diff options
author | Christian Breunig <christian@breunig.cc> | 2023-08-23 07:35:28 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-08-23 07:35:28 +0200 |
commit | 8c7fbec24f8bfe064d8ad804951f5ae59b54748f (patch) | |
tree | 6bbf7902d77f0761fe95719f2492efad3a486ede /interface-definitions | |
parent | a090dd71231167cda95baaf7284e031230b5ee7a (diff) | |
parent | 007942130b3e9b86391fd08c3e372002afc6025e (diff) | |
download | vyos-1x-8c7fbec24f8bfe064d8ad804951f5ae59b54748f.tar.gz vyos-1x-8c7fbec24f8bfe064d8ad804951f5ae59b54748f.zip |
Merge pull request #2156 from giga1699/T5447
T5447: Initial support for MACsec static keys
Diffstat (limited to 'interface-definitions')
-rw-r--r-- | interface-definitions/include/interface/macsec-key.xml.i | 15 | ||||
-rw-r--r-- | interface-definitions/interfaces-macsec.xml.in | 22 |
2 files changed, 37 insertions, 0 deletions
diff --git a/interface-definitions/include/interface/macsec-key.xml.i b/interface-definitions/include/interface/macsec-key.xml.i new file mode 100644 index 000000000..5a857a612 --- /dev/null +++ b/interface-definitions/include/interface/macsec-key.xml.i @@ -0,0 +1,15 @@ +<!-- include start from interface/macsec-key.xml.i --> +<leafNode name="key"> + <properties> + <help>MACsec static key</help> + <valueHelp> + <format>txt</format> + <description>16-byte (128-bit) hex-string (32 hex-digits) for gcm-aes-128 or 32-byte (256-bit) hex-string (64 hex-digits) for gcm-aes-256</description> + </valueHelp> + <constraint> + <regex>[A-Fa-f0-9]{32}</regex> + <regex>[A-Fa-f0-9]{64}</regex> + </constraint> + </properties> +</leafNode> +<!-- include end --> diff --git a/interface-definitions/interfaces-macsec.xml.in b/interface-definitions/interfaces-macsec.xml.in index 6bc28e44b..766b0bede 100644 --- a/interface-definitions/interfaces-macsec.xml.in +++ b/interface-definitions/interfaces-macsec.xml.in @@ -52,6 +52,28 @@ <valueless/> </properties> </leafNode> + <node name="static"> + <properties> + <help>Use static keys for MACsec [static Secure Authentication Key (SAK) mode]</help> + </properties> + <children> + #include <include/interface/macsec-key.xml.i> + <tagNode name="peer"> + <properties> + <help>MACsec peer name</help> + <constraint> + <regex>[^ ]{1,100}</regex> + </constraint> + <constraintErrorMessage>MACsec peer name exceeds limit of 100 characters</constraintErrorMessage> + </properties> + <children> + #include <include/generic-disable-node.xml.i> + #include <include/interface/mac.xml.i> + #include <include/interface/macsec-key.xml.i> + </children> + </tagNode> + </children> + </node> <node name="mka"> <properties> <help>MACsec Key Agreement protocol (MKA)</help> |