1 files changed, 106 insertions, 176 deletions
diff --git a/net/mac80211/tkip.c b/net/mac80211/tkip.c
index 09093da24af6..995f7af3d25e 100644
--- a/net/mac80211/tkip.c
+++ b/net/mac80211/tkip.c
@@ -6,25 +6,23 @@
 * it under the terms of the GNU General Public License version 2 as
 * published by the Free Software Foundation.
 */
 #include <linux/kernel.h>
+#include <linux/bitops.h>
 #include <linux/types.h>
 #include <linux/netdevice.h>
+#include <asm/unaligned.h>
 #include <net/mac80211.h>
 #include "key.h"
 #include "tkip.h"
 #include "wep.h"
-/* TKIP key mixing functions */
 #define PHASE1_LOOP_COUNT 8
+/*
-/* 2-byte by 2-byte subset of the full AES S-box table; second part of this
+ * 2-byte by 2-byte subset of the full AES S-box table; second part of this
- * table is identical to first part but byte-swapped */
+ * table is identical to first part but byte-swapped
+ */
 static const u16 tkip_sbox[256] =
 {
        0xC6A5, 0xF884, 0xEE99, 0xF68D, 0xFF0D, 0xD6BD, 0xDEB1, 0x9154,
@@ -61,84 +59,54 @@ static const u16 tkip_sbox[256] =
        0x82C3, 0x29B0, 0x5A77, 0x1E11, 0x7BCB, 0xA8FC, 0x6DD6, 0x2C3A,
 };
+static u16 tkipS(u16 val)
-static inline u16 Mk16(u8 x, u8 y)
 {
-        return ((u16) x << 8) | (u16) y;
+        return tkip_sbox[val & 0xff] ^ swab16(tkip_sbox[val >> 8]);
 }
+static u8 *write_tkip_iv(u8 *pos, u16 iv16)
-static inline u8 Hi8(u16 v)
-{
-        return v >> 8;
-}
-static inline u8 Lo8(u16 v)
-{
-        return v & 0xff;
-}
-static inline u16 Hi16(u32 v)
-{
-        return v >> 16;
-}
-static inline u16 Lo16(u32 v)
-{
-        return v & 0xffff;
-}
-static inline u16 RotR1(u16 v)
-{
-        return (v >> 1) | ((v & 0x0001) << 15);
-}
-static inline u16 tkip_S(u16 val)
 {
-        u16 a = tkip_sbox[Hi8(val)];
+        *pos++ = iv16 >> 8;
+        *pos++ = ((iv16 >> 8) | 0x20) & 0x7f;
-        return tkip_sbox[Lo8(val)] ^ Hi8(a) ^ (Lo8(a) << 8);
+        *pos++ = iv16 & 0xFF;
+        return pos;
 }
+/*
+ * P1K := Phase1(TA, TK, TSC)
-/* P1K := Phase1(TA, TK, TSC)
 * TA = transmitter address (48 bits)
 * TK = dot11DefaultKeyValue or dot11KeyMappingValue (128 bits)
 * TSC = TKIP sequence counter (48 bits, only 32 msb bits used)
 * P1K: 80 bits
 */
-static void tkip_mixing_phase1(const u8 *ta, const u8 *tk, u32 tsc_IV32,
+static void tkip_mixing_phase1(const u8 *tk, struct tkip_ctx *ctx,
-                               u16 *p1k)
+                               const u8 *ta, u32 tsc_IV32)
 {
        int i, j;
+        u16 *p1k = ctx->p1k;
-        p1k[0] = Lo16(tsc_IV32);
+        p1k[0] = tsc_IV32 & 0xFFFF;
-        p1k[1] = Hi16(tsc_IV32);
+        p1k[1] = tsc_IV32 >> 16;
-        p1k[2] = Mk16(ta[1], ta[0]);
+        p1k[2] = get_unaligned_le16(ta + 0);
-        p1k[3] = Mk16(ta[3], ta[2]);
+        p1k[3] = get_unaligned_le16(ta + 2);
-        p1k[4] = Mk16(ta[5], ta[4]);
+        p1k[4] = get_unaligned_le16(ta + 4);
        for (i = 0; i < PHASE1_LOOP_COUNT; i++) {
                j = 2 * (i & 1);
-                p1k[0] += tkip_S(p1k[4] ^ Mk16(tk[ 1 + j], tk[ 0 + j]));
+                p1k[0] += tkipS(p1k[4] ^ get_unaligned_le16(tk + 0 + j));
-                p1k[1] += tkip_S(p1k[0] ^ Mk16(tk[ 5 + j], tk[ 4 + j]));
+                p1k[1] += tkipS(p1k[0] ^ get_unaligned_le16(tk + 4 + j));
-                p1k[2] += tkip_S(p1k[1] ^ Mk16(tk[ 9 + j], tk[ 8 + j]));
+                p1k[2] += tkipS(p1k[1] ^ get_unaligned_le16(tk + 8 + j));
-                p1k[3] += tkip_S(p1k[2] ^ Mk16(tk[13 + j], tk[12 + j]));
+                p1k[3] += tkipS(p1k[2] ^ get_unaligned_le16(tk + 12 + j));
-                p1k[4] += tkip_S(p1k[3] ^ Mk16(tk[ 1 + j], tk[ 0 + j])) + i;
+                p1k[4] += tkipS(p1k[3] ^ get_unaligned_le16(tk + 0 + j)) + i;
        }
+        ctx->initialized = 1;
 }
+static void tkip_mixing_phase2(const u8 *tk, struct tkip_ctx *ctx,
-static void tkip_mixing_phase2(const u16 *p1k, const u8 *tk, u16 tsc_IV16,
+                               u16 tsc_IV16, u8 *rc4key)
-                               u8 *rc4key)
 {
        u16 ppk[6];
+        const u16 *p1k = ctx->p1k;
        int i;
        ppk[0] = p1k[0];
@@ -148,70 +116,35 @@ static void tkip_mixing_phase2(const u16 *p1k, const u8 *tk, u16 tsc_IV16,
        ppk[4] = p1k[4];
        ppk[5] = p1k[4] + tsc_IV16;
-        ppk[0] += tkip_S(ppk[5] ^ Mk16(tk[ 1], tk[ 0]));
+        ppk[0] += tkipS(ppk[5] ^ get_unaligned_le16(tk + 0));
-        ppk[1] += tkip_S(ppk[0] ^ Mk16(tk[ 3], tk[ 2]));
+        ppk[1] += tkipS(ppk[0] ^ get_unaligned_le16(tk + 2));
-        ppk[2] += tkip_S(ppk[1] ^ Mk16(tk[ 5], tk[ 4]));
+        ppk[2] += tkipS(ppk[1] ^ get_unaligned_le16(tk + 4));
-        ppk[3] += tkip_S(ppk[2] ^ Mk16(tk[ 7], tk[ 6]));
+        ppk[3] += tkipS(ppk[2] ^ get_unaligned_le16(tk + 6));
-        ppk[4] += tkip_S(ppk[3] ^ Mk16(tk[ 9], tk[ 8]));
+        ppk[4] += tkipS(ppk[3] ^ get_unaligned_le16(tk + 8));
-        ppk[5] += tkip_S(ppk[4] ^ Mk16(tk[11], tk[10]));
+        ppk[5] += tkipS(ppk[4] ^ get_unaligned_le16(tk + 10));
-        ppk[0] +=  RotR1(ppk[5] ^ Mk16(tk[13], tk[12]));
+        ppk[0] += ror16(ppk[5] ^ get_unaligned_le16(tk + 12), 1);
-        ppk[1] +=  RotR1(ppk[0] ^ Mk16(tk[15], tk[14]));
+        ppk[1] += ror16(ppk[0] ^ get_unaligned_le16(tk + 14), 1);
-        ppk[2] +=  RotR1(ppk[1]);
+        ppk[2] += ror16(ppk[1], 1);
-        ppk[3] +=  RotR1(ppk[2]);
+        ppk[3] += ror16(ppk[2], 1);
-        ppk[4] +=  RotR1(ppk[3]);
+        ppk[4] += ror16(ppk[3], 1);
-        ppk[5] +=  RotR1(ppk[4]);
+        ppk[5] += ror16(ppk[4], 1);
-        rc4key[0] = Hi8(tsc_IV16);
+        rc4key = write_tkip_iv(rc4key, tsc_IV16);
-        rc4key[1] = (Hi8(tsc_IV16) | 0x20) & 0x7f;
+        *rc4key++ = ((ppk[5] ^ get_unaligned_le16(tk)) >> 1) & 0xFF;
-        rc4key[2] = Lo8(tsc_IV16);
-        rc4key[3] = Lo8((ppk[5] ^ Mk16(tk[1], tk[0])) >> 1);
+        for (i = 0; i < 6; i++)
+                put_unaligned_le16(ppk[i], rc4key + 2 * i);
-        for (i = 0; i < 6; i++) {
-                rc4key[4 + 2 * i] = Lo8(ppk[i]);
-                rc4key[5 + 2 * i] = Hi8(ppk[i]);
-        }
 }
 /* Add TKIP IV and Ext. IV at @pos. @iv0, @iv1, and @iv2 are the first octets
 * of the IV. Returns pointer to the octet following IVs (i.e., beginning of
 * the packet payload). */
-u8 * ieee80211_tkip_add_iv(u8 *pos, struct ieee80211_key *key,
+u8 *ieee80211_tkip_add_iv(u8 *pos, struct ieee80211_key *key, u16 iv16)
-                           u8 iv0, u8 iv1, u8 iv2)
 {
-        *pos++ = iv0;
+        pos = write_tkip_iv(pos, iv16);
-        *pos++ = iv1;
-        *pos++ = iv2;
        *pos++ = (key->conf.keyidx << 6) | (1 << 5) /* Ext IV */;
-        *pos++ = key->u.tkip.iv32 & 0xff;
+        put_unaligned_le32(key->u.tkip.tx.iv32, pos);
-        *pos++ = (key->u.tkip.iv32 >> 8) & 0xff;
+        return pos + 4;
-        *pos++ = (key->u.tkip.iv32 >> 16) & 0xff;
-        *pos++ = (key->u.tkip.iv32 >> 24) & 0xff;
-        return pos;
-}
-void ieee80211_tkip_gen_phase1key(struct ieee80211_key *key, u8 *ta,
-                                  u16 *phase1key)
-{
-        tkip_mixing_phase1(ta, &key->conf.key[ALG_TKIP_TEMP_ENCR_KEY],
-                           key->u.tkip.iv32, phase1key);
-}
-void ieee80211_tkip_gen_rc4key(struct ieee80211_key *key, u8 *ta,
-                               u8 *rc4key)
-{
-        /* Calculate per-packet key */
-        if (key->u.tkip.iv16 == 0 || !key->u.tkip.tx_initialized) {
-                /* IV16 wrapped around - perform TKIP phase 1 */
-                tkip_mixing_phase1(ta, &key->conf.key[ALG_TKIP_TEMP_ENCR_KEY],
-                                   key->u.tkip.iv32, key->u.tkip.p1k);
-                key->u.tkip.tx_initialized = 1;
-        }
-        tkip_mixing_phase2(key->u.tkip.p1k,
-                           &key->conf.key[ALG_TKIP_TEMP_ENCR_KEY],
-                           key->u.tkip.iv16, rc4key);
 }
 void ieee80211_get_tkip_key(struct ieee80211_key_conf *keyconf,
@@ -220,48 +153,44 @@ void ieee80211_get_tkip_key(struct ieee80211_key_conf *keyconf,
 {
        struct ieee80211_key *key = (struct ieee80211_key *)
                        container_of(keyconf, struct ieee80211_key, conf);
-        struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
+        struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
-        u8 *data = (u8 *) hdr;
+        u8 *data;
-        u16 fc = le16_to_cpu(hdr->frame_control);
+        const u8 *tk;
-        int hdr_len = ieee80211_get_hdrlen(fc);
+        struct tkip_ctx *ctx;
-        u8 *ta = hdr->addr2;
        u16 iv16;
        u32 iv32;
-        iv16 = data[hdr_len] << 8;
+        data = (u8 *)hdr + ieee80211_hdrlen(hdr->frame_control);
-        iv16 += data[hdr_len + 2];
+        iv16 = data[2] | (data[0] << 8);
-        iv32 = data[hdr_len + 4] | (data[hdr_len + 5] << 8) |
+        iv32 = get_unaligned_le32(&data[4]);
-               (data[hdr_len + 6] << 16) | (data[hdr_len + 7] << 24);
+        tk = &key->conf.key[NL80211_TKIP_DATA_OFFSET_ENCR_KEY];
+        ctx = &key->u.tkip.tx;
-#ifdef CONFIG_TKIP_DEBUG
+#ifdef CONFIG_MAC80211_TKIP_DEBUG
        printk(KERN_DEBUG "TKIP encrypt: iv16 = 0x%04x, iv32 = 0x%08x\n",
                        iv16, iv32);
-        if (iv32 != key->u.tkip.iv32) {
+        if (iv32 != ctx->iv32) {
                printk(KERN_DEBUG "skb: iv32 = 0x%08x key: iv32 = 0x%08x\n",
-                        iv32, key->u.tkip.iv32);
+                        iv32, ctx->iv32);
                printk(KERN_DEBUG "Wrap around of iv16 in the middle of a "
                        "fragmented packet\n");
        }
-#endif /* CONFIG_TKIP_DEBUG */
+#endif
        /* Update the p1k only when the iv16 in the packet wraps around, this
         * might occur after the wrap around of iv16 in the key in case of
         * fragmented packets. */
-        if (iv16 == 0 || !key->u.tkip.tx_initialized) {
+        if (iv16 == 0 || !ctx->initialized)
-                /* IV16 wrapped around - perform TKIP phase 1 */
+                tkip_mixing_phase1(tk, ctx, hdr->addr2, iv32);
-                tkip_mixing_phase1(ta, &key->conf.key[ALG_TKIP_TEMP_ENCR_KEY],
-                        iv32, key->u.tkip.p1k);
-                key->u.tkip.tx_initialized = 1;
-        }
        if (type == IEEE80211_TKIP_P1_KEY) {
-                memcpy(outkey, key->u.tkip.p1k, sizeof(u16) * 5);
+                memcpy(outkey, ctx->p1k, sizeof(u16) * 5);
                return;
        }
-        tkip_mixing_phase2(key->u.tkip.p1k,
+        tkip_mixing_phase2(tk, ctx, iv16, outkey);
-                &key->conf.key[ALG_TKIP_TEMP_ENCR_KEY], iv16, outkey);
 }
 EXPORT_SYMBOL(ieee80211_get_tkip_key);
@@ -275,13 +204,19 @@ void ieee80211_tkip_encrypt_data(struct crypto_blkcipher *tfm,
                                 u8 *pos, size_t payload_len, u8 *ta)
 {
        u8 rc4key[16];
+        struct tkip_ctx *ctx = &key->u.tkip.tx;
+        const u8 *tk = &key->conf.key[NL80211_TKIP_DATA_OFFSET_ENCR_KEY];
+        /* Calculate per-packet key */
+        if (ctx->iv16 == 0 || !ctx->initialized)
+                tkip_mixing_phase1(tk, ctx, ta, ctx->iv32);
+        tkip_mixing_phase2(tk, ctx, ctx->iv16, rc4key);
-        ieee80211_tkip_gen_rc4key(key, ta, rc4key);
+        pos = ieee80211_tkip_add_iv(pos, key, key->u.tkip.tx.iv16);
-        pos = ieee80211_tkip_add_iv(pos, key, rc4key[0], rc4key[1], rc4key[2]);
        ieee80211_wep_encrypt_data(tfm, rc4key, 16, pos, payload_len);
 }
 /* Decrypt packet payload with TKIP using @key. @pos is a pointer to the
 * beginning of the buffer containing IEEE 802.11 header payload, i.e.,
 * including IV, Ext. IV, real data, Michael MIC, ICV. @payload_len is the
@@ -296,15 +231,16 @@ int ieee80211_tkip_decrypt_data(struct crypto_blkcipher *tfm,
        u32 iv16;
        u8 rc4key[16], keyid, *pos = payload;
        int res;
+        const u8 *tk = &key->conf.key[NL80211_TKIP_DATA_OFFSET_ENCR_KEY];
        if (payload_len < 12)
                return -1;
        iv16 = (pos[0] << 8) | pos[2];
        keyid = pos[3];
-        iv32 = pos[4] | (pos[5] << 8) | (pos[6] << 16) | (pos[7] << 24);
+        iv32 = get_unaligned_le32(pos + 4);
        pos += 8;
-#ifdef CONFIG_TKIP_DEBUG
+#ifdef CONFIG_MAC80211_TKIP_DEBUG
        {
                int i;
                printk(KERN_DEBUG "TKIP decrypt: data(len=%zd)", payload_len);
@@ -314,7 +250,7 @@ int ieee80211_tkip_decrypt_data(struct crypto_blkcipher *tfm,
                printk(KERN_DEBUG "TKIP decrypt: iv16=%04x iv32=%08x\n",
                       iv16, iv32);
        }
-#endif /* CONFIG_TKIP_DEBUG */
+#endif
        if (!(keyid & (1 << 5)))
                return TKIP_DECRYPT_NO_EXT_IV;
@@ -322,50 +258,48 @@ int ieee80211_tkip_decrypt_data(struct crypto_blkcipher *tfm,
        if ((keyid >> 6) != key->conf.keyidx)
                return TKIP_DECRYPT_INVALID_KEYIDX;
-        if (key->u.tkip.rx_initialized[queue] &&
+        if (key->u.tkip.rx[queue].initialized &&
-            (iv32 < key->u.tkip.iv32_rx[queue] ||
+            (iv32 < key->u.tkip.rx[queue].iv32 ||
-             (iv32 == key->u.tkip.iv32_rx[queue] &&
+             (iv32 == key->u.tkip.rx[queue].iv32 &&
-              iv16 <= key->u.tkip.iv16_rx[queue]))) {
+              iv16 <= key->u.tkip.rx[queue].iv16))) {
-#ifdef CONFIG_TKIP_DEBUG
+#ifdef CONFIG_MAC80211_TKIP_DEBUG
                DECLARE_MAC_BUF(mac);
                printk(KERN_DEBUG "TKIP replay detected for RX frame from "
                       "%s (RX IV (%04x,%02x) <= prev. IV (%04x,%02x)\n",
                       print_mac(mac, ta),
-                       iv32, iv16, key->u.tkip.iv32_rx[queue],
+                       iv32, iv16, key->u.tkip.rx[queue].iv32,
-                       key->u.tkip.iv16_rx[queue]);
+                       key->u.tkip.rx[queue].iv16);
-#endif /* CONFIG_TKIP_DEBUG */
+#endif
                return TKIP_DECRYPT_REPLAY;
        }
        if (only_iv) {
                res = TKIP_DECRYPT_OK;
-                key->u.tkip.rx_initialized[queue] = 1;
+                key->u.tkip.rx[queue].initialized = 1;
                goto done;
        }
-        if (!key->u.tkip.rx_initialized[queue] ||
+        if (!key->u.tkip.rx[queue].initialized ||
-            key->u.tkip.iv32_rx[queue] != iv32) {
+            key->u.tkip.rx[queue].iv32 != iv32) {
-                key->u.tkip.rx_initialized[queue] = 1;
                /* IV16 wrapped around - perform TKIP phase 1 */
-                tkip_mixing_phase1(ta, &key->conf.key[ALG_TKIP_TEMP_ENCR_KEY],
+                tkip_mixing_phase1(tk, &key->u.tkip.rx[queue], ta, iv32);
-                                   iv32, key->u.tkip.p1k_rx[queue]);
+#ifdef CONFIG_MAC80211_TKIP_DEBUG
-#ifdef CONFIG_TKIP_DEBUG
                {
                        int i;
+                        u8 key_offset = NL80211_TKIP_DATA_OFFSET_ENCR_KEY;
                        DECLARE_MAC_BUF(mac);
                        printk(KERN_DEBUG "TKIP decrypt: Phase1 TA=%s"
                               " TK=", print_mac(mac, ta));
                        for (i = 0; i < 16; i++)
                                printk("%02x ",
-                                       key->conf.key[
+                                       key->conf.key[key_offset + i]);
-                                                ALG_TKIP_TEMP_ENCR_KEY + i]);
                        printk("\n");
                        printk(KERN_DEBUG "TKIP decrypt: P1K=");
                        for (i = 0; i < 5; i++)
-                                printk("%04x ", key->u.tkip.p1k_rx[queue][i]);
+                                printk("%04x ", key->u.tkip.rx[queue].p1k[i]);
                        printk("\n");
                }
-#endif /* CONFIG_TKIP_DEBUG */
+#endif
                if (key->local->ops->update_tkip_key &&
                        key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) {
                        u8 bcast[ETH_ALEN] =
@@ -377,14 +311,12 @@ int ieee80211_tkip_decrypt_data(struct crypto_blkcipher *tfm,
                        key->local->ops->update_tkip_key(
                                local_to_hw(key->local), &key->conf,
-                                sta_addr, iv32, key->u.tkip.p1k_rx[queue]);
+                                sta_addr, iv32, key->u.tkip.rx[queue].p1k);
                }
        }
-        tkip_mixing_phase2(key->u.tkip.p1k_rx[queue],
+        tkip_mixing_phase2(tk, &key->u.tkip.rx[queue], iv16, rc4key);
-                           &key->conf.key[ALG_TKIP_TEMP_ENCR_KEY],
+#ifdef CONFIG_MAC80211_TKIP_DEBUG
-                           iv16, rc4key);
-#ifdef CONFIG_TKIP_DEBUG
        {
                int i;
                printk(KERN_DEBUG "TKIP decrypt: Phase2 rc4key=");
@@ -392,7 +324,7 @@ int ieee80211_tkip_decrypt_data(struct crypto_blkcipher *tfm,
                        printk("%02x ", rc4key[i]);
                printk("\n");
        }
-#endif /* CONFIG_TKIP_DEBUG */
+#endif
        res = ieee80211_wep_decrypt_data(tfm, rc4key, 16, pos, payload_len - 12);
 done:
@@ -409,5 +341,3 @@ int ieee80211_tkip_decrypt_data(struct crypto_blkcipher *tfm,
        return res;
 }

diff --git a/net/mac80211/tkip.c b/net/mac80211/tkip.c index 09093da24af6..995f7af3d25e 100644 --- a/net/mac80211/tkip.c +++ b/net/mac80211/tkip.c
@@ -6,25 +6,23 @@
6	* it under the terms of the GNU General Public License version 2 as	6	* it under the terms of the GNU General Public License version 2 as
7	* published by the Free Software Foundation.	7	* published by the Free Software Foundation.
8	*/	8	*/
9
10	#include <linux/kernel.h>	9	#include <linux/kernel.h>
		10	#include <linux/bitops.h>
11	#include <linux/types.h>	11	#include <linux/types.h>
12	#include <linux/netdevice.h>	12	#include <linux/netdevice.h>
		13	#include <asm/unaligned.h>
13		14
14	#include <net/mac80211.h>	15	#include <net/mac80211.h>
15	#include "key.h"	16	#include "key.h"
16	#include "tkip.h"	17	#include "tkip.h"
17	#include "wep.h"	18	#include "wep.h"
18		19
19
20	/* TKIP key mixing functions */
21
22
23	#define PHASE1_LOOP_COUNT 8	20	#define PHASE1_LOOP_COUNT 8
24		21
25		22	/*
26	/* 2-byte by 2-byte subset of the full AES S-box table; second part of this	23	* 2-byte by 2-byte subset of the full AES S-box table; second part of this
27	* table is identical to first part but byte-swapped */	24	* table is identical to first part but byte-swapped
		25	*/
28	static const u16 tkip_sbox[256] =	26	static const u16 tkip_sbox[256] =
29	{	27	{
30	0xC6A5, 0xF884, 0xEE99, 0xF68D, 0xFF0D, 0xD6BD, 0xDEB1, 0x9154,	28	0xC6A5, 0xF884, 0xEE99, 0xF68D, 0xFF0D, 0xD6BD, 0xDEB1, 0x9154,
@@ -61,84 +59,54 @@ static const u16 tkip_sbox[256] =
61	0x82C3, 0x29B0, 0x5A77, 0x1E11, 0x7BCB, 0xA8FC, 0x6DD6, 0x2C3A,	59	0x82C3, 0x29B0, 0x5A77, 0x1E11, 0x7BCB, 0xA8FC, 0x6DD6, 0x2C3A,
62	};	60	};
63		61
64		62	static u16 tkipS(u16 val)
65	static inline u16 Mk16(u8 x, u8 y)
66	{	63	{
67	return ((u16) x << 8) \| (u16) y;	64	return tkip_sbox[val & 0xff] ^ swab16(tkip_sbox[val >> 8]);
68	}	65	}
69		66
70		67	static u8 write_tkip_iv(u8 pos, u16 iv16)
71	static inline u8 Hi8(u16 v)
72	{
73	return v >> 8;
74	}
75
76
77	static inline u8 Lo8(u16 v)
78	{
79	return v & 0xff;
80	}
81
82
83	static inline u16 Hi16(u32 v)
84	{
85	return v >> 16;
86	}
87
88
89	static inline u16 Lo16(u32 v)
90	{
91	return v & 0xffff;
92	}
93
94
95	static inline u16 RotR1(u16 v)
96	{
97	return (v >> 1) \| ((v & 0x0001) << 15);
98	}
99
100
101	static inline u16 tkip_S(u16 val)
102	{	68	{
103	u16 a = tkip_sbox[Hi8(val)];	69	*pos++ = iv16 >> 8;
104		70	*pos++ = ((iv16 >> 8) \| 0x20) & 0x7f;
105	return tkip_sbox[Lo8(val)] ^ Hi8(a) ^ (Lo8(a) << 8);	71	*pos++ = iv16 & 0xFF;
		72	return pos;
106	}	73	}
107		74
108		75	/*
109		76	* P1K := Phase1(TA, TK, TSC)
110	/* P1K := Phase1(TA, TK, TSC)
111	* TA = transmitter address (48 bits)	77	* TA = transmitter address (48 bits)
112	* TK = dot11DefaultKeyValue or dot11KeyMappingValue (128 bits)	78	* TK = dot11DefaultKeyValue or dot11KeyMappingValue (128 bits)
113	* TSC = TKIP sequence counter (48 bits, only 32 msb bits used)	79	* TSC = TKIP sequence counter (48 bits, only 32 msb bits used)
114	* P1K: 80 bits	80	* P1K: 80 bits
115	*/	81	*/
116	static void tkip_mixing_phase1(const u8 ta, const u8 tk, u32 tsc_IV32,	82	static void tkip_mixing_phase1(const u8 tk, struct tkip_ctx ctx,
117	u16 *p1k)	83	const u8 *ta, u32 tsc_IV32)
118	{	84	{
119	int i, j;	85	int i, j;
		86	u16 *p1k = ctx->p1k;
120		87
121	p1k[0] = Lo16(tsc_IV32);	88	p1k[0] = tsc_IV32 & 0xFFFF;
122	p1k[1] = Hi16(tsc_IV32);	89	p1k[1] = tsc_IV32 >> 16;
123	p1k[2] = Mk16(ta[1], ta[0]);	90	p1k[2] = get_unaligned_le16(ta + 0);
124	p1k[3] = Mk16(ta[3], ta[2]);	91	p1k[3] = get_unaligned_le16(ta + 2);
125	p1k[4] = Mk16(ta[5], ta[4]);	92	p1k[4] = get_unaligned_le16(ta + 4);
126		93
127	for (i = 0; i < PHASE1_LOOP_COUNT; i++) {	94	for (i = 0; i < PHASE1_LOOP_COUNT; i++) {
128	j = 2 * (i & 1);	95	j = 2 * (i & 1);
129	p1k[0] += tkip_S(p1k[4] ^ Mk16(tk[ 1 + j], tk[ 0 + j]));	96	p1k[0] += tkipS(p1k[4] ^ get_unaligned_le16(tk + 0 + j));
130	p1k[1] += tkip_S(p1k[0] ^ Mk16(tk[ 5 + j], tk[ 4 + j]));	97	p1k[1] += tkipS(p1k[0] ^ get_unaligned_le16(tk + 4 + j));
131	p1k[2] += tkip_S(p1k[1] ^ Mk16(tk[ 9 + j], tk[ 8 + j]));	98	p1k[2] += tkipS(p1k[1] ^ get_unaligned_le16(tk + 8 + j));
132	p1k[3] += tkip_S(p1k[2] ^ Mk16(tk[13 + j], tk[12 + j]));	99	p1k[3] += tkipS(p1k[2] ^ get_unaligned_le16(tk + 12 + j));
133	p1k[4] += tkip_S(p1k[3] ^ Mk16(tk[ 1 + j], tk[ 0 + j])) + i;	100	p1k[4] += tkipS(p1k[3] ^ get_unaligned_le16(tk + 0 + j)) + i;
134	}	101	}
		102	ctx->initialized = 1;
135	}	103	}
136		104
137		105	static void tkip_mixing_phase2(const u8 tk, struct tkip_ctx ctx,
138	static void tkip_mixing_phase2(const u16 p1k, const u8 tk, u16 tsc_IV16,	106	u16 tsc_IV16, u8 *rc4key)
139	u8 *rc4key)
140	{	107	{
141	u16 ppk[6];	108	u16 ppk[6];
		109	const u16 *p1k = ctx->p1k;
142	int i;	110	int i;
143		111
144	ppk[0] = p1k[0];	112	ppk[0] = p1k[0];
@@ -148,70 +116,35 @@ static void tkip_mixing_phase2(const u16 p1k, const u8 tk, u16 tsc_IV16,
148	ppk[4] = p1k[4];	116	ppk[4] = p1k[4];
149	ppk[5] = p1k[4] + tsc_IV16;	117	ppk[5] = p1k[4] + tsc_IV16;
150		118
151	ppk[0] += tkip_S(ppk[5] ^ Mk16(tk[ 1], tk[ 0]));	119	ppk[0] += tkipS(ppk[5] ^ get_unaligned_le16(tk + 0));
152	ppk[1] += tkip_S(ppk[0] ^ Mk16(tk[ 3], tk[ 2]));	120	ppk[1] += tkipS(ppk[0] ^ get_unaligned_le16(tk + 2));
153	ppk[2] += tkip_S(ppk[1] ^ Mk16(tk[ 5], tk[ 4]));	121	ppk[2] += tkipS(ppk[1] ^ get_unaligned_le16(tk + 4));
154	ppk[3] += tkip_S(ppk[2] ^ Mk16(tk[ 7], tk[ 6]));	122	ppk[3] += tkipS(ppk[2] ^ get_unaligned_le16(tk + 6));
155	ppk[4] += tkip_S(ppk[3] ^ Mk16(tk[ 9], tk[ 8]));	123	ppk[4] += tkipS(ppk[3] ^ get_unaligned_le16(tk + 8));
156	ppk[5] += tkip_S(ppk[4] ^ Mk16(tk[11], tk[10]));	124	ppk[5] += tkipS(ppk[4] ^ get_unaligned_le16(tk + 10));
157	ppk[0] += RotR1(ppk[5] ^ Mk16(tk[13], tk[12]));	125	ppk[0] += ror16(ppk[5] ^ get_unaligned_le16(tk + 12), 1);
158	ppk[1] += RotR1(ppk[0] ^ Mk16(tk[15], tk[14]));	126	ppk[1] += ror16(ppk[0] ^ get_unaligned_le16(tk + 14), 1);
159	ppk[2] += RotR1(ppk[1]);	127	ppk[2] += ror16(ppk[1], 1);
160	ppk[3] += RotR1(ppk[2]);	128	ppk[3] += ror16(ppk[2], 1);
161	ppk[4] += RotR1(ppk[3]);	129	ppk[4] += ror16(ppk[3], 1);
162	ppk[5] += RotR1(ppk[4]);	130	ppk[5] += ror16(ppk[4], 1);
163		131
164	rc4key[0] = Hi8(tsc_IV16);	132	rc4key = write_tkip_iv(rc4key, tsc_IV16);
165	rc4key[1] = (Hi8(tsc_IV16) \| 0x20) & 0x7f;	133	*rc4key++ = ((ppk[5] ^ get_unaligned_le16(tk)) >> 1) & 0xFF;
166	rc4key[2] = Lo8(tsc_IV16);	134
167	rc4key[3] = Lo8((ppk[5] ^ Mk16(tk[1], tk[0])) >> 1);	135	for (i = 0; i < 6; i++)
168		136	put_unaligned_le16(ppk[i], rc4key + 2 * i);
169	for (i = 0; i < 6; i++) {
170	rc4key[4 + 2 * i] = Lo8(ppk[i]);
171	rc4key[5 + 2 * i] = Hi8(ppk[i]);
172	}
173	}	137	}
174		138
175
176	/* Add TKIP IV and Ext. IV at @pos. @iv0, @iv1, and @iv2 are the first octets	139	/* Add TKIP IV and Ext. IV at @pos. @iv0, @iv1, and @iv2 are the first octets
177	* of the IV. Returns pointer to the octet following IVs (i.e., beginning of	140	* of the IV. Returns pointer to the octet following IVs (i.e., beginning of
178	* the packet payload). */	141	* the packet payload). */
179	u8 * ieee80211_tkip_add_iv(u8 pos, struct ieee80211_key key,	142	u8 ieee80211_tkip_add_iv(u8 pos, struct ieee80211_key *key, u16 iv16)
180	u8 iv0, u8 iv1, u8 iv2)
181	{	143	{
182	*pos++ = iv0;	144	pos = write_tkip_iv(pos, iv16);
183	*pos++ = iv1;
184	*pos++ = iv2;
185	pos++ = (key->conf.keyidx << 6) \| (1 << 5) / Ext IV */;	145	pos++ = (key->conf.keyidx << 6) \| (1 << 5) / Ext IV */;
186	*pos++ = key->u.tkip.iv32 & 0xff;	146	put_unaligned_le32(key->u.tkip.tx.iv32, pos);
187	*pos++ = (key->u.tkip.iv32 >> 8) & 0xff;	147	return pos + 4;
188	*pos++ = (key->u.tkip.iv32 >> 16) & 0xff;
189	*pos++ = (key->u.tkip.iv32 >> 24) & 0xff;
190	return pos;
191	}
192
193
194	void ieee80211_tkip_gen_phase1key(struct ieee80211_key key, u8 ta,
195	u16 *phase1key)
196	{
197	tkip_mixing_phase1(ta, &key->conf.key[ALG_TKIP_TEMP_ENCR_KEY],
198	key->u.tkip.iv32, phase1key);
199	}
200
201	void ieee80211_tkip_gen_rc4key(struct ieee80211_key key, u8 ta,
202	u8 *rc4key)
203	{
204	/* Calculate per-packet key */
205	if (key->u.tkip.iv16 == 0 \|\| !key->u.tkip.tx_initialized) {
206	/* IV16 wrapped around - perform TKIP phase 1 */
207	tkip_mixing_phase1(ta, &key->conf.key[ALG_TKIP_TEMP_ENCR_KEY],
208	key->u.tkip.iv32, key->u.tkip.p1k);
209	key->u.tkip.tx_initialized = 1;
210	}
211
212	tkip_mixing_phase2(key->u.tkip.p1k,
213	&key->conf.key[ALG_TKIP_TEMP_ENCR_KEY],
214	key->u.tkip.iv16, rc4key);
215	}	148	}
216		149
217	void ieee80211_get_tkip_key(struct ieee80211_key_conf *keyconf,	150	void ieee80211_get_tkip_key(struct ieee80211_key_conf *keyconf,
@@ -220,48 +153,44 @@ void ieee80211_get_tkip_key(struct ieee80211_key_conf *keyconf,
220	{	153	{
221	struct ieee80211_key key = (struct ieee80211_key )	154	struct ieee80211_key key = (struct ieee80211_key )
222	container_of(keyconf, struct ieee80211_key, conf);	155	container_of(keyconf, struct ieee80211_key, conf);
223	struct ieee80211_hdr hdr = (struct ieee80211_hdr ) skb->data;	156	struct ieee80211_hdr hdr = (struct ieee80211_hdr )skb->data;
224	u8 data = (u8 ) hdr;	157	u8 *data;
225	u16 fc = le16_to_cpu(hdr->frame_control);	158	const u8 *tk;
226	int hdr_len = ieee80211_get_hdrlen(fc);	159	struct tkip_ctx *ctx;
227	u8 *ta = hdr->addr2;
228	u16 iv16;	160	u16 iv16;
229	u32 iv32;	161	u32 iv32;
230		162
231	iv16 = data[hdr_len] << 8;	163	data = (u8 *)hdr + ieee80211_hdrlen(hdr->frame_control);
232	iv16 += data[hdr_len + 2];	164	iv16 = data[2] \| (data[0] << 8);
233	iv32 = data[hdr_len + 4] \| (data[hdr_len + 5] << 8) \|	165	iv32 = get_unaligned_le32(&data[4]);
234	(data[hdr_len + 6] << 16) \| (data[hdr_len + 7] << 24);	166
		167	tk = &key->conf.key[NL80211_TKIP_DATA_OFFSET_ENCR_KEY];
		168	ctx = &key->u.tkip.tx;
235		169
236	#ifdef CONFIG_TKIP_DEBUG	170	#ifdef CONFIG_MAC80211_TKIP_DEBUG
237	printk(KERN_DEBUG "TKIP encrypt: iv16 = 0x%04x, iv32 = 0x%08x\n",	171	printk(KERN_DEBUG "TKIP encrypt: iv16 = 0x%04x, iv32 = 0x%08x\n",
238	iv16, iv32);	172	iv16, iv32);
239		173
240	if (iv32 != key->u.tkip.iv32) {	174	if (iv32 != ctx->iv32) {
241	printk(KERN_DEBUG "skb: iv32 = 0x%08x key: iv32 = 0x%08x\n",	175	printk(KERN_DEBUG "skb: iv32 = 0x%08x key: iv32 = 0x%08x\n",
242	iv32, key->u.tkip.iv32);	176	iv32, ctx->iv32);
243	printk(KERN_DEBUG "Wrap around of iv16 in the middle of a "	177	printk(KERN_DEBUG "Wrap around of iv16 in the middle of a "
244	"fragmented packet\n");	178	"fragmented packet\n");
245	}	179	}
246	#endif /* CONFIG_TKIP_DEBUG */	180	#endif
247		181
248	/* Update the p1k only when the iv16 in the packet wraps around, this	182	/* Update the p1k only when the iv16 in the packet wraps around, this
249	* might occur after the wrap around of iv16 in the key in case of	183	* might occur after the wrap around of iv16 in the key in case of
250	* fragmented packets. */	184	* fragmented packets. */
251	if (iv16 == 0 \|\| !key->u.tkip.tx_initialized) {	185	if (iv16 == 0 \|\| !ctx->initialized)
252	/* IV16 wrapped around - perform TKIP phase 1 */	186	tkip_mixing_phase1(tk, ctx, hdr->addr2, iv32);
253	tkip_mixing_phase1(ta, &key->conf.key[ALG_TKIP_TEMP_ENCR_KEY],
254	iv32, key->u.tkip.p1k);
255	key->u.tkip.tx_initialized = 1;
256	}
257		187
258	if (type == IEEE80211_TKIP_P1_KEY) {	188	if (type == IEEE80211_TKIP_P1_KEY) {
259	memcpy(outkey, key->u.tkip.p1k, sizeof(u16) * 5);	189	memcpy(outkey, ctx->p1k, sizeof(u16) * 5);
260	return;	190	return;
261	}	191	}
262		192
263	tkip_mixing_phase2(key->u.tkip.p1k,	193	tkip_mixing_phase2(tk, ctx, iv16, outkey);
264	&key->conf.key[ALG_TKIP_TEMP_ENCR_KEY], iv16, outkey);
265	}	194	}
266	EXPORT_SYMBOL(ieee80211_get_tkip_key);	195	EXPORT_SYMBOL(ieee80211_get_tkip_key);
267		196
@@ -275,13 +204,19 @@ void ieee80211_tkip_encrypt_data(struct crypto_blkcipher *tfm,
275	u8 pos, size_t payload_len, u8 ta)	204	u8 pos, size_t payload_len, u8 ta)
276	{	205	{
277	u8 rc4key[16];	206	u8 rc4key[16];
		207	struct tkip_ctx *ctx = &key->u.tkip.tx;
		208	const u8 *tk = &key->conf.key[NL80211_TKIP_DATA_OFFSET_ENCR_KEY];
		209
		210	/* Calculate per-packet key */
		211	if (ctx->iv16 == 0 \|\| !ctx->initialized)
		212	tkip_mixing_phase1(tk, ctx, ta, ctx->iv32);
		213
		214	tkip_mixing_phase2(tk, ctx, ctx->iv16, rc4key);
278		215
279	ieee80211_tkip_gen_rc4key(key, ta, rc4key);	216	pos = ieee80211_tkip_add_iv(pos, key, key->u.tkip.tx.iv16);
280	pos = ieee80211_tkip_add_iv(pos, key, rc4key[0], rc4key[1], rc4key[2]);
281	ieee80211_wep_encrypt_data(tfm, rc4key, 16, pos, payload_len);	217	ieee80211_wep_encrypt_data(tfm, rc4key, 16, pos, payload_len);
282	}	218	}
283		219
284
285	/* Decrypt packet payload with TKIP using @key. @pos is a pointer to the	220	/* Decrypt packet payload with TKIP using @key. @pos is a pointer to the
286	* beginning of the buffer containing IEEE 802.11 header payload, i.e.,	221	* beginning of the buffer containing IEEE 802.11 header payload, i.e.,
287	* including IV, Ext. IV, real data, Michael MIC, ICV. @payload_len is the	222	* including IV, Ext. IV, real data, Michael MIC, ICV. @payload_len is the
@@ -296,15 +231,16 @@ int ieee80211_tkip_decrypt_data(struct crypto_blkcipher *tfm,
296	u32 iv16;	231	u32 iv16;
297	u8 rc4key[16], keyid, *pos = payload;	232	u8 rc4key[16], keyid, *pos = payload;
298	int res;	233	int res;
		234	const u8 *tk = &key->conf.key[NL80211_TKIP_DATA_OFFSET_ENCR_KEY];
299		235
300	if (payload_len < 12)	236	if (payload_len < 12)
301	return -1;	237	return -1;
302		238
303	iv16 = (pos[0] << 8) \| pos[2];	239	iv16 = (pos[0] << 8) \| pos[2];
304	keyid = pos[3];	240	keyid = pos[3];
305	iv32 = pos[4] \| (pos[5] << 8) \| (pos[6] << 16) \| (pos[7] << 24);	241	iv32 = get_unaligned_le32(pos + 4);
306	pos += 8;	242	pos += 8;
307	#ifdef CONFIG_TKIP_DEBUG	243	#ifdef CONFIG_MAC80211_TKIP_DEBUG
308	{	244	{
309	int i;	245	int i;
310	printk(KERN_DEBUG "TKIP decrypt: data(len=%zd)", payload_len);	246	printk(KERN_DEBUG "TKIP decrypt: data(len=%zd)", payload_len);
@@ -314,7 +250,7 @@ int ieee80211_tkip_decrypt_data(struct crypto_blkcipher *tfm,
314	printk(KERN_DEBUG "TKIP decrypt: iv16=%04x iv32=%08x\n",	250	printk(KERN_DEBUG "TKIP decrypt: iv16=%04x iv32=%08x\n",
315	iv16, iv32);	251	iv16, iv32);
316	}	252	}
317	#endif /* CONFIG_TKIP_DEBUG */	253	#endif
318		254
319	if (!(keyid & (1 << 5)))	255	if (!(keyid & (1 << 5)))
320	return TKIP_DECRYPT_NO_EXT_IV;	256	return TKIP_DECRYPT_NO_EXT_IV;
@@ -322,50 +258,48 @@ int ieee80211_tkip_decrypt_data(struct crypto_blkcipher *tfm,
322	if ((keyid >> 6) != key->conf.keyidx)	258	if ((keyid >> 6) != key->conf.keyidx)
323	return TKIP_DECRYPT_INVALID_KEYIDX;	259	return TKIP_DECRYPT_INVALID_KEYIDX;
324		260
325	if (key->u.tkip.rx_initialized[queue] &&	261	if (key->u.tkip.rx[queue].initialized &&
326	(iv32 < key->u.tkip.iv32_rx[queue] \|\|	262	(iv32 < key->u.tkip.rx[queue].iv32 \|\|
327	(iv32 == key->u.tkip.iv32_rx[queue] &&	263	(iv32 == key->u.tkip.rx[queue].iv32 &&
328	iv16 <= key->u.tkip.iv16_rx[queue]))) {	264	iv16 <= key->u.tkip.rx[queue].iv16))) {
329	#ifdef CONFIG_TKIP_DEBUG	265	#ifdef CONFIG_MAC80211_TKIP_DEBUG
330	DECLARE_MAC_BUF(mac);	266	DECLARE_MAC_BUF(mac);
331	printk(KERN_DEBUG "TKIP replay detected for RX frame from "	267	printk(KERN_DEBUG "TKIP replay detected for RX frame from "
332	"%s (RX IV (%04x,%02x) <= prev. IV (%04x,%02x)\n",	268	"%s (RX IV (%04x,%02x) <= prev. IV (%04x,%02x)\n",
333	print_mac(mac, ta),	269	print_mac(mac, ta),
334	iv32, iv16, key->u.tkip.iv32_rx[queue],	270	iv32, iv16, key->u.tkip.rx[queue].iv32,
335	key->u.tkip.iv16_rx[queue]);	271	key->u.tkip.rx[queue].iv16);
336	#endif /* CONFIG_TKIP_DEBUG */	272	#endif
337	return TKIP_DECRYPT_REPLAY;	273	return TKIP_DECRYPT_REPLAY;
338	}	274	}
339		275
340	if (only_iv) {	276	if (only_iv) {
341	res = TKIP_DECRYPT_OK;	277	res = TKIP_DECRYPT_OK;
342	key->u.tkip.rx_initialized[queue] = 1;	278	key->u.tkip.rx[queue].initialized = 1;
343	goto done;	279	goto done;
344	}	280	}
345		281
346	if (!key->u.tkip.rx_initialized[queue] \|\|	282	if (!key->u.tkip.rx[queue].initialized \|\|
347	key->u.tkip.iv32_rx[queue] != iv32) {	283	key->u.tkip.rx[queue].iv32 != iv32) {
348	key->u.tkip.rx_initialized[queue] = 1;
349	/* IV16 wrapped around - perform TKIP phase 1 */	284	/* IV16 wrapped around - perform TKIP phase 1 */
350	tkip_mixing_phase1(ta, &key->conf.key[ALG_TKIP_TEMP_ENCR_KEY],	285	tkip_mixing_phase1(tk, &key->u.tkip.rx[queue], ta, iv32);
351	iv32, key->u.tkip.p1k_rx[queue]);	286	#ifdef CONFIG_MAC80211_TKIP_DEBUG
352	#ifdef CONFIG_TKIP_DEBUG
353	{	287	{
354	int i;	288	int i;
		289	u8 key_offset = NL80211_TKIP_DATA_OFFSET_ENCR_KEY;
355	DECLARE_MAC_BUF(mac);	290	DECLARE_MAC_BUF(mac);
356	printk(KERN_DEBUG "TKIP decrypt: Phase1 TA=%s"	291	printk(KERN_DEBUG "TKIP decrypt: Phase1 TA=%s"
357	" TK=", print_mac(mac, ta));	292	" TK=", print_mac(mac, ta));
358	for (i = 0; i < 16; i++)	293	for (i = 0; i < 16; i++)
359	printk("%02x ",	294	printk("%02x ",
360	key->conf.key[	295	key->conf.key[key_offset + i]);
361	ALG_TKIP_TEMP_ENCR_KEY + i]);
362	printk("\n");	296	printk("\n");
363	printk(KERN_DEBUG "TKIP decrypt: P1K=");	297	printk(KERN_DEBUG "TKIP decrypt: P1K=");
364	for (i = 0; i < 5; i++)	298	for (i = 0; i < 5; i++)
365	printk("%04x ", key->u.tkip.p1k_rx[queue][i]);	299	printk("%04x ", key->u.tkip.rx[queue].p1k[i]);
366	printk("\n");	300	printk("\n");
367	}	301	}
368	#endif /* CONFIG_TKIP_DEBUG */	302	#endif
369	if (key->local->ops->update_tkip_key &&	303	if (key->local->ops->update_tkip_key &&
370	key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) {	304	key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) {
371	u8 bcast[ETH_ALEN] =	305	u8 bcast[ETH_ALEN] =
@@ -377,14 +311,12 @@ int ieee80211_tkip_decrypt_data(struct crypto_blkcipher *tfm,
377		311
378	key->local->ops->update_tkip_key(	312	key->local->ops->update_tkip_key(
379	local_to_hw(key->local), &key->conf,	313	local_to_hw(key->local), &key->conf,
380	sta_addr, iv32, key->u.tkip.p1k_rx[queue]);	314	sta_addr, iv32, key->u.tkip.rx[queue].p1k);
381	}	315	}
382	}	316	}
383		317
384	tkip_mixing_phase2(key->u.tkip.p1k_rx[queue],	318	tkip_mixing_phase2(tk, &key->u.tkip.rx[queue], iv16, rc4key);
385	&key->conf.key[ALG_TKIP_TEMP_ENCR_KEY],	319	#ifdef CONFIG_MAC80211_TKIP_DEBUG
386	iv16, rc4key);
387	#ifdef CONFIG_TKIP_DEBUG
388	{	320	{
389	int i;	321	int i;
390	printk(KERN_DEBUG "TKIP decrypt: Phase2 rc4key=");	322	printk(KERN_DEBUG "TKIP decrypt: Phase2 rc4key=");
@@ -392,7 +324,7 @@ int ieee80211_tkip_decrypt_data(struct crypto_blkcipher *tfm,
392	printk("%02x ", rc4key[i]);	324	printk("%02x ", rc4key[i]);
393	printk("\n");	325	printk("\n");
394	}	326	}
395	#endif /* CONFIG_TKIP_DEBUG */	327	#endif
396		328
397	res = ieee80211_wep_decrypt_data(tfm, rc4key, 16, pos, payload_len - 12);	329	res = ieee80211_wep_decrypt_data(tfm, rc4key, 16, pos, payload_len - 12);
398	done:	330	done:
@@ -409,5 +341,3 @@ int ieee80211_tkip_decrypt_data(struct crypto_blkcipher *tfm,
409		341
410	return res;	342	return res;
411	}	343	}
412
413