summaryrefslogtreecommitdiff
path: root/cesar/cp/secu/secu.h
diff options
context:
space:
mode:
Diffstat (limited to 'cesar/cp/secu/secu.h')
-rw-r--r--cesar/cp/secu/secu.h131
1 files changed, 131 insertions, 0 deletions
diff --git a/cesar/cp/secu/secu.h b/cesar/cp/secu/secu.h
new file mode 100644
index 0000000000..6d1f614a8b
--- /dev/null
+++ b/cesar/cp/secu/secu.h
@@ -0,0 +1,131 @@
+/* Cesar project {{{
+ *
+ * Copyright (C) 2007 Spidcom
+ *
+ * <<<Licence>>>
+ *
+ * }}} */
+/**
+ * \file cp/secu/seculib.h
+ * \brief All functions related to keys, protocolrun and security
+ * \ingroup cp_secu
+ */
+
+#ifndef seculib__h__
+#define seculib__h__
+
+#include <stdio.h>
+#include <stdlib.h>
+
+#include "cp/secu/inc/secu_types.h"
+#include "cp/secu/inc/secu_pbkdf1.h"
+#include "cp/secu/inc/secu_p_run.h"
+
+/**
+ * initialize the secu module
+ * \param ctx the security context
+ */
+void
+secu_init (cp_secu_t *ctx);
+
+/**
+ * Uninitialize the security layer
+ *
+ * \param ctx the security context
+ */
+void
+secu_uninit (cp_secu_t *ctx);
+
+/**
+ * hash data or password.
+ * \param pwd_type the input or password type (DPW, NMK, NPW)
+ * \param in input or password to hash
+ * \param in_len input or password length
+ * \param key obtained key from input or password
+ * \return error code or 0 if success
+ */
+E_ErrCode
+secu_hash (pwd_type_t pwd_type, u8 in[], int in_len, u8 out[]);
+
+/**
+ * AES key generation
+ * \param key generated key, AES_KEY_SIZE (in bytes)
+ * \return error code or 0 if success
+ */
+E_ErrCode
+secu_gen_aes_key (u8 key[]);
+
+/**
+ * return the ek for the given peks
+ * \param peks the peks
+ * \param tei tei of the station (only if peks == PEKS_DESTINATION_STA_DAK)
+ * \return the key
+ */
+aes_key_t *
+secu_get_ek_from_peks(const peks_t peks, const tei_t tei);
+
+void
+secu_set_sta_s_dak(const tei_t, const aes_key_t dak);
+
+
+/*
+ * Hash a 128 bits NMK key to generate a 54 bits NID
+ * conforming to the security level specified.
+ * \param nmk, the NMK buffer pointer (input)
+ * \param security_level, the station security-level
+ * \param nid, the NID buffer pointer (output)
+ * \return E_ErrCode, return code (0 if success)
+ */
+E_ErrCode secu_nmk2nid(u8 *nmk, u8 security_level, u8 *nid);
+
+/*
+ * Hash a NPW password (1 to 64 chars in the 0x20-0x7F standard ASCII interval)
+ * to generate a 16 octets (128 bits) NMK key.
+ * \param npw,the NPW buffer pointer (input)
+ * \param nmk, the NMK buffer pointer (output)
+ * \return E_ErrCode, return code (0 if success)
+ */
+E_ErrCode secu_npw2nmk(char *npw, u8 *nmk);
+
+/**
+ * Get Key being changed.
+ * 0 for a frame level encryption key NEK.
+ * 1 for a payload encryption key.
+ *
+ * \param ctx the security context.
+ * \return the boolean value
+ */
+bool
+secu_get_kbc (cp_secu_t *ctx);
+
+/**
+ * Get Key being changed.
+ * 0 for a frame level encryption key NEK.
+ * 1 for a payload encryption key.
+ *
+ * \param ctx the security context.
+ * \return the boolean value
+ */
+bool
+cp_secu_get_kbc (cp_secu_t *ctx);
+
+/**
+ * Get the new EKS for the next beacon period.
+ *
+ * \param ctx the security context
+ * \return the eks value.
+ */
+u8
+secu_get_eks (cp_secu_t *ctx);
+
+/**
+ * Get the new EKS for the next beacon period.
+ *
+ * \param ctx the security context
+ * \return the eks value.
+ */
+u8
+cp_secu_get_eks (cp_secu_t *ctx);
+
+#endif
+