Add a new crypto key flag - IEEE80211_KEY_MFP - which is set when a key
is used for MFP encryption. The driver layer may need to know this
in case it can't do MFP CCMP encryption/decryption in software (due
to the AAD / nonce fields being slightly different) and this is
the only place for it to know what's going on.
Note this is only currently being set on the unicast key in a way
that will likely only work in STA mode.
This will need some further thought for the group decryption
keys in STA mode (as there's no node at this point, so the only
hint about the current configuration is the negotiated VAP mode)
and the group encryption/decryption keys in AP mode (similar
issues.)