From: "Tobin C. Harding" <me@tobin.cc>
To: Dan Williams <dcbw@redhat.com>
Cc: Johannes Berg <johannes@sipsolutions.net>,
linux-wireless@vger.kernel.org
Subject: Re: WPA and WPA2
Date: Mon, 29 May 2017 07:30:25 +1000 [thread overview]
Message-ID: <20170528213025.GA4233@eros> (raw)
In-Reply-To: <1495734353.12839.2.camel@redhat.com>
On Thu, May 25, 2017 at 12:45:53PM -0500, Dan Williams wrote:
> On Thu, 2017-05-25 at 08:40 +1000, Tobin C. Harding wrote:
> > On Wed, May 24, 2017 at 08:06:40PM +0200, Johannes Berg wrote:
> > > Just a small correction:
> > >
> > > On Wed, 2017-05-24 at 11:44 -0500, Dan Williams wrote:
> > > >
> > > > For RSN, they are 1 = PMK, 2 = GMK, 3 = GMK2, 4 seems unused.
> > >
> > > PTK and GTK, and in theory you could have more than two GTKs but
> > > that's
> > > not usually done.
> >
> > Excuse my ignorance but why do you say PTK and GTK here? Who
> > generates
> > the transient keys, hardware, firmware or software? Is this device
> > specific or is there a *normal* way?
> >
> > From the nomenclature in the WEXT driver I thought the driver
> > supplied the
> > master keys to the firmware and transient keys were generated at the
> > firmware layer or lower.
>
> Usually the supplicant supplies only the PTK/GTK to the driver at the
> right times (like during the 4-way handshake). It looks like the
> driver only refers to PMK/GMK when using the rx_seq[] bits, while the
> actual WPA keys are probably the PTK/GTK.
>
> While it's not the best example, see
> drivers/net/wireless/marvell/libertas/cfg.c and lbs_cfg_connect() and
> lbs_cfg_add_key(). That should translate fairly well to the ks7010
> driver. The important parts you'll get from nl80211 are
> add_key/del_key and set_default_key. The connect hook gets called
> first to tell the driver to start the auth/assoc process to a given AP,
> and that's where you'd set up the general stuff like whether or not
> you'll use WEP or WPA, what the SSID/BSSID are, whether PSK or
> EAPOL/802.1x, rates, etc. Then after that you'll get the add_key hook
> that actually sends the real keys to the driver when the supplicant has
> calculated them.
>
>
> Dan
Awesome, thanks Dan
next prev parent reply other threads:[~2017-05-28 21:30 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-05-24 7:27 WPA and WPA2 Tobin C. Harding
2017-05-24 7:34 ` Tobin C. Harding
2017-05-24 16:44 ` Dan Williams
2017-05-24 18:06 ` Johannes Berg
2017-05-24 22:40 ` Tobin C. Harding
2017-05-25 17:45 ` Dan Williams
2017-05-28 21:30 ` Tobin C. Harding [this message]
2017-05-26 8:32 ` Johannes Berg
2017-05-24 22:43 ` Tobin C. Harding
2017-05-24 7:40 ` Johannes Berg
2017-05-24 10:13 ` Tobin C. Harding
2017-05-24 10:47 ` Johannes Berg
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170528213025.GA4233@eros \
--to=me@tobin.cc \
--cc=dcbw@redhat.com \
--cc=johannes@sipsolutions.net \
--cc=linux-wireless@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.