15a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt/* 25a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt * IEEE Std 802.1X-2010 definitions 35a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt * Copyright (c) 2013-2014, Qualcomm Atheros, Inc. 45a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt * 55a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt * This software may be distributed under the terms of the BSD license. 65a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt * See README for more details. 75a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt */ 85a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 95a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt#ifndef IEEE802_1X_DEFS_H 105a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt#define IEEE802_1X_DEFS_H 115a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 125a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt#define CS_ID_LEN 8 135a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt#define CS_ID_GCM_AES_128 {0x00, 0x80, 0x02, 0x00, 0x01, 0x00, 0x00, 0x01} 145a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt#define CS_NAME_GCM_AES_128 "GCM-AES-128" 155a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 165a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidtenum macsec_policy { 175a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt /** 185a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt * Should secure sessions. 195a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt * This accepts key server's advice to determine whether to secure the 205a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt * session or not. 215a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt */ 225a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt SHOULD_SECURE, 235a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 245a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt /** 255a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt * Disabled MACsec - do not secure sessions. 265a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt */ 275a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt DO_NOT_SECURE, 285a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt}; 295a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 305a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 315a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt/* IEEE Std 802.1X-2010 - Table 11-6 - MACsec Capability */ 325a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidtenum macsec_cap { 335a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt /** 345a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt * MACsec is not implemented 355a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt */ 365a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt MACSEC_CAP_NOT_IMPLEMENTED, 375a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 385a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt /** 395a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt * 'Integrity without confidentiality' 405a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt */ 415a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt MACSEC_CAP_INTEGRITY, 425a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 435a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt /** 445a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt * 'Integrity without confidentiality' and 455a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt * 'Integrity and confidentiality' with a confidentiality offset of 0 465a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt */ 475a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt MACSEC_CAP_INTEG_AND_CONF, 485a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 495a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt /** 505a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt * 'Integrity without confidentiality' and 515a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt * 'Integrity and confidentiality' with a confidentiality offset of 0, 525a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt * 30, 50 535a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt */ 545a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt MACSEC_CAP_INTEG_AND_CONF_0_30_50, 555a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt}; 565a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 575a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidtenum validate_frames { 585a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt Disabled, 595a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt Checked, 605a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt Strict, 615a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt}; 625a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 635a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt/* IEEE Std 802.1X-2010 - Table 11-6 - Confidentiality Offset */ 645a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidtenum confidentiality_offset { 655a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt CONFIDENTIALITY_NONE = 0, 665a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt CONFIDENTIALITY_OFFSET_0 = 1, 675a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt CONFIDENTIALITY_OFFSET_30 = 2, 685a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt CONFIDENTIALITY_OFFSET_50 = 3, 695a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt}; 705a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 715a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt/* IEEE Std 802.1X-2010 - Table 9-2 */ 725a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt#define DEFAULT_PRIO_INFRA_PORT 0x10 735a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt#define DEFAULT_PRIO_PRIMRAY_AP 0x30 745a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt#define DEFAULT_PRIO_SECONDARY_AP 0x50 755a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt#define DEFAULT_PRIO_GROUP_CA_MEMBER 0x70 765a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt#define DEFAULT_PRIO_NOT_KEY_SERVER 0xFF 775a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 785a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt#endif /* IEEE802_1X_DEFS_H */ 79