Add MACsec (IEEE 802.1AE) to wolfIP: software SecY + wolfMKA control plane#143
Draft
dgarske wants to merge 1 commit into
Draft
Add MACsec (IEEE 802.1AE) to wolfIP: software SecY + wolfMKA control plane#143dgarske wants to merge 1 commit into
dgarske wants to merge 1 commit into
Conversation
Contributor
There was a problem hiding this comment.
Pull request overview
This PR introduces a clean-room IEEE 802.1AE MACsec implementation inside wolfIP (software SecY + stateful SA layer) and integrates wolfSSL’s wolfMKA as the optional 802.1X-2010 MKA control plane, along with host-side interop tooling and CI coverage to validate framing, crypto, and robustness.
Changes:
- Add MACsec crypto primitives (CMAC KDF, key wrap, ICV), stateless SecY frame transform, and stateful SA (PN + replay handling) under
src/macsec/. - Add a wolfMKA adapter (
mka_wolfmka.*) plus host tools (macsec-probe,macsec-sta) and Linux interop scripts. - Extend build system and CI to build/run MACsec unit tests, sanitizer runs, and a kernel-macsec interop check (best-effort).
Reviewed changes
Copilot reviewed 23 out of 23 changed files in this pull request and generated 11 comments.
Show a summary per file
| File | Description |
|---|---|
| tools/macsec/run_macsec_static_test.sh | Kernel-macsec vs wolfIP SecY byte-level interop (static SAK) script. |
| tools/macsec/run_macsec_mka_test.sh | wolfMKA participant interop script vs wpa_supplicant MKA (control plane). |
| tools/macsec/run_macsec_mka_dataplane_test.sh | End-to-end dataplane test script (wolfMKA agrees SAK, programs kernel macsec, pings). |
| tools/macsec/macsec_sta.c | AF_PACKET host harness to run wolfMKA participant and optionally program kernel macsec. |
| tools/macsec/macsec_probe.c | CLI tool to protect/validate single frames via the software SecY for interop checks. |
| src/supplicant/supplicant_features.h | Adds feature gating for MACsec prerequisites (CMAC/GCM/keywrap). |
| src/supplicant/eap.h | Adds EAPOL_TYPE_MKA constant for EAPOL-MKA. |
| src/port/rp2350_cyw43439/test_cyw43_sdpcm.c | Adjusts test buffer sizing for iovar build test. |
| src/macsec/test_macsec_secy.c | Unit tests for SecY framing + protect/validate modes. |
| src/macsec/test_macsec_sa.c | Unit tests for stateful SA (PN, replay, integrity-only, exhaustion). |
| src/macsec/test_macsec_crypto.c | Unit tests for MACsec/MKA crypto primitives (KDF, key wrap, ICV). |
| src/macsec/mka_wolfmka.h | Public header for wolfMKA-backed MKA adapter API. |
| src/macsec/mka_wolfmka.c | Implementation of wolfMKA adapter (SecY ops bridge + frame TX/RX glue). |
| src/macsec/macsec_test.h | Shared header-only helpers for MACsec standalone test binaries. |
| src/macsec/macsec_secy.h | Public API for stateless SecY protect/validate and SecTAG parsing/building. |
| src/macsec/macsec_secy.c | Stateless SecY MACsec transform (GCM protect/validate + SecTAG). |
| src/macsec/macsec_sa.h | Public API for stateful SA layer (TX PN + RX replay protection). |
| src/macsec/macsec_sa.c | Stateful SA implementation wrapping SecY (TX/RX). |
| src/macsec/macsec_crypto.h | Public API for MACsec/MKA key hierarchy + KDF + ICV + key wrap. |
| src/macsec/macsec_crypto.c | MACsec/MKA crypto implementation on wolfCrypt + shared supplicant helpers. |
| src/macsec/fuzz_macsec_secy.c | libFuzzer harness for SecY receive path. |
| Makefile | Build integration for MACsec (optional wolfMKA) + new tests/tools/fuzzer targets. |
| .github/workflows/supplicant.yml | CI: enable MACsec builds/tests, add kernel-macsec interop, sanitizer + fuzz smoke. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Member
Author
|
Requires wolfSSL/wolfDen#2 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Adds a clean-room, in-stack MACsec data plane to wolfIP and integrates the wolfSSL wolfMKA library as the MACsec Key Agreement (MKA) control plane. A wolfIP device can now bring up an authenticated and encrypted Layer 2 link using only wolfIP and wolfSSL - no operating system, kernel MACsec, or hardware offload required - which is what a substation LAN, an automotive backbone, or any "do not trust the switch fabric" network needs below IP.
wolfIP owns the data plane it is best placed to own (a small, allocation-free software SecY); the mature, formally verified MKA state machine comes from wolfMKA.
What is added
src/macsec/macsec_crypto,macsec_secy,macsec_sa): the 802.1X-2010 AES-CMAC key hierarchy (KDF, CAK/CKN, KEK/ICK, SAK, ICV), and the frame transform - SecTAG build/parse, GCM-AES-128/256 protect/validate, integrity-only and confidentiality-offset (0/30/50) modes, per-Secure-Association packet-number sequencing and a replay window. All on wolfCrypt; no dynamic allocation.src/macsec/mka_wolfmka.c/.h): bridges the wolfMKA KaY to wolfIP - maps wolfMKA'sMkaSecyOpsonto the software SecY, carries EAPOL-MKA frames over wolfIP's L2 transport, wires wolfMKA's RNG/CMAC workspace pools, and supports a pre-shared CAK or one derived from wolfIP's EAP-TLS MSK.tools/macsec/):macsec-probe(byte-level SecY cross-check against the kernel macsec module),macsec-sta(the wolfMKA participant over an AF_PACKET raw socket), and the veth-based interop and data-plane scripts.Build
make WOLFIP_ENABLE_MACSEC=1builds the software SecY and its unit tests. This has no external dependency and is usable with a statically installed SAK.WOLFMKA_DIR=<path-to-a-wolfMKA-clone>to also build the MKA control plane (the adapter, the wolfMKA sources, andmacsec-sta). wolfMKA is consumed from a local clone, not a submodule.Dependency
The MKA control plane is provided by wolfMKA: https://github.com/wolfSSL/wolfDen/tree/main/mka
The wolfIP build compiles wolfMKA with its L2-address ICV option enabled (
WOLFMKA_ICV_L2_ADDR), which is required to interoperate with wpa_supplicant and the Linux kernel.Validation
macsec_linux): peer discovery, mutual liveness, Key Server election, Distributed SAK, and SAK install.Notes
-Wall -Wextra -Werroron GCC and Clang and under cppcheck. Secrets are zeroized with wolfCryptForceZero, the ICV is compared in constant time, and the core does no dynamic allocation, so it suits both bare-metal (Cortex-M) and host targets.