#include <linux/netdevice.h>
#include <net/mac80211.h>
-#include "ieee80211_key.h"
+#include "key.h"
#include "tkip.h"
#include "wep.h"
*pos++ = iv0;
*pos++ = iv1;
*pos++ = iv2;
- *pos++ = (key->keyidx << 6) | (1 << 5) /* Ext IV */;
+ *pos++ = (key->conf.keyidx << 6) | (1 << 5) /* Ext IV */;
*pos++ = key->u.tkip.iv32 & 0xff;
*pos++ = (key->u.tkip.iv32 >> 8) & 0xff;
*pos++ = (key->u.tkip.iv32 >> 16) & 0xff;
void ieee80211_tkip_gen_phase1key(struct ieee80211_key *key, u8 *ta,
u16 *phase1key)
{
- tkip_mixing_phase1(ta, &key->key[ALG_TKIP_TEMP_ENCR_KEY],
+ tkip_mixing_phase1(ta, &key->conf.key[ALG_TKIP_TEMP_ENCR_KEY],
key->u.tkip.iv32, phase1key);
}
/* Calculate per-packet key */
if (key->u.tkip.iv16 == 0 || !key->u.tkip.tx_initialized) {
/* IV16 wrapped around - perform TKIP phase 1 */
- tkip_mixing_phase1(ta, &key->key[ALG_TKIP_TEMP_ENCR_KEY],
+ tkip_mixing_phase1(ta, &key->conf.key[ALG_TKIP_TEMP_ENCR_KEY],
key->u.tkip.iv32, key->u.tkip.p1k);
key->u.tkip.tx_initialized = 1;
}
- tkip_mixing_phase2(key->u.tkip.p1k, &key->key[ALG_TKIP_TEMP_ENCR_KEY],
+ tkip_mixing_phase2(key->u.tkip.p1k,
+ &key->conf.key[ALG_TKIP_TEMP_ENCR_KEY],
key->u.tkip.iv16, rc4key);
}
+void ieee80211_get_tkip_key(struct ieee80211_key_conf *keyconf,
+ struct sk_buff *skb, enum ieee80211_tkip_key_type type,
+ u8 *outkey)
+{
+ struct ieee80211_key *key = (struct ieee80211_key *)
+ container_of(keyconf, struct ieee80211_key, conf);
+ struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
+ u8 *data = (u8 *) hdr;
+ u16 fc = le16_to_cpu(hdr->frame_control);
+ int hdr_len = ieee80211_get_hdrlen(fc);
+ u8 *ta = hdr->addr2;
+ u16 iv16;
+ u32 iv32;
+
+ iv16 = data[hdr_len] << 8;
+ iv16 += data[hdr_len + 2];
+ iv32 = data[hdr_len + 4] | (data[hdr_len + 5] << 8) |
+ (data[hdr_len + 6] << 16) | (data[hdr_len + 7] << 24);
+
+#ifdef CONFIG_TKIP_DEBUG
+ printk(KERN_DEBUG "TKIP encrypt: iv16 = 0x%04x, iv32 = 0x%08x\n",
+ iv16, iv32);
+
+ if (iv32 != key->u.tkip.iv32) {
+ printk(KERN_DEBUG "skb: iv32 = 0x%08x key: iv32 = 0x%08x\n",
+ iv32, key->u.tkip.iv32);
+ printk(KERN_DEBUG "Wrap around of iv16 in the middle of a "
+ "fragmented packet\n");
+ }
+#endif /* CONFIG_TKIP_DEBUG */
+
+ /* Update the p1k only when the iv16 in the packet wraps around, this
+ * might occur after the wrap around of iv16 in the key in case of
+ * fragmented packets. */
+ if (iv16 == 0 || !key->u.tkip.tx_initialized) {
+ /* IV16 wrapped around - perform TKIP phase 1 */
+ tkip_mixing_phase1(ta, &key->conf.key[ALG_TKIP_TEMP_ENCR_KEY],
+ iv32, key->u.tkip.p1k);
+ key->u.tkip.tx_initialized = 1;
+ }
+
+ if (type == IEEE80211_TKIP_P1_KEY) {
+ memcpy(outkey, key->u.tkip.p1k, sizeof(u16) * 5);
+ return;
+ }
+
+ tkip_mixing_phase2(key->u.tkip.p1k,
+ &key->conf.key[ALG_TKIP_TEMP_ENCR_KEY], iv16, outkey);
+}
+EXPORT_SYMBOL(ieee80211_get_tkip_key);
+
/* Encrypt packet payload with TKIP using @key. @pos is a pointer to the
* beginning of the buffer containing payload. This payload must include
* headroom of eight octets for IV and Ext. IV and taildroom of four octets
int ieee80211_tkip_decrypt_data(struct crypto_blkcipher *tfm,
struct ieee80211_key *key,
u8 *payload, size_t payload_len, u8 *ta,
- int only_iv, int queue)
+ u8 *ra, int only_iv, int queue,
+ u32 *out_iv32, u16 *out_iv16)
{
u32 iv32;
u32 iv16;
if (!(keyid & (1 << 5)))
return TKIP_DECRYPT_NO_EXT_IV;
- if ((keyid >> 6) != key->keyidx)
+ if ((keyid >> 6) != key->conf.keyidx)
return TKIP_DECRYPT_INVALID_KEYIDX;
if (key->u.tkip.rx_initialized[queue] &&
(iv32 == key->u.tkip.iv32_rx[queue] &&
iv16 <= key->u.tkip.iv16_rx[queue]))) {
#ifdef CONFIG_TKIP_DEBUG
+ DECLARE_MAC_BUF(mac);
printk(KERN_DEBUG "TKIP replay detected for RX frame from "
- MAC_FMT " (RX IV (%04x,%02x) <= prev. IV (%04x,%02x)\n",
- MAC_ARG(ta),
+ "%s (RX IV (%04x,%02x) <= prev. IV (%04x,%02x)\n",
+ print_mac(mac, ta),
iv32, iv16, key->u.tkip.iv32_rx[queue],
key->u.tkip.iv16_rx[queue]);
#endif /* CONFIG_TKIP_DEBUG */
key->u.tkip.iv32_rx[queue] != iv32) {
key->u.tkip.rx_initialized[queue] = 1;
/* IV16 wrapped around - perform TKIP phase 1 */
- tkip_mixing_phase1(ta, &key->key[ALG_TKIP_TEMP_ENCR_KEY],
+ tkip_mixing_phase1(ta, &key->conf.key[ALG_TKIP_TEMP_ENCR_KEY],
iv32, key->u.tkip.p1k_rx[queue]);
#ifdef CONFIG_TKIP_DEBUG
{
int i;
- printk(KERN_DEBUG "TKIP decrypt: Phase1 TA=" MAC_FMT
- " TK=", MAC_ARG(ta));
+ DECLARE_MAC_BUF(mac);
+ printk(KERN_DEBUG "TKIP decrypt: Phase1 TA=%s"
+ " TK=", print_mac(mac, ta));
for (i = 0; i < 16; i++)
printk("%02x ",
- key->key[ALG_TKIP_TEMP_ENCR_KEY + i]);
+ key->conf.key[
+ ALG_TKIP_TEMP_ENCR_KEY + i]);
printk("\n");
printk(KERN_DEBUG "TKIP decrypt: P1K=");
for (i = 0; i < 5; i++)
printk("\n");
}
#endif /* CONFIG_TKIP_DEBUG */
+ if (key->local->ops->update_tkip_key &&
+ key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) {
+ u8 bcast[ETH_ALEN] =
+ {0xff, 0xff, 0xff, 0xff, 0xff, 0xff};
+ u8 *sta_addr = key->sta->addr;
+
+ if (is_multicast_ether_addr(ra))
+ sta_addr = bcast;
+
+ key->local->ops->update_tkip_key(
+ local_to_hw(key->local), &key->conf,
+ sta_addr, iv32, key->u.tkip.p1k_rx[queue]);
+ }
}
tkip_mixing_phase2(key->u.tkip.p1k_rx[queue],
- &key->key[ALG_TKIP_TEMP_ENCR_KEY],
+ &key->conf.key[ALG_TKIP_TEMP_ENCR_KEY],
iv16, rc4key);
#ifdef CONFIG_TKIP_DEBUG
{
res = ieee80211_wep_decrypt_data(tfm, rc4key, 16, pos, payload_len - 12);
done:
if (res == TKIP_DECRYPT_OK) {
- /* FIX: these should be updated only after Michael MIC has been
- * verified */
- /* Record previously received IV */
- key->u.tkip.iv32_rx[queue] = iv32;
- key->u.tkip.iv16_rx[queue] = iv16;
+ /*
+ * Record previously received IV, will be copied into the
+ * key information after MIC verification. It is possible
+ * that we don't catch replays of fragments but that's ok
+ * because the Michael MIC verication will then fail.
+ */
+ *out_iv32 = iv32;
+ *out_iv16 = iv16;
}
return res;