From 9ae4fda332df616ef47d5bb710c39681641d4303 Mon Sep 17 00:00:00 2001 From: Emmanuel Grumbach Date: Thu, 20 Mar 2008 15:06:42 +0200 Subject: mac80211: allows driver to request a Phase 1 RX key This patch makes mac80211 able to send a phase1 key for TKIP decryption. This is needed for drivers that don't do the rekeying by themselves (i.e. iwlwifi). Upon IV16 wrap around, the packet is decrypted in SW, if decryption is ok, mac80211 calls to update_tkip_key with a new phase 1 RX key. Signed-off-by: Emmanuel Grumbach Signed-off-by: Tomas Winkler Signed-off-by: John W. Linville --- net/mac80211/tkip.c | 15 ++++++++++++++- net/mac80211/tkip.h | 2 +- net/mac80211/wpa.c | 2 +- 3 files changed, 16 insertions(+), 3 deletions(-) (limited to 'net/mac80211') diff --git a/net/mac80211/tkip.c b/net/mac80211/tkip.c index 5c36b2df3faf..45d59f19c29f 100644 --- a/net/mac80211/tkip.c +++ b/net/mac80211/tkip.c @@ -291,7 +291,7 @@ void ieee80211_tkip_encrypt_data(struct crypto_blkcipher *tfm, int ieee80211_tkip_decrypt_data(struct crypto_blkcipher *tfm, struct ieee80211_key *key, u8 *payload, size_t payload_len, u8 *ta, - int only_iv, int queue, + u8 *ra, int only_iv, int queue, u32 *out_iv32, u16 *out_iv16) { u32 iv32; @@ -368,6 +368,19 @@ int ieee80211_tkip_decrypt_data(struct crypto_blkcipher *tfm, printk("\n"); } #endif /* CONFIG_TKIP_DEBUG */ + if (key->local->ops->update_tkip_key && + key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) { + u8 bcast[ETH_ALEN] = + {0xff, 0xff, 0xff, 0xff, 0xff, 0xff}; + u8 *sta_addr = key->sta->addr; + + if (is_multicast_ether_addr(ra)) + sta_addr = bcast; + + key->local->ops->update_tkip_key( + local_to_hw(key->local), &key->conf, + sta_addr, iv32, key->u.tkip.p1k_rx[queue]); + } } tkip_mixing_phase2(key->u.tkip.p1k_rx[queue], diff --git a/net/mac80211/tkip.h b/net/mac80211/tkip.h index 73d8ef2a93b0..ffaee3253e19 100644 --- a/net/mac80211/tkip.h +++ b/net/mac80211/tkip.h @@ -31,7 +31,7 @@ enum { int ieee80211_tkip_decrypt_data(struct crypto_blkcipher *tfm, struct ieee80211_key *key, u8 *payload, size_t payload_len, u8 *ta, - int only_iv, int queue, + u8 *ra, int only_iv, int queue, u32 *out_iv32, u16 *out_iv16); #endif /* TKIP_H */ diff --git a/net/mac80211/wpa.c b/net/mac80211/wpa.c index df0b7341efc8..45709ada8fee 100644 --- a/net/mac80211/wpa.c +++ b/net/mac80211/wpa.c @@ -312,7 +312,7 @@ ieee80211_crypto_tkip_decrypt(struct ieee80211_rx_data *rx) res = ieee80211_tkip_decrypt_data(rx->local->wep_rx_tfm, key, skb->data + hdrlen, skb->len - hdrlen, rx->sta->addr, - hwaccel, rx->queue, + hdr->addr1, hwaccel, rx->queue, &rx->tkip_iv32, &rx->tkip_iv16); if (res != TKIP_DECRYPT_OK || wpa_test) { -- cgit v1.2.1