Add the new driver flag WPA_DRIVER_FLAGS_EXTENDED_KEY_ID and
the key_types designated to replace and extend the use of the existing
set_tx boolean in all set_key() functions.
Both changes are required as foundation for the Extended Key ID support
and later patches will build on it.
The new - so far unused - key_types are:
KEY_TYPE_BROADCAST
To be set when installing a broadcast key which is not also a default
key. (This basically replaces set_tx=0)
KEY_TYPE_DEFAULT
To be set when installing a WEP or a group key without pairwise
keys. Must not be used when pairwise keys are used. Never set when
deleting a key. (This basically replaces set_tx=1)
KEY_TYPE_PAIRWISE:
Used to distinguish pairwise from broadcast keys. (This is needed
since Extended Key ID can use keyidx=1 both as pairwise and group
keys and we need an additional hint to distinguish between them.)
KEY_TYPE_NO_AUTO_TX
To be set when installing a pairwise key which must not be used for
Tx, yet. (New requirement for Extended Key ID support.)
KEY_TYPE_SET_TX
To be set when activating Tx for a key already installed with
KEY_TYPE_NO_AUTO_TX. (Also required for Extended Key ID support.)
Signed-off-by: Alexander Wetzel <alexander@xxxxxxxxxxxxxx>
---
This could be split up in more patches to clearly differentiate between
"set_tx cleanup" and "Extended Key ID support".
But then I think having the key_types all in one patch is simpler to
follow and it looks silly to then just have a patch for adding
WPA_DRIVER_FLAGS_EXTENDED_KEY_ID...
I started out using key_flags instead an enum here. But after getting it
working it turned out that there simply is no useful case where we would
have to set more than one bit. If someone sees a better and less
invasive way we can of course do that. (In the RFC version I morphed
- incompeltly - set_tx to key_flags but that was just a half-step. See
https://patchwork.ozlabs.org/project/hostap/list/?series=75270)
src/common/wpa_common.h | 8 ++++++++
src/drivers/driver.h | 19 +++++++++++++++++++
2 files changed, 27 insertions(+)
diff --git a/src/common/wpa_common.h b/src/common/wpa_common.h
index cb511ff0b..415104de9 100644
--- a/src/common/wpa_common.h
+++ b/src/common/wpa_common.h
@@ -203,6 +203,14 @@ struct wpa_eapol_key {
#define FILS_ICK_MAX_LEN 48
#define FILS_FT_MAX_LEN 48
+enum key_type {
+ KEY_TYPE_BROADCAST,
+ KEY_TYPE_DEFAULT,
+ KEY_TYPE_PAIRWISE,
+ KEY_TYPE_NO_AUTO_TX,
+ KEY_TYPE_SET_TX,
+};
+
/**
* struct wpa_ptk - WPA Pairwise Transient Key
* IEEE Std 802.11i-2004 - 8.5.1.2 Pairwise key hierarchy
diff --git a/src/drivers/driver.h b/src/drivers/driver.h
index 2a8459ae3..b74c37f2c 100644
--- a/src/drivers/driver.h
+++ b/src/drivers/driver.h
@@ -1659,6 +1659,8 @@ struct wpa_driver_capa {
#define WPA_DRIVER_FLAGS_FTM_RESPONDER 0x0100000000000000ULL
/** Driver support 4-way handshake offload for WPA-Personal */
#define WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK 0x0200000000000000ULL
+/** Driver supports Extended Key ID */
+#define WPA_DRIVER_FLAGS_EXTENDED_KEY_ID 0x0400000000000000ULL
u64 flags;
#define FULL_AP_CLIENT_STATE_SUPP(drv_flags) \
@@ -2290,6 +2292,23 @@ struct wpa_driver_ops {
* 8-byte Rx Mic Key
* @key_len: length of the key buffer in octets (WEP: 5 or 13,
* TKIP: 32, CCMP/GCMP: 16, IGTK: 16)
+ * @key_type: Additional instructions for key install:
+ * %KEY_TYPE_BROADCAST:
+ * Key is a broadcast but no default key.
+ * %KEY_TYPE_DEFAULT:
+ * Key is the default key (not using pairwise keys, WEP or
+ * group key only.) Must not be used when pairwise keys are
+ * also in use.
+ * %KEY_TYPE_PAIRWISE:
+ * Normal pairwise key not requiring Extended Key ID actions.
+ * %KEY_TYPE_NO_AUTO_TX:
+ * Pairwise Key, but it must not be used for Tx, yet.
+ * Can only be used when the driver supports Extended Key ID.
+ * %KEY_TYPE_SET_TX:
+ * Key already installed with %KEY_TYPE_NO_AUTO_TX is selected as
+ * the pairwise Tx key for the STA. Only @ifname, @priv, @addr
+ * and @key_idx must be set and all other arguments have to be
+ * zero or NULL.
*
* Returns: 0 on success, -1 on failure
*
--
2.23.0
_______________________________________________
Hostap mailing list
Hostap@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/hostap
