15b9c547cSRui Paulo /* 25b9c547cSRui Paulo * IEEE Std 802.1X-2010 definitions 35b9c547cSRui Paulo * Copyright (c) 2013-2014, Qualcomm Atheros, Inc. 45b9c547cSRui Paulo * 55b9c547cSRui Paulo * This software may be distributed under the terms of the BSD license. 65b9c547cSRui Paulo * See README for more details. 75b9c547cSRui Paulo */ 85b9c547cSRui Paulo 95b9c547cSRui Paulo #ifndef IEEE802_1X_DEFS_H 105b9c547cSRui Paulo #define IEEE802_1X_DEFS_H 115b9c547cSRui Paulo 125b9c547cSRui Paulo #define CS_ID_LEN 8 13780fb4a2SCy Schubert #define CS_ID_GCM_AES_128 0x0080020001000001ULL 145b9c547cSRui Paulo #define CS_NAME_GCM_AES_128 "GCM-AES-128" 15*85732ac8SCy Schubert #define CS_ID_GCM_AES_256 0x0080c20001000002ULL 16*85732ac8SCy Schubert #define CS_NAME_GCM_AES_256 "GCM-AES-256" 175b9c547cSRui Paulo 185b9c547cSRui Paulo enum macsec_policy { 195b9c547cSRui Paulo /** 205b9c547cSRui Paulo * Should secure sessions. 215b9c547cSRui Paulo * This accepts key server's advice to determine whether to secure the 225b9c547cSRui Paulo * session or not. 235b9c547cSRui Paulo */ 245b9c547cSRui Paulo SHOULD_SECURE, 255b9c547cSRui Paulo 265b9c547cSRui Paulo /** 275b9c547cSRui Paulo * Disabled MACsec - do not secure sessions. 285b9c547cSRui Paulo */ 295b9c547cSRui Paulo DO_NOT_SECURE, 30*85732ac8SCy Schubert 31*85732ac8SCy Schubert /** 32*85732ac8SCy Schubert * Should secure sessions, and try to use encryption. 33*85732ac8SCy Schubert * Like @SHOULD_SECURE, this follows the key server's decision. 34*85732ac8SCy Schubert */ 35*85732ac8SCy Schubert SHOULD_ENCRYPT, 365b9c547cSRui Paulo }; 375b9c547cSRui Paulo 385b9c547cSRui Paulo 395b9c547cSRui Paulo /* IEEE Std 802.1X-2010 - Table 11-6 - MACsec Capability */ 405b9c547cSRui Paulo enum macsec_cap { 415b9c547cSRui Paulo /** 425b9c547cSRui Paulo * MACsec is not implemented 435b9c547cSRui Paulo */ 445b9c547cSRui Paulo MACSEC_CAP_NOT_IMPLEMENTED, 455b9c547cSRui Paulo 465b9c547cSRui Paulo /** 475b9c547cSRui Paulo * 'Integrity without confidentiality' 485b9c547cSRui Paulo */ 495b9c547cSRui Paulo MACSEC_CAP_INTEGRITY, 505b9c547cSRui Paulo 515b9c547cSRui Paulo /** 525b9c547cSRui Paulo * 'Integrity without confidentiality' and 535b9c547cSRui Paulo * 'Integrity and confidentiality' with a confidentiality offset of 0 545b9c547cSRui Paulo */ 555b9c547cSRui Paulo MACSEC_CAP_INTEG_AND_CONF, 565b9c547cSRui Paulo 575b9c547cSRui Paulo /** 585b9c547cSRui Paulo * 'Integrity without confidentiality' and 595b9c547cSRui Paulo * 'Integrity and confidentiality' with a confidentiality offset of 0, 605b9c547cSRui Paulo * 30, 50 615b9c547cSRui Paulo */ 625b9c547cSRui Paulo MACSEC_CAP_INTEG_AND_CONF_0_30_50, 635b9c547cSRui Paulo }; 645b9c547cSRui Paulo 655b9c547cSRui Paulo enum validate_frames { 665b9c547cSRui Paulo Disabled, 675b9c547cSRui Paulo Checked, 685b9c547cSRui Paulo Strict, 695b9c547cSRui Paulo }; 705b9c547cSRui Paulo 715b9c547cSRui Paulo /* IEEE Std 802.1X-2010 - Table 11-6 - Confidentiality Offset */ 725b9c547cSRui Paulo enum confidentiality_offset { 735b9c547cSRui Paulo CONFIDENTIALITY_NONE = 0, 745b9c547cSRui Paulo CONFIDENTIALITY_OFFSET_0 = 1, 755b9c547cSRui Paulo CONFIDENTIALITY_OFFSET_30 = 2, 765b9c547cSRui Paulo CONFIDENTIALITY_OFFSET_50 = 3, 775b9c547cSRui Paulo }; 785b9c547cSRui Paulo 795b9c547cSRui Paulo /* IEEE Std 802.1X-2010 - Table 9-2 */ 805b9c547cSRui Paulo #define DEFAULT_PRIO_INFRA_PORT 0x10 815b9c547cSRui Paulo #define DEFAULT_PRIO_PRIMRAY_AP 0x30 825b9c547cSRui Paulo #define DEFAULT_PRIO_SECONDARY_AP 0x50 835b9c547cSRui Paulo #define DEFAULT_PRIO_GROUP_CA_MEMBER 0x70 845b9c547cSRui Paulo #define DEFAULT_PRIO_NOT_KEY_SERVER 0xFF 855b9c547cSRui Paulo 865b9c547cSRui Paulo #endif /* IEEE802_1X_DEFS_H */ 87