1
0
mirror of https://github.com/morrownr/8821cu-20210916.git synced 2024-09-16 03:32:37 +00:00

initial commit

This commit is contained in:
morrownr 2022-11-17 08:26:57 -06:00
commit 1d6ef930b9
724 changed files with 771892 additions and 0 deletions

159
8821cu.conf Normal file
View File

@ -0,0 +1,159 @@
# /etc/modprobe.d/8821cu.conf
#
# Purpose: Allow easy access to specific driver options.
#
# Warning: Some adapters based on the rtl8821cu chipset may require the
# `rtw_RFE_type` option to be set. If wifi or bluetooth does not work
# after driver installation, see the appropriate section in the below
# documentation.
#
# Edit the following line to change, add or delete options:
options 8821cu rtw_drv_log_level=0 rtw_led_ctrl=1 rtw_vht_enable=1 rtw_power_mgnt=1 rtw_dfs_region_domain=0
#
# After editing is complete, save this file (if using nano: Ctrl + x, y, Enter)
# and reboot to activate the changes.
#
# Documentation:
#
# -----
#
# Log options ( rtw_drv_log_level )
#
# 0 = NONE (default)
# 1 = ALWAYS
# 2 = ERROR
# 3 = WARNING
# 4 = INFO
# 5 = DEBUG
# 6 = MAX
#
# Note: You can save a log file that only includes RTW log entries by running
# the following in a terminal:
#
# sudo ./save-log.sh
#
# Note: The name of the log file will be ```rtw.log```.
#
# -----
#
# LED options ( rtw_led_ctrl )
#
# 0 = Always off
# 1 = Normal blink (default)
# 2 = Always on
#
# -----
#
# VHT options ( rtw_vht_enable )
#
# 0 = Disable
# 1 = Enable (default)
# 2 = Force auto enable (use only for 5 GHz AP mode)
#
# Notes:
# - A non-default setting can degrade performance greatly in managed mode.
# - Option 2 allows 80 MHz channel width for 5GHz AP mode, such as when
# you are using hostapd.
#
# -----
#
# Power options ( rtw_power_mgnt )
#
# 0 = Disable power saving
# 1 = Power saving on, minPS (default)
# 2 = Power saving on, maxPS (not recommended for AP mode)
#
# -----
#
# Country Code options ( rtw_country_code )
#
# Note: Allows the Country Code to be set in cases where it is unable to
# be obtained from the operating system.
#
# Example for the US: rtw_country_code=US
# Example for Panama: rtw_country_code=PA
# Example for Norway: rtw_country_code=NO
# Example for Kuwait: rtw_country_code=KW
# Example for Taiwan: rtw_country_code=TW
#
# -----
#
# DFS Options ( rtw_dfs_region_domain )
#
# 0 = NONE (default)
# 1 = FCC
# 2 = MKK
# 3 = ETSI
#
# Notes:
# - Activates DFS channels in AP mode.
# - DFS FCC 80 MHz channels for hostapd: 52(58), 100(106), 116(122) and 132(138)
# - For more information: https://en.wikipedia.org/wiki/List_of_WLAN_channels
#
# Note: An AP needs to listen on a DFS channel for a period of 60 seconds
# before transmitting on the channel. If any radar pulses are detected,
# the AP cannot use that channel and will have to try a different channel.
#
# -----
#
# Select P2P interface in concurrent mode ( rtw_sel_p2p_iface )
#
# 0 = Sets interface 0 to be p2p interface
# 1 = Sets interface 1 to be p2p interface (default)
#
# -----
#
# Select RFE type ( rtw_RFE_type )
#
# 0 = (2-Ant, DPDT), (2G_WLG, iPA, iLNA, iSW), (5G, iPA, iLNA, iSW)
# 1 = (1-Ant, SPDT@Ant1), (2G_WLG, iPA, iLNA, iSW), (5G, iPA, iLNA, iSW)
# 2 = (1-Ant, SPDT@Ant1) , (2G_BTG, iPA, iLNA, iSW), (5G, iPA, iLNA, iSW)
# 3 = (1-Ant, DPDT@Ant2), (2G_WLG, iPA, iLNA, iSW), (5G, iPA, iLNA, iSW)
# 4 = (1-Ant, DPDT@Ant2), (2G_BTG, iPA, iLNA, iSW), (5G, iPA, iLNA, iSW)
# 5 = (2-Ant), (2G_WLG, iPA, iLNA, iSW), (5G, iPA, iLNA, iSW)
# 6 = (2-Ant), (2G_WLG, iPA, iLNA, iSW), (5G, iPA, iLNA, iSW)
# 7 = (1-Ant), (2G_BTG, iPA, iLNA, iSW), (5G, iPA, iLNA, iSW) (try this setting first)
# 64 = this appears to be the default on adapters that do not support bluetooth
#
# Note: RFE Type is used to set antenna isolation and the BT coexistence
# mechanism. Some adapters require this setting and some do not. If wifi
# does not work without this setting, the setting probably needs to be
# set. It may be necessary to try different settings to determine
# which setting is optimal for your adapter.
#
# -----
#
# To see all options that are available:
#
# $ ls /sys/module/8821cu/parameters/
#
# -----
#
# To see the values that are in use:
#
# $ grep [[:alnum:]] /sys/module/8821cu/parameters/*
#
# -----
#
# hostapd setup information for rtl8821cu
# Note: The best settings can vary but the following may be a good place to start.
#
# /etc/modprobe.d/8821cu.conf
# options 8821cu rtw_drv_log_level=0 rtw_led_ctrl=0 rtw_vht_enable=2 rtw_power_mgnt=1 rtw_dfs_region_domain=1
#
# Note: The best setting for `rtw_dfs_region_domain=` will depend on your location.
#
# /etc/hostapd/hostapd.conf
#
# hw ht capab: 0x862
# ht_capab=[HT40+][HT40-][SHORT-GI-20][SHORT-GI-40][MAX-AMSDU-7935]
#
# hw vht capab: 0x03c00022
# vht_capab=[MAX-MPDU-11454][SHORT-GI-80][HTC-VHT][MAX-A-MPDU-LEN-EXP7]
#
# -----

27
ARM64_RPI.sh Executable file
View File

@ -0,0 +1,27 @@
#!/bin/bash
#
# Purpose: Change settings in the Makefile to support compiling 64 bit
# operating systems for Raspberry Pi Hardware.
#
# To make this file executable:
#
# $ chmod +x ARM64_RPI.sh
#
# To execute this file:
#
# $ ./ARM64_RPI.sh
sed -i 's/CONFIG_PLATFORM_I386_PC = y/CONFIG_PLATFORM_I386_PC = n/g' Makefile
sed -i 's/CONFIG_PLATFORM_ARM_RPI = y/CONFIG_PLATFORM_ARM_RPI = n/g' Makefile
sed -i 's/CONFIG_PLATFORM_ARM64_RPI = n/CONFIG_PLATFORM_ARM64_RPI = y/g' Makefile
RESULT=$?
if [[ "$RESULT" != "0" ]]; then
echo "An error occurred and Raspberry Pi OS (64 bit) support was not turned on in Makefile."
exit 1
else
echo "Raspberry Pi OS (64 bit) support was turned on in Makefile as planned."
exit 0
fi

29
ARM_RPI.sh Executable file
View File

@ -0,0 +1,29 @@
#!/bin/bash
#
# Purpose: Change settings in the Makefile to support compiling 32 bit
# operating systems for Raspberry Pi Hardware.
#
# To make this file executable (if necessary):
#
# $ chmod +x ARM_RPI.sh
#
# To execute this file:
#
# $ ./ARM_RPI.sh
# getconf LONG_BIT (need to work on this)
sed -i 's/CONFIG_PLATFORM_I386_PC = y/CONFIG_PLATFORM_I386_PC = n/g' Makefile
sed -i 's/CONFIG_PLATFORM_ARM_RPI = n/CONFIG_PLATFORM_ARM_RPI = y/g' Makefile
RESULT=$?
if [[ "$RESULT" != "0" ]]; then
echo "An error occurred and Raspberry Pi OS (32 bit) support was not turned on in Makefile."
exit 1
else
echo "Raspberry Pi OS (32 bit) support was turned on in Makefile as planned."
exit 0
fi
sed -i 's/CONFIG_PLATFORM_ARM64_RPI = y/CONFIG_PLATFORM_ARM64_RPI = n/g' Makefile

6
Kconfig Normal file
View File

@ -0,0 +1,6 @@
config RTL8821CU
tristate "Realtek 8821C USB WiFi"
depends on USB
help
Help message of RTL8821CU

14
LICENSE Normal file
View File

@ -0,0 +1,14 @@
/******************************************************************************
*
* Copyright(c) 2007 - 2022 Realtek Corporation.
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of version 2 of the GNU General Public License as
* published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
* more details.
*
*****************************************************************************/

2523
Makefile Normal file

File diff suppressed because it is too large Load Diff

642
README.md Normal file
View File

@ -0,0 +1,642 @@
## 8821cu ( 8821cu.ko ) :rocket:
## Linux Driver for USB WiFi Adapters that are based on the RTL8811CU, RTL8821CU and RTL8731AU Chipsets
- v5.12.0.4 (Realtek) (20210916) plus updates from the Linux community
### Features
- IEEE 802.11 b/g/n/ac WiFi compliant
- 802.1x, WEP, WPA TKIP and WPA2 AES/Mixed mode for PSK and TLS (Radius)
- WPA3 (see FAQ)
- IEEE 802.11b/g/n/ac Client mode
* Supports wireless security for WEP, WPA TKIP and WPA2 AES PSK
* Supports site survey scan and manual connect
* Supports WPA/WPA2 TLS client
- Power saving modes
- Wireshark compatible
- Aircrack-ng compatible
- Packet injection
- hostapd compatible
- AP mode DFS channel support
- Miracast
- Supported interface modes
* IBSS
* Managed
* Monitor (see FAQ)
* AP (see FAQ)
* P2P-client
* P2P-GO
* Concurrent (see `Concurrent_Mode.md` in the `docs` folder.)
- Log level control
- LED control
- Power saving control
- VHT control (allows 80 MHz channel width in AP mode)
- AP mode DFS channel control
### A FAQ is available at the end of this document.
### Compatible CPUs
- x86, amd64
- ARM, ARM64
- MIPS
### Compatible Kernels
- Kernels: 4.19 - 5.11 (Realtek)
- Kernels: 5.12 - 6.1 (community support)
### Tested Linux Distributions
Note: One of the goals of this project is to provide driver support that
is easy to install and works reliably on many distros. Meeting this goal
depends on you to report your recommendations and updated information.
If you see information that needs to be updated, please report the
updated information and if you do not see adequate support for
items such as Installation Steps 2, 3 and 9, and you know what updates
need to added or you can get that information, please provide it so that
the Installation Steps can be improved.
- Arch Linux (kernels 5.4 and 5.11)
- Debian 11 (kernels 5.10 and 5.15)
- Fedora (kernel 5.11)
- Kali Linux (kernel 5.10)
- Manjaro 21.1 (kernel 5.13)
- openSUSE Tumbleweed (rolling) (kernel 5.15)
- Raspberry Pi OS (2022-09-22) (ARM 32 bit and 64 bit) (kernel 5.15)
- Raspberry Pi Desktop (2022-07-01) (x86 32 bit) (kernel 5.10)
- Ubuntu 22.04 (kernel 5.15) and 22.10 (kernel 5.19)
- Void Linux (kernel 5.18)
### Download Locations for Tested Linux Distributions
- [Arch Linux](https://www.archlinux.org)
- [Debian](https://www.debian.org/)
- [Fedora](https://getfedora.org)
- [Kali Linux](https://www.kali.org/)
- [Manjaro](https://manjaro.org)
- [openSUSE](https://www.opensuse.org/)
- [Raspberry Pi OS](https://www.raspberrypi.org)
- [Ubuntu](https://www.ubuntu.com)
- [Void Linux](https://voidlinux.org/)
### Tested Hardware
- EDUP EP-AC1651 USB WiFi Adapter AC650 Dual Band USB 2.0 Nano
- EDUP EP-AC1635 USB WiFi Adapter AC600 Dual Band USB 2.0
### Compatible Devices
Warning: Adapters listed here are not recommended for purchase as I do
not recommend Linux users buy Realtek based USB WiFi adapters due to the
lack of mac80211 technology drivers that are supported in-kernel as
called for by Linux Wireless Standards. This repo is supported for the
benefit of Linux users who already have adapters based on the supported
chipsets. If you are looking for information about what adapter to buy,
click [here](https://github.com/morrownr/USB-WiFi) for information about
and links to recommended adapters.
* Cudy WU700
* EDUP EP-AC1651
* EDUP EP-AC1635
* TOTOLINK A650UA v3
* Mercusys MU6H (multi-state)
* Numerous additional products that are based on the supported chipsets
Note: Please read "supported-device-IDs" for information about how to confirm the correct driver for your adapter.
### Installation Information
Warning: Installing multiple drivers for the same hardware usually does
not end well. If a previous attempt to install this driver failed or if
you have previously installed another driver for chipsets supported by
this driver, you MUST remove anything that the previous attempt
installed BEFORE attempting to install this driver. This driver can be
removed with the script called `./remove-driver.sh`. Information is
available in the section called `Removal of the Driver.` You can get a
good idea as to whether you need to remove a previously installed
driver by running the following command:
```
sudo dkms status
```
Warning: If you decide to upgrade to a new version of kernel such as
5.15 to 5.19, you need to remove the driver you have installed and
install the newest available before installing the new kernel. Use the
following commands in the driver directory:
```
$ sudo ./remove-driver.sh
$ git pull
$ sudo ./install-driver.sh
```
Temporary internet access is required for installation. There are numerous ways
to enable temporary internet access depending on your hardware and situation.
[One method is to use tethering from a phone.](https://www.makeuseof.com/tag/how-to-tether-your-smartphone-in-linux).
Another method is to keep a [WiFi adapter that uses an in-kernel driver](https://github.com/morrownr/USB-WiFi) in your toolkit.
You will need to use the terminal interface. The quick way to open a terminal:
Ctrl+Alt+T (hold down on the Ctrl and Alt keys then press the T key).
An alternative terminal is to use SSH (Secure Shell) from the same or from
another computer, in which case you will be in a suitable terminal after logging
in, but this step requires that an SSH daemon/server has already been
configured. (There are lots of SSH guides available, e.g., for the [Raspberry Pi](https://www.raspberrypi.com/documentation/computers/remote-access.html#setting-up-an-ssh-server) and for [Ubuntu](https://linuxconfig.org/ubuntu-20-04-ssh-server). Do not forget [to secure the SSH server](https://www.howtogeek.com/443156/the-best-ways-to-secure-your-ssh-server/).)
You will need to have sufficient access rights to use `sudo` so that commands
can be executed as the `root` user. (If the command `sudo echo Yes` returns
"Yes", with or without having to enter your password, you do have sufficient
access rights.)
DKMS is used for the installation. DKMS is a system utility which will
automatically recompile and reinstall this driver when a new kernel is
installed. DKMS is provided by and maintained by Dell.
It is recommended that you do not delete the driver directory after installation
as the directory contains information and scripts that you may need in the future.
Secure mode: The primary installation script, `install-driver.sh`, will support
secure mode... if your distro supports the method dkms uses. I regularly test the
installation script on systems with secure mode on. It works very well on Ubuntu based
distros. Some distros, such as Raspberry Pi OS, do not support secure mode because the
hardware they support does not support secure mode making it unnecessary. There are
distros that do not work with the support currently in use. If you install this driver
and, after a reboot, the driver is not working, you can go into the BIOS and temporarily
turn secure mode off to see if secure mode is the problem.
### Installation Steps
Note: The installation instructions are for the novice user. Experienced users are
welcome to alter the installation to meet their needs. Support will be provided based
on the steps below.
#### Step 1: Open a terminal (e.g. Ctrl+Alt+T)
#### Step 2: Update and upgrade system packages (select the option for the OS you are using)
Note: If your Linux distro does not fall into one of options listed
below, you will need to research how to update and upgrade your system
packages.
- Option for Debian based distributions such as Ubuntu, Kali and Raspberry Pi OS
```
sudo apt update && sudo apt upgrade
```
- Option for Arch based distributions such as Manjaro
```
sudo pacman -Syu
```
- Option for Fedora based distributions
```
sudo dnf upgrade
```
- Option for openSUSE based distributions
```
sudo zypper update
```
- Option for Void Linux
```
sudo xbps-install -Syu
```
Note: It is recommended that you reboot your system at this point. The
rest of the installation will appreciate having a fully up to date
system to work with. The installation can then be continued with Step 3.
```
sudo reboot
```
#### Step 3: Install the required packages (select the option for the OS you are using)
- Option for Raspberry Pi OS (ARM/ARM64)
```
sudo apt install -y raspberrypi-kernel-headers build-essential bc dkms git
```
- Option for Debian, Kali, and Raspberry Pi Desktop (x86)
```
sudo apt install -y linux-headers-$(uname -r) build-essential bc dkms git libelf-dev
```
- Option for Ubuntu (all official flavors) and the numerous Ubuntu based distros
```
sudo apt install -y build-essential dkms git
```
- Option for Fedora
```
sudo dnf -y install git dkms kernel-devel kernel-debug-devel
```
- Option for openSUSE
```
sudo zypper install -t pattern devel_kernel dkms
```
- Option for Void Linux
```
sudo xbps-install linux-headers dkms git make
```
- Options for Arch and Manjaro
If using pacman
```
sudo pacman -S --noconfirm linux-headers dkms git bc
```
Note: If you are asked to choose a provider, make sure to choose the one
that corresponds to your version of the linux kernel (for example,
"linux510-headers" for Linux kernel version 5.10). If you install the
incorrect version, you'll have to uninstall it and install the correct
version.
If using other methods, please follow the instructions provided by those
methods.
#### Step 4: Create a directory to hold the downloaded driver
```
mkdir -p ~/src
```
#### Step 5: Move to the newly created directory
```
cd ~/src
```
#### Step 6: Download the driver
```
git clone https://github.com/morrownr/8821cu-20210916.git
```
#### Step 7: Move to the newly created driver directory
```
cd ~/src/8821cu-20210916
```
#### Step 8: Run a script to reconfigure for ARM or ARM64 based systems
Warning: This driver defaults to supporting x86 and amd64 based systems
and this step should be `skipped` if your system is powered by an x86,
amd64 or compatible CPU.
Note: If your system is powered by an ARM or ARM64 based Raspberry Pi,
then one of the following scripts should be executed:
- Option for the following listed operating systems to be installed to
Raspberry Pi hardware
```
* Raspberry Pi OS (32 bit)
```
```
./ARM_RPI.sh
```
- Option for the following listed operating systems to be installed to
Raspberry Pi hardware
```
* Raspberry Pi OS (64 bit)
* Kali Linux RPI ARM64
* Ubuntu for Raspberry Pi
```
```
./ARM64_RPI.sh
```
Note: ARM or ARM64 based systems not listed above will likely require
modifications similar to those provided in the above scripts but the
number and variety of different ARM and ARM64 based systems makes
supporting each system unpractical so you will need to research the
needs of your system and make the appropriate modifications. If you
discover the settings and make a new script that works with your ARM or
ARM64 based system, you are welcome to submit the script and information
to be included here.
#### Step 9: Run the installation script ( install-driver.sh )
Note: For automated builds (non-interactive), use _NoPrompt_ as an option.
```
sudo ./install-driver.sh
```
Note: If you elect to skip the reboot at the end of the installation
script, the driver may not load immediately and the driver options will
not be applied. Rebooting is strongly recommended.
Manual build instructions: The above script automates the installation
process, however, if you want to or need to do a command line
installation, use the following:
```
make clean
make
sudo make install
sudo reboot
```
Note: If you use the manual build instructions, you will need to repeat
the process each time a new kernel is installed in your distro.
-----
### Driver Options ( edit-options.sh )
A file called `8821cu.conf` will be installed in `/etc/modprobe.d` by
default if you use the `./install-driver.sh` script.
Note: The installation script will prompt you to edit the options.
Location: `/etc/modprobe.d/8821cu.conf`
This file will be read and applied to the driver on each system boot.
To edit the driver options file, run the `edit-options.sh` script
```
sudo ./edit-options.sh
```
Note: Documentation for Driver Options is included in the file `8821cu.conf`.
-----
### Removal of the Driver ( remove-driver.sh )
Note: Removing the driver is advised in the following situations:
- if driver installation fails
- if the driver is no longer needed
- if a new or updated version of the driver needs to be installed
- if a distro version upgrade is going to be installed (i.e. going from kernel 5.10 to kernel 5.15)
Note: The following removes everything that has been installed, with the
exception of the packages installed in Step 3 and the driver directory.
The driver directory can be deleted after running this script.
#### Step 1: Open a terminal (e.g. Ctrl+Alt+T)
#### Step 2: Move to the driver directory
```
cd ~/src/8821cu-20210118
```
#### Step 3: Run the removal script
Note: For automated builds (non-interactive), use _NoPrompt_ as an option.
```
sudo ./remove-driver.sh
```
-----
### Recommended WiFi Router/ Access Point Settings
Note: These are general recommendations, some of which may not apply to your specific situation.
- Security: Set WPA2-AES or WPA2/WPA3 mixed or WPA3. Do not set WPA2 mixed mode or WPA or TKIP.
- Channel width for 2.4 GHz: Set 20 MHz fixed width. Do not use 40 MHz or 20/40 automatic.
- Channels for 2.4 GHz: Set channel 1 or 6 or 11 depending on the congestion at your location. Do not set automatic channel selection. As time passes, if you notice poor performance, recheck congestion and set channel appropriately. The environment around you can and does change over time.
- Mode for 2.4 GHz: For best performance, set "N only" if you no longer use B or G capable devices.
- Network names: Do not set the 2.4 GHz Network and the 5 GHz Network to the same name. Note: Unfortunately many routers come with both networks set to the same name. You need to be able to control which network that is in use so changing the name of one of the networks is recommended. Since many IoT devices use the 2.4 GHz network, it may be better to change the name of the 5 GHz network.
- Channels for 5 GHz: Not all devices are capable of using DFS channels (I'm looking at you Roku.) It may be necessary to set a fixed channel in the range of 36 to 48 or 149 to 165 in order for all of your devices to work on 5 GHz. (For US, other countries may vary.)
- Best location for the WiFi router/access point: Near center of apartment or house, at least a couple of feet away from walls, in an elevated location. You may have to test to see what the best location is in your environment.
- Check congestion: There are apps available for smart phones that allow you to check the congestion levels on WiFi channels. The apps generally go by the name of ```WiFi Analyzer``` or something similar.
After making and saving changes, reboot the router.
-----
### Recommendations regarding USB
- Moving your USB WiFi adapter to a different USB port has been known to fix a variety of problems.
- If connecting your USB WiFi adapter to a desktop computer, use the USB ports on the rear of the computer. Why? The ports on the rear are directly connected to the motherboard which will reduce problems with interference and disconnection.
- If your USB WiFi adapter is USB 3 capable and you want it to operate in USB3 mode, plug it into a USB 3 port.
- Avoid USB 3.1 Gen 2 ports if possible as almost all currently available adapters have been tested with USB 3.1 Gen 1 (aka USB 3) and not with USB 3.1 Gen 2.
- If you use an extension cable and your adapter is USB 3 capable, the cable needs to be USB 3 capable (if not, you will be limited to USB 2 speeds).
- Extention cables can be problematic. A way to check if the extension cable is the problem is to plug the adapter temporarily into a USB port on the computer.
- Some USB WiFi adapters require considerable electrical current and push the capabilities of the power available via USB port. One example is adapters that use the Realtek 8814au chipset. Using a powered multiport USB extension can be a good idea in cases like this.
-----
### How to disable onboard WiFi on Raspberry Pi 3B, 3B+, 3A+, 4B and Zero W
Add the following line to /boot/config.txt
```
dtoverlay=disable-wifi
```
-----
### How to forget a saved WiFi network on a Raspberry Pi
#### Step 1: Edit wpa_supplicant.conf
```
sudo nano /etc/wpa_supplicant/wpa_supplicant.conf
```
#### Step 2: Delete the relevant WiFi network block (including the 'network=' and opening/closing braces.
#### Step 3: Press ctrl-x followed by 'y' and enter to save the file.
#### Step 4: Reboot
-----
### FAQ:
Question: Is WPA3 supported?
Answer: WPA3-SAE support is in this driver according to Realtek and it
works well on some Linux distros but not all. Generally the reason for
WPA3 not working on Linux distros is that the distro has an old version
of wpa_supplicant or Network Manager. Your options are to upgrade to a
more modern distro (most distros released after mid 2022) or compile and
install new versions of the wpa_supplicant and Network Manager utilities.
-----
Question: I bought two rtl8811cu based adapters and am planning to use
both in the same computer. How do I set that up?
Answer: Realtek drivers do not support more than one adapter with the
same chipset in the same computer. You can have multiple Realtek based
adapters in the same computer as long as the adapters are based on
different chipsets.
-----
Question: Why do you recommend Mediatek based adapters when you maintain
this repo for a Realtek driver?
Answer: Many new and existing Linux users already have adapters based on
Realtek chipsets. This repo is for Linux users to support their existing
adapters but my STRONG recommendation is for Linux users to seek out USB
WiFi solutions based on Mediatek chipsets:
https://github.com/morrownr/USB-WiFi
-----
Question: Will you put volunteers to work?
Answer: Yes. Post a message in `Issues` or `Discussions` if interested.
-----
Question: I am having problems with my adapter and I use Virtualbox?
Answer: This [article](https://null-byte.wonderhowto.com/forum/wifi-hacking-attach-usb-wireless-adapter-with-virtual-box-0324433/) may help.
-----
Question: The driver installation script completed successfully and the
driver is installed but does not seem to be working. What is wrong?
Answer: Turn secure boot off to see if that allows the driver to work.
This driver is primarily tested on Debian based distros such as Ubuntu,
Raspberry Pi OS and Kali. In an attempt to make this driver work well on
many Linux distros, other distros, including the Arch based Manjaro is
used for testing. Currently I do not have installations of Fedora or
OpenSUSE available for testing and reply on user reports of success or
failure. I have two test systems with secure boot on so as to test secure
boot. I have not seen any secure boot problems with Debian based systems
and I don't remember problems with Manjaro.
dkms is used in the installation script. It helps with a lot of issues that
will come up if a simple manual installation is used. dkms has the
capability to handle the needs of secure boot. dkms was written by and is
maintained by Dell. Dell has been offering some Ubuntu pre-loaded systems
for years so their devs likely test on Ubuntu. I suspect Fedora and
OpenSUSE may be handing their secure boot support differently than Debian
based systems and this is leading to problems. This and the other repos
I have are VERY heavily used and I am sure there are plenty of non-Debian
users that use this driver. Are they all turning off secure boot and not
reporting the problem? I don't know. What I do know is that reports like
this are rare.
For the driver to compile and install correctly but not be available
tells me there is likely a key issue. Here is an interesting link
regarding Debian systems and secure boot:
https://wiki.debian.org/SecureBoot
That document contains a lot of information that can help an investigation
into what the real problem is and I invite you and other Fedora, OpemSUSE
and users of other distros that show this problem to investigate and
present what you know to the devs of your distro via their problem
reporting system. Turning off secure boot is NOT a fix. A real fix needs
to happen.
-----
Question: Can you provide additional information about monitor mode?
Answer: I have a repo that is setup to help with monitor mode:
https://github.com/morrownr/Monitor_Mode
Work to improve monitor mode is ongoing with this driver. Your
reports of success or failure are needed. If you have yet to buy an
adapter to use with monitor mode, there are adapters available that are
known to work very well with monitor mode. My recommendation for those
looking to buy an adapter for monitor mode is to buy adapters based on
the following chipsets: mt7921au, mt7612u, mt7610u, rtl8812au and
rtl8811au. My specific recommendations for adapters in order of
preference are:
ALFA AWUS036ACHM - long range - in-kernel driver
ALFA AWUS036ACM - in-kernel driver
ALFA AWUS036ACH - long range - [driver](https://github.com/morrownr/8812au-20210629)
ALFA AWUS036ACS - [driver](https://github.com/morrownr/8821au-20210708)
To ask questions, go to [USB-WiFi](https://github.com/morrownr/USB-WiFi)
and post in `Discussions` or `Issues`.
-----
Question: I have an adapter with the 8821cu chipset which means it supports
bluetooth. The bluetooth works but the wifi does not. What is wrong?
Answer: There appears to be a hardware bug in some 8821cu based adapters
and the fix is to set the driver option ( `rtw_RFE_type` ) in 8821cu.conf.
The easiest way to edit 8821cu.conf is to run the following from the driver
directory:
```
sudo ./edit-options.sh
```
Once in the document, you can scroll down to the documentation about
`rtw_RFE_type`. You will likely have to experiment to find out what setting
works best for your adapter but a good place to start is probably...
```
rtw_RFE_type=7
```
Simply add that option to the end of the `options` line, save and reboot.
-----
#### [Go to Main Menu](https://github.com/morrownr/USB-WiFi)
-----

5
clean Normal file
View File

@ -0,0 +1,5 @@
#!/bin/bash
rmmod 8192cu
rmmod 8192ce
rmmod 8192du
rmmod 8192de

211
core/crypto/aes-ccm.c Normal file
View File

@ -0,0 +1,211 @@
/*
* Counter with CBC-MAC (CCM) with AES
*
* Copyright (c) 2010-2012, Jouni Malinen <j@w1.fi>
*
* This software may be distributed under the terms of the BSD license.
* See README for more details.
*/
#include "rtw_crypto_wrap.h"
#include "aes.h"
#include "aes_wrap.h"
static void xor_aes_block(u8 *dst, const u8 *src)
{
u32 *d = (u32 *) dst;
u32 *s = (u32 *) src;
*d++ ^= *s++;
*d++ ^= *s++;
*d++ ^= *s++;
*d++ ^= *s++;
}
static void aes_ccm_auth_start(void *aes, size_t M, size_t L, const u8 *nonce,
const u8 *aad, size_t aad_len, size_t plain_len,
u8 *x)
{
u8 aad_buf[2 * AES_BLOCK_SIZE];
u8 b[AES_BLOCK_SIZE];
/* Authentication */
/* B_0: Flags | Nonce N | l(m) */
b[0] = aad_len ? 0x40 : 0 /* Adata */;
b[0] |= (((M - 2) / 2) /* M' */ << 3);
b[0] |= (L - 1) /* L' */;
os_memcpy(&b[1], nonce, 15 - L);
WPA_PUT_BE16(&b[AES_BLOCK_SIZE - L], plain_len);
wpa_hexdump_key(_MSG_EXCESSIVE_, "CCM B_0", b, AES_BLOCK_SIZE);
aes_encrypt(aes, b, x); /* X_1 = E(K, B_0) */
if (!aad_len)
return;
WPA_PUT_BE16(aad_buf, aad_len);
os_memcpy(aad_buf + 2, aad, aad_len);
os_memset(aad_buf + 2 + aad_len, 0, sizeof(aad_buf) - 2 - aad_len);
xor_aes_block(aad_buf, x);
aes_encrypt(aes, aad_buf, x); /* X_2 = E(K, X_1 XOR B_1) */
if (aad_len > AES_BLOCK_SIZE - 2) {
xor_aes_block(&aad_buf[AES_BLOCK_SIZE], x);
/* X_3 = E(K, X_2 XOR B_2) */
aes_encrypt(aes, &aad_buf[AES_BLOCK_SIZE], x);
}
}
static void aes_ccm_auth(void *aes, const u8 *data, size_t len, u8 *x)
{
size_t last = len % AES_BLOCK_SIZE;
size_t i;
for (i = 0; i < len / AES_BLOCK_SIZE; i++) {
/* X_i+1 = E(K, X_i XOR B_i) */
xor_aes_block(x, data);
data += AES_BLOCK_SIZE;
aes_encrypt(aes, x, x);
}
if (last) {
/* XOR zero-padded last block */
for (i = 0; i < last; i++)
x[i] ^= *data++;
aes_encrypt(aes, x, x);
}
}
static void aes_ccm_encr_start(size_t L, const u8 *nonce, u8 *a)
{
/* A_i = Flags | Nonce N | Counter i */
a[0] = L - 1; /* Flags = L' */
os_memcpy(&a[1], nonce, 15 - L);
}
static void aes_ccm_encr(void *aes, size_t L, const u8 *in, size_t len, u8 *out,
u8 *a)
{
size_t last = len % AES_BLOCK_SIZE;
size_t i;
/* crypt = msg XOR (S_1 | S_2 | ... | S_n) */
for (i = 1; i <= len / AES_BLOCK_SIZE; i++) {
WPA_PUT_BE16(&a[AES_BLOCK_SIZE - 2], i);
/* S_i = E(K, A_i) */
aes_encrypt(aes, a, out);
xor_aes_block(out, in);
out += AES_BLOCK_SIZE;
in += AES_BLOCK_SIZE;
}
if (last) {
WPA_PUT_BE16(&a[AES_BLOCK_SIZE - 2], i);
aes_encrypt(aes, a, out);
/* XOR zero-padded last block */
for (i = 0; i < last; i++)
*out++ ^= *in++;
}
}
static void aes_ccm_encr_auth(void *aes, size_t M, u8 *x, u8 *a, u8 *auth)
{
size_t i;
u8 tmp[AES_BLOCK_SIZE];
wpa_hexdump_key(_MSG_EXCESSIVE_, "CCM T", x, M);
/* U = T XOR S_0; S_0 = E(K, A_0) */
WPA_PUT_BE16(&a[AES_BLOCK_SIZE - 2], 0);
aes_encrypt(aes, a, tmp);
for (i = 0; i < M; i++)
auth[i] = x[i] ^ tmp[i];
wpa_hexdump_key(_MSG_EXCESSIVE_, "CCM U", auth, M);
}
static void aes_ccm_decr_auth(void *aes, size_t M, u8 *a, const u8 *auth, u8 *t)
{
size_t i;
u8 tmp[AES_BLOCK_SIZE];
wpa_hexdump_key(_MSG_EXCESSIVE_, "CCM U", auth, M);
/* U = T XOR S_0; S_0 = E(K, A_0) */
WPA_PUT_BE16(&a[AES_BLOCK_SIZE - 2], 0);
aes_encrypt(aes, a, tmp);
for (i = 0; i < M; i++)
t[i] = auth[i] ^ tmp[i];
wpa_hexdump_key(_MSG_EXCESSIVE_, "CCM T", t, M);
}
/* AES-CCM with fixed L=2 and aad_len <= 30 assumption */
int aes_ccm_ae(const u8 *key, size_t key_len, const u8 *nonce,
size_t M, const u8 *plain, size_t plain_len,
const u8 *aad, size_t aad_len, u8 *crypt, u8 *auth)
{
const size_t L = 2;
void *aes;
u8 x[AES_BLOCK_SIZE], a[AES_BLOCK_SIZE];
if (aad_len > 30 || M > AES_BLOCK_SIZE)
return -1;
aes = aes_encrypt_init(key, key_len);
if (aes == NULL)
return -1;
aes_ccm_auth_start(aes, M, L, nonce, aad, aad_len, plain_len, x);
aes_ccm_auth(aes, plain, plain_len, x);
/* Encryption */
aes_ccm_encr_start(L, nonce, a);
aes_ccm_encr(aes, L, plain, plain_len, crypt, a);
aes_ccm_encr_auth(aes, M, x, a, auth);
aes_encrypt_deinit(aes);
return 0;
}
/* AES-CCM with fixed L=2 and aad_len <= 30 assumption */
int aes_ccm_ad(const u8 *key, size_t key_len, const u8 *nonce,
size_t M, const u8 *crypt, size_t crypt_len,
const u8 *aad, size_t aad_len, const u8 *auth, u8 *plain)
{
const size_t L = 2;
void *aes;
u8 x[AES_BLOCK_SIZE], a[AES_BLOCK_SIZE];
u8 t[AES_BLOCK_SIZE];
if (aad_len > 30 || M > AES_BLOCK_SIZE)
return -1;
aes = aes_encrypt_init(key, key_len);
if (aes == NULL)
return -1;
/* Decryption */
aes_ccm_encr_start(L, nonce, a);
aes_ccm_decr_auth(aes, M, a, auth, t);
/* plaintext = msg XOR (S_1 | S_2 | ... | S_n) */
aes_ccm_encr(aes, L, crypt, crypt_len, plain, a);
aes_ccm_auth_start(aes, M, L, nonce, aad, aad_len, crypt_len, x);
aes_ccm_auth(aes, plain, crypt_len, x);
aes_encrypt_deinit(aes);
if (os_memcmp_const(x, t, M) != 0) {
wpa_printf(_MSG_EXCESSIVE_, "CCM: Auth mismatch");
return -1;
}
return 0;
}

70
core/crypto/aes-ctr.c Normal file
View File

@ -0,0 +1,70 @@
/*
* AES-128/192/256 CTR
*
* Copyright (c) 2003-2007, Jouni Malinen <j@w1.fi>
*
* This software may be distributed under the terms of the BSD license.
* See README for more details.
*/
#include "rtw_crypto_wrap.h"
#include "aes.h"
#include "aes_wrap.h"
/**
* aes_ctr_encrypt - AES-128/192/256 CTR mode encryption
* @key: Key for encryption (key_len bytes)
* @key_len: Length of the key (16, 24, or 32 bytes)
* @nonce: Nonce for counter mode (16 bytes)
* @data: Data to encrypt in-place
* @data_len: Length of data in bytes
* Returns: 0 on success, -1 on failure
*/
int aes_ctr_encrypt(const u8 *key, size_t key_len, const u8 *nonce,
u8 *data, size_t data_len)
{
void *ctx;
size_t j, len, left = data_len;
int i;
u8 *pos = data;
u8 counter[AES_BLOCK_SIZE], buf[AES_BLOCK_SIZE];
ctx = aes_encrypt_init(key, key_len);
if (ctx == NULL)
return -1;
os_memcpy(counter, nonce, AES_BLOCK_SIZE);
while (left > 0) {
aes_encrypt(ctx, counter, buf);
len = (left < AES_BLOCK_SIZE) ? left : AES_BLOCK_SIZE;
for (j = 0; j < len; j++)
pos[j] ^= buf[j];
pos += len;
left -= len;
for (i = AES_BLOCK_SIZE - 1; i >= 0; i--) {
counter[i]++;
if (counter[i])
break;
}
}
aes_encrypt_deinit(ctx);
return 0;
}
/**
* aes_128_ctr_encrypt - AES-128 CTR mode encryption
* @key: Key for encryption (key_len bytes)
* @nonce: Nonce for counter mode (16 bytes)
* @data: Data to encrypt in-place
* @data_len: Length of data in bytes
* Returns: 0 on success, -1 on failure
*/
int aes_128_ctr_encrypt(const u8 *key, const u8 *nonce,
u8 *data, size_t data_len)
{
return aes_ctr_encrypt(key, 16, nonce, data, data_len);
}

326
core/crypto/aes-gcm.c Normal file
View File

@ -0,0 +1,326 @@
/*
* Galois/Counter Mode (GCM) and GMAC with AES
*
* Copyright (c) 2012, Jouni Malinen <j@w1.fi>
*
* This software may be distributed under the terms of the BSD license.
* See README for more details.
*/
#include "rtw_crypto_wrap.h"
#include "aes.h"
#include "aes_wrap.h"
static void inc32(u8 *block)
{
u32 val;
val = WPA_GET_BE32(block + AES_BLOCK_SIZE - 4);
val++;
WPA_PUT_BE32(block + AES_BLOCK_SIZE - 4, val);
}
static void xor_block(u8 *dst, const u8 *src)
{
u32 *d = (u32 *) dst;
u32 *s = (u32 *) src;
*d++ ^= *s++;
*d++ ^= *s++;
*d++ ^= *s++;
*d++ ^= *s++;
}
static void shift_right_block(u8 *v)
{
u32 val;
val = WPA_GET_BE32(v + 12);
val >>= 1;
if (v[11] & 0x01)
val |= 0x80000000;
WPA_PUT_BE32(v + 12, val);
val = WPA_GET_BE32(v + 8);
val >>= 1;
if (v[7] & 0x01)
val |= 0x80000000;
WPA_PUT_BE32(v + 8, val);
val = WPA_GET_BE32(v + 4);
val >>= 1;
if (v[3] & 0x01)
val |= 0x80000000;
WPA_PUT_BE32(v + 4, val);
val = WPA_GET_BE32(v);
val >>= 1;
WPA_PUT_BE32(v, val);
}
/* Multiplication in GF(2^128) */
static void gf_mult(const u8 *x, const u8 *y, u8 *z)
{
u8 v[16];
int i, j;
os_memset(z, 0, 16); /* Z_0 = 0^128 */
os_memcpy(v, y, 16); /* V_0 = Y */
for (i = 0; i < 16; i++) {
for (j = 0; j < 8; j++) {
if (x[i] & BIT(7 - j)) {
/* Z_(i + 1) = Z_i XOR V_i */
xor_block(z, v);
} else {
/* Z_(i + 1) = Z_i */
}
if (v[15] & 0x01) {
/* V_(i + 1) = (V_i >> 1) XOR R */
shift_right_block(v);
/* R = 11100001 || 0^120 */
v[0] ^= 0xe1;
} else {
/* V_(i + 1) = V_i >> 1 */
shift_right_block(v);
}
}
}
}
static void ghash_start(u8 *y)
{
/* Y_0 = 0^128 */
os_memset(y, 0, 16);
}
static void ghash(const u8 *h, const u8 *x, size_t xlen, u8 *y)
{
size_t m, i;
const u8 *xpos = x;
u8 tmp[16];
m = xlen / 16;
for (i = 0; i < m; i++) {
/* Y_i = (Y^(i-1) XOR X_i) dot H */
xor_block(y, xpos);
xpos += 16;
/* dot operation:
* multiplication operation for binary Galois (finite) field of
* 2^128 elements */
gf_mult(y, h, tmp);
os_memcpy(y, tmp, 16);
}
if (x + xlen > xpos) {
/* Add zero padded last block */
size_t last = x + xlen - xpos;
os_memcpy(tmp, xpos, last);
os_memset(tmp + last, 0, sizeof(tmp) - last);
/* Y_i = (Y^(i-1) XOR X_i) dot H */
xor_block(y, tmp);
/* dot operation:
* multiplication operation for binary Galois (finite) field of
* 2^128 elements */
gf_mult(y, h, tmp);
os_memcpy(y, tmp, 16);
}
/* Return Y_m */
}
static void aes_gctr(void *aes, const u8 *icb, const u8 *x, size_t xlen, u8 *y)
{
size_t i, n, last;
u8 cb[AES_BLOCK_SIZE], tmp[AES_BLOCK_SIZE];
const u8 *xpos = x;
u8 *ypos = y;
if (xlen == 0)
return;
n = xlen / 16;
os_memcpy(cb, icb, AES_BLOCK_SIZE);
/* Full blocks */
for (i = 0; i < n; i++) {
aes_encrypt(aes, cb, ypos);
xor_block(ypos, xpos);
xpos += AES_BLOCK_SIZE;
ypos += AES_BLOCK_SIZE;
inc32(cb);
}
last = x + xlen - xpos;
if (last) {
/* Last, partial block */
aes_encrypt(aes, cb, tmp);
for (i = 0; i < last; i++)
*ypos++ = *xpos++ ^ tmp[i];
}
}
static void * aes_gcm_init_hash_subkey(const u8 *key, size_t key_len, u8 *H)
{
void *aes;
aes = aes_encrypt_init(key, key_len);
if (aes == NULL)
return NULL;
/* Generate hash subkey H = AES_K(0^128) */
os_memset(H, 0, AES_BLOCK_SIZE);
aes_encrypt(aes, H, H);
wpa_hexdump_key(_MSG_EXCESSIVE_, "Hash subkey H for GHASH",
H, AES_BLOCK_SIZE);
return aes;
}
static void aes_gcm_prepare_j0(const u8 *iv, size_t iv_len, const u8 *H, u8 *J0)
{
u8 len_buf[16];
if (iv_len == 12) {
/* Prepare block J_0 = IV || 0^31 || 1 [len(IV) = 96] */
os_memcpy(J0, iv, iv_len);
os_memset(J0 + iv_len, 0, AES_BLOCK_SIZE - iv_len);
J0[AES_BLOCK_SIZE - 1] = 0x01;
} else {
/*
* s = 128 * ceil(len(IV)/128) - len(IV)
* J_0 = GHASH_H(IV || 0^(s+64) || [len(IV)]_64)
*/
ghash_start(J0);
ghash(H, iv, iv_len, J0);
WPA_PUT_BE64(len_buf, 0);
WPA_PUT_BE64(len_buf + 8, iv_len * 8);
ghash(H, len_buf, sizeof(len_buf), J0);
}
}
static void aes_gcm_gctr(void *aes, const u8 *J0, const u8 *in, size_t len,
u8 *out)
{
u8 J0inc[AES_BLOCK_SIZE];
if (len == 0)
return;
os_memcpy(J0inc, J0, AES_BLOCK_SIZE);
inc32(J0inc);
aes_gctr(aes, J0inc, in, len, out);
}
static void aes_gcm_ghash(const u8 *H, const u8 *aad, size_t aad_len,
const u8 *crypt, size_t crypt_len, u8 *S)
{
u8 len_buf[16];
/*
* u = 128 * ceil[len(C)/128] - len(C)
* v = 128 * ceil[len(A)/128] - len(A)
* S = GHASH_H(A || 0^v || C || 0^u || [len(A)]64 || [len(C)]64)
* (i.e., zero padded to block size A || C and lengths of each in bits)
*/
ghash_start(S);
ghash(H, aad, aad_len, S);
ghash(H, crypt, crypt_len, S);
WPA_PUT_BE64(len_buf, aad_len * 8);
WPA_PUT_BE64(len_buf + 8, crypt_len * 8);
ghash(H, len_buf, sizeof(len_buf), S);
wpa_hexdump_key(_MSG_EXCESSIVE_, "S = GHASH_H(...)", S, 16);
}
/**
* aes_gcm_ae - GCM-AE_K(IV, P, A)
*/
int aes_gcm_ae(const u8 *key, size_t key_len, const u8 *iv, size_t iv_len,
const u8 *plain, size_t plain_len,
const u8 *aad, size_t aad_len, u8 *crypt, u8 *tag)
{
u8 H[AES_BLOCK_SIZE];
u8 J0[AES_BLOCK_SIZE];
u8 S[16];
void *aes;
aes = aes_gcm_init_hash_subkey(key, key_len, H);
if (aes == NULL)
return -1;
aes_gcm_prepare_j0(iv, iv_len, H, J0);
/* C = GCTR_K(inc_32(J_0), P) */
aes_gcm_gctr(aes, J0, plain, plain_len, crypt);
aes_gcm_ghash(H, aad, aad_len, crypt, plain_len, S);
/* T = MSB_t(GCTR_K(J_0, S)) */
aes_gctr(aes, J0, S, sizeof(S), tag);
/* Return (C, T) */
aes_encrypt_deinit(aes);
return 0;
}
/**
* aes_gcm_ad - GCM-AD_K(IV, C, A, T)
*/
int aes_gcm_ad(const u8 *key, size_t key_len, const u8 *iv, size_t iv_len,
const u8 *crypt, size_t crypt_len,
const u8 *aad, size_t aad_len, const u8 *tag, u8 *plain)
{
u8 H[AES_BLOCK_SIZE];
u8 J0[AES_BLOCK_SIZE];
u8 S[16], T[16];
void *aes;
aes = aes_gcm_init_hash_subkey(key, key_len, H);
if (aes == NULL)
return -1;
aes_gcm_prepare_j0(iv, iv_len, H, J0);
/* P = GCTR_K(inc_32(J_0), C) */
aes_gcm_gctr(aes, J0, crypt, crypt_len, plain);
aes_gcm_ghash(H, aad, aad_len, crypt, crypt_len, S);
/* T' = MSB_t(GCTR_K(J_0, S)) */
aes_gctr(aes, J0, S, sizeof(S), T);
aes_encrypt_deinit(aes);
if (os_memcmp_const(tag, T, 16) != 0) {
wpa_printf(_MSG_EXCESSIVE_, "GCM: Tag mismatch");
return -1;
}
return 0;
}
int aes_gmac(const u8 *key, size_t key_len, const u8 *iv, size_t iv_len,
const u8 *aad, size_t aad_len, u8 *tag)
{
return aes_gcm_ae(key, key_len, iv, iv_len, NULL, 0, aad, aad_len, NULL,
tag);
}

View File

@ -0,0 +1,129 @@
/*
* AES (Rijndael) cipher - encrypt
*
* Modifications to public domain implementation:
* - cleanup
* - use C pre-processor to make it easier to change S table access
* - added option (AES_SMALL_TABLES) for reducing code size by about 8 kB at
* cost of reduced throughput (quite small difference on Pentium 4,
* 10-25% when using -O1 or -O2 optimization)
*
* Copyright (c) 2003-2012, Jouni Malinen <j@w1.fi>
*
* This software may be distributed under the terms of the BSD license.
* See README for more details.
*/
#include "rtw_crypto_wrap.h"
#include "aes_i.h"
static void rijndaelEncrypt(const u32 rk[], int Nr, const u8 pt[16], u8 ct[16])
{
u32 s0, s1, s2, s3, t0, t1, t2, t3;
#ifndef FULL_UNROLL
int r;
#endif /* ?FULL_UNROLL */
/*
* map byte array block to cipher state
* and add initial round key:
*/
s0 = GETU32(pt ) ^ rk[0];
s1 = GETU32(pt + 4) ^ rk[1];
s2 = GETU32(pt + 8) ^ rk[2];
s3 = GETU32(pt + 12) ^ rk[3];
#define ROUND(i,d,s) \
d##0 = TE0(s##0) ^ TE1(s##1) ^ TE2(s##2) ^ TE3(s##3) ^ rk[4 * i]; \
d##1 = TE0(s##1) ^ TE1(s##2) ^ TE2(s##3) ^ TE3(s##0) ^ rk[4 * i + 1]; \
d##2 = TE0(s##2) ^ TE1(s##3) ^ TE2(s##0) ^ TE3(s##1) ^ rk[4 * i + 2]; \
d##3 = TE0(s##3) ^ TE1(s##0) ^ TE2(s##1) ^ TE3(s##2) ^ rk[4 * i + 3]
#ifdef FULL_UNROLL
ROUND(1,t,s);
ROUND(2,s,t);
ROUND(3,t,s);
ROUND(4,s,t);
ROUND(5,t,s);
ROUND(6,s,t);
ROUND(7,t,s);
ROUND(8,s,t);
ROUND(9,t,s);
if (Nr > 10) {
ROUND(10,s,t);
ROUND(11,t,s);
if (Nr > 12) {
ROUND(12,s,t);
ROUND(13,t,s);
}
}
rk += Nr << 2;
#else /* !FULL_UNROLL */
/* Nr - 1 full rounds: */
r = Nr >> 1;
for (;;) {
ROUND(1,t,s);
rk += 8;
if (--r == 0)
break;
ROUND(0,s,t);
}
#endif /* ?FULL_UNROLL */
#undef ROUND
/*
* apply last round and
* map cipher state to byte array block:
*/
s0 = TE41(t0) ^ TE42(t1) ^ TE43(t2) ^ TE44(t3) ^ rk[0];
PUTU32(ct , s0);
s1 = TE41(t1) ^ TE42(t2) ^ TE43(t3) ^ TE44(t0) ^ rk[1];
PUTU32(ct + 4, s1);
s2 = TE41(t2) ^ TE42(t3) ^ TE43(t0) ^ TE44(t1) ^ rk[2];
PUTU32(ct + 8, s2);
s3 = TE41(t3) ^ TE42(t0) ^ TE43(t1) ^ TE44(t2) ^ rk[3];
PUTU32(ct + 12, s3);
}
void * aes_encrypt_init(const u8 *key, size_t len)
{
u32 *rk;
int res;
if (TEST_FAIL())
return NULL;
rk = os_malloc(AES_PRIV_SIZE);
if (rk == NULL)
return NULL;
res = rijndaelKeySetupEnc(rk, key, len * 8);
if (res < 0) {
rtw_mfree(rk, AES_PRIV_SIZE);
return NULL;
}
rk[AES_PRIV_NR_POS] = res;