On Fri, Nov 02, 2018 at 07:02:18PM +0100, Andrey Kartashev wrote: > There is already partial support of GCM-AES-256. It is possible to > enable this mode by setting 'kay->macsec_csindex = 1;' in > ieee802_1x_kay_init() function, but generated key contain only 128 bits > of data while other 128 bits are in 0. > This patch enables KaY to generate full 256bit key from same 128bit CAK. This does not correct to me, i.e., I would expect GCM-AES-256 to use 256-bit keys throughout the key hierarchy. In other words, also CAK would be 256 bits in that case.. Anyway, I did apply this and then added number of other changes to extend the key derivation functions to support both key lengths. The PSK case can now configure a 256-bit CAK. For EAP, an additional configuration parameter might be needed unless the CAK length is indicated somewhere (did not find it yet based on a quick search through the standard). -- Jouni Malinen PGP id EFC895FA _______________________________________________ Hostap mailing list Hostap@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/hostap
