3
0
mirror of https://git.kernel.org/pub/scm/network/wireless/iwd.git synced 2024-12-23 14:22:36 +01:00

netdev: Clarify the PTK->TK to MIC key mapping

Cite 802.11 in the comments and use nl80211.h constants to map the tx
and rx keys correctly.
This commit is contained in:
Andrew Zaborowski 2017-08-31 04:04:53 +02:00 committed by Denis Kenzior
parent 092ede1147
commit f659265000

View File

@ -1016,25 +1016,31 @@ static void netdev_set_gtk(uint32_t ifindex, uint8_t key_index,
switch (cipher) { switch (cipher) {
case CRYPTO_CIPHER_CCMP: case CRYPTO_CIPHER_CCMP:
/*
* 802.11-2012 11.7.4 Mapping GTK to CCMP keys:
* "A STA shall use the temporal key as the CCMP key."
*/
memcpy(gtk_buf, gtk, 16); memcpy(gtk_buf, gtk, 16);
break; break;
case CRYPTO_CIPHER_TKIP: case CRYPTO_CIPHER_TKIP:
/* /*
* Swap the TX and RX MIC key portions for supplicant. * 802.11-2012 11.7.2 Mapping GTK to TKIP keys:
* WPA_80211_v3_1_090922 doc's 3.3.4: * "A STA shall use bits 0-127 of the temporal key as the
* The MIC key used on the Client for transmit (TX) is in * input to the TKIP Phase 1 and Phase 2 mixing functions.
* bytes 24-31, and the MIC key used on the Client for
* receive (RX) is in bytes 16-23 of the PTK. That is,
* assume that TX MIC and RX MIC referred to in Clause 8.7
* are referenced to the Authenticator. Similarly, on the AP,
* the MIC used for TX is in bytes 16-23, and the MIC key
* used for RX is in bytes 24-31 of the PTK.
* *
* Here apply this to the GTK instead of the PTK. * A STA shall use bits 128-191 of the temporal key as
* the Michael key for MSDUs from the Authenticator's STA
* to the Supplicant's STA.
*
* A STA shall use bits 192-255 of the temporal key as
* the Michael key for MSDUs from the Supplicant's STA
* to the Authenticator's STA."
*/ */
memcpy(gtk_buf, gtk, 16); memcpy(gtk_buf + NL80211_TKIP_DATA_OFFSET_ENCR_KEY, gtk, 16);
memcpy(gtk_buf + 16, gtk + 24, 8); memcpy(gtk_buf + NL80211_TKIP_DATA_OFFSET_RX_MIC_KEY,
memcpy(gtk_buf + 24, gtk + 16, 8); gtk + 16, 8);
memcpy(gtk_buf + NL80211_TKIP_DATA_OFFSET_TX_MIC_KEY,
gtk + 24, 8);
break; break;
default: default:
l_error("Unexpected cipher: %x", cipher); l_error("Unexpected cipher: %x", cipher);
@ -1192,23 +1198,32 @@ static void netdev_set_tk(uint32_t ifindex, const uint8_t *aa,
switch (cipher) { switch (cipher) {
case CRYPTO_CIPHER_CCMP: case CRYPTO_CIPHER_CCMP:
/*
* 802.11-2012 11.7.3 Mapping PTK to CCMP keys:
* "A STA shall use the temporal key as the CCMP key
* for MPDUs between the two communicating STAs."
*/
memcpy(tk_buf, tk, 16); memcpy(tk_buf, tk, 16);
break; break;
case CRYPTO_CIPHER_TKIP: case CRYPTO_CIPHER_TKIP:
/* /*
* Swap the TX and RX MIC key portions for supplicant. * 802.11-2012 11.7.1 Mapping PTK to TKIP keys:
* WPA_80211_v3_1_090922 doc's 3.3.4: * "A STA shall use bits 0-127 of the temporal key as its
* The MIC key used on the Client for transmit (TX) is in * input to the TKIP Phase 1 and Phase 2 mixing functions.
* bytes 24-31, and the MIC key used on the Client for *
* receive (RX) is in bytes 16-23 of the PTK. That is, * A STA shall use bits 128-191 of the temporal key as
* assume that TX MIC and RX MIC referred to in Clause 8.7 * the Michael key for MSDUs from the Authenticator's STA
* are referenced to the Authenticator. Similarly, on the AP, * to the Supplicant's STA.
* the MIC used for TX is in bytes 16-23, and the MIC key *
* used for RX is in bytes 24-31 of the PTK. * A STA shall use bits 192-255 of the temporal key as
* the Michael key for MSDUs from the Supplicant's STA
* to the Authenticator's STA."
*/ */
memcpy(tk_buf, tk, 16); memcpy(tk_buf + NL80211_TKIP_DATA_OFFSET_ENCR_KEY, tk, 16);
memcpy(tk_buf + 16, tk + 24, 8); memcpy(tk_buf + NL80211_TKIP_DATA_OFFSET_RX_MIC_KEY,
memcpy(tk_buf + 24, tk + 16, 8); tk + 16, 8);
memcpy(tk_buf + NL80211_TKIP_DATA_OFFSET_TX_MIC_KEY,
tk + 24, 8);
break; break;
default: default:
l_error("Unexpected cipher: %x", cipher); l_error("Unexpected cipher: %x", cipher);