mac80211: Let drivers have access to TKIP key offets for TX and RX MIC

Some drivers may want to to use the TKIP key offsets for TX and RX MIC so lets move this out. Lets also clear up a bit how this is used internally in mac80211. Signed-off-by: Luis R. Rodriguez <lrodriguez@atheros.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
author: Luis R. Rodriguez <lrodriguez@atheros.com> 2008-06-21 10:02:46 -0400
committer: John W. Linville <linville@tuxdriver.com> 2008-06-27 09:09:17 -0400
commit: ffd7891dc909b3648e87f7cf8f84a6dc12fc1cc6 (patch)
tree: 563c41b3bce49effd3544081cb54ba5ab6fdfb15 /net
parent: 61243d8e79de67d703b192fae2c4ab80fc0fac34 (diff)
3 files changed, 31 insertions, 36 deletions
diff --git a/net/mac80211/key.h b/net/mac80211/key.h
index a0f774aafa45..425816e0996c 100644
--- a/net/mac80211/key.h
+++ b/net/mac80211/key.h
@@ -16,31 +16,18 @@
 #include <linux/rcupdate.h>
 #include <net/mac80211.h>
-/* ALG_TKIP
+#define WEP_IV_LEN              4
- * struct ieee80211_key::key is encoded as a 256-bit (32 byte) data block:
+#define WEP_ICV_LEN             4
- * Temporal Encryption Key (128 bits)
+#define ALG_TKIP_KEY_LEN        32
- * Temporal Authenticator Tx MIC Key (64 bits)
+#define ALG_CCMP_KEY_LEN        16
- * Temporal Authenticator Rx MIC Key (64 bits)
+#define CCMP_HDR_LEN            8
- */
+#define CCMP_MIC_LEN            8
+#define CCMP_TK_LEN             16
-#define WEP_IV_LEN 4
+#define CCMP_PN_LEN             6
-#define WEP_ICV_LEN 4
+#define TKIP_IV_LEN             8
+#define TKIP_ICV_LEN            4
-#define ALG_TKIP_KEY_LEN 32
-/* Starting offsets for each key */
+#define NUM_RX_DATA_QUEUES      17
-#define ALG_TKIP_TEMP_ENCR_KEY 0
-#define ALG_TKIP_TEMP_AUTH_TX_MIC_KEY 16
-#define ALG_TKIP_TEMP_AUTH_RX_MIC_KEY 24
-#define TKIP_IV_LEN 8
-#define TKIP_ICV_LEN 4
-#define ALG_CCMP_KEY_LEN 16
-#define CCMP_HDR_LEN 8
-#define CCMP_MIC_LEN 8
-#define CCMP_TK_LEN 16
-#define CCMP_PN_LEN 6
-#define NUM_RX_DATA_QUEUES 17
 struct ieee80211_local;
 struct ieee80211_sub_if_data;
diff --git a/net/mac80211/tkip.c b/net/mac80211/tkip.c
index 699807889988..995f7af3d25e 100644
--- a/net/mac80211/tkip.c
+++ b/net/mac80211/tkip.c
@@ -164,7 +164,7 @@ void ieee80211_get_tkip_key(struct ieee80211_key_conf *keyconf,
        iv16 = data[2] | (data[0] << 8);
        iv32 = get_unaligned_le32(&data[4]);
-        tk = &key->conf.key[ALG_TKIP_TEMP_ENCR_KEY];
+        tk = &key->conf.key[NL80211_TKIP_DATA_OFFSET_ENCR_KEY];
        ctx = &key->u.tkip.tx;
 #ifdef CONFIG_MAC80211_TKIP_DEBUG
@@ -205,7 +205,7 @@ void ieee80211_tkip_encrypt_data(struct crypto_blkcipher *tfm,
 {
        u8 rc4key[16];
        struct tkip_ctx *ctx = &key->u.tkip.tx;
-        const u8 *tk = &key->conf.key[ALG_TKIP_TEMP_ENCR_KEY];
+        const u8 *tk = &key->conf.key[NL80211_TKIP_DATA_OFFSET_ENCR_KEY];
        /* Calculate per-packet key */
        if (ctx->iv16 == 0 || !ctx->initialized)
@@ -231,7 +231,7 @@ int ieee80211_tkip_decrypt_data(struct crypto_blkcipher *tfm,
        u32 iv16;
        u8 rc4key[16], keyid, *pos = payload;
        int res;
-        const u8 *tk = &key->conf.key[ALG_TKIP_TEMP_ENCR_KEY];
+        const u8 *tk = &key->conf.key[NL80211_TKIP_DATA_OFFSET_ENCR_KEY];
        if (payload_len < 12)
                return -1;
@@ -286,13 +286,13 @@ int ieee80211_tkip_decrypt_data(struct crypto_blkcipher *tfm,
 #ifdef CONFIG_MAC80211_TKIP_DEBUG
                {
                        int i;
+                        u8 key_offset = NL80211_TKIP_DATA_OFFSET_ENCR_KEY;
                        DECLARE_MAC_BUF(mac);
                        printk(KERN_DEBUG "TKIP decrypt: Phase1 TA=%s"
                               " TK=", print_mac(mac, ta));
                        for (i = 0; i < 16; i++)
                                printk("%02x ",
-                                       key->conf.key[
+                                       key->conf.key[key_offset + i]);
-                                                ALG_TKIP_TEMP_ENCR_KEY + i]);
                        printk("\n");
                        printk(KERN_DEBUG "TKIP decrypt: P1K=");
                        for (i = 0; i < 5; i++)
diff --git a/net/mac80211/wpa.c b/net/mac80211/wpa.c
index 345e10e9b313..f809761fbfb5 100644
--- a/net/mac80211/wpa.c
+++ b/net/mac80211/wpa.c
@@ -49,7 +49,7 @@ static int ieee80211_get_hdr_info(const struct sk_buff *skb, u8 **sa, u8 **da,
 ieee80211_tx_result
 ieee80211_tx_h_michael_mic_add(struct ieee80211_tx_data *tx)
 {
-        u8 *data, *sa, *da, *key, *mic, qos_tid;
+        u8 *data, *sa, *da, *key, *mic, qos_tid, key_offset;
        size_t data_len;
        u16 fc;
        struct sk_buff *skb = tx->skb;
@@ -88,8 +88,12 @@ ieee80211_tx_h_michael_mic_add(struct ieee80211_tx_data *tx)
 #else
        authenticator = 1;
 #endif
-        key = &tx->key->conf.key[authenticator ? ALG_TKIP_TEMP_AUTH_TX_MIC_KEY :
+        /* At this point we know we're using ALG_TKIP. To get the MIC key
-                                 ALG_TKIP_TEMP_AUTH_RX_MIC_KEY];
+         * we now will rely on the offset from the ieee80211_key_conf::key */
+        key_offset = authenticator ?
+                NL80211_TKIP_DATA_OFFSET_TX_MIC_KEY :
+                NL80211_TKIP_DATA_OFFSET_RX_MIC_KEY;
+        key = &tx->key->conf.key[key_offset];
        mic = skb_put(skb, MICHAEL_MIC_LEN);
        michael_mic(key, da, sa, qos_tid & 0x0f, data, data_len, mic);
@@ -100,7 +104,7 @@ ieee80211_tx_h_michael_mic_add(struct ieee80211_tx_data *tx)
 ieee80211_rx_result
 ieee80211_rx_h_michael_mic_verify(struct ieee80211_rx_data *rx)
 {
-        u8 *data, *sa, *da, *key = NULL, qos_tid;
+        u8 *data, *sa, *da, *key = NULL, qos_tid, key_offset;
        size_t data_len;
        u16 fc;
        u8 mic[MICHAEL_MIC_LEN];
@@ -131,8 +135,12 @@ ieee80211_rx_h_michael_mic_verify(struct ieee80211_rx_data *rx)
 #else
        authenticator = 1;
 #endif
-        key = &rx->key->conf.key[authenticator ? ALG_TKIP_TEMP_AUTH_RX_MIC_KEY :
+        /* At this point we know we're using ALG_TKIP. To get the MIC key
-                                 ALG_TKIP_TEMP_AUTH_TX_MIC_KEY];
+         * we now will rely on the offset from the ieee80211_key_conf::key */
+        key_offset = authenticator ?
+                NL80211_TKIP_DATA_OFFSET_RX_MIC_KEY :
+                NL80211_TKIP_DATA_OFFSET_TX_MIC_KEY;
+        key = &rx->key->conf.key[key_offset];
        michael_mic(key, da, sa, qos_tid & 0x0f, data, data_len, mic);
        if (memcmp(mic, data + data_len, MICHAEL_MIC_LEN) != 0 || wpa_test) {
                if (!(rx->flags & IEEE80211_RX_RA_MATCH))
author	Luis R. Rodriguez <lrodriguez@atheros.com>	2008-06-21 10:02:46 -0400
committer	John W. Linville <linville@tuxdriver.com>	2008-06-27 09:09:17 -0400
commit	ffd7891dc909b3648e87f7cf8f84a6dc12fc1cc6 (patch)
tree	563c41b3bce49effd3544081cb54ba5ab6fdfb15 /net
parent	61243d8e79de67d703b192fae2c4ab80fc0fac34 (diff)

diff --git a/net/mac80211/key.h b/net/mac80211/key.h index a0f774aafa45..425816e0996c 100644 --- a/net/mac80211/key.h +++ b/net/mac80211/key.h
@@ -16,31 +16,18 @@
16	#include <linux/rcupdate.h>	16	#include <linux/rcupdate.h>
17	#include <net/mac80211.h>	17	#include <net/mac80211.h>
18		18
19	/* ALG_TKIP	19	#define WEP_IV_LEN 4
20	* struct ieee80211_key::key is encoded as a 256-bit (32 byte) data block:	20	#define WEP_ICV_LEN 4
21	* Temporal Encryption Key (128 bits)	21	#define ALG_TKIP_KEY_LEN 32
22	* Temporal Authenticator Tx MIC Key (64 bits)	22	#define ALG_CCMP_KEY_LEN 16
23	* Temporal Authenticator Rx MIC Key (64 bits)	23	#define CCMP_HDR_LEN 8
24	*/	24	#define CCMP_MIC_LEN 8
25		25	#define CCMP_TK_LEN 16
26	#define WEP_IV_LEN 4	26	#define CCMP_PN_LEN 6
27	#define WEP_ICV_LEN 4	27	#define TKIP_IV_LEN 8
28		28	#define TKIP_ICV_LEN 4
29	#define ALG_TKIP_KEY_LEN 32	29
30	/* Starting offsets for each key */	30	#define NUM_RX_DATA_QUEUES 17
31	#define ALG_TKIP_TEMP_ENCR_KEY 0
32	#define ALG_TKIP_TEMP_AUTH_TX_MIC_KEY 16
33	#define ALG_TKIP_TEMP_AUTH_RX_MIC_KEY 24
34	#define TKIP_IV_LEN 8
35	#define TKIP_ICV_LEN 4
36
37	#define ALG_CCMP_KEY_LEN 16
38	#define CCMP_HDR_LEN 8
39	#define CCMP_MIC_LEN 8
40	#define CCMP_TK_LEN 16
41	#define CCMP_PN_LEN 6
42
43	#define NUM_RX_DATA_QUEUES 17
44		31
45	struct ieee80211_local;	32	struct ieee80211_local;
46	struct ieee80211_sub_if_data;	33	struct ieee80211_sub_if_data;


diff --git a/net/mac80211/tkip.c b/net/mac80211/tkip.c index 699807889988..995f7af3d25e 100644 --- a/net/mac80211/tkip.c +++ b/net/mac80211/tkip.c
@@ -164,7 +164,7 @@ void ieee80211_get_tkip_key(struct ieee80211_key_conf *keyconf,
164	iv16 = data[2] \| (data[0] << 8);	164	iv16 = data[2] \| (data[0] << 8);
165	iv32 = get_unaligned_le32(&data[4]);	165	iv32 = get_unaligned_le32(&data[4]);
166		166
167	tk = &key->conf.key[ALG_TKIP_TEMP_ENCR_KEY];	167	tk = &key->conf.key[NL80211_TKIP_DATA_OFFSET_ENCR_KEY];
168	ctx = &key->u.tkip.tx;	168	ctx = &key->u.tkip.tx;
169		169
170	#ifdef CONFIG_MAC80211_TKIP_DEBUG	170	#ifdef CONFIG_MAC80211_TKIP_DEBUG
@@ -205,7 +205,7 @@ void ieee80211_tkip_encrypt_data(struct crypto_blkcipher *tfm,
205	{	205	{
206	u8 rc4key[16];	206	u8 rc4key[16];
207	struct tkip_ctx *ctx = &key->u.tkip.tx;	207	struct tkip_ctx *ctx = &key->u.tkip.tx;
208	const u8 *tk = &key->conf.key[ALG_TKIP_TEMP_ENCR_KEY];	208	const u8 *tk = &key->conf.key[NL80211_TKIP_DATA_OFFSET_ENCR_KEY];
209		209
210	/* Calculate per-packet key */	210	/* Calculate per-packet key */
211	if (ctx->iv16 == 0 \|\| !ctx->initialized)	211	if (ctx->iv16 == 0 \|\| !ctx->initialized)
@@ -231,7 +231,7 @@ int ieee80211_tkip_decrypt_data(struct crypto_blkcipher *tfm,
231	u32 iv16;	231	u32 iv16;
232	u8 rc4key[16], keyid, *pos = payload;	232	u8 rc4key[16], keyid, *pos = payload;
233	int res;	233	int res;
234	const u8 *tk = &key->conf.key[ALG_TKIP_TEMP_ENCR_KEY];	234	const u8 *tk = &key->conf.key[NL80211_TKIP_DATA_OFFSET_ENCR_KEY];
235		235
236	if (payload_len < 12)	236	if (payload_len < 12)
237	return -1;	237	return -1;
@@ -286,13 +286,13 @@ int ieee80211_tkip_decrypt_data(struct crypto_blkcipher *tfm,
286	#ifdef CONFIG_MAC80211_TKIP_DEBUG	286	#ifdef CONFIG_MAC80211_TKIP_DEBUG
287	{	287	{
288	int i;	288	int i;
		289	u8 key_offset = NL80211_TKIP_DATA_OFFSET_ENCR_KEY;
289	DECLARE_MAC_BUF(mac);	290	DECLARE_MAC_BUF(mac);
290	printk(KERN_DEBUG "TKIP decrypt: Phase1 TA=%s"	291	printk(KERN_DEBUG "TKIP decrypt: Phase1 TA=%s"
291	" TK=", print_mac(mac, ta));	292	" TK=", print_mac(mac, ta));
292	for (i = 0; i < 16; i++)	293	for (i = 0; i < 16; i++)
293	printk("%02x ",	294	printk("%02x ",
294	key->conf.key[	295	key->conf.key[key_offset + i]);
295	ALG_TKIP_TEMP_ENCR_KEY + i]);
296	printk("\n");	296	printk("\n");
297	printk(KERN_DEBUG "TKIP decrypt: P1K=");	297	printk(KERN_DEBUG "TKIP decrypt: P1K=");
298	for (i = 0; i < 5; i++)	298	for (i = 0; i < 5; i++)


diff --git a/net/mac80211/wpa.c b/net/mac80211/wpa.c index 345e10e9b313..f809761fbfb5 100644 --- a/net/mac80211/wpa.c +++ b/net/mac80211/wpa.c
@@ -49,7 +49,7 @@ static int ieee80211_get_hdr_info(const struct sk_buff skb, u8 sa, u8 *da,
49	ieee80211_tx_result	49	ieee80211_tx_result
50	ieee80211_tx_h_michael_mic_add(struct ieee80211_tx_data *tx)	50	ieee80211_tx_h_michael_mic_add(struct ieee80211_tx_data *tx)
51	{	51	{
52	u8 data, sa, da, key, *mic, qos_tid;	52	u8 data, sa, da, key, *mic, qos_tid, key_offset;
53	size_t data_len;	53	size_t data_len;
54	u16 fc;	54	u16 fc;
55	struct sk_buff *skb = tx->skb;	55	struct sk_buff *skb = tx->skb;
@@ -88,8 +88,12 @@ ieee80211_tx_h_michael_mic_add(struct ieee80211_tx_data *tx)
88	#else	88	#else
89	authenticator = 1;	89	authenticator = 1;
90	#endif	90	#endif
91	key = &tx->key->conf.key[authenticator ? ALG_TKIP_TEMP_AUTH_TX_MIC_KEY :	91	/* At this point we know we're using ALG_TKIP. To get the MIC key
92	ALG_TKIP_TEMP_AUTH_RX_MIC_KEY];	92	* we now will rely on the offset from the ieee80211_key_conf::key */
		93	key_offset = authenticator ?
		94	NL80211_TKIP_DATA_OFFSET_TX_MIC_KEY :
		95	NL80211_TKIP_DATA_OFFSET_RX_MIC_KEY;
		96	key = &tx->key->conf.key[key_offset];
93	mic = skb_put(skb, MICHAEL_MIC_LEN);	97	mic = skb_put(skb, MICHAEL_MIC_LEN);
94	michael_mic(key, da, sa, qos_tid & 0x0f, data, data_len, mic);	98	michael_mic(key, da, sa, qos_tid & 0x0f, data, data_len, mic);
95		99
@@ -100,7 +104,7 @@ ieee80211_tx_h_michael_mic_add(struct ieee80211_tx_data *tx)
100	ieee80211_rx_result	104	ieee80211_rx_result
101	ieee80211_rx_h_michael_mic_verify(struct ieee80211_rx_data *rx)	105	ieee80211_rx_h_michael_mic_verify(struct ieee80211_rx_data *rx)
102	{	106	{
103	u8 data, sa, da, key = NULL, qos_tid;	107	u8 data, sa, da, key = NULL, qos_tid, key_offset;
104	size_t data_len;	108	size_t data_len;
105	u16 fc;	109	u16 fc;
106	u8 mic[MICHAEL_MIC_LEN];	110	u8 mic[MICHAEL_MIC_LEN];
@@ -131,8 +135,12 @@ ieee80211_rx_h_michael_mic_verify(struct ieee80211_rx_data *rx)
131	#else	135	#else
132	authenticator = 1;	136	authenticator = 1;
133	#endif	137	#endif
134	key = &rx->key->conf.key[authenticator ? ALG_TKIP_TEMP_AUTH_RX_MIC_KEY :	138	/* At this point we know we're using ALG_TKIP. To get the MIC key
135	ALG_TKIP_TEMP_AUTH_TX_MIC_KEY];	139	* we now will rely on the offset from the ieee80211_key_conf::key */
		140	key_offset = authenticator ?
		141	NL80211_TKIP_DATA_OFFSET_RX_MIC_KEY :
		142	NL80211_TKIP_DATA_OFFSET_TX_MIC_KEY;
		143	key = &rx->key->conf.key[key_offset];
136	michael_mic(key, da, sa, qos_tid & 0x0f, data, data_len, mic);	144	michael_mic(key, da, sa, qos_tid & 0x0f, data, data_len, mic);
137	if (memcmp(mic, data + data_len, MICHAEL_MIC_LEN) != 0 \|\| wpa_test) {	145	if (memcmp(mic, data + data_len, MICHAEL_MIC_LEN) != 0 \|\| wpa_test) {
138	if (!(rx->flags & IEEE80211_RX_RA_MATCH))	146	if (!(rx->flags & IEEE80211_RX_RA_MATCH))