diff options
Diffstat (limited to 'wl1271/stad/src/Connection_Managment/admCtrlWpa.c')
-rw-r--r-- | wl1271/stad/src/Connection_Managment/admCtrlWpa.c | 1364 |
1 files changed, 0 insertions, 1364 deletions
diff --git a/wl1271/stad/src/Connection_Managment/admCtrlWpa.c b/wl1271/stad/src/Connection_Managment/admCtrlWpa.c deleted file mode 100644 index 4eaa0f5..0000000 --- a/wl1271/stad/src/Connection_Managment/admCtrlWpa.c +++ /dev/null @@ -1,1364 +0,0 @@ -/* - * admCtrlWpa.c - * - * Copyright(c) 1998 - 2010 Texas Instruments. All rights reserved. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * * Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * * Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * * Neither the name Texas Instruments nor the names of its - * contributors may be used to endorse or promote products derived - * from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR - * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT - * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT - * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY - * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -/** \file admCtrl.c - * \brief Admission control API implimentation - * - * \see admCtrl.h - */ - -/**************************************************************************** - * * - * MODULE: Admission Control * - * PURPOSE: Admission Control Module API * - * * - ****************************************************************************/ - -#define __FILE_ID__ FILE_ID_19 -#include "osApi.h" -#include "paramOut.h" -#include "mlmeApi.h" -#include "802_11Defs.h" -#include "DataCtrl_Api.h" -#include "report.h" -#include "rsn.h" -#include "admCtrl.h" -#include "admCtrlWpa.h" -#include "admCtrlWpa2.h" -#ifdef XCC_MODULE_INCLUDED -#include "admCtrlXCC.h" -#include "XCCMngr.h" -#endif -#include "siteMgrApi.h" -#include "TWDriver.h" - -/* Constants */ -#define MAX_NETWORK_MODE 2 -#define MAX_WPA_CIPHER_SUITE 7 - - - -/* Enumerations */ - -/* Typedefs */ - -/* Structures */ - -/* External data definitions */ - -/* Local functions definitions */ - -/* Global variables */ - -static TI_UINT8 wpaIeOuiIe[3] = { 0x00, 0x50, 0xf2}; - -static TI_BOOL broadcastCipherSuiteValidity[MAX_NETWORK_MODE][MAX_WPA_CIPHER_SUITE]= -{ - /* RSN_IBSS */ { -/* NONE */ TI_FALSE, -/* WEP40 */ TI_FALSE, -/* TKIP */ TI_TRUE, -/* AES_WRAP */ TI_TRUE, -/* AES_CCMP */ TI_TRUE, -/* WEP104 */ TI_FALSE, -/* CKIP */ TI_FALSE}, - - /* RSN_INFRASTRUCTURE */ { -/* NONE */ TI_FALSE, -/* WEP */ TI_TRUE, -/* TKIP */ TI_TRUE, -/* AES_WRAP */ TI_TRUE, -/* AES_CCMP */ TI_TRUE, -/* WEP104 */ TI_TRUE, -/* CKIP */ TI_TRUE} -}; - -/** WPA admission table. Used to verify admission parameters to an AP */ -/* table parameters: - Max unicast cipher in the IE - Max broadcast cipher in the IE - Encryption status -*/ -typedef struct -{ - TI_STATUS status; - ECipherSuite unicast; - ECipherSuite broadcast; - TI_UINT8 evaluation; -} admCtrlWpa_validity_t; - -static admCtrlWpa_validity_t admCtrlWpa_validityTable[MAX_WPA_CIPHER_SUITE][MAX_WPA_CIPHER_SUITE][MAX_WPA_CIPHER_SUITE] = -{ -/* AP unicast NONE */ { - /* AP multicast NONE */ { - /* STA NONE */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA WEP40 */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA TKIP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA WRAP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA CCMP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA WEP104 */{ TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}}, - /* AP multicast WEP40 */ { - /* STA NONE */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA WEP40 */ { TI_OK, TWD_CIPHER_NONE, TWD_CIPHER_WEP ,1}, - /* STA TKIP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA WRAP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA CCMP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA WEP104 */{ TI_OK, TWD_CIPHER_NONE, TWD_CIPHER_WEP104 ,1}}, - /* AP multicast TKIP */ { - /* STA NONE */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA WEP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA TKIP */ { TI_OK, TWD_CIPHER_NONE, TWD_CIPHER_TKIP ,2}, - /* STA WRAP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA CCMP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA WEP104 */{ TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}}, - /* AP multicast WRAP */ { - /* STA NONE */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA WEP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA TKIP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA WRAP */ { TI_OK, TWD_CIPHER_NONE, TWD_CIPHER_AES_WRAP ,3}, - /* STA CCMP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA WEP104 */{ TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}}, - /* AP multicast CCMP */ { - /* STA NONE */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA WEP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA TKIP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA WRAP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA CCMP */ { TI_OK, TWD_CIPHER_NONE, TWD_CIPHER_AES_CCMP ,3}, - /* STA WEP104 */{ TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}}, - /* AP multicast WEP104 */ { - /* STA NONE */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA WEP40 */ { TI_OK, TWD_CIPHER_NONE, TWD_CIPHER_WEP ,1}, - /* STA TKIP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA WRAP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA CCMP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA WEP104 */{ TI_OK, TWD_CIPHER_NONE, TWD_CIPHER_WEP104 ,1}}}, -/* AP unicast WEP */ { - /* AP multicast NONE */ { - /* STA NONE */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA WEP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA TKIP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA WRAP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA CCMP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA WEP104 */{ TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}}, - /* AP multicast WEP */ { - /* STA NONE */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA WEP */ { TI_OK, TWD_CIPHER_WEP, TWD_CIPHER_WEP ,1}, - /* STA TKIP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA WRAP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA CCMP */ { TI_OK, TWD_CIPHER_WEP, TWD_CIPHER_WEP ,1}, - /* STA WEP104 */{ TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}}, - /* AP multicast TKIP */ { - /* STA NONE */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA WEP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA TKIP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA AES */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA CCMP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA WEP104 */{ TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}}, - /* AP multicast WRAP */ { - /* STA NONE */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA WEP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA TKIP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA WRAP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA CCMP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA WEP104 */{ TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}}, - /* AP multicast CCMP */ { - /* STA NONE */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA WEP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA TKIP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA AES */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA CCMP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA WEP104 */{ TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}}, - /* AP multicast WEP104 */ { - /* STA NONE */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA WEP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA TKIP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA AES */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA CCMP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA WEP104 */{ TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}}}, -/* AP unicast TKIP */ { - /* AP multicast NONE */ { - /* STA NONE */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA WEP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA TKIP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA AES */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA CCMP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA WEP104 */{ TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}}, - /* AP multicast WEP */ { - /* STA NONE */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA WEP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA TKIP */ { TI_OK, TWD_CIPHER_TKIP, TWD_CIPHER_WEP ,4}, - /* STA AES */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA CCMP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA WEP104 */{ TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}}, - /* AP multicast TKIP */ { - /* STA NONE */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA WEP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA TKIP */ { TI_OK, TWD_CIPHER_TKIP, TWD_CIPHER_TKIP ,7}, - /* STA AES */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA CCMP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA WEP104 */{ TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}}, - /* AP multicast WRAP */ { - /* STA NONE */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA WEP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA TKIP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA AES */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA CCMP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA WEP104 */{ TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}}, - /* AP multicast CCMP */ { - /* STA NONE */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA WEP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA TKIP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA AES */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA CCMP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA WEP104 */{ TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}}, - /* AP multicast WEP104 */ { - /* STA NONE */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA WEP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA TKIP */ { TI_OK, TWD_CIPHER_TKIP, TWD_CIPHER_WEP104 ,4}, - /* STA AES */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA CCMP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA WEP104 */{ TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}}}, -/* AP unicast AES_WRAP */ { - /* AP multicast NONE */ { - /* STA NONE */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA WEP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA TKIP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA AES */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA CCMP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA WEP104 */{ TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}}, - /* AP multicast WEP40 */ { - /* STA NONE */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA WEP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA TKIP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA AES */ { TI_OK, TWD_CIPHER_AES_WRAP, TWD_CIPHER_WEP ,5}, - /* STA CCMP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA WEP104 */{ TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}}, - /* AP multicast TKIP */ { - /* STA NONE */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA WEP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA TKIP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA AES */ { TI_OK, TWD_CIPHER_AES_WRAP, TWD_CIPHER_TKIP ,6}, - /* STA CCMP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA WEP104 */{ TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}}, - /* AP multicast WRAP */ { - /* STA NONE */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA WEP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA TKIP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA AES */ { TI_OK, TWD_CIPHER_AES_WRAP, TWD_CIPHER_AES_WRAP ,8}, - /* STA CCMP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA WEP104 */{ TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}}, - /* AP multicast CCMP */ { - /* STA NONE */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA WEP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA TKIP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA AES */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA CCMP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA WEP104 */{ TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}}, - /* AP multicast WEP104 */ { - /* STA NONE */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA WEP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA TKIP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA AES */ { TI_OK, TWD_CIPHER_AES_WRAP, TWD_CIPHER_WEP104 ,5}, - /* STA CCMP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA WEP104 */{ TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}}}, -/* AP unicast AES_CCMP */ { - /* AP multicast NONE */ { - /* STA NONE */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA WEP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA TKIP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA AES */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA CCMP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA WEP104 */{ TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}}, - /* AP multicast WEP */ { - /* STA NONE */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA WEP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA TKIP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA AES */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA CCMP */ { TI_OK, TWD_CIPHER_AES_CCMP, TWD_CIPHER_WEP ,5}, - /* STA WEP104 */{ TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}}, - /* AP multicast TKIP */ { - /* STA NONE */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA WEP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA TKIP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA AES */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA CCMP */ { TI_OK, TWD_CIPHER_AES_CCMP, TWD_CIPHER_TKIP ,6}, - /* STA WEP104 */{ TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}}, - /* AP multicast WRAP */ { - /* STA NONE */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA WEP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA TKIP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA AES */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA CCMP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA WEP104 */{ TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}}, - /* AP multicast CCMP */ { - /* STA NONE */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA WEP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA TKIP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA AES */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA CCMP */ { TI_OK, TWD_CIPHER_AES_CCMP, TWD_CIPHER_AES_CCMP ,7}, - /* STA WEP104 */{ TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}}, - /* AP multicast WEP */ { - /* STA NONE */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA WEP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA TKIP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA AES */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA CCMP */ { TI_OK, TWD_CIPHER_AES_CCMP, TWD_CIPHER_WEP104 ,5}, - /* STA WEP104 */{ TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}}}, -/* AP unicast WEP104 */ { - /* AP multicast NONE */ { - /* STA NONE */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA WEP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA TKIP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA AES */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA CCMP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA WEP104 */{ TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}}, - /* AP multicast WEP */ { - /* STA NONE */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA WEP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA TKIP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA AES */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA CCMP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA WEP104 */{ TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}}, - /* AP multicast TKIP */ { - /* STA NONE */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA WEP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA TKIP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA AES */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA CCMP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA WEP104 */{ TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}}, - /* AP multicast WRAP */ { - /* STA NONE */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA WEP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA TKIP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA AES */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA CCMP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA WEP104 */{ TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}}, - /* AP multicast CCMP */ { - /* STA NONE */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA WEP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA TKIP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA AES */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA CCMP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA WEP104 */{ TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}}, - /* AP multicast WEP104 */ { - /* STA NONE */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA WEP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA TKIP */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA AES */ { TI_NOK, TWD_CIPHER_NONE, TWD_CIPHER_NONE ,0}, - /* STA CCMP */ { TI_OK, TWD_CIPHER_WEP104, TWD_CIPHER_WEP104 ,1}, - /* STA WEP104 */{ TI_OK, TWD_CIPHER_WEP104, TWD_CIPHER_WEP104 ,1}}} - - -}; - -/* Function prototypes */ -TI_STATUS admCtrlWpa_parseIe(admCtrl_t *pAdmCtrl, TI_UINT8 *pWpaIe, wpaIeData_t *pWpaData); -TI_UINT16 admCtrlWpa_buildCapabilities(TI_UINT16 replayCnt); -TI_UINT32 admCtrlWpa_parseSuiteVal(admCtrl_t *pAdmCtrl, TI_UINT8* suiteVal,wpaIeData_t *pWpaData,TI_UINT32 maxVal); -TI_STATUS admCtrlWpa_checkCipherSuiteValidity (ECipherSuite unicastSuite, ECipherSuite broadcastSuite, ECipherSuite encryptionStatus); -static TI_STATUS admCtrlWpa_get802_1x_AkmExists (admCtrl_t *pAdmCtrl, TI_BOOL *wpa_802_1x_AkmExists); - - -/** -* -* admCtrlWpa_config - Configure XCC admission control. -* -* \b Description: -* -* Configure XCC admission control. -* -* \b ARGS: -* -* I - pAdmCtrl - context \n -* -* \b RETURNS: -* -* TI_OK on success, TI_NOK on failure. -* -* \sa -*/ -TI_STATUS admCtrlWpa_config(admCtrl_t *pAdmCtrl) -{ - TI_STATUS status; - TRsnPaeConfig paeConfig; - - /* check and set admission control default parameters */ - pAdmCtrl->authSuite = RSN_AUTH_OPEN; - if (pAdmCtrl->unicastSuite == TWD_CIPHER_NONE) - { - pAdmCtrl->unicastSuite = TWD_CIPHER_TKIP; - } - if (pAdmCtrl->broadcastSuite == TWD_CIPHER_NONE) - { - pAdmCtrl->broadcastSuite = TWD_CIPHER_TKIP; - } - - /* set callback functions (API) */ - pAdmCtrl->getInfoElement = admCtrlWpa_getInfoElement; - pAdmCtrl->setSite = admCtrlWpa_setSite; - pAdmCtrl->evalSite = admCtrlWpa_evalSite; - - pAdmCtrl->getPmkidList = admCtrl_nullGetPMKIDlist; - pAdmCtrl->setPmkidList = admCtrl_nullSetPMKIDlist; - pAdmCtrl->resetPmkidList = admCtrl_resetPMKIDlist; - pAdmCtrl->getPreAuthStatus = admCtrl_nullGetPreAuthStatus; - pAdmCtrl->startPreAuth = admCtrl_nullStartPreAuth; - pAdmCtrl->get802_1x_AkmExists = admCtrlWpa_get802_1x_AkmExists; - - /* set cipher suite */ - switch (pAdmCtrl->externalAuthMode) - { - case RSN_EXT_AUTH_MODE_WPA: - case RSN_EXT_AUTH_MODE_WPAPSK: - /* The cipher suite should be set by the External source via - the Encryption field*/ - pAdmCtrl->keyMngSuite = RSN_KEY_MNG_802_1X; - break; - case RSN_EXT_AUTH_MODE_WPANONE: - pAdmCtrl->keyMngSuite = RSN_KEY_MNG_NONE; - /* Not supported */ - default: - return TI_NOK; - } - - - paeConfig.authProtocol = pAdmCtrl->externalAuthMode; - paeConfig.unicastSuite = pAdmCtrl->unicastSuite; - paeConfig.broadcastSuite = pAdmCtrl->broadcastSuite; - paeConfig.keyExchangeProtocol = pAdmCtrl->keyMngSuite; - /* set default PAE configuration */ - status = pAdmCtrl->pRsn->setPaeConfig(pAdmCtrl->pRsn, &paeConfig); - - return status; -} - - - - -TI_STATUS admCtrlWpa_dynamicConfig(admCtrl_t *pAdmCtrl,wpaIeData_t *pWpaData) -{ - TI_STATUS status; - TRsnPaeConfig paeConfig; - - - /* set callback functions (API) */ - pAdmCtrl->getInfoElement = admCtrlWpa_getInfoElement; - - switch (pAdmCtrl->externalAuthMode) - { - case RSN_EXT_AUTH_MODE_WPA: - case RSN_EXT_AUTH_MODE_WPAPSK: - /* The cipher suite should be set by the External source via - the Encryption field*/ - pAdmCtrl->keyMngSuite = RSN_KEY_MNG_802_1X; - break; - case RSN_EXT_AUTH_MODE_WPANONE: - pAdmCtrl->keyMngSuite = RSN_KEY_MNG_NONE; - /* Not supported */ - default: - return TI_NOK; - } - - - paeConfig.authProtocol = pAdmCtrl->externalAuthMode; - paeConfig.unicastSuite = pWpaData->unicastSuite[0]; - paeConfig.broadcastSuite = pWpaData->broadcastSuite; - paeConfig.keyExchangeProtocol = pAdmCtrl->keyMngSuite; - /* set default PAE configuration */ - status = pAdmCtrl->pRsn->setPaeConfig(pAdmCtrl->pRsn, &paeConfig); - - return status; -} - -/** -* -* admCtrlWpa_getInfoElement - Get the current information element. -* -* \b Description: -* -* Get the current information element. -* -* \b ARGS: -* -* I - pAdmCtrl - context \n -* I - pIe - IE buffer \n -* I - pLength - length of IE \n -* -* \b RETURNS: -* -* TI_OK on success, TI_NOK on failure. -* -* \sa -*/ - -TI_STATUS admCtrlWpa_getInfoElement(admCtrl_t *pAdmCtrl, TI_UINT8 *pIe, TI_UINT32 *pLength) -{ - wpaIePacket_t localWpaPkt; - wpaIePacket_t *pWpaIePacket; - TI_UINT8 length; - TI_UINT16 tempInt; - TIWLN_SIMPLE_CONFIG_MODE wscMode; - - /* Get Simple-Config state */ - siteMgr_getParamWSC(pAdmCtrl->pRsn->hSiteMgr, &wscMode); /* SITE_MGR_SIMPLE_CONFIG_MODE */ - - if (pIe==NULL) - { - *pLength = 0; - return TI_NOK; - } - - if ((wscMode != TIWLN_SIMPLE_CONFIG_OFF) && - (pAdmCtrl->broadcastSuite == TWD_CIPHER_NONE) && - (pAdmCtrl->unicastSuite == TWD_CIPHER_NONE)) - { - *pLength = 0; - return TI_NOK; - } - - /* Check validity of WPA IE */ - if (!broadcastCipherSuiteValidity[pAdmCtrl->networkMode][pAdmCtrl->broadcastSuite]) - { /* check Group suite validity */ - *pLength = 0; - return TI_NOK; - } - - - if (pAdmCtrl->unicastSuite == TWD_CIPHER_WEP) - { /* check pairwise suite validity */ - *pLength = 0; - return TI_NOK; - } - - /* Build Wpa IE */ - pWpaIePacket = &localWpaPkt; - os_memoryZero(pAdmCtrl->hOs, pWpaIePacket, sizeof(wpaIePacket_t)); - pWpaIePacket->elementid= WPA_IE_ID; - os_memoryCopy(pAdmCtrl->hOs, (void *)pWpaIePacket->oui, wpaIeOuiIe, 3); - pWpaIePacket->ouiType = WPA_OUI_DEF_TYPE; - - tempInt = WPA_OUI_MAX_VERSION; - COPY_WLAN_WORD(&pWpaIePacket->version, &tempInt); - - length = sizeof(wpaIePacket_t)-2; - - /* check defaults */ - if (pAdmCtrl->replayCnt==1) - { - length -= 2; /* 2: capabilities + 4: keyMng suite, 2: keyMng count*/ -#if 0 /* The following was removed since there are APs which do no accept - the default WPA IE */ - if (pAdmCtrl->externalAuthMode == RSN_EXT_AUTH_MODE_WPA) - { - length -= 6; /* 2: capabilities + 4: keyMng suite, 2: keyMng count*/ - if (pAdmCtrl->unicastSuite == TWD_CIPHER_TKIP) - { - length -= 6; /* 4: unicast suite, 2: unicast count */ - if (pAdmCtrl->broadcastSuite == TWD_CIPHER_TKIP) - { - length -= 4; /* broadcast suite */ - } - } - } -#endif - } - - pWpaIePacket->length = length; - *pLength = length+2; - - if (length>=WPA_IE_MIN_DEFAULT_LENGTH) - { /* build Capabilities */ - pWpaIePacket->capabilities = ENDIAN_HANDLE_WORD(admCtrlWpa_buildCapabilities(pAdmCtrl->replayCnt)); - } - - if (length>=WPA_IE_MIN_KEY_MNG_SUITE_LENGTH(1)) - { - /* build keyMng suite */ - - tempInt = 0x0001; - COPY_WLAN_WORD(&pWpaIePacket->authKeyMngSuiteCnt, &tempInt); - - os_memoryCopy(pAdmCtrl->hOs, (void *)pWpaIePacket->authKeyMngSuite, wpaIeOuiIe, 3); - - switch (pAdmCtrl->externalAuthMode) - { - case RSN_EXT_AUTH_MODE_OPEN: - case RSN_EXT_AUTH_MODE_SHARED_KEY: - case RSN_EXT_AUTH_MODE_AUTO_SWITCH: - pWpaIePacket->authKeyMngSuite[3] = WPA_IE_KEY_MNG_NONE; - break; - case RSN_EXT_AUTH_MODE_WPA: - { -#ifdef XCC_MODULE_INCLUDED - TI_UINT8 akmSuite[DOT11_OUI_LEN]; - - if (admCtrlXCC_getCckmAkm(pAdmCtrl, akmSuite)) - { - os_memoryCopy(pAdmCtrl->hOs, (void*)pWpaIePacket->authKeyMngSuite, akmSuite, DOT11_OUI_LEN); - } - else -#endif - { - pWpaIePacket->authKeyMngSuite[3] = WPA_IE_KEY_MNG_801_1X; - } - } - - break; - - case RSN_EXT_AUTH_MODE_WPAPSK: - pWpaIePacket->authKeyMngSuite[3] = WPA_IE_KEY_MNG_PSK_801_1X; - break; - default: - pWpaIePacket->authKeyMngSuite[3] = WPA_IE_KEY_MNG_NONE; - break; - } - - } - - - if (length>=WPA_IE_MIN_PAIRWISE_SUITE_LENGTH) - { - -#ifdef XCC_MODULE_INCLUDED - if ((pAdmCtrl->pRsn->paeConfig.unicastSuite==TWD_CIPHER_CKIP) || - (pAdmCtrl->pRsn->paeConfig.broadcastSuite==TWD_CIPHER_CKIP)) - { - admCtrlXCC_getWpaCipherInfo(pAdmCtrl,pWpaIePacket); - } - else -#endif - { - - /* build pairwise suite */ - - tempInt = 0x0001; - COPY_WLAN_WORD(&pWpaIePacket->pairwiseSuiteCnt, &tempInt); - - os_memoryCopy(pAdmCtrl->hOs, (void *)pWpaIePacket->pairwiseSuite, wpaIeOuiIe, 3); - pWpaIePacket->pairwiseSuite[3] = (TI_UINT8)pAdmCtrl->pRsn->paeConfig.unicastSuite; - - if (length>=WPA_IE_GROUP_SUITE_LENGTH) - { /* build group suite */ - os_memoryCopy(pAdmCtrl->hOs, (void *)pWpaIePacket->groupSuite, wpaIeOuiIe, 3); - pWpaIePacket->groupSuite[3] = (TI_UINT8)pAdmCtrl->pRsn->paeConfig.broadcastSuite; - } - } - } - os_memoryCopy(pAdmCtrl->hOs, (TI_UINT8*)pIe, (TI_UINT8*)pWpaIePacket, sizeof(wpaIePacket_t)); - return TI_OK; - -} -/** -* -* admCtrlWpa_setSite - Set current primary site parameters for registration. -* -* \b Description: -* -* Set current primary site parameters for registration. -* -* \b ARGS: -* -* I - pAdmCtrl - context \n -* I - pRsnData - site's RSN data \n -* O - pAssocIe - result IE of evaluation \n -* O - pAssocIeLen - length of result IE of evaluation \n -* -* \b RETURNS: -* -* TI_OK on site is aproved, TI_NOK on site is rejected. -* -* \sa -*/ -TI_STATUS admCtrlWpa_setSite(admCtrl_t *pAdmCtrl, TRsnData *pRsnData, TI_UINT8 *pAssocIe, TI_UINT8 *pAssocIeLen) -{ - TI_STATUS status; - paramInfo_t *pParam; - TTwdParamInfo tTwdParam; - wpaIeData_t wpaData; - ECipherSuite encryptionStatus; - admCtrlWpa_validity_t *pAdmCtrlWpa_validity=NULL; - TI_UINT8 *pWpaIe; - TI_UINT8 index; - - *pAssocIeLen = 0; - - if (pRsnData==NULL) - { - return TI_NOK; - } - - pParam = (paramInfo_t *)os_memoryAlloc(pAdmCtrl->hOs, sizeof(paramInfo_t)); - if (!pParam) - { - return TI_NOK; - } - - if (pRsnData->pIe==NULL) - { - /* configure the MLME module with the 802.11 OPEN authentication suite, - THe MLME will configure later the authentication module */ - pParam->paramType = MLME_LEGACY_TYPE_PARAM; - pParam->content.mlmeLegacyAuthType = AUTH_LEGACY_OPEN_SYSTEM; - status = mlme_setParam(pAdmCtrl->hMlme, pParam); - goto adm_ctrl_wpa_end; - } - -#ifdef XCC_MODULE_INCLUDED - /* Check if Aironet IE exists */ - admCtrlXCC_setExtendedParams(pAdmCtrl, pRsnData); -#endif /*XCC_MODULE_INCLUDED*/ - - /* Check if any-WPA mode is supported and WPA2 info elem is presented */ - /* If yes - perform WPA2 set site procedure */ - if(pAdmCtrl->WPAMixedModeEnable && pAdmCtrl->WPAPromoteFlags) - { - if((admCtrl_parseIe(pAdmCtrl, pRsnData, &pWpaIe, RSN_IE_ID)== TI_OK) && - (pWpaIe != NULL)) - { - status = admCtrlWpa2_setSite(pAdmCtrl, pRsnData, pAssocIe, pAssocIeLen); - if(status == TI_OK) - goto adm_ctrl_wpa_end; - } - } - - status = admCtrl_parseIe(pAdmCtrl, pRsnData, &pWpaIe, WPA_IE_ID); - if (status != TI_OK) - { - goto adm_ctrl_wpa_end; - } - status = admCtrlWpa_parseIe(pAdmCtrl, pWpaIe, &wpaData); - if (status != TI_OK) - { - goto adm_ctrl_wpa_end; - } - if ((wpaData.unicastSuite[0]>=MAX_WPA_CIPHER_SUITE) || - (wpaData.broadcastSuite>=MAX_WPA_CIPHER_SUITE) || - (pAdmCtrl->unicastSuite>=MAX_WPA_CIPHER_SUITE)) - { - status = TI_NOK; - goto adm_ctrl_wpa_end; - } - - pAdmCtrl->encrInSw = wpaData.XCCKp; - pAdmCtrl->micInSw = wpaData.XCCMic; - - /*Because ckip is a proprietary encryption for Cisco then a different validity check is needed */ - if(wpaData.broadcastSuite == TWD_CIPHER_CKIP || wpaData.unicastSuite[0] == TWD_CIPHER_CKIP) - { - pAdmCtrl->getCipherSuite(pAdmCtrl, &encryptionStatus); - /*Funk supplicant can support CCKM only if it configures the driver to TKIP encryption. */ - if (encryptionStatus != TWD_CIPHER_TKIP) { - status = TI_NOK; - goto adm_ctrl_wpa_end; - } - if (pAdmCtrl->encrInSw) - pAdmCtrl->XCCSupport = TI_TRUE; - } - else - { - /* Check validity of Group suite */ - if (!broadcastCipherSuiteValidity[pAdmCtrl->networkMode][wpaData.broadcastSuite]) - { /* check Group suite validity */ - status = TI_NOK; - goto adm_ctrl_wpa_end; - } - - pAdmCtrl->getCipherSuite(pAdmCtrl, &encryptionStatus); - for (index=0; index<wpaData.unicastSuiteCnt; index++) - { - pAdmCtrlWpa_validity = &admCtrlWpa_validityTable[wpaData.unicastSuite[index]][wpaData.broadcastSuite][encryptionStatus]; - if (pAdmCtrlWpa_validity->status ==TI_OK) - { - break; - } - } - - if (pAdmCtrlWpa_validity->status != TI_OK) - { - status = pAdmCtrlWpa_validity->status; - goto adm_ctrl_wpa_end; - } - - /* set cipher suites */ - wpaData.unicastSuite[0] = pAdmCtrlWpa_validity->unicast ;/*wpaData.unicastSuite[0];*/ - wpaData.broadcastSuite = pAdmCtrlWpa_validity->broadcast; /*wpaData.broadcastSuite;*/ - } - /* set external auth mode according to the key Mng Suite */ - switch (wpaData.KeyMngSuite[0]) - { - case WPA_IE_KEY_MNG_NONE: - pAdmCtrl->externalAuthMode = RSN_EXT_AUTH_MODE_OPEN; - break; - case WPA_IE_KEY_MNG_801_1X: -#ifdef XCC_MODULE_INCLUDED - case WPA_IE_KEY_MNG_CCKM: -#endif - pAdmCtrl->externalAuthMode = RSN_EXT_AUTH_MODE_WPA; - break; - case WPA_IE_KEY_MNG_PSK_801_1X: -#if 0 /* code will remain here until the WSC spec will be closed*/ - if ((wpaData.KeyMngSuiteCnt > 1) && (wpaData.KeyMngSuite[1] == WPA_IE_KEY_MNG_801_1X)) - { - /*WLAN_OS_REPORT (("Overriding for simple-config - setting external auth to MODE WPA\n"));*/ - /*pAdmCtrl->externalAuthMode = RSN_EXT_AUTH_MODE_WPA;*/ - } - else - { - /*pAdmCtrl->externalAuthMode = RSN_EXT_AUTH_MODE_WPAPSK;*/ - } -#endif - break; - default: - pAdmCtrl->externalAuthMode = RSN_EXT_AUTH_MODE_OPEN; - break; - } - - -#ifdef XCC_MODULE_INCLUDED - pParam->paramType = XCC_CCKM_EXISTS; - pParam->content.XCCCckmExists = (wpaData.KeyMngSuite[0]==WPA_IE_KEY_MNG_CCKM) ? TI_TRUE : TI_FALSE; - XCCMngr_setParam(pAdmCtrl->hXCCMngr, pParam); -#endif - /* set replay counter */ - pAdmCtrl->replayCnt = wpaData.replayCounters; - - *pAssocIeLen = pRsnData->ieLen; - if (pAssocIe != NULL) - { - os_memoryCopy(pAdmCtrl->hOs, pAssocIe, &wpaData, sizeof(wpaIeData_t)); - } - - - /* Now we configure the MLME module with the 802.11 legacy authentication suite, - THe MLME will configure later the authentication module */ - pParam->paramType = MLME_LEGACY_TYPE_PARAM; -#ifdef XCC_MODULE_INCLUDED - if (pAdmCtrl->networkEapMode!=OS_XCC_NETWORK_EAP_OFF) - { - pParam->content.mlmeLegacyAuthType = AUTH_LEGACY_RESERVED1; - } - else -#endif - { - pParam->content.mlmeLegacyAuthType = AUTH_LEGACY_OPEN_SYSTEM; - } - - - status = mlme_setParam(pAdmCtrl->hMlme, pParam); - if (status != TI_OK) - { - goto adm_ctrl_wpa_end; - } - - pParam->paramType = RX_DATA_EAPOL_DESTINATION_PARAM; - pParam->content.rxDataEapolDestination = OS_ABS_LAYER; - status = rxData_setParam(pAdmCtrl->hRx, pParam); - if (status != TI_OK) - { - goto adm_ctrl_wpa_end; - } - - /* Configure privacy status in HAL so that HW is prepared to recieve keys */ - tTwdParam.paramType = TWD_RSN_SECURITY_MODE_PARAM_ID; - tTwdParam.content.rsnEncryptionStatus = (ECipherSuite)wpaData.unicastSuite[0]; - status = TWD_SetParam(pAdmCtrl->pRsn->hTWD, &tTwdParam); - if (status != TI_OK) - { - goto adm_ctrl_wpa_end; - } - -#ifdef XCC_MODULE_INCLUDED - - /* set MIC and KP in HAL */ - tTwdParam.paramType = TWD_RSN_XCC_SW_ENC_ENABLE_PARAM_ID; - tTwdParam.content.rsnXCCSwEncFlag = wpaData.XCCKp; - status = TWD_SetParam(pAdmCtrl->pRsn->hTWD, &tTwdParam); - if (status != TI_OK) - { - goto adm_ctrl_wpa_end; - } - tTwdParam.paramType = TWD_RSN_XCC_MIC_FIELD_ENABLE_PARAM_ID; - tTwdParam.content.rsnXCCMicFieldFlag = wpaData.XCCMic; - status = TWD_SetParam(pAdmCtrl->pRsn->hTWD, &tTwdParam); - - if (status != TI_OK) - { - goto adm_ctrl_wpa_end; - } -#endif /*XCC_MODULE_INCLUDED*/ - - /* re-config PAE */ - status = admCtrlWpa_dynamicConfig(pAdmCtrl,&wpaData); - if (status != TI_OK) - { - goto adm_ctrl_wpa_end; - } -adm_ctrl_wpa_end: - os_memoryFree(pAdmCtrl->hOs, pParam, sizeof(paramInfo_t)); - return status; -} - -/** -* -* admCtrlWpa_evalSite - Evaluate site for registration. -* -* \b Description: -* -* evaluate site RSN capabilities against the station's cap. -* If the BSS type is infrastructure, the station matches the site only if it's WEP status is same as the site -* In IBSS, it does not matter -* -* \b ARGS: -* -* I - pAdmCtrl - Context \n -* I - pRsnData - site's RSN data \n -* O - pEvaluation - Result of evaluation \n -* -* \b RETURNS: -* -* TI_OK -* -* \sa -*/ -TI_STATUS admCtrlWpa_evalSite(admCtrl_t *pAdmCtrl, TRsnData *pRsnData, TRsnSiteParams *pRsnSiteParams, TI_UINT32 *pEvaluation) -{ - TI_STATUS status; - wpaIeData_t wpaData; - admCtrlWpa_validity_t admCtrlWpa_validity; - ECipherSuite encryptionStatus; - TIWLN_SIMPLE_CONFIG_MODE wscMode; - TI_UINT8 *pWpaIe; - TI_UINT8 index; - - /* Get Simple-Config state */ - status = siteMgr_getParamWSC(pAdmCtrl->pRsn->hSiteMgr, &wscMode); /* SITE_MGR_SIMPLE_CONFIG_MODE */ - - *pEvaluation = 0; - - if (pRsnData==NULL) - { - return TI_NOK; - } - if ((pRsnData->pIe==NULL) && (wscMode == TIWLN_SIMPLE_CONFIG_OFF)) - { - return TI_NOK; - } - - if (pRsnSiteParams->bssType != BSS_INFRASTRUCTURE) - { - return TI_NOK; - } - - /* Set initial values for admCtrlWpa_validity as none*/ - admCtrlWpa_validity = admCtrlWpa_validityTable[TWD_CIPHER_NONE][TWD_CIPHER_NONE][TWD_CIPHER_NONE]; - - /* Check if WPA-any mode is supported and WPA2 info elem is presented */ - /* If yes - perform WPA2 site evaluation */ - if(pAdmCtrl->WPAMixedModeEnable && pAdmCtrl->WPAPromoteFlags) - { - if((admCtrl_parseIe(pAdmCtrl, pRsnData, &pWpaIe, RSN_IE_ID)== TI_OK) && - (pWpaIe != NULL)) - { - status = admCtrlWpa2_evalSite(pAdmCtrl, pRsnData, pRsnSiteParams, pEvaluation); - if(status == TI_OK) - return status; - } - } - - status = admCtrl_parseIe(pAdmCtrl, pRsnData, &pWpaIe, WPA_IE_ID); - if ((status != TI_OK) && (wscMode == TIWLN_SIMPLE_CONFIG_OFF)) - { - return status; - } - /* If found WPA Information Element */ - if (pWpaIe != NULL) - { - status = admCtrlWpa_parseIe(pAdmCtrl, pWpaIe, &wpaData); - if (status != TI_OK) - { - return status; - } - - /* check keyMngSuite validity */ - switch (wpaData.KeyMngSuite[0]) - { - case WPA_IE_KEY_MNG_NONE: - TRACE0(pAdmCtrl->hReport, REPORT_SEVERITY_INFORMATION, "admCtrlWpa_evalSite: KeyMngSuite[0]=WPA_IE_KEY_MNG_NONE\n"); - status = (pAdmCtrl->externalAuthMode <= RSN_EXT_AUTH_MODE_AUTO_SWITCH) ? TI_OK : TI_NOK; - break; - case WPA_IE_KEY_MNG_801_1X: -#ifdef XCC_MODULE_INCLUDED - case WPA_IE_KEY_MNG_CCKM: - /* CCKM is allowed only in 802.1x auth */ -#endif - TRACE0(pAdmCtrl->hReport, REPORT_SEVERITY_INFORMATION, "admCtrlWpa_evalSite: KeyMngSuite[0]=WPA_IE_KEY_MNG_801_1X\n"); - status = (pAdmCtrl->externalAuthMode == RSN_EXT_AUTH_MODE_WPA) ? TI_OK : TI_NOK; - break; - case WPA_IE_KEY_MNG_PSK_801_1X: - TRACE0(pAdmCtrl->hReport, REPORT_SEVERITY_INFORMATION, "admCtrlWpa_evalSite: KeyMngSuite[0]=WPA_IE_KEY_MNG_PSK_801_1X\n"); - status = ((pAdmCtrl->externalAuthMode == RSN_EXT_AUTH_MODE_WPAPSK) || - (wscMode && (pAdmCtrl->externalAuthMode == RSN_EXT_AUTH_MODE_WPA))) ? TI_OK : TI_NOK; - break; - default: - status = TI_NOK; - break; - } - - TRACE2(pAdmCtrl->hReport, REPORT_SEVERITY_INFORMATION, "admCtrlWpa_evalSite: pAdmCtrl->externalAuthMode = %d, Status = %d\n",pAdmCtrl->externalAuthMode,status); - - if (status != TI_OK) - { - return status; - } - - /*Because ckip is a proprietary encryption for Cisco then a different validity check is needed */ - if(wpaData.broadcastSuite == TWD_CIPHER_CKIP || wpaData.unicastSuite[0] == TWD_CIPHER_CKIP) - { - pAdmCtrl->getCipherSuite(pAdmCtrl, &encryptionStatus); - if (encryptionStatus != TWD_CIPHER_TKIP) - return TI_NOK; - } - else - { - /* Check cipher suite validity */ - pAdmCtrl->getCipherSuite(pAdmCtrl, &encryptionStatus); - for (index=0; index<wpaData.unicastSuiteCnt; index++) - { - admCtrlWpa_validity = admCtrlWpa_validityTable[wpaData.unicastSuite[index]][wpaData.broadcastSuite][encryptionStatus]; - if (admCtrlWpa_validity.status ==TI_OK) - { - break; - } - } - - if (admCtrlWpa_validity.status!=TI_OK) - { - return admCtrlWpa_validity.status; - } - - wpaData.broadcastSuite = admCtrlWpa_validity.broadcast; - wpaData.unicastSuite[0] = admCtrlWpa_validity.unicast; - *pEvaluation = admCtrlWpa_validity.evaluation; - } - - /* Check privacy bit if not in mixed mode */ - if (!pAdmCtrl->mixedMode) - { /* There's no mixed mode, so make sure that the privacy Bit matches the privacy mode*/ - if (((pRsnData->privacy) && (wpaData.unicastSuite[0]==TWD_CIPHER_NONE)) || - ((!pRsnData->privacy) && (wpaData.unicastSuite[0]>TWD_CIPHER_NONE))) - { - *pEvaluation = 0; - } - } - - } - else - { - TRACE0(pAdmCtrl->hReport, REPORT_SEVERITY_INFORMATION, "didn't find WPA IE\n"); - if (wscMode == TIWLN_SIMPLE_CONFIG_OFF) - return TI_NOK; - TRACE0(pAdmCtrl->hReport, REPORT_SEVERITY_INFORMATION, "metric is 1\n"); - *pEvaluation = 1; - pAdmCtrl->broadcastSuite = TWD_CIPHER_NONE; - pAdmCtrl->unicastSuite = TWD_CIPHER_NONE; - } - - /* always return TI_OK */ - return TI_OK; -} - - -/** -* -* admCtrlWpa_parseIe - Parse an WPA information element. -* -* \b Description: -* -* Parse an WPA information element. -* Builds a structure of the unicast adn broadcast cihper suites, -* the key management suite and the capabilities. -* -* \b ARGS: -* -* I - pAdmCtrl - pointer to admCtrl context -* I - pWpaIe - pointer to WPA IE buffer \n -* O - pWpaData - capabilities structure -* -* -* \b RETURNS: -* -* TI_OK on success, TI_NOK on failure. -* -* \sa -*/ -TI_STATUS admCtrlWpa_parseIe(admCtrl_t *pAdmCtrl, TI_UINT8 *pWpaIe, wpaIeData_t *pWpaData) -{ - - wpaIePacket_t *wpaIePacket = (wpaIePacket_t*)pWpaIe; - TI_UINT8 *curWpaIe; - TI_UINT8 curLength = WPA_IE_MIN_LENGTH; - - TRACE0(pAdmCtrl->hReport, REPORT_SEVERITY_INFORMATION, "Wpa_IE: DEBUG: admCtrlWpa_parseIe\n\n"); - - if ((pWpaData == NULL) || (pWpaIe == NULL)) - { - return TI_NOK; - } - - if ((wpaIePacket->length < WPA_IE_MIN_LENGTH) || - (wpaIePacket->elementid != WPA_IE_ID) || - (wpaIePacket->ouiType > WPA_OUI_MAX_TYPE) || (ENDIAN_HANDLE_WORD(wpaIePacket->version) > WPA_OUI_MAX_VERSION) || - (os_memoryCompare(pAdmCtrl->hOs, (TI_UINT8*)wpaIePacket->oui, wpaIeOuiIe, 3))) - { - TRACE7(pAdmCtrl->hReport, REPORT_SEVERITY_INFORMATION, "Wpa_ParseIe Error: length=0x%x, elementid=0x%x, ouiType=0x%x, version=0x%x, oui=0x%x, 0x%x, 0x%x\n", wpaIePacket->length,wpaIePacket->elementid, wpaIePacket->ouiType, wpaIePacket->version, wpaIePacket->oui[0], wpaIePacket->oui[1],wpaIePacket->oui[2]); - - return TI_NOK; - } - /* Set default values */ - pWpaData->broadcastSuite = TWD_CIPHER_TKIP; - pWpaData->unicastSuiteCnt = 1; - pWpaData->unicastSuite[0] = TWD_CIPHER_TKIP; - pWpaData->KeyMngSuiteCnt = 1; - pWpaData->KeyMngSuite[0] = (ERsnKeyMngSuite)WPA_IE_KEY_MNG_801_1X; - pWpaData->bcastForUnicatst = 1; - pWpaData->replayCounters = 1; - - pWpaData->XCCKp = TI_FALSE; - pWpaData->XCCMic = TI_FALSE; - - - /* Group Suite */ - if (wpaIePacket->length >= WPA_IE_GROUP_SUITE_LENGTH) - { - pWpaData->broadcastSuite = (ECipherSuite)admCtrlWpa_parseSuiteVal(pAdmCtrl, (TI_UINT8 *)wpaIePacket->groupSuite,pWpaData,TWD_CIPHER_WEP104); - curLength = WPA_IE_GROUP_SUITE_LENGTH; - TRACE2(pAdmCtrl->hReport, REPORT_SEVERITY_INFORMATION, "Wpa_IE: GroupSuite%x, broadcast %x \n", wpaIePacket->groupSuite[3], pWpaData->broadcastSuite); - } else - { - return TI_OK; - } - /* Unicast Suite */ - if (wpaIePacket->length >= WPA_IE_MIN_PAIRWISE_SUITE_LENGTH) - { - TI_UINT16 pairWiseSuiteCnt = ENDIAN_HANDLE_WORD(wpaIePacket->pairwiseSuiteCnt); - TI_BOOL cipherSuite[MAX_WPA_UNICAST_SUITES]={TI_FALSE, TI_FALSE, TI_FALSE, TI_FALSE, TI_FALSE, TI_FALSE , TI_FALSE}; - TI_INT32 index, unicastSuiteIndex=0; - - curWpaIe = (TI_UINT8*)&(wpaIePacket->pairwiseSuite); - for (index=0; (index<pairWiseSuiteCnt) && (wpaIePacket->length >= (WPA_IE_MIN_PAIRWISE_SUITE_LENGTH+(index+1)*4)); index++) - { - ECipherSuite curCipherSuite; - - curCipherSuite = (ECipherSuite)admCtrlWpa_parseSuiteVal(pAdmCtrl, curWpaIe,pWpaData,TWD_CIPHER_WEP104); - TRACE2(pAdmCtrl->hReport, REPORT_SEVERITY_INFORMATION, "Wpa_IE: pairwiseSuite %x , unicast %x \n", curWpaIe[3], curCipherSuite); - - if ((curCipherSuite!=TWD_CIPHER_UNKNOWN) && (curCipherSuite<MAX_WPA_UNICAST_SUITES)) - { - cipherSuite[curCipherSuite] = TI_TRUE; - } - curWpaIe +=4; - } - for (index=MAX_WPA_UNICAST_SUITES-1; index>=0; index--) - { - if (cipherSuite[index]) - { - pWpaData->unicastSuite[unicastSuiteIndex] = (ECipherSuite)index; - TRACE1(pAdmCtrl->hReport, REPORT_SEVERITY_INFORMATION, "Wpa_IE: unicast %x \n", pWpaData->unicastSuite[unicastSuiteIndex]); - unicastSuiteIndex++; - } - } - pWpaData->unicastSuiteCnt = unicastSuiteIndex; - curLength = WPA_IE_MIN_KEY_MNG_SUITE_LENGTH(pairWiseSuiteCnt); - - } else - { - return TI_OK; - } - /* KeyMng Suite */ - if (wpaIePacket->length >= curLength) - { - TI_UINT16 keyMngSuiteCnt = ENDIAN_HANDLE_WORD(*curWpaIe); - TI_UINT16 index; - ERsnKeyMngSuite maxKeyMngSuite = (ERsnKeyMngSuite)WPA_IE_KEY_MNG_NONE; - - /* Include all AP key management supported suites in the wpaData structure */ - pWpaData->KeyMngSuiteCnt = keyMngSuiteCnt; - - curWpaIe +=2; - pAdmCtrl->wpaAkmExists = TI_FALSE; - for (index=0; (index<keyMngSuiteCnt) && (wpaIePacket->length >= (curLength+index*4)); index++) - { - ERsnKeyMngSuite curKeyMngSuite; - -#ifdef XCC_MODULE_INCLUDED - curKeyMngSuite = (ERsnKeyMngSuite)admCtrlXCC_parseCckmSuiteVal(pAdmCtrl, curWpaIe); - if (curKeyMngSuite == WPA_IE_KEY_MNG_CCKM) - { /* CCKM is the maximum AKM */ - maxKeyMngSuite = curKeyMngSuite; - } - else -#endif - { - curKeyMngSuite = (ERsnKeyMngSuite)admCtrlWpa_parseSuiteVal(pAdmCtrl, curWpaIe,pWpaData,WPA_IE_KEY_MNG_PSK_801_1X); - } - TRACE2(pAdmCtrl->hReport, REPORT_SEVERITY_INFORMATION, "Wpa_IE: authKeyMng %x , keyMng %x \n", curWpaIe[3], curKeyMngSuite); - - if ((curKeyMngSuite>maxKeyMngSuite) && (curKeyMngSuite!=WPA_IE_KEY_MNG_NA) - && (curKeyMngSuite!=WPA_IE_KEY_MNG_CCKM)) - { - maxKeyMngSuite = curKeyMngSuite; - } - if (curKeyMngSuite==WPA_IE_KEY_MNG_801_1X) - { /* If 2 AKM exist, save also the second priority */ - pAdmCtrl->wpaAkmExists = TI_TRUE; - } - - curWpaIe +=4; - - /* Include all AP key management supported suites in the wpaData structure */ - if ((index+1) < MAX_WPA_KEY_MNG_SUITES) - pWpaData->KeyMngSuite[index+1] = curKeyMngSuite; - - } - pWpaData->KeyMngSuite[0] = maxKeyMngSuite; - curLength += (index-1)*4; - TRACE1(pAdmCtrl->hReport, REPORT_SEVERITY_INFORMATION, "Wpa_IE: keyMng %x \n", pWpaData->KeyMngSuite[0]); - - } else - { - return TI_OK; - } - /* Parse capabilities */ - if (wpaIePacket->length >= (curLength+2)) - { - TI_UINT16 capabilities = ENDIAN_HANDLE_WORD(*((TI_UINT16 *)curWpaIe)); - - pWpaData->bcastForUnicatst = (capabilities & WPA_GROUP_4_UNICAST_CAPABILITY_MASK) >> WPA_REPLAY_GROUP4UNI_CAPABILITY_SHIFT; - pWpaData->replayCounters = (capabilities & WPA_REPLAY_COUNTERS_CAPABILITY_MASK) >> WPA_REPLAY_COUNTERS_CAPABILITY_SHIFT; - switch (pWpaData->replayCounters) - { - case 0: pWpaData->replayCounters=1; - break; - case 1: pWpaData->replayCounters=2; - break; - case 2: pWpaData->replayCounters=4; - break; - case 3: pWpaData->replayCounters=16; - break; - default: pWpaData->replayCounters=0; - break; - } - TRACE3(pAdmCtrl->hReport, REPORT_SEVERITY_INFORMATION, "Wpa_IE: capabilities %x, bcastForUnicatst %x, replayCounters %x\n", capabilities, pWpaData->bcastForUnicatst, pWpaData->replayCounters); - - } - - - return TI_OK; - -} - - -TI_UINT16 admCtrlWpa_buildCapabilities(TI_UINT16 replayCnt) -{ - TI_UINT16 capabilities=0; - /* Bit1: group key for unicast */ - capabilities = 0; - capabilities = capabilities << WPA_REPLAY_GROUP4UNI_CAPABILITY_SHIFT; - /* Bits 2&3: Replay counter */ - switch (replayCnt) - { - case 1: replayCnt=0; - break; - case 2: replayCnt=1; - break; - case 4: replayCnt=2; - break; - case 16: replayCnt=3; - break; - default: replayCnt=0; - break; - } - - capabilities |= replayCnt << WPA_REPLAY_COUNTERS_CAPABILITY_SHIFT; - return capabilities; - -} - - -TI_UINT32 admCtrlWpa_parseSuiteVal(admCtrl_t *pAdmCtrl, TI_UINT8* suiteVal, wpaIeData_t *pWpaData, TI_UINT32 maxVal) -{ - TI_UINT32 suite; - - if ((pAdmCtrl==NULL) || (suiteVal==NULL)) - { - return TWD_CIPHER_UNKNOWN; - } - if (!os_memoryCompare(pAdmCtrl->hOs, suiteVal, wpaIeOuiIe, 3)) - { - suite = (ECipherSuite)((suiteVal[3]<=maxVal) ? suiteVal[3] : TWD_CIPHER_UNKNOWN); - } else - { -#ifdef XCC_MODULE_INCLUDED - suite = admCtrlXCC_WpaParseSuiteVal(pAdmCtrl,suiteVal,pWpaData); -#else - suite = TWD_CIPHER_UNKNOWN; -#endif - } - return suite; -} - - -TI_STATUS admCtrlWpa_checkCipherSuiteValidity (ECipherSuite unicastSuite, ECipherSuite broadcastSuite, ECipherSuite encryptionStatus) -{ - ECipherSuite maxCipher; - - maxCipher = (unicastSuite>=broadcastSuite) ? unicastSuite : broadcastSuite ; - if (maxCipher != encryptionStatus) - { - return TI_NOK; - } - if ((unicastSuite != TWD_CIPHER_NONE) && (broadcastSuite>unicastSuite)) - { - return TI_NOK; - } - return TI_OK; -} - -static TI_STATUS admCtrlWpa_get802_1x_AkmExists (admCtrl_t *pAdmCtrl, TI_BOOL *wpa_802_1x_AkmExists) -{ - *wpa_802_1x_AkmExists = pAdmCtrl->wpaAkmExists; - return TI_OK; -} - - - |