Root/drivers/staging/wlan-ng/p80211wep.c

1/* src/p80211/p80211wep.c
2*
3* WEP encode/decode for P80211.
4*
5* Copyright (C) 2002 AbsoluteValue Systems, Inc. All Rights Reserved.
6* --------------------------------------------------------------------
7*
8* linux-wlan
9*
10* The contents of this file are subject to the Mozilla Public
11* License Version 1.1 (the "License"); you may not use this file
12* except in compliance with the License. You may obtain a copy of
13* the License at http://www.mozilla.org/MPL/
14*
15* Software distributed under the License is distributed on an "AS
16* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
17* implied. See the License for the specific language governing
18* rights and limitations under the License.
19*
20* Alternatively, the contents of this file may be used under the
21* terms of the GNU Public License version 2 (the "GPL"), in which
22* case the provisions of the GPL are applicable instead of the
23* above. If you wish to allow the use of your version of this file
24* only under the terms of the GPL and not to allow others to use
25* your version of this file under the MPL, indicate your decision
26* by deleting the provisions above and replace them with the notice
27* and other provisions required by the GPL. If you do not delete
28* the provisions above, a recipient may use your version of this
29* file under either the MPL or the GPL.
30*
31* --------------------------------------------------------------------
32*
33* Inquiries regarding the linux-wlan Open Source project can be
34* made directly to:
35*
36* AbsoluteValue Systems Inc.
37* info@linux-wlan.com
38* http://www.linux-wlan.com
39*
40* --------------------------------------------------------------------
41*
42* Portions of the development of this software were funded by
43* Intersil Corporation as part of PRISM(R) chipset product development.
44*
45* --------------------------------------------------------------------
46*/
47
48/*================================================================*/
49/* System Includes */
50
51#include <linux/netdevice.h>
52#include <linux/wireless.h>
53#include <linux/random.h>
54#include <linux/kernel.h>
55
56/* #define WEP_DEBUG */
57
58#include "p80211hdr.h"
59#include "p80211types.h"
60#include "p80211msg.h"
61#include "p80211conv.h"
62#include "p80211netdev.h"
63
64#define WEP_KEY(x) (((x) & 0xC0) >> 6)
65
66static const u32 wep_crc32_table[256] = {
67    0x00000000L, 0x77073096L, 0xee0e612cL, 0x990951baL, 0x076dc419L,
68    0x706af48fL, 0xe963a535L, 0x9e6495a3L, 0x0edb8832L, 0x79dcb8a4L,
69    0xe0d5e91eL, 0x97d2d988L, 0x09b64c2bL, 0x7eb17cbdL, 0xe7b82d07L,
70    0x90bf1d91L, 0x1db71064L, 0x6ab020f2L, 0xf3b97148L, 0x84be41deL,
71    0x1adad47dL, 0x6ddde4ebL, 0xf4d4b551L, 0x83d385c7L, 0x136c9856L,
72    0x646ba8c0L, 0xfd62f97aL, 0x8a65c9ecL, 0x14015c4fL, 0x63066cd9L,
73    0xfa0f3d63L, 0x8d080df5L, 0x3b6e20c8L, 0x4c69105eL, 0xd56041e4L,
74    0xa2677172L, 0x3c03e4d1L, 0x4b04d447L, 0xd20d85fdL, 0xa50ab56bL,
75    0x35b5a8faL, 0x42b2986cL, 0xdbbbc9d6L, 0xacbcf940L, 0x32d86ce3L,
76    0x45df5c75L, 0xdcd60dcfL, 0xabd13d59L, 0x26d930acL, 0x51de003aL,
77    0xc8d75180L, 0xbfd06116L, 0x21b4f4b5L, 0x56b3c423L, 0xcfba9599L,
78    0xb8bda50fL, 0x2802b89eL, 0x5f058808L, 0xc60cd9b2L, 0xb10be924L,
79    0x2f6f7c87L, 0x58684c11L, 0xc1611dabL, 0xb6662d3dL, 0x76dc4190L,
80    0x01db7106L, 0x98d220bcL, 0xefd5102aL, 0x71b18589L, 0x06b6b51fL,
81    0x9fbfe4a5L, 0xe8b8d433L, 0x7807c9a2L, 0x0f00f934L, 0x9609a88eL,
82    0xe10e9818L, 0x7f6a0dbbL, 0x086d3d2dL, 0x91646c97L, 0xe6635c01L,
83    0x6b6b51f4L, 0x1c6c6162L, 0x856530d8L, 0xf262004eL, 0x6c0695edL,
84    0x1b01a57bL, 0x8208f4c1L, 0xf50fc457L, 0x65b0d9c6L, 0x12b7e950L,
85    0x8bbeb8eaL, 0xfcb9887cL, 0x62dd1ddfL, 0x15da2d49L, 0x8cd37cf3L,
86    0xfbd44c65L, 0x4db26158L, 0x3ab551ceL, 0xa3bc0074L, 0xd4bb30e2L,
87    0x4adfa541L, 0x3dd895d7L, 0xa4d1c46dL, 0xd3d6f4fbL, 0x4369e96aL,
88    0x346ed9fcL, 0xad678846L, 0xda60b8d0L, 0x44042d73L, 0x33031de5L,
89    0xaa0a4c5fL, 0xdd0d7cc9L, 0x5005713cL, 0x270241aaL, 0xbe0b1010L,
90    0xc90c2086L, 0x5768b525L, 0x206f85b3L, 0xb966d409L, 0xce61e49fL,
91    0x5edef90eL, 0x29d9c998L, 0xb0d09822L, 0xc7d7a8b4L, 0x59b33d17L,
92    0x2eb40d81L, 0xb7bd5c3bL, 0xc0ba6cadL, 0xedb88320L, 0x9abfb3b6L,
93    0x03b6e20cL, 0x74b1d29aL, 0xead54739L, 0x9dd277afL, 0x04db2615L,
94    0x73dc1683L, 0xe3630b12L, 0x94643b84L, 0x0d6d6a3eL, 0x7a6a5aa8L,
95    0xe40ecf0bL, 0x9309ff9dL, 0x0a00ae27L, 0x7d079eb1L, 0xf00f9344L,
96    0x8708a3d2L, 0x1e01f268L, 0x6906c2feL, 0xf762575dL, 0x806567cbL,
97    0x196c3671L, 0x6e6b06e7L, 0xfed41b76L, 0x89d32be0L, 0x10da7a5aL,
98    0x67dd4accL, 0xf9b9df6fL, 0x8ebeeff9L, 0x17b7be43L, 0x60b08ed5L,
99    0xd6d6a3e8L, 0xa1d1937eL, 0x38d8c2c4L, 0x4fdff252L, 0xd1bb67f1L,
100    0xa6bc5767L, 0x3fb506ddL, 0x48b2364bL, 0xd80d2bdaL, 0xaf0a1b4cL,
101    0x36034af6L, 0x41047a60L, 0xdf60efc3L, 0xa867df55L, 0x316e8eefL,
102    0x4669be79L, 0xcb61b38cL, 0xbc66831aL, 0x256fd2a0L, 0x5268e236L,
103    0xcc0c7795L, 0xbb0b4703L, 0x220216b9L, 0x5505262fL, 0xc5ba3bbeL,
104    0xb2bd0b28L, 0x2bb45a92L, 0x5cb36a04L, 0xc2d7ffa7L, 0xb5d0cf31L,
105    0x2cd99e8bL, 0x5bdeae1dL, 0x9b64c2b0L, 0xec63f226L, 0x756aa39cL,
106    0x026d930aL, 0x9c0906a9L, 0xeb0e363fL, 0x72076785L, 0x05005713L,
107    0x95bf4a82L, 0xe2b87a14L, 0x7bb12baeL, 0x0cb61b38L, 0x92d28e9bL,
108    0xe5d5be0dL, 0x7cdcefb7L, 0x0bdbdf21L, 0x86d3d2d4L, 0xf1d4e242L,
109    0x68ddb3f8L, 0x1fda836eL, 0x81be16cdL, 0xf6b9265bL, 0x6fb077e1L,
110    0x18b74777L, 0x88085ae6L, 0xff0f6a70L, 0x66063bcaL, 0x11010b5cL,
111    0x8f659effL, 0xf862ae69L, 0x616bffd3L, 0x166ccf45L, 0xa00ae278L,
112    0xd70dd2eeL, 0x4e048354L, 0x3903b3c2L, 0xa7672661L, 0xd06016f7L,
113    0x4969474dL, 0x3e6e77dbL, 0xaed16a4aL, 0xd9d65adcL, 0x40df0b66L,
114    0x37d83bf0L, 0xa9bcae53L, 0xdebb9ec5L, 0x47b2cf7fL, 0x30b5ffe9L,
115    0xbdbdf21cL, 0xcabac28aL, 0x53b39330L, 0x24b4a3a6L, 0xbad03605L,
116    0xcdd70693L, 0x54de5729L, 0x23d967bfL, 0xb3667a2eL, 0xc4614ab8L,
117    0x5d681b02L, 0x2a6f2b94L, 0xb40bbe37L, 0xc30c8ea1L, 0x5a05df1bL,
118    0x2d02ef8dL
119};
120
121/* keylen in bytes! */
122
123int wep_change_key(wlandevice_t *wlandev, int keynum, u8 *key, int keylen)
124{
125    if (keylen < 0)
126        return -1;
127    if (keylen >= MAX_KEYLEN)
128        return -1;
129    if (key == NULL)
130        return -1;
131    if (keynum < 0)
132        return -1;
133    if (keynum >= NUM_WEPKEYS)
134        return -1;
135
136#ifdef WEP_DEBUG
137    printk(KERN_DEBUG
138           "WEP key %d len %d = %02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x\n",
139           keynum, keylen, key[0], key[1], key[2], key[3], key[4], key[5],
140           key[6], key[7]);
141#endif
142
143    wlandev->wep_keylens[keynum] = keylen;
144    memcpy(wlandev->wep_keys[keynum], key, keylen);
145
146    return 0;
147}
148
149/*
150  4-byte IV at start of buffer, 4-byte ICV at end of buffer.
151  if successful, buf start is payload begin, length -= 8;
152 */
153int wep_decrypt(wlandevice_t *wlandev, u8 *buf, u32 len, int key_override,
154        u8 *iv, u8 *icv)
155{
156    u32 i, j, k, crc, keylen;
157    u8 s[256], key[64], c_crc[4];
158    u8 keyidx;
159
160    /* Needs to be at least 8 bytes of payload */
161    if (len <= 0)
162        return -1;
163
164    /* initialize the first bytes of the key from the IV */
165    key[0] = iv[0];
166    key[1] = iv[1];
167    key[2] = iv[2];
168    keyidx = WEP_KEY(iv[3]);
169
170    if (key_override >= 0)
171        keyidx = key_override;
172
173    if (keyidx >= NUM_WEPKEYS)
174        return -2;
175
176    keylen = wlandev->wep_keylens[keyidx];
177
178    if (keylen == 0)
179        return -3;
180
181    /* copy the rest of the key over from the designated key */
182    memcpy(key + 3, wlandev->wep_keys[keyidx], keylen);
183
184    keylen += 3; /* add in IV bytes */
185
186#ifdef WEP_DEBUG
187    printk(KERN_DEBUG
188           "D %d: %02x %02x %02x (%d %d) %02x:%02x:%02x:%02x:%02x\n", len,
189           key[0], key[1], key[2], keyidx, keylen, key[3], key[4], key[5],
190           key[6], key[7]);
191#endif
192
193    /* set up the RC4 state */
194    for (i = 0; i < 256; i++)
195        s[i] = i;
196    j = 0;
197    for (i = 0; i < 256; i++) {
198        j = (j + s[i] + key[i % keylen]) & 0xff;
199        swap(i, j);
200    }
201
202    /* Apply the RC4 to the data, update the CRC32 */
203    crc = ~0;
204    i = j = 0;
205    for (k = 0; k < len; k++) {
206        i = (i + 1) & 0xff;
207        j = (j + s[i]) & 0xff;
208        swap(i, j);
209        buf[k] ^= s[(s[i] + s[j]) & 0xff];
210        crc = wep_crc32_table[(crc ^ buf[k]) & 0xff] ^ (crc >> 8);
211    }
212    crc = ~crc;
213
214    /* now let's check the crc */
215    c_crc[0] = crc;
216    c_crc[1] = crc >> 8;
217    c_crc[2] = crc >> 16;
218    c_crc[3] = crc >> 24;
219
220    for (k = 0; k < 4; k++) {
221        i = (i + 1) & 0xff;
222        j = (j + s[i]) & 0xff;
223        swap(i, j);
224        if ((c_crc[k] ^ s[(s[i] + s[j]) & 0xff]) != icv[k])
225            return -(4 | (k << 4)); /* ICV mismatch */
226    }
227
228    return 0;
229}
230
231/* encrypts in-place. */
232int wep_encrypt(wlandevice_t *wlandev, u8 *buf, u8 *dst, u32 len, int keynum,
233        u8 *iv, u8 *icv)
234{
235    u32 i, j, k, crc, keylen;
236    u8 s[256], key[64];
237
238    /* no point in WEPping an empty frame */
239    if (len <= 0)
240        return -1;
241
242    /* we need to have a real key.. */
243    if (keynum >= NUM_WEPKEYS)
244        return -2;
245    keylen = wlandev->wep_keylens[keynum];
246    if (keylen <= 0)
247        return -3;
248
249    /* use a random IV. And skip known weak ones. */
250    get_random_bytes(iv, 3);
251    while ((iv[1] == 0xff) && (iv[0] >= 3) && (iv[0] < keylen))
252        get_random_bytes(iv, 3);
253
254    iv[3] = (keynum & 0x03) << 6;
255
256    key[0] = iv[0];
257    key[1] = iv[1];
258    key[2] = iv[2];
259
260    /* copy the rest of the key over from the designated key */
261    memcpy(key + 3, wlandev->wep_keys[keynum], keylen);
262
263    keylen += 3; /* add in IV bytes */
264
265#ifdef WEP_DEBUG
266    printk(KERN_DEBUG
267           "E %d (%d/%d %d) %02x %02x %02x %02x:%02x:%02x:%02x:%02x\n", len,
268           iv[3], keynum, keylen, key[0], key[1], key[2], key[3], key[4],
269           key[5], key[6], key[7]);
270#endif
271
272    /* set up the RC4 state */
273    for (i = 0; i < 256; i++)
274        s[i] = i;
275    j = 0;
276    for (i = 0; i < 256; i++) {
277        j = (j + s[i] + key[i % keylen]) & 0xff;
278        swap(i, j);
279    }
280
281    /* Update CRC32 then apply RC4 to the data */
282    crc = ~0;
283    i = j = 0;
284    for (k = 0; k < len; k++) {
285        crc = wep_crc32_table[(crc ^ buf[k]) & 0xff] ^ (crc >> 8);
286        i = (i + 1) & 0xff;
287        j = (j + s[i]) & 0xff;
288        swap(i, j);
289        dst[k] = buf[k] ^ s[(s[i] + s[j]) & 0xff];
290    }
291    crc = ~crc;
292
293    /* now let's encrypt the crc */
294    icv[0] = crc;
295    icv[1] = crc >> 8;
296    icv[2] = crc >> 16;
297    icv[3] = crc >> 24;
298
299    for (k = 0; k < 4; k++) {
300        i = (i + 1) & 0xff;
301        j = (j + s[i]) & 0xff;
302        swap(i, j);
303        icv[k] ^= s[(s[i] + s[j]) & 0xff];
304    }
305
306    return 0;
307}
308

Archive Download this file



interactive