On 10/27/19 3:24 PM, Jouni Malinen wrote:
On Tue, Oct 01, 2019 at 04:19:29PM +0200, Mikael Kanstrup wrote:
Currently SUITE_B_192 capability is indicated for all devices using
the nl80211 driver. However some devices can't handle Suite B 192 due
to insufficient ciphers supported. Add a check for GCMP-256 cipher
support and only indicate SUITE_B_192 capability when supported.
This allows compiling with CONFIG_SUITEB192 and still get proper
response to the 'GET_CAPABILITY key_mgmt' command. Under Android
it can also serve as a dynamic way for HAL to query platform
for WPA3 enterprise support.
Thanks, applied. Though, I added CCMP-256 as an alternative acceptable
cipher for indicating SUITE_B_192 based on the exact requirement in the
IEEE 802.11 standard. In practice, I don't expect this to result in any
difference since there are likely no drivers supporting CCMP-256 without
GCMP-256.
Hi Jouni,
Thanks! For our case adding CCMP-256 is not a problem. But I am not able
to confirm this in the standards. Can you please point me in the right
direction?
BR
Mikael Kanstrup
_______________________________________________
Hostap mailing list
Hostap@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/hostap
