Files
kunlun/plc/cvg/security/inc/cvg_sec_auth_ca.h

252 lines
7.1 KiB
C
Raw Permalink Normal View History

2024-09-28 14:24:04 +08:00
/****************************************************************************
Copyright(c) 2019 by Aerospace C.Power (Chongqing) Microelectronics. ALL RIGHTS RESERVED.
This Information is proprietary to Aerospace C.Power (Chongqing) Microelectronics and MAY NOT
be copied by any method or incorporated into another program without
the express written consent of Aerospace C.Power. This Information or any portion
thereof remains the property of Aerospace C.Power. The Information contained herein
is believed to be accurate and Aerospace C.Power assumes no responsibility or
liability for its use in any way and conveys no license or title under
any patent or copyright and makes no representation or warranty that this
Information is free from patent or copyright infringement.
****************************************************************************/
#ifndef CVG_SEC_AUTH_CA_H
#define CVG_SEC_AUTH_CA_H
/* os shim includes */
#include "os_types.h"
/* public api includes */
#include "plc_fr.h"
/* common includes */
#include "iot_pkt_api.h"
#include "iot_crypto_error_api.h"
/* cvg module internal includes */
#include "cvg_api.h"
#include "cvg.h"
#ifdef __cplusplus
extern "C" {
#endif
#if (PLC_SUPPORT_AUTH_TYPE == PLC_AUTH_TYPE_CA)
/*
* @brief cvg_sec_auth_ca_get_cek_seq() - get authorized cek squence
* @param vdev: pointer to cvg vdev
* @param cek_seq: communication encryption key sequence
* return:
* ERR_OK -- for success case
* otherwise -- error code
*/
uint8_t cvg_sec_auth_ca_get_cek_seq(cvg_vdev_t *vdev, uint8_t *cek_seq);
/*
* @brief cvg_sec_auth_ca_get_crypto_sn() - get async crypto series number
* @param vdev: pointer to cvg vdev
*
* return: valid async crypto series number
*/
uint32_t cvg_sec_auth_ca_get_crypto_sn(cvg_vdev_t *vdev);
/*
* @brief cvg_sec_auth_ca_get_key_suit() - get authorized key suit
* @param vdev: pointer to cvg vdev
* return: communication encryption key suit
*/
uint8_t cvg_sec_auth_ca_get_key_suit(cvg_vdev_t *vdev);
/*
* @brief cvg_sec_auth_ca_crypto() - encrypt or decrypt data by cmk or cek
* @param vdev: pointer to cvg vdev
* @param is_cek: flag to mark if key type is cek, 1 - cek, 0 - cmk
* @param cek_seq: cek seq if key type is cek
* @param indata: input data
* @param indata_len: input data length
* @param outdata: output data
* @param is_encrypt: encrypt flag, 1 - encrypt, 0 - decrypt
* @param iv: iv vector
* @param crypto_tag: used to verify encrypted information
* return:
* ERR_OK -- for success case
* otherwise -- error code
*/
uint32_t cvg_sec_auth_ca_crypto(cvg_vdev_t *vdev, uint8_t is_cek,
uint8_t cek_seq, uint8_t *indata, uint32_t indata_len, uint8_t *outdata,
uint8_t is_encrypt, uint8_t *iv, uint8_t *crypto_tag);
#if (PLC_SUPPORT_STA_ROLE)
/*
* @brief cvg_sec_auth_ca_sta_check_cek_seq() - check cek sequence
* @param vdev: pointer to cvg vdev
* @param cek_seq: communication encryption key sequence
*/
void cvg_sec_auth_ca_sta_check_cek_seq(cvg_vdev_t *vdev, uint8_t cek_seq);
/*
* @brief cvg_sec_auth_ca_sta_is_init() - check if auth is in init state
* @param vdev: pointer to cvg vdev
*
* return:
* 1 - if authentication is in init state
* 0 - otherwise
*/
uint8_t cvg_sec_auth_ca_sta_is_init(cvg_vdev_t* vdev);
/*
* @brief cvg_sec_auth_ca_sta_is_cmking() - check if auth is in cmking state
* @param vdev: pointer to cvg vdev
*
* return:
* 1 - if authentication is in cmking state
* 0 - otherwise
*/
uint8_t cvg_sec_auth_ca_sta_is_cmking(cvg_vdev_t* vdev);
/*
* @brief cvg_sec_auth_ca_sta_is_ceking() - check if auth is in ceking state
* @param vdev: pointer to cvg vdev
*
* return:
* 1 - if authentication is in ceking state
* 0 - otherwise
*/
uint8_t cvg_sec_auth_ca_sta_is_ceking(cvg_vdev_t* vdev);
/*
* @brief cvg_sec_auth_ca_sta_get_auth_ts() - get the timestamp of starting
* authorization
* @param vdev: pointer to cvg vdev
*
* return: the timestamp of starting authorization, unit is 1s
*/
uint32_t cvg_sec_auth_ca_sta_get_auth_ts(cvg_vdev_t* vdev);
/*
* @brief cvg_sec_auth_ca_sta_crypto_done() - async crypto done handling
* @param vdev: pointer to vdev
* @param buf: iot pkt to contain async crypto result, and the callee
* should free the pkt
* return:
* CRYPTO_RET_OK -- for success case
* otherwise -- error code, see CRYPTO_RET_XXX
*/
uint32_t cvg_sec_auth_ca_sta_crypto_done(cvg_vdev_t *vdev, iot_pkt_t *buf);
#else /* PLC_SUPPORT_STA_ROLE */
#define cvg_sec_auth_ca_sta_check_cek_seq(vdev, cek_seq)
#define cvg_sec_auth_ca_sta_is_init(vdev) (0)
#define cvg_sec_auth_ca_sta_is_cmking(vdev) (0)
#define cvg_sec_auth_ca_sta_is_ceking(vdev) (0)
#define cvg_sec_auth_ca_sta_get_auth_ts(vdev) (0)
static inline uint32_t cvg_sec_auth_ca_sta_crypto_done(cvg_vdev_t *vdev,
iot_pkt_t *buf)
{
(void)vdev;
iot_pkt_free(buf);
return CRYPTO_RET_NOSUPP;
}
#endif /* PLC_SUPPORT_STA_ROLE */
#if (PLC_SUPPORT_CCO_ROLE)
/*
* @brief cvg_sec_auth_ca_cco_crypto_done() - async crypto done handling
* @param vdev: pointer to vdev
* @param buf: iot pkt to contain async crypto result, and the callee
* should free the pkt
* return:
* CRYPTO_RET_OK -- for success case
* otherwise -- error code, see CRYPTO_RET_XXX
*/
uint32_t cvg_sec_auth_ca_cco_crypto_done(cvg_vdev_t *vdev, iot_pkt_t *buf);
#else /* PLC_SUPPORT_CCO_ROLE */
static inline uint32_t cvg_sec_auth_ca_cco_crypto_done(cvg_vdev_t *vdev,
iot_pkt_t *buf)
{
(void)vdev;
iot_pkt_free(buf);
return CRYPTO_RET_NOSUPP;
}
#endif /* PLC_SUPPORT_CCO_ROLE */
#else /* (PLC_SUPPORT_AUTH_TYPE == PLC_AUTH_TYPE_CA) */
#define cvg_sec_auth_ca_get_crypto_sn(vdev) (0)
#define cvg_sec_auth_ca_get_key_suit(vdev) (ERR_NOSUPP)
#define cvg_sec_auth_ca_sta_check_cek_seq(vdev, cek_seq)
#define cvg_sec_auth_ca_sta_is_init(vdev) (0)
#define cvg_sec_auth_ca_sta_is_cmking(vdev) (0)
#define cvg_sec_auth_ca_sta_is_ceking(vdev) (0)
#define cvg_sec_auth_ca_sta_get_auth_ts(vdev) (0)
static inline uint8_t cvg_sec_auth_ca_get_cek_seq(cvg_vdev_t *vdev,
uint8_t *cek_seq)
{
(void)vdev;
(void)cek_seq;
return ERR_NOSUPP;
}
static inline uint32_t cvg_sec_auth_ca_crypto(cvg_vdev_t *vdev, uint8_t is_cek,
uint8_t cek_seq, uint8_t *indata, uint32_t indata_len, uint8_t *outdata,
uint8_t is_encrypt, uint8_t *iv, uint8_t *crypto_tag)
{
(void)vdev;
(void)is_cek;
(void)cek_seq;
(void)indata;
(void)indata_len;
(void)outdata;
(void)is_encrypt;
(void)iv;
(void)crypto_tag;
return ERR_NOSUPP;
}
static inline uint32_t cvg_sec_auth_ca_sta_crypto_done(cvg_vdev_t *vdev,
iot_pkt_t *buf)
{
(void)vdev;
iot_pkt_free(buf);
return CRYPTO_RET_NOSUPP;
}
static inline uint32_t cvg_sec_auth_ca_cco_crypto_done(cvg_vdev_t *vdev,
iot_pkt_t *buf)
{
(void)vdev;
iot_pkt_free(buf);
return CRYPTO_RET_NOSUPP;
}
#endif /* (PLC_SUPPORT_AUTH_TYPE == PLC_AUTH_TYPE_CA) */
#ifdef __cplusplus
}
#endif
#endif /* CVG_SEC_AUTH_ca_H */