Share via


OID_DOT11_CIPHER_KEY_MAPPING_KEY (Compact 7)

3/12/2014

When set, the OID_DOT11_CIPHER_KEY_MAPPING_KEY object identifier (OID) requests that the miniport driver add, modify, or delete one or more entries in its key-mapping key table.

The 802.11 station uses key-mapping keys for data encryption and decryption between the 802.11 station and a specific AP or peer station in the basic service set (BSS) network. These keys differ from the default cipher keys. This the 802.11 station uses for data encryption and decryption between the 802.11 station and any AP or peer station in the BSS network.

Note

for this OID is mandatory if the 802.11 station supports one or more key-mapping keys. The miniport driver returns the number of key-mapping keys it supports when OID_DOT11_EXTSTA_CAPABILITY is queried.

The data type for this OID is the DOT11_BYTE_ARRAY structure. The miniport driver sets the members of this structure as follows:

  • Header
    The type and size of the DOT11_BYTE_ARRAY structure and the revision of the DOT11_CIPHER_KEY_MAPPING_KEY_VALUE structures that follows it. This member is formatted as an NDIS_OBJECT_HEADER structure.

    The miniport driver must set the members of Header to the following values:

    Type

    This member must be set to NDIS_OBJECT_TYPE_DEFAULT

    Revision

    This member must be set to DOT11_CIPHER_KEY_MAPPING_KEY_VALUE_BYTE_ARRAY_REVISION_1.

    Size

    This member must be set to sizeof(DOT11_BYTE_ARRAY).

    For more information about these members, see NDIS_OBJECT_HEADER.

  • uNumOfBytes
    Number of bytes within the ucBuffer array that relates to the set request
  • uTotalNumOfBytes
    Total number of bytes within the ucBuffer array. This value must be greater than or equal to uNumOfBytes.
  • ucBuffer
    The list of key-mapping keys.

    Each element in the list of key-mapping keys is formatted as a variable-length DOT11_CIPHER_KEY_MAPPING_KEY_VALUE structure. There must not be padding between key entries within the ucBuffer array.

When the OID_DOT11_CIPHER_KEY_MAPPING_KEY OID is set, the miniport driver must do the following:

  • If the 802.11 station does not support key-mapping keys, fail the set request by returning NDIS_STATUS_INVALID_DATA from its MiniportOidRequest function.
  • Follow these guidelines when validating the members of the DOT11_CIPHER_KEY_MAPPING_KEY_VALUE structure in the following ways:
    • If the 802.11 station does not support the cipher algorithm specified by the AlgorithmId member, fail the set request by returning NDIS_STATUS_INVALID_DATA from its MiniportOidRequest function.
    • If the bDelete member of the DOT11_CIPHER_KEY_MAPPING_KEY_VALUE structure is set to TRUE, delete the key material for the key referenced by the PeerMacAddr and Direction members. If the driver had previously deleted the specified key, it must accept the set request by returning NDIS_STATUS_SUCCESS from its MiniportOidRequest function.
  • When modifying TKIP keys, synchronize the key update with the packet-processing path of the 802.11 station.
    For example, the miniport driver must avoid situations in which the packet payload was decrypted by using the old cipher key and verified by using the new message integrity code (MIC) key.

The 802.11 station must clear its key-mapping keys if the following conditions are true:

Requirements

Header

windot11.h

See Also

Reference

Native 802.11 Extensible Station OIDs
OID_DOT11_EXTSTA_CAPABILITY
DOT11_BYTE_ARRAY
NDIS_OBJECT_HEADER
DOT11_CIPHER_KEY_MAPPING_KEY_VALUE
MiniportOidRequest
MiniportInitializeEx
OID_DOT11_RESET_REQUEST
Native 802.11 Wireless LAN OIDs