DGNum/hostapd
6
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions
13812 commits 4 branches 0 tags 32 MiB
Commit graph

6 commits

Author SHA1 Message Date
Jouni Malinen
7c3d1cc040 mka: Support 256-bit ICK derivation 
Support derivation of a 256-bit ICK and use of a 256-bit CAK in ICK
derivation.

Signed-off-by: Jouni Malinen <j@w1.fi>
 2018-12-26 16:44:58 +02:00
Jouni Malinen
175ebc1f7a mka: Support 256-bit KEK derivation 
Support derivation of a 256-bit KEK and use of a 256-bit CAK in KEK
derivation.

Signed-off-by: Jouni Malinen <j@w1.fi>
 2018-12-26 16:44:58 +02:00
Jouni Malinen
9b4a266694 mka: Support 256-bit CAK in SAK derivation 
Pass the configured CAK length to SAK derivation instead of using
hardcoded 128-bit length.

Signed-off-by: Jouni Malinen <j@w1.fi>
 2018-12-26 16:42:26 +02:00
Jouni Malinen
9dd701c12e mka: AES-CMAC-256 -based KDF 
Extend the previously implemented KDF (IEEE Std 802.1X-2010, 6.2.1) to
support 256-bit input key and AES-CMAC-256. This does not change any
actual key derivation functionality yet, but is needed as a step towards
supporting 256-bit CAK.

Signed-off-by: Jouni Malinen <j@w1.fi>
 2018-12-26 16:42:26 +02:00
Andrey Kartashev
c1576d44a8 mka: Support for 256-bit SAK generation 
There is already partial support of GCM-AES-256. It is possible to
enable this mode by setting 'kay->macsec_csindex = 1;' in
ieee802_1x_kay_init() function, but the generated key contained only 128
bits of data while other 128 bits are in 0.

Enables KaY to generate full 256-bit SAK from the same 128-bit CAK. Note
that this does not support 256-bit CAK or AES-CMAC-256 -based KDF.

Signed-off-by: Andrey Kartashev <andrey.kartashev@afconsult.com>
 2018-12-26 16:42:25 +02:00
Hu Wang
887d9d01ab MACsec: Add PAE implementation 
This adds initial implementation of IEEE Std 802.1X-2010 PAE for MACsec.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
 2014-05-09 20:42:44 +03:00