/drivers/staging/vt6656/aes_ccmp.c

https://bitbucket.org/cyanogenmod/android_kernel_asus_tf300t · C · 386 lines · 263 code · 60 blank · 63 comment · 23 complexity · 8e00c4e46884850368c2e8d334999c62 MD5 · raw file

  1. /*
  2. * Copyright (c) 1996, 2003 VIA Networking Technologies, Inc.
  3. * All rights reserved.
  4. *
  5. * This program is free software; you can redistribute it and/or modify
  6. * it under the terms of the GNU General Public License as published by
  7. * the Free Software Foundation; either version 2 of the License, or
  8. * (at your option) any later version.
  9. *
  10. * This program is distributed in the hope that it will be useful,
  11. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  12. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  13. * GNU General Public License for more details.
  14. *
  15. * You should have received a copy of the GNU General Public License along
  16. * with this program; if not, write to the Free Software Foundation, Inc.,
  17. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
  18. *
  19. * File: aes_ccmp.c
  20. *
  21. * Purpose: AES_CCMP decryption
  22. *
  23. * Author: Warren Hsu
  24. *
  25. * Date: Feb 15, 2005
  26. *
  27. * Functions:
  28. * AESbGenCCMP - Parsing RX-packet
  29. *
  30. * Revision History:
  31. */
  32. #include "device.h"
  33. #include "80211hdr.h"
  34. /*--------------------- Static Definitions -------------------------*/
  35. /*--------------------- Static Classes ----------------------------*/
  36. /*--------------------- Static Variables --------------------------*/
  37. /*
  38. * SBOX Table
  39. */
  40. BYTE sbox_table[256] = {
  41. 0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5, 0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76,
  42. 0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0, 0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0,
  43. 0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc, 0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15,
  44. 0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a, 0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75,
  45. 0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0, 0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84,
  46. 0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b, 0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf,
  47. 0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85, 0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8,
  48. 0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5, 0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2,
  49. 0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17, 0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73,
  50. 0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88, 0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb,
  51. 0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c, 0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79,
  52. 0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9, 0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08,
  53. 0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6, 0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a,
  54. 0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e, 0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e,
  55. 0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94, 0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf,
  56. 0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68, 0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16
  57. };
  58. BYTE dot2_table[256] = {
  59. 0x00, 0x02, 0x04, 0x06, 0x08, 0x0a, 0x0c, 0x0e, 0x10, 0x12, 0x14, 0x16, 0x18, 0x1a, 0x1c, 0x1e,
  60. 0x20, 0x22, 0x24, 0x26, 0x28, 0x2a, 0x2c, 0x2e, 0x30, 0x32, 0x34, 0x36, 0x38, 0x3a, 0x3c, 0x3e,
  61. 0x40, 0x42, 0x44, 0x46, 0x48, 0x4a, 0x4c, 0x4e, 0x50, 0x52, 0x54, 0x56, 0x58, 0x5a, 0x5c, 0x5e,
  62. 0x60, 0x62, 0x64, 0x66, 0x68, 0x6a, 0x6c, 0x6e, 0x70, 0x72, 0x74, 0x76, 0x78, 0x7a, 0x7c, 0x7e,
  63. 0x80, 0x82, 0x84, 0x86, 0x88, 0x8a, 0x8c, 0x8e, 0x90, 0x92, 0x94, 0x96, 0x98, 0x9a, 0x9c, 0x9e,
  64. 0xa0, 0xa2, 0xa4, 0xa6, 0xa8, 0xaa, 0xac, 0xae, 0xb0, 0xb2, 0xb4, 0xb6, 0xb8, 0xba, 0xbc, 0xbe,
  65. 0xc0, 0xc2, 0xc4, 0xc6, 0xc8, 0xca, 0xcc, 0xce, 0xd0, 0xd2, 0xd4, 0xd6, 0xd8, 0xda, 0xdc, 0xde,
  66. 0xe0, 0xe2, 0xe4, 0xe6, 0xe8, 0xea, 0xec, 0xee, 0xf0, 0xf2, 0xf4, 0xf6, 0xf8, 0xfa, 0xfc, 0xfe,
  67. 0x1b, 0x19, 0x1f, 0x1d, 0x13, 0x11, 0x17, 0x15, 0x0b, 0x09, 0x0f, 0x0d, 0x03, 0x01, 0x07, 0x05,
  68. 0x3b, 0x39, 0x3f, 0x3d, 0x33, 0x31, 0x37, 0x35, 0x2b, 0x29, 0x2f, 0x2d, 0x23, 0x21, 0x27, 0x25,
  69. 0x5b, 0x59, 0x5f, 0x5d, 0x53, 0x51, 0x57, 0x55, 0x4b, 0x49, 0x4f, 0x4d, 0x43, 0x41, 0x47, 0x45,
  70. 0x7b, 0x79, 0x7f, 0x7d, 0x73, 0x71, 0x77, 0x75, 0x6b, 0x69, 0x6f, 0x6d, 0x63, 0x61, 0x67, 0x65,
  71. 0x9b, 0x99, 0x9f, 0x9d, 0x93, 0x91, 0x97, 0x95, 0x8b, 0x89, 0x8f, 0x8d, 0x83, 0x81, 0x87, 0x85,
  72. 0xbb, 0xb9, 0xbf, 0xbd, 0xb3, 0xb1, 0xb7, 0xb5, 0xab, 0xa9, 0xaf, 0xad, 0xa3, 0xa1, 0xa7, 0xa5,
  73. 0xdb, 0xd9, 0xdf, 0xdd, 0xd3, 0xd1, 0xd7, 0xd5, 0xcb, 0xc9, 0xcf, 0xcd, 0xc3, 0xc1, 0xc7, 0xc5,
  74. 0xfb, 0xf9, 0xff, 0xfd, 0xf3, 0xf1, 0xf7, 0xf5, 0xeb, 0xe9, 0xef, 0xed, 0xe3, 0xe1, 0xe7, 0xe5
  75. };
  76. BYTE dot3_table[256] = {
  77. 0x00, 0x03, 0x06, 0x05, 0x0c, 0x0f, 0x0a, 0x09, 0x18, 0x1b, 0x1e, 0x1d, 0x14, 0x17, 0x12, 0x11,
  78. 0x30, 0x33, 0x36, 0x35, 0x3c, 0x3f, 0x3a, 0x39, 0x28, 0x2b, 0x2e, 0x2d, 0x24, 0x27, 0x22, 0x21,
  79. 0x60, 0x63, 0x66, 0x65, 0x6c, 0x6f, 0x6a, 0x69, 0x78, 0x7b, 0x7e, 0x7d, 0x74, 0x77, 0x72, 0x71,
  80. 0x50, 0x53, 0x56, 0x55, 0x5c, 0x5f, 0x5a, 0x59, 0x48, 0x4b, 0x4e, 0x4d, 0x44, 0x47, 0x42, 0x41,
  81. 0xc0, 0xc3, 0xc6, 0xc5, 0xcc, 0xcf, 0xca, 0xc9, 0xd8, 0xdb, 0xde, 0xdd, 0xd4, 0xd7, 0xd2, 0xd1,
  82. 0xf0, 0xf3, 0xf6, 0xf5, 0xfc, 0xff, 0xfa, 0xf9, 0xe8, 0xeb, 0xee, 0xed, 0xe4, 0xe7, 0xe2, 0xe1,
  83. 0xa0, 0xa3, 0xa6, 0xa5, 0xac, 0xaf, 0xaa, 0xa9, 0xb8, 0xbb, 0xbe, 0xbd, 0xb4, 0xb7, 0xb2, 0xb1,
  84. 0x90, 0x93, 0x96, 0x95, 0x9c, 0x9f, 0x9a, 0x99, 0x88, 0x8b, 0x8e, 0x8d, 0x84, 0x87, 0x82, 0x81,
  85. 0x9b, 0x98, 0x9d, 0x9e, 0x97, 0x94, 0x91, 0x92, 0x83, 0x80, 0x85, 0x86, 0x8f, 0x8c, 0x89, 0x8a,
  86. 0xab, 0xa8, 0xad, 0xae, 0xa7, 0xa4, 0xa1, 0xa2, 0xb3, 0xb0, 0xb5, 0xb6, 0xbf, 0xbc, 0xb9, 0xba,
  87. 0xfb, 0xf8, 0xfd, 0xfe, 0xf7, 0xf4, 0xf1, 0xf2, 0xe3, 0xe0, 0xe5, 0xe6, 0xef, 0xec, 0xe9, 0xea,
  88. 0xcb, 0xc8, 0xcd, 0xce, 0xc7, 0xc4, 0xc1, 0xc2, 0xd3, 0xd0, 0xd5, 0xd6, 0xdf, 0xdc, 0xd9, 0xda,
  89. 0x5b, 0x58, 0x5d, 0x5e, 0x57, 0x54, 0x51, 0x52, 0x43, 0x40, 0x45, 0x46, 0x4f, 0x4c, 0x49, 0x4a,
  90. 0x6b, 0x68, 0x6d, 0x6e, 0x67, 0x64, 0x61, 0x62, 0x73, 0x70, 0x75, 0x76, 0x7f, 0x7c, 0x79, 0x7a,
  91. 0x3b, 0x38, 0x3d, 0x3e, 0x37, 0x34, 0x31, 0x32, 0x23, 0x20, 0x25, 0x26, 0x2f, 0x2c, 0x29, 0x2a,
  92. 0x0b, 0x08, 0x0d, 0x0e, 0x07, 0x04, 0x01, 0x02, 0x13, 0x10, 0x15, 0x16, 0x1f, 0x1c, 0x19, 0x1a
  93. };
  94. /*--------------------- Static Functions --------------------------*/
  95. /*--------------------- Export Variables --------------------------*/
  96. /*--------------------- Export Functions --------------------------*/
  97. static void xor_128(BYTE *a, BYTE *b, BYTE *out)
  98. {
  99. PDWORD dwPtrA = (PDWORD) a;
  100. PDWORD dwPtrB = (PDWORD) b;
  101. PDWORD dwPtrOut = (PDWORD) out;
  102. (*dwPtrOut++) = (*dwPtrA++) ^ (*dwPtrB++);
  103. (*dwPtrOut++) = (*dwPtrA++) ^ (*dwPtrB++);
  104. (*dwPtrOut++) = (*dwPtrA++) ^ (*dwPtrB++);
  105. (*dwPtrOut++) = (*dwPtrA++) ^ (*dwPtrB++);
  106. }
  107. static void xor_32(BYTE *a, BYTE *b, BYTE *out)
  108. {
  109. PDWORD dwPtrA = (PDWORD) a;
  110. PDWORD dwPtrB = (PDWORD) b;
  111. PDWORD dwPtrOut = (PDWORD) out;
  112. (*dwPtrOut++) = (*dwPtrA++) ^ (*dwPtrB++);
  113. }
  114. void AddRoundKey(BYTE *key, int round)
  115. {
  116. BYTE sbox_key[4];
  117. BYTE rcon_table[10] = { 0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 0x40, 0x80, 0x1b, 0x36};
  118. sbox_key[0] = sbox_table[key[13]];
  119. sbox_key[1] = sbox_table[key[14]];
  120. sbox_key[2] = sbox_table[key[15]];
  121. sbox_key[3] = sbox_table[key[12]];
  122. key[0] = key[0] ^ rcon_table[round];
  123. xor_32(&key[0], sbox_key, &key[0]);
  124. xor_32(&key[4], &key[0], &key[4]);
  125. xor_32(&key[8], &key[4], &key[8]);
  126. xor_32(&key[12], &key[8], &key[12]);
  127. }
  128. void SubBytes(BYTE *in, BYTE *out)
  129. {
  130. int i;
  131. for (i = 0; i < 16; i++)
  132. out[i] = sbox_table[in[i]];
  133. }
  134. void ShiftRows(BYTE *in, BYTE *out)
  135. {
  136. out[0] = in[0];
  137. out[1] = in[5];
  138. out[2] = in[10];
  139. out[3] = in[15];
  140. out[4] = in[4];
  141. out[5] = in[9];
  142. out[6] = in[14];
  143. out[7] = in[3];
  144. out[8] = in[8];
  145. out[9] = in[13];
  146. out[10] = in[2];
  147. out[11] = in[7];
  148. out[12] = in[12];
  149. out[13] = in[1];
  150. out[14] = in[6];
  151. out[15] = in[11];
  152. }
  153. void MixColumns(BYTE *in, BYTE *out)
  154. {
  155. out[0] = dot2_table[in[0]] ^ dot3_table[in[1]] ^ in[2] ^ in[3];
  156. out[1] = in[0] ^ dot2_table[in[1]] ^ dot3_table[in[2]] ^ in[3];
  157. out[2] = in[0] ^ in[1] ^ dot2_table[in[2]] ^ dot3_table[in[3]];
  158. out[3] = dot3_table[in[0]] ^ in[1] ^ in[2] ^ dot2_table[in[3]];
  159. }
  160. void AESv128(BYTE *key, BYTE *data, BYTE *ciphertext)
  161. {
  162. int i;
  163. int round;
  164. BYTE TmpdataA[16];
  165. BYTE TmpdataB[16];
  166. BYTE abyRoundKey[16];
  167. for (i = 0; i < 16; i++)
  168. abyRoundKey[i] = key[i];
  169. for (round = 0; round < 11; round++) {
  170. if (round == 0) {
  171. xor_128(abyRoundKey, data, ciphertext);
  172. AddRoundKey(abyRoundKey, round);
  173. } else if (round == 10) {
  174. SubBytes(ciphertext, TmpdataA);
  175. ShiftRows(TmpdataA, TmpdataB);
  176. xor_128(TmpdataB, abyRoundKey, ciphertext);
  177. } else { /* round 1 ~ 9 */
  178. SubBytes(ciphertext, TmpdataA);
  179. ShiftRows(TmpdataA, TmpdataB);
  180. MixColumns(&TmpdataB[0], &TmpdataA[0]);
  181. MixColumns(&TmpdataB[4], &TmpdataA[4]);
  182. MixColumns(&TmpdataB[8], &TmpdataA[8]);
  183. MixColumns(&TmpdataB[12], &TmpdataA[12]);
  184. xor_128(TmpdataA, abyRoundKey, ciphertext);
  185. AddRoundKey(abyRoundKey, round);
  186. }
  187. }
  188. }
  189. /*
  190. * Description: AES decryption
  191. *
  192. * Parameters:
  193. * In:
  194. * pbyRxKey - The key used to decrypt
  195. * pbyFrame - Starting address of packet header
  196. * wFrameSize - Total packet size including CRC
  197. * Out:
  198. * none
  199. *
  200. * Return Value: MIC compare result
  201. *
  202. */
  203. BOOL AESbGenCCMP(PBYTE pbyRxKey, PBYTE pbyFrame, WORD wFrameSize)
  204. {
  205. BYTE abyNonce[13];
  206. BYTE MIC_IV[16];
  207. BYTE MIC_HDR1[16];
  208. BYTE MIC_HDR2[16];
  209. BYTE abyMIC[16];
  210. BYTE abyCTRPLD[16];
  211. BYTE abyTmp[16];
  212. BYTE abyPlainText[16];
  213. BYTE abyLastCipher[16];
  214. PS802_11Header pMACHeader = (PS802_11Header) pbyFrame;
  215. PBYTE pbyIV;
  216. PBYTE pbyPayload;
  217. WORD wHLen = 22;
  218. /* 8 is IV, 8 is MIC, 4 is CRC */
  219. WORD wPayloadSize = wFrameSize - 8 - 8 - 4 - WLAN_HDR_ADDR3_LEN;
  220. BOOL bA4 = FALSE;
  221. BYTE byTmp;
  222. WORD wCnt;
  223. int ii, jj, kk;
  224. pbyIV = pbyFrame + WLAN_HDR_ADDR3_LEN;
  225. if (WLAN_GET_FC_TODS(*(PWORD) pbyFrame) &&
  226. WLAN_GET_FC_FROMDS(*(PWORD) pbyFrame)) {
  227. bA4 = TRUE;
  228. pbyIV += 6; /* 6 is 802.11 address4 */
  229. wHLen += 6;
  230. wPayloadSize -= 6;
  231. }
  232. pbyPayload = pbyIV + 8; /* IV-length */
  233. abyNonce[0] = 0x00; /* now is 0, if Qos here will be priority */
  234. memcpy(&(abyNonce[1]), pMACHeader->abyAddr2, ETH_ALEN);
  235. abyNonce[7] = pbyIV[7];
  236. abyNonce[8] = pbyIV[6];
  237. abyNonce[9] = pbyIV[5];
  238. abyNonce[10] = pbyIV[4];
  239. abyNonce[11] = pbyIV[1];
  240. abyNonce[12] = pbyIV[0];
  241. /* MIC_IV */
  242. MIC_IV[0] = 0x59;
  243. memcpy(&(MIC_IV[1]), &(abyNonce[0]), 13);
  244. MIC_IV[14] = (BYTE)(wPayloadSize >> 8);
  245. MIC_IV[15] = (BYTE)(wPayloadSize & 0xff);
  246. /* MIC_HDR1 */
  247. MIC_HDR1[0] = (BYTE)(wHLen >> 8);
  248. MIC_HDR1[1] = (BYTE)(wHLen & 0xff);
  249. byTmp = (BYTE)(pMACHeader->wFrameCtl & 0xff);
  250. MIC_HDR1[2] = byTmp & 0x8f;
  251. byTmp = (BYTE)(pMACHeader->wFrameCtl >> 8);
  252. byTmp &= 0x87;
  253. MIC_HDR1[3] = byTmp | 0x40;
  254. memcpy(&(MIC_HDR1[4]), pMACHeader->abyAddr1, ETH_ALEN);
  255. memcpy(&(MIC_HDR1[10]), pMACHeader->abyAddr2, ETH_ALEN);
  256. /* MIC_HDR2 */
  257. memcpy(&(MIC_HDR2[0]), pMACHeader->abyAddr3, ETH_ALEN);
  258. byTmp = (BYTE)(pMACHeader->wSeqCtl & 0xff);
  259. MIC_HDR2[6] = byTmp & 0x0f;
  260. MIC_HDR2[7] = 0;
  261. if (bA4) {
  262. memcpy(&(MIC_HDR2[8]), pMACHeader->abyAddr4, ETH_ALEN);
  263. } else {
  264. MIC_HDR2[8] = 0x00;
  265. MIC_HDR2[9] = 0x00;
  266. MIC_HDR2[10] = 0x00;
  267. MIC_HDR2[11] = 0x00;
  268. MIC_HDR2[12] = 0x00;
  269. MIC_HDR2[13] = 0x00;
  270. }
  271. MIC_HDR2[14] = 0x00;
  272. MIC_HDR2[15] = 0x00;
  273. /* CCMP */
  274. AESv128(pbyRxKey, MIC_IV, abyMIC);
  275. for (kk = 0; kk < 16; kk++)
  276. abyTmp[kk] = MIC_HDR1[kk] ^ abyMIC[kk];
  277. AESv128(pbyRxKey, abyTmp, abyMIC);
  278. for (kk = 0; kk < 16; kk++)
  279. abyTmp[kk] = MIC_HDR2[kk] ^ abyMIC[kk];
  280. AESv128(pbyRxKey, abyTmp, abyMIC);
  281. wCnt = 1;
  282. abyCTRPLD[0] = 0x01;
  283. memcpy(&(abyCTRPLD[1]), &(abyNonce[0]), 13);
  284. for (jj = wPayloadSize; jj > 16; jj = jj-16) {
  285. abyCTRPLD[14] = (BYTE) (wCnt >> 8);
  286. abyCTRPLD[15] = (BYTE) (wCnt & 0xff);
  287. AESv128(pbyRxKey, abyCTRPLD, abyTmp);
  288. for (kk = 0; kk < 16; kk++)
  289. abyPlainText[kk] = abyTmp[kk] ^ pbyPayload[kk];
  290. for (kk = 0; kk < 16; kk++)
  291. abyTmp[kk] = abyMIC[kk] ^ abyPlainText[kk];
  292. AESv128(pbyRxKey, abyTmp, abyMIC);
  293. memcpy(pbyPayload, abyPlainText, 16);
  294. wCnt++;
  295. pbyPayload += 16;
  296. } /* for wPayloadSize */
  297. /* last payload */
  298. memcpy(&(abyLastCipher[0]), pbyPayload, jj);
  299. for (ii = jj; ii < 16; ii++)
  300. abyLastCipher[ii] = 0x00;
  301. abyCTRPLD[14] = (BYTE) (wCnt >> 8);
  302. abyCTRPLD[15] = (BYTE) (wCnt & 0xff);
  303. AESv128(pbyRxKey, abyCTRPLD, abyTmp);
  304. for (kk = 0; kk < 16; kk++)
  305. abyPlainText[kk] = abyTmp[kk] ^ abyLastCipher[kk];
  306. memcpy(pbyPayload, abyPlainText, jj);
  307. pbyPayload += jj;
  308. /* for MIC calculation */
  309. for (ii = jj; ii < 16; ii++)
  310. abyPlainText[ii] = 0x00;
  311. for (kk = 0; kk < 16; kk++)
  312. abyTmp[kk] = abyMIC[kk] ^ abyPlainText[kk];
  313. AESv128(pbyRxKey, abyTmp, abyMIC);
  314. /* => above is the calculated MIC */
  315. wCnt = 0;
  316. abyCTRPLD[14] = (BYTE) (wCnt >> 8);
  317. abyCTRPLD[15] = (BYTE) (wCnt & 0xff);
  318. AESv128(pbyRxKey, abyCTRPLD, abyTmp);
  319. for (kk = 0; kk < 8; kk++)
  320. abyTmp[kk] = abyTmp[kk] ^ pbyPayload[kk];
  321. /* => above is the packet dec-MIC */
  322. if (!memcmp(abyMIC, abyTmp, 8))
  323. return TRUE;
  324. else
  325. return FALSE;
  326. }