OID_DOT11_CIPHER_DEFAULT_KEY (Compact 2013)

3/26/2014

When set, the OID_DOT11_CIPHER_DEFAULT_KEY object identifier (OID) requests that the miniport driver add, modify, or delete an entry in its default key or per-station default key tables.

Note

Support for this OID is mandatory if the 802.11 station supports any cipher algorithms. The miniport driver returns a list of supported cipher algorithms when OID_DOT11_SUPPORTED_UNICAST_ALGORITHM_PAIR or OID_DOT11_SUPPORTED_MULTICAST_ALGORITHM_PAIR are queried.

The data type for this OID is the DOT11_CIPHER_DEFAULT_KEY_VALUE structure.

When the OID_DOT11_CIPHER_DEFAULT_KEY OID is set, the miniport driver must follow these guidelines:

  • If the 802.11 station does not support the cipher algorithm that is specified by the AlgorithmId member, fail the set request by returning NDIS_STATUS_INVALID_DATA from its MiniportOidRequest function.
  • If the specified cipher algorithm does not support the key index that is specified by the uKeyIndex member, fail the set request by returning NDIS_STATUS_INVALID_DATA from its MiniportOidRequest function.
  • If the dot11DesiredBSSType management information base (MIB) object is set to dot11_BSS_type_independent and the MacAddr member is not set to 0x000000000000, the key defined by the DOT11_CIPHER_KEY_MAPPING_KEY_VALUE8a6fdd29-92d5-43c4-947a-f541d0f37e78 structure is a per-station cipher key.
    In this situation, the miniport driver must fail the set request if any one of the following is true:
    • The dot11DesiredBSSType management information base (MIB) object is not set to dot11_BSS_type_independent. In this situation, the miniport driver returns NDIS_STATUS_INVALID_DATA from its MiniportOidRequest function.For more information about the dot11DesiredBSSType MIB object, see OID_DOT11_DESIRED_BSS_TYPE.
    • MacAddr is not a valid unicast MAC address. In this situation, the miniport driver returns NDIS_STATUS_INVALID_DATA from its MiniportOidRequest function.
    • A per-station default key table referenced by MacAddr does not exist and the 802.11 station does not have the resources to add a per-station default key table. In this situation, the driver returns NDIS_STATUS_INVALID_LENGTH from its MiniportOidRequest function.

Note

The miniport driver returns the number of per-station default key tables supported by the 802.11 station when OID_DOT11_EXTSTA_CAPABILITY is queried.

  • If the bDelete member is set to TRUE, delete the key material for the key referenced by the uKeyIndex member. If the driver had previously deleted the specified key, it must accept the set request by returning NDIS_STATUS_SUCCESS from its MiniportOidRequest function.

When modifying TKIP keys, the miniport driver must synchronize the key update with the packet-processing path on the 802.11 station.

For example, the miniport driver must avoid situations in which the packet payload was decrypted by using the old cipher key and verified by using the new message integrity code (MIC) key.

The 802.11 station must clear its default keys in the following situations:

Requirements

Header

windot11.h

See Also

Reference

Native 802.11 Extensible Station OIDs
OID_DOT11_SUPPORTED_UNICAST_ALGORITHM_PAIR
OID_DOT11_SUPPORTED_MULTICAST_ALGORITHM_PAIR
DOT11_CIPHER_DEFAULT_KEY_VALUE
MiniportOidRequest
DOT11_CIPHER_KEY_MAPPING_KEY_VALUE
OID_DOT11_DESIRED_BSS_TYPE
OID_DOT11_EXTSTA_CAPABILITY
MiniportInitializeEx
OID_DOT11_RESET_REQUEST
Native 802.11 Wireless LAN OIDs