From 5f84a786382a4ae7a87cb8ffeaeb68af1bdcc5a5 Mon Sep 17 00:00:00 2001 From: James Prestwood Date: Wed, 2 Nov 2022 15:51:07 -0700 Subject: [PATCH] ie: add group/pairwise lists of supported ciphers The validation of these ciphers for station is done when parsing the BSS RSNE but for AP mode there is no such validation and potentially any supported cipher could be chosen, even if its incompatible for the type of key. --- src/ie.h | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/src/ie.h b/src/ie.h index 53311854..c9a6c783 100644 --- a/src/ie.h +++ b/src/ie.h @@ -401,6 +401,25 @@ static inline bool IE_CIPHER_IS_GCMP_CCMP(uint32_t cipher_suite) IE_RSN_CIPHER_SUITE_GCMP_256); } +#define IE_GROUP_CIPHERS \ +( \ + IE_RSN_CIPHER_SUITE_TKIP | \ + IE_RSN_CIPHER_SUITE_CCMP | \ + IE_RSN_CIPHER_SUITE_GCMP | \ + IE_RSN_CIPHER_SUITE_GCMP_256 | \ + IE_RSN_CIPHER_SUITE_CCMP_256 \ +) + +/* + * Since WEP is unsupported we can just use the group cipher list with + * "Use group cipher" appended + */ +#define IE_PAIRWISE_CIPHERS \ +( \ + IE_GROUP_CIPHERS | \ + IE_RSN_CIPHER_SUITE_USE_GROUP_CIPHER \ +) + #define IE_LEN(ie) \ ((ie) ? (ie)[1] + 2 : 0)