summaryrefslogtreecommitdiff
path: root/interface-definitions/interfaces-macsec.xml.in
diff options
context:
space:
mode:
authorGiga Murphy <giga1699@gmail.com>2023-08-18 00:26:51 +0000
committerGiga Murphy <giga1699@gmail.com>2023-08-18 00:26:51 +0000
commit33b9bc55f9e3d7ce6a5ff447a6b545a96915daf3 (patch)
treee1f8072a5f86d3ad2f69cc819b1f5afb05832cee /interface-definitions/interfaces-macsec.xml.in
parent65ea7cef9fe922581e286bc539c4dc1e223c9d32 (diff)
downloadvyos-1x-33b9bc55f9e3d7ce6a5ff447a6b545a96915daf3.tar.gz
vyos-1x-33b9bc55f9e3d7ce6a5ff447a6b545a96915daf3.zip
T5447: Initial support for MACsec static keys
Diffstat (limited to 'interface-definitions/interfaces-macsec.xml.in')
-rw-r--r--interface-definitions/interfaces-macsec.xml.in46
1 files changed, 46 insertions, 0 deletions
diff --git a/interface-definitions/interfaces-macsec.xml.in b/interface-definitions/interfaces-macsec.xml.in
index 6bc28e44b..b81c9b40c 100644
--- a/interface-definitions/interfaces-macsec.xml.in
+++ b/interface-definitions/interfaces-macsec.xml.in
@@ -52,6 +52,52 @@
<valueless/>
</properties>
</leafNode>
+ <node name="static">
+ <properties>
+ <help>Assign static MACSec keys instead of using MKA</help>
+ </properties>
+ <children>
+ <leafNode name="tx-key">
+ <properties>
+ <help>Set the static transmit key</help>
+ <valueHelp>
+ <format>txt</format>
+ <description>16-byte (128-bit) hex-string (32 hex-digits) for gcm-aes-128 or 32-byte (256-bit) hex-string (64 hex-digits) for gcm-aes-256</description>
+ </valueHelp>
+ <constraint>
+ <regex>[A-Fa-f0-9]{32}</regex>
+ <regex>[A-Fa-f0-9]{64}</regex>
+ </constraint>
+ </properties>
+ </leafNode>
+ <tagNode name="peer">
+ <properties>
+ <help>peer alias</help>
+ <constraint>
+ <regex>[^ ]{1,100}</regex>
+ </constraint>
+ <constraintErrorMessage>peer alias too long (limit 100 characters)</constraintErrorMessage>
+ </properties>
+ <children>
+ #include <include/generic-disable-node.xml.i>
+ #include <include/interface/mac.xml.i>
+ <leafNode name="rx-key">
+ <properties>
+ <help>Set the static receive key for peer</help>
+ <valueHelp>
+ <format>txt</format>
+ <description>16-byte (128-bit) hex-string (32 hex-digits) for gcm-aes-128 or 32-byte (256-bit) hex-string (64 hex-digits) for gcm-aes-256</description>
+ </valueHelp>
+ <constraint>
+ <regex>[A-Fa-f0-9]{32}</regex>
+ <regex>[A-Fa-f0-9]{64}</regex>
+ </constraint>
+ </properties>
+ </leafNode>
+ </children>
+ </tagNode>
+ </children>
+ </node>
<node name="mka">
<properties>
<help>MACsec Key Agreement protocol (MKA)</help>