search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
RT-AC56 3.0.0.4.374.37 core
[tomato.git] / release / src-rt-6.x.4708 / linux / linux-2.6.36 / drivers / staging / otus / 80211core / ctkip.c
blob8fd7eacc7d1b62e7f9dcf88b3d67f224a38dc430
1 /*
2 * Copyright (c) 2007-2008 Atheros Communications Inc.
3 *
4 * Permission to use, copy, modify, and/or distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above
6 * copyright notice and this permission notice appear in all copies.
7 *
8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15 */
16 /* */
17 /* Module Name : ctkip.c */
18 /* */
19 /* Abstract */
20 /* This module contains Tx and Rx functions. */
21 /* */
22 /* NOTES */
23 /* None */
24 /* */
25 /************************************************************************/
26 #include "cprecomp.h"
27
28 u16_t zgTkipSboxLower[256] =
29 {
30 0xA5,0x84,0x99,0x8D,0x0D,0xBD,0xB1,0x54,
31 0x50,0x03,0xA9,0x7D,0x19,0x62,0xE6,0x9A,
32 0x45,0x9D,0x40,0x87,0x15,0xEB,0xC9,0x0B,
33 0xEC,0x67,0xFD,0xEA,0xBF,0xF7,0x96,0x5B,
34 0xC2,0x1C,0xAE,0x6A,0x5A,0x41,0x02,0x4F,
35 0x5C,0xF4,0x34,0x08,0x93,0x73,0x53,0x3F,
36 0x0C,0x52,0x65,0x5E,0x28,0xA1,0x0F,0xB5,
37 0x09,0x36,0x9B,0x3D,0x26,0x69,0xCD,0x9F,
38 0x1B,0x9E,0x74,0x2E,0x2D,0xB2,0xEE,0xFB,
39 0xF6,0x4D,0x61,0xCE,0x7B,0x3E,0x71,0x97,
40 0xF5,0x68,0x00,0x2C,0x60,0x1F,0xC8,0xED,
41 0xBE,0x46,0xD9,0x4B,0xDE,0xD4,0xE8,0x4A,
42 0x6B,0x2A,0xE5,0x16,0xC5,0xD7,0x55,0x94,
43 0xCF,0x10,0x06,0x81,0xF0,0x44,0xBA,0xE3,
44 0xF3,0xFE,0xC0,0x8A,0xAD,0xBC,0x48,0x04,
45 0xDF,0xC1,0x75,0x63,0x30,0x1A,0x0E,0x6D,
46 0x4C,0x14,0x35,0x2F,0xE1,0xA2,0xCC,0x39,
47 0x57,0xF2,0x82,0x47,0xAC,0xE7,0x2B,0x95,
48 0xA0,0x98,0xD1,0x7F,0x66,0x7E,0xAB,0x83,
49 0xCA,0x29,0xD3,0x3C,0x79,0xE2,0x1D,0x76,
50 0x3B,0x56,0x4E,0x1E,0xDB,0x0A,0x6C,0xE4,
51 0x5D,0x6E,0xEF,0xA6,0xA8,0xA4,0x37,0x8B,
52 0x32,0x43,0x59,0xB7,0x8C,0x64,0xD2,0xE0,
53 0xB4,0xFA,0x07,0x25,0xAF,0x8E,0xE9,0x18,
54 0xD5,0x88,0x6F,0x72,0x24,0xF1,0xC7,0x51,
55 0x23,0x7C,0x9C,0x21,0xDD,0xDC,0x86,0x85,
56 0x90,0x42,0xC4,0xAA,0xD8,0x05,0x01,0x12,
57 0xA3,0x5F,0xF9,0xD0,0x91,0x58,0x27,0xB9,
58 0x38,0x13,0xB3,0x33,0xBB,0x70,0x89,0xA7,
59 0xB6,0x22,0x92,0x20,0x49,0xFF,0x78,0x7A,
60 0x8F,0xF8,0x80,0x17,0xDA,0x31,0xC6,0xB8,
61 0xC3,0xB0,0x77,0x11,0xCB,0xFC,0xD6,0x3A
62 };
63
64
65 u16_t zgTkipSboxUpper[256] =
66 {
67 0xC6,0xF8,0xEE,0xF6,0xFF,0xD6,0xDE,0x91,
68 0x60,0x02,0xCE,0x56,0xE7,0xB5,0x4D,0xEC,
69 0x8F,0x1F,0x89,0xFA,0xEF,0xB2,0x8E,0xFB,
70 0x41,0xB3,0x5F,0x45,0x23,0x53,0xE4,0x9B,
71 0x75,0xE1,0x3D,0x4C,0x6C,0x7E,0xF5,0x83,
72 0x68,0x51,0xD1,0xF9,0xE2,0xAB,0x62,0x2A,
73 0x08,0x95,0x46,0x9D,0x30,0x37,0x0A,0x2F,
74 0x0E,0x24,0x1B,0xDF,0xCD,0x4E,0x7F,0xEA,
75 0x12,0x1D,0x58,0x34,0x36,0xDC,0xB4,0x5B,
76 0xA4,0x76,0xB7,0x7D,0x52,0xDD,0x5E,0x13,
77 0xA6,0xB9,0x00,0xC1,0x40,0xE3,0x79,0xB6,
78 0xD4,0x8D,0x67,0x72,0x94,0x98,0xB0,0x85,
79 0xBB,0xC5,0x4F,0xED,0x86,0x9A,0x66,0x11,
80 0x8A,0xE9,0x04,0xFE,0xA0,0x78,0x25,0x4B,
81 0xA2,0x5D,0x80,0x05,0x3F,0x21,0x70,0xF1,
82 0x63,0x77,0xAF,0x42,0x20,0xE5,0xFD,0xBF,
83 0x81,0x18,0x26,0xC3,0xBE,0x35,0x88,0x2E,
84 0x93,0x55,0xFC,0x7A,0xC8,0xBA,0x32,0xE6,
85 0xC0,0x19,0x9E,0xA3,0x44,0x54,0x3B,0x0B,
86 0x8C,0xC7,0x6B,0x28,0xA7,0xBC,0x16,0xAD,
87 0xDB,0x64,0x74,0x14,0x92,0x0C,0x48,0xB8,
88 0x9F,0xBD,0x43,0xC4,0x39,0x31,0xD3,0xF2,
89 0xD5,0x8B,0x6E,0xDA,0x01,0xB1,0x9C,0x49,
90 0xD8,0xAC,0xF3,0xCF,0xCA,0xF4,0x47,0x10,
91 0x6F,0xF0,0x4A,0x5C,0x38,0x57,0x73,0x97,
92 0xCB,0xA1,0xE8,0x3E,0x96,0x61,0x0D,0x0F,
93 0xE0,0x7C,0x71,0xCC,0x90,0x06,0xF7,0x1C,
94 0xC2,0x6A,0xAE,0x69,0x17,0x99,0x3A,0x27,
95 0xD9,0xEB,0x2B,0x22,0xD2,0xA9,0x07,0x33,
96 0x2D,0x3C,0x15,0xC9,0x87,0xAA,0x50,0xA5,
97 0x03,0x59,0x09,0x1A,0x65,0xD7,0x84,0xD0,
98 0x82,0x29,0x5A,0x1E,0x7B,0xA8,0x6D,0x2C
99 };
100
101 u16_t zfrotr1(u16_t a)
102 // rotate right by 1 bit.
103 {
104 u16_t b;
105
106 if (a & 0x01)
107 {
108 b = (a >> 1) | 0x8000;
109 }
110 else
111 {
112 b = (a >> 1) & 0x7fff;
113 }
114 return b;
115 }
116
117 /*************************************************************/
118 /* zfTkipSbox() */
119 /* Returns a 16 bit value from a 64K entry table. The Table */
120 /* is synthesized from two 256 entry byte wide tables. */
121 /*************************************************************/
122 u16_t zfTkipSbox(u16_t index)
123 {
124 u16_t low;
125 u16_t high;
126 u16_t left, right;
127
128 low = (index & 0xFF);
129 high = ((index >> 8) & 0xFF);
130
131 left = zgTkipSboxLower[low] + (zgTkipSboxUpper[low] << 8 );
132 right = zgTkipSboxUpper[high] + (zgTkipSboxLower[high] << 8 );
133
134 return (left ^ right);
135 }
136
137 u8_t zfTkipPhase1KeyMix(u32_t iv32, struct zsTkipSeed* pSeed)
138 {
139 u16_t tsc0;
140 u16_t tsc1;
141 u16_t i, j;
142 tsc0 = (u16_t) ((iv32 >> 16) & 0xffff); /* msb */
143 tsc1 = (u16_t) (iv32 & 0xffff);
144
145 /* Phase 1, step 1 */
146 pSeed->ttak[0] = tsc1;
147 pSeed->ttak[1] = tsc0;
148 pSeed->ttak[2] = (u16_t) (pSeed->ta[0] + (pSeed->ta[1] <<8));
149 pSeed->ttak[3] = (u16_t) (pSeed->ta[2] + (pSeed->ta[3] <<8));
150 pSeed->ttak[4] = (u16_t) (pSeed->ta[4] + (pSeed->ta[5] <<8));
151
152 /* Phase 1, step 2 */
153 for (i=0; i<8; i++)
154 {
155 j = 2*(i & 1);
156 pSeed->ttak[0] =(pSeed->ttak[0] + zfTkipSbox(pSeed->ttak[4]
157 ^ ZM_BYTE_TO_WORD(pSeed->tk[1+j], pSeed->tk[j])))
158 & 0xffff;
159 pSeed->ttak[1] =(pSeed->ttak[1] + zfTkipSbox(pSeed->ttak[0]
160 ^ ZM_BYTE_TO_WORD(pSeed->tk[5+j], pSeed->tk[4+j] )))
161 & 0xffff;
162 pSeed->ttak[2] =(pSeed->ttak[2] + zfTkipSbox(pSeed->ttak[1]
163 ^ ZM_BYTE_TO_WORD(pSeed->tk[9+j], pSeed->tk[8+j] )))
164 & 0xffff;
165 pSeed->ttak[3] =(pSeed->ttak[3] + zfTkipSbox(pSeed->ttak[2]
166 ^ ZM_BYTE_TO_WORD(pSeed->tk[13+j], pSeed->tk[12+j])))
167 & 0xffff;
168 pSeed->ttak[4] =(pSeed->ttak[4] + zfTkipSbox(pSeed->ttak[3]
169 ^ ZM_BYTE_TO_WORD(pSeed->tk[1+j], pSeed->tk[j] )))
170 & 0xffff;
171 pSeed->ttak[4] =(pSeed->ttak[4] + i) & 0xffff;
172 }
173
174 if ( iv32 == (pSeed->iv32+1) )
175 {
176 pSeed->iv32tmp = iv32;
177 return 1;
178 }
179
180 return 0;
181 }
182
183 u8_t zfTkipPhase2KeyMix(u16_t iv16, struct zsTkipSeed* pSeed)
184 {
185 u16_t tsc2;
186
187 tsc2 = iv16;
188
189 /* Phase 2, Step 1 */
190 pSeed->ppk[0] = pSeed->ttak[0];
191 pSeed->ppk[1] = pSeed->ttak[1];
192 pSeed->ppk[2] = pSeed->ttak[2];
193 pSeed->ppk[3] = pSeed->ttak[3];
194 pSeed->ppk[4] = pSeed->ttak[4];
195 pSeed->ppk[5] = (pSeed->ttak[4] + tsc2) & 0xffff;
196
197 /* Phase2, Step 2 */
198 pSeed->ppk[0] = pSeed->ppk[0]
199 + zfTkipSbox(pSeed->ppk[5] ^ ZM_BYTE_TO_WORD(pSeed->tk[1],pSeed->tk[0]));
200 pSeed->ppk[1] = pSeed->ppk[1]
201 + zfTkipSbox(pSeed->ppk[0] ^ ZM_BYTE_TO_WORD(pSeed->tk[3],pSeed->tk[2]));
202 pSeed->ppk[2] = pSeed->ppk[2]
203 + zfTkipSbox(pSeed->ppk[1] ^ ZM_BYTE_TO_WORD(pSeed->tk[5],pSeed->tk[4]));
204 pSeed->ppk[3] = pSeed->ppk[3]
205 + zfTkipSbox(pSeed->ppk[2] ^ ZM_BYTE_TO_WORD(pSeed->tk[7],pSeed->tk[6]));
206 pSeed->ppk[4] = pSeed->ppk[4]
207 + zfTkipSbox(pSeed->ppk[3] ^ ZM_BYTE_TO_WORD(pSeed->tk[9],pSeed->tk[8]));
208 pSeed->ppk[5] = pSeed->ppk[5]
209 + zfTkipSbox(pSeed->ppk[4] ^ ZM_BYTE_TO_WORD(pSeed->tk[11],pSeed->tk[10]));
210
211 pSeed->ppk[0] = pSeed->ppk[0]
212 + zfrotr1(pSeed->ppk[5] ^ ZM_BYTE_TO_WORD(pSeed->tk[13],pSeed->tk[12]));
213 pSeed->ppk[1] = pSeed->ppk[1]
214 + zfrotr1(pSeed->ppk[0] ^ ZM_BYTE_TO_WORD(pSeed->tk[15],pSeed->tk[14]));
215 pSeed->ppk[2] = pSeed->ppk[2] + zfrotr1(pSeed->ppk[1]);
216 pSeed->ppk[3] = pSeed->ppk[3] + zfrotr1(pSeed->ppk[2]);
217 pSeed->ppk[4] = pSeed->ppk[4] + zfrotr1(pSeed->ppk[3]);
218 pSeed->ppk[5] = pSeed->ppk[5] + zfrotr1(pSeed->ppk[4]);
219
220 if (iv16 == 0)
221 {
222 if (pSeed->iv16 == 0xffff)
223 {
224 pSeed->iv16tmp=0;
225 return 1;
226 }
227 else
228 return 0;
229 }
230 else if (iv16 == (pSeed->iv16+1))
231 {
232 pSeed->iv16tmp = iv16;
233 return 1;
234 }
235 else
236 return 0;
237 }
238
239 void zfTkipInit(u8_t* key, u8_t* ta, struct zsTkipSeed* pSeed, u8_t* initIv)
240 {
241 u16_t iv16;
242 u32_t iv32;
243 u16_t i;
244
245 /* clear memory */
246 zfZeroMemory((u8_t*) pSeed, sizeof(struct zsTkipSeed));
247 /* set key to seed */
248 zfMemoryCopy(pSeed->ta, ta, 6);
249 zfMemoryCopy(pSeed->tk, key, 16);
250
251 iv16 = *initIv;
252 initIv++;
253 iv16 += *initIv<<8;
254 initIv++;
255
256 iv32=0;
257
258 for(i=0; i<4; i++) // initiv is little endian
259 {
260 iv32 += *initIv<<(i*8);
261 initIv++;
262 }
263
264 pSeed->iv32 = iv32+1; // Force Recalculating on Tkip Phase1
265 zfTkipPhase1KeyMix(iv32, pSeed);
266
267 pSeed->iv16 = iv16;
268 pSeed->iv32 = iv32;
269 }
270
271 u32_t zfGetU32t(u8_t* p)
272 {
273 u32_t res=0;
274 u16_t i;
275
276 for( i=0; i<4; i++ )
277 {
278 res |= (*p++) << (8*i);
279 }
280
281 return res;
282
283 }
284
285 void zfPutU32t(u8_t* p, u32_t value)
286 {
287 u16_t i;
288
289 for(i=0; i<4; i++)
290 {
291 *p++ = (u8_t) (value & 0xff);
292 value >>= 8;
293 }
294 }
295
296 void zfMicClear(struct zsMicVar* pMic)
297 {
298 pMic->left = pMic->k0;
299 pMic->right = pMic->k1;
300 pMic->nBytes = 0;
301 pMic->m = 0;
302 }
303
304 void zfMicSetKey(u8_t* key, struct zsMicVar* pMic)
305 {
306 pMic->k0 = zfGetU32t(key);
307 pMic->k1 = zfGetU32t(key+4);
308 zfMicClear(pMic);
309 }
310
311 void zfMicAppendByte(u8_t b, struct zsMicVar* pMic)
312 {
313 // Append the byte to our word-sized buffer
314 pMic->m |= b << (8* pMic->nBytes);
315 pMic->nBytes++;
316
317 // Process the word if it is full.
318 if ( pMic->nBytes >= 4 )
319 {
320 pMic->left ^= pMic->m;
321 pMic->right ^= ZM_ROL32(pMic->left, 17 );
322 pMic->left += pMic->right;
323 pMic->right ^= ((pMic->left & 0xff00ff00) >> 8) |
324 ((pMic->left & 0x00ff00ff) << 8);
325 pMic->left += pMic->right;
326 pMic->right ^= ZM_ROL32( pMic->left, 3 );
327 pMic->left += pMic->right;
328 pMic->right ^= ZM_ROR32( pMic->left, 2 );
329 pMic->left += pMic->right;
330 // Clear the buffer
331 pMic->m = 0;
332 pMic->nBytes = 0;
333 }
334 }
335
336 void zfMicGetMic(u8_t* dst, struct zsMicVar* pMic)
337 {
338 // Append the minimum padding
339 zfMicAppendByte(0x5a, pMic);
340 zfMicAppendByte(0, pMic);
341 zfMicAppendByte(0, pMic);
342 zfMicAppendByte(0, pMic);
343 zfMicAppendByte(0, pMic);
344
345 // and then zeroes until the length is a multiple of 4
346 while( pMic->nBytes != 0 )
347 {
348 zfMicAppendByte(0, pMic);
349 }
350
351 // The appendByte function has already computed the result.
352 zfPutU32t(dst, pMic->left);
353 zfPutU32t(dst+4, pMic->right);
354
355 // Reset to the empty message.
356 zfMicClear(pMic);
357
358 }
359
360 u8_t zfMicRxVerify(zdev_t* dev, zbuf_t* buf)
361 {
362 struct zsMicVar* pMicKey;
363 struct zsMicVar MyMicKey;
364 u8_t mic[8];
365 u8_t da[6];
366 u8_t sa[6];
367 u8_t bValue;
368 u16_t i, payloadOffset, tailOffset;
369
370 zmw_get_wlan_dev(dev);
371
372 /* need not check MIC if pMicKEy is equal to NULL */
373 if ( wd->wlanMode == ZM_MODE_AP )
374 {
375 pMicKey = zfApGetRxMicKey(dev, buf);
376
377 if ( pMicKey != NULL )
378 {
379 zfCopyFromRxBuffer(dev, buf, sa, ZM_WLAN_HEADER_A2_OFFSET, 6);
380 zfCopyFromRxBuffer(dev, buf, da, ZM_WLAN_HEADER_A3_OFFSET, 6);
381 }
382 else
383 {
384 return ZM_MIC_SUCCESS;
385 }
386 }
387 else if ( wd->wlanMode == ZM_MODE_INFRASTRUCTURE )
388 {
389 pMicKey = zfStaGetRxMicKey(dev, buf);
390
391 if ( pMicKey != NULL )
392 {
393 zfCopyFromRxBuffer(dev, buf, sa, ZM_WLAN_HEADER_A3_OFFSET, 6);
394 zfCopyFromRxBuffer(dev, buf, da, ZM_WLAN_HEADER_A1_OFFSET, 6);
395 }
396 else
397 {
398 return ZM_MIC_SUCCESS;
399 }
400 }
401 else
402 {
403 return ZM_MIC_SUCCESS;
404 }
405
406 MyMicKey.k0=pMicKey->k0;
407 MyMicKey.k1=pMicKey->k1;
408 pMicKey = &MyMicKey;
409
410 zfMicClear(pMicKey);
411 tailOffset = zfwBufGetSize(dev, buf);
412 tailOffset -= 8;
413
414 /* append DA */
415 for(i=0; i<6; i++)
416 {
417 zfMicAppendByte(da[i], pMicKey);
418 }
419 /* append SA */
420 for(i=0; i<6; i++)
421 {
422 zfMicAppendByte(sa[i], pMicKey);
423 }
424
425 /* append for alignment */
426 if ((zmw_rx_buf_readb(dev, buf, 0) & 0x80) != 0)
427 zfMicAppendByte(zmw_rx_buf_readb(dev, buf,24)&0x7, pMicKey);
428 else
429 zfMicAppendByte(0, pMicKey);
430 zfMicAppendByte(0, pMicKey);
431 zfMicAppendByte(0, pMicKey);
432 zfMicAppendByte(0, pMicKey);
433
434 /* append payload */
435 payloadOffset = ZM_SIZE_OF_WLAN_DATA_HEADER +
436 ZM_SIZE_OF_IV +
437 ZM_SIZE_OF_EXT_IV;
438
439 if ((zmw_rx_buf_readb(dev, buf, 0) & 0x80) != 0)
440 {
441 /* Qos Packet, Plcpheader + 2 */
442 if (wd->wlanMode == ZM_MODE_AP)
443 {
444 /* TODO : Rx Qos element offset in software MIC check */
445 }
446 else if (wd->wlanMode == ZM_MODE_INFRASTRUCTURE)
447 {
448 if (wd->sta.wmeConnected != 0)
449 {
450 payloadOffset += 2;
451 }
452 }
453 }
454
455 for(i=payloadOffset; i<tailOffset; i++)
456 {
457 bValue = zmw_rx_buf_readb(dev, buf, i);
458 zfMicAppendByte(bValue, pMicKey);
459 }
460
461 zfMicGetMic(mic, pMicKey);
462
463 if ( !zfRxBufferEqualToStr(dev, buf, mic, tailOffset, 8) )
464 {
465 return ZM_MIC_FAILURE;
466 }
467
468 return ZM_MIC_SUCCESS;
469 }
470
471 void zfTkipGetseeds(u16_t iv16, u8_t *RC4Key, struct zsTkipSeed *Seed)
472 {
473 RC4Key[0] = ZM_HI8(iv16);
474 RC4Key[1] = (ZM_HI8(iv16) | 0x20) & 0x7f;
475 RC4Key[2] = ZM_LO8(iv16);
476 RC4Key[3] = ((Seed->ppk[5] ^ ZM_BYTE_TO_WORD(Seed->tk[1],Seed->tk[0]))>>1) & 0xff;
477 RC4Key[4] = Seed->ppk[0] & 0xff;
478 RC4Key[5] = Seed->ppk[0] >> 8;
479 RC4Key[6] = Seed->ppk[1] & 0xff;
480 RC4Key[7] = Seed->ppk[1] >> 8;
481 RC4Key[8] = Seed->ppk[2] & 0xff;
482 RC4Key[9] = Seed->ppk[2] >> 8;
483 RC4Key[10] = Seed->ppk[3] & 0xff;
484 RC4Key[11] = Seed->ppk[3] >> 8;
485 RC4Key[12] = Seed->ppk[4] & 0xff;
486 RC4Key[13] = Seed->ppk[4] >> 8;
487 RC4Key[14] = Seed->ppk[5] & 0xff;
488 RC4Key[15] = Seed->ppk[5] >> 8;
489 }
490
491 void zfCalTxMic(zdev_t *dev, zbuf_t *buf, u8_t *snap, u16_t snapLen, u16_t offset, u16_t *da, u16_t *sa, u8_t up, u8_t *mic)
492 {
493 struct zsMicVar* pMicKey;
494 u16_t i;
495 u16_t len;
496 u8_t bValue;
497 u8_t qosType;
498 u8_t *pDa = (u8_t *)da;
499 u8_t *pSa = (u8_t *)sa;
500
501 zmw_get_wlan_dev(dev);
502
503 /* need not check MIC if pMicKEy is equal to NULL */
504 if ( wd->wlanMode == ZM_MODE_AP )
505 {
506 pMicKey = zfApGetTxMicKey(dev, buf, &qosType);
507
508 if ( pMicKey == NULL )
509 return;
510 }
511 else if ( wd->wlanMode == ZM_MODE_INFRASTRUCTURE )
512 {
513 pMicKey = zfStaGetTxMicKey(dev, buf);
514
515 if ( pMicKey == NULL )
516 {
517 zm_debug_msg0("pMicKey is NULL");
518 return;
519 }
520 }
521 else
522 {
523 return;
524 }
525
526 zfMicClear(pMicKey);
527 len = zfwBufGetSize(dev, buf);
528
529 /* append DA */
530 for(i = 0; i < 6; i++)
531 {
532 zfMicAppendByte(pDa[i], pMicKey);
533 }
534
535 /* append SA */
536 for(i = 0; i < 6; i++)
537 {
538 zfMicAppendByte(pSa[i], pMicKey);
539 }
540
541 if (up != 0)
542 zfMicAppendByte((up&0x7), pMicKey);
543 else
544 zfMicAppendByte(0, pMicKey);
545
546 zfMicAppendByte(0, pMicKey);
547 zfMicAppendByte(0, pMicKey);
548 zfMicAppendByte(0, pMicKey);
549
550 /* For Snap header */
551 for(i = 0; i < snapLen; i++)
552 {
553 zfMicAppendByte(snap[i], pMicKey);
554 }
555
556 for(i = offset; i < len; i++)
557 {
558 bValue = zmw_tx_buf_readb(dev, buf, i);
559 zfMicAppendByte(bValue, pMicKey);
560 }
561
562 zfMicGetMic(mic, pMicKey);
563 }
564
565 void zfTKIPEncrypt(zdev_t *dev, zbuf_t *buf, u8_t *snap, u16_t snapLen, u16_t offset, u8_t keyLen, u8_t* key, u32_t* icv)
566 {
567 u8_t iv[3];
568
569 iv[0] = key[0];
570 iv[1] = key[1];
571 iv[2] = key[2];
572
573 keyLen -= 3;
574
575 zfWEPEncrypt(dev, buf, snap, snapLen, offset, keyLen, &key[3], iv);
576 }
577
578 u16_t zfTKIPDecrypt(zdev_t *dev, zbuf_t *buf, u16_t offset, u8_t keyLen, u8_t* key)
579 {
580 u16_t ret = ZM_ICV_SUCCESS;
581 u8_t iv[3];
582
583 iv[0] = key[0];
584 iv[1] = key[1];
585 iv[2] = key[2];
586
587 keyLen -= 3;
588
589 ret = zfWEPDecrypt(dev, buf, offset, keyLen, &key[3], iv);
590
591 return ret;
592 }
Tomato firmware and modifications.