15b9c547cSRui Paulo /* 25b9c547cSRui Paulo * IEEE 802.1X-2010 Key Agree Protocol of PAE state machine 35b9c547cSRui Paulo * Copyright (c) 2013, Qualcomm Atheros, Inc. 45b9c547cSRui Paulo * 55b9c547cSRui Paulo * This software may be distributed under the terms of the BSD license. 65b9c547cSRui Paulo * See README for more details. 75b9c547cSRui Paulo */ 85b9c547cSRui Paulo 95b9c547cSRui Paulo #ifndef IEEE802_1X_KAY_I_H 105b9c547cSRui Paulo #define IEEE802_1X_KAY_I_H 115b9c547cSRui Paulo 125b9c547cSRui Paulo #include "utils/list.h" 135b9c547cSRui Paulo #include "common/defs.h" 145b9c547cSRui Paulo #include "common/ieee802_1x_defs.h" 155b9c547cSRui Paulo 165b9c547cSRui Paulo #define MKA_VERSION_ID 1 175b9c547cSRui Paulo 184bc52338SCy Schubert /* IEEE Std 802.1X-2010, 11.11.1, Table 11-7 (MKPDU parameter sets) */ 195b9c547cSRui Paulo enum mka_packet_type { 205b9c547cSRui Paulo MKA_BASIC_PARAMETER_SET = MKA_VERSION_ID, 215b9c547cSRui Paulo MKA_LIVE_PEER_LIST = 1, 225b9c547cSRui Paulo MKA_POTENTIAL_PEER_LIST = 2, 235b9c547cSRui Paulo MKA_SAK_USE = 3, 245b9c547cSRui Paulo MKA_DISTRIBUTED_SAK = 4, 255b9c547cSRui Paulo MKA_DISTRIBUTED_CAK = 5, 265b9c547cSRui Paulo MKA_KMD = 6, 275b9c547cSRui Paulo MKA_ANNOUNCEMENT = 7, 285b9c547cSRui Paulo MKA_ICV_INDICATOR = 255 295b9c547cSRui Paulo }; 305b9c547cSRui Paulo 315b9c547cSRui Paulo #define ICV_LEN 16 /* 16 bytes */ 325b9c547cSRui Paulo #define SAK_WRAPPED_LEN 24 335b9c547cSRui Paulo /* KN + Wrapper SAK */ 345b9c547cSRui Paulo #define DEFAULT_DIS_SAK_BODY_LENGTH (SAK_WRAPPED_LEN + 4) 355b9c547cSRui Paulo #define MAX_RETRY_CNT 5 365b9c547cSRui Paulo 375b9c547cSRui Paulo struct ieee802_1x_kay; 385b9c547cSRui Paulo 395b9c547cSRui Paulo struct ieee802_1x_mka_peer_id { 405b9c547cSRui Paulo u8 mi[MI_LEN]; 41780fb4a2SCy Schubert be32 mn; 424bc52338SCy Schubert } STRUCT_PACKED; 435b9c547cSRui Paulo 445b9c547cSRui Paulo struct ieee802_1x_kay_peer { 455b9c547cSRui Paulo struct ieee802_1x_mka_sci sci; 465b9c547cSRui Paulo u8 mi[MI_LEN]; 475b9c547cSRui Paulo u32 mn; 485b9c547cSRui Paulo time_t expire; 49*c1d255d3SCy Schubert bool is_key_server; 505b9c547cSRui Paulo u8 key_server_priority; 51*c1d255d3SCy Schubert bool macsec_desired; 52780fb4a2SCy Schubert enum macsec_cap macsec_capability; 53*c1d255d3SCy Schubert bool sak_used; 544bc52338SCy Schubert int missing_sak_use_count; 555b9c547cSRui Paulo struct dl_list list; 565b9c547cSRui Paulo }; 575b9c547cSRui Paulo 585b9c547cSRui Paulo struct macsec_ciphersuite { 59780fb4a2SCy Schubert u64 id; 605b9c547cSRui Paulo char name[32]; 615b9c547cSRui Paulo enum macsec_cap capable; 625b9c547cSRui Paulo int sak_len; /* unit: byte */ 635b9c547cSRui Paulo }; 645b9c547cSRui Paulo 655b9c547cSRui Paulo struct mka_alg { 665b9c547cSRui Paulo u8 parameter[4]; 675b9c547cSRui Paulo size_t icv_len; 685b9c547cSRui Paulo 694bc52338SCy Schubert int (*cak_trfm)(const u8 *msk, size_t msk_bytes, const u8 *mac1, 704bc52338SCy Schubert const u8 *mac2, u8 *cak, size_t cak_bytes); 714bc52338SCy Schubert int (*ckn_trfm)(const u8 *msk, size_t msk_bytes, const u8 *mac1, 724bc52338SCy Schubert const u8 *mac2, const u8 *sid, size_t sid_len, u8 *ckn); 734bc52338SCy Schubert int (*kek_trfm)(const u8 *cak, size_t cak_bytes, 744bc52338SCy Schubert const u8 *ckn, size_t ckn_len, 754bc52338SCy Schubert u8 *kek, size_t kek_bytes); 764bc52338SCy Schubert int (*ick_trfm)(const u8 *cak, size_t cak_bytes, 774bc52338SCy Schubert const u8 *ckn, size_t ckn_len, 784bc52338SCy Schubert u8 *ick, size_t ick_bytes); 794bc52338SCy Schubert int (*icv_hash)(const u8 *ick, size_t ick_bytes, 804bc52338SCy Schubert const u8 *msg, size_t msg_len, u8 *icv); 815b9c547cSRui Paulo }; 825b9c547cSRui Paulo 835b9c547cSRui Paulo #define DEFAULT_MKA_ALG_INDEX 0 845b9c547cSRui Paulo 855b9c547cSRui Paulo /* See IEEE Std 802.1X-2010, 9.16 MKA management */ 865b9c547cSRui Paulo struct ieee802_1x_mka_participant { 875b9c547cSRui Paulo /* used for active and potential participant */ 885b9c547cSRui Paulo struct mka_key_name ckn; 895b9c547cSRui Paulo struct mka_key cak; 90*c1d255d3SCy Schubert bool cached; 915b9c547cSRui Paulo 925b9c547cSRui Paulo /* used by management to monitor and control activation */ 93*c1d255d3SCy Schubert bool active; 94*c1d255d3SCy Schubert bool participant; 95*c1d255d3SCy Schubert bool retain; 9685732ac8SCy Schubert enum mka_created_mode mode; 975b9c547cSRui Paulo 984bc52338SCy Schubert enum activate_ctrl { DEFAULT, DISABLED, ON_OPER_UP, ALWAYS } activate; 995b9c547cSRui Paulo 1005b9c547cSRui Paulo /* used for active participant */ 101*c1d255d3SCy Schubert bool principal; 1025b9c547cSRui Paulo struct dl_list live_peers; 1035b9c547cSRui Paulo struct dl_list potential_peers; 1045b9c547cSRui Paulo 1055b9c547cSRui Paulo /* not defined in IEEE 802.1X */ 1065b9c547cSRui Paulo struct dl_list list; 1075b9c547cSRui Paulo 1085b9c547cSRui Paulo struct mka_key kek; 1095b9c547cSRui Paulo struct mka_key ick; 1105b9c547cSRui Paulo 1115b9c547cSRui Paulo struct ieee802_1x_mka_ki lki; 1125b9c547cSRui Paulo u8 lan; 113*c1d255d3SCy Schubert bool ltx; 114*c1d255d3SCy Schubert bool lrx; 1155b9c547cSRui Paulo 1165b9c547cSRui Paulo struct ieee802_1x_mka_ki oki; 1175b9c547cSRui Paulo u8 oan; 118*c1d255d3SCy Schubert bool otx; 119*c1d255d3SCy Schubert bool orx; 1205b9c547cSRui Paulo 121*c1d255d3SCy Schubert bool is_key_server; 122*c1d255d3SCy Schubert bool is_obliged_key_server; 123*c1d255d3SCy Schubert bool can_be_key_server; 124*c1d255d3SCy Schubert bool is_elected; 1255b9c547cSRui Paulo 1265b9c547cSRui Paulo struct dl_list sak_list; 1275b9c547cSRui Paulo struct dl_list rxsc_list; 1285b9c547cSRui Paulo 1295b9c547cSRui Paulo struct transmit_sc *txsc; 1305b9c547cSRui Paulo 1315b9c547cSRui Paulo u8 mi[MI_LEN]; 1325b9c547cSRui Paulo u32 mn; 1335b9c547cSRui Paulo 1344bc52338SCy Schubert /* Current peer MI and SCI during MKPDU processing */ 1355b9c547cSRui Paulo struct ieee802_1x_mka_peer_id current_peer_id; 1365b9c547cSRui Paulo struct ieee802_1x_mka_sci current_peer_sci; 1374bc52338SCy Schubert 1385b9c547cSRui Paulo time_t cak_life; 1395b9c547cSRui Paulo time_t mka_life; 140*c1d255d3SCy Schubert bool to_dist_sak; 141*c1d255d3SCy Schubert bool to_use_sak; 142*c1d255d3SCy Schubert bool new_sak; 1435b9c547cSRui Paulo 144*c1d255d3SCy Schubert bool advised_desired; 1455b9c547cSRui Paulo enum macsec_cap advised_capability; 1465b9c547cSRui Paulo 1475b9c547cSRui Paulo struct data_key *new_key; 1485b9c547cSRui Paulo u32 retry_count; 1495b9c547cSRui Paulo 1505b9c547cSRui Paulo struct ieee802_1x_kay *kay; 1515b9c547cSRui Paulo }; 1525b9c547cSRui Paulo 1535b9c547cSRui Paulo struct ieee802_1x_mka_hdr { 1545b9c547cSRui Paulo /* octet 1 */ 155780fb4a2SCy Schubert u8 type; 1565b9c547cSRui Paulo /* octet 2 */ 157780fb4a2SCy Schubert u8 reserve; 1585b9c547cSRui Paulo /* octet 3 */ 1595b9c547cSRui Paulo #if __BYTE_ORDER == __LITTLE_ENDIAN 160780fb4a2SCy Schubert u8 length:4; 161780fb4a2SCy Schubert u8 reserve1:4; 1625b9c547cSRui Paulo #elif __BYTE_ORDER == __BIG_ENDIAN 163780fb4a2SCy Schubert u8 reserve1:4; 164780fb4a2SCy Schubert u8 length:4; 1655b9c547cSRui Paulo #else 1665b9c547cSRui Paulo #error "Please fix <bits/endian.h>" 1675b9c547cSRui Paulo #endif 1685b9c547cSRui Paulo /* octet 4 */ 169780fb4a2SCy Schubert u8 length1; 1704bc52338SCy Schubert } STRUCT_PACKED; 1715b9c547cSRui Paulo 1725b9c547cSRui Paulo #define MKA_HDR_LEN sizeof(struct ieee802_1x_mka_hdr) 1735b9c547cSRui Paulo 17485732ac8SCy Schubert /** 17585732ac8SCy Schubert * struct ieee802_1x_mka_basic_body - Basic Parameter Set (Figure 11-8) 17685732ac8SCy Schubert * @version: MKA Version Identifier 17785732ac8SCy Schubert * @priority: Key Server Priority 17885732ac8SCy Schubert * @length: Parameter set body length 17985732ac8SCy Schubert * @macsec_capability: MACsec capability, as defined in ieee802_1x_defs.h 18085732ac8SCy Schubert * @macsec_desired: the participant wants MACsec to be used to protect frames 18185732ac8SCy Schubert * (9.6.1) 18285732ac8SCy Schubert * @key_server: the participant has not decided that another participant is or 18385732ac8SCy Schubert * will be the key server (9.5.1) 18485732ac8SCy Schubert * @length1: Parameter set body length (cont) 18585732ac8SCy Schubert * @actor_mi: Actor's Member Identifier 18685732ac8SCy Schubert * @actor_mn: Actor's Message Number 18785732ac8SCy Schubert * @algo_agility: Algorithm Agility parameter 18885732ac8SCy Schubert * @ckn: CAK Name 18985732ac8SCy Schubert */ 1905b9c547cSRui Paulo struct ieee802_1x_mka_basic_body { 1915b9c547cSRui Paulo /* octet 1 */ 192780fb4a2SCy Schubert u8 version; 1935b9c547cSRui Paulo /* octet 2 */ 194780fb4a2SCy Schubert u8 priority; 1955b9c547cSRui Paulo /* octet 3 */ 1965b9c547cSRui Paulo #if __BYTE_ORDER == __LITTLE_ENDIAN 197780fb4a2SCy Schubert u8 length:4; 198780fb4a2SCy Schubert u8 macsec_capability:2; 199780fb4a2SCy Schubert u8 macsec_desired:1; 200780fb4a2SCy Schubert u8 key_server:1; 2015b9c547cSRui Paulo #elif __BYTE_ORDER == __BIG_ENDIAN 202780fb4a2SCy Schubert u8 key_server:1; 203780fb4a2SCy Schubert u8 macsec_desired:1; 204780fb4a2SCy Schubert u8 macsec_capability:2; 205780fb4a2SCy Schubert u8 length:4; 2065b9c547cSRui Paulo #endif 2075b9c547cSRui Paulo /* octet 4 */ 208780fb4a2SCy Schubert u8 length1; 2095b9c547cSRui Paulo 2105b9c547cSRui Paulo struct ieee802_1x_mka_sci actor_sci; 2115b9c547cSRui Paulo u8 actor_mi[MI_LEN]; 212780fb4a2SCy Schubert be32 actor_mn; 2135b9c547cSRui Paulo u8 algo_agility[4]; 2145b9c547cSRui Paulo 2155b9c547cSRui Paulo /* followed by CAK Name */ 2165b9c547cSRui Paulo u8 ckn[0]; 2174bc52338SCy Schubert } STRUCT_PACKED; 2185b9c547cSRui Paulo 21985732ac8SCy Schubert /** 22085732ac8SCy Schubert * struct ieee802_1x_mka_peer_body - Live Peer List and Potential Peer List 22185732ac8SCy Schubert * parameter sets (Figure 11-9) 22285732ac8SCy Schubert * @type: Parameter set type (1 or 2) 22385732ac8SCy Schubert * @length: Parameter set body length 22485732ac8SCy Schubert * @length1: Parameter set body length (cont) 22585732ac8SCy Schubert * @peer: array of (MI, MN) pairs 22685732ac8SCy Schubert */ 2275b9c547cSRui Paulo struct ieee802_1x_mka_peer_body { 2285b9c547cSRui Paulo /* octet 1 */ 229780fb4a2SCy Schubert u8 type; 2305b9c547cSRui Paulo /* octet 2 */ 231780fb4a2SCy Schubert u8 reserve; 2325b9c547cSRui Paulo /* octet 3 */ 2335b9c547cSRui Paulo #if __BYTE_ORDER == __LITTLE_ENDIAN 234780fb4a2SCy Schubert u8 length:4; 235780fb4a2SCy Schubert u8 reserve1:4; 2365b9c547cSRui Paulo #elif __BYTE_ORDER == __BIG_ENDIAN 237780fb4a2SCy Schubert u8 reserve1:4; 238780fb4a2SCy Schubert u8 length:4; 2395b9c547cSRui Paulo #endif 2405b9c547cSRui Paulo /* octet 4 */ 241780fb4a2SCy Schubert u8 length1; 2425b9c547cSRui Paulo 2435b9c547cSRui Paulo /* followed by Peers */ 2444bc52338SCy Schubert u8 peer[0]; 2454bc52338SCy Schubert } STRUCT_PACKED; 2465b9c547cSRui Paulo 24785732ac8SCy Schubert /** 24885732ac8SCy Schubert * struct ieee802_1x_mka_sak_use_body - MACsec SAK Use parameter set (Figure 24985732ac8SCy Schubert * 11-10) 25085732ac8SCy Schubert * @type: MKA message type 25185732ac8SCy Schubert * @lan: latest key AN 25285732ac8SCy Schubert * @ltx: latest key TX 25385732ac8SCy Schubert * @lrx: latest key RX 25485732ac8SCy Schubert * @oan: old key AN 25585732ac8SCy Schubert * @otx: old key TX 25685732ac8SCy Schubert * @orx: old key RX 25785732ac8SCy Schubert * @ptx: plain TX, ie protectFrames is False 25885732ac8SCy Schubert * @prx: plain RX, ie validateFrames is not Strict 25985732ac8SCy Schubert * @delay_protect: True if LPNs are being reported sufficiently frequently to 26085732ac8SCy Schubert * allow the recipient to provide data delay protection. If False, the LPN 26185732ac8SCy Schubert * can be reported as zero. 26285732ac8SCy Schubert * @lsrv_mi: latest key server MI 26385732ac8SCy Schubert * @lkn: latest key number (together with MI, form the KI) 26485732ac8SCy Schubert * @llpn: latest lowest acceptable PN (LPN) 26585732ac8SCy Schubert * @osrv_mi: old key server MI 26685732ac8SCy Schubert * @okn: old key number (together with MI, form the KI) 26785732ac8SCy Schubert * @olpn: old lowest acceptable PN (LPN) 26885732ac8SCy Schubert */ 2695b9c547cSRui Paulo struct ieee802_1x_mka_sak_use_body { 2705b9c547cSRui Paulo /* octet 1 */ 271780fb4a2SCy Schubert u8 type; 2725b9c547cSRui Paulo /* octet 2 */ 2735b9c547cSRui Paulo #if __BYTE_ORDER == __LITTLE_ENDIAN 274780fb4a2SCy Schubert u8 orx:1; 275780fb4a2SCy Schubert u8 otx:1; 276780fb4a2SCy Schubert u8 oan:2; 277780fb4a2SCy Schubert u8 lrx:1; 278780fb4a2SCy Schubert u8 ltx:1; 279780fb4a2SCy Schubert u8 lan:2; 2805b9c547cSRui Paulo #elif __BYTE_ORDER == __BIG_ENDIAN 281780fb4a2SCy Schubert u8 lan:2; 282780fb4a2SCy Schubert u8 ltx:1; 283780fb4a2SCy Schubert u8 lrx:1; 284780fb4a2SCy Schubert u8 oan:2; 285780fb4a2SCy Schubert u8 otx:1; 286780fb4a2SCy Schubert u8 orx:1; 2875b9c547cSRui Paulo #endif 2885b9c547cSRui Paulo 2895b9c547cSRui Paulo /* octet 3 */ 2905b9c547cSRui Paulo #if __BYTE_ORDER == __LITTLE_ENDIAN 291780fb4a2SCy Schubert u8 length:4; 292780fb4a2SCy Schubert u8 delay_protect:1; 293780fb4a2SCy Schubert u8 reserve:1; 294780fb4a2SCy Schubert u8 prx:1; 295780fb4a2SCy Schubert u8 ptx:1; 2965b9c547cSRui Paulo #elif __BYTE_ORDER == __BIG_ENDIAN 297780fb4a2SCy Schubert u8 ptx:1; 298780fb4a2SCy Schubert u8 prx:1; 299780fb4a2SCy Schubert u8 reserve:1; 300780fb4a2SCy Schubert u8 delay_protect:1; 301780fb4a2SCy Schubert u8 length:4; 3025b9c547cSRui Paulo #endif 3035b9c547cSRui Paulo 3045b9c547cSRui Paulo /* octet 4 */ 305780fb4a2SCy Schubert u8 length1; 3065b9c547cSRui Paulo 3075b9c547cSRui Paulo /* octet 5 - 16 */ 3085b9c547cSRui Paulo u8 lsrv_mi[MI_LEN]; 3095b9c547cSRui Paulo /* octet 17 - 20 */ 310780fb4a2SCy Schubert be32 lkn; 3115b9c547cSRui Paulo /* octet 21 - 24 */ 312780fb4a2SCy Schubert be32 llpn; 3135b9c547cSRui Paulo 3145b9c547cSRui Paulo /* octet 25 - 36 */ 3155b9c547cSRui Paulo u8 osrv_mi[MI_LEN]; 3165b9c547cSRui Paulo /* octet 37 - 40 */ 317780fb4a2SCy Schubert be32 okn; 3185b9c547cSRui Paulo /* octet 41 - 44 */ 319780fb4a2SCy Schubert be32 olpn; 3204bc52338SCy Schubert } STRUCT_PACKED; 3215b9c547cSRui Paulo 32285732ac8SCy Schubert /** 32385732ac8SCy Schubert * struct ieee802_1x_mka_dist_sak_body - Distributed SAK parameter set 32485732ac8SCy Schubert * (GCM-AES-128, Figure 11-11) 32585732ac8SCy Schubert * @type: Parameter set type (4) 32685732ac8SCy Schubert * @length: Parameter set body length 32785732ac8SCy Schubert * @length1: Parameter set body length (cont) 32885732ac8SCy Schubert * Total parameter body length values: 32985732ac8SCy Schubert * - 0 for plain text 33085732ac8SCy Schubert * - 28 for GCM-AES-128 33185732ac8SCy Schubert * - 36 or more for other cipher suites 33285732ac8SCy Schubert * @confid_offset: confidentiality offset, as defined in ieee802_1x_defs.h 33385732ac8SCy Schubert * @dan: distributed AN (0 for plain text) 33485732ac8SCy Schubert * @kn: Key Number 33585732ac8SCy Schubert * @sak: AES Key Wrap of SAK (see 9.8) 33685732ac8SCy Schubert */ 3375b9c547cSRui Paulo struct ieee802_1x_mka_dist_sak_body { 3385b9c547cSRui Paulo /* octet 1 */ 339780fb4a2SCy Schubert u8 type; 3405b9c547cSRui Paulo /* octet 2 */ 3415b9c547cSRui Paulo #if __BYTE_ORDER == __LITTLE_ENDIAN 342780fb4a2SCy Schubert u8 reserve:4; 343780fb4a2SCy Schubert u8 confid_offset:2; 344780fb4a2SCy Schubert u8 dan:2; 3455b9c547cSRui Paulo #elif __BYTE_ORDER == __BIG_ENDIAN 346780fb4a2SCy Schubert u8 dan:2; 347780fb4a2SCy Schubert u8 confid_offset:2; 348780fb4a2SCy Schubert u8 reserve:4; 3495b9c547cSRui Paulo #endif 3505b9c547cSRui Paulo /* octet 3 */ 3515b9c547cSRui Paulo #if __BYTE_ORDER == __LITTLE_ENDIAN 352780fb4a2SCy Schubert u8 length:4; 353780fb4a2SCy Schubert u8 reserve1:4; 3545b9c547cSRui Paulo #elif __BYTE_ORDER == __BIG_ENDIAN 355780fb4a2SCy Schubert u8 reserve1:4; 356780fb4a2SCy Schubert u8 length:4; 3575b9c547cSRui Paulo #endif 3585b9c547cSRui Paulo /* octet 4 */ 359780fb4a2SCy Schubert u8 length1; 3605b9c547cSRui Paulo /* octet 5 - 8 */ 361780fb4a2SCy Schubert be32 kn; 3625b9c547cSRui Paulo 3635b9c547cSRui Paulo /* for GCM-AES-128: octet 9-32: SAK 3645b9c547cSRui Paulo * for other cipher suite: octet 9-16: cipher suite id, octet 17-: SAK 3655b9c547cSRui Paulo */ 3665b9c547cSRui Paulo u8 sak[0]; 3674bc52338SCy Schubert } STRUCT_PACKED; 3685b9c547cSRui Paulo 36985732ac8SCy Schubert /** 37085732ac8SCy Schubert * struct ieee802_1x_mka_dist_cak_body - Distributed CAK parameter set (Figure 37185732ac8SCy Schubert * 11-13) 37285732ac8SCy Schubert * @type: Parameter set type (5) 37385732ac8SCy Schubert * @length: Parameter set body length 37485732ac8SCy Schubert * @length1: Parameter set body length (cont) 37585732ac8SCy Schubert * Total parameter body length values: 37685732ac8SCy Schubert * - 0 for plain text 37785732ac8SCy Schubert * - 28 for GCM-AES-128 37885732ac8SCy Schubert * - 36 or more for other cipher suites 37985732ac8SCy Schubert * @cak: AES Key Wrap of CAK (see 9.8) 38085732ac8SCy Schubert * @ckn: CAK Name 38185732ac8SCy Schubert */ 38285732ac8SCy Schubert struct ieee802_1x_mka_dist_cak_body { 38385732ac8SCy Schubert /* octet 1 */ 38485732ac8SCy Schubert u8 type; 38585732ac8SCy Schubert /* octet 2 */ 38685732ac8SCy Schubert u8 reserve; 38785732ac8SCy Schubert /* octet 3 */ 38885732ac8SCy Schubert #if __BYTE_ORDER == __LITTLE_ENDIAN 38985732ac8SCy Schubert u8 length:4; 39085732ac8SCy Schubert u8 reserve1:4; 39185732ac8SCy Schubert #elif __BYTE_ORDER == __BIG_ENDIAN 39285732ac8SCy Schubert u8 reserve1:4; 39385732ac8SCy Schubert u8 length:4; 39485732ac8SCy Schubert #endif 39585732ac8SCy Schubert /* octet 4 */ 39685732ac8SCy Schubert u8 length1; 39785732ac8SCy Schubert 39885732ac8SCy Schubert /* octet 5 - 28 */ 39985732ac8SCy Schubert u8 cak[24]; 40085732ac8SCy Schubert 40185732ac8SCy Schubert /* followed by CAK Name, 29- */ 40285732ac8SCy Schubert u8 ckn[0]; 4034bc52338SCy Schubert } STRUCT_PACKED; 4045b9c547cSRui Paulo 4055b9c547cSRui Paulo struct ieee802_1x_mka_icv_body { 4065b9c547cSRui Paulo /* octet 1 */ 407780fb4a2SCy Schubert u8 type; 4085b9c547cSRui Paulo /* octet 2 */ 409780fb4a2SCy Schubert u8 reserve; 4105b9c547cSRui Paulo /* octet 3 */ 4115b9c547cSRui Paulo #if __BYTE_ORDER == __LITTLE_ENDIAN 412780fb4a2SCy Schubert u8 length:4; 413780fb4a2SCy Schubert u8 reserve1:4; 4145b9c547cSRui Paulo #elif __BYTE_ORDER == __BIG_ENDIAN 415780fb4a2SCy Schubert u8 reserve1:4; 416780fb4a2SCy Schubert u8 length:4; 4175b9c547cSRui Paulo #endif 4185b9c547cSRui Paulo /* octet 4 */ 419780fb4a2SCy Schubert u8 length1; 4205b9c547cSRui Paulo 4215b9c547cSRui Paulo /* octet 5 - */ 4225b9c547cSRui Paulo u8 icv[0]; 4234bc52338SCy Schubert } STRUCT_PACKED; 4245b9c547cSRui Paulo 4255b9c547cSRui Paulo #endif /* IEEE802_1X_KAY_I_H */ 426