mirror of
https://github.com/vanhoefm/fragattacks.git
synced 2024-11-25 00:38:24 -05:00
Add definitions for new cipher suites from IEEE Std 802.11ac-2013
This adds initial parts for supporting the new GCMP-256, CCMP-256, BIP-GMAC-128, BIP-GMAC-256, and BIP-CMAC-256 cipher suites. Signed-hostap: Jouni Malinen <j@w1.fi>
This commit is contained in:
parent
13b24a766f
commit
30675c3416
@ -759,7 +759,9 @@ static int hostapd_config_check_bss(struct hostapd_bss_config *bss,
|
||||
|
||||
if (conf->ieee80211n && bss->wpa &&
|
||||
!(bss->wpa_pairwise & WPA_CIPHER_CCMP) &&
|
||||
!(bss->rsn_pairwise & (WPA_CIPHER_CCMP | WPA_CIPHER_GCMP))) {
|
||||
!(bss->rsn_pairwise & (WPA_CIPHER_CCMP | WPA_CIPHER_GCMP |
|
||||
WPA_CIPHER_CCMP_256 | WPA_CIPHER_GCMP_256)))
|
||||
{
|
||||
bss->disable_11n = 1;
|
||||
wpa_printf(MSG_ERROR, "HT (IEEE 802.11n) with WPA/WPA2 "
|
||||
"requires CCMP/GCMP to be enabled, disabling HT "
|
||||
@ -792,7 +794,9 @@ static int hostapd_config_check_bss(struct hostapd_bss_config *bss,
|
||||
#ifdef CONFIG_HS20
|
||||
if (bss->hs20 &&
|
||||
(!(bss->wpa & 2) ||
|
||||
!(bss->rsn_pairwise & (WPA_CIPHER_CCMP | WPA_CIPHER_GCMP)))) {
|
||||
!(bss->rsn_pairwise & (WPA_CIPHER_CCMP | WPA_CIPHER_GCMP |
|
||||
WPA_CIPHER_CCMP_256 |
|
||||
WPA_CIPHER_GCMP_256)))) {
|
||||
wpa_printf(MSG_ERROR, "HS 2.0: WPA2-Enterprise/CCMP "
|
||||
"configuration is required for Hotspot 2.0 "
|
||||
"functionality");
|
||||
|
@ -28,6 +28,11 @@ typedef enum { FALSE = 0, TRUE = 1 } Boolean;
|
||||
#endif /* CONFIG_IEEE80211W */
|
||||
#define WPA_CIPHER_GCMP BIT(6)
|
||||
#define WPA_CIPHER_SMS4 BIT(7)
|
||||
#define WPA_CIPHER_GCMP_256 BIT(8)
|
||||
#define WPA_CIPHER_CCMP_256 BIT(9)
|
||||
#define WPA_CIPHER_BIP_GMAC_128 BIT(11)
|
||||
#define WPA_CIPHER_BIP_GMAC_256 BIT(12)
|
||||
#define WPA_CIPHER_BIP_CMAC_256 BIT(13)
|
||||
|
||||
#define WPA_KEY_MGMT_IEEE8021X BIT(0)
|
||||
#define WPA_KEY_MGMT_PSK BIT(1)
|
||||
@ -117,7 +122,12 @@ enum wpa_alg {
|
||||
WPA_ALG_PMK,
|
||||
WPA_ALG_GCMP,
|
||||
WPA_ALG_SMS4,
|
||||
WPA_ALG_KRK
|
||||
WPA_ALG_KRK,
|
||||
WPA_ALG_GCMP_256,
|
||||
WPA_ALG_CCMP_256,
|
||||
WPA_ALG_BIP_GMAC_128,
|
||||
WPA_ALG_BIP_GMAC_256,
|
||||
WPA_ALG_BIP_CMAC_256
|
||||
};
|
||||
|
||||
/**
|
||||
@ -130,7 +140,9 @@ enum wpa_cipher {
|
||||
CIPHER_CCMP,
|
||||
CIPHER_WEP104,
|
||||
CIPHER_GCMP,
|
||||
CIPHER_SMS4
|
||||
CIPHER_SMS4,
|
||||
CIPHER_GCMP_256,
|
||||
CIPHER_CCMP_256
|
||||
};
|
||||
|
||||
/**
|
||||
|
@ -1025,6 +1025,11 @@ enum wifi_display_subelem {
|
||||
#define WLAN_CIPHER_SUITE_AES_CMAC 0x000FAC06
|
||||
#define WLAN_CIPHER_SUITE_NO_GROUP_ADDR 0x000FAC07
|
||||
#define WLAN_CIPHER_SUITE_GCMP 0x000FAC08
|
||||
#define WLAN_CIPHER_SUITE_GCMP_256 0x000FAC09
|
||||
#define WLAN_CIPHER_SUITE_CCMP_256 0x000FAC0A
|
||||
#define WLAN_CIPHER_SUITE_BIP_GMAC_128 0x000FAC0B
|
||||
#define WLAN_CIPHER_SUITE_BIP_GMAC_256 0x000FAC0C
|
||||
#define WLAN_CIPHER_SUITE_BIP_CMAC_256 0x000FAC0D
|
||||
|
||||
#define WLAN_CIPHER_SUITE_SMS4 0x00147201
|
||||
|
||||
|
@ -353,6 +353,16 @@ static int rsn_selector_to_bitfield(const u8 *s)
|
||||
#endif /* CONFIG_IEEE80211W */
|
||||
if (RSN_SELECTOR_GET(s) == RSN_CIPHER_SUITE_GCMP)
|
||||
return WPA_CIPHER_GCMP;
|
||||
if (RSN_SELECTOR_GET(s) == RSN_CIPHER_SUITE_CCMP_256)
|
||||
return WPA_CIPHER_CCMP_256;
|
||||
if (RSN_SELECTOR_GET(s) == RSN_CIPHER_SUITE_GCMP_256)
|
||||
return WPA_CIPHER_GCMP_256;
|
||||
if (RSN_SELECTOR_GET(s) == RSN_CIPHER_SUITE_BIP_GMAC_128)
|
||||
return WPA_CIPHER_BIP_GMAC_128;
|
||||
if (RSN_SELECTOR_GET(s) == RSN_CIPHER_SUITE_BIP_GMAC_256)
|
||||
return WPA_CIPHER_BIP_GMAC_256;
|
||||
if (RSN_SELECTOR_GET(s) == RSN_CIPHER_SUITE_BIP_CMAC_256)
|
||||
return WPA_CIPHER_BIP_CMAC_256;
|
||||
return 0;
|
||||
}
|
||||
|
||||
@ -912,6 +922,10 @@ const char * wpa_cipher_txt(int cipher)
|
||||
return "CCMP+TKIP";
|
||||
case WPA_CIPHER_GCMP:
|
||||
return "GCMP";
|
||||
case WPA_CIPHER_GCMP_256:
|
||||
return "GCMP-256";
|
||||
case WPA_CIPHER_CCMP_256:
|
||||
return "CCMP-256";
|
||||
default:
|
||||
return "UNKNOWN";
|
||||
}
|
||||
@ -1078,6 +1092,9 @@ int wpa_insert_pmkid(u8 *ies, size_t ies_len, const u8 *pmkid)
|
||||
int wpa_cipher_key_len(int cipher)
|
||||
{
|
||||
switch (cipher) {
|
||||
case WPA_CIPHER_CCMP_256:
|
||||
case WPA_CIPHER_GCMP_256:
|
||||
return 32;
|
||||
case WPA_CIPHER_CCMP:
|
||||
case WPA_CIPHER_GCMP:
|
||||
return 16;
|
||||
@ -1096,6 +1113,8 @@ int wpa_cipher_key_len(int cipher)
|
||||
int wpa_cipher_rsc_len(int cipher)
|
||||
{
|
||||
switch (cipher) {
|
||||
case WPA_CIPHER_CCMP_256:
|
||||
case WPA_CIPHER_GCMP_256:
|
||||
case WPA_CIPHER_CCMP:
|
||||
case WPA_CIPHER_GCMP:
|
||||
case WPA_CIPHER_TKIP:
|
||||
@ -1112,6 +1131,10 @@ int wpa_cipher_rsc_len(int cipher)
|
||||
int wpa_cipher_to_alg(int cipher)
|
||||
{
|
||||
switch (cipher) {
|
||||
case WPA_CIPHER_CCMP_256:
|
||||
return WPA_ALG_CCMP_256;
|
||||
case WPA_CIPHER_GCMP_256:
|
||||
return WPA_ALG_GCMP_256;
|
||||
case WPA_CIPHER_CCMP:
|
||||
return WPA_ALG_CCMP;
|
||||
case WPA_CIPHER_GCMP:
|
||||
@ -1139,6 +1162,10 @@ enum wpa_cipher wpa_cipher_to_suite_driver(int cipher)
|
||||
return CIPHER_CCMP;
|
||||
case WPA_CIPHER_GCMP:
|
||||
return CIPHER_GCMP;
|
||||
case WPA_CIPHER_CCMP_256:
|
||||
return CIPHER_CCMP_256;
|
||||
case WPA_CIPHER_GCMP_256:
|
||||
return CIPHER_GCMP_256;
|
||||
case WPA_CIPHER_TKIP:
|
||||
default:
|
||||
return CIPHER_TKIP;
|
||||
@ -1148,7 +1175,9 @@ enum wpa_cipher wpa_cipher_to_suite_driver(int cipher)
|
||||
|
||||
int wpa_cipher_valid_pairwise(int cipher)
|
||||
{
|
||||
return cipher == WPA_CIPHER_CCMP ||
|
||||
return cipher == WPA_CIPHER_CCMP_256 ||
|
||||
cipher == WPA_CIPHER_GCMP_256 ||
|
||||
cipher == WPA_CIPHER_CCMP ||
|
||||
cipher == WPA_CIPHER_GCMP ||
|
||||
cipher == WPA_CIPHER_TKIP;
|
||||
}
|
||||
@ -1156,6 +1185,10 @@ int wpa_cipher_valid_pairwise(int cipher)
|
||||
|
||||
u32 wpa_cipher_to_suite(int proto, int cipher)
|
||||
{
|
||||
if (cipher & WPA_CIPHER_CCMP_256)
|
||||
return RSN_CIPHER_SUITE_CCMP_256;
|
||||
if (cipher & WPA_CIPHER_GCMP_256)
|
||||
return RSN_CIPHER_SUITE_GCMP_256;
|
||||
if (cipher & WPA_CIPHER_CCMP)
|
||||
return (proto == WPA_PROTO_RSN ?
|
||||
RSN_CIPHER_SUITE_CCMP : WPA_CIPHER_SUITE_CCMP);
|
||||
@ -1181,6 +1214,16 @@ int rsn_cipher_put_suites(u8 *pos, int ciphers)
|
||||
{
|
||||
int num_suites = 0;
|
||||
|
||||
if (ciphers & WPA_CIPHER_CCMP_256) {
|
||||
RSN_SELECTOR_PUT(pos, RSN_CIPHER_SUITE_CCMP_256);
|
||||
pos += RSN_SELECTOR_LEN;
|
||||
num_suites++;
|
||||
}
|
||||
if (ciphers & WPA_CIPHER_GCMP_256) {
|
||||
RSN_SELECTOR_PUT(pos, RSN_CIPHER_SUITE_GCMP_256);
|
||||
pos += RSN_SELECTOR_LEN;
|
||||
num_suites++;
|
||||
}
|
||||
if (ciphers & WPA_CIPHER_CCMP) {
|
||||
RSN_SELECTOR_PUT(pos, RSN_CIPHER_SUITE_CCMP);
|
||||
pos += RSN_SELECTOR_LEN;
|
||||
@ -1232,6 +1275,10 @@ int wpa_cipher_put_suites(u8 *pos, int ciphers)
|
||||
|
||||
int wpa_pick_pairwise_cipher(int ciphers, int none_allowed)
|
||||
{
|
||||
if (ciphers & WPA_CIPHER_CCMP_256)
|
||||
return WPA_CIPHER_CCMP_256;
|
||||
if (ciphers & WPA_CIPHER_GCMP_256)
|
||||
return WPA_CIPHER_GCMP_256;
|
||||
if (ciphers & WPA_CIPHER_CCMP)
|
||||
return WPA_CIPHER_CCMP;
|
||||
if (ciphers & WPA_CIPHER_GCMP)
|
||||
@ -1246,6 +1293,10 @@ int wpa_pick_pairwise_cipher(int ciphers, int none_allowed)
|
||||
|
||||
int wpa_pick_group_cipher(int ciphers)
|
||||
{
|
||||
if (ciphers & WPA_CIPHER_CCMP_256)
|
||||
return WPA_CIPHER_CCMP_256;
|
||||
if (ciphers & WPA_CIPHER_GCMP_256)
|
||||
return WPA_CIPHER_GCMP_256;
|
||||
if (ciphers & WPA_CIPHER_CCMP)
|
||||
return WPA_CIPHER_CCMP;
|
||||
if (ciphers & WPA_CIPHER_GCMP)
|
||||
@ -1280,7 +1331,11 @@ int wpa_parse_cipher(const char *value)
|
||||
end++;
|
||||
last = *end == '\0';
|
||||
*end = '\0';
|
||||
if (os_strcmp(start, "CCMP") == 0)
|
||||
if (os_strcmp(start, "CCMP-256") == 0)
|
||||
val |= WPA_CIPHER_CCMP_256;
|
||||
else if (os_strcmp(start, "GCMP-256") == 0)
|
||||
val |= WPA_CIPHER_GCMP_256;
|
||||
else if (os_strcmp(start, "CCMP") == 0)
|
||||
val |= WPA_CIPHER_CCMP;
|
||||
else if (os_strcmp(start, "GCMP") == 0)
|
||||
val |= WPA_CIPHER_GCMP;
|
||||
@ -1312,6 +1367,20 @@ int wpa_write_ciphers(char *start, char *end, int ciphers, const char *delim)
|
||||
char *pos = start;
|
||||
int ret;
|
||||
|
||||
if (ciphers & WPA_CIPHER_CCMP_256) {
|
||||
ret = os_snprintf(pos, end - pos, "%sCCMP-256",
|
||||
pos == start ? "" : delim);
|
||||
if (ret < 0 || ret >= end - pos)
|
||||
return -1;
|
||||
pos += ret;
|
||||
}
|
||||
if (ciphers & WPA_CIPHER_GCMP_256) {
|
||||
ret = os_snprintf(pos, end - pos, "%sGCMP-256",
|
||||
pos == start ? "" : delim);
|
||||
if (ret < 0 || ret >= end - pos)
|
||||
return -1;
|
||||
pos += ret;
|
||||
}
|
||||
if (ciphers & WPA_CIPHER_CCMP) {
|
||||
ret = os_snprintf(pos, end - pos, "%sCCMP",
|
||||
pos == start ? "" : delim);
|
||||
@ -1373,5 +1442,11 @@ int wpa_select_ap_group_cipher(int wpa, int wpa_pairwise, int rsn_pairwise)
|
||||
return WPA_CIPHER_TKIP;
|
||||
if ((pairwise & (WPA_CIPHER_CCMP | WPA_CIPHER_GCMP)) == WPA_CIPHER_GCMP)
|
||||
return WPA_CIPHER_GCMP;
|
||||
if ((pairwise & (WPA_CIPHER_GCMP_256 | WPA_CIPHER_CCMP |
|
||||
WPA_CIPHER_GCMP)) == WPA_CIPHER_GCMP_256)
|
||||
return WPA_CIPHER_GCMP_256;
|
||||
if ((pairwise & (WPA_CIPHER_CCMP_256 | WPA_CIPHER_CCMP |
|
||||
WPA_CIPHER_GCMP)) == WPA_CIPHER_CCMP_256)
|
||||
return WPA_CIPHER_CCMP_256;
|
||||
return WPA_CIPHER_CCMP;
|
||||
}
|
||||
|
@ -21,10 +21,11 @@
|
||||
#define WPA_GTK_MAX_LEN 32
|
||||
|
||||
#define WPA_ALLOWED_PAIRWISE_CIPHERS \
|
||||
(WPA_CIPHER_CCMP | WPA_CIPHER_GCMP | WPA_CIPHER_TKIP | WPA_CIPHER_NONE)
|
||||
(WPA_CIPHER_CCMP | WPA_CIPHER_GCMP | WPA_CIPHER_TKIP | WPA_CIPHER_NONE | \
|
||||
WPA_CIPHER_GCMP_256 | WPA_CIPHER_CCMP_256)
|
||||
#define WPA_ALLOWED_GROUP_CIPHERS \
|
||||
(WPA_CIPHER_CCMP | WPA_CIPHER_GCMP | WPA_CIPHER_TKIP | WPA_CIPHER_WEP104 | \
|
||||
WPA_CIPHER_WEP40)
|
||||
WPA_CIPHER_WEP40 | WPA_CIPHER_GCMP_256 | WPA_CIPHER_CCMP_256)
|
||||
|
||||
#define WPA_SELECTOR_LEN 4
|
||||
#define WPA_VERSION 1
|
||||
@ -60,6 +61,10 @@ WPA_CIPHER_WEP40)
|
||||
#define RSN_AUTH_KEY_MGMT_TPK_HANDSHAKE RSN_SELECTOR(0x00, 0x0f, 0xac, 7)
|
||||
#define RSN_AUTH_KEY_MGMT_SAE RSN_SELECTOR(0x00, 0x0f, 0xac, 8)
|
||||
#define RSN_AUTH_KEY_MGMT_FT_SAE RSN_SELECTOR(0x00, 0x0f, 0xac, 9)
|
||||
#define RSN_AUTH_KEY_MGMT_802_1X_SUITE_B RSN_SELECTOR(0x00, 0x0f, 0xac, 11)
|
||||
#define RSN_AUTH_KEY_MGMT_802_1X_SUITE_B_384 RSN_SELECTOR(0x00, 0x0f, 0xac, 12)
|
||||
#define RSN_AUTH_KEY_MGMT_FT_802_1X_SUITE_B_384 \
|
||||
RSN_SELECTOR(0x00, 0x0f, 0xac, 13)
|
||||
#define RSN_AUTH_KEY_MGMT_CCKM RSN_SELECTOR(0x00, 0x40, 0x96, 0x00)
|
||||
|
||||
#define RSN_CIPHER_SUITE_NONE RSN_SELECTOR(0x00, 0x0f, 0xac, 0)
|
||||
@ -75,6 +80,11 @@ WPA_CIPHER_WEP40)
|
||||
#endif /* CONFIG_IEEE80211W */
|
||||
#define RSN_CIPHER_SUITE_NO_GROUP_ADDRESSED RSN_SELECTOR(0x00, 0x0f, 0xac, 7)
|
||||
#define RSN_CIPHER_SUITE_GCMP RSN_SELECTOR(0x00, 0x0f, 0xac, 8)
|
||||
#define RSN_CIPHER_SUITE_GCMP_256 RSN_SELECTOR(0x00, 0x0f, 0xac, 9)
|
||||
#define RSN_CIPHER_SUITE_CCMP_256 RSN_SELECTOR(0x00, 0x0f, 0xac, 10)
|
||||
#define RSN_CIPHER_SUITE_BIP_GMAC_128 RSN_SELECTOR(0x00, 0x0f, 0xac, 11)
|
||||
#define RSN_CIPHER_SUITE_BIP_GMAC_256 RSN_SELECTOR(0x00, 0x0f, 0xac, 12)
|
||||
#define RSN_CIPHER_SUITE_BIP_CMAC_256 RSN_SELECTOR(0x00, 0x0f, 0xac, 13)
|
||||
|
||||
/* EAPOL-Key Key Data Encapsulation
|
||||
* GroupKey and PeerKey require encryption, otherwise, encryption is optional.
|
||||
|
@ -833,6 +833,12 @@ struct wpa_driver_capa {
|
||||
#define WPA_DRIVER_CAPA_ENC_CCMP 0x00000008
|
||||
#define WPA_DRIVER_CAPA_ENC_WEP128 0x00000010
|
||||
#define WPA_DRIVER_CAPA_ENC_GCMP 0x00000020
|
||||
#define WPA_DRIVER_CAPA_ENC_GCMP_256 0x00000040
|
||||
#define WPA_DRIVER_CAPA_ENC_CCMP_256 0x00000080
|
||||
#define WPA_DRIVER_CAPA_ENC_BIP 0x00000100
|
||||
#define WPA_DRIVER_CAPA_ENC_BIP_GMAC_128 0x00000200
|
||||
#define WPA_DRIVER_CAPA_ENC_BIP_GMAC_256 0x00000400
|
||||
#define WPA_DRIVER_CAPA_ENC_BIP_CMAC_256 0x00000800
|
||||
unsigned int enc;
|
||||
|
||||
#define WPA_DRIVER_AUTH_OPEN 0x00000001
|
||||
@ -1267,7 +1273,9 @@ struct wpa_driver_ops {
|
||||
* @priv: private driver interface data
|
||||
* @alg: encryption algorithm (%WPA_ALG_NONE, %WPA_ALG_WEP,
|
||||
* %WPA_ALG_TKIP, %WPA_ALG_CCMP, %WPA_ALG_IGTK, %WPA_ALG_PMK,
|
||||
* %WPA_ALG_GCMP);
|
||||
* %WPA_ALG_GCMP, %WPA_ALG_GCMP_256, %WPA_ALG_CCMP_256,
|
||||
* %WPA_ALG_BIP_GMAC_128, %WPA_ALG_BIP_GMAC_256,
|
||||
* %WPA_ALG_BIP_CMAC_256);
|
||||
* %WPA_ALG_NONE clears the key.
|
||||
* @addr: Address of the peer STA (BSSID of the current AP when setting
|
||||
* pairwise key in station mode), ff:ff:ff:ff:ff:ff for
|
||||
|
@ -5180,10 +5180,30 @@ static int wpa_driver_nl80211_set_key(const char *ifname, struct i802_bss *bss,
|
||||
NLA_PUT_U32(msg, NL80211_ATTR_KEY_CIPHER,
|
||||
WLAN_CIPHER_SUITE_GCMP);
|
||||
break;
|
||||
case WPA_ALG_CCMP_256:
|
||||
NLA_PUT_U32(msg, NL80211_ATTR_KEY_CIPHER,
|
||||
WLAN_CIPHER_SUITE_CCMP_256);
|
||||
break;
|
||||
case WPA_ALG_GCMP_256:
|
||||
NLA_PUT_U32(msg, NL80211_ATTR_KEY_CIPHER,
|
||||
WLAN_CIPHER_SUITE_GCMP_256);
|
||||
break;
|
||||
case WPA_ALG_IGTK:
|
||||
NLA_PUT_U32(msg, NL80211_ATTR_KEY_CIPHER,
|
||||
WLAN_CIPHER_SUITE_AES_CMAC);
|
||||
break;
|
||||
case WPA_ALG_BIP_GMAC_128:
|
||||
NLA_PUT_U32(msg, NL80211_ATTR_KEY_CIPHER,
|
||||
WLAN_CIPHER_SUITE_BIP_GMAC_128);
|
||||
break;
|
||||
case WPA_ALG_BIP_GMAC_256:
|
||||
NLA_PUT_U32(msg, NL80211_ATTR_KEY_CIPHER,
|
||||
WLAN_CIPHER_SUITE_BIP_GMAC_256);
|
||||
break;
|
||||
case WPA_ALG_BIP_CMAC_256:
|
||||
NLA_PUT_U32(msg, NL80211_ATTR_KEY_CIPHER,
|
||||
WLAN_CIPHER_SUITE_BIP_CMAC_256);
|
||||
break;
|
||||
case WPA_ALG_SMS4:
|
||||
NLA_PUT_U32(msg, NL80211_ATTR_KEY_CIPHER,
|
||||
WLAN_CIPHER_SUITE_SMS4);
|
||||
@ -5320,10 +5340,30 @@ static int nl_add_key(struct nl_msg *msg, enum wpa_alg alg,
|
||||
case WPA_ALG_GCMP:
|
||||
NLA_PUT_U32(msg, NL80211_KEY_CIPHER, WLAN_CIPHER_SUITE_GCMP);
|
||||
break;
|
||||
case WPA_ALG_CCMP_256:
|
||||
NLA_PUT_U32(msg, NL80211_KEY_CIPHER,
|
||||
WLAN_CIPHER_SUITE_CCMP_256);
|
||||
break;
|
||||
case WPA_ALG_GCMP_256:
|
||||
NLA_PUT_U32(msg, NL80211_KEY_CIPHER,
|
||||
WLAN_CIPHER_SUITE_GCMP_256);
|
||||
break;
|
||||
case WPA_ALG_IGTK:
|
||||
NLA_PUT_U32(msg, NL80211_KEY_CIPHER,
|
||||
WLAN_CIPHER_SUITE_AES_CMAC);
|
||||
break;
|
||||
case WPA_ALG_BIP_GMAC_128:
|
||||
NLA_PUT_U32(msg, NL80211_KEY_CIPHER,
|
||||
WLAN_CIPHER_SUITE_BIP_GMAC_128);
|
||||
break;
|
||||
case WPA_ALG_BIP_GMAC_256:
|
||||
NLA_PUT_U32(msg, NL80211_KEY_CIPHER,
|
||||
WLAN_CIPHER_SUITE_BIP_GMAC_256);
|
||||
break;
|
||||
case WPA_ALG_BIP_CMAC_256:
|
||||
NLA_PUT_U32(msg, NL80211_KEY_CIPHER,
|
||||
WLAN_CIPHER_SUITE_BIP_CMAC_256);
|
||||
break;
|
||||
default:
|
||||
wpa_printf(MSG_ERROR, "%s: Unsupported encryption "
|
||||
"algorithm %d", __func__, alg);
|
||||
@ -6747,6 +6787,10 @@ static int wpa_driver_nl80211_set_ap(void *priv,
|
||||
wpa_printf(MSG_DEBUG, "nl80211: pairwise_ciphers=0x%x",
|
||||
params->pairwise_ciphers);
|
||||
num_suites = 0;
|
||||
if (params->pairwise_ciphers & WPA_CIPHER_CCMP_256)
|
||||
suites[num_suites++] = WLAN_CIPHER_SUITE_CCMP_256;
|
||||
if (params->pairwise_ciphers & WPA_CIPHER_GCMP_256)
|
||||
suites[num_suites++] = WLAN_CIPHER_SUITE_GCMP_256;
|
||||
if (params->pairwise_ciphers & WPA_CIPHER_CCMP)
|
||||
suites[num_suites++] = WLAN_CIPHER_SUITE_CCMP;
|
||||
if (params->pairwise_ciphers & WPA_CIPHER_GCMP)
|
||||
@ -6765,6 +6809,14 @@ static int wpa_driver_nl80211_set_ap(void *priv,
|
||||
wpa_printf(MSG_DEBUG, "nl80211: group_cipher=0x%x",
|
||||
params->group_cipher);
|
||||
switch (params->group_cipher) {
|
||||
case WPA_CIPHER_CCMP_256:
|
||||
NLA_PUT_U32(msg, NL80211_ATTR_CIPHER_SUITE_GROUP,
|
||||
WLAN_CIPHER_SUITE_CCMP_256);
|
||||
break;
|
||||
case WPA_CIPHER_GCMP_256:
|
||||
NLA_PUT_U32(msg, NL80211_ATTR_CIPHER_SUITE_GROUP,
|
||||
WLAN_CIPHER_SUITE_GCMP_256);
|
||||
break;
|
||||
case WPA_CIPHER_CCMP:
|
||||
NLA_PUT_U32(msg, NL80211_ATTR_CIPHER_SUITE_GROUP,
|
||||
WLAN_CIPHER_SUITE_CCMP);
|
||||
@ -8129,6 +8181,12 @@ skip_auth_type:
|
||||
case CIPHER_GCMP:
|
||||
cipher = WLAN_CIPHER_SUITE_GCMP;
|
||||
break;
|
||||
case CIPHER_CCMP_256:
|
||||
cipher = WLAN_CIPHER_SUITE_CCMP_256;
|
||||
break;
|
||||
case CIPHER_GCMP_256:
|
||||
cipher = WLAN_CIPHER_SUITE_GCMP_256;
|
||||
break;
|
||||
case CIPHER_TKIP:
|
||||
default:
|
||||
cipher = WLAN_CIPHER_SUITE_TKIP;
|
||||
@ -8156,6 +8214,12 @@ skip_auth_type:
|
||||
case CIPHER_GCMP:
|
||||
cipher = WLAN_CIPHER_SUITE_GCMP;
|
||||
break;
|
||||
case CIPHER_CCMP_256:
|
||||
cipher = WLAN_CIPHER_SUITE_CCMP_256;
|
||||
break;
|
||||
case CIPHER_GCMP_256:
|
||||
cipher = WLAN_CIPHER_SUITE_GCMP_256;
|
||||
break;
|
||||
case CIPHER_TKIP:
|
||||
default:
|
||||
cipher = WLAN_CIPHER_SUITE_TKIP;
|
||||
@ -8347,6 +8411,12 @@ static int wpa_driver_nl80211_associate(
|
||||
case CIPHER_GCMP:
|
||||
cipher = WLAN_CIPHER_SUITE_GCMP;
|
||||
break;
|
||||
case CIPHER_CCMP_256:
|
||||
cipher = WLAN_CIPHER_SUITE_CCMP_256;
|
||||
break;
|
||||
case CIPHER_GCMP_256:
|
||||
cipher = WLAN_CIPHER_SUITE_GCMP_256;
|
||||
break;
|
||||
case CIPHER_TKIP:
|
||||
default:
|
||||
cipher = WLAN_CIPHER_SUITE_TKIP;
|
||||
@ -8372,6 +8442,12 @@ static int wpa_driver_nl80211_associate(
|
||||
case CIPHER_GCMP:
|
||||
cipher = WLAN_CIPHER_SUITE_GCMP;
|
||||
break;
|
||||
case CIPHER_CCMP_256:
|
||||
cipher = WLAN_CIPHER_SUITE_CCMP_256;
|
||||
break;
|
||||
case CIPHER_GCMP_256:
|
||||
cipher = WLAN_CIPHER_SUITE_GCMP_256;
|
||||
break;
|
||||
case CIPHER_TKIP:
|
||||
default:
|
||||
cipher = WLAN_CIPHER_SUITE_TKIP;
|
||||
|
@ -276,7 +276,9 @@ static int wpa_supplicant_conf_ap(struct wpa_supplicant *wpa_s,
|
||||
|
||||
if (bss->wpa_group_rekey < 86400 && (bss->wpa & 2) &&
|
||||
(bss->wpa_group == WPA_CIPHER_CCMP ||
|
||||
bss->wpa_group == WPA_CIPHER_GCMP)) {
|
||||
bss->wpa_group == WPA_CIPHER_GCMP ||
|
||||
bss->wpa_group == WPA_CIPHER_CCMP_256 ||
|
||||
bss->wpa_group == WPA_CIPHER_GCMP_256)) {
|
||||
/*
|
||||
* Strong ciphers do not need frequent rekeying, so increase
|
||||
* the default GTK rekeying period to 24 hours.
|
||||
|
@ -2678,6 +2678,24 @@ static int ctrl_iface_get_capability_pairwise(int res, char *strict,
|
||||
return len;
|
||||
}
|
||||
|
||||
if (capa->enc & WPA_DRIVER_CAPA_ENC_CCMP_256) {
|
||||
ret = os_snprintf(pos, end - pos, "%sCCMP-256",
|
||||
first ? "" : " ");
|
||||
if (ret < 0 || ret >= end - pos)
|
||||
return pos - buf;
|
||||
pos += ret;
|
||||
first = 0;
|
||||
}
|
||||
|
||||
if (capa->enc & WPA_DRIVER_CAPA_ENC_GCMP_256) {
|
||||
ret = os_snprintf(pos, end - pos, "%sGCMP-256",
|
||||
first ? "" : " ");
|
||||
if (ret < 0 || ret >= end - pos)
|
||||
return pos - buf;
|
||||
pos += ret;
|
||||
first = 0;
|
||||
}
|
||||
|
||||
if (capa->enc & WPA_DRIVER_CAPA_ENC_CCMP) {
|
||||
ret = os_snprintf(pos, end - pos, "%sCCMP", first ? "" : " ");
|
||||
if (ret < 0 || ret >= end - pos)
|
||||
@ -2734,6 +2752,24 @@ static int ctrl_iface_get_capability_group(int res, char *strict,
|
||||
return len;
|
||||
}
|
||||
|
||||
if (capa->enc & WPA_DRIVER_CAPA_ENC_CCMP_256) {
|
||||
ret = os_snprintf(pos, end - pos, "%sCCMP-256",
|
||||
first ? "" : " ");
|
||||
if (ret < 0 || ret >= end - pos)
|
||||
return pos - buf;
|
||||
pos += ret;
|
||||
first = 0;
|
||||
}
|
||||
|
||||
if (capa->enc & WPA_DRIVER_CAPA_ENC_GCMP_256) {
|
||||
ret = os_snprintf(pos, end - pos, "%sGCMP-256",
|
||||
first ? "" : " ");
|
||||
if (ret < 0 || ret >= end - pos)
|
||||
return pos - buf;
|
||||
pos += ret;
|
||||
first = 0;
|
||||
}
|
||||
|
||||
if (capa->enc & WPA_DRIVER_CAPA_ENC_CCMP) {
|
||||
ret = os_snprintf(pos, end - pos, "%sCCMP", first ? "" : " ");
|
||||
if (ret < 0 || ret >= end - pos)
|
||||
|
@ -2260,6 +2260,18 @@ dbus_bool_t wpas_dbus_getter_capabilities(DBusMessageIter *iter,
|
||||
&iter_array))
|
||||
goto nomem;
|
||||
|
||||
if (capa.enc & WPA_DRIVER_CAPA_ENC_CCMP_256) {
|
||||
if (!wpa_dbus_dict_string_array_add_element(
|
||||
&iter_array, "ccmp-256"))
|
||||
goto nomem;
|
||||
}
|
||||
|
||||
if (capa.enc & WPA_DRIVER_CAPA_ENC_GCMP_256) {
|
||||
if (!wpa_dbus_dict_string_array_add_element(
|
||||
&iter_array, "gcmp-256"))
|
||||
goto nomem;
|
||||
}
|
||||
|
||||
if (capa.enc & WPA_DRIVER_CAPA_ENC_CCMP) {
|
||||
if (!wpa_dbus_dict_string_array_add_element(
|
||||
&iter_array, "ccmp"))
|
||||
@ -2307,6 +2319,18 @@ dbus_bool_t wpas_dbus_getter_capabilities(DBusMessageIter *iter,
|
||||
&iter_array))
|
||||
goto nomem;
|
||||
|
||||
if (capa.enc & WPA_DRIVER_CAPA_ENC_CCMP_256) {
|
||||
if (!wpa_dbus_dict_string_array_add_element(
|
||||
&iter_array, "ccmp-256"))
|
||||
goto nomem;
|
||||
}
|
||||
|
||||
if (capa.enc & WPA_DRIVER_CAPA_ENC_GCMP_256) {
|
||||
if (!wpa_dbus_dict_string_array_add_element(
|
||||
&iter_array, "gcmp-256"))
|
||||
goto nomem;
|
||||
}
|
||||
|
||||
if (capa.enc & WPA_DRIVER_CAPA_ENC_CCMP) {
|
||||
if (!wpa_dbus_dict_string_array_add_element(
|
||||
&iter_array, "ccmp"))
|
||||
@ -3601,7 +3625,7 @@ static dbus_bool_t wpas_dbus_get_bss_security_prop(DBusMessageIter *iter,
|
||||
{
|
||||
DBusMessageIter iter_dict, variant_iter;
|
||||
const char *group;
|
||||
const char *pairwise[3]; /* max 3 pairwise ciphers is supported */
|
||||
const char *pairwise[5]; /* max 5 pairwise ciphers is supported */
|
||||
const char *key_mgmt[7]; /* max 7 key managements may be supported */
|
||||
int n;
|
||||
|
||||
@ -3650,6 +3674,12 @@ static dbus_bool_t wpas_dbus_get_bss_security_prop(DBusMessageIter *iter,
|
||||
case WPA_CIPHER_WEP104:
|
||||
group = "wep104";
|
||||
break;
|
||||
case WPA_CIPHER_CCMP_256:
|
||||
group = "ccmp-256";
|
||||
break;
|
||||
case WPA_CIPHER_GCMP_256:
|
||||
group = "gcmp-256";
|
||||
break;
|
||||
default:
|
||||
group = "";
|
||||
break;
|
||||
@ -3666,6 +3696,10 @@ static dbus_bool_t wpas_dbus_get_bss_security_prop(DBusMessageIter *iter,
|
||||
pairwise[n++] = "ccmp";
|
||||
if (ie_data->pairwise_cipher & WPA_CIPHER_GCMP)
|
||||
pairwise[n++] = "gcmp";
|
||||
if (ie_data->pairwise_cipher & WPA_CIPHER_CCMP_256)
|
||||
pairwise[n++] = "ccmp-256";
|
||||
if (ie_data->pairwise_cipher & WPA_CIPHER_GCMP_256)
|
||||
pairwise[n++] = "gcmp-256";
|
||||
|
||||
if (!wpa_dbus_dict_append_string_array(&iter_dict, "Pairwise",
|
||||
pairwise, n))
|
||||
|
Loading…
Reference in New Issue
Block a user