This thread has been locked.

If you have a related question, please click the "Ask a related question" button in the top right corner. The newly created question will be automatically linked to this question.

Linux/WL1837MOD: 802.11w/Management frame protection

Part Number: WL1837MOD
Other Parts Discussed in Thread: WL1837, WL1271

Tool/software: Linux

Hi,

We have been investigating the ability to add managament frame protection as defined by
802.11w on a system using wl1837.
Our initial findings showed that the wl18xx doesn't do unicast encryption or decryption
of management frames, though this can be solved in software as all the relevant information
(CCMP headers) is propagated to the host for RX and for TX the wl1837 can be instructed to
ignore encryption.
This was implemented based on R8.5 and tested ok for both station and AP.


In paralell to this an update to R8.7-sp1 was done, and unfortunately things don't work any more.
For most management frames the wl1837 still don't do anything (which is ok), but for management
frames of type action frame the wl1837 now tries to decrypt and fails. The problem with this is that it
is now no longer possible to do decryption in software as the CCMP headers are stripped
by the wl1837 firmware.

For the questions;
The best scenario for us would be if wl1837 firmware could be updated to encrypt and decrypt
unicast management frames in hardware (AES/CCMP). Can this be done?
If this is not possible, can you revert the behaviour for unicast action frames so that these
are passed untouched for decrypt in host?

NOTE! this is for the frame encryption and decryption of unicast management frames. For the
BIP field generation and verification we have a working solution in software.

As the update to r8.7 update is pending to be released and the 802.11w feature is scheduled for
the next version it is quite crucial for us to get a reply so we can decide wether or not to
revert the r8.7.

Host platform: proprietary
WiLink flavor: WL1837
Module vendor: u-blox

Firmware versions R8.5:
FRev 8.9.0.0.31
Rev 8.2.0.0.224

Firmware versions R8.7-sp1:
FRev 8.9.0.0.70
FRev 8.2.0.0.237

Best regards
Vilhelm

  • Hi,

    Your query has been assigned to a relevant expert. We will get back to you soon.

    Best regards,
    Vihang
  • Dear Vilhelm,

    We have added the encryption for this action frame due to it's definition in the 802.11 Spec.

    We've found out that it should be encrypted hence the encryption.

    Can you please let us know what exactly is the problem you see?

    Unfortunately the wl1837 firmware will not be updated at this stage to encrypt and decrypt 

    unicast management frames in hardware (AES/CCMP). 

    BR,

    Chen Loewy

  • Hi,

    The problem isn't with encrypt, it is with decrypt.

    In FRev 8.9.0.0.31 (R8.5) an encrypted action frame of type SA-query arrives in the driver with desc->status set to WL1271_RX_DESC_SUCCESS and desc->flags set to WL1271_RX_DESC_ENCRYPT_AES. The payload holds a CCMP MPDU that can be decrypted by host software.

    In FRev 8.9.0.0.70 (R8.7-sp1) an encrypted action frame of type SA-query arrives in the driver with desc->status set to WL1271_RX_DESC_DECRYPT_FAIL and the payload is garbage and is thus unusable.

    Regards
    Vilhelm