diff --git a/core/lib/ccm-star.c b/core/lib/ccm-star.c index 537d341e1..4cc8723a1 100644 --- a/core/lib/ccm-star.c +++ b/core/lib/ccm-star.c @@ -48,14 +48,11 @@ /*---------------------------------------------------------------------------*/ static void -set_nonce(uint8_t *iv, +set_iv(uint8_t *iv, uint8_t flags, const uint8_t *nonce, uint8_t counter) { - /* 1 byte|| 8 bytes || 4 bytes || 1 byte || 2 bytes */ - /* flags || extended_source_address || frame_counter || sec_lvl || counter */ - iv[0] = flags; memcpy(iv + 1, nonce, CCM_STAR_NONCE_LENGTH); iv[14] = 0; @@ -73,7 +70,7 @@ ctr_step(const uint8_t *nonce, uint8_t a[AES_128_BLOCK_SIZE]; uint8_t i; - set_nonce(a, CCM_STAR_ENCRYPTION_FLAGS, nonce, counter); + set_iv(a, CCM_STAR_ENCRYPTION_FLAGS, nonce, counter); AES_128.encrypt(a); for(i = 0; (pos + i < m_len) && (i < AES_128_BLOCK_SIZE); i++) { @@ -82,9 +79,9 @@ ctr_step(const uint8_t *nonce, } /*---------------------------------------------------------------------------*/ static void -mic(const uint8_t *m, uint8_t m_len, - const uint8_t *nonce, - const uint8_t *a, uint8_t a_len, +mic(const uint8_t *nonce, + const uint8_t *m, uint8_t m_len, + const uint8_t *a, uint8_t a_len, uint8_t *result, uint8_t mic_len) { @@ -92,10 +89,10 @@ mic(const uint8_t *m, uint8_t m_len, uint8_t pos; uint8_t i; - set_nonce(x, CCM_STAR_AUTH_FLAGS(a_len, mic_len), nonce, m_len); + set_iv(x, CCM_STAR_AUTH_FLAGS(a_len, mic_len), nonce, m_len); AES_128.encrypt(x); - if(a_len > 0) { + if(a_len) { x[1] = x[1] ^ a_len; for(i = 2; (i - 2 < a_len) && (i < AES_128_BLOCK_SIZE); i++) { x[i] ^= a[i - 2]; @@ -113,7 +110,7 @@ mic(const uint8_t *m, uint8_t m_len, } } - if(m_len > 0) { + if(m_len) { pos = 0; while(pos < m_len) { for(i = 0; (pos + i < m_len) && (i < AES_128_BLOCK_SIZE); i++) { @@ -130,7 +127,7 @@ mic(const uint8_t *m, uint8_t m_len, } /*---------------------------------------------------------------------------*/ static void -ctr(uint8_t *m, uint8_t m_len, const uint8_t* nonce) +ctr(const uint8_t *nonce, uint8_t *m, uint8_t m_len) { uint8_t pos; uint8_t counter; @@ -143,13 +140,38 @@ ctr(uint8_t *m, uint8_t m_len, const uint8_t* nonce) } } /*---------------------------------------------------------------------------*/ -static void set_key(const uint8_t *key) { - AES_128.set_key((uint8_t*)key); +static void +set_key(const uint8_t *key) +{ + AES_128.set_key(key); +} +/*---------------------------------------------------------------------------*/ +static void +aead(const uint8_t* nonce, + uint8_t* m, uint8_t m_len, + const uint8_t* a, uint8_t a_len, + uint8_t *result, uint8_t mic_len, + int forward) +{ + if(!forward) { + /* decrypt */ + ctr(nonce, m, m_len); + } + + mic(nonce, + m, m_len, + a, a_len, + result, + mic_len); + + if(forward) { + /* encrypt */ + ctr(nonce, m, m_len); + } } /*---------------------------------------------------------------------------*/ const struct ccm_star_driver ccm_star_driver = { - mic, - ctr, - set_key + set_key, + aead }; /*---------------------------------------------------------------------------*/ diff --git a/core/lib/ccm-star.h b/core/lib/ccm-star.h index f0394e4ae..06296fb44 100644 --- a/core/lib/ccm-star.h +++ b/core/lib/ccm-star.h @@ -55,34 +55,26 @@ */ struct ccm_star_driver { - /** - * \brief Generates a MIC over the data supplied. - * \param data The data buffer to read. - * \param data_length The data buffer length. - * \param nonce The nonce to use. CCM_STAR_NONCE_LENGTH bytes long. - * \param result The generated MIC will be put here - * \param mic_len The size of the MIC to be generated. <= 16. - */ - void (* mic)(const uint8_t* data, uint8_t data_length, - const uint8_t* nonce, - const uint8_t* add, uint8_t add_len, - uint8_t *result, - uint8_t mic_len); - /** - * \brief XORs the frame in the packetbuf with the key stream. - * \param data The data buffer to read. - * \param data_length The data buffer length. - * \param nonce The nonce to use. CCM_STAR_NONCE_LENGTH bytes long. - */ - void (* ctr)( uint8_t* data, uint8_t data_length, - const uint8_t* nonce); - - /** - * \brief Sets the key in use. Default implementation calls AES_128.set_key() - * \param key The key to use. + * \brief Sets the key in use. Default implementation calls AES_128.set_key(). + * \param key The key to use. */ void (* set_key)(const uint8_t* key); + + /** + * \brief Combines authentication and encryption. + * \param nonce The nonce to use. CCM_STAR_NONCE_LENGTH bytes long. + * \param m message to encrypt or decrypt + * \param a Additional authenticated data + * \param result The generated MIC will be put here + * \param mic_len The size of the MIC to be generated. <= 16. + * \param forward != 0 if used in forward direction. + */ + void (* aead)(const uint8_t* nonce, + uint8_t* m, uint8_t m_len, + const uint8_t* a, uint8_t a_len, + uint8_t *result, uint8_t mic_len, + int forward); }; extern const struct ccm_star_driver CCM_STAR; diff --git a/core/net/ipv6/sicslowpan.c b/core/net/ipv6/sicslowpan.c index a19f758fc..3e64c4155 100644 --- a/core/net/ipv6/sicslowpan.c +++ b/core/net/ipv6/sicslowpan.c @@ -1443,7 +1443,7 @@ output(const uip_lladdr_t *localdest) #else /* USE_FRAMER_HDRLEN */ framer_hdrlen = 21; #endif /* USE_FRAMER_HDRLEN */ - max_payload = MAC_MAX_PAYLOAD - framer_hdrlen - NETSTACK_LLSEC.get_overhead(); + max_payload = MAC_MAX_PAYLOAD - framer_hdrlen; if((int)uip_len - (int)uncomp_hdr_len > max_payload - (int)packetbuf_hdr_len) { #if SICSLOWPAN_CONF_FRAG diff --git a/core/net/llsec/ccm-star-packetbuf.c b/core/net/llsec/ccm-star-packetbuf.c index 08087398e..61e681b1c 100644 --- a/core/net/llsec/ccm-star-packetbuf.c +++ b/core/net/llsec/ccm-star-packetbuf.c @@ -1,52 +1,78 @@ +/* + * Copyright (c) 2013, Hasso-Plattner-Institut. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * This file is part of the Contiki operating system. + * + */ + /** * \file * CCM* convenience functions for LLSEC use * \author * Justin King-Lacroix + * Konrad Krentz */ -#include "lib/ccm-star.h" +#include "llsec/ccm-star-packetbuf.h" +#include "net/linkaddr.h" #include "net/packetbuf.h" #include /*---------------------------------------------------------------------------*/ -void ccm_star_mic_packetbuf(const uint8_t *extended_source_address, - uint8_t *result, - uint8_t mic_len) +static const uint8_t * +get_extended_address(const linkaddr_t *addr) +#if LINKADDR_SIZE == 2 { - uint8_t *dataptr = packetbuf_dataptr(); - uint8_t data_len = packetbuf_datalen(); - uint8_t *headerptr = packetbuf_hdrptr(); - uint8_t header_len = packetbuf_hdrlen(); - uint8_t nonce[CCM_STAR_NONCE_LENGTH]; + /* workaround for short addresses: derive EUI64 as in RFC 6282 */ + static linkaddr_extended_t template = { { 0x00 , 0x00 , 0x00 , + 0xFF , 0xFE , 0x00 , 0x00 , 0x00 } }; - memcpy(nonce, extended_source_address, 8); + template.u16[3] = LLSEC802154_HTONS(addr->u16); + + return template.u8; +} +#else /* LINKADDR_SIZE == 2 */ +{ + return addr->u8; +} +#endif /* LINKADDR_SIZE == 2 */ +/*---------------------------------------------------------------------------*/ +void +ccm_star_packetbuf_set_nonce(uint8_t *nonce, int forward) +{ + const linkaddr_t *source_addr; + + source_addr = forward ? &linkaddr_node_addr : packetbuf_addr(PACKETBUF_ADDR_SENDER); + memcpy(nonce, get_extended_address(source_addr), 8); nonce[8] = packetbuf_attr(PACKETBUF_ATTR_FRAME_COUNTER_BYTES_2_3) >> 8; nonce[9] = packetbuf_attr(PACKETBUF_ATTR_FRAME_COUNTER_BYTES_2_3) & 0xff; nonce[10] = packetbuf_attr(PACKETBUF_ATTR_FRAME_COUNTER_BYTES_0_1) >> 8; nonce[11] = packetbuf_attr(PACKETBUF_ATTR_FRAME_COUNTER_BYTES_0_1) & 0xff; nonce[12] = packetbuf_attr(PACKETBUF_ATTR_SECURITY_LEVEL); - - if(packetbuf_attr(PACKETBUF_ATTR_SECURITY_LEVEL) & (1 << 2)) { - CCM_STAR.mic(dataptr, data_len, nonce, headerptr, header_len, result, mic_len); - } else { - CCM_STAR.mic(dataptr, 0, nonce, headerptr, packetbuf_totlen(), result, mic_len); - } -} -/*---------------------------------------------------------------------------*/ -void ccm_star_ctr_packetbuf(const uint8_t *extended_source_address) -{ - uint8_t *dataptr = packetbuf_dataptr(); - uint8_t data_len = packetbuf_datalen(); - uint8_t nonce[CCM_STAR_NONCE_LENGTH]; - - memcpy(nonce, extended_source_address, 8); - nonce[8] = packetbuf_attr(PACKETBUF_ATTR_FRAME_COUNTER_BYTES_2_3) >> 8; - nonce[9] = packetbuf_attr(PACKETBUF_ATTR_FRAME_COUNTER_BYTES_2_3) & 0xff; - nonce[10] = packetbuf_attr(PACKETBUF_ATTR_FRAME_COUNTER_BYTES_0_1) >> 8; - nonce[11] = packetbuf_attr(PACKETBUF_ATTR_FRAME_COUNTER_BYTES_0_1) & 0xff; - nonce[12] = packetbuf_attr(PACKETBUF_ATTR_SECURITY_LEVEL); - - CCM_STAR.ctr(dataptr, data_len, nonce); } /*---------------------------------------------------------------------------*/ diff --git a/core/net/llsec/ccm-star-packetbuf.h b/core/net/llsec/ccm-star-packetbuf.h index 3b6c43472..dcbe6c4db 100644 --- a/core/net/llsec/ccm-star-packetbuf.h +++ b/core/net/llsec/ccm-star-packetbuf.h @@ -1,24 +1,48 @@ +/* + * Copyright (c) 2013, Hasso-Plattner-Institut. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * This file is part of the Contiki operating system. + * + */ + /** * \file * CCM* convenience functions for MAC security * \author * Justin King-Lacroix + * Konrad Krentz */ #ifndef CCM_STAR_PACKETBUF_H_ #define CCM_STAR_PACKETBUF_H_ -/** - * \brief Calls CCM_STAR.mic with parameters appropriate for LLSEC. - */ -void ccm_star_mic_packetbuf(const uint8_t *extended_source_address, - uint8_t *result, - uint8_t mic_len); +#include "lib/ccm-star.h" -/** - * \brief Calls CCM_STAR.ctr with parameters appropriate for LLSEC. - */ -void ccm_star_ctr_packetbuf(const uint8_t *extended_source_address); +void ccm_star_packetbuf_set_nonce(uint8_t *nonce, int forward); #endif /* CCM_STAR_PACKETBUF_H_ */ - diff --git a/core/net/llsec/llsec.h b/core/net/llsec/llsec.h index 7b3c8a1b2..b0d983cc3 100644 --- a/core/net/llsec/llsec.h +++ b/core/net/llsec/llsec.h @@ -48,10 +48,6 @@ * for incoming packets. Likewise, all NETSTACK_NETWORK protocols * invoke NETSTACK_LLSEC.send(...) for outgoing packets. * - * The bootstrap function of llsec_drivers can be used to defer the start - * of upper layers so as to bootstrap pairwise keys. Only contiki-sky-main.c - * supports this at the moment. - * * @{ */ @@ -60,35 +56,23 @@ #include "net/mac/mac.h" -typedef void (* llsec_on_bootstrapped_t)(void); - /** * The structure of a link layer security driver. */ struct llsec_driver { char *name; - /** Bootstraps link layer security and thereafter starts upper layers. */ - void (* bootstrap)(llsec_on_bootstrapped_t on_bootstrapped); + /** Inits link layer security. */ + void (* init)(void); /** Secures outgoing frames before passing them to NETSTACK_MAC. */ void (* send)(mac_callback_t sent_callback, void *ptr); - /** - * Once the NETSTACK_FRAMER wrote the headers, the LLSEC driver - * can generate a MIC over the entire frame. - * \return Returns != 0 <-> success - */ - int (* on_frame_created)(void); - /** * Decrypts incoming frames; * filters out injected or replayed frames. */ void (* input)(void); - - /** Returns the security-related overhead per frame in bytes */ - uint8_t (* get_overhead)(void); }; #endif /* LLSEC_H_ */ diff --git a/core/net/llsec/noncoresec/noncoresec.c b/core/net/llsec/noncoresec/noncoresec.c index e62ad2725..e18a7d734 100644 --- a/core/net/llsec/noncoresec/noncoresec.c +++ b/core/net/llsec/noncoresec/noncoresec.c @@ -47,6 +47,7 @@ #include "net/llsec/llsec802154.h" #include "net/llsec/ccm-star-packetbuf.h" #include "net/mac/frame802154.h" +#include "net/mac/framer-802154.h" #include "net/netstack.h" #include "net/packetbuf.h" #include "net/nbr-table.h" @@ -80,81 +81,109 @@ static uint8_t key[16] = NONCORESEC_KEY; NBR_TABLE(struct anti_replay_info, anti_replay_table); /*---------------------------------------------------------------------------*/ -static const uint8_t * -get_extended_address(const linkaddr_t *addr) -#if LINKADDR_SIZE == 2 +static int +aead(uint8_t hdrlen, int forward) { - /* workaround for short addresses: derive EUI64 as in RFC 6282 */ - static linkaddr_extended_t template = { { 0x00 , 0x00 , 0x00 , - 0xFF , 0xFE , 0x00 , 0x00 , 0x00 } }; + uint8_t totlen; + uint8_t nonce[CCM_STAR_NONCE_LENGTH]; + uint8_t *m; + uint8_t m_len; + uint8_t *a; + uint8_t a_len; + uint8_t *result; + uint8_t generated_mic[LLSEC802154_MIC_LENGTH]; + uint8_t *mic; - template.u16[3] = LLSEC802154_HTONS(addr->u16); + ccm_star_packetbuf_set_nonce(nonce, forward); + totlen = packetbuf_totlen(); + a = packetbuf_hdrptr(); +#if WITH_ENCRYPTION + a_len = hdrlen; + m = a + a_len; + m_len = totlen - hdrlen; +#else /* WITH_ENCRYPTION */ + a_len = totlen; + m = NULL; + m_len = 0; +#endif /* WITH_ENCRYPTION */ - return template.u8; + mic = a + totlen; + result = forward ? mic : generated_mic; + + CCM_STAR.aead(nonce, + m, m_len, + a, a_len, + result, LLSEC802154_MIC_LENGTH, + forward); + + if(forward) { + packetbuf_set_datalen(packetbuf_datalen() + LLSEC802154_MIC_LENGTH); + return 1; + } else { + return (memcmp(generated_mic, mic, LLSEC802154_MIC_LENGTH) == 0); + } } -#else /* LINKADDR_SIZE == 2 */ +/*---------------------------------------------------------------------------*/ +static void +add_security_header(void) { - return addr->u8; + if(!packetbuf_attr(PACKETBUF_ATTR_SECURITY_LEVEL)) { + packetbuf_set_attr(PACKETBUF_ATTR_FRAME_TYPE, FRAME802154_DATAFRAME); + packetbuf_set_attr(PACKETBUF_ATTR_SECURITY_LEVEL, LLSEC802154_SECURITY_LEVEL); + anti_replay_set_counter(); + } } -#endif /* LINKADDR_SIZE == 2 */ /*---------------------------------------------------------------------------*/ static void send(mac_callback_t sent, void *ptr) { - packetbuf_set_attr(PACKETBUF_ATTR_FRAME_TYPE, FRAME802154_DATAFRAME); - packetbuf_set_attr(PACKETBUF_ATTR_SECURITY_LEVEL, LLSEC802154_SECURITY_LEVEL); - anti_replay_set_counter(); NETSTACK_MAC.send(sent, ptr); } /*---------------------------------------------------------------------------*/ static int -on_frame_created(void) +create(void) { - uint8_t *dataptr = packetbuf_dataptr(); - uint8_t data_len = packetbuf_datalen(); - - ccm_star_mic_packetbuf(get_extended_address(&linkaddr_node_addr), dataptr + data_len, LLSEC802154_MIC_LENGTH); -#if WITH_ENCRYPTION - ccm_star_ctr_packetbuf(get_extended_address(&linkaddr_node_addr)); -#endif /* WITH_ENCRYPTION */ - packetbuf_set_datalen(data_len + LLSEC802154_MIC_LENGTH); + int result; - return 1; + add_security_header(); + result = framer_802154.create(); + if(result == FRAMER_FAILED) { + return result; + } + + aead(result, 1); + + return result; } /*---------------------------------------------------------------------------*/ -static void -input(void) +static int +parse(void) { - uint8_t generated_mic[LLSEC802154_MIC_LENGTH]; - uint8_t *received_mic; + int result; const linkaddr_t *sender; struct anti_replay_info* info; - uint8_t *dataptr = packetbuf_dataptr(); - uint8_t data_len = packetbuf_datalen(); + + result = framer_802154.parse(); + if(result == FRAMER_FAILED) { + return result; + } if(packetbuf_attr(PACKETBUF_ATTR_SECURITY_LEVEL) != LLSEC802154_SECURITY_LEVEL) { PRINTF("noncoresec: received frame with wrong security level\n"); - return; + return FRAMER_FAILED; } sender = packetbuf_addr(PACKETBUF_ADDR_SENDER); if(linkaddr_cmp(sender, &linkaddr_node_addr)) { PRINTF("noncoresec: frame from ourselves\n"); - return; + return FRAMER_FAILED; } - data_len -= LLSEC802154_MIC_LENGTH; - packetbuf_set_datalen(data_len); + packetbuf_set_datalen(packetbuf_datalen() - LLSEC802154_MIC_LENGTH); -#if WITH_ENCRYPTION - ccm_star_ctr_packetbuf(get_extended_address(sender)); -#endif /* WITH_ENCRYPTION */ - ccm_star_mic_packetbuf(get_extended_address(sender), generated_mic, LLSEC802154_MIC_LENGTH); - - received_mic = dataptr + data_len; - if(memcmp(generated_mic, received_mic, LLSEC802154_MIC_LENGTH) != 0) { - PRINTF("noncoresec: received nonauthentic frame %"PRIu32"\n", + if(!aead(result, 0)) { + PRINTF("noncoresec: received unauthentic frame %"PRIu32"\n", anti_replay_get_counter()); - return; + return FRAMER_FAILED; } info = nbr_table_get_from_lladdr(anti_replay_table, sender); @@ -162,7 +191,7 @@ input(void) info = nbr_table_add_lladdr(anti_replay_table, sender); if(!info) { PRINTF("noncoresec: could not get nbr_table_item\n"); - return; + return FRAMER_FAILED; } /* @@ -179,7 +208,7 @@ input(void) if(!nbr_table_lock(anti_replay_table, info)) { nbr_table_remove(anti_replay_table, info); PRINTF("noncoresec: could not lock\n"); - return; + return FRAMER_FAILED; } anti_replay_init_info(info); @@ -187,34 +216,44 @@ input(void) if(anti_replay_was_replayed(info)) { PRINTF("noncoresec: received replayed frame %"PRIu32"\n", anti_replay_get_counter()); - return; + return FRAMER_FAILED; } } - NETSTACK_NETWORK.input(); -} -/*---------------------------------------------------------------------------*/ -static uint8_t -get_overhead(void) -{ - return SECURITY_HEADER_LENGTH + LLSEC802154_MIC_LENGTH; + return result; } /*---------------------------------------------------------------------------*/ static void -bootstrap(llsec_on_bootstrapped_t on_bootstrapped) +input(void) +{ + NETSTACK_NETWORK.input(); +} +/*---------------------------------------------------------------------------*/ +static int +length(void) +{ + add_security_header(); + return framer_802154.length() + LLSEC802154_MIC_LENGTH; +} +/*---------------------------------------------------------------------------*/ +static void +init(void) { CCM_STAR.set_key(key); nbr_table_register(anti_replay_table, NULL); - on_bootstrapped(); } /*---------------------------------------------------------------------------*/ const struct llsec_driver noncoresec_driver = { "noncoresec", - bootstrap, + init, send, - on_frame_created, - input, - get_overhead + input +}; +/*---------------------------------------------------------------------------*/ +const struct framer noncoresec_framer = { + length, + create, + parse }; /*---------------------------------------------------------------------------*/ diff --git a/core/net/llsec/noncoresec/noncoresec.h b/core/net/llsec/noncoresec/noncoresec.h index 1e2172590..c5fe3d43f 100644 --- a/core/net/llsec/noncoresec/noncoresec.h +++ b/core/net/llsec/noncoresec/noncoresec.h @@ -56,6 +56,7 @@ #include "net/llsec/llsec.h" extern const struct llsec_driver noncoresec_driver; +extern const struct framer noncoresec_framer; #endif /* NONCORESEC_H_ */ diff --git a/core/net/llsec/nullsec.c b/core/net/llsec/nullsec.c index f419cd7f7..e4bd4ca2d 100644 --- a/core/net/llsec/nullsec.c +++ b/core/net/llsec/nullsec.c @@ -49,9 +49,9 @@ /*---------------------------------------------------------------------------*/ static void -bootstrap(llsec_on_bootstrapped_t on_bootstrapped) +init(void) { - on_bootstrapped(); + } /*---------------------------------------------------------------------------*/ static void @@ -61,31 +61,17 @@ send(mac_callback_t sent, void *ptr) NETSTACK_MAC.send(sent, ptr); } /*---------------------------------------------------------------------------*/ -static int -on_frame_created(void) -{ - return 1; -} -/*---------------------------------------------------------------------------*/ static void input(void) { NETSTACK_NETWORK.input(); } /*---------------------------------------------------------------------------*/ -static uint8_t -get_overhead(void) -{ - return 0; -} -/*---------------------------------------------------------------------------*/ const struct llsec_driver nullsec_driver = { "nullsec", - bootstrap, + init, send, - on_frame_created, - input, - get_overhead + input }; /*---------------------------------------------------------------------------*/ diff --git a/core/net/mac/contikimac/contikimac-framer.c b/core/net/mac/contikimac/contikimac-framer.c index 0a47866f9..b25aa2e45 100644 --- a/core/net/mac/contikimac/contikimac-framer.c +++ b/core/net/mac/contikimac/contikimac-framer.c @@ -73,6 +73,8 @@ extern const struct framer DECORATED_FRAMER; #define PRINTF(...) #endif +static void pad(void); + /* 2-byte header for recovering padded packets. Wireshark will not understand such packets at present. */ struct hdr { @@ -99,7 +101,8 @@ create(void) } chdr = packetbuf_hdrptr(); chdr->id = CONTIKIMAC_ID; - chdr->len = 0; + chdr->len = packetbuf_datalen(); + pad(); hdr_len = DECORATED_FRAMER.create(); if(hdr_len < 0) { @@ -107,6 +110,8 @@ create(void) return FRAMER_FAILED; } + packetbuf_compact(); + return hdr_len + sizeof(struct hdr); } /*---------------------------------------------------------------------------*/ @@ -117,7 +122,7 @@ pad(void) uint8_t *ptr; uint8_t zeroes_count; - transmit_len = packetbuf_totlen(); + transmit_len = packetbuf_totlen() + hdr_length(); if(transmit_len < SHORTEST_PACKET_SIZE) { /* Padding required */ zeroes_count = SHORTEST_PACKET_SIZE - transmit_len; @@ -128,30 +133,6 @@ pad(void) } /*---------------------------------------------------------------------------*/ static int -create_and_secure(void) -{ - struct hdr *chdr; - int hdr_len; - - hdr_len = create(); - if(hdr_len < 0) { - return FRAMER_FAILED; - } - - packetbuf_compact(); - if(!NETSTACK_LLSEC.on_frame_created()) { - PRINTF("contikimac-framer: securing failed\n"); - return FRAMER_FAILED; - } - - chdr = (struct hdr *)(((uint8_t *) packetbuf_dataptr()) - sizeof(struct hdr)); - chdr->len = packetbuf_datalen(); - pad(); - - return hdr_len; -} -/*---------------------------------------------------------------------------*/ -static int parse(void) { int hdr_len; @@ -174,7 +155,6 @@ parse(void) } packetbuf_set_datalen(chdr->len); - chdr->len = 0; return hdr_len + sizeof(struct hdr); } @@ -182,7 +162,6 @@ parse(void) const struct framer contikimac_framer = { hdr_length, create, - create_and_secure, parse }; /*---------------------------------------------------------------------------*/ diff --git a/core/net/mac/contikimac/contikimac.c b/core/net/mac/contikimac/contikimac.c index 74da6ef40..a7dc95db6 100644 --- a/core/net/mac/contikimac/contikimac.c +++ b/core/net/mac/contikimac/contikimac.c @@ -560,7 +560,7 @@ send_packet(mac_callback_t mac_callback, void *mac_callback_ptr, if(!packetbuf_attr(PACKETBUF_ATTR_IS_CREATED_AND_SECURED)) { packetbuf_set_attr(PACKETBUF_ATTR_MAC_ACK, 1); - if(NETSTACK_FRAMER.create_and_secure() < 0) { + if(NETSTACK_FRAMER.create() < 0) { PRINTF("contikimac: framer failed\n"); return MAC_TX_ERR_FATAL; } @@ -829,7 +829,7 @@ qsend_list(mac_callback_t sent, void *ptr, struct rdc_buf_list *buf_list) packetbuf_set_attr(PACKETBUF_ATTR_PENDING, 1); } packetbuf_set_attr(PACKETBUF_ATTR_MAC_ACK, 1); - if(NETSTACK_FRAMER.create_and_secure() < 0) { + if(NETSTACK_FRAMER.create() < 0) { PRINTF("contikimac: framer failed\n"); mac_call_sent_callback(sent, ptr, MAC_TX_ERR_FATAL, 1); return; @@ -915,8 +915,6 @@ input_packet(void) broadcast address. */ /* If FRAME_PENDING is set, we are receiving a packets in a burst */ - /* TODO To prevent denial-of-sleep attacks, the transceiver should - be disabled upon receipt of an unauthentic frame. */ we_are_receiving_burst = packetbuf_attr(PACKETBUF_ATTR_PENDING); if(we_are_receiving_burst) { on(); diff --git a/core/net/mac/framer-802154.c b/core/net/mac/framer-802154.c index 987d142ba..ce96f6239 100644 --- a/core/net/mac/framer-802154.c +++ b/core/net/mac/framer-802154.c @@ -273,7 +273,6 @@ parse(void) const struct framer framer_802154 = { hdr_length, create, - framer_canonical_create_and_secure, parse }; /*---------------------------------------------------------------------------*/ diff --git a/core/net/mac/framer-nullmac.c b/core/net/mac/framer-nullmac.c index 6d53e3f8d..cc79051f1 100644 --- a/core/net/mac/framer-nullmac.c +++ b/core/net/mac/framer-nullmac.c @@ -99,6 +99,5 @@ parse(void) const struct framer framer_nullmac = { hdr_length, create, - framer_canonical_create_and_secure, parse }; diff --git a/core/net/mac/framer.c b/core/net/mac/framer.c deleted file mode 100644 index fa7e9b4c1..000000000 --- a/core/net/mac/framer.c +++ /dev/null @@ -1,50 +0,0 @@ -/* - * Copyright (c) 2014, Fraunhofer Heinrich-Hertz-Institut. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - */ - -#include "net/mac/framer.h" -#include "net/packetbuf.h" -#include "net/netstack.h" - -/*---------------------------------------------------------------------------*/ -int -framer_canonical_create_and_secure(void) -{ - int hdr_len; - - hdr_len = NETSTACK_FRAMER.create(); - if(hdr_len >= 0) { - packetbuf_compact(); - if(!NETSTACK_LLSEC.on_frame_created()) { - return FRAMER_FAILED; - } - } - return hdr_len; -} -/*---------------------------------------------------------------------------*/ \ No newline at end of file diff --git a/core/net/mac/framer.h b/core/net/mac/framer.h index ce99aad1f..5ed419292 100644 --- a/core/net/mac/framer.h +++ b/core/net/mac/framer.h @@ -47,13 +47,8 @@ struct framer { int (* length)(void); int (* create)(void); - - /** Creates the frame and calls LLSEC.on_frame_created() */ - int (* create_and_secure)(void); int (* parse)(void); }; -int framer_canonical_create_and_secure(void); - #endif /* FRAMER_H_ */ diff --git a/core/net/mac/nullrdc.c b/core/net/mac/nullrdc.c index 111211a2b..04baa90bd 100644 --- a/core/net/mac/nullrdc.c +++ b/core/net/mac/nullrdc.c @@ -120,7 +120,7 @@ send_one_packet(mac_callback_t sent, void *ptr) packetbuf_set_attr(PACKETBUF_ATTR_MAC_ACK, 1); #endif /* NULLRDC_802154_AUTOACK || NULLRDC_802154_AUTOACK_HW */ - if(NETSTACK_FRAMER.create_and_secure() < 0) { + if(NETSTACK_FRAMER.create() < 0) { /* Failed to allocate space for headers */ PRINTF("nullrdc: send failed, too large header\n"); ret = MAC_TX_ERR_FATAL; @@ -302,8 +302,7 @@ packet_input(void) } #endif /* RDC_WITH_DUPLICATE_DETECTION */ #endif /* NULLRDC_802154_AUTOACK */ - -/* TODO We may want to acknowledge only authentic frames */ + #if NULLRDC_SEND_802154_ACK { frame802154_t info154; diff --git a/examples/ipv6/slip-radio/no-framer.c b/examples/ipv6/slip-radio/no-framer.c index 7f3447e97..69f4b7e98 100644 --- a/examples/ipv6/slip-radio/no-framer.c +++ b/examples/ipv6/slip-radio/no-framer.c @@ -124,6 +124,5 @@ parse(void) const struct framer no_framer = { hdr_length, create, - framer_canonical_create_and_secure, parse }; diff --git a/examples/llsec/ccm-star-tests/encryption/tests.c b/examples/llsec/ccm-star-tests/encryption/tests.c index b9cc58782..b5c296799 100644 --- a/examples/llsec/ccm-star-tests/encryption/tests.c +++ b/examples/llsec/ccm-star-tests/encryption/tests.c @@ -56,8 +56,8 @@ test_sec_lvl_6() 0xC4 , 0xC5 , 0xC6 , 0xC7 , 0xC8 , 0xC9 , 0xCA , 0xCB , 0xCC , 0xCD , 0xCE , 0xCF }; - uint8_t extended_source_address[8] = { 0xAC , 0xDE , 0x48 , 0x00 , - 0x00 , 0x00 , 0x00 , 0x01 }; + linkaddr_t source_address = {{ 0xAC , 0xDE , 0x48 , 0x00 , + 0x00 , 0x00 , 0x00 , 0x01 }}; uint8_t data[30] = { 0x2B , 0xDC , 0x84 , 0x21 , 0x43 , /* Destination Address */ 0x02 , 0x00 , 0x00 , 0x00 , 0x00 , 0x48 , 0xDE , 0xAC , @@ -72,11 +72,12 @@ test_sec_lvl_6() 0x01 , 0xCE }; uint8_t oracle[LLSEC802154_MIC_LENGTH] = { 0x4F , 0xDE , 0x52 , 0x90 , 0x61 , 0xF9 , 0xC6 , 0xF1 }; + uint8_t nonce[13]; frame802154_frame_counter_t counter; - uint8_t mic[LLSEC802154_MIC_LENGTH]; printf("Testing verification ... "); + linkaddr_copy(&linkaddr_node_addr, &source_address); packetbuf_clear(); packetbuf_set_datalen(30); memcpy(packetbuf_hdrptr(), data, 30); @@ -87,9 +88,14 @@ test_sec_lvl_6() packetbuf_hdrreduce(29); CCM_STAR.set_key(key); - ccm_star_mic_packetbuf(extended_source_address, mic, LLSEC802154_MIC_LENGTH); + ccm_star_packetbuf_set_nonce(nonce, 1); + CCM_STAR.aead(nonce, + packetbuf_dataptr(), packetbuf_datalen(), + packetbuf_hdrptr(), packetbuf_hdrlen(), + ((uint8_t *) packetbuf_hdrptr()) + 30, LLSEC802154_MIC_LENGTH, + 1); - if(memcmp(mic, oracle, LLSEC802154_MIC_LENGTH) == 0) { + if(memcmp(((uint8_t *) packetbuf_hdrptr()) + 30, oracle, LLSEC802154_MIC_LENGTH) == 0) { printf("Success\n"); } else { printf("Failure\n"); @@ -97,7 +103,6 @@ test_sec_lvl_6() printf("Testing encryption ... "); - ccm_star_ctr_packetbuf(extended_source_address); if(((uint8_t *) packetbuf_hdrptr())[29] == 0xD8) { printf("Success\n"); } else { @@ -105,7 +110,13 @@ test_sec_lvl_6() } printf("Testing decryption ... "); - ccm_star_ctr_packetbuf(extended_source_address); + packetbuf_set_addr(PACKETBUF_ADDR_SENDER, &source_address); + ccm_star_packetbuf_set_nonce(nonce, 0); + CCM_STAR.aead(nonce, + packetbuf_dataptr(), packetbuf_datalen(), + packetbuf_hdrptr(), packetbuf_hdrlen(), + ((uint8_t *) packetbuf_hdrptr()) + 30, LLSEC802154_MIC_LENGTH, + 0); if(((uint8_t *) packetbuf_hdrptr())[29] == 0xCE) { printf("Success\n"); } else { diff --git a/examples/llsec/ccm-star-tests/verification/tests.c b/examples/llsec/ccm-star-tests/verification/tests.c index d768ddeb6..4de463fee 100644 --- a/examples/llsec/ccm-star-tests/verification/tests.c +++ b/examples/llsec/ccm-star-tests/verification/tests.c @@ -86,8 +86,8 @@ test_sec_lvl_2() 0xC4 , 0xC5 , 0xC6 , 0xC7 , 0xC8 , 0xC9 , 0xCA , 0xCB , 0xCC , 0xCD , 0xCE , 0xCF }; - uint8_t extended_source_address[8] = { 0xAC , 0xDE , 0x48 , 0x00 , - 0x00 , 0x00 , 0x00 , 0x01 }; + linkaddr_t source_address = {{ 0xAC , 0xDE , 0x48 , 0x00 , + 0x00 , 0x00 , 0x00 , 0x01 }}; uint8_t data[26] = { 0x08 , 0xD0 , 0x84 , 0x21 , 0x43 , /* Source Address */ 0x01 , 0x00 , 0x00 , 0x00 , 0x00 , 0x48 , 0xDE , 0xAC , @@ -101,9 +101,11 @@ test_sec_lvl_2() 0x84 , 0x1A , 0xB5 , 0x53 }; frame802154_frame_counter_t counter; uint8_t mic[LLSEC802154_MIC_LENGTH]; + uint8_t nonce[13]; printf("Testing verification ... "); + linkaddr_copy(&linkaddr_node_addr, &source_address); packetbuf_clear(); packetbuf_set_datalen(26); memcpy(packetbuf_hdrptr(), data, 26); @@ -114,9 +116,14 @@ test_sec_lvl_2() packetbuf_hdrreduce(18); CCM_STAR.set_key(key); - ccm_star_mic_packetbuf(extended_source_address,mic, LLSEC802154_MIC_LENGTH); + ccm_star_packetbuf_set_nonce(nonce, 1); + CCM_STAR.aead(nonce, + NULL, 0, + packetbuf_hdrptr(), packetbuf_totlen(), + ((uint8_t *) packetbuf_dataptr()) + packetbuf_datalen(), LLSEC802154_MIC_LENGTH, + 1); - if(memcmp(mic, oracle, LLSEC802154_MIC_LENGTH) == 0) { + if(memcmp(((uint8_t *) packetbuf_dataptr()) + packetbuf_datalen(), oracle, LLSEC802154_MIC_LENGTH) == 0) { printf("Success\n"); } else { printf("Failure\n"); diff --git a/platform/jn516x/contiki-jn516x-main.c b/platform/jn516x/contiki-jn516x-main.c index 2bf27e64b..deda71b11 100644 --- a/platform/jn516x/contiki-jn516x-main.c +++ b/platform/jn516x/contiki-jn516x-main.c @@ -228,17 +228,6 @@ start_uip6(void) #endif /* NETSTACK_CONF_WITH_IPV6 */ /*---------------------------------------------------------------------------*/ static void -start_network_layer(void) -{ -#if NETSTACK_CONF_WITH_IPV6 - start_uip6(); -#endif /* NETSTACK_CONF_WITH_IPV6 */ - start_autostart_processes(); - /* To support link layer security in combination with NETSTACK_CONF_WITH_IPV4 and - * TIMESYNCH_CONF_ENABLED further things may need to be moved here */ -} -/*--------------------------------------------------------------------------*/ -static void set_linkaddr(void) { int i; @@ -409,7 +398,12 @@ main(void) #endif /* NETSTACK_CONF_WITH_IPV4 */ watchdog_start(); - NETSTACK_LLSEC.bootstrap(start_network_layer); + NETSTACK_LLSEC.init(); + +#if NETSTACK_CONF_WITH_IPV6 + start_uip6(); +#endif /* NETSTACK_CONF_WITH_IPV6 */ + start_autostart_processes(); leds_off(LEDS_ALL); int r; diff --git a/platform/jn516x/dev/ccm-star.c b/platform/jn516x/dev/ccm-star.c index 76bf97caf..b846985be 100644 --- a/platform/jn516x/dev/ccm-star.c +++ b/platform/jn516x/dev/ccm-star.c @@ -45,54 +45,6 @@ static tsReg128 current_key; static int current_key_is_new = 1; -/*---------------------------------------------------------------------------*/ -static void -mic(const uint8_t *m, uint8_t m_len, - const uint8_t *nonce, - const uint8_t *a, uint8_t a_len, - uint8_t *result, - uint8_t mic_len) -{ - tsReg128 nonce_aligned; - memcpy(&nonce_aligned, nonce, sizeof(nonce_aligned)); - bACI_CCMstar( - ¤t_key, - current_key_is_new, - XCV_REG_AES_SET_MODE_CCM, - mic_len, - a_len, - m_len, - &nonce_aligned, - (uint8_t *)a, - (uint8_t *)m, - NULL, - result, - NULL - ); - current_key_is_new = 0; -} -/*---------------------------------------------------------------------------*/ -static void -ctr(uint8_t *m, uint8_t m_len, const uint8_t *nonce) -{ - tsReg128 nonce_aligned; - memcpy(&nonce_aligned, nonce, sizeof(nonce_aligned)); - bACI_CCMstar( - ¤t_key, - current_key_is_new, - XCV_REG_AES_SET_MODE_CCM, - 0, - 0, - m_len, - &nonce_aligned, - NULL, - m, - m, - NULL, - NULL - ); - current_key_is_new = 0; -} /*---------------------------------------------------------------------------*/ static void aead(const uint8_t *nonce, @@ -161,8 +113,7 @@ set_key(const uint8_t *key) } /*---------------------------------------------------------------------------*/ const struct ccm_star_driver ccm_star_driver_jn516x = { - mic, - ctr, - set_key + set_key, + aead }; /*---------------------------------------------------------------------------*/ diff --git a/platform/sky/contiki-sky-main.c b/platform/sky/contiki-sky-main.c index a099778c6..ea3afd93a 100644 --- a/platform/sky/contiki-sky-main.c +++ b/platform/sky/contiki-sky-main.c @@ -189,65 +189,6 @@ set_gateway(void) } #endif /* NETSTACK_CONF_WITH_IPV4 */ /*---------------------------------------------------------------------------*/ -static void -start_autostart_processes() -{ -#if !PROCESS_CONF_NO_PROCESS_NAMES - print_processes(autostart_processes); -#endif /* !PROCESS_CONF_NO_PROCESS_NAMES */ - autostart_start(autostart_processes); -} -/*---------------------------------------------------------------------------*/ -#if NETSTACK_CONF_WITH_IPV6 -static void -start_uip6() -{ - NETSTACK_NETWORK.init(); - - process_start(&tcpip_process, NULL); - -#if DEBUG - PRINTF("Tentative link-local IPv6 address "); - { - uip_ds6_addr_t *lladdr; - int i; - lladdr = uip_ds6_get_link_local(-1); - for(i = 0; i < 7; ++i) { - PRINTF("%02x%02x:", lladdr->ipaddr.u8[i * 2], - lladdr->ipaddr.u8[i * 2 + 1]); - } - PRINTF("%02x%02x\n", lladdr->ipaddr.u8[14], lladdr->ipaddr.u8[15]); - } -#endif /* DEBUG */ - - if(!UIP_CONF_IPV6_RPL) { - uip_ipaddr_t ipaddr; - int i; - uip_ip6addr(&ipaddr, 0xaaaa, 0, 0, 0, 0, 0, 0, 0); - uip_ds6_set_addr_iid(&ipaddr, &uip_lladdr); - uip_ds6_addr_add(&ipaddr, 0, ADDR_TENTATIVE); - PRINTF("Tentative global IPv6 address "); - for(i = 0; i < 7; ++i) { - PRINTF("%02x%02x:", - ipaddr.u8[i * 2], ipaddr.u8[i * 2 + 1]); - } - PRINTF("%02x%02x\n", - ipaddr.u8[7 * 2], ipaddr.u8[7 * 2 + 1]); - } -} -#endif /* NETSTACK_CONF_WITH_IPV6 */ -/*---------------------------------------------------------------------------*/ -static void -start_network_layer() -{ -#if NETSTACK_CONF_WITH_IPV6 - start_uip6(); -#endif /* NETSTACK_CONF_WITH_IPV6 */ - start_autostart_processes(); - /* To support link layer security in combination with NETSTACK_CONF_WITH_IPV4 and - * TIMESYNCH_CONF_ENABLED further things may need to be moved here */ -} -/*---------------------------------------------------------------------------*/ #if WITH_TINYOS_AUTO_IDS uint16_t TOS_NODE_ID = 0x1234; /* non-zero */ uint16_t TOS_LOCAL_ADDRESS = 0x1234; /* non-zero */ @@ -360,6 +301,8 @@ main(int argc, char **argv) queuebuf_init(); NETSTACK_RDC.init(); NETSTACK_MAC.init(); + NETSTACK_LLSEC.init(); + NETSTACK_NETWORK.init(); PRINTF("%s %s %s, channel check rate %lu Hz, radio channel %u, CCA threshold %i\n", NETSTACK_LLSEC.name, NETSTACK_MAC.name, NETSTACK_RDC.name, @@ -367,11 +310,42 @@ main(int argc, char **argv) NETSTACK_RDC.channel_check_interval()), CC2420_CONF_CHANNEL, CC2420_CONF_CCA_THRESH); + + process_start(&tcpip_process, NULL); +#if DEBUG + PRINTF("Tentative link-local IPv6 address "); + { + uip_ds6_addr_t *lladdr; + int i; + lladdr = uip_ds6_get_link_local(-1); + for(i = 0; i < 7; ++i) { + PRINTF("%02x%02x:", lladdr->ipaddr.u8[i * 2], + lladdr->ipaddr.u8[i * 2 + 1]); + } + PRINTF("%02x%02x\n", lladdr->ipaddr.u8[14], lladdr->ipaddr.u8[15]); + } +#endif /* DEBUG */ + + if(!UIP_CONF_IPV6_RPL) { + uip_ipaddr_t ipaddr; + int i; + uip_ip6addr(&ipaddr, 0xaaaa, 0, 0, 0, 0, 0, 0, 0); + uip_ds6_set_addr_iid(&ipaddr, &uip_lladdr); + uip_ds6_addr_add(&ipaddr, 0, ADDR_TENTATIVE); + PRINTF("Tentative global IPv6 address "); + for(i = 0; i < 7; ++i) { + PRINTF("%02x%02x:", + ipaddr.u8[i * 2], ipaddr.u8[i * 2 + 1]); + } + PRINTF("%02x%02x\n", + ipaddr.u8[7 * 2], ipaddr.u8[7 * 2 + 1]); + } #else /* NETSTACK_CONF_WITH_IPV6 */ NETSTACK_RDC.init(); NETSTACK_MAC.init(); + NETSTACK_LLSEC.init(); NETSTACK_NETWORK.init(); PRINTF("%s %s %s, channel check rate %lu Hz, radio channel %u\n", @@ -421,10 +395,13 @@ main(int argc, char **argv) uip_ipaddr_to_quad(&hostaddr)); } #endif /* NETSTACK_CONF_WITH_IPV4 */ - + watchdog_start(); - NETSTACK_LLSEC.bootstrap(start_network_layer); +#if !PROCESS_CONF_NO_PROCESS_NAMES + print_processes(autostart_processes); +#endif /* !PROCESS_CONF_NO_PROCESS_NAMES */ + autostart_start(autostart_processes); /* * This is the scheduler loop.