1  /*
2   * IEEE Std 802.1X-2010 definitions
3   * Copyright (c) 2013-2014, Qualcomm Atheros, Inc.
4   *
5   * This software may be distributed under the terms of the BSD license.
6   * See README for more details.
7   */
8  
9  #ifndef IEEE802_1X_DEFS_H
10  #define IEEE802_1X_DEFS_H
11  
12  #define CS_ID_LEN		8
13  #define CS_ID_GCM_AES_128	0x0080020001000001ULL
14  #define CS_NAME_GCM_AES_128	"GCM-AES-128"
15  #define CS_ID_GCM_AES_256	0x0080c20001000002ULL
16  #define CS_NAME_GCM_AES_256	"GCM-AES-256"
17  
18  enum macsec_policy {
19  	/**
20  	 * Should secure sessions.
21  	 * This accepts key server's advice to determine whether to secure the
22  	 * session or not.
23  	 */
24  	SHOULD_SECURE,
25  
26  	/**
27  	 * Disabled MACsec - do not secure sessions.
28  	 */
29  	DO_NOT_SECURE,
30  
31  	/**
32  	 * Should secure sessions, and try to use encryption.
33  	 * Like @SHOULD_SECURE, this follows the key server's decision.
34  	 */
35  	SHOULD_ENCRYPT,
36  };
37  
38  
39  /* IEEE Std 802.1X-2010 - Table 11-6 - MACsec Capability */
40  enum macsec_cap {
41  	/**
42  	 * MACsec is not implemented
43  	 */
44  	MACSEC_CAP_NOT_IMPLEMENTED,
45  
46  	/**
47  	 * 'Integrity without confidentiality'
48  	 */
49  	MACSEC_CAP_INTEGRITY,
50  
51  	/**
52  	 * 'Integrity without confidentiality' and
53  	 * 'Integrity and confidentiality' with a confidentiality offset of 0
54  	 */
55  	MACSEC_CAP_INTEG_AND_CONF,
56  
57  	/**
58  	 * 'Integrity without confidentiality' and
59  	 * 'Integrity and confidentiality' with a confidentiality offset of 0,
60  	 * 30, 50
61  	 */
62  	MACSEC_CAP_INTEG_AND_CONF_0_30_50,
63  };
64  
65  enum validate_frames {
66  	Disabled,
67  	Checked,
68  	Strict,
69  };
70  
71  /* IEEE Std 802.1X-2010 - Table 11-6 - Confidentiality Offset */
72  enum confidentiality_offset {
73  	CONFIDENTIALITY_NONE      = 0,
74  	CONFIDENTIALITY_OFFSET_0  = 1,
75  	CONFIDENTIALITY_OFFSET_30 = 2,
76  	CONFIDENTIALITY_OFFSET_50 = 3,
77  };
78  
79  /* IEEE Std 802.1X-2010 - Table 9-2 */
80  #define DEFAULT_PRIO_INFRA_PORT        0x10
81  #define DEFAULT_PRIO_PRIMRAY_AP        0x30
82  #define DEFAULT_PRIO_SECONDARY_AP      0x50
83  #define DEFAULT_PRIO_GROUP_CA_MEMBER   0x70
84  #define DEFAULT_PRIO_NOT_KEY_SERVER    0xFF
85  
86  #endif /* IEEE802_1X_DEFS_H */
87