2 * Copyright (c) 1996, 2003 VIA Networking Technologies, Inc.
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
22 * Purpose: Handles the Basic Service Set & Node Database functions
25 * WPA_ParseRSN - Parse RSN IE.
45 /*--------------------- Static Variables --------------------------*/
46 static int msglevel
=MSG_LEVEL_INFO
;
48 const unsigned char abyOUI00
[4] = { 0x00, 0x50, 0xf2, 0x00 };
49 const unsigned char abyOUI01
[4] = { 0x00, 0x50, 0xf2, 0x01 };
50 const unsigned char abyOUI02
[4] = { 0x00, 0x50, 0xf2, 0x02 };
51 const unsigned char abyOUI03
[4] = { 0x00, 0x50, 0xf2, 0x03 };
52 const unsigned char abyOUI04
[4] = { 0x00, 0x50, 0xf2, 0x04 };
53 const unsigned char abyOUI05
[4] = { 0x00, 0x50, 0xf2, 0x05 };
59 * Clear RSN information in BSSList.
63 * pBSSList - BSS list.
77 pBSSList
->byGKType
= WPA_TKIP
;
78 for (ii
=0; ii
< 4; ii
++)
79 pBSSList
->abyPKType
[ii
] = WPA_TKIP
;
80 pBSSList
->wPKCount
= 0;
81 for (ii
=0; ii
< 4; ii
++)
82 pBSSList
->abyAuthType
[ii
] = WPA_AUTH_IEEE802_1X
;
83 pBSSList
->wAuthCount
= 0;
84 pBSSList
->byDefaultK_as_PK
= 0;
85 pBSSList
->byReplayIdx
= 0;
86 pBSSList
->sRSNCapObj
.bRSNCapExist
= false;
87 pBSSList
->sRSNCapObj
.wRSNCap
= 0;
88 pBSSList
->bWPAValid
= false;
99 * pBSSList - BSS list.
100 * pRSN - Pointer to the RSN IE.
104 * Return Value: none.
110 PWLAN_IE_RSN_EXT pRSN
113 PWLAN_IE_RSN_AUTH pIE_RSN_Auth
= NULL
;
115 unsigned char *pbyCaps
;
117 WPA_ClearRSN(pBSSList
);
119 DBG_PRT(MSG_LEVEL_DEBUG
, KERN_INFO
"WPA_ParseRSN: [%d]\n", pRSN
->len
);
121 // information element header makes sense
122 if ((pRSN
->len
>= 6) // oui1(4)+ver(2)
123 && (pRSN
->byElementID
== WLAN_EID_RSN_WPA
) && !memcmp(pRSN
->abyOUI
, abyOUI01
, 4)
124 && (pRSN
->wVersion
== 1)) {
126 DBG_PRT(MSG_LEVEL_DEBUG
, KERN_INFO
"Legal RSN\n");
127 // update each variable if pRSN is long enough to contain the variable
128 if (pRSN
->len
>= 10) //oui1(4)+ver(2)+GKSuite(4)
130 if ( !memcmp(pRSN
->abyMulticast
, abyOUI01
, 4))
131 pBSSList
->byGKType
= WPA_WEP40
;
132 else if ( !memcmp(pRSN
->abyMulticast
, abyOUI02
, 4))
133 pBSSList
->byGKType
= WPA_TKIP
;
134 else if ( !memcmp(pRSN
->abyMulticast
, abyOUI03
, 4))
135 pBSSList
->byGKType
= WPA_AESWRAP
;
136 else if ( !memcmp(pRSN
->abyMulticast
, abyOUI04
, 4))
137 pBSSList
->byGKType
= WPA_AESCCMP
;
138 else if ( !memcmp(pRSN
->abyMulticast
, abyOUI05
, 4))
139 pBSSList
->byGKType
= WPA_WEP104
;
141 // any vendor checks here
142 pBSSList
->byGKType
= WPA_NONE
;
144 DBG_PRT(MSG_LEVEL_DEBUG
, KERN_INFO
"byGKType: %x\n", pBSSList
->byGKType
);
147 if (pRSN
->len
>= 12) //oui1(4)+ver(2)+GKS(4)+PKSCnt(2)
150 DBG_PRT(MSG_LEVEL_DEBUG
, KERN_INFO
"wPKCount: %d, sizeof(pBSSList->abyPKType): %zu\n", pRSN
->wPKCount
, sizeof(pBSSList
->abyPKType
));
151 for(i
= 0; (i
< pRSN
->wPKCount
) && (j
< sizeof(pBSSList
->abyPKType
)/sizeof(unsigned char)); i
++) {
152 if(pRSN
->len
>= 12+i
*4+4) { //oui1(4)+ver(2)+GKS(4)+PKSCnt(2)+PKS(4*i)
153 if ( !memcmp(pRSN
->PKSList
[i
].abyOUI
, abyOUI00
, 4))
154 pBSSList
->abyPKType
[j
++] = WPA_NONE
;
155 else if ( !memcmp(pRSN
->PKSList
[i
].abyOUI
, abyOUI02
, 4))
156 pBSSList
->abyPKType
[j
++] = WPA_TKIP
;
157 else if ( !memcmp(pRSN
->PKSList
[i
].abyOUI
, abyOUI03
, 4))
158 pBSSList
->abyPKType
[j
++] = WPA_AESWRAP
;
159 else if ( !memcmp(pRSN
->PKSList
[i
].abyOUI
, abyOUI04
, 4))
160 pBSSList
->abyPKType
[j
++] = WPA_AESCCMP
;
162 // any vendor checks here
167 //DBG_PRN_GRP14(("abyPKType[%d]: %X\n", j-1, pBSSList->abyPKType[j-1]));
169 pBSSList
->wPKCount
= (unsigned short)j
;
170 DBG_PRT(MSG_LEVEL_DEBUG
, KERN_INFO
"wPKCount: %d\n", pBSSList
->wPKCount
);
174 DBG_PRT(MSG_LEVEL_DEBUG
, KERN_INFO
"m: %d\n", m
);
175 DBG_PRT(MSG_LEVEL_DEBUG
, KERN_INFO
"14+m*4: %d\n", 14+m
*4);
177 if (pRSN
->len
>= 14+m
*4) { //oui1(4)+ver(2)+GKS(4)+PKSCnt(2)+PKS(4*m)+AKC(2)
178 // overlay IE_RSN_Auth structure into correct place
179 pIE_RSN_Auth
= (PWLAN_IE_RSN_AUTH
) pRSN
->PKSList
[m
].abyOUI
;
181 DBG_PRT(MSG_LEVEL_DEBUG
, KERN_INFO
"wAuthCount: %d, sizeof(pBSSList->abyAuthType): %zu\n",
182 pIE_RSN_Auth
->wAuthCount
, sizeof(pBSSList
->abyAuthType
));
183 for(i
= 0; (i
< pIE_RSN_Auth
->wAuthCount
) && (j
< sizeof(pBSSList
->abyAuthType
)/sizeof(unsigned char)); i
++) {
184 if(pRSN
->len
>= 14+4+(m
+i
)*4) { //oui1(4)+ver(2)+GKS(4)+PKSCnt(2)+PKS(4*m)+AKC(2)+AKS(4*i)
185 if ( !memcmp(pIE_RSN_Auth
->AuthKSList
[i
].abyOUI
, abyOUI01
, 4))
186 pBSSList
->abyAuthType
[j
++] = WPA_AUTH_IEEE802_1X
;
187 else if ( !memcmp(pIE_RSN_Auth
->AuthKSList
[i
].abyOUI
, abyOUI02
, 4))
188 pBSSList
->abyAuthType
[j
++] = WPA_AUTH_PSK
;
190 // any vendor checks here
195 //DBG_PRN_GRP14(("abyAuthType[%d]: %X\n", j-1, pBSSList->abyAuthType[j-1]));
198 pBSSList
->wAuthCount
= (unsigned short)j
;
199 DBG_PRT(MSG_LEVEL_DEBUG
, KERN_INFO
"wAuthCount: %d\n", pBSSList
->wAuthCount
);
202 if (pIE_RSN_Auth
!= NULL
) {
204 n
= pIE_RSN_Auth
->wAuthCount
;
206 DBG_PRT(MSG_LEVEL_DEBUG
, KERN_INFO
"n: %d\n", n
);
207 DBG_PRT(MSG_LEVEL_DEBUG
, KERN_INFO
"14+4+(m+n)*4: %d\n", 14+4+(m
+n
)*4);
209 if(pRSN
->len
+2 >= 14+4+(m
+n
)*4) { //oui1(4)+ver(2)+GKS(4)+PKSCnt(2)+PKS(4*m)+AKC(2)+AKS(4*n)+Cap(2)
210 pbyCaps
= (unsigned char *)pIE_RSN_Auth
->AuthKSList
[n
].abyOUI
;
211 pBSSList
->byDefaultK_as_PK
= (*pbyCaps
) & WPA_GROUPFLAG
;
212 pBSSList
->byReplayIdx
= 2 << ((*pbyCaps
>> WPA_REPLAYBITSSHIFT
) & WPA_REPLAYBITS
);
213 pBSSList
->sRSNCapObj
.bRSNCapExist
= true;
214 pBSSList
->sRSNCapObj
.wRSNCap
= *(unsigned short *)pbyCaps
;
215 //DBG_PRN_GRP14(("pbyCaps: %X\n", *pbyCaps));
216 //DBG_PRN_GRP14(("byDefaultK_as_PK: %X\n", pBSSList->byDefaultK_as_PK));
217 //DBG_PRN_GRP14(("byReplayIdx: %X\n", pBSSList->byReplayIdx));
220 pBSSList
->bWPAValid
= true;
227 * Search RSN information in BSSList.
231 * byCmd - Search type
232 * byEncrypt- Encrcypt Type
233 * pBSSList - BSS list
237 * Return Value: none.
243 unsigned char byEncrypt
,
248 unsigned char byPKType
= WPA_NONE
;
250 if (pBSSList
->bWPAValid
== false)
256 if (byEncrypt
!= pBSSList
->byGKType
)
259 if (pBSSList
->wPKCount
> 0) {
260 for (ii
= 0; ii
< pBSSList
->wPKCount
; ii
++) {
261 if (pBSSList
->abyPKType
[ii
] == WPA_AESCCMP
)
262 byPKType
= WPA_AESCCMP
;
263 else if ((pBSSList
->abyPKType
[ii
] == WPA_TKIP
) && (byPKType
!= WPA_AESCCMP
))
265 else if ((pBSSList
->abyPKType
[ii
] == WPA_WEP40
) && (byPKType
!= WPA_AESCCMP
) && (byPKType
!= WPA_TKIP
))
266 byPKType
= WPA_WEP40
;
267 else if ((pBSSList
->abyPKType
[ii
] == WPA_WEP104
) && (byPKType
!= WPA_AESCCMP
) && (byPKType
!= WPA_TKIP
))
268 byPKType
= WPA_WEP104
;
270 if (byEncrypt
!= byPKType
)
274 // if (pBSSList->wAuthCount > 0)
275 // for (ii=0; ii < pBSSList->wAuthCount; ii ++)
276 // if (byAuth == pBSSList->abyAuthType[ii])
289 * Check if RSN IE makes sense.
293 * pRSN - Pointer to the RSN IE.
297 * Return Value: none.
302 PWLAN_IE_RSN_EXT pRSN
308 if ((pRSN
->len
>= 6) && // oui1(4)+ver(2)
309 (pRSN
->byElementID
== WLAN_EID_RSN_WPA
) && !memcmp(pRSN
->abyOUI
, abyOUI01
, 4) &&
310 (pRSN
->wVersion
== 1)) {