Re: [Madwifi-devel] Crypto
Status: Beta
Brought to you by:
otaku
Menu
▾
▴
Re: [Madwifi-devel] Crypto
|
From: Sam L. <sa...@er...> - 2004-02-05 06:32:39
|
On Thursday 29 January 2004 02:06 pm, Mike Hudson wrote: > On Mon January 26 2004 06:15, Marco Aime wrote: > > Hi all, > > > > have two questions: > > > > 1. How can I make the Atheros firmware not decrypt/encrypt WEP > > packets and have the driver do it instead? (for example, in hostap > > you have to set with the "hostdecrypt" and "hostencrypt" parameters > > with iwpriv) > > Why the heck would you want to do this? If you're considering > implementing 802.1i, keep in mind that the Atheros hardware DOES > support hardware AES encryption. Otherwise - just do the crypto at > another layer - it's simpler. :) > One good reason to do this is so you can fallback if you run out of key slots in the hardware (unlikely but with WPA they go fast). At the moment there's no existing mechanism. However if you change the driver to not use the h/w crypto then the existing software WEP code will automatically be used so the problem reduces to conditionally disabling the h;/w crypto (which is just a SMOP). > I believe you would first have to modify if_ath.c and remove the wep > code from ath_tx_start and ath_rx_tasklet. This code presents a > non-wep-encrypted packet to the 802.11 layer, so we don't try to > decrypt it in software. I believe that the 802.11 layer code in CVS > does support software wep, but we don't currently use that code, and > it's very likely untested on linux. > You're correct. The s/w WEP code should work fine. > I'm sure I've missed quite a few things, but this would be the general > approach I'd take to get the 802.11 layer to handle wep. There may be a > bsd driver that requires the software WEP functionality of the 802.11 > layer - I'm not sure. If such a thing exists, talk with them to see > what they did. > Yes, there are drivers that use it since some parts don't do WEP when operating in hostap mode (ask Jouni :)). Sam |