From: Michael Buesch <mb@bu3sch.de>
To: "Jouni Malinen" <jkm@devicescape.com>
Cc: Jiri Benc <jbenc@suse.cz>, linux-wireless@vger.kernel.org
Subject: Re: d80211: current TKIP hwcrypto implementation seems to be broken
Date: Mon, 12 Feb 2007 22:39:31 +0100 [thread overview]
Message-ID: <200702122239.31778.mb@bu3sch.de> (raw)
In-Reply-To: <20070212183020.GA16597@instant802.com>
On Monday 12 February 2007 19:30, Jouni Malinen wrote:
> On Sun, Feb 04, 2007 at 01:44:18PM +0100, Michael Buesch wrote:
>
> > We need the phase1 for bcm43xx. We need to upload it to
> > card memory and we need to pass it on every TX on the DMA.
>
> > So, currently we receive the phase1 key on the first
> > encrypted TX. That's too late, as we already receive encrypted
> > packets before that. bcm43xx needs the phase1 key (and the iv32)
> > on RX. It uses the one uploaded into the card memory. But it
> > is not uploaded, yet, as we did not TX any encrypted packet.
>
> How exactly is this supposed to work for RX?
I misunderstood it, so my explaination was not 100% correct.
It works the following way: We need the phase1 for TX and for RX.
The key for TX is passed along with the TX frame. We can take the
key from the tx_control (I'd still like to get rid of the
array in the tx_control, though. Working on it...)
For RX we have the phase1 uploaded to some device memory.
What happens on RX when the iv32 wraps. Well, it simply won't decrypt
the frame. What we must do then is upload a new key as fast as possible.
The undecrypted frame can be either decrypted in SW (which I think d80211
can do. At least with minor additional changes), or we drop it.
I started to implement an API to calculate the phase1 key on demand.
It doesn't quite work, yet and I'm stuck in more important work
that should be done before the d80211 merge, so it will take some time
until I can continue debugging the stuff.
--
Greetings Michael.
next prev parent reply other threads:[~2007-02-12 21:39 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-02-04 12:44 d80211: current TKIP hwcrypto implementation seems to be broken Michael Buesch
2007-02-05 20:43 ` Jiri Benc
2007-02-05 21:38 ` Johannes Berg
2007-02-05 21:45 ` Johannes Berg
2007-02-05 21:48 ` Johannes Berg
2007-02-06 14:55 ` Michael Buesch
2007-02-12 18:30 ` Jouni Malinen
2007-02-12 21:39 ` Michael Buesch [this message]
2007-02-12 23:15 ` Tomas Winkler
2007-02-12 23:23 ` Michael Buesch
2007-02-12 23:54 ` Tomas Winkler
2007-02-13 0:10 ` Michael Buesch
2007-02-13 0:19 ` Tomas Winkler
2007-02-13 0:28 ` Jouni Malinen
2007-02-13 1:08 ` Tomas Winkler
2007-02-13 1:20 ` Jouni Malinen
2007-02-15 16:58 ` Tomas Winkler
2007-02-13 0:33 ` Michael Buesch
2007-02-13 1:09 ` Tomas Winkler
2007-02-12 23:53 ` Jouni Malinen
2007-02-13 0:06 ` Michael Buesch
2007-02-13 0:16 ` Michael Buesch
2007-02-13 16:18 ` Johannes Berg
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=200702122239.31778.mb@bu3sch.de \
--to=mb@bu3sch.de \
--cc=jbenc@suse.cz \
--cc=jkm@devicescape.com \
--cc=linux-wireless@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).