| Message ID | 20170406125049.22728-1-jaap.keuter@xs4all.nl |
|---|---|
| State | Deferred |
| Headers | show |
On Thu, Apr 06, 2017 at 02:50:49PM +0200, Jaap Keuter wrote: > The Algorithm Agility parameter value 00-80-C2-01 is corrected to > IEEE 802.1X-2010 in IEEE 802.1Xbx-2014. Change the identifier to > reflect this correction. > diff --git a/src/pae/ieee802_1x_kay.c b/src/pae/ieee802_1x_kay.c > @@ -32,8 +32,9 @@ > /* IEEE Std 802.1X-2010, Table 9-1 - MKA Algorithm Agility */ > -#define MKA_ALGO_AGILITY_2009 { 0x00, 0x80, 0xC2, 0x01 } > -static u8 mka_algo_agility[4] = MKA_ALGO_AGILITY_2009; > +/* IEEE Std 802.1Xbx-2014, Table 9-1 - MKA Algorithm Agility */ > +#define MKA_ALGO_AGILITY_2010 { 0x00, 0x80, 0xC2, 0x01 } > +static u8 mka_algo_agility[4] = MKA_ALGO_AGILITY_2010; So this does not really change anything in practice since the actual value of mka_algo_agility[] remains identical and all that changes is that editorial change for the publication year of the 802.1X standard which happened to be used here in the define name. Why is this needed? This would be the first reference to IEEE Std 802.1Xbx-2014 in the implementation and I don't really see the need for this unless there is goal to make a more complete review of the impact of 802.1Xbx-2014 on the implementation.
On 08-05-17 17:28, Jouni Malinen wrote: > On Thu, Apr 06, 2017 at 02:50:49PM +0200, Jaap Keuter wrote: >> The Algorithm Agility parameter value 00-80-C2-01 is corrected to >> IEEE 802.1X-2010 in IEEE 802.1Xbx-2014. Change the identifier to >> reflect this correction. > >> diff --git a/src/pae/ieee802_1x_kay.c b/src/pae/ieee802_1x_kay.c >> @@ -32,8 +32,9 @@ >> /* IEEE Std 802.1X-2010, Table 9-1 - MKA Algorithm Agility */ >> -#define MKA_ALGO_AGILITY_2009 { 0x00, 0x80, 0xC2, 0x01 } >> -static u8 mka_algo_agility[4] = MKA_ALGO_AGILITY_2009; >> +/* IEEE Std 802.1Xbx-2014, Table 9-1 - MKA Algorithm Agility */ >> +#define MKA_ALGO_AGILITY_2010 { 0x00, 0x80, 0xC2, 0x01 } >> +static u8 mka_algo_agility[4] = MKA_ALGO_AGILITY_2010; > > So this does not really change anything in practice since the actual > value of mka_algo_agility[] remains identical and all that changes is > that editorial change for the publication year of the 802.1X standard > which happened to be used here in the define name. > > Why is this needed? This would be the first reference to IEEE Std > 802.1Xbx-2014 in the implementation and I don't really see the need for > this unless there is goal to make a more complete review of the impact > of 802.1Xbx-2014 on the implementation. > Fair enough. With this first patch I was 'testing the waters', so to speak. You may drop this patch. Thanks, Jaap
diff --git a/src/pae/ieee802_1x_kay.c b/src/pae/ieee802_1x_kay.c index 1d4ed89c0..87c00bbb6 100644 --- a/src/pae/ieee802_1x_kay.c +++ b/src/pae/ieee802_1x_kay.c @@ -32,8 +32,9 @@ #define MKA_ALIGN_LENGTH(len) (((len) + 0x3) & ~0x3) /* IEEE Std 802.1X-2010, Table 9-1 - MKA Algorithm Agility */ -#define MKA_ALGO_AGILITY_2009 { 0x00, 0x80, 0xC2, 0x01 } -static u8 mka_algo_agility[4] = MKA_ALGO_AGILITY_2009; +/* IEEE Std 802.1Xbx-2014, Table 9-1 - MKA Algorithm Agility */ +#define MKA_ALGO_AGILITY_2010 { 0x00, 0x80, 0xC2, 0x01 } +static u8 mka_algo_agility[4] = MKA_ALGO_AGILITY_2010; /* IEEE802.1AE-2006 Table 14-1 MACsec Cipher Suites */ static struct macsec_ciphersuite cipher_suite_tbl[] = { @@ -51,7 +52,7 @@ static struct macsec_ciphersuite cipher_suite_tbl[] = { static struct mka_alg mka_alg_tbl[] = { { - .parameter = MKA_ALGO_AGILITY_2009, + .parameter = MKA_ALGO_AGILITY_2010, /* 128-bit CAK, KEK, ICK, ICV */ .cak_len = DEFAULT_ICV_LEN,
The Algorithm Agility parameter value 00-80-C2-01 is corrected to IEEE 802.1X-2010 in IEEE 802.1Xbx-2014. Change the identifier to reflect this correction. Signed-off-by: Jaap Keuter <jaap.keuter@xs4all.nl> --- src/pae/ieee802_1x_kay.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-)