Merge pull request #2004 from yatch/pr/tsch-security-update
Trivial Updates on tsch-security.[ch]
This commit is contained in:
Antonio Lignan
GitHub
commit
7d9134757f
|
|
@ -73,7 +73,7 @@ static aes_key keys[] = {
|
||||||
/*---------------------------------------------------------------------------*/
|
/*---------------------------------------------------------------------------*/
|
||||||
static void
|
static void
|
||||||
tsch_security_init_nonce(uint8_t *nonce,
|
tsch_security_init_nonce(uint8_t *nonce,
|
||||||
const linkaddr_t *sender, struct asn_t *asn)
|
const linkaddr_t *sender, struct asn_t *asn)
|
||||||
{
|
{
|
||||||
memcpy(nonce, sender, 8);
|
memcpy(nonce, sender, 8);
|
||||||
nonce[8] = asn->ms1b;
|
nonce[8] = asn->ms1b;
|
||||||
|
|
@ -120,11 +120,12 @@ tsch_security_check_level(const frame802154_t *frame)
|
||||||
required_key_index = TSCH_SECURITY_KEY_INDEX_OTHER;
|
required_key_index = TSCH_SECURITY_KEY_INDEX_OTHER;
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
return frame->aux_hdr.security_control.security_level == required_security_level
|
return ((frame->aux_hdr.security_control.security_level ==
|
||||||
&& frame->aux_hdr.key_index == required_key_index;
|
required_security_level) &&
|
||||||
|
frame->aux_hdr.key_index == required_key_index);
|
||||||
}
|
}
|
||||||
/*---------------------------------------------------------------------------*/
|
/*---------------------------------------------------------------------------*/
|
||||||
int
|
unsigned int
|
||||||
tsch_security_mic_len(const frame802154_t *frame)
|
tsch_security_mic_len(const frame802154_t *frame)
|
||||||
{
|
{
|
||||||
if(frame != NULL && frame->fcf.security_enabled) {
|
if(frame != NULL && frame->fcf.security_enabled) {
|
||||||
|
|
@ -134,9 +135,9 @@ tsch_security_mic_len(const frame802154_t *frame)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
/*---------------------------------------------------------------------------*/
|
/*---------------------------------------------------------------------------*/
|
||||||
int
|
unsigned int
|
||||||
tsch_security_secure_frame(uint8_t *hdr, uint8_t *outbuf,
|
tsch_security_secure_frame(uint8_t *hdr, uint8_t *outbuf,
|
||||||
int hdrlen, int datalen, struct asn_t *asn)
|
int hdrlen, int datalen, struct asn_t *asn)
|
||||||
{
|
{
|
||||||
frame802154_t frame;
|
frame802154_t frame;
|
||||||
uint8_t key_index = 0;
|
uint8_t key_index = 0;
|
||||||
|
|
@ -190,17 +191,16 @@ tsch_security_secure_frame(uint8_t *hdr, uint8_t *outbuf,
|
||||||
CCM_STAR.set_key(keys[key_index - 1]);
|
CCM_STAR.set_key(keys[key_index - 1]);
|
||||||
|
|
||||||
CCM_STAR.aead(nonce,
|
CCM_STAR.aead(nonce,
|
||||||
outbuf + a_len, m_len,
|
outbuf + a_len, m_len,
|
||||||
outbuf, a_len,
|
outbuf, a_len,
|
||||||
outbuf + hdrlen + datalen, mic_len, 1
|
outbuf + hdrlen + datalen, mic_len, 1);
|
||||||
);
|
|
||||||
|
|
||||||
return mic_len;
|
return mic_len;
|
||||||
}
|
}
|
||||||
/*---------------------------------------------------------------------------*/
|
/*---------------------------------------------------------------------------*/
|
||||||
int
|
unsigned int
|
||||||
tsch_security_parse_frame(const uint8_t *hdr, int hdrlen, int datalen,
|
tsch_security_parse_frame(const uint8_t *hdr, int hdrlen, int datalen,
|
||||||
const frame802154_t *frame, const linkaddr_t *sender, struct asn_t *asn)
|
const frame802154_t *frame, const linkaddr_t *sender, struct asn_t *asn)
|
||||||
{
|
{
|
||||||
uint8_t generated_mic[16];
|
uint8_t generated_mic[16];
|
||||||
uint8_t key_index = 0;
|
uint8_t key_index = 0;
|
||||||
|
|
@ -248,10 +248,9 @@ tsch_security_parse_frame(const uint8_t *hdr, int hdrlen, int datalen,
|
||||||
CCM_STAR.set_key(keys[key_index - 1]);
|
CCM_STAR.set_key(keys[key_index - 1]);
|
||||||
|
|
||||||
CCM_STAR.aead(nonce,
|
CCM_STAR.aead(nonce,
|
||||||
(uint8_t *)hdr + a_len, m_len,
|
(uint8_t *)hdr + a_len, m_len,
|
||||||
(uint8_t *)hdr, a_len,
|
(uint8_t *)hdr, a_len,
|
||||||
generated_mic, mic_len, 0
|
generated_mic, mic_len, 0);
|
||||||
);
|
|
||||||
|
|
||||||
if(mic_len > 0 && memcmp(generated_mic, hdr + hdrlen + datalen, mic_len) != 0) {
|
if(mic_len > 0 && memcmp(generated_mic, hdr + hdrlen + datalen, mic_len) != 0) {
|
||||||
return 0;
|
return 0;
|
||||||
|
|
|
||||||
|
|
@ -118,11 +118,28 @@
|
||||||
typedef uint8_t aes_key[16];
|
typedef uint8_t aes_key[16];
|
||||||
|
|
||||||
/********** Functions *********/
|
/********** Functions *********/
|
||||||
|
/**
|
||||||
|
* \brief Return MIC length
|
||||||
|
* \return The length of MIC (>= 0)
|
||||||
|
*/
|
||||||
|
unsigned int tsch_security_mic_len(const frame802154_t *frame);
|
||||||
|
|
||||||
int tsch_security_mic_len(const frame802154_t *frame);
|
/**
|
||||||
int tsch_security_secure_frame(uint8_t *hdr, uint8_t *outbuf,
|
* \brief Protect a frame with encryption and/or MIC
|
||||||
int hdrlen, int datalen, struct asn_t *asn);
|
* \return The length of a generated MIC (>= 0)
|
||||||
int tsch_security_parse_frame(const uint8_t *hdr, int hdrlen, int datalen,
|
*/
|
||||||
const frame802154_t *frame, const linkaddr_t *sender, struct asn_t *asn);
|
unsigned int tsch_security_secure_frame(uint8_t *hdr, uint8_t *outbuf,
|
||||||
|
int hdrlen, int datalen,
|
||||||
|
struct asn_t *asn);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* \brief Parse and check a frame protected with encryption and/or MIC
|
||||||
|
* \retval 0 On error or security check failure (insecure frame)
|
||||||
|
* \retval 1 On success or no need for security check (good frame)
|
||||||
|
*/
|
||||||
|
unsigned int tsch_security_parse_frame(const uint8_t *hdr, int hdrlen,
|
||||||
|
int datalen, const frame802154_t *frame,
|
||||||
|
const linkaddr_t *sender,
|
||||||
|
struct asn_t *asn);
|
||||||
|
|
||||||
#endif /* __TSCH_SECURITY_H__ */
|
#endif /* __TSCH_SECURITY_H__ */
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue