From: Jouni Malinen <j@w1.fi>
To: Johannes Berg <johannes@sipsolutions.net>
Cc: linux-wireless@vger.kernel.org
Subject: [RFC PATCH 6/7] 802.11w: WEXT configuration for IGTK
Date: Tue, 17 Jun 2008 18:40:14 +0300 [thread overview]
Message-ID: <20080617160008.473796805@localhost> (raw)
In-Reply-To: 20080617154008.883383150@localhost
Added new SIOCSIWENCODEEXT algorithm for configuring BIP (AES-CMAC)
keys (IGTK).
Signed-off-by: Jouni Malinen <j@w1.fi>
Index: wireless-testing/include/linux/wireless.h
===================================================================
--- wireless-testing.orig/include/linux/wireless.h
+++ wireless-testing/include/linux/wireless.h
@@ -615,6 +615,7 @@
#define IW_ENCODE_ALG_TKIP 2
#define IW_ENCODE_ALG_CCMP 3
#define IW_ENCODE_ALG_PMK 4
+#define IW_ENCODE_ALG_AES_CMAC 5
/* struct iw_encode_ext ->ext_flags */
#define IW_ENCODE_EXT_TX_SEQ_VALID 0x00000001
#define IW_ENCODE_EXT_RX_SEQ_VALID 0x00000002
Index: wireless-testing/net/mac80211/wext.c
===================================================================
--- wireless-testing.orig/net/mac80211/wext.c
+++ wireless-testing/net/mac80211/wext.c
@@ -40,7 +40,14 @@ static int ieee80211_set_encryption(stru
sdata = IEEE80211_DEV_TO_SUB_IF(dev);
- if (idx < 0 || idx >= NUM_DEFAULT_KEYS) {
+ if (alg == ALG_AES_CMAC) {
+ if (idx < NUM_DEFAULT_KEYS ||
+ idx >= NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS) {
+ printk(KERN_DEBUG "%s: set_encrypt - invalid idx=%d "
+ "(BIP)\n", dev->name, idx);
+ return -EINVAL;
+ }
+ } else if (idx < 0 || idx >= NUM_DEFAULT_KEYS) {
printk(KERN_DEBUG "%s: set_encrypt - invalid idx=%d\n",
dev->name, idx);
return -EINVAL;
@@ -99,6 +106,9 @@ static int ieee80211_set_encryption(stru
if (set_tx_key || (!sta && !sdata->default_key && key))
ieee80211_set_default_key(sdata, idx);
+ if (alg == ALG_AES_CMAC &&
+ (set_tx_key || (!sta && !sdata->default_mgmt_key && key)))
+ ieee80211_set_default_mgmt_key(sdata, idx);
}
out_unlock:
@@ -1076,6 +1086,9 @@ static int ieee80211_ioctl_siwencodeext(
case IW_ENCODE_ALG_CCMP:
alg = ALG_CCMP;
break;
+ case IW_ENCODE_ALG_AES_CMAC:
+ alg = ALG_AES_CMAC;
+ break;
default:
return -EOPNOTSUPP;
}
@@ -1084,20 +1097,41 @@ static int ieee80211_ioctl_siwencodeext(
remove = 1;
idx = erq->flags & IW_ENCODE_INDEX;
- if (idx < 1 || idx > 4) {
- idx = -1;
- if (!sdata->default_key)
- idx = 0;
- else for (i = 0; i < NUM_DEFAULT_KEYS; i++) {
- if (sdata->default_key == sdata->keys[i]) {
- idx = i;
- break;
+ if (alg == ALG_AES_CMAC) {
+ if (idx < NUM_DEFAULT_KEYS + 1 ||
+ idx > NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS) {
+ idx = -1;
+ if (!sdata->default_mgmt_key)
+ idx = 0;
+ else for (i = NUM_DEFAULT_KEYS;
+ i < NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS;
+ i++) {
+ if (sdata->default_mgmt_key == sdata->keys[i])
+ {
+ idx = i;
+ break;
+ }
}
- }
- if (idx < 0)
- return -EINVAL;
- } else
- idx--;
+ if (idx < 0)
+ return -EINVAL;
+ } else
+ idx--;
+ } else {
+ if (idx < 1 || idx > 4) {
+ idx = -1;
+ if (!sdata->default_key)
+ idx = 0;
+ else for (i = 0; i < NUM_DEFAULT_KEYS; i++) {
+ if (sdata->default_key == sdata->keys[i]) {
+ idx = i;
+ break;
+ }
+ }
+ if (idx < 0)
+ return -EINVAL;
+ } else
+ idx--;
+ }
return ieee80211_set_encryption(dev, ext->addr.sa_data, idx, alg,
remove,
--
--
Jouni Malinen PGP id EFC895FA
next prev parent reply other threads:[~2008-06-17 16:01 UTC|newest]
Thread overview: 38+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-06-17 15:40 [RFC PATCH 0/7] IEEE 802.11w / management frame protection Jouni Malinen
2008-06-17 15:40 ` [RFC PATCH 1/7] 802.11w: STA flag for MFP Jouni Malinen
2008-06-17 15:40 ` [RFC PATCH 2/7] 802.11w: CCMP for management frames Jouni Malinen
2008-06-17 15:40 ` [RFC PATCH 3/7] 802.11w: Add BIP (AES-128-CMAC) Jouni Malinen
2008-06-17 16:55 ` Johannes Berg
2008-06-17 17:22 ` Harvey Harrison
2008-06-17 18:06 ` Jouni Malinen
2008-06-17 18:08 ` Michael Buesch
2008-06-17 18:19 ` Johannes Berg
2008-06-17 18:50 ` Jouni Malinen
2008-06-17 18:56 ` Johannes Berg
2008-06-17 15:40 ` [RFC PATCH 4/7] 802.11w: Use " Jouni Malinen
2008-06-17 17:05 ` Johannes Berg
2008-06-17 18:10 ` Jouni Malinen
2008-06-17 18:27 ` Johannes Berg
2008-06-18 10:17 ` Johannes Berg
2008-06-17 15:40 ` [RFC PATCH 5/7] 802.11w: WEXT parameter for setting mgmt cipher Jouni Malinen
2008-06-17 15:40 ` Jouni Malinen [this message]
2008-06-17 15:40 ` [RFC PATCH 7/7] 802.11w: Configuration of MFP disabled/optional/required Jouni Malinen
2008-06-17 17:09 ` Johannes Berg
2008-06-17 18:18 ` Jouni Malinen
2008-06-17 18:34 ` Johannes Berg
2008-06-17 16:44 ` [RFC PATCH 0/7] IEEE 802.11w / management frame protection Johannes Berg
2008-06-17 17:47 ` Jouni Malinen
2008-06-17 17:52 ` Michael Buesch
2008-06-17 18:00 ` Johannes Berg
2008-06-17 18:23 ` Jouni Malinen
2008-06-17 18:27 ` Michael Buesch
2008-06-17 18:31 ` Johannes Berg
2008-06-17 18:41 ` Michael Buesch
2008-06-17 19:02 ` Jouni Malinen
2008-07-09 17:40 ` Johannes Berg
2008-07-09 18:08 ` Johannes Berg
2008-07-14 22:01 ` Jouni Malinen
2008-08-28 16:04 ` VLAN testing (and mac80211_hwsim test cases in general) Jouni Malinen
2008-08-29 7:33 ` Johannes Berg
2008-08-29 8:37 ` Jouni Malinen
2008-08-29 11:34 ` Jose Ignacio Naranjo Hernández
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20080617160008.473796805@localhost \
--to=j@w1.fi \
--cc=johannes@sipsolutions.net \
--cc=linux-wireless@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).