1 // SPDX-License-Identifier: GPL-2.0-only
3 * lib80211 crypt: host-based TKIP encryption implementation for lib80211
5 * Copyright (c) 2003-2004, Jouni Malinen <j@w1.fi>
6 * Copyright (c) 2008, John W. Linville <linville@tuxdriver.com>
9 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
11 #include <linux/err.h>
12 #include <linux/module.h>
13 #include <linux/init.h>
14 #include <linux/slab.h>
15 #include <linux/random.h>
16 #include <linux/scatterlist.h>
17 #include <linux/skbuff.h>
18 #include <linux/netdevice.h>
20 #include <linux/if_ether.h>
21 #include <linux/if_arp.h>
22 #include <asm/string.h>
24 #include <linux/wireless.h>
25 #include <linux/ieee80211.h>
26 #include <net/iw_handler.h>
28 #include <crypto/hash.h>
29 #include <linux/crypto.h>
30 #include <linux/crc32.h>
32 #include <net/lib80211.h>
34 MODULE_AUTHOR("Jouni Malinen");
35 MODULE_DESCRIPTION("lib80211 crypt: TKIP");
36 MODULE_LICENSE("GPL");
38 #define TKIP_HDR_LEN 8
40 struct lib80211_tkip_data {
41 #define TKIP_KEY_LEN 32
57 u32 dot11RSNAStatsTKIPReplays;
58 u32 dot11RSNAStatsTKIPICVErrors;
59 u32 dot11RSNAStatsTKIPLocalMICFailures;
63 struct crypto_cipher *rx_tfm_arc4;
64 struct crypto_shash *rx_tfm_michael;
65 struct crypto_cipher *tx_tfm_arc4;
66 struct crypto_shash *tx_tfm_michael;
68 /* scratch buffers for virt_to_page() (crypto API) */
69 u8 rx_hdr[16], tx_hdr[16];
74 static unsigned long lib80211_tkip_set_flags(unsigned long flags, void *priv)
76 struct lib80211_tkip_data *_priv = priv;
77 unsigned long old_flags = _priv->flags;
82 static unsigned long lib80211_tkip_get_flags(void *priv)
84 struct lib80211_tkip_data *_priv = priv;
88 static void *lib80211_tkip_init(int key_idx)
90 struct lib80211_tkip_data *priv;
92 priv = kzalloc(sizeof(*priv), GFP_ATOMIC);
96 priv->key_idx = key_idx;
98 priv->tx_tfm_arc4 = crypto_alloc_cipher("arc4", 0, 0);
99 if (IS_ERR(priv->tx_tfm_arc4)) {
100 priv->tx_tfm_arc4 = NULL;
104 priv->tx_tfm_michael = crypto_alloc_shash("michael_mic", 0, 0);
105 if (IS_ERR(priv->tx_tfm_michael)) {
106 priv->tx_tfm_michael = NULL;
110 priv->rx_tfm_arc4 = crypto_alloc_cipher("arc4", 0, 0);
111 if (IS_ERR(priv->rx_tfm_arc4)) {
112 priv->rx_tfm_arc4 = NULL;
116 priv->rx_tfm_michael = crypto_alloc_shash("michael_mic", 0, 0);
117 if (IS_ERR(priv->rx_tfm_michael)) {
118 priv->rx_tfm_michael = NULL;
126 crypto_free_shash(priv->tx_tfm_michael);
127 crypto_free_cipher(priv->tx_tfm_arc4);
128 crypto_free_shash(priv->rx_tfm_michael);
129 crypto_free_cipher(priv->rx_tfm_arc4);
136 static void lib80211_tkip_deinit(void *priv)
138 struct lib80211_tkip_data *_priv = priv;
140 crypto_free_shash(_priv->tx_tfm_michael);
141 crypto_free_cipher(_priv->tx_tfm_arc4);
142 crypto_free_shash(_priv->rx_tfm_michael);
143 crypto_free_cipher(_priv->rx_tfm_arc4);
148 static inline u16 RotR1(u16 val)
150 return (val >> 1) | (val << 15);
153 static inline u8 Lo8(u16 val)
158 static inline u8 Hi8(u16 val)
163 static inline u16 Lo16(u32 val)
168 static inline u16 Hi16(u32 val)
173 static inline u16 Mk16(u8 hi, u8 lo)
175 return lo | (((u16) hi) << 8);
178 static inline u16 Mk16_le(__le16 * v)
180 return le16_to_cpu(*v);
183 static const u16 Sbox[256] = {
184 0xC6A5, 0xF884, 0xEE99, 0xF68D, 0xFF0D, 0xD6BD, 0xDEB1, 0x9154,
185 0x6050, 0x0203, 0xCEA9, 0x567D, 0xE719, 0xB562, 0x4DE6, 0xEC9A,
186 0x8F45, 0x1F9D, 0x8940, 0xFA87, 0xEF15, 0xB2EB, 0x8EC9, 0xFB0B,
187 0x41EC, 0xB367, 0x5FFD, 0x45EA, 0x23BF, 0x53F7, 0xE496, 0x9B5B,
188 0x75C2, 0xE11C, 0x3DAE, 0x4C6A, 0x6C5A, 0x7E41, 0xF502, 0x834F,
189 0x685C, 0x51F4, 0xD134, 0xF908, 0xE293, 0xAB73, 0x6253, 0x2A3F,
190 0x080C, 0x9552, 0x4665, 0x9D5E, 0x3028, 0x37A1, 0x0A0F, 0x2FB5,
191 0x0E09, 0x2436, 0x1B9B, 0xDF3D, 0xCD26, 0x4E69, 0x7FCD, 0xEA9F,
192 0x121B, 0x1D9E, 0x5874, 0x342E, 0x362D, 0xDCB2, 0xB4EE, 0x5BFB,
193 0xA4F6, 0x764D, 0xB761, 0x7DCE, 0x527B, 0xDD3E, 0x5E71, 0x1397,
194 0xA6F5, 0xB968, 0x0000, 0xC12C, 0x4060, 0xE31F, 0x79C8, 0xB6ED,
195 0xD4BE, 0x8D46, 0x67D9, 0x724B, 0x94DE, 0x98D4, 0xB0E8, 0x854A,
196 0xBB6B, 0xC52A, 0x4FE5, 0xED16, 0x86C5, 0x9AD7, 0x6655, 0x1194,
197 0x8ACF, 0xE910, 0x0406, 0xFE81, 0xA0F0, 0x7844, 0x25BA, 0x4BE3,
198 0xA2F3, 0x5DFE, 0x80C0, 0x058A, 0x3FAD, 0x21BC, 0x7048, 0xF104,
199 0x63DF, 0x77C1, 0xAF75, 0x4263, 0x2030, 0xE51A, 0xFD0E, 0xBF6D,
200 0x814C, 0x1814, 0x2635, 0xC32F, 0xBEE1, 0x35A2, 0x88CC, 0x2E39,
201 0x9357, 0x55F2, 0xFC82, 0x7A47, 0xC8AC, 0xBAE7, 0x322B, 0xE695,
202 0xC0A0, 0x1998, 0x9ED1, 0xA37F, 0x4466, 0x547E, 0x3BAB, 0x0B83,
203 0x8CCA, 0xC729, 0x6BD3, 0x283C, 0xA779, 0xBCE2, 0x161D, 0xAD76,
204 0xDB3B, 0x6456, 0x744E, 0x141E, 0x92DB, 0x0C0A, 0x486C, 0xB8E4,
205 0x9F5D, 0xBD6E, 0x43EF, 0xC4A6, 0x39A8, 0x31A4, 0xD337, 0xF28B,
206 0xD532, 0x8B43, 0x6E59, 0xDAB7, 0x018C, 0xB164, 0x9CD2, 0x49E0,
207 0xD8B4, 0xACFA, 0xF307, 0xCF25, 0xCAAF, 0xF48E, 0x47E9, 0x1018,
208 0x6FD5, 0xF088, 0x4A6F, 0x5C72, 0x3824, 0x57F1, 0x73C7, 0x9751,
209 0xCB23, 0xA17C, 0xE89C, 0x3E21, 0x96DD, 0x61DC, 0x0D86, 0x0F85,
210 0xE090, 0x7C42, 0x71C4, 0xCCAA, 0x90D8, 0x0605, 0xF701, 0x1C12,
211 0xC2A3, 0x6A5F, 0xAEF9, 0x69D0, 0x1791, 0x9958, 0x3A27, 0x27B9,
212 0xD938, 0xEB13, 0x2BB3, 0x2233, 0xD2BB, 0xA970, 0x0789, 0x33A7,
213 0x2DB6, 0x3C22, 0x1592, 0xC920, 0x8749, 0xAAFF, 0x5078, 0xA57A,
214 0x038F, 0x59F8, 0x0980, 0x1A17, 0x65DA, 0xD731, 0x84C6, 0xD0B8,
215 0x82C3, 0x29B0, 0x5A77, 0x1E11, 0x7BCB, 0xA8FC, 0x6DD6, 0x2C3A,
218 static inline u16 _S_(u16 v)
220 u16 t = Sbox[Hi8(v)];
221 return Sbox[Lo8(v)] ^ ((t << 8) | (t >> 8));
224 #define PHASE1_LOOP_COUNT 8
226 static void tkip_mixing_phase1(u16 * TTAK, const u8 * TK, const u8 * TA,
231 /* Initialize the 80-bit TTAK from TSC (IV32) and TA[0..5] */
232 TTAK[0] = Lo16(IV32);
233 TTAK[1] = Hi16(IV32);
234 TTAK[2] = Mk16(TA[1], TA[0]);
235 TTAK[3] = Mk16(TA[3], TA[2]);
236 TTAK[4] = Mk16(TA[5], TA[4]);
238 for (i = 0; i < PHASE1_LOOP_COUNT; i++) {
240 TTAK[0] += _S_(TTAK[4] ^ Mk16(TK[1 + j], TK[0 + j]));
241 TTAK[1] += _S_(TTAK[0] ^ Mk16(TK[5 + j], TK[4 + j]));
242 TTAK[2] += _S_(TTAK[1] ^ Mk16(TK[9 + j], TK[8 + j]));
243 TTAK[3] += _S_(TTAK[2] ^ Mk16(TK[13 + j], TK[12 + j]));
244 TTAK[4] += _S_(TTAK[3] ^ Mk16(TK[1 + j], TK[0 + j])) + i;
248 static void tkip_mixing_phase2(u8 * WEPSeed, const u8 * TK, const u16 * TTAK,
251 /* Make temporary area overlap WEP seed so that the final copy can be
252 * avoided on little endian hosts. */
253 u16 *PPK = (u16 *) & WEPSeed[4];
255 /* Step 1 - make copy of TTAK and bring in TSC */
261 PPK[5] = TTAK[4] + IV16;
263 /* Step 2 - 96-bit bijective mixing using S-box */
264 PPK[0] += _S_(PPK[5] ^ Mk16_le((__le16 *) & TK[0]));
265 PPK[1] += _S_(PPK[0] ^ Mk16_le((__le16 *) & TK[2]));
266 PPK[2] += _S_(PPK[1] ^ Mk16_le((__le16 *) & TK[4]));
267 PPK[3] += _S_(PPK[2] ^ Mk16_le((__le16 *) & TK[6]));
268 PPK[4] += _S_(PPK[3] ^ Mk16_le((__le16 *) & TK[8]));
269 PPK[5] += _S_(PPK[4] ^ Mk16_le((__le16 *) & TK[10]));
271 PPK[0] += RotR1(PPK[5] ^ Mk16_le((__le16 *) & TK[12]));
272 PPK[1] += RotR1(PPK[0] ^ Mk16_le((__le16 *) & TK[14]));
273 PPK[2] += RotR1(PPK[1]);
274 PPK[3] += RotR1(PPK[2]);
275 PPK[4] += RotR1(PPK[3]);
276 PPK[5] += RotR1(PPK[4]);
278 /* Step 3 - bring in last of TK bits, assign 24-bit WEP IV value
279 * WEPSeed[0..2] is transmitted as WEP IV */
280 WEPSeed[0] = Hi8(IV16);
281 WEPSeed[1] = (Hi8(IV16) | 0x20) & 0x7F;
282 WEPSeed[2] = Lo8(IV16);
283 WEPSeed[3] = Lo8((PPK[5] ^ Mk16_le((__le16 *) & TK[0])) >> 1);
288 for (i = 0; i < 6; i++)
289 PPK[i] = (PPK[i] << 8) | (PPK[i] >> 8);
294 static int lib80211_tkip_hdr(struct sk_buff *skb, int hdr_len,
295 u8 * rc4key, int keylen, void *priv)
297 struct lib80211_tkip_data *tkey = priv;
299 struct ieee80211_hdr *hdr;
301 hdr = (struct ieee80211_hdr *)skb->data;
303 if (skb_headroom(skb) < TKIP_HDR_LEN || skb->len < hdr_len)
306 if (rc4key == NULL || keylen < 16)
309 if (!tkey->tx_phase1_done) {
310 tkip_mixing_phase1(tkey->tx_ttak, tkey->key, hdr->addr2,
312 tkey->tx_phase1_done = 1;
314 tkip_mixing_phase2(rc4key, tkey->key, tkey->tx_ttak, tkey->tx_iv16);
316 pos = skb_push(skb, TKIP_HDR_LEN);
317 memmove(pos, pos + TKIP_HDR_LEN, hdr_len);
321 *pos++ = *(rc4key + 1);
322 *pos++ = *(rc4key + 2);
323 *pos++ = (tkey->key_idx << 6) | (1 << 5) /* Ext IV included */ ;
324 *pos++ = tkey->tx_iv32 & 0xff;
325 *pos++ = (tkey->tx_iv32 >> 8) & 0xff;
326 *pos++ = (tkey->tx_iv32 >> 16) & 0xff;
327 *pos++ = (tkey->tx_iv32 >> 24) & 0xff;
330 if (tkey->tx_iv16 == 0) {
331 tkey->tx_phase1_done = 0;
338 static int lib80211_tkip_encrypt(struct sk_buff *skb, int hdr_len, void *priv)
340 struct lib80211_tkip_data *tkey = priv;
342 u8 rc4key[16], *pos, *icv;
346 if (tkey->flags & IEEE80211_CRYPTO_TKIP_COUNTERMEASURES) {
347 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
348 net_dbg_ratelimited("TKIP countermeasures: dropped TX packet to %pM\n",
353 if (skb_tailroom(skb) < 4 || skb->len < hdr_len)
356 len = skb->len - hdr_len;
357 pos = skb->data + hdr_len;
359 if ((lib80211_tkip_hdr(skb, hdr_len, rc4key, 16, priv)) < 0)
362 crc = ~crc32_le(~0, pos, len);
363 icv = skb_put(skb, 4);
369 crypto_cipher_setkey(tkey->tx_tfm_arc4, rc4key, 16);
370 for (i = 0; i < len + 4; i++)
371 crypto_cipher_encrypt_one(tkey->tx_tfm_arc4, pos + i, pos + i);
376 * deal with seq counter wrapping correctly.
377 * refer to timer_after() for jiffies wrapping handling
379 static inline int tkip_replay_check(u32 iv32_n, u16 iv16_n,
380 u32 iv32_o, u16 iv16_o)
382 if ((s32)iv32_n - (s32)iv32_o < 0 ||
383 (iv32_n == iv32_o && iv16_n <= iv16_o))
388 static int lib80211_tkip_decrypt(struct sk_buff *skb, int hdr_len, void *priv)
390 struct lib80211_tkip_data *tkey = priv;
395 struct ieee80211_hdr *hdr;
401 hdr = (struct ieee80211_hdr *)skb->data;
403 if (tkey->flags & IEEE80211_CRYPTO_TKIP_COUNTERMEASURES) {
404 net_dbg_ratelimited("TKIP countermeasures: dropped received packet from %pM\n",
409 if (skb->len < hdr_len + TKIP_HDR_LEN + 4)
412 pos = skb->data + hdr_len;
414 if (!(keyidx & (1 << 5))) {
415 net_dbg_ratelimited("TKIP: received packet without ExtIV flag from %pM\n",
420 if (tkey->key_idx != keyidx) {
421 net_dbg_ratelimited("TKIP: RX tkey->key_idx=%d frame keyidx=%d\n",
422 tkey->key_idx, keyidx);
425 if (!tkey->key_set) {
426 net_dbg_ratelimited("TKIP: received packet from %pM with keyid=%d that does not have a configured key\n",
430 iv16 = (pos[0] << 8) | pos[2];
431 iv32 = pos[4] | (pos[5] << 8) | (pos[6] << 16) | (pos[7] << 24);
434 if (tkip_replay_check(iv32, iv16, tkey->rx_iv32, tkey->rx_iv16)) {
435 #ifdef CONFIG_LIB80211_DEBUG
436 net_dbg_ratelimited("TKIP: replay detected: STA=%pM previous TSC %08x%04x received TSC %08x%04x\n",
437 hdr->addr2, tkey->rx_iv32, tkey->rx_iv16,
440 tkey->dot11RSNAStatsTKIPReplays++;
444 if (iv32 != tkey->rx_iv32 || !tkey->rx_phase1_done) {
445 tkip_mixing_phase1(tkey->rx_ttak, tkey->key, hdr->addr2, iv32);
446 tkey->rx_phase1_done = 1;
448 tkip_mixing_phase2(rc4key, tkey->key, tkey->rx_ttak, iv16);
450 plen = skb->len - hdr_len - 12;
452 crypto_cipher_setkey(tkey->rx_tfm_arc4, rc4key, 16);
453 for (i = 0; i < plen + 4; i++)
454 crypto_cipher_decrypt_one(tkey->rx_tfm_arc4, pos + i, pos + i);
456 crc = ~crc32_le(~0, pos, plen);
461 if (memcmp(icv, pos + plen, 4) != 0) {
462 if (iv32 != tkey->rx_iv32) {
463 /* Previously cached Phase1 result was already lost, so
464 * it needs to be recalculated for the next packet. */
465 tkey->rx_phase1_done = 0;
467 #ifdef CONFIG_LIB80211_DEBUG
468 net_dbg_ratelimited("TKIP: ICV error detected: STA=%pM\n",
471 tkey->dot11RSNAStatsTKIPICVErrors++;
475 /* Update real counters only after Michael MIC verification has
477 tkey->rx_iv32_new = iv32;
478 tkey->rx_iv16_new = iv16;
480 /* Remove IV and ICV */
481 memmove(skb->data + TKIP_HDR_LEN, skb->data, hdr_len);
482 skb_pull(skb, TKIP_HDR_LEN);
483 skb_trim(skb, skb->len - 4);
488 static int michael_mic(struct crypto_shash *tfm_michael, u8 *key, u8 *hdr,
489 u8 *data, size_t data_len, u8 *mic)
491 SHASH_DESC_ON_STACK(desc, tfm_michael);
494 if (tfm_michael == NULL) {
495 pr_warn("%s(): tfm_michael == NULL\n", __func__);
499 desc->tfm = tfm_michael;
501 if (crypto_shash_setkey(tfm_michael, key, 8))
504 err = crypto_shash_init(desc);
507 err = crypto_shash_update(desc, hdr, 16);
510 err = crypto_shash_update(desc, data, data_len);
513 err = crypto_shash_final(desc, mic);
516 shash_desc_zero(desc);
520 static void michael_mic_hdr(struct sk_buff *skb, u8 * hdr)
522 struct ieee80211_hdr *hdr11;
524 hdr11 = (struct ieee80211_hdr *)skb->data;
526 switch (le16_to_cpu(hdr11->frame_control) &
527 (IEEE80211_FCTL_FROMDS | IEEE80211_FCTL_TODS)) {
528 case IEEE80211_FCTL_TODS:
529 memcpy(hdr, hdr11->addr3, ETH_ALEN); /* DA */
530 memcpy(hdr + ETH_ALEN, hdr11->addr2, ETH_ALEN); /* SA */
532 case IEEE80211_FCTL_FROMDS:
533 memcpy(hdr, hdr11->addr1, ETH_ALEN); /* DA */
534 memcpy(hdr + ETH_ALEN, hdr11->addr3, ETH_ALEN); /* SA */
536 case IEEE80211_FCTL_FROMDS | IEEE80211_FCTL_TODS:
537 memcpy(hdr, hdr11->addr3, ETH_ALEN); /* DA */
538 memcpy(hdr + ETH_ALEN, hdr11->addr4, ETH_ALEN); /* SA */
541 memcpy(hdr, hdr11->addr1, ETH_ALEN); /* DA */
542 memcpy(hdr + ETH_ALEN, hdr11->addr2, ETH_ALEN); /* SA */
546 if (ieee80211_is_data_qos(hdr11->frame_control)) {
547 hdr[12] = le16_to_cpu(*((__le16 *)ieee80211_get_qos_ctl(hdr11)))
548 & IEEE80211_QOS_CTL_TID_MASK;
550 hdr[12] = 0; /* priority */
552 hdr[13] = hdr[14] = hdr[15] = 0; /* reserved */
555 static int lib80211_michael_mic_add(struct sk_buff *skb, int hdr_len,
558 struct lib80211_tkip_data *tkey = priv;
561 if (skb_tailroom(skb) < 8 || skb->len < hdr_len) {
562 printk(KERN_DEBUG "Invalid packet for Michael MIC add "
563 "(tailroom=%d hdr_len=%d skb->len=%d)\n",
564 skb_tailroom(skb), hdr_len, skb->len);
568 michael_mic_hdr(skb, tkey->tx_hdr);
569 pos = skb_put(skb, 8);
570 if (michael_mic(tkey->tx_tfm_michael, &tkey->key[16], tkey->tx_hdr,
571 skb->data + hdr_len, skb->len - 8 - hdr_len, pos))
577 static void lib80211_michael_mic_failure(struct net_device *dev,
578 struct ieee80211_hdr *hdr,
581 union iwreq_data wrqu;
582 struct iw_michaelmicfailure ev;
584 /* TODO: needed parameters: count, keyid, key type, TSC */
585 memset(&ev, 0, sizeof(ev));
586 ev.flags = keyidx & IW_MICFAILURE_KEY_ID;
587 if (hdr->addr1[0] & 0x01)
588 ev.flags |= IW_MICFAILURE_GROUP;
590 ev.flags |= IW_MICFAILURE_PAIRWISE;
591 ev.src_addr.sa_family = ARPHRD_ETHER;
592 memcpy(ev.src_addr.sa_data, hdr->addr2, ETH_ALEN);
593 memset(&wrqu, 0, sizeof(wrqu));
594 wrqu.data.length = sizeof(ev);
595 wireless_send_event(dev, IWEVMICHAELMICFAILURE, &wrqu, (char *)&ev);
598 static int lib80211_michael_mic_verify(struct sk_buff *skb, int keyidx,
599 int hdr_len, void *priv)
601 struct lib80211_tkip_data *tkey = priv;
607 michael_mic_hdr(skb, tkey->rx_hdr);
608 if (michael_mic(tkey->rx_tfm_michael, &tkey->key[24], tkey->rx_hdr,
609 skb->data + hdr_len, skb->len - 8 - hdr_len, mic))
611 if (memcmp(mic, skb->data + skb->len - 8, 8) != 0) {
612 struct ieee80211_hdr *hdr;
613 hdr = (struct ieee80211_hdr *)skb->data;
614 printk(KERN_DEBUG "%s: Michael MIC verification failed for "
615 "MSDU from %pM keyidx=%d\n",
616 skb->dev ? skb->dev->name : "N/A", hdr->addr2,
619 lib80211_michael_mic_failure(skb->dev, hdr, keyidx);
620 tkey->dot11RSNAStatsTKIPLocalMICFailures++;
624 /* Update TSC counters for RX now that the packet verification has
626 tkey->rx_iv32 = tkey->rx_iv32_new;
627 tkey->rx_iv16 = tkey->rx_iv16_new;
629 skb_trim(skb, skb->len - 8);
634 static int lib80211_tkip_set_key(void *key, int len, u8 * seq, void *priv)
636 struct lib80211_tkip_data *tkey = priv;
638 struct crypto_shash *tfm = tkey->tx_tfm_michael;
639 struct crypto_cipher *tfm2 = tkey->tx_tfm_arc4;
640 struct crypto_shash *tfm3 = tkey->rx_tfm_michael;
641 struct crypto_cipher *tfm4 = tkey->rx_tfm_arc4;
643 keyidx = tkey->key_idx;
644 memset(tkey, 0, sizeof(*tkey));
645 tkey->key_idx = keyidx;
646 tkey->tx_tfm_michael = tfm;
647 tkey->tx_tfm_arc4 = tfm2;
648 tkey->rx_tfm_michael = tfm3;
649 tkey->rx_tfm_arc4 = tfm4;
650 if (len == TKIP_KEY_LEN) {
651 memcpy(tkey->key, key, TKIP_KEY_LEN);
653 tkey->tx_iv16 = 1; /* TSC is initialized to 1 */
655 tkey->rx_iv32 = (seq[5] << 24) | (seq[4] << 16) |
656 (seq[3] << 8) | seq[2];
657 tkey->rx_iv16 = (seq[1] << 8) | seq[0];
667 static int lib80211_tkip_get_key(void *key, int len, u8 * seq, void *priv)
669 struct lib80211_tkip_data *tkey = priv;
671 if (len < TKIP_KEY_LEN)
676 memcpy(key, tkey->key, TKIP_KEY_LEN);
679 /* Return the sequence number of the last transmitted frame. */
680 u16 iv16 = tkey->tx_iv16;
681 u32 iv32 = tkey->tx_iv32;
685 seq[0] = tkey->tx_iv16;
686 seq[1] = tkey->tx_iv16 >> 8;
687 seq[2] = tkey->tx_iv32;
688 seq[3] = tkey->tx_iv32 >> 8;
689 seq[4] = tkey->tx_iv32 >> 16;
690 seq[5] = tkey->tx_iv32 >> 24;
696 static void lib80211_tkip_print_stats(struct seq_file *m, void *priv)
698 struct lib80211_tkip_data *tkip = priv;
700 "key[%d] alg=TKIP key_set=%d "
701 "tx_pn=%02x%02x%02x%02x%02x%02x "
702 "rx_pn=%02x%02x%02x%02x%02x%02x "
703 "replays=%d icv_errors=%d local_mic_failures=%d\n",
704 tkip->key_idx, tkip->key_set,
705 (tkip->tx_iv32 >> 24) & 0xff,
706 (tkip->tx_iv32 >> 16) & 0xff,
707 (tkip->tx_iv32 >> 8) & 0xff,
708 tkip->tx_iv32 & 0xff,
709 (tkip->tx_iv16 >> 8) & 0xff,
710 tkip->tx_iv16 & 0xff,
711 (tkip->rx_iv32 >> 24) & 0xff,
712 (tkip->rx_iv32 >> 16) & 0xff,
713 (tkip->rx_iv32 >> 8) & 0xff,
714 tkip->rx_iv32 & 0xff,
715 (tkip->rx_iv16 >> 8) & 0xff,
716 tkip->rx_iv16 & 0xff,
717 tkip->dot11RSNAStatsTKIPReplays,
718 tkip->dot11RSNAStatsTKIPICVErrors,
719 tkip->dot11RSNAStatsTKIPLocalMICFailures);
722 static struct lib80211_crypto_ops lib80211_crypt_tkip = {
724 .init = lib80211_tkip_init,
725 .deinit = lib80211_tkip_deinit,
726 .encrypt_mpdu = lib80211_tkip_encrypt,
727 .decrypt_mpdu = lib80211_tkip_decrypt,
728 .encrypt_msdu = lib80211_michael_mic_add,
729 .decrypt_msdu = lib80211_michael_mic_verify,
730 .set_key = lib80211_tkip_set_key,
731 .get_key = lib80211_tkip_get_key,
732 .print_stats = lib80211_tkip_print_stats,
733 .extra_mpdu_prefix_len = 4 + 4, /* IV + ExtIV */
734 .extra_mpdu_postfix_len = 4, /* ICV */
735 .extra_msdu_postfix_len = 8, /* MIC */
736 .get_flags = lib80211_tkip_get_flags,
737 .set_flags = lib80211_tkip_set_flags,
738 .owner = THIS_MODULE,
741 static int __init lib80211_crypto_tkip_init(void)
743 return lib80211_register_crypto_ops(&lib80211_crypt_tkip);
746 static void __exit lib80211_crypto_tkip_exit(void)
748 lib80211_unregister_crypto_ops(&lib80211_crypt_tkip);
751 module_init(lib80211_crypto_tkip_init);
752 module_exit(lib80211_crypto_tkip_exit);
projects / linux.git / blob