2 * Host AP crypt: host-based TKIP encryption implementation for Host AP driver
4 * Copyright (c) 2003-2004, Jouni Malinen <jkmaline@cc.hut.fi>
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License version 2 as
8 * published by the Free Software Foundation. See README and COPYING for
12 #include <linux/module.h>
13 #include <linux/init.h>
14 #include <linux/slab.h>
15 #include <linux/random.h>
16 #include <linux/skbuff.h>
17 #include <linux/netdevice.h>
18 #include <linux/if_ether.h>
19 #include <linux/if_arp.h>
20 #include <linux/string.h>
21 #include <linux/crypto.h>
22 #include <linux/scatterlist.h>
23 #include <linux/crc32.h>
27 struct rtllib_tkip_data {
28 #define TKIP_KEY_LEN 32
45 u32 dot11RSNAStatsTKIPReplays;
46 u32 dot11RSNAStatsTKIPICVErrors;
47 u32 dot11RSNAStatsTKIPLocalMICFailures;
50 struct crypto_blkcipher *rx_tfm_arc4;
51 struct crypto_hash *rx_tfm_michael;
52 struct crypto_blkcipher *tx_tfm_arc4;
53 struct crypto_hash *tx_tfm_michael;
54 /* scratch buffers for virt_to_page() (crypto API) */
55 u8 rx_hdr[16], tx_hdr[16];
58 static void *rtllib_tkip_init(int key_idx)
60 struct rtllib_tkip_data *priv;
62 priv = kzalloc(sizeof(*priv), GFP_ATOMIC);
65 priv->key_idx = key_idx;
66 priv->tx_tfm_arc4 = crypto_alloc_blkcipher("ecb(arc4)", 0,
68 if (IS_ERR(priv->tx_tfm_arc4)) {
70 "rtllib_crypt_tkip: could not allocate crypto API arc4\n");
71 priv->tx_tfm_arc4 = NULL;
75 priv->tx_tfm_michael = crypto_alloc_hash("michael_mic", 0,
77 if (IS_ERR(priv->tx_tfm_michael)) {
79 "rtllib_crypt_tkip: could not allocate crypto API michael_mic\n");
80 priv->tx_tfm_michael = NULL;
84 priv->rx_tfm_arc4 = crypto_alloc_blkcipher("ecb(arc4)", 0,
86 if (IS_ERR(priv->rx_tfm_arc4)) {
88 "rtllib_crypt_tkip: could not allocate crypto API arc4\n");
89 priv->rx_tfm_arc4 = NULL;
93 priv->rx_tfm_michael = crypto_alloc_hash("michael_mic", 0,
95 if (IS_ERR(priv->rx_tfm_michael)) {
97 "rtllib_crypt_tkip: could not allocate crypto API michael_mic\n");
98 priv->rx_tfm_michael = NULL;
105 if (priv->tx_tfm_michael)
106 crypto_free_hash(priv->tx_tfm_michael);
107 if (priv->tx_tfm_arc4)
108 crypto_free_blkcipher(priv->tx_tfm_arc4);
109 if (priv->rx_tfm_michael)
110 crypto_free_hash(priv->rx_tfm_michael);
111 if (priv->rx_tfm_arc4)
112 crypto_free_blkcipher(priv->rx_tfm_arc4);
120 static void rtllib_tkip_deinit(void *priv)
122 struct rtllib_tkip_data *_priv = priv;
125 if (_priv->tx_tfm_michael)
126 crypto_free_hash(_priv->tx_tfm_michael);
127 if (_priv->tx_tfm_arc4)
128 crypto_free_blkcipher(_priv->tx_tfm_arc4);
129 if (_priv->rx_tfm_michael)
130 crypto_free_hash(_priv->rx_tfm_michael);
131 if (_priv->rx_tfm_arc4)
132 crypto_free_blkcipher(_priv->rx_tfm_arc4);
138 static inline u16 RotR1(u16 val)
140 return (val >> 1) | (val << 15);
144 static inline u8 Lo8(u16 val)
150 static inline u8 Hi8(u16 val)
156 static inline u16 Lo16(u32 val)
162 static inline u16 Hi16(u32 val)
168 static inline u16 Mk16(u8 hi, u8 lo)
170 return lo | (((u16) hi) << 8);
174 static inline u16 Mk16_le(u16 *v)
180 static const u16 Sbox[256] = {
181 0xC6A5, 0xF884, 0xEE99, 0xF68D, 0xFF0D, 0xD6BD, 0xDEB1, 0x9154,
182 0x6050, 0x0203, 0xCEA9, 0x567D, 0xE719, 0xB562, 0x4DE6, 0xEC9A,
183 0x8F45, 0x1F9D, 0x8940, 0xFA87, 0xEF15, 0xB2EB, 0x8EC9, 0xFB0B,
184 0x41EC, 0xB367, 0x5FFD, 0x45EA, 0x23BF, 0x53F7, 0xE496, 0x9B5B,
185 0x75C2, 0xE11C, 0x3DAE, 0x4C6A, 0x6C5A, 0x7E41, 0xF502, 0x834F,
186 0x685C, 0x51F4, 0xD134, 0xF908, 0xE293, 0xAB73, 0x6253, 0x2A3F,
187 0x080C, 0x9552, 0x4665, 0x9D5E, 0x3028, 0x37A1, 0x0A0F, 0x2FB5,
188 0x0E09, 0x2436, 0x1B9B, 0xDF3D, 0xCD26, 0x4E69, 0x7FCD, 0xEA9F,
189 0x121B, 0x1D9E, 0x5874, 0x342E, 0x362D, 0xDCB2, 0xB4EE, 0x5BFB,
190 0xA4F6, 0x764D, 0xB761, 0x7DCE, 0x527B, 0xDD3E, 0x5E71, 0x1397,
191 0xA6F5, 0xB968, 0x0000, 0xC12C, 0x4060, 0xE31F, 0x79C8, 0xB6ED,
192 0xD4BE, 0x8D46, 0x67D9, 0x724B, 0x94DE, 0x98D4, 0xB0E8, 0x854A,
193 0xBB6B, 0xC52A, 0x4FE5, 0xED16, 0x86C5, 0x9AD7, 0x6655, 0x1194,
194 0x8ACF, 0xE910, 0x0406, 0xFE81, 0xA0F0, 0x7844, 0x25BA, 0x4BE3,
195 0xA2F3, 0x5DFE, 0x80C0, 0x058A, 0x3FAD, 0x21BC, 0x7048, 0xF104,
196 0x63DF, 0x77C1, 0xAF75, 0x4263, 0x2030, 0xE51A, 0xFD0E, 0xBF6D,
197 0x814C, 0x1814, 0x2635, 0xC32F, 0xBEE1, 0x35A2, 0x88CC, 0x2E39,
198 0x9357, 0x55F2, 0xFC82, 0x7A47, 0xC8AC, 0xBAE7, 0x322B, 0xE695,
199 0xC0A0, 0x1998, 0x9ED1, 0xA37F, 0x4466, 0x547E, 0x3BAB, 0x0B83,
200 0x8CCA, 0xC729, 0x6BD3, 0x283C, 0xA779, 0xBCE2, 0x161D, 0xAD76,
201 0xDB3B, 0x6456, 0x744E, 0x141E, 0x92DB, 0x0C0A, 0x486C, 0xB8E4,
202 0x9F5D, 0xBD6E, 0x43EF, 0xC4A6, 0x39A8, 0x31A4, 0xD337, 0xF28B,
203 0xD532, 0x8B43, 0x6E59, 0xDAB7, 0x018C, 0xB164, 0x9CD2, 0x49E0,
204 0xD8B4, 0xACFA, 0xF307, 0xCF25, 0xCAAF, 0xF48E, 0x47E9, 0x1018,
205 0x6FD5, 0xF088, 0x4A6F, 0x5C72, 0x3824, 0x57F1, 0x73C7, 0x9751,
206 0xCB23, 0xA17C, 0xE89C, 0x3E21, 0x96DD, 0x61DC, 0x0D86, 0x0F85,
207 0xE090, 0x7C42, 0x71C4, 0xCCAA, 0x90D8, 0x0605, 0xF701, 0x1C12,
208 0xC2A3, 0x6A5F, 0xAEF9, 0x69D0, 0x1791, 0x9958, 0x3A27, 0x27B9,
209 0xD938, 0xEB13, 0x2BB3, 0x2233, 0xD2BB, 0xA970, 0x0789, 0x33A7,
210 0x2DB6, 0x3C22, 0x1592, 0xC920, 0x8749, 0xAAFF, 0x5078, 0xA57A,
211 0x038F, 0x59F8, 0x0980, 0x1A17, 0x65DA, 0xD731, 0x84C6, 0xD0B8,
212 0x82C3, 0x29B0, 0x5A77, 0x1E11, 0x7BCB, 0xA8FC, 0x6DD6, 0x2C3A,
216 static inline u16 _S_(u16 v)
218 u16 t = Sbox[Hi8(v)];
219 return Sbox[Lo8(v)] ^ ((t << 8) | (t >> 8));
223 #define PHASE1_LOOP_COUNT 8
226 static void tkip_mixing_phase1(u16 *TTAK, const u8 *TK, const u8 *TA, u32 IV32)
230 /* Initialize the 80-bit TTAK from TSC (IV32) and TA[0..5] */
231 TTAK[0] = Lo16(IV32);
232 TTAK[1] = Hi16(IV32);
233 TTAK[2] = Mk16(TA[1], TA[0]);
234 TTAK[3] = Mk16(TA[3], TA[2]);
235 TTAK[4] = Mk16(TA[5], TA[4]);
237 for (i = 0; i < PHASE1_LOOP_COUNT; i++) {
239 TTAK[0] += _S_(TTAK[4] ^ Mk16(TK[1 + j], TK[0 + j]));
240 TTAK[1] += _S_(TTAK[0] ^ Mk16(TK[5 + j], TK[4 + j]));
241 TTAK[2] += _S_(TTAK[1] ^ Mk16(TK[9 + j], TK[8 + j]));
242 TTAK[3] += _S_(TTAK[2] ^ Mk16(TK[13 + j], TK[12 + j]));
243 TTAK[4] += _S_(TTAK[3] ^ Mk16(TK[1 + j], TK[0 + j])) + i;
248 static void tkip_mixing_phase2(u8 *WEPSeed, const u8 *TK, const u16 *TTAK,
251 /* Make temporary area overlap WEP seed so that the final copy can be
252 * avoided on little endian hosts.
254 u16 *PPK = (u16 *) &WEPSeed[4];
256 /* Step 1 - make copy of TTAK and bring in TSC */
262 PPK[5] = TTAK[4] + IV16;
264 /* Step 2 - 96-bit bijective mixing using S-box */
265 PPK[0] += _S_(PPK[5] ^ Mk16_le((u16 *) &TK[0]));
266 PPK[1] += _S_(PPK[0] ^ Mk16_le((u16 *) &TK[2]));
267 PPK[2] += _S_(PPK[1] ^ Mk16_le((u16 *) &TK[4]));
268 PPK[3] += _S_(PPK[2] ^ Mk16_le((u16 *) &TK[6]));
269 PPK[4] += _S_(PPK[3] ^ Mk16_le((u16 *) &TK[8]));
270 PPK[5] += _S_(PPK[4] ^ Mk16_le((u16 *) &TK[10]));
272 PPK[0] += RotR1(PPK[5] ^ Mk16_le((u16 *) &TK[12]));
273 PPK[1] += RotR1(PPK[0] ^ Mk16_le((u16 *) &TK[14]));
274 PPK[2] += RotR1(PPK[1]);
275 PPK[3] += RotR1(PPK[2]);
276 PPK[4] += RotR1(PPK[3]);
277 PPK[5] += RotR1(PPK[4]);
279 /* Step 3 - bring in last of TK bits, assign 24-bit WEP IV value
280 * WEPSeed[0..2] is transmitted as WEP IV
282 WEPSeed[0] = Hi8(IV16);
283 WEPSeed[1] = (Hi8(IV16) | 0x20) & 0x7F;
284 WEPSeed[2] = Lo8(IV16);
285 WEPSeed[3] = Lo8((PPK[5] ^ Mk16_le((u16 *) &TK[0])) >> 1);
291 for (i = 0; i < 6; i++)
292 PPK[i] = (PPK[i] << 8) | (PPK[i] >> 8);
298 static int rtllib_tkip_encrypt(struct sk_buff *skb, int hdr_len, void *priv)
300 struct rtllib_tkip_data *tkey = priv;
303 struct rtllib_hdr_4addr *hdr;
304 struct cb_desc *tcb_desc = (struct cb_desc *)(skb->cb +
306 struct blkcipher_desc desc = {.tfm = tkey->tx_tfm_arc4};
310 struct scatterlist sg;
312 if (skb_headroom(skb) < 8 || skb_tailroom(skb) < 4 ||
316 hdr = (struct rtllib_hdr_4addr *) skb->data;
318 if (!tcb_desc->bHwSec) {
319 if (!tkey->tx_phase1_done) {
320 tkip_mixing_phase1(tkey->tx_ttak, tkey->key, hdr->addr2,
322 tkey->tx_phase1_done = 1;
324 tkip_mixing_phase2(rc4key, tkey->key, tkey->tx_ttak,
327 tkey->tx_phase1_done = 1;
330 len = skb->len - hdr_len;
331 pos = skb_push(skb, 8);
332 memmove(pos, pos + 8, hdr_len);
335 if (tcb_desc->bHwSec) {
336 *pos++ = Hi8(tkey->tx_iv16);
337 *pos++ = (Hi8(tkey->tx_iv16) | 0x20) & 0x7F;
338 *pos++ = Lo8(tkey->tx_iv16);
345 *pos++ = (tkey->key_idx << 6) | (1 << 5) /* Ext IV included */;
346 *pos++ = tkey->tx_iv32 & 0xff;
347 *pos++ = (tkey->tx_iv32 >> 8) & 0xff;
348 *pos++ = (tkey->tx_iv32 >> 16) & 0xff;
349 *pos++ = (tkey->tx_iv32 >> 24) & 0xff;
351 if (!tcb_desc->bHwSec) {
352 icv = skb_put(skb, 4);
353 crc = ~crc32_le(~0, pos, len);
359 sg_init_one(&sg, pos, len+4);
362 crypto_blkcipher_setkey(tkey->tx_tfm_arc4, rc4key, 16);
363 ret = crypto_blkcipher_encrypt(&desc, &sg, &sg, len + 4);
367 if (tkey->tx_iv16 == 0) {
368 tkey->tx_phase1_done = 0;
372 if (!tcb_desc->bHwSec)
380 static int rtllib_tkip_decrypt(struct sk_buff *skb, int hdr_len, void *priv)
382 struct rtllib_tkip_data *tkey = priv;
386 struct rtllib_hdr_4addr *hdr;
387 struct cb_desc *tcb_desc = (struct cb_desc *)(skb->cb +
389 struct blkcipher_desc desc = {.tfm = tkey->rx_tfm_arc4};
393 struct scatterlist sg;
396 if (skb->len < hdr_len + 8 + 4)
399 hdr = (struct rtllib_hdr_4addr *) skb->data;
400 pos = skb->data + hdr_len;
402 if (!(keyidx & (1 << 5))) {
403 if (net_ratelimit()) {
405 "TKIP: received packet without ExtIV flag from %pM\n",
411 if (tkey->key_idx != keyidx) {
413 "TKIP: RX tkey->key_idx=%d frame keyidx=%d priv=%p\n",
414 tkey->key_idx, keyidx, priv);
417 if (!tkey->key_set) {
418 if (net_ratelimit()) {
420 "TKIP: received packet from %pM with keyid=%d that does not have a configured key\n",
425 iv16 = (pos[0] << 8) | pos[2];
426 iv32 = pos[4] | (pos[5] << 8) | (pos[6] << 16) | (pos[7] << 24);
429 if (!tcb_desc->bHwSec || (skb->cb[0] == 1)) {
430 if ((iv32 < tkey->rx_iv32 ||
431 (iv32 == tkey->rx_iv32 && iv16 <= tkey->rx_iv16)) &&
433 if (net_ratelimit()) {
435 "TKIP: replay detected: STA= %pM previous TSC %08x%04x received TSC %08x%04x\n",
436 hdr->addr2, tkey->rx_iv32, tkey->rx_iv16,
439 tkey->dot11RSNAStatsTKIPReplays++;
442 tkey->initialized = true;
444 if (iv32 != tkey->rx_iv32 || !tkey->rx_phase1_done) {
445 tkip_mixing_phase1(tkey->rx_ttak, tkey->key,
447 tkey->rx_phase1_done = 1;
449 tkip_mixing_phase2(rc4key, tkey->key, tkey->rx_ttak, iv16);
451 plen = skb->len - hdr_len - 12;
453 sg_init_one(&sg, pos, plen+4);
455 crypto_blkcipher_setkey(tkey->rx_tfm_arc4, rc4key, 16);
456 if (crypto_blkcipher_decrypt(&desc, &sg, &sg, plen + 4)) {
457 if (net_ratelimit()) {
459 ": TKIP: failed to decrypt received packet from %pM\n",
465 crc = ~crc32_le(~0, pos, plen);
471 if (memcmp(icv, pos + plen, 4) != 0) {
472 if (iv32 != tkey->rx_iv32) {
473 /* Previously cached Phase1 result was already
474 * lost, so it needs to be recalculated for the
477 tkey->rx_phase1_done = 0;
479 if (net_ratelimit()) {
481 "TKIP: ICV error detected: STA= %pM\n",
484 tkey->dot11RSNAStatsTKIPICVErrors++;
490 /* Update real counters only after Michael MIC verification has
493 tkey->rx_iv32_new = iv32;
494 tkey->rx_iv16_new = iv16;
496 /* Remove IV and ICV */
497 memmove(skb->data + 8, skb->data, hdr_len);
499 skb_trim(skb, skb->len - 4);
505 static int michael_mic(struct crypto_hash *tfm_michael, u8 *key, u8 *hdr,
506 u8 *data, size_t data_len, u8 *mic)
508 struct hash_desc desc;
509 struct scatterlist sg[2];
511 if (tfm_michael == NULL) {
512 pr_warn("michael_mic: tfm_michael == NULL\n");
515 sg_init_table(sg, 2);
516 sg_set_buf(&sg[0], hdr, 16);
517 sg_set_buf(&sg[1], data, data_len);
519 if (crypto_hash_setkey(tfm_michael, key, 8))
522 desc.tfm = tfm_michael;
524 return crypto_hash_digest(&desc, sg, data_len + 16, mic);
527 static void michael_mic_hdr(struct sk_buff *skb, u8 *hdr)
529 struct rtllib_hdr_4addr *hdr11;
531 hdr11 = (struct rtllib_hdr_4addr *) skb->data;
532 switch (le16_to_cpu(hdr11->frame_ctl) &
533 (RTLLIB_FCTL_FROMDS | RTLLIB_FCTL_TODS)) {
534 case RTLLIB_FCTL_TODS:
535 memcpy(hdr, hdr11->addr3, ETH_ALEN); /* DA */
536 memcpy(hdr + ETH_ALEN, hdr11->addr2, ETH_ALEN); /* SA */
538 case RTLLIB_FCTL_FROMDS:
539 memcpy(hdr, hdr11->addr1, ETH_ALEN); /* DA */
540 memcpy(hdr + ETH_ALEN, hdr11->addr3, ETH_ALEN); /* SA */
542 case RTLLIB_FCTL_FROMDS | RTLLIB_FCTL_TODS:
543 memcpy(hdr, hdr11->addr3, ETH_ALEN); /* DA */
544 memcpy(hdr + ETH_ALEN, hdr11->addr4, ETH_ALEN); /* SA */
547 memcpy(hdr, hdr11->addr1, ETH_ALEN); /* DA */
548 memcpy(hdr + ETH_ALEN, hdr11->addr2, ETH_ALEN); /* SA */
552 hdr[12] = 0; /* priority */
554 hdr[13] = hdr[14] = hdr[15] = 0; /* reserved */
558 static int rtllib_michael_mic_add(struct sk_buff *skb, int hdr_len, void *priv)
560 struct rtllib_tkip_data *tkey = priv;
562 struct rtllib_hdr_4addr *hdr;
564 hdr = (struct rtllib_hdr_4addr *) skb->data;
566 if (skb_tailroom(skb) < 8 || skb->len < hdr_len) {
568 "Invalid packet for Michael MIC add (tailroom=%d hdr_len=%d skb->len=%d)\n",
569 skb_tailroom(skb), hdr_len, skb->len);
573 michael_mic_hdr(skb, tkey->tx_hdr);
575 if (RTLLIB_QOS_HAS_SEQ(le16_to_cpu(hdr->frame_ctl)))
576 tkey->tx_hdr[12] = *(skb->data + hdr_len - 2) & 0x07;
577 pos = skb_put(skb, 8);
578 if (michael_mic(tkey->tx_tfm_michael, &tkey->key[16], tkey->tx_hdr,
579 skb->data + hdr_len, skb->len - 8 - hdr_len, pos))
586 static void rtllib_michael_mic_failure(struct net_device *dev,
587 struct rtllib_hdr_4addr *hdr,
590 union iwreq_data wrqu;
591 struct iw_michaelmicfailure ev;
593 /* TODO: needed parameters: count, keyid, key type, TSC */
594 memset(&ev, 0, sizeof(ev));
595 ev.flags = keyidx & IW_MICFAILURE_KEY_ID;
596 if (hdr->addr1[0] & 0x01)
597 ev.flags |= IW_MICFAILURE_GROUP;
599 ev.flags |= IW_MICFAILURE_PAIRWISE;
600 ev.src_addr.sa_family = ARPHRD_ETHER;
601 memcpy(ev.src_addr.sa_data, hdr->addr2, ETH_ALEN);
602 memset(&wrqu, 0, sizeof(wrqu));
603 wrqu.data.length = sizeof(ev);
604 wireless_send_event(dev, IWEVMICHAELMICFAILURE, &wrqu, (char *) &ev);
607 static int rtllib_michael_mic_verify(struct sk_buff *skb, int keyidx,
608 int hdr_len, void *priv)
610 struct rtllib_tkip_data *tkey = priv;
612 struct rtllib_hdr_4addr *hdr;
614 hdr = (struct rtllib_hdr_4addr *) skb->data;
619 michael_mic_hdr(skb, tkey->rx_hdr);
620 if (RTLLIB_QOS_HAS_SEQ(le16_to_cpu(hdr->frame_ctl)))
621 tkey->rx_hdr[12] = *(skb->data + hdr_len - 2) & 0x07;
623 if (michael_mic(tkey->rx_tfm_michael, &tkey->key[24], tkey->rx_hdr,
624 skb->data + hdr_len, skb->len - 8 - hdr_len, mic))
627 if (memcmp(mic, skb->data + skb->len - 8, 8) != 0) {
628 struct rtllib_hdr_4addr *hdr;
630 hdr = (struct rtllib_hdr_4addr *) skb->data;
632 "%s: Michael MIC verification failed for MSDU from %pM keyidx=%d\n",
633 skb->dev ? skb->dev->name : "N/A", hdr->addr2,
635 printk(KERN_DEBUG "%d\n",
636 memcmp(mic, skb->data + skb->len - 8, 8) != 0);
638 pr_info("skb->dev != NULL\n");
639 rtllib_michael_mic_failure(skb->dev, hdr, keyidx);
641 tkey->dot11RSNAStatsTKIPLocalMICFailures++;
645 /* Update TSC counters for RX now that the packet verification has
648 tkey->rx_iv32 = tkey->rx_iv32_new;
649 tkey->rx_iv16 = tkey->rx_iv16_new;
651 skb_trim(skb, skb->len - 8);
657 static int rtllib_tkip_set_key(void *key, int len, u8 *seq, void *priv)
659 struct rtllib_tkip_data *tkey = priv;
661 struct crypto_hash *tfm = tkey->tx_tfm_michael;
662 struct crypto_blkcipher *tfm2 = tkey->tx_tfm_arc4;
663 struct crypto_hash *tfm3 = tkey->rx_tfm_michael;
664 struct crypto_blkcipher *tfm4 = tkey->rx_tfm_arc4;
666 keyidx = tkey->key_idx;
667 memset(tkey, 0, sizeof(*tkey));
668 tkey->key_idx = keyidx;
669 tkey->tx_tfm_michael = tfm;
670 tkey->tx_tfm_arc4 = tfm2;
671 tkey->rx_tfm_michael = tfm3;
672 tkey->rx_tfm_arc4 = tfm4;
674 if (len == TKIP_KEY_LEN) {
675 memcpy(tkey->key, key, TKIP_KEY_LEN);
677 tkey->tx_iv16 = 1; /* TSC is initialized to 1 */
679 tkey->rx_iv32 = (seq[5] << 24) | (seq[4] << 16) |
680 (seq[3] << 8) | seq[2];
681 tkey->rx_iv16 = (seq[1] << 8) | seq[0];
692 static int rtllib_tkip_get_key(void *key, int len, u8 *seq, void *priv)
694 struct rtllib_tkip_data *tkey = priv;
696 if (len < TKIP_KEY_LEN)
701 memcpy(key, tkey->key, TKIP_KEY_LEN);
704 /* Return the sequence number of the last transmitted frame. */
705 u16 iv16 = tkey->tx_iv16;
706 u32 iv32 = tkey->tx_iv32;
711 seq[0] = tkey->tx_iv16;
712 seq[1] = tkey->tx_iv16 >> 8;
713 seq[2] = tkey->tx_iv32;
714 seq[3] = tkey->tx_iv32 >> 8;
715 seq[4] = tkey->tx_iv32 >> 16;
716 seq[5] = tkey->tx_iv32 >> 24;
723 static void rtllib_tkip_print_stats(struct seq_file *m, void *priv)
725 struct rtllib_tkip_data *tkip = priv;
728 "key[%d] alg=TKIP key_set=%d tx_pn=%02x%02x%02x%02x%02x%02x rx_pn=%02x%02x%02x%02x%02x%02x replays=%d icv_errors=%d local_mic_failures=%d\n",
729 tkip->key_idx, tkip->key_set,
730 (tkip->tx_iv32 >> 24) & 0xff,
731 (tkip->tx_iv32 >> 16) & 0xff,
732 (tkip->tx_iv32 >> 8) & 0xff,
733 tkip->tx_iv32 & 0xff,
734 (tkip->tx_iv16 >> 8) & 0xff,
735 tkip->tx_iv16 & 0xff,
736 (tkip->rx_iv32 >> 24) & 0xff,
737 (tkip->rx_iv32 >> 16) & 0xff,
738 (tkip->rx_iv32 >> 8) & 0xff,
739 tkip->rx_iv32 & 0xff,
740 (tkip->rx_iv16 >> 8) & 0xff,
741 tkip->rx_iv16 & 0xff,
742 tkip->dot11RSNAStatsTKIPReplays,
743 tkip->dot11RSNAStatsTKIPICVErrors,
744 tkip->dot11RSNAStatsTKIPLocalMICFailures);
747 static struct lib80211_crypto_ops rtllib_crypt_tkip = {
749 .init = rtllib_tkip_init,
750 .deinit = rtllib_tkip_deinit,
751 .encrypt_mpdu = rtllib_tkip_encrypt,
752 .decrypt_mpdu = rtllib_tkip_decrypt,
753 .encrypt_msdu = rtllib_michael_mic_add,
754 .decrypt_msdu = rtllib_michael_mic_verify,
755 .set_key = rtllib_tkip_set_key,
756 .get_key = rtllib_tkip_get_key,
757 .print_stats = rtllib_tkip_print_stats,
758 .extra_mpdu_prefix_len = 4 + 4, /* IV + ExtIV */
759 .extra_mpdu_postfix_len = 4, /* ICV */
760 .extra_msdu_postfix_len = 8, /* MIC */
761 .owner = THIS_MODULE,
765 static int __init rtllib_crypto_tkip_init(void)
767 return lib80211_register_crypto_ops(&rtllib_crypt_tkip);
771 static void __exit rtllib_crypto_tkip_exit(void)
773 lib80211_unregister_crypto_ops(&rtllib_crypt_tkip);
776 module_init(rtllib_crypto_tkip_init);
777 module_exit(rtllib_crypto_tkip_exit);
779 MODULE_LICENSE("GPL");