framer-802154: Support for explicit keys
This commit is contained in:
kkrentz
parent
124dde25f3
commit
8659c97fb0
5 changed files with 105 additions and 34 deletions
|
|
@ -69,6 +69,12 @@
|
||||||
#define LLSEC802154_USES_ENCRYPTION (LLSEC802154_SECURITY_LEVEL & (1 << 2))
|
#define LLSEC802154_USES_ENCRYPTION (LLSEC802154_SECURITY_LEVEL & (1 << 2))
|
||||||
#endif /* LLSEC802154_CONF_USES_ENCRYPTION */
|
#endif /* LLSEC802154_CONF_USES_ENCRYPTION */
|
||||||
|
|
||||||
|
#ifdef LLSEC802154_CONF_USES_EXPLICIT_KEYS
|
||||||
|
#define LLSEC802154_USES_EXPLICIT_KEYS LLSEC802154_CONF_USES_EXPLICIT_KEYS
|
||||||
|
#else /* LLSEC802154_CONF_USES_EXPLICIT_KEYS */
|
||||||
|
#define LLSEC802154_USES_EXPLICIT_KEYS 0
|
||||||
|
#endif /* LLSEC802154_CONF_USES_EXPLICIT_KEYS */
|
||||||
|
|
||||||
#endif /* LLSEC802154_H_ */
|
#endif /* LLSEC802154_H_ */
|
||||||
|
|
||||||
/** @} */
|
/** @} */
|
||||||
|
|
|
||||||
|
|
@ -92,6 +92,23 @@ addr_len(uint8_t mode)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
/*----------------------------------------------------------------------------*/
|
/*----------------------------------------------------------------------------*/
|
||||||
|
#if LLSEC802154_USES_EXPLICIT_KEYS
|
||||||
|
static uint8_t
|
||||||
|
get_key_id_len(uint8_t key_id_mode)
|
||||||
|
{
|
||||||
|
switch(key_id_mode) {
|
||||||
|
case FRAME802154_1_BYTE_KEY_ID_MODE:
|
||||||
|
return 1;
|
||||||
|
case FRAME802154_5_BYTE_KEY_ID_MODE:
|
||||||
|
return 5;
|
||||||
|
case FRAME802154_9_BYTE_KEY_ID_MODE:
|
||||||
|
return 9;
|
||||||
|
default:
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
#endif /* LLSEC802154_USES_EXPLICIT_KEYS */
|
||||||
|
/*----------------------------------------------------------------------------*/
|
||||||
static void
|
static void
|
||||||
field_len(frame802154_t *p, field_length_t *flen)
|
field_len(frame802154_t *p, field_length_t *flen)
|
||||||
{
|
{
|
||||||
|
|
@ -124,26 +141,11 @@ field_len(frame802154_t *p, field_length_t *flen)
|
||||||
#if LLSEC802154_SECURITY_LEVEL
|
#if LLSEC802154_SECURITY_LEVEL
|
||||||
/* Aux security header */
|
/* Aux security header */
|
||||||
if(p->fcf.security_enabled & 1) {
|
if(p->fcf.security_enabled & 1) {
|
||||||
flen->aux_sec_len = 5;
|
flen->aux_sec_len = 5
|
||||||
/* TODO Support key identifier mode !=0 */
|
#if LLSEC802154_USES_EXPLICIT_KEYS
|
||||||
#if 0
|
+ get_key_id_len(p->aux_hdr.security_control.key_id_mode);
|
||||||
switch(p->aux_hdr.security_control.key_id_mode) {
|
#endif /* LLSEC802154_USES_EXPLICIT_KEYS */
|
||||||
case 0:
|
;
|
||||||
flen->aux_sec_len = 5; /* minimum value */
|
|
||||||
break;
|
|
||||||
case 1:
|
|
||||||
flen->aux_sec_len = 6;
|
|
||||||
break;
|
|
||||||
case 2:
|
|
||||||
flen->aux_sec_len = 10;
|
|
||||||
break;
|
|
||||||
case 3:
|
|
||||||
flen->aux_sec_len = 14;
|
|
||||||
break;
|
|
||||||
default:
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
}
|
}
|
||||||
#endif /* LLSEC802154_SECURITY_LEVEL */
|
#endif /* LLSEC802154_SECURITY_LEVEL */
|
||||||
}
|
}
|
||||||
|
|
@ -183,6 +185,9 @@ frame802154_create(frame802154_t *p, uint8_t *buf)
|
||||||
int c;
|
int c;
|
||||||
field_length_t flen;
|
field_length_t flen;
|
||||||
uint8_t pos;
|
uint8_t pos;
|
||||||
|
#if LLSEC802154_USES_EXPLICIT_KEYS
|
||||||
|
uint8_t key_id_mode;
|
||||||
|
#endif /* LLSEC802154_USES_EXPLICIT_KEYS */
|
||||||
|
|
||||||
field_len(p, &flen);
|
field_len(p, &flen);
|
||||||
|
|
||||||
|
|
@ -226,10 +231,23 @@ frame802154_create(frame802154_t *p, uint8_t *buf)
|
||||||
#if LLSEC802154_SECURITY_LEVEL
|
#if LLSEC802154_SECURITY_LEVEL
|
||||||
/* Aux header */
|
/* Aux header */
|
||||||
if(flen.aux_sec_len) {
|
if(flen.aux_sec_len) {
|
||||||
/* TODO Support key identifier mode !=0 */
|
buf[pos++] = p->aux_hdr.security_control.security_level
|
||||||
buf[pos++] = p->aux_hdr.security_control.security_level;
|
#if LLSEC802154_USES_EXPLICIT_KEYS
|
||||||
|
| (p->aux_hdr.security_control.key_id_mode << 3)
|
||||||
|
#endif /* LLSEC802154_USES_EXPLICIT_KEYS */
|
||||||
|
;
|
||||||
memcpy(buf + pos, p->aux_hdr.frame_counter.u8, 4);
|
memcpy(buf + pos, p->aux_hdr.frame_counter.u8, 4);
|
||||||
pos += 4;
|
pos += 4;
|
||||||
|
|
||||||
|
#if LLSEC802154_USES_EXPLICIT_KEYS
|
||||||
|
key_id_mode = p->aux_hdr.security_control.key_id_mode;
|
||||||
|
if(key_id_mode) {
|
||||||
|
c = (key_id_mode - 1) * 4;
|
||||||
|
memcpy(buf + pos, p->aux_hdr.key_source.u8, c);
|
||||||
|
pos += c;
|
||||||
|
buf[pos++] = p->aux_hdr.key_index;
|
||||||
|
}
|
||||||
|
#endif /* LLSEC802154_USES_EXPLICIT_KEYS */
|
||||||
}
|
}
|
||||||
#endif /* LLSEC802154_SECURITY_LEVEL */
|
#endif /* LLSEC802154_SECURITY_LEVEL */
|
||||||
|
|
||||||
|
|
@ -251,6 +269,9 @@ frame802154_parse(uint8_t *data, int len, frame802154_t *pf)
|
||||||
uint8_t *p;
|
uint8_t *p;
|
||||||
frame802154_fcf_t fcf;
|
frame802154_fcf_t fcf;
|
||||||
int c;
|
int c;
|
||||||
|
#if LLSEC802154_USES_EXPLICIT_KEYS
|
||||||
|
uint8_t key_id_mode;
|
||||||
|
#endif /* LLSEC802154_USES_EXPLICIT_KEYS */
|
||||||
|
|
||||||
if(len < 3) {
|
if(len < 3) {
|
||||||
return 0;
|
return 0;
|
||||||
|
|
@ -333,20 +354,28 @@ frame802154_parse(uint8_t *data, int len, frame802154_t *pf)
|
||||||
linkaddr_copy((linkaddr_t *)&(pf->src_addr), &linkaddr_null);
|
linkaddr_copy((linkaddr_t *)&(pf->src_addr), &linkaddr_null);
|
||||||
pf->src_pid = 0;
|
pf->src_pid = 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
#if LLSEC802154_SECURITY_LEVEL
|
#if LLSEC802154_SECURITY_LEVEL
|
||||||
if(fcf.security_enabled) {
|
if(fcf.security_enabled) {
|
||||||
pf->aux_hdr.security_control.security_level = p[0] & 7;
|
pf->aux_hdr.security_control.security_level = p[0] & 7;
|
||||||
|
#if LLSEC802154_USES_EXPLICIT_KEYS
|
||||||
pf->aux_hdr.security_control.key_id_mode = (p[0] >> 3) & 3;
|
pf->aux_hdr.security_control.key_id_mode = (p[0] >> 3) & 3;
|
||||||
|
#endif /* LLSEC802154_USES_EXPLICIT_KEYS */
|
||||||
p += 1;
|
p += 1;
|
||||||
|
|
||||||
memcpy(pf->aux_hdr.frame_counter.u8, p, 4);
|
memcpy(pf->aux_hdr.frame_counter.u8, p, 4);
|
||||||
p += 4;
|
p += 4;
|
||||||
|
|
||||||
if(pf->aux_hdr.security_control.key_id_mode) {
|
#if LLSEC802154_USES_EXPLICIT_KEYS
|
||||||
/* TODO Support key identifier mode !=0 */
|
key_id_mode = pf->aux_hdr.security_control.key_id_mode;
|
||||||
return 0;
|
if(key_id_mode) {
|
||||||
|
c = (key_id_mode - 1) * 4;
|
||||||
|
memcpy(pf->aux_hdr.key_source.u8, p, c);
|
||||||
|
p += c;
|
||||||
|
pf->aux_hdr.key_index = p[0];
|
||||||
|
p += 1;
|
||||||
}
|
}
|
||||||
|
#endif /* LLSEC802154_USES_EXPLICIT_KEYS */
|
||||||
}
|
}
|
||||||
#endif /* LLSEC802154_SECURITY_LEVEL */
|
#endif /* LLSEC802154_SECURITY_LEVEL */
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -105,6 +105,11 @@
|
||||||
#define FRAME802154_SECURITY_LEVEL_ENC_MIC_64 (6)
|
#define FRAME802154_SECURITY_LEVEL_ENC_MIC_64 (6)
|
||||||
#define FRAME802154_SECURITY_LEVEL_ENC_MIC_128 (7)
|
#define FRAME802154_SECURITY_LEVEL_ENC_MIC_128 (7)
|
||||||
|
|
||||||
|
#define FRAME802154_IMPLICIT_KEY (0)
|
||||||
|
#define FRAME802154_1_BYTE_KEY_ID_MODE (1)
|
||||||
|
#define FRAME802154_5_BYTE_KEY_ID_MODE (2)
|
||||||
|
#define FRAME802154_9_BYTE_KEY_ID_MODE (3)
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @brief The IEEE 802.15.4 frame has a number of constant/fixed fields that
|
* @brief The IEEE 802.15.4 frame has a number of constant/fixed fields that
|
||||||
* can be counted to make frame construction and max payload
|
* can be counted to make frame construction and max payload
|
||||||
|
|
@ -146,11 +151,17 @@ typedef union {
|
||||||
uint8_t u8[4];
|
uint8_t u8[4];
|
||||||
} frame802154_frame_counter_t;
|
} frame802154_frame_counter_t;
|
||||||
|
|
||||||
|
typedef union {
|
||||||
|
uint16_t u16[4];
|
||||||
|
uint8_t u8[8];
|
||||||
|
} frame802154_key_source_t;
|
||||||
|
|
||||||
/** \brief 802.15.4 Aux security header */
|
/** \brief 802.15.4 Aux security header */
|
||||||
typedef struct {
|
typedef struct {
|
||||||
frame802154_scf_t security_control; /**< Security control bitfield */
|
frame802154_scf_t security_control; /**< Security control bitfield */
|
||||||
frame802154_frame_counter_t frame_counter; /**< Frame counter, used for security */
|
frame802154_frame_counter_t frame_counter; /**< Frame counter, used for security */
|
||||||
uint8_t key[9]; /**< The key itself, or an index to the key */
|
frame802154_key_source_t key_source; /**< Key Source subfield */
|
||||||
|
uint8_t key_index; /**< Key Index subfield */
|
||||||
} frame802154_aux_hdr_t;
|
} frame802154_aux_hdr_t;
|
||||||
|
|
||||||
/** \brief Parameters used by the frame802154_create() function. These
|
/** \brief Parameters used by the frame802154_create() function. These
|
||||||
|
|
|
||||||
|
|
@ -122,6 +122,11 @@ create_frame(int type, int do_create)
|
||||||
params.aux_hdr.security_control.security_level = packetbuf_attr(PACKETBUF_ATTR_SECURITY_LEVEL);
|
params.aux_hdr.security_control.security_level = packetbuf_attr(PACKETBUF_ATTR_SECURITY_LEVEL);
|
||||||
params.aux_hdr.frame_counter.u16[0] = packetbuf_attr(PACKETBUF_ATTR_FRAME_COUNTER_BYTES_0_1);
|
params.aux_hdr.frame_counter.u16[0] = packetbuf_attr(PACKETBUF_ATTR_FRAME_COUNTER_BYTES_0_1);
|
||||||
params.aux_hdr.frame_counter.u16[1] = packetbuf_attr(PACKETBUF_ATTR_FRAME_COUNTER_BYTES_2_3);
|
params.aux_hdr.frame_counter.u16[1] = packetbuf_attr(PACKETBUF_ATTR_FRAME_COUNTER_BYTES_2_3);
|
||||||
|
#if LLSEC802154_USES_EXPLICIT_KEYS
|
||||||
|
params.aux_hdr.security_control.key_id_mode = packetbuf_attr(PACKETBUF_ATTR_KEY_ID_MODE);
|
||||||
|
params.aux_hdr.key_index = packetbuf_attr(PACKETBUF_ATTR_KEY_INDEX);
|
||||||
|
params.aux_hdr.key_source.u16[0] = packetbuf_attr(PACKETBUF_ATTR_KEY_SOURCE_BYTES_0_1);
|
||||||
|
#endif /* LLSEC802154_USES_EXPLICIT_KEYS */
|
||||||
#endif /* LLSEC802154_SECURITY_LEVEL */
|
#endif /* LLSEC802154_SECURITY_LEVEL */
|
||||||
|
|
||||||
/* Increment and set the data sequence number. */
|
/* Increment and set the data sequence number. */
|
||||||
|
|
@ -245,10 +250,16 @@ parse(void)
|
||||||
packetbuf_set_attr(PACKETBUF_ATTR_PACKET_ID, frame.seq);
|
packetbuf_set_attr(PACKETBUF_ATTR_PACKET_ID, frame.seq);
|
||||||
|
|
||||||
#if LLSEC802154_SECURITY_LEVEL
|
#if LLSEC802154_SECURITY_LEVEL
|
||||||
/* Setting security-related attributes */
|
if(frame.fcf.security_enabled) {
|
||||||
packetbuf_set_attr(PACKETBUF_ATTR_SECURITY_LEVEL, frame.aux_hdr.security_control.security_level);
|
packetbuf_set_attr(PACKETBUF_ATTR_SECURITY_LEVEL, frame.aux_hdr.security_control.security_level);
|
||||||
packetbuf_set_attr(PACKETBUF_ATTR_FRAME_COUNTER_BYTES_0_1, frame.aux_hdr.frame_counter.u16[0]);
|
packetbuf_set_attr(PACKETBUF_ATTR_FRAME_COUNTER_BYTES_0_1, frame.aux_hdr.frame_counter.u16[0]);
|
||||||
packetbuf_set_attr(PACKETBUF_ATTR_FRAME_COUNTER_BYTES_2_3, frame.aux_hdr.frame_counter.u16[1]);
|
packetbuf_set_attr(PACKETBUF_ATTR_FRAME_COUNTER_BYTES_2_3, frame.aux_hdr.frame_counter.u16[1]);
|
||||||
|
#if LLSEC802154_USES_EXPLICIT_KEYS
|
||||||
|
packetbuf_set_attr(PACKETBUF_ATTR_KEY_ID_MODE, frame.aux_hdr.security_control.key_id_mode);
|
||||||
|
packetbuf_set_attr(PACKETBUF_ATTR_KEY_INDEX, frame.aux_hdr.key_index);
|
||||||
|
packetbuf_set_attr(PACKETBUF_ATTR_KEY_SOURCE_BYTES_0_1, frame.aux_hdr.key_source.u16[0]);
|
||||||
|
#endif /* LLSEC802154_USES_EXPLICIT_KEYS */
|
||||||
|
}
|
||||||
#endif /* LLSEC802154_SECURITY_LEVEL */
|
#endif /* LLSEC802154_SECURITY_LEVEL */
|
||||||
|
|
||||||
PRINTF("15.4-IN: %2X", frame.fcf.frame_type);
|
PRINTF("15.4-IN: %2X", frame.fcf.frame_type);
|
||||||
|
|
|
||||||
|
|
@ -362,6 +362,11 @@ enum {
|
||||||
PACKETBUF_ATTR_SECURITY_LEVEL,
|
PACKETBUF_ATTR_SECURITY_LEVEL,
|
||||||
PACKETBUF_ATTR_FRAME_COUNTER_BYTES_0_1,
|
PACKETBUF_ATTR_FRAME_COUNTER_BYTES_0_1,
|
||||||
PACKETBUF_ATTR_FRAME_COUNTER_BYTES_2_3,
|
PACKETBUF_ATTR_FRAME_COUNTER_BYTES_2_3,
|
||||||
|
#if LLSEC802154_USES_EXPLICIT_KEYS
|
||||||
|
PACKETBUF_ATTR_KEY_ID_MODE,
|
||||||
|
PACKETBUF_ATTR_KEY_INDEX,
|
||||||
|
PACKETBUF_ATTR_KEY_SOURCE_BYTES_0_1,
|
||||||
|
#endif /* LLSEC802154_USES_EXPLICIT_KEYS */
|
||||||
#endif /* LLSEC802154_SECURITY_LEVEL */
|
#endif /* LLSEC802154_SECURITY_LEVEL */
|
||||||
|
|
||||||
/* Scope 2 attributes: used between end-to-end nodes. */
|
/* Scope 2 attributes: used between end-to-end nodes. */
|
||||||
|
|
@ -389,6 +394,15 @@ enum {
|
||||||
};
|
};
|
||||||
#endif /* LLSEC802154_SECURITY_LEVEL */
|
#endif /* LLSEC802154_SECURITY_LEVEL */
|
||||||
|
|
||||||
|
/* Define surrogates when not using explicit keys */
|
||||||
|
#if !LLSEC802154_USES_EXPLICIT_KEYS
|
||||||
|
enum {
|
||||||
|
PACKETBUF_ATTR_KEY_ID_MODE,
|
||||||
|
PACKETBUF_ATTR_KEY_INDEX,
|
||||||
|
PACKETBUF_ATTR_KEY_SOURCE_BYTES_0_1
|
||||||
|
};
|
||||||
|
#endif /* LLSEC802154_USES_EXPLICIT_KEYS */
|
||||||
|
|
||||||
#define PACKETBUF_NUM_ADDRS 4
|
#define PACKETBUF_NUM_ADDRS 4
|
||||||
#define PACKETBUF_NUM_ATTRS (PACKETBUF_ATTR_MAX - PACKETBUF_NUM_ADDRS)
|
#define PACKETBUF_NUM_ATTRS (PACKETBUF_ATTR_MAX - PACKETBUF_NUM_ADDRS)
|
||||||
#define PACKETBUF_ADDR_FIRST PACKETBUF_ADDR_SENDER
|
#define PACKETBUF_ADDR_FIRST PACKETBUF_ADDR_SENDER
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue