2
* Host AP crypt: host-based TKIP encryption implementation for Host AP driver
4
* Copyright (c) 2003-2004, Jouni Malinen <jkmaline@cc.hut.fi>
6
* This program is free software; you can redistribute it and/or modify
7
* it under the terms of the GNU General Public License version 2 as
8
* published by the Free Software Foundation. See README and COPYING for
12
//#include <linux/config.h>
13
#include <linux/module.h>
14
#include <linux/init.h>
15
#include <linux/slab.h>
16
#include <linux/random.h>
17
#include <linux/skbuff.h>
18
#include <linux/netdevice.h>
19
#include <linux/if_ether.h>
20
#include <linux/if_arp.h>
21
#include <asm/string.h>
23
#include "ieee80211.h"
25
#include <linux/crypto.h>
26
#include <linux/scatterlist.h>
27
#include <linux/crc32.h>
29
MODULE_AUTHOR("Jouni Malinen");
30
MODULE_DESCRIPTION("Host AP crypt: TKIP");
31
MODULE_LICENSE("GPL");
33
struct ieee80211_tkip_data {
34
#define TKIP_KEY_LEN 32
50
u32 dot11RSNAStatsTKIPReplays;
51
u32 dot11RSNAStatsTKIPICVErrors;
52
u32 dot11RSNAStatsTKIPLocalMICFailures;
56
struct crypto_blkcipher *rx_tfm_arc4;
57
struct crypto_hash *rx_tfm_michael;
58
struct crypto_blkcipher *tx_tfm_arc4;
59
struct crypto_hash *tx_tfm_michael;
61
/* scratch buffers for virt_to_page() (crypto API) */
62
u8 rx_hdr[16], tx_hdr[16];
65
static void * ieee80211_tkip_init(int key_idx)
67
struct ieee80211_tkip_data *priv;
69
priv = kzalloc(sizeof(*priv), GFP_ATOMIC);
72
priv->key_idx = key_idx;
74
priv->tx_tfm_arc4 = crypto_alloc_blkcipher("ecb(arc4)", 0,
76
if (IS_ERR(priv->tx_tfm_arc4)) {
77
printk(KERN_DEBUG "ieee80211_crypt_tkip: could not allocate "
79
priv->tx_tfm_arc4 = NULL;
83
priv->tx_tfm_michael = crypto_alloc_hash("michael_mic", 0,
85
if (IS_ERR(priv->tx_tfm_michael)) {
86
printk(KERN_DEBUG "ieee80211_crypt_tkip: could not allocate "
87
"crypto API michael_mic\n");
88
priv->tx_tfm_michael = NULL;
92
priv->rx_tfm_arc4 = crypto_alloc_blkcipher("ecb(arc4)", 0,
94
if (IS_ERR(priv->rx_tfm_arc4)) {
95
printk(KERN_DEBUG "ieee80211_crypt_tkip: could not allocate "
97
priv->rx_tfm_arc4 = NULL;
101
priv->rx_tfm_michael = crypto_alloc_hash("michael_mic", 0,
103
if (IS_ERR(priv->rx_tfm_michael)) {
104
printk(KERN_DEBUG "ieee80211_crypt_tkip: could not allocate "
105
"crypto API michael_mic\n");
106
priv->rx_tfm_michael = NULL;
114
if (priv->tx_tfm_michael)
115
crypto_free_hash(priv->tx_tfm_michael);
116
if (priv->tx_tfm_arc4)
117
crypto_free_blkcipher(priv->tx_tfm_arc4);
118
if (priv->rx_tfm_michael)
119
crypto_free_hash(priv->rx_tfm_michael);
120
if (priv->rx_tfm_arc4)
121
crypto_free_blkcipher(priv->rx_tfm_arc4);
129
static void ieee80211_tkip_deinit(void *priv)
131
struct ieee80211_tkip_data *_priv = priv;
134
if (_priv->tx_tfm_michael)
135
crypto_free_hash(_priv->tx_tfm_michael);
136
if (_priv->tx_tfm_arc4)
137
crypto_free_blkcipher(_priv->tx_tfm_arc4);
138
if (_priv->rx_tfm_michael)
139
crypto_free_hash(_priv->rx_tfm_michael);
140
if (_priv->rx_tfm_arc4)
141
crypto_free_blkcipher(_priv->rx_tfm_arc4);
147
static inline u16 RotR1(u16 val)
149
return (val >> 1) | (val << 15);
153
static inline u8 Lo8(u16 val)
159
static inline u8 Hi8(u16 val)
165
static inline u16 Lo16(u32 val)
171
static inline u16 Hi16(u32 val)
177
static inline u16 Mk16(u8 hi, u8 lo)
179
return lo | (((u16) hi) << 8);
183
static inline u16 Mk16_le(u16 *v)
185
return le16_to_cpu(*v);
189
static const u16 Sbox[256] =
191
0xC6A5, 0xF884, 0xEE99, 0xF68D, 0xFF0D, 0xD6BD, 0xDEB1, 0x9154,
192
0x6050, 0x0203, 0xCEA9, 0x567D, 0xE719, 0xB562, 0x4DE6, 0xEC9A,
193
0x8F45, 0x1F9D, 0x8940, 0xFA87, 0xEF15, 0xB2EB, 0x8EC9, 0xFB0B,
194
0x41EC, 0xB367, 0x5FFD, 0x45EA, 0x23BF, 0x53F7, 0xE496, 0x9B5B,
195
0x75C2, 0xE11C, 0x3DAE, 0x4C6A, 0x6C5A, 0x7E41, 0xF502, 0x834F,
196
0x685C, 0x51F4, 0xD134, 0xF908, 0xE293, 0xAB73, 0x6253, 0x2A3F,
197
0x080C, 0x9552, 0x4665, 0x9D5E, 0x3028, 0x37A1, 0x0A0F, 0x2FB5,
198
0x0E09, 0x2436, 0x1B9B, 0xDF3D, 0xCD26, 0x4E69, 0x7FCD, 0xEA9F,
199
0x121B, 0x1D9E, 0x5874, 0x342E, 0x362D, 0xDCB2, 0xB4EE, 0x5BFB,
200
0xA4F6, 0x764D, 0xB761, 0x7DCE, 0x527B, 0xDD3E, 0x5E71, 0x1397,
201
0xA6F5, 0xB968, 0x0000, 0xC12C, 0x4060, 0xE31F, 0x79C8, 0xB6ED,
202
0xD4BE, 0x8D46, 0x67D9, 0x724B, 0x94DE, 0x98D4, 0xB0E8, 0x854A,
203
0xBB6B, 0xC52A, 0x4FE5, 0xED16, 0x86C5, 0x9AD7, 0x6655, 0x1194,
204
0x8ACF, 0xE910, 0x0406, 0xFE81, 0xA0F0, 0x7844, 0x25BA, 0x4BE3,
205
0xA2F3, 0x5DFE, 0x80C0, 0x058A, 0x3FAD, 0x21BC, 0x7048, 0xF104,
206
0x63DF, 0x77C1, 0xAF75, 0x4263, 0x2030, 0xE51A, 0xFD0E, 0xBF6D,
207
0x814C, 0x1814, 0x2635, 0xC32F, 0xBEE1, 0x35A2, 0x88CC, 0x2E39,
208
0x9357, 0x55F2, 0xFC82, 0x7A47, 0xC8AC, 0xBAE7, 0x322B, 0xE695,
209
0xC0A0, 0x1998, 0x9ED1, 0xA37F, 0x4466, 0x547E, 0x3BAB, 0x0B83,
210
0x8CCA, 0xC729, 0x6BD3, 0x283C, 0xA779, 0xBCE2, 0x161D, 0xAD76,
211
0xDB3B, 0x6456, 0x744E, 0x141E, 0x92DB, 0x0C0A, 0x486C, 0xB8E4,
212
0x9F5D, 0xBD6E, 0x43EF, 0xC4A6, 0x39A8, 0x31A4, 0xD337, 0xF28B,
213
0xD532, 0x8B43, 0x6E59, 0xDAB7, 0x018C, 0xB164, 0x9CD2, 0x49E0,
214
0xD8B4, 0xACFA, 0xF307, 0xCF25, 0xCAAF, 0xF48E, 0x47E9, 0x1018,
215
0x6FD5, 0xF088, 0x4A6F, 0x5C72, 0x3824, 0x57F1, 0x73C7, 0x9751,
216
0xCB23, 0xA17C, 0xE89C, 0x3E21, 0x96DD, 0x61DC, 0x0D86, 0x0F85,
217
0xE090, 0x7C42, 0x71C4, 0xCCAA, 0x90D8, 0x0605, 0xF701, 0x1C12,
218
0xC2A3, 0x6A5F, 0xAEF9, 0x69D0, 0x1791, 0x9958, 0x3A27, 0x27B9,
219
0xD938, 0xEB13, 0x2BB3, 0x2233, 0xD2BB, 0xA970, 0x0789, 0x33A7,
220
0x2DB6, 0x3C22, 0x1592, 0xC920, 0x8749, 0xAAFF, 0x5078, 0xA57A,
221
0x038F, 0x59F8, 0x0980, 0x1A17, 0x65DA, 0xD731, 0x84C6, 0xD0B8,
222
0x82C3, 0x29B0, 0x5A77, 0x1E11, 0x7BCB, 0xA8FC, 0x6DD6, 0x2C3A,
226
static inline u16 _S_(u16 v)
228
u16 t = Sbox[Hi8(v)];
229
return Sbox[Lo8(v)] ^ ((t << 8) | (t >> 8));
233
#define PHASE1_LOOP_COUNT 8
236
static void tkip_mixing_phase1(u16 *TTAK, const u8 *TK, const u8 *TA, u32 IV32)
240
/* Initialize the 80-bit TTAK from TSC (IV32) and TA[0..5] */
241
TTAK[0] = Lo16(IV32);
242
TTAK[1] = Hi16(IV32);
243
TTAK[2] = Mk16(TA[1], TA[0]);
244
TTAK[3] = Mk16(TA[3], TA[2]);
245
TTAK[4] = Mk16(TA[5], TA[4]);
247
for (i = 0; i < PHASE1_LOOP_COUNT; i++) {
249
TTAK[0] += _S_(TTAK[4] ^ Mk16(TK[1 + j], TK[0 + j]));
250
TTAK[1] += _S_(TTAK[0] ^ Mk16(TK[5 + j], TK[4 + j]));
251
TTAK[2] += _S_(TTAK[1] ^ Mk16(TK[9 + j], TK[8 + j]));
252
TTAK[3] += _S_(TTAK[2] ^ Mk16(TK[13 + j], TK[12 + j]));
253
TTAK[4] += _S_(TTAK[3] ^ Mk16(TK[1 + j], TK[0 + j])) + i;
258
static void tkip_mixing_phase2(u8 *WEPSeed, const u8 *TK, const u16 *TTAK,
261
/* Make temporary area overlap WEP seed so that the final copy can be
262
* avoided on little endian hosts. */
263
u16 *PPK = (u16 *) &WEPSeed[4];
265
/* Step 1 - make copy of TTAK and bring in TSC */
271
PPK[5] = TTAK[4] + IV16;
273
/* Step 2 - 96-bit bijective mixing using S-box */
274
PPK[0] += _S_(PPK[5] ^ Mk16_le((u16 *) &TK[0]));
275
PPK[1] += _S_(PPK[0] ^ Mk16_le((u16 *) &TK[2]));
276
PPK[2] += _S_(PPK[1] ^ Mk16_le((u16 *) &TK[4]));
277
PPK[3] += _S_(PPK[2] ^ Mk16_le((u16 *) &TK[6]));
278
PPK[4] += _S_(PPK[3] ^ Mk16_le((u16 *) &TK[8]));
279
PPK[5] += _S_(PPK[4] ^ Mk16_le((u16 *) &TK[10]));
281
PPK[0] += RotR1(PPK[5] ^ Mk16_le((u16 *) &TK[12]));
282
PPK[1] += RotR1(PPK[0] ^ Mk16_le((u16 *) &TK[14]));
283
PPK[2] += RotR1(PPK[1]);
284
PPK[3] += RotR1(PPK[2]);
285
PPK[4] += RotR1(PPK[3]);
286
PPK[5] += RotR1(PPK[4]);
288
/* Step 3 - bring in last of TK bits, assign 24-bit WEP IV value
289
* WEPSeed[0..2] is transmitted as WEP IV */
290
WEPSeed[0] = Hi8(IV16);
291
WEPSeed[1] = (Hi8(IV16) | 0x20) & 0x7F;
292
WEPSeed[2] = Lo8(IV16);
293
WEPSeed[3] = Lo8((PPK[5] ^ Mk16_le((u16 *) &TK[0])) >> 1);
298
for (i = 0; i < 6; i++)
299
PPK[i] = (PPK[i] << 8) | (PPK[i] >> 8);
305
static int ieee80211_tkip_encrypt(struct sk_buff *skb, int hdr_len, void *priv)
307
struct ieee80211_tkip_data *tkey = priv;
310
struct ieee80211_hdr_4addr *hdr;
311
cb_desc *tcb_desc = (cb_desc *)(skb->cb + MAX_DEV_ADDR_SIZE);
312
struct blkcipher_desc desc = {.tfm = tkey->tx_tfm_arc4};
316
struct scatterlist sg;
318
if (skb_headroom(skb) < 8 || skb_tailroom(skb) < 4 ||
322
hdr = (struct ieee80211_hdr_4addr *) skb->data;
324
if (!tcb_desc->bHwSec)
326
if (!tkey->tx_phase1_done) {
327
tkip_mixing_phase1(tkey->tx_ttak, tkey->key, hdr->addr2,
329
tkey->tx_phase1_done = 1;
331
tkip_mixing_phase2(rc4key, tkey->key, tkey->tx_ttak, tkey->tx_iv16);
334
tkey->tx_phase1_done = 1;
337
len = skb->len - hdr_len;
338
pos = skb_push(skb, 8);
339
memmove(pos, pos + 8, hdr_len);
342
if (tcb_desc->bHwSec)
344
*pos++ = Hi8(tkey->tx_iv16);
345
*pos++ = (Hi8(tkey->tx_iv16) | 0x20) & 0x7F;
346
*pos++ = Lo8(tkey->tx_iv16);
355
*pos++ = (tkey->key_idx << 6) | (1 << 5) /* Ext IV included */;
356
*pos++ = tkey->tx_iv32 & 0xff;
357
*pos++ = (tkey->tx_iv32 >> 8) & 0xff;
358
*pos++ = (tkey->tx_iv32 >> 16) & 0xff;
359
*pos++ = (tkey->tx_iv32 >> 24) & 0xff;
361
if (!tcb_desc->bHwSec)
363
icv = skb_put(skb, 4);
364
crc = ~crc32_le(~0, pos, len);
369
crypto_blkcipher_setkey(tkey->tx_tfm_arc4, rc4key, 16);
370
sg_init_one(&sg, pos, len+4);
371
ret= crypto_blkcipher_encrypt(&desc, &sg, &sg, len + 4);
375
if (tkey->tx_iv16 == 0) {
376
tkey->tx_phase1_done = 0;
380
if (!tcb_desc->bHwSec)
388
static int ieee80211_tkip_decrypt(struct sk_buff *skb, int hdr_len, void *priv)
390
struct ieee80211_tkip_data *tkey = priv;
394
struct ieee80211_hdr_4addr *hdr;
395
cb_desc *tcb_desc = (cb_desc *)(skb->cb + MAX_DEV_ADDR_SIZE);
396
struct blkcipher_desc desc = {.tfm = tkey->rx_tfm_arc4};
400
struct scatterlist sg;
402
if (skb->len < hdr_len + 8 + 4)
405
hdr = (struct ieee80211_hdr_4addr *) skb->data;
406
pos = skb->data + hdr_len;
408
if (!(keyidx & (1 << 5))) {
409
if (net_ratelimit()) {
410
printk(KERN_DEBUG "TKIP: received packet without ExtIV"
411
" flag from %pM\n", hdr->addr2);
416
if (tkey->key_idx != keyidx) {
417
printk(KERN_DEBUG "TKIP: RX tkey->key_idx=%d frame "
418
"keyidx=%d priv=%p\n", tkey->key_idx, keyidx, priv);
421
if (!tkey->key_set) {
422
if (net_ratelimit()) {
423
printk(KERN_DEBUG "TKIP: received packet from %pM"
424
" with keyid=%d that does not have a configured"
425
" key\n", hdr->addr2, keyidx);
429
iv16 = (pos[0] << 8) | pos[2];
430
iv32 = pos[4] | (pos[5] << 8) | (pos[6] << 16) | (pos[7] << 24);
433
if (!tcb_desc->bHwSec)
435
if (iv32 < tkey->rx_iv32 ||
436
(iv32 == tkey->rx_iv32 && iv16 <= tkey->rx_iv16)) {
437
if (net_ratelimit()) {
438
printk(KERN_DEBUG "TKIP: replay detected: STA=%pM"
439
" previous TSC %08x%04x received TSC "
440
"%08x%04x\n", hdr->addr2,
441
tkey->rx_iv32, tkey->rx_iv16, iv32, iv16);
443
tkey->dot11RSNAStatsTKIPReplays++;
447
if (iv32 != tkey->rx_iv32 || !tkey->rx_phase1_done) {
448
tkip_mixing_phase1(tkey->rx_ttak, tkey->key, hdr->addr2, iv32);
449
tkey->rx_phase1_done = 1;
451
tkip_mixing_phase2(rc4key, tkey->key, tkey->rx_ttak, iv16);
453
plen = skb->len - hdr_len - 12;
455
crypto_blkcipher_setkey(tkey->rx_tfm_arc4, rc4key, 16);
456
sg_init_one(&sg, pos, plen+4);
458
if (crypto_blkcipher_decrypt(&desc, &sg, &sg, plen + 4)) {
459
if (net_ratelimit()) {
460
printk(KERN_DEBUG ": TKIP: failed to decrypt "
461
"received packet from %pM\n",
467
crc = ~crc32_le(~0, pos, plen);
473
if (memcmp(icv, pos + plen, 4) != 0) {
474
if (iv32 != tkey->rx_iv32) {
475
/* Previously cached Phase1 result was already lost, so
476
* it needs to be recalculated for the next packet. */
477
tkey->rx_phase1_done = 0;
479
if (net_ratelimit()) {
480
printk(KERN_DEBUG "TKIP: ICV error detected: STA="
481
"%pM\n", hdr->addr2);
483
tkey->dot11RSNAStatsTKIPICVErrors++;
489
/* Update real counters only after Michael MIC verification has
491
tkey->rx_iv32_new = iv32;
492
tkey->rx_iv16_new = iv16;
494
/* Remove IV and ICV */
495
memmove(skb->data + 8, skb->data, hdr_len);
497
skb_trim(skb, skb->len - 4);
502
static int michael_mic(struct crypto_hash *tfm_michael, u8 * key, u8 * hdr,
503
u8 * data, size_t data_len, u8 * mic)
505
struct hash_desc desc;
506
struct scatterlist sg[2];
508
if (tfm_michael == NULL) {
509
printk(KERN_WARNING "michael_mic: tfm_michael == NULL\n");
513
sg_init_table(sg, 2);
514
sg_set_buf(&sg[0], hdr, 16);
515
sg_set_buf(&sg[1], data, data_len);
517
if (crypto_hash_setkey(tfm_michael, key, 8))
520
desc.tfm = tfm_michael;
522
return crypto_hash_digest(&desc, sg, data_len + 16, mic);
525
static void michael_mic_hdr(struct sk_buff *skb, u8 *hdr)
527
struct ieee80211_hdr_4addr *hdr11;
529
hdr11 = (struct ieee80211_hdr_4addr *) skb->data;
530
switch (le16_to_cpu(hdr11->frame_ctl) &
531
(IEEE80211_FCTL_FROMDS | IEEE80211_FCTL_TODS)) {
532
case IEEE80211_FCTL_TODS:
533
memcpy(hdr, hdr11->addr3, ETH_ALEN); /* DA */
534
memcpy(hdr + ETH_ALEN, hdr11->addr2, ETH_ALEN); /* SA */
536
case IEEE80211_FCTL_FROMDS:
537
memcpy(hdr, hdr11->addr1, ETH_ALEN); /* DA */
538
memcpy(hdr + ETH_ALEN, hdr11->addr3, ETH_ALEN); /* SA */
540
case IEEE80211_FCTL_FROMDS | IEEE80211_FCTL_TODS:
541
memcpy(hdr, hdr11->addr3, ETH_ALEN); /* DA */
542
memcpy(hdr + ETH_ALEN, hdr11->addr4, ETH_ALEN); /* SA */
545
memcpy(hdr, hdr11->addr1, ETH_ALEN); /* DA */
546
memcpy(hdr + ETH_ALEN, hdr11->addr2, ETH_ALEN); /* SA */
550
hdr[12] = 0; /* priority */
552
hdr[13] = hdr[14] = hdr[15] = 0; /* reserved */
556
static int ieee80211_michael_mic_add(struct sk_buff *skb, int hdr_len, void *priv)
558
struct ieee80211_tkip_data *tkey = priv;
560
struct ieee80211_hdr_4addr *hdr;
562
hdr = (struct ieee80211_hdr_4addr *) skb->data;
564
if (skb_tailroom(skb) < 8 || skb->len < hdr_len) {
565
printk(KERN_DEBUG "Invalid packet for Michael MIC add "
566
"(tailroom=%d hdr_len=%d skb->len=%d)\n",
567
skb_tailroom(skb), hdr_len, skb->len);
571
michael_mic_hdr(skb, tkey->tx_hdr);
574
// fix the wpa process with wmm enabled.
575
if(IEEE80211_QOS_HAS_SEQ(le16_to_cpu(hdr->frame_ctl))) {
576
tkey->tx_hdr[12] = *(skb->data + hdr_len - 2) & 0x07;
579
pos = skb_put(skb, 8);
581
if (michael_mic(tkey->tx_tfm_michael, &tkey->key[16], tkey->tx_hdr,
582
skb->data + hdr_len, skb->len - 8 - hdr_len, pos))
588
static void ieee80211_michael_mic_failure(struct net_device *dev,
589
struct ieee80211_hdr_4addr *hdr,
592
union iwreq_data wrqu;
593
struct iw_michaelmicfailure ev;
595
/* TODO: needed parameters: count, keyid, key type, TSC */
596
memset(&ev, 0, sizeof(ev));
597
ev.flags = keyidx & IW_MICFAILURE_KEY_ID;
598
if (hdr->addr1[0] & 0x01)
599
ev.flags |= IW_MICFAILURE_GROUP;
601
ev.flags |= IW_MICFAILURE_PAIRWISE;
602
ev.src_addr.sa_family = ARPHRD_ETHER;
603
memcpy(ev.src_addr.sa_data, hdr->addr2, ETH_ALEN);
604
memset(&wrqu, 0, sizeof(wrqu));
605
wrqu.data.length = sizeof(ev);
606
wireless_send_event(dev, IWEVMICHAELMICFAILURE, &wrqu, (char *) &ev);
609
static int ieee80211_michael_mic_verify(struct sk_buff *skb, int keyidx,
610
int hdr_len, void *priv)
612
struct ieee80211_tkip_data *tkey = priv;
614
struct ieee80211_hdr_4addr *hdr;
616
hdr = (struct ieee80211_hdr_4addr *) skb->data;
621
michael_mic_hdr(skb, tkey->rx_hdr);
623
// fix the wpa process with wmm enabled.
624
if(IEEE80211_QOS_HAS_SEQ(le16_to_cpu(hdr->frame_ctl))) {
625
tkey->rx_hdr[12] = *(skb->data + hdr_len - 2) & 0x07;
629
if (michael_mic(tkey->rx_tfm_michael, &tkey->key[24], tkey->rx_hdr,
630
skb->data + hdr_len, skb->len - 8 - hdr_len, mic))
632
if (memcmp(mic, skb->data + skb->len - 8, 8) != 0) {
633
struct ieee80211_hdr_4addr *hdr;
634
hdr = (struct ieee80211_hdr_4addr *) skb->data;
635
printk(KERN_DEBUG "%s: Michael MIC verification failed for "
636
"MSDU from %pM keyidx=%d\n",
637
skb->dev ? skb->dev->name : "N/A", hdr->addr2,
640
ieee80211_michael_mic_failure(skb->dev, hdr, keyidx);
641
tkey->dot11RSNAStatsTKIPLocalMICFailures++;
645
/* Update TSC counters for RX now that the packet verification has
647
tkey->rx_iv32 = tkey->rx_iv32_new;
648
tkey->rx_iv16 = tkey->rx_iv16_new;
650
skb_trim(skb, skb->len - 8);
656
static int ieee80211_tkip_set_key(void *key, int len, u8 *seq, void *priv)
658
struct ieee80211_tkip_data *tkey = priv;
660
struct crypto_hash *tfm = tkey->tx_tfm_michael;
661
struct crypto_blkcipher *tfm2 = tkey->tx_tfm_arc4;
662
struct crypto_hash *tfm3 = tkey->rx_tfm_michael;
663
struct crypto_blkcipher *tfm4 = tkey->rx_tfm_arc4;
665
keyidx = tkey->key_idx;
666
memset(tkey, 0, sizeof(*tkey));
667
tkey->key_idx = keyidx;
668
tkey->tx_tfm_michael = tfm;
669
tkey->tx_tfm_arc4 = tfm2;
670
tkey->rx_tfm_michael = tfm3;
671
tkey->rx_tfm_arc4 = tfm4;
673
if (len == TKIP_KEY_LEN) {
674
memcpy(tkey->key, key, TKIP_KEY_LEN);
676
tkey->tx_iv16 = 1; /* TSC is initialized to 1 */
678
tkey->rx_iv32 = (seq[5] << 24) | (seq[4] << 16) |
679
(seq[3] << 8) | seq[2];
680
tkey->rx_iv16 = (seq[1] << 8) | seq[0];
691
static int ieee80211_tkip_get_key(void *key, int len, u8 *seq, void *priv)
693
struct ieee80211_tkip_data *tkey = priv;
695
if (len < TKIP_KEY_LEN)
700
memcpy(key, tkey->key, TKIP_KEY_LEN);
703
/* Return the sequence number of the last transmitted frame. */
704
u16 iv16 = tkey->tx_iv16;
705
u32 iv32 = tkey->tx_iv32;
709
seq[0] = tkey->tx_iv16;
710
seq[1] = tkey->tx_iv16 >> 8;
711
seq[2] = tkey->tx_iv32;
712
seq[3] = tkey->tx_iv32 >> 8;
713
seq[4] = tkey->tx_iv32 >> 16;
714
seq[5] = tkey->tx_iv32 >> 24;
721
static char * ieee80211_tkip_print_stats(char *p, void *priv)
723
struct ieee80211_tkip_data *tkip = priv;
724
p += sprintf(p, "key[%d] alg=TKIP key_set=%d "
725
"tx_pn=%02x%02x%02x%02x%02x%02x "
726
"rx_pn=%02x%02x%02x%02x%02x%02x "
727
"replays=%d icv_errors=%d local_mic_failures=%d\n",
728
tkip->key_idx, tkip->key_set,
729
(tkip->tx_iv32 >> 24) & 0xff,
730
(tkip->tx_iv32 >> 16) & 0xff,
731
(tkip->tx_iv32 >> 8) & 0xff,
732
tkip->tx_iv32 & 0xff,
733
(tkip->tx_iv16 >> 8) & 0xff,
734
tkip->tx_iv16 & 0xff,
735
(tkip->rx_iv32 >> 24) & 0xff,
736
(tkip->rx_iv32 >> 16) & 0xff,
737
(tkip->rx_iv32 >> 8) & 0xff,
738
tkip->rx_iv32 & 0xff,
739
(tkip->rx_iv16 >> 8) & 0xff,
740
tkip->rx_iv16 & 0xff,
741
tkip->dot11RSNAStatsTKIPReplays,
742
tkip->dot11RSNAStatsTKIPICVErrors,
743
tkip->dot11RSNAStatsTKIPLocalMICFailures);
748
static struct ieee80211_crypto_ops ieee80211_crypt_tkip = {
750
.init = ieee80211_tkip_init,
751
.deinit = ieee80211_tkip_deinit,
752
.encrypt_mpdu = ieee80211_tkip_encrypt,
753
.decrypt_mpdu = ieee80211_tkip_decrypt,
754
.encrypt_msdu = ieee80211_michael_mic_add,
755
.decrypt_msdu = ieee80211_michael_mic_verify,
756
.set_key = ieee80211_tkip_set_key,
757
.get_key = ieee80211_tkip_get_key,
758
.print_stats = ieee80211_tkip_print_stats,
759
.extra_prefix_len = 4 + 4, /* IV + ExtIV */
760
.extra_postfix_len = 8 + 4, /* MIC + ICV */
761
.owner = THIS_MODULE,
764
int __init ieee80211_crypto_tkip_init(void)
766
return ieee80211_register_crypto_ops(&ieee80211_crypt_tkip);
769
void __exit ieee80211_crypto_tkip_exit(void)
771
ieee80211_unregister_crypto_ops(&ieee80211_crypt_tkip);
774
void ieee80211_tkip_null(void)
776
// printk("============>%s()\n", __FUNCTION__);