[PATCH 2/2] Format TKIP key in the right order
Eugene Krasnikov
k.eugene.e at gmail.com
Tue Jun 25 11:10:53 EDT 2013
Supplicant is sending TKIP key in the wrong format:
Temporal Key (16 bytes) - TX MIC (8 bytes) - RX MIC (8 bytes)
But HW is expecting TKIP key in another order:
Temporal Key (16 bytes) - RX MIC (8 bytes) - TX MIC (8 bytes)
As a result connection to AP will fail. So make sure key is
transferred properly.
Signed-off-by: Eugene Krasnikov <k.eugene.e at gmail.com>
---
smd.c | 35 ++++++++++++++++++++++++++++++++---
1 file changed, 32 insertions(+), 3 deletions(-)
diff --git a/smd.c b/smd.c
index 1f64a67..d07a2c5 100644
--- a/smd.c
+++ b/smd.c
@@ -959,7 +959,24 @@ int wcn36xx_smd_set_stakey(struct wcn36xx *wcn,
msg_body.set_sta_key_params.key[0].direction = WCN36XX_HAL_TX_RX;
msg_body.set_sta_key_params.key[0].pae_role = 0;
msg_body.set_sta_key_params.key[0].length = keylen;
- memcpy(msg_body.set_sta_key_params.key[0].key, key, keylen);
+ if (WCN36XX_HAL_ED_TKIP == enc_type) {
+ /*
+ * Supplicant is sending key in the wrong order like this:
+ * Temporal Key (16 bytes) - TX MIC (8 bytes) - RX MIC (8 bytes)
+ * but HW expects it to be in the order as described in
+ * IEEE 802.11 spec (see chapter 11.7) like this:
+ * Temporal Key (16 bytes) - RX MIC (8 bytes) - TX MIC (8 bytes)
+ */
+ memcpy(msg_body.set_sta_key_params.key[0].key, key, 16);
+ memcpy(msg_body.set_sta_key_params.key[0].key + 16,
+ key + 24,
+ 8);
+ memcpy(msg_body.set_sta_key_params.key[0].key + 24,
+ key + 16,
+ 8);
+ } else {
+ memcpy(msg_body.set_sta_key_params.key[0].key, key, keylen);
+ }
msg_body.set_sta_key_params.single_tid_rc = 1;
PREPARE_HAL_BUF(wcn->smd_buf, msg_body);
@@ -984,8 +1001,20 @@ int wcn36xx_smd_set_bsskey(struct wcn36xx *wcn,
msg_body.keys[0].direction = WCN36XX_HAL_RX_ONLY;
msg_body.keys[0].pae_role = 0;
msg_body.keys[0].length = keylen;
- memcpy(msg_body.keys[0].key, key, keylen);
-
+ if (WCN36XX_HAL_ED_TKIP == enc_type) {
+ /*
+ * Supplicant is sending key in the wrong order like this:
+ * Temporal Key (16 bytes) - TX MIC (8 bytes) - RX MIC (8 bytes)
+ * but HW expects it to be in the order as described in
+ * IEEE 802.11 spec (see chapter 11.7) like this:
+ * Temporal Key (16 bytes) - RX MIC (8 bytes) - TX MIC (8 bytes)
+ */
+ memcpy(msg_body.keys[0].key, key, 16);
+ memcpy(msg_body.keys[0].key + 16, key + 24, 8);
+ memcpy(msg_body.keys[0].key + 24, key + 16, 8);
+ } else {
+ memcpy(msg_body.keys[0].key, key, keylen);
+ }
PREPARE_HAL_BUF(wcn->smd_buf, msg_body);
return wcn36xx_smd_send_and_wait(wcn, msg_body.header.len);
--
1.7.11.3
More information about the wcn36xx
mailing list