Dear all,

TKIP decryption is supposed to be done in hardware. However, the process requires the per-packet key mixing phase to run in software first. I need to know at which point exactly does the hardware get involved in the process?

Here is a code snapshot of ieee80211_input():

            key = ieee80211_crypto_decap(ni, skb, hdrlen);
            if (key == NULL) {
                /* NB: stats+msgs handled in crypto_decap */
                IEEE80211_NODE_STAT(ni, rx_wepfail);
                goto out;
            }
            wh = (struct ieee80211_frame *)skb->data;
            wh->i_fc[1] &= ~IEEE80211_FC1_PROT;

ieee80211_crypto_decap() (or, otherwise, tkip_crypto_decap() ) simply ignores decryption if the vap is capable of hardware decryption. So, when exactly is the hardware is fed with the per-packet key and thus goes for decryption?

Thank you,
Yara