2008-03-19 19:32:18

by Jouni Malinen

[permalink] [raw]
Subject: Re: [ipw3945-devel] [PATCH 1/5] mac80211: allows driver to request a Phase 2 key

On Wed, Mar 19, 2008 at 06:42:43PM +0200, Emmanuel Grumbach wrote:

> I ran some tests with the following configuration of wpa_supplicant:
> key_mgmt=NONE
> group=WEP104
> wep_key0=123456789A123456789A12345A
> wep_key1=123456789A123456789A12345B
> wep_key2=123456789A123456789A12345C
> wep_key3=123456789A123456789A12345D
> wep_tx_keyidx=2

> From what I saw, the driver got ioctl SIOCSIWAUTH several times, once at the
> very beginning (even before wpa_supplicant read its config file). The value
> was 1, which means 1X in wext language.

I think there may be some misunderstanding here on how SIOCSIWAUTH is
used.. That call for setting IW_AUTH_WPA_ENABLED to 1 (WPA enabled), not
to set key management (IW_AUTH_KEY_MGMT).

> Then I got SIOCSIWENCODEEXT with the keys, right after that.
> There were other SIOCSIWAUTH calls but after SIOCSIWENCODEEXT, they didn't
> help much.

Help with what?

> From include/linux/wireless.h I saw that there are only two "legal" options:
>
> /* IW_AUTH_KEY_MGMT values (bit field) */
> #define IW_AUTH_KEY_MGMT_802_1X 1
> #define IW_AUTH_KEY_MGMT_PSK 2
>
> which is a bit poor... I would need something like
> #define IW_AUTH_KEY_MGMT_NONE 0

Well, there is not an explicit define for that, but zero is indeed used
to indicate that none of the listed key management options are used..

> In any case, this configuration (SIWAUTH with value = 1) seems quite odd
> since I am not running 1X, this value looks like a default value.

That's not what happened here as far as I can tell.. When starting to
associate, wpa_supplicant would end up setting IW_AUTH_KEY_MGMT to 0 in
this particular case.

> I would need to get configured with SIWAUTH value = 0, before
> SIOCSIWENCODEEXT, this would mean for me that the key that will be sent in
> the future are static keys.

The concept of "static keys" is a bit misleading.. And use of
IW_AUTH_KEY_MGMT to distinguish the key type does not sound like the
best thing to do here.

> The value 0 is chosen on purpose: iwconfig doesn't send any SIWAUTH ioctl
> and configures static WEP key. I would like IW_AUTH_KEY_MGMT_NONE to be the
> default in a zeroed struct.

I don't follow this.. IW_AUTH_KEY_MGMT is set to zero if 802.1X or WPA
is not used.

> Jouni, do you aggree that a change is needed in wpa_supplicant / wext to
> support WEP static key and allow mac80211 to differentiate between the
> config I copy pasted before and WEP keys coming from an AP through 1X ?

No, I don't see why something in wpa_supplicant or WEXT would need to be
changed. If the goal is to figure out whether the key that is being
configured is a broadcast/default/group key, the ext_flags field for
SIOCSIWENCODEEXT is has IW_ENCODE_EXT_GROUP_KEY flag. If the key is a
unicast/individual/key-mapping key, this flag is not set. In addition,
the addr.sa_data value is set to ff:ff:ff:ff:ff:ff for
broadcast/default/group keys and to a unicast address for
unicast/individual/key-mapping keys.

Calling the keys "static" or "dynamic" is just going to cause
confusion.. It does not matter whether the keys are statically
configured (e.g., IEEE 802.1X "dynamic keys" for broadcast could be
configured "statically" to support non-IEEE 802.1X STAs). The main
difference is in whether they are broadcast/default/group keys or
individual/unicast/key-mapping keys. As far as I know, this is already
distinguished in the current interface. If not, please let me know exact
details on the case that does not have such information.

The driver will just need to know which key to use in the corner case if
someone were to configure broadcast/default/group key with key index 0
and a unicast/individual key (always key index 0 if one were to follow
the standard) and both could match an incoming frame (the
broadcast/default/group key would be used if the addr1 field is
broadcast/multicast; otherwise, the unicast/individual/key-mapping key
would be used).

--
Jouni Malinen PGP id EFC895FA


2008-03-19 20:56:56

by Tomas Winkler

[permalink] [raw]
Subject: Re: [ipw3945-devel] [PATCH 1/5] mac80211: allows driver to request a Phase 2 key

On Wed, Mar 19, 2008 at 10:10 PM, Jouni Malinen <[email protected]> wrote:
> On Wed, Mar 19, 2008 at 08:41:22PM +0200, Tomas Winkler wrote:
>
> > So how do you call WEP key that is used for both unicast and broadcast
> > i.e the old WEP key.
>
> The IEEE 802.11 name for this would be "default key". IEEE 802.1X (or
> well, RFC 3580 is the authoritative specification for this) calls it
> "broadcast (default key)". Please note that this is not really a key
> that is always used both for unicast and broadcast. If there is a
> key-mapping key (unicast/individual) for the matching
> transmitter/receiver addresses, that key will be used instead. The "old
> WEP key" way of using only statically configured default keys just does
> not set the key-mapping key and because of that, the default key ends up
> being used for all frames (or well, one of the possible four default
> keys).
>
>
> > What mac80211 currently does it's attach it to broadcast address. If
> > there is a group key re keying you don't know whether also unicast key
> > have to be overridden or not since you don't know if this is a
> > 'static/global; key or dynamic group key
>
> I haven't looked at what the current implementation does, but as far as
> WEXT and SIOCSIWENCODEEXT is concerned, IW_ENCODE_EXT_GROUP_KEY flag
> should be used to select which key is being configured. There is no
> difference between "static/global" and "dynamic group" keys. The only
> difference is between default and key-mapping (individual) keys.
>
> Sure, the terminology here can be quite confusing, but as far as I can
> tell, that IW_ENCODE_EXT_GROUP_KEY flag is all that is needed to
> distinguish which key is being configured and configuring a single key
> should not automatically change another one (even if the key index is
> same which could, at least in theory, happen with key index 0 that can
> be used both with default and key-mapping keys).
>

Just trying to translate it to configuration flow: To determine if the
key is old-WEP would be
Use group key as default key for all traffic unless and key-mapping key was set
Is that correct?

I will check how difficult is to do that implementation wise

Thanks
Tomas

>
> --
> Jouni Malinen PGP id EFC895FA
>

2008-03-19 20:10:45

by Jouni Malinen

[permalink] [raw]
Subject: Re: [ipw3945-devel] [PATCH 1/5] mac80211: allows driver to request a Phase 2 key

On Wed, Mar 19, 2008 at 08:41:22PM +0200, Tomas Winkler wrote:

> So how do you call WEP key that is used for both unicast and broadcast
> i.e the old WEP key.

The IEEE 802.11 name for this would be "default key". IEEE 802.1X (or
well, RFC 3580 is the authoritative specification for this) calls it
"broadcast (default key)". Please note that this is not really a key
that is always used both for unicast and broadcast. If there is a
key-mapping key (unicast/individual) for the matching
transmitter/receiver addresses, that key will be used instead. The "old
WEP key" way of using only statically configured default keys just does
not set the key-mapping key and because of that, the default key ends up
being used for all frames (or well, one of the possible four default
keys).

> What mac80211 currently does it's attach it to broadcast address. If
> there is a group key re keying you don't know whether also unicast key
> have to be overridden or not since you don't know if this is a
> 'static/global; key or dynamic group key

I haven't looked at what the current implementation does, but as far as
WEXT and SIOCSIWENCODEEXT is concerned, IW_ENCODE_EXT_GROUP_KEY flag
should be used to select which key is being configured. There is no
difference between "static/global" and "dynamic group" keys. The only
difference is between default and key-mapping (individual) keys.

Sure, the terminology here can be quite confusing, but as far as I can
tell, that IW_ENCODE_EXT_GROUP_KEY flag is all that is needed to
distinguish which key is being configured and configuring a single key
should not automatically change another one (even if the key index is
same which could, at least in theory, happen with key index 0 that can
be used both with default and key-mapping keys).

--
Jouni Malinen PGP id EFC895FA

2008-03-19 19:42:12

by Tomas Winkler

[permalink] [raw]
Subject: Re: [ipw3945-devel] [PATCH 1/5] mac80211: allows driver to request a Phase 2 key

On Wed, Mar 19, 2008 at 7:39 PM, Jouni Malinen <[email protected]> wrote:
> On Wed, Mar 19, 2008 at 06:42:43PM +0200, Emmanuel Grumbach wrote:
>
> > I ran some tests with the following configuration of wpa_supplicant:
>
> > key_mgmt=NONE
> > group=WEP104
> > wep_key0=123456789A123456789A12345A
> > wep_key1=123456789A123456789A12345B
> > wep_key2=123456789A123456789A12345C
> > wep_key3=123456789A123456789A12345D
> > wep_tx_keyidx=2
>
> > From what I saw, the driver got ioctl SIOCSIWAUTH several times, once at the
> > very beginning (even before wpa_supplicant read its config file). The value
> > was 1, which means 1X in wext language.
>
> I think there may be some misunderstanding here on how SIOCSIWAUTH is
> used.. That call for setting IW_AUTH_WPA_ENABLED to 1 (WPA enabled), not
> to set key management (IW_AUTH_KEY_MGMT).
>
>
> > Then I got SIOCSIWENCODEEXT with the keys, right after that.
> > There were other SIOCSIWAUTH calls but after SIOCSIWENCODEEXT, they didn't
> > help much.
>
> Help with what?

As keys were already applied consequent calls SIOCSIWAUTH are not
helpful. Unfortunately the order mattes. As in some cases SIOCSIWAUTH
might not come so the actual setting is triggered by SIOCSIWENCODEEXT.

>
> > From include/linux/wireless.h I saw that there are only two "legal" options:
> >
> > /* IW_AUTH_KEY_MGMT values (bit field) */
> > #define IW_AUTH_KEY_MGMT_802_1X 1
> > #define IW_AUTH_KEY_MGMT_PSK 2
> >
> > which is a bit poor... I would need something like
> > #define IW_AUTH_KEY_MGMT_NONE 0
>
> Well, there is not an explicit define for that, but zero is indeed used
> to indicate that none of the listed key management options are used..
>
>
> > In any case, this configuration (SIWAUTH with value = 1) seems quite odd
> > since I am not running 1X, this value looks like a default value.
>
> That's not what happened here as far as I can tell.. When starting to
> associate, wpa_supplicant would end up setting IW_AUTH_KEY_MGMT to 0 in
> this particular case.

Will try to verify that again

>
> > I would need to get configured with SIWAUTH value = 0, before
> > SIOCSIWENCODEEXT, this would mean for me that the key that will be sent in
> > the future are static keys.
>
> The concept of "static keys" is a bit misleading.. And use of
> IW_AUTH_KEY_MGMT to distinguish the key type does not sound like the
> best thing to do here.
>
>
> > The value 0 is chosen on purpose: iwconfig doesn't send any SIWAUTH ioctl
> > and configures static WEP key. I would like IW_AUTH_KEY_MGMT_NONE to be the
> > default in a zeroed struct.
>
> I don't follow this.. IW_AUTH_KEY_MGMT is set to zero if 802.1X or WPA
> is not used.
>
>
> > Jouni, do you aggree that a change is needed in wpa_supplicant / wext to
> > support WEP static key and allow mac80211 to differentiate between the
> > config I copy pasted before and WEP keys coming from an AP through 1X ?
>
> No, I don't see why something in wpa_supplicant or WEXT would need to be
> changed. If the goal is to figure out whether the key that is being
> configured is a broadcast/default/group key, the ext_flags field for
> SIOCSIWENCODEEXT is has IW_ENCODE_EXT_GROUP_KEY flag. If the key is a
> unicast/individual/key-mapping key, this flag is not set. In addition,
> the addr.sa_data value is set to ff:ff:ff:ff:ff:ff for
> broadcast/default/group keys and to a unicast address for
> unicast/individual/key-mapping keys.



> Calling the keys "static" or "dynamic" is just going to cause
> confusion.. It does not matter whether the keys are statically
> configured (e.g., IEEE 802.1X "dynamic keys" for broadcast could be
> configured "statically" to support non-IEEE 802.1X STAs). The main
> difference is in whether they are broadcast/default/group keys or
> individual/unicast/key-mapping keys. As far as I know, this is already
> distinguished in the current interface. If not, please let me know exact
> details on the case that does not have such information.

> The driver will just need to know which key to use in the corner case if
> someone were to configure broadcast/default/group key with key index 0
> and a unicast/individual key (always key index 0 if one were to follow
> the standard) and both could match an incoming frame (the
> broadcast/default/group key would be used if the addr1 field is
> broadcast/multicast; otherwise, the unicast/individual/key-mapping key
> would be used).
>
>

So how do you call WEP key that is used for both unicast and broadcast
i.e the old WEP key.
It's not attached to any particular address it's global BSS key. The
true is that you don't need
a supplicant to configure it yet wpa_supplicant has this option so
people do that.

What mac80211 currently does it's attach it to broadcast address. If
there is a group key re keying you don't know whether also unicast key
have to be overridden or not since you don't know if this is a
'static/global; key or dynamic group key


Thanks
Tomas

2008-03-19 22:04:48

by Tomas Winkler

[permalink] [raw]
Subject: Re: [ipw3945-devel] [PATCH 1/5] mac80211: allows driver to request a Phase 2 key

On Wed, Mar 19, 2008 at 10:15 PM, Johannes Berg
<[email protected]> wrote:
>
> > The IEEE 802.11 name for this would be "default key". IEEE 802.1X (or
> > well, RFC 3580 is the authoritative specification for this) calls it
> > "broadcast (default key)". Please note that this is not really a key
> > that is always used both for unicast and broadcast. If there is a
> > key-mapping key (unicast/individual) for the matching
> > transmitter/receiver addresses, that key will be used instead. The "old
> > WEP key" way of using only statically configured default keys just does
> > not set the key-mapping key and because of that, the default key ends up
> > being used for all frames (or well, one of the possible four default
> > keys).
>
> That agrees with what I did in mac80211, but not with Intel's hardware.

You wish, you didn't have clue yourself :)

> johannes
>

2008-03-20 07:36:59

by Jouni Malinen

[permalink] [raw]
Subject: Re: [ipw3945-devel] [PATCH 1/5] mac80211: allows driver to request a Phase 2 key

On Thu, Mar 20, 2008 at 09:09:16AM +0200, Emmanuel Grumbach wrote:

> Regarding SIOCSIWENCODE, I understand that there is no need to support it
> (at least wrt wpa_supplicant) since mac80211 supports SIOCSIWENCODEEXT
> and wpa_supplicant won't send SIOCSIWENCODE if SIOCSIWENCODEEXT
> call succeeds right ?

Yes. It would probably be enough to just assume the SIOCSIWENCODE is
being used only for default keys. wpa_supplicant will always try to use
SIOCSIWENCODEEXT first and in case of mac80211, SIOCSIWENCODE won't be
used for setting keys.

--
Jouni Malinen PGP id EFC895FA

2008-03-19 22:11:57

by Johannes Berg

[permalink] [raw]
Subject: Re: [ipw3945-devel] [PATCH 1/5] mac80211: allows driver to request a Phase 2 key


On Thu, 2008-03-20 at 00:04 +0200, Tomas Winkler wrote:
> On Wed, Mar 19, 2008 at 10:15 PM, Johannes Berg
> <[email protected]> wrote:
> >
> > > The IEEE 802.11 name for this would be "default key". IEEE 802.1X (or
> > > well, RFC 3580 is the authoritative specification for this) calls it
> > > "broadcast (default key)". Please note that this is not really a key
> > > that is always used both for unicast and broadcast. If there is a
> > > key-mapping key (unicast/individual) for the matching
> > > transmitter/receiver addresses, that key will be used instead. The "old
> > > WEP key" way of using only statically configured default keys just does
> > > not set the key-mapping key and because of that, the default key ends up
> > > being used for all frames (or well, one of the possible four default
> > > keys).
> >
> > That agrees with what I did in mac80211, but not with Intel's hardware.
>
> You wish, you didn't have clue yourself :)

I know :P
I actually just cleaned up the original code (and added the distinction
for TX-only keys.)

Actually, it makes things quite complicated for the driver because it
has to keep track of whether pairwise keys are enabled even if they are
for an encryption algorithm that it doesn't handle. I suppose making
mac80211 track that would be nicer.

johannes


Attachments:
signature.asc (828.00 B)
This is a digitally signed message part

2008-03-19 20:15:53

by Johannes Berg

[permalink] [raw]
Subject: Re: [ipw3945-devel] [PATCH 1/5] mac80211: allows driver to request a Phase 2 key


> The IEEE 802.11 name for this would be "default key". IEEE 802.1X (or
> well, RFC 3580 is the authoritative specification for this) calls it
> "broadcast (default key)". Please note that this is not really a key
> that is always used both for unicast and broadcast. If there is a
> key-mapping key (unicast/individual) for the matching
> transmitter/receiver addresses, that key will be used instead. The "old
> WEP key" way of using only statically configured default keys just does
> not set the key-mapping key and because of that, the default key ends up
> being used for all frames (or well, one of the possible four default
> keys).

That agrees with what I did in mac80211, but not with Intel's hardware.

johannes


Attachments:
signature.asc (828.00 B)
This is a digitally signed message part

2008-03-20 07:09:18

by Emmanuel Grumbach

[permalink] [raw]
Subject: Re: [ipw3945-devel] [PATCH 1/5] mac80211: allows driver to request a Phase 2 key

> I haven't looked at what the current implementation does, but as far as
> WEXT and SIOCSIWENCODEEXT is concerned, IW_ENCODE_EXT_GROUP_KEY flag
> should be used to select which key is being configured. There is no
> difference between "static/global" and "dynamic group" keys. The only
> difference is between default and key-mapping (individual) keys.
>
> Sure, the terminology here can be quite confusing, but as far as I can
> tell, that IW_ENCODE_EXT_GROUP_KEY flag is all that is needed to
> distinguish which key is being configured and configuring a single key
> should not automatically change another one (even if the key index is
> same which could, at least in theory, happen with key index 0 that can
> be used both with default and key-mapping keys).
>

Ok, I tested this flag, this will be enough (AFAIK for the moment) to
distinguish
which key is being configured.
Regarding SIOCSIWENCODE, I understand that there is no need to support it
(at least wrt wpa_supplicant) since mac80211 supports SIOCSIWENCODEEXT
and wpa_supplicant won't send SIOCSIWENCODE if SIOCSIWENCODEEXT
call succeeds right ?

iwconfig sends SIOCSIWENCODE but AFAIK, iwconfig configs only default keys (or
broadcast (default key) as RFC 3580 calls it), so no possibility to be
mistaken here...

Thanks for you help !

>
>
> --
> Jouni Malinen PGP id EFC895FA
>



--
Emmanuel Grumbach
[email protected]