Skip to content

Commit

Permalink
sys/net/link_layer/ieee802154: stricter names for security types
Browse files Browse the repository at this point in the history 
stricter prefixing of security related types and constants with
"ieee802154_sec_"
  • Loading branch information
@fabian18
fabian18 committed Apr 27, 2021
1 parent 9390b30 commit 346f92f
Show file tree
Hide file tree
Showing 4 changed files with 96 additions and 97 deletions.
2 changes: 1 addition & 1 deletion drivers/netdev/ieee802154.c
View file
Expand Up @@ -178,7 +178,7 @@ int netdev_ieee802154_get(netdev_ieee802154_t *dev, netopt_t opt, void *value,
*((uint16_t *)value) = (_get_ieee802154_pdu(dev)
- IEEE802154_MAX_HDR_LEN)
#if IS_USED(MODULE_IEEE802154_SECURITY)
-IEEE802154_MAX_AUX_HDR_LEN
-IEEE802154_SEC_MAX_AUX_HDR_LEN
#endif /* IS_USED(MODULE_IEEE802154_SECURITY) */
- IEEE802154_FCS_LEN;
res = sizeof(uint16_t);
Expand Down
82 changes: 41 additions & 41 deletions sys/include/net/ieee802154_security.h
View file
Expand Up @@ -101,14 +101,14 @@ struct ieee802154_sec_dev {
void *ctx;
};

#if !defined(IEEE802154_DEFAULT_KEY) || defined(DOXYGEN)
#if !defined(IEEE802154_SEC_DEFAULT_KEY) || defined(DOXYGEN)
/**
* @brief AES key that is used in the test vectors from the specification
*
* @note Predefine it yourself,
* if you want another key to be set up on initialization
*/
#define IEEE802154_DEFAULT_KEY { 0xc0, 0xc1, 0xc2, 0xc3, \
#define IEEE802154_SEC_DEFAULT_KEY { 0xc0, 0xc1, 0xc2, 0xc3, \
0xc4, 0xc5, 0xc6, 0xc7, \
0xc8, 0xc9, 0xca, 0xcb, \
0xcc, 0xcd, 0xce, 0xcf }
Expand All @@ -127,68 +127,68 @@ struct ieee802154_sec_dev {
/**
* @brief Maximum length of the security auxiliary header in bytes
*/
#define IEEE802154_MAX_AUX_HDR_LEN (14U)
#define IEEE802154_SEC_MAX_AUX_HDR_LEN (14U)

/**
* @brief Maximum Size of IEEE 802.15.4 MAC
*/
#define IEEE802154_MAC_SIZE (16U)
#define IEEE802154_SEC_MAX_MAC_SIZE (16U)

/**
* @brief Mask to get security level bits
*/
#define IEEE802154_SCF_SECLEVEL_MASK (0x07)
#define IEEE802154_SEC_SCF_SECLEVEL_MASK (0x07)

/**
* @brief Number of shifts to set/get security level bits
*/
#define IEEE802154_SCF_SECLEVEL_SHIFT (0)
#define IEEE802154_SEC_SCF_SECLEVEL_SHIFT (0)

/**
* @brief Mask to get key mode bits
*/
#define IEEE802154_SCF_KEYMODE_MASK (0x18)
#define IEEE802154_SEC_SCF_KEYMODE_MASK (0x18)

/**
* @brief Number of shifts to set/get key mode bits
*/
#define IEEE802154_SCF_KEYMODE_SHIFT (3)
#define IEEE802154_SEC_SCF_KEYMODE_SHIFT (3)

/**
* @brief Security levels
*
* <em>IEEE802154_SCF_SECLEVEL_MIC*</em>:
* <em>IEEE802154_SEC_SCF_SECLEVEL_MIC*</em>:
* A message integrity code (MIC), also known as MAC,
* is used to prove authentication. The MIC covers the whole frame
* i.e. header, auxiliary header, and frame payload.
* The MIC is always encrypted, thus it must be decrypted by the receiver,
* to be checked.
*
* <em>IEEE802154_SCF_SECLEVEL_ENC*</em>:
* <em>IEEE802154_SEC_SCF_SECLEVEL_ENC*</em>:
* AES-128 in ECB mode is used to encrypt the payload of a frame to provide
* confidentiality.
*
* <em>IEEE802154_SCF_SECLEVEL_ENC_MIC*</em>:
* <em>IEEE802154_SEC_SCF_SECLEVEL_ENC_MIC*</em>:
* A combination of the two modes above is used to ensure
* authentication and confidentiality.
*/
typedef enum {
IEEE802154_SCF_SECLEVEL_NONE = 0x00, /**< no security */
IEEE802154_SCF_SECLEVEL_MIC32 = 0x01, /**< 32 bit MIC */
IEEE802154_SCF_SECLEVEL_MIC64 = 0x02, /**< 64 bit MIC */
IEEE802154_SCF_SECLEVEL_MIC128 = 0x03, /**< 128 bit MIC */
IEEE802154_SCF_SECLEVEL_ENC = 0x04, /**< encryption */
IEEE802154_SCF_SECLEVEL_ENC_MIC32 = 0x05, /**< enc. + 32 bit MIC */
IEEE802154_SCF_SECLEVEL_ENC_MIC64 = 0x06, /**< enc. + 64 bit MIC (mandatory) */
IEEE802154_SCF_SECLEVEL_ENC_MIC128 = 0x07 /**< enc. + 128 bit MIC */
} ieee802154_scf_seclevel_t;
IEEE802154_SEC_SCF_SECLEVEL_NONE = 0x00, /**< no security */
IEEE802154_SEC_SCF_SECLEVEL_MIC32 = 0x01, /**< 32 bit MIC */
IEEE802154_SEC_SCF_SECLEVEL_MIC64 = 0x02, /**< 64 bit MIC */
IEEE802154_SEC_SCF_SECLEVEL_MIC128 = 0x03, /**< 128 bit MIC */
IEEE802154_SEC_SCF_SECLEVEL_ENC = 0x04, /**< encryption */
IEEE802154_SEC_SCF_SECLEVEL_ENC_MIC32 = 0x05, /**< enc. + 32 bit MIC */
IEEE802154_SEC_SCF_SECLEVEL_ENC_MIC64 = 0x06, /**< enc. + 64 bit MIC (mandatory) */
IEEE802154_SEC_SCF_SECLEVEL_ENC_MIC128 = 0x07 /**< enc. + 128 bit MIC */
} ieee802154_sec_scf_seclevel_t;

/**
* @brief Key identifier modes
*
* The key identifier field in the auxiliary header
* consists of the key source and the key index fields and is only present
* if the key identifier mode is not IEEE802154_SCF_KEYMODE_IMPLICIT.
* if the key identifier mode is not IEEE802154_SEC_SCF_KEYMODE_IMPLICIT.
* (see 9.4.3 in the spec.)
*
* +----------------+-------------+------------------+------------------------------------+
Expand All @@ -213,11 +213,11 @@ typedef enum {
* +----------------+-------------+------------------+------------------------------------+
*/
typedef enum {
IEEE802154_SCF_KEYMODE_IMPLICIT = 0x00, /**< Key is determined implicitly */
IEEE802154_SCF_KEYMODE_INDEX = 0x01, /**< Key is determined from key index */
IEEE802154_SCF_KEYMODE_SHORT_INDEX = 0x02, /**< Key is determined from 4 byte key source and key index */
IEEE802154_SCF_KEYMODE_HW_INDEX = 0x03 /**< Key is determined from 8 byte key source and key index */
} ieee802154_scf_keymode_t;
IEEE802154_SEC_SCF_KEYMODE_IMPLICIT = 0x00, /**< Key is determined implicitly */
IEEE802154_SEC_SCF_KEYMODE_INDEX = 0x01, /**< Key is determined from key index */
IEEE802154_SEC_SCF_KEYMODE_SHORT_INDEX = 0x02, /**< Key is determined from 4 byte key source and key index */
IEEE802154_SEC_SCF_KEYMODE_HW_INDEX = 0x03 /**< Key is determined from 8 byte key source and key index */
} ieee802154_sec_scf_keymode_t;

/**
* @brief IEEE 802.15.4 security error codes
Expand All @@ -239,11 +239,11 @@ typedef struct ieee802154_sec_context {
*/
cipher_t cipher;
/**
* @brief Security level IEEE802154_SCF_SECLEVEL_*
* @brief Security level IEEE802154_SEC_SCF_SECLEVEL_*
*/
uint8_t security_level;
/**
* @brief Key mode IEEE802154_SCF_KEYMODE_*
* @brief Key mode IEEE802154_SEC_SCF_KEYMODE_*
*/
uint8_t key_id_mode;
/**
Expand Down Expand Up @@ -279,9 +279,9 @@ typedef struct __attribute__((packed)) {
* +--------+--------+--------+--------+--------+--------+--------+--------+
*
* security level:
* one of IEEE802154_SCF_SECLEVEL_*
* one of IEEE802154_SEC_SCF_SECLEVEL_*
* key identifier mode:
* one of IEEE802154_SCF_KEY_*
* one of IEEE802154_SEC_SCF_KEY_*
* frame counter suppression:
* basically always zero because we do not support TSCH right now
* ASN:
Expand All @@ -296,20 +296,20 @@ typedef struct __attribute__((packed)) {
* @brief key identifier (0 - 9 bytes) according to key id. mode
*/
uint8_t key_id[];
} ieee802154_aux_sec_t;
} ieee802154_sec_aux_t;

/**
* @brief Content of key_source if key mode is IEEE802154_SCF_KEYMODE_INDEX
* @brief Content of key_source if key mode is IEEE802154_SEC_SCF_KEYMODE_INDEX
*/
typedef struct __attribute__((packed)) {
/**
* @brief Key index of key from originator, defined by key source
*/
uint8_t key_index;
} ieee802154_aux_sec_key_identifier_1_t;
} ieee802154_sec_aux_key_identifier_1_t;

/**
* @brief Content of key_source if key mode is IEEE802154_SCF_KEYMODE_SHORT_INDEX
* @brief Content of key_source if key mode is IEEE802154_SEC_SCF_KEYMODE_SHORT_INDEX
*/
typedef struct __attribute__((packed)) {
/**
Expand All @@ -320,10 +320,10 @@ typedef struct __attribute__((packed)) {
* @brief Key index of key from originator, defined by key source
*/
uint8_t key_index;
} ieee802154_aux_sec_key_identifier_5_t;
} ieee802154_sec_aux_key_identifier_5_t;

/**
* @brief Content of key_source if key mode is IEEE802154_SCF_KEYMODE_HW_INDEX
* @brief Content of key_source if key mode is IEEE802154_SEC_SCF_KEYMODE_HW_INDEX
*/
typedef struct __attribute__((packed)) {
/**
Expand All @@ -334,7 +334,7 @@ typedef struct __attribute__((packed)) {
* @brief Key index of key from originator, defined by key source
*/
uint8_t key_index;
} ieee802154_aux_sec_key_identifier_9_t;
} ieee802154_sec_aux_key_identifier_9_t;

/**
* @brief Format of 13 byte nonce
Expand All @@ -349,10 +349,10 @@ typedef struct __attribute__((packed)) {
*/
uint32_t frame_counter;
/**
* @brief One of IEEE802154_SCF_SECLEVEL_*
* @brief One of IEEE802154_SEC_SCF_SECLEVEL_*
*/
uint8_t security_level;
} ieee802154_ccm_nonce_t;
} ieee802154_sec_ccm_nonce_t;

/**
* @brief Format of 16 byte input block of CCM
Expand All @@ -365,13 +365,13 @@ typedef struct __attribute__((packed)) {
/**
* @brief Nonce (Number that is only used once)
*/
ieee802154_ccm_nonce_t nonce;
ieee802154_sec_ccm_nonce_t nonce;
/**
* @brief Either the length of the actual message (for CBC-MAC) or
* a block counter (for CTR)
*/
uint16_t counter;
} ieee802154_ccm_block_t;
} ieee802154_sec_ccm_block_t;

/**
* @brief Initialize IEEE 802.15.4 security context with default values
Expand Down
4 changes: 2 additions & 2 deletions sys/net/gnrc/netif/ieee802154/gnrc_netif_ieee802154.c
View file
Expand Up @@ -245,7 +245,7 @@ static int _send(gnrc_netif_t *netif, gnrc_pktsnip_t *pkt)
size_t src_len, dst_len;
uint8_t mhr_len;
#if IS_USED(MODULE_IEEE802154_SECURITY)
uint8_t mhr[IEEE802154_MAX_HDR_LEN + IEEE802154_MAX_AUX_HDR_LEN];
uint8_t mhr[IEEE802154_MAX_HDR_LEN + IEEE802154_SEC_MAX_AUX_HDR_LEN];
#else
uint8_t mhr[IEEE802154_MAX_HDR_LEN];
#endif
Expand Down Expand Up @@ -336,7 +336,7 @@ static int _send(gnrc_netif_t *netif, gnrc_pktsnip_t *pkt)

iolist_header.iol_next = (iolist_t *)pkt->next;

uint8_t mic[IEEE802154_MAC_SIZE];
uint8_t mic[IEEE802154_SEC_MAX_MAC_SIZE];
uint8_t mic_size = 0;

if (flags & NETDEV_IEEE802154_SECURITY_EN) {
Expand Down

0 comments on commit 346f92f

Please sign in to comment.