5 files changed, 41 insertions, 38 deletions
diff --git a/include/linux/nl80211.h b/include/linux/nl80211.h
index aa8411e2a160..2be7c63bc0f2 100644
--- a/include/linux/nl80211.h
+++ b/include/linux/nl80211.h
@@ -241,7 +241,10 @@ enum nl80211_attrs {
        NL80211_ATTR_MAX = __NL80211_ATTR_AFTER_LAST - 1
 };
-#define NL80211_MAX_SUPP_RATES  32
+#define NL80211_MAX_SUPP_RATES                  32
+#define NL80211_TKIP_DATA_OFFSET_ENCR_KEY       0
+#define NL80211_TKIP_DATA_OFFSET_TX_MIC_KEY     16
+#define NL80211_TKIP_DATA_OFFSET_RX_MIC_KEY     24
 /**
 * enum nl80211_iftype - (virtual) interface types
diff --git a/include/net/mac80211.h b/include/net/mac80211.h
index 7ab4ff6159a2..19f1e412a0f0 100644
--- a/include/net/mac80211.h
+++ b/include/net/mac80211.h
@@ -595,7 +595,12 @@ enum ieee80211_key_flags {
 * @flags: key flags, see &enum ieee80211_key_flags.
 * @keyidx: the key index (0-3)
 * @keylen: key material length
- * @key: key material
+ * @key: key material. For ALG_TKIP the key is encoded as a 256-bit (32 byte)
+ *      data block:
+ *      - Temporal Encryption Key (128 bits)
+ *      - Temporal Authenticator Tx MIC Key (64 bits)
+ *      - Temporal Authenticator Rx MIC Key (64 bits)
+ *
 */
 struct ieee80211_key_conf {
        enum ieee80211_key_alg alg;
diff --git a/net/mac80211/key.h b/net/mac80211/key.h
index a0f774aafa45..425816e0996c 100644
--- a/net/mac80211/key.h
+++ b/net/mac80211/key.h
@@ -16,31 +16,18 @@
 #include <linux/rcupdate.h>
 #include <net/mac80211.h>
-/* ALG_TKIP
+#define WEP_IV_LEN              4
- * struct ieee80211_key::key is encoded as a 256-bit (32 byte) data block:
+#define WEP_ICV_LEN             4
- * Temporal Encryption Key (128 bits)
+#define ALG_TKIP_KEY_LEN        32
- * Temporal Authenticator Tx MIC Key (64 bits)
+#define ALG_CCMP_KEY_LEN        16
- * Temporal Authenticator Rx MIC Key (64 bits)
+#define CCMP_HDR_LEN            8
- */
+#define CCMP_MIC_LEN            8
+#define CCMP_TK_LEN             16
-#define WEP_IV_LEN 4
+#define CCMP_PN_LEN             6
-#define WEP_ICV_LEN 4
+#define TKIP_IV_LEN             8
+#define TKIP_ICV_LEN            4
-#define ALG_TKIP_KEY_LEN 32
-/* Starting offsets for each key */
+#define NUM_RX_DATA_QUEUES      17
-#define ALG_TKIP_TEMP_ENCR_KEY 0
-#define ALG_TKIP_TEMP_AUTH_TX_MIC_KEY 16
-#define ALG_TKIP_TEMP_AUTH_RX_MIC_KEY 24
-#define TKIP_IV_LEN 8
-#define TKIP_ICV_LEN 4
-#define ALG_CCMP_KEY_LEN 16
-#define CCMP_HDR_LEN 8
-#define CCMP_MIC_LEN 8
-#define CCMP_TK_LEN 16
-#define CCMP_PN_LEN 6
-#define NUM_RX_DATA_QUEUES 17
 struct ieee80211_local;
 struct ieee80211_sub_if_data;
diff --git a/net/mac80211/tkip.c b/net/mac80211/tkip.c
index 699807889988..995f7af3d25e 100644
--- a/net/mac80211/tkip.c
+++ b/net/mac80211/tkip.c
@@ -164,7 +164,7 @@ void ieee80211_get_tkip_key(struct ieee80211_key_conf *keyconf,
        iv16 = data[2] | (data[0] << 8);
        iv32 = get_unaligned_le32(&data[4]);
-        tk = &key->conf.key[ALG_TKIP_TEMP_ENCR_KEY];
+        tk = &key->conf.key[NL80211_TKIP_DATA_OFFSET_ENCR_KEY];
        ctx = &key->u.tkip.tx;
 #ifdef CONFIG_MAC80211_TKIP_DEBUG
@@ -205,7 +205,7 @@ void ieee80211_tkip_encrypt_data(struct crypto_blkcipher *tfm,
 {
        u8 rc4key[16];
        struct tkip_ctx *ctx = &key->u.tkip.tx;
-        const u8 *tk = &key->conf.key[ALG_TKIP_TEMP_ENCR_KEY];
+        const u8 *tk = &key->conf.key[NL80211_TKIP_DATA_OFFSET_ENCR_KEY];
        /* Calculate per-packet key */
        if (ctx->iv16 == 0 || !ctx->initialized)
@@ -231,7 +231,7 @@ int ieee80211_tkip_decrypt_data(struct crypto_blkcipher *tfm,
        u32 iv16;
        u8 rc4key[16], keyid, *pos = payload;
        int res;
-        const u8 *tk = &key->conf.key[ALG_TKIP_TEMP_ENCR_KEY];
+        const u8 *tk = &key->conf.key[NL80211_TKIP_DATA_OFFSET_ENCR_KEY];
        if (payload_len < 12)
                return -1;
@@ -286,13 +286,13 @@ int ieee80211_tkip_decrypt_data(struct crypto_blkcipher *tfm,
 #ifdef CONFIG_MAC80211_TKIP_DEBUG
                {
                        int i;
+                        u8 key_offset = NL80211_TKIP_DATA_OFFSET_ENCR_KEY;
                        DECLARE_MAC_BUF(mac);
                        printk(KERN_DEBUG "TKIP decrypt: Phase1 TA=%s"
                               " TK=", print_mac(mac, ta));
                        for (i = 0; i < 16; i++)
                                printk("%02x ",
-                                       key->conf.key[
+                                       key->conf.key[key_offset + i]);
-                                                ALG_TKIP_TEMP_ENCR_KEY + i]);
                        printk("\n");
                        printk(KERN_DEBUG "TKIP decrypt: P1K=");
                        for (i = 0; i < 5; i++)
diff --git a/net/mac80211/wpa.c b/net/mac80211/wpa.c
index 345e10e9b313..f809761fbfb5 100644
--- a/net/mac80211/wpa.c
+++ b/net/mac80211/wpa.c
@@ -49,7 +49,7 @@ static int ieee80211_get_hdr_info(const struct sk_buff *skb, u8 **sa, u8 **da,
 ieee80211_tx_result
 ieee80211_tx_h_michael_mic_add(struct ieee80211_tx_data *tx)
 {
-        u8 *data, *sa, *da, *key, *mic, qos_tid;
+        u8 *data, *sa, *da, *key, *mic, qos_tid, key_offset;
        size_t data_len;
        u16 fc;
        struct sk_buff *skb = tx->skb;
@@ -88,8 +88,12 @@ ieee80211_tx_h_michael_mic_add(struct ieee80211_tx_data *tx)
 #else
        authenticator = 1;
 #endif
-        key = &tx->key->conf.key[authenticator ? ALG_TKIP_TEMP_AUTH_TX_MIC_KEY :
+        /* At this point we know we're using ALG_TKIP. To get the MIC key
-                                 ALG_TKIP_TEMP_AUTH_RX_MIC_KEY];
+         * we now will rely on the offset from the ieee80211_key_conf::key */
+        key_offset = authenticator ?
+                NL80211_TKIP_DATA_OFFSET_TX_MIC_KEY :
+                NL80211_TKIP_DATA_OFFSET_RX_MIC_KEY;
+        key = &tx->key->conf.key[key_offset];
        mic = skb_put(skb, MICHAEL_MIC_LEN);
        michael_mic(key, da, sa, qos_tid & 0x0f, data, data_len, mic);
@@ -100,7 +104,7 @@ ieee80211_tx_h_michael_mic_add(struct ieee80211_tx_data *tx)
 ieee80211_rx_result
 ieee80211_rx_h_michael_mic_verify(struct ieee80211_rx_data *rx)
 {
-        u8 *data, *sa, *da, *key = NULL, qos_tid;
+        u8 *data, *sa, *da, *key = NULL, qos_tid, key_offset;
        size_t data_len;
        u16 fc;
        u8 mic[MICHAEL_MIC_LEN];
@@ -131,8 +135,12 @@ ieee80211_rx_h_michael_mic_verify(struct ieee80211_rx_data *rx)
 #else
        authenticator = 1;
 #endif
-        key = &rx->key->conf.key[authenticator ? ALG_TKIP_TEMP_AUTH_RX_MIC_KEY :
+        /* At this point we know we're using ALG_TKIP. To get the MIC key
-                                 ALG_TKIP_TEMP_AUTH_TX_MIC_KEY];
+         * we now will rely on the offset from the ieee80211_key_conf::key */
+        key_offset = authenticator ?
+                NL80211_TKIP_DATA_OFFSET_RX_MIC_KEY :
+                NL80211_TKIP_DATA_OFFSET_TX_MIC_KEY;
+        key = &rx->key->conf.key[key_offset];
        michael_mic(key, da, sa, qos_tid & 0x0f, data, data_len, mic);
        if (memcmp(mic, data + data_len, MICHAEL_MIC_LEN) != 0 || wpa_test) {
                if (!(rx->flags & IEEE80211_RX_RA_MATCH))

diff --git a/include/linux/nl80211.h b/include/linux/nl80211.h index aa8411e2a160..2be7c63bc0f2 100644 --- a/include/linux/nl80211.h +++ b/include/linux/nl80211.h
@@ -241,7 +241,10 @@ enum nl80211_attrs {
241	NL80211_ATTR_MAX = __NL80211_ATTR_AFTER_LAST - 1	241	NL80211_ATTR_MAX = __NL80211_ATTR_AFTER_LAST - 1
242	};	242	};
243		243
244	#define NL80211_MAX_SUPP_RATES 32	244	#define NL80211_MAX_SUPP_RATES 32
		245	#define NL80211_TKIP_DATA_OFFSET_ENCR_KEY 0
		246	#define NL80211_TKIP_DATA_OFFSET_TX_MIC_KEY 16
		247	#define NL80211_TKIP_DATA_OFFSET_RX_MIC_KEY 24
245		248
246	/**	249	/**
247	* enum nl80211_iftype - (virtual) interface types	250	* enum nl80211_iftype - (virtual) interface types


diff --git a/include/net/mac80211.h b/include/net/mac80211.h index 7ab4ff6159a2..19f1e412a0f0 100644 --- a/include/net/mac80211.h +++ b/include/net/mac80211.h
@@ -595,7 +595,12 @@ enum ieee80211_key_flags {
595	* @flags: key flags, see &enum ieee80211_key_flags.	595	* @flags: key flags, see &enum ieee80211_key_flags.
596	* @keyidx: the key index (0-3)	596	* @keyidx: the key index (0-3)
597	* @keylen: key material length	597	* @keylen: key material length
598	* @key: key material	598	* @key: key material. For ALG_TKIP the key is encoded as a 256-bit (32 byte)
		599	* data block:
		600	* - Temporal Encryption Key (128 bits)
		601	* - Temporal Authenticator Tx MIC Key (64 bits)
		602	* - Temporal Authenticator Rx MIC Key (64 bits)
		603	*
599	*/	604	*/
600	struct ieee80211_key_conf {	605	struct ieee80211_key_conf {
601	enum ieee80211_key_alg alg;	606	enum ieee80211_key_alg alg;


diff --git a/net/mac80211/key.h b/net/mac80211/key.h index a0f774aafa45..425816e0996c 100644 --- a/net/mac80211/key.h +++ b/net/mac80211/key.h
@@ -16,31 +16,18 @@
16	#include <linux/rcupdate.h>	16	#include <linux/rcupdate.h>
17	#include <net/mac80211.h>	17	#include <net/mac80211.h>
18		18
19	/* ALG_TKIP	19	#define WEP_IV_LEN 4
20	* struct ieee80211_key::key is encoded as a 256-bit (32 byte) data block:	20	#define WEP_ICV_LEN 4
21	* Temporal Encryption Key (128 bits)	21	#define ALG_TKIP_KEY_LEN 32
22	* Temporal Authenticator Tx MIC Key (64 bits)	22	#define ALG_CCMP_KEY_LEN 16
23	* Temporal Authenticator Rx MIC Key (64 bits)	23	#define CCMP_HDR_LEN 8
24	*/	24	#define CCMP_MIC_LEN 8
25		25	#define CCMP_TK_LEN 16
26	#define WEP_IV_LEN 4	26	#define CCMP_PN_LEN 6
27	#define WEP_ICV_LEN 4	27	#define TKIP_IV_LEN 8
28		28	#define TKIP_ICV_LEN 4
29	#define ALG_TKIP_KEY_LEN 32	29
30	/* Starting offsets for each key */	30	#define NUM_RX_DATA_QUEUES 17
31	#define ALG_TKIP_TEMP_ENCR_KEY 0
32	#define ALG_TKIP_TEMP_AUTH_TX_MIC_KEY 16
33	#define ALG_TKIP_TEMP_AUTH_RX_MIC_KEY 24
34	#define TKIP_IV_LEN 8
35	#define TKIP_ICV_LEN 4
36
37	#define ALG_CCMP_KEY_LEN 16
38	#define CCMP_HDR_LEN 8
39	#define CCMP_MIC_LEN 8
40	#define CCMP_TK_LEN 16
41	#define CCMP_PN_LEN 6
42
43	#define NUM_RX_DATA_QUEUES 17
44		31
45	struct ieee80211_local;	32	struct ieee80211_local;
46	struct ieee80211_sub_if_data;	33	struct ieee80211_sub_if_data;


diff --git a/net/mac80211/tkip.c b/net/mac80211/tkip.c index 699807889988..995f7af3d25e 100644 --- a/net/mac80211/tkip.c +++ b/net/mac80211/tkip.c
@@ -164,7 +164,7 @@ void ieee80211_get_tkip_key(struct ieee80211_key_conf *keyconf,
164	iv16 = data[2] \| (data[0] << 8);	164	iv16 = data[2] \| (data[0] << 8);
165	iv32 = get_unaligned_le32(&data[4]);	165	iv32 = get_unaligned_le32(&data[4]);
166		166
167	tk = &key->conf.key[ALG_TKIP_TEMP_ENCR_KEY];	167	tk = &key->conf.key[NL80211_TKIP_DATA_OFFSET_ENCR_KEY];
168	ctx = &key->u.tkip.tx;	168	ctx = &key->u.tkip.tx;
169		169
170	#ifdef CONFIG_MAC80211_TKIP_DEBUG	170	#ifdef CONFIG_MAC80211_TKIP_DEBUG
@@ -205,7 +205,7 @@ void ieee80211_tkip_encrypt_data(struct crypto_blkcipher *tfm,
205	{	205	{
206	u8 rc4key[16];	206	u8 rc4key[16];
207	struct tkip_ctx *ctx = &key->u.tkip.tx;	207	struct tkip_ctx *ctx = &key->u.tkip.tx;
208	const u8 *tk = &key->conf.key[ALG_TKIP_TEMP_ENCR_KEY];	208	const u8 *tk = &key->conf.key[NL80211_TKIP_DATA_OFFSET_ENCR_KEY];
209		209
210	/* Calculate per-packet key */	210	/* Calculate per-packet key */
211	if (ctx->iv16 == 0 \|\| !ctx->initialized)	211	if (ctx->iv16 == 0 \|\| !ctx->initialized)
@@ -231,7 +231,7 @@ int ieee80211_tkip_decrypt_data(struct crypto_blkcipher *tfm,
231	u32 iv16;	231	u32 iv16;
232	u8 rc4key[16], keyid, *pos = payload;	232	u8 rc4key[16], keyid, *pos = payload;
233	int res;	233	int res;
234	const u8 *tk = &key->conf.key[ALG_TKIP_TEMP_ENCR_KEY];	234	const u8 *tk = &key->conf.key[NL80211_TKIP_DATA_OFFSET_ENCR_KEY];
235		235
236	if (payload_len < 12)	236	if (payload_len < 12)
237	return -1;	237	return -1;
@@ -286,13 +286,13 @@ int ieee80211_tkip_decrypt_data(struct crypto_blkcipher *tfm,
286	#ifdef CONFIG_MAC80211_TKIP_DEBUG	286	#ifdef CONFIG_MAC80211_TKIP_DEBUG
287	{	287	{
288	int i;	288	int i;
		289	u8 key_offset = NL80211_TKIP_DATA_OFFSET_ENCR_KEY;
289	DECLARE_MAC_BUF(mac);	290	DECLARE_MAC_BUF(mac);
290	printk(KERN_DEBUG "TKIP decrypt: Phase1 TA=%s"	291	printk(KERN_DEBUG "TKIP decrypt: Phase1 TA=%s"
291	" TK=", print_mac(mac, ta));	292	" TK=", print_mac(mac, ta));
292	for (i = 0; i < 16; i++)	293	for (i = 0; i < 16; i++)
293	printk("%02x ",	294	printk("%02x ",
294	key->conf.key[	295	key->conf.key[key_offset + i]);
295	ALG_TKIP_TEMP_ENCR_KEY + i]);
296	printk("\n");	296	printk("\n");
297	printk(KERN_DEBUG "TKIP decrypt: P1K=");	297	printk(KERN_DEBUG "TKIP decrypt: P1K=");
298	for (i = 0; i < 5; i++)	298	for (i = 0; i < 5; i++)


diff --git a/net/mac80211/wpa.c b/net/mac80211/wpa.c index 345e10e9b313..f809761fbfb5 100644 --- a/net/mac80211/wpa.c +++ b/net/mac80211/wpa.c
@@ -49,7 +49,7 @@ static int ieee80211_get_hdr_info(const struct sk_buff skb, u8 sa, u8 *da,
49	ieee80211_tx_result	49	ieee80211_tx_result
50	ieee80211_tx_h_michael_mic_add(struct ieee80211_tx_data *tx)	50	ieee80211_tx_h_michael_mic_add(struct ieee80211_tx_data *tx)
51	{	51	{
52	u8 data, sa, da, key, *mic, qos_tid;	52	u8 data, sa, da, key, *mic, qos_tid, key_offset;
53	size_t data_len;	53	size_t data_len;
54	u16 fc;	54	u16 fc;
55	struct sk_buff *skb = tx->skb;	55	struct sk_buff *skb = tx->skb;
@@ -88,8 +88,12 @@ ieee80211_tx_h_michael_mic_add(struct ieee80211_tx_data *tx)
88	#else	88	#else
89	authenticator = 1;	89	authenticator = 1;
90	#endif	90	#endif
91	key = &tx->key->conf.key[authenticator ? ALG_TKIP_TEMP_AUTH_TX_MIC_KEY :	91	/* At this point we know we're using ALG_TKIP. To get the MIC key
92	ALG_TKIP_TEMP_AUTH_RX_MIC_KEY];	92	* we now will rely on the offset from the ieee80211_key_conf::key */
		93	key_offset = authenticator ?
		94	NL80211_TKIP_DATA_OFFSET_TX_MIC_KEY :
		95	NL80211_TKIP_DATA_OFFSET_RX_MIC_KEY;
		96	key = &tx->key->conf.key[key_offset];
93	mic = skb_put(skb, MICHAEL_MIC_LEN);	97	mic = skb_put(skb, MICHAEL_MIC_LEN);
94	michael_mic(key, da, sa, qos_tid & 0x0f, data, data_len, mic);	98	michael_mic(key, da, sa, qos_tid & 0x0f, data, data_len, mic);
95		99
@@ -100,7 +104,7 @@ ieee80211_tx_h_michael_mic_add(struct ieee80211_tx_data *tx)
100	ieee80211_rx_result	104	ieee80211_rx_result
101	ieee80211_rx_h_michael_mic_verify(struct ieee80211_rx_data *rx)	105	ieee80211_rx_h_michael_mic_verify(struct ieee80211_rx_data *rx)
102	{	106	{
103	u8 data, sa, da, key = NULL, qos_tid;	107	u8 data, sa, da, key = NULL, qos_tid, key_offset;
104	size_t data_len;	108	size_t data_len;
105	u16 fc;	109	u16 fc;
106	u8 mic[MICHAEL_MIC_LEN];	110	u8 mic[MICHAEL_MIC_LEN];
@@ -131,8 +135,12 @@ ieee80211_rx_h_michael_mic_verify(struct ieee80211_rx_data *rx)
131	#else	135	#else
132	authenticator = 1;	136	authenticator = 1;
133	#endif	137	#endif
134	key = &rx->key->conf.key[authenticator ? ALG_TKIP_TEMP_AUTH_RX_MIC_KEY :	138	/* At this point we know we're using ALG_TKIP. To get the MIC key
135	ALG_TKIP_TEMP_AUTH_TX_MIC_KEY];	139	* we now will rely on the offset from the ieee80211_key_conf::key */
		140	key_offset = authenticator ?
		141	NL80211_TKIP_DATA_OFFSET_RX_MIC_KEY :
		142	NL80211_TKIP_DATA_OFFSET_TX_MIC_KEY;
		143	key = &rx->key->conf.key[key_offset];
136	michael_mic(key, da, sa, qos_tid & 0x0f, data, data_len, mic);	144	michael_mic(key, da, sa, qos_tid & 0x0f, data, data_len, mic);
137	if (memcmp(mic, data + data_len, MICHAEL_MIC_LEN) != 0 \|\| wpa_test) {	145	if (memcmp(mic, data + data_len, MICHAEL_MIC_LEN) != 0 \|\| wpa_test) {
138	if (!(rx->flags & IEEE80211_RX_RA_MATCH))	146	if (!(rx->flags & IEEE80211_RX_RA_MATCH))