/* ========================================================================== Description: Set WPA PSK key Arguments: pAdapter Pointer to our adapter keyString WPA pre-shared key string pHashStr String used for password hash function hashStrLen Lenght of the hash string pPMKBuf Output buffer of WPAPSK key Return: TRUE if all parameters are OK, FALSE otherwise ========================================================================== */ INT RT_CfgSetWPAPSKKey( IN RTMP_ADAPTER *pAd, IN PSTRING keyString, IN UCHAR *pHashStr, IN INT hashStrLen, OUT PUCHAR pPMKBuf) { int keyLen; UCHAR keyMaterial[40]; keyLen = strlen(keyString); if ((keyLen < 8) || (keyLen > 64)) { DBGPRINT(RT_DEBUG_TRACE, ("WPAPSK Key length(%d) error, required 8 ~ 64 characters!(keyStr=%s)\n", keyLen, keyString)); return FALSE; } memset(pPMKBuf, 0, 32); if (keyLen == 64) { AtoH(keyString, pPMKBuf, 32); } else { PasswordHash(keyString, pHashStr, hashStrLen, keyMaterial); NdisMoveMemory(pPMKBuf, keyMaterial, 32); } return TRUE; }
/* ========================================================================== Description: Set WPA PSK key Arguments: pAdapter Pointer to our adapter keyString WPA pre-shared key string pHashStr String used for password hash function hashStrLen Lenght of the hash string pPMKBuf Output buffer of WPAPSK key Return: TRUE if all parameters are OK, FALSE otherwise ========================================================================== */ int RT_CfgSetWPAPSKKey(struct rt_rtmp_adapter *pAd, char *keyString, u8 * pHashStr, int hashStrLen, u8 *pPMKBuf) { int keyLen; u8 keyMaterial[40]; keyLen = strlen(keyString); if ((keyLen < 8) || (keyLen > 64)) { DBGPRINT(RT_DEBUG_TRACE, ("WPAPSK Key length(%d) error, required 8 ~ 64 characters!(keyStr=%s)\n", keyLen, keyString)); return FALSE; } memset(pPMKBuf, 0, 32); if (keyLen == 64) { AtoH(keyString, pPMKBuf, 32); } else { PasswordHash(keyString, pHashStr, hashStrLen, keyMaterial); NdisMoveMemory(pPMKBuf, keyMaterial, 32); } return TRUE; }
// Description: Initialize the global key data in Authenticator. // Output: void // Modify: Annie, 2005-07-02 // I check the data struct again, and discard using pMgntInfo->globalKeyInfo.groupKeyInfo. // Now Global/group key data (PMK, GTK, ANonce): all kept in pMgntInfo->globalKeyInfo. // global key state: recorded in pEntry->perSTAKeyInfo.GrState. (I think it should be kept in per station.) // void Authenticator_GlobalReset( IN PADAPTER Adapter ) { PMGNT_INFO pMgntInfo = &Adapter->MgntInfo; PRT_SECURITY_T pSecInfo = &(pMgntInfo->SecurityInfo); PAUTH_GLOBAL_KEY_TAG pGlInfo = &(pMgntInfo->globalKeyInfo); PRT_WLAN_STA pEntry; int i; u1Byte RdmBuf[20], NonceBuf[KEY_NONCE_LEN]; static u1Byte CAM_CONST_BROAD[] = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff}; AESCCMP_BLOCK blockKey; //--- [AnnieWorkaround] See 11i D3.0 page91, GTK should be generated by PRF-X. u1Byte TmpGTK[] = "12345678123456781234567812345678"; //--- RT_TRACE( COMP_AUTHENTICATOR, DBG_LOUD, ("===> Authenticator_GlobalReset()\n") ); if( !ACTING_AS_AP(Adapter) ) { RT_TRACE( COMP_AUTHENTICATOR, DBG_LOUD, ("[Warning] current: STA mode, return.")); return; } pGlInfo->currentId = 0; if(pSecInfo->SecLvl == RT_SEC_LVL_WPA) pGlInfo->DescriptorType = desc_type_RSN; else pGlInfo->DescriptorType = desc_type_WPA2; GetRandomBuffer( RdmBuf ); for( i=0; i<16; i++ ) { NonceBuf[i] = RdmBuf[i]; NonceBuf[16+i] = RdmBuf[19-i]; } NonceBuf[KEY_NONCE_LEN-1] = 0; //[AnnieWorkaround] Remove it if ANonce addition is ready. 2005-11-25. RT_PRINT_DATA( COMP_AUTHENTICATOR, DBG_LOUD, "Authenticator_GlobalReset(): NonceBuf", NonceBuf, KEY_NONCE_LEN ); // 1. Install PMK if( pGlInfo->PassphraseLen < 64 ){ PasswordHash(pGlInfo->Passphrase, pGlInfo->PassphraseLen, pMgntInfo->Ssid.Octet, pMgntInfo->Ssid.Length, pGlInfo->PMK ); } else { // Add for direct to set PMK 64-Hex mode... if( pGlInfo->PassphraseLen == 64 ) PlatformMoveMemory(pGlInfo->PMK, pGlInfo->Passphrase , 32 ); } // 2. Install GTK // // 2010/12/15 Neo Jou check in // When in Linux AP mode, hostapd will set down GTK before Authenticator_GlobalReset() // Thus for Linux AP mode case, we don't reset GTK here // PlatformZeroMemory( pGlInfo->GTK, GTK_LEN ); PlatformMoveMemory( pGlInfo->GTK, TmpGTK, GTK_LEN ); pGlInfo->TxMICKey = pGlInfo->GTK + GTK_MIC_TX_POS; pGlInfo->RxMICKey = pGlInfo->GTK + GTK_MIC_RX_POS; //AP WPA AES,CCW PlatformMoveMemory( blockKey.x , pGlInfo->GTK , 16); AES_SetKey(blockKey.x, AESCCMP_BLK_SIZE*8, (pu4Byte)pGlInfo->AESGTK); // pSecInfo->GroupTransmitKeyIdx = 1; // 3. Install ANonce // CopyMem( pGlInfo->ANonce, NonceBuf, KEY_NONCE_LEN ); PlatformMoveMemory(pGlInfo->ANonce, NonceBuf, KEY_NONCE_LEN ); // 4. Install GNonce // CopyMem( pGlInfo->GNonce, NonceBuf, KEY_NONCE_LEN ); PlatformMoveMemory(pGlInfo->GNonce, NonceBuf, KEY_NONCE_LEN ); // 5. Reset KeyRSC pGlInfo->KeyRSC = 0; // 6. Reset time slot. pGlInfo->CurrentTimeSlot = 0; #if 1 //Addedby Jay 0713 pGlInfo->TimeSlot_IntegrityFail2 = 0; #endif // 7. IV #if 1 //Added by Jay 0712 for security IV pSecInfo->TxIV = DEFAULT_INIT_TX_IV; #endif pMgntInfo->bAPGlobRest = TRUE; // Reset key information of each station. for(i = 0; i < ASSOCIATE_ENTRY_NUM; i++) { pEntry = &(pMgntInfo->AsocEntry[i]); Authenticator_StateINITIALIZE(Adapter, pEntry); } pMgntInfo->bAPGlobRest = FALSE; //reset SWCamTabe and HWCamtable ,add by CCW AP_ClearAllKey(Adapter); if( (MgntActQuery_ApType(Adapter) == RT_AP_TYPE_NORMAL || MgntActQuery_ApType(Adapter) == RT_AP_TYPE_IBSS_EMULATED || MgntActQuery_ApType(Adapter) == RT_AP_TYPE_LINUX) && ( pMgntInfo->NdisVersion < RT_NDIS_VERSION_6_20 )) { switch( pSecInfo->PairwiseEncAlgorithm ) { case RT_ENC_ALG_TKIP: AP_Setkey( Adapter , CAM_CONST_BROAD, 1, // Index entry CAM_TKIP, 1, // Set Group Key pGlInfo->GTK); break; case RT_ENC_ALG_AESCCMP: AP_Setkey( Adapter , CAM_CONST_BROAD, 1, // Index entry CAM_AES, 1, // Set Group Key pGlInfo->GTK); break; case RT_ENC_ALG_WEP40: case RT_ENC_ALG_WEP104: { static u1Byte CAM_CONST_ADDR[4][6] = { {0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, {0x00, 0x00, 0x00, 0x00, 0x00, 0x01}, {0x00, 0x00, 0x00, 0x00, 0x00, 0x02}, {0x00, 0x00, 0x00, 0x00, 0x00, 0x03}}; u1Byte EncAlgo = ((pSecInfo->PairwiseEncAlgorithm == RT_ENC_ALG_WEP40) ? CAM_WEP40 : CAM_WEP104); for(i = 0; i < 4; i++) { if(pSecInfo->KeyLen[i] > 0) { AP_Setkey( Adapter , CAM_CONST_ADDR[i], i, // Index entry EncAlgo, 1, pSecInfo->KeyBuf[i]); } } } break; default: break; } } RT_TRACE( COMP_AUTHENTICATOR, DBG_LOUD, ("<=== Authenticator_GlobalReset()\n") ); }
PasswordHash AbstractUserDatabase::password(const User& user) const { LOG_ERROR(Require("password()", PASSWORDS).what()); return PasswordHash(); }