diff options
Diffstat (limited to 'sys/net80211/ieee80211_crypto.c')
-rw-r--r-- | sys/net80211/ieee80211_crypto.c | 75 |
1 files changed, 75 insertions, 0 deletions
diff --git a/sys/net80211/ieee80211_crypto.c b/sys/net80211/ieee80211_crypto.c index 6a1182b52480..829653ff1335 100644 --- a/sys/net80211/ieee80211_crypto.c +++ b/sys/net80211/ieee80211_crypto.c @@ -142,6 +142,37 @@ ieee80211_crypto_attach(struct ieee80211com *ic) { /* NB: we assume everything is pre-zero'd */ ciphers[IEEE80211_CIPHER_NONE] = &ieee80211_cipher_none; + + /* + * Default set of net80211 supported ciphers. + * + * These are the default set that all drivers are expected to + * support, either/or in hardware and software. + * + * Drivers can add their own support to this and the + * hardware cipher list (ic_cryptocaps.) + */ + ic->ic_sw_cryptocaps = IEEE80211_CRYPTO_WEP | + IEEE80211_CRYPTO_TKIP | IEEE80211_CRYPTO_AES_CCM; + + /* + * Default set of key management types supported by net80211. + * + * These are supported by software net80211 and announced/ + * driven by hostapd + wpa_supplicant. + * + * Drivers doing full supplicant offload must not set + * anything here. + * + * Note that IEEE80211_C_WPA1 and IEEE80211_C_WPA2 are the + * "old" style way of drivers announcing key management + * capabilities. There are many, many more key management + * suites in 802.11-2016 (see 9.4.2.25.3 - AKM suites.) + * For now they still need to be set - these flags are checked + * when assembling a beacon to reserve space for the WPA + * vendor IE (WPA 1) and RSN IE (WPA 2). + */ + ic->ic_sw_keymgmtcaps = 0; } /* @@ -153,6 +184,43 @@ ieee80211_crypto_detach(struct ieee80211com *ic) } /* + * Set the supported ciphers for software encryption. + */ +void +ieee80211_crypto_set_supported_software_ciphers(struct ieee80211com *ic, + uint32_t cipher_set) +{ + ic->ic_sw_cryptocaps = cipher_set; +} + +/* + * Set the supported ciphers for hardware encryption. + */ +void +ieee80211_crypto_set_supported_hardware_ciphers(struct ieee80211com *ic, + uint32_t cipher_set) +{ + ic->ic_cryptocaps = cipher_set; +} + +/* + * Set the supported software key management by the driver. + * + * These are the key management suites that are supported via + * the driver via hostapd/wpa_supplicant. + * + * Key management which is completely offloaded (ie, the supplicant + * runs in hardware/firmware) must not be set here. + */ +void +ieee80211_crypto_set_supported_driver_keymgmt(struct ieee80211com *ic, + uint32_t keymgmt_set) +{ + + ic->ic_sw_keymgmtcaps = keymgmt_set; +} + +/* * Setup crypto support for a vap. */ void @@ -241,6 +309,13 @@ static const char *cipher_modnames[IEEE80211_CIPHER_MAX] = { [IEEE80211_CIPHER_TKIPMIC] = "#4", /* NB: reserved */ [IEEE80211_CIPHER_CKIP] = "wlan_ckip", [IEEE80211_CIPHER_NONE] = "wlan_none", + [IEEE80211_CIPHER_AES_CCM_256] = "wlan_ccmp", + [IEEE80211_CIPHER_BIP_CMAC_128] = "wlan_bip_cmac", + [IEEE80211_CIPHER_BIP_CMAC_256] = "wlan_bip_cmac", + [IEEE80211_CIPHER_BIP_GMAC_128] = "wlan_bip_gmac", + [IEEE80211_CIPHER_BIP_GMAC_256] = "wlan_bip_gmac", + [IEEE80211_CIPHER_AES_GCM_128] = "wlan_gcmp", + [IEEE80211_CIPHER_AES_GCM_256] = "wlan_gcmp", }; /* NB: there must be no overlap between user-supplied and device-owned flags */ |