/*-----------------------------------------------------------------------------
hdr: wlanhdr
llc: llc_snap
pframe: raw data payload
plen: length of raw data payload
mic: mic of AES
------------------------------------------------------------------------------*/
static void aes_tx(struct rtl8192cd_priv *priv, UINT8 *key, UINT8 keyid,
union PN48 *pn48, UINT8 *hdr, UINT8 *llc,
UINT8 *pframe, UINT32 plen, UINT8* txmic)
{
static UINT8 message[MAX_MSG_SIZE];
UINT32 qc_exists, a4_exists, i, j, payload_remainder,
num_blocks,payload_length, payload_index;
UINT8 pn_vector[6];
UINT8 mic_iv[16];
UINT8 mic_header1[16];
UINT8 mic_header2[16];
UINT8 ctr_preload[16];
/* Intermediate Buffers */
UINT8 chain_buffer[16];
UINT8 aes_out[16];
UINT8 padded_buffer[16];
UINT8 mic[8];
UINT32 offset = 0;
UINT32 hdrlen = get_hdrlen(priv, hdr);
memset((void *)mic_iv, 0, 16);
memset((void *)mic_header1, 0, 16);
memset((void *)mic_header2, 0, 16);
memset((void *)ctr_preload, 0, 16);
memset((void *)chain_buffer, 0, 16);
memset((void *)aes_out, 0, 16);
memset((void *)padded_buffer, 0, 16);
if (get_tofr_ds(hdr) != 0x03)
a4_exists = 0;
else
a4_exists = 1;
if (is_qos_data(hdr)) {
qc_exists = 1;
//hdrlen += 2; // these 2 bytes has already added
}
else
qc_exists = 0;
// below is to collecting each frag(hdr, llc, pay, and mic into single message buf)
// extiv (8 bytes long) should have been appended
pn_vector[0] = hdr[hdrlen] = pn48->_byte_.TSC0;
pn_vector[1] = hdr[hdrlen+1] = pn48->_byte_.TSC1;
hdr[hdrlen+2] = 0x00;
hdr[hdrlen+3] = (0x20 | (keyid << 6));
pn_vector[2] = hdr[hdrlen+4] = pn48->_byte_.TSC2;
pn_vector[3] = hdr[hdrlen+5] = pn48->_byte_.TSC3;
pn_vector[4] = hdr[hdrlen+6] = pn48->_byte_.TSC4;
pn_vector[5] = hdr[hdrlen+7] = pn48->_byte_.TSC5;
memcpy((void *)message, hdr, (hdrlen + 8)); //8 is for ext iv len
offset = (hdrlen + 8);
if (llc)
{
memcpy((void *)(message + offset), (void *)llc, 8);
offset += 8;
}
memcpy((void *)(message + offset), (void *)pframe, plen);
offset += plen;
// now we have collecting all the bytes into single message buf
payload_length = plen; // 8 is for llc
if (llc)
payload_length += 8;
construct_mic_iv(
mic_iv,
qc_exists,
a4_exists,
message,
(payload_length),
pn_vector
);
construct_mic_header1(
mic_header1,
hdrlen,
message
);
construct_mic_header2(
mic_header2,
message,
a4_exists,
qc_exists
);
payload_remainder = (payload_length) % 16;
num_blocks = (payload_length) / 16;
/* Find start of payload */
payload_index = (hdrlen + 8);
/* Calculate MIC */
aes128k128d(key, mic_iv, aes_out);
bitwise_xor(aes_out, mic_header1, chain_buffer);
aes128k128d(key, chain_buffer, aes_out);
bitwise_xor(aes_out, mic_header2, chain_buffer);
aes128k128d(key, chain_buffer, aes_out);
for (i = 0; i < num_blocks; i++)
{
bitwise_xor(aes_out, &message[payload_index], chain_buffer);
payload_index += 16;
aes128k128d(key, chain_buffer, aes_out);
}
/* Add on the final payload block if it needs padding */
if (payload_remainder > 0)
{
for (j = 0; j < 16; j++) padded_buffer[j] = 0x00;
for (j = 0; j < payload_remainder; j++)
{
padded_buffer[j] = message[payload_index++];
}
bitwise_xor(aes_out, padded_buffer, chain_buffer);
aes128k128d(key, chain_buffer, aes_out);
}
for (j = 0 ; j < 8; j++) mic[j] = aes_out[j];
/* Insert MIC into payload */
for (j = 0; j < 8; j++)
message[payload_index+j] = mic[j];
payload_index = hdrlen + 8;
for (i=0; i< num_blocks; i++)
{
construct_ctr_preload(
ctr_preload,
a4_exists,
qc_exists,
message,
pn_vector,
i+1);
aes128k128d(key, ctr_preload, aes_out);
bitwise_xor(aes_out, &message[payload_index], chain_buffer);
for (j=0; j<16;j++) message[payload_index++] = chain_buffer[j];
}
if (payload_remainder > 0) /* If there is a short final block, then pad it,*/
{ /* encrypt it and copy the unpadded part back */
construct_ctr_preload(
ctr_preload,
a4_exists,
qc_exists,
message,
pn_vector,
num_blocks+1);
for (j = 0; j < 16; j++) padded_buffer[j] = 0x00;
for (j = 0; j < payload_remainder; j++)
{
padded_buffer[j] = message[payload_index+j];
}
aes128k128d(key, ctr_preload, aes_out);
bitwise_xor(aes_out, padded_buffer, chain_buffer);
for (j=0; j<payload_remainder;j++) message[payload_index++] = chain_buffer[j];
}
/* Encrypt the MIC */
construct_ctr_preload(
ctr_preload,
a4_exists,
qc_exists,
message,
pn_vector,
0);
for (j = 0; j < 16; j++) padded_buffer[j] = 0x00;
for (j = 0; j < 8; j++)
{
padded_buffer[j] = message[j+hdrlen+8+payload_length];
}
aes128k128d(key, ctr_preload, aes_out);
bitwise_xor(aes_out, padded_buffer, chain_buffer);
for (j=0; j<8;j++) message[payload_index++] = chain_buffer[j];
// now, going to copy the final result back to the input buf...
offset =0;
//if (llc)
{
memcpy((void *)hdr, (void *)(&message[offset]), (hdrlen + 8 )); //8 is for ext iv
offset += (hdrlen + 8);
}
if (llc)
{
memcpy((void *)llc, (void *)(&message[offset]), 8 ); //8 is for llc
offset += (8);
}
memcpy((void *)pframe, (void *)(&message[offset]), (plen)); //now is for plen
offset += (plen);
memcpy((void *)txmic, (void *)(&message[offset]), 8); //now is for mic
offset += 8;
rtl_cache_sync_wback(priv, (unsigned long)hdr, hdrlen + 8, PCI_DMA_TODEVICE);
if (llc)
rtl_cache_sync_wback(priv, (unsigned long)llc, 8, PCI_DMA_TODEVICE);
rtl_cache_sync_wback(priv, (unsigned long)pframe, plen, PCI_DMA_TODEVICE);
rtl_cache_sync_wback(priv, (unsigned long)txmic, 8, PCI_DMA_TODEVICE);
_DEBUG_INFO("--txmic=%X %X %X %X %X %X %X %X\n",
txmic[0], txmic[1], txmic[2], txmic[3],
txmic[4], txmic[5], txmic[6], txmic[7]);
if (pn48->val48 == 0xffffffffffffULL)
pn48->val48 = 0;
else
pn48->val48++;
}
static int update_nd_link_layer_addr(unsigned char *data, int len, unsigned char *replace_mac)
{
struct icmp6hdr *icmphdr = (struct icmp6hdr *)data;
unsigned char *mac;
if (icmphdr->icmp6_type == NDISC_ROUTER_SOLICITATION) {
if (len >= 8) {
mac = scan_tlv(&data[8], len-8, 1, 1);
if (mac) {
_DEBUG_INFO("Router Solicitation, replace MAC From: %02x:%02x:%02x:%02x:%02x:%02x, To: %02x:%02x:%02x:%02x:%02x:%02x\n",
mac[0],mac[1],mac[2],mac[3],mac[4],mac[5],
replace_mac[0],replace_mac[1],replace_mac[2],replace_mac[3],replace_mac[4],replace_mac[5]);
memcpy(mac, replace_mac, 6);
return 1;
}
}
} else if (icmphdr->icmp6_type == NDISC_ROUTER_ADVERTISEMENT) {
if (len >= 16) {
mac = scan_tlv(&data[16], len-16, 1, 1);
if (mac) {
_DEBUG_INFO("Router Advertisement, replace MAC From: %02x:%02x:%02x:%02x:%02x:%02x, To: %02x:%02x:%02x:%02x:%02x:%02x\n",
mac[0],mac[1],mac[2],mac[3],mac[4],mac[5],
replace_mac[0],replace_mac[1],replace_mac[2],replace_mac[3],replace_mac[4],replace_mac[5]);
memcpy(mac, replace_mac, 6);
return 1;
}
}
} else if (icmphdr->icmp6_type == NDISC_NEIGHBOUR_SOLICITATION) {
if (len >= 24) {
mac = scan_tlv(&data[24], len-24, 1, 1);
if (mac) {
_DEBUG_INFO("Neighbor Solicitation, replace MAC From: %02x:%02x:%02x:%02x:%02x:%02x, To: %02x:%02x:%02x:%02x:%02x:%02x\n",
mac[0],mac[1],mac[2],mac[3],mac[4],mac[5],
replace_mac[0],replace_mac[1],replace_mac[2],replace_mac[3],replace_mac[4],replace_mac[5]);
memcpy(mac, replace_mac, 6);
return 1;
}
}
} else if (icmphdr->icmp6_type == NDISC_NEIGHBOUR_ADVERTISEMENT) {
if (len >= 24) {
mac = scan_tlv(&data[24], len-24, 2, 1);
if (mac) {
_DEBUG_INFO("Neighbor Advertisement, replace MAC From: %02x:%02x:%02x:%02x:%02x:%02x, To: %02x:%02x:%02x:%02x:%02x:%02x\n",
mac[0],mac[1],mac[2],mac[3],mac[4],mac[5],
replace_mac[0],replace_mac[1],replace_mac[2],replace_mac[3],replace_mac[4],replace_mac[5]);
memcpy(mac, replace_mac, 6);
return 1;
}
}
} else if (icmphdr->icmp6_type == NDISC_REDIRECT) {
if (len >= 40) {
mac = scan_tlv(&data[40], len-40, 2, 1);
if (mac) {
_DEBUG_INFO("Redirect, replace MAC From: %02x:%02x:%02x:%02x:%02x:%02x, To: %02x:%02x:%02x:%02x:%02x:%02x\n",
mac[0],mac[1],mac[2],mac[3],mac[4],mac[5],
replace_mac[0],replace_mac[1],replace_mac[2],replace_mac[3],replace_mac[4],replace_mac[5]);
memcpy(mac, replace_mac, 6);
return 1;
}
}
}
return 0;
}
int main( int argc, char **argv )
{
//printf("%d", LevenshteinDistance("*****@*****.**", "xiaoxia yquoxitsoftwareLom"));
//return 1;
ParseParam ArgvParser = ParseParam(argc, argv);
if (argc == 1) {
ArgvParser.HelpInfo();
return 1;
}
ArgvParser.SetGetOptStr("r::g::c::f::w:n:m:p:e:i:t:o:a:sh");
int arg_index = 0;
while(1) {
int c = ArgvParser.CallGetOpt();
ArgvParser.ParseVal(c, arg_index);
arg_index++;
if(c == -1) break;
}
//TextProcess tt;
//tt.Test1();
ArgValues InVal = ArgvParser.GetResult();
vector<string> VPValW;
vector<int> VPValN;
IplImage* pImgGet0 = NULL;
IplImage* pImgGet1 = NULL;
for (int i = 0; i < InVal.ActionFlag.size(); i++) {
switch (InVal.ActionFlag[i]) {
case FXQA_FUNC_COMPAREIMG:
_DEBUG_INFO("COMPAREIMG run.\n");
if (strcmp(InVal.ImgName0, "-c") == 0) { // compare images.
_DEBUG_INFO("-c runned.\n");
if (strcmp(InVal.ImgName1, "-w") == 0) {
_DEBUG_INFO("-w runned.\n");
Compare(pImgGet0, pImgGet1, InVal); break; // Compare images. all from srceen shot.
} else {
Compare(pImgGet0, InVal); break; // Compare images. one from srceen shot,other is local file.
}
}
Compare(InVal); break; // Compare images, or file.
case FXQA_FUNC_GETDESKTOPIMG:
_DEBUG_INFO("GETDESKTOPIMG run.\n");
VPValW = ArgvParser.ParseInputWValue(InVal.ProgramVal);
VPValN = ArgvParser.ParseInputNValue(InVal.ScreenShotSize);
if (VPValW.size() == 0) {
pImgGet0 = GetScreenImg(argc, argv, NULL, InVal);
} else if (VPValW.size() == 1) {
pImgGet0 = GetScreenImg(argc, argv, VPValW[0].c_str(), InVal);
} else {
pImgGet0 = GetScreenImg(argc, argv, VPValW[0].c_str(), InVal);
pImgGet1 = GetScreenImg(argc, argv, VPValW[1].c_str(), InVal);
} break;
case FXQA_FUNC_COMPOSE:
Compose(InVal);
break;
case FXQA_FUNC_FINDIMG:
FXQAFunc_Find(argc, argv, InVal);
break;
case FXQA_FUNC_OCR:
FXQAFunc_OCR(argc, argv, InVal);
break;
default:
_DEBUG_INFO("DEFAULT run.\n");
break;
}
}
return 0;
}
