1 // SPDX-License-Identifier: GPL-2.0-only 2 /* 3 * libipw crypt: host-based TKIP encryption implementation for libipw 4 * 5 * Copyright (c) 2003-2004, Jouni Malinen <j@w1.fi> 6 * Copyright (c) 2008, John W. Linville <linville@tuxdriver.com> 7 */ 8 9 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt 10 11 #include <linux/err.h> 12 #include <linux/fips.h> 13 #include <linux/module.h> 14 #include <linux/init.h> 15 #include <linux/slab.h> 16 #include <linux/random.h> 17 #include <linux/scatterlist.h> 18 #include <linux/skbuff.h> 19 #include <linux/netdevice.h> 20 #include <linux/mm.h> 21 #include <linux/if_ether.h> 22 #include <linux/if_arp.h> 23 #include <asm/string.h> 24 #include <linux/wireless.h> 25 #include <linux/ieee80211.h> 26 #include <net/iw_handler.h> 27 #include <crypto/arc4.h> 28 #include <linux/crc32.h> 29 #include "libipw.h" 30 31 #define TKIP_HDR_LEN 8 32 33 struct libipw_tkip_data { 34 #define TKIP_KEY_LEN 32 35 u8 key[TKIP_KEY_LEN]; 36 int key_set; 37 38 u32 tx_iv32; 39 u16 tx_iv16; 40 u16 tx_ttak[5]; 41 int tx_phase1_done; 42 43 u32 rx_iv32; 44 u16 rx_iv16; 45 u16 rx_ttak[5]; 46 int rx_phase1_done; 47 u32 rx_iv32_new; 48 u16 rx_iv16_new; 49 50 u32 dot11RSNAStatsTKIPReplays; 51 u32 dot11RSNAStatsTKIPICVErrors; 52 u32 dot11RSNAStatsTKIPLocalMICFailures; 53 54 int key_idx; 55 56 struct arc4_ctx rx_ctx_arc4; 57 struct arc4_ctx tx_ctx_arc4; 58 59 unsigned long flags; 60 }; 61 62 static unsigned long libipw_tkip_set_flags(unsigned long flags, void *priv) 63 { 64 struct libipw_tkip_data *_priv = priv; 65 unsigned long old_flags = _priv->flags; 66 _priv->flags = flags; 67 return old_flags; 68 } 69 70 static unsigned long libipw_tkip_get_flags(void *priv) 71 { 72 struct libipw_tkip_data *_priv = priv; 73 return _priv->flags; 74 } 75 76 static void *libipw_tkip_init(int key_idx) 77 { 78 struct libipw_tkip_data *priv; 79 80 if (fips_enabled) 81 return NULL; 82 83 priv = kzalloc_obj(*priv, GFP_ATOMIC); 84 if (priv == NULL) 85 return priv; 86 87 priv->key_idx = key_idx; 88 return priv; 89 } 90 91 static void libipw_tkip_deinit(void *priv) 92 { 93 kfree_sensitive(priv); 94 } 95 96 static inline u16 RotR1(u16 val) 97 { 98 return (val >> 1) | (val << 15); 99 } 100 101 static inline u8 Lo8(u16 val) 102 { 103 return val & 0xff; 104 } 105 106 static inline u8 Hi8(u16 val) 107 { 108 return val >> 8; 109 } 110 111 static inline u16 Lo16(u32 val) 112 { 113 return val & 0xffff; 114 } 115 116 static inline u16 Hi16(u32 val) 117 { 118 return val >> 16; 119 } 120 121 static inline u16 Mk16(u8 hi, u8 lo) 122 { 123 return lo | (((u16) hi) << 8); 124 } 125 126 static inline u16 Mk16_le(__le16 * v) 127 { 128 return le16_to_cpu(*v); 129 } 130 131 static const u16 Sbox[256] = { 132 0xC6A5, 0xF884, 0xEE99, 0xF68D, 0xFF0D, 0xD6BD, 0xDEB1, 0x9154, 133 0x6050, 0x0203, 0xCEA9, 0x567D, 0xE719, 0xB562, 0x4DE6, 0xEC9A, 134 0x8F45, 0x1F9D, 0x8940, 0xFA87, 0xEF15, 0xB2EB, 0x8EC9, 0xFB0B, 135 0x41EC, 0xB367, 0x5FFD, 0x45EA, 0x23BF, 0x53F7, 0xE496, 0x9B5B, 136 0x75C2, 0xE11C, 0x3DAE, 0x4C6A, 0x6C5A, 0x7E41, 0xF502, 0x834F, 137 0x685C, 0x51F4, 0xD134, 0xF908, 0xE293, 0xAB73, 0x6253, 0x2A3F, 138 0x080C, 0x9552, 0x4665, 0x9D5E, 0x3028, 0x37A1, 0x0A0F, 0x2FB5, 139 0x0E09, 0x2436, 0x1B9B, 0xDF3D, 0xCD26, 0x4E69, 0x7FCD, 0xEA9F, 140 0x121B, 0x1D9E, 0x5874, 0x342E, 0x362D, 0xDCB2, 0xB4EE, 0x5BFB, 141 0xA4F6, 0x764D, 0xB761, 0x7DCE, 0x527B, 0xDD3E, 0x5E71, 0x1397, 142 0xA6F5, 0xB968, 0x0000, 0xC12C, 0x4060, 0xE31F, 0x79C8, 0xB6ED, 143 0xD4BE, 0x8D46, 0x67D9, 0x724B, 0x94DE, 0x98D4, 0xB0E8, 0x854A, 144 0xBB6B, 0xC52A, 0x4FE5, 0xED16, 0x86C5, 0x9AD7, 0x6655, 0x1194, 145 0x8ACF, 0xE910, 0x0406, 0xFE81, 0xA0F0, 0x7844, 0x25BA, 0x4BE3, 146 0xA2F3, 0x5DFE, 0x80C0, 0x058A, 0x3FAD, 0x21BC, 0x7048, 0xF104, 147 0x63DF, 0x77C1, 0xAF75, 0x4263, 0x2030, 0xE51A, 0xFD0E, 0xBF6D, 148 0x814C, 0x1814, 0x2635, 0xC32F, 0xBEE1, 0x35A2, 0x88CC, 0x2E39, 149 0x9357, 0x55F2, 0xFC82, 0x7A47, 0xC8AC, 0xBAE7, 0x322B, 0xE695, 150 0xC0A0, 0x1998, 0x9ED1, 0xA37F, 0x4466, 0x547E, 0x3BAB, 0x0B83, 151 0x8CCA, 0xC729, 0x6BD3, 0x283C, 0xA779, 0xBCE2, 0x161D, 0xAD76, 152 0xDB3B, 0x6456, 0x744E, 0x141E, 0x92DB, 0x0C0A, 0x486C, 0xB8E4, 153 0x9F5D, 0xBD6E, 0x43EF, 0xC4A6, 0x39A8, 0x31A4, 0xD337, 0xF28B, 154 0xD532, 0x8B43, 0x6E59, 0xDAB7, 0x018C, 0xB164, 0x9CD2, 0x49E0, 155 0xD8B4, 0xACFA, 0xF307, 0xCF25, 0xCAAF, 0xF48E, 0x47E9, 0x1018, 156 0x6FD5, 0xF088, 0x4A6F, 0x5C72, 0x3824, 0x57F1, 0x73C7, 0x9751, 157 0xCB23, 0xA17C, 0xE89C, 0x3E21, 0x96DD, 0x61DC, 0x0D86, 0x0F85, 158 0xE090, 0x7C42, 0x71C4, 0xCCAA, 0x90D8, 0x0605, 0xF701, 0x1C12, 159 0xC2A3, 0x6A5F, 0xAEF9, 0x69D0, 0x1791, 0x9958, 0x3A27, 0x27B9, 160 0xD938, 0xEB13, 0x2BB3, 0x2233, 0xD2BB, 0xA970, 0x0789, 0x33A7, 161 0x2DB6, 0x3C22, 0x1592, 0xC920, 0x8749, 0xAAFF, 0x5078, 0xA57A, 162 0x038F, 0x59F8, 0x0980, 0x1A17, 0x65DA, 0xD731, 0x84C6, 0xD0B8, 163 0x82C3, 0x29B0, 0x5A77, 0x1E11, 0x7BCB, 0xA8FC, 0x6DD6, 0x2C3A, 164 }; 165 166 static inline u16 _S_(u16 v) 167 { 168 u16 t = Sbox[Hi8(v)]; 169 return Sbox[Lo8(v)] ^ ((t << 8) | (t >> 8)); 170 } 171 172 #define PHASE1_LOOP_COUNT 8 173 174 static void tkip_mixing_phase1(u16 * TTAK, const u8 * TK, const u8 * TA, 175 u32 IV32) 176 { 177 int i, j; 178 179 /* Initialize the 80-bit TTAK from TSC (IV32) and TA[0..5] */ 180 TTAK[0] = Lo16(IV32); 181 TTAK[1] = Hi16(IV32); 182 TTAK[2] = Mk16(TA[1], TA[0]); 183 TTAK[3] = Mk16(TA[3], TA[2]); 184 TTAK[4] = Mk16(TA[5], TA[4]); 185 186 for (i = 0; i < PHASE1_LOOP_COUNT; i++) { 187 j = 2 * (i & 1); 188 TTAK[0] += _S_(TTAK[4] ^ Mk16(TK[1 + j], TK[0 + j])); 189 TTAK[1] += _S_(TTAK[0] ^ Mk16(TK[5 + j], TK[4 + j])); 190 TTAK[2] += _S_(TTAK[1] ^ Mk16(TK[9 + j], TK[8 + j])); 191 TTAK[3] += _S_(TTAK[2] ^ Mk16(TK[13 + j], TK[12 + j])); 192 TTAK[4] += _S_(TTAK[3] ^ Mk16(TK[1 + j], TK[0 + j])) + i; 193 } 194 } 195 196 static void tkip_mixing_phase2(u8 * WEPSeed, const u8 * TK, const u16 * TTAK, 197 u16 IV16) 198 { 199 /* Make temporary area overlap WEP seed so that the final copy can be 200 * avoided on little endian hosts. */ 201 u16 *PPK = (u16 *) & WEPSeed[4]; 202 203 /* Step 1 - make copy of TTAK and bring in TSC */ 204 PPK[0] = TTAK[0]; 205 PPK[1] = TTAK[1]; 206 PPK[2] = TTAK[2]; 207 PPK[3] = TTAK[3]; 208 PPK[4] = TTAK[4]; 209 PPK[5] = TTAK[4] + IV16; 210 211 /* Step 2 - 96-bit bijective mixing using S-box */ 212 PPK[0] += _S_(PPK[5] ^ Mk16_le((__le16 *) & TK[0])); 213 PPK[1] += _S_(PPK[0] ^ Mk16_le((__le16 *) & TK[2])); 214 PPK[2] += _S_(PPK[1] ^ Mk16_le((__le16 *) & TK[4])); 215 PPK[3] += _S_(PPK[2] ^ Mk16_le((__le16 *) & TK[6])); 216 PPK[4] += _S_(PPK[3] ^ Mk16_le((__le16 *) & TK[8])); 217 PPK[5] += _S_(PPK[4] ^ Mk16_le((__le16 *) & TK[10])); 218 219 PPK[0] += RotR1(PPK[5] ^ Mk16_le((__le16 *) & TK[12])); 220 PPK[1] += RotR1(PPK[0] ^ Mk16_le((__le16 *) & TK[14])); 221 PPK[2] += RotR1(PPK[1]); 222 PPK[3] += RotR1(PPK[2]); 223 PPK[4] += RotR1(PPK[3]); 224 PPK[5] += RotR1(PPK[4]); 225 226 /* Step 3 - bring in last of TK bits, assign 24-bit WEP IV value 227 * WEPSeed[0..2] is transmitted as WEP IV */ 228 WEPSeed[0] = Hi8(IV16); 229 WEPSeed[1] = (Hi8(IV16) | 0x20) & 0x7F; 230 WEPSeed[2] = Lo8(IV16); 231 WEPSeed[3] = Lo8((PPK[5] ^ Mk16_le((__le16 *) & TK[0])) >> 1); 232 233 #ifdef __BIG_ENDIAN 234 { 235 int i; 236 for (i = 0; i < 6; i++) 237 PPK[i] = (PPK[i] << 8) | (PPK[i] >> 8); 238 } 239 #endif 240 } 241 242 static int libipw_tkip_hdr(struct sk_buff *skb, int hdr_len, 243 u8 * rc4key, int keylen, void *priv) 244 { 245 struct libipw_tkip_data *tkey = priv; 246 u8 *pos; 247 struct ieee80211_hdr *hdr; 248 249 hdr = (struct ieee80211_hdr *)skb->data; 250 251 if (skb_headroom(skb) < TKIP_HDR_LEN || skb->len < hdr_len) 252 return -1; 253 254 if (rc4key == NULL || keylen < 16) 255 return -1; 256 257 if (!tkey->tx_phase1_done) { 258 tkip_mixing_phase1(tkey->tx_ttak, tkey->key, hdr->addr2, 259 tkey->tx_iv32); 260 tkey->tx_phase1_done = 1; 261 } 262 tkip_mixing_phase2(rc4key, tkey->key, tkey->tx_ttak, tkey->tx_iv16); 263 264 pos = skb_push(skb, TKIP_HDR_LEN); 265 memmove(pos, pos + TKIP_HDR_LEN, hdr_len); 266 pos += hdr_len; 267 268 *pos++ = *rc4key; 269 *pos++ = *(rc4key + 1); 270 *pos++ = *(rc4key + 2); 271 *pos++ = (tkey->key_idx << 6) | (1 << 5) /* Ext IV included */ ; 272 *pos++ = tkey->tx_iv32 & 0xff; 273 *pos++ = (tkey->tx_iv32 >> 8) & 0xff; 274 *pos++ = (tkey->tx_iv32 >> 16) & 0xff; 275 *pos++ = (tkey->tx_iv32 >> 24) & 0xff; 276 277 tkey->tx_iv16++; 278 if (tkey->tx_iv16 == 0) { 279 tkey->tx_phase1_done = 0; 280 tkey->tx_iv32++; 281 } 282 283 return TKIP_HDR_LEN; 284 } 285 286 static int libipw_tkip_encrypt(struct sk_buff *skb, int hdr_len, void *priv) 287 { 288 struct libipw_tkip_data *tkey = priv; 289 int len; 290 u8 rc4key[16], *pos, *icv; 291 u32 crc; 292 293 if (tkey->flags & IEEE80211_CRYPTO_TKIP_COUNTERMEASURES) { 294 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data; 295 net_dbg_ratelimited("TKIP countermeasures: dropped TX packet to %pM\n", 296 hdr->addr1); 297 return -1; 298 } 299 300 if (skb_tailroom(skb) < 4 || skb->len < hdr_len) 301 return -1; 302 303 len = skb->len - hdr_len; 304 pos = skb->data + hdr_len; 305 306 if ((libipw_tkip_hdr(skb, hdr_len, rc4key, 16, priv)) < 0) 307 return -1; 308 309 crc = ~crc32_le(~0, pos, len); 310 icv = skb_put(skb, 4); 311 icv[0] = crc; 312 icv[1] = crc >> 8; 313 icv[2] = crc >> 16; 314 icv[3] = crc >> 24; 315 316 arc4_setkey(&tkey->tx_ctx_arc4, rc4key, 16); 317 arc4_crypt(&tkey->tx_ctx_arc4, pos, pos, len + 4); 318 319 return 0; 320 } 321 322 /* 323 * deal with seq counter wrapping correctly. 324 * refer to timer_after() for jiffies wrapping handling 325 */ 326 static inline int tkip_replay_check(u32 iv32_n, u16 iv16_n, 327 u32 iv32_o, u16 iv16_o) 328 { 329 if ((s32)iv32_n - (s32)iv32_o < 0 || 330 (iv32_n == iv32_o && iv16_n <= iv16_o)) 331 return 1; 332 return 0; 333 } 334 335 static int libipw_tkip_decrypt(struct sk_buff *skb, int hdr_len, void *priv) 336 { 337 struct libipw_tkip_data *tkey = priv; 338 u8 rc4key[16]; 339 u8 keyidx, *pos; 340 u32 iv32; 341 u16 iv16; 342 struct ieee80211_hdr *hdr; 343 u8 icv[4]; 344 u32 crc; 345 int plen; 346 347 hdr = (struct ieee80211_hdr *)skb->data; 348 349 if (tkey->flags & IEEE80211_CRYPTO_TKIP_COUNTERMEASURES) { 350 net_dbg_ratelimited("TKIP countermeasures: dropped received packet from %pM\n", 351 hdr->addr2); 352 return -1; 353 } 354 355 if (skb->len < hdr_len + TKIP_HDR_LEN + 4) 356 return -1; 357 358 pos = skb->data + hdr_len; 359 keyidx = pos[3]; 360 if (!(keyidx & (1 << 5))) { 361 net_dbg_ratelimited("TKIP: received packet without ExtIV flag from %pM\n", 362 hdr->addr2); 363 return -2; 364 } 365 keyidx >>= 6; 366 if (tkey->key_idx != keyidx) { 367 net_dbg_ratelimited("TKIP: RX tkey->key_idx=%d frame keyidx=%d\n", 368 tkey->key_idx, keyidx); 369 return -6; 370 } 371 if (!tkey->key_set) { 372 net_dbg_ratelimited("TKIP: received packet from %pM with keyid=%d that does not have a configured key\n", 373 hdr->addr2, keyidx); 374 return -3; 375 } 376 iv16 = (pos[0] << 8) | pos[2]; 377 iv32 = pos[4] | (pos[5] << 8) | (pos[6] << 16) | (pos[7] << 24); 378 pos += TKIP_HDR_LEN; 379 380 if (tkip_replay_check(iv32, iv16, tkey->rx_iv32, tkey->rx_iv16)) { 381 #ifdef CONFIG_LIBIPW_DEBUG 382 net_dbg_ratelimited("TKIP: replay detected: STA=%pM previous TSC %08x%04x received TSC %08x%04x\n", 383 hdr->addr2, tkey->rx_iv32, tkey->rx_iv16, 384 iv32, iv16); 385 #endif 386 tkey->dot11RSNAStatsTKIPReplays++; 387 return -4; 388 } 389 390 if (iv32 != tkey->rx_iv32 || !tkey->rx_phase1_done) { 391 tkip_mixing_phase1(tkey->rx_ttak, tkey->key, hdr->addr2, iv32); 392 tkey->rx_phase1_done = 1; 393 } 394 tkip_mixing_phase2(rc4key, tkey->key, tkey->rx_ttak, iv16); 395 396 plen = skb->len - hdr_len - 12; 397 398 arc4_setkey(&tkey->rx_ctx_arc4, rc4key, 16); 399 arc4_crypt(&tkey->rx_ctx_arc4, pos, pos, plen + 4); 400 401 crc = ~crc32_le(~0, pos, plen); 402 icv[0] = crc; 403 icv[1] = crc >> 8; 404 icv[2] = crc >> 16; 405 icv[3] = crc >> 24; 406 if (memcmp(icv, pos + plen, 4) != 0) { 407 if (iv32 != tkey->rx_iv32) { 408 /* Previously cached Phase1 result was already lost, so 409 * it needs to be recalculated for the next packet. */ 410 tkey->rx_phase1_done = 0; 411 } 412 #ifdef CONFIG_LIBIPW_DEBUG 413 net_dbg_ratelimited("TKIP: ICV error detected: STA=%pM\n", 414 hdr->addr2); 415 #endif 416 tkey->dot11RSNAStatsTKIPICVErrors++; 417 return -5; 418 } 419 420 /* Update real counters only after Michael MIC verification has 421 * completed */ 422 tkey->rx_iv32_new = iv32; 423 tkey->rx_iv16_new = iv16; 424 425 /* Remove IV and ICV */ 426 memmove(skb->data + TKIP_HDR_LEN, skb->data, hdr_len); 427 skb_pull(skb, TKIP_HDR_LEN); 428 skb_trim(skb, skb->len - 4); 429 430 return keyidx; 431 } 432 433 static int libipw_michael_mic_add(struct sk_buff *skb, int hdr_len, 434 void *priv) 435 { 436 struct libipw_tkip_data *tkey = priv; 437 u8 *pos; 438 439 if (skb_tailroom(skb) < 8 || skb->len < hdr_len) { 440 printk(KERN_DEBUG "Invalid packet for Michael MIC add " 441 "(tailroom=%d hdr_len=%d skb->len=%d)\n", 442 skb_tailroom(skb), hdr_len, skb->len); 443 return -1; 444 } 445 446 pos = skb_put(skb, 8); 447 michael_mic(&tkey->key[16], (struct ieee80211_hdr *)skb->data, 448 skb->data + hdr_len, skb->len - 8 - hdr_len, pos); 449 return 0; 450 } 451 452 static void libipw_michael_mic_failure(struct net_device *dev, 453 struct ieee80211_hdr *hdr, 454 int keyidx) 455 { 456 union iwreq_data wrqu; 457 struct iw_michaelmicfailure ev; 458 459 /* TODO: needed parameters: count, keyid, key type, TSC */ 460 memset(&ev, 0, sizeof(ev)); 461 ev.flags = keyidx & IW_MICFAILURE_KEY_ID; 462 if (hdr->addr1[0] & 0x01) 463 ev.flags |= IW_MICFAILURE_GROUP; 464 else 465 ev.flags |= IW_MICFAILURE_PAIRWISE; 466 ev.src_addr.sa_family = ARPHRD_ETHER; 467 memcpy(ev.src_addr.sa_data, hdr->addr2, ETH_ALEN); 468 memset(&wrqu, 0, sizeof(wrqu)); 469 wrqu.data.length = sizeof(ev); 470 wireless_send_event(dev, IWEVMICHAELMICFAILURE, &wrqu, (char *)&ev); 471 } 472 473 static int libipw_michael_mic_verify(struct sk_buff *skb, int keyidx, 474 int hdr_len, void *priv) 475 { 476 struct libipw_tkip_data *tkey = priv; 477 u8 mic[8]; 478 479 if (!tkey->key_set) 480 return -1; 481 482 michael_mic(&tkey->key[24], (struct ieee80211_hdr *)skb->data, 483 skb->data + hdr_len, skb->len - 8 - hdr_len, mic); 484 if (memcmp(mic, skb->data + skb->len - 8, 8) != 0) { 485 struct ieee80211_hdr *hdr; 486 hdr = (struct ieee80211_hdr *)skb->data; 487 printk(KERN_DEBUG "%s: Michael MIC verification failed for " 488 "MSDU from %pM keyidx=%d\n", 489 skb->dev ? skb->dev->name : "N/A", hdr->addr2, 490 keyidx); 491 if (skb->dev) 492 libipw_michael_mic_failure(skb->dev, hdr, keyidx); 493 tkey->dot11RSNAStatsTKIPLocalMICFailures++; 494 return -1; 495 } 496 497 /* Update TSC counters for RX now that the packet verification has 498 * completed. */ 499 tkey->rx_iv32 = tkey->rx_iv32_new; 500 tkey->rx_iv16 = tkey->rx_iv16_new; 501 502 skb_trim(skb, skb->len - 8); 503 504 return 0; 505 } 506 507 static int libipw_tkip_set_key(void *key, int len, u8 * seq, void *priv) 508 { 509 struct libipw_tkip_data *tkey = priv; 510 int keyidx; 511 struct arc4_ctx *tfm2 = &tkey->tx_ctx_arc4; 512 struct arc4_ctx *tfm4 = &tkey->rx_ctx_arc4; 513 514 keyidx = tkey->key_idx; 515 memset(tkey, 0, sizeof(*tkey)); 516 tkey->key_idx = keyidx; 517 tkey->tx_ctx_arc4 = *tfm2; 518 tkey->rx_ctx_arc4 = *tfm4; 519 if (len == TKIP_KEY_LEN) { 520 memcpy(tkey->key, key, TKIP_KEY_LEN); 521 tkey->key_set = 1; 522 tkey->tx_iv16 = 1; /* TSC is initialized to 1 */ 523 if (seq) { 524 tkey->rx_iv32 = (seq[5] << 24) | (seq[4] << 16) | 525 (seq[3] << 8) | seq[2]; 526 tkey->rx_iv16 = (seq[1] << 8) | seq[0]; 527 } 528 } else if (len == 0) 529 tkey->key_set = 0; 530 else 531 return -1; 532 533 return 0; 534 } 535 536 static int libipw_tkip_get_key(void *key, int len, u8 * seq, void *priv) 537 { 538 struct libipw_tkip_data *tkey = priv; 539 540 if (len < TKIP_KEY_LEN) 541 return -1; 542 543 if (!tkey->key_set) 544 return 0; 545 memcpy(key, tkey->key, TKIP_KEY_LEN); 546 547 if (seq) { 548 /* 549 * Not clear if this should return the value as is 550 * or - as the code previously seemed to partially 551 * have been written as - subtract one from it. It 552 * was working this way for a long time so leave it. 553 */ 554 seq[0] = tkey->tx_iv16; 555 seq[1] = tkey->tx_iv16 >> 8; 556 seq[2] = tkey->tx_iv32; 557 seq[3] = tkey->tx_iv32 >> 8; 558 seq[4] = tkey->tx_iv32 >> 16; 559 seq[5] = tkey->tx_iv32 >> 24; 560 } 561 562 return TKIP_KEY_LEN; 563 } 564 565 static void libipw_tkip_print_stats(struct seq_file *m, void *priv) 566 { 567 struct libipw_tkip_data *tkip = priv; 568 seq_printf(m, 569 "key[%d] alg=TKIP key_set=%d " 570 "tx_pn=%02x%02x%02x%02x%02x%02x " 571 "rx_pn=%02x%02x%02x%02x%02x%02x " 572 "replays=%d icv_errors=%d local_mic_failures=%d\n", 573 tkip->key_idx, tkip->key_set, 574 (tkip->tx_iv32 >> 24) & 0xff, 575 (tkip->tx_iv32 >> 16) & 0xff, 576 (tkip->tx_iv32 >> 8) & 0xff, 577 tkip->tx_iv32 & 0xff, 578 (tkip->tx_iv16 >> 8) & 0xff, 579 tkip->tx_iv16 & 0xff, 580 (tkip->rx_iv32 >> 24) & 0xff, 581 (tkip->rx_iv32 >> 16) & 0xff, 582 (tkip->rx_iv32 >> 8) & 0xff, 583 tkip->rx_iv32 & 0xff, 584 (tkip->rx_iv16 >> 8) & 0xff, 585 tkip->rx_iv16 & 0xff, 586 tkip->dot11RSNAStatsTKIPReplays, 587 tkip->dot11RSNAStatsTKIPICVErrors, 588 tkip->dot11RSNAStatsTKIPLocalMICFailures); 589 } 590 591 static const struct libipw_crypto_ops libipw_crypt_tkip = { 592 .name = "TKIP", 593 .init = libipw_tkip_init, 594 .deinit = libipw_tkip_deinit, 595 .encrypt_mpdu = libipw_tkip_encrypt, 596 .decrypt_mpdu = libipw_tkip_decrypt, 597 .encrypt_msdu = libipw_michael_mic_add, 598 .decrypt_msdu = libipw_michael_mic_verify, 599 .set_key = libipw_tkip_set_key, 600 .get_key = libipw_tkip_get_key, 601 .print_stats = libipw_tkip_print_stats, 602 .extra_mpdu_prefix_len = 4 + 4, /* IV + ExtIV */ 603 .extra_mpdu_postfix_len = 4, /* ICV */ 604 .extra_msdu_postfix_len = 8, /* MIC */ 605 .get_flags = libipw_tkip_get_flags, 606 .set_flags = libipw_tkip_set_flags, 607 .owner = THIS_MODULE, 608 }; 609 610 int __init libipw_crypto_tkip_init(void) 611 { 612 return libipw_register_crypto_ops(&libipw_crypt_tkip); 613 } 614 615 void libipw_crypto_tkip_exit(void) 616 { 617 libipw_unregister_crypto_ops(&libipw_crypt_tkip); 618 } 619