1/* 2 ************************************************************************* 3 * Ralink Tech Inc. 4 * 5F., No.36, Taiyuan St., Jhubei City, 5 * Hsinchu County 302, 6 * Taiwan, R.O.C. 7 * 8 * (c) Copyright 2002-2007, Ralink Technology, Inc. 9 * 10 * This program is free software; you can redistribute it and/or modify * 11 * it under the terms of the GNU General Public License as published by * 12 * the Free Software Foundation; either version 2 of the License, or * 13 * (at your option) any later version. * 14 * * 15 * This program is distributed in the hope that it will be useful, * 16 * but WITHOUT ANY WARRANTY; without even the implied warranty of * 17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * 18 * GNU General Public License for more details. * 19 * * 20 * You should have received a copy of the GNU General Public License * 21 * along with this program; if not, write to the * 22 * Free Software Foundation, Inc., * 23 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. * 24 * * 25 ************************************************************************* 26 27 Module Name: 28 wpa.h 29 30 Abstract: 31 32 Revision History: 33 Who When What 34 -------- ---------- ---------------------------------------------- 35 Name Date Modification logs 36*/ 37 38#ifndef __WPA_H__ 39#define __WPA_H__ 40 41/* EAPOL Key descripter frame format related length */ 42#define LEN_KEY_DESC_NONCE 32 43#define LEN_KEY_DESC_IV 16 44#define LEN_KEY_DESC_RSC 8 45#define LEN_KEY_DESC_ID 8 46#define LEN_KEY_DESC_REPLAY 8 47#define LEN_KEY_DESC_MIC 16 48 49/* The length is the EAPoL-Key frame except key data field. */ 50/* Please refer to 802.11i-2004 ,Figure 43u in p.78 */ 51#define LEN_EAPOL_KEY_MSG (sizeof(struct rt_key_descripter) - MAX_LEN_OF_RSNIE) 52 53/* EAP Code Type. */ 54#define EAP_CODE_REQUEST 1 55#define EAP_CODE_RESPONSE 2 56#define EAP_CODE_SUCCESS 3 57#define EAP_CODE_FAILURE 4 58 59/* EAPOL frame Protocol Version */ 60#define EAPOL_VER 1 61#define EAPOL_VER2 2 62 63/* EAPOL-KEY Descriptor Type */ 64#define WPA1_KEY_DESC 0xfe 65#define WPA2_KEY_DESC 0x02 66 67/* Key Descriptor Version of Key Information */ 68#define DESC_TYPE_TKIP 1 69#define DESC_TYPE_AES 2 70 71#define LEN_MSG1_2WAY 0x7f 72#define MAX_LEN_OF_EAP_HS 256 73 74#define LEN_MASTER_KEY 32 75 76/* EAPOL EK, MK */ 77#define LEN_EAP_EK 16 78#define LEN_EAP_MICK 16 79#define LEN_EAP_KEY ((LEN_EAP_EK)+(LEN_EAP_MICK)) 80/* TKIP key related */ 81#define LEN_PMKID 16 82#define LEN_TKIP_EK 16 83#define LEN_TKIP_RXMICK 8 84#define LEN_TKIP_TXMICK 8 85#define LEN_AES_EK 16 86#define LEN_AES_KEY LEN_AES_EK 87#define LEN_TKIP_KEY ((LEN_TKIP_EK)+(LEN_TKIP_RXMICK)+(LEN_TKIP_TXMICK)) 88#define TKIP_AP_TXMICK_OFFSET ((LEN_EAP_KEY)+(LEN_TKIP_EK)) 89#define TKIP_AP_RXMICK_OFFSET (TKIP_AP_TXMICK_OFFSET+LEN_TKIP_TXMICK) 90#define TKIP_GTK_LENGTH ((LEN_TKIP_EK)+(LEN_TKIP_RXMICK)+(LEN_TKIP_TXMICK)) 91#define LEN_PTK ((LEN_EAP_KEY)+(LEN_TKIP_KEY)) 92#define MIN_LEN_OF_GTK 5 93#define LEN_PMK 32 94#define LEN_PMK_NAME 16 95#define LEN_NONCE 32 96 97/* RSN IE Length definition */ 98#define MAX_LEN_OF_RSNIE 255 99#define MIN_LEN_OF_RSNIE 8 100 101#define KEY_LIFETIME 3600 102 103/*EAP Packet Type */ 104#define EAPPacket 0 105#define EAPOLStart 1 106#define EAPOLLogoff 2 107#define EAPOLKey 3 108#define EAPOLASFAlert 4 109#define EAPTtypeMax 5 110 111#define EAPOL_MSG_INVALID 0 112#define EAPOL_PAIR_MSG_1 1 113#define EAPOL_PAIR_MSG_2 2 114#define EAPOL_PAIR_MSG_3 3 115#define EAPOL_PAIR_MSG_4 4 116#define EAPOL_GROUP_MSG_1 5 117#define EAPOL_GROUP_MSG_2 6 118 119#define PAIRWISEKEY 1 120#define GROUPKEY 0 121 122/* Retry timer counter initial value */ 123#define PEER_MSG1_RETRY_TIMER_CTR 0 124#define PEER_MSG3_RETRY_TIMER_CTR 10 125#define GROUP_MSG1_RETRY_TIMER_CTR 20 126 127/*#ifdef CONFIG_AP_SUPPORT */ 128/* WPA mechanism retry timer interval */ 129#define PEER_MSG1_RETRY_EXEC_INTV 1000 /* 1 sec */ 130#define PEER_MSG3_RETRY_EXEC_INTV 3000 /* 3 sec */ 131#define GROUP_KEY_UPDATE_EXEC_INTV 1000 /* 1 sec */ 132#define PEER_GROUP_KEY_UPDATE_INIV 2000 /* 2 sec */ 133 134#define ENQUEUE_EAPOL_START_TIMER 200 /* 200 ms */ 135 136/* group rekey interval */ 137#define TIME_REKEY 0 138#define PKT_REKEY 1 139#define DISABLE_REKEY 2 140#define MAX_REKEY 2 141 142#define MAX_REKEY_INTER 0x3ffffff 143/*#endif // CONFIG_AP_SUPPORT // */ 144 145#define GROUP_SUITE 0 146#define PAIRWISE_SUITE 1 147#define AKM_SUITE 2 148#define PMKID_LIST 3 149 150#define EAPOL_START_DISABLE 0 151#define EAPOL_START_PSK 1 152#define EAPOL_START_1X 2 153 154#define MIX_CIPHER_WPA_TKIP_ON(x) (((x) & 0x08) != 0) 155#define MIX_CIPHER_WPA_AES_ON(x) (((x) & 0x04) != 0) 156#define MIX_CIPHER_WPA2_TKIP_ON(x) (((x) & 0x02) != 0) 157#define MIX_CIPHER_WPA2_AES_ON(x) (((x) & 0x01) != 0) 158 159#ifndef ROUND_UP 160#define ROUND_UP(__x, __y) \ 161 (((unsigned long)((__x)+((__y)-1))) & ((unsigned long)~((__y)-1))) 162#endif 163 164#define SET_u16_TO_ARRARY(_V, _LEN) \ 165{ \ 166 _V[0] = (_LEN & 0xFF00) >> 8; \ 167 _V[1] = (_LEN & 0xFF); \ 168} 169 170#define INC_u16_TO_ARRARY(_V, _LEN) \ 171{ \ 172 u16 var_len; \ 173 \ 174 var_len = (_V[0]<<8) | (_V[1]); \ 175 var_len += _LEN; \ 176 \ 177 _V[0] = (var_len & 0xFF00) >> 8; \ 178 _V[1] = (var_len & 0xFF); \ 179} 180 181#define CONV_ARRARY_TO_u16(_V) ((_V[0]<<8) | (_V[1])) 182 183#define ADD_ONE_To_64BIT_VAR(_V) \ 184{ \ 185 u8 cnt = LEN_KEY_DESC_REPLAY; \ 186 do \ 187 { \ 188 cnt--; \ 189 _V[cnt]++; \ 190 if (cnt == 0) \ 191 break; \ 192 }while (_V[cnt] == 0); \ 193} 194 195#define IS_WPA_CAPABILITY(a) (((a) >= Ndis802_11AuthModeWPA) && ((a) <= Ndis802_11AuthModeWPA1PSKWPA2PSK)) 196 197/* EAPOL Key Information definition within Key descriptor format */ 198struct PACKED rt_key_info { 199 u8 KeyMic:1; 200 u8 Secure:1; 201 u8 Error:1; 202 u8 Request:1; 203 u8 EKD_DL:1; /* EKD for AP; DL for STA */ 204 u8 Rsvd:3; 205 u8 KeyDescVer:3; 206 u8 KeyType:1; 207 u8 KeyIndex:2; 208 u8 Install:1; 209 u8 KeyAck:1; 210}; 211 212/* EAPOL Key descriptor format */ 213struct PACKED rt_key_descripter { 214 u8 Type; 215 struct rt_key_info KeyInfo; 216 u8 KeyLength[2]; 217 u8 ReplayCounter[LEN_KEY_DESC_REPLAY]; 218 u8 KeyNonce[LEN_KEY_DESC_NONCE]; 219 u8 KeyIv[LEN_KEY_DESC_IV]; 220 u8 KeyRsc[LEN_KEY_DESC_RSC]; 221 u8 KeyId[LEN_KEY_DESC_ID]; 222 u8 KeyMic[LEN_KEY_DESC_MIC]; 223 u8 KeyDataLen[2]; 224 u8 KeyData[MAX_LEN_OF_RSNIE]; 225}; 226 227struct PACKED rt_eapol_packet { 228 u8 ProVer; 229 u8 ProType; 230 u8 Body_Len[2]; 231 struct rt_key_descripter KeyDesc; 232}; 233 234/*802.11i D10 page 83 */ 235struct PACKED rt_gtk_encap { 236 u8 Kid:2; 237 u8 tx:1; 238 u8 rsv:5; 239 u8 rsv1; 240 u8 GTK[TKIP_GTK_LENGTH]; 241}; 242 243struct PACKED rt_kde_encap { 244 u8 Type; 245 u8 Len; 246 u8 OUI[3]; 247 u8 DataType; 248 struct rt_gtk_encap GTKEncap; 249}; 250 251/* For WPA1 */ 252struct PACKED rt_rsnie { 253 u8 oui[4]; 254 u16 version; 255 u8 mcast[4]; 256 u16 ucount; 257 struct PACKED { 258 u8 oui[4]; 259 } ucast[1]; 260}; 261 262/* For WPA2 */ 263struct PACKED rt_rsnie2 { 264 u16 version; 265 u8 mcast[4]; 266 u16 ucount; 267 struct PACKED { 268 u8 oui[4]; 269 } ucast[1]; 270}; 271 272/* AKM Suite */ 273struct PACKED rt_rsnie_auth { 274 u16 acount; 275 struct PACKED { 276 u8 oui[4]; 277 } auth[1]; 278}; 279 280typedef union PACKED _RSN_CAPABILITIES { 281 struct PACKED { 282 u16 PreAuth:1; 283 u16 No_Pairwise:1; 284 u16 PTKSA_R_Counter:2; 285 u16 GTKSA_R_Counter:2; 286 u16 Rsvd:10; 287 } field; 288 u16 word; 289} RSN_CAPABILITIES, *PRSN_CAPABILITIES; 290 291struct PACKED rt_eap_hdr { 292 u8 ProVer; 293 u8 ProType; 294 u8 Body_Len[2]; 295 u8 code; 296 u8 identifier; 297 u8 length[2]; /* including code and identifier, followed by length-2 octets of data */ 298}; 299 300/* For supplicant state machine states. 802.11i Draft 4.1, p. 97 */ 301/* We simplified it */ 302typedef enum _WpaState { 303 SS_NOTUSE, /* 0 */ 304 SS_START, /* 1 */ 305 SS_WAIT_MSG_3, /* 2 */ 306 SS_WAIT_GROUP, /* 3 */ 307 SS_FINISH, /* 4 */ 308 SS_KEYUPDATE, /* 5 */ 309} WPA_STATE; 310 311/* */ 312/* The definition of the cipher combination */ 313/* */ 314/* bit3 bit2 bit1 bit0 */ 315/* +------------+------------+ */ 316/* | WPA | WPA2 | */ 317/* +------+-----+------+-----+ */ 318/* | TKIP | AES | TKIP | AES | */ 319/* | 0 | 1 | 1 | 0 | -> 0x06 */ 320/* | 0 | 1 | 1 | 1 | -> 0x07 */ 321/* | 1 | 0 | 0 | 1 | -> 0x09 */ 322/* | 1 | 0 | 1 | 1 | -> 0x0B */ 323/* | 1 | 1 | 0 | 1 | -> 0x0D */ 324/* | 1 | 1 | 1 | 0 | -> 0x0E */ 325/* | 1 | 1 | 1 | 1 | -> 0x0F */ 326/* +------+-----+------+-----+ */ 327/* */ 328typedef enum _WpaMixPairCipher { 329 MIX_CIPHER_NOTUSE = 0x00, 330 WPA_NONE_WPA2_TKIPAES = 0x03, /* WPA2-TKIPAES */ 331 WPA_AES_WPA2_TKIP = 0x06, 332 WPA_AES_WPA2_TKIPAES = 0x07, 333 WPA_TKIP_WPA2_AES = 0x09, 334 WPA_TKIP_WPA2_TKIPAES = 0x0B, 335 WPA_TKIPAES_WPA2_NONE = 0x0C, /* WPA-TKIPAES */ 336 WPA_TKIPAES_WPA2_AES = 0x0D, 337 WPA_TKIPAES_WPA2_TKIP = 0x0E, 338 WPA_TKIPAES_WPA2_TKIPAES = 0x0F, 339} WPA_MIX_PAIR_CIPHER; 340 341struct PACKED rt_rsn_ie_header { 342 u8 Eid; 343 u8 Length; 344 u16 Version; /* Little endian format */ 345}; 346 347/* Cipher suite selector types */ 348struct PACKED rt_cipher_suite_struct { 349 u8 Oui[3]; 350 u8 Type; 351}; 352 353/* Authentication and Key Management suite selector */ 354struct PACKED rt_akm_suite { 355 u8 Oui[3]; 356 u8 Type; 357}; 358 359/* RSN capability */ 360struct PACKED rt_rsn_capability { 361 u16 Rsv:10; 362 u16 GTKSAReplayCnt:2; 363 u16 PTKSAReplayCnt:2; 364 u16 NoPairwise:1; 365 u16 PreAuth:1; 366}; 367 368/*======================================== 369 The prototype is defined in cmm_wpa.c 370 ========================================*/ 371BOOLEAN WpaMsgTypeSubst(u8 EAPType, int * MsgType); 372 373void PRF(u8 * key, 374 int key_len, 375 u8 * prefix, 376 int prefix_len, 377 u8 * data, int data_len, u8 * output, int len); 378 379int PasswordHash(char *password, 380 unsigned char *ssid, int ssidlength, unsigned char *output); 381 382u8 *GetSuiteFromRSNIE(u8 *rsnie, 383 u32 rsnie_len, u8 type, u8 * count); 384 385void WpaShowAllsuite(u8 *rsnie, u32 rsnie_len); 386 387void RTMPInsertRSNIE(u8 *pFrameBuf, 388 unsigned long *pFrameLen, 389 u8 *rsnie_ptr, 390 u8 rsnie_len, 391 u8 *pmkid_ptr, u8 pmkid_len); 392 393#endif 394