summaryrefslogtreecommitdiffhomepage
path: root/digital/zigbit/bitcloud/stack/Components/ZCL/include/zclSecurityManager.h
blob: e91cd6697fb0323176d27326820097dbceb8b92c (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
/***************************************************************************//**
  \file zclSecurityManager.h

  \brief
    The header file describes the ZCL Security Manager and its interface

    The file describes the types and interface of the ZCL Security Manager

  \author
    Atmel Corporation: http://www.atmel.com \n
    Support email: avr@atmel.com

  Copyright (c) 2008-2011, Atmel Corporation. All rights reserved.
  Licensed under Atmel's Limited License Agreement (BitCloudTM).

  \internal
    History:
    17.03.09 A. Potashov - Created.
*******************************************************************************/

#ifndef _ZCLSECURITYMANAGER_H
#define _ZCLSECURITYMANAGER_H

#ifdef _ZCL_SECURITY_
#include <zcl.h>
#include <zdo.h>
#include <genericEcc.h>

typedef enum
{
  ZCL_SECURITY_STATUS_SUCCESS                = 0x00,
#ifdef _CERTICOM_SECURITY_ 
  ZCL_SECURITY_STATUS_DISCOVERY_FAIL         = 0x01,
  ZCL_SECURITY_STATUS_APS_BINDING_FAIL       = 0x02,
  ZCL_SECURITY_STATUS_TIMEOUT                = 0x03,
  ZCL_SECURITY_STATUS_TERMINATED             = 0x04,
  ZCL_SECURITY_STATUS_SEND_COMMAND_FAIL      = 0x05,
  ZCL_SECURITY_STATUS_INVALID_SETTINGS       = 0x06,
#endif //#ifdef _CERTICOM_SECURITY_ 
} ZCL_SecurityStatus_t;


/*************************************************************************//**
  Status of ZCL operation
  \brief
    Used to return status of ZCL operation.
*****************************************************************************/
/*
typedef enum
{
  ZCL_SUCCESS_STATUS                    = 0x00,
  ZCL_UNSUPPORTED_ATTRIBUTE_STATUS      = 0x01,
  ZCL_INVALID_ATTRIBUTE_VALUE_STATUS    = 0x02,
  ZCL_TC_PERMISSION_TABLE_ERROR_STATUS  = 0x03,
  ZCL_APS_LINK_KEY_ERROR_STATUS         = 0x04
} ZCL_Status_t;
*/

BEGIN_PACK

typedef struct PACK
{
  ExtAddr_t addr;                   //!<Destination node 64-bit IEEE address
  uint8_t   key[SECURITY_KEY_SIZE]; //!<APS Link Key
} ZCL_LinkKeyDesc_t;

typedef struct PACK
{
  ProfileId_t   profileId;
  uint8_t       additional[8];
} ZclKEProfileAttributeData_t;

typedef struct PACK
{
  uint8_t                     publicReconstrKey[SECT163K1_COMPRESSED_PUBLIC_KEY_SIZE];  //22-byte
  ExtAddr_t                   subject;                                                  //8-bytes
  ExtAddr_t                   issuer;                                                   //8-byte
  ZclKEProfileAttributeData_t profileAttributeData;                                     //10-byte
} ZclCertificate_t;

#ifdef _CERTICOM_SECURITY_ 
typedef struct PACK
{
  uint8_t publicKey[SECT163K1_COMPRESSED_PUBLIC_KEY_SIZE]; //!<CA Public Key shared between all nodes in network
  uint8_t privateKey[SECT163K1_PRIVATE_KEY_SIZE];          //!<Node secret key
  uint8_t certificate[SECT163K1_CERTIFICATE_SIZE     ];    //!<Node certificate derived from CA
} ZCL_CertificateDesc_t;

typedef struct PACK
{
  uint8_t           publicKey[SECT163K1_COMPRESSED_PUBLIC_KEY_SIZE];  //!<CA Public Key shared between all nodes in network
  uint8_t           privateKey[SECT163K1_PRIVATE_KEY_SIZE];           //!<Node secret key
  ZclCertificate_t  certificate;                                      //!<Node certificate derived from CA
} ZCL_KECertificateDescriptor_t;

#endif //#ifdef _CERTICOM_SECURITY_ 

END_PACK


/*************************************************************************//**
  Security variable identifier type
  \brief
    Used by functions ZCL_Set and ZCL_Get. To define variable to write or read.
*****************************************************************************/
typedef enum
{
#ifdef _CERTICOM_SECURITY_ 
  /* Certificate for Key Establishment */
  ZCL_CERTIFICATE_DESC_ID     = 0x00,
#endif //#ifdef _CERTICOM_SECURITY_ 
  /* Link key descriptor*/
  ZCL_LINK_KEY_DESC_ID        = 0x01,
  /* Not used */
  ZCL_REMOVE_LINK_KEY_ID      = 0x02,
#ifdef _CERTICOM_SECURITY_ 
  /* Endpoint asssigned for Key Establishment cluster */
  ZCL_KE_ACTIVE_ENDPOINT_ID   = 0x03,
#endif //#ifdef _CERTICOM_SECURITY_ 
  /* Network key */
  ZCL_NETWORK_KEY_ID          = 0x04
} ZCL_SecurityAttrId_t;

typedef union
{
#ifdef _CERTICOM_SECURITY_ 
  ZCL_CertificateDesc_t *certificateDesc;   //Used with ZCL_CERTIFICATE_DESC_ID
  Endpoint_t            endpoint;           //Used with ZCL_KE_ACTIVE_ENDPOINT_ID
#endif //#ifdef _CERTICOM_SECURITY_ 
  ZCL_LinkKeyDesc_t     *linkKeyDesc;       //Used with ZCL_LINK_KEY_DESC_ID
  uint8_t               *networkKey;        //Used with ZCL_NETWORK_KEY_ID
  ExtAddr_t             extAddr;            //Used with ZCL_REMOVE_LINK_KEY_ID
} ZCL_SecurityAttrValue_t;

typedef struct
{
  ZCL_SecurityAttrId_t    id;
  uint8_t                 length;
  ZCL_SecurityAttrValue_t value;
} ZCL_SecurityAttr_t;

typedef struct
{
  ZCL_SecurityAttr_t attr;
  ZCL_Status_t       status;
} ZCL_Set_t;

typedef struct
{
  ZCL_SecurityAttr_t attr;
  ZCL_Status_t       status;
} ZCL_Get_t;

typedef struct
{
  ZCL_SecurityStatus_t status;
} ZCL_StartSecurityConf_t;

typedef struct
{
  ZCL_StartSecurityConf_t confirm;
  void (* ZCL_StartSecurityConf)(ZCL_StartSecurityConf_t *conf);
} ZCL_StartSecurityReq_t;
//API

extern bool keSrvMode;
extern Endpoint_t clKEEndpoint;
extern Endpoint_t srvKEEndpoint;

void ZCL_ResetSecurity(void);

void ZCL_Set(ZCL_Set_t *req);

void ZCL_Get(ZCL_Get_t *req);

void ZCL_StartSecurityReq(ZCL_StartSecurityReq_t *req);

#ifdef _CERTICOM_SECURITY_ 
/*************************************************************************************//**
  \brief Notifies that Key Establishment is finished with status specified in parameters.

  \param status - status of Key Establishment.
******************************************************************************************/
void keNotification(ZCL_SecurityStatus_t status);
#endif

#endif //#ifdef _ZCL_SECURITY_
#endif //#ifndef _ZCLSECURITYMANAGER_H

//eof zclSecurityManager.h