void aes_hard_init_ECB(void)
{
unsigned char key[16];
TRACE_DEBUG("aes_hard_init_ECB\n\r");
// Activate peripheral clock
#ifdef AT91C_ID_AES
PMC_EnablePeripheral( AT91C_ID_AES );
#elif AT91C_ID_AESTDES
PMC_EnablePeripheral( AT91C_ID_AESTDES );
#elif AT91C_ID_TDES
PMC_EnablePeripheral( AT91C_ID_TDES );
#else
#error AES undefined
#endif
// Load mode
//AES_Configure(AT91C_AES_CIPHER, AT91C_AES_SMOD_MANUAL, AT91C_AES_OPMOD_ECB);
AT91C_BASE_AES->AES_MR = AT91C_AES_SMOD_PDC | AT91C_AES_OPMOD_ECB;
// Convert and load key
ASCII2Hex((unsigned char*)ENCRYPTION_KEY, key, ENCRYPTION_KEY_LENGTH);
AES_SetKey((unsigned int*)key);
}
void aes_hard_init_ECB(void)
{
unsigned char key[ENCRYPTION_KEY_LENGTH];
TRACE_DEBUG("aes_hard_init_ECB\n\r");
// Activate peripheral clock
#ifdef AT91C_ID_AES
PMC_EnablePeripheral( AT91C_ID_AES );
#elif AT91C_ID_AESTDES
PMC_EnablePeripheral( AT91C_ID_AESTDES );
#elif AT91C_ID_TDES
PMC_EnablePeripheral( AT91C_ID_TDES );
#else
#error AES undefined
#endif
// Load mode
AT91C_BASE_AES->AES_MR = AT91C_AES_SMOD_PDC // PDC Mode
#if (ENCRYPTION_KEY_LENGTH == 32)
| AT91C_AES_KEYSIZE_256_BIT
#endif
#if (ENCRYPTION_KEY_LENGTH == 24)
| AT91C_AES_KEYSIZE_192_BIT
#endif
| AT91C_AES_OPMOD_ECB; // ECB Electronic CodeBook mode
// Convert and load key
ASCII2Hex((unsigned char*)ENCRYPTION_KEY, key, ENCRYPTION_KEY_LENGTH);
AES_SetKey((unsigned int*)key, ENCRYPTION_KEY_LENGTH);
}
void aes_hard_init_CTR(void)
{
unsigned char key[16];
unsigned char IV[16];
TRACE_DEBUG("aes_hard_init_CTR\n\r");
// Activate peripheral clock
#ifdef AT91C_ID_AES
PMC_EnablePeripheral( AT91C_ID_AES );
#elif AT91C_ID_AESTDES
PMC_EnablePeripheral( AT91C_ID_AESTDES );
#elif AT91C_ID_TDES
PMC_EnablePeripheral( AT91C_ID_TDES );
#else
#error AES undefined
#endif
// Load mode
AT91C_BASE_AES->AES_MR = AT91C_AES_SMOD_PDC | AT91C_AES_OPMOD_CTR;
// Convert and load key
ASCII2Hex((unsigned char*)ENCRYPTION_KEY, key, ENCRYPTION_KEY_LENGTH);
AES_SetKey((unsigned int*)key);
// Convert and load IV
ASCII2Hex((unsigned char*)ENCRYPTION_IV, IV, ENCRYPTION_BLOCK_LENGTH);
AES_SetVector((unsigned int*)IV);
}
void aes_hard_init(void)
{
unsigned char key[16];
#if defined(ENCRYPTION_CTR) || defined(ENCRYPTION_CBC)
unsigned char IV[16];
#endif
TRACE_DEBUG("AES/HARD: Initializing ...\n\r");
// Activate peripheral clock
#ifdef AT91C_ID_AES
PMC_EnablePeripheral( AT91C_ID_AES );
#elif AT91C_ID_AESTDES
PMC_EnablePeripheral( AT91C_ID_AESTDES );
#elif AT91C_ID_TDES
PMC_EnablePeripheral( AT91C_ID_TDES );
#else
#error AES undefined
#endif
// Load mode
#if defined(ENCRYPTION_ECB)
//AES_Configure(AT91C_AES_CIPHER, AT91C_AES_SMOD_PDC, AT91C_AES_OPMOD_ECB);
AT91C_BASE_AES->AES_MR = AT91C_AES_SMOD_PDC | AT91C_AES_OPMOD_ECB;
#elif defined(ENCRYPTION_CBC)
AT91C_BASE_AES->AES_MR = AT91C_AES_SMOD_PDC | AT91C_AES_OPMOD_CBC;
#elif defined(ENCRYPTION_CTR)
AT91C_BASE_AES->AES_MR = AT91C_AES_SMOD_PDC | AT91C_AES_OPMOD_CTR;
#endif
// Convert and load key
ASCII2Hex((unsigned char*)ENCRYPTION_KEY, key, ENCRYPTION_KEY_LENGTH);
AES_SetKey((unsigned int*)key);
// Convert and load IV
#if defined(ENCRYPTION_CTR) || defined(ENCRYPTION_CBC)
ASCII2Hex((unsigned char*)ENCRYPTION_IV, IV, ENCRYPTION_BLOCK_LENGTH);
AES_SetVector((unsigned int*)IV);
#endif
TRACE_DEBUG("AES/HARD: Initialization done.\n\r");
}
void aes_hard_init_CBC(void)
{
unsigned char key[ENCRYPTION_KEY_LENGTH];
unsigned char IV[ENCRYPTION_BLOCK_LENGTH];
TRACE_DEBUG("aes_hard_init_CBC\n\r");
// Activate peripheral clock
#ifdef AT91C_ID_AES
PMC_EnablePeripheral( AT91C_ID_AES );
#elif AT91C_ID_AESTDES
PMC_EnablePeripheral( AT91C_ID_AESTDES );
#elif AT91C_ID_TDES
PMC_EnablePeripheral( AT91C_ID_TDES );
#else
#error AES undefined
#endif
// Load mode
AT91C_BASE_AES->AES_MR = AT91C_AES_SMOD_PDC // PDC Mode
#if (ENCRYPTION_KEY_LENGTH == 32)
| AT91C_AES_KEYSIZE_256_BIT
#endif
#if (ENCRYPTION_KEY_LENGTH == 24)
| AT91C_AES_KEYSIZE_192_BIT
#endif
| AT91C_AES_OPMOD_CBC; // Cipher Block Chaining mode
// Convert and load key
ASCII2Hex((unsigned char*)ENCRYPTION_KEY, key, ENCRYPTION_KEY_LENGTH);
AES_SetKey((unsigned int*)key, ENCRYPTION_KEY_LENGTH);
// Convert and load IV
ASCII2Hex((unsigned char*)ENCRYPTION_IV, IV, ENCRYPTION_BLOCK_LENGTH);
AES_SetVector((unsigned int*)IV);
}
u32 AES_crypt(AES_CTX *ctx, u32 *in_buf, u32 *out_buf, u32 size)
{
u32 j;
if(!size || size>AES_BUFFERSIZE_MAX) return 1;
if(ctx->update)
{
if(ctx->update & 0b00000001) // Normal key
{
AES_SetControl(ctx->key[12]); // Endianess & word order
AES_SetKeyControl(ctx->keyslot);
AES_SetNormalKey(ctx->key);
AES_SetKey(ctx->keyslot);
}
if(ctx->update & 0b00000010) // TWL key
{
AES_SetControl(ctx->key[12]); // Endianess & word order
AES_SetKeyControl(ctx->keyslot);
AES_SetTWLKey(ctx->key, ctx->keyslot);
AES_SetKey(ctx->keyslot);
}
if(ctx->update & 0b00001100) // KeyY
{
AES_SetKeyControl(ctx->keyslot);
if(ctx->update & 0b00000100) // Use key
{
AES_SetControl(ctx->key[12]); // Endianess & word order
AES_SetKeyY(ctx->key);
}
else if(ctx->update & 0b00001000) // Use key2
{
AES_SetControl(ctx->key2[4]); // Endianess & word order
AES_SetKeyY(ctx->key2);
}
AES_SetKey(ctx->keyslot);
}
if(ctx->update & 0b00110000) // KeyX
{
AES_SetKeyControl(ctx->keyslot);
if(ctx->update & 0b00010000) // Use key
{
AES_SetControl(ctx->key[12]); // Endianess & word order
AES_SetKeyX(ctx->key);
}
else if(ctx->update & 0b00100000) // Use key2
{
AES_SetControl(ctx->key2[4]); // Endianess & word order
AES_SetKeyX(ctx->key2);
}
AES_SetKey(ctx->keyslot);
}
if(ctx->update & 0b01000000) AES_SetKey(ctx->keyslot);
if(ctx->update & 0b01111101) AES_SetControl(AES_UPDATE_KEYSLOT);
}
if(((ctx->params>>27)&7)<2)
{
AES_SetControl(ctx->CTR_IV_Nonce[4]); // Endianess & word order
AES_SetNonce(ctx->CTR_IV_Nonce);
}
else
{
// Description:
// Output:
// Modify:
void
Authenticator_StatePTKINITDONE(
IN PADAPTER Adapter,
IN PRT_WLAN_STA pSTA
)
{
PAUTH_PKEY_MGNT_TAG pKeyMgnt = &pSTA->perSTAKeyInfo;
RT_TRACE( COMP_AUTHENTICATOR, DBG_LOUD, ("===> Authenticator_StatePTKINITDONE()\n") );
// TODO: SetKey to CAM
if( !ACTING_AS_AP(Adapter))
{
RT_TRACE( COMP_AUTHENTICATOR, DBG_LOUD, ("[Warning] current: STA mode, return."));
return;
}
pSTA->perSTAKeyInfo.PrState = ASMPS_PTKINITDONE;
// TODO: Check SetKey completed, these lines were moved from Authenticator_OnEAPOLKeyRecvd() by Jay
if (pSTA->perSTAKeyInfo.Pair)
{
u4Byte ucIndex = 0;
CopyMem(pSTA->perSTAKeyInfo.PTK, pSTA->perSTAKeyInfo.PTK_update, PTK_LEN); // Added by Annie, 2005-07-12.
if( Adapter->MgntInfo.SecurityInfo.PairwiseEncAlgorithm != RT_ENC_ALG_AESCCMP )
{
pSTA->perSTAKeyInfo.TempEncKey = pKeyMgnt->PTK+TKIP_ENC_KEY_POS;
pSTA->perSTAKeyInfo.TxMICKey = pKeyMgnt->PTK+(TKIP_MIC_KEY_POS);
pSTA->perSTAKeyInfo.RxMICKey = pKeyMgnt->PTK+(TKIP_MIC_KEY_POS+TKIP_MIC_KEY_LEN);
//Add for AP mode HW enc,by CCW
ucIndex = AP_FindFreeEntry(Adapter , pSTA->MacAddr );
if(ucIndex == Adapter->TotalCamEntry)
{
RT_TRACE( COMP_AUTHENTICATOR, DBG_LOUD, ("[Warning] Authenticator_StatePTKINITDONE: Cam Entry is FULL!!!\n"));
return;
}
//set key
AP_Setkey( Adapter ,
pSTA->perSTAKeyInfo.pWLanSTA->MacAddr,
ucIndex, // Entey index
CAM_TKIP,
0, // Parise key
pSTA->perSTAKeyInfo.TempEncKey);
pSTA->keyindex = ucIndex;
}else{ // AES mode AP-WPA AES,CCW
AESCCMP_BLOCK blockKey;
//RT_TRACE( COMP_WPAAES, DBG_LOUD, ("====> Set Station Key."));
//Add for AP mode HW enc,by CCW
ucIndex = AP_FindFreeEntry(Adapter , pSTA->MacAddr);
if(ucIndex == Adapter->TotalCamEntry)
{
RT_TRACE( COMP_AUTHENTICATOR, DBG_LOUD, ("[Warning] Authenticator_StatePTKINITDONE: Cam Entry is FULL!!!\n"));
return;
}
//Set Key
PlatformMoveMemory( blockKey.x , pKeyMgnt->PTK+TKIP_ENC_KEY_POS , 16);
AES_SetKey(blockKey.x, AESCCMP_BLK_SIZE*8, (pu4Byte)pSTA->perSTAKeyInfo.AESKeyBuf);
//set hw key
AP_Setkey( Adapter ,
pSTA->perSTAKeyInfo.pWLanSTA->MacAddr,
ucIndex, // Entey index
CAM_AES,
0, // Parise key
pSTA->perSTAKeyInfo.PTK+TKIP_ENC_KEY_POS);
pSTA->keyindex = ucIndex;
}
}
//pSTA->perSTAKeyInfo.bPTKInstalled = TRUE;
pSTA->perSTAKeyInfo.GInitAKeys = TRUE;
pSTA->perSTAKeyInfo.PInitAKeys = TRUE;
// Begin 2-way handshake
if( Adapter->MgntInfo.SecurityInfo.SecLvl == RT_SEC_LVL_WPA )
Authenticator_StateREKEYNEGOTIATING(Adapter, pSTA); // To do 2-way
if( Adapter->MgntInfo.SecurityInfo.SecLvl == RT_SEC_LVL_WPA2 )
{
Authenticator_StateREKEYESTABLISHED(Adapter, pSTA); // No to do 2-way
pKeyMgnt->TimeoutCtr = 0;
}
RT_TRACE( COMP_AUTHENTICATOR, DBG_LOUD, ("<=== Authenticator_StatePTKINITDONE()\n") );
}
// Description: Initialize the global key data in Authenticator.
// Output: void
// Modify: Annie, 2005-07-02
// I check the data struct again, and discard using pMgntInfo->globalKeyInfo.groupKeyInfo.
// Now Global/group key data (PMK, GTK, ANonce): all kept in pMgntInfo->globalKeyInfo.
// global key state: recorded in pEntry->perSTAKeyInfo.GrState. (I think it should be kept in per station.)
//
void
Authenticator_GlobalReset(
IN PADAPTER Adapter
)
{
PMGNT_INFO pMgntInfo = &Adapter->MgntInfo;
PRT_SECURITY_T pSecInfo = &(pMgntInfo->SecurityInfo);
PAUTH_GLOBAL_KEY_TAG pGlInfo = &(pMgntInfo->globalKeyInfo);
PRT_WLAN_STA pEntry;
int i;
u1Byte RdmBuf[20], NonceBuf[KEY_NONCE_LEN];
static u1Byte CAM_CONST_BROAD[] = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff};
AESCCMP_BLOCK blockKey;
//--- [AnnieWorkaround] See 11i D3.0 page91, GTK should be generated by PRF-X.
u1Byte TmpGTK[] = "12345678123456781234567812345678";
//---
RT_TRACE( COMP_AUTHENTICATOR, DBG_LOUD, ("===> Authenticator_GlobalReset()\n") );
if( !ACTING_AS_AP(Adapter) )
{
RT_TRACE( COMP_AUTHENTICATOR, DBG_LOUD, ("[Warning] current: STA mode, return."));
return;
}
pGlInfo->currentId = 0;
if(pSecInfo->SecLvl == RT_SEC_LVL_WPA)
pGlInfo->DescriptorType = desc_type_RSN;
else
pGlInfo->DescriptorType = desc_type_WPA2;
GetRandomBuffer( RdmBuf );
for( i=0; i<16; i++ )
{
NonceBuf[i] = RdmBuf[i];
NonceBuf[16+i] = RdmBuf[19-i];
}
NonceBuf[KEY_NONCE_LEN-1] = 0; //[AnnieWorkaround] Remove it if ANonce addition is ready. 2005-11-25.
RT_PRINT_DATA( COMP_AUTHENTICATOR, DBG_LOUD, "Authenticator_GlobalReset(): NonceBuf", NonceBuf, KEY_NONCE_LEN );
// 1. Install PMK
if( pGlInfo->PassphraseLen < 64 ){
PasswordHash(pGlInfo->Passphrase, pGlInfo->PassphraseLen,
pMgntInfo->Ssid.Octet, pMgntInfo->Ssid.Length, pGlInfo->PMK );
}
else
{
// Add for direct to set PMK 64-Hex mode...
if( pGlInfo->PassphraseLen == 64 )
PlatformMoveMemory(pGlInfo->PMK, pGlInfo->Passphrase , 32 );
}
// 2. Install GTK
//
// 2010/12/15 Neo Jou check in
// When in Linux AP mode, hostapd will set down GTK before Authenticator_GlobalReset()
// Thus for Linux AP mode case, we don't reset GTK here
//
PlatformZeroMemory( pGlInfo->GTK, GTK_LEN );
PlatformMoveMemory( pGlInfo->GTK, TmpGTK, GTK_LEN );
pGlInfo->TxMICKey = pGlInfo->GTK + GTK_MIC_TX_POS;
pGlInfo->RxMICKey = pGlInfo->GTK + GTK_MIC_RX_POS;
//AP WPA AES,CCW
PlatformMoveMemory( blockKey.x , pGlInfo->GTK , 16);
AES_SetKey(blockKey.x, AESCCMP_BLK_SIZE*8, (pu4Byte)pGlInfo->AESGTK);
//
pSecInfo->GroupTransmitKeyIdx = 1;
// 3. Install ANonce
// CopyMem( pGlInfo->ANonce, NonceBuf, KEY_NONCE_LEN );
PlatformMoveMemory(pGlInfo->ANonce, NonceBuf, KEY_NONCE_LEN );
// 4. Install GNonce
// CopyMem( pGlInfo->GNonce, NonceBuf, KEY_NONCE_LEN );
PlatformMoveMemory(pGlInfo->GNonce, NonceBuf, KEY_NONCE_LEN );
// 5. Reset KeyRSC
pGlInfo->KeyRSC = 0;
// 6. Reset time slot.
pGlInfo->CurrentTimeSlot = 0;
#if 1 //Addedby Jay 0713
pGlInfo->TimeSlot_IntegrityFail2 = 0;
#endif
// 7. IV
#if 1 //Added by Jay 0712 for security IV
pSecInfo->TxIV = DEFAULT_INIT_TX_IV;
#endif
pMgntInfo->bAPGlobRest = TRUE;
// Reset key information of each station.
for(i = 0; i < ASSOCIATE_ENTRY_NUM; i++)
{
pEntry = &(pMgntInfo->AsocEntry[i]);
Authenticator_StateINITIALIZE(Adapter, pEntry);
}
pMgntInfo->bAPGlobRest = FALSE;
//reset SWCamTabe and HWCamtable ,add by CCW
AP_ClearAllKey(Adapter);
if( (MgntActQuery_ApType(Adapter) == RT_AP_TYPE_NORMAL ||
MgntActQuery_ApType(Adapter) == RT_AP_TYPE_IBSS_EMULATED
|| MgntActQuery_ApType(Adapter) == RT_AP_TYPE_LINUX) &&
( pMgntInfo->NdisVersion < RT_NDIS_VERSION_6_20 ))
{
switch( pSecInfo->PairwiseEncAlgorithm )
{
case RT_ENC_ALG_TKIP:
AP_Setkey( Adapter ,
CAM_CONST_BROAD,
1, // Index entry
CAM_TKIP,
1, // Set Group Key
pGlInfo->GTK);
break;
case RT_ENC_ALG_AESCCMP:
AP_Setkey( Adapter ,
CAM_CONST_BROAD,
1, // Index entry
CAM_AES,
1, // Set Group Key
pGlInfo->GTK);
break;
case RT_ENC_ALG_WEP40:
case RT_ENC_ALG_WEP104:
{
static u1Byte CAM_CONST_ADDR[4][6] = {
{0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
{0x00, 0x00, 0x00, 0x00, 0x00, 0x01},
{0x00, 0x00, 0x00, 0x00, 0x00, 0x02},
{0x00, 0x00, 0x00, 0x00, 0x00, 0x03}};
u1Byte EncAlgo = ((pSecInfo->PairwiseEncAlgorithm == RT_ENC_ALG_WEP40) ? CAM_WEP40 : CAM_WEP104);
for(i = 0; i < 4; i++)
{
if(pSecInfo->KeyLen[i] > 0)
{
AP_Setkey(
Adapter ,
CAM_CONST_ADDR[i],
i, // Index entry
EncAlgo,
1,
pSecInfo->KeyBuf[i]);
}
}
}
break;
default:
break;
}
}
RT_TRACE( COMP_AUTHENTICATOR, DBG_LOUD, ("<=== Authenticator_GlobalReset()\n") );
}
int _tmain(int argc, _TCHAR* argv[])
{
int i;
// The array temp stores the key.
// The array temp1 stores the plaintext.
unsigned char Key[16] = {0x00 ,0x01 ,0x02 ,0x03 ,0x04 ,0x05 ,0x06 ,0x07 ,0x08 ,0x09 ,0x0a ,0x0b ,0x0c ,0x0d ,0x0e ,0x0f};
unsigned char temp1[16]= {0x00 ,0x11 ,0x22 ,0x33 ,0x44 ,0x55 ,0x66 ,0x77 ,0x88 ,0x99 ,0xaa ,0xbb ,0xcc ,0xdd ,0xee ,0xff};
unsigned char temp2[32]= {0x00 ,0x11 ,0x22 ,0x33 ,0x44 ,0x55 ,0x66 ,0x77 ,0x88 ,0x99 ,0xaa ,0xbb ,0xcc ,0xdd ,0xee ,0xff,
0x00 ,0x11 ,0x22 ,0x33 ,0x44 ,0x55 ,0x66 ,0x77 ,0x88 ,0x99 ,0xaa ,0xbb ,0xcc ,0xdd ,0xee ,0xff};
unsigned char temp3[32];
// The KeyExpansion routine must be called before encryption.
AES_SetKey(Key);
AES_SetIV(Key);
// The next function call encrypts the PlainText with the Key using AES algorithm.
AES_Encrypt(temp1, 16, temp1, 16);
// Output the encrypted text.
printf("\nText after encryption:\n");
for (i = 0; i < sizeof(temp1); i++)
{
printf("%02x ", temp1[i]);
}
printf("\n\n");
AES_Decrypt(temp1, temp1, 16);
// Output the decrypted text.
printf("\nText after decryption:\n");
for (i = 0; i < sizeof(temp1); i++)
{
printf("%02x ", temp1[i]);
}
printf("\n\n");
AES_Encrypt(temp2, 32, temp2, 32, CBC);
printf("\nText after encryption:\n");
for (i = 0; i < sizeof(temp2); i++)
{
printf("%02x ", temp2[i]);
}
printf("\n\n");
AES_Decrypt(temp2, temp2, 32, CBC);
printf("\nText after decryption:\n");
for (i = 0; i < sizeof(temp2); i++)
{
printf("%02x ", temp2[i]);
}
printf("\n\n");
AES_Encrypt(temp2, 16, temp3, 32, false, CFB);
AES_Encrypt(temp2 + 16, 16, temp3 + 16, 16, true, CFB);
printf("\nText after encryption:\n");
for (i = 0; i < sizeof(temp3); i++)
{
printf("%02x ", temp3[i]);
}
printf("\n\n");
AES_Decrypt(temp3, temp3, 32, false, CFB);
printf("\nText after decryption:\n");
for (i = 0; i < sizeof(temp2); i++)
{
printf("%02x ", temp2[i]);
}
printf("\n\n");
AES_Encrypt(temp2, 24, temp3, 32, false, CFB);
printf("\nText after encryption:\n");
for (i = 0; i < sizeof(temp3); i++)
{
printf("%02x ", temp3[i]);
}
printf("\n\n");
AES_Decrypt(temp3, temp2, 32, false, CFB);
printf("\nText after decryption:\n");
for (i = 0; i < sizeof(temp2); i++)
{
printf("%02x ", temp2[i]);
}
printf("\n\n");
return 0;
}
