2 * IEEE 802.1X-2010 Key Agree Protocol of PAE state machine
3 * Copyright (c) 2013, Qualcomm Atheros, Inc.
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
9 #ifndef IEEE802_1X_KAY_I_H
10 #define IEEE802_1X_KAY_I_H
12 #include "utils/list.h"
13 #include "common/defs.h"
14 #include "common/ieee802_1x_defs.h"
16 #define MKA_VERSION_ID 1
18 /* IEEE Std 802.1X-2010, 11.11.1, Table 11-7 (MKPDU parameter sets) */
19 enum mka_packet_type {
20 MKA_BASIC_PARAMETER_SET = MKA_VERSION_ID,
21 MKA_LIVE_PEER_LIST = 1,
22 MKA_POTENTIAL_PEER_LIST = 2,
24 MKA_DISTRIBUTED_SAK = 4,
25 MKA_DISTRIBUTED_CAK = 5,
28 MKA_ICV_INDICATOR = 255
31 #define ICV_LEN 16 /* 16 bytes */
32 #define SAK_WRAPPED_LEN 24
33 /* KN + Wrapper SAK */
34 #define DEFAULT_DIS_SAK_BODY_LENGTH (SAK_WRAPPED_LEN + 4)
35 #define MAX_RETRY_CNT 5
37 struct ieee802_1x_kay;
39 struct ieee802_1x_mka_peer_id {
44 struct ieee802_1x_kay_peer {
45 struct ieee802_1x_mka_sci sci;
49 Boolean is_key_server;
50 u8 key_server_priority;
51 Boolean macsec_desired;
52 enum macsec_cap macsec_capability;
54 int missing_sak_use_count;
58 struct macsec_ciphersuite {
61 enum macsec_cap capable;
62 int sak_len; /* unit: byte */
69 int (*cak_trfm)(const u8 *msk, size_t msk_bytes, const u8 *mac1,
70 const u8 *mac2, u8 *cak, size_t cak_bytes);
71 int (*ckn_trfm)(const u8 *msk, size_t msk_bytes, const u8 *mac1,
72 const u8 *mac2, const u8 *sid, size_t sid_len, u8 *ckn);
73 int (*kek_trfm)(const u8 *cak, size_t cak_bytes,
74 const u8 *ckn, size_t ckn_len,
75 u8 *kek, size_t kek_bytes);
76 int (*ick_trfm)(const u8 *cak, size_t cak_bytes,
77 const u8 *ckn, size_t ckn_len,
78 u8 *ick, size_t ick_bytes);
79 int (*icv_hash)(const u8 *ick, size_t ick_bytes,
80 const u8 *msg, size_t msg_len, u8 *icv);
83 #define DEFAULT_MKA_ALG_INDEX 0
85 /* See IEEE Std 802.1X-2010, 9.16 MKA management */
86 struct ieee802_1x_mka_participant {
87 /* used for active and potential participant */
88 struct mka_key_name ckn;
92 /* used by management to monitor and control activation */
96 enum mka_created_mode mode;
98 enum activate_ctrl { DEFAULT, DISABLED, ON_OPER_UP, ALWAYS } activate;
100 /* used for active participant */
102 struct dl_list live_peers;
103 struct dl_list potential_peers;
105 /* not defined in IEEE 802.1X */
111 struct ieee802_1x_mka_ki lki;
116 struct ieee802_1x_mka_ki oki;
121 Boolean is_key_server;
122 Boolean is_obliged_key_server;
123 Boolean can_be_key_server;
126 struct dl_list sak_list;
127 struct dl_list rxsc_list;
129 struct transmit_sc *txsc;
134 /* Current peer MI and SCI during MKPDU processing */
135 struct ieee802_1x_mka_peer_id current_peer_id;
136 struct ieee802_1x_mka_sci current_peer_sci;
144 Boolean advised_desired;
145 enum macsec_cap advised_capability;
147 struct data_key *new_key;
150 struct ieee802_1x_kay *kay;
153 struct ieee802_1x_mka_hdr {
159 #if __BYTE_ORDER == __LITTLE_ENDIAN
162 #elif __BYTE_ORDER == __BIG_ENDIAN
166 #error "Please fix <bits/endian.h>"
172 #define MKA_HDR_LEN sizeof(struct ieee802_1x_mka_hdr)
175 * struct ieee802_1x_mka_basic_body - Basic Parameter Set (Figure 11-8)
176 * @version: MKA Version Identifier
177 * @priority: Key Server Priority
178 * @length: Parameter set body length
179 * @macsec_capability: MACsec capability, as defined in ieee802_1x_defs.h
180 * @macsec_desired: the participant wants MACsec to be used to protect frames
182 * @key_server: the participant has not decided that another participant is or
183 * will be the key server (9.5.1)
184 * @length1: Parameter set body length (cont)
185 * @actor_mi: Actor's Member Identifier
186 * @actor_mn: Actor's Message Number
187 * @algo_agility: Algorithm Agility parameter
190 struct ieee802_1x_mka_basic_body {
196 #if __BYTE_ORDER == __LITTLE_ENDIAN
198 u8 macsec_capability:2;
201 #elif __BYTE_ORDER == __BIG_ENDIAN
204 u8 macsec_capability:2;
210 struct ieee802_1x_mka_sci actor_sci;
215 /* followed by CAK Name */
220 * struct ieee802_1x_mka_peer_body - Live Peer List and Potential Peer List
221 * parameter sets (Figure 11-9)
222 * @type: Parameter set type (1 or 2)
223 * @length: Parameter set body length
224 * @length1: Parameter set body length (cont)
225 * @peer: array of (MI, MN) pairs
227 struct ieee802_1x_mka_peer_body {
233 #if __BYTE_ORDER == __LITTLE_ENDIAN
236 #elif __BYTE_ORDER == __BIG_ENDIAN
243 /* followed by Peers */
248 * struct ieee802_1x_mka_sak_use_body - MACsec SAK Use parameter set (Figure
250 * @type: MKA message type
251 * @lan: latest key AN
252 * @ltx: latest key TX
253 * @lrx: latest key RX
257 * @ptx: plain TX, ie protectFrames is False
258 * @prx: plain RX, ie validateFrames is not Strict
259 * @delay_protect: True if LPNs are being reported sufficiently frequently to
260 * allow the recipient to provide data delay protection. If False, the LPN
261 * can be reported as zero.
262 * @lsrv_mi: latest key server MI
263 * @lkn: latest key number (together with MI, form the KI)
264 * @llpn: latest lowest acceptable PN (LPN)
265 * @osrv_mi: old key server MI
266 * @okn: old key number (together with MI, form the KI)
267 * @olpn: old lowest acceptable PN (LPN)
269 struct ieee802_1x_mka_sak_use_body {
273 #if __BYTE_ORDER == __LITTLE_ENDIAN
280 #elif __BYTE_ORDER == __BIG_ENDIAN
290 #if __BYTE_ORDER == __LITTLE_ENDIAN
296 #elif __BYTE_ORDER == __BIG_ENDIAN
323 * struct ieee802_1x_mka_dist_sak_body - Distributed SAK parameter set
324 * (GCM-AES-128, Figure 11-11)
325 * @type: Parameter set type (4)
326 * @length: Parameter set body length
327 * @length1: Parameter set body length (cont)
328 * Total parameter body length values:
330 * - 28 for GCM-AES-128
331 * - 36 or more for other cipher suites
332 * @confid_offset: confidentiality offset, as defined in ieee802_1x_defs.h
333 * @dan: distributed AN (0 for plain text)
335 * @sak: AES Key Wrap of SAK (see 9.8)
337 struct ieee802_1x_mka_dist_sak_body {
341 #if __BYTE_ORDER == __LITTLE_ENDIAN
345 #elif __BYTE_ORDER == __BIG_ENDIAN
351 #if __BYTE_ORDER == __LITTLE_ENDIAN
354 #elif __BYTE_ORDER == __BIG_ENDIAN
363 /* for GCM-AES-128: octet 9-32: SAK
364 * for other cipher suite: octet 9-16: cipher suite id, octet 17-: SAK
370 * struct ieee802_1x_mka_dist_cak_body - Distributed CAK parameter set (Figure
372 * @type: Parameter set type (5)
373 * @length: Parameter set body length
374 * @length1: Parameter set body length (cont)
375 * Total parameter body length values:
377 * - 28 for GCM-AES-128
378 * - 36 or more for other cipher suites
379 * @cak: AES Key Wrap of CAK (see 9.8)
382 struct ieee802_1x_mka_dist_cak_body {
388 #if __BYTE_ORDER == __LITTLE_ENDIAN
391 #elif __BYTE_ORDER == __BIG_ENDIAN
401 /* followed by CAK Name, 29- */
405 struct ieee802_1x_mka_icv_body {
411 #if __BYTE_ORDER == __LITTLE_ENDIAN
414 #elif __BYTE_ORDER == __BIG_ENDIAN
425 #endif /* IEEE802_1X_KAY_I_H */