From 5a1480c7c46c4236d93bfd303dde32062bee04ac Mon Sep 17 00:00:00 2001
From: Dmitry Shmidt <dimitrysh@google.com>
Date: Mon, 12 May 2014 09:46:02 -0700
Subject: Cumulative patch from commit f4626235de4b6d19c7399a2522241f7c43e0caf6

f462623 EAP-pwd server: Allow fragment_size to be configured
c876dcd EAP-IKEv2: Allow frag ack without integrity checksum
0f73c64 EAP-pwd: Fix processing of group setup failure
13e2574 EAP-pwd peer: Export Session-Id through getSessionId callback
cfdb32e eapol_test: Check EAP-Key-Name
251c53e RADIUS: Define EAP-Key-Name
04cad50 EAP-SIM peer: Fix counter-too-small message building
270c9a4 Interworking: Allow FT to be used for connection
81ed499 Remove duplicated ibss_rsn_deinit() call
144f104 X.509: Fix v3 parsing with issuerUniqueID/subjectUniqueID present
0f1034e P2P: Refrain from performing extended listen during P2P connection
8d0dd4e Add macsec_qca driver wrapper
dd10abc MACsec: wpa_supplicant integration
887d9d0 MACsec: Add PAE implementation
7baec80 MACsec: Add driver_ops
4e9528c MACsec: Add common IEEE 802.1X definitions
3bcfab8 MACsec: Add define for EAPOL type MKA
0836c04 MACsec: Allow EAPOL version 3 to be configured
49be483 Add function to fetch EAP Session-Id from EAPOL supplicant
ea40a57 nl80211: Use max associated STAs information in AP mode

Change-Id: I0e37a10ca58d0dc1be95a0088d6a4c37b2505ad4
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
---
 src/common/eapol_common.h    | 13 +++++++-
 src/common/ieee802_1x_defs.h | 78 ++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 90 insertions(+), 1 deletion(-)
 create mode 100644 src/common/ieee802_1x_defs.h

(limited to 'src/common')

diff --git a/src/common/eapol_common.h b/src/common/eapol_common.h
index 4811f38a..6958661f 100644
--- a/src/common/eapol_common.h
+++ b/src/common/eapol_common.h
@@ -22,17 +22,28 @@ struct ieee802_1x_hdr {
 	/* followed by length octets of data */
 } STRUCT_PACKED;
 
+struct ieee8023_hdr {
+	u8 dest[ETH_ALEN];
+	u8 src[ETH_ALEN];
+	u16 ethertype;
+} STRUCT_PACKED;
+
 #ifdef _MSC_VER
 #pragma pack(pop)
 #endif /* _MSC_VER */
 
+#ifdef CONFIG_MACSEC
+#define EAPOL_VERSION 3
+#else /* CONFIG_MACSEC */
 #define EAPOL_VERSION 2
+#endif /* CONFIG_MACSEC */
 
 enum { IEEE802_1X_TYPE_EAP_PACKET = 0,
        IEEE802_1X_TYPE_EAPOL_START = 1,
        IEEE802_1X_TYPE_EAPOL_LOGOFF = 2,
        IEEE802_1X_TYPE_EAPOL_KEY = 3,
-       IEEE802_1X_TYPE_EAPOL_ENCAPSULATED_ASF_ALERT = 4
+       IEEE802_1X_TYPE_EAPOL_ENCAPSULATED_ASF_ALERT = 4,
+       IEEE802_1X_TYPE_EAPOL_MKA = 5,
 };
 
 enum { EAPOL_KEY_TYPE_RC4 = 1, EAPOL_KEY_TYPE_RSN = 2,
diff --git a/src/common/ieee802_1x_defs.h b/src/common/ieee802_1x_defs.h
new file mode 100644
index 00000000..cc88caa8
--- /dev/null
+++ b/src/common/ieee802_1x_defs.h
@@ -0,0 +1,78 @@
+/*
+ * IEEE Std 802.1X-2010 definitions
+ * Copyright (c) 2013-2014, Qualcomm Atheros, Inc.
+ *
+ * This software may be distributed under the terms of the BSD license.
+ * See README for more details.
+ */
+
+#ifndef IEEE802_1X_DEFS_H
+#define IEEE802_1X_DEFS_H
+
+#define CS_ID_LEN		8
+#define CS_ID_GCM_AES_128	{0x00, 0x80, 0x02, 0x00, 0x01, 0x00, 0x00, 0x01}
+#define CS_NAME_GCM_AES_128	"GCM-AES-128"
+
+enum macsec_policy {
+	/**
+	 * Should secure sessions.
+	 * This accepts key server's advice to determine whether to secure the
+	 * session or not.
+	 */
+	SHOULD_SECURE,
+
+	/**
+	 * Disabled MACsec - do not secure sessions.
+	 */
+	DO_NOT_SECURE,
+};
+
+
+/* IEEE Std 802.1X-2010 - Table 11-6 - MACsec Capability */
+enum macsec_cap {
+	/**
+	 * MACsec is not implemented
+	 */
+	MACSEC_CAP_NOT_IMPLEMENTED,
+
+	/**
+	 * 'Integrity without confidentiality'
+	 */
+	MACSEC_CAP_INTEGRITY,
+
+	/**
+	 * 'Integrity without confidentiality' and
+	 * 'Integrity and confidentiality' with a confidentiality offset of 0
+	 */
+	MACSEC_CAP_INTEG_AND_CONF,
+
+	/**
+	 * 'Integrity without confidentiality' and
+	 * 'Integrity and confidentiality' with a confidentiality offset of 0,
+	 * 30, 50
+	 */
+	MACSEC_CAP_INTEG_AND_CONF_0_30_50,
+};
+
+enum validate_frames {
+	Disabled,
+	Checked,
+	Strict,
+};
+
+/* IEEE Std 802.1X-2010 - Table 11-6 - Confidentiality Offset */
+enum confidentiality_offset {
+	CONFIDENTIALITY_NONE      = 0,
+	CONFIDENTIALITY_OFFSET_0  = 1,
+	CONFIDENTIALITY_OFFSET_30 = 2,
+	CONFIDENTIALITY_OFFSET_50 = 3,
+};
+
+/* IEEE Std 802.1X-2010 - Table 9-2 */
+#define DEFAULT_PRIO_INFRA_PORT        0x10
+#define DEFAULT_PRIO_PRIMRAY_AP        0x30
+#define DEFAULT_PRIO_SECONDARY_AP      0x50
+#define DEFAULT_PRIO_GROUP_CA_MEMBER   0x70
+#define DEFAULT_PRIO_NOT_KEY_SERVER    0xFF
+
+#endif /* IEEE802_1X_DEFS_H */
-- 
cgit v1.2.3