diff options
author | Christian Poessinger <christian@poessinger.com> | 2022-08-01 18:04:43 +0200 |
---|---|---|
committer | Christian Poessinger <christian@poessinger.com> | 2022-08-01 18:05:29 +0200 |
commit | d03248271c9610369c1b7d06ac81ca338117b545 (patch) | |
tree | 30697ed301f45f4f41fb41d9f517dd882ef23018 /op-mode-definitions | |
parent | 71f2f2d789bd3452ca7b5306f39df5f6537bfef0 (diff) | |
download | vyos-1x-d03248271c9610369c1b7d06ac81ca338117b545.tar.gz vyos-1x-d03248271c9610369c1b7d06ac81ca338117b545.zip |
op-mode: macsec: T3368: generate 128/258bit connectivity association keys
vyos@vyos:~$ generate macsec mka cak gcm-aes-128
6623f6ad9a0eae2db699b18f48af292b
vyos@vyos:~$ generate macsec mka cak gcm-aes-256
0d84ac9d7cb7367c02ab22fc8b5f5f1113a62b765752bcf8d6da52554f04a826
Diffstat (limited to 'op-mode-definitions')
-rw-r--r-- | op-mode-definitions/generate-macsec-key.xml.in | 38 |
1 files changed, 29 insertions, 9 deletions
diff --git a/op-mode-definitions/generate-macsec-key.xml.in b/op-mode-definitions/generate-macsec-key.xml.in index 40d2b9061..d8e514c16 100644 --- a/op-mode-definitions/generate-macsec-key.xml.in +++ b/op-mode-definitions/generate-macsec-key.xml.in @@ -7,17 +7,37 @@ <help>Generate MACsec Key</help> </properties> <children> - <node name="mka-cak"> + <node name="mka"> <properties> - <help>Generate MACsec connectivity association key (CAK)</help> + <help>MACsec Key Agreement (MKA) protocol</help> </properties> - <command>/usr/bin/hexdump -n 16 -e '4/4 "%08x" 1 "\n"' /dev/random</command> - </node> - <node name="mka-ckn"> - <properties> - <help>Generate MACsec connectivity association name (CKN)</help> - </properties> - <command>/usr/bin/hexdump -n 32 -e '8/4 "%08x" 1 "\n"' /dev/random</command> + <children> + <node name="cak"> + <properties> + <help>Generate MACsec connectivity association key (CAK)</help> + </properties> + <children> + <leafNode name="gcm-aes-128"> + <properties> + <help>Generate random key for GCM-AES-128 encryption - 128bit</help> + </properties> + <command>/usr/bin/hexdump -n 16 -e '4/4 "%08x" 1 "\n"' /dev/random</command> + </leafNode> + <leafNode name="gcm-aes-256"> + <properties> + <help>Generate random key for GCM-AES-256 encryption - 256bit</help> + </properties> + <command>/usr/bin/hexdump -n 32 -e '8/4 "%08x" 1 "\n"' /dev/random</command> + </leafNode> + </children> + </node> + <node name="ckn"> + <properties> + <help>Generate MACsec connectivity association name (CKN) - 256bit</help> + </properties> + <command>/usr/bin/hexdump -n 32 -e '8/4 "%08x" 1 "\n"' /dev/random</command> + </node> + </children> </node> </children> </node> |