15a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt/* 25a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt * IEEE 802.1X-2010 Key Agree Protocol of PAE state machine 35a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt * Copyright (c) 2013, Qualcomm Atheros, Inc. 45a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt * 55a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt * This software may be distributed under the terms of the BSD license. 65a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt * See README for more details. 75a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt */ 85a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 95a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt#ifndef IEEE802_1X_KAY_I_H 105a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt#define IEEE802_1X_KAY_I_H 115a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 125a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt#include "utils/list.h" 135a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt#include "common/defs.h" 145a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt#include "common/ieee802_1x_defs.h" 155a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 165a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt#define MKA_VERSION_ID 1 175a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 185a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt/* IEEE Std 802.1X-2010, 11.11.1, Table 11-7 */ 195a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidtenum mka_packet_type { 205a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt MKA_BASIC_PARAMETER_SET = MKA_VERSION_ID, 215a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt MKA_LIVE_PEER_LIST = 1, 225a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt MKA_POTENTIAL_PEER_LIST = 2, 235a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt MKA_SAK_USE = 3, 245a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt MKA_DISTRIBUTED_SAK = 4, 255a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt MKA_DISTRIBUTED_CAK = 5, 265a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt MKA_KMD = 6, 275a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt MKA_ANNOUNCEMENT = 7, 285a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt MKA_ICV_INDICATOR = 255 295a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt}; 305a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 315a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt#define ICV_LEN 16 /* 16 bytes */ 325a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt#define SAK_WRAPPED_LEN 24 335a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt/* KN + Wrapper SAK */ 345a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt#define DEFAULT_DIS_SAK_BODY_LENGTH (SAK_WRAPPED_LEN + 4) 355a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt#define MAX_RETRY_CNT 5 365a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 375a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidtstruct ieee802_1x_kay; 385a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 395a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidtstruct ieee802_1x_mka_peer_id { 405a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u8 mi[MI_LEN]; 415a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 mn; 425a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt}; 435a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 445a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidtstruct ieee802_1x_kay_peer { 455a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt struct ieee802_1x_mka_sci sci; 465a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u8 mi[MI_LEN]; 475a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 mn; 485a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt time_t expire; 495a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt Boolean is_key_server; 505a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u8 key_server_priority; 515a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt Boolean macsec_desired; 525a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt enum macsec_cap macsec_capbility; 535a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt Boolean sak_used; 545a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt struct dl_list list; 555a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt}; 565a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 575a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidtstruct key_conf { 585a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u8 *key; 595a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt struct ieee802_1x_mka_ki ki; 605a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt enum confidentiality_offset offset; 615a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u8 an; 625a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt Boolean tx; 635a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt Boolean rx; 645a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt int key_len; /* unit: byte */ 655a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt}; 665a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 675a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidtstruct data_key { 685a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u8 *key; 695a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt int key_len; 705a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt struct ieee802_1x_mka_ki key_identifier; 715a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt enum confidentiality_offset confidentiality_offset; 725a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u8 an; 735a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt Boolean transmits; 745a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt Boolean receives; 755a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt struct os_time created_time; 765a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 next_pn; 775a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 785a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt /* not defined data */ 795a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt Boolean rx_latest; 805a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt Boolean tx_latest; 815a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 825a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt int user; /* FIXME: to indicate if it can be delete safely */ 835a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 845a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt struct dl_list list; 855a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt}; 865a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 875a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt/* TransmitSC in IEEE Std 802.1AE-2006, Figure 10-6 */ 885a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidtstruct transmit_sc { 895a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt struct ieee802_1x_mka_sci sci; /* const SCI sci */ 905a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt Boolean transmitting; /* bool transmitting (read only) */ 915a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 925a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt struct os_time created_time; /* Time createdTime */ 935a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 945a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u8 encoding_sa; /* AN encodingSA (read only) */ 955a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u8 enciphering_sa; /* AN encipheringSA (read only) */ 965a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 975a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt /* not defined data */ 985a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt unsigned int channel; 995a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 1005a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt struct dl_list list; 1015a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt struct dl_list sa_list; 1025a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt}; 1035a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 1045a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt/* TransmitSA in IEEE Std 802.1AE-2006, Figure 10-6 */ 1055a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidtstruct transmit_sa { 1065a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt Boolean in_use; /* bool inUse (read only) */ 1075a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 next_pn; /* PN nextPN (read only) */ 1085a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt struct os_time created_time; /* Time createdTime */ 1095a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 1105a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt Boolean enable_transmit; /* bool EnableTransmit */ 1115a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 1125a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u8 an; 1135a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt Boolean confidentiality; 1145a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt struct data_key *pkey; 1155a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 1165a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt struct transmit_sc *sc; 1175a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt struct dl_list list; /* list entry in struct transmit_sc::sa_list */ 1185a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt}; 1195a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 1205a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt/* ReceiveSC in IEEE Std 802.1AE-2006, Figure 10-6 */ 1215a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidtstruct receive_sc { 1225a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt struct ieee802_1x_mka_sci sci; /* const SCI sci */ 1235a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt Boolean receiving; /* bool receiving (read only) */ 1245a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 1255a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt struct os_time created_time; /* Time createdTime */ 1265a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 1275a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt unsigned int channel; 1285a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 1295a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt struct dl_list list; 1305a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt struct dl_list sa_list; 1315a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt}; 1325a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 1335a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt/* ReceiveSA in IEEE Std 802.1AE-2006, Figure 10-6 */ 1345a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidtstruct receive_sa { 1355a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt Boolean enable_receive; /* bool enableReceive */ 1365a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt Boolean in_use; /* bool inUse (read only) */ 1375a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 1385a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 next_pn; /* PN nextPN (read only) */ 1395a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 lowest_pn; /* PN lowestPN (read only) */ 1405a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u8 an; 1415a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt struct os_time created_time; 1425a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 1435a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt struct data_key *pkey; 1445a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt struct receive_sc *sc; /* list entry in struct receive_sc::sa_list */ 1455a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 1465a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt struct dl_list list; 1475a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt}; 1485a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 1495a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidtstruct macsec_ciphersuite { 1505a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u8 id[CS_ID_LEN]; 1515a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt char name[32]; 1525a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt enum macsec_cap capable; 1535a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt int sak_len; /* unit: byte */ 1545a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 1555a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 index; 1565a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt}; 1575a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 1585a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidtstruct mka_alg { 1595a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u8 parameter[4]; 1605a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt size_t cak_len; 1615a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt size_t kek_len; 1625a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt size_t ick_len; 1635a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt size_t icv_len; 1645a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 1655a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt int (*cak_trfm)(const u8 *msk, const u8 *mac1, const u8 *mac2, u8 *cak); 1665a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt int (*ckn_trfm)(const u8 *msk, const u8 *mac1, const u8 *mac2, 1675a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt const u8 *sid, size_t sid_len, u8 *ckn); 1685a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt int (*kek_trfm)(const u8 *cak, const u8 *ckn, size_t ckn_len, u8 *kek); 1695a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt int (*ick_trfm)(const u8 *cak, const u8 *ckn, size_t ckn_len, u8 *ick); 1705a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt int (*icv_hash)(const u8 *ick, const u8 *msg, size_t msg_len, u8 *icv); 1715a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 1725a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt int index; /* index for configuring */ 1735a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt}; 1745a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 1755a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt#define DEFAULT_MKA_ALG_INDEX 0 1765a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 1775a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt/* See IEEE Std 802.1X-2010, 9.16 MKA management */ 1785a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidtstruct ieee802_1x_mka_participant { 1795a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt /* used for active and potential participant */ 1805a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt struct mka_key_name ckn; 1815a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt struct mka_key cak; 1825a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt Boolean cached; 1835a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 1845a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt /* used by management to monitor and control activation */ 1855a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt Boolean active; 1865a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt Boolean participant; 1875a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt Boolean retain; 1885a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 1895a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt enum { DEFAULT, DISABLED, ON_OPER_UP, ALWAYS } activate; 1905a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 1915a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt /* used for active participant */ 1925a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt Boolean principal; 1935a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt struct dl_list live_peers; 1945a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt struct dl_list potential_peers; 1955a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 1965a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt /* not defined in IEEE 802.1X */ 1975a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt struct dl_list list; 1985a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 1995a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt struct mka_key kek; 2005a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt struct mka_key ick; 2015a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 2025a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt struct ieee802_1x_mka_ki lki; 2035a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u8 lan; 2045a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt Boolean ltx; 2055a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt Boolean lrx; 2065a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 2075a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt struct ieee802_1x_mka_ki oki; 2085a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u8 oan; 2095a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt Boolean otx; 2105a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt Boolean orx; 2115a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 2125a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt Boolean is_key_server; 2135a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt Boolean is_obliged_key_server; 2145a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt Boolean can_be_key_server; 2155a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt Boolean is_elected; 2165a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 2175a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt struct dl_list sak_list; 2185a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt struct dl_list rxsc_list; 2195a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 2205a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt struct transmit_sc *txsc; 2215a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 2225a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u8 mi[MI_LEN]; 2235a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 mn; 2245a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 2255a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt struct ieee802_1x_mka_peer_id current_peer_id; 2265a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt struct ieee802_1x_mka_sci current_peer_sci; 2275a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt time_t cak_life; 2285a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt time_t mka_life; 2295a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt Boolean to_dist_sak; 2305a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt Boolean to_use_sak; 2315a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt Boolean new_sak; 2325a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 2335a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt Boolean advised_desired; 2345a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt enum macsec_cap advised_capability; 2355a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 2365a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt struct data_key *new_key; 2375a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 retry_count; 2385a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 2395a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt struct ieee802_1x_kay *kay; 2405a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt}; 2415a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 2425a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidtstruct ieee802_1x_mka_hdr { 2435a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt /* octet 1 */ 2445a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 type:8; 2455a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt /* octet 2 */ 2465a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 reserve:8; 2475a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt /* octet 3 */ 2485a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt#if __BYTE_ORDER == __LITTLE_ENDIAN 2495a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 length:4; 2505a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 reserve1:4; 2515a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt#elif __BYTE_ORDER == __BIG_ENDIAN 2525a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 reserve1:4; 2535a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 length:4; 2545a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt#else 2555a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt#error "Please fix <bits/endian.h>" 2565a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt#endif 2575a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt /* octet 4 */ 2585a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 length1:8; 2595a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt}; 2605a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 2615a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt#define MKA_HDR_LEN sizeof(struct ieee802_1x_mka_hdr) 2625a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 2635a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidtstruct ieee802_1x_mka_basic_body { 2645a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt /* octet 1 */ 2655a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 version:8; 2665a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt /* octet 2 */ 2675a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 priority:8; 2685a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt /* octet 3 */ 2695a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt#if __BYTE_ORDER == __LITTLE_ENDIAN 2705a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 length:4; 2715a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 macsec_capbility:2; 2725a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 macsec_desired:1; 2735a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 key_server:1; 2745a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt#elif __BYTE_ORDER == __BIG_ENDIAN 2755a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 key_server:1; 2765a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 macsec_desired:1; 2775a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 macsec_capbility:2; 2785a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 length:4; 2795a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt#endif 2805a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt /* octet 4 */ 2815a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 length1:8; 2825a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 2835a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt struct ieee802_1x_mka_sci actor_sci; 2845a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u8 actor_mi[MI_LEN]; 2855a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 actor_mn; 2865a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u8 algo_agility[4]; 2875a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 2885a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt /* followed by CAK Name*/ 2895a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u8 ckn[0]; 2905a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt}; 2915a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 2925a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidtstruct ieee802_1x_mka_peer_body { 2935a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt /* octet 1 */ 2945a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 type:8; 2955a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt /* octet 2 */ 2965a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 reserve:8; 2975a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt /* octet 3 */ 2985a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt#if __BYTE_ORDER == __LITTLE_ENDIAN 2995a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 length:4; 3005a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 reserve1:4; 3015a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt#elif __BYTE_ORDER == __BIG_ENDIAN 3025a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 reserve1:4; 3035a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 length:4; 3045a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt#endif 3055a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt /* octet 4 */ 3065a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 length1:8; 3075a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 3085a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u8 peer[0]; 3095a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt /* followed by Peers */ 3105a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt}; 3115a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 3125a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidtstruct ieee802_1x_mka_sak_use_body { 3135a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt /* octet 1 */ 3145a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 type:8; 3155a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt /* octet 2 */ 3165a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt#if __BYTE_ORDER == __LITTLE_ENDIAN 3175a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 orx:1; 3185a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 otx:1; 3195a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 oan:2; 3205a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 lrx:1; 3215a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 ltx:1; 3225a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 lan:2; 3235a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt#elif __BYTE_ORDER == __BIG_ENDIAN 3245a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 lan:2; 3255a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 ltx:1; 3265a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 lrx:1; 3275a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 oan:2; 3285a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 otx:1; 3295a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 orx:1; 3305a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt#endif 3315a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 3325a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt /* octet 3 */ 3335a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt#if __BYTE_ORDER == __LITTLE_ENDIAN 3345a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 length:4; 3355a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 delay_protect:1; 3365a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 reserve:1; 3375a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 prx:1; 3385a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 ptx:1; 3395a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt#elif __BYTE_ORDER == __BIG_ENDIAN 3405a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 ptx:1; 3415a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 prx:1; 3425a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 reserve:1; 3435a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 delay_protect:1; 3445a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 length:4; 3455a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt#endif 3465a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 3475a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt /* octet 4 */ 3485a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 length1:8; 3495a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 3505a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt /* octet 5 - 16 */ 3515a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u8 lsrv_mi[MI_LEN]; 3525a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt /* octet 17 - 20 */ 3535a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 lkn; 3545a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt /* octet 21 - 24 */ 3555a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 llpn; 3565a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 3575a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt /* octet 25 - 36 */ 3585a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u8 osrv_mi[MI_LEN]; 3595a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt /* octet 37 - 40 */ 3605a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 okn; 3615a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt /* octet 41 - 44 */ 3625a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 olpn; 3635a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt}; 3645a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 3655a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 3665a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidtstruct ieee802_1x_mka_dist_sak_body { 3675a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt /* octet 1 */ 3685a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 type:8; 3695a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt /* octet 2 */ 3705a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt#if __BYTE_ORDER == __LITTLE_ENDIAN 3715a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 reserve:4; 3725a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 confid_offset:2; 3735a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 dan:2; 3745a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt#elif __BYTE_ORDER == __BIG_ENDIAN 3755a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 dan:2; 3765a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 confid_offset:2; 3775a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 reserve:4; 3785a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt#endif 3795a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt /* octet 3 */ 3805a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt#if __BYTE_ORDER == __LITTLE_ENDIAN 3815a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 length:4; 3825a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 reserve1:4; 3835a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt#elif __BYTE_ORDER == __BIG_ENDIAN 3845a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 reserve1:4; 3855a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 length:4; 3865a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt#endif 3875a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt /* octet 4 */ 3885a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 length1:8; 3895a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt /* octet 5 - 8 */ 3905a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 kn; 3915a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 3925a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt /* for GCM-AES-128: octet 9-32: SAK 3935a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt * for other cipher suite: octet 9-16: cipher suite id, octet 17-: SAK 3945a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt */ 3955a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u8 sak[0]; 3965a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt}; 3975a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 3985a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 3995a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidtstruct ieee802_1x_mka_icv_body { 4005a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt /* octet 1 */ 4015a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 type:8; 4025a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt /* octet 2 */ 4035a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 reserve:8; 4045a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt /* octet 3 */ 4055a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt#if __BYTE_ORDER == __LITTLE_ENDIAN 4065a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 length:4; 4075a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 reserve1:4; 4085a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt#elif __BYTE_ORDER == __BIG_ENDIAN 4095a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 reserve1:4; 4105a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 length:4; 4115a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt#endif 4125a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt /* octet 4 */ 4135a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u32 length1:8; 4145a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 4155a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt /* octet 5 - */ 4165a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u8 icv[0]; 4175a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt}; 4185a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 4195a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt#endif /* IEEE802_1X_KAY_I_H */ 420