/*
==========================================================================
Description:
Set WPA PSK key
Arguments:
pAdapter Pointer to our adapter
keyString WPA pre-shared key string
pHashStr String used for password hash function
hashStrLen Lenght of the hash string
pPMKBuf Output buffer of WPAPSK key
Return:
TRUE if all parameters are OK, FALSE otherwise
==========================================================================
*/
INT RT_CfgSetWPAPSKKey(
IN RTMP_ADAPTER *pAd,
IN PSTRING keyString,
IN UCHAR *pHashStr,
IN INT hashStrLen,
OUT PUCHAR pPMKBuf)
{
int keyLen;
UCHAR keyMaterial[40];
keyLen = strlen(keyString);
if ((keyLen < 8) || (keyLen > 64))
{
DBGPRINT(RT_DEBUG_TRACE, ("WPAPSK Key length(%d) error, required 8 ~ 64 characters!(keyStr=%s)\n",
keyLen, keyString));
return FALSE;
}
memset(pPMKBuf, 0, 32);
if (keyLen == 64)
{
AtoH(keyString, pPMKBuf, 32);
}
else
{
PasswordHash(keyString, pHashStr, hashStrLen, keyMaterial);
NdisMoveMemory(pPMKBuf, keyMaterial, 32);
}
return TRUE;
}
/*
==========================================================================
Description:
Set WPA PSK key
Arguments:
pAdapter Pointer to our adapter
keyString WPA pre-shared key string
pHashStr String used for password hash function
hashStrLen Lenght of the hash string
pPMKBuf Output buffer of WPAPSK key
Return:
TRUE if all parameters are OK, FALSE otherwise
==========================================================================
*/
int RT_CfgSetWPAPSKKey(struct rt_rtmp_adapter *pAd,
char *keyString,
u8 * pHashStr,
int hashStrLen, u8 *pPMKBuf)
{
int keyLen;
u8 keyMaterial[40];
keyLen = strlen(keyString);
if ((keyLen < 8) || (keyLen > 64)) {
DBGPRINT(RT_DEBUG_TRACE,
("WPAPSK Key length(%d) error, required 8 ~ 64 characters!(keyStr=%s)\n",
keyLen, keyString));
return FALSE;
}
memset(pPMKBuf, 0, 32);
if (keyLen == 64) {
AtoH(keyString, pPMKBuf, 32);
} else {
PasswordHash(keyString, pHashStr, hashStrLen, keyMaterial);
NdisMoveMemory(pPMKBuf, keyMaterial, 32);
}
return TRUE;
}
// Description: Initialize the global key data in Authenticator.
// Output: void
// Modify: Annie, 2005-07-02
// I check the data struct again, and discard using pMgntInfo->globalKeyInfo.groupKeyInfo.
// Now Global/group key data (PMK, GTK, ANonce): all kept in pMgntInfo->globalKeyInfo.
// global key state: recorded in pEntry->perSTAKeyInfo.GrState. (I think it should be kept in per station.)
//
void
Authenticator_GlobalReset(
IN PADAPTER Adapter
)
{
PMGNT_INFO pMgntInfo = &Adapter->MgntInfo;
PRT_SECURITY_T pSecInfo = &(pMgntInfo->SecurityInfo);
PAUTH_GLOBAL_KEY_TAG pGlInfo = &(pMgntInfo->globalKeyInfo);
PRT_WLAN_STA pEntry;
int i;
u1Byte RdmBuf[20], NonceBuf[KEY_NONCE_LEN];
static u1Byte CAM_CONST_BROAD[] = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff};
AESCCMP_BLOCK blockKey;
//--- [AnnieWorkaround] See 11i D3.0 page91, GTK should be generated by PRF-X.
u1Byte TmpGTK[] = "12345678123456781234567812345678";
//---
RT_TRACE( COMP_AUTHENTICATOR, DBG_LOUD, ("===> Authenticator_GlobalReset()\n") );
if( !ACTING_AS_AP(Adapter) )
{
RT_TRACE( COMP_AUTHENTICATOR, DBG_LOUD, ("[Warning] current: STA mode, return."));
return;
}
pGlInfo->currentId = 0;
if(pSecInfo->SecLvl == RT_SEC_LVL_WPA)
pGlInfo->DescriptorType = desc_type_RSN;
else
pGlInfo->DescriptorType = desc_type_WPA2;
GetRandomBuffer( RdmBuf );
for( i=0; i<16; i++ )
{
NonceBuf[i] = RdmBuf[i];
NonceBuf[16+i] = RdmBuf[19-i];
}
NonceBuf[KEY_NONCE_LEN-1] = 0; //[AnnieWorkaround] Remove it if ANonce addition is ready. 2005-11-25.
RT_PRINT_DATA( COMP_AUTHENTICATOR, DBG_LOUD, "Authenticator_GlobalReset(): NonceBuf", NonceBuf, KEY_NONCE_LEN );
// 1. Install PMK
if( pGlInfo->PassphraseLen < 64 ){
PasswordHash(pGlInfo->Passphrase, pGlInfo->PassphraseLen,
pMgntInfo->Ssid.Octet, pMgntInfo->Ssid.Length, pGlInfo->PMK );
}
else
{
// Add for direct to set PMK 64-Hex mode...
if( pGlInfo->PassphraseLen == 64 )
PlatformMoveMemory(pGlInfo->PMK, pGlInfo->Passphrase , 32 );
}
// 2. Install GTK
//
// 2010/12/15 Neo Jou check in
// When in Linux AP mode, hostapd will set down GTK before Authenticator_GlobalReset()
// Thus for Linux AP mode case, we don't reset GTK here
//
PlatformZeroMemory( pGlInfo->GTK, GTK_LEN );
PlatformMoveMemory( pGlInfo->GTK, TmpGTK, GTK_LEN );
pGlInfo->TxMICKey = pGlInfo->GTK + GTK_MIC_TX_POS;
pGlInfo->RxMICKey = pGlInfo->GTK + GTK_MIC_RX_POS;
//AP WPA AES,CCW
PlatformMoveMemory( blockKey.x , pGlInfo->GTK , 16);
AES_SetKey(blockKey.x, AESCCMP_BLK_SIZE*8, (pu4Byte)pGlInfo->AESGTK);
//
pSecInfo->GroupTransmitKeyIdx = 1;
// 3. Install ANonce
// CopyMem( pGlInfo->ANonce, NonceBuf, KEY_NONCE_LEN );
PlatformMoveMemory(pGlInfo->ANonce, NonceBuf, KEY_NONCE_LEN );
// 4. Install GNonce
// CopyMem( pGlInfo->GNonce, NonceBuf, KEY_NONCE_LEN );
PlatformMoveMemory(pGlInfo->GNonce, NonceBuf, KEY_NONCE_LEN );
// 5. Reset KeyRSC
pGlInfo->KeyRSC = 0;
// 6. Reset time slot.
pGlInfo->CurrentTimeSlot = 0;
#if 1 //Addedby Jay 0713
pGlInfo->TimeSlot_IntegrityFail2 = 0;
#endif
// 7. IV
#if 1 //Added by Jay 0712 for security IV
pSecInfo->TxIV = DEFAULT_INIT_TX_IV;
#endif
pMgntInfo->bAPGlobRest = TRUE;
// Reset key information of each station.
for(i = 0; i < ASSOCIATE_ENTRY_NUM; i++)
{
pEntry = &(pMgntInfo->AsocEntry[i]);
Authenticator_StateINITIALIZE(Adapter, pEntry);
}
pMgntInfo->bAPGlobRest = FALSE;
//reset SWCamTabe and HWCamtable ,add by CCW
AP_ClearAllKey(Adapter);
if( (MgntActQuery_ApType(Adapter) == RT_AP_TYPE_NORMAL ||
MgntActQuery_ApType(Adapter) == RT_AP_TYPE_IBSS_EMULATED
|| MgntActQuery_ApType(Adapter) == RT_AP_TYPE_LINUX) &&
( pMgntInfo->NdisVersion < RT_NDIS_VERSION_6_20 ))
{
switch( pSecInfo->PairwiseEncAlgorithm )
{
case RT_ENC_ALG_TKIP:
AP_Setkey( Adapter ,
CAM_CONST_BROAD,
1, // Index entry
CAM_TKIP,
1, // Set Group Key
pGlInfo->GTK);
break;
case RT_ENC_ALG_AESCCMP:
AP_Setkey( Adapter ,
CAM_CONST_BROAD,
1, // Index entry
CAM_AES,
1, // Set Group Key
pGlInfo->GTK);
break;
case RT_ENC_ALG_WEP40:
case RT_ENC_ALG_WEP104:
{
static u1Byte CAM_CONST_ADDR[4][6] = {
{0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
{0x00, 0x00, 0x00, 0x00, 0x00, 0x01},
{0x00, 0x00, 0x00, 0x00, 0x00, 0x02},
{0x00, 0x00, 0x00, 0x00, 0x00, 0x03}};
u1Byte EncAlgo = ((pSecInfo->PairwiseEncAlgorithm == RT_ENC_ALG_WEP40) ? CAM_WEP40 : CAM_WEP104);
for(i = 0; i < 4; i++)
{
if(pSecInfo->KeyLen[i] > 0)
{
AP_Setkey(
Adapter ,
CAM_CONST_ADDR[i],
i, // Index entry
EncAlgo,
1,
pSecInfo->KeyBuf[i]);
}
}
}
break;
default:
break;
}
}
RT_TRACE( COMP_AUTHENTICATOR, DBG_LOUD, ("<=== Authenticator_GlobalReset()\n") );
}
PasswordHash AbstractUserDatabase::password(const User& user) const
{
LOG_ERROR(Require("password()", PASSWORDS).what());
return PasswordHash();
}
