Gitiles
Code Review Sign In
192.168.1.100 / T108 / e958203796650e3959a43708d67534bf36f4c83b / . / package / kernel / realtek-wl / src / Driver / rtl8192cd_92fs / wapiCrypto.c
blob: 5d3b4ced9d9b216499b87a6a6cc2f91ce914e4a3 [file] [log] [blame]
b.liue9582032025-04-17 19:18:16 +0800[diff] [blame^]1#include "8192cd_cfg.h"
2#if defined(CONFIG_RTL_WAPI_SUPPORT)
3
4#define _WAPI_CRYPTO_C_
5
6#ifdef __LINUX_2_6__
7#ifdef CONFIG_RTL8672
8#include "./romeperf.h"
9#else
10#if !defined(NOT_RTK_BSP)
11#include <net/rtl/rtl_types.h>
12#endif
13#endif
14#include <linux/jiffies.h>
15#else
16#include "../rtl865x/rtl_types.h"
17#endif
18
19#include <linux/random.h>
20#include "8192cd.h"
21#include "wapi_wai.h"
22#include "wapiCrypto.h"
23#include "8192cd_util.h"
24#include "8192cd_headers.h"
25
26/*
27 * 32-bit integer manipulation macros (big endian)
28 */
29#ifndef GET_ULONG_BE
30#define GET_ULONG_BE(n,b,i) \
31{ \
32 (n) = ( (unsigned long) (b)[(i) ] << 24 ) \
33 | ( (unsigned long) (b)[(i) + 1] << 16 ) \
34 | ( (unsigned long) (b)[(i) + 2] << 8 ) \
35 | ( (unsigned long) (b)[(i) + 3] ); \
36}
37#endif
38
39#ifndef PUT_ULONG_BE
40#define PUT_ULONG_BE(n,b,i) \
41{ \
42 (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \
43 (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \
44 (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \
45 (b)[(i) + 3] = (unsigned char) ( (n) ); \
46}
47#endif
48
49/*
50 * SHA-256 context setup
51 */
52void sha2_starts( sha2_context *ctx, int is224 )
53{
54 ctx->total[0] = 0;
55 ctx->total[1] = 0;
56
57 if( is224 == 0 )
58 {
59 /* SHA-256 */
60 ctx->state[0] = 0x6A09E667;
61 ctx->state[1] = 0xBB67AE85;
62 ctx->state[2] = 0x3C6EF372;
63 ctx->state[3] = 0xA54FF53A;
64 ctx->state[4] = 0x510E527F;
65 ctx->state[5] = 0x9B05688C;
66 ctx->state[6] = 0x1F83D9AB;
67 ctx->state[7] = 0x5BE0CD19;
68 }
69 else
70 {
71 /* SHA-224 */
72 ctx->state[0] = 0xC1059ED8;
73 ctx->state[1] = 0x367CD507;
74 ctx->state[2] = 0x3070DD17;
75 ctx->state[3] = 0xF70E5939;
76 ctx->state[4] = 0xFFC00B31;
77 ctx->state[5] = 0x68581511;
78 ctx->state[6] = 0x64F98FA7;
79 ctx->state[7] = 0xBEFA4FA4;
80 }
81
82 ctx->is224 = is224;
83}
84
85static void sha2_process( sha2_context *ctx, unsigned char data[64] )
86{
87 unsigned long temp1, temp2, W[64];
88 unsigned long A, B, C, D, E, F, G, H;
89
90 GET_ULONG_BE( W[ 0], data, 0 );
91 GET_ULONG_BE( W[ 1], data, 4 );
92 GET_ULONG_BE( W[ 2], data, 8 );
93 GET_ULONG_BE( W[ 3], data, 12 );
94 GET_ULONG_BE( W[ 4], data, 16 );
95 GET_ULONG_BE( W[ 5], data, 20 );
96 GET_ULONG_BE( W[ 6], data, 24 );
97 GET_ULONG_BE( W[ 7], data, 28 );
98 GET_ULONG_BE( W[ 8], data, 32 );
99 GET_ULONG_BE( W[ 9], data, 36 );
100 GET_ULONG_BE( W[10], data, 40 );
101 GET_ULONG_BE( W[11], data, 44 );
102 GET_ULONG_BE( W[12], data, 48 );
103 GET_ULONG_BE( W[13], data, 52 );
104 GET_ULONG_BE( W[14], data, 56 );
105 GET_ULONG_BE( W[15], data, 60 );
106
107#define SHR(x,n) ((x & 0xFFFFFFFF) >> n)
108#define ROTR(x,n) (SHR(x,n) | (x << (32 - n)))
109
110#define S0(x) (ROTR(x, 7) ^ ROTR(x,18) ^ SHR(x, 3))
111#define S1(x) (ROTR(x,17) ^ ROTR(x,19) ^ SHR(x,10))
112
113#define S2(x) (ROTR(x, 2) ^ ROTR(x,13) ^ ROTR(x,22))
114#define S3(x) (ROTR(x, 6) ^ ROTR(x,11) ^ ROTR(x,25))
115
116#define F0(x,y,z) ((x & y) | (z & (x | y)))
117#define F1(x,y,z) (z ^ (x & (y ^ z)))
118
119#define R(t) \
120( \
121 W[t] = S1(W[t - 2]) + W[t - 7] + \
122 S0(W[t - 15]) + W[t - 16] \
123)
124
125#define P(a,b,c,d,e,f,g,h,x,K) \
126{ \
127 temp1 = h + S3(e) + F1(e,f,g) + K + x; \
128 temp2 = S2(a) + F0(a,b,c); \
129 d += temp1; h = temp1 + temp2; \
130}
131
132 A = ctx->state[0];
133 B = ctx->state[1];
134 C = ctx->state[2];
135 D = ctx->state[3];
136 E = ctx->state[4];
137 F = ctx->state[5];
138 G = ctx->state[6];
139 H = ctx->state[7];
140
141 P( A, B, C, D, E, F, G, H, W[ 0], 0x428A2F98 );
142 P( H, A, B, C, D, E, F, G, W[ 1], 0x71374491 );
143 P( G, H, A, B, C, D, E, F, W[ 2], 0xB5C0FBCF );
144 P( F, G, H, A, B, C, D, E, W[ 3], 0xE9B5DBA5 );
145 P( E, F, G, H, A, B, C, D, W[ 4], 0x3956C25B );
146 P( D, E, F, G, H, A, B, C, W[ 5], 0x59F111F1 );
147 P( C, D, E, F, G, H, A, B, W[ 6], 0x923F82A4 );
148 P( B, C, D, E, F, G, H, A, W[ 7], 0xAB1C5ED5 );
149 P( A, B, C, D, E, F, G, H, W[ 8], 0xD807AA98 );
150 P( H, A, B, C, D, E, F, G, W[ 9], 0x12835B01 );
151 P( G, H, A, B, C, D, E, F, W[10], 0x243185BE );
152 P( F, G, H, A, B, C, D, E, W[11], 0x550C7DC3 );
153 P( E, F, G, H, A, B, C, D, W[12], 0x72BE5D74 );
154 P( D, E, F, G, H, A, B, C, W[13], 0x80DEB1FE );
155 P( C, D, E, F, G, H, A, B, W[14], 0x9BDC06A7 );
156 P( B, C, D, E, F, G, H, A, W[15], 0xC19BF174 );
157 P( A, B, C, D, E, F, G, H, R(16), 0xE49B69C1 );
158 P( H, A, B, C, D, E, F, G, R(17), 0xEFBE4786 );
159 P( G, H, A, B, C, D, E, F, R(18), 0x0FC19DC6 );
160 P( F, G, H, A, B, C, D, E, R(19), 0x240CA1CC );
161 P( E, F, G, H, A, B, C, D, R(20), 0x2DE92C6F );
162 P( D, E, F, G, H, A, B, C, R(21), 0x4A7484AA );
163 P( C, D, E, F, G, H, A, B, R(22), 0x5CB0A9DC );
164 P( B, C, D, E, F, G, H, A, R(23), 0x76F988DA );
165 P( A, B, C, D, E, F, G, H, R(24), 0x983E5152 );
166 P( H, A, B, C, D, E, F, G, R(25), 0xA831C66D );
167 P( G, H, A, B, C, D, E, F, R(26), 0xB00327C8 );
168 P( F, G, H, A, B, C, D, E, R(27), 0xBF597FC7 );
169 P( E, F, G, H, A, B, C, D, R(28), 0xC6E00BF3 );
170 P( D, E, F, G, H, A, B, C, R(29), 0xD5A79147 );
171 P( C, D, E, F, G, H, A, B, R(30), 0x06CA6351 );
172 P( B, C, D, E, F, G, H, A, R(31), 0x14292967 );
173 P( A, B, C, D, E, F, G, H, R(32), 0x27B70A85 );
174 P( H, A, B, C, D, E, F, G, R(33), 0x2E1B2138 );
175 P( G, H, A, B, C, D, E, F, R(34), 0x4D2C6DFC );
176 P( F, G, H, A, B, C, D, E, R(35), 0x53380D13 );
177 P( E, F, G, H, A, B, C, D, R(36), 0x650A7354 );
178 P( D, E, F, G, H, A, B, C, R(37), 0x766A0ABB );
179 P( C, D, E, F, G, H, A, B, R(38), 0x81C2C92E );
180 P( B, C, D, E, F, G, H, A, R(39), 0x92722C85 );
181 P( A, B, C, D, E, F, G, H, R(40), 0xA2BFE8A1 );
182 P( H, A, B, C, D, E, F, G, R(41), 0xA81A664B );
183 P( G, H, A, B, C, D, E, F, R(42), 0xC24B8B70 );
184 P( F, G, H, A, B, C, D, E, R(43), 0xC76C51A3 );
185 P( E, F, G, H, A, B, C, D, R(44), 0xD192E819 );
186 P( D, E, F, G, H, A, B, C, R(45), 0xD6990624 );
187 P( C, D, E, F, G, H, A, B, R(46), 0xF40E3585 );
188 P( B, C, D, E, F, G, H, A, R(47), 0x106AA070 );
189 P( A, B, C, D, E, F, G, H, R(48), 0x19A4C116 );
190 P( H, A, B, C, D, E, F, G, R(49), 0x1E376C08 );
191 P( G, H, A, B, C, D, E, F, R(50), 0x2748774C );
192 P( F, G, H, A, B, C, D, E, R(51), 0x34B0BCB5 );
193 P( E, F, G, H, A, B, C, D, R(52), 0x391C0CB3 );
194 P( D, E, F, G, H, A, B, C, R(53), 0x4ED8AA4A );
195 P( C, D, E, F, G, H, A, B, R(54), 0x5B9CCA4F );
196 P( B, C, D, E, F, G, H, A, R(55), 0x682E6FF3 );
197 P( A, B, C, D, E, F, G, H, R(56), 0x748F82EE );
198 P( H, A, B, C, D, E, F, G, R(57), 0x78A5636F );
199 P( G, H, A, B, C, D, E, F, R(58), 0x84C87814 );
200 P( F, G, H, A, B, C, D, E, R(59), 0x8CC70208 );
201 P( E, F, G, H, A, B, C, D, R(60), 0x90BEFFFA );
202 P( D, E, F, G, H, A, B, C, R(61), 0xA4506CEB );
203 P( C, D, E, F, G, H, A, B, R(62), 0xBEF9A3F7 );
204 P( B, C, D, E, F, G, H, A, R(63), 0xC67178F2 );
205
206 ctx->state[0] += A;
207 ctx->state[1] += B;
208 ctx->state[2] += C;
209 ctx->state[3] += D;
210 ctx->state[4] += E;
211 ctx->state[5] += F;
212 ctx->state[6] += G;
213 ctx->state[7] += H;
214}
215
216/*
217 * SHA-256 process buffer
218 */
219void sha2_update( sha2_context *ctx, unsigned char *input, int ilen )
220{
221 int fill;
222 unsigned long left;
223
224 if( ilen <= 0 )
225 return;
226
227 left = ctx->total[0] & 0x3F;
228 fill = 64 - left;
229
230 ctx->total[0] += ilen;
231 ctx->total[0] &= 0xFFFFFFFF;
232
233 if( ctx->total[0] < (unsigned long) ilen )
234 ctx->total[1]++;
235
236 if( left && ilen >= fill )
237 {
238 memcpy( (void *) (ctx->buffer + left),
239 (void *) input, fill );
240 sha2_process( ctx, ctx->buffer );
241 input += fill;
242 ilen -= fill;
243 left = 0;
244 }
245
246 while( ilen >= 64 )
247 {
248 sha2_process( ctx, input );
249 input += 64;
250 ilen -= 64;
251 }
252
253 if( ilen > 0 )
254 {
255 memcpy( (void *) (ctx->buffer + left),
256 (void *) input, ilen );
257 }
258}
259
260static const unsigned char sha2_padding[64] =
261{
262 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
263 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
264 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
265 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
266};
267
268/*
269 * SHA-256 final digest
270 */
271void sha2_finish( sha2_context *ctx, unsigned char output[32] )
272{
273 unsigned long last, padn;
274 unsigned long high, low;
275 unsigned char msglen[8];
276
277 high = ( ctx->total[0] >> 29 )
278 | ( ctx->total[1] << 3 );
279 low = ( ctx->total[0] << 3 );
280
281 PUT_ULONG_BE( high, msglen, 0 );
282 PUT_ULONG_BE( low, msglen, 4 );
283
284 last = ctx->total[0] & 0x3F;
285 padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last );
286
287 sha2_update( ctx, (unsigned char *) sha2_padding, padn );
288 sha2_update( ctx, msglen, 8 );
289
290 PUT_ULONG_BE( ctx->state[0], output, 0 );
291 PUT_ULONG_BE( ctx->state[1], output, 4 );
292 PUT_ULONG_BE( ctx->state[2], output, 8 );
293 PUT_ULONG_BE( ctx->state[3], output, 12 );
294 PUT_ULONG_BE( ctx->state[4], output, 16 );
295 PUT_ULONG_BE( ctx->state[5], output, 20 );
296 PUT_ULONG_BE( ctx->state[6], output, 24 );
297
298 if( ctx->is224 == 0 )
299 PUT_ULONG_BE( ctx->state[7], output, 28 );
300}
301
302/*
303 * output = SHA-256( input buffer )
304 */
305void sha2( unsigned char *input, int ilen,
306 unsigned char output[32], int is224 )
307{
308 sha2_context ctx;
309
310 sha2_starts( &ctx, is224 );
311 sha2_update( &ctx, input, ilen );
312 sha2_finish( &ctx, output );
313
314 memset( &ctx, 0, sizeof( sha2_context ) );
315}
316
317#if 0
318/*
319 * output = SHA-256( file contents )
320 */
321int sha2_file( char *path, unsigned char output[32], int is224 )
322{
323 FILE *f;
324 size_t n;
325 sha2_context ctx;
326 unsigned char buf[1024];
327
328 if( ( f = fopen( path, "rb" ) ) == NULL )
329 return( 1 );
330
331 sha2_starts( &ctx, is224 );
332
333 while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 )
334 sha2_update( &ctx, buf, (int) n );
335
336 sha2_finish( &ctx, output );
337
338 memset( &ctx, 0, sizeof( sha2_context ) );
339
340 if( ferror( f ) != 0 )
341 {
342 fclose( f );
343 return( 2 );
344 }
345
346 fclose( f );
347 return( 0 );
348}
349#endif
350
351/*
352 * SHA-256 HMAC context setup
353 */
354void sha2_hmac_starts( sha2_context *ctx, unsigned char *key, int keylen,
355 int is224 )
356{
357 int i;
358 unsigned char sum[32];
359
360 if( keylen > 64 )
361 {
362 sha2( key, keylen, sum, is224 );
363 keylen = ( is224 ) ? 28 : 32;
364 key = sum;
365 }
366
367 memset( ctx->ipad, 0x36, 64 );
368 memset( ctx->opad, 0x5C, 64 );
369
370 for( i = 0; i < keylen; i++ )
371 {
372 ctx->ipad[i] = (unsigned char)( ctx->ipad[i] ^ key[i] );
373 ctx->opad[i] = (unsigned char)( ctx->opad[i] ^ key[i] );
374 }
375
376 sha2_starts( ctx, is224 );
377 sha2_update( ctx, ctx->ipad, 64 );
378
379 memset( sum, 0, sizeof( sum ) );
380}
381
382/*
383 * SHA-256 HMAC process buffer
384 */
385void sha2_hmac_update( sha2_context *ctx, unsigned char *input, int ilen )
386{
387 sha2_update( ctx, input, ilen );
388}
389
390/*
391 * SHA-256 HMAC final digest
392 */
393void sha2_hmac_finish( sha2_context *ctx, unsigned char output[32] )
394{
395 int is224, hlen;
396 unsigned char tmpbuf[32];
397
398 is224 = ctx->is224;
399 hlen = ( is224 == 0 ) ? 32 : 28;
400
401 sha2_finish( ctx, tmpbuf );
402 sha2_starts( ctx, is224 );
403 sha2_update( ctx, ctx->opad, 64 );
404 sha2_update( ctx, tmpbuf, hlen );
405 sha2_finish( ctx, output );
406
407 memset( tmpbuf, 0, sizeof( tmpbuf ) );
408}
409
410/*
411 * output = HMAC-SHA-256( hmac key, input buffer )
412 */
413void sha2_hmac( unsigned char *key, int keylen,
414 unsigned char *input, int ilen,
415 unsigned char output[32], int is224 )
416{
417 sha2_context ctx;
418
419 sha2_hmac_starts( &ctx, key, keylen, is224 );
420 sha2_hmac_update( &ctx, input, ilen );
421 sha2_hmac_finish( &ctx, output );
422
423 memset( &ctx, 0, sizeof( sha2_context ) );
424}
425
426/*
427* output = HMAC-SHA-256 ( hmac key, input buffer )
428*/
429void sha256_hmac( unsigned char *key, int keylen,
430 unsigned char *input, int ilen,
431 unsigned char *output, int hlen)
432{
433 unsigned char temp[32];
434 sha2_hmac(key, keylen, input, ilen, temp, 0);
435 memcpy(output, temp, hlen);
436
437 memset(temp, 0, 32);
438}
439
440void KD_hmac_sha256( unsigned char *key, int keylen,
441 unsigned char *input, int ilen,
442 unsigned char *output, int hlen)
443{
444 int i;
445 for(i=0;hlen/32;i++, hlen-=32)
446 {
447 sha256_hmac(key, keylen, input, ilen, &output[i*32], 32);
448 input = &output[i*32];
449 ilen = 32;
450 }
451
452 if (hlen>0)
453 sha256_hmac(key, keylen, input, ilen, &output[i*32], hlen);
454}
455
456#define WapiSMS4Encryption WapiSMS4Cryption
457#define WapiSMS4Decryption WapiSMS4Cryption
458
459#if (0)
460
461void WapiSMS4Encryption(uint8 *Key, uint8 *IV, uint8 *Input, uint16 InputLength,
462 uint8 *Output, uint16 *OutputLength);
463
464
465static unsigned char data_before_mic[2][70] =
466{
467 {0xaa, 0xaa, 0x03, 0x00, 0x00, 0x00, 0x08, 0x06,
468 0x00, 0x01, 0x08, 0x00, 0x06, 0x04, 0x00, 0x01,
469 0x00, 0xe0, 0x4c, 0x72, 0x00, 0x01, 0xc0, 0xa8,
470 0x01, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
471 0xc0, 0xa8, 0x01, 0xfe},
472 {0xaa, 0xaa, 0x03, 0x00, 0x00, 0x00, 0x08, 0x00,
473 0x45, 0x00, 0x00, 0x3d, 0xbc, 0x7d, 0x00, 0x00,
474 0x40, 0x01, 0x39, 0x74, 0xc0, 0xa8, 0x01, 0xfe,
475 0xc0, 0xa8, 0x01, 0x80, 0x00, 0x00, 0xce, 0x5b,
476 0x03, 0x00, 0x1a, 0x00, 0x61, 0x62, 0x63, 0x64,
477 0x65, 0x66, 0x67, 0x68, 0x69, 0x6a, 0x6b, 0x6c,
478 0x6d, 0x6e, 0x6f, 0x70, 0x71, 0x72, 0x73, 0x74,
479 0x75, 0x76, 0x77, 0x61, 0x62, 0x63, 0x64, 0x65,
480 0x66, 0x67, 0x68, 0x69, 0x6a }
481};
482
483static unsigned short data_before_mic_len[2] = {36, 69};
484
485static unsigned char data_before_mic_key[2][16] =
486{
487 {0x56, 0x65, 0xc2, 0x87, 0x04, 0x5c, 0x2b, 0x48,
488 0xae, 0x42, 0xec, 0x83, 0x42, 0x48, 0x83, 0xed},
489 {0x7e, 0xb4, 0x5d, 0xaf, 0x23, 0xe6, 0x9c, 0x76,
490 0xa7, 0xb4, 0x29, 0xe8, 0x79, 0xc7, 0x6a, 0xe8}
491};
492
493static unsigned char data_before_mic_head[2][34] =
494{
495 {0x88, 0x41, 0x00, 0xa9, 0x9a, 0x88, 0x89, 0x99,
496 0x00, 0xe0, 0x4c, 0x72, 0x00, 0x01, 0x00, 0x00,
497 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00,
498 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
499 0x00, 0x24},
500 {0x88, 0x42, 0x00, 0xe0, 0x4c, 0x72, 0x00, 0x01,
501 0x00, 0xa9, 0x9a, 0x88, 0x89, 0x99, 0x00, 0x00,
502 0x00, 0xa9, 0x9a, 0x88, 0x89, 0x99, 0x00, 0x00,
503 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
504 0x00, 0x45}
505};
506static unsigned char data_before_mic_head_len[2] = {34, 34};
507
508static unsigned char data_mic_iv[2][16] =
509{
510 {0x92, 0x5c, 0x36, 0x5c, 0x36, 0x5c, 0x36, 0x5c,
511 0x36, 0x5c, 0x36, 0x5c, 0x36, 0x5c, 0x36, 0x5c},
512 {0x47, 0x5c, 0x36, 0x5c, 0x36, 0x5c, 0x36, 0x5c,
513 0x36, 0x5c, 0x36, 0x5c, 0x36, 0x5c, 0x36, 0x5c}
514};
515
516static unsigned char data_after_mic[2][16] =
517{
518 {0x30, 0x50, 0xe3, 0xc9, 0x5b, 0x7c, 0x6a, 0x9d,
519 0x1c, 0x2e, 0xd5, 0x8a, 0xc4, 0x77, 0x68, 0xba},
520 {0xcd, 0x59, 0x58, 0xfe, 0x62, 0x4c, 0x36, 0xaa,
521 0x62, 0xe2, 0x1b, 0xab, 0x71, 0x5f, 0x25, 0x99}
522};
523
524/*
525* WAPI Encrypt test
526*/
527
528static unsigned char data_before_encrypt[1][96] =
529{
530 0x88, 0x41, 0x00, 0x00, 0x00, 0x0B, 0xC0, 0x02,
531 0x30, 0x73, 0x00, 0xE0, 0x4C, 0x81, 0x72, 0x0A,
532 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00,
533 0x00, 0x00, 0x00, 0x00, 0x40, 0x5C, 0x36, 0x5C,
534 0x36, 0x5C, 0x36, 0x5C, 0x36, 0x5C, 0x36, 0x5C,
535 0x36, 0x5C, 0x36, 0x5C, 0xAA, 0xAA, 0x03, 0x00,
536 0x00, 0x00, 0x08, 0x06, 0x00, 0x01, 0x08, 0x00,
537 0x06, 0x04, 0x00, 0x01, 0x00, 0xE0, 0x4C, 0x81,
538 0x72, 0x0A, 0xC0, 0xA8, 0x01, 0x7B, 0x00, 0x00,
539 0x00, 0x00, 0x00, 0x00, 0xC0, 0xA8, 0x01, 0x7B,
540 0x07, 0xE7, 0x81, 0x88, 0x2F, 0x98, 0xDF, 0xDD,
541 0x9A, 0x23, 0xE2, 0x74, 0xA6, 0xEF, 0x35, 0xC1
542};
543
544static unsigned char data_before_encrypt_len[1] = {96};
545
546static unsigned char data_before_encrypt_key[1][16] =
547{
548 0x83, 0x32, 0x29, 0x16, 0xDE, 0x93, 0x76, 0x38,
549 0xAC, 0x13, 0x2F, 0xB2, 0xD4, 0x9B, 0xCA, 0x5A
550};
551
552static unsigned char data_before_encrypt_PN[1][16] =
553{
554 0x40, 0x5C, 0x36, 0x5C, 0x36, 0x5C, 0x36, 0x5C,
555 0x36, 0x5C, 0x36, 0x5C, 0x36, 0x5C, 0x36, 0x5C
556};
557
558static unsigned char data_after_encrypt[1][96] =
559{
560 0x88, 0x41, 0x00, 0x00, 0x00, 0x0B, 0xC0, 0x02,
561 0x30, 0x73, 0x00, 0xE0, 0x4C, 0x81, 0x72, 0x0A,
562 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00,
563 0x00, 0x00, 0x00, 0x00, 0x40, 0x5C, 0x36, 0x5C,
564 0x36, 0x5C, 0x36, 0x5C, 0x36, 0x5C, 0x36, 0x5C,
565 0x36, 0x5C, 0x36, 0x5C, 0xE4, 0x0B, 0xA5, 0xDF,
566 0x57, 0x10, 0xA5, 0x0C, 0x81, 0x38, 0xB8, 0xAE,
567 0x32, 0xE9, 0x40, 0x6E, 0x57, 0xEC, 0x03, 0xA4,
568 0x7F, 0x3C, 0x85, 0x1E, 0xC7, 0xF8, 0xA8, 0x8C,
569 0xAA, 0xA7, 0xBC, 0xA7, 0xDC, 0xC8, 0x54, 0x60,
570 0xFE, 0xC6, 0xD1, 0x0D, 0x8D, 0x79, 0x0E, 0xED,
571 0xB4, 0xAA, 0x10, 0x6E, 0xBF, 0xE1, 0x86, 0xE3
572};
573
574/*
575* WAPI test vectors
576*/
577
578static unsigned char wapi_digest_test_key[4][37] =
579{
580 {0x01,0x02,0x03,0x04,0x05,0x06,0x7,0x08,
581 0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f,0x10,
582 0x011,0x12,0x13,0x14,0x15,0x16,0x17,0x18,
583 0x19,0x1a,0x1b,0x1c,0x1d,0x1e,0x1f,0x20},
584 {0x01,0x02,0x03,0x04,0x05,0x06,0x7,0x08,
585 0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f,0x10,
586 0x011,0x12,0x13,0x14,0x15,0x16,0x17,0x18,
587 0x19,0x1a,0x1b,0x1c,0x1d,0x1e,0x1f,0x20,
588 0x21,0x22,0x23,0x24,0x25},
589 {0x0b,0x0b,0x0b,0x0b,0x0b,0x0b,0x0b,0x0b,
590 0x0b,0x0b,0x0b,0x0b,0x0b,0x0b,0x0b,0x0b,
591 0x0b,0x0b,0x0b,0x0b,0x0b,0x0b,0x0b,0x0b,
592 0x0b,0x0b,0x0b,0x0b,0x0b,0x0b,0x0b,0x0b},
593 {0x4a,0x65,0x66,0x65}
594};
595
596static unsigned char wapi_digest_test_keylen[4] =
597{ 32, 37, 32, 4 };
598
599static unsigned char wapi_digest_test_buf[4][112] =
600{
601 {"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopqabcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"},
602 {0xcd,0xcd,0xcd,0xcd,0xcd,0xcd,0xcd,0xcd,0xcd,0xcd,0xcd,0xcd,0xcd,0xcd,0xcd,0xcd,0xcd,0xcd,0xcd,0xcd,0xcd,0xcd,0xcd,0xcd,0xcd,
603 0xcd,0xcd,0xcd,0xcd,0xcd,0xcd,0xcd,0xcd,0xcd,0xcd,0xcd,0xcd,0xcd,0xcd,0xcd,0xcd,0xcd,0xcd,0xcd,0xcd,0xcd,0xcd,0xcd,0xcd,0xcd},
604 {"Hi There"},
605 {"what do ya want for nothing?"}
606};
607
608static unsigned char wapi_digest_test_buflen[4] =
609{ 112, 50, 8, 28 };
610
611static unsigned char wapi_digest_test_output[4][32] =
612{
613 {0x47,0x03,0x05,0xfc,0x7e,0x40,0xfe,0x34,0xd3,0xee,0xb3,0xe7,0x73,0xd9,0x5a,0xab,0x73,0xac,0xf0,0xfd,0x06,0x04,0x47,0xa5,0xeb,0x45,0x95,0xbf,0x33,0xa9,0xd1,0xa3 },
614 {0xd4,0x63,0x3c,0x17,0xf6,0xfb,0x8d,0x74,0x4c,0x66,0xde,0xe0,0xf8,0xf0,0x74,0x55,0x6e,0xc4,0xaf,0x55,0xef,0x07,0x99,0x85,0x41,0x46,0x8e,0xb4,0x9b,0xd2,0xe9,0x17 },
615 {0x19,0x8a,0x60,0x7e,0xb4,0x4b,0xfb,0xc6,0x99,0x03,0xa0,0xf1,0xcf,0x2b,0xbd,0xc5,0xba,0x0a,0xa3,0xf3,0xd9,0xae,0x3c,0x1c,0x7a,0x3b,0x16,0x96,0xa0,0xb6,0x8c,0xf7 },
616 {0x5b,0xdc,0xc1,0x46,0xbf,0x60,0x75,0x4e,0x6a,0x04,0x24,0x26,0x08,0x95,0x75,0xc7,0x5a,0x00,0x3f,0x08,0x9d,0x27,0x39,0x83,0x9d,0xec,0x58,0xb9,0x64,0xec,0x38,0x43}
617};
618
619static unsigned char wapi_test_key[3][37] =
620{
621 {0x01,0x02,0x03,0x04,0x05,0x06,0x7,0x08,
622 0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f,0x10,
623 0x011,0x12,0x13,0x14,0x15,0x16,0x17,0x18,
624 0x19,0x1a,0x1b,0x1c,0x1d,0x1e,0x1f,0x20},
625 {0x01,0x02,0x03,0x04,0x05,0x06,0x7,0x08,
626 0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f,0x10,
627 0x011,0x12,0x13,0x14,0x15,0x16,0x17,0x18,
628 0x19,0x1a,0x1b,0x1c,0x1d,0x1e,0x1f,0x20,
629 0x21,0x22,0x23,0x24,0x25},
630 {0x01,0x02,0x03,0x04,0x05,0x06,0x7,0x08,
631 0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f,0x10,
632 0x011,0x12,0x13,0x14,0x15}
633};
634
635static const int wapi_test_keylen[3] =
636{
637 32, 37, 16
638};
639
640static unsigned char wapi_test_buf[3][49] =
641{
642 {"pairwise key expansion for infrastructure unicast"},
643 {"group key expansion for multicast and broadcast"},
644 {"pre-share key expansion for adhoc network"}
645};
646
647static const int wapi_test_buflen[3] =
648{
649 49, 47, 41
650};
651
652static unsigned char wapi_test_output[9][48] =
653{
654 /* 1-3 */
655 {0xe3,0xa6,0x45,0x46,0xf2,0xd1,0xf5,0xee,0xb7,0xd1,0xee,0x06,0xd2,0xc9,0xe5,0x4a,0x2c,0xc9,0xd6,0xce,0xc3,0xb7,0x6f,0xfd,0x62,0x63,0xf4,0x26,0xdc,0x25,0x39,0xaf,0xbd,0x98,0x80,0xa5,0x27,0xa1,0xb5,0x85,0x59,0x4b,0x57,0xce,0x33,0x21,0x4f,0x0c},
656 {0x3b,0x6e,0xca,0x4f,0x08,0x76,0xc4,0x3a,0xb3,0x1b,0x26,0x3f,0x2c,0x38,0xb8,0x81,0x21,0xb5,0x68,0xe5,0xf8,0xfd,0x1d,0x4c,0xfa,0x4c,0x7f,0x8c,0x60,0x97,0x04,0x3d,0x7b,0x40,0xa8,0x63,0xb9,0x43,0xb9,0xf5,0xbb,0x37,0x2f,0x3a,0xdd,0xa5,0xda,0x27},
657 {0xbc,0x29,0xf3,0xe6,0x09,0x1f,0x6a,0xc9,0x0b,0xa0,0x20,0x61,0x92,0x12,0x48,0x69,0x5f,0xee,0xff,0x1a,0x4c,0xab,0x53,0x3b,0x11,0x67,0xd8,0x54,0x5f,0x93,0x5f,0x28,0x11,0x84,0xc9,0xbb,0x32,0xf9,0x87,0xb9,0x86,0x81,0x0f,0xfb,0x17,0xc4,0x10,0xf5},
658 /* 4-6 */
659 {
660 0x20,0x8f,0x72,0x54,0xa4,0xbf,0x56,0xf0,0xfa,0x49,0x5f,0xe1,
661 0x0c,0x99,0x15,0x05,0x92,0xed,0x79,0xdf,0x57,0x74,0xa9,0x6e,
662 0x13,0x97,0x1e,0xc4,0xa1,0x5e,0x16,0xa7,0xed,0x75,0xf5,0xe5,
663 0x44,0xbb,0xd3,0x35,0x67,0xeb,0x88,0xe7,0x83,0x24,0xa9,0xd2
664 },
665 {
666 0x33,0x32,0x61,0x7a,0x90,0x8e,0xa5,0xa0,0x7f,0xfa,0x1d,0x23,
667 0x79,0xf3,0xd8,0x3e,0x8b,0xe9,0x14,0x1f,0x15,0x53,0x8f,0xd3,
668 0xef,0xde,0x58,0x01,0x19,0xe8,0xc5,0x09,0x5d,0x25,0xb2,0xd3,
669 0x0a,0xc7,0xa6,0x35,0xad,0xb4,0x3c,0x6c,0xac,0xf0,0xaa,0x2b
670 },
671 {
672 0xf2,0xcb,0xf1,0x1c,0x6d,0x40,0xb8,0x09,0xd0,0xc0,0xed,0x48,
673 0x2a,0x4a,0x1b,0x6a,0x15,0x1a,0xf1,0xfb,0x4c,0x80,0xf9,0x80,
674 0x5c,0x93,0xe5,0x6e,0xb1,0xcf,0x5c,0xb5,0xec,0xc1,0x3e,0x7a,
675 0xbc,0xaf,0xe0,0xa7,0xd2,0x59,0x5d,0x51,0x9b,0x76,0x9a,0x24
676 },
677 /* 7-9 */
678 {
679 0xc0,0x7a,0xd8,0x32,0x25,0x2a,0x0c,0x14,0x76,0x18,0xf4,0xc0,
680 0xd0,0x6b,0x35,0xf4,0xf6,0xd6,0x73,0x5d,0x1a,0xa3,0x8e,0x47,
681 0x9a,0x7e,0xe0,0xac,0x1c,0x0c,0x38,0x5b,0x2d,0x33,0x28,0x74,
682 0x1e,0x4d,0xa0,0xc8,0x76,0xfc,0x6c,0xc9,0xe3,0x60,0xc8,0xd7
683 },
684 {
685 0xf0,0x0b,0xee,0xf2,0xf5,0x5f,0x85,0xd8,0xee,0xb0,0x6f,0x8c,
686 0xc4,0x1b,0xe6,0x0e,0xc2,0x69,0xf5,0x82,0x9a,0x0b,0x6e,0xfb,
687 0x2d,0x9b,0x49,0x5e,0xb1,0x87,0xd3,0x58,0x59,0x68,0x88,0xc3,
688 0xd2,0x6f,0x94,0x9f,0x8d,0x2e,0x41,0xfe,0xbc,0xbb,0xb9,0x9a
689 },
690 {
691 0x05,0x8e,0xb8,0x7c,0xff,0x82,0x66,0x47,0xde,0x50,0x7b,0x14,
692 0x17,0xac,0x99,0x6e,0xb5,0x7f,0xcf,0x11,0xfd,0xfc,0x83,0xbe,
693 0x59,0xd5,0x85,0xf4,0xa7,0x3e,0x69,0x7d,0xd4,0x38,0xe3,0x34,
694 0xfe,0xbb,0x06,0x7d,0x14,0x6f,0x01,0x31,0xa6,0x96,0x4f,0x26
695 },
696};
697
698static const int wapi_test_outputlen[3] =
699{
700 48, 48, 48
701};
702
703
704/*
705 * FIPS-180-2 test vectors
706 */
707static unsigned char sha2_test_buf[3][57] =
708{
709 { "abc" },
710 { "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" },
711 { "" }
712};
713
714static const int sha2_test_buflen[3] =
715{
716 3, 56, 1000
717};
718
719static const unsigned char sha2_test_sum[6][32] =
720{
721 /*
722 * SHA-224 test vectors
723 */
724 { 0x23, 0x09, 0x7D, 0x22, 0x34, 0x05, 0xD8, 0x22,
725 0x86, 0x42, 0xA4, 0x77, 0xBD, 0xA2, 0x55, 0xB3,
726 0x2A, 0xAD, 0xBC, 0xE4, 0xBD, 0xA0, 0xB3, 0xF7,
727 0xE3, 0x6C, 0x9D, 0xA7 },
728 { 0x75, 0x38, 0x8B, 0x16, 0x51, 0x27, 0x76, 0xCC,
729 0x5D, 0xBA, 0x5D, 0xA1, 0xFD, 0x89, 0x01, 0x50,
730 0xB0, 0xC6, 0x45, 0x5C, 0xB4, 0xF5, 0x8B, 0x19,
731 0x52, 0x52, 0x25, 0x25 },
732 { 0x20, 0x79, 0x46, 0x55, 0x98, 0x0C, 0x91, 0xD8,
733 0xBB, 0xB4, 0xC1, 0xEA, 0x97, 0x61, 0x8A, 0x4B,
734 0xF0, 0x3F, 0x42, 0x58, 0x19, 0x48, 0xB2, 0xEE,
735 0x4E, 0xE7, 0xAD, 0x67 },
736
737 /*
738 * SHA-256 test vectors
739 */
740 { 0xBA, 0x78, 0x16, 0xBF, 0x8F, 0x01, 0xCF, 0xEA,
741 0x41, 0x41, 0x40, 0xDE, 0x5D, 0xAE, 0x22, 0x23,
742 0xB0, 0x03, 0x61, 0xA3, 0x96, 0x17, 0x7A, 0x9C,
743 0xB4, 0x10, 0xFF, 0x61, 0xF2, 0x00, 0x15, 0xAD },
744 { 0x24, 0x8D, 0x6A, 0x61, 0xD2, 0x06, 0x38, 0xB8,
745 0xE5, 0xC0, 0x26, 0x93, 0x0C, 0x3E, 0x60, 0x39,
746 0xA3, 0x3C, 0xE4, 0x59, 0x64, 0xFF, 0x21, 0x67,
747 0xF6, 0xEC, 0xED, 0xD4, 0x19, 0xDB, 0x06, 0xC1 },
748 { 0xCD, 0xC7, 0x6E, 0x5C, 0x99, 0x14, 0xFB, 0x92,
749 0x81, 0xA1, 0xC7, 0xE2, 0x84, 0xD7, 0x3E, 0x67,
750 0xF1, 0x80, 0x9A, 0x48, 0xA4, 0x97, 0x20, 0x0E,
751 0x04, 0x6D, 0x39, 0xCC, 0xC7, 0x11, 0x2C, 0xD0 }
752};
753
754/*
755 * RFC 4231 test vectors
756 */
757static unsigned char sha2_hmac_test_key[7][26] =
758{
759 { "\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B"
760 "\x0B\x0B\x0B\x0B" },
761 { "Jefe" },
762 { "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
763 "\xAA\xAA\xAA\xAA" },
764 { "\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F\x10"
765 "\x11\x12\x13\x14\x15\x16\x17\x18\x19" },
766 { "\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C"
767 "\x0C\x0C\x0C\x0C" },
768 { "" }, /* 0xAA 131 times */
769 { "" }
770};
771
772static const int sha2_hmac_test_keylen[7] =
773{
774 20, 4, 20, 25, 20, 131, 131
775};
776
777static unsigned char sha2_hmac_test_buf[7][153] =
778{
779 { "Hi There" },
780 { "what do ya want for nothing?" },
781 { "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
782 "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
783 "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
784 "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
785 "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" },
786 { "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD"
787 "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD"
788 "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD"
789 "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD"
790 "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD" },
791 { "Test With Truncation" },
792 { "Test Using Larger Than Block-Size Key - Hash Key First" },
793 { "This is a test using a larger than block-size key "
794 "and a larger than block-size data. The key needs to "
795 "be hashed before being used by the HMAC algorithm." }
796};
797
798static const int sha2_hmac_test_buflen[7] =
799{
800 8, 28, 50, 50, 20, 54, 152
801};
802
803static const unsigned char sha2_hmac_test_sum[14][32] =
804{
805 /*
806 * HMAC-SHA-224 test vectors
807 */
808 { 0x89, 0x6F, 0xB1, 0x12, 0x8A, 0xBB, 0xDF, 0x19,
809 0x68, 0x32, 0x10, 0x7C, 0xD4, 0x9D, 0xF3, 0x3F,
810 0x47, 0xB4, 0xB1, 0x16, 0x99, 0x12, 0xBA, 0x4F,
811 0x53, 0x68, 0x4B, 0x22 },
812 { 0xA3, 0x0E, 0x01, 0x09, 0x8B, 0xC6, 0xDB, 0xBF,
813 0x45, 0x69, 0x0F, 0x3A, 0x7E, 0x9E, 0x6D, 0x0F,
814 0x8B, 0xBE, 0xA2, 0xA3, 0x9E, 0x61, 0x48, 0x00,
815 0x8F, 0xD0, 0x5E, 0x44 },
816 { 0x7F, 0xB3, 0xCB, 0x35, 0x88, 0xC6, 0xC1, 0xF6,
817 0xFF, 0xA9, 0x69, 0x4D, 0x7D, 0x6A, 0xD2, 0x64,
818 0x93, 0x65, 0xB0, 0xC1, 0xF6, 0x5D, 0x69, 0xD1,
819 0xEC, 0x83, 0x33, 0xEA },
820 { 0x6C, 0x11, 0x50, 0x68, 0x74, 0x01, 0x3C, 0xAC,
821 0x6A, 0x2A, 0xBC, 0x1B, 0xB3, 0x82, 0x62, 0x7C,
822 0xEC, 0x6A, 0x90, 0xD8, 0x6E, 0xFC, 0x01, 0x2D,
823 0xE7, 0xAF, 0xEC, 0x5A },
824 { 0x0E, 0x2A, 0xEA, 0x68, 0xA9, 0x0C, 0x8D, 0x37,
825 0xC9, 0x88, 0xBC, 0xDB, 0x9F, 0xCA, 0x6F, 0xA8 },
826 { 0x95, 0xE9, 0xA0, 0xDB, 0x96, 0x20, 0x95, 0xAD,
827 0xAE, 0xBE, 0x9B, 0x2D, 0x6F, 0x0D, 0xBC, 0xE2,
828 0xD4, 0x99, 0xF1, 0x12, 0xF2, 0xD2, 0xB7, 0x27,
829 0x3F, 0xA6, 0x87, 0x0E },
830 { 0x3A, 0x85, 0x41, 0x66, 0xAC, 0x5D, 0x9F, 0x02,
831 0x3F, 0x54, 0xD5, 0x17, 0xD0, 0xB3, 0x9D, 0xBD,
832 0x94, 0x67, 0x70, 0xDB, 0x9C, 0x2B, 0x95, 0xC9,
833 0xF6, 0xF5, 0x65, 0xD1 },
834
835 /*
836 * HMAC-SHA-256 test vectors
837 */
838 { 0xB0, 0x34, 0x4C, 0x61, 0xD8, 0xDB, 0x38, 0x53,
839 0x5C, 0xA8, 0xAF, 0xCE, 0xAF, 0x0B, 0xF1, 0x2B,
840 0x88, 0x1D, 0xC2, 0x00, 0xC9, 0x83, 0x3D, 0xA7,
841 0x26, 0xE9, 0x37, 0x6C, 0x2E, 0x32, 0xCF, 0xF7 },
842 { 0x5B, 0xDC, 0xC1, 0x46, 0xBF, 0x60, 0x75, 0x4E,
843 0x6A, 0x04, 0x24, 0x26, 0x08, 0x95, 0x75, 0xC7,
844 0x5A, 0x00, 0x3F, 0x08, 0x9D, 0x27, 0x39, 0x83,
845 0x9D, 0xEC, 0x58, 0xB9, 0x64, 0xEC, 0x38, 0x43 },
846 { 0x77, 0x3E, 0xA9, 0x1E, 0x36, 0x80, 0x0E, 0x46,
847 0x85, 0x4D, 0xB8, 0xEB, 0xD0, 0x91, 0x81, 0xA7,
848 0x29, 0x59, 0x09, 0x8B, 0x3E, 0xF8, 0xC1, 0x22,
849 0xD9, 0x63, 0x55, 0x14, 0xCE, 0xD5, 0x65, 0xFE },
850 { 0x82, 0x55, 0x8A, 0x38, 0x9A, 0x44, 0x3C, 0x0E,
851 0xA4, 0xCC, 0x81, 0x98, 0x99, 0xF2, 0x08, 0x3A,
852 0x85, 0xF0, 0xFA, 0xA3, 0xE5, 0x78, 0xF8, 0x07,
853 0x7A, 0x2E, 0x3F, 0xF4, 0x67, 0x29, 0x66, 0x5B },
854 { 0xA3, 0xB6, 0x16, 0x74, 0x73, 0x10, 0x0E, 0xE0,
855 0x6E, 0x0C, 0x79, 0x6C, 0x29, 0x55, 0x55, 0x2B },
856 { 0x60, 0xE4, 0x31, 0x59, 0x1E, 0xE0, 0xB6, 0x7F,
857 0x0D, 0x8A, 0x26, 0xAA, 0xCB, 0xF5, 0xB7, 0x7F,
858 0x8E, 0x0B, 0xC6, 0x21, 0x37, 0x28, 0xC5, 0x14,
859 0x05, 0x46, 0x04, 0x0F, 0x0E, 0xE3, 0x7F, 0x54 },
860 { 0x9B, 0x09, 0xFF, 0xA7, 0x1B, 0x94, 0x2F, 0xCB,
861 0x27, 0x63, 0x5F, 0xBC, 0xD5, 0xB0, 0xE9, 0x44,
862 0xBF, 0xDC, 0x63, 0x64, 0x4F, 0x07, 0x13, 0x93,
863 0x8A, 0x7F, 0x51, 0x53, 0x5C, 0x3A, 0x35, 0xE2 }
864};
865
866extern void WapiSMS4CalculateMic(uint8 *Key, uint8 *IV, uint8 *Input1, uint8 Input1Length,
867 uint8 *Input2, uint16 Input2Length, uint8 *Output);
868
869/*
870 * Checkup routine
871 */
872int sha2_self_test( int verbose )
873{
874 int i, j, k, buflen;
875 unsigned char buf[1024];
876 unsigned char sha2sum[32];
877 sha2_context ctx;
878
879 for( i = 0; i < 6; i++ )
880 {
881 j = i % 3;
882 k = i < 3;
883
884 if( verbose != 0 )
885 printk( " SHA-%d test #%d: ", 256 - k * 32, j + 1 );
886
887 sha2_starts( &ctx, k );
888
889 if( j == 2 )
890 {
891 memset( buf, 'a', buflen = 1000 );
892
893 for( j = 0; j < 1000; j++ )
894 sha2_update( &ctx, buf, buflen );
895 }
896 else
897 sha2_update( &ctx, sha2_test_buf[j],
898 sha2_test_buflen[j] );
899
900 sha2_finish( &ctx, sha2sum );
901
902 if( memcmp( sha2sum, sha2_test_sum[i], 32 - k * 4 ) != 0 )
903 {
904 if( verbose != 0 )
905 printk( "failed\n" );
906
907 return( 1 );
908 }
909
910 if( verbose != 0 )
911 printk( "passed\n" );
912 }
913
914 if( verbose != 0 )
915 printk( "\n" );
916
917 for( i = 0; i < 14; i++ )
918 {
919 j = i % 7;
920 k = i < 7;
921
922 if( verbose != 0 )
923 printk( " HMAC-SHA-%d test #%d: ", 256 - k * 32, j + 1 );
924
925 if( j == 5 || j == 6 )
926 {
927 memset( buf, '\xAA', buflen = 131 );
928 sha2_hmac_starts( &ctx, buf, buflen, k );
929 }
930 else
931 sha2_hmac_starts( &ctx, sha2_hmac_test_key[j],
932 sha2_hmac_test_keylen[j], k );
933
934 sha2_hmac_update( &ctx, sha2_hmac_test_buf[j],
935 sha2_hmac_test_buflen[j] );
936
937 sha2_hmac_finish( &ctx, sha2sum );
938
939 buflen = ( j == 4 ) ? 16 : 32 - k * 4;
940
941 if( memcmp( sha2sum, sha2_hmac_test_sum[i], buflen ) != 0 )
942 {
943 if( verbose != 0 )
944 printk( "failed\n" );
945
946 return( 1 );
947 }
948
949 if( verbose != 0 )
950 printk( "passed\n" );
951 }
952
953 if( verbose != 0 )
954 printk( "\n" );
955
956 for (i=0;i<4;i++)
957 {
958 sha256_hmac(&wapi_digest_test_key[i][0], wapi_digest_test_keylen[i],
959 &wapi_digest_test_buf[i][0], wapi_digest_test_buflen[i],
960 buf, 32);
961 if ( memcmp(buf, wapi_digest_test_output[i], 32) )
962 printk("WAPI digest test failed: Case[%d]\n", i);
963 else
964 printk("WAPI digest test Passed: Case[%d]\n", i);
965 }
966
967 for(i=0;i<3;i++)
968 {
969 for(j=0;j<3;j++)
970 {
971#if 1
972 KD_hmac_sha256(&wapi_test_key[j][0],wapi_test_keylen[j],
973 &wapi_test_buf[i][0], wapi_test_buflen[i],
974 buf, 48);
975#else
976 KD_hmac_sha256(wapi_test_buf[i],wapi_test_buflen[i],
977 wapi_test_key[i], wapi_test_keylen[i],
978 buf, wapi_test_outputlen[i]);
979#endif
980 if ( memcmp(buf, &wapi_test_output[(i*3)+j][0], 48))
981 {
982 printk("WAPI test failed: Case[%d]:Index[%d]\n", i,j);
983 }
984 else
985 {
986 printk("WAPI test Passed: Case[%d]:Index[%d]\n", i,j);
987 }
988 }
989 }
990
991#if 0
992 printk("Start test WAPI Encryption:\n");
993 /* test wapi encryption */
994 {
995 uint16 buflen2;
996 char* ptrBuf;
997
998 buflen2 = 0;
999 ptrBuf = buf+44;
1000 memcpy(buf, &data_before_encrypt[0][0], 44);
1001 WapiSMS4Encryption(&data_before_encrypt_key[0][0], &data_before_encrypt_PN[0][0],
1002 &data_before_encrypt[0][0]+44, data_before_encrypt_len[0]-44, ptrBuf, &buflen2);
1003
1004 if (buflen2!=data_before_encrypt_len[0]-44)
1005 printk("WAPI Encryption length error: [%d]:[%d]\n", data_before_encrypt_len[0], buflen2);
1006 else
1007 printk("WAPI Encryption length OK: [%d]:[%d]\n", data_before_encrypt_len[0], buflen2);
1008
1009 if (memcmp(buf, &data_after_encrypt[0][0], buflen2+44))
1010 {
1011 printk("***********************************************************\n");
1012 memDump(buf, buflen2+44, "buf");
1013 memDump(&data_after_encrypt[0][0], buflen2+44, "enc1");
1014 printk("***********************************************************\n");
1015 printk("WAPI Encryption failed.\n");
1016 //memDump(buf, 16, "DATA");
1017 }
1018 else
1019 printk("WAPI Encryption OK.\n");
1020 }
1021
1022 printk("Mic check test:\n");
1023 for(i=0;i<2;i++)
1024 {
1025 WapiSMS4CalculateMic(&data_before_mic_key[i][0], &data_mic_iv[i][0],
1026 &data_before_mic_head[i][0], data_before_mic_head_len[i],
1027 &data_before_mic[i][0], data_before_mic_len[i], buf);
1028
1029 if (memcmp(buf, &data_after_mic[i][0], SMS4_MIC_LEN))
1030 {
1031 printk("***********************************************************\n");
1032 memDump(buf, SMS4_MIC_LEN, "buf");
1033 memDump(&data_after_mic[i][0], SMS4_MIC_LEN, "mic");
1034 printk("***********************************************************\n");
1035 printk("WAPI MIC idx %d check failed.\n", i);
1036 }
1037 else
1038 printk("WAPI MIC idx %d check OK.\n", i);
1039 }
1040#endif
1041
1042 return( 0 );
1043}
1044
1045#endif
1046
1047typedef unsigned char muint8;
1048typedef unsigned short muint16;
1049typedef unsigned int muint32;
1050
1051static muint8 wapiCryptoTemp[16];
1052static muint8 wapiBlockIn[16], wapiTempBlock[16];
1053static muint32 wapiRK[32];
1054static muint8 wapiDecrytBuf[MAXDATALEN];
1055static muint8 wapiDecrytHdrBuf[64];
1056
1057__DRAM_IN_865X
1058muint8 Sbox[256];
1059__DRAM_IN_865X
1060muint32 CK[32];
1061
1062#define Rotl(_x, _y) (((_x) << (_y)) | ((_x) >> (32 - (_y))))
1063
1064#define ByteSub(_A) (Sbox[(_A) >> 24] << 24 ^ \
1065 Sbox[(_A) >> 16 & 0xFF] << 16 ^ \
1066 Sbox[(_A) >> 8 & 0xFF] << 8 ^ \
1067 Sbox[(_A) & 0xFF])
1068
1069#define L1(_B) ((_B) ^ Rotl(_B, 2) ^ Rotl(_B, 10) ^ Rotl(_B, 18) ^ Rotl(_B, 24))
1070#define L2(_B) ((_B) ^ Rotl(_B, 13) ^ Rotl(_B, 23))
1071static inline void
1072xor_block(void *dst, void *src1, void *src2)
1073/* 128-bit xor: *dst = *src1 xor *src2. Pointers must be 32-bit aligned */
1074{
1075 ((uint32*)dst)[0] = ((uint32*)src1)[0] ^ ((uint32*)src2)[0];
1076 ((uint32*)dst)[1] = ((uint32*)src1)[1] ^ ((uint32*)src2)[1];
1077 ((uint32*)dst)[2] = ((uint32*)src1)[2] ^ ((uint32*)src2)[2];
1078 ((uint32*)dst)[3] = ((uint32*)src1)[3] ^ ((uint32*)src2)[3];
1079}
1080int32 init_SMS4_CK_Sbox(void)
1081{
1082 static muint8 Sbox_tmp[256] = {
1083 0xd6,0x90,0xe9,0xfe,0xcc,0xe1,0x3d,0xb7,0x16,0xb6,0x14,0xc2,0x28,0xfb,0x2c,0x05,
1084 0x2b,0x67,0x9a,0x76,0x2a,0xbe,0x04,0xc3,0xaa,0x44,0x13,0x26,0x49,0x86,0x06,0x99,
1085 0x9c,0x42,0x50,0xf4,0x91,0xef,0x98,0x7a,0x33,0x54,0x0b,0x43,0xed,0xcf,0xac,0x62,
1086 0xe4,0xb3,0x1c,0xa9,0xc9,0x08,0xe8,0x95,0x80,0xdf,0x94,0xfa,0x75,0x8f,0x3f,0xa6,
1087 0x47,0x07,0xa7,0xfc,0xf3,0x73,0x17,0xba,0x83,0x59,0x3c,0x19,0xe6,0x85,0x4f,0xa8,
1088 0x68,0x6b,0x81,0xb2,0x71,0x64,0xda,0x8b,0xf8,0xeb,0x0f,0x4b,0x70,0x56,0x9d,0x35,
1089 0x1e,0x24,0x0e,0x5e,0x63,0x58,0xd1,0xa2,0x25,0x22,0x7c,0x3b,0x01,0x21,0x78,0x87,
1090 0xd4,0x00,0x46,0x57,0x9f,0xd3,0x27,0x52,0x4c,0x36,0x02,0xe7,0xa0,0xc4,0xc8,0x9e,
1091 0xea,0xbf,0x8a,0xd2,0x40,0xc7,0x38,0xb5,0xa3,0xf7,0xf2,0xce,0xf9,0x61,0x15,0xa1,
1092 0xe0,0xae,0x5d,0xa4,0x9b,0x34,0x1a,0x55,0xad,0x93,0x32,0x30,0xf5,0x8c,0xb1,0xe3,
1093 0x1d,0xf6,0xe2,0x2e,0x82,0x66,0xca,0x60,0xc0,0x29,0x23,0xab,0x0d,0x53,0x4e,0x6f,
1094 0xd5,0xdb,0x37,0x45,0xde,0xfd,0x8e,0x2f,0x03,0xff,0x6a,0x72,0x6d,0x6c,0x5b,0x51,
1095 0x8d,0x1b,0xaf,0x92,0xbb,0xdd,0xbc,0x7f,0x11,0xd9,0x5c,0x41,0x1f,0x10,0x5a,0xd8,
1096 0x0a,0xc1,0x31,0x88,0xa5,0xcd,0x7b,0xbd,0x2d,0x74,0xd0,0x12,0xb8,0xe5,0xb4,0xb0,
1097 0x89,0x69,0x97,0x4a,0x0c,0x96,0x77,0x7e,0x65,0xb9,0xf1,0x09,0xc5,0x6e,0xc6,0x84,
1098 0x18,0xf0,0x7d,0xec,0x3a,0xdc,0x4d,0x20,0x79,0xee,0x5f,0x3e,0xd7,0xcb,0x39,0x48
1099 };
1100
1101 static muint32 CK_tmp[32] = {
1102 0x00070e15, 0x1c232a31, 0x383f464d, 0x545b6269,
1103 0x70777e85, 0x8c939aa1, 0xa8afb6bd, 0xc4cbd2d9,
1104 0xe0e7eef5, 0xfc030a11, 0x181f262d, 0x343b4249,
1105 0x50575e65, 0x6c737a81, 0x888f969d, 0xa4abb2b9,
1106 0xc0c7ced5, 0xdce3eaf1, 0xf8ff060d, 0x141b2229,
1107 0x30373e45, 0x4c535a61, 0x686f767d, 0x848b9299,
1108 0xa0a7aeb5, 0xbcc3cad1, 0xd8dfe6ed, 0xf4fb0209,
1109 0x10171e25, 0x2c333a41, 0x484f565d, 0x646b7279 };
1110
1111 memcpy(Sbox,Sbox_tmp, sizeof(muint8)*256);
1112 memcpy(CK,CK_tmp,sizeof(muint32)*32);
1113
1114 return SUCCESS;
1115}
1116
1117static void SMS4Crypt(muint8 *Input, muint8 *Output, muint32 *rk)
1118{
1119 muint32 r, mid, x0, x1, x2, x3, *p;
1120 p = (muint32 *)Input;
1121 x0 = p[0];
1122 x1 = p[1];
1123 x2 = p[2];
1124 x3 = p[3];
1125#ifdef _LITTLE_ENDIAN_
1126 x0 = Rotl(x0, 16); x0 = ((x0 & 0x00FF00FF) << 8) ^ ((x0 & 0xFF00FF00) >> 8);
1127 x1 = Rotl(x1, 16); x1 = ((x1 & 0x00FF00FF) << 8) ^ ((x1 & 0xFF00FF00) >> 8);
1128 x2 = Rotl(x2, 16); x2 = ((x2 & 0x00FF00FF) << 8) ^ ((x2 & 0xFF00FF00) >> 8);
1129 x3 = Rotl(x3, 16); x3 = ((x3 & 0x00FF00FF) << 8) ^ ((x3 & 0xFF00FF00) >> 8);
1130#endif
1131 for (r = 0; r < 32; r += 4)
1132 {
1133 mid = x1 ^ x2 ^ x3 ^ rk[r + 0];
1134 mid = ByteSub(mid);
1135 x0 ^= L1(mid);
1136 mid = x2 ^ x3 ^ x0 ^ rk[r + 1];
1137 mid = ByteSub(mid);
1138 x1 ^= L1(mid);
1139 mid = x3 ^ x0 ^ x1 ^ rk[r + 2];
1140 mid = ByteSub(mid);
1141 x2 ^= L1(mid);
1142 mid = x0 ^ x1 ^ x2 ^ rk[r + 3];
1143 mid = ByteSub(mid);
1144 x3 ^= L1(mid);
1145 }
1146#ifdef _LITTLE_ENDIAN_
1147 x0 = Rotl(x0, 16); x0 = ((x0 & 0x00FF00FF) << 8) ^ ((x0 & 0xFF00FF00) >> 8);
1148 x1 = Rotl(x1, 16); x1 = ((x1 & 0x00FF00FF) << 8) ^ ((x1 & 0xFF00FF00) >> 8);
1149 x2 = Rotl(x2, 16); x2 = ((x2 & 0x00FF00FF) << 8) ^ ((x2 & 0xFF00FF00) >> 8);
1150 x3 = Rotl(x3, 16); x3 = ((x3 & 0x00FF00FF) << 8) ^ ((x3 & 0xFF00FF00) >> 8);
1151#endif
1152 p = (muint32 *)Output;
1153 p[0] = x3;
1154 p[1] = x2;
1155 p[2] = x1;
1156 p[3] = x0;
1157}
1158
1159static void SMS4KeyExt(muint8 *Key, muint32 *rk)
1160{
1161 muint32 r, mid, x0, x1, x2, x3, *p;
1162 p = (muint32 *)Key;
1163 x0 = p[0];
1164 x1 = p[1];
1165 x2 = p[2];
1166 x3 = p[3];
1167#ifdef _LITTLE_ENDIAN_
1168 x0 = Rotl(x0, 16); x0 = ((x0 & 0xFF00FF) << 8) ^ ((x0 & 0xFF00FF00) >> 8);
1169 x1 = Rotl(x1, 16); x1 = ((x1 & 0xFF00FF) << 8) ^ ((x1 & 0xFF00FF00) >> 8);
1170 x2 = Rotl(x2, 16); x2 = ((x2 & 0xFF00FF) << 8) ^ ((x2 & 0xFF00FF00) >> 8);
1171 x3 = Rotl(x3, 16); x3 = ((x3 & 0xFF00FF) << 8) ^ ((x3 & 0xFF00FF00) >> 8);
1172#endif
1173
1174 x0 ^= 0xa3b1bac6;
1175 x1 ^= 0x56aa3350;
1176 x2 ^= 0x677d9197;
1177 x3 ^= 0xb27022dc;
1178 for (r = 0; r < 32; r += 4)
1179 {
1180 mid = x1 ^ x2 ^ x3 ^ CK[r + 0];
1181 mid = ByteSub(mid);
1182 rk[r + 0] = x0 ^= L2(mid);
1183 mid = x2 ^ x3 ^ x0 ^ CK[r + 1];
1184 mid = ByteSub(mid);
1185 rk[r + 1] = x1 ^= L2(mid);
1186 mid = x3 ^ x0 ^ x1 ^ CK[r + 2];
1187 mid = ByteSub(mid);
1188 rk[r + 2] = x2 ^= L2(mid);
1189 mid = x0 ^ x1 ^ x2 ^ CK[r + 3];
1190 mid = ByteSub(mid);
1191 rk[r + 3] = x3 ^= L2(mid);
1192 }
1193}
1194
1195void WapiSMS4Cryption(muint8 *Key, muint8 *IV, muint8 *Input, muint16 InputLength,
1196 muint8 *Output, muint16 *OutputLength)
1197{
1198 muint32 blockNum,i,j;
1199 muint16 remainder;
1200 muint8 *pBlockIn, *pBlockOut, *pBlockTemp;
1201
1202 remainder = InputLength & 0x0F;
1203 blockNum = InputLength >> 4;
1204
1205 for(i=0;i<16;i++)
1206 wapiBlockIn[i] = IV[15-i];
1207
1208 SMS4KeyExt((muint8 *)Key, wapiRK);
1209
1210 pBlockIn = wapiBlockIn;
1211 pBlockOut = wapiTempBlock;
1212 for(i=0; i<blockNum; i++)
1213 {
1214 SMS4Crypt((muint8 *)pBlockIn, pBlockOut, wapiRK);
1215 xor_block(Output, Input, pBlockOut);
1216 pBlockTemp = pBlockIn;
1217 pBlockIn = pBlockOut;
1218 pBlockOut = pBlockTemp;
1219 Output += 16;
1220 Input += 16;
1221 }
1222
1223 if (remainder>0)
1224 {
1225 *OutputLength = (i<<4) + remainder;
1226 SMS4Crypt((muint8 *)pBlockIn, pBlockOut, wapiRK);
1227
1228 for(j=0; j<remainder; j++)
1229 {
1230 Output[j] = Input[j] ^ pBlockOut[j];
1231 }
1232 }
1233 else
1234 *OutputLength = i<<4;
1235}
1236
1237void WapiSMS4CalculateMic(muint8 *Key, muint8 *IV, muint8 *Input1, muint8 Input1Length,
1238 muint8 *Input2, muint16 Input2Length, muint8 *Output)
1239{
1240 muint32 blockNum,i;
1241 muint32 remainder;
1242 muint8 BlockOut[16];
1243
1244 remainder = Input1Length & 0x0F;
1245 blockNum = Input1Length >> 4;
1246
1247 for(i=0;i<16;i++)
1248 wapiBlockIn[i] = IV[15-i];
1249
1250 SMS4KeyExt((muint8 *)Key, wapiRK);
1251 SMS4Crypt((muint8 *)wapiBlockIn, BlockOut, wapiRK);
1252
1253 for(i=0; i<blockNum; i++)
1254 {
1255 xor_block(wapiBlockIn, Input1, BlockOut);
1256 SMS4Crypt((muint8 *)wapiBlockIn, BlockOut, wapiRK);
1257 Input1 += 16;
1258 }
1259
1260 if(remainder !=0)
1261 {
1262 memset(wapiTempBlock+remainder, 0, 16-remainder);
1263 memcpy(wapiTempBlock, Input1, remainder);
1264
1265 xor_block(wapiBlockIn, wapiTempBlock, BlockOut);
1266 SMS4Crypt((muint8 *)wapiBlockIn, BlockOut, wapiRK);
1267 }
1268
1269 remainder = Input2Length & 0x0F;
1270 blockNum = Input2Length >> 4;
1271
1272 for(i=0; i<blockNum; i++)
1273 {
1274 xor_block(wapiBlockIn, Input2, BlockOut);
1275 SMS4Crypt((muint8 *)wapiBlockIn, BlockOut, wapiRK);
1276 Input2 += 16;
1277 }
1278
1279 if(remainder !=0)
1280 {
1281 memset(wapiTempBlock+remainder, 0, 16-remainder);
1282 memcpy(wapiTempBlock, Input2, remainder);
1283
1284 xor_block(wapiBlockIn, wapiTempBlock, BlockOut);
1285 SMS4Crypt((muint8 *)wapiBlockIn, BlockOut, wapiRK);
1286 }
1287
1288 memcpy(Output, BlockOut, 16);
1289}
1290
1291void WapiSMS4ForMNKEncrypt(uint8 *key, uint8*IV, uint8*input, uint32 inputLength, uint8 *output, uint8 *outputLength, uint32 CryptFlag)
1292{
1293 uint32 blockNum,i,j;
1294 uint32 remainder;
1295
1296 *outputLength = 0;
1297 remainder = inputLength % 16;
1298 blockNum = inputLength/16;
1299 if(remainder !=0)
1300 blockNum++;
1301
1302 if(remainder !=0)
1303 {
1304 for(j= inputLength;j<16*blockNum;j++)
1305 {
1306 input[j] = 0;
1307 }
1308 }
1309
1310 memcpy(wapiBlockIn,IV,16);
1311 SMS4KeyExt((uint8 *)key, wapiRK);
1312
1313 for(i=0;i<blockNum;i++)
1314 {
1315 SMS4Crypt(wapiBlockIn, wapiTempBlock, wapiRK);
1316 *outputLength+=16;
1317
1318 for(j=0;j<16;j++)
1319 {
1320 output[i*16+j] = input[i*16+j] ^ wapiTempBlock[j];
1321 }
1322
1323 memcpy(wapiBlockIn,wapiTempBlock,16);
1324 }
1325
1326}
1327
1328void SecCalculateMicSMS4(
1329 uint8 KeyIdx,
1330 uint8* MicKey,
1331 uint8* pHeader,
1332 uint8* pData,
1333 uint16 DataLen,
1334 uint8* MicBuffer
1335 )
1336{
1337 static uint8 TempBuf[34];
1338 uint8 TempLen;
1339 uint8 QosOffset;
1340 uint8* IV;
1341 uint16* pTemp;
1342
1343 /* construct the first part */
1344#if 0
1345 memcpy(TempBuf, pHeader, 2); //FrameCtrl
1346#else
1347 *((uint16*)TempBuf) = *((uint16*)pHeader);
1348#endif
1349 pTemp = (uint16*)TempBuf;
1350
1351#if 0
1352#ifdef _LITTLE_ENDIAN_
1353 *pTemp &= 0xc78f; //bit4,5,6,11,12,13
1354#else
1355 *pTemp &= 0x8fc7;
1356#endif
1357#else
1358#ifdef _LITTLE_ENDIAN_
1359 *((unsigned short*)TempBuf) &= 0xc78f;
1360#else
1361 *((unsigned short*)TempBuf) &= 0x8fc7;
1362#endif
1363#endif
1364 memcpy((TempBuf+2), (pHeader+4), 12); //Addr1, Addr2
1365 memcpy((TempBuf+14), (pHeader+22), 2); // SeqCtrl
1366 pTemp = (uint16*)(TempBuf + 14);
1367
1368#if 0
1369#ifdef _LITTLE_ENDIAN_
1370 *pTemp &= 0x000f;
1371#else
1372 *pTemp &= 0x0f00;
1373#endif
1374#else
1375#ifdef _LITTLE_ENDIAN_
1376 *((uint16*)(TempBuf+14)) &= 0x000f;
1377#else
1378 *((uint16*)(TempBuf+14)) &= 0x0f00;
1379#endif
1380#endif
1381 memcpy((TempBuf+16), (pHeader+16), 6); //Addr3
1382
1383 if (get_tofr_ds(pHeader) == 3)
1384 {
1385 memcpy((TempBuf+22), (pHeader+24), 6);
1386 QosOffset = 30;
1387 }
1388 else
1389 {
1390 memset((TempBuf+22), 0, 6);
1391 QosOffset = 24;
1392 }
1393
1394 if( is_qos_data(pHeader) ) //QosCtrl
1395 {
1396 memcpy((TempBuf+28), (pHeader+QosOffset), 2);
1397 TempLen = 34;
1398 IV = pHeader + QosOffset + 4;
1399 }
1400 else
1401 {
1402 TempLen = 32;
1403 IV = pHeader + QosOffset + 2;
1404 }
1405
1406 TempBuf[TempLen-1] = (uint8)(DataLen & 0xff);
1407 TempBuf[TempLen-2] = (uint8)((DataLen & 0xff00)>>8);
1408 TempBuf[TempLen-3] = 0;
1409 TempBuf[TempLen-4] = KeyIdx;
1410
1411 WapiSMS4CalculateMic(MicKey, IV, TempBuf, TempLen,
1412 pData, DataLen, MicBuffer);
1413}
1414
1415#if 1
1416void SecSWSMS4Encryption(struct rtl8192cd_priv *priv, struct tx_insn* txcfg)
1417{
1418 uint16 OutputLength;
1419 wapiStaInfo *wapiInfo;
1420 uint8 *pHeader;
1421 uint8 KeyIdx;
1422 uint8 *MicBuffer;
1423 uint8 *pMicKey;
1424 uint8 *pDataKey;
1425 uint8 *pPN;
1426 wpiSMS4Hdr *SMS4Hdr;
1427/* uint8 pTemp[SMS4_MIC_LEN]; */
1428 uint8 *pBuf;
1429 int32 bPNOverflow;
1430#if defined(CONFIG_RTL_HW_WAPI_SUPPORT)
1431 uint32 bHWEncrypt;
1432#endif
1433 struct stat_info *pstat;
1434
1435#if 0
1436 if (txcfg->fr_type != _SKB_FRAME_TYPE_)
1437 return;
1438#endif
1439 pHeader = txcfg->phdr; /* txcfg->hdr_len */
1440 {
1441 WAPI_LOCK(&priv->pshare->lock);
1442 if ( !txcfg->pstat )
1443 {
1444 /* multicast */
1445 //pstat=priv->stainfo_cache.pstat;
1446 pstat = priv->pstat_cache;
1447 KeyIdx = priv->wapiMCastKeyId;
1448 pPN = priv->txMCast;
1449 pMicKey = priv->wapiMCastKey[KeyIdx].micKey;
1450 pDataKey = priv->wapiMCastKey[KeyIdx].dataKey;
1451 bPNOverflow = WapiIncreasePN(pPN, 1);
1452 if (bPNOverflow==WAPI_RETURN_SUCCESS)
1453 {
1454 /* MSK update */
1455 if((priv->wapiMCastKeyUpdate==1) || ((pstat)&&(pstat->wapiInfo)&&(pstat->wapiInfo->wapiUCastKeyUpdate))){
1456// printk("%s(%d), during msk or usk update, do nothing! =========== \n",__FUNCTION__,__LINE__);//Added for test
1457 }
1458 else{
1459 wapiUpdateMSK(priv, NULL);
1460 }
1461 }
1462
1463 if (priv->wapiMCastKeyUpdateCnt<=txcfg->fr_len)
1464 {
1465 priv->wapiMCastKeyUpdateCnt = priv->pmib->wapiInfo.wapiUpdateMCastKeyPktNum;
1466 if (priv->pmib->wapiInfo.wapiUpdateMCastKeyType==wapi_pktnum_update||
1467 priv->pmib->wapiInfo.wapiUpdateMCastKeyType==wapi_all_update)
1468 {
1469 /* MSK update */
1470 if((priv->wapiMCastKeyUpdate==1) || ((pstat)&&(pstat->wapiInfo)&&(pstat->wapiInfo->wapiUCastKeyUpdate))){
1471// printk("%s(%d), during msk or usk update, do nothing! =========== \n",__FUNCTION__,__LINE__);//Added for test
1472 }
1473 else{
1474 wapiUpdateMSK(priv, NULL);
1475 }
1476 }
1477 }
1478 else
1479 priv->wapiMCastKeyUpdateCnt-=txcfg->fr_len;
1480
1481 #if defined(CONFIG_RTL_HW_WAPI_SUPPORT)
1482 bHWEncrypt = priv->pmib->dot11GroupKeysTable.keyInCam;
1483 #endif
1484 }
1485 else
1486 {
1487 /* unicast */
1488 wapiAssert(txcfg);
1489 wapiAssert(txcfg->pstat);
1490 wapiAssert(txcfg->pstat->wapiInfo);
1491 wapiInfo = txcfg->pstat->wapiInfo;
1492 KeyIdx = wapiInfo->wapiUCastKeyId;
1493 pPN = wapiInfo->wapiPN.txUCast;
1494 pMicKey = wapiInfo->wapiUCastKey[KeyIdx].micKey;
1495 pDataKey = wapiInfo->wapiUCastKey[KeyIdx].dataKey;
1496 bPNOverflow = WapiIncreasePN(pPN, 2);
1497 if (bPNOverflow==WAPI_RETURN_SUCCESS)
1498 {
1499 /* USK update */
1500 if((wapiInfo->wapiUCastKeyUpdate==1) || (priv->wapiMCastKeyUpdate==1)){
1501// printk("%s(%d), during usk or msk update, do nothing! =========== \n",__FUNCTION__,__LINE__);//Added for test
1502 }
1503 else{
1504 wapiUpdateUSK(priv, txcfg->pstat);
1505 }
1506 }
1507
1508 if (wapiInfo->wapiUCastKeyUpdateCnt<=txcfg->fr_len)
1509 {
1510 wapiInfo->wapiUCastKeyUpdateCnt = priv->pmib->wapiInfo.wapiUpdateUCastKeyPktNum;
1511
1512 if (wapiInfo->priv->pmib->wapiInfo.wapiUpdateUCastKeyType==wapi_pktnum_update||
1513 wapiInfo->priv->pmib->wapiInfo.wapiUpdateUCastKeyType==wapi_all_update)
1514 {
1515 /* USK update */
1516 if((wapiInfo->wapiUCastKeyUpdate==1) || (priv->wapiMCastKeyUpdate==1)){
1517// printk("%s(%d), during usk update, do nothing!KeyIdx(0x%x),wapiInfo->wapiUCastKeyId(0x%x),wapiInfo->wapiUCastKeyUpdateCnt(%u), priv->pmib->wapiInfo.wapiUpdateUCastKeyPktNum(%u),txcfg->fr_len(%d)=========== \n",
1518// __FUNCTION__,__LINE__,KeyIdx,wapiInfo->wapiUCastKeyId,wapiInfo->wapiUCastKeyUpdateCnt,priv->pmib->wapiInfo.wapiUpdateUCastKeyPktNum,txcfg->fr_len);//Added for test
1519 }
1520 else{
1521 wapiUpdateUSK(priv, txcfg->pstat);
1522 }
1523 }
1524 }
1525 else
1526 wapiInfo->wapiUCastKeyUpdateCnt-=txcfg->fr_len;
1527
1528 #if defined(CONFIG_RTL_HW_WAPI_SUPPORT)
1529 bHWEncrypt = txcfg->pstat->dot11KeyMapping.keyInCam;
1530 #endif
1531 }
1532
1533 SMS4Hdr = (wpiSMS4Hdr*)(pHeader + txcfg->hdr_len);
1534 SMS4Hdr->keyIdx = KeyIdx;
1535 SMS4Hdr->reserved = 0;
1536 memcpy(SMS4Hdr->pn, pPN, WAPI_PN_LEN);
1537#if defined(CONFIG_RTL_HW_WAPI_SUPPORT)
1538 if (bHWEncrypt!=TRUE)
1539#endif
1540 {
1541 wapiAssert((((struct sk_buff *)txcfg->pframe)->end-((struct sk_buff *)txcfg->pframe)->tail)>SMS4_MIC_LEN);
1542 pBuf = ((struct sk_buff *)txcfg->pframe)->data-txcfg->llc;
1543 MicBuffer = ((struct sk_buff *)txcfg->pframe)->data+txcfg->fr_len;
1544
1545
1546 if (txcfg->llc>0)
1547 {
1548 memcpy(pBuf, pHeader+txcfg->hdr_len + txcfg->iv, txcfg->llc);
1549 }
1550
1551
1552 {
1553 SecCalculateMicSMS4(KeyIdx, pMicKey, pHeader, pBuf, txcfg->fr_len+txcfg->llc, MicBuffer);
1554
1555 /* encryption for data */
1556 WapiSMS4Encryption(pDataKey, pPN, pBuf, txcfg->fr_len+txcfg->llc+SMS4_MIC_LEN, pBuf, &OutputLength);
1557 wapiAssert(OutputLength==txcfg->fr_len+txcfg->llc+SMS4_MIC_LEN);
1558 }
1559
1560 //llc in wlan hdr should be sms4encrypted to deliver
1561 *((uint32*)SMS4Hdr->data) = *((uint32*)pBuf);
1562 *((uint32*)(SMS4Hdr->data+4)) = *((uint32*)(pBuf+4));
1563 }
1564#if defined(CONFIG_RTL_HW_WAPI_SUPPORT)
1565 else
1566 txcfg->mic = 0;
1567#endif
1568 WAPI_UNLOCK(&priv->pshare->lock);
1569 }
1570}
1571
1572int32 SecSWSMS4Decryption(
1573 struct rtl8192cd_priv *priv, struct stat_info *pstat, struct rx_frinfo* pfrinfo)
1574{
1575 uint8 PNOffset;
1576 uint8 DataOffset;
1577 uint16 OutputLength;
1578 wapiStaInfo *wapiInfo;
1579 uint8 *pHeader;
1580 uint8 *pRA;
1581 uint8 *pTA;
1582 uint8 KeyIdx;
1583/* uint8 MicBuffer[SMS4_MIC_LEN]; */
1584 uint8 *pMicKey;
1585 uint8 *pDataKey;
1586 uint8 *pRecvPN;
1587 uint8 *pSecData;
1588 uint8 *pRecvMic;
1589 uint16 DataLen;
1590 uint16 PktLen;
1591 wpiSMS4Hdr *SMS4Hdr;
1592 uint8 qosIdx;
1593 struct stat_info *rxPstat;
1594#if defined(CONFIG_RTL_HW_WAPI_SUPPORT)
1595 uint32 bHWEncrypt;
1596#endif
1597
1598
1599 WAPI_LOCK(&priv->pshare->lock);
1600 wapiInfo = pstat->wapiInfo;
1601 pHeader = pfrinfo->pskb->data;
1602#if 0
1603 if (get_tofr_ds(pHeader) == 3)
1604 {
1605 if( is_qos_data(pHeader) )
1606 {
1607 PNOffset = WLAN_HDR_A4_QOS_LEN;
1608 }
1609 else
1610 {
1611 PNOffset = WLAN_HDR_A4_LEN;
1612 }
1613 }
1614 else
1615 {
1616 if( is_qos_data(pHeader) )
1617 {
1618 PNOffset = WLAN_HDR_A3_QOS_LEN;
1619 }
1620 else
1621 {
1622 PNOffset = WLAN_HDR_A3_LEN;
1623 }
1624 }
1625 printk("rx pn offset %d %d\n", pfrinfo->hdr_len, PNOffset);
1626#else
1627 PNOffset = pfrinfo->hdr_len;
1628#endif
1629
1630 DataOffset = PNOffset + WAPI_EXT_LEN;
1631
1632 SMS4Hdr = (wpiSMS4Hdr*)(pHeader+PNOffset);
1633
1634 pRA = pHeader + 4;
1635 pTA = pHeader + 10;
1636 KeyIdx = SMS4Hdr->keyIdx;
1637 pRecvPN = SMS4Hdr->pn;
1638
1639 if( (*pRA)&0x1 )
1640 {
1641 rxPstat = get_stainfo(priv, pTA);
1642 if (rxPstat==NULL || rxPstat->wapiInfo==NULL ||
1643 rxPstat->wapiInfo->wapiMCastEnable==0 ||
1644 (KeyIdx!=priv->wapiMCastKeyId&&priv->wapiMCastKeyUpdate==0))
1645 {
1646
1647 WAPI_UNLOCK(&priv->pshare->lock);
1648 return FAIL;
1649 }
1650
1651 /* need check the PN increasing, and record the last rx PN */
1652 /* need check the PN increasing, and record the last rx PN */
1653 if (WapiComparePN(pRecvPN, priv->rxMCast)==WAPI_RETURN_FAILED)
1654 {
1655 WAPI_UNLOCK(&priv->pshare->lock);
1656 return FAIL;
1657 }
1658
1659 memcpy(priv->rxMCast, pRecvPN, WAPI_PN_LEN);
1660
1661 pMicKey = priv->wapiMCastKey[KeyIdx].micKey;
1662 pDataKey = priv->wapiMCastKey[KeyIdx].dataKey;
1663 #if defined(CONFIG_RTL_HW_WAPI_SUPPORT)
1664 bHWEncrypt = priv->pmib->dot11GroupKeysTable.keyInCam;
1665 #endif
1666 }
1667 else
1668 {
1669 if (wapiInfo->wapiUCastRxEnable==0
1670 || (KeyIdx!=wapiInfo->wapiUCastKeyId&&priv->wapiMCastKeyUpdate==0))
1671 {
1672 WAPI_UNLOCK(&priv->pshare->lock);
1673 return FAIL;
1674 }
1675
1676#ifdef WIFI_WMM
1677 {
1678 if (pfrinfo->tid==0||pfrinfo->tid==3)
1679 qosIdx = 0;
1680 else if (pfrinfo->tid<3)
1681 qosIdx = 1;
1682 else if (pfrinfo->tid<6)
1683 qosIdx = 2;
1684 else
1685 qosIdx = 3;
1686 }
1687#else
1688 qosIdx = 0;
1689#endif
1690
1691 /* need check the PN increasing, and record the last rx PN */
1692 if ((pRecvPN[WAPI_PN_LEN-1]&0x1)==0x1)
1693 {
1694 wapiAssert(0);
1695 WAPI_UNLOCK(&priv->pshare->lock);
1696 return FAIL;
1697 }
1698
1699#if 0
1700 if (WapiComparePN(pRecvPN, &wapiInfo->wapiPN.rxUCast[qosIdx][0])==WAPI_RETURN_FAILED)
1701 {
1702 memcpy(wapiCryptoTemp, pRecvPN, WAPI_PN_LEN);
1703 WapiIncreasePN(wapiCryptoTemp, ((rtl_SMS4_rxSeq[qosIdx]-pfrinfo->seq+1)<<1));
1704
1705 if (WapiComparePN(wapiCryptoTemp, &wapiInfo->wapiPN.rxUCast[qosIdx][0])==WAPI_RETURN_FAILED)
1706 {
1707 wapiAssert(0);
1708 memset(rtl_SMS4_rxSeq, 0, RX_QUEUE_NUM*sizeof(unsigned short));
1709 WAPI_UNLOCK(&priv->pshare->lock);
1710 return FAIL;
1711 }
1712 }
1713 memcpy(&wapiInfo->wapiPN.rxUCast[qosIdx][0], pRecvPN, WAPI_PN_LEN);
1714 rtl_SMS4_rxSeq[qosIdx]=pfrinfo->seq;
1715#else
1716 if (pfrinfo->seq>=wapiInfo->wapiPN.rxSeq[qosIdx])
1717 {
1718 if (WapiComparePN(pRecvPN, &wapiInfo->wapiPN.rxUCast[qosIdx][0])==WAPI_RETURN_FAILED)
1719 {
1720 WAPI_UNLOCK(&priv->pshare->lock);
1721 return FAIL;
1722 }
1723 memcpy(&wapiInfo->wapiPN.rxUCast[qosIdx][0], pRecvPN, WAPI_PN_LEN);
1724 wapiInfo->wapiPN.rxSeq[qosIdx]=pfrinfo->seq;
1725 }
1726 else
1727 {
1728 memcpy(wapiCryptoTemp, pRecvPN, WAPI_PN_LEN);
1729 WapiIncreasePN(wapiCryptoTemp, ((wapiInfo->wapiPN.rxSeq[qosIdx]-pfrinfo->seq+1)<<1));
1730 if (WapiComparePN(wapiCryptoTemp, &wapiInfo->wapiPN.rxUCast[qosIdx][0])==WAPI_RETURN_FAILED)
1731 {
1732 WAPI_UNLOCK(&priv->pshare->lock);
1733 return FAIL;
1734 }
1735 }
1736#endif
1737
1738 pMicKey = wapiInfo->wapiUCastKey[KeyIdx].micKey;
1739 pDataKey = wapiInfo->wapiUCastKey[KeyIdx].dataKey;
1740 #if defined(CONFIG_RTL_HW_WAPI_SUPPORT)
1741 bHWEncrypt = pstat->dot11KeyMapping.keyInCam;
1742 #endif
1743 }
1744
1745#if defined(CONFIG_RTL_HW_WAPI_SUPPORT)
1746 if (bHWEncrypt!=TRUE)
1747#endif
1748 {
1749 pSecData = pHeader + DataOffset;
1750 PktLen = pfrinfo->pktlen;
1751 DataLen = PktLen-DataOffset;
1752 pRecvMic = pHeader + PktLen - SMS4_MIC_LEN - WAPI_ALIGNMENT_OFFSET;
1753
1754 memcpy(wapiDecrytBuf, pSecData, DataLen);
1755 memcpy(wapiDecrytHdrBuf, pHeader, DataOffset);
1756
1757 WapiSMS4Decryption(pDataKey, pRecvPN, wapiDecrytBuf, DataLen, pSecData-WAPI_ALIGNMENT_OFFSET, &OutputLength);
1758 wapiAssert(OutputLength == DataLen);
1759
1760 DataLen -= SMS4_MIC_LEN;
1761
1762 SecCalculateMicSMS4(KeyIdx, pMicKey, wapiDecrytHdrBuf, pSecData-WAPI_ALIGNMENT_OFFSET, DataLen, wapiCryptoTemp);
1763
1764 if (memcmp(wapiCryptoTemp, pRecvMic, SMS4_MIC_LEN))
1765 {
1766 wapiAssert(0);
1767 WAPI_UNLOCK(&priv->pshare->lock);
1768 return FALSE;
1769 }
1770 }
1771
1772 WAPI_UNLOCK(&priv->pshare->lock);
1773 return TRUE;
1774}
1775#endif
1776
1777#endif