The following series of patches is a preparation for the support for the Pre Association Security Negotiation (PASN) as defined in Draft 802.11az_D2.0. In short, PASN is a mechanism to establish security association and allow Management Frame Protection (MFP) prior to association. To support the PASN authentication flows while associated, the 3-way authentication handshake is going to be performed from the wpa_supplicant, without the low level kernel driver being aware of the authentication exchange. To allow this, some modifications were required in the driver interface and the nl80211 driver, namely extend send_mlme() with wait option and support sending/receiving authentication frames. Since the PASN authentication relies on support for wrapped data and element fragmentation/defragmentation, the patch set includes changes that introduce support for the missing parts. Finally, as the specification defines an High Layer Transient Key (HLTK) and it uses the PMK to PTK derivation functions are extended to also derive and HLTK when required. Andrei Otcheretianski (1): driver_nl80211: Register for SAE AUTH frames more strictly Ilan Peer (11): driver: Extend send_mlme() with wait option nl80211: Allow off-channel of authentication frames in send_mlme() nl80211: Allow Tx status for authentication frames nl80211: Always register for Rx authentication frames with PASN crypto: Add a function to get the ECDH prime len WPA: Rename FILS wrapped data common: Add support for element defragmentation common: Allow WPA_CIPHER_GTK_NOT_USED in RSNE parsing WPA: Extend the wpa_pmk_to_ptk() function to also derive HLTK FT: Extend the wpa_pmk_r1_to_ptk() function to also derive HLTK WPA: Extend the fils_pmk_to_ptk() function to also derive HLTK hostapd/config_file.c | 6 ++ src/ap/ap_config.h | 10 +++ src/ap/ap_drv_ops.c | 2 +- src/ap/ieee802_11.c | 16 ++-- src/ap/wpa_auth.c | 10 ++- src/ap/wpa_auth.h | 6 ++ src/ap/wpa_auth_ft.c | 7 +- src/ap/wpa_auth_glue.c | 5 ++ src/common/ieee802_11_common.c | 121 ++++++++++++++++++++++++++++- src/common/ieee802_11_common.h | 28 ++++++- src/common/ieee802_11_defs.h | 2 +- src/common/wpa_common.c | 79 ++++++++++++++++--- src/common/wpa_common.h | 10 ++- src/crypto/crypto.h | 1 + src/crypto/crypto_openssl.c | 4 + src/crypto/crypto_wolfssl.c | 4 + src/drivers/driver.h | 4 +- src/drivers/driver_hostap.c | 6 +- src/drivers/driver_nl80211.c | 41 ++++++++-- src/drivers/driver_nl80211_event.c | 39 ++++++---- src/rsn_supp/wpa.c | 20 +++-- src/rsn_supp/wpa.h | 1 + src/rsn_supp/wpa_ft.c | 6 +- src/rsn_supp/wpa_i.h | 6 ++ wlantest/rx_eapol.c | 4 +- wlantest/rx_mgmt.c | 6 +- wpa_supplicant/config.c | 5 ++ wpa_supplicant/config.h | 10 +++ wpa_supplicant/driver_i.h | 4 +- wpa_supplicant/ibss_rsn.c | 2 +- wpa_supplicant/p2p_supplicant.c | 2 +- wpa_supplicant/sme.c | 4 +- wpa_supplicant/wpas_glue.c | 5 ++ 33 files changed, 392 insertions(+), 84 deletions(-) -- 2.17.1 _______________________________________________ Hostap mailing list Hostap@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/hostap
