ieee802154_security.h
Go to the documentation of this file.
1 /*
2  * Copyright (C) 2020 Otto-von-Guericke-Universit├Ąt Magdeburg
3  *
4  * This file is subject to the terms and conditions of the GNU Lesser
5  * General Public License v2.1. See the file LICENSE in the top level
6  * directory for more details.
7  */
8 
30 #ifndef NET_IEEE802154_SECURITY_H
31 #define NET_IEEE802154_SECURITY_H
32 
33 #include <stdint.h>
34 #include "kernel_defines.h"
35 #include "ieee802154.h"
36 #include "crypto/ciphers.h"
37 
38 #ifdef __cplusplus
39 extern "C" {
40 #endif
41 
46 
66  const uint8_t *key,
67  uint8_t key_size);
77  void (*cbc)(const ieee802154_sec_dev_t *dev,
78  uint8_t *cipher,
79  uint8_t *iv,
80  const uint8_t *plain,
81  uint8_t nblocks);
90  void (*ecb)(const ieee802154_sec_dev_t *dev,
91  uint8_t *cipher,
92  const uint8_t *plain,
93  uint8_t nblocks);
95 
107  void *ctx;
108 };
109 
110 #if !defined(CONFIG_IEEE802154_SEC_DEFAULT_KEY) || defined(DOXYGEN)
117 #define CONFIG_IEEE802154_SEC_DEFAULT_KEY "pizza_margherita"
118 #endif
119 
123 #define IEEE802154_SEC_KEY_LENGTH (16U)
124 
128 #define IEEE802154_SEC_BLOCK_SIZE (16U)
129 
133 #define IEEE802154_SEC_MAX_AUX_HDR_LEN (14U)
134 
138 #define IEEE802154_SEC_MAX_MAC_SIZE (16U)
139 
143 #define IEEE802154_SEC_SCF_SECLEVEL_MASK (0x07)
144 
148 #define IEEE802154_SEC_SCF_SECLEVEL_SHIFT (0)
149 
153 #define IEEE802154_SEC_SCF_KEYMODE_MASK (0x18)
154 
158 #define IEEE802154_SEC_SCF_KEYMODE_SHIFT (3)
159 
178 typedef enum {
188 
218 typedef enum {
224 
228 typedef enum {
235 
239 typedef struct ieee802154_sec_context {
247  uint8_t security_level;
251  uint8_t key_id_mode;
255  uint8_t key_index;
265  uint32_t frame_counter;
271 
275 typedef struct __attribute__((packed)) {
293  uint8_t scf;
297  uint32_t fc;
301  uint8_t key_id[];
303 
307 typedef struct __attribute__((packed)) {
311  uint8_t key_index;
313 
317 typedef struct __attribute__((packed)) {
321  uint8_t key_source[4];
325  uint8_t key_index;
327 
331 typedef struct __attribute__((packed)) {
335  uint8_t key_source[IEEE802154_LONG_ADDRESS_LEN];
339  uint8_t key_index;
341 
345 typedef struct __attribute__((packed)) {
349  uint8_t src_addr[IEEE802154_LONG_ADDRESS_LEN];
353  uint32_t frame_counter;
357  uint8_t security_level;
359 
363 typedef struct __attribute__((packed)) {
367  uint8_t flags;
376  uint16_t counter;
378 
385 
404  const uint8_t *header, uint8_t *header_size,
405  uint8_t *payload, uint16_t payload_size,
406  uint8_t *mic, uint8_t *mic_size,
407  const uint8_t *src_address);
408 
428  uint16_t frame_size,
429  uint8_t *header, uint8_t *header_size,
430  uint8_t **payload, uint16_t *payload_size,
431  uint8_t **mic, uint8_t *mic_size,
432  const uint8_t *src_address);
433 
438 
439 #ifdef __cplusplus
440 }
441 #endif
442 
443 #endif /* NET_IEEE802154_SECURITY_H */
Headers for the packet encryption class.
#define IEEE802154_LONG_ADDRESS_LEN
long address (EUI-64)
Definition: ieee802154.h:45
int ieee802154_sec_encrypt_frame(ieee802154_sec_context_t *ctx, const uint8_t *header, uint8_t *header_size, uint8_t *payload, uint16_t payload_size, uint8_t *mic, uint8_t *mic_size, const uint8_t *src_address)
Encrypt IEEE 802.15.4 frame according to ctx.
ieee802154_sec_scf_seclevel_t
Security levels.
ieee802154_sec_error_t
IEEE 802.15.4 security error codes.
ieee802154_sec_scf_keymode_t
Key identifier modes.
struct ieee802154_radio_cipher_ops ieee802154_radio_cipher_ops_t
Struct of security operations.
const ieee802154_radio_cipher_ops_t ieee802154_radio_cipher_ops
Default descriptor that will fallback to default implementations.
void ieee802154_sec_init(ieee802154_sec_context_t *ctx)
Initialize IEEE 802.15.4 security context with default values.
int ieee802154_sec_decrypt_frame(ieee802154_sec_context_t *ctx, uint16_t frame_size, uint8_t *header, uint8_t *header_size, uint8_t **payload, uint16_t *payload_size, uint8_t **mic, uint8_t *mic_size, const uint8_t *src_address)
Decrypt IEEE 802.15.4 frame according to ctx.
struct ieee802154_sec_context ieee802154_sec_context_t
Struct to hold IEEE 802.15.4 security information.
@ IEEE802154_SEC_SCF_SECLEVEL_MIC32
32 bit MIC
@ IEEE802154_SEC_SCF_SECLEVEL_ENC_MIC32
enc.
@ IEEE802154_SEC_SCF_SECLEVEL_MIC128
128 bit MIC
@ IEEE802154_SEC_SCF_SECLEVEL_MIC64
64 bit MIC
@ IEEE802154_SEC_SCF_SECLEVEL_ENC_MIC64
enc.
@ IEEE802154_SEC_SCF_SECLEVEL_ENC_MIC128
enc.
@ IEEE802154_SEC_SCF_SECLEVEL_NONE
no security
@ IEEE802154_SEC_SCF_SECLEVEL_ENC
encryption
@ IEEE802154_SEC_OK
Everything went fine.
@ IEEE802154_SEC_UNSUPORTED
Unsupported operation.
@ IEEE802154_SEC_MAC_CHECK_FAILURE
The computet MAC did not match.
@ IEEE802154_SEC_FRAME_COUNTER_OVERFLOW
The requested operation would let the frame counter overflow.
@ IEEE802154_SEC_NO_KEY
Could not find the key to perform a requested cipher operation.
@ IEEE802154_SEC_SCF_KEYMODE_IMPLICIT
Key is determined implicitly.
@ IEEE802154_SEC_SCF_KEYMODE_INDEX
Key is determined from key index.
@ IEEE802154_SEC_SCF_KEYMODE_SHORT_INDEX
Key is determined from 4 byte key source and key index.
@ IEEE802154_SEC_SCF_KEYMODE_HW_INDEX
Key is determined from 8 byte key source and key index.
Common macros and compiler attributes/pragmas configuration.
basic struct for using block ciphers contains the cipher interface and the context
Definition: ciphers.h:119
Struct of security operations.
void(* ecb)(const ieee802154_sec_dev_t *dev, uint8_t *cipher, const uint8_t *plain, uint8_t nblocks)
Function type to perform ECB encryption.
void(* cbc)(const ieee802154_sec_dev_t *dev, uint8_t *cipher, uint8_t *iv, const uint8_t *plain, uint8_t nblocks)
Function type to compute CBC-MAC.
void(* set_key)(ieee802154_sec_dev_t *dev, const uint8_t *key, uint8_t key_size)
Function to set the encryption key for the next cipher operation.
Content of key_source if key mode is IEEE802154_SEC_SCF_KEYMODE_INDEX.
uint8_t key_index
Key index of key from originator, defined by key source.
Content of key_source if key mode is IEEE802154_SEC_SCF_KEYMODE_SHORT_INDEX.
uint8_t key_index
Key index of key from originator, defined by key source.
Content of key_source if key mode is IEEE802154_SEC_SCF_KEYMODE_HW_INDEX.
uint8_t key_index
Key index of key from originator, defined by key source.
IEEE 802.15.4 auxiliary security header.
uint8_t scf
Security Control field (SCF)
uint32_t fc
frame counter
Format of 16 byte input block of CCM.
ieee802154_sec_ccm_nonce_t nonce
Nonce (Number that is only used once)
uint16_t counter
Either the length of the actual message (for CBC-MAC) or a block counter (for CTR)
Format of 13 byte nonce.
uint32_t frame_counter
Frame counter.
uint8_t security_level
One of IEEE802154_SEC_SCF_SECLEVEL_*.
Struct to hold IEEE 802.15.4 security information.
uint8_t key_index
Key index.
ieee802154_sec_dev_t dev
802.15.4 security dev
uint8_t key_id_mode
Key mode IEEE802154_SEC_SCF_KEYMODE_*.
uint32_t frame_counter
Own frame counter.
cipher_t cipher
Cipher context with AES128 interface and key storage.
uint8_t key_source[IEEE802154_LONG_ADDRESS_LEN]
Key source.
uint8_t security_level
Security level IEEE802154_SEC_SCF_SECLEVEL_*.
IEEE 802.15.4 security device descriptor.
const struct ieee802154_radio_cipher_ops * cipher_ops
Pointer to the operations of the device.
void * ctx
Pointer to the context of the device.
IEEE 802.15.4 header definitions.