Lines Matching refs:key
59 * Default "null" key management routines.
68 * Not in the global key table, the driver should handle this
69 * by allocating a slot in the h/w key table/cache. In
70 * lieu of that return key slot 0 for any unicast key
71 * request. We disallow the request if this is a group key.
73 * with a 4 key table. It also handles devices that pass
75 * and key index 0.
79 *keyix = 0; /* NB: use key index 0 for ucast key */
102 cipher_detach(struct ieee80211_key *key)
104 key->wk_cipher->ic_detach(key);
108 cipher_attach(struct ieee80211vap *vap, struct ieee80211_key *key)
110 return key->wk_cipher->ic_attach(vap, key);
114 * Wrappers for driver key management methods.
118 struct ieee80211_key *key,
121 return vap->iv_key_alloc(vap, key, keyix, rxkeyix);
126 const struct ieee80211_key *key)
128 return vap->iv_key_delete(vap, key);
132 dev_key_set(struct ieee80211vap *vap, const struct ieee80211_key *key)
134 return vap->iv_key_set(vap, key);
159 * Default set of key management types supported by net80211.
168 * "old" style way of drivers announcing key management
169 * capabilities. There are many, many more key management
207 * Set the supported software key management by the driver.
209 * These are the key management suites that are supported via
238 * Initialize the driver key support routines to noop entries.
325 * Establish a relationship between the specified key and cipher
327 * Note that when a fixed key index is required it must be specified.
329 * This must be the first call applied to a key; all the other key
338 int cipher, int flags, struct ieee80211_key *key)
348 __func__, cipher, flags, key->wk_keyix);
386 oflags = key->wk_flags;
402 * combination; we handle it by flagging each key,
414 * Bind cipher to key instance. Note we do this
419 if (key->wk_cipher != cip || key->wk_flags != flags) {
426 key->wk_flags = flags;
427 keyctx = cip->ic_attach(vap, key);
432 key->wk_flags = oflags; /* restore old flags */
436 cipher_detach(key);
437 key->wk_cipher = cip; /* XXX refcnt? */
438 key->wk_private = keyctx;
442 * Ask the driver for a key index if we don't have one.
443 * Note that entries in the global key table always have
447 * crypto we also call the driver to give us a key index.
449 if ((key->wk_flags & IEEE80211_KEY_DEVKEY) == 0) {
450 if (!dev_key_alloc(vap, key, &keyix, &rxkeyix)) {
460 if (key->wk_flags != flags) {
463 * resources were unavailable to handle _this_ key.
470 oflags, key->wk_flags);
471 keyctx = cip->ic_attach(vap, key);
476 key->wk_flags);
477 key->wk_flags = oflags; /* restore old flags */
481 cipher_detach(key);
482 key->wk_cipher = cip; /* XXX refcnt? */
483 key->wk_private = keyctx;
485 key->wk_keyix = keyix;
486 key->wk_rxkeyix = rxkeyix;
487 key->wk_flags |= IEEE80211_KEY_DEVKEY;
493 * Remove the key (no locking, for internal use).
496 _ieee80211_crypto_delkey(struct ieee80211vap *vap, struct ieee80211_key *key)
498 KASSERT(key->wk_cipher != NULL, ("No cipher!"));
502 __func__, key->wk_cipher->ic_name,
503 key->wk_keyix, key->wk_flags,
504 key->wk_keyrsc[IEEE80211_NONQOS_TID], key->wk_keytsc,
505 key->wk_keylen);
507 if (key->wk_flags & IEEE80211_KEY_DEVKEY) {
511 /* XXX key cache */
512 if (!dev_key_delete(vap, key)) {
514 "%s: driver did not delete key index %u\n",
515 __func__, key->wk_keyix);
520 cipher_detach(key);
521 memset(key, 0, sizeof(*key));
522 ieee80211_crypto_resetkey(vap, key, IEEE80211_KEYIX_NONE);
527 * Remove the specified key.
530 ieee80211_crypto_delkey(struct ieee80211vap *vap, struct ieee80211_key *key)
535 status = _ieee80211_crypto_delkey(vap, key);
541 * Clear the global key table.
555 * Set the contents of the specified key.
562 ieee80211_crypto_setkey(struct ieee80211vap *vap, struct ieee80211_key *key)
564 const struct ieee80211_cipher *cip = key->wk_cipher;
570 __func__, cip->ic_name, key->wk_keyix,
571 key->wk_flags, ether_sprintf(key->wk_macaddr),
572 key->wk_keyrsc[IEEE80211_NONQOS_TID], key->wk_keytsc,
573 key->wk_keylen);
575 if ((key->wk_flags & IEEE80211_KEY_DEVKEY) == 0) {
578 "%s: no device key setup done; should not happen!\n",
584 * Give cipher a chance to validate key contents.
587 if (!cip->ic_setkey(key)) {
589 "%s: cipher %s rejected key index %u len %u flags 0x%x\n",
590 __func__, cip->ic_name, key->wk_keyix,
591 key->wk_keylen, key->wk_flags);
595 return dev_key_set(vap, key);
599 * Return index if the key is a WEP key (0..3); -1 otherwise.
616 * Note: only supports a single unicast key (0).
635 * Multicast traffic always uses the multicast key.
638 * transmit key if there was no unicast key. This
643 * group key for unicast was a security risk.
650 "no default transmit key (%s) deftxkey %u",
664 * Add privacy headers appropriate for the specified key.
686 struct ieee80211_key **key)
701 * If the IV is stripped then we definitely can't find a key.
702 * Set the key to NULL but return true; upper layers
703 * will need to handle a NULL key for a successful
711 * We can't find a key with a stripped IV.
714 *key = NULL;
725 *key = NULL;
730 * Locate the key. If unicast and there is no unicast
731 * key then we fall back to the key id in the header.
733 * the key id in the header is meaningless (typically 0).
753 *key = NULL;
760 * If we fail then don't return the key - return NULL
765 *key = k;
770 *key = NULL;
800 * modules to handle a NULL key and not to dereference
811 * We may not have a key, so for now just
819 * If we don't have a key at this point then we don't
854 * Keys in the global key table of each vap.
873 * Set the default key index for WEP, or KEYIX_NONE for no default TX key.
875 * This should be done as part of a key update block (iv_key_update_begin /
882 /* XXX TODO: assert we're in a key update block */