nl80211: Indicate SUITE_B_192 capa only when CCMP-256/GCMP-256 supported

SUITE_B_192 AKM capability was indicated for all devices using the
nl80211 driver (without the QCA vendor specific AKM capability
indication). However, some devices can't handle Suite B 192 due to
insufficient ciphers supported. Add a check for CCMP-256 or GCMP-256
cipher support and only indicate SUITE_B_192 capability when such cipher
is supported. This allows compiling with CONFIG_SUITEB192 and still get
proper response to the 'GET_CAPABILITY key_mgmt' command. Under Android
it can also serve as a dynamic way for HAL to query platform for
WPA3-Enterprise 192-bit support.

Signed-off-by: Mikael Kanstrup <mikael.kanstrup@sony.com>
This commit is contained in:
Mikael Kanstrup 2019-10-01 16:19:29 +02:00 committed by Jouni Malinen
parent 46746fc170
commit 937644aa2c

View file

@ -1205,10 +1205,13 @@ int wpa_driver_nl80211_capa(struct wpa_driver_nl80211_data *drv)
WPA_DRIVER_CAPA_KEY_MGMT_WPA2 | WPA_DRIVER_CAPA_KEY_MGMT_WPA2 |
WPA_DRIVER_CAPA_KEY_MGMT_WPA2_PSK | WPA_DRIVER_CAPA_KEY_MGMT_WPA2_PSK |
WPA_DRIVER_CAPA_KEY_MGMT_SUITE_B | WPA_DRIVER_CAPA_KEY_MGMT_SUITE_B |
WPA_DRIVER_CAPA_KEY_MGMT_SUITE_B_192 |
WPA_DRIVER_CAPA_KEY_MGMT_OWE | WPA_DRIVER_CAPA_KEY_MGMT_OWE |
WPA_DRIVER_CAPA_KEY_MGMT_DPP; WPA_DRIVER_CAPA_KEY_MGMT_DPP;
if (drv->capa.enc & (WPA_DRIVER_CAPA_ENC_CCMP_256 |
WPA_DRIVER_CAPA_ENC_GCMP_256))
drv->capa.key_mgmt |= WPA_DRIVER_CAPA_KEY_MGMT_SUITE_B_192;
if (drv->capa.flags & WPA_DRIVER_FLAGS_SME) if (drv->capa.flags & WPA_DRIVER_FLAGS_SME)
drv->capa.key_mgmt |= WPA_DRIVER_CAPA_KEY_MGMT_FILS_SHA256 | drv->capa.key_mgmt |= WPA_DRIVER_CAPA_KEY_MGMT_FILS_SHA256 |
WPA_DRIVER_CAPA_KEY_MGMT_FILS_SHA384 | WPA_DRIVER_CAPA_KEY_MGMT_FILS_SHA384 |