From d03248271c9610369c1b7d06ac81ca338117b545 Mon Sep 17 00:00:00 2001
From: Christian Poessinger <christian@poessinger.com>
Date: Mon, 1 Aug 2022 18:04:43 +0200
Subject: op-mode: macsec: T3368: generate 128/258bit connectivity association
 keys

vyos@vyos:~$ generate macsec mka cak gcm-aes-128
6623f6ad9a0eae2db699b18f48af292b

vyos@vyos:~$ generate macsec mka cak gcm-aes-256
0d84ac9d7cb7367c02ab22fc8b5f5f1113a62b765752bcf8d6da52554f04a826
---
 op-mode-definitions/generate-macsec-key.xml.in | 38 ++++++++++++++++++++------
 1 file changed, 29 insertions(+), 9 deletions(-)

(limited to 'op-mode-definitions')

diff --git a/op-mode-definitions/generate-macsec-key.xml.in b/op-mode-definitions/generate-macsec-key.xml.in
index 40d2b9061..d8e514c16 100644
--- a/op-mode-definitions/generate-macsec-key.xml.in
+++ b/op-mode-definitions/generate-macsec-key.xml.in
@@ -7,17 +7,37 @@
           <help>Generate MACsec Key</help>
         </properties>
         <children>
-          <node name="mka-cak">
+          <node name="mka">
             <properties>
-              <help>Generate MACsec connectivity association key (CAK)</help>
+              <help>MACsec Key Agreement (MKA) protocol</help>
             </properties>
-            <command>/usr/bin/hexdump -n 16 -e '4/4 "%08x" 1 "\n"' /dev/random</command>
-          </node>
-          <node name="mka-ckn">
-            <properties>
-              <help>Generate MACsec connectivity association name (CKN)</help>
-            </properties>
-            <command>/usr/bin/hexdump -n 32 -e '8/4 "%08x" 1 "\n"' /dev/random</command>
+            <children>
+              <node name="cak">
+                <properties>
+                  <help>Generate MACsec connectivity association key (CAK)</help>
+                </properties>
+                <children>
+                  <leafNode name="gcm-aes-128">
+                    <properties>
+                      <help>Generate random key for GCM-AES-128 encryption - 128bit</help>
+                    </properties>
+                    <command>/usr/bin/hexdump -n 16 -e '4/4 "%08x" 1 "\n"' /dev/random</command>
+                  </leafNode>
+                  <leafNode name="gcm-aes-256">
+                    <properties>
+                      <help>Generate random key for GCM-AES-256 encryption - 256bit</help>
+                    </properties>
+                    <command>/usr/bin/hexdump -n 32 -e '8/4 "%08x" 1 "\n"' /dev/random</command>
+                  </leafNode>
+                </children>
+              </node>
+              <node name="ckn">
+                <properties>
+                  <help>Generate MACsec connectivity association name (CKN) - 256bit</help>
+                </properties>
+                <command>/usr/bin/hexdump -n 32 -e '8/4 "%08x" 1 "\n"' /dev/random</command>
+              </node>
+            </children>
           </node>
         </children>
       </node>
-- 
cgit v1.2.3