO_BY_INDEX(prAdapter
, ucBssIndex
)->eNetworkType
==
1537 NETWORK_TYPE_AIS
/* prCurrentBss->fgIERSN */ &&
1538 ((prAdapter
->rWifiVar
.rConnSettings
.eAuthMode
== AUTH_MODE_WPA2
)
1539 || (prAdapter
->rWifiVar
.rConnSettings
.eAuthMode
== AUTH_MODE_WPA2_PSK
)))) {
1540 /* Construct a RSN IE for association request frame. */
1541 RSN_IE(pucBuffer
)->ucElemId
= ELEM_ID_RSN
;
1542 RSN_IE(pucBuffer
)->ucLength
= ELEM_ID_RSN_LEN_FIXED
;
1543 WLAN_SET_FIELD_16(&RSN_IE(pucBuffer
)->u2Version
, 1); /* Version */
1544 WLAN_SET_FIELD_32(&RSN_IE(pucBuffer
)->u4GroupKeyCipherSuite
, GET_BSS_INFO_BY_INDEX(prAdapter
, ucBssIndex
)->u4RsnSelectedGroupCipher
); /* Group key suite */
1545 cp
= (PUCHAR
) &RSN_IE(pucBuffer
)->aucPairwiseKeyCipherSuite1
[0];
1546 WLAN_SET_FIELD_16(&RSN_IE(pucBuffer
)->u2PairwiseKeyCipherSuiteCount
, 1);
1547 WLAN_SET_FIELD_32(cp
,
1548 GET_BSS_INFO_BY_INDEX(prAdapter
,
1549 ucBssIndex
)->u4RsnSelectedPairwiseCipher
);
1551 WLAN_SET_FIELD_16(cp
, 1); /* AKM suite count */
1553 WLAN_SET_FIELD_32(cp
, GET_BSS_INFO_BY_INDEX(prAdapter
, ucBssIndex
)->u4RsnSelectedAKMSuite
); /* AKM suite */
1555 #if CFG_SUPPORT_802_11W
1556 WLAN_SET_FIELD_16(cp
, GET_BSS_INFO_BY_INDEX(prAdapter
, ucBssIndex
)->u2RsnSelectedCapInfo
); /* Capabilities */
1558 ("Gen RSN IE = %x\n",
1559 GET_BSS_INFO_BY_INDEX(prAdapter
, ucBssIndex
)->u2RsnSelectedCapInfo
));
1560 if (GET_BSS_INFO_BY_INDEX(prAdapter
, ucBssIndex
)->eNetworkType
== NETWORK_TYPE_AIS
1561 && prAdapter
->rWifiVar
.rAisSpecificBssInfo
.fgMgmtProtection
) {
1562 if (kalGetMfpSetting(prAdapter
->prGlueInfo
) ==
1563 RSN_AUTH_MFP_REQUIRED
1564 /* prAdapter->rWifiVar.rAisSpecificBssInfo.fgAPApplyPmfReq */) {
1565 WLAN_SET_FIELD_16(cp
, ELEM_WPA_CAP_MFPC
| ELEM_WPA_CAP_MFPR
); /* Capabilities */
1566 DBGLOG(RSN
, TRACE
, ("RSN_AUTH_MFP_NO - MFPC & MFPR\n"));
1568 WLAN_SET_FIELD_16(cp
, ELEM_WPA_CAP_MFPC
); /* Capabilities */
1569 DBGLOG(RSN
, TRACE
, ("RSN_AUTH_MFP_NO - MFPC\n"));
1573 WLAN_SET_FIELD_16(cp
, GET_BSS_INFO_BY_INDEX(prAdapter
, ucBssIndex
)->u2RsnSelectedCapInfo
); /* Capabilities */
1577 if (GET_BSS_INFO_BY_INDEX(prAdapter
, ucBssIndex
)->eNetworkType
== NETWORK_TYPE_AIS
)
1578 prStaRec
= cnmGetStaRecByIndex(prAdapter
, prMsduInfo
->ucStaRecIndex
);
1580 if (GET_BSS_INFO_BY_INDEX(prAdapter
, ucBssIndex
)->eNetworkType
== NETWORK_TYPE_AIS
1581 && rsnSearchPmkidEntry(prAdapter
, prStaRec
->aucMacAddr
, &u4Entry
)) {
1582 /* DBGLOG(RSN, TRACE, ("Add Pmk at assoc req\n")); */
1583 /* DBGLOG(RSN, TRACE, ("addr " MACSTR" PMKID "MACSTR"\n", */
1584 /* MAC2STR(prAdapter->rWifiVar.rAisSpecificBssInfo.arPmkidCache[u4Entry].rBssidInfo.arBSSID), MAC2STR(prAdapter->rWifiVar.rAisSpecificBssInfo.arPmkidCache[u4Entry].rBssidInfo.arPMKID))); */
1585 if (prAdapter
->rWifiVar
.rAisSpecificBssInfo
.arPmkidCache
[u4Entry
].
1587 RSN_IE(pucBuffer
)->ucLength
= 38;
1588 WLAN_SET_FIELD_16(cp
, 1); /* PMKID count */
1591 ("BSSID " MACSTR
" ind=%lu\n", MAC2STR(prStaRec
->aucMacAddr
),
1594 ("use PMKID " MACSTR
"\n",
1595 MAC2STR(prAdapter
->rWifiVar
.rAisSpecificBssInfo
.
1596 arPmkidCache
[u4Entry
].rBssidInfo
.arPMKID
)));
1598 (PVOID
) prAdapter
->rWifiVar
.rAisSpecificBssInfo
.
1599 arPmkidCache
[u4Entry
].rBssidInfo
.arPMKID
,
1600 sizeof(PARAM_PMKID_VALUE
));
1601 /* ucExpendedLen = 40; */
1603 WLAN_SET_FIELD_16(cp
, 0); /* PMKID count */
1604 /* ucExpendedLen = ELEM_ID_RSN_LEN_FIXED + 2; */
1605 #if CFG_SUPPORT_802_11W
1607 RSN_IE(pucBuffer
)->ucLength
+= 2;
1611 WLAN_SET_FIELD_16(cp
, 0); /* PMKID count */
1612 /* ucExpendedLen = ELEM_ID_RSN_LEN_FIXED + 2; */
1613 #if CFG_SUPPORT_802_11W
1614 if ((GET_BSS_INFO_BY_INDEX(prAdapter
, ucBssIndex
)->eNetworkType
==
1616 && prAdapter
->rWifiVar
.rAisSpecificBssInfo
.fgMgmtProtection
1617 && (kalGetMfpSetting(prAdapter
->prGlueInfo
) !=
1618 RSN_AUTH_MFP_DISABLED
)
1619 /* (mgmt_group_cipher == WPA_CIPHER_AES_128_CMAC) */) {
1621 RSN_IE(pucBuffer
)->ucLength
+= 2;
1626 #if CFG_SUPPORT_802_11W
1627 if ((GET_BSS_INFO_BY_INDEX(prAdapter
, ucBssIndex
)->eNetworkType
== NETWORK_TYPE_AIS
)
1628 && prAdapter
->rWifiVar
.rAisSpecificBssInfo
.fgMgmtProtection
1629 && (kalGetMfpSetting(prAdapter
->prGlueInfo
) !=
1630 RSN_AUTH_MFP_DISABLED
) /* (mgmt_group_cipher == WPA_CIPHER_AES_128_CMAC) */
1632 WLAN_SET_FIELD_32(cp
, RSN_CIPHER_SUITE_AES_128_CMAC
);
1634 RSN_IE(pucBuffer
)->ucLength
+= 4;
1637 prMsduInfo
->u2FrameLength
+= IE_SIZE(pucBuffer
);
1640 } /* rsnGenerateRSNIE */
1642 /*----------------------------------------------------------------------------*/
1644 * \brief Parse the given IE buffer and check if it is WFA IE and return Type and
1645 * SubType for further process.
1647 * \param[in] pucBuf Pointer to the buffer of WFA Information Element.
1648 * \param[out] pucOuiType Pointer to the storage of OUI Type.
1649 * \param[out] pu2SubTypeVersion Pointer to the storage of OUI SubType and Version.
1651 * \retval TRUE Parse IE ok
1652 * \retval FALSE Parse IE fail
1654 /*----------------------------------------------------------------------------*/
1656 rsnParseCheckForWFAInfoElem(IN P_ADAPTER_T prAdapter
,
1658 OUT PUINT_8 pucOuiType
, OUT PUINT_16 pu2SubTypeVersion
)
1660 UINT_8 aucWfaOui
[] = VENDOR_OUI_WFA
;
1665 ASSERT(pu2SubTypeVersion
);
1666 prWfaIE
= (P_IE_WFA_T
) pucBuf
;
1669 if (IE_LEN(pucBuf
) <= ELEM_MIN_LEN_WFA_OUI_TYPE_SUBTYPE
) {
1671 } else if (prWfaIE
->aucOui
[0] != aucWfaOui
[0] ||
1672 prWfaIE
->aucOui
[1] != aucWfaOui
[1] ||
1673 prWfaIE
->aucOui
[2] != aucWfaOui
[2]) {
1677 *pucOuiType
= prWfaIE
->ucOuiType
;
1678 WLAN_GET_FIELD_16(&prWfaIE
->aucOuiSubTypeVersion
[0], pu2SubTypeVersion
);
1685 } /* end of rsnParseCheckForWFAInfoElem() */
1688 /*----------------------------------------------------------------------------*/
1690 * \brief Parse the given IE buffer and check if it is RSN IE with CCMP PSK
1692 * \param[in] prAdapter Pointer to Adapter
1693 * \param[in] prSwRfb Pointer to the rx buffer
1694 * \param[in] pIE Pointer rthe buffer of Information Element.
1695 * \param[out] prStatusCode Pointer to the return status code.
1699 /*----------------------------------------------------------------------------*/
1701 rsnParserCheckForRSNCCMPPSK(P_ADAPTER_T prAdapter
, P_RSN_INFO_ELEM_T prIe
, PUINT_16 pu2StatusCode
)
1708 ASSERT(pu2StatusCode
);
1710 *pu2StatusCode
= STATUS_CODE_INVALID_INFO_ELEMENT
;
1712 if (rsnParseRsnIE(prAdapter
, prIe
, &rRsnIe
)) {
1713 if ((rRsnIe
.u4PairwiseKeyCipherSuiteCount
!= 1)
1714 || (rRsnIe
.au4PairwiseKeyCipherSuite
[0] != RSN_CIPHER_SUITE_CCMP
)) {
1715 *pu2StatusCode
= STATUS_CODE_INVALID_PAIRWISE_CIPHER
;
1718 if ((rRsnIe
.u4GroupKeyCipherSuite
!= RSN_CIPHER_SUITE_CCMP
)) {
1719 *pu2StatusCode
= STATUS_CODE_INVALID_GROUP_CIPHER
;
1722 if ((rRsnIe
.u4AuthKeyMgtSuiteCount
!= 1)
1723 || (rRsnIe
.au4AuthKeyMgtSuite
[0] != RSN_AKM_SUITE_PSK
)) {
1724 *pu2StatusCode
= STATUS_CODE_INVALID_AKMP
;
1728 DBGLOG(RSN
, TRACE
, ("RSN with CCMP-PSK\n"));
1729 *pu2StatusCode
= WLAN_STATUS_SUCCESS
;
1735 /*----------------------------------------------------------------------------*/
1737 * \brief This routine is called to generate an authentication event to NDIS.
1739 * \param[in] u4Flags Authentication event: \n
1740 * PARAM_AUTH_REQUEST_REAUTH 0x01 \n
1741 * PARAM_AUTH_REQUEST_KEYUPDATE 0x02 \n
1742 * PARAM_AUTH_REQUEST_PAIRWISE_ERROR 0x06 \n
1743 * PARAM_AUTH_REQUEST_GROUP_ERROR 0x0E \n
1747 /*----------------------------------------------------------------------------*/
1748 VOID
rsnGenMicErrorEvent(IN P_ADAPTER_T prAdapter
, IN BOOLEAN fgFlags
)
1750 P_PARAM_AUTH_EVENT_T prAuthEvent
;
1752 DEBUGFUNC("rsnGenMicErrorEvent");
1754 prAuthEvent
= (P_PARAM_AUTH_EVENT_T
) prAdapter
->aucIndicationEventBuffer
;
1756 /* Status type: Authentication Event */
1757 prAuthEvent
->rStatus
.eStatusType
= ENUM_STATUS_TYPE_AUTHENTICATION
;
1759 /* Authentication request */
1760 prAuthEvent
->arRequest
[0].u4Length
= sizeof(PARAM_AUTH_REQUEST_T
);
1761 kalMemCopy((PVOID
) prAuthEvent
->arRequest
[0].arBssid
,
1762 (PVOID
) prAdapter
->prAisBssInfo
->aucBSSID
, MAC_ADDR_LEN
);
1764 if (fgFlags
== TRUE
)
1765 prAuthEvent
->arRequest
[0].u4Flags
= PARAM_AUTH_REQUEST_GROUP_ERROR
;
1767 prAuthEvent
->arRequest
[0].u4Flags
= PARAM_AUTH_REQUEST_PAIRWISE_ERROR
;
1769 kalIndicateStatusAndComplete(prAdapter
->prGlueInfo
,
1770 WLAN_STATUS_MEDIA_SPECIFIC_INDICATION
,
1771 (PVOID
) prAuthEvent
,
1772 sizeof(PARAM_STATUS_INDICATION_T
) +
1773 sizeof(PARAM_AUTH_REQUEST_T
));
1775 } /* rsnGenMicErrorEvent */
1778 /*----------------------------------------------------------------------------*/
1780 * \brief This routine is called to handle TKIP MIC failures.
1782 * \param[in] adapter_p Pointer to the adapter object data area.
1783 * \param[in] prSta Pointer to the STA which occur MIC Error
1784 * \param[in] fgErrorKeyType type of error key
1788 /*----------------------------------------------------------------------------*/
1790 rsnTkipHandleMICFailure(IN P_ADAPTER_T prAdapter
,
1791 IN P_STA_RECORD_T prSta
, IN BOOLEAN fgErrorKeyType
)
1793 /* UINT_32 u4RsnaCurrentMICFailTime; */
1794 /* P_AIS_SPECIFIC_BSS_INFO_T prAisSpecBssInfo; */
1796 DEBUGFUNC("rsnTkipHandleMICFailure");
1800 rsnGenMicErrorEvent(prAdapter
, /* prSta, */ fgErrorKeyType
);
1802 /* Generate authentication request event. */
1803 DBGLOG(RSN
, INFO
, ("Generate TKIP MIC error event (type: 0%d)\n", fgErrorKeyType
));
1807 prAisSpecBssInfo
= &prAdapter
->rWifiVar
.rAisSpecificBssInfo
;
1809 /* Record the MIC error occur time. */
1810 GET_CURRENT_SYSTIME(&u4RsnaCurrentMICFailTime
);
1812 /* Generate authentication request event. */
1813 DBGLOG(RSN
, INFO
, ("Generate TKIP MIC error event (type: 0%d)\n", fgErrorKeyType
));
1815 /* If less than 60 seconds have passed since a previous TKIP MIC failure,
1816 disassociate from the AP and wait for 60 seconds before (re)associating
1817 with the same AP. */
1818 if (prAisSpecBssInfo
->u4RsnaLastMICFailTime
!= 0 &&
1819 !CHECK_FOR_TIMEOUT(u4RsnaCurrentMICFailTime
,
1820 prAisSpecBssInfo
->u4RsnaLastMICFailTime
,
1821 SEC_TO_SYSTIME(TKIP_COUNTERMEASURE_SEC
))) {
1822 /* If less than 60 seconds expired since last MIC error, we have to
1825 DBGLOG(RSN
, INFO
, ("Start blocking traffic!\n"));
1826 rsnGenMicErrorEvent(prAdapter
, /* prSta, */ fgErrorKeyType
);
1828 secFsmEventStartCounterMeasure(prAdapter
, prSta
);
1830 rsnGenMicErrorEvent(prAdapter
, /* prSta, */ fgErrorKeyType
);
1831 DBGLOG(RSN
, INFO
, ("First TKIP MIC error!\n"));
1834 COPY_SYSTIME(prAisSpecBssInfo
->u4RsnaLastMICFailTime
, u4RsnaCurrentMICFailTime
);
1836 } /* rsnTkipHandleMICFailure */
1839 /*----------------------------------------------------------------------------*/
1841 * \brief This function is called to select a list of BSSID from
1842 * the scan results for PMKID candidate list.
1844 * \param[in] prBssDesc the BSS Desc at scan result list
1845 * \param[out] pu4CandidateCount Pointer to the number of selected candidates.
1846 * It is set to zero if no BSSID matches our requirement.
1850 /*----------------------------------------------------------------------------*/
1851 VOID
rsnSelectPmkidCandidateList(IN P_ADAPTER_T prAdapter
, IN P_BSS_DESC_T prBssDesc
)
1853 P_CONNECTION_SETTINGS_T prConnSettings
;
1854 P_BSS_INFO_T prAisBssInfo
;
1856 DEBUGFUNC("rsnSelectPmkidCandidateList");
1860 prConnSettings
= &prAdapter
->rWifiVar
.rConnSettings
;
1861 prAisBssInfo
= prAdapter
->prAisBssInfo
;
1863 /* Search a BSS with the same SSID from the given BSS description set. */
1864 /* DBGLOG(RSN, TRACE, ("Check scan result ["MACSTR"]\n", */
1865 /* MAC2STR(prBssDesc->aucBSSID))); */
1867 if (UNEQUAL_SSID(prBssDesc
->aucSSID
, prBssDesc
->ucSSIDLen
,
1868 prConnSettings
->aucSSID
, prConnSettings
->ucSSIDLen
)) {
1869 DBGLOG(RSN
, TRACE
, ("-- SSID not matched\n"));
1873 if ((prBssDesc
->u2BSSBasicRateSet
&
1874 ~(rPhyAttributes
[prAisBssInfo
->ePhyType
].u2SupportedRateSet
)) ||
1875 prBssDesc
->fgIsUnknownBssBasicRate
) {
1876 DBGLOG(RSN
, TRACE
, ("-- Rate set not matched\n"));
1880 if (/* prBssDesc->u4RsnSelectedPairwiseCipher != prAisBssInfo->u4RsnSelectedPairwiseCipher || */
1881 prBssDesc
->u4RsnSelectedGroupCipher
!= prAisBssInfo
->u4RsnSelectedGroupCipher
/*||
1882 prBssDesc->u4RsnSelectedAKMSuite != prAisBssInfo->u4RsnSelectedAKMSuite */) {
1883 DBGLOG(RSN
, TRACE
, ("-- Encrypt status not matched for PMKID\n"));
1888 rsnUpdatePmkidCandidateList(prAdapter
, prBssDesc
);
1890 } /* rsnSelectPmkidCandidateList */
1893 /*----------------------------------------------------------------------------*/
1895 * \brief This function is called to select a list of BSSID from
1896 * the scan results for PMKID candidate list.
1898 * \param[in] prBssDesc the BSS DESC at scan result list
1902 /*----------------------------------------------------------------------------*/
1903 VOID
rsnUpdatePmkidCandidateList(IN P_ADAPTER_T prAdapter
, IN P_BSS_DESC_T prBssDesc
)
1906 P_CONNECTION_SETTINGS_T prConnSettings
;
1907 P_AIS_SPECIFIC_BSS_INFO_T prAisSpecBssInfo
;
1909 DEBUGFUNC("rsnUpdatePmkidCandidateList");
1913 prConnSettings
= &prAdapter
->rWifiVar
.rConnSettings
;
1914 prAisSpecBssInfo
= &prAdapter
->rWifiVar
.rAisSpecificBssInfo
;
1916 if (UNEQUAL_SSID(prBssDesc
->aucSSID
, prBssDesc
->ucSSIDLen
,
1917 prConnSettings
->aucSSID
, prConnSettings
->ucSSIDLen
)) {
1918 DBGLOG(RSN
, TRACE
, ("-- SSID not matched\n"));
1922 for (i
= 0; i
< CFG_MAX_PMKID_CACHE
; i
++) {
1924 (prBssDesc
->aucBSSID
, prAisSpecBssInfo
->arPmkidCandicate
[i
].aucBssid
))
1928 /* If the number of selected BSSID exceed MAX_NUM_PMKID_CACHE(16),
1929 then we only store MAX_NUM_PMKID_CACHE(16) in PMKID cache */
1930 if ((prAisSpecBssInfo
->u4PmkidCandicateCount
+ 1) > CFG_MAX_PMKID_CACHE
) {
1931 prAisSpecBssInfo
->u4PmkidCandicateCount
--;
1934 i
= prAisSpecBssInfo
->u4PmkidCandicateCount
;
1936 COPY_MAC_ADDR((PVOID
) prAisSpecBssInfo
->arPmkidCandicate
[i
].aucBssid
,
1937 (PVOID
) prBssDesc
->aucBSSID
);
1939 if (prBssDesc
->u2RsnCap
& MASK_RSNIE_CAP_PREAUTH
) {
1940 prAisSpecBssInfo
->arPmkidCandicate
[i
].u4PreAuthFlags
= 1;
1941 DBGLOG(RSN
, TRACE
, ("Add " MACSTR
" with pre-auth to candidate list\n",
1942 MAC2STR(prAisSpecBssInfo
->arPmkidCandicate
[i
].aucBssid
)));
1944 prAisSpecBssInfo
->arPmkidCandicate
[i
].u4PreAuthFlags
= 0;
1945 DBGLOG(RSN
, TRACE
, ("Add " MACSTR
" without pre-auth to candidate list\n",
1946 MAC2STR(prAisSpecBssInfo
->arPmkidCandicate
[i
].aucBssid
)));
1949 prAisSpecBssInfo
->u4PmkidCandicateCount
++;
1951 } /* rsnUpdatePmkidCandidateList */
1954 /*----------------------------------------------------------------------------*/
1956 * \brief This routine is called to search the desired entry in
1957 * PMKID cache according to the BSSID
1959 * \param[in] pucBssid Pointer to the BSSID
1960 * \param[out] pu4EntryIndex Pointer to place the found entry index
1962 * \retval TRUE, if found one entry for specified BSSID
1963 * \retval FALSE, if not found
1965 /*----------------------------------------------------------------------------*/
1967 rsnSearchPmkidEntry(IN P_ADAPTER_T prAdapter
, IN PUINT_8 pucBssid
, OUT PUINT_32 pu4EntryIndex
)
1970 P_AIS_SPECIFIC_BSS_INFO_T prAisSpecBssInfo
;
1972 DEBUGFUNC("rsnSearchPmkidEntry");
1975 ASSERT(pu4EntryIndex
);
1977 prAisSpecBssInfo
= &prAdapter
->rWifiVar
.rAisSpecificBssInfo
;
1979 if (prAisSpecBssInfo
->u4PmkidCacheCount
> CFG_MAX_PMKID_CACHE
) {
1983 ASSERT(prAisSpecBssInfo
->u4PmkidCacheCount
<= CFG_MAX_PMKID_CACHE
);
1985 /* Search for desired BSSID */
1986 for (i
= 0; i
< prAisSpecBssInfo
->u4PmkidCacheCount
; i
++) {
1987 if (!kalMemCmp(prAisSpecBssInfo
->arPmkidCache
[i
].rBssidInfo
.arBSSID
, pucBssid
,
1993 /* If desired BSSID is found, then set the PMKID */
1994 if (i
< prAisSpecBssInfo
->u4PmkidCacheCount
) {
2001 } /* rsnSearchPmkidEntry */
2004 /*----------------------------------------------------------------------------*/
2006 * \brief This routine is called to check if there is difference
2007 * between PMKID candicate list and PMKID cache. If there
2008 * is new candicate that no cache entry is available, then
2009 * add a new entry for the new candicate in the PMKID cache
2010 * and set the PMKID indication flag to TRUE.
2012 * \retval TRUE, if new member in the PMKID candicate list
2013 * \retval FALSe, if no new member in the PMKID candicate list
2015 /*----------------------------------------------------------------------------*/
2016 BOOLEAN
rsnCheckPmkidCandicate(IN P_ADAPTER_T prAdapter
)
2018 P_AIS_SPECIFIC_BSS_INFO_T prAisSpecBssInfo
;
2019 UINT_32 i
; /* Index for PMKID candicate */
2020 UINT_32 j
; /* Indix for PMKID cache */
2021 BOOLEAN status
= FALSE
;
2023 DEBUGFUNC("rsnCheckPmkidCandicate");
2025 prAisSpecBssInfo
= &prAdapter
->rWifiVar
.rAisSpecificBssInfo
;
2027 /* Check for each candicate */
2028 for (i
= 0; i
< prAisSpecBssInfo
->u4PmkidCandicateCount
; i
++) {
2029 for (j
= 0; j
< prAisSpecBssInfo
->u4PmkidCacheCount
; j
++) {
2030 if (!kalMemCmp(prAisSpecBssInfo
->arPmkidCache
[j
].rBssidInfo
.arBSSID
,
2031 prAisSpecBssInfo
->arPmkidCandicate
[i
].aucBssid
,
2033 /* DBGLOG(RSN, TRACE, (MACSTR" at PMKID cache!!\n", MAC2STR(prAisSpecBssInfo->arPmkidCandicate[i].aucBssid))); */
2038 /* No entry found in PMKID cache for the candicate, add new one */
2039 if (j
== prAisSpecBssInfo
->u4PmkidCacheCount
2040 && prAisSpecBssInfo
->u4PmkidCacheCount
< CFG_MAX_PMKID_CACHE
) {
2042 ("Add " MACSTR
" to PMKID cache!!\n",
2043 MAC2STR(prAisSpecBssInfo
->arPmkidCandicate
[i
].aucBssid
)));
2044 kalMemCopy((PVOID
) prAisSpecBssInfo
->
2045 arPmkidCache
[prAisSpecBssInfo
->u4PmkidCacheCount
].rBssidInfo
.
2046 arBSSID
, (PVOID
) prAisSpecBssInfo
->arPmkidCandicate
[i
].aucBssid
,
2048 prAisSpecBssInfo
->arPmkidCache
[prAisSpecBssInfo
->u4PmkidCacheCount
].
2049 fgPmkidExist
= FALSE
;
2050 prAisSpecBssInfo
->u4PmkidCacheCount
++;
2057 } /* rsnCheckPmkidCandicate */
2060 /*----------------------------------------------------------------------------*/
2062 * \brief This function is called to wait a duration to indicate the pre-auth AP candicate
2066 /*----------------------------------------------------------------------------*/
2067 VOID
rsnIndicatePmkidCand(IN P_ADAPTER_T prAdapter
, IN ULONG ulParamPtr
)
2069 DBGLOG(RSN
, EVENT
, ("Security - Time to indicate the PMKID cand.\n"));
2071 /* If the authentication mode is WPA2 and indication PMKID flag
2072 is available, then we indicate the PMKID candidate list to NDIS and
2073 clear the flag, indicatePMKID */
2075 if (prAdapter
->prAisBssInfo
->eConnectionState
== PARAM_MEDIA_STATE_CONNECTED
&&
2076 prAdapter
->rWifiVar
.rConnSettings
.eAuthMode
== AUTH_MODE_WPA2
) {
2077 rsnGeneratePmkidIndication(prAdapter
);
2081 } /* end of rsnIndicatePmkidCand() */
2084 /*----------------------------------------------------------------------------*/
2086 * \brief This routine is called to check the BSS Desc at scan result
2087 * with pre-auth cap at wpa2 mode. If there
2088 * is candicate that no cache entry is available, then
2089 * add a new entry for the new candicate in the PMKID cache
2090 * and set the PMKID indication flag to TRUE.
2092 * \param[in] prBss The BSS Desc at scan result
2096 /*----------------------------------------------------------------------------*/
2097 VOID
rsnCheckPmkidCache(IN P_ADAPTER_T prAdapter
, IN P_BSS_DESC_T prBss
)
2099 P_BSS_INFO_T prAisBssInfo
;
2100 P_AIS_SPECIFIC_BSS_INFO_T prAisSpecBssInfo
;
2101 P_CONNECTION_SETTINGS_T prConnSettings
;
2103 DEBUGFUNC("rsnCheckPmkidCandicate");
2107 prConnSettings
= &prAdapter
->rWifiVar
.rConnSettings
;
2108 prAisBssInfo
= prAdapter
->prAisBssInfo
;
2109 prAisSpecBssInfo
= &prAdapter
->rWifiVar
.rAisSpecificBssInfo
;
2111 if ((prAisBssInfo
->eConnectionState
== PARAM_MEDIA_STATE_CONNECTED
) &&
2112 (prConnSettings
->eAuthMode
== AUTH_MODE_WPA2
)) {
2113 rsnSelectPmkidCandidateList(prAdapter
, prBss
);
2115 /* Set indication flag of PMKID to TRUE, and then connHandleNetworkConnection()
2116 will indicate this later */
2117 if (rsnCheckPmkidCandicate(prAdapter
)) {
2119 ("Prepare a timer to indicate candidate PMKID Candidate\n"));
2120 cnmTimerStopTimer(prAdapter
, &prAisSpecBssInfo
->rPreauthenticationTimer
);
2121 cnmTimerStartTimer(prAdapter
, &prAisSpecBssInfo
->rPreauthenticationTimer
,
2122 SEC_TO_MSEC(WAIT_TIME_IND_PMKID_CANDICATE_SEC
));
2128 /*----------------------------------------------------------------------------*/
2130 * \brief This routine is called to generate an PMKID candidate list
2131 * indication to NDIS.
2133 * \param[in] prAdapter Pointer to the adapter object data area.
2134 * \param[in] u4Flags PMKID candidate list event:
2135 * PARAM_PMKID_CANDIDATE_PREAUTH_ENABLED 0x01
2139 /*----------------------------------------------------------------------------*/
2140 VOID
rsnGeneratePmkidIndication(IN P_ADAPTER_T prAdapter
)
2142 P_PARAM_STATUS_INDICATION_T prStatusEvent
;
2143 P_PARAM_PMKID_CANDIDATE_LIST_T prPmkidEvent
;
2144 P_AIS_SPECIFIC_BSS_INFO_T prAisSpecificBssInfo
;
2145 UINT_8 i
, j
= 0, count
= 0;
2146 UINT_32 u4LenOfUsedBuffer
;
2148 DEBUGFUNC("rsnGeneratePmkidIndication");
2152 prStatusEvent
= (P_PARAM_STATUS_INDICATION_T
) prAdapter
->aucIndicationEventBuffer
;
2154 /* Status type: PMKID Candidatelist Event */
2155 prStatusEvent
->eStatusType
= ENUM_STATUS_TYPE_CANDIDATE_LIST
;
2156 ASSERT(prStatusEvent
);
2158 prPmkidEvent
= (P_PARAM_PMKID_CANDIDATE_LIST_T
) (&prStatusEvent
->eStatusType
+ 1);
2159 ASSERT(prPmkidEvent
);
2161 prAisSpecificBssInfo
= &prAdapter
->rWifiVar
.rAisSpecificBssInfo
;
2162 ASSERT(prAisSpecificBssInfo
);
2164 for (i
= 0; i
< prAisSpecificBssInfo
->u4PmkidCandicateCount
; i
++) {
2165 for (j
= 0; j
< prAisSpecificBssInfo
->u4PmkidCacheCount
; j
++) {
2166 if (EQUAL_MAC_ADDR(prAisSpecificBssInfo
->arPmkidCache
[j
].rBssidInfo
.arBSSID
,
2167 prAisSpecificBssInfo
->arPmkidCandicate
[i
].aucBssid
) &&
2168 (prAisSpecificBssInfo
->arPmkidCache
[j
].fgPmkidExist
== TRUE
)) {
2172 if (count
>= CFG_MAX_PMKID_CACHE
) {
2176 if (j
== prAisSpecificBssInfo
->u4PmkidCacheCount
) {
2177 kalMemCopy((PVOID
) prPmkidEvent
->arCandidateList
[count
].arBSSID
,
2178 (PVOID
) prAisSpecificBssInfo
->arPmkidCandicate
[i
].aucBssid
,
2179 PARAM_MAC_ADDR_LEN
);
2180 prPmkidEvent
->arCandidateList
[count
].u4Flags
=
2181 prAisSpecificBssInfo
->arPmkidCandicate
[i
].u4PreAuthFlags
;
2184 MAC2STR(prPmkidEvent
->arCandidateList
[count
].arBSSID
),
2185 prPmkidEvent
->arCandidateList
[count
].u4Flags
));
2190 /* PMKID Candidate List */
2191 prPmkidEvent
->u4Version
= 1;
2192 prPmkidEvent
->u4NumCandidates
= count
;
2193 DBGLOG(RSN
, TRACE
, ("rsnGeneratePmkidIndication #%lu\n", prPmkidEvent
->u4NumCandidates
));
2194 u4LenOfUsedBuffer
= sizeof(ENUM_STATUS_TYPE_T
) + (2 * sizeof(UINT_32
)) +
2195 (count
* sizeof(PARAM_PMKID_CANDIDATE_T
));
2196 /* dumpMemory8((PUINT_8)prAdapter->aucIndicationEventBuffer, u4LenOfUsedBuffer); */
2198 kalIndicateStatusAndComplete(prAdapter
->prGlueInfo
,
2199 WLAN_STATUS_MEDIA_SPECIFIC_INDICATION
,
2200 (PVOID
) prAdapter
->aucIndicationEventBuffer
,
2203 } /* rsnGeneratePmkidIndication */
2205 #if CFG_SUPPORT_WPS2
2206 /*----------------------------------------------------------------------------*/
2209 * \brief This routine is called to generate WSC IE for
2210 * associate request frame.
2212 * \param[in] prCurrentBss The Selected BSS description
2214 * \retval The append WSC IE length
2217 * Called by: AIS module, Associate request
2219 /*----------------------------------------------------------------------------*/
2220 VOID
rsnGenerateWSCIE(IN P_ADAPTER_T prAdapter
, IN P_MSDU_INFO_T prMsduInfo
)
2227 if (prMsduInfo
->ucBssIndex
!= prAdapter
->prAisBssInfo
->ucBssIndex
)
2230 pucBuffer
= (PUINT_8
) ((ULONG
) prMsduInfo
->prPacket
+
2231 (ULONG
) prMsduInfo
->u2FrameLength
);
2233 /* ASSOC INFO IE ID: 221 :0xDD */
2234 if (prAdapter
->prGlueInfo
->u2WSCAssocInfoIELen
) {
2235 kalMemCopy(pucBuffer
, &prAdapter
->prGlueInfo
->aucWSCAssocInfoIE
,
2236 prAdapter
->prGlueInfo
->u2WSCAssocInfoIELen
);
2237 prMsduInfo
->u2FrameLength
+= prAdapter
->prGlueInfo
->u2WSCAssocInfoIELen
;
2244 #if CFG_SUPPORT_802_11W
2246 /*----------------------------------------------------------------------------*/
2248 * \brief to check if the Bip Key installed or not
2257 /*----------------------------------------------------------------------------*/
2258 UINT_32
rsnCheckBipKeyInstalled(IN P_ADAPTER_T prAdapter
, IN P_STA_RECORD_T prStaRec
)
2261 && GET_BSS_INFO_BY_INDEX(prAdapter
,
2262 prStaRec
->ucBssIndex
)->eNetworkType
==
2263 (UINT_8
) NETWORK_TYPE_AIS
)
2264 return prAdapter
->rWifiVar
.rAisSpecificBssInfo
.fgBipKeyInstalled
;
2269 /*----------------------------------------------------------------------------*/
2272 * \brief This routine is called to check the Sa query timeout.
2276 * Called by: AIS module, Handle by Sa Quert timeout
2278 /*----------------------------------------------------------------------------*/
2279 UINT_8
rsnCheckSaQueryTimeout(IN P_ADAPTER_T prAdapter
)
2281 P_AIS_SPECIFIC_BSS_INFO_T prBssSpecInfo
;
2284 prBssSpecInfo
= &prAdapter
->rWifiVar
.rAisSpecificBssInfo
;
2285 ASSERT(prBssSpecInfo
);
2287 GET_CURRENT_SYSTIME(&now
);
2289 if (CHECK_FOR_TIMEOUT(now
, prBssSpecInfo
->u4SaQueryStart
, TU_TO_MSEC(1000))) {
2290 DBGLOG(RSN
, INFO
, ("association SA Query timed out\n"));
2292 prBssSpecInfo
->ucSaQueryTimedOut
= 1;
2293 kalMemFree(prBssSpecInfo
->pucSaQueryTransId
, VIR_MEM_TYPE
,
2294 prBssSpecInfo
->u4SaQueryCount
* ACTION_SA_QUERY_TR_ID_LEN
);
2295 prBssSpecInfo
->pucSaQueryTransId
= NULL
;
2296 prBssSpecInfo
->u4SaQueryCount
= 0;
2297 cnmTimerStopTimer(prAdapter
, &prBssSpecInfo
->rSaQueryTimer
);
2299 if (prAdapter
->prAisBssInfo
->eConnectionState
==
2300 PARAM_MEDIA_STATE_CONNECTED
/* STA_STATE_3 == prStaRec->ucStaState */) {
2301 P_MSG_AIS_ABORT_T prAisAbortMsg
;
2304 (P_MSG_AIS_ABORT_T
) cnmMemAlloc(prAdapter
, RAM_TYPE_MSG
,
2305 sizeof(MSG_AIS_ABORT_T
));
2306 if (!prAisAbortMsg
) {
2309 prAisAbortMsg
->rMsgHdr
.eMsgId
= MID_SAA_AIS_FSM_ABORT
;
2310 prAisAbortMsg
->ucReasonOfDisconnect
= DISCONNECT_REASON_CODE_DISASSOCIATED
;
2311 prAisAbortMsg
->fgDelayIndication
= FALSE
;
2313 mboxSendMsg(prAdapter
,
2314 MBOX_ID_0
, (P_MSG_HDR_T
) prAisAbortMsg
, MSG_SEND_METHOD_BUF
);
2318 kalIndicateStatusAndComplete(prAdapter
->prGlueInfo
,
2319 WLAN_STATUS_MEDIA_DISCONNECT
, NULL
, 0);
2327 /*----------------------------------------------------------------------------*/
2330 * \brief This routine is called to start the 802.11w sa query timer.
2334 * Called by: AIS module, Handle Rx mgmt request
2336 /*----------------------------------------------------------------------------*/
2337 void rsnStartSaQueryTimer(IN P_ADAPTER_T prAdapter
, IN ULONG ulParamPtr
)
2339 P_BSS_INFO_T prBssInfo
;
2340 P_AIS_SPECIFIC_BSS_INFO_T prBssSpecInfo
;
2341 P_MSDU_INFO_T prMsduInfo
;
2342 P_ACTION_SA_QUERY_FRAME prTxFrame
;
2343 UINT_16 u2PayloadLen
;
2344 PUINT_8 pucTmp
= NULL
;
2345 UINT_8 ucTransId
[ACTION_SA_QUERY_TR_ID_LEN
];
2347 prBssInfo
= prAdapter
->prAisBssInfo
;
2350 prBssSpecInfo
= &prAdapter
->rWifiVar
.rAisSpecificBssInfo
;
2351 ASSERT(prBssSpecInfo
);
2353 DBGLOG(RSN
, INFO
, ("MFP: Start Sa Query\n"));
2355 if (prBssInfo
->prStaRecOfAP
== NULL
) {
2356 DBGLOG(RSN
, INFO
, ("MFP: unassociated AP!\n"));
2360 if (prBssSpecInfo
->u4SaQueryCount
> 0 && rsnCheckSaQueryTimeout(prAdapter
)) {
2362 ("MFP: u4SaQueryCount count =%lu\n", prBssSpecInfo
->u4SaQueryCount
));
2366 prMsduInfo
= (P_MSDU_INFO_T
) cnmMgtPktAlloc(prAdapter
,
2367 MAC_TX_RESERVED_FIELD
+ PUBLIC_ACTION_MAX_LEN
);
2372 prTxFrame
= (P_ACTION_SA_QUERY_FRAME
)
2373 ((ULONG
) (prMsduInfo
->prPacket
) + MAC_TX_RESERVED_FIELD
);
2375 prTxFrame
->u2FrameCtrl
= MAC_FRAME_ACTION
;
2376 if (rsnCheckBipKeyInstalled(prAdapter
, prBssInfo
->prStaRecOfAP
)) {
2377 prTxFrame
->u2FrameCtrl
|= MASK_FC_PROTECTED_FRAME
;
2379 COPY_MAC_ADDR(prTxFrame
->aucDestAddr
, prBssInfo
->aucBSSID
);
2380 COPY_MAC_ADDR(prTxFrame
->aucSrcAddr
, prBssInfo
->aucOwnMacAddr
);
2381 COPY_MAC_ADDR(prTxFrame
->aucBSSID
, prBssInfo
->aucBSSID
);
2383 prTxFrame
->ucCategory
= CATEGORY_SA_QUERY_ACTION
;
2384 prTxFrame
->ucAction
= ACTION_SA_QUERY_REQUEST
;
2386 if (prBssSpecInfo
->u4SaQueryCount
== 0) {
2387 GET_CURRENT_SYSTIME(&prBssSpecInfo
->u4SaQueryStart
);
2390 if (prBssSpecInfo
->u4SaQueryCount
) {
2392 kalMemAlloc(prBssSpecInfo
->u4SaQueryCount
* ACTION_SA_QUERY_TR_ID_LEN
,
2396 ("MFP: Fail to alloc tmp buffer for backup sa query id\n"));
2399 kalMemCopy(pucTmp
, prBssSpecInfo
->pucSaQueryTransId
,
2400 prBssSpecInfo
->u4SaQueryCount
* ACTION_SA_QUERY_TR_ID_LEN
);
2403 kalMemFree(prBssSpecInfo
->pucSaQueryTransId
, VIR_MEM_TYPE
,
2404 prBssSpecInfo
->u4SaQueryCount
* ACTION_SA_QUERY_TR_ID_LEN
);
2406 ucTransId
[0] = (UINT_8
) (kalRandomNumber() & 0xFF);
2407 ucTransId
[1] = (UINT_8
) (kalRandomNumber() & 0xFF);
2409 kalMemCopy(prTxFrame
->ucTransId
, ucTransId
, ACTION_SA_QUERY_TR_ID_LEN
);
2411 prBssSpecInfo
->u4SaQueryCount
++;
2413 prBssSpecInfo
->pucSaQueryTransId
=
2414 kalMemAlloc(prBssSpecInfo
->u4SaQueryCount
* ACTION_SA_QUERY_TR_ID_LEN
, VIR_MEM_TYPE
);
2415 if (!prBssSpecInfo
->pucSaQueryTransId
) {
2416 kalMemFree(pucTmp
, VIR_MEM_TYPE
,
2417 (prBssSpecInfo
->u4SaQueryCount
- 1) * ACTION_SA_QUERY_TR_ID_LEN
);
2418 DBGLOG(RSN
, INFO
, ("MFP: Fail to alloc buffer for sa query id list\n"));
2423 kalMemCopy(prBssSpecInfo
->pucSaQueryTransId
, pucTmp
,
2424 (prBssSpecInfo
->u4SaQueryCount
- 1) * ACTION_SA_QUERY_TR_ID_LEN
);
2425 kalMemCopy(&prBssSpecInfo
->
2426 pucSaQueryTransId
[(prBssSpecInfo
->u4SaQueryCount
-
2427 1) * ACTION_SA_QUERY_TR_ID_LEN
], ucTransId
,
2428 ACTION_SA_QUERY_TR_ID_LEN
);
2429 kalMemFree(pucTmp
, VIR_MEM_TYPE
,
2430 (prBssSpecInfo
->u4SaQueryCount
- 1) * ACTION_SA_QUERY_TR_ID_LEN
);
2432 kalMemCopy(prBssSpecInfo
->pucSaQueryTransId
, ucTransId
, ACTION_SA_QUERY_TR_ID_LEN
);
2435 u2PayloadLen
= 2 + ACTION_SA_QUERY_TR_ID_LEN
;
2437 /* 4 <3> Update information of MSDU_INFO_T */
2438 TX_SET_MMPDU(prAdapter
,
2440 prBssInfo
->prStaRecOfAP
->ucBssIndex
,
2441 prBssInfo
->prStaRecOfAP
->ucIndex
,
2442 WLAN_MAC_MGMT_HEADER_LEN
,
2443 WLAN_MAC_MGMT_HEADER_LEN
+ u2PayloadLen
, NULL
, MSDU_RATE_MODE_AUTO
);
2445 if (rsnCheckBipKeyInstalled(prAdapter
, prBssInfo
->prStaRecOfAP
)) {
2446 DBGLOG(RSN
, INFO
, ("Set MSDU_OPT_PROTECTED_FRAME\n"));
2447 nicTxConfigPktOption(prMsduInfo
, MSDU_OPT_PROTECTED_FRAME
, TRUE
);
2449 /* 4 Enqueue the frame to send this action frame. */
2450 nicTxEnqueueMsdu(prAdapter
, prMsduInfo
);
2452 DBGLOG(RSN
, INFO
, ("Set SA Query timer %lu (%d Tu)\n", prBssSpecInfo
->u4SaQueryCount
, 201));
2454 cnmTimerStartTimer(prAdapter
, &prBssSpecInfo
->rSaQueryTimer
, TU_TO_MSEC(201));
2459 /*----------------------------------------------------------------------------*/
2462 * \brief This routine is called to start the 802.11w sa query.
2466 * Called by: AIS module, Handle Rx mgmt request
2468 /*----------------------------------------------------------------------------*/
2469 void rsnStartSaQuery(IN P_ADAPTER_T prAdapter
)
2471 P_AIS_SPECIFIC_BSS_INFO_T prBssSpecInfo
;
2473 prBssSpecInfo
= &prAdapter
->rWifiVar
.rAisSpecificBssInfo
;
2474 ASSERT(prBssSpecInfo
);
2476 if (prBssSpecInfo
->u4SaQueryCount
== 0)
2477 rsnStartSaQueryTimer(prAdapter
, (ULONG
)NULL
);
2481 /*----------------------------------------------------------------------------*/
2484 * \brief This routine is called to stop the 802.11w sa query.
2488 * Called by: AIS module, Handle Rx mgmt request
2490 /*----------------------------------------------------------------------------*/
2491 void rsnStopSaQuery(IN P_ADAPTER_T prAdapter
)
2493 P_AIS_SPECIFIC_BSS_INFO_T prBssSpecInfo
;
2495 prBssSpecInfo
= &prAdapter
->rWifiVar
.rAisSpecificBssInfo
;
2496 ASSERT(prBssSpecInfo
);
2498 cnmTimerStopTimer(prAdapter
, &prBssSpecInfo
->rSaQueryTimer
);
2499 kalMemFree(prBssSpecInfo
->pucSaQueryTransId
, VIR_MEM_TYPE
,
2500 prBssSpecInfo
->u4SaQueryCount
* ACTION_SA_QUERY_TR_ID_LEN
);
2501 prBssSpecInfo
->pucSaQueryTransId
= NULL
;
2502 prBssSpecInfo
->u4SaQueryCount
= 0;
2505 /*----------------------------------------------------------------------------*/
2508 * \brief This routine is called to process the 802.11w sa query action frame.
2512 * Called by: AIS module, Handle Rx mgmt request
2514 /*----------------------------------------------------------------------------*/
2515 void rsnSaQueryRequest(IN P_ADAPTER_T prAdapter
, IN P_SW_RFB_T prSwRfb
)
2517 P_BSS_INFO_T prBssInfo
;
2518 P_MSDU_INFO_T prMsduInfo
;
2519 P_ACTION_SA_QUERY_FRAME prRxFrame
= NULL
;
2520 UINT_16 u2PayloadLen
;
2521 P_STA_RECORD_T prStaRec
;
2522 P_ACTION_SA_QUERY_FRAME prTxFrame
;
2524 prBssInfo
= prAdapter
->prAisBssInfo
;
2531 prRxFrame
= (P_ACTION_SA_QUERY_FRAME
) prSwRfb
->pvHeader
;
2535 prStaRec
= cnmGetStaRecByIndex(prAdapter
, prSwRfb
->ucStaRecIdx
);
2536 if (!prStaRec
) { /* Todo:: for not AIS check */
2540 DBGLOG(RSN
, INFO
, ("IEEE 802.11: Received SA Query Request from "
2541 MACSTR
"\n", MAC2STR(prStaRec
->aucMacAddr
)));
2543 DBGLOG_MEM8(RSN
, INFO
, prRxFrame
->ucTransId
, ACTION_SA_QUERY_TR_ID_LEN
);
2545 if (kalGetMediaStateIndicated(prAdapter
->prGlueInfo
) == PARAM_MEDIA_STATE_DISCONNECTED
) {
2546 DBGLOG(RSN
, INFO
, ("IEEE 802.11: Ignore SA Query Request "
2547 "from unassociated STA " MACSTR
"\n",
2548 MAC2STR(prStaRec
->aucMacAddr
)));
2552 DBGLOG(RSN
, INFO
, ("IEEE 802.11: Sending SA Query Response to "
2553 MACSTR
"\n", MAC2STR(prStaRec
->aucMacAddr
)));
2555 prMsduInfo
= (P_MSDU_INFO_T
) cnmMgtPktAlloc(prAdapter
,
2556 MAC_TX_RESERVED_FIELD
+ PUBLIC_ACTION_MAX_LEN
);
2561 prTxFrame
= (P_ACTION_SA_QUERY_FRAME
)
2562 ((ULONG
) (prMsduInfo
->prPacket
) + MAC_TX_RESERVED_FIELD
);
2564 prTxFrame
->u2FrameCtrl
= MAC_FRAME_ACTION
;
2565 if (rsnCheckBipKeyInstalled(prAdapter
, prBssInfo
->prStaRecOfAP
)) {
2566 prTxFrame
->u2FrameCtrl
|= MASK_FC_PROTECTED_FRAME
;
2568 COPY_MAC_ADDR(prTxFrame
->aucDestAddr
, prBssInfo
->aucBSSID
);
2569 COPY_MAC_ADDR(prTxFrame
->aucSrcAddr
, prBssInfo
->aucOwnMacAddr
);
2570 COPY_MAC_ADDR(prTxFrame
->aucBSSID
, prBssInfo
->aucBSSID
);
2572 prTxFrame
->ucCategory
= CATEGORY_SA_QUERY_ACTION
;
2573 prTxFrame
->ucAction
= ACTION_SA_QUERY_RESPONSE
;
2575 kalMemCopy(prTxFrame
->ucTransId
, prRxFrame
->ucTransId
, ACTION_SA_QUERY_TR_ID_LEN
);
2577 u2PayloadLen
= 2 + ACTION_SA_QUERY_TR_ID_LEN
;
2579 /* 4 <3> Update information of MSDU_INFO_T */
2580 TX_SET_MMPDU(prAdapter
,
2582 prBssInfo
->prStaRecOfAP
->ucBssIndex
,
2583 prBssInfo
->prStaRecOfAP
->ucIndex
,
2584 WLAN_MAC_MGMT_HEADER_LEN
,
2585 WLAN_MAC_MGMT_HEADER_LEN
+ u2PayloadLen
, NULL
, MSDU_RATE_MODE_AUTO
);
2587 if (rsnCheckBipKeyInstalled(prAdapter
, prBssInfo
->prStaRecOfAP
)) {
2588 DBGLOG(RSN
, INFO
, ("Set MSDU_OPT_PROTECTED_FRAME\n"));
2589 nicTxConfigPktOption(prMsduInfo
, MSDU_OPT_PROTECTED_FRAME
, TRUE
);
2592 /* 4 Update information of MSDU_INFO_T */
2593 prMsduInfo
->ucPacketType
= HIF_TX_PACKET_TYPE_MGMT
; /* Management frame */
2594 prMsduInfo
->ucStaRecIndex
= prBssInfo
->prStaRecOfAP
->ucIndex
;
2595 prMsduInfo
->ucNetworkType
= prBssInfo
->ucNetTypeIndex
;
2596 prMsduInfo
->ucMacHeaderLength
= WLAN_MAC_MGMT_HEADER_LEN
;
2597 prMsduInfo
->fgIs802_1x
= FALSE
;
2598 prMsduInfo
->fgIs802_11
= TRUE
;
2599 prMsduInfo
->u2FrameLength
= WLAN_MAC_MGMT_HEADER_LEN
+ u2PayloadLen
;
2600 prMsduInfo
->ucPID
= nicAssignPID(prAdapter
);
2601 prMsduInfo
->pfTxDoneHandler
= NULL
;
2602 prMsduInfo
->fgIsBasicRate
= FALSE
;
2604 /* 4 Enqueue the frame to send this action frame. */
2605 nicTxEnqueueMsdu(prAdapter
, prMsduInfo
);
2610 /*----------------------------------------------------------------------------*/
2613 * \brief This routine is called to process the 802.11w sa query action frame.
2617 * Called by: AIS module, Handle Rx mgmt request
2619 /*----------------------------------------------------------------------------*/
2620 void rsnSaQueryAction(IN P_ADAPTER_T prAdapter
, IN P_SW_RFB_T prSwRfb
)
2622 P_AIS_SPECIFIC_BSS_INFO_T prBssSpecInfo
;
2623 P_ACTION_SA_QUERY_FRAME prRxFrame
;
2624 P_STA_RECORD_T prStaRec
;
2627 prBssSpecInfo
= &prAdapter
->rWifiVar
.rAisSpecificBssInfo
;
2628 ASSERT(prBssSpecInfo
);
2630 prRxFrame
= (P_ACTION_SA_QUERY_FRAME
) prSwRfb
->pvHeader
;
2631 prStaRec
= cnmGetStaRecByIndex(prAdapter
, prSwRfb
->ucStaRecIdx
);
2633 if (prSwRfb
->u2PacketLen
< ACTION_SA_QUERY_TR_ID_LEN
) {
2634 DBGLOG(RSN
, INFO
, ("IEEE 802.11: Too short SA Query Action "
2635 "frame (len=%lu)\n", (unsigned long)prSwRfb
->u2PacketLen
));
2639 if (prRxFrame
->ucAction
== ACTION_SA_QUERY_REQUEST
) {
2640 rsnSaQueryRequest(prAdapter
, prSwRfb
);
2644 if (prRxFrame
->ucAction
!= ACTION_SA_QUERY_RESPONSE
) {
2645 DBGLOG(RSN
, INFO
, ("IEEE 802.11: Unexpected SA Query "
2646 "Action %d\n", prRxFrame
->ucAction
));
2650 DBGLOG(RSN
, INFO
, ("IEEE 802.11: Received SA Query Response from "
2651 MACSTR
"\n", MAC2STR(prStaRec
->aucMacAddr
)));
2653 DBGLOG_MEM8(RSN
, INFO
, prRxFrame
->ucTransId
, ACTION_SA_QUERY_TR_ID_LEN
);
2655 /* MLME-SAQuery.confirm */
2657 for (i
= 0; i
< prBssSpecInfo
->u4SaQueryCount
; i
++) {
2658 if (kalMemCmp(prBssSpecInfo
->pucSaQueryTransId
+
2659 i
* ACTION_SA_QUERY_TR_ID_LEN
,
2660 prRxFrame
->ucTransId
, ACTION_SA_QUERY_TR_ID_LEN
) == 0)
2664 if (i
>= prBssSpecInfo
->u4SaQueryCount
) {
2665 DBGLOG(RSN
, INFO
, ("IEEE 802.11: No matching SA Query "
2666 "transaction identifier found\n"));
2670 DBGLOG(RSN
, INFO
, ("Reply to pending SA Query received\n"));
2672 rsnStopSaQuery(prAdapter
);
2677 #define WPS_DEV_OUI_WFA 0x0050f204
2678 #define ATTR_RESPONSE_TYPE 0x103b
2680 #define ATTR_VERSION 0x104a
2681 #define ATTR_VENDOR_EXT 0x1049
2682 #define WPS_VENDOR_ID_WFA 14122
2684 VOID
rsnGenerateWSCIEForAssocRsp(P_ADAPTER_T prAdapter
, P_MSDU_INFO_T prMsduInfo
)
2688 P_WIFI_VAR_T prWifiVar
= NULL
;
2692 ASSERT(IS_NET_ACTIVE(prAdapter
, prMsduInfo
->ucBssIndex
));
2694 prWifiVar
= &(prAdapter
->rWifiVar
);
2697 if (!prWifiVar
->ucApWpsMode
) /* Todo::Only at WPS certification ? */
2700 DBGLOG(RSN
, TRACE
, ("WPS: Building WPS IE for (Re)Association Response"));
2702 PucIE
= (P_IE_HDR_T
) (((PUINT_8
) prMsduInfo
->prPacket
) + prMsduInfo
->u2FrameLength
);
2704 PucIE
->ucId
= ELEM_ID_VENDOR
;
2706 puc
= PucIE
->aucInfo
;
2708 WLAN_SET_FIELD_BE32(puc
, WPS_DEV_OUI_WFA
);
2711 WLAN_SET_FIELD_BE16(puc
, ATTR_VERSION
);
2713 WLAN_SET_FIELD_BE16(puc
, 1);
2718 WLAN_SET_FIELD_BE16(puc
, ATTR_RESPONSE_TYPE
);
2720 WLAN_SET_FIELD_BE16(puc
, 1);
2725 WLAN_SET_FIELD_BE16(puc
, ATTR_VENDOR_EXT
);
2727 WLAN_SET_FIELD_BE16(puc
, 6);
2729 WLAN_SET_FIELD_BE24(puc
, 14122);
2731 *puc
= 0x00; /* Version 2 */
2735 *puc
= 0x20; /* WPS2.0 */
2738 PucIE
->ucLength
= puc
- PucIE
->aucInfo
;
2740 prMsduInfo
->u2FrameLength
+= IE_SIZE(PucIE
);