From c656a4d1c5d267406c50c2d15c56aee3dee9a150 Mon Sep 17 00:00:00 2001 From: Konrad Krentz Date: Wed, 1 Jul 2015 07:00:14 -0700 Subject: [PATCH] llsec: Fixed style issues in CCM* --- core/lib/ccm-star.c | 27 ++--- core/lib/ccm-star.h | 39 +++--- core/net/llsec/ccm-star-packetbuf.c | 114 ++++++++++++++---- core/net/llsec/ccm-star-packetbuf.h | 40 +++++- core/net/llsec/noncoresec/noncoresec.c | 34 ++---- .../llsec/ccm-star-tests/encryption/tests.c | 10 +- .../llsec/ccm-star-tests/verification/tests.c | 6 +- 7 files changed, 174 insertions(+), 96 deletions(-) diff --git a/core/lib/ccm-star.c b/core/lib/ccm-star.c index 537d341e1..f916c4633 100644 --- a/core/lib/ccm-star.c +++ b/core/lib/ccm-star.c @@ -48,14 +48,11 @@ /*---------------------------------------------------------------------------*/ static void -set_nonce(uint8_t *iv, +set_iv(uint8_t *iv, uint8_t flags, const uint8_t *nonce, uint8_t counter) { - /* 1 byte|| 8 bytes || 4 bytes || 1 byte || 2 bytes */ - /* flags || extended_source_address || frame_counter || sec_lvl || counter */ - iv[0] = flags; memcpy(iv + 1, nonce, CCM_STAR_NONCE_LENGTH); iv[14] = 0; @@ -73,7 +70,7 @@ ctr_step(const uint8_t *nonce, uint8_t a[AES_128_BLOCK_SIZE]; uint8_t i; - set_nonce(a, CCM_STAR_ENCRYPTION_FLAGS, nonce, counter); + set_iv(a, CCM_STAR_ENCRYPTION_FLAGS, nonce, counter); AES_128.encrypt(a); for(i = 0; (pos + i < m_len) && (i < AES_128_BLOCK_SIZE); i++) { @@ -82,9 +79,9 @@ ctr_step(const uint8_t *nonce, } /*---------------------------------------------------------------------------*/ static void -mic(const uint8_t *m, uint8_t m_len, - const uint8_t *nonce, - const uint8_t *a, uint8_t a_len, +mic(const uint8_t *nonce, + const uint8_t *m, uint8_t m_len, + const uint8_t *a, uint8_t a_len, uint8_t *result, uint8_t mic_len) { @@ -92,10 +89,10 @@ mic(const uint8_t *m, uint8_t m_len, uint8_t pos; uint8_t i; - set_nonce(x, CCM_STAR_AUTH_FLAGS(a_len, mic_len), nonce, m_len); + set_iv(x, CCM_STAR_AUTH_FLAGS(a_len, mic_len), nonce, m_len); AES_128.encrypt(x); - if(a_len > 0) { + if(a_len) { x[1] = x[1] ^ a_len; for(i = 2; (i - 2 < a_len) && (i < AES_128_BLOCK_SIZE); i++) { x[i] ^= a[i - 2]; @@ -113,7 +110,7 @@ mic(const uint8_t *m, uint8_t m_len, } } - if(m_len > 0) { + if(m_len) { pos = 0; while(pos < m_len) { for(i = 0; (pos + i < m_len) && (i < AES_128_BLOCK_SIZE); i++) { @@ -130,7 +127,7 @@ mic(const uint8_t *m, uint8_t m_len, } /*---------------------------------------------------------------------------*/ static void -ctr(uint8_t *m, uint8_t m_len, const uint8_t* nonce) +ctr(const uint8_t *nonce, uint8_t *m, uint8_t m_len) { uint8_t pos; uint8_t counter; @@ -143,8 +140,10 @@ ctr(uint8_t *m, uint8_t m_len, const uint8_t* nonce) } } /*---------------------------------------------------------------------------*/ -static void set_key(const uint8_t *key) { - AES_128.set_key((uint8_t*)key); +static void +set_key(const uint8_t *key) +{ + AES_128.set_key(key); } /*---------------------------------------------------------------------------*/ const struct ccm_star_driver ccm_star_driver = { diff --git a/core/lib/ccm-star.h b/core/lib/ccm-star.h index f0394e4ae..ad4e49798 100644 --- a/core/lib/ccm-star.h +++ b/core/lib/ccm-star.h @@ -54,33 +54,32 @@ * Structure of CCM* drivers. */ struct ccm_star_driver { - - /** - * \brief Generates a MIC over the data supplied. - * \param data The data buffer to read. - * \param data_length The data buffer length. - * \param nonce The nonce to use. CCM_STAR_NONCE_LENGTH bytes long. - * \param result The generated MIC will be put here - * \param mic_len The size of the MIC to be generated. <= 16. - */ - void (* mic)(const uint8_t* data, uint8_t data_length, - const uint8_t* nonce, - const uint8_t* add, uint8_t add_len, + + /** + * \brief Generates a MIC over the data supplied. + * \param nonce The nonce to use. CCM_STAR_NONCE_LENGTH bytes long. + * \param m Message to authenticate and encrypt + * \param a Additional authenticated data + * \param result The generated MIC will be put here + * \param mic_len The size of the MIC to be generated. <= 16. + */ + void (* mic)(const uint8_t* nonce, + const uint8_t* m, uint8_t m_len, + const uint8_t* a, uint8_t a_len, uint8_t *result, uint8_t mic_len); /** - * \brief XORs the frame in the packetbuf with the key stream. - * \param data The data buffer to read. - * \param data_length The data buffer length. - * \param nonce The nonce to use. CCM_STAR_NONCE_LENGTH bytes long. + * \brief XORs m with the key stream. + * \param nonce The nonce to use. CCM_STAR_NONCE_LENGTH bytes long. + * \param m Message to authenticate and encrypt */ - void (* ctr)( uint8_t* data, uint8_t data_length, - const uint8_t* nonce); + void (* ctr)(const uint8_t* nonce, + uint8_t* m, uint8_t m_len); /** - * \brief Sets the key in use. Default implementation calls AES_128.set_key() - * \param key The key to use. + * \brief Sets the key in use. Default implementation calls AES_128.set_key(). + * \param key The key to use. */ void (* set_key)(const uint8_t* key); }; diff --git a/core/net/llsec/ccm-star-packetbuf.c b/core/net/llsec/ccm-star-packetbuf.c index 08087398e..91740f547 100644 --- a/core/net/llsec/ccm-star-packetbuf.c +++ b/core/net/llsec/ccm-star-packetbuf.c @@ -1,52 +1,116 @@ +/* + * Copyright (c) 2013, Hasso-Plattner-Institut. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * This file is part of the Contiki operating system. + * + */ + /** * \file * CCM* convenience functions for LLSEC use * \author * Justin King-Lacroix + * Konrad Krentz */ +#include "llsec/ccm-star-packetbuf.h" #include "lib/ccm-star.h" #include "net/packetbuf.h" #include /*---------------------------------------------------------------------------*/ -void ccm_star_mic_packetbuf(const uint8_t *extended_source_address, +static const uint8_t * +get_extended_address(const linkaddr_t *addr) +#if LINKADDR_SIZE == 2 +{ + /* workaround for short addresses: derive EUI64 as in RFC 6282 */ + static linkaddr_extended_t template = { { 0x00 , 0x00 , 0x00 , + 0xFF , 0xFE , 0x00 , 0x00 , 0x00 } }; + + template.u16[3] = LLSEC802154_HTONS(addr->u16); + + return template.u8; +} +#else /* LINKADDR_SIZE == 2 */ +{ + return addr->u8; +} +#endif /* LINKADDR_SIZE == 2 */ +/*---------------------------------------------------------------------------*/ +/* Inits the 13-byte CCM* nonce as of 802.15.4-2011. */ +static void +set_nonce(uint8_t *nonce, const linkaddr_t *source_addr) +{ + memcpy(nonce, get_extended_address(source_addr), 8); + nonce[8] = packetbuf_attr(PACKETBUF_ATTR_FRAME_COUNTER_BYTES_2_3) >> 8; + nonce[9] = packetbuf_attr(PACKETBUF_ATTR_FRAME_COUNTER_BYTES_2_3) & 0xff; + nonce[10] = packetbuf_attr(PACKETBUF_ATTR_FRAME_COUNTER_BYTES_0_1) >> 8; + nonce[11] = packetbuf_attr(PACKETBUF_ATTR_FRAME_COUNTER_BYTES_0_1) & 0xff; + nonce[12] = packetbuf_attr(PACKETBUF_ATTR_SECURITY_LEVEL); +} +/*---------------------------------------------------------------------------*/ +void +ccm_star_packetbuf_mic(const linkaddr_t *source_addr, uint8_t *result, uint8_t mic_len) { - uint8_t *dataptr = packetbuf_dataptr(); - uint8_t data_len = packetbuf_datalen(); - uint8_t *headerptr = packetbuf_hdrptr(); - uint8_t header_len = packetbuf_hdrlen(); uint8_t nonce[CCM_STAR_NONCE_LENGTH]; - - memcpy(nonce, extended_source_address, 8); - nonce[8] = packetbuf_attr(PACKETBUF_ATTR_FRAME_COUNTER_BYTES_2_3) >> 8; - nonce[9] = packetbuf_attr(PACKETBUF_ATTR_FRAME_COUNTER_BYTES_2_3) & 0xff; - nonce[10] = packetbuf_attr(PACKETBUF_ATTR_FRAME_COUNTER_BYTES_0_1) >> 8; - nonce[11] = packetbuf_attr(PACKETBUF_ATTR_FRAME_COUNTER_BYTES_0_1) & 0xff; - nonce[12] = packetbuf_attr(PACKETBUF_ATTR_SECURITY_LEVEL); + uint8_t *m; + uint8_t m_len; + uint8_t *a; + uint8_t a_len; + set_nonce(nonce, source_addr); + + a = packetbuf_hdrptr(); if(packetbuf_attr(PACKETBUF_ATTR_SECURITY_LEVEL) & (1 << 2)) { - CCM_STAR.mic(dataptr, data_len, nonce, headerptr, header_len, result, mic_len); + m = packetbuf_dataptr(); + m_len = packetbuf_datalen(); + a_len = packetbuf_hdrlen(); } else { - CCM_STAR.mic(dataptr, 0, nonce, headerptr, packetbuf_totlen(), result, mic_len); + m = NULL; + m_len = 0; + a_len = packetbuf_totlen(); } + + CCM_STAR.mic(nonce, + m, m_len, + a, a_len, + result, + mic_len); } /*---------------------------------------------------------------------------*/ -void ccm_star_ctr_packetbuf(const uint8_t *extended_source_address) +void +ccm_star_packetbuf_ctr(const linkaddr_t *source_addr) { - uint8_t *dataptr = packetbuf_dataptr(); - uint8_t data_len = packetbuf_datalen(); uint8_t nonce[CCM_STAR_NONCE_LENGTH]; - memcpy(nonce, extended_source_address, 8); - nonce[8] = packetbuf_attr(PACKETBUF_ATTR_FRAME_COUNTER_BYTES_2_3) >> 8; - nonce[9] = packetbuf_attr(PACKETBUF_ATTR_FRAME_COUNTER_BYTES_2_3) & 0xff; - nonce[10] = packetbuf_attr(PACKETBUF_ATTR_FRAME_COUNTER_BYTES_0_1) >> 8; - nonce[11] = packetbuf_attr(PACKETBUF_ATTR_FRAME_COUNTER_BYTES_0_1) & 0xff; - nonce[12] = packetbuf_attr(PACKETBUF_ATTR_SECURITY_LEVEL); - - CCM_STAR.ctr(dataptr, data_len, nonce); + set_nonce(nonce, source_addr); + CCM_STAR.ctr(nonce, packetbuf_dataptr(), packetbuf_datalen()); } /*---------------------------------------------------------------------------*/ diff --git a/core/net/llsec/ccm-star-packetbuf.h b/core/net/llsec/ccm-star-packetbuf.h index 3b6c43472..d93ff1160 100644 --- a/core/net/llsec/ccm-star-packetbuf.h +++ b/core/net/llsec/ccm-star-packetbuf.h @@ -1,24 +1,58 @@ +/* + * Copyright (c) 2013, Hasso-Plattner-Institut. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * This file is part of the Contiki operating system. + * + */ + /** * \file * CCM* convenience functions for MAC security * \author * Justin King-Lacroix + * Konrad Krentz */ #ifndef CCM_STAR_PACKETBUF_H_ #define CCM_STAR_PACKETBUF_H_ +#include "net/linkaddr.h" + /** * \brief Calls CCM_STAR.mic with parameters appropriate for LLSEC. */ -void ccm_star_mic_packetbuf(const uint8_t *extended_source_address, +void ccm_star_packetbuf_mic(const linkaddr_t *source_addr, uint8_t *result, uint8_t mic_len); /** * \brief Calls CCM_STAR.ctr with parameters appropriate for LLSEC. */ -void ccm_star_ctr_packetbuf(const uint8_t *extended_source_address); +void ccm_star_packetbuf_ctr(const linkaddr_t *source_addr); #endif /* CCM_STAR_PACKETBUF_H_ */ - diff --git a/core/net/llsec/noncoresec/noncoresec.c b/core/net/llsec/noncoresec/noncoresec.c index ec66c172f..ca6e5f3ee 100644 --- a/core/net/llsec/noncoresec/noncoresec.c +++ b/core/net/llsec/noncoresec/noncoresec.c @@ -80,24 +80,6 @@ static uint8_t key[16] = NONCORESEC_KEY; NBR_TABLE(struct anti_replay_info, anti_replay_table); -/*---------------------------------------------------------------------------*/ -static const uint8_t * -get_extended_address(const linkaddr_t *addr) -#if LINKADDR_SIZE == 2 -{ - /* workaround for short addresses: derive EUI64 as in RFC 6282 */ - static linkaddr_extended_t template = { { 0x00 , 0x00 , 0x00 , - 0xFF , 0xFE , 0x00 , 0x00 , 0x00 } }; - - template.u16[3] = LLSEC802154_HTONS(addr->u16); - - return template.u8; -} -#else /* LINKADDR_SIZE == 2 */ -{ - return addr->u8; -} -#endif /* LINKADDR_SIZE == 2 */ /*---------------------------------------------------------------------------*/ static void send(mac_callback_t sent, void *ptr) @@ -113,7 +95,7 @@ create(void) { int result; uint8_t *dataptr; - uint8_t data_len; + uint8_t datalen; result = framer_802154.create(); if(result == FRAMER_FAILED) { @@ -121,13 +103,13 @@ create(void) } dataptr = packetbuf_dataptr(); - data_len = packetbuf_datalen(); - - ccm_star_mic_packetbuf(get_extended_address(&linkaddr_node_addr), dataptr + data_len, LLSEC802154_MIC_LENGTH); + datalen = packetbuf_datalen(); + + ccm_star_packetbuf_mic(&linkaddr_node_addr, dataptr + datalen, LLSEC802154_MIC_LENGTH); #if WITH_ENCRYPTION - ccm_star_ctr_packetbuf(get_extended_address(&linkaddr_node_addr)); + ccm_star_packetbuf_ctr(&linkaddr_node_addr); #endif /* WITH_ENCRYPTION */ - packetbuf_set_datalen(data_len + LLSEC802154_MIC_LENGTH); + packetbuf_set_datalen(datalen + LLSEC802154_MIC_LENGTH); return result; } @@ -159,9 +141,9 @@ input(void) packetbuf_set_datalen(packetbuf_datalen() - LLSEC802154_MIC_LENGTH); #if WITH_ENCRYPTION - ccm_star_ctr_packetbuf(get_extended_address(sender)); + ccm_star_packetbuf_ctr(sender); #endif /* WITH_ENCRYPTION */ - ccm_star_mic_packetbuf(get_extended_address(sender), generated_mic, LLSEC802154_MIC_LENGTH); + ccm_star_packetbuf_mic(sender, generated_mic, LLSEC802154_MIC_LENGTH); received_mic = ((uint8_t *) packetbuf_dataptr()) + packetbuf_datalen(); if(memcmp(generated_mic, received_mic, LLSEC802154_MIC_LENGTH) != 0) { diff --git a/examples/llsec/ccm-star-tests/encryption/tests.c b/examples/llsec/ccm-star-tests/encryption/tests.c index b9cc58782..0c454157c 100644 --- a/examples/llsec/ccm-star-tests/encryption/tests.c +++ b/examples/llsec/ccm-star-tests/encryption/tests.c @@ -56,8 +56,8 @@ test_sec_lvl_6() 0xC4 , 0xC5 , 0xC6 , 0xC7 , 0xC8 , 0xC9 , 0xCA , 0xCB , 0xCC , 0xCD , 0xCE , 0xCF }; - uint8_t extended_source_address[8] = { 0xAC , 0xDE , 0x48 , 0x00 , - 0x00 , 0x00 , 0x00 , 0x01 }; + linkaddr_t source_address = {{ 0xAC , 0xDE , 0x48 , 0x00 , + 0x00 , 0x00 , 0x00 , 0x01 }}; uint8_t data[30] = { 0x2B , 0xDC , 0x84 , 0x21 , 0x43 , /* Destination Address */ 0x02 , 0x00 , 0x00 , 0x00 , 0x00 , 0x48 , 0xDE , 0xAC , @@ -87,7 +87,7 @@ test_sec_lvl_6() packetbuf_hdrreduce(29); CCM_STAR.set_key(key); - ccm_star_mic_packetbuf(extended_source_address, mic, LLSEC802154_MIC_LENGTH); + ccm_star_packetbuf_mic(&source_address, mic, LLSEC802154_MIC_LENGTH); if(memcmp(mic, oracle, LLSEC802154_MIC_LENGTH) == 0) { printf("Success\n"); @@ -97,7 +97,7 @@ test_sec_lvl_6() printf("Testing encryption ... "); - ccm_star_ctr_packetbuf(extended_source_address); + ccm_star_packetbuf_ctr(&source_address); if(((uint8_t *) packetbuf_hdrptr())[29] == 0xD8) { printf("Success\n"); } else { @@ -105,7 +105,7 @@ test_sec_lvl_6() } printf("Testing decryption ... "); - ccm_star_ctr_packetbuf(extended_source_address); + ccm_star_packetbuf_ctr(&source_address); if(((uint8_t *) packetbuf_hdrptr())[29] == 0xCE) { printf("Success\n"); } else { diff --git a/examples/llsec/ccm-star-tests/verification/tests.c b/examples/llsec/ccm-star-tests/verification/tests.c index d768ddeb6..61490a0c5 100644 --- a/examples/llsec/ccm-star-tests/verification/tests.c +++ b/examples/llsec/ccm-star-tests/verification/tests.c @@ -86,8 +86,8 @@ test_sec_lvl_2() 0xC4 , 0xC5 , 0xC6 , 0xC7 , 0xC8 , 0xC9 , 0xCA , 0xCB , 0xCC , 0xCD , 0xCE , 0xCF }; - uint8_t extended_source_address[8] = { 0xAC , 0xDE , 0x48 , 0x00 , - 0x00 , 0x00 , 0x00 , 0x01 }; + linkaddr_t source_address = {{ 0xAC , 0xDE , 0x48 , 0x00 , + 0x00 , 0x00 , 0x00 , 0x01 }}; uint8_t data[26] = { 0x08 , 0xD0 , 0x84 , 0x21 , 0x43 , /* Source Address */ 0x01 , 0x00 , 0x00 , 0x00 , 0x00 , 0x48 , 0xDE , 0xAC , @@ -114,7 +114,7 @@ test_sec_lvl_2() packetbuf_hdrreduce(18); CCM_STAR.set_key(key); - ccm_star_mic_packetbuf(extended_source_address,mic, LLSEC802154_MIC_LENGTH); + ccm_star_packetbuf_mic(&source_address, mic, LLSEC802154_MIC_LENGTH); if(memcmp(mic, oracle, LLSEC802154_MIC_LENGTH) == 0) { printf("Success\n");