15a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt/* 25a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt * IEEE Std 802.1X-2010 definitions 35a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt * Copyright (c) 2013-2014, Qualcomm Atheros, Inc. 45a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt * 55a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt * This software may be distributed under the terms of the BSD license. 65a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt * See README for more details. 75a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt */ 85a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 95a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt#ifndef IEEE802_1X_DEFS_H 105a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt#define IEEE802_1X_DEFS_H 115a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 125a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt#define CS_ID_LEN 8 137d17530e229db79208e99741071df97ea4faeec6Dmitry Shmidt#define CS_ID_GCM_AES_128 0x0080020001000001ULL 145a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt#define CS_NAME_GCM_AES_128 "GCM-AES-128" 155a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 165a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidtenum macsec_policy { 175a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt /** 185a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt * Should secure sessions. 195a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt * This accepts key server's advice to determine whether to secure the 205a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt * session or not. 215a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt */ 225a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt SHOULD_SECURE, 235a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 245a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt /** 255a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt * Disabled MACsec - do not secure sessions. 265a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt */ 275a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt DO_NOT_SECURE, 28abb90a3fc1917e628167827cb14e742000605332Dmitry Shmidt 29abb90a3fc1917e628167827cb14e742000605332Dmitry Shmidt /** 30abb90a3fc1917e628167827cb14e742000605332Dmitry Shmidt * Should secure sessions, and try to use encryption. 31abb90a3fc1917e628167827cb14e742000605332Dmitry Shmidt * Like @SHOULD_SECURE, this follows the key server's decision. 32abb90a3fc1917e628167827cb14e742000605332Dmitry Shmidt */ 33abb90a3fc1917e628167827cb14e742000605332Dmitry Shmidt SHOULD_ENCRYPT, 345a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt}; 355a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 365a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 375a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt/* IEEE Std 802.1X-2010 - Table 11-6 - MACsec Capability */ 385a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidtenum macsec_cap { 395a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt /** 405a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt * MACsec is not implemented 415a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt */ 425a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt MACSEC_CAP_NOT_IMPLEMENTED, 435a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 445a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt /** 455a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt * 'Integrity without confidentiality' 465a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt */ 475a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt MACSEC_CAP_INTEGRITY, 485a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 495a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt /** 505a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt * 'Integrity without confidentiality' and 515a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt * 'Integrity and confidentiality' with a confidentiality offset of 0 525a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt */ 535a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt MACSEC_CAP_INTEG_AND_CONF, 545a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 555a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt /** 565a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt * 'Integrity without confidentiality' and 575a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt * 'Integrity and confidentiality' with a confidentiality offset of 0, 585a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt * 30, 50 595a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt */ 605a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt MACSEC_CAP_INTEG_AND_CONF_0_30_50, 615a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt}; 625a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 635a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidtenum validate_frames { 645a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt Disabled, 655a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt Checked, 665a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt Strict, 675a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt}; 685a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 695a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt/* IEEE Std 802.1X-2010 - Table 11-6 - Confidentiality Offset */ 705a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidtenum confidentiality_offset { 715a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt CONFIDENTIALITY_NONE = 0, 725a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt CONFIDENTIALITY_OFFSET_0 = 1, 735a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt CONFIDENTIALITY_OFFSET_30 = 2, 745a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt CONFIDENTIALITY_OFFSET_50 = 3, 755a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt}; 765a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 775a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt/* IEEE Std 802.1X-2010 - Table 9-2 */ 785a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt#define DEFAULT_PRIO_INFRA_PORT 0x10 795a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt#define DEFAULT_PRIO_PRIMRAY_AP 0x30 805a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt#define DEFAULT_PRIO_SECONDARY_AP 0x50 815a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt#define DEFAULT_PRIO_GROUP_CA_MEMBER 0x70 825a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt#define DEFAULT_PRIO_NOT_KEY_SERVER 0xFF 835a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt 845a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt#endif /* IEEE802_1X_DEFS_H */ 85