2 *************************************************************************
4 * 5F., No.36, Taiyuan St., Jhubei City,
8 * (c) Copyright 2002-2007, Ralink Technology, Inc.
10 * This program is free software; you can redistribute it and/or modify *
11 * it under the terms of the GNU General Public License as published by *
12 * the Free Software Foundation; either version 2 of the License, or *
13 * (at your option) any later version. *
15 * This program is distributed in the hope that it will be useful, *
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
18 * GNU General Public License for more details. *
20 * You should have received a copy of the GNU General Public License *
21 * along with this program; if not, write to the *
22 * Free Software Foundation, Inc., *
23 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
25 *************************************************************************
34 -------- ---------- ----------------------------------------------
35 Jan Lee 03-07-22 Initial
36 Paul Lin 03-11-28 Modify for supplicant
37 Justin P. Mattock 11/07/2010 Fix typos
39 #include "../rt_config.h"
41 void inc_byte_array(u8 * counter, int len);
44 ========================================================================
47 Process MIC error indication and record MIC error timer.
50 pAd Pointer to our adapter
51 pWpaKey Pointer to the WPA key structure
60 ========================================================================
62 void RTMPReportMicError(struct rt_rtmp_adapter *pAd, struct rt_cipher_key *pWpaKey)
65 u8 unicastKey = (pWpaKey->Type == PAIRWISE_KEY ? 1 : 0);
67 /* Record Last MIC error time and count */
68 NdisGetSystemUpTime(&Now);
69 if (pAd->StaCfg.MicErrCnt == 0) {
70 pAd->StaCfg.MicErrCnt++;
71 pAd->StaCfg.LastMicErrorTime = Now;
72 NdisZeroMemory(pAd->StaCfg.ReplayCounter, 8);
73 } else if (pAd->StaCfg.MicErrCnt == 1) {
74 if ((pAd->StaCfg.LastMicErrorTime + (60 * OS_HZ)) < Now) {
75 /* Update Last MIC error time, this did not violate two MIC errors within 60 seconds */
76 pAd->StaCfg.LastMicErrorTime = Now;
79 if (pAd->CommonCfg.bWirelessEvent)
80 RTMPSendWirelessEvent(pAd,
81 IW_COUNTER_MEASURES_EVENT_FLAG,
83 Content[BSSID_WCID].Addr,
86 pAd->StaCfg.LastMicErrorTime = Now;
87 /* Violate MIC error counts, MIC countermeasures kicks in */
88 pAd->StaCfg.MicErrCnt++;
89 /* We shall block all reception */
90 /* We shall clean all Tx ring and disassociate from AP after next EAPOL frame */
92 /* No necessary to clean all Tx ring, on RTMPHardTransmit will stop sending non-802.1X EAPOL packets */
93 /* if pAd->StaCfg.MicErrCnt greater than 2. */
95 /* RTMPRingCleanUp(pAd, QID_AC_BK); */
96 /* RTMPRingCleanUp(pAd, QID_AC_BE); */
97 /* RTMPRingCleanUp(pAd, QID_AC_VI); */
98 /* RTMPRingCleanUp(pAd, QID_AC_VO); */
99 /* RTMPRingCleanUp(pAd, QID_HCCA); */
102 /* MIC error count >= 2 */
103 /* This should not happen */
107 MLME_CNTL_STATE_MACHINE,
108 OID_802_11_MIC_FAILURE_REPORT_FRAME, 1, &unicastKey);
110 if (pAd->StaCfg.MicErrCnt == 2) {
111 RTMPSetTimer(&pAd->StaCfg.WpaDisassocAndBlockAssocTimer, 100);
115 #define LENGTH_EAP_H 4
116 /* If the received frame is EAP-Packet ,find out its EAP-Code (Request(0x01), Response(0x02), Success(0x03), Failure(0x04)). */
117 int WpaCheckEapCode(struct rt_rtmp_adapter *pAd,
118 u8 *pFrame, u16 FrameLen, u16 OffSet)
124 if (FrameLen < OffSet + LENGTH_EAPOL_H + LENGTH_EAP_H)
127 pData = pFrame + OffSet; /* skip offset bytes */
129 if (*(pData + 1) == EAPPacket) /* 802.1x header - Packet Type */
131 result = *(pData + 4); /* EAP header - Code */
137 void WpaSendMicFailureToWpaSupplicant(struct rt_rtmp_adapter *pAd, IN BOOLEAN bUnicast)
139 char custom[IW_CUSTOM_MAX] = { 0 };
141 sprintf(custom, "MLME-MICHAELMICFAILURE.indication");
143 sprintf(custom, "%s unicast", custom);
145 RtmpOSWrielessEventSend(pAd, IWEVCUSTOM, -1, NULL, (u8 *)custom,
151 void WpaMicFailureReportFrame(struct rt_rtmp_adapter *pAd, struct rt_mlme_queue_elem *Elem)
153 u8 *pOutBuffer = NULL;
155 unsigned long FrameLen = 0;
156 struct rt_eapol_packet Packet;
160 DBGPRINT(RT_DEBUG_TRACE, ("WpaMicFailureReportFrame ----->\n"));
162 bUnicast = (Elem->Msg[0] == 1 ? TRUE : FALSE);
163 pAd->Sequence = ((pAd->Sequence) + 1) & (MAX_SEQ_NUMBER);
165 /* init 802.3 header and Fill Packet */
166 MAKE_802_3_HEADER(Header802_3, pAd->CommonCfg.Bssid,
167 pAd->CurrentAddress, EAPOL);
169 NdisZeroMemory(&Packet, sizeof(Packet));
170 Packet.ProVer = EAPOL_VER;
171 Packet.ProType = EAPOLKey;
173 Packet.KeyDesc.Type = WPA1_KEY_DESC;
175 /* Request field presented */
176 Packet.KeyDesc.KeyInfo.Request = 1;
178 if (pAd->StaCfg.WepStatus == Ndis802_11Encryption3Enabled) {
179 Packet.KeyDesc.KeyInfo.KeyDescVer = 2;
182 Packet.KeyDesc.KeyInfo.KeyDescVer = 1;
185 Packet.KeyDesc.KeyInfo.KeyType = (bUnicast ? PAIRWISEKEY : GROUPKEY);
187 /* KeyMic field presented */
188 Packet.KeyDesc.KeyInfo.KeyMic = 1;
190 /* Error field presented */
191 Packet.KeyDesc.KeyInfo.Error = 1;
193 /* Update packet length after decide Key data payload */
194 SET_u16_TO_ARRARY(Packet.Body_Len, LEN_EAPOL_KEY_MSG)
195 /* Key Replay Count */
196 NdisMoveMemory(Packet.KeyDesc.ReplayCounter,
197 pAd->StaCfg.ReplayCounter, LEN_KEY_DESC_REPLAY);
198 inc_byte_array(pAd->StaCfg.ReplayCounter, 8);
200 /* Convert to little-endian format. */
201 *((u16 *) & Packet.KeyDesc.KeyInfo) =
202 cpu2le16(*((u16 *) & Packet.KeyDesc.KeyInfo));
204 MlmeAllocateMemory(pAd, (u8 **) & pOutBuffer); /* allocate memory */
205 if (pOutBuffer == NULL) {
208 /* Prepare EAPOL frame for MIC calculation */
209 /* Be careful, only EAPOL frame is counted for MIC calculation */
210 MakeOutgoingFrame(pOutBuffer, &FrameLen,
211 CONV_ARRARY_TO_u16(Packet.Body_Len) + 4, &Packet,
214 /* Prepare and Fill MIC value */
215 NdisZeroMemory(Mic, sizeof(Mic));
216 if (pAd->StaCfg.WepStatus == Ndis802_11Encryption3Enabled) { /* AES */
217 u8 digest[20] = { 0 };
218 HMAC_SHA1(pAd->StaCfg.PTK, LEN_EAP_MICK, pOutBuffer, FrameLen,
219 digest, SHA1_DIGEST_SIZE);
220 NdisMoveMemory(Mic, digest, LEN_KEY_DESC_MIC);
222 HMAC_MD5(pAd->StaCfg.PTK, LEN_EAP_MICK, pOutBuffer, FrameLen,
223 Mic, MD5_DIGEST_SIZE);
225 NdisMoveMemory(Packet.KeyDesc.KeyMic, Mic, LEN_KEY_DESC_MIC);
227 /* copy frame to Tx ring and send MIC failure report frame to authenticator */
228 RTMPToWirelessSta(pAd, &pAd->MacTab.Content[BSSID_WCID],
229 Header802_3, LENGTH_802_3,
231 CONV_ARRARY_TO_u16(Packet.Body_Len) + 4, FALSE);
233 MlmeFreeMemory(pAd, (u8 *)pOutBuffer);
235 DBGPRINT(RT_DEBUG_TRACE, ("WpaMicFailureReportFrame <-----\n"));
238 /** from wpa_supplicant
239 * inc_byte_array - Increment arbitrary length byte array by one
240 * @counter: Pointer to byte array
241 * @len: Length of the counter in bytes
243 * This function increments the last byte of the counter by one and continues
244 * rolling over to more significant bytes if the byte was incremented from
247 void inc_byte_array(u8 * counter, int len)
252 if (counter[pos] != 0)
258 void WpaDisassocApAndBlockAssoc(void *SystemSpecific1,
259 void *FunctionContext,
260 void *SystemSpecific2,
261 void *SystemSpecific3)
263 struct rt_rtmp_adapter *pAd = (struct rt_rtmp_adapter *)FunctionContext;
264 struct rt_mlme_disassoc_req DisassocReq;
266 /* disassoc from current AP first */
267 DBGPRINT(RT_DEBUG_TRACE,
268 ("RTMPReportMicError - disassociate with current AP after sending second continuous EAPOL frame\n"));
269 DisassocParmFill(pAd, &DisassocReq, pAd->CommonCfg.Bssid,
271 MlmeEnqueue(pAd, ASSOC_STATE_MACHINE, MT2_MLME_DISASSOC_REQ,
272 sizeof(struct rt_mlme_disassoc_req), &DisassocReq);
274 pAd->Mlme.CntlMachine.CurrState = CNTL_WAIT_DISASSOC;
275 pAd->StaCfg.bBlockAssoc = TRUE;
278 void WpaStaPairwiseKeySetting(struct rt_rtmp_adapter *pAd)
280 struct rt_cipher_key *pSharedKey;
281 struct rt_mac_table_entry *pEntry;
283 pEntry = &pAd->MacTab.Content[BSSID_WCID];
285 /* Pairwise key shall use key#0 */
286 pSharedKey = &pAd->SharedKey[BSS0][0];
288 NdisMoveMemory(pAd->StaCfg.PTK, pEntry->PTK, LEN_PTK);
290 /* Prepare pair-wise key information into shared key table */
291 NdisZeroMemory(pSharedKey, sizeof(struct rt_cipher_key));
292 pSharedKey->KeyLen = LEN_TKIP_EK;
293 NdisMoveMemory(pSharedKey->Key, &pAd->StaCfg.PTK[32], LEN_TKIP_EK);
294 NdisMoveMemory(pSharedKey->RxMic, &pAd->StaCfg.PTK[48],
296 NdisMoveMemory(pSharedKey->TxMic,
297 &pAd->StaCfg.PTK[48 + LEN_TKIP_RXMICK], LEN_TKIP_TXMICK);
299 /* Decide its ChiperAlg */
300 if (pAd->StaCfg.PairCipher == Ndis802_11Encryption2Enabled)
301 pSharedKey->CipherAlg = CIPHER_TKIP;
302 else if (pAd->StaCfg.PairCipher == Ndis802_11Encryption3Enabled)
303 pSharedKey->CipherAlg = CIPHER_AES;
305 pSharedKey->CipherAlg = CIPHER_NONE;
307 /* Update these related information to struct rt_mac_table_entry */
308 NdisMoveMemory(pEntry->PairwiseKey.Key, &pAd->StaCfg.PTK[32],
310 NdisMoveMemory(pEntry->PairwiseKey.RxMic, &pAd->StaCfg.PTK[48],
312 NdisMoveMemory(pEntry->PairwiseKey.TxMic,
313 &pAd->StaCfg.PTK[48 + LEN_TKIP_RXMICK], LEN_TKIP_TXMICK);
314 pEntry->PairwiseKey.CipherAlg = pSharedKey->CipherAlg;
316 /* Update pairwise key information to ASIC Shared Key Table */
317 AsicAddSharedKeyEntry(pAd,
320 pSharedKey->CipherAlg,
322 pSharedKey->TxMic, pSharedKey->RxMic);
324 /* Update ASIC WCID attribute table and IVEIV table */
325 RTMPAddWcidAttributeEntry(pAd, BSS0, 0, pSharedKey->CipherAlg, pEntry);
326 STA_PORT_SECURED(pAd);
327 pAd->IndicateMediaState = NdisMediaStateConnected;
329 DBGPRINT(RT_DEBUG_TRACE,
330 ("%s : AID(%d) port secured\n", __func__, pEntry->Aid));
334 void WpaStaGroupKeySetting(struct rt_rtmp_adapter *pAd)
336 struct rt_cipher_key *pSharedKey;
338 pSharedKey = &pAd->SharedKey[BSS0][pAd->StaCfg.DefaultKeyId];
340 /* Prepare pair-wise key information into shared key table */
341 NdisZeroMemory(pSharedKey, sizeof(struct rt_cipher_key));
342 pSharedKey->KeyLen = LEN_TKIP_EK;
343 NdisMoveMemory(pSharedKey->Key, pAd->StaCfg.GTK, LEN_TKIP_EK);
344 NdisMoveMemory(pSharedKey->RxMic, &pAd->StaCfg.GTK[16],
346 NdisMoveMemory(pSharedKey->TxMic, &pAd->StaCfg.GTK[24],
349 /* Update Shared Key CipherAlg */
350 pSharedKey->CipherAlg = CIPHER_NONE;
351 if (pAd->StaCfg.GroupCipher == Ndis802_11Encryption2Enabled)
352 pSharedKey->CipherAlg = CIPHER_TKIP;
353 else if (pAd->StaCfg.GroupCipher == Ndis802_11Encryption3Enabled)
354 pSharedKey->CipherAlg = CIPHER_AES;
355 else if (pAd->StaCfg.GroupCipher == Ndis802_11GroupWEP40Enabled)
356 pSharedKey->CipherAlg = CIPHER_WEP64;
357 else if (pAd->StaCfg.GroupCipher == Ndis802_11GroupWEP104Enabled)
358 pSharedKey->CipherAlg = CIPHER_WEP128;
360 /* Update group key information to ASIC Shared Key Table */
361 AsicAddSharedKeyEntry(pAd,
363 pAd->StaCfg.DefaultKeyId,
364 pSharedKey->CipherAlg,
366 pSharedKey->TxMic, pSharedKey->RxMic);
368 /* Update ASIC WCID attribute table and IVEIV table */
369 RTMPAddWcidAttributeEntry(pAd,
371 pAd->StaCfg.DefaultKeyId,
372 pSharedKey->CipherAlg, NULL);