Forest Bond | 5449c68 | 2009-04-25 10:30:44 -0400 | [diff] [blame] | 1 | /* |
| 2 | * Copyright (c) 1996, 2003 VIA Networking Technologies, Inc. |
| 3 | * All rights reserved. |
| 4 | * |
| 5 | * This program is free software; you can redistribute it and/or modify |
| 6 | * it under the terms of the GNU General Public License as published by |
| 7 | * the Free Software Foundation; either version 2 of the License, or |
| 8 | * (at your option) any later version. |
| 9 | * |
| 10 | * This program is distributed in the hope that it will be useful, |
| 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
| 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| 13 | * GNU General Public License for more details. |
| 14 | * |
| 15 | * You should have received a copy of the GNU General Public License along |
| 16 | * with this program; if not, write to the Free Software Foundation, Inc., |
| 17 | * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. |
| 18 | * |
| 19 | * |
| 20 | * File: wpa.c |
| 21 | * |
| 22 | * Purpose: Handles the Basic Service Set & Node Database functions |
| 23 | * |
| 24 | * Functions: |
| 25 | * WPA_ParseRSN - Parse RSN IE. |
| 26 | * |
| 27 | * Revision History: |
| 28 | * |
| 29 | * Author: Kyle Hsu |
| 30 | * |
| 31 | * Date: July 14, 2003 |
| 32 | * |
| 33 | */ |
| 34 | |
| 35 | |
| 36 | #if !defined(__TTYPE_H__) |
| 37 | #include "ttype.h" |
| 38 | #endif |
| 39 | #if !defined(__UMEM_H__) |
| 40 | #include "umem.h" |
| 41 | #endif |
| 42 | #if !defined(__TMACRO_H__) |
| 43 | #include "tmacro.h" |
| 44 | #endif |
| 45 | #if !defined(__TETHER_H__) |
| 46 | #include "tether.h" |
| 47 | #endif |
| 48 | #if !defined(__DEVICE_H__) |
| 49 | #include "device.h" |
| 50 | #endif |
| 51 | #if !defined(__80211HDR_H__) |
| 52 | #include "80211hdr.h" |
| 53 | #endif |
| 54 | #if !defined(__BSSDB_H__) |
| 55 | #include "bssdb.h" |
| 56 | #endif |
| 57 | #if !defined(__WMGR_H__) |
| 58 | #include "wmgr.h" |
| 59 | #endif |
| 60 | #if !defined(__WPA_H__) |
| 61 | #include "wpa.h" |
| 62 | #endif |
| 63 | #if !defined(__80211MGR_H__) |
| 64 | #include "80211mgr.h" |
| 65 | #endif |
| 66 | |
| 67 | |
| 68 | /*--------------------- Static Variables --------------------------*/ |
| 69 | static int msglevel =MSG_LEVEL_INFO; |
| 70 | |
| 71 | const BYTE abyOUI00[4] = { 0x00, 0x50, 0xf2, 0x00 }; |
| 72 | const BYTE abyOUI01[4] = { 0x00, 0x50, 0xf2, 0x01 }; |
| 73 | const BYTE abyOUI02[4] = { 0x00, 0x50, 0xf2, 0x02 }; |
| 74 | const BYTE abyOUI03[4] = { 0x00, 0x50, 0xf2, 0x03 }; |
| 75 | const BYTE abyOUI04[4] = { 0x00, 0x50, 0xf2, 0x04 }; |
| 76 | const BYTE abyOUI05[4] = { 0x00, 0x50, 0xf2, 0x05 }; |
| 77 | |
| 78 | |
| 79 | /*+ |
| 80 | * |
| 81 | * Description: |
| 82 | * Clear RSN information in BSSList. |
| 83 | * |
| 84 | * Parameters: |
| 85 | * In: |
| 86 | * pBSSList - BSS list. |
| 87 | * Out: |
| 88 | * none |
| 89 | * |
| 90 | * Return Value: none. |
| 91 | * |
| 92 | -*/ |
| 93 | |
| 94 | VOID |
| 95 | WPA_ClearRSN ( |
| 96 | IN PKnownBSS pBSSList |
| 97 | ) |
| 98 | { |
| 99 | int ii; |
| 100 | pBSSList->byGKType = WPA_TKIP; |
| 101 | for (ii=0; ii < 4; ii ++) |
| 102 | pBSSList->abyPKType[ii] = WPA_TKIP; |
| 103 | pBSSList->wPKCount = 0; |
| 104 | for (ii=0; ii < 4; ii ++) |
| 105 | pBSSList->abyAuthType[ii] = WPA_AUTH_IEEE802_1X; |
| 106 | pBSSList->wAuthCount = 0; |
| 107 | pBSSList->byDefaultK_as_PK = 0; |
| 108 | pBSSList->byReplayIdx = 0; |
| 109 | pBSSList->sRSNCapObj.bRSNCapExist = FALSE; |
| 110 | pBSSList->sRSNCapObj.wRSNCap = 0; |
| 111 | pBSSList->bWPAValid = FALSE; |
| 112 | } |
| 113 | |
| 114 | |
| 115 | /*+ |
| 116 | * |
| 117 | * Description: |
| 118 | * Parse RSN IE. |
| 119 | * |
| 120 | * Parameters: |
| 121 | * In: |
| 122 | * pBSSList - BSS list. |
| 123 | * pRSN - Pointer to the RSN IE. |
| 124 | * Out: |
| 125 | * none |
| 126 | * |
| 127 | * Return Value: none. |
| 128 | * |
| 129 | -*/ |
| 130 | VOID |
| 131 | WPA_ParseRSN ( |
| 132 | IN PKnownBSS pBSSList, |
| 133 | IN PWLAN_IE_RSN_EXT pRSN |
| 134 | ) |
| 135 | { |
| 136 | PWLAN_IE_RSN_AUTH pIE_RSN_Auth = NULL; |
| 137 | int i, j, m, n = 0; |
| 138 | PBYTE pbyCaps; |
| 139 | |
| 140 | WPA_ClearRSN(pBSSList); |
| 141 | |
| 142 | DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO"WPA_ParseRSN: [%d]\n", pRSN->len); |
| 143 | |
| 144 | // information element header makes sense |
| 145 | if ((pRSN->len >= 6) // oui1(4)+ver(2) |
| 146 | && (pRSN->byElementID == WLAN_EID_RSN_WPA) && MEMEqualMemory(pRSN->abyOUI, abyOUI01, 4) |
| 147 | && (pRSN->wVersion == 1)) { |
| 148 | |
| 149 | DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO"Legal RSN\n"); |
| 150 | // update each variable if pRSN is long enough to contain the variable |
| 151 | if (pRSN->len >= 10) //oui1(4)+ver(2)+GKSuite(4) |
| 152 | { |
| 153 | if (MEMEqualMemory(pRSN->abyMulticast, abyOUI01, 4)) |
| 154 | pBSSList->byGKType = WPA_WEP40; |
| 155 | else if (MEMEqualMemory(pRSN->abyMulticast, abyOUI02, 4)) |
| 156 | pBSSList->byGKType = WPA_TKIP; |
| 157 | else if (MEMEqualMemory(pRSN->abyMulticast, abyOUI03, 4)) |
| 158 | pBSSList->byGKType = WPA_AESWRAP; |
| 159 | else if (MEMEqualMemory(pRSN->abyMulticast, abyOUI04, 4)) |
| 160 | pBSSList->byGKType = WPA_AESCCMP; |
| 161 | else if (MEMEqualMemory(pRSN->abyMulticast, abyOUI05, 4)) |
| 162 | pBSSList->byGKType = WPA_WEP104; |
| 163 | else |
| 164 | // any vendor checks here |
| 165 | pBSSList->byGKType = WPA_NONE; |
| 166 | |
| 167 | DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO"byGKType: %x\n", pBSSList->byGKType); |
| 168 | } |
| 169 | |
| 170 | if (pRSN->len >= 12) //oui1(4)+ver(2)+GKS(4)+PKSCnt(2) |
| 171 | { |
| 172 | j = 0; |
| 173 | DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO"wPKCount: %d, sizeof(pBSSList->abyPKType): %d\n", pRSN->wPKCount, sizeof(pBSSList->abyPKType)); |
| 174 | for(i = 0; (i < pRSN->wPKCount) && (j < sizeof(pBSSList->abyPKType)/sizeof(BYTE)); i++) { |
| 175 | if(pRSN->len >= 12+i*4+4) { //oui1(4)+ver(2)+GKS(4)+PKSCnt(2)+PKS(4*i) |
| 176 | if (MEMEqualMemory(pRSN->PKSList[i].abyOUI, abyOUI00, 4)) |
| 177 | pBSSList->abyPKType[j++] = WPA_NONE; |
| 178 | else if (MEMEqualMemory(pRSN->PKSList[i].abyOUI, abyOUI02, 4)) |
| 179 | pBSSList->abyPKType[j++] = WPA_TKIP; |
| 180 | else if (MEMEqualMemory(pRSN->PKSList[i].abyOUI, abyOUI03, 4)) |
| 181 | pBSSList->abyPKType[j++] = WPA_AESWRAP; |
| 182 | else if (MEMEqualMemory(pRSN->PKSList[i].abyOUI, abyOUI04, 4)) |
| 183 | pBSSList->abyPKType[j++] = WPA_AESCCMP; |
| 184 | else |
| 185 | // any vendor checks here |
| 186 | ; |
| 187 | } |
| 188 | else |
| 189 | break; |
| 190 | //DBG_PRN_GRP14(("abyPKType[%d]: %X\n", j-1, pBSSList->abyPKType[j-1])); |
| 191 | } //for |
| 192 | pBSSList->wPKCount = (WORD)j; |
| 193 | DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO"wPKCount: %d\n", pBSSList->wPKCount); |
| 194 | } |
| 195 | |
| 196 | m = pRSN->wPKCount; |
| 197 | DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO"m: %d\n", m); |
| 198 | DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO"14+m*4: %d\n", 14+m*4); |
| 199 | |
| 200 | if (pRSN->len >= 14+m*4) { //oui1(4)+ver(2)+GKS(4)+PKSCnt(2)+PKS(4*m)+AKC(2) |
| 201 | // overlay IE_RSN_Auth structure into correct place |
| 202 | pIE_RSN_Auth = (PWLAN_IE_RSN_AUTH) pRSN->PKSList[m].abyOUI; |
| 203 | j = 0; |
| 204 | DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO"wAuthCount: %d, sizeof(pBSSList->abyAuthType): %d\n", |
| 205 | pIE_RSN_Auth->wAuthCount, sizeof(pBSSList->abyAuthType)); |
| 206 | for(i = 0; (i < pIE_RSN_Auth->wAuthCount) && (j < sizeof(pBSSList->abyAuthType)/sizeof(BYTE)); i++) { |
| 207 | if(pRSN->len >= 14+4+(m+i)*4) { //oui1(4)+ver(2)+GKS(4)+PKSCnt(2)+PKS(4*m)+AKC(2)+AKS(4*i) |
| 208 | if (MEMEqualMemory(pIE_RSN_Auth->AuthKSList[i].abyOUI, abyOUI01, 4)) |
| 209 | pBSSList->abyAuthType[j++] = WPA_AUTH_IEEE802_1X; |
| 210 | else if (MEMEqualMemory(pIE_RSN_Auth->AuthKSList[i].abyOUI, abyOUI02, 4)) |
| 211 | pBSSList->abyAuthType[j++] = WPA_AUTH_PSK; |
| 212 | else |
| 213 | // any vendor checks here |
| 214 | ; |
| 215 | } |
| 216 | else |
| 217 | break; |
| 218 | //DBG_PRN_GRP14(("abyAuthType[%d]: %X\n", j-1, pBSSList->abyAuthType[j-1])); |
| 219 | } |
| 220 | if(j > 0) |
| 221 | pBSSList->wAuthCount = (WORD)j; |
| 222 | DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO"wAuthCount: %d\n", pBSSList->wAuthCount); |
| 223 | } |
| 224 | |
| 225 | if (pIE_RSN_Auth != NULL) { |
| 226 | |
| 227 | n = pIE_RSN_Auth->wAuthCount; |
| 228 | |
| 229 | DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO"n: %d\n", n); |
| 230 | DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO"14+4+(m+n)*4: %d\n", 14+4+(m+n)*4); |
| 231 | |
| 232 | if(pRSN->len+2 >= 14+4+(m+n)*4) { //oui1(4)+ver(2)+GKS(4)+PKSCnt(2)+PKS(4*m)+AKC(2)+AKS(4*n)+Cap(2) |
| 233 | pbyCaps = (PBYTE)pIE_RSN_Auth->AuthKSList[n].abyOUI; |
| 234 | pBSSList->byDefaultK_as_PK = (*pbyCaps) & WPA_GROUPFLAG; |
| 235 | pBSSList->byReplayIdx = 2 << ((*pbyCaps >> WPA_REPLAYBITSSHIFT) & WPA_REPLAYBITS); |
| 236 | pBSSList->sRSNCapObj.bRSNCapExist = TRUE; |
| 237 | pBSSList->sRSNCapObj.wRSNCap = *(PWORD)pbyCaps; |
| 238 | //DBG_PRN_GRP14(("pbyCaps: %X\n", *pbyCaps)); |
| 239 | //DBG_PRN_GRP14(("byDefaultK_as_PK: %X\n", pBSSList->byDefaultK_as_PK)); |
| 240 | //DBG_PRN_GRP14(("byReplayIdx: %X\n", pBSSList->byReplayIdx)); |
| 241 | } |
| 242 | } |
| 243 | pBSSList->bWPAValid = TRUE; |
| 244 | } |
| 245 | } |
| 246 | |
| 247 | /*+ |
| 248 | * |
| 249 | * Description: |
| 250 | * Search RSN information in BSSList. |
| 251 | * |
| 252 | * Parameters: |
| 253 | * In: |
| 254 | * byCmd - Search type |
| 255 | * byEncrypt- Encrcypt Type |
| 256 | * pBSSList - BSS list |
| 257 | * Out: |
| 258 | * none |
| 259 | * |
| 260 | * Return Value: none. |
| 261 | * |
| 262 | -*/ |
| 263 | BOOL |
| 264 | WPA_SearchRSN ( |
| 265 | BYTE byCmd, |
| 266 | BYTE byEncrypt, |
| 267 | IN PKnownBSS pBSSList |
| 268 | ) |
| 269 | { |
| 270 | int ii; |
| 271 | BYTE byPKType = WPA_NONE; |
| 272 | |
| 273 | if (pBSSList->bWPAValid == FALSE) |
| 274 | return FALSE; |
| 275 | |
| 276 | switch(byCmd) { |
| 277 | case 0: |
| 278 | |
| 279 | if (byEncrypt != pBSSList->byGKType) |
| 280 | return FALSE; |
| 281 | |
| 282 | if (pBSSList->wPKCount > 0) { |
| 283 | for (ii = 0; ii < pBSSList->wPKCount; ii ++) { |
| 284 | if (pBSSList->abyPKType[ii] == WPA_AESCCMP) |
| 285 | byPKType = WPA_AESCCMP; |
| 286 | else if ((pBSSList->abyPKType[ii] == WPA_TKIP) && (byPKType != WPA_AESCCMP)) |
| 287 | byPKType = WPA_TKIP; |
| 288 | else if ((pBSSList->abyPKType[ii] == WPA_WEP40) && (byPKType != WPA_AESCCMP) && (byPKType != WPA_TKIP)) |
| 289 | byPKType = WPA_WEP40; |
| 290 | else if ((pBSSList->abyPKType[ii] == WPA_WEP104) && (byPKType != WPA_AESCCMP) && (byPKType != WPA_TKIP)) |
| 291 | byPKType = WPA_WEP104; |
| 292 | } |
| 293 | if (byEncrypt != byPKType) |
| 294 | return FALSE; |
| 295 | } |
| 296 | return TRUE; |
| 297 | // if (pBSSList->wAuthCount > 0) |
| 298 | // for (ii=0; ii < pBSSList->wAuthCount; ii ++) |
| 299 | // if (byAuth == pBSSList->abyAuthType[ii]) |
| 300 | // break; |
| 301 | break; |
| 302 | |
| 303 | default: |
| 304 | break; |
| 305 | } |
| 306 | return FALSE; |
| 307 | } |
| 308 | |
| 309 | /*+ |
| 310 | * |
| 311 | * Description: |
| 312 | * Check if RSN IE makes sense. |
| 313 | * |
| 314 | * Parameters: |
| 315 | * In: |
| 316 | * pRSN - Pointer to the RSN IE. |
| 317 | * Out: |
| 318 | * none |
| 319 | * |
| 320 | * Return Value: none. |
| 321 | * |
| 322 | -*/ |
| 323 | BOOL |
| 324 | WPAb_Is_RSN ( |
| 325 | IN PWLAN_IE_RSN_EXT pRSN |
| 326 | ) |
| 327 | { |
| 328 | if (pRSN == NULL) |
| 329 | return FALSE; |
| 330 | |
| 331 | if ((pRSN->len >= 6) && // oui1(4)+ver(2) |
| 332 | (pRSN->byElementID == WLAN_EID_RSN_WPA) && MEMEqualMemory(pRSN->abyOUI, abyOUI01, 4) && |
| 333 | (pRSN->wVersion == 1)) { |
| 334 | return TRUE; |
| 335 | } |
| 336 | else |
| 337 | return FALSE; |
| 338 | } |
| 339 | |