Important The Native 802.11 Wireless LAN interface is deprecated in Windows 10 and later. Please use the WLAN Device Driver Interface (WDI) instead. For more information about WDI, see WLAN Universal Windows driver model.
When set, the OID_DOT11_CIPHER_KEY_MAPPING_KEY object identifier (OID) requests that the miniport driver add, modify, or delete one or more entries in its key-mapping key table.
The 802.11 station uses key-mapping keys for data encryption and decryption between the 802.11 station and a specific AP or peer station in the basic service set (BSS) network. These keys are different from the default cipher keys, which the 802.11 station uses for data encryption and decryption between the 802.11 station and any AP or peer station in the BSS network.
Note Support for this OID is mandatory if the 802.11 station supports one or more key-mapping keys. The miniport driver returns the number of key-mapping keys it supports when OID_DOT11_EXTSTA_CAPABILITY is queried.
The data type for this OID is the DOT11_BYTE_ARRAY structure. The miniport driver sets the members of this structure as follows:
The type and size of the DOT11_BYTE_ARRAY structure and the revision of the DOT11_CIPHER_KEY_MAPPING_KEY_VALUE structures that follows it. This member is formatted as an NDIS_OBJECT_HEADER structure.
The miniport driver must set the members of Header to the following values:
For more information about these members, see NDIS_OBJECT_HEADER.
Each element in the list of key-mapping keys is formatted as a variable-length DOT11_CIPHER_KEY_MAPPING_KEY_VALUE structure. There must not be padding between key entries within the ucBuffer array.
When the OID_DOT11_CIPHER_KEY_MAPPING_KEY OID is set, the miniport driver must do the following:
If the 802.11 station does not support key-mapping keys, fail the set request by returning NDIS_STATUS_INVALID_DATA from its MiniportOidRequest function.
Follow these guidelines when validating the members of the DOT11_CIPHER_KEY_MAPPING_KEY_VALUE structure in the following ways:
- If the 802.11 station does not support the cipher algorithm specified by the AlgorithmId member, fail the set request by returning NDIS_STATUS_INVALID_DATA from its MiniportOidRequest function.
- If the bDelete member of the DOT11_CIPHER_KEY_MAPPING_KEY_VALUE structure is set to TRUE, delete the key material for the key referenced by the PeerMacAddr and Direction members. If the driver had previously deleted the specified key, it must accept the set request by returning NDIS_STATUS_SUCCESS from its MiniportOidRequest function.
When modifying TKIP keys, synchronize the key update with the packet-processing path of the 802.11 station.
For example, the miniport driver must avoid situations in which the packet payload was decrypted using the old cipher key and verified using the new message integrity code (MIC) key.
The 802.11 station must clear its key-mapping keys if the following conditions are met:
The miniport driver's MiniportInitializeEx function is called.
A method request of OID_DOT11_RESET_REQUEST is made to reset the MAC layer of the 802.11 station.
Available in Windows Vista and later versions of the Windows operating systems.
|Windot11.h (include Ndis.h)|