Merge pull request #2004 from yatch/pr/tsch-security-update

Trivial Updates on tsch-security.[ch]
This commit is contained in:
Antonio Lignan 2017-01-10 11:23:55 +01:00 committed by GitHub
commit 7d9134757f
2 changed files with 37 additions and 21 deletions

View file

@ -120,11 +120,12 @@ tsch_security_check_level(const frame802154_t *frame)
required_key_index = TSCH_SECURITY_KEY_INDEX_OTHER; required_key_index = TSCH_SECURITY_KEY_INDEX_OTHER;
break; break;
} }
return frame->aux_hdr.security_control.security_level == required_security_level return ((frame->aux_hdr.security_control.security_level ==
&& frame->aux_hdr.key_index == required_key_index; required_security_level) &&
frame->aux_hdr.key_index == required_key_index);
} }
/*---------------------------------------------------------------------------*/ /*---------------------------------------------------------------------------*/
int unsigned int
tsch_security_mic_len(const frame802154_t *frame) tsch_security_mic_len(const frame802154_t *frame)
{ {
if(frame != NULL && frame->fcf.security_enabled) { if(frame != NULL && frame->fcf.security_enabled) {
@ -134,7 +135,7 @@ tsch_security_mic_len(const frame802154_t *frame)
} }
} }
/*---------------------------------------------------------------------------*/ /*---------------------------------------------------------------------------*/
int unsigned int
tsch_security_secure_frame(uint8_t *hdr, uint8_t *outbuf, tsch_security_secure_frame(uint8_t *hdr, uint8_t *outbuf,
int hdrlen, int datalen, struct asn_t *asn) int hdrlen, int datalen, struct asn_t *asn)
{ {
@ -192,13 +193,12 @@ tsch_security_secure_frame(uint8_t *hdr, uint8_t *outbuf,
CCM_STAR.aead(nonce, CCM_STAR.aead(nonce,
outbuf + a_len, m_len, outbuf + a_len, m_len,
outbuf, a_len, outbuf, a_len,
outbuf + hdrlen + datalen, mic_len, 1 outbuf + hdrlen + datalen, mic_len, 1);
);
return mic_len; return mic_len;
} }
/*---------------------------------------------------------------------------*/ /*---------------------------------------------------------------------------*/
int unsigned int
tsch_security_parse_frame(const uint8_t *hdr, int hdrlen, int datalen, tsch_security_parse_frame(const uint8_t *hdr, int hdrlen, int datalen,
const frame802154_t *frame, const linkaddr_t *sender, struct asn_t *asn) const frame802154_t *frame, const linkaddr_t *sender, struct asn_t *asn)
{ {
@ -250,8 +250,7 @@ tsch_security_parse_frame(const uint8_t *hdr, int hdrlen, int datalen,
CCM_STAR.aead(nonce, CCM_STAR.aead(nonce,
(uint8_t *)hdr + a_len, m_len, (uint8_t *)hdr + a_len, m_len,
(uint8_t *)hdr, a_len, (uint8_t *)hdr, a_len,
generated_mic, mic_len, 0 generated_mic, mic_len, 0);
);
if(mic_len > 0 && memcmp(generated_mic, hdr + hdrlen + datalen, mic_len) != 0) { if(mic_len > 0 && memcmp(generated_mic, hdr + hdrlen + datalen, mic_len) != 0) {
return 0; return 0;

View file

@ -118,11 +118,28 @@
typedef uint8_t aes_key[16]; typedef uint8_t aes_key[16];
/********** Functions *********/ /********** Functions *********/
/**
* \brief Return MIC length
* \return The length of MIC (>= 0)
*/
unsigned int tsch_security_mic_len(const frame802154_t *frame);
int tsch_security_mic_len(const frame802154_t *frame); /**
int tsch_security_secure_frame(uint8_t *hdr, uint8_t *outbuf, * \brief Protect a frame with encryption and/or MIC
int hdrlen, int datalen, struct asn_t *asn); * \return The length of a generated MIC (>= 0)
int tsch_security_parse_frame(const uint8_t *hdr, int hdrlen, int datalen, */
const frame802154_t *frame, const linkaddr_t *sender, struct asn_t *asn); unsigned int tsch_security_secure_frame(uint8_t *hdr, uint8_t *outbuf,
int hdrlen, int datalen,
struct asn_t *asn);
/**
* \brief Parse and check a frame protected with encryption and/or MIC
* \retval 0 On error or security check failure (insecure frame)
* \retval 1 On success or no need for security check (good frame)
*/
unsigned int tsch_security_parse_frame(const uint8_t *hdr, int hdrlen,
int datalen, const frame802154_t *frame,
const linkaddr_t *sender,
struct asn_t *asn);
#endif /* __TSCH_SECURITY_H__ */ #endif /* __TSCH_SECURITY_H__ */