llsec: Allow for sharing CCM*
This commit is contained in:
parent
13d9510715
commit
d161ffcb64
2 changed files with 275 additions and 0 deletions
190
core/net/llsec/ccm.c
Normal file
190
core/net/llsec/ccm.c
Normal file
|
@ -0,0 +1,190 @@
|
|||
/**
|
||||
* \addtogroup llsec802154
|
||||
* @{
|
||||
*/
|
||||
|
||||
/*
|
||||
* Copyright (c) 2013, Hasso-Plattner-Institut.
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
* 3. Neither the name of the Institute nor the names of its contributors
|
||||
* may be used to endorse or promote products derived from this software
|
||||
* without specific prior written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* This file is part of the Contiki operating system.
|
||||
*
|
||||
*/
|
||||
|
||||
/**
|
||||
* \file
|
||||
* AES_128-based CCM* implementation.
|
||||
* \author
|
||||
* Konrad Krentz <konrad.krentz@gmail.com>
|
||||
*/
|
||||
|
||||
#include "net/llsec/ccm.h"
|
||||
#include "net/llsec/llsec802154.h"
|
||||
#include "net/packetbuf.h"
|
||||
#include "lib/aes-128.h"
|
||||
#include <string.h>
|
||||
|
||||
/*---------------------------------------------------------------------------*/
|
||||
static void
|
||||
set_nonce(uint8_t *nonce,
|
||||
uint8_t flags,
|
||||
const uint8_t *extended_source_address,
|
||||
uint8_t counter)
|
||||
{
|
||||
/* 1 byte|| 8 bytes || 4 bytes || 1 byte || 2 bytes */
|
||||
/* flags || extended_source_address || frame_counter || sec_lvl || counter */
|
||||
|
||||
nonce[0] = flags;
|
||||
memcpy(nonce + 1, extended_source_address, 8);
|
||||
nonce[9] = packetbuf_attr(PACKETBUF_ATTR_FRAME_COUNTER_BYTES_2_3) >> 8;
|
||||
nonce[10] = packetbuf_attr(PACKETBUF_ATTR_FRAME_COUNTER_BYTES_2_3) & 0xff;
|
||||
nonce[11] = packetbuf_attr(PACKETBUF_ATTR_FRAME_COUNTER_BYTES_0_1) >> 8;
|
||||
nonce[12] = packetbuf_attr(PACKETBUF_ATTR_FRAME_COUNTER_BYTES_0_1) & 0xff;
|
||||
nonce[13] = packetbuf_attr(PACKETBUF_ATTR_SECURITY_LEVEL);
|
||||
nonce[14] = 0;
|
||||
nonce[15] = counter;
|
||||
}
|
||||
/*---------------------------------------------------------------------------*/
|
||||
/* XORs the block m[pos] ... m[pos + 15] with K_{counter} */
|
||||
static void
|
||||
ctr_step(const uint8_t *extended_source_address,
|
||||
uint8_t pos,
|
||||
uint8_t *m_and_result,
|
||||
uint8_t m_len,
|
||||
uint8_t counter)
|
||||
{
|
||||
uint8_t a[AES_128_BLOCK_SIZE];
|
||||
uint8_t i;
|
||||
|
||||
set_nonce(a, CCM_ENCRYPTION_FLAGS, extended_source_address, counter);
|
||||
AES_128.encrypt(a);
|
||||
|
||||
for(i = 0; (pos + i < m_len) && (i < AES_128_BLOCK_SIZE); i++) {
|
||||
m_and_result[pos + i] ^= a[i];
|
||||
}
|
||||
}
|
||||
/*---------------------------------------------------------------------------*/
|
||||
static void
|
||||
mic(const uint8_t *extended_source_address,
|
||||
uint8_t *result,
|
||||
uint8_t mic_len)
|
||||
{
|
||||
uint8_t x[AES_128_BLOCK_SIZE];
|
||||
uint8_t pos;
|
||||
uint8_t i;
|
||||
uint8_t a_len;
|
||||
uint8_t *a;
|
||||
#if LLSEC802154_USES_ENCRYPTION
|
||||
uint8_t shall_encrypt;
|
||||
uint8_t m_len;
|
||||
uint8_t *m;
|
||||
|
||||
shall_encrypt = packetbuf_attr(PACKETBUF_ATTR_SECURITY_LEVEL) & (1 << 2);
|
||||
if(shall_encrypt) {
|
||||
a_len = packetbuf_hdrlen();
|
||||
m_len = packetbuf_datalen();
|
||||
} else {
|
||||
a_len = packetbuf_totlen();
|
||||
m_len = 0;
|
||||
}
|
||||
set_nonce(x,
|
||||
CCM_AUTH_FLAGS(a_len, mic_len),
|
||||
extended_source_address,
|
||||
m_len);
|
||||
#else /* LLSEC802154_USES_ENCRYPTION */
|
||||
a_len = packetbuf_totlen();
|
||||
set_nonce(x,
|
||||
CCM_AUTH_FLAGS(a_len, mic_len),
|
||||
extended_source_address,
|
||||
0);
|
||||
#endif /* LLSEC802154_USES_ENCRYPTION */
|
||||
AES_128.encrypt(x);
|
||||
|
||||
a = packetbuf_hdrptr();
|
||||
if(a_len) {
|
||||
x[1] = x[1] ^ a_len;
|
||||
for(i = 2; (i - 2 < a_len) && (i < AES_128_BLOCK_SIZE); i++) {
|
||||
x[i] ^= a[i - 2];
|
||||
}
|
||||
|
||||
AES_128.encrypt(x);
|
||||
|
||||
pos = 14;
|
||||
while(pos < a_len) {
|
||||
for(i = 0; (pos + i < a_len) && (i < AES_128_BLOCK_SIZE); i++) {
|
||||
x[i] ^= a[pos + i];
|
||||
}
|
||||
pos += AES_128_BLOCK_SIZE;
|
||||
AES_128.encrypt(x);
|
||||
}
|
||||
}
|
||||
|
||||
#if LLSEC802154_USES_ENCRYPTION
|
||||
if(shall_encrypt) {
|
||||
m = a + a_len;
|
||||
pos = 0;
|
||||
while(pos < m_len) {
|
||||
for(i = 0; (pos + i < m_len) && (i < AES_128_BLOCK_SIZE); i++) {
|
||||
x[i] ^= m[pos + i];
|
||||
}
|
||||
pos += AES_128_BLOCK_SIZE;
|
||||
AES_128.encrypt(x);
|
||||
}
|
||||
}
|
||||
#endif /* LLSEC802154_USES_ENCRYPTION */
|
||||
|
||||
ctr_step(extended_source_address, 0, x, AES_128_BLOCK_SIZE, 0);
|
||||
|
||||
memcpy(result, x, mic_len);
|
||||
}
|
||||
/*---------------------------------------------------------------------------*/
|
||||
static void
|
||||
ctr(const uint8_t *extended_source_address)
|
||||
{
|
||||
uint8_t m_len;
|
||||
uint8_t *m;
|
||||
uint8_t pos;
|
||||
uint8_t counter;
|
||||
|
||||
m_len = packetbuf_datalen();
|
||||
m = (uint8_t *) packetbuf_dataptr();
|
||||
|
||||
pos = 0;
|
||||
counter = 1;
|
||||
while(pos < m_len) {
|
||||
ctr_step(extended_source_address, pos, m, m_len, counter++);
|
||||
pos += AES_128_BLOCK_SIZE;
|
||||
}
|
||||
}
|
||||
/*---------------------------------------------------------------------------*/
|
||||
const struct ccm_driver ccm_driver = {
|
||||
mic,
|
||||
ctr
|
||||
};
|
||||
/*---------------------------------------------------------------------------*/
|
||||
|
||||
/** @} */
|
85
core/net/llsec/ccm.h
Normal file
85
core/net/llsec/ccm.h
Normal file
|
@ -0,0 +1,85 @@
|
|||
/**
|
||||
* \addtogroup llsec802154
|
||||
* @{
|
||||
*/
|
||||
|
||||
/*
|
||||
* Copyright (c) 2013, Hasso-Plattner-Institut.
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
* 3. Neither the name of the Institute nor the names of its contributors
|
||||
* may be used to endorse or promote products derived from this software
|
||||
* without specific prior written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* This file is part of the Contiki operating system.
|
||||
*
|
||||
*/
|
||||
|
||||
/**
|
||||
* \file
|
||||
* CCM* header file.
|
||||
* \author
|
||||
* Konrad Krentz <konrad.krentz@gmail.com>
|
||||
*/
|
||||
|
||||
#ifndef CCM_H_
|
||||
#define CCM_H_
|
||||
|
||||
#include "contiki.h"
|
||||
#include "net/mac/frame802154.h"
|
||||
|
||||
/* see RFC 3610 */
|
||||
#define CCM_AUTH_FLAGS(Adata, M) ((Adata ? (1 << 6) : 0) | (((M - 2) >> 1) << 3) | 1)
|
||||
#define CCM_ENCRYPTION_FLAGS 1
|
||||
|
||||
#ifdef CCM_CONF
|
||||
#define CCM CCM_CONF
|
||||
#else /* CCM_CONF */
|
||||
#define CCM ccm_driver
|
||||
#endif /* CCM_CONF */
|
||||
|
||||
/**
|
||||
* Structure of CCM drivers.
|
||||
*/
|
||||
struct ccm_driver {
|
||||
|
||||
/**
|
||||
* \brief Generates a MIC over the frame in the packetbuf.
|
||||
* \param result The generated MIC will be put here
|
||||
* \param mic_len <= 16; set to LLSEC802154_MIC_LENGTH to be compliant
|
||||
*/
|
||||
void (* mic)(const uint8_t *extended_source_address,
|
||||
uint8_t *result,
|
||||
uint8_t mic_len);
|
||||
|
||||
/**
|
||||
* \brief XORs the frame in the packetbuf with the key stream.
|
||||
*/
|
||||
void (* ctr)(const uint8_t *extended_source_address);
|
||||
};
|
||||
|
||||
extern const struct ccm_driver CCM;
|
||||
|
||||
#endif /* CCM_H_ */
|
||||
|
||||
/** @} */
|
Loading…
Reference in a new issue