From 750435509ee2e5e256053f04c4506d2e51714d2e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabian=20H=C3=BC=C3=9Fler?= Date: Sat, 27 Feb 2021 23:00:25 +0100 Subject: [PATCH 1/6] drivers/at86rf2xx: remove get NETOPT_ENCRYPTION_KEY setting NETOPT_ENCRYPTION_KEY in device driver was redundant because it is also done in the ieee802154 netdev driver and the key is transfered to the hardware in the ieee802154 security implementation --- drivers/at86rf2xx/at86rf2xx.c | 4 ---- drivers/at86rf2xx/at86rf2xx_netdev.c | 17 ----------------- 2 files changed, 21 deletions(-) diff --git a/drivers/at86rf2xx/at86rf2xx.c b/drivers/at86rf2xx/at86rf2xx.c index 866877938d..e9c4ae7e58 100644 --- a/drivers/at86rf2xx/at86rf2xx.c +++ b/drivers/at86rf2xx/at86rf2xx.c @@ -233,10 +233,6 @@ void at86rf2xx_reset(at86rf2xx_t *dev) IS_USED(MODULE_AT86RF2XX_AES_SPI) dev->netdev.sec_ctx.dev.cipher_ops = &_at86rf2xx_cipher_ops; dev->netdev.sec_ctx.dev.ctx = dev; - /* All configurations of the security module, the SRAM content, - and keys are reset during DEEP_SLEEP or RESET state. */ - at86rf2xx_aes_key_write_encrypt(dev, - dev->netdev.sec_ctx.cipher.context.context); #endif /* State to return after receiving or transmitting */ diff --git a/drivers/at86rf2xx/at86rf2xx_netdev.c b/drivers/at86rf2xx/at86rf2xx_netdev.c index 6988dfbcfe..3cd109ace6 100644 --- a/drivers/at86rf2xx/at86rf2xx_netdev.c +++ b/drivers/at86rf2xx/at86rf2xx_netdev.c @@ -629,23 +629,6 @@ static int _set(netdev_t *netdev, netopt_t opt, const void *val, size_t len) break; #endif /* MODULE_NETDEV_IEEE802154_OQPSK */ - -#if IS_USED(MODULE_AT86RF2XX_AES_SPI) && \ - IS_USED(MODULE_IEEE802154_SECURITY) - case NETOPT_ENCRYPTION_KEY: - assert(len >= IEEE802154_SEC_KEY_LENGTH); - at86rf2xx_aes_key_write_encrypt(dev, val); - if (memcmp(dev->netdev.sec_ctx.cipher.context.context, val, len)) { - /* If the key changes, the frame conter can be reset to 0*/ - dev->netdev.sec_ctx.frame_counter = 0; - } - memcpy(dev->netdev.sec_ctx.cipher.context.context, val, - IEEE802154_SEC_KEY_LENGTH); - res = IEEE802154_SEC_KEY_LENGTH; - break; -#endif /* IS_USED(MODULE_AT86RF2XX_AES_SPI) && \ - IS_USED(MODULE_IEEE802154_SECURITY) */ - default: break; } From 43f1470abc32d2c3c387b9676e827bd5003450d0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabian=20H=C3=BC=C3=9Fler?= Date: Mon, 1 Mar 2021 10:37:06 +0100 Subject: [PATCH 2/6] sys/net/link_layer/ieee802154: fix small copy paste bug --- sys/net/link_layer/ieee802154/security.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sys/net/link_layer/ieee802154/security.c b/sys/net/link_layer/ieee802154/security.c index 63eedd9fc6..40a63e874b 100644 --- a/sys/net/link_layer/ieee802154/security.c +++ b/sys/net/link_layer/ieee802154/security.c @@ -208,7 +208,7 @@ static uint8_t _set_aux_hdr(const ieee802154_sec_context_t *ctx, break; case IEEE802154_SCF_KEYMODE_HW_INDEX: memcpy(ahr->key_id, ctx->key_source, 8); - memcpy(ahr->key_id + 4, &ctx->key_index, 1); + memcpy(ahr->key_id + 8, &ctx->key_index, 1); len += 9; break; default: From 7036c2b9eecd8f5f80c6a788f17b3da2b1bb78b8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabian=20H=C3=BC=C3=9Fler?= Date: Mon, 1 Mar 2021 10:46:43 +0100 Subject: [PATCH 3/6] sys/net/link_layer/ieee802154: fix small typos --- drivers/include/net/netdev/ieee802154.h | 2 +- sys/include/net/ieee802154_security.h | 12 ++++++------ sys/net/link_layer/ieee802154/security.c | 16 ++++++++-------- 3 files changed, 15 insertions(+), 15 deletions(-) diff --git a/drivers/include/net/netdev/ieee802154.h b/drivers/include/net/netdev/ieee802154.h index 7af8c5dd90..e1a0b4b608 100644 --- a/drivers/include/net/netdev/ieee802154.h +++ b/drivers/include/net/netdev/ieee802154.h @@ -119,7 +119,7 @@ typedef struct { uint8_t page; /**< channel page */ uint16_t flags; /**< flags as defined above */ int16_t txpower; /**< tx power in dBm */ -#if IS_USED(MODULE_IEEE802154_SECURITY) || defined (Doxygen) +#if IS_USED(MODULE_IEEE802154_SECURITY) || defined(DOXYGEN) ieee802154_sec_context_t sec_ctx; /**< security context */ #endif /** @} */ diff --git a/sys/include/net/ieee802154_security.h b/sys/include/net/ieee802154_security.h index 58ca1327c3..04dc4863ac 100644 --- a/sys/include/net/ieee802154_security.h +++ b/sys/include/net/ieee802154_security.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2020 Otto-von-Gericke-Universität Magdeburg + * Copyright (C) 2020 Otto-von-Guericke-Universität Magdeburg * * This file is subject to the terms and conditions of the GNU Lesser * General Public License v2.1. See the file LICENSE in the top level @@ -34,7 +34,7 @@ extern "C" { #endif /** - * @brief Forward declaration of an IEEE802.15.4 abstract security device + * @brief Forward declaration of an IEEE 802.15.4 abstract security device */ typedef struct ieee802154_sec_dev ieee802154_sec_dev_t; @@ -88,7 +88,7 @@ typedef struct ieee802154_radio_cipher_ops { } ieee802154_radio_cipher_ops_t; /** - * @brief IEEE802.15.4 security device descriptor + * @brief IEEE 802.15.4 security device descriptor */ struct ieee802154_sec_dev { /** @@ -206,7 +206,7 @@ typedef enum { * | | | | short source address | * | | | | of the originator of the frame. | * +----------------+-------------+------------------+------------------------------------+ - * | HX_INDEX | 8 bytes | 1 byte | The key can be determined | + * | HW_INDEX | 8 bytes | 1 byte | The key can be determined | * | | | | from the key index and | * | | | | the long address of the originator | * | | | | of the frame. | @@ -217,7 +217,7 @@ typedef enum { IEEE802154_SCF_KEYMODE_INDEX = 0x01, /**< Key is determined from key index */ IEEE802154_SCF_KEYMODE_SHORT_INDEX = 0x02, /**< Key is determined from 4 byte key source and key index */ IEEE802154_SCF_KEYMODE_HW_INDEX = 0x03 /**< Key is determined from 8 byte key source and key index */ -} ieee802154_scr_keymode_t; +} ieee802154_scf_keymode_t; /** * @brief IEEE 802.15.4 security error codes @@ -376,7 +376,7 @@ typedef struct __attribute__((packed)) { /** * @brief Initialize IEEE 802.15.4 security context with default values * - * @param[out] ctx security context + * @param[out] ctx IEEE 802.15.4 security context */ void ieee802154_sec_init(ieee802154_sec_context_t *ctx); diff --git a/sys/net/link_layer/ieee802154/security.c b/sys/net/link_layer/ieee802154/security.c index 40a63e874b..482210a08a 100644 --- a/sys/net/link_layer/ieee802154/security.c +++ b/sys/net/link_layer/ieee802154/security.c @@ -221,9 +221,9 @@ static uint8_t _set_aux_hdr(const ieee802154_sec_context_t *ctx, * @brief Construct the first block A0 for CTR */ static inline void _init_ctr_A0(ieee802154_ccm_block_t *A0, - uint32_t frame_counter, - uint8_t security_level, - const uint8_t *src_address) + uint32_t frame_counter, + uint8_t security_level, + const uint8_t *src_address) { A0->flags = _ccm_flag(0, 2); A0->nonce.frame_counter = htonl(frame_counter); @@ -244,11 +244,11 @@ static inline void _advance_ctr_Ai(ieee802154_ccm_block_t *Ai) * @brief Construct the first block B0 for CBC-MAC */ static inline void _init_cbc_B0(ieee802154_ccm_block_t *B0, - uint32_t frame_counter, - uint8_t security_level, - uint16_t m_len, - uint8_t mic_size, - const uint8_t *src_address) + uint32_t frame_counter, + uint8_t security_level, + uint16_t m_len, + uint8_t mic_size, + const uint8_t *src_address) { B0->flags = _ccm_flag(mic_size, 2); B0->nonce.frame_counter = htonl(frame_counter), From 1f0c62fbc8ef5b720754d1eb582c303104ec4125 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabian=20H=C3=BC=C3=9Fler?= Date: Mon, 1 Mar 2021 10:54:52 +0100 Subject: [PATCH 4/6] sys/net/link_layer/ieee802154: move _set_key _sec_ecb _sec_cbc together --- sys/net/link_layer/ieee802154/security.c | 58 ++++++++++-------------- 1 file changed, 24 insertions(+), 34 deletions(-) diff --git a/sys/net/link_layer/ieee802154/security.c b/sys/net/link_layer/ieee802154/security.c index 482210a08a..cbb73f4a5d 100644 --- a/sys/net/link_layer/ieee802154/security.c +++ b/sys/net/link_layer/ieee802154/security.c @@ -34,6 +34,15 @@ static inline uint16_t _min(uint16_t a, uint16_t b) return a < b ? a : b; } +static void _set_key(ieee802154_sec_context_t *ctx, + const uint8_t *key) +{ + if (ctx->dev.cipher_ops->set_key) { + ctx->dev.cipher_ops->set_key(&ctx->dev, key, IEEE802154_SEC_BLOCK_SIZE); + } + memcpy(ctx->cipher.context.context, key, IEEE802154_SEC_KEY_LENGTH); +} + /** * @brief Perform an ECB block cipher for IEEE 802.15.4 security layer. * @@ -48,7 +57,13 @@ static inline uint16_t _min(uint16_t a, uint16_t b) static void _sec_ecb(const ieee802154_sec_dev_t *dev, uint8_t *cipher, const uint8_t *plain, - uint8_t nblocks); + uint8_t nblocks) +{ + cipher_encrypt_ecb(&((ieee802154_sec_context_t *)dev->ctx)->cipher, + plain, + nblocks * IEEE802154_SEC_BLOCK_SIZE, + cipher); +} /** * @brief Perform a CBC block cipher for IEEE 802.15.4 security layer MIC @@ -67,7 +82,14 @@ static void _sec_cbc(const ieee802154_sec_dev_t *dev, uint8_t *cipher, uint8_t *iv, const uint8_t *plain, - uint8_t nblocks); + uint8_t nblocks) +{ + cipher_encrypt_cbc(&((ieee802154_sec_context_t *)dev->ctx)->cipher, + iv, + plain, + nblocks * IEEE802154_SEC_BLOCK_SIZE, + cipher); +} /** * @brief Flag field of CCM input block @@ -321,14 +343,6 @@ static uint8_t _cbc_next(ieee802154_sec_context_t *ctx, return s; } -static void _set_key(ieee802154_sec_context_t *ctx, const uint8_t *key) -{ - if (ctx->dev.cipher_ops->set_key) { - ctx->dev.cipher_ops->set_key(&ctx->dev, key, IEEE802154_SEC_BLOCK_SIZE); - } - memcpy(ctx->cipher.context.context, key, IEEE802154_SEC_KEY_LENGTH); -} - static void _comp_mic(ieee802154_sec_context_t *ctx, uint8_t mic[IEEE802154_MAC_SIZE], ieee802154_ccm_block_t *B0, @@ -527,27 +541,3 @@ int ieee802154_sec_decrypt_frame(ieee802154_sec_context_t *ctx, *header_size += aux_size; return IEEE802154_SEC_OK; } - -static void _sec_ecb(const ieee802154_sec_dev_t *dev, - uint8_t *cipher, - const uint8_t *plain, - uint8_t nblocks) -{ - cipher_encrypt_ecb(&((ieee802154_sec_context_t *)dev->ctx)->cipher, - plain, - nblocks * IEEE802154_SEC_BLOCK_SIZE, - cipher); -} - -static void _sec_cbc(const ieee802154_sec_dev_t *dev, - uint8_t *cipher, - uint8_t *iv, - const uint8_t *plain, - uint8_t nblocks) -{ - cipher_encrypt_cbc(&((ieee802154_sec_context_t *)dev->ctx)->cipher, - iv, - plain, - nblocks * IEEE802154_SEC_BLOCK_SIZE, - cipher); -} From 9390b3072b87bc519dec73e907f9cfad6346ac84 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabian=20H=C3=BC=C3=9Fler?= Date: Mon, 1 Mar 2021 10:59:57 +0100 Subject: [PATCH 5/6] sys/net/link_layer/ieee802154: add missing const --- sys/net/link_layer/ieee802154/security.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sys/net/link_layer/ieee802154/security.c b/sys/net/link_layer/ieee802154/security.c index cbb73f4a5d..bdec76d57b 100644 --- a/sys/net/link_layer/ieee802154/security.c +++ b/sys/net/link_layer/ieee802154/security.c @@ -178,7 +178,7 @@ static inline bool _req_encryption(uint8_t sec_level) static inline void _memxor(void *dst, const void* src, size_t size) { while (size--) { - ((uint8_t *)dst)[size] ^= ((uint8_t *)src)[size]; + ((uint8_t *)dst)[size] ^= ((const uint8_t *)src)[size]; } } From 346f92f663227a61af8229c7065741d0ac2ba745 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabian=20H=C3=BC=C3=9Fler?= Date: Sat, 27 Feb 2021 23:23:01 +0100 Subject: [PATCH 6/6] sys/net/link_layer/ieee802154: stricter names for security types stricter prefixing of security related types and constants with "ieee802154_sec_" --- drivers/netdev/ieee802154.c | 2 +- sys/include/net/ieee802154_security.h | 82 +++++++------- .../netif/ieee802154/gnrc_netif_ieee802154.c | 4 +- sys/net/link_layer/ieee802154/security.c | 105 +++++++++--------- 4 files changed, 96 insertions(+), 97 deletions(-) diff --git a/drivers/netdev/ieee802154.c b/drivers/netdev/ieee802154.c index 2296ffa19f..95fb902225 100644 --- a/drivers/netdev/ieee802154.c +++ b/drivers/netdev/ieee802154.c @@ -178,7 +178,7 @@ int netdev_ieee802154_get(netdev_ieee802154_t *dev, netopt_t opt, void *value, *((uint16_t *)value) = (_get_ieee802154_pdu(dev) - IEEE802154_MAX_HDR_LEN) #if IS_USED(MODULE_IEEE802154_SECURITY) - -IEEE802154_MAX_AUX_HDR_LEN + -IEEE802154_SEC_MAX_AUX_HDR_LEN #endif /* IS_USED(MODULE_IEEE802154_SECURITY) */ - IEEE802154_FCS_LEN; res = sizeof(uint16_t); diff --git a/sys/include/net/ieee802154_security.h b/sys/include/net/ieee802154_security.h index 04dc4863ac..12ded7f327 100644 --- a/sys/include/net/ieee802154_security.h +++ b/sys/include/net/ieee802154_security.h @@ -101,14 +101,14 @@ struct ieee802154_sec_dev { void *ctx; }; -#if !defined(IEEE802154_DEFAULT_KEY) || defined(DOXYGEN) +#if !defined(IEEE802154_SEC_DEFAULT_KEY) || defined(DOXYGEN) /** * @brief AES key that is used in the test vectors from the specification * * @note Predefine it yourself, * if you want another key to be set up on initialization */ -#define IEEE802154_DEFAULT_KEY { 0xc0, 0xc1, 0xc2, 0xc3, \ +#define IEEE802154_SEC_DEFAULT_KEY { 0xc0, 0xc1, 0xc2, 0xc3, \ 0xc4, 0xc5, 0xc6, 0xc7, \ 0xc8, 0xc9, 0xca, 0xcb, \ 0xcc, 0xcd, 0xce, 0xcf } @@ -127,68 +127,68 @@ struct ieee802154_sec_dev { /** * @brief Maximum length of the security auxiliary header in bytes */ -#define IEEE802154_MAX_AUX_HDR_LEN (14U) +#define IEEE802154_SEC_MAX_AUX_HDR_LEN (14U) /** * @brief Maximum Size of IEEE 802.15.4 MAC */ -#define IEEE802154_MAC_SIZE (16U) +#define IEEE802154_SEC_MAX_MAC_SIZE (16U) /** * @brief Mask to get security level bits */ -#define IEEE802154_SCF_SECLEVEL_MASK (0x07) +#define IEEE802154_SEC_SCF_SECLEVEL_MASK (0x07) /** * @brief Number of shifts to set/get security level bits */ -#define IEEE802154_SCF_SECLEVEL_SHIFT (0) +#define IEEE802154_SEC_SCF_SECLEVEL_SHIFT (0) /** * @brief Mask to get key mode bits */ -#define IEEE802154_SCF_KEYMODE_MASK (0x18) +#define IEEE802154_SEC_SCF_KEYMODE_MASK (0x18) /** * @brief Number of shifts to set/get key mode bits */ -#define IEEE802154_SCF_KEYMODE_SHIFT (3) +#define IEEE802154_SEC_SCF_KEYMODE_SHIFT (3) /** * @brief Security levels * - * IEEE802154_SCF_SECLEVEL_MIC*: + * IEEE802154_SEC_SCF_SECLEVEL_MIC*: * A message integrity code (MIC), also known as MAC, * is used to prove authentication. The MIC covers the whole frame * i.e. header, auxiliary header, and frame payload. * The MIC is always encrypted, thus it must be decrypted by the receiver, * to be checked. * - * IEEE802154_SCF_SECLEVEL_ENC*: + * IEEE802154_SEC_SCF_SECLEVEL_ENC*: * AES-128 in ECB mode is used to encrypt the payload of a frame to provide * confidentiality. * - * IEEE802154_SCF_SECLEVEL_ENC_MIC*: + * IEEE802154_SEC_SCF_SECLEVEL_ENC_MIC*: * A combination of the two modes above is used to ensure * authentication and confidentiality. */ typedef enum { - IEEE802154_SCF_SECLEVEL_NONE = 0x00, /**< no security */ - IEEE802154_SCF_SECLEVEL_MIC32 = 0x01, /**< 32 bit MIC */ - IEEE802154_SCF_SECLEVEL_MIC64 = 0x02, /**< 64 bit MIC */ - IEEE802154_SCF_SECLEVEL_MIC128 = 0x03, /**< 128 bit MIC */ - IEEE802154_SCF_SECLEVEL_ENC = 0x04, /**< encryption */ - IEEE802154_SCF_SECLEVEL_ENC_MIC32 = 0x05, /**< enc. + 32 bit MIC */ - IEEE802154_SCF_SECLEVEL_ENC_MIC64 = 0x06, /**< enc. + 64 bit MIC (mandatory) */ - IEEE802154_SCF_SECLEVEL_ENC_MIC128 = 0x07 /**< enc. + 128 bit MIC */ -} ieee802154_scf_seclevel_t; + IEEE802154_SEC_SCF_SECLEVEL_NONE = 0x00, /**< no security */ + IEEE802154_SEC_SCF_SECLEVEL_MIC32 = 0x01, /**< 32 bit MIC */ + IEEE802154_SEC_SCF_SECLEVEL_MIC64 = 0x02, /**< 64 bit MIC */ + IEEE802154_SEC_SCF_SECLEVEL_MIC128 = 0x03, /**< 128 bit MIC */ + IEEE802154_SEC_SCF_SECLEVEL_ENC = 0x04, /**< encryption */ + IEEE802154_SEC_SCF_SECLEVEL_ENC_MIC32 = 0x05, /**< enc. + 32 bit MIC */ + IEEE802154_SEC_SCF_SECLEVEL_ENC_MIC64 = 0x06, /**< enc. + 64 bit MIC (mandatory) */ + IEEE802154_SEC_SCF_SECLEVEL_ENC_MIC128 = 0x07 /**< enc. + 128 bit MIC */ +} ieee802154_sec_scf_seclevel_t; /** * @brief Key identifier modes * * The key identifier field in the auxiliary header * consists of the key source and the key index fields and is only present - * if the key identifier mode is not IEEE802154_SCF_KEYMODE_IMPLICIT. + * if the key identifier mode is not IEEE802154_SEC_SCF_KEYMODE_IMPLICIT. * (see 9.4.3 in the spec.) * * +----------------+-------------+------------------+------------------------------------+ @@ -213,11 +213,11 @@ typedef enum { * +----------------+-------------+------------------+------------------------------------+ */ typedef enum { - IEEE802154_SCF_KEYMODE_IMPLICIT = 0x00, /**< Key is determined implicitly */ - IEEE802154_SCF_KEYMODE_INDEX = 0x01, /**< Key is determined from key index */ - IEEE802154_SCF_KEYMODE_SHORT_INDEX = 0x02, /**< Key is determined from 4 byte key source and key index */ - IEEE802154_SCF_KEYMODE_HW_INDEX = 0x03 /**< Key is determined from 8 byte key source and key index */ -} ieee802154_scf_keymode_t; + IEEE802154_SEC_SCF_KEYMODE_IMPLICIT = 0x00, /**< Key is determined implicitly */ + IEEE802154_SEC_SCF_KEYMODE_INDEX = 0x01, /**< Key is determined from key index */ + IEEE802154_SEC_SCF_KEYMODE_SHORT_INDEX = 0x02, /**< Key is determined from 4 byte key source and key index */ + IEEE802154_SEC_SCF_KEYMODE_HW_INDEX = 0x03 /**< Key is determined from 8 byte key source and key index */ +} ieee802154_sec_scf_keymode_t; /** * @brief IEEE 802.15.4 security error codes @@ -239,11 +239,11 @@ typedef struct ieee802154_sec_context { */ cipher_t cipher; /** - * @brief Security level IEEE802154_SCF_SECLEVEL_* + * @brief Security level IEEE802154_SEC_SCF_SECLEVEL_* */ uint8_t security_level; /** - * @brief Key mode IEEE802154_SCF_KEYMODE_* + * @brief Key mode IEEE802154_SEC_SCF_KEYMODE_* */ uint8_t key_id_mode; /** @@ -279,9 +279,9 @@ typedef struct __attribute__((packed)) { * +--------+--------+--------+--------+--------+--------+--------+--------+ * * security level: - * one of IEEE802154_SCF_SECLEVEL_* + * one of IEEE802154_SEC_SCF_SECLEVEL_* * key identifier mode: - * one of IEEE802154_SCF_KEY_* + * one of IEEE802154_SEC_SCF_KEY_* * frame counter suppression: * basically always zero because we do not support TSCH right now * ASN: @@ -296,20 +296,20 @@ typedef struct __attribute__((packed)) { * @brief key identifier (0 - 9 bytes) according to key id. mode */ uint8_t key_id[]; -} ieee802154_aux_sec_t; +} ieee802154_sec_aux_t; /** - * @brief Content of key_source if key mode is IEEE802154_SCF_KEYMODE_INDEX + * @brief Content of key_source if key mode is IEEE802154_SEC_SCF_KEYMODE_INDEX */ typedef struct __attribute__((packed)) { /** * @brief Key index of key from originator, defined by key source */ uint8_t key_index; -} ieee802154_aux_sec_key_identifier_1_t; +} ieee802154_sec_aux_key_identifier_1_t; /** - * @brief Content of key_source if key mode is IEEE802154_SCF_KEYMODE_SHORT_INDEX + * @brief Content of key_source if key mode is IEEE802154_SEC_SCF_KEYMODE_SHORT_INDEX */ typedef struct __attribute__((packed)) { /** @@ -320,10 +320,10 @@ typedef struct __attribute__((packed)) { * @brief Key index of key from originator, defined by key source */ uint8_t key_index; -} ieee802154_aux_sec_key_identifier_5_t; +} ieee802154_sec_aux_key_identifier_5_t; /** - * @brief Content of key_source if key mode is IEEE802154_SCF_KEYMODE_HW_INDEX + * @brief Content of key_source if key mode is IEEE802154_SEC_SCF_KEYMODE_HW_INDEX */ typedef struct __attribute__((packed)) { /** @@ -334,7 +334,7 @@ typedef struct __attribute__((packed)) { * @brief Key index of key from originator, defined by key source */ uint8_t key_index; -} ieee802154_aux_sec_key_identifier_9_t; +} ieee802154_sec_aux_key_identifier_9_t; /** * @brief Format of 13 byte nonce @@ -349,10 +349,10 @@ typedef struct __attribute__((packed)) { */ uint32_t frame_counter; /** - * @brief One of IEEE802154_SCF_SECLEVEL_* + * @brief One of IEEE802154_SEC_SCF_SECLEVEL_* */ uint8_t security_level; -} ieee802154_ccm_nonce_t; +} ieee802154_sec_ccm_nonce_t; /** * @brief Format of 16 byte input block of CCM @@ -365,13 +365,13 @@ typedef struct __attribute__((packed)) { /** * @brief Nonce (Number that is only used once) */ - ieee802154_ccm_nonce_t nonce; + ieee802154_sec_ccm_nonce_t nonce; /** * @brief Either the length of the actual message (for CBC-MAC) or * a block counter (for CTR) */ uint16_t counter; -} ieee802154_ccm_block_t; +} ieee802154_sec_ccm_block_t; /** * @brief Initialize IEEE 802.15.4 security context with default values diff --git a/sys/net/gnrc/netif/ieee802154/gnrc_netif_ieee802154.c b/sys/net/gnrc/netif/ieee802154/gnrc_netif_ieee802154.c index 5fbef5a2b2..c54f6beb25 100644 --- a/sys/net/gnrc/netif/ieee802154/gnrc_netif_ieee802154.c +++ b/sys/net/gnrc/netif/ieee802154/gnrc_netif_ieee802154.c @@ -245,7 +245,7 @@ static int _send(gnrc_netif_t *netif, gnrc_pktsnip_t *pkt) size_t src_len, dst_len; uint8_t mhr_len; #if IS_USED(MODULE_IEEE802154_SECURITY) - uint8_t mhr[IEEE802154_MAX_HDR_LEN + IEEE802154_MAX_AUX_HDR_LEN]; + uint8_t mhr[IEEE802154_MAX_HDR_LEN + IEEE802154_SEC_MAX_AUX_HDR_LEN]; #else uint8_t mhr[IEEE802154_MAX_HDR_LEN]; #endif @@ -336,7 +336,7 @@ static int _send(gnrc_netif_t *netif, gnrc_pktsnip_t *pkt) iolist_header.iol_next = (iolist_t *)pkt->next; - uint8_t mic[IEEE802154_MAC_SIZE]; + uint8_t mic[IEEE802154_SEC_MAX_MAC_SIZE]; uint8_t mic_size = 0; if (flags & NETDEV_IEEE802154_SECURITY_EN) { diff --git a/sys/net/link_layer/ieee802154/security.c b/sys/net/link_layer/ieee802154/security.c index bdec76d57b..0e7f6885b4 100644 --- a/sys/net/link_layer/ieee802154/security.c +++ b/sys/net/link_layer/ieee802154/security.c @@ -118,27 +118,27 @@ static inline uint8_t _ccm_flag(uint8_t M, uint8_t L) static inline uint8_t _get_sec_level(uint8_t scf) { - return (scf & IEEE802154_SCF_SECLEVEL_MASK) - >> IEEE802154_SCF_SECLEVEL_SHIFT; + return (scf & IEEE802154_SEC_SCF_SECLEVEL_MASK) + >> IEEE802154_SEC_SCF_SECLEVEL_SHIFT; } static inline uint8_t _get_key_id_mode(uint8_t scf) { - return (scf & IEEE802154_SCF_KEYMODE_MASK) - >> IEEE802154_SCF_KEYMODE_SHIFT; + return (scf & IEEE802154_SEC_SCF_KEYMODE_MASK) + >> IEEE802154_SEC_SCF_KEYMODE_SHIFT; } static inline uint8_t _mac_size(uint8_t sec_level) { switch (sec_level) { - case IEEE802154_SCF_SECLEVEL_MIC32: - case IEEE802154_SCF_SECLEVEL_ENC_MIC32: + case IEEE802154_SEC_SCF_SECLEVEL_MIC32: + case IEEE802154_SEC_SCF_SECLEVEL_ENC_MIC32: return 4; - case IEEE802154_SCF_SECLEVEL_MIC64: - case IEEE802154_SCF_SECLEVEL_ENC_MIC64: + case IEEE802154_SEC_SCF_SECLEVEL_MIC64: + case IEEE802154_SEC_SCF_SECLEVEL_ENC_MIC64: return 8; - case IEEE802154_SCF_SECLEVEL_MIC128: - case IEEE802154_SCF_SECLEVEL_ENC_MIC128: + case IEEE802154_SEC_SCF_SECLEVEL_MIC128: + case IEEE802154_SEC_SCF_SECLEVEL_ENC_MIC128: return 16; default: return 0; @@ -149,12 +149,12 @@ static inline uint8_t _mac_size(uint8_t sec_level) static inline bool _req_mac(uint8_t sec_level) { switch (sec_level) { - case IEEE802154_SCF_SECLEVEL_MIC32: - case IEEE802154_SCF_SECLEVEL_MIC64: - case IEEE802154_SCF_SECLEVEL_MIC128: - case IEEE802154_SCF_SECLEVEL_ENC_MIC32: - case IEEE802154_SCF_SECLEVEL_ENC_MIC64: - case IEEE802154_SCF_SECLEVEL_ENC_MIC128: + case IEEE802154_SEC_SCF_SECLEVEL_MIC32: + case IEEE802154_SEC_SCF_SECLEVEL_MIC64: + case IEEE802154_SEC_SCF_SECLEVEL_MIC128: + case IEEE802154_SEC_SCF_SECLEVEL_ENC_MIC32: + case IEEE802154_SEC_SCF_SECLEVEL_ENC_MIC64: + case IEEE802154_SEC_SCF_SECLEVEL_ENC_MIC128: return true; default: return false; @@ -165,10 +165,10 @@ static inline bool _req_mac(uint8_t sec_level) static inline bool _req_encryption(uint8_t sec_level) { switch (sec_level) { - case IEEE802154_SCF_SECLEVEL_ENC: - case IEEE802154_SCF_SECLEVEL_ENC_MIC32: - case IEEE802154_SCF_SECLEVEL_ENC_MIC64: - case IEEE802154_SCF_SECLEVEL_ENC_MIC128: + case IEEE802154_SEC_SCF_SECLEVEL_ENC: + case IEEE802154_SEC_SCF_SECLEVEL_ENC_MIC32: + case IEEE802154_SEC_SCF_SECLEVEL_ENC_MIC64: + case IEEE802154_SEC_SCF_SECLEVEL_ENC_MIC128: return true; default: return false; @@ -184,24 +184,24 @@ static inline void _memxor(void *dst, const void* src, size_t size) static inline uint8_t _scf(uint8_t sec_level, uint8_t key_mode) { - return (sec_level << IEEE802154_SCF_SECLEVEL_SHIFT) | - (key_mode << IEEE802154_SCF_KEYMODE_SHIFT); + return (sec_level << IEEE802154_SEC_SCF_SECLEVEL_SHIFT) | + (key_mode << IEEE802154_SEC_SCF_KEYMODE_SHIFT); } static inline uint8_t _get_aux_hdr_size(uint8_t security_level, uint8_t key_mode) { - if (security_level == IEEE802154_SCF_SECLEVEL_NONE) { + if (security_level == IEEE802154_SEC_SCF_SECLEVEL_NONE) { return 0; } switch (key_mode) { - case IEEE802154_SCF_KEYMODE_IMPLICIT: + case IEEE802154_SEC_SCF_KEYMODE_IMPLICIT: return 5; - case IEEE802154_SCF_KEYMODE_INDEX: + case IEEE802154_SEC_SCF_KEYMODE_INDEX: return 6; - case IEEE802154_SCF_KEYMODE_SHORT_INDEX: + case IEEE802154_SEC_SCF_KEYMODE_SHORT_INDEX: return 10; - case IEEE802154_SCF_KEYMODE_HW_INDEX: + case IEEE802154_SEC_SCF_KEYMODE_HW_INDEX: return 14; default: return 0; @@ -209,7 +209,7 @@ static inline uint8_t _get_aux_hdr_size(uint8_t security_level, } static uint8_t _set_aux_hdr(const ieee802154_sec_context_t *ctx, - ieee802154_aux_sec_t *ahr) + ieee802154_sec_aux_t *ahr) { ahr->scf = _scf(ctx->security_level, ctx->key_id_mode); /* If you look in the specification: Annex C, @@ -217,18 +217,18 @@ static uint8_t _set_aux_hdr(const ieee802154_sec_context_t *ctx, ahr->fc = byteorder_htoll(ctx->frame_counter).u32; size_t len = 5; switch (ctx->key_id_mode) { - case IEEE802154_SCF_KEYMODE_IMPLICIT: + case IEEE802154_SEC_SCF_KEYMODE_IMPLICIT: break; - case IEEE802154_SCF_KEYMODE_INDEX: + case IEEE802154_SEC_SCF_KEYMODE_INDEX: memcpy(ahr->key_id, &ctx->key_index, 1); len++; break; - case IEEE802154_SCF_KEYMODE_SHORT_INDEX: + case IEEE802154_SEC_SCF_KEYMODE_SHORT_INDEX: memcpy(ahr->key_id, ctx->key_source, 4); memcpy(ahr->key_id + 4, &ctx->key_index, 1); len += 5; break; - case IEEE802154_SCF_KEYMODE_HW_INDEX: + case IEEE802154_SEC_SCF_KEYMODE_HW_INDEX: memcpy(ahr->key_id, ctx->key_source, 8); memcpy(ahr->key_id + 8, &ctx->key_index, 1); len += 9; @@ -242,7 +242,7 @@ static uint8_t _set_aux_hdr(const ieee802154_sec_context_t *ctx, /** * @brief Construct the first block A0 for CTR */ -static inline void _init_ctr_A0(ieee802154_ccm_block_t *A0, +static inline void _init_ctr_A0(ieee802154_sec_ccm_block_t *A0, uint32_t frame_counter, uint8_t security_level, const uint8_t *src_address) @@ -257,7 +257,7 @@ static inline void _init_ctr_A0(ieee802154_ccm_block_t *A0, /** * @brief In CTR, the blocks Ai differ in a successive counter */ -static inline void _advance_ctr_Ai(ieee802154_ccm_block_t *Ai) +static inline void _advance_ctr_Ai(ieee802154_sec_ccm_block_t *Ai) { Ai->counter = htons(ntohs(Ai->counter) + 1); } @@ -265,7 +265,7 @@ static inline void _advance_ctr_Ai(ieee802154_ccm_block_t *Ai) /** * @brief Construct the first block B0 for CBC-MAC */ -static inline void _init_cbc_B0(ieee802154_ccm_block_t *B0, +static inline void _init_cbc_B0(ieee802154_sec_ccm_block_t *B0, uint32_t frame_counter, uint8_t security_level, uint16_t m_len, @@ -281,7 +281,7 @@ static inline void _init_cbc_B0(ieee802154_ccm_block_t *B0, static const uint8_t *_get_encryption_key(const ieee802154_sec_context_t *ctx, const uint8_t *mhr, uint8_t mhr_len, - const ieee802154_aux_sec_t *ahr) + const ieee802154_sec_aux_t *ahr) { (void)mhr; (void)mhr_len; @@ -293,7 +293,7 @@ static const uint8_t *_get_encryption_key(const ieee802154_sec_context_t *ctx, static const uint8_t *_get_decryption_key(const ieee802154_sec_context_t *ctx, const uint8_t *mhr, uint8_t mhr_len, - const ieee802154_aux_sec_t *ahr) + const ieee802154_sec_aux_t *ahr) { (void)mhr; (void)mhr_len; @@ -344,14 +344,14 @@ static uint8_t _cbc_next(ieee802154_sec_context_t *ctx, } static void _comp_mic(ieee802154_sec_context_t *ctx, - uint8_t mic[IEEE802154_MAC_SIZE], - ieee802154_ccm_block_t *B0, + uint8_t mic[IEEE802154_SEC_MAX_MAC_SIZE], + ieee802154_sec_ccm_block_t *B0, const void *a, uint16_t a_len, const void *m, uint16_t m_len) { uint8_t tmp[IEEE802154_SEC_BLOCK_SIZE] = { 0 }; uint16_t off; - memset(mic, 0, IEEE802154_MAC_SIZE); + memset(mic, 0, IEEE802154_SEC_MAX_MAC_SIZE); _cbc_next(ctx, mic, tmp, (uint8_t *)B0, sizeof(*B0)); byteorder_htobebufs(tmp, a_len); off = _min(sizeof(tmp) - sizeof(uint16_t), a_len); @@ -366,7 +366,7 @@ static void _comp_mic(ieee802154_sec_context_t *ctx, } static void _ctr(ieee802154_sec_context_t *ctx, - ieee802154_ccm_block_t *A0, + ieee802154_sec_ccm_block_t *A0, const void *m, uint16_t m_len) { uint8_t tmp1[IEEE802154_SEC_BLOCK_SIZE] = { 0 }; @@ -380,7 +380,7 @@ static void _ctr(ieee802154_sec_context_t *ctx, } static void _ctr_mic(ieee802154_sec_context_t *ctx, - ieee802154_ccm_block_t *A0, + ieee802154_sec_ccm_block_t *A0, void *mic, uint8_t mic_size) { uint8_t tmp1[IEEE802154_SEC_BLOCK_SIZE] = { 0 }; @@ -396,13 +396,12 @@ void ieee802154_sec_init(ieee802154_sec_context_t *ctx) /* device driver can override this */ ctx->dev.ctx = ctx; /* MIC64 is the only mandatory security mode */ - ctx->security_level = IEEE802154_SCF_SECLEVEL_ENC_MIC64; - ctx->key_id_mode = IEEE802154_SCF_KEYMODE_IMPLICIT; + ctx->security_level = IEEE802154_SEC_SCF_SECLEVEL_ENC_MIC64; + ctx->key_id_mode = IEEE802154_SEC_SCF_KEYMODE_IMPLICIT; memset(ctx->key_source, 0, sizeof(ctx->key_source)); ctx->key_index = 0; ctx->frame_counter = 0; - uint8_t key[] = IEEE802154_DEFAULT_KEY; - + uint8_t key[] = IEEE802154_SEC_DEFAULT_KEY; assert(CIPHER_MAX_CONTEXT_SIZE >= IEEE802154_SEC_KEY_LENGTH); cipher_init(&ctx->cipher, CIPHER_AES_128, key, IEEE802154_SEC_KEY_LENGTH); } @@ -417,7 +416,7 @@ int ieee802154_sec_encrypt_frame(ieee802154_sec_context_t *ctx, ACKs are not encrypted. */ assert((*((uint8_t *)header)) & IEEE802154_FCF_TYPE_DATA); - if (ctx->security_level == IEEE802154_SCF_SECLEVEL_NONE) { + if (ctx->security_level == IEEE802154_SEC_SCF_SECLEVEL_NONE) { *mic_size = 0; return IEEE802154_SEC_OK; } @@ -428,7 +427,7 @@ int ieee802154_sec_encrypt_frame(ieee802154_sec_context_t *ctx, } /* write the auxiliary header */ - ieee802154_aux_sec_t *aux = (ieee802154_aux_sec_t *)(header + *header_size); + ieee802154_sec_aux_t *aux = (ieee802154_sec_aux_t *)(header + *header_size); uint8_t aux_size = _get_aux_hdr_size(ctx->security_level, ctx->key_id_mode); _set_aux_hdr(ctx, aux); @@ -444,7 +443,7 @@ int ieee802154_sec_encrypt_frame(ieee802154_sec_context_t *ctx, uint8_t *m = payload; uint16_t a_len = *header_size + aux_size; uint16_t m_len = payload_size; - ieee802154_ccm_block_t ccm; /* Ai or Bi */ + ieee802154_sec_ccm_block_t ccm; /* Ai or Bi */ /* compute MIC */ if (_req_mac(ctx->security_level)) { @@ -477,7 +476,7 @@ int ieee802154_sec_decrypt_frame(ieee802154_sec_context_t *ctx, assert(*header & IEEE802154_FCF_TYPE_DATA); /* read the fields of the auxiliary header */ - ieee802154_aux_sec_t *aux = (ieee802154_aux_sec_t *)(header + *header_size); + ieee802154_sec_aux_t *aux = (ieee802154_sec_aux_t *)(header + *header_size); uint8_t security_level = _get_sec_level(aux->scf); uint8_t key_mode = _get_key_id_mode(aux->scf); uint8_t aux_size = _get_aux_hdr_size(security_level, key_mode); @@ -485,7 +484,7 @@ int ieee802154_sec_decrypt_frame(ieee802154_sec_context_t *ctx, /* remember that the frame counter was stored in little endian */ uint32_t frame_counter = byteorder_ltohl((le_uint32_t){aux->fc}); - if (security_level == IEEE802154_SCF_SECLEVEL_NONE) { + if (security_level == IEEE802154_SEC_SCF_SECLEVEL_NONE) { *payload = header + *header_size; *payload_size = frame_size - *header_size; *mic = NULL; @@ -510,7 +509,7 @@ int ieee802154_sec_decrypt_frame(ieee802154_sec_context_t *ctx, uint16_t a_len = *header_size + aux_size; uint16_t c_len = *payload_size; uint8_t *mac = *mic; - ieee802154_ccm_block_t ccm; /* Ai or Bi */ + ieee802154_sec_ccm_block_t ccm; /* Ai or Bi */ /* TODO: A better implementation would check if the received frame counter is @@ -531,7 +530,7 @@ int ieee802154_sec_decrypt_frame(ieee802154_sec_context_t *ctx, } /* check MIC */ if (_req_mac(security_level)) { - uint8_t tmp_mic[IEEE802154_MAC_SIZE]; + uint8_t tmp_mic[IEEE802154_SEC_MAX_MAC_SIZE]; _init_cbc_B0(&ccm, frame_counter, security_level, c_len, mac_size, src_address); _comp_mic(ctx, tmp_mic, &ccm, a, a_len, c, c_len); if (memcmp(tmp_mic, *mic, mac_size)) {