On Thu, 2017-05-25 at 08:40 +1000, Tobin C. Harding wrote:

On Wed, May 24, 2017 at 08:06:40PM +0200, Johannes Berg wrote:

quoted

Just a small correction:

On Wed, 2017-05-24 at 11:44 -0500, Dan Williams wrote:

quoted

For RSN, they are 1 = PMK, 2 = GMK, 3 = GMK2, 4 seems unused.

PTK and GTK, and in theory you could have more than two GTKs but
that's
not usually done.

Excuse my ignorance but why do you say PTK and GTK here? Who
generates
the transient keys, hardware, firmware or software? Is this device
specific or is there a *normal* way?

From the nomenclature in the WEXT driver I thought the driver
supplied the
master keys to the firmware and transient keys were generated at the
firmware layer or lower.

Usually the supplicant supplies only the PTK/GTK to the driver at the
right times (like during the 4-way handshake).  It looks like the
driver only refers to PMK/GMK when using the rx_seq[] bits, while the
actual WPA keys are probably the PTK/GTK.

While it's not the best example, see
drivers/net/wireless/marvell/libertas/cfg.c and lbs_cfg_connect() and
lbs_cfg_add_key().  That should translate fairly well to the ks7010
driver.  The important parts you'll get from nl80211 are
add_key/del_key and set_default_key.  The connect hook gets called
first to tell the driver to start the auth/assoc process to a given AP,
 and that's where you'd set up the general stuff like whether or not
you'll use WEP or WPA, what the SSID/BSSID are, whether PSK or
EAPOL/802.1x, rates, etc.  Then after that you'll get the add_key hook
that actually sends the real keys to the driver when the supplicant has
calculated them.


Dan