Page MenuHomeVyOS Platform

MACsec not working with cipher gcm-aes-256
Closed, ResolvedPublicBUG

Description

Macsec not working with cipher gcm-aes-256 because cak can be only a 128-bit key in VyOS.
It is a CLI limitation.

vyos@vyos# set interfaces macsec macsec1 security mka cak ff9b7c30ddbc37f4c6bc9dc26ce65b42ff9b7c30ddbc37f4c6bc9dc26ce65b42



  Invalid value
  Value validation failed
  Set failed

[edit]

But if we use gcm-aes-256, we must use a 256-bit key.
Here is a result.

vyos@vyos:~$ show interfaces macsec
6: macsec0: protect on validate strict sc off sa off encrypt off send_sci on end_station off scb off replay off
    cipher suite: GCM-AES-256, using ICV length 16
    TXSC: 0cb5072700000001 on SA 0
    offload: off

I changed the limitations in the template. But it did not help.

vyos@vyos:~$ sudo cat /opt/vyatta/share/vyatta-cfg/templates/interfaces/macsec/node.tag/security/mka/cak/node.def
type: txt
help: Secure Connectivity Association Key
val_help: key; 16-byte (128-bit) hex-string (32 hex-digits)
syntax:expression: exec "${vyos_libexec_dir}/validate-value --regex \'[A-Fa-f0-9]{32}([A-Fa-f0-9]{32})?\'   --value \'$VAR(@)\'"; "Invalid value"

Configuration

set interfaces macsec macsec0 address '192.168.2.1/24'
set interfaces macsec macsec0 security cipher 'gcm-aes-256'
set interfaces macsec macsec0 security encrypt
set interfaces macsec macsec0 security mka cak 'bf49b645fd07dc03a9f3c3e7af46055fbf49b645fd07dc03a9f3c3e7af46055f'
set interfaces macsec macsec0 security mka ckn '09924585a6f3010208cf5222ef24c821405b0e34f4b4f63b1f0ced474b9bb6e6'
set interfaces macsec macsec0 source-interface 'eth0'

I think this is because the mka is not installed.

Details

Difficulty level
Normal (likely a few hours)
Version
vyos-1.4-rolling-202207180607; vyos-1.3.1-S1
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Perfectly compatible
Issue type
Bug (incorrect behavior)

Event Timeline

Also, there are no any Inbound/Outbound packets with aes-256

vyos@r14:~$ sudo ip -s macsec show
7: macsec1: protect on validate strict sc off sa off encrypt off send_sci on end_station off scb off replay off 
    cipher suite: GCM-AES-256, using ICV length 16
    TXSC: eeb5e212f04f0001 on SA 0
    stats: OutPktsUntagged InPktsUntagged OutPktsTooLong InPktsNoTag InPktsBadTag InPktsUnknownSCI InPktsNoSCI InPktsOverrun
                         0              0              0           0            0                0           0             0
    stats: OutPktsProtected OutPktsEncrypted OutOctetsProtected OutOctetsEncrypted
                          0                0                  0                  0
    offload: off 
vyos@r14:~$

But service starts without issues:

vyos@r14:~$ sudo systemctl status [email protected][email protected] - WPA supplicant daemon (macsec-specific version)
     Loaded: loaded (/lib/systemd/system/[email protected]; disabled; vendor preset: enabled)
     Active: active (running) since Mon 2022-07-18 20:07:16 EEST; 18min ago
   Main PID: 1802 (wpa_supplicant)
      Tasks: 1 (limit: 9411)
     Memory: 4.4M
        CPU: 101ms
     CGroup: /system.slice/system-wpa_supplicant\x2dmacsec.slice/[email protected]
             └─1802 /sbin/wpa_supplicant -c/run/wpa_supplicant/vxlan1.conf -Dmacsec_linux -ivxlan1

Jul 18 20:07:16 r14 systemd[1]: Started WPA supplicant daemon (macsec-specific version).
Jul 18 20:07:16 r14 wpa_supplicant[1802]: Successfully initialized wpa_supplicant
Jul 18 20:07:16 r14 wpa_supplicant[1802]: macsec_linux: link already exists, using it
Jul 18 20:07:16 r14 wpa_supplicant[1802]: macsec_linux: couldn't find link
Jul 18 20:07:16 r14 wpa_supplicant[1802]: vxlan1: Associated with 01:80:c2:00:00:03
Jul 18 20:07:16 r14 wpa_supplicant[1802]: vxlan1: CTRL-EVENT-CONNECTED - Connection to 01:80:c2:00:00:03 completed [id=0 id_str=]
Jul 18 20:07:16 r14 wpa_supplicant[1802]: vxlan1: CTRL-EVENT-SUBNET-STATUS-UPDATE status=0
vyos@r14:~$
vyos@r14:~$ show int
Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down
Interface        IP Address                        S/L  Description
---------        ----------                        ---  -----------
br1              10.0.0.1/24                       u/u  
dum0             100.64.0.1/24                     u/u  
eth0             192.168.122.14/24                 u/u  WAN
eth1             192.0.2.1/24                      u/u  
lo               127.0.0.1/8                       u/u  
                 ::1/128                                
macsec1          -                                 u/u  
vxlan1           -                                 u/u  
vyos@r14:~$

Additional debug info

vyos@r14:~$ sudo /sbin/wpa_supplicant -dd -c /run/wpa_supplicant/vxlan1.conf -Dmacsec_linux -i vxlan1
wpa_supplicant v2.9
random: getrandom() support available
Successfully initialized wpa_supplicant
Initializing interface 'vxlan1' conf '/run/wpa_supplicant/vxlan1.conf' driver 'macsec_linux' ctrl_interface 'N/A' bridge 'N/A'
Configuration file '/run/wpa_supplicant/vxlan1.conf' -> '/run/wpa_supplicant/vxlan1.conf'
Reading configuration file '/run/wpa_supplicant/vxlan1.conf'
ctrl_interface='/run/wpa_supplicant'
eapol_version=3
ap_scan=0
fast_reauth=1
Line: 26 - start of a new network block
key_mgmt: 0x4
eapol_flags=0 (0x0)
macsec_policy=1 (0x1)
MKA-CAK - hexdump(len=16): [REMOVED]
MKA-CKN - hexdump(len=32): [REMOVED]
Priority group 0
   id=0 ssid=''
driver_wired_init_common: Added multicast membership with packet socket
Add interface vxlan1 to a new radio N/A
vxlan1: Own MAC address: ee:b5:e2:12:f0:4f
vxlan1: RSN: flushing PMKID list in the driver
vxlan1: Setting scan request: 0.100000 sec
TDLS: TDLS operation not supported by driver
TDLS: Driver uses internal link setup
TDLS: Driver does not support TDLS channel switching
vxlan1: WPS: UUID based on MAC address: 34c4b1fd-bcc2-57cc-a115-ea0b45fcb47c
ENGINE: Loading builtin engines
ENGINE: Loading builtin engines
EAPOL: SUPP_PAE entering state DISCONNECTED
EAPOL: Supplicant port status: Unauthorized
EAPOL: KEY_RX entering state NO_KEY_RECEIVE
EAPOL: SUPP_BE entering state INITIALIZE
EAP: EAP entering state DISABLED
Using existing control interface directory.
vxlan1: Added interface vxlan1
vxlan1: State: DISCONNECTED -> DISCONNECTED
EAPOL: External notification - EAP success=0
EAPOL: External notification - EAP fail=0
EAPOL: External notification - portControl=Auto
KaY: Initialize - ifname=vxlan1 addr=ee:b5:e2:12:f0:4f port=0 priority=255
KaY: Generated SCI: ee:b5:e2:12:f0:4f@1
macsec_drv_get_capability
KaY: state machine created
macsec_drv_macsec_init
macsec_linux: ifname=vxlan1 parent_ifi=6
KaY: secy init macsec done
CP: state machine created
macsec_drv_enable_protect_frames -> TRUE
macsec_drv_enable_encrypt -> TRUE
macsec_drv_set_replay_protect -> FALSE, 0
macsec_drv_enable_controlled_port -> FALSE
CP: CP entering state INIT
macsec_drv_enable_controlled_port -> FALSE
CP: CP entering state CHANGE
macsec_drv_enable_controlled_port -> FALSE
vxlan1: Already associated with a configured network - generating associated event
vxlan1: Event ASSOC (0) received
vxlan1: Association info event
FT: Stored MDIE and FTIE from (Re)Association Response - hexdump(len=0):
vxlan1: State: DISCONNECTED -> ASSOCIATED
vxlan1: Associated to a new BSS: BSSID=01:80:c2:00:00:03
vxlan1: Select network based on association information
vxlan1: Network configuration found for the current AP
vxlan1: WPA: clearing AP WPA IE
vxlan1: WPA: clearing AP RSN IE
vxlan1: WPA: clearing own WPA/RSN IE
vxlan1: Failed to get scan results
EAPOL: External notification - EAP success=0
EAPOL: External notification - EAP fail=0
EAPOL: External notification - portControl=ForceAuthorized
KaY: state machine removed
CP: state machine removed
macsec_drv_macsec_deinit
KaY: Initialize - ifname=vxlan1 addr=ee:b5:e2:12:f0:4f port=0 priority=255
KaY: Generated SCI: ee:b5:e2:12:f0:4f@1
macsec_drv_get_capability
KaY: state machine created
macsec_drv_macsec_init
macsec_linux: ifname=vxlan1 parent_ifi=6
KaY: secy init macsec done
CP: state machine created
macsec_drv_enable_protect_frames -> TRUE
macsec_drv_enable_encrypt -> TRUE
macsec_drv_set_replay_protect -> FALSE, 0
macsec_drv_enable_controlled_port -> FALSE
CP: CP entering state INIT
macsec_drv_enable_controlled_port -> FALSE
CP: CP entering state CHANGE
macsec_drv_enable_controlled_port -> FALSE
KaY: Create MKA (ifname=vxlan1 mode=PSK authenticator=No)
KaY: CKN - hexdump(len=32): 71 e5 49 f3 70 1e dc 3c 67 01 c4 4e 75 4d 85 ea eb 12 fb 50 17 77 6d 8a 10 9b 01 93 8f 01 19 8c
KaY: CAK - hexdump(len=16): [REMOVED]
KaY: Selected random MI: 54c11fc864c68d5393bff1e1
KaY: Create transmit SC - SCI: ee:b5:e2:12:f0:4f@1
macsec_drv_enable_protect_frames -> TRUE
macsec_drv_set_replay_protect -> FALSE, 0
macsec_linux: vxlan1: create_transmit_sc -> ee:b5:e2:12:f0:4f::1 (conf_offset=0)
macsec_linux: link already exists, using it
macsec_linux: couldn't find link
KaY: state machine removed
CP: state machine removed
macsec_drv_macsec_deinit
vxlan1: Associated with 01:80:c2:00:00:03
vxlan1: WPA: Association event - clear replay counter
vxlan1: WPA: Clear old PTK
TDLS: Remove peers on association
EAPOL: External notification - portEnabled=0
EAPOL: External notification - portValid=0
EAPOL: External notification - portEnabled=1
EAPOL: SUPP_PAE entering state S_FORCE_AUTH
EAPOL: Supplicant port status: Authorized
EAPOL: SUPP_BE entering state IDLE
vxlan1: Cancelling authentication timeout
vxlan1: State: ASSOCIATED -> COMPLETED
vxlan1: CTRL-EVENT-CONNECTED - Connection to 01:80:c2:00:00:03 completed [id=0 id_str=]
vxlan1: Cancelling scan request
vxlan1: CTRL-EVENT-SUBNET-STATUS-UPDATE status=0
EAPOL: disable timer tick

Also cipher changes require a reboot. Nice bug - thanks for this riddle ;)

Even upgrading to wpa_supplicant 2.10 did not solve the issue for now

I have just tested it again. Macsec does not work.

Configuration

set interfaces macsec macsec0 address '192.168.2.2/24'
set interfaces macsec macsec0 security cipher 'gcm-aes-256'
set interfaces macsec macsec0 security encrypt
set interfaces macsec macsec0 security mka cak 'bf49b645fd07dc03a9f3c3e7af46055fbf49b645fd07dc03a9f3c3e7af46055f'
set interfaces macsec macsec0 security mka ckn '09924585a6f3010208cf5222ef24c821405b0e34f4b4f63b1f0ced474b9bb6e6'
set interfaces macsec macsec0 source-interface 'eth0'

set interfaces macsec macsec0 address '192.168.2.1/24'
set interfaces macsec macsec0 security cipher 'gcm-aes-256'
set interfaces macsec macsec0 security encrypt
set interfaces macsec macsec0 security mka cak 'bf49b645fd07dc03a9f3c3e7af46055fbf49b645fd07dc03a9f3c3e7af46055f'
set interfaces macsec macsec0 security mka ckn '09924585a6f3010208cf5222ef24c821405b0e34f4b4f63b1f0ced474b9bb6e6'
set interfaces macsec macsec0 source-interface 'eth0'
vyos@vyos:~$ sudo ip -s macsec show
6: macsec0: protect on validate strict sc off sa off encrypt off send_sci on end_station off scb off replay off
    cipher suite: GCM-AES-256, using ICV length 16
    TXSC: 0c12f3ea00000001 on SA 0
    stats: OutPktsUntagged InPktsUntagged OutPktsTooLong InPktsNoTag InPktsBadTag InPktsUnknownSCI InPktsNoSCI InPktsOverrun
                         0              0              0           0            0                0           0             0
    stats: OutPktsProtected OutPktsEncrypted OutOctetsProtected OutOctetsEncrypted
                          0                0                  0                  0
    offload: off
vyos@vyos:~$ sudo /sbin/wpa_supplicant -dd -c /run/wpa_supplicant/eth0.conf -Dmacsec_linux -i eth0
wpa_supplicant v2.9
random: getrandom() support available
Successfully initialized wpa_supplicant
Initializing interface 'eth0' conf '/run/wpa_supplicant/eth0.conf' driver 'macsec_linux' ctrl_interface 'N/A' bridge 'N/A'
Configuration file '/run/wpa_supplicant/eth0.conf' -> '/run/wpa_supplicant/eth0.conf'
Reading configuration file '/run/wpa_supplicant/eth0.conf'
ctrl_interface='/run/wpa_supplicant'
eapol_version=3
ap_scan=0
fast_reauth=1
Line: 26 - start of a new network block
key_mgmt: 0x4
eapol_flags=0 (0x0)
macsec_policy=1 (0x1)
MKA-CAK - hexdump(len=32): [REMOVED]
MKA-CKN - hexdump(len=32): [REMOVED]
Priority group 0
   id=0 ssid=''
driver_wired_init_common: Added multicast membership with packet socket
Add interface eth0 to a new radio N/A
eth0: Own MAC address: 0c:12:f3:ea:00:00
eth0: RSN: flushing PMKID list in the driver
eth0: Setting scan request: 0.100000 sec
TDLS: TDLS operation not supported by driver
TDLS: Driver uses internal link setup
TDLS: Driver does not support TDLS channel switching
eth0: WPS: UUID based on MAC address: b4e43c3d-5919-5270-9ab7-1b38ad07cafc
ENGINE: Loading builtin engines
ENGINE: Loading builtin engines
EAPOL: SUPP_PAE entering state DISCONNECTED
EAPOL: Supplicant port status: Unauthorized
EAPOL: KEY_RX entering state NO_KEY_RECEIVE
EAPOL: SUPP_BE entering state INITIALIZE
EAP: EAP entering state DISABLED
Using existing control interface directory.
eth0: Added interface eth0
eth0: State: DISCONNECTED -> DISCONNECTED
EAPOL: External notification - EAP success=0
EAPOL: External notification - EAP fail=0
EAPOL: External notification - portControl=Auto
KaY: Initialize - ifname=eth0 addr=0c:12:f3:ea:00:00 port=0 priority=255
KaY: Generated SCI: 0c:12:f3:ea:00:00@1
macsec_drv_get_capability
KaY: state machine created
macsec_drv_macsec_init
macsec_linux: ifname=eth0 parent_ifi=2
KaY: secy init macsec done
CP: state machine created
macsec_drv_enable_protect_frames -> TRUE
macsec_drv_enable_encrypt -> TRUE
macsec_drv_set_replay_protect -> FALSE, 0
macsec_drv_enable_controlled_port -> FALSE
CP: CP entering state INIT
macsec_drv_enable_controlled_port -> FALSE
CP: CP entering state CHANGE
macsec_drv_enable_controlled_port -> FALSE
eth0: Already associated with a configured network - generating associated event
eth0: Event ASSOC (0) received
eth0: Association info event
FT: Stored MDIE and FTIE from (Re)Association Response - hexdump(len=0):
eth0: State: DISCONNECTED -> ASSOCIATED
eth0: Associated to a new BSS: BSSID=01:80:c2:00:00:03
eth0: Select network based on association information
eth0: Network configuration found for the current AP
eth0: WPA: clearing AP WPA IE
eth0: WPA: clearing AP RSN IE
eth0: WPA: clearing own WPA/RSN IE
eth0: Failed to get scan results
EAPOL: External notification - EAP success=0
EAPOL: External notification - EAP fail=0
EAPOL: External notification - portControl=ForceAuthorized
KaY: state machine removed
CP: state machine removed
macsec_drv_macsec_deinit
KaY: Initialize - ifname=eth0 addr=0c:12:f3:ea:00:00 port=0 priority=255
KaY: Generated SCI: 0c:12:f3:ea:00:00@1
macsec_drv_get_capability
KaY: state machine created
macsec_drv_macsec_init
macsec_linux: ifname=eth0 parent_ifi=2
KaY: secy init macsec done
CP: state machine created
macsec_drv_enable_protect_frames -> TRUE
macsec_drv_enable_encrypt -> TRUE
macsec_drv_set_replay_protect -> FALSE, 0
macsec_drv_enable_controlled_port -> FALSE
CP: CP entering state INIT
macsec_drv_enable_controlled_port -> FALSE
CP: CP entering state CHANGE
macsec_drv_enable_controlled_port -> FALSE
KaY: Create MKA (ifname=eth0 mode=PSK authenticator=No)
KaY: CKN - hexdump(len=32): 09 92 45 85 a6 f3 01 02 08 cf 52 22 ef 24 c8 21 40 5b 0e 34 f4 b4 f6 3b 1f 0c ed 47 4b 9b b6 e6
KaY: CAK - hexdump(len=32): [REMOVED]
KaY: Selected random MI: 0e4bb21c3575cf08c8703ef8
KaY: Create transmit SC - SCI: 0c:12:f3:ea:00:00@1
macsec_drv_enable_protect_frames -> TRUE
macsec_drv_set_replay_protect -> FALSE, 0
macsec_linux: eth0: create_transmit_sc -> 0c:12:f3:ea:00:00::1 (conf_offset=0)
macsec_linux: link already exists, using it
macsec_linux: couldn't find link
KaY: state machine removed
CP: state machine removed
macsec_drv_macsec_deinit
eth0: Associated with 01:80:c2:00:00:03
eth0: WPA: Association event - clear replay counter
eth0: WPA: Clear old PTK
TDLS: Remove peers on association
EAPOL: External notification - portEnabled=0
EAPOL: External notification - portValid=0
EAPOL: External notification - portEnabled=1
EAPOL: SUPP_PAE entering state S_FORCE_AUTH
EAPOL: Supplicant port status: Authorized
EAPOL: SUPP_BE entering state IDLE
eth0: Cancelling authentication timeout
eth0: State: ASSOCIATED -> COMPLETED
eth0: CTRL-EVENT-CONNECTED - Connection to 01:80:c2:00:00:03 completed [id=0 id_str=]
eth0: Cancelling scan request
eth0: CTRL-EVENT-SUBNET-STATUS-UPDATE status=0
EAPOL: disable timer tick

I installed wpa_supplicant version 2.10. But it did not help.
I compared debugs of wpa_supplicant and found the difference

macsec_linux: couldn't find link

I agree with @Viacheslav that wpa_supplicant doesn't support GCM-AES-256
But I found the next thread.
https://github.com/Azure/sonic-wpa-supplicant/pull/17
As I understood, they resolved this problem.

That's XPN support but GCM-AES-256 was added back in 2018 in https://w1.fi/cgit/hostap/commit/?id=1ff8605775

c-po renamed this task from Macsec not working with cipher gcm-aes-256 to MACsec not working with cipher gcm-aes-256.Jul 21 2022, 7:48 PM

The root issue is wpa_supplicant shipped in Debian does not contain commit https://w1.fi/cgit/hostap/commit/?id=46c635910a724ed14ee9ace549fed9790ed5980b which adds a new configuration file option named:

# macsec_csindex: IEEE 802.1X/MACsec cipher suite
# 0 = GCM-AES-128
# 1 = GCM-AES-256

Running a custom build of wpa_supplicant (latest version) fixed this issue

wpa_supplicant v2.11-devel-hostap_2_10-520-gb704dc72e
Copyright (c) 2003-2022, Jouni Malinen <[email protected]> and contributors
c-po changed the task status from Open to Needs testing.Aug 2 2022, 11:13 AM

I have tested macsec with gcm-aes-256. It works. (1.4-rolling-202208080217)

c-po triaged this task as Normal priority.
c-po moved this task from Need Triage to Finished on the VyOS 1.3 Equuleus (1.3.2) board.