From b24866225a6301d3a663f874725e83c012dc25d3 Mon Sep 17 00:00:00 2001 From: Florent Duchon Date: Wed, 26 Dec 2012 17:36:00 +0100 Subject: digital/beacon: add bitcloud stack into common directory digital/zigbit --- .../include/private/sspAuthenticHandler.h | 75 +++++++ .../include/private/sspCcmHandler.h | 171 +++++++++++++++ .../include/private/sspChallengeGenHandler.h | 42 ++++ .../include/private/sspHashHandler.h | 118 ++++++++++ .../ServiceProvider/include/private/sspManager.h | 174 +++++++++++++++ .../ServiceProvider/include/private/sspMem.h | 238 +++++++++++++++++++++ .../include/private/sspSfpHandler.h | 134 ++++++++++++ .../include/private/sspSkkeHandler.h | 96 +++++++++ .../ServiceProvider/include/sspAuthentic.h | 101 +++++++++ .../ServiceProvider/include/sspChallengeGen.h | 50 +++++ .../Security/ServiceProvider/include/sspCommon.h | 74 +++++++ .../Security/ServiceProvider/include/sspDbg.h | 38 ++++ .../Security/ServiceProvider/include/sspHash.h | 69 ++++++ .../Security/ServiceProvider/include/sspReset.h | 34 +++ .../Security/ServiceProvider/include/sspSfp.h | 203 ++++++++++++++++++ .../Security/ServiceProvider/include/sspSkke.h | 92 ++++++++ 16 files changed, 1709 insertions(+) create mode 100644 digital/zigbit/bitcloud/stack/Components/Security/ServiceProvider/include/private/sspAuthenticHandler.h create mode 100644 digital/zigbit/bitcloud/stack/Components/Security/ServiceProvider/include/private/sspCcmHandler.h create mode 100644 digital/zigbit/bitcloud/stack/Components/Security/ServiceProvider/include/private/sspChallengeGenHandler.h create mode 100644 digital/zigbit/bitcloud/stack/Components/Security/ServiceProvider/include/private/sspHashHandler.h create mode 100644 digital/zigbit/bitcloud/stack/Components/Security/ServiceProvider/include/private/sspManager.h create mode 100644 digital/zigbit/bitcloud/stack/Components/Security/ServiceProvider/include/private/sspMem.h create mode 100644 digital/zigbit/bitcloud/stack/Components/Security/ServiceProvider/include/private/sspSfpHandler.h create mode 100644 digital/zigbit/bitcloud/stack/Components/Security/ServiceProvider/include/private/sspSkkeHandler.h create mode 100644 digital/zigbit/bitcloud/stack/Components/Security/ServiceProvider/include/sspAuthentic.h create mode 100644 digital/zigbit/bitcloud/stack/Components/Security/ServiceProvider/include/sspChallengeGen.h create mode 100644 digital/zigbit/bitcloud/stack/Components/Security/ServiceProvider/include/sspCommon.h create mode 100644 digital/zigbit/bitcloud/stack/Components/Security/ServiceProvider/include/sspDbg.h create mode 100644 digital/zigbit/bitcloud/stack/Components/Security/ServiceProvider/include/sspHash.h create mode 100644 digital/zigbit/bitcloud/stack/Components/Security/ServiceProvider/include/sspReset.h create mode 100644 digital/zigbit/bitcloud/stack/Components/Security/ServiceProvider/include/sspSfp.h create mode 100644 digital/zigbit/bitcloud/stack/Components/Security/ServiceProvider/include/sspSkke.h (limited to 'digital/zigbit/bitcloud/stack/Components/Security/ServiceProvider/include') diff --git a/digital/zigbit/bitcloud/stack/Components/Security/ServiceProvider/include/private/sspAuthenticHandler.h b/digital/zigbit/bitcloud/stack/Components/Security/ServiceProvider/include/private/sspAuthenticHandler.h new file mode 100644 index 00000000..37c66d44 --- /dev/null +++ b/digital/zigbit/bitcloud/stack/Components/Security/ServiceProvider/include/private/sspAuthenticHandler.h @@ -0,0 +1,75 @@ +/**************************************************************************//** + \file sspAuthenticHandler.h + + \brief Mutual Symmetric-Key Entity Authentication routine handler's header file. + + \author + Atmel Corporation: http://www.atmel.com \n + Support email: avr@atmel.com + + Copyright (c) 2008-2011, Atmel Corporation. All rights reserved. + Licensed under Atmel's Limited License Agreement (BitCloudTM). + + \internal + History: + 17/12/07 ALuzhetsky - Created. +******************************************************************************/ +#ifndef _SSPAUTHENTICHANDLER_H +#define _SSPAUTHENTICHANDLER_H + +#ifdef _LINK_SECURITY_ +/****************************************************************************** + Includes section. +******************************************************************************/ +#include +#include +#include +#include + +/****************************************************************************** + Types section. +******************************************************************************/ +/****************************************************************************** + TBD +******************************************************************************/ +typedef struct +{ + SspKeyedHashMacReq_t keyedHashMacParams; + BEGIN_PACK + struct PACK + { + volatile uint8_t keyExpander[SECURITY_KEY_SIZE]; + uint8_t macData[MAX_HASH_TEXT_SIZE]; + volatile uint8_t bitsExpander[16]; + }; + END_PACK +} SspAuthenticHandlerMem_t; +/****************************************************************************** + Prototypes section. +******************************************************************************/ +/******************************************************************************* + Calculates parameters (MacTag1) for Mutual Symmetric-Key Entity Authentication + procedure. + Parameters: + none. + Return: + none. +********************************************************************************/ +void sspCalculateAuthenticMacTag1ReqHandler(void); + +/******************************************************************************* + Calculates parameters (MacTag2) for Mutual Symmetric-Key Entity Authentication + procedure. + Parameters: + none. + Return: + none. +********************************************************************************/ +void sspCalculateAuthenticMacTag2ReqHandler(void); + +#endif // _LINK_SECURITY_ + +#endif //_SSPAUTHENTICHANDLER_H + +// eof sspAuthenticHandler.h + diff --git a/digital/zigbit/bitcloud/stack/Components/Security/ServiceProvider/include/private/sspCcmHandler.h b/digital/zigbit/bitcloud/stack/Components/Security/ServiceProvider/include/private/sspCcmHandler.h new file mode 100644 index 00000000..1e924c49 --- /dev/null +++ b/digital/zigbit/bitcloud/stack/Components/Security/ServiceProvider/include/private/sspCcmHandler.h @@ -0,0 +1,171 @@ +/**************************************************************************//** + \file sspCcmHandler.h + + \brief CCM routine header file. + + \author + Atmel Corporation: http://www.atmel.com \n + Support email: avr@atmel.com + + Copyright (c) 2008-2011, Atmel Corporation. All rights reserved. + Licensed under Atmel's Limited License Agreement (BitCloudTM). + + \internal + History: + 2006 - VGribanovsky created. + 29/11/2007 - ALuzhetsky API corrected. +******************************************************************************/ +#ifndef _SSPCCMHANDLER_H +#define _SSPCCMHANDLER_H + + +/****************************************************************************** + Includes section. +******************************************************************************/ +#include + + +/****************************************************************************** + Definitions section. +******************************************************************************/ +#define CCM_MIC_MAX_SIZE 16 +#define CCM_NONCE_SIZE 13 + +/****************************************************************************** + Types' definitions section. +******************************************************************************/ +/**************************************************************************//** + TBD +******************************************************************************/ +typedef enum +{ + CCM_REQ_TYPE_CRYPT, + CCM_REQ_TYPE_AUTH, + CCM_REQ_TYPE_CHECK_MIC +} CcmReqType_t; + +/**************************************************************************//** + TBD +******************************************************************************/ +typedef enum +{ + CCM_STATE_IDLE, + CCM_STATE_SET_KEY_WHILE_AUTH_OR_MIC_CHECK, + CCM_STATE_SET_KEY_WHILE_CRYPT, + CCM_STATE_CALC_X1_FOR_HDR_WHILE_AUTH_OR_MIC_CHECK, + CCM_STATE_CALC_XN_FOR_HDR_WHILE_AUTH_OR_MIC_CHECK, + CCM_STATE_CALC_XN_FOR_PLD_WHILE_CRYPT_OR_MIC_CHECK, + CCM_STATE_CALC_LAST_X_FOR_HDR_WHILE_MIC_CHECK, + CCM_STATE_CALC_LAST_X_FOR_HDR_WHILE_AUTH, + CCM_STATE_CALC_LAST_X_FOR_PLD_WHILE_CRYPT_OR_MIC_CHECK, + CCM_STATE_CRYPT_NEXT_PLD_BLOCK_WHILE_CRYPT_OR_MIC_CHECK, + CCM_STATE_CALC_XN_FOR_PLD_WHILE_AUTH, + CCM_STATE_CALC_LAST_X_FOR_PLD_WHILE_AUTH, + CCM_STATE_CRYPT_MIC, +} SspCcmState_t; + +/**************************************************************************//** + \brief Input param structure for CCM authentification & encrypt + OR decode & authentification operations. +******************************************************************************/ +typedef struct +{ + //!< key + uint8_t *key/*[SECURITY_KEY_SIZE]*/; + //!< nonce + uint8_t *nonce/*[CCM_NONCE_SIZE]*/; + //!< header + uint8_t *a/*[len_a]*/; + //!< pdu + uint8_t *m/*[len_m]*/; + //!< MIC length (or MAC - message authentication code). + //!< Limitations: does not work correctly if MIC length >= 0xfeff. + uint8_t M; + //!< header length + uint8_t len_a; + //!< pdu length + uint8_t len_m; + //!< Pointer to MIC memory - real MIC value will be XORed to this memory. + //!< Set to zero MIC byte values if you want the new MIC to be generated. + //!< To verify MIC check that it's value is all zeroes after authentication. + uint8_t *mic/*[M]*/; + //!< Confirm callback function + void (*ccmConfirm)(void); +} CcmReq_t; + +/****************************************************************************** + \brief Cryptographic context. Used for only for MIC generation and checking. +******************************************************************************/ +typedef struct +{ + uint8_t textSize; + uint8_t *text/*[textSize]*/; + uint8_t x_i[SECURITY_BLOCK_SIZE]; +} CcmAuthCtx_t; + +/**************************************************************************//** + \brief CCM handler module static memory structure. +******************************************************************************/ +typedef struct +{ + //!< Current CCM request pointer + CcmReq_t *ccmReq; + //!< Current CCM request type + CcmReqType_t reqType; + //!< Current CCM module state + SspCcmState_t ccmState; + //!< Buffer is used to save intermidiate decryption results while MIC + //!< calculating procedure and to form B1 while authentication. + uint8_t tmpCcmBuf[SECURITY_BLOCK_SIZE]; + //!< Payload block counter + uint8_t pldBlockCounter; + CcmAuthCtx_t ccmAuthCtx; +} SspCcmHandlerMem_t; + + +/****************************************************************************** + Prototypes section. +******************************************************************************/ +/****************************************************************************** + Calculate the CCM* authentication tag (CBC-MAC in RFC 3610 terms). + Arguments: + key - AES-128 key; + nonce_block - 16-byte block containing nonce in bytes 1..13 + (bytes 0,14,15 are arbitrary); + frame - ptr to data to be protected by the authentication tag; + len_auth - data that have to be authentified only; + len_crypt - data that have to be authentified and encrypted; + auth - buffer to place the authentication tag; + M - MIC length, + temp - 176-byte array used by AES encryption algorithm. + If M=0 (which is permitted by ZigBee Standard but not by RFC 3610) + the function returns immediately. + Limitations: does not work correctly if len_auth >= 0xfeff. +******************************************************************************/ +void ccmAuthReq(CcmReq_t *ccmParam); + + +/****************************************************************************** + Encrypt the buffer in place by the CCM*. Arguments: + key - AES-128 key; + nonce_block - 16-byte block containing nonce in bytes 1..13 + (bytes 0,14,15 are arbitrary); + payload - buffer to be encrypted; + len_payload - length of this buffer; + auth - MIC which have to be encrypted additionally (also in place); + M - its length; + temp - 176-byte array used by AES encryption algorithm. +******************************************************************************/ +void ccmCryptReq(CcmReq_t *); + +/**************************************************************************//** + \brief Performs encrypted frame MIC check procedure. + + \param checMecReq - request parametrs structure pointer. Take a look at the + CcmReq_t type declaration for the detailes. +******************************************************************************/ +void ccmCheckMicReq(CcmReq_t *checkMicReq); + +#endif //_SSPCCMHANDLER_H + +//eof sspCcmHandler.h diff --git a/digital/zigbit/bitcloud/stack/Components/Security/ServiceProvider/include/private/sspChallengeGenHandler.h b/digital/zigbit/bitcloud/stack/Components/Security/ServiceProvider/include/private/sspChallengeGenHandler.h new file mode 100644 index 00000000..a245e581 --- /dev/null +++ b/digital/zigbit/bitcloud/stack/Components/Security/ServiceProvider/include/private/sspChallengeGenHandler.h @@ -0,0 +1,42 @@ +/**************************************************************************//** + \file sspChallengeGenHandler.h + + \brief Challenge generator handler header file. + + \author + Atmel Corporation: http://www.atmel.com \n + Support email: avr@atmel.com + + Copyright (c) 2008-2011, Atmel Corporation. All rights reserved. + Licensed under Atmel's Limited License Agreement (BitCloudTM). + + \internal + History: + 17/12/07 ALuzhetsky - Created. +******************************************************************************/ +#ifndef _SSPCHALLENGEGENHANDLER_H +#define _SSPCHALLENGEGENHANDLER_H + +/****************************************************************************** + Includes section. +******************************************************************************/ + +/****************************************************************************** + Definition section. +******************************************************************************/ + +/****************************************************************************** + Prototypes section. +******************************************************************************/ +/******************************************************************************* + Resets Security Service Provider entity. + Parameters: + challenge - pointer to the memory for saving generated challenge. + Return: + none. +********************************************************************************/ +void sspGenerateChallengeHandler(uint8_t challenge[/*CHALLENGE_SEQUENCE_SIZE*/]); +#endif //_SSPCHALLENGEGENHANDLER_H + +// eof sspChallengeGenHandler.h + diff --git a/digital/zigbit/bitcloud/stack/Components/Security/ServiceProvider/include/private/sspHashHandler.h b/digital/zigbit/bitcloud/stack/Components/Security/ServiceProvider/include/private/sspHashHandler.h new file mode 100644 index 00000000..c89a1193 --- /dev/null +++ b/digital/zigbit/bitcloud/stack/Components/Security/ServiceProvider/include/private/sspHashHandler.h @@ -0,0 +1,118 @@ +/**************************************************************************//** + \file sspHashHandler.h + + \brief Hash routine header file. + + \author + Atmel Corporation: http://www.atmel.com \n + Support email: avr@atmel.com + + Copyright (c) 2008-2011, Atmel Corporation. All rights reserved. + Licensed under Atmel's Limited License Agreement (BitCloudTM). + + \internal + History: + 29/11/07 ALuzhetsky - Created. +******************************************************************************/ + +#ifndef _SSPHASHHANDLER_H +#define _SSPHASHHANDLER_H + +#ifdef _LINK_SECURITY_ + +/****************************************************************************** + Includes section. +******************************************************************************/ +#include +#include + +/****************************************************************************** + Definitions section. +******************************************************************************/ +#define MAX_HASH_TEXT_SIZE 53 // 1 + 2*sizeof(uint64_t) + 2*CHALLENGE_SIZE + sizeof(uint32_t) +#define IPAD 0x36 +#define OPAD 0x5C + +/****************************************************************************** + Types' definitions section. +******************************************************************************/ +/****************************************************************************** + TBD +******************************************************************************/ +typedef struct +{ + // Service field - for internal needs. + SSP_Service_t service; + // There is should be an additional memory before and after text (16 bytes in both cases). + uint8_t *text/*[SECURITY_KEY_SIZE + textSize + 16]*/; + // Pointer to key fir Keyed Hash Function. + const uint8_t *key/*[SECURITY_KEY_SIZE]*/; + // Size of the text. + uint8_t textSize; + // Buffer for generated hash. Shoul be initialized by the user. + uint8_t *hash_i/*[SECURITY_KEY_SIZE]*/; + void (*sspKeyedHashMacConfirm)(void); +} SspKeyedHashMacReq_t; + +/****************************************************************************** + TBD +******************************************************************************/ +typedef enum +{ + HASH_STATE_IDLE, + HASH_STATE_CREATE_HASH1, + HASH_STATE_CREATE_HASH2, +} SspHashHandlerState_t; + +/****************************************************************************** + TBD +******************************************************************************/ +typedef struct +{ + uint8_t *M/*[textSize + 16]*/; + uint8_t *hash_i/*[SECURITY_KEY_SIZE]*/; + uint8_t textSize; + void (*bcbHashConf)(void); +} SspBcbHashReq_t; + +/****************************************************************************** + TBD +******************************************************************************/ +typedef struct +{ + SspBcbHashReq_t *currentBcbHashReq; + SspKeyedHashMacReq_t *keyedHashMacReq; + SspBcbHashReq_t bcbHashReq; + uint8_t bcbBlockCounter; + SspHashHandlerState_t hashHandlerState; +} SspHashHandlerMem_t; + + +/****************************************************************************** + Prototypes section. +******************************************************************************/ +/******************************************************************************* + Keyed hash function implementation. + Parameters: + param - parameters of the primitive (for detailed description look at + SspKeyedHashMacReq_t declaration). + Return: + none. +********************************************************************************/ +void sspKeyedHashMacReq(SspKeyedHashMacReq_t *param); + +/******************************************************************************* + Block Cipher Based hash function implementation. + Parameters: + param - parameters of the primitive (for detailed description look at + SspBcbHashReq_t declaration). + Return: + none. +********************************************************************************/ +void sspBcbHashReq(SspBcbHashReq_t *param); + +#endif // _LINK_SECURITY_ + +#endif //_SSPHASHHANDLER_H + +//eof sspHashHandler.h diff --git a/digital/zigbit/bitcloud/stack/Components/Security/ServiceProvider/include/private/sspManager.h b/digital/zigbit/bitcloud/stack/Components/Security/ServiceProvider/include/private/sspManager.h new file mode 100644 index 00000000..034ebf89 --- /dev/null +++ b/digital/zigbit/bitcloud/stack/Components/Security/ServiceProvider/include/private/sspManager.h @@ -0,0 +1,174 @@ +/**************************************************************************//** + \file sspManager.h + + \brief Security Service Provider header file. + + \author + Atmel Corporation: http://www.atmel.com \n + Support email: avr@atmel.com + + Copyright (c) 2008-2011, Atmel Corporation. All rights reserved. + Licensed under Atmel's Limited License Agreement (BitCloudTM). + + \internal + History: + 06/12/2007 - ALuzhetsky API corrected. +******************************************************************************/ +#ifndef _SSPMANAGER_H +#define _SSPMANAGER_H + +/****************************************************************************** + Includes section. +******************************************************************************/ +#include + +/****************************************************************************** + Definition section. +******************************************************************************/ +#ifdef _SSP_USE_FLASH_FOR_CONST_DATA + #include + #define HANDLERS_MEM FLASH_VAR + #define HANDLERS_GET(A, I) memcpy_P(A, &sspHandlers[I], sizeof(SspTask_t)) +#else // _SSP_USE_FLASH_FOR_CONST_DATA + #define HANDLERS_MEM + #define HANDLERS_GET(A, I) (((A)->task) = sspHandlers[I].task) +#endif // _SSP_USE_FLASH_FOR_CONST_DATA + +#if defined(_MAC_HW_AES_) || defined(_HAL_HW_AES_) + #ifdef _LINK_SECURITY_ + #define SSP_TASKS_LIST \ + {sspCalculateAuthenticMacTag1ReqHandler}, \ + {sspCalculateAuthenticMacTag2ReqHandler}, \ + {sspCalculateSkkeParamsReqHandler}, \ + {sspKeyedHashReqHandler}, \ + {sspEncryptFrameReqHandler}, \ + {sspDecryptFrameReqHandler} + #else // _LINK_SECURITY_ + #define SSP_TASKS_LIST \ + {sspEncryptFrameReqHandler}, \ + {sspDecryptFrameReqHandler} + #endif // _LINK_SECURITY_ + +#elif defined(_SSP_SW_AES_) + #ifdef _LINK_SECURITY_ + #define SSP_TASKS_LIST \ + {sspCalculateAuthenticMacTag1ReqHandler}, \ + {sspCalculateAuthenticMacTag2ReqHandler}, \ + {sspCalculateSkkeParamsReqHandler}, \ + {sspKeyedHashReqHandler}, \ + {sspEncryptFrameReqHandler}, \ + {sspDecryptFrameReqHandler}, \ + {sspAesReqHandler}, + #else // _LINK_SECURITY_ + #define SSP_TASKS_LIST \ + {sspEncryptFrameReqHandler}, \ + {sspDecryptFrameReqHandler}, \ + {sspAesReqHandler} + #endif // _LINK_SECURITY_ + +#else + #error Unknown AES routine provider +#endif + +/****************************************************************************** + Types section. +******************************************************************************/ +/**************************************************************************//** + \brief TBD. + + TBD +******************************************************************************/ +typedef struct +{ + void (*task)(void); +} SspTask_t; + +/**************************************************************************//** + \brief TBD. + + TBD +******************************************************************************/ +typedef enum +{ +#ifdef _LINK_SECURITY_ + SSP_TASK_AUTHENTIC_MAC_TAG1, + SSP_TASK_AUTHENTIC_MAC_TAG2, + SSP_TASK_SKKE, + SSP_TASK_KEYED_HASH, +#endif // _LINK_SECURITY_ + SSP_TASK_ENCRYPT_FRAME, + SSP_TASK_DECRYPT_FRAME, +#ifdef _SSP_SW_AES_ + SSP_TASK_AES, +#endif // _SSP_SW_AES_ + + SSP_TASKS_SIZE, +} SspTaskId_t; + +/**************************************************************************//** + \brief TBD. + + TBD +******************************************************************************/ +typedef enum // ssp possible requests' types. +{ +#ifdef _LINK_SECURITY_ + SSP_REQ_ID_AUTHENTIC_MAC_TAG1 = SSP_TASK_AUTHENTIC_MAC_TAG1, + SSP_REQ_ID_AUTHENTIC_MAC_TAG2 = SSP_TASK_AUTHENTIC_MAC_TAG2, + SSP_REQ_ID_SKKE = SSP_TASK_SKKE, + SSP_REQ_ID_KEYED_HASH = SSP_TASK_KEYED_HASH, +#endif // _LINK_SECURITY_ + SSP_REQ_ID_SFP_ENCRYPT_FRAME = SSP_TASK_ENCRYPT_FRAME, + SSP_REQ_ID_SFP_DECRYPT_FRAME = SSP_TASK_DECRYPT_FRAME, + +} SspRequestId_t; + +/**************************************************************************//** + \brief TBD. + + TBD +******************************************************************************/ +typedef uint8_t SspTaskBitMask_t; + +/**************************************************************************//** + \brief TBD. + + TBD +******************************************************************************/ +typedef struct +{ + SspTaskBitMask_t taskBitMask; + QueueDescriptor_t reqQueueDescr; +} SspManagerMem_t; + +/****************************************************************************** + Functions prototypes section. +******************************************************************************/ +/**************************************************************************//** + \brief TBD. + + \param TBD. + \return TBD. +******************************************************************************/ +void sspPostTask(SspTaskId_t taskID); + +/**************************************************************************//** + \brief TBD. + + \param TBD. + \return TBD. +******************************************************************************/ +void sspResetTaskManager(void); + +/****************************************************************************** + Sends confirmation to the SSP user. + Parameters: + request - parameters of the request to be confirmed. + Returns: + none. +******************************************************************************/ +void sspSendConfToUpperLayer(void *request); + +#endif // _SSPMANAGER_H + +// eof sspManager.h diff --git a/digital/zigbit/bitcloud/stack/Components/Security/ServiceProvider/include/private/sspMem.h b/digital/zigbit/bitcloud/stack/Components/Security/ServiceProvider/include/private/sspMem.h new file mode 100644 index 00000000..1512a170 --- /dev/null +++ b/digital/zigbit/bitcloud/stack/Components/Security/ServiceProvider/include/private/sspMem.h @@ -0,0 +1,238 @@ +/**************************************************************************//** + \file sspMem.h + + \brief Security Service Provider memory manager header file. + + \author + Atmel Corporation: http://www.atmel.com \n + Support email: avr@atmel.com + + Copyright (c) 2008-2011, Atmel Corporation. All rights reserved. + Licensed under Atmel's Limited License Agreement (BitCloudTM). + + \internal + History: + 06/12/2007 - ALuzhetsky created. +******************************************************************************/ +#ifndef _SSPMEM_H +#define _SSPMEM_H + +/****************************************************************************** + Includes section. +******************************************************************************/ +#include +#include +#include +#include +#include +#include + +/****************************************************************************** + Types section. +******************************************************************************/ +typedef struct +{ + void *sspReq; // Used by all modules which need to save requests' parameters. + // For Manager needs. + SspManagerMem_t managerMem; + SspAesMem_t aes; + union + { +#ifdef _LINK_SECURITY_ + SspAuthenticHandlerMem_t authenticHandlerMem; + SspSkkeHandlerMem_t skkeHandlerMem; +#endif // _LINK_SECURITY_ + SspSfpHandlerMem_t sfpHandlerMem; + }; + union + { +#ifdef _LINK_SECURITY_ + SspHashHandlerMem_t hashHandlerMem; +#endif // _LINK_SECURITY_ + SspCcmHandlerMem_t ccmHandlerMem; + }; +} SspMem_t; + +/****************************************************************************** + External variables. +******************************************************************************/ +extern SspMem_t sspMem; + +/****************************************************************************** + Inline static functions prototypes section. +******************************************************************************/ +/****************************************************************************** + Stores the pointer to the current request. + Parameters: + req - pointer to the current request. + returns: + none. +******************************************************************************/ +INLINE void sspStoreReqParams(void *req) +{ + sspMem.sspReq = req; +} + +/****************************************************************************** + Gets the pointer to the current request. + Parameters: + none. + returns: + Pointer to the current request. +******************************************************************************/ +INLINE void* sspGetReqParams(void) +{ + return sspMem.sspReq; +} + +/****************************************************************************** + Gets the current manager state. + Parameters: + none. + returns: + current manager state. +******************************************************************************/ +/*INLINE SspState_t sspGetManagerState(void) +{ + return sspMem.managerMem.managerState; +}*/ + +/****************************************************************************** + Sets the current manager state. + Parameters: + new state. + returns: + none. +******************************************************************************/ +/*INLINE void sspSetManagerState(SspState_t newState) +{ + sspMem.managerMem.managerState = newState; +}*/ + +/****************************************************************************** + Gets pointer to the queue descriptor. + Parameters: + none. + returns: + pointer to the queue descriptor. +******************************************************************************/ +INLINE QueueDescriptor_t* sspGetQueueDescr(void) +{ + return &sspMem.managerMem.reqQueueDescr; +} + +/****************************************************************************** + Gets pointer to the queue descriptor. + Parameters: + none. + returns: + pointer to the queue descriptor. +******************************************************************************/ +INLINE SspTaskBitMask_t* sspGetTaskBitMask(void) +{ + return &sspMem.managerMem.taskBitMask; +} + +/****************************************************************************** + Gets pointer to the current request. + Parameters: + none. + returns: + pointer to the current request. +******************************************************************************/ +INLINE void* sspGetCurrentReq(void) +{ + return sspMem.sspReq; +} + +/****************************************************************************** + Stores pointer to the current request. + Parameters: + pointer to the current request. + returns: + none. +******************************************************************************/ +INLINE void sspSetCurrentReq(void* param) +{ + sspMem.sspReq = param; +} + +#ifdef _LINK_SECURITY_ +/****************************************************************************** + Gets pointer to the authentic handler memory. + Parameters: + none. + returns: + pointer to the authentic handler memory. +******************************************************************************/ +INLINE SspAuthenticHandlerMem_t* sspGetAuthenticHandlerMem(void) +{ + return &sspMem.authenticHandlerMem; +} + +/****************************************************************************** + Gets pointer to the skke handler memory. + Parameters: + none. + returns: + pointer to the skke handler memory. +******************************************************************************/ +INLINE SspSkkeHandlerMem_t* sspGetSkkeHandlerMem(void) +{ + return &sspMem.skkeHandlerMem; +} + +/****************************************************************************** + Gets pointer to the hash handler memory. + Parameters: + none. + returns: + pointer to the hash handler memory. +******************************************************************************/ +INLINE SspHashHandlerMem_t* sspGetHashHandlerMem(void) +{ + return &sspMem.hashHandlerMem; +} +#endif // _LINK_SECURITY_ + +/****************************************************************************** + Gets pointer to the sfp handler memory. + Parameters: + none. + returns: + pointer to the sfp handler memory. +******************************************************************************/ +INLINE SspSfpHandlerMem_t* sspGetSfpHandlerMem(void) +{ + return &sspMem.sfpHandlerMem; +} + +/****************************************************************************** + Gets pointer to the memory for aes encryption procedure. + Parameters: + none. + returns: + pointer to the memory for aes encryption procedure. +******************************************************************************/ +INLINE SspAesMem_t* sspGetAesMem(void) +{ + return &sspMem.aes; +} + +/****************************************************************************** + Gets pointer to the ccm handler memory. + Parameters: + none. + returns: + pointer to the ccm handler memory. +******************************************************************************/ +INLINE SspCcmHandlerMem_t* sspGetCcmHandlerMem(void) +{ + return &sspMem.ccmHandlerMem; +} + + +//#endif // _SSP_USE_STATIC_MEM_ + +#endif //_SSPMEM_H +// eof sspMem.h diff --git a/digital/zigbit/bitcloud/stack/Components/Security/ServiceProvider/include/private/sspSfpHandler.h b/digital/zigbit/bitcloud/stack/Components/Security/ServiceProvider/include/private/sspSfpHandler.h new file mode 100644 index 00000000..3cc50904 --- /dev/null +++ b/digital/zigbit/bitcloud/stack/Components/Security/ServiceProvider/include/private/sspSfpHandler.h @@ -0,0 +1,134 @@ +/**************************************************************************//** + \file sspSfpHandler.h + + \brief SFP routine header file. + + \author + Atmel Corporation: http://www.atmel.com \n + Support email: avr@atmel.com + + Copyright (c) 2008-2011, Atmel Corporation. All rights reserved. + Licensed under Atmel's Limited License Agreement (BitCloudTM). + + \internal + History: + 2006 - VGribanovsky created. + 29/11/2007 - ALuzhetsky API corrected. +******************************************************************************/ + +#ifndef _SSPSFPHANDLER_H +#define _SSPSFPHANDLER_H + +/****************************************************************************** + Includes section. +******************************************************************************/ +#include +#include +#include +#include +#include + +/****************************************************************************** + Types definition section. +******************************************************************************/ +/**************************************************************************//** + \brief TBD +******************************************************************************/ +typedef enum +{ + SFP_STATE_IDLE, + SFP_STATE_ENCRYPTION_KEY_TRANSFORMING, + SFP_STATE_ENCRYPTION_AUTHENTIC, + SFP_STATE_ENCRYPTION_ENCRYPT, + SFP_STATE_DECRYPTION_KEY_TRANSFORMING, + SFP_STATE_DECRYPTION_AUTHENTIC, + SFP_STATE_DECRYPTION_ENCRYPT, + SFP_STATE_DECRYPTION_MIC_CHECK +} SspSfpHandlerState_t; + +/**************************************************************************//** + \brief TBD +******************************************************************************/ +typedef struct +{ + SspSfpHandlerState_t sfpState; + uint8_t nonce[CCM_NONCE_SIZE]; + uint8_t transformedKey[SECURITY_KEY_SIZE]; + uint8_t mic[CCM_MIC_MAX_SIZE]; + uint8_t auxiliaryHeaderLength; + union + { + CcmReq_t ccmReq; +#ifdef _LINK_SECURITY_ + SspKeyedHashMacReq_t hashMacReq; +#endif // _LINK_SECURITY_ + }; + BEGIN_PACK + struct PACK + { + volatile uint8_t keyExpander[16]; + uint8_t text; + volatile uint8_t bitsExpander[16]; + }; // For hash function + END_PACK +} SspSfpHandlerMem_t; + +/**************************************************************************//** + \brief Security Control field format. +******************************************************************************/ +BEGIN_PACK +typedef struct PACK +{ + LITTLE_ENDIAN_OCTET(4,( + uint8_t securityLevel : 3, + uint8_t keyIdentifier : 2, + uint8_t extendedNonce : 1, + uint8_t reserved : 2 + )) +} SecurityCtrlField_t; +END_PACK + +/****************************************************************************** + Prototypes section. +******************************************************************************/ +/****************************************************************************** + Encrypts frame. Encoding is based on incoming param which are extracted from + SSP_EncryptFrameReq param. + Parameters: + none. + Return: + none. +******************************************************************************/ +void sspEncryptFrameReqHandler(void); + +/****************************************************************************** + Decrypts frame. Decrypting is based on incoming param which are extracted from + SSP_DecryptFrameReq param. + Parameters: + none. + Return: + none. +******************************************************************************/ +void sspDecryptFrameReqHandler(void); + +/****************************************************************************** + Parses auxiliary frame header. + Parameters: + param - contains pointer to the frame and parameters to be initialized. + Return: + Auxiliary header length. +******************************************************************************/ +uint8_t sspParseAuxiliaryHeaderHandler(SSP_ParseAuxiliaryHeader_t *param); + +/****************************************************************************** + Security Frame Processor Handler's task. + Parameters: + none + Return: + none. +******************************************************************************/ +void sspSfpTaskHandler(void); + +#endif //_SSPSFPHANDLER_H + +// eof sspSfpHandler.h diff --git a/digital/zigbit/bitcloud/stack/Components/Security/ServiceProvider/include/private/sspSkkeHandler.h b/digital/zigbit/bitcloud/stack/Components/Security/ServiceProvider/include/private/sspSkkeHandler.h new file mode 100644 index 00000000..c9d881e0 --- /dev/null +++ b/digital/zigbit/bitcloud/stack/Components/Security/ServiceProvider/include/private/sspSkkeHandler.h @@ -0,0 +1,96 @@ +/**************************************************************************//** + \file sspSkkeHandler.h + + \brief SKKE routine handler header file. + + \author + Atmel Corporation: http://www.atmel.com \n + Support email: avr@atmel.com + + Copyright (c) 2008-2011, Atmel Corporation. All rights reserved. + Licensed under Atmel's Limited License Agreement (BitCloudTM). + + \internal + History: + 29/11/07 ALuzhetsky - Created. +******************************************************************************/ +#ifndef _SSPSKKEHANDLER_H +#define _SSPSKKEHANDLER_H + +#ifdef _LINK_SECURITY_ + +/****************************************************************************** + Includes section. +******************************************************************************/ +#include +#include +#include + +/****************************************************************************** + Types section. +******************************************************************************/ +typedef enum +{ + SKKE_STATE_IDLE, + SKKE_STATE_CALCULATE_MACTAG1, + SKKE_STATE_CALCULATE_MACTAG2, + SKKE_STATE_CALCULATE_FINAL_MACTAG1, + SKKE_STATE_CALCULATE_HASH1, + SKKE_STATE_CALCULATE_HASH2, +} SspSkkeState_t; +/****************************************************************************** + TBD +******************************************************************************/ +typedef struct +{ + SspSkkeState_t skkeState; + uint8_t macKey[SECURITY_KEY_SIZE]; + BEGIN_PACK + struct PACK + { + volatile uint8_t keyExpander[SECURITY_KEY_SIZE]; + uint8_t macData[MAX_HASH_TEXT_SIZE]; + volatile uint8_t bitsExpander[16]; + }; + END_PACK + union + { + SspKeyedHashMacReq_t keyedHashMacParam; + SspBcbHashReq_t bcbHashReqParam; + }; +} SspSkkeHandlerMem_t; + +/****************************************************************************** + Prototypes section. +******************************************************************************/ +/******************************************************************************* + Calculates parameters of Security-Key Key Esteblishment procedure. + Parameters: + none. + Return: + none. +********************************************************************************/ +void sspCalculateSkkeParamsReqHandler(void); + +/***************************************************************************\\** + \brief Copies with mirroring "length" bytes from "src" to "dst". + + \param + dst - destination memory. + src - source memory. + length - number of bytes to copy. + \return + none. +********************************************************************************/ +INLINE void mirrorMemcpy(uint8_t *dst, uint8_t *src, uint8_t length) +{ + while(length) + *(dst++) = *(src + --length); +} + +#endif // _LINK_SECURITY_ + +#endif //_SSPSKKEHANDLER_H + +// eof sspSkkeHandler.h + diff --git a/digital/zigbit/bitcloud/stack/Components/Security/ServiceProvider/include/sspAuthentic.h b/digital/zigbit/bitcloud/stack/Components/Security/ServiceProvider/include/sspAuthentic.h new file mode 100644 index 00000000..b1134c4a --- /dev/null +++ b/digital/zigbit/bitcloud/stack/Components/Security/ServiceProvider/include/sspAuthentic.h @@ -0,0 +1,101 @@ +/**************************************************************************//** + \file sspAuthentic.h + + \brief Mutual Symmetric-Key Entity Authentication routine header file. + + \author + Atmel Corporation: http://www.atmel.com \n + Support email: avr@atmel.com + + Copyright (c) 2008-2011, Atmel Corporation. All rights reserved. + Licensed under Atmel's Limited License Agreement (BitCloudTM). + + \internal + History: + 29/11/07 ALuzhetsky - Created. +******************************************************************************/ +#ifndef _SSPAUTHENTIC_H +#define _SSPAUTHENTIC_H + +#ifdef _LINK_SECURITY_ +/****************************************************************************** + Includes section. +******************************************************************************/ +#include +#include +#include + +/****************************************************************************** + Definitions section. +******************************************************************************/ +#define HASH_SIZE 16 + +/****************************************************************************** + Types' definition section. +******************************************************************************/ + +/**************************************************************************//** + \brief Declaration of CalculateAuthenticParamsConf primitive parameters structure. +******************************************************************************/ +typedef struct +{ + //! Calculated MacTag1 or MacTag2. + uint8_t macTag[HASH_SIZE]; +} SSP_CalculateAuthenticParamsConf_t; + +/**************************************************************************//** + \brief Declaration of CalculateAuthenticParamsConf primitive parameters structure. +******************************************************************************/ +typedef struct +{ + //! Service field - for internal needs. + SSP_Service_t service; + //! Extended address of the device which initiated authnetication procedure. + const uint64_t *initiatorIEEEAddr; + //! Extended address of the device which should response. + const uint64_t *responderIEEEAddr; + //! Initiator or responder device frame counter. + uint32_t frameCounter; + //! Preset key which should be known by both devices (initiator and responder). + const uint8_t *networkKey/*[SECURITY_KEY_SIZE]*/; + //! Initiator challenge sequence (just 128-bit random number). + uint8_t *qeu; + //! Responder challenge sequence (just 128-bit random number). + uint8_t *qev; + //! Security Service Provider CalculateAuthenticParams confirm callback function's pointer. + void (*SSP_CalculateAuthenticParamsConf)(SSP_CalculateAuthenticParamsConf_t *conf); + //! Security Service Provider CalculateAuthenticParams confirm parameters' structure. + SSP_CalculateAuthenticParamsConf_t confirm; +} SSP_CalculateAuthenticParamsReq_t; + +/****************************************************************************** + Prototypes section. +******************************************************************************/ +/******************************************************************************* + Performs calculation of the parameters for Mutual Symmetric-Key Entity + Authentication procedure (MatTag1). + Parameters: + param - procedure parameters (for detailed description look at + SSP_CalculateAuthenticParamsReq_t declaration). + Return: + none. +********************************************************************************/ +void SSP_CalculateAuthenticMacTag1Req(SSP_CalculateAuthenticParamsReq_t *param); + +/******************************************************************************* + Performs calculation of the parameters for Mutual Symmetric-Key Entity + Authentication procedure (MatTag2). + Parameters: + param - procedure parameters (for detailed description look at + SSP_CalculateAuthenticParamsReq_t declaration). + Return: + none. +********************************************************************************/ +void SSP_CalculateAuthenticMacTag2Req(SSP_CalculateAuthenticParamsReq_t *param); + +#endif // _LINK_SECURITY_ + +#endif //_SSPAUTHENTIC_H + +// eof sspAuthentic.h + diff --git a/digital/zigbit/bitcloud/stack/Components/Security/ServiceProvider/include/sspChallengeGen.h b/digital/zigbit/bitcloud/stack/Components/Security/ServiceProvider/include/sspChallengeGen.h new file mode 100644 index 00000000..ac9677ab --- /dev/null +++ b/digital/zigbit/bitcloud/stack/Components/Security/ServiceProvider/include/sspChallengeGen.h @@ -0,0 +1,50 @@ +/**************************************************************************//** + \file sspChallengeGen.h + + \brief Challenge genrator header file. + + \author + Atmel Corporation: http://www.atmel.com \n + Support email: avr@atmel.com + + Copyright (c) 2008-2011, Atmel Corporation. All rights reserved. + Licensed under Atmel's Limited License Agreement (BitCloudTM). + + \internal + History: + 07/12/07 ALuzhetsky - Created. +******************************************************************************/ +#ifndef _SSPCHALLENGEGEN_H +#define _SSPCHALLENGEGEN_H + +/****************************************************************************** + Includes section. +******************************************************************************/ +#include +#include + +/****************************************************************************** + Definitions section. +******************************************************************************/ +#define CHALLENGE_SEQUENCE_SIZE 16 + +/****************************************************************************** + Types' definition section. +******************************************************************************/ + +/****************************************************************************** + Prototypes section. +******************************************************************************/ +/******************************************************************************* + Generates challenge. + Parameters: + challenge - space to store generated challenge. + Return: + none. +********************************************************************************/ +void SSP_GenerateChallenge(uint8_t challenge[/*CHALLENGE_SEQUENCE_SIZE*/]); + +#endif //_SSPCHALLENGEGEN_H + +// eof sspChellenge.h + diff --git a/digital/zigbit/bitcloud/stack/Components/Security/ServiceProvider/include/sspCommon.h b/digital/zigbit/bitcloud/stack/Components/Security/ServiceProvider/include/sspCommon.h new file mode 100644 index 00000000..5fd2bea3 --- /dev/null +++ b/digital/zigbit/bitcloud/stack/Components/Security/ServiceProvider/include/sspCommon.h @@ -0,0 +1,74 @@ +/**************************************************************************//** + \file sspCommon.h + + \brief Declarations of common Security Service Provider's fields and types. + + \author + Atmel Corporation: http://www.atmel.com \n + Support email: avr@atmel.com + + Copyright (c) 2008-2011, Atmel Corporation. All rights reserved. + Licensed under Atmel's Limited License Agreement (BitCloudTM). + + \internal + History: + 06/12/07 ALuzhetsky - Created. +******************************************************************************/ + +#ifndef _SSPCOMMON_H +#define _SSPCOMMON_H + +/****************************************************************************** + Includes section. +******************************************************************************/ +#include + +/****************************************************************************** + Definitions section. +******************************************************************************/ +#define SECURITY_KEY_SIZE 16U +#define SECURITY_BLOCK_SIZE 16U +#define SSP_SECURITY_CONTROL_FIELD_LENGTH 1U +#define SSP_FRAME_COUNTER_FIELD_LENGTH 4U +#define SSP_KEY_SEQ_NUMBER_FIELD_LENGTH 1U + +/****************************************************************************** + Types section. +******************************************************************************/ +/**************************************************************************//** + \brief Possible status values of different SSP primitives. +******************************************************************************/ +typedef enum +{ + SSP_SUCCESS_STATUS, + SSP_NOT_PERMITED_STATUS, + SSP_MAX_FRM_COUNTER_STATUS, + SSP_BAD_CCM_OUTPUT_STATUS, +} SSP_Status_t; + +/**************************************************************************//** + \brief Internal service fields which give an opportunity to compose requests' queue. +******************************************************************************/ +typedef struct +{ + void *next; + uint8_t requestId; +} SSP_Service_t; + + +/****************************************************************************** + Prototypes section + ******************************************************************************/ +/******************************************************************************* + Checks a security key. + Parameters: + key - valid pointer to a security key. + Return: + true - if key is not zero otherwise return false. +********************************************************************************/ +bool SSP_IsKeyValid(const uint8_t *key); + + +#endif //_SSPCOMMON_H + +// eof sspCommon.h diff --git a/digital/zigbit/bitcloud/stack/Components/Security/ServiceProvider/include/sspDbg.h b/digital/zigbit/bitcloud/stack/Components/Security/ServiceProvider/include/sspDbg.h new file mode 100644 index 00000000..86415548 --- /dev/null +++ b/digital/zigbit/bitcloud/stack/Components/Security/ServiceProvider/include/sspDbg.h @@ -0,0 +1,38 @@ +/********************************************************************************//** + \file sspDbg.h + + \brief + + \author + Atmel Corporation: http://www.atmel.com \n + Support email: avr@atmel.com + + Copyright (c) 2008-2011, Atmel Corporation. All rights reserved. + Licensed under Atmel's Limited License Agreement (BitCloudTM). + + \internal +**********************************************************************************/ +#ifndef _SSPDBGH +#define _SSPDBGH + +#include + +typedef enum +{ + SSPSFPHANDLERC_SSPENCRYPTFRAMEREQHANDLER_00 = 0x7800, + SSPMANAGER_TASKHANDLER_00 = 0x7801, + SSPMANAGER_TASKHANDLER_01 = 0x7802, + SSPCCM_SSPAESCONF_00 = 0x7803, + SSPSFPHANDLERC_CCMCONFIRM_00 = 0x7804, + SSPHASHHANDLERC_BCBHASHCONF_00 = 0x7805, + SSPSFPHANDLERC_SSPKEYEDHASHMACCONFIRM_00 = 0x7806, + SSPSKKEHANDLERC_HASHCONFIRM_00 = 0x7807, + SSPMANAGER_SENDREQTOHANDLER_00 = 0x7808, + SSPHASHHANDLERC_SSPBCBHASH_0 = 0x7809, + SSPCCM_SSPAESCONFWHILEMICCHECK_00 = 0x780a, + SSPCCM_SSPAESCONFWHILEMICCHECK_01 = 0x780b, + SSPCCM_SSPAESCONFWHILEMICCHECK_02 = 0x780c, + SSPCCMHANDLER_DETECTNEXTSTATE_0 = 0x780d, + SSPCCMHANDLER_SSPAESCONF_00 = 0x780e, +} SspDbgCodeId_t; +#endif // _SSPDBGH diff --git a/digital/zigbit/bitcloud/stack/Components/Security/ServiceProvider/include/sspHash.h b/digital/zigbit/bitcloud/stack/Components/Security/ServiceProvider/include/sspHash.h new file mode 100644 index 00000000..ade0fe31 --- /dev/null +++ b/digital/zigbit/bitcloud/stack/Components/Security/ServiceProvider/include/sspHash.h @@ -0,0 +1,69 @@ +/**************************************************************************//** + \file sspHash.h + + \brief Security Hash Processor header file. + + \author + Atmel Corporation: http://www.atmel.com \n + Support email: avr@atmel.com + + Copyright (c) 2008-2011, Atmel Corporation. All rights reserved. + Licensed under Atmel's Limited License Agreement (BitCloudTM). + + \internal + History: + 01/05/2008 A.Potashov - Created +******************************************************************************/ + +#ifndef _SSPHASH_H +#define _SSPHASH_H + +#include +#include + +typedef struct +{ + //! Service field - for internal needs. + SSP_Service_t service; + // Service field - for internal needs. + SSP_Service_t sspService; + // There is should be an additional memory before and after text (16 bytes in both cases). + uint8_t *text/*[SECURITY_KEY_SIZE + textSize + 16]*/; + // Pointer to key fir Keyed Hash Function. + uint8_t (*key)/*[SECURITY_KEY_SIZE]*/; + // Size of the text. + uint8_t textSize; + // Buffer for generated hash. Shoul be initialized by the user. + uint8_t (*hash_i)/*[SECURITY_KEY_SIZE]*/; + // Confirm handler pointer for internal use + void (*sspKeyedHashMacConf)(void); + + // Confirm handler pointer + void (*SSP_KeyedHashMacConf)(void); +} SSP_KeyedHashMacReq_t; + + +void SSP_KeyedHashMacReq(SSP_KeyedHashMacReq_t *req); +void sspKeyedHashReqHandler(void); +#ifndef _USE_CERTICOM_HASH_ +/**************************************************************************\\** + \brief This function computes the AES MMO digest of the data parameter of + length sz, and stores the result in. + + \param[out] digest This is an unsigned char buffer to hold the message digest. + The length of the digest must be AES_MMO_HASH_SIZE bytes. + \param[in] sz The size in bytes of the message to be hashed. + \param[in] data This is an unsigned char buffer of data to be hashed. + + \return MCE_ERR_NULL_OUTPUT_BUF digest is NULL + MCE_ERR_NULL_INPUT_BUF data is NULL + MCE_SUCCESS indicates successful completion. + +******************************************************************************/ +int SSP_BcbHash(unsigned char *digest, unsigned long sz, unsigned char *data); +//int aesMmoHash(unsigned char *digest, unsigned long sz, unsigned char *data); +#endif // _USE_CERTICOM_HASH_ + +#endif //#ifndef _SSPHASH_H + +//eof sspHash.h diff --git a/digital/zigbit/bitcloud/stack/Components/Security/ServiceProvider/include/sspReset.h b/digital/zigbit/bitcloud/stack/Components/Security/ServiceProvider/include/sspReset.h new file mode 100644 index 00000000..165dcb71 --- /dev/null +++ b/digital/zigbit/bitcloud/stack/Components/Security/ServiceProvider/include/sspReset.h @@ -0,0 +1,34 @@ +/**************************************************************************//** + \file sspReset.h + + \brief Security Frame Processor reset routine header file. + + \author + Atmel Corporation: http://www.atmel.com \n + Support email: avr@atmel.com + + Copyright (c) 2008-2011, Atmel Corporation. All rights reserved. + Licensed under Atmel's Limited License Agreement (BitCloudTM). + + \internal + History: + 07/12/2007 - ALuzhetsky created. +******************************************************************************/ + +#ifndef _SSPRESET_H +#define _SSPRESET_H + +/****************************************************************************** + Includes section. +******************************************************************************/ + + +/****************************************************************************** + Functions' prototypes section. +******************************************************************************/ +void SSP_Init(void); + + +#endif //_SSPRESET_H + +// eof sspReset.h diff --git a/digital/zigbit/bitcloud/stack/Components/Security/ServiceProvider/include/sspSfp.h b/digital/zigbit/bitcloud/stack/Components/Security/ServiceProvider/include/sspSfp.h new file mode 100644 index 00000000..ac53c27d --- /dev/null +++ b/digital/zigbit/bitcloud/stack/Components/Security/ServiceProvider/include/sspSfp.h @@ -0,0 +1,203 @@ +/**************************************************************************//** + \file sspSfp.h + + \brief Security Frame Processor header file. + + \author + Atmel Corporation: http://www.atmel.com \n + Support email: avr@atmel.com + + Copyright (c) 2008-2011, Atmel Corporation. All rights reserved. + Licensed under Atmel's Limited License Agreement (BitCloudTM). + + \internal + History: + 2006 - VGribanovsky created. + 29/11/2007 - ALuzhetsky. +******************************************************************************/ + +#ifndef _SSPSFP_H +#define _SSPSFP_H + +/****************************************************************************** + Includes section. +******************************************************************************/ +#include +#include +#include + + +/****************************************************************************** + Definitions section. +******************************************************************************/ +#define SSP_MAX_AUXILIARY_HEADER_LENGTH 14 + +/**************************************************************************//** + \brief Possible key types. +******************************************************************************/ +enum +{ + SSP_DATA_KEY_ID = 0x00, + SSP_NETWORK_KEY_ID = 0x01, + SSP_KEY_TRANSPORT_KEY_ID = 0x02, + SSP_KEY_LOAD_KEY_ID = 0x03 +}; + +/**************************************************************************//** + \brief Possible levels of security. +******************************************************************************/ +enum +{ + SSP_NONE_SECURITY_LEVEL = 0x00, + SSP_MIC_32_SECURITY_LEVEL = 0x01, + SSP_MIC_64_SECURITY_LEVEL = 0x02, + SSP_MIC_128_SECURITY_LEVEL = 0x03, + SSP_ENC_SECURITY_LEVEL = 0x04, + SSP_ENC_MIC_32_SECURITY_LEVEL = 0x05, + SSP_ENC_MIC_64_SECURITY_LEVEL = 0x06, + SSP_ENC_MIC_128_SECURITY_LEVEL = 0x07 +}; + +/****************************************************************************** + Types' definition section. +******************************************************************************/ +/**************************************************************************//** + \brief Confirm parameters of SSP_EncryptFrame. +******************************************************************************/ +typedef struct +{ + //! Status of frame encoding. + SSP_Status_t status; +} SSP_EncryptFrameConf_t; + +typedef struct +{ + //! Status of frame encoding. + SSP_Status_t status; + + //! Type of the used key. + uint8_t keyIdentifier; +} SSP_DecryptFrameConf_t; + +/**************************************************************************//** + \brief Declaration of Encrypt Frame primitive's parameters structure. +******************************************************************************/ +typedef struct +{ + //! Service field - for internal needs. + SSP_Service_t service; + //! The sequence number of active network key in nwkSecurityMaterialSet. + uint8_t nwkActiveKeySeqNumber; + //! The actual value of the key. + const uint8_t *key/*[SECURITY_KEY_SIZE]*/; + //! Identifies the type of the key which is used to protect the frame. + uint8_t keyIdentifier; + //! Outgoing frame counter used only for outgoing frames. + uint32_t outFrameCounter; + //! The security level for outgoing and incoming NWK and APS frames. + uint8_t securityLevel; + //! Detects whether the extended address is present in the nonce or not. + bool extendedNoncePresent; + //! Extended (64-bit) device address responsible for securing of the frame. Should always be presented. + const ExtAddr_t *extAddr; + //! Layer protocol data unit pointer. There is should be allocated memory for auxiliary header before pdu. + uint8_t *pdu/*[headerLength + payloadLength]*/; + //! Length of the header. + uint8_t headerLength; + //! Payload length. + uint8_t payloadLength; + //! Security Service Provider SSP_EncryptFrame confirm parameters' structure. + SSP_EncryptFrameConf_t confirm; + //! Encrypt frame confirm callback function. + void (*SSP_EncryptFrameConf)(SSP_EncryptFrameConf_t *conf); +} SSP_EncryptFrameReq_t; + +/**************************************************************************//** + \brief Declaration of Encrypt Frame primitive's parameters structure. +******************************************************************************/ +typedef struct +{ + //! Service field - for internal needs. + SSP_Service_t service; + //! The actual value of the key. + const uint8_t *key/*[SECURITY_KEY_SIZE]*/; + //! The security level for outgoing and incoming NWK and APS frames. + uint8_t securityLevel; + //! Extended (64-bit) source device address. + const ExtAddr_t *extAddr; + //! Layer protocol data unit pointer. + uint8_t *pdu; + //! Length of the header. + uint8_t headerLength; + //! Payload length. + uint8_t payloadLength; + //! Enables a separate MIC check without payload decryption + // Payload actually will be decrypted, but decryption results + // will not overwrite original payload and they will be lost. + bool onlyMicCheck; + //! Encrypt frame confirm callback function. + void (*SSP_DecryptFrameConf)(SSP_DecryptFrameConf_t *conf); + //! Security Service Provider SSP_DecryptFrame confirm parameters' structure. + SSP_DecryptFrameConf_t confirm; +} SSP_DecryptFrameReq_t; + +/**************************************************************************//** + \brief Declaration of Parse Auxiliary Header primitive's parameters structure. +******************************************************************************/ +typedef struct +{ + //! Layer protocol data unit pointer - should be initialized by user. + uint8_t *pdu; + //! Length of the header. + uint8_t headerLength; + //! The sequence number of active network key in nwkSecurityMaterialSet. + //! This parameter will be initialized during ParseAuxiliaryHeader function executing. + uint8_t nwkActiveKeySeqNumber; + //! Received frame counter. + //! This parameter will be initialized during ParseAuxiliaryHeader function executing. + u32Packed_t *receivedFrameCounter; + //! Extended (64-bit) source device address. + //! This parameter will be initialized during ParseAuxiliaryHeader function executing. + u64Packed_t *sourceExtAddr; + //! Identifies the type of the key which is used to protect the frame. + uint8_t keyIdentifier; + //! Extended nonce presented flag + bool extendedNoncePresented; +} SSP_ParseAuxiliaryHeader_t; + + +/****************************************************************************** + Functions' prototypes section. +******************************************************************************/ +/**************************************************************************//** + Performs frame encrypting based on incoming parameters. + Parameters: + param - encrypt frame procedure parameters (for detailed description look at + SSP_EncryptFrameReq_t declaration). + Return: + none. +******************************************************************************/ +void SSP_EncryptFrameReq(SSP_EncryptFrameReq_t *param); + +/**************************************************************************//** + Performs frame decrypting based on incoming parameters. + Parameters: + param - decrypt frame procedure parameters (for detailed description look at + SSP_DecryptFrameReq_t declaration). + Return: + none. +******************************************************************************/ +void SSP_DecryptFrameReq(SSP_DecryptFrameReq_t *param); + +/**************************************************************************//** + Extracts parameters from secured frame auxiliary header. + Parameters: + param - parse frame procedure parameters (for detailed description look at + SSP_ParseAuxiliaryHeader_t declaration). + Return: + Auxiliary header length. +******************************************************************************/ +uint8_t SSP_ParseAuxiliaryHeader(SSP_ParseAuxiliaryHeader_t *param); + +#endif //_SSPSFP_H +// eof sspSfp.h diff --git a/digital/zigbit/bitcloud/stack/Components/Security/ServiceProvider/include/sspSkke.h b/digital/zigbit/bitcloud/stack/Components/Security/ServiceProvider/include/sspSkke.h new file mode 100644 index 00000000..788e50e7 --- /dev/null +++ b/digital/zigbit/bitcloud/stack/Components/Security/ServiceProvider/include/sspSkke.h @@ -0,0 +1,92 @@ +/**************************************************************************//** + \file sspSkke.h + + \brief Security-Key Key Esteblishment routine header file. + + \author + Atmel Corporation: http://www.atmel.com \n + Support email: avr@atmel.com + + Copyright (c) 2008-2011, Atmel Corporation. All rights reserved. + Licensed under Atmel's Limited License Agreement (BitCloudTM). + + \internal + History: + 29/11/07 ALuzhetsky - Created. +******************************************************************************/ +#ifndef _SSPSKKE_H +#define _SSPSKKE_H + +#ifdef _LINK_SECURITY_ +/****************************************************************************** + Includes section. +******************************************************************************/ +#include +#include +#include +#include + +/****************************************************************************** + Definitions section. +******************************************************************************/ + +/****************************************************************************** + Types' definition section. +******************************************************************************/ + +/**************************************************************************//** + \brief Declaration of CalculateSkkeParamsConf primitive parameters structure. +******************************************************************************/ +typedef struct +{ + //! Calculated MacTag1. + uint8_t macTag1[HASH_SIZE]; + //! Calculated MacTag2. + uint8_t macTag2[HASH_SIZE]; + //! Calculated keyData. + uint8_t keyData[HASH_SIZE]; +} SSP_CalculateSkkeParamsConf_t; + +/**************************************************************************//** + \brief Declaration of CalculateSkkeParamsReq primitive parameters structure. +******************************************************************************/ +typedef struct +{ + //! Service field - for internal needs. + SSP_Service_t service; + //! Extended address of the device which initiated SKKE procedure. + const uint64_t *initiatorIEEEAddr; + //! Extended address of the device which should response. + const uint64_t *responderIEEEAddr; + //! Preset key which should be known by both devices (initiator and responder). + uint8_t *masterKey/*[SECURITY_KEY_SIZE]*/; + //! Initiator challenge sequence (just 128-bit random number). + uint8_t qeu[CHALLENGE_SEQUENCE_SIZE]; + //! Responder challenge sequence (just 128-bit random number). + uint8_t qev[CHALLENGE_SEQUENCE_SIZE]; + //! Security Service Provider CalculateSkkeParams confirm callback function's pointer. + void (*SSP_CalculateSkkeParamsConf)(SSP_CalculateSkkeParamsConf_t *conf); + //! Security Service Provider CalculateSkkeParams confirm parameters' structure. + SSP_CalculateSkkeParamsConf_t confirm; +} SSP_CalculateSkkeParamsReq_t; + +/****************************************************************************** + Prototypes section. +******************************************************************************/ +/******************************************************************************* + Performs calculation of the parameters for Symmetric key key establishment + procedure. + Parameters: + param - SKKE procedure parameters (for detailed description look at + SSP_CalculateSkkeParamsReq_t declaration). + Return: + none. +********************************************************************************/ +void SSP_CalculateSkkeParamsReq(SSP_CalculateSkkeParamsReq_t *param); + +#endif // _LINK_SECURITY_ + +#endif //_SSPSKKE_H + +// eof sspSkke.h + -- cgit v1.2.3