2 * Copyright (c) 1996, 2003 VIA Networking Technologies, Inc.
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
22 * Purpose: Implement functions for 802.11i TKIP
29 * TKIPvMixKey - Get TKIP RC4 Key from TK,TA, and TSC
38 /* The Sbox is reduced to 2 16-bit wide tables, each with 256 entries. */
39 /* The 2nd table is the same as the 1st but with the upper and lower */
40 /* bytes swapped. To allow an endian tolerant implementation, the byte */
41 /* halves have been expressed independently here. */
42 static const u8 TKIP_Sbox_Lower
[256] = {
43 0xA5,0x84,0x99,0x8D,0x0D,0xBD,0xB1,0x54,
44 0x50,0x03,0xA9,0x7D,0x19,0x62,0xE6,0x9A,
45 0x45,0x9D,0x40,0x87,0x15,0xEB,0xC9,0x0B,
46 0xEC,0x67,0xFD,0xEA,0xBF,0xF7,0x96,0x5B,
47 0xC2,0x1C,0xAE,0x6A,0x5A,0x41,0x02,0x4F,
48 0x5C,0xF4,0x34,0x08,0x93,0x73,0x53,0x3F,
49 0x0C,0x52,0x65,0x5E,0x28,0xA1,0x0F,0xB5,
50 0x09,0x36,0x9B,0x3D,0x26,0x69,0xCD,0x9F,
51 0x1B,0x9E,0x74,0x2E,0x2D,0xB2,0xEE,0xFB,
52 0xF6,0x4D,0x61,0xCE,0x7B,0x3E,0x71,0x97,
53 0xF5,0x68,0x00,0x2C,0x60,0x1F,0xC8,0xED,
54 0xBE,0x46,0xD9,0x4B,0xDE,0xD4,0xE8,0x4A,
55 0x6B,0x2A,0xE5,0x16,0xC5,0xD7,0x55,0x94,
56 0xCF,0x10,0x06,0x81,0xF0,0x44,0xBA,0xE3,
57 0xF3,0xFE,0xC0,0x8A,0xAD,0xBC,0x48,0x04,
58 0xDF,0xC1,0x75,0x63,0x30,0x1A,0x0E,0x6D,
59 0x4C,0x14,0x35,0x2F,0xE1,0xA2,0xCC,0x39,
60 0x57,0xF2,0x82,0x47,0xAC,0xE7,0x2B,0x95,
61 0xA0,0x98,0xD1,0x7F,0x66,0x7E,0xAB,0x83,
62 0xCA,0x29,0xD3,0x3C,0x79,0xE2,0x1D,0x76,
63 0x3B,0x56,0x4E,0x1E,0xDB,0x0A,0x6C,0xE4,
64 0x5D,0x6E,0xEF,0xA6,0xA8,0xA4,0x37,0x8B,
65 0x32,0x43,0x59,0xB7,0x8C,0x64,0xD2,0xE0,
66 0xB4,0xFA,0x07,0x25,0xAF,0x8E,0xE9,0x18,
67 0xD5,0x88,0x6F,0x72,0x24,0xF1,0xC7,0x51,
68 0x23,0x7C,0x9C,0x21,0xDD,0xDC,0x86,0x85,
69 0x90,0x42,0xC4,0xAA,0xD8,0x05,0x01,0x12,
70 0xA3,0x5F,0xF9,0xD0,0x91,0x58,0x27,0xB9,
71 0x38,0x13,0xB3,0x33,0xBB,0x70,0x89,0xA7,
72 0xB6,0x22,0x92,0x20,0x49,0xFF,0x78,0x7A,
73 0x8F,0xF8,0x80,0x17,0xDA,0x31,0xC6,0xB8,
74 0xC3,0xB0,0x77,0x11,0xCB,0xFC,0xD6,0x3A
77 static const u8 TKIP_Sbox_Upper
[256] = {
78 0xC6,0xF8,0xEE,0xF6,0xFF,0xD6,0xDE,0x91,
79 0x60,0x02,0xCE,0x56,0xE7,0xB5,0x4D,0xEC,
80 0x8F,0x1F,0x89,0xFA,0xEF,0xB2,0x8E,0xFB,
81 0x41,0xB3,0x5F,0x45,0x23,0x53,0xE4,0x9B,
82 0x75,0xE1,0x3D,0x4C,0x6C,0x7E,0xF5,0x83,
83 0x68,0x51,0xD1,0xF9,0xE2,0xAB,0x62,0x2A,
84 0x08,0x95,0x46,0x9D,0x30,0x37,0x0A,0x2F,
85 0x0E,0x24,0x1B,0xDF,0xCD,0x4E,0x7F,0xEA,
86 0x12,0x1D,0x58,0x34,0x36,0xDC,0xB4,0x5B,
87 0xA4,0x76,0xB7,0x7D,0x52,0xDD,0x5E,0x13,
88 0xA6,0xB9,0x00,0xC1,0x40,0xE3,0x79,0xB6,
89 0xD4,0x8D,0x67,0x72,0x94,0x98,0xB0,0x85,
90 0xBB,0xC5,0x4F,0xED,0x86,0x9A,0x66,0x11,
91 0x8A,0xE9,0x04,0xFE,0xA0,0x78,0x25,0x4B,
92 0xA2,0x5D,0x80,0x05,0x3F,0x21,0x70,0xF1,
93 0x63,0x77,0xAF,0x42,0x20,0xE5,0xFD,0xBF,
94 0x81,0x18,0x26,0xC3,0xBE,0x35,0x88,0x2E,
95 0x93,0x55,0xFC,0x7A,0xC8,0xBA,0x32,0xE6,
96 0xC0,0x19,0x9E,0xA3,0x44,0x54,0x3B,0x0B,
97 0x8C,0xC7,0x6B,0x28,0xA7,0xBC,0x16,0xAD,
98 0xDB,0x64,0x74,0x14,0x92,0x0C,0x48,0xB8,
99 0x9F,0xBD,0x43,0xC4,0x39,0x31,0xD3,0xF2,
100 0xD5,0x8B,0x6E,0xDA,0x01,0xB1,0x9C,0x49,
101 0xD8,0xAC,0xF3,0xCF,0xCA,0xF4,0x47,0x10,
102 0x6F,0xF0,0x4A,0x5C,0x38,0x57,0x73,0x97,
103 0xCB,0xA1,0xE8,0x3E,0x96,0x61,0x0D,0x0F,
104 0xE0,0x7C,0x71,0xCC,0x90,0x06,0xF7,0x1C,
105 0xC2,0x6A,0xAE,0x69,0x17,0x99,0x3A,0x27,
106 0xD9,0xEB,0x2B,0x22,0xD2,0xA9,0x07,0x33,
107 0x2D,0x3C,0x15,0xC9,0x87,0xAA,0x50,0xA5,
108 0x03,0x59,0x09,0x1A,0x65,0xD7,0x84,0xD0,
109 0x82,0x29,0x5A,0x1E,0x7B,0xA8,0x6D,0x2C
112 //STKIPKeyManagement sTKIPKeyTable[MAX_TKIP_KEY];
114 /************************************************************/
116 /* Returns a 16 bit value from a 64K entry table. The Table */
117 /* is synthesized from two 256 entry byte wide tables. */
118 /************************************************************/
119 static unsigned int tkip_sbox(unsigned int index
)
121 unsigned int index_low
;
122 unsigned int index_high
;
123 unsigned int left
, right
;
125 index_low
= (index
% 256);
126 index_high
= ((index
>> 8) % 256);
128 left
= TKIP_Sbox_Lower
[index_low
] + (TKIP_Sbox_Upper
[index_low
] * 256);
129 right
= TKIP_Sbox_Upper
[index_high
] + (TKIP_Sbox_Lower
[index_high
] * 256);
131 return (left
^ right
);
134 static unsigned int rotr1(unsigned int a
)
138 if ((a
& 0x01) == 0x01) {
139 b
= (a
>> 1) | 0x8000;
141 b
= (a
>> 1) & 0x7fff;
148 * Description: Calculate RC4Key fom TK, TA, and TSC
170 u32 tsc0
, tsc1
, tsc2
;
171 u32 ppk0
, ppk1
, ppk2
, ppk3
, ppk4
, ppk5
;
176 pnh
= (u32
)(dwTSC47_16
& 0xffffffff);
178 tsc0
= (u32
)((pnh
>> 16) % 65536); /* msb */
179 tsc1
= (u32
)(pnh
% 65536);
180 tsc2
= (u32
)(pnl
% 65536); /* lsb */
182 /* Phase 1, step 1 */
185 p1k
[2] = (u32
)(pbyTA
[0] + (pbyTA
[1]*256));
186 p1k
[3] = (u32
)(pbyTA
[2] + (pbyTA
[3]*256));
187 p1k
[4] = (u32
)(pbyTA
[4] + (pbyTA
[5]*256));
189 /* Phase 1, step 2 */
190 for (i
=0; i
<8; i
++) {
192 p1k
[0] = (p1k
[0] + tkip_sbox((p1k
[4] ^ ((256*pbyTKey
[1+j
]) + pbyTKey
[j
])) % 65536)) % 65536;
193 p1k
[1] = (p1k
[1] + tkip_sbox((p1k
[0] ^ ((256*pbyTKey
[5+j
]) + pbyTKey
[4+j
])) % 65536)) % 65536;
194 p1k
[2] = (p1k
[2] + tkip_sbox((p1k
[1] ^ ((256*pbyTKey
[9+j
]) + pbyTKey
[8+j
])) % 65536)) % 65536;
195 p1k
[3] = (p1k
[3] + tkip_sbox((p1k
[2] ^ ((256*pbyTKey
[13+j
]) + pbyTKey
[12+j
])) % 65536)) % 65536;
196 p1k
[4] = (p1k
[4] + tkip_sbox((p1k
[3] ^ (((256*pbyTKey
[1+j
]) + pbyTKey
[j
]))) % 65536)) % 65536;
197 p1k
[4] = (p1k
[4] + i
) % 65536;
200 /* Phase 2, Step 1 */
206 ppk5
= (p1k
[4] + tsc2
) % 65536;
209 ppk0
= ppk0
+ tkip_sbox((ppk5
^ ((256*pbyTKey
[1]) + pbyTKey
[0])) % 65536);
210 ppk1
= ppk1
+ tkip_sbox((ppk0
^ ((256*pbyTKey
[3]) + pbyTKey
[2])) % 65536);
211 ppk2
= ppk2
+ tkip_sbox((ppk1
^ ((256*pbyTKey
[5]) + pbyTKey
[4])) % 65536);
212 ppk3
= ppk3
+ tkip_sbox((ppk2
^ ((256*pbyTKey
[7]) + pbyTKey
[6])) % 65536);
213 ppk4
= ppk4
+ tkip_sbox((ppk3
^ ((256*pbyTKey
[9]) + pbyTKey
[8])) % 65536);
214 ppk5
= ppk5
+ tkip_sbox((ppk4
^ ((256*pbyTKey
[11]) + pbyTKey
[10])) % 65536);
216 ppk0
= ppk0
+ rotr1(ppk5
^ ((256*pbyTKey
[13]) + pbyTKey
[12]));
217 ppk1
= ppk1
+ rotr1(ppk0
^ ((256*pbyTKey
[15]) + pbyTKey
[14]));
218 ppk2
= ppk2
+ rotr1(ppk1
);
219 ppk3
= ppk3
+ rotr1(ppk2
);
220 ppk4
= ppk4
+ rotr1(ppk3
);
221 ppk5
= ppk5
+ rotr1(ppk4
);
223 /* Phase 2, Step 3 */
224 pbyRC4Key
[0] = (tsc2
>> 8) % 256;
225 pbyRC4Key
[1] = (((tsc2
>> 8) % 256) | 0x20) & 0x7f;
226 pbyRC4Key
[2] = tsc2
% 256;
227 pbyRC4Key
[3] = ((ppk5
^ ((256*pbyTKey
[1]) + pbyTKey
[0])) >> 1) % 256;
229 pbyRC4Key
[4] = ppk0
% 256;
230 pbyRC4Key
[5] = (ppk0
>> 8) % 256;
232 pbyRC4Key
[6] = ppk1
% 256;
233 pbyRC4Key
[7] = (ppk1
>> 8) % 256;
235 pbyRC4Key
[8] = ppk2
% 256;
236 pbyRC4Key
[9] = (ppk2
>> 8) % 256;
238 pbyRC4Key
[10] = ppk3
% 256;
239 pbyRC4Key
[11] = (ppk3
>> 8) % 256;
241 pbyRC4Key
[12] = ppk4
% 256;
242 pbyRC4Key
[13] = (ppk4
>> 8) % 256;
244 pbyRC4Key
[14] = ppk5
% 256;
245 pbyRC4Key
[15] = (ppk5
>> 8) % 256;