summaryrefslogtreecommitdiff
path: root/wl1271/stad/src/Connection_Managment/admCtrlWpa.c
diff options
context:
space:
mode:
authorDmitry Shmidt <dimitrysh@google.com>2010-01-28 13:44:01 -0800
committerDmitry Shmidt <dimitrysh@google.com>2010-01-28 13:44:01 -0800
commita615fb1650af6e111053506f1b764b28a5b4631d (patch)
tree331681301f38dbc47007e77f21039b0d82c2741c /wl1271/stad/src/Connection_Managment/admCtrlWpa.c
parent3295ef74aeb37c12e327c5b1b258c1d84bcd2fa5 (diff)
downloadwlan-a615fb1650af6e111053506f1b764b28a5b4631d.tar.gz
wl1271: Initial M4 drop based on WiLink_Driver_6.1.0.0.115
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
Diffstat (limited to 'wl1271/stad/src/Connection_Managment/admCtrlWpa.c')
-rw-r--r--wl1271/stad/src/Connection_Managment/admCtrlWpa.c1374
1 files changed, 1374 insertions, 0 deletions
diff --git a/wl1271/stad/src/Connection_Managment/admCtrlWpa.c b/wl1271/stad/src/Connection_Managment/admCtrlWpa.c
new file mode 100644
index 00000000..69079ada
--- /dev/null
+++ b/wl1271/stad/src/Connection_Managment/admCtrlWpa.c
@@ -0,0 +1,1374 @@
+/*
+ * admCtrlWpa.c
+ *
+ * Copyright(c) 1998 - 2009 Texas Instruments. All rights reserved.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ * * Neither the name Texas Instruments nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/** \file admCtrl.c
+ * \brief Admission control API implimentation
+ *
+ * \see admCtrl.h
+ */
+
+/****************************************************************************
+ * *
+ * MODULE: Admission Control *
+ * PURPOSE: Admission Control Module API *
+ * *
+ ****************************************************************************/
+
+#define __FILE_ID__ FILE_ID_19
+#include "osApi.h"
+#include "paramOut.h"
+#include "mlmeApi.h"
+#include "802_11Defs.h"
+#include "DataCtrl_Api.h"
+#include "report.h"
+#include "rsn.h"
+#include "admCtrl.h"
+#include "admCtrlWpa.h"
+#include "admCtrlWpa2.h"
+#ifdef XCC_MODULE_INCLUDED
+#include "admCtrlXCC.h"
+#include "XCCMngr.h"
+#endif
+#include "siteMgrApi.h"
+#include "TWDriver.h"
+
+/* Constants */
+#define MAX_NETWORK_MODE 2
+#define MAX_WPA_CIPHER_SUITE 7
+
+
+
+/* Enumerations */
+
+/* Typedefs */
+
+/* Structures */
+
+/* External data definitions */
+
+/* Local functions definitions */
+
+/* Global variables */
+
+static TI_UINT8 wpaIeOuiIe[3] = { 0x00, 0x50, 0xf2};
+
+static TI_BOOL broadcastCipherSuiteValidity[MAX_NETWORK_MODE][MAX_WPA_CIPHER_SUITE]=
+{
+ /* RSN_IBSS */ {
+/* NONE */ TI_FALSE,
+/* WEP40 */ TI_FALSE,
+/* TKIP */ TI_TRUE,
+/* AES_WRAP */ TI_TRUE,
+/* AES_CCMP */ TI_TRUE,
+/* WEP104 */ TI_FALSE,
+/* CKIP */ TI_FALSE},
+
+ /* RSN_INFRASTRUCTURE */ {
+/* NONE */ TI_FALSE,
+/* WEP */ TI_TRUE,
+/* TKIP */ TI_TRUE,
+/* AES_WRAP */ TI_TRUE,
+/* AES_CCMP */ TI_TRUE,
+/* WEP104 */ TI_TRUE,
+/* CKIP */ TI_TRUE}
+};
+
+/** WPA admission table. Used to verify admission parameters to an AP */
+/* table parameters:
+ Max unicast cipher in the IE
+ Max broadcast cipher in the IE
+ Encryption status
+*/
+typedef struct
+{
+ TI_STATUS status;
+ ECipherSuite unicast;
+ ECipherSuite broadcast;
+ TI_UINT8 evaluation;
+} admCtrlWpa_validity_t;
+
+static admCtrlWpa_validity_t admCtrlWpa_validityTable[MAX_WPA_CIPHER_SUITE][MAX_WPA_CIPHER_SUITE][MAX_WPA_CIPHER_SUITE] =
+{
+/* AP unicast NONE */ {
+ /* AP multicast NONE */ {
+ /* STA NONE */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA WEP40 */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA TKIP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA WRAP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA CCMP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA WEP104 */{ TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}},
+ /* AP multicast WEP40 */ {
+ /* STA NONE */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA WEP40 */ { TI_OK, TWD_CIPHER_NONE, TWD_CIPHER_WEP ,1},
+ /* STA TKIP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA WRAP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA CCMP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA WEP104 */{ TI_OK, TWD_CIPHER_NONE, TWD_CIPHER_WEP104 ,1}},
+ /* AP multicast TKIP */ {
+ /* STA NONE */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA WEP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA TKIP */ { TI_OK, TWD_CIPHER_NONE, TWD_CIPHER_TKIP ,2},
+ /* STA WRAP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA CCMP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA WEP104 */{ TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}},
+ /* AP multicast WRAP */ {
+ /* STA NONE */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA WEP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA TKIP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA WRAP */ { TI_OK, TWD_CIPHER_NONE, TWD_CIPHER_AES_WRAP ,3},
+ /* STA CCMP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA WEP104 */{ TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}},
+ /* AP multicast CCMP */ {
+ /* STA NONE */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA WEP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA TKIP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA WRAP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA CCMP */ { TI_OK, TWD_CIPHER_NONE, TWD_CIPHER_AES_CCMP ,3},
+ /* STA WEP104 */{ TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}},
+ /* AP multicast WEP104 */ {
+ /* STA NONE */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA WEP40 */ { TI_OK, TWD_CIPHER_NONE, TWD_CIPHER_WEP ,1},
+ /* STA TKIP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA WRAP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA CCMP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA WEP104 */{ TI_OK, TWD_CIPHER_NONE, TWD_CIPHER_WEP104 ,1}}},
+/* AP unicast WEP */ {
+ /* AP multicast NONE */ {
+ /* STA NONE */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA WEP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA TKIP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA WRAP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA CCMP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA WEP104 */{ TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}},
+ /* AP multicast WEP */ {
+ /* STA NONE */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA WEP */ { TI_OK, TWD_CIPHER_WEP, TWD_CIPHER_WEP ,1},
+ /* STA TKIP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA WRAP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA CCMP */ { TI_OK, TWD_CIPHER_WEP, TWD_CIPHER_WEP ,1},
+ /* STA WEP104 */{ TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}},
+ /* AP multicast TKIP */ {
+ /* STA NONE */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA WEP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA TKIP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA AES */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA CCMP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA WEP104 */{ TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}},
+ /* AP multicast WRAP */ {
+ /* STA NONE */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA WEP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA TKIP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA WRAP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA CCMP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA WEP104 */{ TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}},
+ /* AP multicast CCMP */ {
+ /* STA NONE */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA WEP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA TKIP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA AES */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA CCMP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA WEP104 */{ TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}},
+ /* AP multicast WEP104 */ {
+ /* STA NONE */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA WEP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA TKIP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA AES */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA CCMP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA WEP104 */{ TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}}},
+/* AP unicast TKIP */ {
+ /* AP multicast NONE */ {
+ /* STA NONE */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA WEP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA TKIP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA AES */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA CCMP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA WEP104 */{ TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}},
+ /* AP multicast WEP */ {
+ /* STA NONE */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA WEP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA TKIP */ { TI_OK, TWD_CIPHER_TKIP, TWD_CIPHER_WEP ,4},
+ /* STA AES */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA CCMP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA WEP104 */{ TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}},
+ /* AP multicast TKIP */ {
+ /* STA NONE */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA WEP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA TKIP */ { TI_OK, TWD_CIPHER_TKIP, TWD_CIPHER_TKIP ,7},
+ /* STA AES */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA CCMP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA WEP104 */{ TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}},
+ /* AP multicast WRAP */ {
+ /* STA NONE */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA WEP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA TKIP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA AES */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA CCMP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA WEP104 */{ TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}},
+ /* AP multicast CCMP */ {
+ /* STA NONE */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA WEP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA TKIP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA AES */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA CCMP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA WEP104 */{ TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}},
+ /* AP multicast WEP104 */ {
+ /* STA NONE */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA WEP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA TKIP */ { TI_OK, TWD_CIPHER_TKIP, TWD_CIPHER_WEP104 ,4},
+ /* STA AES */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA CCMP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA WEP104 */{ TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}}},
+/* AP unicast AES_WRAP */ {
+ /* AP multicast NONE */ {
+ /* STA NONE */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA WEP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA TKIP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA AES */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA CCMP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA WEP104 */{ TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}},
+ /* AP multicast WEP40 */ {
+ /* STA NONE */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA WEP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA TKIP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA AES */ { TI_OK, TWD_CIPHER_AES_WRAP, TWD_CIPHER_WEP ,5},
+ /* STA CCMP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA WEP104 */{ TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}},
+ /* AP multicast TKIP */ {
+ /* STA NONE */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA WEP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA TKIP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA AES */ { TI_OK, TWD_CIPHER_AES_WRAP, TWD_CIPHER_TKIP ,6},
+ /* STA CCMP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA WEP104 */{ TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}},
+ /* AP multicast WRAP */ {
+ /* STA NONE */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA WEP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA TKIP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA AES */ { TI_OK, TWD_CIPHER_AES_WRAP, TWD_CIPHER_AES_WRAP ,8},
+ /* STA CCMP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA WEP104 */{ TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}},
+ /* AP multicast CCMP */ {
+ /* STA NONE */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA WEP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA TKIP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA AES */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA CCMP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA WEP104 */{ TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}},
+ /* AP multicast WEP104 */ {
+ /* STA NONE */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA WEP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA TKIP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA AES */ { TI_OK, TWD_CIPHER_AES_WRAP, TWD_CIPHER_WEP104 ,5},
+ /* STA CCMP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA WEP104 */{ TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}}},
+/* AP unicast AES_CCMP */ {
+ /* AP multicast NONE */ {
+ /* STA NONE */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA WEP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA TKIP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA AES */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA CCMP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA WEP104 */{ TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}},
+ /* AP multicast WEP */ {
+ /* STA NONE */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA WEP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA TKIP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA AES */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA CCMP */ { TI_OK, TWD_CIPHER_AES_CCMP, TWD_CIPHER_WEP ,5},
+ /* STA WEP104 */{ TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}},
+ /* AP multicast TKIP */ {
+ /* STA NONE */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA WEP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA TKIP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA AES */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA CCMP */ { TI_OK, TWD_CIPHER_AES_CCMP, TWD_CIPHER_TKIP ,6},
+ /* STA WEP104 */{ TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}},
+ /* AP multicast WRAP */ {
+ /* STA NONE */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA WEP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA TKIP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA AES */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA CCMP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA WEP104 */{ TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}},
+ /* AP multicast CCMP */ {
+ /* STA NONE */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA WEP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA TKIP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA AES */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA CCMP */ { TI_OK, TWD_CIPHER_AES_CCMP, TWD_CIPHER_AES_CCMP ,7},
+ /* STA WEP104 */{ TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}},
+ /* AP multicast WEP */ {
+ /* STA NONE */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA WEP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA TKIP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA AES */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA CCMP */ { TI_OK, TWD_CIPHER_AES_CCMP, TWD_CIPHER_WEP104 ,5},
+ /* STA WEP104 */{ TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}}},
+/* AP unicast WEP104 */ {
+ /* AP multicast NONE */ {
+ /* STA NONE */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA WEP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA TKIP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA AES */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA CCMP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA WEP104 */{ TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}},
+ /* AP multicast WEP */ {
+ /* STA NONE */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA WEP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA TKIP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA AES */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA CCMP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA WEP104 */{ TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}},
+ /* AP multicast TKIP */ {
+ /* STA NONE */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA WEP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA TKIP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA AES */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA CCMP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA WEP104 */{ TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}},
+ /* AP multicast WRAP */ {
+ /* STA NONE */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA WEP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA TKIP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA AES */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA CCMP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA WEP104 */{ TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}},
+ /* AP multicast CCMP */ {
+ /* STA NONE */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA WEP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA TKIP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA AES */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA CCMP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA WEP104 */{ TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}},
+ /* AP multicast WEP104 */ {
+ /* STA NONE */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA WEP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA TKIP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA AES */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0},
+ /* STA CCMP */ { TI_OK, TWD_CIPHER_WEP104, TWD_CIPHER_WEP104 ,1},
+ /* STA WEP104 */{ TI_OK, TWD_CIPHER_WEP104, TWD_CIPHER_WEP104 ,1}}}
+
+
+};
+
+/* Function prototypes */
+TI_STATUS admCtrlWpa_parseIe(admCtrl_t *pAdmCtrl, TI_UINT8 *pWpaIe, wpaIeData_t *pWpaData);
+TI_UINT16 admCtrlWpa_buildCapabilities(TI_UINT16 replayCnt);
+TI_UINT32 admCtrlWpa_parseSuiteVal(admCtrl_t *pAdmCtrl, TI_UINT8* suiteVal,wpaIeData_t *pWpaData,TI_UINT32 maxVal);
+TI_STATUS admCtrlWpa_checkCipherSuiteValidity (ECipherSuite unicastSuite, ECipherSuite broadcastSuite, ECipherSuite encryptionStatus);
+static TI_STATUS admCtrlWpa_get802_1x_AkmExists (admCtrl_t *pAdmCtrl, TI_BOOL *wpa_802_1x_AkmExists);
+
+
+/**
+*
+* admCtrlWpa_config - Configure XCC admission control.
+*
+* \b Description:
+*
+* Configure XCC admission control.
+*
+* \b ARGS:
+*
+* I - pAdmCtrl - context \n
+*
+* \b RETURNS:
+*
+* TI_OK on success, TI_NOK on failure.
+*
+* \sa
+*/
+TI_STATUS admCtrlWpa_config(admCtrl_t *pAdmCtrl)
+{
+ TI_STATUS status;
+ TRsnPaeConfig paeConfig;
+
+ /* check and set admission control default parameters */
+ pAdmCtrl->authSuite = RSN_AUTH_OPEN;
+ if (pAdmCtrl->unicastSuite == TWD_CIPHER_NONE)
+ {
+ pAdmCtrl->unicastSuite = TWD_CIPHER_TKIP;
+ }
+ if (pAdmCtrl->broadcastSuite == TWD_CIPHER_NONE)
+ {
+ pAdmCtrl->broadcastSuite = TWD_CIPHER_TKIP;
+ }
+
+ /* set callback functions (API) */
+ pAdmCtrl->getInfoElement = admCtrlWpa_getInfoElement;
+ pAdmCtrl->setSite = admCtrlWpa_setSite;
+ pAdmCtrl->evalSite = admCtrlWpa_evalSite;
+
+ pAdmCtrl->getPmkidList = admCtrl_nullGetPMKIDlist;
+ pAdmCtrl->setPmkidList = admCtrl_nullSetPMKIDlist;
+ pAdmCtrl->resetPmkidList = admCtrl_resetPMKIDlist;
+ pAdmCtrl->getPreAuthStatus = admCtrl_nullGetPreAuthStatus;
+ pAdmCtrl->startPreAuth = admCtrl_nullStartPreAuth;
+ pAdmCtrl->get802_1x_AkmExists = admCtrlWpa_get802_1x_AkmExists;
+
+ /* set cipher suite */
+ switch (pAdmCtrl->externalAuthMode)
+ {
+ case RSN_EXT_AUTH_MODE_WPA:
+ case RSN_EXT_AUTH_MODE_WPAPSK:
+ /* The cipher suite should be set by the External source via
+ the Encryption field*/
+ pAdmCtrl->keyMngSuite = RSN_KEY_MNG_802_1X;
+ break;
+ case RSN_EXT_AUTH_MODE_WPANONE:
+ pAdmCtrl->keyMngSuite = RSN_KEY_MNG_NONE;
+ /* Not supported */
+ default:
+ return TI_NOK;
+ }
+
+
+ paeConfig.authProtocol = pAdmCtrl->externalAuthMode;
+ paeConfig.unicastSuite = pAdmCtrl->unicastSuite;
+ paeConfig.broadcastSuite = pAdmCtrl->broadcastSuite;
+ paeConfig.keyExchangeProtocol = pAdmCtrl->keyMngSuite;
+ /* set default PAE configuration */
+ status = pAdmCtrl->pRsn->setPaeConfig(pAdmCtrl->pRsn, &paeConfig);
+
+ return status;
+}
+
+
+
+
+TI_STATUS admCtrlWpa_dynamicConfig(admCtrl_t *pAdmCtrl,wpaIeData_t *pWpaData)
+{
+ TI_STATUS status;
+ TRsnPaeConfig paeConfig;
+
+
+ /* set callback functions (API) */
+ pAdmCtrl->getInfoElement = admCtrlWpa_getInfoElement;
+
+ switch (pAdmCtrl->externalAuthMode)
+ {
+ case RSN_EXT_AUTH_MODE_WPA:
+ case RSN_EXT_AUTH_MODE_WPAPSK:
+ /* The cipher suite should be set by the External source via
+ the Encryption field*/
+ pAdmCtrl->keyMngSuite = RSN_KEY_MNG_802_1X;
+ break;
+ case RSN_EXT_AUTH_MODE_WPANONE:
+ pAdmCtrl->keyMngSuite = RSN_KEY_MNG_NONE;
+ /* Not supported */
+ default:
+ return TI_NOK;
+ }
+
+
+ paeConfig.authProtocol = pAdmCtrl->externalAuthMode;
+ paeConfig.unicastSuite = pWpaData->unicastSuite[0];
+ paeConfig.broadcastSuite = pWpaData->broadcastSuite;
+ paeConfig.keyExchangeProtocol = pAdmCtrl->keyMngSuite;
+ /* set default PAE configuration */
+ status = pAdmCtrl->pRsn->setPaeConfig(pAdmCtrl->pRsn, &paeConfig);
+
+ return status;
+}
+
+/**
+*
+* admCtrlWpa_getInfoElement - Get the current information element.
+*
+* \b Description:
+*
+* Get the current information element.
+*
+* \b ARGS:
+*
+* I - pAdmCtrl - context \n
+* I - pIe - IE buffer \n
+* I - pLength - length of IE \n
+*
+* \b RETURNS:
+*
+* TI_OK on success, TI_NOK on failure.
+*
+* \sa
+*/
+
+TI_STATUS admCtrlWpa_getInfoElement(admCtrl_t *pAdmCtrl, TI_UINT8 *pIe, TI_UINT32 *pLength)
+{
+ wpaIePacket_t localWpaPkt;
+ wpaIePacket_t *pWpaIePacket;
+ TI_UINT8 length;
+ TI_UINT16 tempInt;
+ TI_STATUS status;
+ TIWLN_SIMPLE_CONFIG_MODE wscMode;
+
+ /* Get Simple-Config state */
+ status = siteMgr_getParamWSC(pAdmCtrl->pRsn->hSiteMgr, &wscMode); /* SITE_MGR_SIMPLE_CONFIG_MODE */
+
+ if (pIe==NULL)
+ {
+ *pLength = 0;
+ return TI_NOK;
+ }
+
+ if ((wscMode != TIWLN_SIMPLE_CONFIG_OFF) &&
+ (pAdmCtrl->broadcastSuite == TWD_CIPHER_NONE) &&
+ (pAdmCtrl->unicastSuite == TWD_CIPHER_NONE))
+ {
+ *pLength = 0;
+ return TI_NOK;
+ }
+
+ /* Check validity of WPA IE */
+ if (!broadcastCipherSuiteValidity[pAdmCtrl->networkMode][pAdmCtrl->broadcastSuite])
+ { /* check Group suite validity */
+ *pLength = 0;
+ return TI_NOK;
+ }
+
+
+ if (pAdmCtrl->unicastSuite == TWD_CIPHER_WEP)
+ { /* check pairwise suite validity */
+ *pLength = 0;
+ return TI_NOK;
+ }
+
+ /* Build Wpa IE */
+ pWpaIePacket = &localWpaPkt;
+ os_memoryZero(pAdmCtrl->hOs, pWpaIePacket, sizeof(wpaIePacket_t));
+ pWpaIePacket->elementid= WPA_IE_ID;
+ os_memoryCopy(pAdmCtrl->hOs, (void *)pWpaIePacket->oui, wpaIeOuiIe, 3);
+ pWpaIePacket->ouiType = WPA_OUI_DEF_TYPE;
+
+ tempInt = WPA_OUI_MAX_VERSION;
+ COPY_WLAN_WORD(&pWpaIePacket->version, &tempInt);
+
+ length = sizeof(wpaIePacket_t)-2;
+
+ /* check defaults */
+ if (pAdmCtrl->replayCnt==1)
+ {
+ length -= 2; /* 2: capabilities + 4: keyMng suite, 2: keyMng count*/
+#if 0 /* The following was removed since there are APs which do no accept
+ the default WPA IE */
+ if (pAdmCtrl->externalAuthMode == RSN_EXT_AUTH_MODE_WPA)
+ {
+ length -= 6; /* 2: capabilities + 4: keyMng suite, 2: keyMng count*/
+ if (pAdmCtrl->unicastSuite == TWD_CIPHER_TKIP)
+ {
+ length -= 6; /* 4: unicast suite, 2: unicast count */
+ if (pAdmCtrl->broadcastSuite == TWD_CIPHER_TKIP)
+ {
+ length -= 4; /* broadcast suite */
+ }
+ }
+ }
+#endif
+ }
+
+ pWpaIePacket->length = length;
+ *pLength = length+2;
+
+ if (length>=WPA_IE_MIN_DEFAULT_LENGTH)
+ { /* build Capabilities */
+ pWpaIePacket->capabilities = ENDIAN_HANDLE_WORD(admCtrlWpa_buildCapabilities(pAdmCtrl->replayCnt));
+ }
+
+ if (length>=WPA_IE_MIN_KEY_MNG_SUITE_LENGTH(1))
+ {
+ /* build keyMng suite */
+
+ tempInt = 0x0001;
+ COPY_WLAN_WORD(&pWpaIePacket->authKeyMngSuiteCnt, &tempInt);
+
+ os_memoryCopy(pAdmCtrl->hOs, (void *)pWpaIePacket->authKeyMngSuite, wpaIeOuiIe, 3);
+
+ switch (pAdmCtrl->externalAuthMode)
+ {
+ case RSN_EXT_AUTH_MODE_OPEN:
+ case RSN_EXT_AUTH_MODE_SHARED_KEY:
+ case RSN_EXT_AUTH_MODE_AUTO_SWITCH:
+ pWpaIePacket->authKeyMngSuite[3] = WPA_IE_KEY_MNG_NONE;
+ break;
+ case RSN_EXT_AUTH_MODE_WPA:
+ {
+#ifdef XCC_MODULE_INCLUDED
+ TI_UINT8 akmSuite[DOT11_OUI_LEN+1];
+
+ if (admCtrlXCC_getCckmAkm(pAdmCtrl, akmSuite))
+ {
+ os_memoryCopy(pAdmCtrl->hOs, (void*)pWpaIePacket->authKeyMngSuite, akmSuite, DOT11_OUI_LEN+1);
+ }
+ else
+#endif
+ {
+ pWpaIePacket->authKeyMngSuite[3] = WPA_IE_KEY_MNG_801_1X;
+ }
+ }
+
+ break;
+
+ case RSN_EXT_AUTH_MODE_WPAPSK:
+ pWpaIePacket->authKeyMngSuite[3] = WPA_IE_KEY_MNG_PSK_801_1X;
+ break;
+ default:
+ pWpaIePacket->authKeyMngSuite[3] = WPA_IE_KEY_MNG_NONE;
+ break;
+ }
+
+ }
+
+
+ if (length>=WPA_IE_MIN_PAIRWISE_SUITE_LENGTH)
+ {
+
+#ifdef XCC_MODULE_INCLUDED
+ if ((pAdmCtrl->pRsn->paeConfig.unicastSuite==TWD_CIPHER_CKIP) ||
+ (pAdmCtrl->pRsn->paeConfig.broadcastSuite==TWD_CIPHER_CKIP))
+ {
+ admCtrlXCC_getWpaCipherInfo(pAdmCtrl,pWpaIePacket);
+ }
+ else
+#endif
+ {
+
+ /* build pairwise suite */
+
+ tempInt = 0x0001;
+ COPY_WLAN_WORD(&pWpaIePacket->pairwiseSuiteCnt, &tempInt);
+
+ os_memoryCopy(pAdmCtrl->hOs, (void *)pWpaIePacket->pairwiseSuite, wpaIeOuiIe, 3);
+ pWpaIePacket->pairwiseSuite[3] = (TI_UINT8)pAdmCtrl->pRsn->paeConfig.unicastSuite;
+
+ if (length>=WPA_IE_GROUP_SUITE_LENGTH)
+ { /* build group suite */
+ os_memoryCopy(pAdmCtrl->hOs, (void *)pWpaIePacket->groupSuite, wpaIeOuiIe, 3);
+ pWpaIePacket->groupSuite[3] = (TI_UINT8)pAdmCtrl->pRsn->paeConfig.broadcastSuite;
+ }
+ }
+ }
+ os_memoryCopy(pAdmCtrl->hOs, (TI_UINT8*)pIe, (TI_UINT8*)pWpaIePacket, sizeof(wpaIePacket_t));
+ return TI_OK;
+
+}
+/**
+*
+* admCtrlWpa_setSite - Set current primary site parameters for registration.
+*
+* \b Description:
+*
+* Set current primary site parameters for registration.
+*
+* \b ARGS:
+*
+* I - pAdmCtrl - context \n
+* I - pRsnData - site's RSN data \n
+* O - pAssocIe - result IE of evaluation \n
+* O - pAssocIeLen - length of result IE of evaluation \n
+*
+* \b RETURNS:
+*
+* TI_OK on site is aproved, TI_NOK on site is rejected.
+*
+* \sa
+*/
+TI_STATUS admCtrlWpa_setSite(admCtrl_t *pAdmCtrl, TRsnData *pRsnData, TI_UINT8 *pAssocIe, TI_UINT8 *pAssocIeLen)
+{
+ TI_STATUS status;
+ paramInfo_t *pParam;
+ TTwdParamInfo tTwdParam;
+ wpaIeData_t wpaData;
+ ECipherSuite encryptionStatus;
+ admCtrlWpa_validity_t *pAdmCtrlWpa_validity=NULL;
+ TI_UINT8 *pWpaIe;
+ TI_UINT8 index;
+
+ *pAssocIeLen = 0;
+
+ if (pRsnData==NULL)
+ {
+ return TI_NOK;
+ }
+
+ pParam = (paramInfo_t *)os_memoryAlloc(pAdmCtrl->hOs, sizeof(paramInfo_t));
+ if (!pParam)
+ {
+ return TI_NOK;
+ }
+
+ if (pRsnData->pIe==NULL)
+ {
+ /* configure the MLME module with the 802.11 OPEN authentication suite,
+ THe MLME will configure later the authentication module */
+ pParam->paramType = MLME_LEGACY_TYPE_PARAM;
+ pParam->content.mlmeLegacyAuthType = AUTH_LEGACY_OPEN_SYSTEM;
+ status = mlme_setParam(pAdmCtrl->hMlme, pParam);
+ goto adm_ctrl_wpa_end;
+ }
+
+#ifdef XCC_MODULE_INCLUDED
+ /* Check if Aironet IE exists */
+ admCtrlXCC_setExtendedParams(pAdmCtrl, pRsnData);
+#endif /*XCC_MODULE_INCLUDED*/
+
+ /* Check if any-WPA mode is supported and WPA2 info elem is presented */
+ /* If yes - perform WPA2 set site procedure */
+ if(pAdmCtrl->WPAMixedModeEnable && pAdmCtrl->WPAPromoteFlags)
+ {
+ if((admCtrl_parseIe(pAdmCtrl, pRsnData, &pWpaIe, RSN_IE_ID)== TI_OK) &&
+ (pWpaIe != NULL))
+ {
+ status = admCtrlWpa2_setSite(pAdmCtrl, pRsnData, pAssocIe, pAssocIeLen);
+ if(status == TI_OK)
+ goto adm_ctrl_wpa_end;
+ }
+ }
+
+ status = admCtrl_parseIe(pAdmCtrl, pRsnData, &pWpaIe, WPA_IE_ID);
+ if (status != TI_OK)
+ {
+ goto adm_ctrl_wpa_end;
+ }
+ status = admCtrlWpa_parseIe(pAdmCtrl, pWpaIe, &wpaData);
+ if (status != TI_OK)
+ {
+ goto adm_ctrl_wpa_end;
+ }
+ if ((wpaData.unicastSuite[0]>=MAX_WPA_CIPHER_SUITE) ||
+ (wpaData.broadcastSuite>=MAX_WPA_CIPHER_SUITE) ||
+ (pAdmCtrl->unicastSuite>=MAX_WPA_CIPHER_SUITE))
+ {
+ status = TI_NOK;
+ goto adm_ctrl_wpa_end;
+ }
+
+ pAdmCtrl->encrInSw = wpaData.XCCKp;
+ pAdmCtrl->micInSw = wpaData.XCCMic;
+
+ /*Because ckip is a proprietary encryption for Cisco then a different validity check is needed */
+ if(wpaData.broadcastSuite == TWD_CIPHER_CKIP || wpaData.unicastSuite[0] == TWD_CIPHER_CKIP)
+ {
+ pAdmCtrl->getCipherSuite(pAdmCtrl, &encryptionStatus);
+ /*Funk supplicant can support CCKM only if it configures the driver to TKIP encryption. */
+ if (encryptionStatus != TWD_CIPHER_TKIP) {
+ status = TI_NOK;
+ goto adm_ctrl_wpa_end;
+ }
+ if (pAdmCtrl->encrInSw)
+ pAdmCtrl->XCCSupport = TI_TRUE;
+ }
+ else
+ {
+ /* Check validity of Group suite */
+ if (!broadcastCipherSuiteValidity[pAdmCtrl->networkMode][wpaData.broadcastSuite])
+ { /* check Group suite validity */
+ status = TI_NOK;
+ goto adm_ctrl_wpa_end;
+ }
+
+ pAdmCtrl->getCipherSuite(pAdmCtrl, &encryptionStatus);
+ for (index=0; index<wpaData.unicastSuiteCnt; index++)
+ {
+ pAdmCtrlWpa_validity = &admCtrlWpa_validityTable[wpaData.unicastSuite[index]][wpaData.broadcastSuite][encryptionStatus];
+ if (pAdmCtrlWpa_validity->status ==TI_OK)
+ {
+ break;
+ }
+ }
+
+ if (pAdmCtrlWpa_validity->status != TI_OK)
+ {
+ status = pAdmCtrlWpa_validity->status;
+ goto adm_ctrl_wpa_end;
+ }
+
+ /* set cipher suites */
+ wpaData.unicastSuite[0] = pAdmCtrlWpa_validity->unicast ;/*wpaData.unicastSuite[0];*/
+ wpaData.broadcastSuite = pAdmCtrlWpa_validity->broadcast; /*wpaData.broadcastSuite;*/
+ }
+ /* set external auth mode according to the key Mng Suite */
+ switch (wpaData.KeyMngSuite[0])
+ {
+ case WPA_IE_KEY_MNG_NONE:
+ pAdmCtrl->externalAuthMode = RSN_EXT_AUTH_MODE_OPEN;
+ break;
+ case WPA_IE_KEY_MNG_801_1X:
+#ifdef XCC_MODULE_INCLUDED
+ case WPA_IE_KEY_MNG_CCKM:
+#endif
+ pAdmCtrl->externalAuthMode = RSN_EXT_AUTH_MODE_WPA;
+ break;
+ case WPA_IE_KEY_MNG_PSK_801_1X:
+#if 0 /* code will remain here until the WSC spec will be closed*/
+ if ((wpaData.KeyMngSuiteCnt > 1) && (wpaData.KeyMngSuite[1] == WPA_IE_KEY_MNG_801_1X))
+ {
+ /*WLAN_OS_REPORT (("Overriding for simple-config - setting external auth to MODE WPA\n"));*/
+ /*pAdmCtrl->externalAuthMode = RSN_EXT_AUTH_MODE_WPA;*/
+ }
+ else
+ {
+ /*pAdmCtrl->externalAuthMode = RSN_EXT_AUTH_MODE_WPAPSK;*/
+ }
+#endif
+ break;
+ default:
+ pAdmCtrl->externalAuthMode = RSN_EXT_AUTH_MODE_OPEN;
+ break;
+ }
+
+
+
+#ifdef XCC_MODULE_INCLUDED
+ pParam->paramType = XCC_CCKM_EXISTS;
+ pParam->content.XCCCckmExists = (wpaData.KeyMngSuite[0]==WPA_IE_KEY_MNG_CCKM) ? TI_TRUE : TI_FALSE;
+ XCCMngr_setParam(pAdmCtrl->hXCCMngr, pParam);
+#endif
+ /* set replay counter */
+ pAdmCtrl->replayCnt = wpaData.replayCounters;
+
+ *pAssocIeLen = pRsnData->ieLen;
+ if (pAssocIe != NULL)
+ {
+ os_memoryCopy(pAdmCtrl->hOs, pAssocIe, &wpaData, sizeof(wpaIeData_t));
+ }
+
+
+ /* Now we configure the MLME module with the 802.11 legacy authentication suite,
+ THe MLME will configure later the authentication module */
+ pParam->paramType = MLME_LEGACY_TYPE_PARAM;
+#ifdef XCC_MODULE_INCLUDED
+ if (pAdmCtrl->networkEapMode!=OS_XCC_NETWORK_EAP_OFF)
+ {
+ pParam->content.mlmeLegacyAuthType = AUTH_LEGACY_RESERVED1;
+ }
+ else
+#endif
+ {
+ pParam->content.mlmeLegacyAuthType = AUTH_LEGACY_OPEN_SYSTEM;
+ }
+
+
+ status = mlme_setParam(pAdmCtrl->hMlme, pParam);
+ if (status != TI_OK)
+ {
+ goto adm_ctrl_wpa_end;
+ }
+
+ pParam->paramType = RX_DATA_EAPOL_DESTINATION_PARAM;
+ pParam->content.rxDataEapolDestination = OS_ABS_LAYER;
+ status = rxData_setParam(pAdmCtrl->hRx, pParam);
+ if (status != TI_OK)
+ {
+ goto adm_ctrl_wpa_end;
+ }
+
+ /* Configure privacy status in HAL so that HW is prepared to recieve keys */
+ tTwdParam.paramType = TWD_RSN_SECURITY_MODE_PARAM_ID;
+ tTwdParam.content.rsnEncryptionStatus = (ECipherSuite)wpaData.unicastSuite[0];
+ status = TWD_SetParam(pAdmCtrl->pRsn->hTWD, &tTwdParam);
+ if (status != TI_OK)
+ {
+ goto adm_ctrl_wpa_end;
+ }
+
+#ifdef XCC_MODULE_INCLUDED
+
+ /* set MIC and KP in HAL */
+ tTwdParam.paramType = TWD_RSN_XCC_SW_ENC_ENABLE_PARAM_ID;
+ tTwdParam.content.rsnXCCSwEncFlag = wpaData.XCCKp;
+ status = TWD_SetParam(pAdmCtrl->pRsn->hTWD, &tTwdParam);
+ if (status != TI_OK)
+ {
+ goto adm_ctrl_wpa_end;
+ }
+ tTwdParam.paramType = TWD_RSN_XCC_MIC_FIELD_ENABLE_PARAM_ID;
+ tTwdParam.content.rsnXCCMicFieldFlag = wpaData.XCCMic;
+ status = TWD_SetParam(pAdmCtrl->pRsn->hTWD, &tTwdParam);
+
+ if (status != TI_OK)
+ {
+ goto adm_ctrl_wpa_end;
+ }
+#endif /*XCC_MODULE_INCLUDED*/
+
+ /* re-config PAE */
+ status = admCtrlWpa_dynamicConfig(pAdmCtrl,&wpaData);
+ if (status != TI_OK)
+ {
+ goto adm_ctrl_wpa_end;
+ }
+
+adm_ctrl_wpa_end:
+ os_memoryFree(pAdmCtrl->hOs, pParam, sizeof(paramInfo_t));
+ return status;
+}
+
+/**
+*
+* admCtrlWpa_evalSite - Evaluate site for registration.
+*
+* \b Description:
+*
+* evaluate site RSN capabilities against the station's cap.
+* If the BSS type is infrastructure, the station matches the site only if it's WEP status is same as the site
+* In IBSS, it does not matter
+*
+* \b ARGS:
+*
+* I - pAdmCtrl - Context \n
+* I - pRsnData - site's RSN data \n
+* O - pEvaluation - Result of evaluation \n
+*
+* \b RETURNS:
+*
+* TI_OK
+*
+* \sa
+*/
+TI_STATUS admCtrlWpa_evalSite(admCtrl_t *pAdmCtrl, TRsnData *pRsnData, TRsnSiteParams *pRsnSiteParams, TI_UINT32 *pEvaluation)
+{
+ TI_STATUS status;
+ wpaIeData_t wpaData;
+ admCtrlWpa_validity_t admCtrlWpa_validity;
+ ECipherSuite encryptionStatus;
+ TIWLN_SIMPLE_CONFIG_MODE wscMode;
+ TI_UINT8 *pWpaIe;
+ TI_UINT8 index;
+
+ /* Get Simple-Config state */
+ status = siteMgr_getParamWSC(pAdmCtrl->pRsn->hSiteMgr, &wscMode); /* SITE_MGR_SIMPLE_CONFIG_MODE */
+
+ *pEvaluation = 0;
+
+ if (pRsnData==NULL)
+ {
+ return TI_NOK;
+ }
+ if ((pRsnData->pIe==NULL) && (wscMode == TIWLN_SIMPLE_CONFIG_OFF))
+ {
+ return TI_NOK;
+ }
+
+ if (pRsnSiteParams->bssType != BSS_INFRASTRUCTURE)
+ {
+ return TI_NOK;
+ }
+
+ /* Set initial values for admCtrlWpa_validity as none*/
+ admCtrlWpa_validity = admCtrlWpa_validityTable[TWD_CIPHER_NONE][TWD_CIPHER_NONE][TWD_CIPHER_NONE];
+
+ /* Check if WPA-any mode is supported and WPA2 info elem is presented */
+ /* If yes - perform WPA2 site evaluation */
+ if(pAdmCtrl->WPAMixedModeEnable && pAdmCtrl->WPAPromoteFlags)
+ {
+ if((admCtrl_parseIe(pAdmCtrl, pRsnData, &pWpaIe, RSN_IE_ID)== TI_OK) &&
+ (pWpaIe != NULL))
+ {
+ status = admCtrlWpa2_evalSite(pAdmCtrl, pRsnData, pRsnSiteParams, pEvaluation);
+ if(status == TI_OK)
+ return status;
+ }
+ }
+
+ status = admCtrl_parseIe(pAdmCtrl, pRsnData, &pWpaIe, WPA_IE_ID);
+ if ((status != TI_OK) && (wscMode == TIWLN_SIMPLE_CONFIG_OFF))
+ {
+ return status;
+ }
+ /* If found WPA Information Element */
+ if (pWpaIe != NULL)
+ {
+ status = admCtrlWpa_parseIe(pAdmCtrl, pWpaIe, &wpaData);
+ if (status != TI_OK)
+ {
+ return status;
+ }
+
+ /* check keyMngSuite validity */
+ switch (wpaData.KeyMngSuite[0])
+ {
+ case WPA_IE_KEY_MNG_NONE:
+ TRACE0(pAdmCtrl->hReport, REPORT_SEVERITY_INFORMATION, "admCtrlWpa_evalSite: KeyMngSuite[0]=WPA_IE_KEY_MNG_NONE\n");
+ status = (pAdmCtrl->externalAuthMode <= RSN_EXT_AUTH_MODE_AUTO_SWITCH) ? TI_OK : TI_NOK;
+ break;
+ case WPA_IE_KEY_MNG_801_1X:
+#ifdef XCC_MODULE_INCLUDED
+ case WPA_IE_KEY_MNG_CCKM:
+ /* CCKM is allowed only in 802.1x auth */
+#endif
+ TRACE0(pAdmCtrl->hReport, REPORT_SEVERITY_INFORMATION, "admCtrlWpa_evalSite: KeyMngSuite[0]=WPA_IE_KEY_MNG_801_1X\n");
+ status = (pAdmCtrl->externalAuthMode == RSN_EXT_AUTH_MODE_WPA) ? TI_OK : TI_NOK;
+ break;
+ case WPA_IE_KEY_MNG_PSK_801_1X:
+ TRACE0(pAdmCtrl->hReport, REPORT_SEVERITY_INFORMATION, "admCtrlWpa_evalSite: KeyMngSuite[0]=WPA_IE_KEY_MNG_PSK_801_1X\n");
+ status = ((pAdmCtrl->externalAuthMode == RSN_EXT_AUTH_MODE_WPAPSK) ||
+ (wscMode && (pAdmCtrl->externalAuthMode == RSN_EXT_AUTH_MODE_WPA))) ? TI_OK : TI_NOK;
+ break;
+ default:
+ status = TI_NOK;
+ break;
+ }
+
+ TRACE2(pAdmCtrl->hReport, REPORT_SEVERITY_INFORMATION, "admCtrlWpa_evalSite: pAdmCtrl->externalAuthMode = %d, Status = %d\n",pAdmCtrl->externalAuthMode,status);
+
+ if (status != TI_OK)
+ {
+ return status;
+ }
+
+ /*Because ckip is a proprietary encryption for Cisco then a different validity check is needed */
+ if(wpaData.broadcastSuite == TWD_CIPHER_CKIP || wpaData.unicastSuite[0] == TWD_CIPHER_CKIP)
+ {
+ pAdmCtrl->getCipherSuite(pAdmCtrl, &encryptionStatus);
+ if (encryptionStatus != TWD_CIPHER_TKIP)
+ return TI_NOK;
+ }
+ else
+ {
+ /* Check cipher suite validity */
+ pAdmCtrl->getCipherSuite(pAdmCtrl, &encryptionStatus);
+ for (index=0; index<wpaData.unicastSuiteCnt; index++)
+ {
+ admCtrlWpa_validity = admCtrlWpa_validityTable[wpaData.unicastSuite[index]][wpaData.broadcastSuite][encryptionStatus];
+ if (admCtrlWpa_validity.status ==TI_OK)
+ {
+ break;
+ }
+ }
+
+ if (admCtrlWpa_validity.status!=TI_OK)
+ {
+ return admCtrlWpa_validity.status;
+ }
+
+ wpaData.broadcastSuite = admCtrlWpa_validity.broadcast;
+ wpaData.unicastSuite[0] = admCtrlWpa_validity.unicast;
+ *pEvaluation = admCtrlWpa_validity.evaluation;
+ }
+
+ if ((encryptionStatus == TWD_CIPHER_TKIP) && (pRsnSiteParams->pHTCapabilities->tHdr[0] != TI_FALSE) && (pRsnSiteParams->pHTInfo->tHdr[0] != TI_FALSE))
+ {
+ TRACE0(pAdmCtrl->hReport, REPORT_SEVERITY_INFORMATION,"Dismiss AP - HT with TKIP is not valid");
+ return TI_NOK; /* if the encyption is TKIP and the site does support HT(11n) the site can not be a candidate */
+ }
+
+
+ /* Check privacy bit if not in mixed mode */
+ if (!pAdmCtrl->mixedMode)
+ { /* There's no mixed mode, so make sure that the privacy Bit matches the privacy mode*/
+ if (((pRsnData->privacy) && (wpaData.unicastSuite[0]==TWD_CIPHER_NONE)) ||
+ ((!pRsnData->privacy) && (wpaData.unicastSuite[0]>TWD_CIPHER_NONE)))
+ {
+ *pEvaluation = 0;
+ }
+ }
+
+ }
+ else
+ {
+ TRACE0(pAdmCtrl->hReport, REPORT_SEVERITY_INFORMATION, "didn't find WPA IE\n");
+ if (wscMode == TIWLN_SIMPLE_CONFIG_OFF)
+ return TI_NOK;
+ TRACE0(pAdmCtrl->hReport, REPORT_SEVERITY_INFORMATION, "metric is 1\n");
+ *pEvaluation = 1;
+ pAdmCtrl->broadcastSuite = TWD_CIPHER_NONE;
+ pAdmCtrl->unicastSuite = TWD_CIPHER_NONE;
+ }
+
+
+ /* always return TI_OK */
+ return TI_OK;
+}
+
+
+/**
+*
+* admCtrlWpa_parseIe - Parse an WPA information element.
+*
+* \b Description:
+*
+* Parse an WPA information element.
+* Builds a structure of the unicast adn broadcast cihper suites,
+* the key management suite and the capabilities.
+*
+* \b ARGS:
+*
+* I - pAdmCtrl - pointer to admCtrl context
+* I - pWpaIe - pointer to WPA IE buffer \n
+* O - pWpaData - capabilities structure
+*
+*
+* \b RETURNS:
+*
+* TI_OK on success, TI_NOK on failure.
+*
+* \sa
+*/
+TI_STATUS admCtrlWpa_parseIe(admCtrl_t *pAdmCtrl, TI_UINT8 *pWpaIe, wpaIeData_t *pWpaData)
+{
+
+ wpaIePacket_t *wpaIePacket = (wpaIePacket_t*)pWpaIe;
+ TI_UINT8 *curWpaIe;
+ TI_UINT8 curLength = WPA_IE_MIN_LENGTH;
+
+ TRACE0(pAdmCtrl->hReport, REPORT_SEVERITY_INFORMATION, "Wpa_IE: DEBUG: admCtrlWpa_parseIe\n\n");
+
+ if ((pWpaData == NULL) || (pWpaIe == NULL))
+ {
+ return TI_NOK;
+ }
+
+ if ((wpaIePacket->length < WPA_IE_MIN_LENGTH) ||
+ (wpaIePacket->elementid != WPA_IE_ID) ||
+ (wpaIePacket->ouiType > WPA_OUI_MAX_TYPE) || (ENDIAN_HANDLE_WORD(wpaIePacket->version) > WPA_OUI_MAX_VERSION) ||
+ (os_memoryCompare(pAdmCtrl->hOs, (TI_UINT8*)wpaIePacket->oui, wpaIeOuiIe, 3)))
+ {
+ TRACE7(pAdmCtrl->hReport, REPORT_SEVERITY_INFORMATION, "Wpa_ParseIe Error: length=0x%x, elementid=0x%x, ouiType=0x%x, version=0x%x, oui=0x%x, 0x%x, 0x%x\n", wpaIePacket->length,wpaIePacket->elementid, wpaIePacket->ouiType, wpaIePacket->version, wpaIePacket->oui[0], wpaIePacket->oui[1],wpaIePacket->oui[2]);
+
+ return TI_NOK;
+ }
+ /* Set default values */
+ pWpaData->broadcastSuite = TWD_CIPHER_TKIP;
+ pWpaData->unicastSuiteCnt = 1;
+ pWpaData->unicastSuite[0] = TWD_CIPHER_TKIP;
+ pWpaData->KeyMngSuiteCnt = 1;
+ pWpaData->KeyMngSuite[0] = (ERsnKeyMngSuite)WPA_IE_KEY_MNG_801_1X;
+ pWpaData->bcastForUnicatst = 1;
+ pWpaData->replayCounters = 1;
+
+ pWpaData->XCCKp = TI_FALSE;
+ pWpaData->XCCMic = TI_FALSE;
+
+
+ /* Group Suite */
+ if (wpaIePacket->length >= WPA_IE_GROUP_SUITE_LENGTH)
+ {
+ pWpaData->broadcastSuite = (ECipherSuite)admCtrlWpa_parseSuiteVal(pAdmCtrl, (TI_UINT8 *)wpaIePacket->groupSuite,pWpaData,TWD_CIPHER_WEP104);
+ curLength = WPA_IE_GROUP_SUITE_LENGTH;
+ TRACE2(pAdmCtrl->hReport, REPORT_SEVERITY_INFORMATION, "Wpa_IE: GroupSuite%x, broadcast %x \n", wpaIePacket->groupSuite[3], pWpaData->broadcastSuite);
+ } else
+ {
+ return TI_OK;
+ }
+ /* Unicast Suite */
+ if (wpaIePacket->length >= WPA_IE_MIN_PAIRWISE_SUITE_LENGTH)
+ {
+ TI_UINT16 pairWiseSuiteCnt = ENDIAN_HANDLE_WORD(wpaIePacket->pairwiseSuiteCnt);
+ TI_BOOL cipherSuite[MAX_WPA_UNICAST_SUITES]={TI_FALSE, TI_FALSE, TI_FALSE, TI_FALSE, TI_FALSE, TI_FALSE , TI_FALSE};
+ TI_INT32 index, unicastSuiteIndex=0;
+
+ curWpaIe = (TI_UINT8*)&(wpaIePacket->pairwiseSuite);
+ for (index=0; (index<pairWiseSuiteCnt) && (wpaIePacket->length >= (WPA_IE_MIN_PAIRWISE_SUITE_LENGTH+(index+1)*4)); index++)
+ {
+ ECipherSuite curCipherSuite;
+
+ curCipherSuite = (ECipherSuite)admCtrlWpa_parseSuiteVal(pAdmCtrl, curWpaIe,pWpaData,TWD_CIPHER_WEP104);
+ TRACE2(pAdmCtrl->hReport, REPORT_SEVERITY_INFORMATION, "Wpa_IE: pairwiseSuite %x , unicast %x \n", curWpaIe[3], curCipherSuite);
+
+ if ((curCipherSuite!=TWD_CIPHER_UNKNOWN) && (curCipherSuite<MAX_WPA_UNICAST_SUITES))
+ {
+ cipherSuite[curCipherSuite] = TI_TRUE;
+ }
+ curWpaIe +=4;
+ }
+ for (index=MAX_WPA_UNICAST_SUITES-1; index>=0; index--)
+ {
+ if (cipherSuite[index])
+ {
+ pWpaData->unicastSuite[unicastSuiteIndex] = (ECipherSuite)index;
+ TRACE1(pAdmCtrl->hReport, REPORT_SEVERITY_INFORMATION, "Wpa_IE: unicast %x \n", pWpaData->unicastSuite[unicastSuiteIndex]);
+ unicastSuiteIndex++;
+ }
+ }
+ pWpaData->unicastSuiteCnt = unicastSuiteIndex;
+ curLength = WPA_IE_MIN_KEY_MNG_SUITE_LENGTH(pairWiseSuiteCnt);
+
+ } else
+ {
+ return TI_OK;
+ }
+ /* KeyMng Suite */
+ if (wpaIePacket->length >= curLength)
+ {
+ TI_UINT16 keyMngSuiteCnt = ENDIAN_HANDLE_WORD(*curWpaIe);
+ TI_UINT16 index;
+ ERsnKeyMngSuite maxKeyMngSuite = WPA_IE_KEY_MNG_NONE;
+
+ /* Include all AP key management supported suites in the wpaData structure */
+ pWpaData->KeyMngSuiteCnt = keyMngSuiteCnt;
+
+ curWpaIe +=2;
+ pAdmCtrl->wpaAkmExists = TI_FALSE;
+ for (index=0; (index<keyMngSuiteCnt) && (wpaIePacket->length >= (curLength+index*4)); index++)
+ {
+ ERsnKeyMngSuite curKeyMngSuite;
+
+#ifdef XCC_MODULE_INCLUDED
+ curKeyMngSuite = (ERsnKeyMngSuite)admCtrlXCC_parseCckmSuiteVal(pAdmCtrl, curWpaIe);
+ if (curKeyMngSuite == WPA_IE_KEY_MNG_CCKM)
+ { /* CCKM is the maximum AKM */
+ maxKeyMngSuite = curKeyMngSuite;
+ }
+ else
+#endif
+ {
+ curKeyMngSuite = (ERsnKeyMngSuite)admCtrlWpa_parseSuiteVal(pAdmCtrl, curWpaIe,pWpaData,WPA_IE_KEY_MNG_PSK_801_1X);
+ }
+ TRACE2(pAdmCtrl->hReport, REPORT_SEVERITY_INFORMATION, "Wpa_IE: authKeyMng %x , keyMng %x \n", curWpaIe[3], curKeyMngSuite);
+
+ if ((curKeyMngSuite>maxKeyMngSuite) && (curKeyMngSuite!=WPA_IE_KEY_MNG_NA)
+ && (curKeyMngSuite!=WPA_IE_KEY_MNG_CCKM))
+ {
+ maxKeyMngSuite = curKeyMngSuite;
+ }
+ if (curKeyMngSuite==WPA_IE_KEY_MNG_801_1X)
+ { /* If 2 AKM exist, save also the second priority */
+ pAdmCtrl->wpaAkmExists = TI_TRUE;
+ }
+
+ curWpaIe +=4;
+
+ /* Include all AP key management supported suites in the wpaData structure */
+ pWpaData->KeyMngSuite[index+1] = curKeyMngSuite;
+
+ }
+ pWpaData->KeyMngSuite[0] = maxKeyMngSuite;
+ curLength += (index-1)*4;
+ TRACE1(pAdmCtrl->hReport, REPORT_SEVERITY_INFORMATION, "Wpa_IE: keyMng %x \n", pWpaData->KeyMngSuite[0]);
+
+ } else
+ {
+ return TI_OK;
+ }
+ /* Parse capabilities */
+ if (wpaIePacket->length >= (curLength+2))
+ {
+ TI_UINT16 capabilities = ENDIAN_HANDLE_WORD(*((TI_UINT16 *)curWpaIe));
+
+ pWpaData->bcastForUnicatst = (capabilities & WPA_GROUP_4_UNICAST_CAPABILITY_MASK) >> WPA_REPLAY_GROUP4UNI_CAPABILITY_SHIFT;
+ pWpaData->replayCounters = (capabilities & WPA_REPLAY_COUNTERS_CAPABILITY_MASK) >> WPA_REPLAY_COUNTERS_CAPABILITY_SHIFT;
+ switch (pWpaData->replayCounters)
+ {
+ case 0: pWpaData->replayCounters=1;
+ break;
+ case 1: pWpaData->replayCounters=2;
+ break;
+ case 2: pWpaData->replayCounters=4;
+ break;
+ case 3: pWpaData->replayCounters=16;
+ break;
+ default: pWpaData->replayCounters=0;
+ break;
+ }
+ TRACE3(pAdmCtrl->hReport, REPORT_SEVERITY_INFORMATION, "Wpa_IE: capabilities %x, bcastForUnicatst %x, replayCounters %x\n", capabilities, pWpaData->bcastForUnicatst, pWpaData->replayCounters);
+
+ }
+
+
+ return TI_OK;
+
+}
+
+
+TI_UINT16 admCtrlWpa_buildCapabilities(TI_UINT16 replayCnt)
+{
+ TI_UINT16 capabilities=0;
+ /* Bit1: group key for unicast */
+ capabilities = 0;
+ capabilities = capabilities << WPA_REPLAY_GROUP4UNI_CAPABILITY_SHIFT;
+ /* Bits 2&3: Replay counter */
+ switch (replayCnt)
+ {
+ case 1: replayCnt=0;
+ break;
+ case 2: replayCnt=1;
+ break;
+ case 4: replayCnt=2;
+ break;
+ case 16: replayCnt=3;
+ break;
+ default: replayCnt=0;
+ break;
+ }
+
+ capabilities |= replayCnt << WPA_REPLAY_COUNTERS_CAPABILITY_SHIFT;
+ return capabilities;
+
+}
+
+
+TI_UINT32 admCtrlWpa_parseSuiteVal(admCtrl_t *pAdmCtrl, TI_UINT8* suiteVal, wpaIeData_t *pWpaData, TI_UINT32 maxVal)
+{
+ TI_UINT32 suite;
+
+ if ((pAdmCtrl==NULL) || (suiteVal==NULL))
+ {
+ return TWD_CIPHER_UNKNOWN;
+ }
+ if (!os_memoryCompare(pAdmCtrl->hOs, suiteVal, wpaIeOuiIe, 3))
+ {
+ suite = (ECipherSuite)((suiteVal[3]<=maxVal) ? suiteVal[3] : TWD_CIPHER_UNKNOWN);
+ } else
+ {
+#ifdef XCC_MODULE_INCLUDED
+ suite = admCtrlXCC_WpaParseSuiteVal(pAdmCtrl,suiteVal,pWpaData);
+#else
+ suite = TWD_CIPHER_UNKNOWN;
+#endif
+ }
+ return suite;
+}
+
+
+TI_STATUS admCtrlWpa_checkCipherSuiteValidity (ECipherSuite unicastSuite, ECipherSuite broadcastSuite, ECipherSuite encryptionStatus)
+{
+ ECipherSuite maxCipher;
+
+ maxCipher = (unicastSuite>=broadcastSuite) ? unicastSuite : broadcastSuite ;
+ if (maxCipher != encryptionStatus)
+ {
+ return TI_NOK;
+ }
+ if ((unicastSuite != TWD_CIPHER_NONE) && (broadcastSuite>unicastSuite))
+ {
+ return TI_NOK;
+ }
+ return TI_OK;
+}
+
+static TI_STATUS admCtrlWpa_get802_1x_AkmExists (admCtrl_t *pAdmCtrl, TI_BOOL *wpa_802_1x_AkmExists)
+{
+ *wpa_802_1x_AkmExists = pAdmCtrl->wpaAkmExists;
+ return TI_OK;
+}
+
+
+
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-05 10:57:05 +0000