From 5d2cdcd4e85c5187db30a6b29f79fbbe59f39f78 Mon Sep 17 00:00:00 2001 From: Emmanuel Grumbach Date: Thu, 20 Mar 2008 15:06:41 +0200 Subject: [PATCH] mac80211: get a TKIP phase key from skb This patch makes mac80211 able to compute a TKIP key from an skb. The requested key can be a phase 1 or a phase 2 key. This is useful for drivers who need to provide tkip key to their HW to enable HW encryption. Signed-off-by: Emmanuel Grumbach Signed-off-by: Tomas Winkler Signed-off-by: John W. Linville --- include/net/mac80211.h | 30 ++++++++++++++++++++++++ net/mac80211/tkip.c | 53 ++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 83 insertions(+) diff --git a/include/net/mac80211.h b/include/net/mac80211.h index 5ab6a350ee..2a134582fc 100644 --- a/include/net/mac80211.h +++ b/include/net/mac80211.h @@ -643,6 +643,21 @@ enum sta_notify_cmd { STA_NOTIFY_ADD, STA_NOTIFY_REMOVE }; +/** + * enum ieee80211_tkip_key_type - get tkip key + * + * Used by drivers which need to get a tkip key for skb. Some drivers need a + * phase 1 key, others need a phase 2 key. A single function allows the driver + * to get the key, this enum indicates what type of key is required. + * + * @IEEE80211_TKIP_P1_KEY: the driver needs a phase 1 key + * @IEEE80211_TKIP_P2_KEY: the driver needs a phase 2 key + */ +enum ieee80211_tkip_key_type { + IEEE80211_TKIP_P1_KEY, + IEEE80211_TKIP_P2_KEY, +}; + /** * enum ieee80211_hw_flags - hardware flags * @@ -1471,6 +1486,21 @@ int ieee80211_get_hdrlen_from_skb(const struct sk_buff *skb); */ int ieee80211_get_hdrlen(u16 fc); +/** + * ieee80211_get_tkip_key - get a TKIP rc4 for skb + * + * This function computes a TKIP rc4 key for an skb. It computes + * a phase 1 key if needed (iv16 wraps around). This function is to + * be used by drivers which can do HW encryption but need to compute + * to phase 1/2 key in SW. + * + * @keyconf: the parameter passed with the set key + * @skb: the skb for which the key is needed + * @rc4key: a buffer to which the key will be written + */ +void ieee80211_get_tkip_key(struct ieee80211_key_conf *keyconf, + struct sk_buff *skb, + enum ieee80211_tkip_key_type type, u8 *key); /** * ieee80211_wake_queue - wake specific queue * @hw: pointer as obtained from ieee80211_alloc_hw(). diff --git a/net/mac80211/tkip.c b/net/mac80211/tkip.c index 3abe194e4d..5c36b2df3f 100644 --- a/net/mac80211/tkip.c +++ b/net/mac80211/tkip.c @@ -214,6 +214,59 @@ void ieee80211_tkip_gen_rc4key(struct ieee80211_key *key, u8 *ta, key->u.tkip.iv16, rc4key); } +void ieee80211_get_tkip_key(struct ieee80211_key_conf *keyconf, + struct sk_buff *skb, enum ieee80211_tkip_key_type type, + u8 *outkey) +{ + struct ieee80211_key *key = (struct ieee80211_key *) + container_of(keyconf, struct ieee80211_key, conf); + struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data; + u8 *data = (u8 *) hdr; + u16 fc = le16_to_cpu(hdr->frame_control); + int hdr_len = ieee80211_get_hdrlen(fc); + u8 *ta = hdr->addr2; + u16 iv16; + u32 iv32; + + iv16 = data[hdr_len] << 8; + iv16 += data[hdr_len + 2]; + iv32 = data[hdr_len + 4] + + (data[hdr_len + 5] >> 8) + + (data[hdr_len + 6] >> 16) + + (data[hdr_len + 7] >> 24); + +#ifdef CONFIG_TKIP_DEBUG + printk(KERN_DEBUG "TKIP encrypt: iv16 = 0x%04x, iv32 = 0x%08x\n", + iv16, iv32); + + if (iv32 != key->u.tkip.iv32) { + printk(KERN_DEBUG "skb: iv32 = 0x%08x key: iv32 = 0x%08x\n", + iv32, key->u.tkip.iv32); + printk(KERN_DEBUG "Wrap around of iv16 in the middle of a " + "fragmented packet\n"); + } +#endif /* CONFIG_TKIP_DEBUG */ + + /* Update the p1k only when the iv16 in the packet wraps around, this + * might occur after the wrap around of iv16 in the key in case of + * fragmented packets. */ + if (iv16 == 0 || !key->u.tkip.tx_initialized) { + /* IV16 wrapped around - perform TKIP phase 1 */ + tkip_mixing_phase1(ta, &key->conf.key[ALG_TKIP_TEMP_ENCR_KEY], + iv32, key->u.tkip.p1k); + key->u.tkip.tx_initialized = 1; + } + + if (type == IEEE80211_TKIP_P1_KEY) { + memcpy(outkey, key->u.tkip.p1k, sizeof(u16) * 5); + return; + } + + tkip_mixing_phase2(key->u.tkip.p1k, + &key->conf.key[ALG_TKIP_TEMP_ENCR_KEY], iv16, outkey); +} +EXPORT_SYMBOL(ieee80211_get_tkip_key); + /* Encrypt packet payload with TKIP using @key. @pos is a pointer to the * beginning of the buffer containing payload. This payload must include * headroom of eight octets for IV and Ext. IV and taildroom of four octets -- 2.39.5