diff options
Diffstat (limited to 'drivers/staging/rt2860/common/cmm_sanity.c')
-rw-r--r-- | drivers/staging/rt2860/common/cmm_sanity.c | 184 |
1 files changed, 0 insertions, 184 deletions
diff --git a/drivers/staging/rt2860/common/cmm_sanity.c b/drivers/staging/rt2860/common/cmm_sanity.c index 843e44e..85855f7f 100644 --- a/drivers/staging/rt2860/common/cmm_sanity.c +++ b/drivers/staging/rt2860/common/cmm_sanity.c @@ -1052,187 +1052,3 @@ NDIS_802_11_NETWORK_TYPE NetworkTypeInUseSanity( return NetWorkType; } - -/* - ========================================================================== - Description: - WPA message sanity check - Return: - TRUE if all parameters are OK, FALSE otherwise - ========================================================================== - */ -BOOLEAN PeerWpaMessageSanity( - IN PRTMP_ADAPTER pAd, - IN PEAPOL_PACKET pMsg, - IN ULONG MsgLen, - IN UCHAR MsgType, - IN MAC_TABLE_ENTRY *pEntry) -{ - UCHAR mic[LEN_KEY_DESC_MIC], digest[80], KEYDATA[MAX_LEN_OF_RSNIE]; - BOOLEAN bReplayDiff = FALSE; - BOOLEAN bWPA2 = FALSE; - KEY_INFO EapolKeyInfo; - UCHAR GroupKeyIndex = 0; - - - NdisZeroMemory(mic, sizeof(mic)); - NdisZeroMemory(digest, sizeof(digest)); - NdisZeroMemory(KEYDATA, sizeof(KEYDATA)); - NdisZeroMemory((PUCHAR)&EapolKeyInfo, sizeof(EapolKeyInfo)); - - NdisMoveMemory((PUCHAR)&EapolKeyInfo, (PUCHAR)&pMsg->KeyDesc.KeyInfo, sizeof(KEY_INFO)); - - *((USHORT *)&EapolKeyInfo) = cpu2le16(*((USHORT *)&EapolKeyInfo)); - - // Choose WPA2 or not - if ((pEntry->AuthMode == Ndis802_11AuthModeWPA2) || (pEntry->AuthMode == Ndis802_11AuthModeWPA2PSK)) - bWPA2 = TRUE; - - // 0. Check MsgType - if ((MsgType > EAPOL_GROUP_MSG_2) || (MsgType < EAPOL_PAIR_MSG_1)) - { - DBGPRINT(RT_DEBUG_ERROR, ("The message type is invalid(%d)! \n", MsgType)); - return FALSE; - } - - // 1. Replay counter check - if (MsgType == EAPOL_PAIR_MSG_1 || MsgType == EAPOL_PAIR_MSG_3 || MsgType == EAPOL_GROUP_MSG_1) // For supplicant - { - // First validate replay counter, only accept message with larger replay counter. - // Let equal pass, some AP start with all zero replay counter - UCHAR ZeroReplay[LEN_KEY_DESC_REPLAY]; - - NdisZeroMemory(ZeroReplay, LEN_KEY_DESC_REPLAY); - if ((RTMPCompareMemory(pMsg->KeyDesc.ReplayCounter, pEntry->R_Counter, LEN_KEY_DESC_REPLAY) != 1) && - (RTMPCompareMemory(pMsg->KeyDesc.ReplayCounter, ZeroReplay, LEN_KEY_DESC_REPLAY) != 0)) - { - bReplayDiff = TRUE; - } - } - else if (MsgType == EAPOL_PAIR_MSG_2 || MsgType == EAPOL_PAIR_MSG_4 || MsgType == EAPOL_GROUP_MSG_2) // For authenticator - { - // check Replay Counter coresponds to MSG from authenticator, otherwise discard - if (!NdisEqualMemory(pMsg->KeyDesc.ReplayCounter, pEntry->R_Counter, LEN_KEY_DESC_REPLAY)) - { - bReplayDiff = TRUE; - } - } - - // Replay Counter different condition - if (bReplayDiff) - { - // send wireless event - for replay counter different - if (pAd->CommonCfg.bWirelessEvent) - RTMPSendWirelessEvent(pAd, IW_REPLAY_COUNTER_DIFF_EVENT_FLAG, pEntry->Addr, pEntry->apidx, 0); - - if (MsgType < EAPOL_GROUP_MSG_1) - { - DBGPRINT(RT_DEBUG_ERROR, ("Replay Counter Different in pairwise msg %d of 4-way handshake!\n", MsgType)); - } - else - { - DBGPRINT(RT_DEBUG_ERROR, ("Replay Counter Different in group msg %d of 2-way handshake!\n", (MsgType - EAPOL_PAIR_MSG_4))); - } - - hex_dump("Receive replay counter ", pMsg->KeyDesc.ReplayCounter, LEN_KEY_DESC_REPLAY); - hex_dump("Current replay counter ", pEntry->R_Counter, LEN_KEY_DESC_REPLAY); - return FALSE; - } - - // 2. Verify MIC except Pairwise Msg1 - if (MsgType != EAPOL_PAIR_MSG_1) - { - UCHAR rcvd_mic[LEN_KEY_DESC_MIC]; - - // Record the received MIC for check later - NdisMoveMemory(rcvd_mic, pMsg->KeyDesc.KeyMic, LEN_KEY_DESC_MIC); - NdisZeroMemory(pMsg->KeyDesc.KeyMic, LEN_KEY_DESC_MIC); - - if (pEntry->WepStatus == Ndis802_11Encryption2Enabled) // TKIP - { - hmac_md5(pEntry->PTK, LEN_EAP_MICK, (PUCHAR)pMsg, MsgLen, mic); - } - else if (pEntry->WepStatus == Ndis802_11Encryption3Enabled) // AES - { - HMAC_SHA1((PUCHAR)pMsg, MsgLen, pEntry->PTK, LEN_EAP_MICK, digest); - NdisMoveMemory(mic, digest, LEN_KEY_DESC_MIC); - } - - if (!NdisEqualMemory(rcvd_mic, mic, LEN_KEY_DESC_MIC)) - { - // send wireless event - for MIC different - if (pAd->CommonCfg.bWirelessEvent) - RTMPSendWirelessEvent(pAd, IW_MIC_DIFF_EVENT_FLAG, pEntry->Addr, pEntry->apidx, 0); - - if (MsgType < EAPOL_GROUP_MSG_1) - { - DBGPRINT(RT_DEBUG_ERROR, ("MIC Different in pairwise msg %d of 4-way handshake!\n", MsgType)); - } - else - { - DBGPRINT(RT_DEBUG_ERROR, ("MIC Different in group msg %d of 2-way handshake!\n", (MsgType - EAPOL_PAIR_MSG_4))); - } - - hex_dump("Received MIC", rcvd_mic, LEN_KEY_DESC_MIC); - hex_dump("Desired MIC", mic, LEN_KEY_DESC_MIC); - - return FALSE; - } - } - - // Extract the context of the Key Data field if it exist - // The field in pairwise_msg_2_WPA1(WPA2) & pairwise_msg_3_WPA1 is un-encrypted. - // The field in group_msg_1_WPA1(WPA2) & pairwise_msg_3_WPA2 is encrypted. - if (pMsg->KeyDesc.KeyDataLen[1] > 0) - { - // Decrypt this field - if ((MsgType == EAPOL_PAIR_MSG_3 && bWPA2) || (MsgType == EAPOL_GROUP_MSG_1)) - { - if(pEntry->WepStatus == Ndis802_11Encryption3Enabled) - { - // AES - AES_GTK_KEY_UNWRAP(&pEntry->PTK[16], KEYDATA, pMsg->KeyDesc.KeyDataLen[1],pMsg->KeyDesc.KeyData); - } - else - { - INT i; - UCHAR Key[32]; - // Decrypt TKIP GTK - // Construct 32 bytes RC4 Key - NdisMoveMemory(Key, pMsg->KeyDesc.KeyIv, 16); - NdisMoveMemory(&Key[16], &pEntry->PTK[16], 16); - ARCFOUR_INIT(&pAd->PrivateInfo.WEPCONTEXT, Key, 32); - //discard first 256 bytes - for(i = 0; i < 256; i++) - ARCFOUR_BYTE(&pAd->PrivateInfo.WEPCONTEXT); - // Decrypt GTK. Becareful, there is no ICV to check the result is correct or not - ARCFOUR_DECRYPT(&pAd->PrivateInfo.WEPCONTEXT, KEYDATA, pMsg->KeyDesc.KeyData, pMsg->KeyDesc.KeyDataLen[1]); - } - - if (!bWPA2 && (MsgType == EAPOL_GROUP_MSG_1)) - GroupKeyIndex = EapolKeyInfo.KeyIndex; - - } - else if ((MsgType == EAPOL_PAIR_MSG_2) || (MsgType == EAPOL_PAIR_MSG_3 && !bWPA2)) - { - NdisMoveMemory(KEYDATA, pMsg->KeyDesc.KeyData, pMsg->KeyDesc.KeyDataLen[1]); - } - else - { - - return TRUE; - } - - // Parse Key Data field to - // 1. verify RSN IE for pairwise_msg_2_WPA1(WPA2) ,pairwise_msg_3_WPA1(WPA2) - // 2. verify KDE format for pairwise_msg_3_WPA2, group_msg_1_WPA2 - // 3. update shared key for pairwise_msg_3_WPA2, group_msg_1_WPA1(WPA2) - if (!RTMPParseEapolKeyData(pAd, KEYDATA, pMsg->KeyDesc.KeyDataLen[1], GroupKeyIndex, MsgType, bWPA2, pEntry)) - { - return FALSE; - } - } - - return TRUE; - -} |