gcmp priority!

[Adrian Chadd]

hi!

I'm adding GCMP support to FreeBSD. I've got the crypto support in
net80211 working and all the driver caps / cipher caps / etc all
setup. And yes I'm doing this on 11n/11ac NICs as net80211 don't
currently support WPA3/MFP, 11ad, 11ax, etc in the stack (but yes,
this is all along the trajectory for WPA3/MFP.)

Anyway! I've noticed that while yes I can add GCMP to hostapd and
wpa_supplicant configs, wpa_supplicant REALLY only wants to negotiate
GCMP if it's the only cipher listed. If there's GCMP and CCMP
available, wpa_supplicant reliably chooses CCMP.

I think i've traced down where in the source this is happening, as
it's choosing CCMP for default for non-11ad, and GCMP default for
11ad.

My questions however are with how the 802.11 specification
could/should allow for cipher choices / priorities.

* I haven't found anything in 802.11-2020 section 12 (security) that
indicates a formal cipher priority. Is there a formal cipher priority?
Is there anything stopping wpa_supplicant from choosing GCMP over CCMP
if an AP advertises both?
* Is it legal to have GCMP as a pairwise key and CCMP as a group key?
* Has anyone else tried this, and found weird interoperability issues?

Thanks!


-adrian

(adrian at freebsd.org)