summaryrefslogtreecommitdiff
path: root/src/pae/ieee802_1x_secy_ops.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/pae/ieee802_1x_secy_ops.c')
-rw-r--r--src/pae/ieee802_1x_secy_ops.c141
1 files changed, 84 insertions, 57 deletions
diff --git a/src/pae/ieee802_1x_secy_ops.c b/src/pae/ieee802_1x_secy_ops.c
index 2d12911dbfcf..ab5339bb2046 100644
--- a/src/pae/ieee802_1x_secy_ops.c
+++ b/src/pae/ieee802_1x_secy_ops.c
@@ -45,6 +45,26 @@ int secy_cp_control_protect_frames(struct ieee802_1x_kay *kay, Boolean enabled)
}
+int secy_cp_control_encrypt(struct ieee802_1x_kay *kay, Boolean enabled)
+{
+ struct ieee802_1x_kay_ctx *ops;
+
+ if (!kay) {
+ wpa_printf(MSG_ERROR, "KaY: %s params invalid", __func__);
+ return -1;
+ }
+
+ ops = kay->ctx;
+ if (!ops || !ops->enable_encrypt) {
+ wpa_printf(MSG_ERROR,
+ "KaY: secy enable_encrypt operation not supported");
+ return -1;
+ }
+
+ return ops->enable_encrypt(ops->ctx, enabled);
+}
+
+
int secy_cp_control_replay(struct ieee802_1x_kay *kay, Boolean enabled, u32 win)
{
struct ieee802_1x_kay_ctx *ops;
@@ -113,55 +133,48 @@ int secy_cp_control_enable_port(struct ieee802_1x_kay *kay, Boolean enabled)
}
-int secy_get_receive_lowest_pn(struct ieee802_1x_kay *kay,
- struct receive_sa *rxsa)
+int secy_get_capability(struct ieee802_1x_kay *kay, enum macsec_cap *cap)
{
struct ieee802_1x_kay_ctx *ops;
- if (!kay || !rxsa) {
+ if (!kay) {
wpa_printf(MSG_ERROR, "KaY: %s params invalid", __func__);
return -1;
}
ops = kay->ctx;
- if (!ops || !ops->get_receive_lowest_pn) {
+ if (!ops || !ops->macsec_get_capability) {
wpa_printf(MSG_ERROR,
- "KaY: secy get_receive_lowest_pn operation not supported");
+ "KaY: secy macsec_get_capability operation not supported");
return -1;
}
- return ops->get_receive_lowest_pn(ops->ctx,
- rxsa->sc->channel,
- rxsa->an,
- &rxsa->lowest_pn);
+ return ops->macsec_get_capability(ops->ctx, cap);
}
-int secy_get_transmit_next_pn(struct ieee802_1x_kay *kay,
- struct transmit_sa *txsa)
+int secy_get_receive_lowest_pn(struct ieee802_1x_kay *kay,
+ struct receive_sa *rxsa)
{
struct ieee802_1x_kay_ctx *ops;
- if (!kay || !txsa) {
+ if (!kay || !rxsa) {
wpa_printf(MSG_ERROR, "KaY: %s params invalid", __func__);
return -1;
}
ops = kay->ctx;
- if (!ops || !ops->get_transmit_next_pn) {
+ if (!ops || !ops->get_receive_lowest_pn) {
wpa_printf(MSG_ERROR,
"KaY: secy get_receive_lowest_pn operation not supported");
return -1;
}
- return ops->get_transmit_next_pn(ops->ctx,
- txsa->sc->channel,
- txsa->an,
- &txsa->next_pn);
+ return ops->get_receive_lowest_pn(ops->ctx, rxsa);
}
-int secy_set_transmit_next_pn(struct ieee802_1x_kay *kay,
+int secy_get_transmit_next_pn(struct ieee802_1x_kay *kay,
struct transmit_sa *txsa)
{
struct ieee802_1x_kay_ctx *ops;
@@ -172,36 +185,34 @@ int secy_set_transmit_next_pn(struct ieee802_1x_kay *kay,
}
ops = kay->ctx;
- if (!ops || !ops->set_transmit_next_pn) {
+ if (!ops || !ops->get_transmit_next_pn) {
wpa_printf(MSG_ERROR,
"KaY: secy get_receive_lowest_pn operation not supported");
return -1;
}
- return ops->set_transmit_next_pn(ops->ctx,
- txsa->sc->channel,
- txsa->an,
- txsa->next_pn);
+ return ops->get_transmit_next_pn(ops->ctx, txsa);
}
-int secy_get_available_receive_sc(struct ieee802_1x_kay *kay, u32 *channel)
+int secy_set_transmit_next_pn(struct ieee802_1x_kay *kay,
+ struct transmit_sa *txsa)
{
struct ieee802_1x_kay_ctx *ops;
- if (!kay) {
+ if (!kay || !txsa) {
wpa_printf(MSG_ERROR, "KaY: %s params invalid", __func__);
return -1;
}
ops = kay->ctx;
- if (!ops || !ops->get_available_receive_sc) {
+ if (!ops || !ops->set_transmit_next_pn) {
wpa_printf(MSG_ERROR,
- "KaY: secy get_available_receive_sc operation not supported");
+ "KaY: secy get_receive_lowest_pn operation not supported");
return -1;
}
- return ops->get_available_receive_sc(ops->ctx, channel);
+ return ops->set_transmit_next_pn(ops->ctx, txsa);
}
@@ -221,8 +232,7 @@ int secy_create_receive_sc(struct ieee802_1x_kay *kay, struct receive_sc *rxsc)
return -1;
}
- return ops->create_receive_sc(ops->ctx, rxsc->channel, &rxsc->sci,
- kay->vf, kay->co);
+ return ops->create_receive_sc(ops->ctx, rxsc, kay->vf, kay->co);
}
@@ -242,7 +252,7 @@ int secy_delete_receive_sc(struct ieee802_1x_kay *kay, struct receive_sc *rxsc)
return -1;
}
- return ops->delete_receive_sc(ops->ctx, rxsc->channel);
+ return ops->delete_receive_sc(ops->ctx, rxsc);
}
@@ -262,12 +272,11 @@ int secy_create_receive_sa(struct ieee802_1x_kay *kay, struct receive_sa *rxsa)
return -1;
}
- return ops->create_receive_sa(ops->ctx, rxsa->sc->channel, rxsa->an,
- rxsa->lowest_pn, rxsa->pkey->key);
+ return ops->create_receive_sa(ops->ctx, rxsa);
}
-int secy_enable_receive_sa(struct ieee802_1x_kay *kay, struct receive_sa *rxsa)
+int secy_delete_receive_sa(struct ieee802_1x_kay *kay, struct receive_sa *rxsa)
{
struct ieee802_1x_kay_ctx *ops;
@@ -277,19 +286,17 @@ int secy_enable_receive_sa(struct ieee802_1x_kay *kay, struct receive_sa *rxsa)
}
ops = kay->ctx;
- if (!ops || !ops->enable_receive_sa) {
+ if (!ops || !ops->delete_receive_sa) {
wpa_printf(MSG_ERROR,
- "KaY: secy enable_receive_sa operation not supported");
+ "KaY: secy delete_receive_sa operation not supported");
return -1;
}
- rxsa->enable_receive = TRUE;
-
- return ops->enable_receive_sa(ops->ctx, rxsa->sc->channel, rxsa->an);
+ return ops->delete_receive_sa(ops->ctx, rxsa);
}
-int secy_disable_receive_sa(struct ieee802_1x_kay *kay, struct receive_sa *rxsa)
+int secy_enable_receive_sa(struct ieee802_1x_kay *kay, struct receive_sa *rxsa)
{
struct ieee802_1x_kay_ctx *ops;
@@ -299,35 +306,37 @@ int secy_disable_receive_sa(struct ieee802_1x_kay *kay, struct receive_sa *rxsa)
}
ops = kay->ctx;
- if (!ops || !ops->disable_receive_sa) {
+ if (!ops || !ops->enable_receive_sa) {
wpa_printf(MSG_ERROR,
- "KaY: secy disable_receive_sa operation not supported");
+ "KaY: secy enable_receive_sa operation not supported");
return -1;
}
- rxsa->enable_receive = FALSE;
+ rxsa->enable_receive = TRUE;
- return ops->disable_receive_sa(ops->ctx, rxsa->sc->channel, rxsa->an);
+ return ops->enable_receive_sa(ops->ctx, rxsa);
}
-int secy_get_available_transmit_sc(struct ieee802_1x_kay *kay, u32 *channel)
+int secy_disable_receive_sa(struct ieee802_1x_kay *kay, struct receive_sa *rxsa)
{
struct ieee802_1x_kay_ctx *ops;
- if (!kay) {
+ if (!kay || !rxsa) {
wpa_printf(MSG_ERROR, "KaY: %s params invalid", __func__);
return -1;
}
ops = kay->ctx;
- if (!ops || !ops->get_available_transmit_sc) {
+ if (!ops || !ops->disable_receive_sa) {
wpa_printf(MSG_ERROR,
- "KaY: secy get_available_transmit_sc operation not supported");
+ "KaY: secy disable_receive_sa operation not supported");
return -1;
}
- return ops->get_available_transmit_sc(ops->ctx, channel);
+ rxsa->enable_receive = FALSE;
+
+ return ops->disable_receive_sa(ops->ctx, rxsa);
}
@@ -348,8 +357,7 @@ int secy_create_transmit_sc(struct ieee802_1x_kay *kay,
return -1;
}
- return ops->create_transmit_sc(ops->ctx, txsc->channel, &txsc->sci,
- kay->co);
+ return ops->create_transmit_sc(ops->ctx, txsc, kay->co);
}
@@ -370,7 +378,7 @@ int secy_delete_transmit_sc(struct ieee802_1x_kay *kay,
return -1;
}
- return ops->delete_transmit_sc(ops->ctx, txsc->channel);
+ return ops->delete_transmit_sc(ops->ctx, txsc);
}
@@ -391,9 +399,28 @@ int secy_create_transmit_sa(struct ieee802_1x_kay *kay,
return -1;
}
- return ops->create_transmit_sa(ops->ctx, txsa->sc->channel, txsa->an,
- txsa->next_pn, txsa->confidentiality,
- txsa->pkey->key);
+ return ops->create_transmit_sa(ops->ctx, txsa);
+}
+
+
+int secy_delete_transmit_sa(struct ieee802_1x_kay *kay,
+ struct transmit_sa *txsa)
+{
+ struct ieee802_1x_kay_ctx *ops;
+
+ if (!kay || !txsa) {
+ wpa_printf(MSG_ERROR, "KaY: %s params invalid", __func__);
+ return -1;
+ }
+
+ ops = kay->ctx;
+ if (!ops || !ops->delete_transmit_sa) {
+ wpa_printf(MSG_ERROR,
+ "KaY: secy delete_transmit_sa operation not supported");
+ return -1;
+ }
+
+ return ops->delete_transmit_sa(ops->ctx, txsa);
}
@@ -416,7 +443,7 @@ int secy_enable_transmit_sa(struct ieee802_1x_kay *kay,
txsa->enable_transmit = TRUE;
- return ops->enable_transmit_sa(ops->ctx, txsa->sc->channel, txsa->an);
+ return ops->enable_transmit_sa(ops->ctx, txsa);
}
@@ -439,7 +466,7 @@ int secy_disable_transmit_sa(struct ieee802_1x_kay *kay,
txsa->enable_transmit = FALSE;
- return ops->disable_transmit_sa(ops->ctx, txsa->sc->channel, txsa->an);
+ return ops->disable_transmit_sa(ops->ctx, txsa);
}
generated by cgit v1.3 (git 2.53.0) at 2026-04-20 19:03:54 +0000