From patchwork Sun Nov 11 11:54:38 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Alexander Wetzel X-Patchwork-Id: 996112 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=web.de Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="igh2UQFg"; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=infradead.org header.i=@infradead.org header.b="Rl/+WjnG"; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 42tC6s0Y5Sz9s9G for ; Sun, 11 Nov 2018 22:57:09 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:Cc:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:Message-Id:Date:Subject:To :From:Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References: List-Owner; bh=ycPkjNn6GGcboH7XcGvaUJ7MKA+1hJvgRMZZeEqIlxE=; b=igh2UQFgqXYqc0 T5kV1rb8/F3oKmKEikqzw3kREhYhXkQqXMdkuN2a/8NUoNovwnVMxamCTpThot94ZCs4hvYbiRPOr iDYbtNH1a88nGCPS+Jr+d1HI1xtr0/f1UQAU9MG+T+sXo8kQdDD77LOw5oS+Kh2BuS5OIDGABNlod EvRF0J31+CwlcPwQPYqxPyvW4znQnozQCyKgve4OoyalWE7XF5cADjr3oWhDpxu9wAb4yqu5xtQnH +TWpd+roRViOESGrRkruOW7lQCEu1szvFVtaQLVilpWSWD1H8lqFWqzXRMBTDYKlmziekAJECBJ3s kp/G3kgA7pF/PuWcTNIw==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.90_1 #2 (Red Hat Linux)) id 1gLoLu-0008Ge-MJ; Sun, 11 Nov 2018 11:56:30 +0000 Received: from merlin.infradead.org ([2001:8b0:10b:1231::1]) by bombadil.infradead.org with esmtps (Exim 4.90_1 #2 (Red Hat Linux)) id 1gLoLm-00084D-LY for hostap@bombadil.infradead.org; Sun, 11 Nov 2018 11:56:22 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infradead.org; s=merlin.20170209; h=Content-Transfer-Encoding:MIME-Version: Message-Id:Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=EqSarRCuGotx3MvyQpj0pOVaITtPkegMYrOrCUQlISo=; b=Rl/+WjnGCBHSCj0dAF5gzohUPl DBNHt4pysl1NzDhZFYVGNc9jKpO2VmpkX3iBSFgpS7/OGWyZCl5I1ICGYjusUU57b+FN9Ljo6FWun HCp6hV+ERB4aFuLHVibhSa9H1CB8IALOWqa1xCCm1VP8TIA64I0NiqtzIu9aE4tuBysa+eaftU6DD DHojs+ieER6JWQhO56l7/wg93SST0MGMO7QTPFrxOgQnHUIXzdTkEPn0u3p3y1186yiv3RaGhilGW o4HlwJJiRrEu/FZtH4Qs7g12hlwhJKNht4edauRG/3Zi6a3WJ2YkTxwMRp+PzacYxujazhIGBr7PS 4Y3fDzIg==; Received: from mo183.mail-out.ovh.net ([178.32.228.183]) by merlin.infradead.org with esmtps (Exim 4.90_1 #2 (Red Hat Linux)) id 1gLoLj-0006s0-A6 for hostap@lists.infradead.org; Sun, 11 Nov 2018 11:56:20 +0000 Received: from player735.ha.ovh.net (b3.ovh.net [213.186.33.53]) by mo183.mail-out.ovh.net (Postfix) with ESMTP id 0A7BC38AB44 for ; Sun, 11 Nov 2018 12:56:02 +0100 (CET) Received: from awhome.eu (p4FF91EF0.dip0.t-ipconnect.de [79.249.30.240]) (Authenticated sender: postmaster@awhome.eu) by player735.ha.ovh.net (Postfix) with ESMTPSA id ACF0D2A353A for ; Sun, 11 Nov 2018 11:56:02 +0000 (UTC) From: alexander.wetzel@web.de To: hostap@lists.infradead.org Subject: [RFC PATCH 0/3] Extended Key ID support Date: Sun, 11 Nov 2018 12:54:38 +0100 Message-Id: <20181111115441.15015-1-alexander.wetzel@web.de> X-Mailer: git-send-email 2.19.1 MIME-Version: 1.0 X-Ovh-Tracer-Id: 1788492005100483008 X-VR-SPAMSTATE: OK X-VR-SPAMSCORE: -100 X-VR-SPAMCAUSE: gggruggvucftvghtrhhoucdtuddrgedtkedrkeejgdefgecutefuodetggdotefrodftvfcurfhrohhfihhlvgemucfqggfjpdevjffgvefmvefgnecuuegrihhlohhuthemucehtddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmd X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20181111_065619_462162_DE4B311D X-CRM114-Status: GOOD ( 13.64 ) X-Spam-Score: 0.2 (/) X-Spam-Report: SpamAssassin version 3.4.2 on merlin.infradead.org summary: Content analysis details: (0.2 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no trust [178.32.228.183 listed in list.dnswl.org] 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (alexander.wetzel[at]web.de) -0.0 SPF_PASS SPF: sender matches SPF record 0.0 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail domains are different 0.2 FREEMAIL_FORGED_FROMDOMAIN 2nd level domains in From and EnvelopeFrom freemail headers are different X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Alexander Wetzel Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Alexander Wetzel IEEE 802.11-2012 added support for Extended Key ID, allowing pairwise keys to also use keyID 1 and moving group keys to IDs 2 and 3. Support for Extended Key ID is working with these patches and has been test with both hwsim and "on the air" with ath9k/iwldvm using software encryption. It's sill WIP and only a snapshot of the current development status. A notable but kind of hidden change is, that the code no longer will install PTK keys as default key, assuming the previous behavior was a bug. The APIs are all still in flux and any suggestions how this can be improved are highly welcome. If someone knows about any other implementation please drop me a note. As far as I was able to determine there are no other implementations to test interoperability against available, yet. Alexander Wetzel (3): Update API and drivers for extended Key ID hostapd support for Extended Key ID wpa_supplicant support for Extended Key ID hostapd/config_file.c | 2 + hostapd/hostapd.conf | 9 ++ src/ap/ap_config.c | 1 + src/ap/ap_config.h | 1 + src/ap/ap_drv_ops.c | 4 +- src/ap/wpa_auth.c | 84 +++++++++++++----- src/ap/wpa_auth.h | 5 +- src/ap/wpa_auth_ft.c | 6 +- src/ap/wpa_auth_glue.c | 13 ++- src/ap/wpa_auth_i.h | 2 + src/ap/wpa_auth_ie.c | 7 ++ src/common/wpa_common.h | 4 + src/drivers/driver.h | 20 ++++- src/drivers/driver_atheros.c | 8 +- src/drivers/driver_bsd.c | 10 +-- src/drivers/driver_hostap.c | 5 +- src/drivers/driver_ndis.c | 10 +-- src/drivers/driver_nl80211.c | 30 +++++-- src/drivers/driver_nl80211_capa.c | 4 + src/drivers/driver_openbsd.c | 2 +- src/drivers/driver_privsep.c | 8 +- src/drivers/driver_wext.c | 19 ++-- src/drivers/nl80211_copy.h | 139 ++++++++++++++++++++++++++++++ src/rsn_supp/wpa.c | 67 ++++++++++++-- src/rsn_supp/wpa.h | 4 +- src/rsn_supp/wpa_i.h | 3 + src/rsn_supp/wpa_ie.c | 11 +++ src/rsn_supp/wpa_ie.h | 1 + wpa_supplicant/config.c | 2 + wpa_supplicant/config_file.c | 1 + wpa_supplicant/config_ssid.h | 11 +++ wpa_supplicant/ibss_rsn.c | 11 +-- wpa_supplicant/mesh_rsn.c | 3 +- wpa_supplicant/wpa_supplicant.c | 6 ++ wpa_supplicant/wpas_glue.c | 1 + 35 files changed, 429 insertions(+), 85 deletions(-)