15a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt/*
25a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt * IEEE Std 802.1X-2010 definitions
35a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt * Copyright (c) 2013-2014, Qualcomm Atheros, Inc.
45a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt *
55a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt * This software may be distributed under the terms of the BSD license.
65a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt * See README for more details.
75a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt */
85a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt
95a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt#ifndef IEEE802_1X_DEFS_H
105a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt#define IEEE802_1X_DEFS_H
115a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt
125a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt#define CS_ID_LEN		8
137d17530e229db79208e99741071df97ea4faeec6Dmitry Shmidt#define CS_ID_GCM_AES_128	0x0080020001000001ULL
145a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt#define CS_NAME_GCM_AES_128	"GCM-AES-128"
155a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt
165a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidtenum macsec_policy {
175a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt	/**
185a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt	 * Should secure sessions.
195a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt	 * This accepts key server's advice to determine whether to secure the
205a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt	 * session or not.
215a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt	 */
225a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt	SHOULD_SECURE,
235a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt
245a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt	/**
255a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt	 * Disabled MACsec - do not secure sessions.
265a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt	 */
275a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt	DO_NOT_SECURE,
28abb90a3fc1917e628167827cb14e742000605332Dmitry Shmidt
29abb90a3fc1917e628167827cb14e742000605332Dmitry Shmidt	/**
30abb90a3fc1917e628167827cb14e742000605332Dmitry Shmidt	 * Should secure sessions, and try to use encryption.
31abb90a3fc1917e628167827cb14e742000605332Dmitry Shmidt	 * Like @SHOULD_SECURE, this follows the key server's decision.
32abb90a3fc1917e628167827cb14e742000605332Dmitry Shmidt	 */
33abb90a3fc1917e628167827cb14e742000605332Dmitry Shmidt	SHOULD_ENCRYPT,
345a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt};
355a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt
365a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt
375a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt/* IEEE Std 802.1X-2010 - Table 11-6 - MACsec Capability */
385a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidtenum macsec_cap {
395a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt	/**
405a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt	 * MACsec is not implemented
415a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt	 */
425a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt	MACSEC_CAP_NOT_IMPLEMENTED,
435a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt
445a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt	/**
455a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt	 * 'Integrity without confidentiality'
465a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt	 */
475a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt	MACSEC_CAP_INTEGRITY,
485a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt
495a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt	/**
505a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt	 * 'Integrity without confidentiality' and
515a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt	 * 'Integrity and confidentiality' with a confidentiality offset of 0
525a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt	 */
535a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt	MACSEC_CAP_INTEG_AND_CONF,
545a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt
555a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt	/**
565a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt	 * 'Integrity without confidentiality' and
575a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt	 * 'Integrity and confidentiality' with a confidentiality offset of 0,
585a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt	 * 30, 50
595a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt	 */
605a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt	MACSEC_CAP_INTEG_AND_CONF_0_30_50,
615a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt};
625a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt
635a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidtenum validate_frames {
645a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt	Disabled,
655a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt	Checked,
665a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt	Strict,
675a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt};
685a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt
695a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt/* IEEE Std 802.1X-2010 - Table 11-6 - Confidentiality Offset */
705a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidtenum confidentiality_offset {
715a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt	CONFIDENTIALITY_NONE      = 0,
725a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt	CONFIDENTIALITY_OFFSET_0  = 1,
735a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt	CONFIDENTIALITY_OFFSET_30 = 2,
745a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt	CONFIDENTIALITY_OFFSET_50 = 3,
755a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt};
765a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt
775a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt/* IEEE Std 802.1X-2010 - Table 9-2 */
785a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt#define DEFAULT_PRIO_INFRA_PORT        0x10
795a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt#define DEFAULT_PRIO_PRIMRAY_AP        0x30
805a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt#define DEFAULT_PRIO_SECONDARY_AP      0x50
815a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt#define DEFAULT_PRIO_GROUP_CA_MEMBER   0x70
825a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt#define DEFAULT_PRIO_NOT_KEY_SERVER    0xFF
835a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt
845a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt#endif /* IEEE802_1X_DEFS_H */
85