xref: /freebsd/contrib/wpa/src/common/ieee802_1x_defs.h (revision b0d29bc47dba79f6f38e67eabadfb4b32ffd9390)
1 /*
2  * IEEE Std 802.1X-2010 definitions
3  * Copyright (c) 2013-2014, Qualcomm Atheros, Inc.
4  *
5  * This software may be distributed under the terms of the BSD license.
6  * See README for more details.
7  */
8 
9 #ifndef IEEE802_1X_DEFS_H
10 #define IEEE802_1X_DEFS_H
11 
12 #define CS_ID_LEN		8
13 #define CS_ID_GCM_AES_128	0x0080020001000001ULL
14 #define CS_NAME_GCM_AES_128	"GCM-AES-128"
15 #define CS_ID_GCM_AES_256	0x0080c20001000002ULL
16 #define CS_NAME_GCM_AES_256	"GCM-AES-256"
17 
18 enum macsec_policy {
19 	/**
20 	 * Should secure sessions.
21 	 * This accepts key server's advice to determine whether to secure the
22 	 * session or not.
23 	 */
24 	SHOULD_SECURE,
25 
26 	/**
27 	 * Disabled MACsec - do not secure sessions.
28 	 */
29 	DO_NOT_SECURE,
30 
31 	/**
32 	 * Should secure sessions, and try to use encryption.
33 	 * Like @SHOULD_SECURE, this follows the key server's decision.
34 	 */
35 	SHOULD_ENCRYPT,
36 };
37 
38 
39 /* IEEE Std 802.1X-2010 - Table 11-6 - MACsec Capability */
40 enum macsec_cap {
41 	/**
42 	 * MACsec is not implemented
43 	 */
44 	MACSEC_CAP_NOT_IMPLEMENTED,
45 
46 	/**
47 	 * 'Integrity without confidentiality'
48 	 */
49 	MACSEC_CAP_INTEGRITY,
50 
51 	/**
52 	 * 'Integrity without confidentiality' and
53 	 * 'Integrity and confidentiality' with a confidentiality offset of 0
54 	 */
55 	MACSEC_CAP_INTEG_AND_CONF,
56 
57 	/**
58 	 * 'Integrity without confidentiality' and
59 	 * 'Integrity and confidentiality' with a confidentiality offset of 0,
60 	 * 30, 50
61 	 */
62 	MACSEC_CAP_INTEG_AND_CONF_0_30_50,
63 };
64 
65 enum validate_frames {
66 	Disabled,
67 	Checked,
68 	Strict,
69 };
70 
71 /* IEEE Std 802.1X-2010 - Table 11-6 - Confidentiality Offset */
72 enum confidentiality_offset {
73 	CONFIDENTIALITY_NONE      = 0,
74 	CONFIDENTIALITY_OFFSET_0  = 1,
75 	CONFIDENTIALITY_OFFSET_30 = 2,
76 	CONFIDENTIALITY_OFFSET_50 = 3,
77 };
78 
79 /* IEEE Std 802.1X-2010 - Table 9-2 */
80 #define DEFAULT_PRIO_INFRA_PORT        0x10
81 #define DEFAULT_PRIO_PRIMRAY_AP        0x30
82 #define DEFAULT_PRIO_SECONDARY_AP      0x50
83 #define DEFAULT_PRIO_GROUP_CA_MEMBER   0x70
84 #define DEFAULT_PRIO_NOT_KEY_SERVER    0xFF
85 
86 #endif /* IEEE802_1X_DEFS_H */
87