void aes_hard_init_ECB(void) { unsigned char key[16]; TRACE_DEBUG("aes_hard_init_ECB\n\r"); // Activate peripheral clock #ifdef AT91C_ID_AES PMC_EnablePeripheral( AT91C_ID_AES ); #elif AT91C_ID_AESTDES PMC_EnablePeripheral( AT91C_ID_AESTDES ); #elif AT91C_ID_TDES PMC_EnablePeripheral( AT91C_ID_TDES ); #else #error AES undefined #endif // Load mode //AES_Configure(AT91C_AES_CIPHER, AT91C_AES_SMOD_MANUAL, AT91C_AES_OPMOD_ECB); AT91C_BASE_AES->AES_MR = AT91C_AES_SMOD_PDC | AT91C_AES_OPMOD_ECB; // Convert and load key ASCII2Hex((unsigned char*)ENCRYPTION_KEY, key, ENCRYPTION_KEY_LENGTH); AES_SetKey((unsigned int*)key); }
void aes_hard_init_ECB(void) { unsigned char key[ENCRYPTION_KEY_LENGTH]; TRACE_DEBUG("aes_hard_init_ECB\n\r"); // Activate peripheral clock #ifdef AT91C_ID_AES PMC_EnablePeripheral( AT91C_ID_AES ); #elif AT91C_ID_AESTDES PMC_EnablePeripheral( AT91C_ID_AESTDES ); #elif AT91C_ID_TDES PMC_EnablePeripheral( AT91C_ID_TDES ); #else #error AES undefined #endif // Load mode AT91C_BASE_AES->AES_MR = AT91C_AES_SMOD_PDC // PDC Mode #if (ENCRYPTION_KEY_LENGTH == 32) | AT91C_AES_KEYSIZE_256_BIT #endif #if (ENCRYPTION_KEY_LENGTH == 24) | AT91C_AES_KEYSIZE_192_BIT #endif | AT91C_AES_OPMOD_ECB; // ECB Electronic CodeBook mode // Convert and load key ASCII2Hex((unsigned char*)ENCRYPTION_KEY, key, ENCRYPTION_KEY_LENGTH); AES_SetKey((unsigned int*)key, ENCRYPTION_KEY_LENGTH); }
void aes_hard_init_CTR(void) { unsigned char key[16]; unsigned char IV[16]; TRACE_DEBUG("aes_hard_init_CTR\n\r"); // Activate peripheral clock #ifdef AT91C_ID_AES PMC_EnablePeripheral( AT91C_ID_AES ); #elif AT91C_ID_AESTDES PMC_EnablePeripheral( AT91C_ID_AESTDES ); #elif AT91C_ID_TDES PMC_EnablePeripheral( AT91C_ID_TDES ); #else #error AES undefined #endif // Load mode AT91C_BASE_AES->AES_MR = AT91C_AES_SMOD_PDC | AT91C_AES_OPMOD_CTR; // Convert and load key ASCII2Hex((unsigned char*)ENCRYPTION_KEY, key, ENCRYPTION_KEY_LENGTH); AES_SetKey((unsigned int*)key); // Convert and load IV ASCII2Hex((unsigned char*)ENCRYPTION_IV, IV, ENCRYPTION_BLOCK_LENGTH); AES_SetVector((unsigned int*)IV); }
void aes_hard_init(void) { unsigned char key[16]; #if defined(ENCRYPTION_CTR) || defined(ENCRYPTION_CBC) unsigned char IV[16]; #endif TRACE_DEBUG("AES/HARD: Initializing ...\n\r"); // Activate peripheral clock #ifdef AT91C_ID_AES PMC_EnablePeripheral( AT91C_ID_AES ); #elif AT91C_ID_AESTDES PMC_EnablePeripheral( AT91C_ID_AESTDES ); #elif AT91C_ID_TDES PMC_EnablePeripheral( AT91C_ID_TDES ); #else #error AES undefined #endif // Load mode #if defined(ENCRYPTION_ECB) //AES_Configure(AT91C_AES_CIPHER, AT91C_AES_SMOD_PDC, AT91C_AES_OPMOD_ECB); AT91C_BASE_AES->AES_MR = AT91C_AES_SMOD_PDC | AT91C_AES_OPMOD_ECB; #elif defined(ENCRYPTION_CBC) AT91C_BASE_AES->AES_MR = AT91C_AES_SMOD_PDC | AT91C_AES_OPMOD_CBC; #elif defined(ENCRYPTION_CTR) AT91C_BASE_AES->AES_MR = AT91C_AES_SMOD_PDC | AT91C_AES_OPMOD_CTR; #endif // Convert and load key ASCII2Hex((unsigned char*)ENCRYPTION_KEY, key, ENCRYPTION_KEY_LENGTH); AES_SetKey((unsigned int*)key); // Convert and load IV #if defined(ENCRYPTION_CTR) || defined(ENCRYPTION_CBC) ASCII2Hex((unsigned char*)ENCRYPTION_IV, IV, ENCRYPTION_BLOCK_LENGTH); AES_SetVector((unsigned int*)IV); #endif TRACE_DEBUG("AES/HARD: Initialization done.\n\r"); }
void aes_hard_init_CBC(void) { unsigned char key[ENCRYPTION_KEY_LENGTH]; unsigned char IV[ENCRYPTION_BLOCK_LENGTH]; TRACE_DEBUG("aes_hard_init_CBC\n\r"); // Activate peripheral clock #ifdef AT91C_ID_AES PMC_EnablePeripheral( AT91C_ID_AES ); #elif AT91C_ID_AESTDES PMC_EnablePeripheral( AT91C_ID_AESTDES ); #elif AT91C_ID_TDES PMC_EnablePeripheral( AT91C_ID_TDES ); #else #error AES undefined #endif // Load mode AT91C_BASE_AES->AES_MR = AT91C_AES_SMOD_PDC // PDC Mode #if (ENCRYPTION_KEY_LENGTH == 32) | AT91C_AES_KEYSIZE_256_BIT #endif #if (ENCRYPTION_KEY_LENGTH == 24) | AT91C_AES_KEYSIZE_192_BIT #endif | AT91C_AES_OPMOD_CBC; // Cipher Block Chaining mode // Convert and load key ASCII2Hex((unsigned char*)ENCRYPTION_KEY, key, ENCRYPTION_KEY_LENGTH); AES_SetKey((unsigned int*)key, ENCRYPTION_KEY_LENGTH); // Convert and load IV ASCII2Hex((unsigned char*)ENCRYPTION_IV, IV, ENCRYPTION_BLOCK_LENGTH); AES_SetVector((unsigned int*)IV); }
u32 AES_crypt(AES_CTX *ctx, u32 *in_buf, u32 *out_buf, u32 size) { u32 j; if(!size || size>AES_BUFFERSIZE_MAX) return 1; if(ctx->update) { if(ctx->update & 0b00000001) // Normal key { AES_SetControl(ctx->key[12]); // Endianess & word order AES_SetKeyControl(ctx->keyslot); AES_SetNormalKey(ctx->key); AES_SetKey(ctx->keyslot); } if(ctx->update & 0b00000010) // TWL key { AES_SetControl(ctx->key[12]); // Endianess & word order AES_SetKeyControl(ctx->keyslot); AES_SetTWLKey(ctx->key, ctx->keyslot); AES_SetKey(ctx->keyslot); } if(ctx->update & 0b00001100) // KeyY { AES_SetKeyControl(ctx->keyslot); if(ctx->update & 0b00000100) // Use key { AES_SetControl(ctx->key[12]); // Endianess & word order AES_SetKeyY(ctx->key); } else if(ctx->update & 0b00001000) // Use key2 { AES_SetControl(ctx->key2[4]); // Endianess & word order AES_SetKeyY(ctx->key2); } AES_SetKey(ctx->keyslot); } if(ctx->update & 0b00110000) // KeyX { AES_SetKeyControl(ctx->keyslot); if(ctx->update & 0b00010000) // Use key { AES_SetControl(ctx->key[12]); // Endianess & word order AES_SetKeyX(ctx->key); } else if(ctx->update & 0b00100000) // Use key2 { AES_SetControl(ctx->key2[4]); // Endianess & word order AES_SetKeyX(ctx->key2); } AES_SetKey(ctx->keyslot); } if(ctx->update & 0b01000000) AES_SetKey(ctx->keyslot); if(ctx->update & 0b01111101) AES_SetControl(AES_UPDATE_KEYSLOT); } if(((ctx->params>>27)&7)<2) { AES_SetControl(ctx->CTR_IV_Nonce[4]); // Endianess & word order AES_SetNonce(ctx->CTR_IV_Nonce); } else {
// Description: // Output: // Modify: void Authenticator_StatePTKINITDONE( IN PADAPTER Adapter, IN PRT_WLAN_STA pSTA ) { PAUTH_PKEY_MGNT_TAG pKeyMgnt = &pSTA->perSTAKeyInfo; RT_TRACE( COMP_AUTHENTICATOR, DBG_LOUD, ("===> Authenticator_StatePTKINITDONE()\n") ); // TODO: SetKey to CAM if( !ACTING_AS_AP(Adapter)) { RT_TRACE( COMP_AUTHENTICATOR, DBG_LOUD, ("[Warning] current: STA mode, return.")); return; } pSTA->perSTAKeyInfo.PrState = ASMPS_PTKINITDONE; // TODO: Check SetKey completed, these lines were moved from Authenticator_OnEAPOLKeyRecvd() by Jay if (pSTA->perSTAKeyInfo.Pair) { u4Byte ucIndex = 0; CopyMem(pSTA->perSTAKeyInfo.PTK, pSTA->perSTAKeyInfo.PTK_update, PTK_LEN); // Added by Annie, 2005-07-12. if( Adapter->MgntInfo.SecurityInfo.PairwiseEncAlgorithm != RT_ENC_ALG_AESCCMP ) { pSTA->perSTAKeyInfo.TempEncKey = pKeyMgnt->PTK+TKIP_ENC_KEY_POS; pSTA->perSTAKeyInfo.TxMICKey = pKeyMgnt->PTK+(TKIP_MIC_KEY_POS); pSTA->perSTAKeyInfo.RxMICKey = pKeyMgnt->PTK+(TKIP_MIC_KEY_POS+TKIP_MIC_KEY_LEN); //Add for AP mode HW enc,by CCW ucIndex = AP_FindFreeEntry(Adapter , pSTA->MacAddr ); if(ucIndex == Adapter->TotalCamEntry) { RT_TRACE( COMP_AUTHENTICATOR, DBG_LOUD, ("[Warning] Authenticator_StatePTKINITDONE: Cam Entry is FULL!!!\n")); return; } //set key AP_Setkey( Adapter , pSTA->perSTAKeyInfo.pWLanSTA->MacAddr, ucIndex, // Entey index CAM_TKIP, 0, // Parise key pSTA->perSTAKeyInfo.TempEncKey); pSTA->keyindex = ucIndex; }else{ // AES mode AP-WPA AES,CCW AESCCMP_BLOCK blockKey; //RT_TRACE( COMP_WPAAES, DBG_LOUD, ("====> Set Station Key.")); //Add for AP mode HW enc,by CCW ucIndex = AP_FindFreeEntry(Adapter , pSTA->MacAddr); if(ucIndex == Adapter->TotalCamEntry) { RT_TRACE( COMP_AUTHENTICATOR, DBG_LOUD, ("[Warning] Authenticator_StatePTKINITDONE: Cam Entry is FULL!!!\n")); return; } //Set Key PlatformMoveMemory( blockKey.x , pKeyMgnt->PTK+TKIP_ENC_KEY_POS , 16); AES_SetKey(blockKey.x, AESCCMP_BLK_SIZE*8, (pu4Byte)pSTA->perSTAKeyInfo.AESKeyBuf); //set hw key AP_Setkey( Adapter , pSTA->perSTAKeyInfo.pWLanSTA->MacAddr, ucIndex, // Entey index CAM_AES, 0, // Parise key pSTA->perSTAKeyInfo.PTK+TKIP_ENC_KEY_POS); pSTA->keyindex = ucIndex; } } //pSTA->perSTAKeyInfo.bPTKInstalled = TRUE; pSTA->perSTAKeyInfo.GInitAKeys = TRUE; pSTA->perSTAKeyInfo.PInitAKeys = TRUE; // Begin 2-way handshake if( Adapter->MgntInfo.SecurityInfo.SecLvl == RT_SEC_LVL_WPA ) Authenticator_StateREKEYNEGOTIATING(Adapter, pSTA); // To do 2-way if( Adapter->MgntInfo.SecurityInfo.SecLvl == RT_SEC_LVL_WPA2 ) { Authenticator_StateREKEYESTABLISHED(Adapter, pSTA); // No to do 2-way pKeyMgnt->TimeoutCtr = 0; } RT_TRACE( COMP_AUTHENTICATOR, DBG_LOUD, ("<=== Authenticator_StatePTKINITDONE()\n") ); }
// Description: Initialize the global key data in Authenticator. // Output: void // Modify: Annie, 2005-07-02 // I check the data struct again, and discard using pMgntInfo->globalKeyInfo.groupKeyInfo. // Now Global/group key data (PMK, GTK, ANonce): all kept in pMgntInfo->globalKeyInfo. // global key state: recorded in pEntry->perSTAKeyInfo.GrState. (I think it should be kept in per station.) // void Authenticator_GlobalReset( IN PADAPTER Adapter ) { PMGNT_INFO pMgntInfo = &Adapter->MgntInfo; PRT_SECURITY_T pSecInfo = &(pMgntInfo->SecurityInfo); PAUTH_GLOBAL_KEY_TAG pGlInfo = &(pMgntInfo->globalKeyInfo); PRT_WLAN_STA pEntry; int i; u1Byte RdmBuf[20], NonceBuf[KEY_NONCE_LEN]; static u1Byte CAM_CONST_BROAD[] = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff}; AESCCMP_BLOCK blockKey; //--- [AnnieWorkaround] See 11i D3.0 page91, GTK should be generated by PRF-X. u1Byte TmpGTK[] = "12345678123456781234567812345678"; //--- RT_TRACE( COMP_AUTHENTICATOR, DBG_LOUD, ("===> Authenticator_GlobalReset()\n") ); if( !ACTING_AS_AP(Adapter) ) { RT_TRACE( COMP_AUTHENTICATOR, DBG_LOUD, ("[Warning] current: STA mode, return.")); return; } pGlInfo->currentId = 0; if(pSecInfo->SecLvl == RT_SEC_LVL_WPA) pGlInfo->DescriptorType = desc_type_RSN; else pGlInfo->DescriptorType = desc_type_WPA2; GetRandomBuffer( RdmBuf ); for( i=0; i<16; i++ ) { NonceBuf[i] = RdmBuf[i]; NonceBuf[16+i] = RdmBuf[19-i]; } NonceBuf[KEY_NONCE_LEN-1] = 0; //[AnnieWorkaround] Remove it if ANonce addition is ready. 2005-11-25. RT_PRINT_DATA( COMP_AUTHENTICATOR, DBG_LOUD, "Authenticator_GlobalReset(): NonceBuf", NonceBuf, KEY_NONCE_LEN ); // 1. Install PMK if( pGlInfo->PassphraseLen < 64 ){ PasswordHash(pGlInfo->Passphrase, pGlInfo->PassphraseLen, pMgntInfo->Ssid.Octet, pMgntInfo->Ssid.Length, pGlInfo->PMK ); } else { // Add for direct to set PMK 64-Hex mode... if( pGlInfo->PassphraseLen == 64 ) PlatformMoveMemory(pGlInfo->PMK, pGlInfo->Passphrase , 32 ); } // 2. Install GTK // // 2010/12/15 Neo Jou check in // When in Linux AP mode, hostapd will set down GTK before Authenticator_GlobalReset() // Thus for Linux AP mode case, we don't reset GTK here // PlatformZeroMemory( pGlInfo->GTK, GTK_LEN ); PlatformMoveMemory( pGlInfo->GTK, TmpGTK, GTK_LEN ); pGlInfo->TxMICKey = pGlInfo->GTK + GTK_MIC_TX_POS; pGlInfo->RxMICKey = pGlInfo->GTK + GTK_MIC_RX_POS; //AP WPA AES,CCW PlatformMoveMemory( blockKey.x , pGlInfo->GTK , 16); AES_SetKey(blockKey.x, AESCCMP_BLK_SIZE*8, (pu4Byte)pGlInfo->AESGTK); // pSecInfo->GroupTransmitKeyIdx = 1; // 3. Install ANonce // CopyMem( pGlInfo->ANonce, NonceBuf, KEY_NONCE_LEN ); PlatformMoveMemory(pGlInfo->ANonce, NonceBuf, KEY_NONCE_LEN ); // 4. Install GNonce // CopyMem( pGlInfo->GNonce, NonceBuf, KEY_NONCE_LEN ); PlatformMoveMemory(pGlInfo->GNonce, NonceBuf, KEY_NONCE_LEN ); // 5. Reset KeyRSC pGlInfo->KeyRSC = 0; // 6. Reset time slot. pGlInfo->CurrentTimeSlot = 0; #if 1 //Addedby Jay 0713 pGlInfo->TimeSlot_IntegrityFail2 = 0; #endif // 7. IV #if 1 //Added by Jay 0712 for security IV pSecInfo->TxIV = DEFAULT_INIT_TX_IV; #endif pMgntInfo->bAPGlobRest = TRUE; // Reset key information of each station. for(i = 0; i < ASSOCIATE_ENTRY_NUM; i++) { pEntry = &(pMgntInfo->AsocEntry[i]); Authenticator_StateINITIALIZE(Adapter, pEntry); } pMgntInfo->bAPGlobRest = FALSE; //reset SWCamTabe and HWCamtable ,add by CCW AP_ClearAllKey(Adapter); if( (MgntActQuery_ApType(Adapter) == RT_AP_TYPE_NORMAL || MgntActQuery_ApType(Adapter) == RT_AP_TYPE_IBSS_EMULATED || MgntActQuery_ApType(Adapter) == RT_AP_TYPE_LINUX) && ( pMgntInfo->NdisVersion < RT_NDIS_VERSION_6_20 )) { switch( pSecInfo->PairwiseEncAlgorithm ) { case RT_ENC_ALG_TKIP: AP_Setkey( Adapter , CAM_CONST_BROAD, 1, // Index entry CAM_TKIP, 1, // Set Group Key pGlInfo->GTK); break; case RT_ENC_ALG_AESCCMP: AP_Setkey( Adapter , CAM_CONST_BROAD, 1, // Index entry CAM_AES, 1, // Set Group Key pGlInfo->GTK); break; case RT_ENC_ALG_WEP40: case RT_ENC_ALG_WEP104: { static u1Byte CAM_CONST_ADDR[4][6] = { {0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, {0x00, 0x00, 0x00, 0x00, 0x00, 0x01}, {0x00, 0x00, 0x00, 0x00, 0x00, 0x02}, {0x00, 0x00, 0x00, 0x00, 0x00, 0x03}}; u1Byte EncAlgo = ((pSecInfo->PairwiseEncAlgorithm == RT_ENC_ALG_WEP40) ? CAM_WEP40 : CAM_WEP104); for(i = 0; i < 4; i++) { if(pSecInfo->KeyLen[i] > 0) { AP_Setkey( Adapter , CAM_CONST_ADDR[i], i, // Index entry EncAlgo, 1, pSecInfo->KeyBuf[i]); } } } break; default: break; } } RT_TRACE( COMP_AUTHENTICATOR, DBG_LOUD, ("<=== Authenticator_GlobalReset()\n") ); }
int _tmain(int argc, _TCHAR* argv[]) { int i; // The array temp stores the key. // The array temp1 stores the plaintext. unsigned char Key[16] = {0x00 ,0x01 ,0x02 ,0x03 ,0x04 ,0x05 ,0x06 ,0x07 ,0x08 ,0x09 ,0x0a ,0x0b ,0x0c ,0x0d ,0x0e ,0x0f}; unsigned char temp1[16]= {0x00 ,0x11 ,0x22 ,0x33 ,0x44 ,0x55 ,0x66 ,0x77 ,0x88 ,0x99 ,0xaa ,0xbb ,0xcc ,0xdd ,0xee ,0xff}; unsigned char temp2[32]= {0x00 ,0x11 ,0x22 ,0x33 ,0x44 ,0x55 ,0x66 ,0x77 ,0x88 ,0x99 ,0xaa ,0xbb ,0xcc ,0xdd ,0xee ,0xff, 0x00 ,0x11 ,0x22 ,0x33 ,0x44 ,0x55 ,0x66 ,0x77 ,0x88 ,0x99 ,0xaa ,0xbb ,0xcc ,0xdd ,0xee ,0xff}; unsigned char temp3[32]; // The KeyExpansion routine must be called before encryption. AES_SetKey(Key); AES_SetIV(Key); // The next function call encrypts the PlainText with the Key using AES algorithm. AES_Encrypt(temp1, 16, temp1, 16); // Output the encrypted text. printf("\nText after encryption:\n"); for (i = 0; i < sizeof(temp1); i++) { printf("%02x ", temp1[i]); } printf("\n\n"); AES_Decrypt(temp1, temp1, 16); // Output the decrypted text. printf("\nText after decryption:\n"); for (i = 0; i < sizeof(temp1); i++) { printf("%02x ", temp1[i]); } printf("\n\n"); AES_Encrypt(temp2, 32, temp2, 32, CBC); printf("\nText after encryption:\n"); for (i = 0; i < sizeof(temp2); i++) { printf("%02x ", temp2[i]); } printf("\n\n"); AES_Decrypt(temp2, temp2, 32, CBC); printf("\nText after decryption:\n"); for (i = 0; i < sizeof(temp2); i++) { printf("%02x ", temp2[i]); } printf("\n\n"); AES_Encrypt(temp2, 16, temp3, 32, false, CFB); AES_Encrypt(temp2 + 16, 16, temp3 + 16, 16, true, CFB); printf("\nText after encryption:\n"); for (i = 0; i < sizeof(temp3); i++) { printf("%02x ", temp3[i]); } printf("\n\n"); AES_Decrypt(temp3, temp3, 32, false, CFB); printf("\nText after decryption:\n"); for (i = 0; i < sizeof(temp2); i++) { printf("%02x ", temp2[i]); } printf("\n\n"); AES_Encrypt(temp2, 24, temp3, 32, false, CFB); printf("\nText after encryption:\n"); for (i = 0; i < sizeof(temp3); i++) { printf("%02x ", temp3[i]); } printf("\n\n"); AES_Decrypt(temp3, temp2, 32, false, CFB); printf("\nText after decryption:\n"); for (i = 0; i < sizeof(temp2); i++) { printf("%02x ", temp2[i]); } printf("\n\n"); return 0; }