/*****************************************************************************
函 数 名 : hmac_protection_lsigtxop_check
功能描述 : 查询是否可以使用lsigtxop保护
输入参数 : pst_mac_vap : mac vap结构体指针
输出参数 : 无
返 回 值 : oal_bool_enum : 0: 不可以使用lsig txop保护
1: 可以使用lsig txop保护
调用函数 :
被调函数 :
修改历史 :
1.日 期 : 2014年4月18日
作 者 : c00260463
修改内容 : 新生成函数
*****************************************************************************/
OAL_STATIC oal_bool_enum hmac_protection_lsigtxop_check(mac_vap_stru *pst_mac_vap)
{
mac_user_stru *pst_mac_user;
/*如果不是11n站点,则不支持lsigtxop保护*/
if ((WLAN_HT_MODE != pst_mac_vap->en_protocol)
&& (WLAN_HT_ONLY_MODE != pst_mac_vap->en_protocol)
&& (WLAN_HT_11G_MODE != pst_mac_vap->en_protocol))
{
return OAL_FALSE;
}
if (WLAN_VAP_MODE_BSS_STA == pst_mac_vap->en_vap_mode)
{
pst_mac_user = (mac_user_stru *)mac_res_get_mac_user(pst_mac_vap->uc_assoc_vap_id); /*user保存的是AP的信息*/
if (OAL_PTR_NULL == pst_mac_user)
{
return OAL_FALSE;
}
}
/*lint -e644*/
/*BSS 中所有站点都支持Lsig txop protection, 则使用Lsig txop protection机制,开销小, AP和STA采用不同的判断*/
if (((WLAN_VAP_MODE_BSS_AP == pst_mac_vap->en_vap_mode) && (OAL_TRUE == mac_mib_get_LsigTxopFullProtectionActivated(pst_mac_vap)))
||((WLAN_VAP_MODE_BSS_STA == pst_mac_vap->en_vap_mode) && (OAL_TRUE == pst_mac_user->st_ht_hdl.bit_lsig_txop_protection_full_support)))
{
return OAL_TRUE;
}
else
{
return OAL_FALSE;
}
/*lint +e644*/
}
OAL_STATIC oal_uint32 dmac_bip_decrypto(dmac_vap_stru *pst_dmac_vap, oal_netbuf_stru *pst_netbuf)
{
wlan_priv_key_param_stru *pst_pmf_igtk;
mac_user_stru *pst_multi_user;
oal_uint8 uc_pmf_igtk_keyid = 0xff;
wlan_mib_Dot11RSNAStatsEntry_stru *pst_mib_rsna_status;
dmac_rx_ctl_stru *pst_rx_ctl;
oal_uint32 ul_relt;
wlan_pmf_cap_status_uint8 en_pmf_cap;
if (OAL_TRUE != dmac_11w_check_multicast_mgmt(pst_netbuf))
{
return OAL_SUCC;
}
/* 获取帧头信息 */
pst_rx_ctl = (dmac_rx_ctl_stru *)oal_netbuf_cb(pst_netbuf);
/* 获取包含 重放 & CMAC解密失败 的统计mib指针 */
pst_mib_rsna_status = (pst_dmac_vap->st_vap_base_info.pst_mib_info->ast_wlan_mib_rsna_status) + (pst_rx_ctl->st_rx_info.us_ta_user_idx);
/* 判断vap的pmf能力 */
ul_relt = dmac_11w_get_pmf_cap(&pst_dmac_vap->st_vap_base_info,&en_pmf_cap);
if (OAL_SUCC != ul_relt)
{
return OAL_FAIL;
}
pst_multi_user = mac_res_get_mac_user(pst_dmac_vap->st_vap_base_info.us_multi_user_idx);
if (OAL_PTR_NULL == pst_multi_user)
{
return OAL_PTR_NULL;
}
/* 强健组播管理帧解密 */
if ((WLAN_VAP_MODE_BSS_STA == pst_dmac_vap->st_vap_base_info.en_vap_mode) &&
(OAL_TRUE == dmac_11w_check_vap_pmf_cap(pst_dmac_vap,en_pmf_cap)))
{
/* 获取igtk信息 */
uc_pmf_igtk_keyid = pst_multi_user->st_key_info.uc_igtk_key_index;
pst_pmf_igtk = &(pst_multi_user->st_key_info.ast_key[uc_pmf_igtk_keyid]);
/* 管理帧解密 */
ul_relt = oal_crypto_bip_demic(uc_pmf_igtk_keyid,
pst_pmf_igtk->auc_key,
pst_pmf_igtk->auc_seq,
pst_netbuf,
&pst_mib_rsna_status->ul_dot11RSNAStatsCMACReplays,
&pst_mib_rsna_status->ul_dot11RSNAStatsCMACICVErrors);
if(OAL_SUCC != ul_relt)
{
OAM_ERROR_LOG1(pst_dmac_vap->st_vap_base_info.uc_vap_id, OAM_SF_PMF, "{dmac_bip_decrypto::oal_crypto_bip_demic failed[%d].}", ul_relt);
return OAL_ERR_CODE_PMF_BIP_DECRIPTO_FAIL;
}
}
return OAL_SUCC;
}
oal_uint32 dmac_bip_crypto(dmac_vap_stru *pst_dmac_vap,
oal_netbuf_stru *pst_netbuf_mgmt,
wlan_security_txop_params_stru *pst_security,
oal_uint16 *pus_len)
{
#if(_PRE_WLAN_FEATURE_PMF == _PRE_PMF_HW_CCMP_SW_BIP)
wlan_priv_key_param_stru *pst_pmf_igtk;
#endif
mac_user_stru *pst_multi_user;
oal_uint8 uc_pmf_igtk_keyid;
oal_uint32 ul_relt;
wlan_pmf_cap_status_uint8 en_pmf_cap;
/* 判断vap的pmf能力 */
ul_relt = dmac_11w_get_pmf_cap(&pst_dmac_vap->st_vap_base_info,&en_pmf_cap);
if (OAL_SUCC != ul_relt)
{
return OAL_ERR_CODE_PMF_VAP_CAP_FAIL;
}
pst_multi_user = mac_res_get_mac_user(pst_dmac_vap->st_vap_base_info.us_multi_user_idx);
if (OAL_PTR_NULL == pst_multi_user)
{
return OAL_PTR_NULL;
}
/* 判断是否需要加密的组播/广播 强健管理帧 */
if ((OAL_TRUE == dmac_11w_check_multicast_mgmt(pst_netbuf_mgmt)) &&
(OAL_TRUE == dmac_11w_check_vap_pmf_cap(pst_dmac_vap,en_pmf_cap)))
{
uc_pmf_igtk_keyid = pst_multi_user->st_key_info.uc_igtk_key_index;
oal_netbuf_set_len(pst_netbuf_mgmt, *pus_len);
#if(_PRE_WLAN_FEATURE_PMF == _PRE_PMF_HW_CCMP_BIP)
pst_security->en_cipher_protocol_type = WLAN_80211_CIPHER_SUITE_BIP;
pst_security->uc_cipher_key_id = uc_pmf_igtk_keyid;
#else
pst_pmf_igtk = &pst_multi_user->st_key_info.ast_key[uc_pmf_igtk_keyid];
pst_security->en_cipher_protocol_type = WLAN_80211_CIPHER_SUITE_NO_ENCRYP;
/* 11w组播管理帧加密 */
ul_relt = oal_crypto_bip_enmic(uc_pmf_igtk_keyid,
pst_pmf_igtk->auc_key,
pst_pmf_igtk->auc_seq,
pst_netbuf_mgmt,
pus_len);
if(OAL_SUCC != ul_relt)
{
OAM_ERROR_LOG1(pst_dmac_vap->st_vap_base_info.uc_vap_id, OAM_SF_PMF, "{dmac_bip_crypto::oal_crypto_bip_enmic failed[%d].}", ul_relt);
return OAL_ERR_CODE_PMF_BIP_CRIPTO_FAIL;
}
#endif
}
return OAL_SUCC;
}
OAL_STATIC oal_bool_enum_uint8 dmac_11w_check_vap_pmf_cap(dmac_vap_stru *pst_dmac_vap, wlan_pmf_cap_status_uint8 en_pmf_cap)
{
mac_user_stru *pst_multi_user;
pst_multi_user = mac_res_get_mac_user(pst_dmac_vap->st_vap_base_info.us_multi_user_idx);
if (OAL_PTR_NULL == pst_multi_user)
{
return OAL_PTR_NULL;
}
/* 具备pmf管理帧加密的前提条件:
1) mib项打开:RSN Active mib
2) 能力支持 :user 支持pmf
3) igtk存在 :用于广播Robust mgmt加密
*/
if ((OAL_TRUE == mac_mib_get_dot11RSNAActivated(&pst_dmac_vap->st_vap_base_info)) &&
( MAC_PMF_DISABLED != en_pmf_cap) &&
(OAL_SUCC == dmac_check_igtk_exist(pst_multi_user->st_key_info.uc_igtk_key_index)))
{
return OAL_TRUE;
}
return OAL_FALSE;
}
