[v6,06/17] wpa_supplicant: Set the correct key_type for key installs
diff mbox series

Message ID 20190915200837.196283-7-alexander@wetzel-home.de
State Under Review
Headers show
Series
  • Support seamless PTK rekeys with Extended Key ID
Related show

Commit Message

Alexander Wetzel Sept. 15, 2019, 8:08 p.m. UTC
In addition to the set_key boolean this also sets the corresponding
new variable key_type for all key installs.

Till set_tx is dropped drivers can use either set_tx or key_flag,
allowing to seamless migrate to key_flag.

Signed-off-by: Alexander Wetzel <alexander@wetzel-home.de>
---
 src/rsn_supp/tdls.c             |  7 ++++---
 src/rsn_supp/wpa.c              | 12 +++++++-----
 src/rsn_supp/wpa_ft.c           | 11 ++++++-----
 wpa_supplicant/ctrl_iface.c     | 25 ++++++++++++++++---------
 wpa_supplicant/ibss_rsn.c       |  2 +-
 wpa_supplicant/mesh_mpm.c       |  6 +++---
 wpa_supplicant/mesh_rsn.c       |  5 +++--
 wpa_supplicant/wpa_supplicant.c | 11 +++++++----
 wpa_supplicant/wpas_glue.c      |  5 +++--
 9 files changed, 50 insertions(+), 34 deletions(-)

Comments

Jouni Malinen Sept. 20, 2019, 1:13 p.m. UTC | #1
On Sun, Sep 15, 2019 at 10:08:26PM +0200, Alexander Wetzel wrote:
> diff --git a/wpa_supplicant/wpa_supplicant.c b/wpa_supplicant/wpa_supplicant.c
> @@ -200,7 +202,8 @@ int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
>  	/* TODO: should actually remember the previously used seq#, both for TX
>  	 * and RX from each STA.. */
>  
> -	ret = wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen, 0);
> +	ret = wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen,
> +			      KEY_TYPE_BROADCAST);

Is this really KEY_TYPE_BROADCAST instead of KEY_TYPE_DEFAULT? As noted
in the beginning of this function, only one key is used for both
receiving and sending unicast and multicast frames.

> diff --git a/wpa_supplicant/wpas_glue.c b/wpa_supplicant/wpas_glue.c
> @@ -341,7 +342,7 @@ static void wpa_supplicant_eapol_cb(struct eapol_sm *eapol,
>  			"handshake", pmk, pmk_len);
>  
>  	if (wpa_drv_set_key(wpa_s, WPA_ALG_PMK, NULL, 0, 0, NULL, 0, pmk,
> -			    pmk_len, 0)) {
> +			    pmk_len, KEY_TYPE_BROADCAST)) {

WPA_ALG_PMK is not for a cipher, it is for offloading 4-way handshake to
the driver. As such, KEY_TYPE_BROADCAST looks strange here. Maybe we
should have KEY_TYPE_OTHER (etc.) for this special case(?)
Alexander Wetzel Sept. 20, 2019, 2:37 p.m. UTC | #2
Am 20.09.19 um 15:13 schrieb Jouni Malinen:
> On Sun, Sep 15, 2019 at 10:08:26PM +0200, Alexander Wetzel wrote:
>> diff --git a/wpa_supplicant/wpa_supplicant.c b/wpa_supplicant/wpa_supplicant.c
>> @@ -200,7 +202,8 @@ int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
>>   	/* TODO: should actually remember the previously used seq#, both for TX
>>   	 * and RX from each STA.. */
>>   
>> -	ret = wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen, 0);
>> +	ret = wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen,
>> +			      KEY_TYPE_BROADCAST);
> 
> Is this really KEY_TYPE_BROADCAST instead of KEY_TYPE_DEFAULT? As noted
> in the beginning of this function, only one key is used for both
> receiving and sending unicast and multicast frames.

We are deleting a key. KEY_TYPE_DEFAULT is basically just used to make a 
broadcast key also to the default key. (Kind like an upgrade...)

But a deleted key can't be used for default... I tried to document that 
KEY_TYPE_DEFAULT is not valid for key deletions in the key_type 
comments. Can't rule out that we have to update any other section when 
starting to use KEY_TYPE_DEFAULT but it could even work as it is, I think.

> 
>> diff --git a/wpa_supplicant/wpas_glue.c b/wpa_supplicant/wpas_glue.c
>> @@ -341,7 +342,7 @@ static void wpa_supplicant_eapol_cb(struct eapol_sm *eapol,
>>   			"handshake", pmk, pmk_len);
>>   
>>   	if (wpa_drv_set_key(wpa_s, WPA_ALG_PMK, NULL, 0, 0, NULL, 0, pmk,
>> -			    pmk_len, 0)) {
>> +			    pmk_len, KEY_TYPE_BROADCAST)) {
> 
> WPA_ALG_PMK is not for a cipher, it is for offloading 4-way handshake to
> the driver. As such, KEY_TYPE_BROADCAST looks strange here. Maybe we
> should have KEY_TYPE_OTHER (etc.) for this special case(?)
> 

You are right. I catched that in wpa_supplicant_key_mgmt_set_pmk() but 
missed it in the code above.
For wpa_supplicant_key_mgmt_set_pmk() I was also thinking about adding 
an additional key type but in the end just decided to use "0" instead of 
"KEY_TYPE_BROADCAST" - which of course also is 0. KEY_TYPE_OTHER or - we 
have more than enough space in the enum - even a dedicated KEY_TYPE_PMK 
- are the other options and any of them are fine for me.

Alexander
Alexander Wetzel Sept. 23, 2019, 8:06 p.m. UTC | #3
Am 20.09.19 um 16:37 schrieb Alexander Wetzel:
> Am 20.09.19 um 15:13 schrieb Jouni Malinen:
>> On Sun, Sep 15, 2019 at 10:08:26PM +0200, Alexander Wetzel wrote:
>>> diff --git a/wpa_supplicant/wpa_supplicant.c 
>>> b/wpa_supplicant/wpa_supplicant.c
>>> @@ -200,7 +202,8 @@ int wpa_supplicant_set_wpa_none_key(struct 
>>> wpa_supplicant *wpa_s,
>>>       /* TODO: should actually remember the previously used seq#, 
>>> both for TX
>>>        * and RX from each STA.. */
>>> -    ret = wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, 
>>> keylen, 0);
>>> +    ret = wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen,
>>> +                  KEY_TYPE_BROADCAST);
>>
>> Is this really KEY_TYPE_BROADCAST instead of KEY_TYPE_DEFAULT? As noted
>> in the beginning of this function, only one key is used for both
>> receiving and sending unicast and multicast frames.
> 
> We are deleting a key. KEY_TYPE_DEFAULT is basically just used to make a 
> broadcast key also to the default key. (Kind like an upgrade...)
> 
That is of course wrong. We are not deleting a key here...

Looking at the function again I have to agree hat KEY_TYPE_DEFAULT 
indeed looks better here. But so far I've only studied the "modern" 
parts of 802.11 and I
With the existing logic of the patches it drills down again to the 
question: Do we have to install the key also as a default key?

I'll try to look into that, probably at the weekend. (First have to find 
that mode of operation in the standard...)
Alexander Wetzel Sept. 28, 2019, 4:44 p.m. UTC | #4
Am 23.09.19 um 22:06 schrieb Alexander Wetzel:
> Am 20.09.19 um 16:37 schrieb Alexander Wetzel:
>> Am 20.09.19 um 15:13 schrieb Jouni Malinen:
>>> On Sun, Sep 15, 2019 at 10:08:26PM +0200, Alexander Wetzel wrote:
>>>> diff --git a/wpa_supplicant/wpa_supplicant.c 
>>>> b/wpa_supplicant/wpa_supplicant.c
>>>> @@ -200,7 +202,8 @@ int wpa_supplicant_set_wpa_none_key(struct 
>>>> wpa_supplicant *wpa_s,
>>>>       /* TODO: should actually remember the previously used seq#, 
>>>> both for TX
>>>>        * and RX from each STA.. */
>>>> -    ret = wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, 
>>>> keylen, 0);
>>>> +    ret = wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen,
>>>> +                  KEY_TYPE_BROADCAST);
>>>
>>> Is this really KEY_TYPE_BROADCAST instead of KEY_TYPE_DEFAULT? As noted
>>> in the beginning of this function, only one key is used for both
>>> receiving and sending unicast and multicast frames.

< deleted some incorrect feedback and the correction of it >

> Looking at the function again I have to agree hat KEY_TYPE_DEFAULT 
> indeed looks better here. But so far I've only studied the "modern" 
> parts of 802.11 and I
> With the existing logic of the patches it drills down again to the 
> question: Do we have to install the key also as a default key?

The answer is no.

> I'll try to look into that, probably at the weekend. (First have to find 
> that mode of operation in the standard...)

WPA-None was something never standardized. But based on the logic we 
must use KEY_TYPE_DEFAULT here.

But mac80211 is actively limiting the default key to WEP: The ibss 
checks for that therefore just skip over the errors.
So while the code here should now be correct when using KEY_TYPE_DEFAULT 
and still work with non-mac80211 drivers I assume the complete WPA-None 
method is deprecated.
Changing mac80211 to support an insecure non-standard outdated and 
probably unused ibss mode is for sure nothing anyone has a interest in.


Alexander
Johannes Berg Sept. 28, 2019, 6:42 p.m. UTC | #5
On Sat, 2019-09-28 at 18:44 +0200, Alexander Wetzel wrote:
> 
> > I'll try to look into that, probably at the weekend. (First have to find 
> > that mode of operation in the standard...)
> 
> WPA-None was something never standardized. But based on the logic we 
> must use KEY_TYPE_DEFAULT here.
> 
> But mac80211 is actively limiting the default key to WEP: The ibss 
> checks for that therefore just skip over the errors.
> So while the code here should now be correct when using KEY_TYPE_DEFAULT 
> and still work with non-mac80211 drivers I assume the complete WPA-None 
> method is deprecated.

Yeah, I'm pretty sure WPA-NONE never worked on mac80211.

Even on other cfg80211 drivers I'd think it cannot work.

johannes

Patch
diff mbox series

diff --git a/src/rsn_supp/tdls.c b/src/rsn_supp/tdls.c
index 28048d9fc..348c491be 100644
--- a/src/rsn_supp/tdls.c
+++ b/src/rsn_supp/tdls.c
@@ -178,7 +178,7 @@  static u8 * wpa_add_ie(u8 *pos, const u8 *ie, size_t ie_len)
 static int wpa_tdls_del_key(struct wpa_sm *sm, struct wpa_tdls_peer *peer)
 {
 	if (wpa_sm_set_key(sm, WPA_ALG_NONE, peer->addr,
-			   0, 0, NULL, 0, NULL, 0, 0) < 0) {
+			   0, 0, NULL, 0, NULL, 0, KEY_TYPE_PAIRWISE) < 0) {
 		wpa_printf(MSG_WARNING, "TDLS: Failed to delete TPK-TK from "
 			   "the driver");
 		return -1;
@@ -228,7 +228,7 @@  static int wpa_tdls_set_key(struct wpa_sm *sm, struct wpa_tdls_peer *peer)
 	wpa_printf(MSG_DEBUG, "TDLS: Configure pairwise key for peer " MACSTR,
 		   MAC2STR(peer->addr));
 	if (wpa_sm_set_key(sm, alg, peer->addr, -1, 1, rsc, sizeof(rsc),
-			   peer->tpk.tk, key_len, 0) < 0) {
+			   peer->tpk.tk, key_len, KEY_TYPE_PAIRWISE) < 0) {
 		wpa_printf(MSG_WARNING, "TDLS: Failed to set TPK to the "
 			   "driver");
 		return -1;
@@ -2167,7 +2167,8 @@  static int wpa_tdls_enable_link(struct wpa_sm *sm, struct wpa_tdls_peer *peer)
 #endif /* CONFIG_TDLS_TESTING */
 	}
 
-	if (peer->reconfig_key && wpa_tdls_set_key(sm, peer) < 0) {
+	if (peer->reconfig_key &&
+	    wpa_tdls_set_key(sm, peer) < 0) {
 		wpa_printf(MSG_INFO, "TDLS: Could not configure key to the "
 			   "driver");
 		return -1;
diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c
index c9161b5c7..92bfb2cc7 100644
--- a/src/rsn_supp/wpa.c
+++ b/src/rsn_supp/wpa.c
@@ -920,7 +920,7 @@  static int wpa_supplicant_install_gtk(struct wpa_sm *sm,
 	if (sm->pairwise_cipher == WPA_CIPHER_NONE) {
 		if (wpa_sm_set_key(sm, gd->alg, NULL,
 				   gd->keyidx, 1, key_rsc, gd->key_rsc_len,
-				   _gtk, gd->gtk_len, 0) < 0) {
+				   _gtk, gd->gtk_len, KEY_TYPE_BROADCAST) < 0) {
 			wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
 				"WPA: Failed to set GTK to the driver "
 				"(Group only)");
@@ -929,7 +929,9 @@  static int wpa_supplicant_install_gtk(struct wpa_sm *sm,
 		}
 	} else if (wpa_sm_set_key(sm, gd->alg, broadcast_ether_addr,
 				  gd->keyidx, gd->tx, key_rsc, gd->key_rsc_len,
-				  _gtk, gd->gtk_len, 0) < 0) {
+				  _gtk, gd->gtk_len,
+				  gd->tx ? KEY_TYPE_DEFAULT :
+				  KEY_TYPE_BROADCAST) < 0) {
 		wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
 			"WPA: Failed to set GTK to "
 			"the driver (alg=%d keylen=%d keyidx=%d)",
@@ -1083,7 +1085,7 @@  static int wpa_supplicant_install_igtk(struct wpa_sm *sm,
 	if (wpa_sm_set_key(sm, wpa_cipher_to_alg(sm->mgmt_group_cipher),
 			   broadcast_ether_addr,
 			   keyidx, 0, igtk->pn, sizeof(igtk->pn),
-			   igtk->igtk, len, 0) < 0) {
+			   igtk->igtk, len, KEY_TYPE_BROADCAST) < 0) {
 		if (keyidx == 0x0400 || keyidx == 0x0500) {
 			/* Assume the AP has broken PMF implementation since it
 			 * seems to have swapped the KeyID bytes. The AP cannot
@@ -1525,7 +1527,7 @@  static void wpa_supplicant_process_3_of_4(struct wpa_sm *sm,
 	sm->renew_snonce = 1;
 
 	if (key_info & WPA_KEY_INFO_INSTALL) {
-		if (wpa_supplicant_install_ptk(sm, key, 0))
+		if (wpa_supplicant_install_ptk(sm, key, KEY_TYPE_PAIRWISE))
 			goto failed;
 	}
 
@@ -4432,7 +4434,7 @@  int fils_process_assoc_resp(struct wpa_sm *sm, const u8 *resp, size_t len)
 	wpa_hexdump_key(MSG_DEBUG, "FILS: Set TK to driver",
 			sm->ptk.tk, keylen);
 	if (wpa_sm_set_key(sm, alg, sm->bssid, 0, 1, null_rsc, rsclen,
-			   sm->ptk.tk, keylen, 0) < 0) {
+			   sm->ptk.tk, keylen, KEY_TYPE_PAIRWISE) < 0) {
 		wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
 			"FILS: Failed to set PTK to the driver (alg=%d keylen=%d bssid="
 			MACSTR ")",
diff --git a/src/rsn_supp/wpa_ft.c b/src/rsn_supp/wpa_ft.c
index 9b081111a..06cfaa36e 100644
--- a/src/rsn_supp/wpa_ft.c
+++ b/src/rsn_supp/wpa_ft.c
@@ -407,9 +407,8 @@  static int wpa_ft_install_ptk(struct wpa_sm *sm, const u8 *bssid)
 	alg = wpa_cipher_to_alg(sm->pairwise_cipher);
 	keylen = wpa_cipher_key_len(sm->pairwise_cipher);
 
-	if (wpa_sm_set_key(sm, alg, bssid, 0, 1, null_rsc,
-			   sizeof(null_rsc), (u8 *) sm->ptk.tk, keylen,
-			   0) < 0) {
+	if (wpa_sm_set_key(sm, alg, bssid, 0, 1, null_rsc, sizeof(null_rsc),
+			   (u8 *) sm->ptk.tk, keylen, KEY_TYPE_PAIRWISE) < 0) {
 		wpa_printf(MSG_WARNING, "FT: Failed to set PTK to the driver");
 		return -1;
 	}
@@ -759,7 +758,8 @@  static int wpa_ft_process_gtk_subelem(struct wpa_sm *sm, const u8 *gtk_elem,
 		os_memcpy(gtk + 24, tmp, 8);
 	}
 	if (wpa_sm_set_key(sm, alg, broadcast_ether_addr, keyidx, 0,
-			   gtk_elem + 3, rsc_len, gtk, keylen, 0) < 0) {
+			   gtk_elem + 3, rsc_len, gtk, keylen,
+			   KEY_TYPE_BROADCAST) < 0) {
 		wpa_printf(MSG_WARNING, "WPA: Failed to set GTK to the "
 			   "driver.");
 		return -1;
@@ -826,7 +826,8 @@  static int wpa_ft_process_igtk_subelem(struct wpa_sm *sm, const u8 *igtk_elem,
 			igtk_len);
 	if (wpa_sm_set_key(sm, wpa_cipher_to_alg(sm->mgmt_group_cipher),
 			   broadcast_ether_addr, keyidx, 0,
-			   igtk_elem + 2, 6, igtk, igtk_len, 0) < 0) {
+			   igtk_elem + 2, 6, igtk, igtk_len,
+			   KEY_TYPE_BROADCAST) < 0) {
 		wpa_printf(MSG_WARNING, "WPA: Failed to set IGTK to the "
 			   "driver.");
 		forced_memzero(igtk, sizeof(igtk));
diff --git a/wpa_supplicant/ctrl_iface.c b/wpa_supplicant/ctrl_iface.c
index 58af9826d..8a18533f3 100644
--- a/wpa_supplicant/ctrl_iface.c
+++ b/wpa_supplicant/ctrl_iface.c
@@ -5237,15 +5237,21 @@  static void wpa_supplicant_ctrl_iface_drop_sa(struct wpa_supplicant *wpa_s)
 {
 	wpa_printf(MSG_DEBUG, "Dropping SA without deauthentication");
 	/* MLME-DELETEKEYS.request */
-	wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 0, 0, NULL, 0, NULL, 0, 0);
-	wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 1, 0, NULL, 0, NULL, 0, 0);
-	wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 2, 0, NULL, 0, NULL, 0, 0);
-	wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 3, 0, NULL, 0, NULL, 0, 0);
-	wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 4, 0, NULL, 0, NULL, 0, 0);
-	wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 5, 0, NULL, 0, NULL, 0, 0);
+	wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 0, 0, NULL, 0, NULL,
+			0, KEY_TYPE_BROADCAST);
+	wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 1, 0, NULL, 0, NULL,
+			0, KEY_TYPE_BROADCAST);
+	wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 2, 0, NULL, 0, NULL,
+			0, KEY_TYPE_BROADCAST);
+	wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 3, 0, NULL, 0, NULL,
+			0, KEY_TYPE_BROADCAST);
+	wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 4, 0, NULL, 0, NULL,
+			0, KEY_TYPE_BROADCAST);
+	wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 5, 0, NULL, 0, NULL,
+			0, KEY_TYPE_BROADCAST);
 
 	wpa_drv_set_key(wpa_s, WPA_ALG_NONE, wpa_s->bssid, 0, 0, NULL, 0, NULL,
-			0, 0);
+			0, KEY_TYPE_PAIRWISE);
 	/* MLME-SETPROTECTION.request(None) */
 	wpa_drv_mlme_setprotection(wpa_s, wpa_s->bssid,
 				   MLME_SETPROTECTION_PROTECT_TYPE_NONE,
@@ -9225,13 +9231,14 @@  static int wpas_ctrl_reset_pn(struct wpa_supplicant *wpa_s)
 	 * in the driver. */
 	if (wpa_drv_set_key(wpa_s, wpa_s->last_tk_alg, wpa_s->last_tk_addr,
 			    wpa_s->last_tk_key_idx, 1, zero, 6,
-			    zero, wpa_s->last_tk_len, 0) < 0)
+			    zero, wpa_s->last_tk_len, KEY_TYPE_PAIRWISE) < 0)
 		return -1;
 
 	/* Set the previously configured key to reset its TSC/RSC */
 	return wpa_drv_set_key(wpa_s, wpa_s->last_tk_alg, wpa_s->last_tk_addr,
 			       wpa_s->last_tk_key_idx, 1, zero, 6,
-			       wpa_s->last_tk, wpa_s->last_tk_len, 0);
+			       wpa_s->last_tk, wpa_s->last_tk_len,
+			       KEY_TYPE_PAIRWISE);
 }
 
 
diff --git a/wpa_supplicant/ibss_rsn.c b/wpa_supplicant/ibss_rsn.c
index c1d40a9d3..0625ddeb4 100644
--- a/wpa_supplicant/ibss_rsn.c
+++ b/wpa_supplicant/ibss_rsn.c
@@ -852,7 +852,7 @@  static void ibss_rsn_handle_auth_1_of_2(struct ibss_rsn *ibss_rsn,
 		wpa_printf(MSG_DEBUG, "RSN: Clear pairwise key for peer "
 			   MACSTR, MAC2STR(addr));
 		wpa_drv_set_key(ibss_rsn->wpa_s, WPA_ALG_NONE, addr, 0, 0,
-				NULL, 0, NULL, 0, 0);
+				NULL, 0, NULL, 0, KEY_TYPE_PAIRWISE);
 	}
 
 	if (peer &&
diff --git a/wpa_supplicant/mesh_mpm.c b/wpa_supplicant/mesh_mpm.c
index 041c158e4..8664147ac 100644
--- a/wpa_supplicant/mesh_mpm.c
+++ b/wpa_supplicant/mesh_mpm.c
@@ -876,7 +876,7 @@  static void mesh_mpm_plink_estab(struct wpa_supplicant *wpa_s,
 		wpa_hexdump_key(MSG_DEBUG, "mesh: MTK", sta->mtk, sta->mtk_len);
 		wpa_drv_set_key(wpa_s, wpa_cipher_to_alg(conf->pairwise_cipher),
 				sta->addr, 0, 0, seq, sizeof(seq),
-				sta->mtk, sta->mtk_len, 0);
+				sta->mtk, sta->mtk_len, KEY_TYPE_PAIRWISE);
 
 		wpa_hexdump_key(MSG_DEBUG, "mesh: RX MGTK Key RSC",
 				sta->mgtk_rsc, sizeof(sta->mgtk_rsc));
@@ -885,7 +885,7 @@  static void mesh_mpm_plink_estab(struct wpa_supplicant *wpa_s,
 		wpa_drv_set_key(wpa_s, wpa_cipher_to_alg(conf->group_cipher),
 				sta->addr, sta->mgtk_key_id, 0,
 				sta->mgtk_rsc, sizeof(sta->mgtk_rsc),
-				sta->mgtk, sta->mgtk_len, 0);
+				sta->mgtk, sta->mgtk_len, KEY_TYPE_BROADCAST);
 
 		if (sta->igtk_len) {
 			wpa_hexdump_key(MSG_DEBUG, "mesh: RX IGTK Key RSC",
@@ -897,7 +897,7 @@  static void mesh_mpm_plink_estab(struct wpa_supplicant *wpa_s,
 				wpa_cipher_to_alg(conf->mgmt_group_cipher),
 				sta->addr, sta->igtk_key_id, 0,
 				sta->igtk_rsc, sizeof(sta->igtk_rsc),
-				sta->igtk, sta->igtk_len, 0);
+				sta->igtk, sta->igtk_len, KEY_TYPE_BROADCAST);
 		}
 	}
 
diff --git a/wpa_supplicant/mesh_rsn.c b/wpa_supplicant/mesh_rsn.c
index 4df4dcc73..45e6103ce 100644
--- a/wpa_supplicant/mesh_rsn.c
+++ b/wpa_supplicant/mesh_rsn.c
@@ -197,7 +197,8 @@  static int __mesh_rsn_auth_init(struct mesh_rsn *rsn, const u8 *addr,
 		wpa_drv_set_key(rsn->wpa_s,
 				wpa_cipher_to_alg(rsn->mgmt_group_cipher), NULL,
 				rsn->igtk_key_id, 1,
-				seq, sizeof(seq), rsn->igtk, rsn->igtk_len, 0);
+				seq, sizeof(seq), rsn->igtk, rsn->igtk_len,
+				KEY_TYPE_BROADCAST);
 	}
 
 	/* group privacy / data frames */
@@ -205,7 +206,7 @@  static int __mesh_rsn_auth_init(struct mesh_rsn *rsn, const u8 *addr,
 			rsn->mgtk, rsn->mgtk_len);
 	wpa_drv_set_key(rsn->wpa_s, wpa_cipher_to_alg(rsn->group_cipher), NULL,
 			rsn->mgtk_key_id, 1, seq, sizeof(seq),
-			rsn->mgtk, rsn->mgtk_len, 0);
+			rsn->mgtk, rsn->mgtk_len, KEY_TYPE_BROADCAST);
 
 	return 0;
 }
diff --git a/wpa_supplicant/wpa_supplicant.c b/wpa_supplicant/wpa_supplicant.c
index 87f5ab36e..ffecab21f 100644
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
@@ -142,7 +142,9 @@  int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
 		set = 1;
 		wpa_drv_set_key(wpa_s, WPA_ALG_WEP, NULL,
 				i, i == ssid->wep_tx_keyidx, NULL, 0,
-				ssid->wep_key[i], ssid->wep_key_len[i], 0);
+				ssid->wep_key[i], ssid->wep_key_len[i],
+				i == ssid->wep_tx_keyidx ? KEY_TYPE_DEFAULT :
+				KEY_TYPE_BROADCAST);
 	}
 
 	return set;
@@ -200,7 +202,8 @@  int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
 	/* TODO: should actually remember the previously used seq#, both for TX
 	 * and RX from each STA.. */
 
-	ret = wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen, 0);
+	ret = wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen,
+			      KEY_TYPE_BROADCAST);
 	os_memset(key, 0, sizeof(key));
 	return ret;
 }
@@ -698,12 +701,12 @@  void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
 		if (wpa_s->keys_cleared & BIT(i))
 			continue;
 		wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, i, 0, NULL, 0,
-				NULL, 0, 0);
+				NULL, 0, KEY_TYPE_BROADCAST);
 	}
 	if (!(wpa_s->keys_cleared & BIT(0)) && addr &&
 	    !is_zero_ether_addr(addr)) {
 		wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL,
-				0, 0);
+				0, KEY_TYPE_PAIRWISE);
 		/* MLME-SETPROTECTION.request(None) */
 		wpa_drv_mlme_setprotection(
 			wpa_s, addr,
diff --git a/wpa_supplicant/wpas_glue.c b/wpa_supplicant/wpas_glue.c
index 4d461e645..f96608d72 100644
--- a/wpa_supplicant/wpas_glue.c
+++ b/wpa_supplicant/wpas_glue.c
@@ -242,7 +242,8 @@  static int wpa_eapol_set_wep_key(void *ctx, int unicast, int keyidx,
 	}
 	return wpa_drv_set_key(wpa_s, WPA_ALG_WEP,
 			       unicast ? wpa_s->bssid : NULL,
-			       keyidx, unicast, NULL, 0, key, keylen, 0);
+			       keyidx, unicast, NULL, 0, key, keylen,
+			       unicast ? KEY_TYPE_DEFAULT : KEY_TYPE_BROADCAST);
 }
 
 
@@ -341,7 +342,7 @@  static void wpa_supplicant_eapol_cb(struct eapol_sm *eapol,
 			"handshake", pmk, pmk_len);
 
 	if (wpa_drv_set_key(wpa_s, WPA_ALG_PMK, NULL, 0, 0, NULL, 0, pmk,
-			    pmk_len, 0)) {
+			    pmk_len, KEY_TYPE_BROADCAST)) {
 		wpa_printf(MSG_DEBUG, "Failed to set PMK to the driver");
 	}