iPXE
Data Structures | Defines | Functions | Variables
wpa_tkip.c File Reference

Backend for WPA using the TKIP encryption standard. More...

#include <string.h>
#include <ipxe/net80211.h>
#include <ipxe/crypto.h>
#include <ipxe/hmac.h>
#include <ipxe/sha1.h>
#include <ipxe/md5.h>
#include <ipxe/crc32.h>
#include <ipxe/arc4.h>
#include <ipxe/wpa.h>
#include <byteswap.h>
#include <errno.h>

Go to the source code of this file.

Data Structures

struct  tkip_dir_ctx
 Context for one direction of TKIP, either encryption or decryption. More...
struct  tkip_ctx
 Context for TKIP encryption and decryption. More...
struct  tkip_head
 Header structure at the beginning of TKIP frame data. More...

Defines

#define TKIP_HEAD_LEN   8
 TKIP header overhead (IV + KID + ExtIV)
#define TKIP_FOOT_LEN   12
 TKIP trailer overhead (MIC + ICV) [assumes unfragmented].
#define TKIP_MIC_LEN   8
 TKIP MIC length.
#define TKIP_ICV_LEN   4
 TKIP ICV length.

Functions

 FILE_LICENCE (GPL2_OR_LATER)
static u16 S (u16 v)
 Perform S-box mapping on a 16-bit value.
static u16 ror16 (u16 v, int bits)
 Rotate 16-bit value right.
static u32 ror32 (u32 v, int bits)
 Rotate 32-bit value right.
static u32 rol32 (u32 v, int bits)
 Rotate 32-bit value left.
static int tkip_init (struct net80211_crypto *crypto, const void *key, int keylen, const void *rsc)
 Initialise TKIP state and install key.
static void tkip_mix_1 (struct tkip_dir_ctx *dctx, struct tkip_tk *tk, u8 *mac)
 Perform TKIP key mixing, phase 1.
static void tkip_mix_2 (struct tkip_dir_ctx *dctx, struct tkip_tk *tk, void *key)
 Perform TKIP key mixing, phase 2.
static void tkip_feed_michael (u32 *V, u32 word)
 Update Michael message integrity code based on next 32-bit word of data.
static void tkip_michael (const void *key, const void *da, const void *sa, const void *data, size_t len, void *mic)
 Calculate Michael message integrity code.
static struct io_buffertkip_encrypt (struct net80211_crypto *crypto, struct io_buffer *iob)
 Encrypt a packet using TKIP.
static struct io_buffertkip_decrypt (struct net80211_crypto *crypto, struct io_buffer *eiob)
 Decrypt a packet using TKIP.
static void tkip_kie_mic (const void *kck, const void *msg, size_t len, void *mic)
 Calculate HMAC-MD5 MIC for EAPOL-Key frame.
static int tkip_kie_decrypt (const void *kek, const void *iv, void *msg, u16 *len)
 Decrypt key data in EAPOL-Key frame.

Variables

static const u16 Sbox [256]
 TKIP S-box.
struct net80211_crypto tkip_crypto __net80211_crypto
 TKIP cryptosystem.
struct wpa_kie tkip_kie __wpa_kie
 TKIP-style key integrity and encryption handler.

Detailed Description

Backend for WPA using the TKIP encryption standard.

Definition in file wpa_tkip.c.


Define Documentation

#define TKIP_HEAD_LEN   8

TKIP header overhead (IV + KID + ExtIV)

Definition at line 83 of file wpa_tkip.c.

Referenced by tkip_decrypt(), and tkip_encrypt().

#define TKIP_FOOT_LEN   12

TKIP trailer overhead (MIC + ICV) [assumes unfragmented].

Definition at line 86 of file wpa_tkip.c.

Referenced by tkip_decrypt(), and tkip_encrypt().

#define TKIP_MIC_LEN   8

TKIP MIC length.

Definition at line 89 of file wpa_tkip.c.

Referenced by tkip_decrypt().

#define TKIP_ICV_LEN   4

TKIP ICV length.

Definition at line 92 of file wpa_tkip.c.

Referenced by tkip_encrypt().


Function Documentation

FILE_LICENCE ( GPL2_OR_LATER  )
static u16 S ( u16  v) [inline, static]

Perform S-box mapping on a 16-bit value.

Parameters:
vValue to perform S-box mapping on
Return values:
SvS-box mapped value

Definition at line 137 of file wpa_tkip.c.

References bswap_16.

Referenced by arc4_setkey(), arc4_xor(), ccmp_ctr_xor(), tkip_mix_1(), and tkip_mix_2().

{
        return Sbox[v & 0xFF] ^ bswap_16 ( Sbox[v >> 8] );
}
static u16 ror16 ( u16  v,
int  bits 
) [inline, static]

Rotate 16-bit value right.

Parameters:
vValue to rotate
bitsNumber of bits to rotate by
Return values:
rotvRotated value

Definition at line 149 of file wpa_tkip.c.

Referenced by tkip_mix_2().

{
        return ( v >> bits ) | ( v << ( 16 - bits ) );
}
static u32 ror32 ( u32  v,
int  bits 
) [inline, static]

Rotate 32-bit value right.

Parameters:
vValue to rotate
bitsNumber of bits to rotate by
Return values:
rotvRotated value

Definition at line 161 of file wpa_tkip.c.

Referenced by sha256_digest(), and tkip_feed_michael().

{
        return ( v >> bits ) | ( v << ( 32 - bits ) );
}
static u32 rol32 ( u32  v,
int  bits 
) [inline, static]

Rotate 32-bit value left.

Parameters:
vValue to rotate
bitsNumber of bits to rotate by
Return values:
rotvRotated value

Definition at line 173 of file wpa_tkip.c.

Referenced by aes_key_sbox(), md4_digest(), md5_digest(), sha1_digest(), and tkip_feed_michael().

{
        return ( v << bits ) | ( v >> ( 32 - bits ) );
}
static int tkip_init ( struct net80211_crypto crypto,
const void *  key,
int  keylen,
const void *  rsc 
) [static]

Initialise TKIP state and install key.

Parameters:
cryptoTKIP cryptosystem structure
keyPointer to tkip_tk to install
keylenLength of key (32 bytes)
rscInitial receive sequence counter

Definition at line 187 of file wpa_tkip.c.

References ctx, tkip_ctx::dec, EINVAL, memcpy(), net80211_crypto::priv, rsc, tkip_ctx::tk, tkip_dir_ctx::tsc_hi, and tkip_dir_ctx::tsc_lo.

{
        struct tkip_ctx *ctx = crypto->priv;
        const u8 *rscb = rsc;

        if ( keylen != sizeof ( ctx->tk ) )
                return -EINVAL;

        if ( rscb ) {
                ctx->dec.tsc_lo =   ( rscb[1] <<  8 ) |   rscb[0];
                ctx->dec.tsc_hi = ( ( rscb[5] << 24 ) | ( rscb[4] << 16 ) |
                                    ( rscb[3] <<  8 ) |   rscb[2] );
        }

        memcpy ( &ctx->tk, key, sizeof ( ctx->tk ) );

        return 0;
}
static void tkip_mix_1 ( struct tkip_dir_ctx dctx,
struct tkip_tk tk,
u8 mac 
) [static]

Perform TKIP key mixing, phase 1.

Parameters:
dctxTKIP directional context
tkTKIP temporal key
macMAC address of transmitter

This recomputes the TTAK in dctx if necessary, and sets dctx->ttak_ok.

Definition at line 217 of file wpa_tkip.c.

References ETH_ALEN, tkip_tk::key, tkip_dir_ctx::mac, memcmp(), memcpy(), S(), tkip_dir_ctx::tsc_hi, tkip_dir_ctx::ttak, and tkip_dir_ctx::ttak_ok.

Referenced by tkip_decrypt(), and tkip_encrypt().

{
        int i, j;

        if ( dctx->ttak_ok && ! memcmp ( mac, dctx->mac, ETH_ALEN ) )
                return;

        memcpy ( dctx->mac, mac, ETH_ALEN );

        dctx->ttak[0] = dctx->tsc_hi & 0xFFFF;
        dctx->ttak[1] = dctx->tsc_hi >> 16;
        dctx->ttak[2] = ( mac[1] << 8 ) | mac[0];
        dctx->ttak[3] = ( mac[3] << 8 ) | mac[2];
        dctx->ttak[4] = ( mac[5] << 8 ) | mac[4];

        for ( i = 0; i < 8; i++ ) {
                j = 2 * ( i & 1 );

                dctx->ttak[0] += S ( dctx->ttak[4] ^ ( ( tk->key[1 + j] << 8 ) |
                                                         tk->key[0 + j] ) );
                dctx->ttak[1] += S ( dctx->ttak[0] ^ ( ( tk->key[5 + j] << 8 ) |
                                                         tk->key[4 + j] ) );
                dctx->ttak[2] += S ( dctx->ttak[1] ^ ( ( tk->key[9 + j] << 8 ) |
                                                         tk->key[8 + j] ) );
                dctx->ttak[3] += S ( dctx->ttak[2] ^ ( ( tk->key[13+ j] << 8 ) |
                                                         tk->key[12+ j] ) );
                dctx->ttak[4] += S ( dctx->ttak[3] ^ ( ( tk->key[1 + j] << 8 ) |
                                                         tk->key[0 + j] ) ) + i;
        }

        dctx->ttak_ok = 1;
}
static void tkip_mix_2 ( struct tkip_dir_ctx dctx,
struct tkip_tk tk,
void *  key 
) [static]

Perform TKIP key mixing, phase 2.

Parameters:
dctxTKIP directional context
tkTKIP temporal key
Return values:
keyARC4 key, 16 bytes long

Definition at line 257 of file wpa_tkip.c.

References tkip_tk::key, key, memcpy(), ror16(), S(), tkip_dir_ctx::tsc_lo, and tkip_dir_ctx::ttak.

Referenced by tkip_decrypt(), and tkip_encrypt().

{
        u8 *kb = key;
        u16 ppk[6];
        int i;

        memcpy ( ppk, dctx->ttak, sizeof ( dctx->ttak ) );
        ppk[5] = dctx->ttak[4] + dctx->tsc_lo;

        ppk[0] += S ( ppk[5] ^ ( ( tk->key[1] << 8 ) | tk->key[0] ) );
        ppk[1] += S ( ppk[0] ^ ( ( tk->key[3] << 8 ) | tk->key[2] ) );
        ppk[2] += S ( ppk[1] ^ ( ( tk->key[5] << 8 ) | tk->key[4] ) );
        ppk[3] += S ( ppk[2] ^ ( ( tk->key[7] << 8 ) | tk->key[6] ) );
        ppk[4] += S ( ppk[3] ^ ( ( tk->key[9] << 8 ) | tk->key[8] ) );
        ppk[5] += S ( ppk[4] ^ ( ( tk->key[11] << 8 ) | tk->key[10] ) );

        ppk[0] += ror16 ( ppk[5] ^ ( ( tk->key[13] << 8 ) | tk->key[12] ), 1 );
        ppk[1] += ror16 ( ppk[0] ^ ( ( tk->key[15] << 8 ) | tk->key[14] ), 1 );
        ppk[2] += ror16 ( ppk[1], 1 );
        ppk[3] += ror16 ( ppk[2], 1 );
        ppk[4] += ror16 ( ppk[3], 1 );
        ppk[5] += ror16 ( ppk[4], 1 );

        kb[0] = dctx->tsc_lo >> 8;
        kb[1] = ( ( dctx->tsc_lo >> 8 ) | 0x20 ) & 0x7F;
        kb[2] = dctx->tsc_lo & 0xFF;
        kb[3] = ( ( ppk[5] ^ ( ( tk->key[1] << 8 ) | tk->key[0] ) ) >> 1 )
                & 0xFF;

        for ( i = 0; i < 6; i++ ) {
                kb[4 + 2*i] = ppk[i] & 0xFF;
                kb[5 + 2*i] = ppk[i] >> 8;
        }
}
static void tkip_feed_michael ( u32 V,
u32  word 
) [static]

Update Michael message integrity code based on next 32-bit word of data.

Parameters:
VMichael code state (two 32-bit words)
wordNext 32-bit word of data

Definition at line 299 of file wpa_tkip.c.

References rol32(), and ror32().

Referenced by tkip_michael().

{
        V[0] ^= word;
        V[1] ^= rol32 ( V[0], 17 );
        V[0] += V[1];
        V[1] ^= ( ( V[0] & 0xFF00FF00 ) >> 8 ) | ( ( V[0] & 0x00FF00FF ) << 8 );
        V[0] += V[1];
        V[1] ^= rol32 ( V[0], 3 );
        V[0] += V[1];
        V[1] ^= ror32 ( V[0], 2 );
        V[0] += V[1];
}
static void tkip_michael ( const void *  key,
const void *  da,
const void *  sa,
const void *  data,
size_t  len,
void *  mic 
) [static]

Calculate Michael message integrity code.

Parameters:
keyMIC key to use (8 bytes)
daDestination link-layer address
saSource link-layer address
dataStart of data to calculate over
lenLength of header + data
Return values:
micCalculated Michael MIC (8 bytes)

Definition at line 322 of file wpa_tkip.c.

References byte, cpu_to_le32, data, end, ETH_ALEN, le32_to_cpu, len, memcpy(), and tkip_feed_michael().

Referenced by tkip_decrypt(), and tkip_encrypt().

{
        u32 V[2];               /* V[0] = "l", V[1] = "r" in 802.11 */
        union {
                u8 byte[12];
                u32 word[3];
        } cap;
        const u8 *ptr = data;
        const u8 *end = ptr + len;
        int i;

        memcpy ( V, key, sizeof ( V ) );
        V[0] = le32_to_cpu ( V[0] );
        V[1] = le32_to_cpu ( V[1] );

        /* Feed in header (we assume non-QoS, so Priority = 0) */
        memcpy ( &cap.byte[0], da, ETH_ALEN );
        memcpy ( &cap.byte[6], sa, ETH_ALEN );
        tkip_feed_michael ( V, le32_to_cpu ( cap.word[0] ) );
        tkip_feed_michael ( V, le32_to_cpu ( cap.word[1] ) );
        tkip_feed_michael ( V, le32_to_cpu ( cap.word[2] ) );
        tkip_feed_michael ( V, 0 );

        /* Feed in data */
        while ( ptr + 4 <= end ) {
                tkip_feed_michael ( V, le32_to_cpu ( *( u32 * ) ptr ) );
                ptr += 4;
        }

        /* Add unaligned part and padding */
        for ( i = 0; ptr < end; i++ )
                cap.byte[i] = *ptr++;
        cap.byte[i++] = 0x5a;
        for ( ; i < 8; i++ )
                cap.byte[i] = 0;

        /* Feed in padding */
        tkip_feed_michael ( V, le32_to_cpu ( cap.word[0] ) );
        tkip_feed_michael ( V, le32_to_cpu ( cap.word[1] ) );

        /* Output MIC */
        V[0] = cpu_to_le32 ( V[0] );
        V[1] = cpu_to_le32 ( V[1] );
        memcpy ( mic, V, sizeof ( V ) );
}
static struct io_buffer* tkip_encrypt ( struct net80211_crypto crypto,
struct io_buffer iob 
) [static, read]

Encrypt a packet using TKIP.

Parameters:
cryptoTKIP cryptosystem
iobI/O buffer containing cleartext packet
Return values:
eiobI/O buffer containing encrypted packet

Definition at line 376 of file wpa_tkip.c.

References ieee80211_frame::addr2, ieee80211_frame::addr3, alloc_iob(), arc4_algorithm, cipher_encrypt, cipher_setkey(), cpu_to_le32, crc32_le(), ctx, io_buffer::data, datalen, DBGC2, tkip_ctx::enc, ieee80211_frame::fc, hdr, IEEE80211_FC_PROTECTED, IEEE80211_TYP_FRAME_HEADER_LEN, iob_len(), iob_put, key, tkip_head::kid, memcpy(), mic, NULL, net80211_crypto::priv, tkip_ctx::tk, TKIP_FOOT_LEN, TKIP_HEAD_LEN, TKIP_ICV_LEN, tkip_michael(), tkip_mix_1(), tkip_mix_2(), tkip_dir_ctx::tsc_hi, tkip_head::tsc_hi, tkip_dir_ctx::tsc_lo, tkip_dir_ctx::ttak_ok, and tkip_tk::tx.

{
        struct tkip_ctx *ctx = crypto->priv;
        struct ieee80211_frame *hdr = iob->data;
        struct io_buffer *eiob;
        struct arc4_ctx arc4;
        u8 key[16];
        struct tkip_head head;
        u8 mic[8];
        u32 icv;
        const int hdrlen = IEEE80211_TYP_FRAME_HEADER_LEN;
        int datalen = iob_len ( iob ) - hdrlen;

        ctx->enc.tsc_lo++;
        if ( ctx->enc.tsc_lo == 0 ) {
                ctx->enc.tsc_hi++;
                ctx->enc.ttak_ok = 0;
        }

        tkip_mix_1 ( &ctx->enc, &ctx->tk, hdr->addr2 );
        tkip_mix_2 ( &ctx->enc, &ctx->tk, key );

        eiob = alloc_iob ( iob_len ( iob ) + TKIP_HEAD_LEN + TKIP_FOOT_LEN );
        if ( ! eiob )
                return NULL;

        /* Copy frame header */
        memcpy ( iob_put ( eiob, hdrlen ), iob->data, hdrlen );
        hdr = eiob->data;
        hdr->fc |= IEEE80211_FC_PROTECTED;

        /* Fill in IV and key ID byte, and extended IV */
        memcpy ( &head, key, 3 );
        head.kid = 0x20;                /* have Extended IV, key ID 0 */
        head.tsc_hi = cpu_to_le32 ( ctx->enc.tsc_hi );
        memcpy ( iob_put ( eiob, sizeof ( head ) ), &head, sizeof ( head ) );

        /* Copy and encrypt the data */
        cipher_setkey ( &arc4_algorithm, &arc4, key, 16 );
        cipher_encrypt ( &arc4_algorithm, &arc4, iob->data + hdrlen,
                         iob_put ( eiob, datalen ), datalen );

        /* Add MIC */
        hdr = iob->data;
        tkip_michael ( &ctx->tk.mic.tx, hdr->addr3, hdr->addr2,
                       iob->data + hdrlen, datalen, mic );
        cipher_encrypt ( &arc4_algorithm, &arc4, mic,
                         iob_put ( eiob, sizeof ( mic ) ), sizeof ( mic ) );

        /* Add ICV */
        icv = crc32_le ( ~0, iob->data + hdrlen, datalen );
        icv = crc32_le ( icv, mic, sizeof ( mic ) );
        icv = cpu_to_le32 ( ~icv );
        cipher_encrypt ( &arc4_algorithm, &arc4, &icv,
                         iob_put ( eiob, TKIP_ICV_LEN ), TKIP_ICV_LEN );

        DBGC2 ( ctx, "WPA-TKIP %p: encrypted packet %p -> %p\n", ctx,
                iob, eiob );

        return eiob;
}
static struct io_buffer* tkip_decrypt ( struct net80211_crypto crypto,
struct io_buffer eiob 
) [static, read]

Decrypt a packet using TKIP.

Parameters:
cryptoTKIP cryptosystem
eiobI/O buffer containing encrypted packet
Return values:
iobI/O buffer containing cleartext packet

Definition at line 446 of file wpa_tkip.c.

References ieee80211_frame::addr1, ieee80211_frame::addr2, ieee80211_frame::addr3, alloc_iob(), arc4_algorithm, cipher_decrypt, cipher_setkey(), crc32_le(), ctx, io_buffer::data, datalen, DBGC, DBGC2, tkip_ctx::dec, ieee80211_frame::fc, free_iob(), hdr, head, IEEE80211_FC_PROTECTED, IEEE80211_TYP_FRAME_HEADER_LEN, iob_len(), iob_put, key, le32_to_cpu, memcmp(), memcpy(), mic, NULL, net80211_crypto::priv, tkip_tk::rx, io_buffer::tail, tkip_ctx::tk, TKIP_FOOT_LEN, TKIP_HEAD_LEN, TKIP_MIC_LEN, tkip_michael(), tkip_mix_1(), tkip_mix_2(), tkip_head::tsc0, tkip_head::tsc1, tkip_dir_ctx::tsc_hi, tkip_head::tsc_hi, tkip_dir_ctx::tsc_lo, and tkip_dir_ctx::ttak_ok.

{
        struct tkip_ctx *ctx = crypto->priv;
        struct ieee80211_frame *hdr;
        struct io_buffer *iob;
        const int hdrlen = IEEE80211_TYP_FRAME_HEADER_LEN;
        int datalen = iob_len ( eiob ) - hdrlen - TKIP_HEAD_LEN - TKIP_FOOT_LEN;
        struct tkip_head *head;
        struct arc4_ctx arc4;
        u16 rx_tsc_lo;
        u8 key[16];
        u8 mic[8];
        u32 icv, crc;

        iob = alloc_iob ( hdrlen + datalen + TKIP_FOOT_LEN );
        if ( ! iob )
                return NULL;

        /* Copy frame header */
        memcpy ( iob_put ( iob, hdrlen ), eiob->data, hdrlen );
        hdr = iob->data;
        hdr->fc &= ~IEEE80211_FC_PROTECTED;

        /* Check and update TSC */
        head = eiob->data + hdrlen;
        rx_tsc_lo = ( head->tsc1 << 8 ) | head->tsc0;

        if ( head->tsc_hi < ctx->dec.tsc_hi ||
             ( head->tsc_hi == ctx->dec.tsc_hi &&
               rx_tsc_lo <= ctx->dec.tsc_lo ) ) {
                DBGC ( ctx, "WPA-TKIP %p: packet received out of order "
                       "(%08x:%04x <= %08x:%04x)\n", ctx, head->tsc_hi,
                       rx_tsc_lo, ctx->dec.tsc_hi, ctx->dec.tsc_lo );
                free_iob ( iob );
                return NULL;
        }
        ctx->dec.tsc_lo = rx_tsc_lo;
        if ( ctx->dec.tsc_hi != head->tsc_hi ) {
                ctx->dec.ttak_ok = 0;
                ctx->dec.tsc_hi = head->tsc_hi;
        }

        /* Calculate key */
        tkip_mix_1 ( &ctx->dec, &ctx->tk, hdr->addr2 );
        tkip_mix_2 ( &ctx->dec, &ctx->tk, key );

        /* Copy-decrypt data, MIC, ICV */
        cipher_setkey ( &arc4_algorithm, &arc4, key, 16 );
        cipher_decrypt ( &arc4_algorithm, &arc4,
                         eiob->data + hdrlen + TKIP_HEAD_LEN,
                         iob_put ( iob, datalen ), datalen + TKIP_FOOT_LEN );

        /* Check ICV */
        icv = le32_to_cpu ( *( u32 * ) ( iob->tail + TKIP_MIC_LEN ) );
        crc = ~crc32_le ( ~0, iob->data + hdrlen, datalen + TKIP_MIC_LEN );
        if ( crc != icv ) {
                DBGC ( ctx, "WPA-TKIP %p CRC mismatch: expect %08x, get %08x\n",
                       ctx, icv, crc );
                free_iob ( iob );
                return NULL;
        }

        /* Check MIC */
        tkip_michael ( &ctx->tk.mic.rx, hdr->addr1, hdr->addr3,
                       iob->data + hdrlen, datalen, mic );
        if ( memcmp ( mic, iob->tail, TKIP_MIC_LEN ) != 0 ) {
                DBGC ( ctx, "WPA-TKIP %p ALERT! MIC failure\n", ctx );
                /* XXX we should do the countermeasures here */
                free_iob ( iob );
                return NULL;
        }

        DBGC2 ( ctx, "WPA-TKIP %p: decrypted packet %p -> %p\n", ctx,
                eiob, iob );

        return iob;
}
static void tkip_kie_mic ( const void *  kck,
const void *  msg,
size_t  len,
void *  mic 
) [static]

Calculate HMAC-MD5 MIC for EAPOL-Key frame.

Parameters:
kckKey Confirmation Key, 16 bytes
msgMessage to calculate MIC over
lenNumber of bytes to calculate MIC over
Return values:
micCalculated MIC, 16 bytes long

Definition at line 545 of file wpa_tkip.c.

References ctx, hmac_final(), hmac_init(), hmac_update(), md5_algorithm, MD5_CTX_SIZE, and memcpy().

{
        uint8_t ctx[MD5_CTX_SIZE];
        u8 kckb[16];
        size_t kck_len = 16;

        memcpy ( kckb, kck, kck_len );

        hmac_init ( &md5_algorithm, ctx, kckb, &kck_len );
        hmac_update ( &md5_algorithm, ctx, msg, len );
        hmac_final ( &md5_algorithm, ctx, kckb, &kck_len, mic );
}
static int tkip_kie_decrypt ( const void *  kek,
const void *  iv,
void *  msg,
u16 len 
) [static]

Decrypt key data in EAPOL-Key frame.

Parameters:
kekKey Encryption Key, 16 bytes
ivInitialisation vector, 16 bytes
msgMessage to decrypt
lenLength of message
Return values:
msgDecrypted message in place of original
lenUnchanged
rcAlways 0 for success

Definition at line 570 of file wpa_tkip.c.

References arc4_skip(), key, and memcpy().

{
        u8 key[32];
        memcpy ( key, iv, 16 );
        memcpy ( key + 16, kek, 16 );

        arc4_skip ( key, 32, 256, msg, msg, *len );

        return 0;
}

Variable Documentation

const u16 Sbox[256] [static]

TKIP S-box.

Definition at line 96 of file wpa_tkip.c.

struct net80211_crypto tkip_crypto __net80211_crypto
Initial value:
 {
        .algorithm = NET80211_CRYPT_TKIP,
        .init = tkip_init,
        .encrypt = tkip_encrypt,
        .decrypt = tkip_decrypt,
        .priv_len = sizeof ( struct tkip_ctx ),
}

TKIP cryptosystem.

Definition at line 526 of file wpa_tkip.c.

struct wpa_kie tkip_kie __wpa_kie
Initial value:
 {
        .version = EAPOL_KEY_VERSION_WPA,
        .mic = tkip_kie_mic,
        .decrypt = tkip_kie_decrypt,
}

TKIP-style key integrity and encryption handler.

Definition at line 584 of file wpa_tkip.c.