Okay, this is probably really dumb, but I'm blind to it.

I'm debugging the encryption key thing.

So, I do the obvious thing; I print out each key right before we send it,
then I do a nearly-identical request and read each key back.

No matter what we set (and it looks like we're setting things right), what
I read back is always
	0x0021 0xfc24 [and all zeroes after that]
for the first key.  The second is 0xfc25.  This is WI_CMD_ACCESS followed
by WI_RID_P2_CRYPT_KEY0... which looks like the *start* of the wi_ltv_str
structure, but I'm quite sure I'm printing out the string member.

I was wondering if someone would be willing to try to implement this
independantly, and see if you get the same results.  It certainly does look
like you can't really read WI_RID_P2_CRYPT_KEY[0-3]; perhaps these are
intended to be write-only?

-s