llsec: Disable duplicate detection when the LLSEC driver provides replay protection anyway.

This commit is contained in:
kkrentz 2014-01-12 04:58:34 -08:00
parent 2687c345cf
commit 41c5dbf961
3 changed files with 15 additions and 0 deletions

View file

@ -971,6 +971,7 @@ input_packet(void)
ctimer_stop(&ct); ctimer_stop(&ct);
} }
#if RDC_WITH_DUPLICATE_DETECTION
/* Check for duplicate packet. */ /* Check for duplicate packet. */
if(mac_sequence_is_duplicate()) { if(mac_sequence_is_duplicate()) {
/* Drop the packet. */ /* Drop the packet. */
@ -978,6 +979,7 @@ input_packet(void)
return; return;
} }
mac_sequence_register_seqno(); mac_sequence_register_seqno();
#endif /* RDC_WITH_DUPLICATE_DETECTION */
#if CONTIKIMAC_CONF_COMPOWER #if CONTIKIMAC_CONF_COMPOWER
/* Accumulate the power consumption for the packet reception. */ /* Accumulate the power consumption for the packet reception. */

View file

@ -298,6 +298,7 @@ packet_input(void)
int duplicate = 0; int duplicate = 0;
#if NULLRDC_802154_AUTOACK || NULLRDC_802154_AUTOACK_HW #if NULLRDC_802154_AUTOACK || NULLRDC_802154_AUTOACK_HW
#if RDC_WITH_DUPLICATE_DETECTION
/* Check for duplicate packet. */ /* Check for duplicate packet. */
duplicate = mac_sequence_is_duplicate(); duplicate = mac_sequence_is_duplicate();
if(duplicate) { if(duplicate) {
@ -307,8 +308,10 @@ packet_input(void)
} else { } else {
mac_sequence_register_seqno(); mac_sequence_register_seqno();
} }
#endif /* RDC_WITH_DUPLICATE_DETECTION */
#endif /* NULLRDC_802154_AUTOACK */ #endif /* NULLRDC_802154_AUTOACK */
/* TODO We may want to acknowledge only authentic frames */
#if NULLRDC_SEND_802154_ACK #if NULLRDC_SEND_802154_ACK
{ {
frame802154_t info154; frame802154_t info154;

View file

@ -44,6 +44,16 @@
#include "contiki-conf.h" #include "contiki-conf.h"
#include "net/mac/mac.h" #include "net/mac/mac.h"
#ifdef RDC_CONF_WITH_DUPLICATE_DETECTION
#define RDC_WITH_DUPLICATE_DETECTION RDC_CONF_WITH_DUPLICATE_DETECTION
#else /* RDC_CONF_WITH_DUPLICATE_DETECTION */
/* As frames can be spoofed, the RDC layer should not discard a
frame because it has seen its sequence number already. Replay
protection should be implemented at the LLSEC layer where the
authenticity of frames is verified. */
#define RDC_WITH_DUPLICATE_DETECTION !LLSEC802154_CONF_SECURITY_LEVEL
#endif /* RDC_CONF_WITH_DUPLICATE_DETECTION */
/* List of packets to be sent by RDC layer */ /* List of packets to be sent by RDC layer */
struct rdc_buf_list { struct rdc_buf_list {
struct rdc_buf_list *next; struct rdc_buf_list *next;