Johannes, Thank you for that. I need to make a quick hack to send an invalid MIC packet from another device to test the countermeasures. Should I submit a new patch with this change when I've completed testing or are you already prepared to do so? Michael On Fri, May 12, 2017 at 4:52 AM, Johannes Berg <johannes@xxxxxxxxxxxxxxxx> wrote: > Here's the driver code from rt2500usb (but it's similar in the others): > > rxdesc->flags |= RX_FLAG_MMIC_STRIPPED; > if (rxdesc->cipher_status == RX_CRYPTO_SUCCESS) > rxdesc->flags |= RX_FLAG_DECRYPTED; > else if (rxdesc->cipher_status == RX_CRYPTO_FAIL_MIC) > rxdesc->flags |= RX_FLAG_MMIC_ERROR; > > I think if you just change it to be > > [...] > else if (rxdesc->cipher_status == RX_CRYPTO_FAIL_MIC) > rxdesc->flags |= RX_FLAG_MMIC_ERROR | > RX_FLAG_DECRYPTED; > > things will start working. This is arguably correct since to be able to > check the MMIC, the frame has to have been decrypted (properly) before. > > johannes
