mac80211: 802.11w - WEXT configuration for IGTK

Added new SIOCSIWENCODEEXT algorithm for configuring BIP (AES-CMAC)
keys (IGTK).

Signed-off-by: Jouni Malinen <j@w1.fi>
Acked-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
This commit is contained in:
Jouni Malinen 2009-01-08 13:32:04 +02:00 committed by John W. Linville
parent 54604d3a82
commit 22787dbaa3
2 changed files with 49 additions and 14 deletions

View File

@ -615,6 +615,7 @@
#define IW_ENCODE_ALG_TKIP 2 #define IW_ENCODE_ALG_TKIP 2
#define IW_ENCODE_ALG_CCMP 3 #define IW_ENCODE_ALG_CCMP 3
#define IW_ENCODE_ALG_PMK 4 #define IW_ENCODE_ALG_PMK 4
#define IW_ENCODE_ALG_AES_CMAC 5
/* struct iw_encode_ext ->ext_flags */ /* struct iw_encode_ext ->ext_flags */
#define IW_ENCODE_EXT_TX_SEQ_VALID 0x00000001 #define IW_ENCODE_EXT_TX_SEQ_VALID 0x00000001
#define IW_ENCODE_EXT_RX_SEQ_VALID 0x00000002 #define IW_ENCODE_EXT_RX_SEQ_VALID 0x00000002

View File

@ -37,7 +37,14 @@ static int ieee80211_set_encryption(struct ieee80211_sub_if_data *sdata, u8 *sta
struct ieee80211_key *key; struct ieee80211_key *key;
int err; int err;
if (idx < 0 || idx >= NUM_DEFAULT_KEYS) { if (alg == ALG_AES_CMAC) {
if (idx < NUM_DEFAULT_KEYS ||
idx >= NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS) {
printk(KERN_DEBUG "%s: set_encrypt - invalid idx=%d "
"(BIP)\n", sdata->dev->name, idx);
return -EINVAL;
}
} else if (idx < 0 || idx >= NUM_DEFAULT_KEYS) {
printk(KERN_DEBUG "%s: set_encrypt - invalid idx=%d\n", printk(KERN_DEBUG "%s: set_encrypt - invalid idx=%d\n",
sdata->dev->name, idx); sdata->dev->name, idx);
return -EINVAL; return -EINVAL;
@ -103,6 +110,9 @@ static int ieee80211_set_encryption(struct ieee80211_sub_if_data *sdata, u8 *sta
if (set_tx_key || (!sta && !sdata->default_key && key)) if (set_tx_key || (!sta && !sdata->default_key && key))
ieee80211_set_default_key(sdata, idx); ieee80211_set_default_key(sdata, idx);
if (alg == ALG_AES_CMAC &&
(set_tx_key || (!sta && !sdata->default_mgmt_key && key)))
ieee80211_set_default_mgmt_key(sdata, idx);
} }
out_unlock: out_unlock:
@ -1048,6 +1058,9 @@ static int ieee80211_ioctl_siwencodeext(struct net_device *dev,
case IW_ENCODE_ALG_CCMP: case IW_ENCODE_ALG_CCMP:
alg = ALG_CCMP; alg = ALG_CCMP;
break; break;
case IW_ENCODE_ALG_AES_CMAC:
alg = ALG_AES_CMAC;
break;
default: default:
return -EOPNOTSUPP; return -EOPNOTSUPP;
} }
@ -1056,20 +1069,41 @@ static int ieee80211_ioctl_siwencodeext(struct net_device *dev,
remove = 1; remove = 1;
idx = erq->flags & IW_ENCODE_INDEX; idx = erq->flags & IW_ENCODE_INDEX;
if (idx < 1 || idx > 4) { if (alg == ALG_AES_CMAC) {
idx = -1; if (idx < NUM_DEFAULT_KEYS + 1 ||
if (!sdata->default_key) idx > NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS) {
idx = 0; idx = -1;
else for (i = 0; i < NUM_DEFAULT_KEYS; i++) { if (!sdata->default_mgmt_key)
if (sdata->default_key == sdata->keys[i]) { idx = 0;
idx = i; else for (i = NUM_DEFAULT_KEYS;
break; i < NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS;
i++) {
if (sdata->default_mgmt_key == sdata->keys[i])
{
idx = i;
break;
}
} }
} if (idx < 0)
if (idx < 0) return -EINVAL;
return -EINVAL; } else
} else idx--;
idx--; } else {
if (idx < 1 || idx > 4) {
idx = -1;
if (!sdata->default_key)
idx = 0;
else for (i = 0; i < NUM_DEFAULT_KEYS; i++) {
if (sdata->default_key == sdata->keys[i]) {
idx = i;
break;
}
}
if (idx < 0)
return -EINVAL;
} else
idx--;
}
return ieee80211_set_encryption(sdata, ext->addr.sa_data, idx, alg, return ieee80211_set_encryption(sdata, ext->addr.sa_data, idx, alg,
remove, remove,