1
/***************************************************************************
2
* RT2x00 SourceForge Project - http://rt2x00.sourceforge.net *
4
* This program is free software; you can redistribute it and/or modify *
5
* it under the terms of the GNU General Public License as published by *
6
* the Free Software Foundation; either version 2 of the License, or *
7
* (at your option) any later version. *
9
* This program is distributed in the hope that it will be useful, *
10
* but WITHOUT ANY WARRANTY; without even the implied warranty of *
11
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
12
* GNU General Public License for more details. *
14
* You should have received a copy of the GNU General Public License *
15
* along with this program; if not, write to the *
16
* Free Software Foundation, Inc., *
17
* 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
19
* Licensed under the GNU GPL *
20
* Original code supplied under license from RaLink Inc, 2004. *
21
***************************************************************************/
23
/***************************************************************************
24
* Module Name: rtmp_wep.c
30
* -------- ---------- -------------------------------
31
* Name Date Modification logs
32
* Jan Lee 2005-06-01 Release
33
***************************************************************************/
35
#include "rt_config.h"
37
ULONG FCSTAB_32[256] =
39
0x00000000, 0x77073096, 0xee0e612c, 0x990951ba,
40
0x076dc419, 0x706af48f, 0xe963a535, 0x9e6495a3,
41
0x0edb8832, 0x79dcb8a4, 0xe0d5e91e, 0x97d2d988,
42
0x09b64c2b, 0x7eb17cbd, 0xe7b82d07, 0x90bf1d91,
43
0x1db71064, 0x6ab020f2, 0xf3b97148, 0x84be41de,
44
0x1adad47d, 0x6ddde4eb, 0xf4d4b551, 0x83d385c7,
45
0x136c9856, 0x646ba8c0, 0xfd62f97a, 0x8a65c9ec,
46
0x14015c4f, 0x63066cd9, 0xfa0f3d63, 0x8d080df5,
47
0x3b6e20c8, 0x4c69105e, 0xd56041e4, 0xa2677172,
48
0x3c03e4d1, 0x4b04d447, 0xd20d85fd, 0xa50ab56b,
49
0x35b5a8fa, 0x42b2986c, 0xdbbbc9d6, 0xacbcf940,
50
0x32d86ce3, 0x45df5c75, 0xdcd60dcf, 0xabd13d59,
51
0x26d930ac, 0x51de003a, 0xc8d75180, 0xbfd06116,
52
0x21b4f4b5, 0x56b3c423, 0xcfba9599, 0xb8bda50f,
53
0x2802b89e, 0x5f058808, 0xc60cd9b2, 0xb10be924,
54
0x2f6f7c87, 0x58684c11, 0xc1611dab, 0xb6662d3d,
55
0x76dc4190, 0x01db7106, 0x98d220bc, 0xefd5102a,
56
0x71b18589, 0x06b6b51f, 0x9fbfe4a5, 0xe8b8d433,
57
0x7807c9a2, 0x0f00f934, 0x9609a88e, 0xe10e9818,
58
0x7f6a0dbb, 0x086d3d2d, 0x91646c97, 0xe6635c01,
59
0x6b6b51f4, 0x1c6c6162, 0x856530d8, 0xf262004e,
60
0x6c0695ed, 0x1b01a57b, 0x8208f4c1, 0xf50fc457,
61
0x65b0d9c6, 0x12b7e950, 0x8bbeb8ea, 0xfcb9887c,
62
0x62dd1ddf, 0x15da2d49, 0x8cd37cf3, 0xfbd44c65,
63
0x4db26158, 0x3ab551ce, 0xa3bc0074, 0xd4bb30e2,
64
0x4adfa541, 0x3dd895d7, 0xa4d1c46d, 0xd3d6f4fb,
65
0x4369e96a, 0x346ed9fc, 0xad678846, 0xda60b8d0,
66
0x44042d73, 0x33031de5, 0xaa0a4c5f, 0xdd0d7cc9,
67
0x5005713c, 0x270241aa, 0xbe0b1010, 0xc90c2086,
68
0x5768b525, 0x206f85b3, 0xb966d409, 0xce61e49f,
69
0x5edef90e, 0x29d9c998, 0xb0d09822, 0xc7d7a8b4,
70
0x59b33d17, 0x2eb40d81, 0xb7bd5c3b, 0xc0ba6cad,
71
0xedb88320, 0x9abfb3b6, 0x03b6e20c, 0x74b1d29a,
72
0xead54739, 0x9dd277af, 0x04db2615, 0x73dc1683,
73
0xe3630b12, 0x94643b84, 0x0d6d6a3e, 0x7a6a5aa8,
74
0xe40ecf0b, 0x9309ff9d, 0x0a00ae27, 0x7d079eb1,
75
0xf00f9344, 0x8708a3d2, 0x1e01f268, 0x6906c2fe,
76
0xf762575d, 0x806567cb, 0x196c3671, 0x6e6b06e7,
77
0xfed41b76, 0x89d32be0, 0x10da7a5a, 0x67dd4acc,
78
0xf9b9df6f, 0x8ebeeff9, 0x17b7be43, 0x60b08ed5,
79
0xd6d6a3e8, 0xa1d1937e, 0x38d8c2c4, 0x4fdff252,
80
0xd1bb67f1, 0xa6bc5767, 0x3fb506dd, 0x48b2364b,
81
0xd80d2bda, 0xaf0a1b4c, 0x36034af6, 0x41047a60,
82
0xdf60efc3, 0xa867df55, 0x316e8eef, 0x4669be79,
83
0xcb61b38c, 0xbc66831a, 0x256fd2a0, 0x5268e236,
84
0xcc0c7795, 0xbb0b4703, 0x220216b9, 0x5505262f,
85
0xc5ba3bbe, 0xb2bd0b28, 0x2bb45a92, 0x5cb36a04,
86
0xc2d7ffa7, 0xb5d0cf31, 0x2cd99e8b, 0x5bdeae1d,
87
0x9b64c2b0, 0xec63f226, 0x756aa39c, 0x026d930a,
88
0x9c0906a9, 0xeb0e363f, 0x72076785, 0x05005713,
89
0x95bf4a82, 0xe2b87a14, 0x7bb12bae, 0x0cb61b38,
90
0x92d28e9b, 0xe5d5be0d, 0x7cdcefb7, 0x0bdbdf21,
91
0x86d3d2d4, 0xf1d4e242, 0x68ddb3f8, 0x1fda836e,
92
0x81be16cd, 0xf6b9265b, 0x6fb077e1, 0x18b74777,
93
0x88085ae6, 0xff0f6a70, 0x66063bca, 0x11010b5c,
94
0x8f659eff, 0xf862ae69, 0x616bffd3, 0x166ccf45,
95
0xa00ae278, 0xd70dd2ee, 0x4e048354, 0x3903b3c2,
96
0xa7672661, 0xd06016f7, 0x4969474d, 0x3e6e77db,
97
0xaed16a4a, 0xd9d65adc, 0x40df0b66, 0x37d83bf0,
98
0xa9bcae53, 0xdebb9ec5, 0x47b2cf7f, 0x30b5ffe9,
99
0xbdbdf21c, 0xcabac28a, 0x53b39330, 0x24b4a3a6,
100
0xbad03605, 0xcdd70693, 0x54de5729, 0x23d967bf,
101
0xb3667a2e, 0xc4614ab8, 0x5d681b02, 0x2a6f2b94,
102
0xb40bbe37, 0xc30c8ea1, 0x5a05df1b, 0x2d02ef8d
109
0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0xAA, 0xBB, 0xCC
114
========================================================================
120
pAdapter Pointer to our adapter
121
pKey Pointer to the WEP KEY
123
KeyLen the length of WEP KEY
124
pDest Pointer to the destination which Encryption data will store in.
129
IRQL = DISPATCH_LEVEL
133
========================================================================
135
VOID RTMPInitWepEngine(
136
IN PRT2570ADAPTER pAdapter,
144
pAdapter->PrivateInfo.FCSCRC32 = PPPINITFCS32; //Init crc32.
145
memcpy(WEPKEY + 3, pKey, KeyLen);
147
for(i = 0; i < 3; i++) {
148
WEPKEY[i] = RandomByte(pAdapter); //Call mlme RandomByte() function.
150
ARCFOUR_INIT(&pAdapter->PrivateInfo.WEPCONTEXT, WEPKEY, KeyLen + 3); //INIT SBOX, KEYLEN+3(IV)
152
memcpy(pDest, WEPKEY, 3); //Append Init Vector
153
*(pDest+3) = (KeyId << 6); //Append KEYID
158
========================================================================
161
Encrypt transimitted data
164
pAdapter Pointer to our adapter
165
pSrc Pointer to the transimitted source data that will be encrypt
166
pDest Pointer to the destination where entryption data will be store in.
167
Len Indicate the length of the source data
172
IRQL = DISPATCH_LEVEL
176
========================================================================
178
VOID RTMPEncryptData(
179
IN PRT2570ADAPTER pAdapter,
184
pAdapter->PrivateInfo.FCSCRC32 = RTMP_CALC_FCS32(pAdapter->PrivateInfo.FCSCRC32, pSrc, Len);
185
ARCFOUR_ENCRYPT(&pAdapter->PrivateInfo.WEPCONTEXT, pDest, pSrc, Len);
189
========================================================================
192
Decrypt received data
195
pAdapter Pointer to our adapter
196
pSrc Pointer to the received data
197
Len the length of the received data
200
TRUE Decrypt WEP data success
201
FALSE Decrypt WEP data failed
205
========================================================================
207
BOOLEAN RTMPDecryptData(
208
IN PRT2570ADAPTER pAdapter,
216
memcpy(WEPKEY, pSrc, 3); //Get WEP IV
218
KeyIdx = (*(pSrc + 3) & 0xc0) >> 6;
219
if (pAdapter->PortCfg.SharedKey[KeyIdx].KeyLen == 0)
222
memcpy(WEPKEY + 3, pAdapter->PortCfg.SharedKey[KeyIdx].Key, pAdapter->PortCfg.SharedKey[KeyIdx].KeyLen);
223
ARCFOUR_INIT(&pAdapter->PrivateInfo.WEPCONTEXT, WEPKEY, pAdapter->PortCfg.SharedKey[KeyIdx].KeyLen + 3);
224
ARCFOUR_DECRYPT(&pAdapter->PrivateInfo.WEPCONTEXT, pSrc, pSrc + 4, Len - 4);
225
memcpy(&trailfcs, pSrc + Len - 8, 4);
226
crc32 = RTMP_CALC_FCS32(PPPINITFCS32, pSrc, Len - 8); //Skip last 4 bytes(FCS).
227
crc32 ^= 0xffffffff; /* complement */
228
if(crc32 != trailfcs)
230
DBGPRINT_RAW(RT_DEBUG_TRACE, "! WEP Data CRC Error !\n"); //CRC error.
237
========================================================================
240
The Stream Cipher Encryption Algorithm "ARCFOUR" initialize
243
Ctx Pointer to ARCFOUR CONTEXT (SBOX)
244
pKey Pointer to the WEP KEY
245
KeyLen Indicate the length fo the WEP KEY
250
IRQL = DISPATCH_LEVEL
254
========================================================================
257
IN PARCFOURCONTEXT Ctx,
270
for (counter = 0; counter < 256; counter++)
271
state[counter] = (UCHAR)counter;
274
for (counter = 0; counter < 256; counter++)
277
stateindex = (stateindex + pKey[keyindex] + t) & 0xff;
278
u = state[stateindex];
279
state[stateindex] = t;
281
if (++keyindex >= KeyLen)
287
========================================================================
290
Get bytes from ARCFOUR CONTEXT (S-BOX)
293
Ctx Pointer to ARCFOUR CONTEXT (SBOX)
296
UCHAR - the value of the ARCFOUR CONTEXT (S-BOX)
300
========================================================================
303
IN PARCFOURCONTEXT Ctx)
311
x = (Ctx->X + 1) & 0xff;
313
y = (sx + Ctx->Y) & 0xff;
320
return(state[(sx + sy) & 0xff]);
325
========================================================================
328
The Stream Cipher Decryption Algorithm
331
Ctx Pointer to ARCFOUR CONTEXT (SBOX)
332
pDest Pointer to the Destination
333
pSrc Pointer to the Source data
334
Len Indicate the length of the Source data
341
========================================================================
343
VOID ARCFOUR_DECRYPT(
344
IN PARCFOURCONTEXT Ctx,
351
for (i = 0; i < Len; i++)
352
pDest[i] = pSrc[i] ^ ARCFOUR_BYTE(Ctx);
356
========================================================================
359
The Stream Cipher Encryption Algorithm
362
Ctx Pointer to ARCFOUR CONTEXT (SBOX)
363
pDest Pointer to the Destination
364
pSrc Pointer to the Source data
365
Len Indicate the length of the Source dta
370
IRQL = DISPATCH_LEVEL
374
========================================================================
376
VOID ARCFOUR_ENCRYPT(
377
IN PARCFOURCONTEXT Ctx,
384
for (i = 0; i < Len; i++)
385
pDest[i] = pSrc[i] ^ ARCFOUR_BYTE(Ctx);
389
========================================================================
392
Calculate a new FCS given the current FCS and the new data.
395
Fcs the original FCS value
396
Cp pointer to the data which will be calculate the FCS
397
Len the length of the data
402
IRQL = DISPATCH_LEVEL
406
========================================================================
408
ULONG RTMP_CALC_FCS32(
414
Fcs = (((Fcs) >> 8) ^ FCSTAB_32[((Fcs) ^ (*Cp++)) & 0xff]);
421
========================================================================
424
Get last FCS and encrypt it to the destination
427
pDest Pointer to the Destination
434
========================================================================
437
IN PRT2570ADAPTER pAdapter,
440
pAdapter->PrivateInfo.FCSCRC32 ^= 0xffffffff; /* complement */
442
ARCFOUR_ENCRYPT(&pAdapter->PrivateInfo.WEPCONTEXT, pDest, (PUCHAR) &pAdapter->PrivateInfo.FCSCRC32, 4);