/**************************************************************************//** \file apsAuthenticate.h \brief Private interface of APS Authentication. \author Atmel Corporation: http://www.atmel.com \n Support email: avr@atmel.com Copyright (c) 2008-2011, Atmel Corporation. All rights reserved. Licensed under Atmel's Limited License Agreement (BitCloudTM). \internal History: 2010-12-18 Max Gekk - Created. Last change: $Id: apsAuthenticate.h 17813 2011-07-04 14:11:12Z dloskutnikov $ ******************************************************************************/ #if !defined _APS_AUTHENTICATE_H #define _APS_AUTHENTICATE_H /****************************************************************************** Includes section ******************************************************************************/ #include #include #if defined _SECURITY_ && defined _LINK_SECURITY_ #include #include /****************************************************************************** Types section ******************************************************************************/ BEGIN_PACK /** Type of entity authentication initiator or responder challenge frame. */ typedef struct PACK _ApsAuthChallengeFrame_t { ApduCommandHeader_t header; /** The KeyType field is 1 octet in length and shall be set to one of * the non-reserved values in Table 4.35. See ZigBee spec r19, 4.4.9.7.1.2.1, * page 485 and 4.4.9.7.2.2.1, page 486. Valid values: * \li 0x00 - Active network key. * \li 0x01 - Link key shared between initiator and responder. * \note Value 0x01 is not supported. */ uint8_t keyType; /** The KeySeqNumber sub-field shall be set to the key sequence number of * the active network key. See ZigBee spec r19, 4.4.9.7.1.2.2, page 485 * and 4.4.9.7.2.2.2, page 486. */ uint8_t keySeqNumber; /** The initiator field shall be set to the 64-bit extended address of * the device that acts as the initiator of the scheme. See ZigBee spec r19, * 4.4.9.7.1.3, page 485 and 4.4.9.7.2.3, page 486. */ uint8_t initiator[sizeof(ExtAddr_t)]; /** The responder field shall be set to the 64-bit extended address of * the device that acts as the responder to the scheme. See ZigBee spec r19, * 4.4.9.7.1.4, page 485 and 4.4.9.7.2.4, page 486. */ uint8_t responder[sizeof(ExtAddr_t)]; /** The challenge field shall be the octet representation of the challenge QEU * generated by the initiator during action step 1 of sub-clause B.8.1. * See ZigBee spec r19, 4.4.9.7.1.5, page 485 and 4.4.9.7.2.5, page 486. */ uint8_t challenge[CHALLENGE_SEQUENCE_SIZE]; } ApsAuthChallengeFrame_t; /** Type of entity authentication MAC and data frame. */ typedef struct PACK _ApsAuthMACandDataFrame_t { ApduCommandHeader_t header; /** The MAC field shall be the octet representation of the string MacTag2 * (MacTag1) generated by the initiator (responder) during action step 4 (8) * of sub-clause B.8.1 (B.8.2). See ZigBee Specification r19, 4.4.9.7.3.2, * page 487 and 4.4.9.7.4.2, page 488. */ uint8_t mac[HASH_SIZE]; /** The DataType field shall be set to 0x00 to indicate the frame counter * associated with the active network key. ZigBee spec r19, 4.4.9.7.3.3. */ uint8_t dataType; /** The Data field shall be octet representation of the string Text2 or Text1, * i.e. the frame counter associated with the active network key. See ZigBee * Specification r19, 4.4.9.7.3.4, page 487 and 4.4.9.7.4.4, page 488. */ uint32_t data; } ApsAuthMACandDataFrame_t; END_PACK /** Values of keyType subfield. See ZigBee spec r19, Table 4.35. */ typedef enum _ApsAuthChallengeKeyType_t { APS_AUTH_ACTIVE_NETWORK_KEY_TYPE = 0x00, APS_AUTH_LINK_KEY_TYPE = 0x01 } ApsAuthChallengeKeyType_t; /****************************************************************************** Prototypes section ******************************************************************************/ /**************************************************************************//** \brief Main task handler of the authentication component. ******************************************************************************/ APS_PRIVATE void apsAuthReqTaskHandler(void); #if defined _HI_SECURITY_ /**************************************************************************//** \brief Reset all internal queues and variables of authentication component. ******************************************************************************/ APS_PRIVATE void apsAuthReset(void); /**************************************************************************//** \brief Entity authentication challenge was received from responder. Find original APSME-AUTHENTICATE.request and perform steps 4 and 5 from ZigBee Specification r19, section B.8.1, page 540. \param[in] commandInd - parameters of the received command. \return 'true' if memory for NWK_DataInd_t is unused by authentic component. ******************************************************************************/ APS_PRIVATE bool apsAuthInitiatorChallengeInd(const ApsCommandInd_t *const commandInd); /**************************************************************************//** \brief Entity authentication challenge was received from initiator. \param[in] commandInd - pointer to parameters of received authentication frame. \return 'true' if memory for NWK_DataInd_t is unused by authentic component. ******************************************************************************/ APS_PRIVATE bool apsAuthResponderChallengeInd(const ApsCommandInd_t *const commandInd); /**************************************************************************//** \brief Entity authentication MAC and Data was received from initiator. \param[in] commandInd - pointer to parameters of received authentication frame. \return 'true' if memory for NWK_DataInd_t is unused by authentic component. ******************************************************************************/ APS_PRIVATE bool apsAuthResponderMACandDataInd(const ApsCommandInd_t *const commandInd); /**************************************************************************//** \brief Entity authentication MAC and Data was received from responder. \param[in] commandInd - pointer to parameters of received authentication frame. \return 'true' if memory for NWK_DataInd_t is unused by authentic component. ******************************************************************************/ APS_PRIVATE bool apsAuthInitiatorMACandDataInd(const ApsCommandInd_t *const commandInd); #else /* not _HI_SECURITY_ */ #define apsAuthReset() (void)0 #endif /* _HI_SECURITY_ */ #else #define apsAuthReqTaskHandler NULL #endif /* _SECURITY_ and _LINK_SECURITY_ */ #if !defined _HI_SECURITY_ || !defined _SECURITY_ || !defined _LINK_SECURITY_ #define apsAuthInitiatorChallengeInd NULL #define apsAuthResponderChallengeInd NULL #define apsAuthResponderMACandDataInd NULL #define apsAuthInitiatorMACandDataInd NULL #endif #endif /* _APS_AUTHENTICATE_H */ /** eof apsAuthenticate.h */