mka: Support GCM-AES-256
GCM-AES-256 cipher suite is defined in IEEE Std 802.1AEbn-2011. If authenticator configured as GCM-AES-256, the distributed SAK will be 256 bits indicated by the GCM-AES-256 ID in the MKA packet. This patch will make AES Key Unwrap to 32 bytes of SAK when identify the ID. Signed-off-by: xiaofeis <xiaofeis@codeaurora.org>
This commit is contained in:
xiaofeis
Jouni Malinen
parent
1d9babdaa0
commit
1ff8605775
3 changed files with 54 additions and 8 deletions
|
|
@ -45,6 +45,14 @@ static struct macsec_ciphersuite cipher_suite_tbl[] = {
|
|||
.sak_len = DEFAULT_SA_KEY_LEN,
|
||||
.index = 0,
|
||||
},
|
||||
/* GCM-AES-256 */
|
||||
{
|
||||
.id = CS_ID_GCM_AES_256,
|
||||
.name = CS_NAME_GCM_AES_256,
|
||||
.capable = MACSEC_CAP_INTEG_AND_CONF_0_30_50,
|
||||
.sak_len = 32,
|
||||
.index = 1 /* index */
|
||||
},
|
||||
};
|
||||
#define CS_TABLE_SIZE (ARRAY_SIZE(cipher_suite_tbl))
|
||||
#define DEFAULT_CS_INDEX 0
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue