llsec: Fixed style issues in CCM*

2024-12-22 10:30:13 +00:00 · 2015-07-01 07:00:14 -07:00 · 2015-07-01 07:00:14 -07:00 · c656a4d1c5
commit c656a4d1c5
parent b522c042ec
7 changed files with 174 additions and 96 deletions
--- a/core/lib/ccm-star.c
+++ b/core/lib/ccm-star.c
@ -48,14 +48,11 @@

 /*---------------------------------------------------------------------------*/
 static void
-set_nonce(uint8_t *iv,
+set_iv(uint8_t *iv,
    uint8_t flags,
    const uint8_t *nonce,
    uint8_t counter)
 {
-  /* 1 byte||          8 bytes        ||    4 bytes    || 1 byte  || 2 bytes */
-  /* flags || extended_source_address || frame_counter || sec_lvl || counter */
-
  iv[0] = flags;
  memcpy(iv + 1, nonce, CCM_STAR_NONCE_LENGTH);
  iv[14] = 0;
@ -73,7 +70,7 @@ ctr_step(const uint8_t *nonce,
  uint8_t a[AES_128_BLOCK_SIZE];
  uint8_t i;
  
-  set_nonce(a, CCM_STAR_ENCRYPTION_FLAGS, nonce, counter);
+  set_iv(a, CCM_STAR_ENCRYPTION_FLAGS, nonce, counter);
  AES_128.encrypt(a);
  
  for(i = 0; (pos + i < m_len) && (i < AES_128_BLOCK_SIZE); i++) {
@ -82,8 +79,8 @@ ctr_step(const uint8_t *nonce,
 }
 /*---------------------------------------------------------------------------*/
 static void
-mic(const uint8_t *m,  uint8_t m_len,
-    const uint8_t *nonce,
+mic(const uint8_t *nonce,
+    const uint8_t *m, uint8_t m_len,
    const uint8_t *a, uint8_t a_len,
    uint8_t *result,
    uint8_t mic_len)
@ -92,10 +89,10 @@ mic(const uint8_t *m,  uint8_t m_len,
  uint8_t pos;
  uint8_t i;
  
-  set_nonce(x, CCM_STAR_AUTH_FLAGS(a_len, mic_len), nonce, m_len);
+  set_iv(x, CCM_STAR_AUTH_FLAGS(a_len, mic_len), nonce, m_len);
  AES_128.encrypt(x);
  
-  if(a_len > 0) {
+  if(a_len) {
    x[1] = x[1] ^ a_len;
    for(i = 2; (i - 2 < a_len) && (i < AES_128_BLOCK_SIZE); i++) {
      x[i] ^= a[i - 2];
@ -113,7 +110,7 @@ mic(const uint8_t *m,  uint8_t m_len,
    }
  }
  
-  if(m_len > 0) {
+  if(m_len) {
    pos = 0;
    while(pos < m_len) {
      for(i = 0; (pos + i < m_len) && (i < AES_128_BLOCK_SIZE); i++) {
@ -130,7 +127,7 @@ mic(const uint8_t *m,  uint8_t m_len,
 }
 /*---------------------------------------------------------------------------*/
 static void
-ctr(uint8_t *m, uint8_t m_len, const uint8_t* nonce)
+ctr(const uint8_t *nonce, uint8_t *m, uint8_t m_len)
 {
  uint8_t pos;
  uint8_t counter;
@ -143,8 +140,10 @@ ctr(uint8_t *m, uint8_t m_len, const uint8_t* nonce)
  }
 }
 /*---------------------------------------------------------------------------*/
-static void set_key(const uint8_t *key) {
-    AES_128.set_key((uint8_t*)key);
+static void
+set_key(const uint8_t *key)
+{
+  AES_128.set_key(key);
 }
 /*---------------------------------------------------------------------------*/
 const struct ccm_star_driver ccm_star_driver = {
--- a/core/lib/ccm-star.h
+++ b/core/lib/ccm-star.h
@ -57,29 +57,28 @@ struct ccm_star_driver {

  /**
   * \brief         Generates a MIC over the data supplied.
-    * \param data        The data buffer to read.
-    * \param data_length The data buffer length.
   * \param nonce   The nonce to use. CCM_STAR_NONCE_LENGTH bytes long.
+   * \param m       Message to authenticate and encrypt
+   * \param a       Additional authenticated data
   * \param result  The generated MIC will be put here
   * \param mic_len The size of the MIC to be generated. <= 16.
   */
-  void (* mic)(const uint8_t* data, uint8_t data_length,
-      const uint8_t* nonce,
-      const uint8_t* add,  uint8_t add_len,
+  void (* mic)(const uint8_t* nonce,
+      const uint8_t* m, uint8_t m_len,
+      const uint8_t* a, uint8_t a_len,
      uint8_t *result,
      uint8_t mic_len);
  
  /**
-   * \brief XORs the frame in the packetbuf with the key stream.
-   * \param data        The data buffer to read.
-   * \param data_length The data buffer length.
+   * \brief         XORs m with the key stream.
   * \param nonce   The nonce to use. CCM_STAR_NONCE_LENGTH bytes long.
+   * \param m       Message to authenticate and encrypt
   */
-  void (* ctr)(      uint8_t* data, uint8_t data_length,
-               const uint8_t* nonce);
+  void (* ctr)(const uint8_t* nonce,
+      uint8_t* m, uint8_t m_len);
  
  /**
-   * \brief Sets the key in use. Default implementation calls AES_128.set_key()
+   * \brief         Sets the key in use. Default implementation calls AES_128.set_key().
   * \param key     The key to use.
   */
  void (* set_key)(const uint8_t* key);
--- a/core/net/llsec/ccm-star-packetbuf.c
+++ b/core/net/llsec/ccm-star-packetbuf.c
@ -1,52 +1,116 @@
+/*
+ * Copyright (c) 2013, Hasso-Plattner-Institut.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. Neither the name of the Institute nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * This file is part of the Contiki operating system.
+ *
+ */
+
 /**
 * \file
 *         CCM* convenience functions for LLSEC use
 * \author
 *         Justin King-Lacroix <justin.kinglacroix@gmail.com>
+ *         Konrad Krentz <konrad.krentz@gmail.com>
 */

+#include "llsec/ccm-star-packetbuf.h"
 #include "lib/ccm-star.h"
 #include "net/packetbuf.h"
 #include <string.h>

 /*---------------------------------------------------------------------------*/
-void ccm_star_mic_packetbuf(const uint8_t *extended_source_address,
+static const uint8_t *
+get_extended_address(const linkaddr_t *addr)
+#if LINKADDR_SIZE == 2
+{
+  /* workaround for short addresses: derive EUI64 as in RFC 6282 */
+  static linkaddr_extended_t template = { { 0x00 , 0x00 , 0x00 ,
+                                            0xFF , 0xFE , 0x00 , 0x00 , 0x00 } };
+  
+  template.u16[3] = LLSEC802154_HTONS(addr->u16);
+  
+  return template.u8;
+}
+#else /* LINKADDR_SIZE == 2 */
+{
+  return addr->u8;
+}
+#endif /* LINKADDR_SIZE == 2 */
+/*---------------------------------------------------------------------------*/
+/* Inits the 13-byte CCM* nonce as of 802.15.4-2011. */
+static void
+set_nonce(uint8_t *nonce, const linkaddr_t *source_addr)
+{
+  memcpy(nonce, get_extended_address(source_addr), 8);
+  nonce[8] = packetbuf_attr(PACKETBUF_ATTR_FRAME_COUNTER_BYTES_2_3) >> 8;
+  nonce[9] = packetbuf_attr(PACKETBUF_ATTR_FRAME_COUNTER_BYTES_2_3) & 0xff;
+  nonce[10] = packetbuf_attr(PACKETBUF_ATTR_FRAME_COUNTER_BYTES_0_1) >> 8;
+  nonce[11] = packetbuf_attr(PACKETBUF_ATTR_FRAME_COUNTER_BYTES_0_1) & 0xff;
+  nonce[12] = packetbuf_attr(PACKETBUF_ATTR_SECURITY_LEVEL);
+}
+/*---------------------------------------------------------------------------*/
+void
+ccm_star_packetbuf_mic(const linkaddr_t *source_addr,
    uint8_t *result,
    uint8_t mic_len)
 {
-  uint8_t *dataptr = packetbuf_dataptr();
-  uint8_t data_len = packetbuf_datalen();
-  uint8_t *headerptr = packetbuf_hdrptr();
-  uint8_t header_len = packetbuf_hdrlen();
  uint8_t nonce[CCM_STAR_NONCE_LENGTH];
+  uint8_t *m;
+  uint8_t m_len;
+  uint8_t *a;
+  uint8_t a_len;

-  memcpy(nonce, extended_source_address, 8);
-  nonce[8] = packetbuf_attr(PACKETBUF_ATTR_FRAME_COUNTER_BYTES_2_3) >> 8;
-  nonce[9] = packetbuf_attr(PACKETBUF_ATTR_FRAME_COUNTER_BYTES_2_3) & 0xff;
-  nonce[10] = packetbuf_attr(PACKETBUF_ATTR_FRAME_COUNTER_BYTES_0_1) >> 8;
-  nonce[11] = packetbuf_attr(PACKETBUF_ATTR_FRAME_COUNTER_BYTES_0_1) & 0xff;
-  nonce[12] = packetbuf_attr(PACKETBUF_ATTR_SECURITY_LEVEL);
+  set_nonce(nonce, source_addr);
  
+  a = packetbuf_hdrptr();
  if(packetbuf_attr(PACKETBUF_ATTR_SECURITY_LEVEL) & (1 << 2)) {
-    CCM_STAR.mic(dataptr, data_len, nonce, headerptr, header_len, result, mic_len);
+    m = packetbuf_dataptr();
+    m_len = packetbuf_datalen();
+    a_len = packetbuf_hdrlen();
  } else {
-    CCM_STAR.mic(dataptr, 0, nonce, headerptr, packetbuf_totlen(), result, mic_len);
+    m = NULL;
+    m_len = 0;
+    a_len = packetbuf_totlen();
  }
+  
+  CCM_STAR.mic(nonce,
+      m, m_len,
+      a, a_len,
+      result,
+      mic_len);
 }
 /*---------------------------------------------------------------------------*/
-void ccm_star_ctr_packetbuf(const uint8_t *extended_source_address)
+void
+ccm_star_packetbuf_ctr(const linkaddr_t *source_addr)
 {
-  uint8_t *dataptr = packetbuf_dataptr();
-  uint8_t data_len = packetbuf_datalen();
  uint8_t nonce[CCM_STAR_NONCE_LENGTH];
  
-  memcpy(nonce, extended_source_address, 8);
-  nonce[8] = packetbuf_attr(PACKETBUF_ATTR_FRAME_COUNTER_BYTES_2_3) >> 8;
-  nonce[9] = packetbuf_attr(PACKETBUF_ATTR_FRAME_COUNTER_BYTES_2_3) & 0xff;
-  nonce[10] = packetbuf_attr(PACKETBUF_ATTR_FRAME_COUNTER_BYTES_0_1) >> 8;
-  nonce[11] = packetbuf_attr(PACKETBUF_ATTR_FRAME_COUNTER_BYTES_0_1) & 0xff;
-  nonce[12] = packetbuf_attr(PACKETBUF_ATTR_SECURITY_LEVEL);
-
-  CCM_STAR.ctr(dataptr, data_len, nonce);
+  set_nonce(nonce, source_addr);
+  CCM_STAR.ctr(nonce, packetbuf_dataptr(), packetbuf_datalen());
 }
 /*---------------------------------------------------------------------------*/
--- a/core/net/llsec/ccm-star-packetbuf.h
+++ b/core/net/llsec/ccm-star-packetbuf.h
@ -1,24 +1,58 @@
+/*
+ * Copyright (c) 2013, Hasso-Plattner-Institut.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. Neither the name of the Institute nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * This file is part of the Contiki operating system.
+ *
+ */
+
 /**
 * \file
 *         CCM* convenience functions for MAC security
 * \author
 *         Justin King-Lacroix <justin.kinglacroix@gmail.com>
+ *         Konrad Krentz <konrad.krentz@gmail.com>
 */

 #ifndef CCM_STAR_PACKETBUF_H_
 #define CCM_STAR_PACKETBUF_H_

+#include "net/linkaddr.h"
+
 /**
 * \brief Calls CCM_STAR.mic with parameters appropriate for LLSEC.
 */
-void ccm_star_mic_packetbuf(const uint8_t *extended_source_address,
+void ccm_star_packetbuf_mic(const linkaddr_t *source_addr,
    uint8_t *result,
    uint8_t mic_len);

 /**
 * \brief Calls CCM_STAR.ctr with parameters appropriate for LLSEC.
 */
-void ccm_star_ctr_packetbuf(const uint8_t *extended_source_address);
+void ccm_star_packetbuf_ctr(const linkaddr_t *source_addr);

 #endif /* CCM_STAR_PACKETBUF_H_ */
-
--- a/core/net/llsec/noncoresec/noncoresec.c
+++ b/core/net/llsec/noncoresec/noncoresec.c
@ -80,24 +80,6 @@
 static uint8_t key[16] = NONCORESEC_KEY;
 NBR_TABLE(struct anti_replay_info, anti_replay_table);

-/*---------------------------------------------------------------------------*/
-static const uint8_t *
-get_extended_address(const linkaddr_t *addr)
-#if LINKADDR_SIZE == 2
-{
-  /* workaround for short addresses: derive EUI64 as in RFC 6282 */
-  static linkaddr_extended_t template = { { 0x00 , 0x00 , 0x00 ,
-                                            0xFF , 0xFE , 0x00 , 0x00 , 0x00 } };
-  
-  template.u16[3] = LLSEC802154_HTONS(addr->u16);
-  
-  return template.u8;
-}
-#else /* LINKADDR_SIZE == 2 */
-{
-  return addr->u8;
-}
-#endif /* LINKADDR_SIZE == 2 */
 /*---------------------------------------------------------------------------*/
 static void
 send(mac_callback_t sent, void *ptr)
@ -113,7 +95,7 @@ create(void)
 {
  int result;
  uint8_t *dataptr;
-  uint8_t data_len;
+  uint8_t datalen;
  
  result = framer_802154.create();
  if(result == FRAMER_FAILED) {
@ -121,13 +103,13 @@ create(void)
  }
  
  dataptr = packetbuf_dataptr();
-  data_len = packetbuf_datalen();
+  datalen = packetbuf_datalen();

-  ccm_star_mic_packetbuf(get_extended_address(&linkaddr_node_addr), dataptr + data_len, LLSEC802154_MIC_LENGTH);
+  ccm_star_packetbuf_mic(&linkaddr_node_addr, dataptr + datalen, LLSEC802154_MIC_LENGTH);
 #if WITH_ENCRYPTION
-  ccm_star_ctr_packetbuf(get_extended_address(&linkaddr_node_addr));
+  ccm_star_packetbuf_ctr(&linkaddr_node_addr);
 #endif /* WITH_ENCRYPTION */
-  packetbuf_set_datalen(data_len + LLSEC802154_MIC_LENGTH);
+  packetbuf_set_datalen(datalen + LLSEC802154_MIC_LENGTH);
  
  return result;
 }
@ -159,9 +141,9 @@ input(void)
  packetbuf_set_datalen(packetbuf_datalen() - LLSEC802154_MIC_LENGTH);
  
 #if WITH_ENCRYPTION
-  ccm_star_ctr_packetbuf(get_extended_address(sender));
+  ccm_star_packetbuf_ctr(sender);
 #endif /* WITH_ENCRYPTION */
-  ccm_star_mic_packetbuf(get_extended_address(sender), generated_mic, LLSEC802154_MIC_LENGTH);
+  ccm_star_packetbuf_mic(sender, generated_mic, LLSEC802154_MIC_LENGTH);
  
  received_mic = ((uint8_t *) packetbuf_dataptr()) + packetbuf_datalen();
  if(memcmp(generated_mic, received_mic, LLSEC802154_MIC_LENGTH) != 0) {
--- a/examples/llsec/ccm-star-tests/encryption/tests.c
+++ b/examples/llsec/ccm-star-tests/encryption/tests.c
@ -56,8 +56,8 @@ test_sec_lvl_6()
                      0xC4 , 0xC5 , 0xC6 , 0xC7 ,
                      0xC8 , 0xC9 , 0xCA , 0xCB ,
                      0xCC , 0xCD , 0xCE , 0xCF };
-  uint8_t extended_source_address[8] = { 0xAC , 0xDE , 0x48 , 0x00 ,
-                                         0x00 , 0x00 , 0x00 , 0x01 };
+  linkaddr_t source_address = {{ 0xAC , 0xDE , 0x48 , 0x00 ,
+                                 0x00 , 0x00 , 0x00 , 0x01 }};
  uint8_t data[30] = { 0x2B , 0xDC , 0x84 , 0x21 , 0x43 ,
                       /* Destination Address */
                       0x02 , 0x00 , 0x00 , 0x00 , 0x00 , 0x48 , 0xDE , 0xAC ,
@ -87,7 +87,7 @@ test_sec_lvl_6()
  packetbuf_hdrreduce(29);
  
  CCM_STAR.set_key(key);
-  ccm_star_mic_packetbuf(extended_source_address, mic, LLSEC802154_MIC_LENGTH);
+  ccm_star_packetbuf_mic(&source_address, mic, LLSEC802154_MIC_LENGTH);
  
  if(memcmp(mic, oracle, LLSEC802154_MIC_LENGTH) == 0) {
    printf("Success\n");
@ -97,7 +97,7 @@ test_sec_lvl_6()
  
  printf("Testing encryption ... ");
  
-  ccm_star_ctr_packetbuf(extended_source_address);
+  ccm_star_packetbuf_ctr(&source_address);
  if(((uint8_t *) packetbuf_hdrptr())[29] == 0xD8) {
    printf("Success\n");
  } else {
@ -105,7 +105,7 @@ test_sec_lvl_6()
  }
  
  printf("Testing decryption ... ");
-  ccm_star_ctr_packetbuf(extended_source_address);
+  ccm_star_packetbuf_ctr(&source_address);
  if(((uint8_t *) packetbuf_hdrptr())[29] == 0xCE) {
    printf("Success\n");
  } else {
--- a/examples/llsec/ccm-star-tests/verification/tests.c
+++ b/examples/llsec/ccm-star-tests/verification/tests.c
@ -86,8 +86,8 @@ test_sec_lvl_2()
                      0xC4 , 0xC5 , 0xC6 , 0xC7 ,
                      0xC8 , 0xC9 , 0xCA , 0xCB ,
                      0xCC , 0xCD , 0xCE , 0xCF };
-  uint8_t extended_source_address[8] = { 0xAC , 0xDE , 0x48 , 0x00 ,
-                                         0x00 , 0x00 , 0x00 , 0x01 };
+  linkaddr_t source_address = {{ 0xAC , 0xDE , 0x48 , 0x00 ,
+                                 0x00 , 0x00 , 0x00 , 0x01 }};
  uint8_t data[26] = { 0x08 , 0xD0 , 0x84 , 0x21 , 0x43 ,
                       /* Source Address */
                       0x01 , 0x00 , 0x00 , 0x00 , 0x00 , 0x48 , 0xDE , 0xAC ,
@ -114,7 +114,7 @@ test_sec_lvl_2()
  packetbuf_hdrreduce(18);
  
  CCM_STAR.set_key(key);
-  ccm_star_mic_packetbuf(extended_source_address,mic, LLSEC802154_MIC_LENGTH);
+  ccm_star_packetbuf_mic(&source_address, mic, LLSEC802154_MIC_LENGTH);
  
  if(memcmp(mic, oracle, LLSEC802154_MIC_LENGTH) == 0) {
    printf("Success\n");