CCM* module now accepts fixed-size 13-byte nonces
also adjusted variable naming conventions in CCM* module to use 'nonce' and 'iv' in line with RFC 3610 terminology
This commit is contained in:
parent
3ce8f26eea
commit
30704e5afc
3 changed files with 39 additions and 48 deletions
|
@ -45,30 +45,26 @@
|
|||
/* see RFC 3610 */
|
||||
#define CCM_STAR_AUTH_FLAGS(Adata, M) ((Adata ? (1u << 6) : 0) | (((M - 2u) >> 1) << 3) | 1u)
|
||||
#define CCM_STAR_ENCRYPTION_FLAGS 1
|
||||
#define CCM_STAR_NONCE_MAX_IV_LENGTH 13
|
||||
|
||||
/*---------------------------------------------------------------------------*/
|
||||
static void
|
||||
set_nonce(uint8_t *nonce,
|
||||
set_nonce(uint8_t *iv,
|
||||
uint8_t flags,
|
||||
const uint8_t *iv, uint8_t iv_len,
|
||||
const uint8_t *nonce,
|
||||
uint8_t counter)
|
||||
{
|
||||
/* 1 byte|| 8 bytes || 4 bytes || 1 byte || 2 bytes */
|
||||
/* flags || extended_source_address || frame_counter || sec_lvl || counter */
|
||||
|
||||
if(iv_len > CCM_STAR_NONCE_MAX_IV_LENGTH)
|
||||
iv_len = CCM_STAR_NONCE_MAX_IV_LENGTH;
|
||||
|
||||
nonce[0] = flags;
|
||||
memcpy(nonce + 1, iv, iv_len);
|
||||
memset(nonce + iv_len + 1, 0, 16 - (1 + 1 + iv_len));
|
||||
nonce[15] = counter;
|
||||
iv[0] = flags;
|
||||
memcpy(iv + 1, nonce, CCM_STAR_NONCE_LENGTH);
|
||||
iv[14] = 0;
|
||||
iv[15] = counter;
|
||||
}
|
||||
/*---------------------------------------------------------------------------*/
|
||||
/* XORs the block m[pos] ... m[pos + 15] with K_{counter} */
|
||||
static void
|
||||
ctr_step(const uint8_t *iv, uint8_t iv_len,
|
||||
ctr_step(const uint8_t *nonce,
|
||||
uint8_t pos,
|
||||
uint8_t *m_and_result,
|
||||
uint8_t m_len,
|
||||
|
@ -77,7 +73,7 @@ ctr_step(const uint8_t *iv, uint8_t iv_len,
|
|||
uint8_t a[AES_128_BLOCK_SIZE];
|
||||
uint8_t i;
|
||||
|
||||
set_nonce(a, CCM_STAR_ENCRYPTION_FLAGS, iv, iv_len, counter);
|
||||
set_nonce(a, CCM_STAR_ENCRYPTION_FLAGS, nonce, counter);
|
||||
AES_128.encrypt(a);
|
||||
|
||||
for(i = 0; (pos + i < m_len) && (i < AES_128_BLOCK_SIZE); i++) {
|
||||
|
@ -86,9 +82,9 @@ ctr_step(const uint8_t *iv, uint8_t iv_len,
|
|||
}
|
||||
/*---------------------------------------------------------------------------*/
|
||||
static void
|
||||
mic(const uint8_t* m, uint8_t m_len,
|
||||
const uint8_t* iv, uint8_t iv_len,
|
||||
const uint8_t* a, uint8_t a_len,
|
||||
mic(const uint8_t *m, uint8_t m_len,
|
||||
const uint8_t *nonce,
|
||||
const uint8_t *a, uint8_t a_len,
|
||||
uint8_t *result,
|
||||
uint8_t mic_len)
|
||||
{
|
||||
|
@ -96,10 +92,7 @@ mic(const uint8_t* m, uint8_t m_len,
|
|||
uint8_t pos;
|
||||
uint8_t i;
|
||||
|
||||
set_nonce(x,
|
||||
CCM_STAR_AUTH_FLAGS(a_len, mic_len),
|
||||
iv, iv_len,
|
||||
m_len);
|
||||
set_nonce(x, CCM_STAR_AUTH_FLAGS(a_len, mic_len), nonce, m_len);
|
||||
AES_128.encrypt(x);
|
||||
|
||||
if(a_len > 0) {
|
||||
|
@ -132,13 +125,13 @@ mic(const uint8_t* m, uint8_t m_len,
|
|||
}
|
||||
}
|
||||
|
||||
ctr_step(iv, iv_len, 0, x, AES_128_BLOCK_SIZE, 0);
|
||||
ctr_step(nonce, 0, x, AES_128_BLOCK_SIZE, 0);
|
||||
|
||||
memcpy(result, x, mic_len);
|
||||
}
|
||||
/*---------------------------------------------------------------------------*/
|
||||
static void
|
||||
ctr(uint8_t* m, uint8_t m_len, const uint8_t* iv, uint8_t iv_len)
|
||||
ctr(uint8_t *m, uint8_t m_len, const uint8_t* nonce)
|
||||
{
|
||||
uint8_t pos;
|
||||
uint8_t counter;
|
||||
|
@ -146,12 +139,12 @@ ctr(uint8_t* m, uint8_t m_len, const uint8_t* iv, uint8_t iv_len)
|
|||
pos = 0;
|
||||
counter = 1;
|
||||
while(pos < m_len) {
|
||||
ctr_step(iv, iv_len, pos, m, m_len, counter++);
|
||||
ctr_step(nonce, pos, m, m_len, counter++);
|
||||
pos += AES_128_BLOCK_SIZE;
|
||||
}
|
||||
}
|
||||
/*---------------------------------------------------------------------------*/
|
||||
static void set_key(const uint8_t* key) {
|
||||
static void set_key(const uint8_t *key) {
|
||||
AES_128.set_key((uint8_t*)key);
|
||||
}
|
||||
/*---------------------------------------------------------------------------*/
|
||||
|
|
|
@ -48,6 +48,8 @@
|
|||
#define CCM_STAR ccm_star_driver
|
||||
#endif /* CCM_STAR_CONF */
|
||||
|
||||
#define CCM_STAR_NONCE_LENGTH 13
|
||||
|
||||
/**
|
||||
* Structure of CCM* drivers.
|
||||
*/
|
||||
|
@ -57,13 +59,12 @@ struct ccm_star_driver {
|
|||
* \brief Generates a MIC over the data supplied.
|
||||
* \param data The data buffer to read.
|
||||
* \param data_length The data buffer length.
|
||||
* \param iv The IV to use.
|
||||
* \param iv_length The IV's length.
|
||||
* \param nonce The nonce to use. CCM_STAR_NONCE_LENGTH bytes long.
|
||||
* \param result The generated MIC will be put here
|
||||
* \param mic_len The size of the MIC to be generated. <= 16.
|
||||
*/
|
||||
void (* mic)(const uint8_t* data, uint8_t data_length,
|
||||
const uint8_t* iv, uint8_t iv_len,
|
||||
const uint8_t* nonce,
|
||||
const uint8_t* add, uint8_t add_len,
|
||||
uint8_t *result,
|
||||
uint8_t mic_len);
|
||||
|
@ -72,13 +73,10 @@ struct ccm_star_driver {
|
|||
* \brief XORs the frame in the packetbuf with the key stream.
|
||||
* \param data The data buffer to read.
|
||||
* \param data_length The data buffer length.
|
||||
* \param iv The IV to use.
|
||||
* \param iv_length The IV's length.
|
||||
* \param mic Output buffer to hold the MIC to be generated.
|
||||
* \param mic_len The size of the MIC to be generated. <= 16.
|
||||
* \param nonce The nonce to use. CCM_STAR_NONCE_LENGTH bytes long.
|
||||
*/
|
||||
void (* ctr)( uint8_t* data, uint8_t data_length,
|
||||
const uint8_t* iv, uint8_t iv_len);
|
||||
const uint8_t* nonce);
|
||||
|
||||
/**
|
||||
* \brief Sets the key in use. Default implementation calls AES_128.set_key()
|
||||
|
|
|
@ -18,19 +18,19 @@ void ccm_star_mic_packetbuf(const uint8_t *extended_source_address,
|
|||
uint8_t data_len = packetbuf_datalen();
|
||||
uint8_t *headerptr = packetbuf_hdrptr();
|
||||
uint8_t header_len = packetbuf_hdrlen();
|
||||
uint8_t iv[13];
|
||||
uint8_t nonce[CCM_STAR_NONCE_LENGTH];
|
||||
|
||||
memcpy(iv, extended_source_address, 8);
|
||||
iv[8] = packetbuf_attr(PACKETBUF_ATTR_FRAME_COUNTER_BYTES_2_3) >> 8;
|
||||
iv[9] = packetbuf_attr(PACKETBUF_ATTR_FRAME_COUNTER_BYTES_2_3) & 0xff;
|
||||
iv[10] = packetbuf_attr(PACKETBUF_ATTR_FRAME_COUNTER_BYTES_0_1) >> 8;
|
||||
iv[11] = packetbuf_attr(PACKETBUF_ATTR_FRAME_COUNTER_BYTES_0_1) & 0xff;
|
||||
iv[12] = packetbuf_attr(PACKETBUF_ATTR_SECURITY_LEVEL);
|
||||
memcpy(nonce, extended_source_address, 8);
|
||||
nonce[8] = packetbuf_attr(PACKETBUF_ATTR_FRAME_COUNTER_BYTES_2_3) >> 8;
|
||||
nonce[9] = packetbuf_attr(PACKETBUF_ATTR_FRAME_COUNTER_BYTES_2_3) & 0xff;
|
||||
nonce[10] = packetbuf_attr(PACKETBUF_ATTR_FRAME_COUNTER_BYTES_0_1) >> 8;
|
||||
nonce[11] = packetbuf_attr(PACKETBUF_ATTR_FRAME_COUNTER_BYTES_0_1) & 0xff;
|
||||
nonce[12] = packetbuf_attr(PACKETBUF_ATTR_SECURITY_LEVEL);
|
||||
|
||||
if(packetbuf_attr(PACKETBUF_ATTR_SECURITY_LEVEL) & (1 << 2)) {
|
||||
CCM_STAR.mic(dataptr, data_len, iv, 13, headerptr, header_len, result, mic_len);
|
||||
CCM_STAR.mic(dataptr, data_len, nonce, headerptr, header_len, result, mic_len);
|
||||
} else {
|
||||
CCM_STAR.mic(dataptr, 0, iv, 13, headerptr, packetbuf_totlen(), result, mic_len);
|
||||
CCM_STAR.mic(dataptr, 0, nonce, headerptr, packetbuf_totlen(), result, mic_len);
|
||||
}
|
||||
}
|
||||
/*---------------------------------------------------------------------------*/
|
||||
|
@ -38,15 +38,15 @@ void ccm_star_ctr_packetbuf(const uint8_t *extended_source_address)
|
|||
{
|
||||
uint8_t *dataptr = packetbuf_dataptr();
|
||||
uint8_t data_len = packetbuf_datalen();
|
||||
uint8_t iv[13];
|
||||
uint8_t nonce[CCM_STAR_NONCE_LENGTH];
|
||||
|
||||
memcpy(iv, extended_source_address, 8);
|
||||
iv[8] = packetbuf_attr(PACKETBUF_ATTR_FRAME_COUNTER_BYTES_2_3) >> 8;
|
||||
iv[9] = packetbuf_attr(PACKETBUF_ATTR_FRAME_COUNTER_BYTES_2_3) & 0xff;
|
||||
iv[10] = packetbuf_attr(PACKETBUF_ATTR_FRAME_COUNTER_BYTES_0_1) >> 8;
|
||||
iv[11] = packetbuf_attr(PACKETBUF_ATTR_FRAME_COUNTER_BYTES_0_1) & 0xff;
|
||||
iv[12] = packetbuf_attr(PACKETBUF_ATTR_SECURITY_LEVEL);
|
||||
memcpy(nonce, extended_source_address, 8);
|
||||
nonce[8] = packetbuf_attr(PACKETBUF_ATTR_FRAME_COUNTER_BYTES_2_3) >> 8;
|
||||
nonce[9] = packetbuf_attr(PACKETBUF_ATTR_FRAME_COUNTER_BYTES_2_3) & 0xff;
|
||||
nonce[10] = packetbuf_attr(PACKETBUF_ATTR_FRAME_COUNTER_BYTES_0_1) >> 8;
|
||||
nonce[11] = packetbuf_attr(PACKETBUF_ATTR_FRAME_COUNTER_BYTES_0_1) & 0xff;
|
||||
nonce[12] = packetbuf_attr(PACKETBUF_ATTR_SECURITY_LEVEL);
|
||||
|
||||
CCM_STAR.ctr(dataptr, data_len, iv, 13);
|
||||
CCM_STAR.ctr(dataptr, data_len, nonce);
|
||||
}
|
||||
/*---------------------------------------------------------------------------*/
|
||||
|
|
Loading…
Reference in a new issue