RE: [PATCH 00/12] Preparations for Pre association Security Negotiation(PASN) Support

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

> -----Original Message-----
> From: Jouni Malinen <j@xxxxx>
> Sent: Sunday, March 01, 2020 00:35
> To: Peer, Ilan <ilan.peer@xxxxxxxxx>
> Cc: hostap@xxxxxxxxxxxxxxxxxxx
> Subject: Re: [PATCH 00/12] Preparations for Pre association Security
> Negotiation(PASN) Support
> 
> On Mon, Feb 24, 2020 at 11:14:25AM +0200, Ilan Peer wrote:
> > The following series of patches is a preparation for the support for
> > the Pre Association Security Negotiation (PASN) as defined in Draft
> > 802.11az_D2.0. In short, PASN is a mechanism to establish security
> > association and allow Management Frame Protection (MFP) prior to
> > association.
> >
> > To support the PASN authentication flows while associated, the 3-way
> > authentication handshake is going to be performed from the
> > wpa_supplicant, without the low level kernel driver being aware of the
> > authentication exchange. To allow this, some modifications were
> > required in the driver interface and the nl80211 driver, namely extend
> > send_mlme() with wait option and support sending/receiving
> authentication frames.
> >
> > Since the PASN authentication relies on support for wrapped data and
> > element fragmentation/defragmentation, the patch set includes changes
> > that introduce support for the missing parts.
> >
> > Finally, as the specification defines an High Layer Transient Key
> > (HLTK) and it uses the PMK to PTK derivation functions are extended to
> > also derive and HLTK when required.
> 
> Thanks, I applied the following patches with some cleanup/fixes:
> 
> Andrei Otcheretianski (1):
>       nl80211: Register for SAE Authentication frames more strictly
> 
> Ilan Peer (5):
>       driver: Extend send_mlme() with wait option
>       nl80211: Allow TX status for Authentication frames
>       crypto: Add a function to get the ECDH prime length
>       WPA: Rename FILS wrapped data
>       common: Add support for element defragmentation
> 
> The other patches have open items as indicated in the separate replies.

Thanks for the review 😊

Unless you want it otherwise I'll fix 3 and 9 based on your comments, but will push the fixes once things are more stable with 802.11az.

Regards,

Ilan.
_______________________________________________
Hostap mailing list
Hostap@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/hostap
[Index of Archives]     [Linux Wireless]     [Linux Kernel]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Device Mapper]

  Powered by Linux