aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--src/ap/ap_config.c8
-rw-r--r--src/common/defs.h16
-rw-r--r--src/common/ieee802_11_defs.h5
-rw-r--r--src/common/wpa_common.c79
-rw-r--r--src/common/wpa_common.h14
-rw-r--r--src/drivers/driver.h10
-rw-r--r--src/drivers/driver_nl80211.c76
-rw-r--r--wpa_supplicant/ap.c4
-rw-r--r--wpa_supplicant/ctrl_iface.c36
-rw-r--r--wpa_supplicant/dbus/dbus_new_handlers.c36
10 files changed, 273 insertions, 11 deletions
diff --git a/src/ap/ap_config.c b/src/ap/ap_config.c
index 65a6f12..5033c55 100644
--- a/src/ap/ap_config.c
+++ b/src/ap/ap_config.c
@@ -759,7 +759,9 @@ static int hostapd_config_check_bss(struct hostapd_bss_config *bss,
if (conf->ieee80211n && bss->wpa &&
!(bss->wpa_pairwise & WPA_CIPHER_CCMP) &&
- !(bss->rsn_pairwise & (WPA_CIPHER_CCMP | WPA_CIPHER_GCMP))) {
+ !(bss->rsn_pairwise & (WPA_CIPHER_CCMP | WPA_CIPHER_GCMP |
+ WPA_CIPHER_CCMP_256 | WPA_CIPHER_GCMP_256)))
+ {
bss->disable_11n = 1;
wpa_printf(MSG_ERROR, "HT (IEEE 802.11n) with WPA/WPA2 "
"requires CCMP/GCMP to be enabled, disabling HT "
@@ -792,7 +794,9 @@ static int hostapd_config_check_bss(struct hostapd_bss_config *bss,
#ifdef CONFIG_HS20
if (bss->hs20 &&
(!(bss->wpa & 2) ||
- !(bss->rsn_pairwise & (WPA_CIPHER_CCMP | WPA_CIPHER_GCMP)))) {
+ !(bss->rsn_pairwise & (WPA_CIPHER_CCMP | WPA_CIPHER_GCMP |
+ WPA_CIPHER_CCMP_256 |
+ WPA_CIPHER_GCMP_256)))) {
wpa_printf(MSG_ERROR, "HS 2.0: WPA2-Enterprise/CCMP "
"configuration is required for Hotspot 2.0 "
"functionality");
diff --git a/src/common/defs.h b/src/common/defs.h
index 0c90c24..d3e4ff6 100644
--- a/src/common/defs.h
+++ b/src/common/defs.h
@@ -28,6 +28,11 @@ typedef enum { FALSE = 0, TRUE = 1 } Boolean;
#endif /* CONFIG_IEEE80211W */
#define WPA_CIPHER_GCMP BIT(6)
#define WPA_CIPHER_SMS4 BIT(7)
+#define WPA_CIPHER_GCMP_256 BIT(8)
+#define WPA_CIPHER_CCMP_256 BIT(9)
+#define WPA_CIPHER_BIP_GMAC_128 BIT(11)
+#define WPA_CIPHER_BIP_GMAC_256 BIT(12)
+#define WPA_CIPHER_BIP_CMAC_256 BIT(13)
#define WPA_KEY_MGMT_IEEE8021X BIT(0)
#define WPA_KEY_MGMT_PSK BIT(1)
@@ -117,7 +122,12 @@ enum wpa_alg {
WPA_ALG_PMK,
WPA_ALG_GCMP,
WPA_ALG_SMS4,
- WPA_ALG_KRK
+ WPA_ALG_KRK,
+ WPA_ALG_GCMP_256,
+ WPA_ALG_CCMP_256,
+ WPA_ALG_BIP_GMAC_128,
+ WPA_ALG_BIP_GMAC_256,
+ WPA_ALG_BIP_CMAC_256
};
/**
@@ -130,7 +140,9 @@ enum wpa_cipher {
CIPHER_CCMP,
CIPHER_WEP104,
CIPHER_GCMP,
- CIPHER_SMS4
+ CIPHER_SMS4,
+ CIPHER_GCMP_256,
+ CIPHER_CCMP_256
};
/**
diff --git a/src/common/ieee802_11_defs.h b/src/common/ieee802_11_defs.h
index c2bf09d..7d78648 100644
--- a/src/common/ieee802_11_defs.h
+++ b/src/common/ieee802_11_defs.h
@@ -1025,6 +1025,11 @@ enum wifi_display_subelem {
#define WLAN_CIPHER_SUITE_AES_CMAC 0x000FAC06
#define WLAN_CIPHER_SUITE_NO_GROUP_ADDR 0x000FAC07
#define WLAN_CIPHER_SUITE_GCMP 0x000FAC08
+#define WLAN_CIPHER_SUITE_GCMP_256 0x000FAC09
+#define WLAN_CIPHER_SUITE_CCMP_256 0x000FAC0A
+#define WLAN_CIPHER_SUITE_BIP_GMAC_128 0x000FAC0B
+#define WLAN_CIPHER_SUITE_BIP_GMAC_256 0x000FAC0C
+#define WLAN_CIPHER_SUITE_BIP_CMAC_256 0x000FAC0D
#define WLAN_CIPHER_SUITE_SMS4 0x00147201
diff --git a/src/common/wpa_common.c b/src/common/wpa_common.c
index c3afbfd..03b5b4e 100644
--- a/src/common/wpa_common.c
+++ b/src/common/wpa_common.c
@@ -353,6 +353,16 @@ static int rsn_selector_to_bitfield(const u8 *s)
#endif /* CONFIG_IEEE80211W */
if (RSN_SELECTOR_GET(s) == RSN_CIPHER_SUITE_GCMP)
return WPA_CIPHER_GCMP;
+ if (RSN_SELECTOR_GET(s) == RSN_CIPHER_SUITE_CCMP_256)
+ return WPA_CIPHER_CCMP_256;
+ if (RSN_SELECTOR_GET(s) == RSN_CIPHER_SUITE_GCMP_256)
+ return WPA_CIPHER_GCMP_256;
+ if (RSN_SELECTOR_GET(s) == RSN_CIPHER_SUITE_BIP_GMAC_128)
+ return WPA_CIPHER_BIP_GMAC_128;
+ if (RSN_SELECTOR_GET(s) == RSN_CIPHER_SUITE_BIP_GMAC_256)
+ return WPA_CIPHER_BIP_GMAC_256;
+ if (RSN_SELECTOR_GET(s) == RSN_CIPHER_SUITE_BIP_CMAC_256)
+ return WPA_CIPHER_BIP_CMAC_256;
return 0;
}
@@ -912,6 +922,10 @@ const char * wpa_cipher_txt(int cipher)
return "CCMP+TKIP";
case WPA_CIPHER_GCMP:
return "GCMP";
+ case WPA_CIPHER_GCMP_256:
+ return "GCMP-256";
+ case WPA_CIPHER_CCMP_256:
+ return "CCMP-256";
default:
return "UNKNOWN";
}
@@ -1078,6 +1092,9 @@ int wpa_insert_pmkid(u8 *ies, size_t ies_len, const u8 *pmkid)
int wpa_cipher_key_len(int cipher)
{
switch (cipher) {
+ case WPA_CIPHER_CCMP_256:
+ case WPA_CIPHER_GCMP_256:
+ return 32;
case WPA_CIPHER_CCMP:
case WPA_CIPHER_GCMP:
return 16;
@@ -1096,6 +1113,8 @@ int wpa_cipher_key_len(int cipher)
int wpa_cipher_rsc_len(int cipher)
{
switch (cipher) {
+ case WPA_CIPHER_CCMP_256:
+ case WPA_CIPHER_GCMP_256:
case WPA_CIPHER_CCMP:
case WPA_CIPHER_GCMP:
case WPA_CIPHER_TKIP:
@@ -1112,6 +1131,10 @@ int wpa_cipher_rsc_len(int cipher)
int wpa_cipher_to_alg(int cipher)
{
switch (cipher) {
+ case WPA_CIPHER_CCMP_256:
+ return WPA_ALG_CCMP_256;
+ case WPA_CIPHER_GCMP_256:
+ return WPA_ALG_GCMP_256;
case WPA_CIPHER_CCMP:
return WPA_ALG_CCMP;
case WPA_CIPHER_GCMP:
@@ -1139,6 +1162,10 @@ enum wpa_cipher wpa_cipher_to_suite_driver(int cipher)
return CIPHER_CCMP;
case WPA_CIPHER_GCMP:
return CIPHER_GCMP;
+ case WPA_CIPHER_CCMP_256:
+ return CIPHER_CCMP_256;
+ case WPA_CIPHER_GCMP_256:
+ return CIPHER_GCMP_256;
case WPA_CIPHER_TKIP:
default:
return CIPHER_TKIP;
@@ -1148,7 +1175,9 @@ enum wpa_cipher wpa_cipher_to_suite_driver(int cipher)
int wpa_cipher_valid_pairwise(int cipher)
{
- return cipher == WPA_CIPHER_CCMP ||
+ return cipher == WPA_CIPHER_CCMP_256 ||
+ cipher == WPA_CIPHER_GCMP_256 ||
+ cipher == WPA_CIPHER_CCMP ||
cipher == WPA_CIPHER_GCMP ||
cipher == WPA_CIPHER_TKIP;
}
@@ -1156,6 +1185,10 @@ int wpa_cipher_valid_pairwise(int cipher)
u32 wpa_cipher_to_suite(int proto, int cipher)
{
+ if (cipher & WPA_CIPHER_CCMP_256)
+ return RSN_CIPHER_SUITE_CCMP_256;
+ if (cipher & WPA_CIPHER_GCMP_256)
+ return RSN_CIPHER_SUITE_GCMP_256;
if (cipher & WPA_CIPHER_CCMP)
return (proto == WPA_PROTO_RSN ?
RSN_CIPHER_SUITE_CCMP : WPA_CIPHER_SUITE_CCMP);
@@ -1181,6 +1214,16 @@ int rsn_cipher_put_suites(u8 *pos, int ciphers)
{
int num_suites = 0;
+ if (ciphers & WPA_CIPHER_CCMP_256) {
+ RSN_SELECTOR_PUT(pos, RSN_CIPHER_SUITE_CCMP_256);
+ pos += RSN_SELECTOR_LEN;
+ num_suites++;
+ }
+ if (ciphers & WPA_CIPHER_GCMP_256) {
+ RSN_SELECTOR_PUT(pos, RSN_CIPHER_SUITE_GCMP_256);
+ pos += RSN_SELECTOR_LEN;
+ num_suites++;
+ }
if (ciphers & WPA_CIPHER_CCMP) {
RSN_SELECTOR_PUT(pos, RSN_CIPHER_SUITE_CCMP);
pos += RSN_SELECTOR_LEN;
@@ -1232,6 +1275,10 @@ int wpa_cipher_put_suites(u8 *pos, int ciphers)
int wpa_pick_pairwise_cipher(int ciphers, int none_allowed)
{
+ if (ciphers & WPA_CIPHER_CCMP_256)
+ return WPA_CIPHER_CCMP_256;
+ if (ciphers & WPA_CIPHER_GCMP_256)
+ return WPA_CIPHER_GCMP_256;
if (ciphers & WPA_CIPHER_CCMP)
return WPA_CIPHER_CCMP;
if (ciphers & WPA_CIPHER_GCMP)
@@ -1246,6 +1293,10 @@ int wpa_pick_pairwise_cipher(int ciphers, int none_allowed)
int wpa_pick_group_cipher(int ciphers)
{
+ if (ciphers & WPA_CIPHER_CCMP_256)
+ return WPA_CIPHER_CCMP_256;
+ if (ciphers & WPA_CIPHER_GCMP_256)
+ return WPA_CIPHER_GCMP_256;
if (ciphers & WPA_CIPHER_CCMP)
return WPA_CIPHER_CCMP;
if (ciphers & WPA_CIPHER_GCMP)
@@ -1280,7 +1331,11 @@ int wpa_parse_cipher(const char *value)
end++;
last = *end == '\0';
*end = '\0';
- if (os_strcmp(start, "CCMP") == 0)
+ if (os_strcmp(start, "CCMP-256") == 0)
+ val |= WPA_CIPHER_CCMP_256;
+ else if (os_strcmp(start, "GCMP-256") == 0)
+ val |= WPA_CIPHER_GCMP_256;
+ else if (os_strcmp(start, "CCMP") == 0)
val |= WPA_CIPHER_CCMP;
else if (os_strcmp(start, "GCMP") == 0)
val |= WPA_CIPHER_GCMP;
@@ -1312,6 +1367,20 @@ int wpa_write_ciphers(char *start, char *end, int ciphers, const char *delim)
char *pos = start;
int ret;
+ if (ciphers & WPA_CIPHER_CCMP_256) {
+ ret = os_snprintf(pos, end - pos, "%sCCMP-256",
+ pos == start ? "" : delim);
+ if (ret < 0 || ret >= end - pos)
+ return -1;
+ pos += ret;
+ }
+ if (ciphers & WPA_CIPHER_GCMP_256) {
+ ret = os_snprintf(pos, end - pos, "%sGCMP-256",
+ pos == start ? "" : delim);
+ if (ret < 0 || ret >= end - pos)
+ return -1;
+ pos += ret;
+ }
if (ciphers & WPA_CIPHER_CCMP) {
ret = os_snprintf(pos, end - pos, "%sCCMP",
pos == start ? "" : delim);
@@ -1373,5 +1442,11 @@ int wpa_select_ap_group_cipher(int wpa, int wpa_pairwise, int rsn_pairwise)
return WPA_CIPHER_TKIP;
if ((pairwise & (WPA_CIPHER_CCMP | WPA_CIPHER_GCMP)) == WPA_CIPHER_GCMP)
return WPA_CIPHER_GCMP;
+ if ((pairwise & (WPA_CIPHER_GCMP_256 | WPA_CIPHER_CCMP |
+ WPA_CIPHER_GCMP)) == WPA_CIPHER_GCMP_256)
+ return WPA_CIPHER_GCMP_256;
+ if ((pairwise & (WPA_CIPHER_CCMP_256 | WPA_CIPHER_CCMP |
+ WPA_CIPHER_GCMP)) == WPA_CIPHER_CCMP_256)
+ return WPA_CIPHER_CCMP_256;
return WPA_CIPHER_CCMP;
}
diff --git a/src/common/wpa_common.h b/src/common/wpa_common.h
index 2d63662..36e274b 100644
--- a/src/common/wpa_common.h
+++ b/src/common/wpa_common.h
@@ -21,10 +21,11 @@
#define WPA_GTK_MAX_LEN 32
#define WPA_ALLOWED_PAIRWISE_CIPHERS \
-(WPA_CIPHER_CCMP | WPA_CIPHER_GCMP | WPA_CIPHER_TKIP | WPA_CIPHER_NONE)
+(WPA_CIPHER_CCMP | WPA_CIPHER_GCMP | WPA_CIPHER_TKIP | WPA_CIPHER_NONE | \
+WPA_CIPHER_GCMP_256 | WPA_CIPHER_CCMP_256)
#define WPA_ALLOWED_GROUP_CIPHERS \
(WPA_CIPHER_CCMP | WPA_CIPHER_GCMP | WPA_CIPHER_TKIP | WPA_CIPHER_WEP104 | \
-WPA_CIPHER_WEP40)
+WPA_CIPHER_WEP40 | WPA_CIPHER_GCMP_256 | WPA_CIPHER_CCMP_256)
#define WPA_SELECTOR_LEN 4
#define WPA_VERSION 1
@@ -60,6 +61,10 @@ WPA_CIPHER_WEP40)
#define RSN_AUTH_KEY_MGMT_TPK_HANDSHAKE RSN_SELECTOR(0x00, 0x0f, 0xac, 7)
#define RSN_AUTH_KEY_MGMT_SAE RSN_SELECTOR(0x00, 0x0f, 0xac, 8)
#define RSN_AUTH_KEY_MGMT_FT_SAE RSN_SELECTOR(0x00, 0x0f, 0xac, 9)
+#define RSN_AUTH_KEY_MGMT_802_1X_SUITE_B RSN_SELECTOR(0x00, 0x0f, 0xac, 11)
+#define RSN_AUTH_KEY_MGMT_802_1X_SUITE_B_384 RSN_SELECTOR(0x00, 0x0f, 0xac, 12)
+#define RSN_AUTH_KEY_MGMT_FT_802_1X_SUITE_B_384 \
+RSN_SELECTOR(0x00, 0x0f, 0xac, 13)
#define RSN_AUTH_KEY_MGMT_CCKM RSN_SELECTOR(0x00, 0x40, 0x96, 0x00)
#define RSN_CIPHER_SUITE_NONE RSN_SELECTOR(0x00, 0x0f, 0xac, 0)
@@ -75,6 +80,11 @@ WPA_CIPHER_WEP40)
#endif /* CONFIG_IEEE80211W */
#define RSN_CIPHER_SUITE_NO_GROUP_ADDRESSED RSN_SELECTOR(0x00, 0x0f, 0xac, 7)
#define RSN_CIPHER_SUITE_GCMP RSN_SELECTOR(0x00, 0x0f, 0xac, 8)
+#define RSN_CIPHER_SUITE_GCMP_256 RSN_SELECTOR(0x00, 0x0f, 0xac, 9)
+#define RSN_CIPHER_SUITE_CCMP_256 RSN_SELECTOR(0x00, 0x0f, 0xac, 10)
+#define RSN_CIPHER_SUITE_BIP_GMAC_128 RSN_SELECTOR(0x00, 0x0f, 0xac, 11)
+#define RSN_CIPHER_SUITE_BIP_GMAC_256 RSN_SELECTOR(0x00, 0x0f, 0xac, 12)
+#define RSN_CIPHER_SUITE_BIP_CMAC_256 RSN_SELECTOR(0x00, 0x0f, 0xac, 13)
/* EAPOL-Key Key Data Encapsulation
* GroupKey and PeerKey require encryption, otherwise, encryption is optional.
diff --git a/src/drivers/driver.h b/src/drivers/driver.h
index 8831051..b5a3953 100644
--- a/src/drivers/driver.h
+++ b/src/drivers/driver.h
@@ -833,6 +833,12 @@ struct wpa_driver_capa {
#define WPA_DRIVER_CAPA_ENC_CCMP 0x00000008
#define WPA_DRIVER_CAPA_ENC_WEP128 0x00000010
#define WPA_DRIVER_CAPA_ENC_GCMP 0x00000020
+#define WPA_DRIVER_CAPA_ENC_GCMP_256 0x00000040
+#define WPA_DRIVER_CAPA_ENC_CCMP_256 0x00000080
+#define WPA_DRIVER_CAPA_ENC_BIP 0x00000100
+#define WPA_DRIVER_CAPA_ENC_BIP_GMAC_128 0x00000200
+#define WPA_DRIVER_CAPA_ENC_BIP_GMAC_256 0x00000400
+#define WPA_DRIVER_CAPA_ENC_BIP_CMAC_256 0x00000800
unsigned int enc;
#define WPA_DRIVER_AUTH_OPEN 0x00000001
@@ -1267,7 +1273,9 @@ struct wpa_driver_ops {
* @priv: private driver interface data
* @alg: encryption algorithm (%WPA_ALG_NONE, %WPA_ALG_WEP,
* %WPA_ALG_TKIP, %WPA_ALG_CCMP, %WPA_ALG_IGTK, %WPA_ALG_PMK,
- * %WPA_ALG_GCMP);
+ * %WPA_ALG_GCMP, %WPA_ALG_GCMP_256, %WPA_ALG_CCMP_256,
+ * %WPA_ALG_BIP_GMAC_128, %WPA_ALG_BIP_GMAC_256,
+ * %WPA_ALG_BIP_CMAC_256);
* %WPA_ALG_NONE clears the key.
* @addr: Address of the peer STA (BSSID of the current AP when setting
* pairwise key in station mode), ff:ff:ff:ff:ff:ff for
diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c
index 12f688a..41a39f0 100644
--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
@@ -5180,10 +5180,30 @@ static int wpa_driver_nl80211_set_key(const char *ifname, struct i802_bss *bss,
NLA_PUT_U32(msg, NL80211_ATTR_KEY_CIPHER,
WLAN_CIPHER_SUITE_GCMP);
break;
+ case WPA_ALG_CCMP_256:
+ NLA_PUT_U32(msg, NL80211_ATTR_KEY_CIPHER,
+ WLAN_CIPHER_SUITE_CCMP_256);
+ break;
+ case WPA_ALG_GCMP_256:
+ NLA_PUT_U32(msg, NL80211_ATTR_KEY_CIPHER,
+ WLAN_CIPHER_SUITE_GCMP_256);
+ break;
case WPA_ALG_IGTK:
NLA_PUT_U32(msg, NL80211_ATTR_KEY_CIPHER,
WLAN_CIPHER_SUITE_AES_CMAC);
break;
+ case WPA_ALG_BIP_GMAC_128:
+ NLA_PUT_U32(msg, NL80211_ATTR_KEY_CIPHER,
+ WLAN_CIPHER_SUITE_BIP_GMAC_128);
+ break;
+ case WPA_ALG_BIP_GMAC_256:
+ NLA_PUT_U32(msg, NL80211_ATTR_KEY_CIPHER,
+ WLAN_CIPHER_SUITE_BIP_GMAC_256);
+ break;
+ case WPA_ALG_BIP_CMAC_256:
+ NLA_PUT_U32(msg, NL80211_ATTR_KEY_CIPHER,
+ WLAN_CIPHER_SUITE_BIP_CMAC_256);
+ break;
case WPA_ALG_SMS4:
NLA_PUT_U32(msg, NL80211_ATTR_KEY_CIPHER,
WLAN_CIPHER_SUITE_SMS4);
@@ -5320,10 +5340,30 @@ static int nl_add_key(struct nl_msg *msg, enum wpa_alg alg,
case WPA_ALG_GCMP:
NLA_PUT_U32(msg, NL80211_KEY_CIPHER, WLAN_CIPHER_SUITE_GCMP);
break;
+ case WPA_ALG_CCMP_256:
+ NLA_PUT_U32(msg, NL80211_KEY_CIPHER,
+ WLAN_CIPHER_SUITE_CCMP_256);
+ break;
+ case WPA_ALG_GCMP_256:
+ NLA_PUT_U32(msg, NL80211_KEY_CIPHER,
+ WLAN_CIPHER_SUITE_GCMP_256);
+ break;
case WPA_ALG_IGTK:
NLA_PUT_U32(msg, NL80211_KEY_CIPHER,
WLAN_CIPHER_SUITE_AES_CMAC);
break;
+ case WPA_ALG_BIP_GMAC_128:
+ NLA_PUT_U32(msg, NL80211_KEY_CIPHER,
+ WLAN_CIPHER_SUITE_BIP_GMAC_128);
+ break;
+ case WPA_ALG_BIP_GMAC_256:
+ NLA_PUT_U32(msg, NL80211_KEY_CIPHER,
+ WLAN_CIPHER_SUITE_BIP_GMAC_256);
+ break;
+ case WPA_ALG_BIP_CMAC_256:
+ NLA_PUT_U32(msg, NL80211_KEY_CIPHER,
+ WLAN_CIPHER_SUITE_BIP_CMAC_256);
+ break;
default:
wpa_printf(MSG_ERROR, "%s: Unsupported encryption "
"algorithm %d", __func__, alg);
@@ -6747,6 +6787,10 @@ static int wpa_driver_nl80211_set_ap(void *priv,
wpa_printf(MSG_DEBUG, "nl80211: pairwise_ciphers=0x%x",
params->pairwise_ciphers);
num_suites = 0;
+ if (params->pairwise_ciphers & WPA_CIPHER_CCMP_256)
+ suites[num_suites++] = WLAN_CIPHER_SUITE_CCMP_256;
+ if (params->pairwise_ciphers & WPA_CIPHER_GCMP_256)
+ suites[num_suites++] = WLAN_CIPHER_SUITE_GCMP_256;
if (params->pairwise_ciphers & WPA_CIPHER_CCMP)
suites[num_suites++] = WLAN_CIPHER_SUITE_CCMP;
if (params->pairwise_ciphers & WPA_CIPHER_GCMP)
@@ -6765,6 +6809,14 @@ static int wpa_driver_nl80211_set_ap(void *priv,
wpa_printf(MSG_DEBUG, "nl80211: group_cipher=0x%x",
params->group_cipher);
switch (params->group_cipher) {
+ case WPA_CIPHER_CCMP_256:
+ NLA_PUT_U32(msg, NL80211_ATTR_CIPHER_SUITE_GROUP,
+ WLAN_CIPHER_SUITE_CCMP_256);
+ break;
+ case WPA_CIPHER_GCMP_256:
+ NLA_PUT_U32(msg, NL80211_ATTR_CIPHER_SUITE_GROUP,
+ WLAN_CIPHER_SUITE_GCMP_256);
+ break;
case WPA_CIPHER_CCMP:
NLA_PUT_U32(msg, NL80211_ATTR_CIPHER_SUITE_GROUP,
WLAN_CIPHER_SUITE_CCMP);
@@ -8129,6 +8181,12 @@ skip_auth_type:
case CIPHER_GCMP:
cipher = WLAN_CIPHER_SUITE_GCMP;
break;
+ case CIPHER_CCMP_256:
+ cipher = WLAN_CIPHER_SUITE_CCMP_256;
+ break;
+ case CIPHER_GCMP_256:
+ cipher = WLAN_CIPHER_SUITE_GCMP_256;
+ break;
case CIPHER_TKIP:
default:
cipher = WLAN_CIPHER_SUITE_TKIP;
@@ -8156,6 +8214,12 @@ skip_auth_type:
case CIPHER_GCMP:
cipher = WLAN_CIPHER_SUITE_GCMP;
break;
+ case CIPHER_CCMP_256:
+ cipher = WLAN_CIPHER_SUITE_CCMP_256;
+ break;
+ case CIPHER_GCMP_256:
+ cipher = WLAN_CIPHER_SUITE_GCMP_256;
+ break;
case CIPHER_TKIP:
default:
cipher = WLAN_CIPHER_SUITE_TKIP;
@@ -8347,6 +8411,12 @@ static int wpa_driver_nl80211_associate(
case CIPHER_GCMP:
cipher = WLAN_CIPHER_SUITE_GCMP;
break;
+ case CIPHER_CCMP_256:
+ cipher = WLAN_CIPHER_SUITE_CCMP_256;
+ break;
+ case CIPHER_GCMP_256:
+ cipher = WLAN_CIPHER_SUITE_GCMP_256;
+ break;
case CIPHER_TKIP:
default:
cipher = WLAN_CIPHER_SUITE_TKIP;
@@ -8372,6 +8442,12 @@ static int wpa_driver_nl80211_associate(
case CIPHER_GCMP:
cipher = WLAN_CIPHER_SUITE_GCMP;
break;
+ case CIPHER_CCMP_256:
+ cipher = WLAN_CIPHER_SUITE_CCMP_256;
+ break;
+ case CIPHER_GCMP_256:
+ cipher = WLAN_CIPHER_SUITE_GCMP_256;
+ break;
case CIPHER_TKIP:
default:
cipher = WLAN_CIPHER_SUITE_TKIP;
diff --git a/wpa_supplicant/ap.c b/wpa_supplicant/ap.c
index 394ab30..08a8855 100644
--- a/wpa_supplicant/ap.c
+++ b/wpa_supplicant/ap.c
@@ -276,7 +276,9 @@ static int wpa_supplicant_conf_ap(struct wpa_supplicant *wpa_s,
if (bss->wpa_group_rekey < 86400 && (bss->wpa & 2) &&
(bss->wpa_group == WPA_CIPHER_CCMP ||
- bss->wpa_group == WPA_CIPHER_GCMP)) {
+ bss->wpa_group == WPA_CIPHER_GCMP ||
+ bss->wpa_group == WPA_CIPHER_CCMP_256 ||
+ bss->wpa_group == WPA_CIPHER_GCMP_256)) {
/*
* Strong ciphers do not need frequent rekeying, so increase
* the default GTK rekeying period to 24 hours.
diff --git a/wpa_supplicant/ctrl_iface.c b/wpa_supplicant/ctrl_iface.c
index b77a944..b48ee80 100644
--- a/wpa_supplicant/ctrl_iface.c
+++ b/wpa_supplicant/ctrl_iface.c
@@ -2678,6 +2678,24 @@ static int ctrl_iface_get_capability_pairwise(int res, char *strict,
return len;
}
+ if (capa->enc & WPA_DRIVER_CAPA_ENC_CCMP_256) {
+ ret = os_snprintf(pos, end - pos, "%sCCMP-256",
+ first ? "" : " ");
+ if (ret < 0 || ret >= end - pos)
+ return pos - buf;
+ pos += ret;
+ first = 0;
+ }
+
+ if (capa->enc & WPA_DRIVER_CAPA_ENC_GCMP_256) {
+ ret = os_snprintf(pos, end - pos, "%sGCMP-256",
+ first ? "" : " ");
+ if (ret < 0 || ret >= end - pos)
+ return pos - buf;
+ pos += ret;
+ first = 0;
+ }
+
if (capa->enc & WPA_DRIVER_CAPA_ENC_CCMP) {
ret = os_snprintf(pos, end - pos, "%sCCMP", first ? "" : " ");
if (ret < 0 || ret >= end - pos)
@@ -2734,6 +2752,24 @@ static int ctrl_iface_get_capability_group(int res, char *strict,
return len;
}
+ if (capa->enc & WPA_DRIVER_CAPA_ENC_CCMP_256) {
+ ret = os_snprintf(pos, end - pos, "%sCCMP-256",
+ first ? "" : " ");
+ if (ret < 0 || ret >= end - pos)
+ return pos - buf;
+ pos += ret;
+ first = 0;
+ }
+
+ if (capa->enc & WPA_DRIVER_CAPA_ENC_GCMP_256) {
+ ret = os_snprintf(pos, end - pos, "%sGCMP-256",
+ first ? "" : " ");
+ if (ret < 0 || ret >= end - pos)
+ return pos - buf;
+ pos += ret;
+ first = 0;
+ }
+
if (capa->enc & WPA_DRIVER_CAPA_ENC_CCMP) {
ret = os_snprintf(pos, end - pos, "%sCCMP", first ? "" : " ");
if (ret < 0 || ret >= end - pos)
diff --git a/wpa_supplicant/dbus/dbus_new_handlers.c b/wpa_supplicant/dbus/dbus_new_handlers.c
index fdf9a0a..4a2261a 100644
--- a/wpa_supplicant/dbus/dbus_new_handlers.c
+++ b/wpa_supplicant/dbus/dbus_new_handlers.c
@@ -2260,6 +2260,18 @@ dbus_bool_t wpas_dbus_getter_capabilities(DBusMessageIter *iter,
&iter_array))
goto nomem;
+ if (capa.enc & WPA_DRIVER_CAPA_ENC_CCMP_256) {
+ if (!wpa_dbus_dict_string_array_add_element(
+ &iter_array, "ccmp-256"))
+ goto nomem;
+ }
+
+ if (capa.enc & WPA_DRIVER_CAPA_ENC_GCMP_256) {
+ if (!wpa_dbus_dict_string_array_add_element(
+ &iter_array, "gcmp-256"))
+ goto nomem;
+ }
+
if (capa.enc & WPA_DRIVER_CAPA_ENC_CCMP) {
if (!wpa_dbus_dict_string_array_add_element(
&iter_array, "ccmp"))
@@ -2307,6 +2319,18 @@ dbus_bool_t wpas_dbus_getter_capabilities(DBusMessageIter *iter,
&iter_array))
goto nomem;
+ if (capa.enc & WPA_DRIVER_CAPA_ENC_CCMP_256) {
+ if (!wpa_dbus_dict_string_array_add_element(
+ &iter_array, "ccmp-256"))
+ goto nomem;
+ }
+
+ if (capa.enc & WPA_DRIVER_CAPA_ENC_GCMP_256) {
+ if (!wpa_dbus_dict_string_array_add_element(
+ &iter_array, "gcmp-256"))
+ goto nomem;
+ }
+
if (capa.enc & WPA_DRIVER_CAPA_ENC_CCMP) {
if (!wpa_dbus_dict_string_array_add_element(
&iter_array, "ccmp"))
@@ -3601,7 +3625,7 @@ static dbus_bool_t wpas_dbus_get_bss_security_prop(DBusMessageIter *iter,
{
DBusMessageIter iter_dict, variant_iter;
const char *group;
- const char *pairwise[3]; /* max 3 pairwise ciphers is supported */
+ const char *pairwise[5]; /* max 5 pairwise ciphers is supported */
const char *key_mgmt[7]; /* max 7 key managements may be supported */
int n;
@@ -3650,6 +3674,12 @@ static dbus_bool_t wpas_dbus_get_bss_security_prop(DBusMessageIter *iter,
case WPA_CIPHER_WEP104:
group = "wep104";
break;
+ case WPA_CIPHER_CCMP_256:
+ group = "ccmp-256";
+ break;
+ case WPA_CIPHER_GCMP_256:
+ group = "gcmp-256";
+ break;
default:
group = "";
break;
@@ -3666,6 +3696,10 @@ static dbus_bool_t wpas_dbus_get_bss_security_prop(DBusMessageIter *iter,
pairwise[n++] = "ccmp";
if (ie_data->pairwise_cipher & WPA_CIPHER_GCMP)
pairwise[n++] = "gcmp";
+ if (ie_data->pairwise_cipher & WPA_CIPHER_CCMP_256)
+ pairwise[n++] = "ccmp-256";
+ if (ie_data->pairwise_cipher & WPA_CIPHER_GCMP_256)
+ pairwise[n++] = "gcmp-256";
if (!wpa_dbus_dict_append_string_array(&iter_dict, "Pairwise",
pairwise, n))