2 * IEEE 802.1X-2010 Key Agree Protocol of PAE state machine
3 * Copyright (c) 2013, Qualcomm Atheros, Inc.
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
9 #ifndef IEEE802_1X_KAY_I_H
10 #define IEEE802_1X_KAY_I_H
12 #include "utils/list.h"
13 #include "common/defs.h"
14 #include "common/ieee802_1x_defs.h"
16 #define MKA_VERSION_ID 1
18 /* IEEE Std 802.1X-2010, 11.11.1, Table 11-7 */
19 enum mka_packet_type {
20 MKA_BASIC_PARAMETER_SET = MKA_VERSION_ID,
21 MKA_LIVE_PEER_LIST = 1,
22 MKA_POTENTIAL_PEER_LIST = 2,
24 MKA_DISTRIBUTED_SAK = 4,
25 MKA_DISTRIBUTED_CAK = 5,
28 MKA_ICV_INDICATOR = 255
31 #define ICV_LEN 16 /* 16 bytes */
32 #define SAK_WRAPPED_LEN 24
33 /* KN + Wrapper SAK */
34 #define DEFAULT_DIS_SAK_BODY_LENGTH (SAK_WRAPPED_LEN + 4)
35 #define MAX_RETRY_CNT 5
37 struct ieee802_1x_kay;
39 struct ieee802_1x_mka_peer_id {
44 struct ieee802_1x_kay_peer {
45 struct ieee802_1x_mka_sci sci;
49 Boolean is_key_server;
50 u8 key_server_priority;
51 Boolean macsec_desired;
52 enum macsec_cap macsec_capability;
57 struct macsec_ciphersuite {
60 enum macsec_cap capable;
61 int sak_len; /* unit: byte */
73 int (*cak_trfm)(const u8 *msk, const u8 *mac1, const u8 *mac2, u8 *cak);
74 int (*ckn_trfm)(const u8 *msk, const u8 *mac1, const u8 *mac2,
75 const u8 *sid, size_t sid_len, u8 *ckn);
76 int (*kek_trfm)(const u8 *cak, const u8 *ckn, size_t ckn_len, u8 *kek);
77 int (*ick_trfm)(const u8 *cak, const u8 *ckn, size_t ckn_len, u8 *ick);
78 int (*icv_hash)(const u8 *ick, const u8 *msg, size_t msg_len, u8 *icv);
80 int index; /* index for configuring */
83 #define DEFAULT_MKA_ALG_INDEX 0
85 /* See IEEE Std 802.1X-2010, 9.16 MKA management */
86 struct ieee802_1x_mka_participant {
87 /* used for active and potential participant */
88 struct mka_key_name ckn;
92 /* used by management to monitor and control activation */
96 enum mka_created_mode mode;
98 enum { DEFAULT, DISABLED, ON_OPER_UP, ALWAYS } activate;
100 /* used for active participant */
102 struct dl_list live_peers;
103 struct dl_list potential_peers;
105 /* not defined in IEEE 802.1X */
111 struct ieee802_1x_mka_ki lki;
116 struct ieee802_1x_mka_ki oki;
121 Boolean is_key_server;
122 Boolean is_obliged_key_server;
123 Boolean can_be_key_server;
126 struct dl_list sak_list;
127 struct dl_list rxsc_list;
129 struct transmit_sc *txsc;
134 struct ieee802_1x_mka_peer_id current_peer_id;
135 struct ieee802_1x_mka_sci current_peer_sci;
142 Boolean advised_desired;
143 enum macsec_cap advised_capability;
145 struct data_key *new_key;
148 struct ieee802_1x_kay *kay;
151 struct ieee802_1x_mka_hdr {
157 #if __BYTE_ORDER == __LITTLE_ENDIAN
160 #elif __BYTE_ORDER == __BIG_ENDIAN
164 #error "Please fix <bits/endian.h>"
170 #define MKA_HDR_LEN sizeof(struct ieee802_1x_mka_hdr)
173 * struct ieee802_1x_mka_basic_body - Basic Parameter Set (Figure 11-8)
174 * @version: MKA Version Identifier
175 * @priority: Key Server Priority
176 * @length: Parameter set body length
177 * @macsec_capability: MACsec capability, as defined in ieee802_1x_defs.h
178 * @macsec_desired: the participant wants MACsec to be used to protect frames
180 * @key_server: the participant has not decided that another participant is or
181 * will be the key server (9.5.1)
182 * @length1: Parameter set body length (cont)
183 * @actor_mi: Actor's Member Identifier
184 * @actor_mn: Actor's Message Number
185 * @algo_agility: Algorithm Agility parameter
188 struct ieee802_1x_mka_basic_body {
194 #if __BYTE_ORDER == __LITTLE_ENDIAN
196 u8 macsec_capability:2;
199 #elif __BYTE_ORDER == __BIG_ENDIAN
202 u8 macsec_capability:2;
208 struct ieee802_1x_mka_sci actor_sci;
213 /* followed by CAK Name*/
218 * struct ieee802_1x_mka_peer_body - Live Peer List and Potential Peer List
219 * parameter sets (Figure 11-9)
220 * @type: Parameter set type (1 or 2)
221 * @length: Parameter set body length
222 * @length1: Parameter set body length (cont)
223 * @peer: array of (MI, MN) pairs
225 struct ieee802_1x_mka_peer_body {
231 #if __BYTE_ORDER == __LITTLE_ENDIAN
234 #elif __BYTE_ORDER == __BIG_ENDIAN
242 /* followed by Peers */
246 * struct ieee802_1x_mka_sak_use_body - MACsec SAK Use parameter set (Figure
248 * @type: MKA message type
249 * @lan: latest key AN
250 * @ltx: latest key TX
251 * @lrx: latest key RX
255 * @ptx: plain TX, ie protectFrames is False
256 * @prx: plain RX, ie validateFrames is not Strict
257 * @delay_protect: True if LPNs are being reported sufficiently frequently to
258 * allow the recipient to provide data delay protection. If False, the LPN
259 * can be reported as zero.
260 * @lsrv_mi: latest key server MI
261 * @lkn: latest key number (together with MI, form the KI)
262 * @llpn: latest lowest acceptable PN (LPN)
263 * @osrv_mi: old key server MI
264 * @okn: old key number (together with MI, form the KI)
265 * @olpn: old lowest acceptable PN (LPN)
267 struct ieee802_1x_mka_sak_use_body {
271 #if __BYTE_ORDER == __LITTLE_ENDIAN
278 #elif __BYTE_ORDER == __BIG_ENDIAN
288 #if __BYTE_ORDER == __LITTLE_ENDIAN
294 #elif __BYTE_ORDER == __BIG_ENDIAN
321 * struct ieee802_1x_mka_dist_sak_body - Distributed SAK parameter set
322 * (GCM-AES-128, Figure 11-11)
323 * @type: Parameter set type (4)
324 * @length: Parameter set body length
325 * @length1: Parameter set body length (cont)
326 * Total parameter body length values:
328 * - 28 for GCM-AES-128
329 * - 36 or more for other cipher suites
330 * @confid_offset: confidentiality offset, as defined in ieee802_1x_defs.h
331 * @dan: distributed AN (0 for plain text)
333 * @sak: AES Key Wrap of SAK (see 9.8)
335 struct ieee802_1x_mka_dist_sak_body {
339 #if __BYTE_ORDER == __LITTLE_ENDIAN
343 #elif __BYTE_ORDER == __BIG_ENDIAN
349 #if __BYTE_ORDER == __LITTLE_ENDIAN
352 #elif __BYTE_ORDER == __BIG_ENDIAN
361 /* for GCM-AES-128: octet 9-32: SAK
362 * for other cipher suite: octet 9-16: cipher suite id, octet 17-: SAK
368 * struct ieee802_1x_mka_dist_cak_body - Distributed CAK parameter set (Figure
370 * @type: Parameter set type (5)
371 * @length: Parameter set body length
372 * @length1: Parameter set body length (cont)
373 * Total parameter body length values:
375 * - 28 for GCM-AES-128
376 * - 36 or more for other cipher suites
377 * @cak: AES Key Wrap of CAK (see 9.8)
380 struct ieee802_1x_mka_dist_cak_body {
386 #if __BYTE_ORDER == __LITTLE_ENDIAN
389 #elif __BYTE_ORDER == __BIG_ENDIAN
399 /* followed by CAK Name, 29- */
403 struct ieee802_1x_mka_icv_body {
409 #if __BYTE_ORDER == __LITTLE_ENDIAN
412 #elif __BYTE_ORDER == __BIG_ENDIAN
423 #endif /* IEEE802_1X_KAY_I_H */