[PATCH 2/2] Format TKIP key in the right order
Eugene Krasnikov
k.eugene.e at gmail.com
Wed Jun 26 03:06:42 EDT 2013
It's all because i am scrooge in my nature:) if we do it in set_key
ops then memory for the key must be allocated. But since it is not a
hot path it's better to do it there to make code look more compact.
2013/6/26 Olof Johansson <dev at skyshaper.net>:
> On Tue, Jun 25, 2013 at 5:10 PM, Eugene Krasnikov <k.eugene.e at gmail.com> wrote:
>> Supplicant is sending TKIP key in the wrong format:
>> Temporal Key (16 bytes) - TX MIC (8 bytes) - RX MIC (8 bytes)
>> But HW is expecting TKIP key in another order:
>> Temporal Key (16 bytes) - RX MIC (8 bytes) - TX MIC (8 bytes)
>> As a result connection to AP will fail. So make sure key is
>> transferred properly.
>>
>> Signed-off-by: Eugene Krasnikov <k.eugene.e at gmail.com>
>> ---
>> smd.c | 35 ++++++++++++++++++++++++++++++++---
>> 1 file changed, 32 insertions(+), 3 deletions(-)
>>
>> diff --git a/smd.c b/smd.c
>> index 1f64a67..d07a2c5 100644
>> --- a/smd.c
>> +++ b/smd.c
>> @@ -959,7 +959,24 @@ int wcn36xx_smd_set_stakey(struct wcn36xx *wcn,
>> msg_body.set_sta_key_params.key[0].direction = WCN36XX_HAL_TX_RX;
>> msg_body.set_sta_key_params.key[0].pae_role = 0;
>> msg_body.set_sta_key_params.key[0].length = keylen;
>> - memcpy(msg_body.set_sta_key_params.key[0].key, key, keylen);
>> + if (WCN36XX_HAL_ED_TKIP == enc_type) {
>> + /*
>> + * Supplicant is sending key in the wrong order like this:
>> + * Temporal Key (16 bytes) - TX MIC (8 bytes) - RX MIC (8 bytes)
>> + * but HW expects it to be in the order as described in
>> + * IEEE 802.11 spec (see chapter 11.7) like this:
>> + * Temporal Key (16 bytes) - RX MIC (8 bytes) - TX MIC (8 bytes)
>> + */
>> + memcpy(msg_body.set_sta_key_params.key[0].key, key, 16);
>> + memcpy(msg_body.set_sta_key_params.key[0].key + 16,
>> + key + 24,
>> + 8);
>> + memcpy(msg_body.set_sta_key_params.key[0].key + 24,
>> + key + 16,
>> + 8);
>> + } else {
>> + memcpy(msg_body.set_sta_key_params.key[0].key, key, keylen);
>> + }
>> msg_body.set_sta_key_params.single_tid_rc = 1;
>>
>> PREPARE_HAL_BUF(wcn->smd_buf, msg_body);
>> @@ -984,8 +1001,20 @@ int wcn36xx_smd_set_bsskey(struct wcn36xx *wcn,
>> msg_body.keys[0].direction = WCN36XX_HAL_RX_ONLY;
>> msg_body.keys[0].pae_role = 0;
>> msg_body.keys[0].length = keylen;
>> - memcpy(msg_body.keys[0].key, key, keylen);
>> -
>> + if (WCN36XX_HAL_ED_TKIP == enc_type) {
>> + /*
>> + * Supplicant is sending key in the wrong order like this:
>> + * Temporal Key (16 bytes) - TX MIC (8 bytes) - RX MIC (8 bytes)
>> + * but HW expects it to be in the order as described in
>> + * IEEE 802.11 spec (see chapter 11.7) like this:
>> + * Temporal Key (16 bytes) - RX MIC (8 bytes) - TX MIC (8 bytes)
>> + */
>> + memcpy(msg_body.keys[0].key, key, 16);
>> + memcpy(msg_body.keys[0].key + 16, key + 24, 8);
>> + memcpy(msg_body.keys[0].key + 24, key + 16, 8);
>> + } else {
>> + memcpy(msg_body.keys[0].key, key, keylen);
>> + }
>> PREPARE_HAL_BUF(wcn->smd_buf, msg_body);
>>
>> return wcn36xx_smd_send_and_wait(wcn, msg_body.header.len);
>
> If we put this in the set_key function in main.c instead we'll only
> have it once instead of twice. We have no use for keeping the
> supplicant formatting of the key inside the driver anyway.
>
> Cheers
> --
> Olof
--
Best regards,
Eugene
More information about the wcn36xx
mailing list