1 /*
2  * IEEE Std 802.1X-2010 definitions
3  * Copyright (c) 2013-2014, Qualcomm Atheros, Inc.
4  *
5  * This software may be distributed under the terms of the BSD license.
6  * See README for more details.
7  */
8 
9 #ifndef IEEE802_1X_DEFS_H
10 #define IEEE802_1X_DEFS_H
11 
12 #define CS_ID_LEN		8
13 #define CS_ID_GCM_AES_128	0x0080020001000001ULL
14 #define CS_NAME_GCM_AES_128	"GCM-AES-128"
15 
16 enum macsec_policy {
17 	/**
18 	 * Should secure sessions.
19 	 * This accepts key server's advice to determine whether to secure the
20 	 * session or not.
21 	 */
22 	SHOULD_SECURE,
23 
24 	/**
25 	 * Disabled MACsec - do not secure sessions.
26 	 */
27 	DO_NOT_SECURE,
28 
29 	/**
30 	 * Should secure sessions, and try to use encryption.
31 	 * Like @SHOULD_SECURE, this follows the key server's decision.
32 	 */
33 	SHOULD_ENCRYPT,
34 };
35 
36 
37 /* IEEE Std 802.1X-2010 - Table 11-6 - MACsec Capability */
38 enum macsec_cap {
39 	/**
40 	 * MACsec is not implemented
41 	 */
42 	MACSEC_CAP_NOT_IMPLEMENTED,
43 
44 	/**
45 	 * 'Integrity without confidentiality'
46 	 */
47 	MACSEC_CAP_INTEGRITY,
48 
49 	/**
50 	 * 'Integrity without confidentiality' and
51 	 * 'Integrity and confidentiality' with a confidentiality offset of 0
52 	 */
53 	MACSEC_CAP_INTEG_AND_CONF,
54 
55 	/**
56 	 * 'Integrity without confidentiality' and
57 	 * 'Integrity and confidentiality' with a confidentiality offset of 0,
58 	 * 30, 50
59 	 */
60 	MACSEC_CAP_INTEG_AND_CONF_0_30_50,
61 };
62 
63 enum validate_frames {
64 	Disabled,
65 	Checked,
66 	Strict,
67 };
68 
69 /* IEEE Std 802.1X-2010 - Table 11-6 - Confidentiality Offset */
70 enum confidentiality_offset {
71 	CONFIDENTIALITY_NONE      = 0,
72 	CONFIDENTIALITY_OFFSET_0  = 1,
73 	CONFIDENTIALITY_OFFSET_30 = 2,
74 	CONFIDENTIALITY_OFFSET_50 = 3,
75 };
76 
77 /* IEEE Std 802.1X-2010 - Table 9-2 */
78 #define DEFAULT_PRIO_INFRA_PORT        0x10
79 #define DEFAULT_PRIO_PRIMRAY_AP        0x30
80 #define DEFAULT_PRIO_SECONDARY_AP      0x50
81 #define DEFAULT_PRIO_GROUP_CA_MEMBER   0x70
82 #define DEFAULT_PRIO_NOT_KEY_SERVER    0xFF
83 
84 #endif /* IEEE802_1X_DEFS_H */
85