252 lines
7.1 KiB
C
252 lines
7.1 KiB
C
|
/****************************************************************************
|
||
|
|
||
|
Copyright(c) 2019 by Aerospace C.Power (Chongqing) Microelectronics. ALL RIGHTS RESERVED.
|
||
|
|
||
|
This Information is proprietary to Aerospace C.Power (Chongqing) Microelectronics and MAY NOT
|
||
|
be copied by any method or incorporated into another program without
|
||
|
the express written consent of Aerospace C.Power. This Information or any portion
|
||
|
thereof remains the property of Aerospace C.Power. The Information contained herein
|
||
|
is believed to be accurate and Aerospace C.Power assumes no responsibility or
|
||
|
liability for its use in any way and conveys no license or title under
|
||
|
any patent or copyright and makes no representation or warranty that this
|
||
|
Information is free from patent or copyright infringement.
|
||
|
|
||
|
****************************************************************************/
|
||
|
|
||
|
#ifndef CVG_SEC_AUTH_CA_H
|
||
|
#define CVG_SEC_AUTH_CA_H
|
||
|
|
||
|
/* os shim includes */
|
||
|
#include "os_types.h"
|
||
|
|
||
|
/* public api includes */
|
||
|
#include "plc_fr.h"
|
||
|
|
||
|
/* common includes */
|
||
|
#include "iot_pkt_api.h"
|
||
|
#include "iot_crypto_error_api.h"
|
||
|
|
||
|
/* cvg module internal includes */
|
||
|
#include "cvg_api.h"
|
||
|
#include "cvg.h"
|
||
|
|
||
|
#ifdef __cplusplus
|
||
|
extern "C" {
|
||
|
#endif
|
||
|
|
||
|
#if (PLC_SUPPORT_AUTH_TYPE == PLC_AUTH_TYPE_CA)
|
||
|
|
||
|
/*
|
||
|
* @brief cvg_sec_auth_ca_get_cek_seq() - get authorized cek squence
|
||
|
* @param vdev: pointer to cvg vdev
|
||
|
* @param cek_seq: communication encryption key sequence
|
||
|
* return:
|
||
|
* ERR_OK -- for success case
|
||
|
* otherwise -- error code
|
||
|
*/
|
||
|
uint8_t cvg_sec_auth_ca_get_cek_seq(cvg_vdev_t *vdev, uint8_t *cek_seq);
|
||
|
|
||
|
/*
|
||
|
* @brief cvg_sec_auth_ca_get_crypto_sn() - get async crypto series number
|
||
|
* @param vdev: pointer to cvg vdev
|
||
|
*
|
||
|
* return: valid async crypto series number
|
||
|
*/
|
||
|
uint32_t cvg_sec_auth_ca_get_crypto_sn(cvg_vdev_t *vdev);
|
||
|
|
||
|
/*
|
||
|
* @brief cvg_sec_auth_ca_get_key_suit() - get authorized key suit
|
||
|
* @param vdev: pointer to cvg vdev
|
||
|
* return: communication encryption key suit
|
||
|
*/
|
||
|
uint8_t cvg_sec_auth_ca_get_key_suit(cvg_vdev_t *vdev);
|
||
|
|
||
|
/*
|
||
|
* @brief cvg_sec_auth_ca_crypto() - encrypt or decrypt data by cmk or cek
|
||
|
* @param vdev: pointer to cvg vdev
|
||
|
* @param is_cek: flag to mark if key type is cek, 1 - cek, 0 - cmk
|
||
|
* @param cek_seq: cek seq if key type is cek
|
||
|
* @param indata: input data
|
||
|
* @param indata_len: input data length
|
||
|
* @param outdata: output data
|
||
|
* @param is_encrypt: encrypt flag, 1 - encrypt, 0 - decrypt
|
||
|
* @param iv: iv vector
|
||
|
* @param crypto_tag: used to verify encrypted information
|
||
|
* return:
|
||
|
* ERR_OK -- for success case
|
||
|
* otherwise -- error code
|
||
|
*/
|
||
|
uint32_t cvg_sec_auth_ca_crypto(cvg_vdev_t *vdev, uint8_t is_cek,
|
||
|
uint8_t cek_seq, uint8_t *indata, uint32_t indata_len, uint8_t *outdata,
|
||
|
uint8_t is_encrypt, uint8_t *iv, uint8_t *crypto_tag);
|
||
|
|
||
|
#if (PLC_SUPPORT_STA_ROLE)
|
||
|
|
||
|
/*
|
||
|
* @brief cvg_sec_auth_ca_sta_check_cek_seq() - check cek sequence
|
||
|
* @param vdev: pointer to cvg vdev
|
||
|
* @param cek_seq: communication encryption key sequence
|
||
|
*/
|
||
|
void cvg_sec_auth_ca_sta_check_cek_seq(cvg_vdev_t *vdev, uint8_t cek_seq);
|
||
|
|
||
|
/*
|
||
|
* @brief cvg_sec_auth_ca_sta_is_init() - check if auth is in init state
|
||
|
* @param vdev: pointer to cvg vdev
|
||
|
*
|
||
|
* return:
|
||
|
* 1 - if authentication is in init state
|
||
|
* 0 - otherwise
|
||
|
*/
|
||
|
uint8_t cvg_sec_auth_ca_sta_is_init(cvg_vdev_t* vdev);
|
||
|
|
||
|
/*
|
||
|
* @brief cvg_sec_auth_ca_sta_is_cmking() - check if auth is in cmking state
|
||
|
* @param vdev: pointer to cvg vdev
|
||
|
*
|
||
|
* return:
|
||
|
* 1 - if authentication is in cmking state
|
||
|
* 0 - otherwise
|
||
|
*/
|
||
|
uint8_t cvg_sec_auth_ca_sta_is_cmking(cvg_vdev_t* vdev);
|
||
|
|
||
|
/*
|
||
|
* @brief cvg_sec_auth_ca_sta_is_ceking() - check if auth is in ceking state
|
||
|
* @param vdev: pointer to cvg vdev
|
||
|
*
|
||
|
* return:
|
||
|
* 1 - if authentication is in ceking state
|
||
|
* 0 - otherwise
|
||
|
*/
|
||
|
uint8_t cvg_sec_auth_ca_sta_is_ceking(cvg_vdev_t* vdev);
|
||
|
|
||
|
/*
|
||
|
* @brief cvg_sec_auth_ca_sta_get_auth_ts() - get the timestamp of starting
|
||
|
* authorization
|
||
|
* @param vdev: pointer to cvg vdev
|
||
|
*
|
||
|
* return: the timestamp of starting authorization, unit is 1s
|
||
|
*/
|
||
|
uint32_t cvg_sec_auth_ca_sta_get_auth_ts(cvg_vdev_t* vdev);
|
||
|
|
||
|
/*
|
||
|
* @brief cvg_sec_auth_ca_sta_crypto_done() - async crypto done handling
|
||
|
* @param vdev: pointer to vdev
|
||
|
* @param buf: iot pkt to contain async crypto result, and the callee
|
||
|
* should free the pkt
|
||
|
* return:
|
||
|
* CRYPTO_RET_OK -- for success case
|
||
|
* otherwise -- error code, see CRYPTO_RET_XXX
|
||
|
*/
|
||
|
uint32_t cvg_sec_auth_ca_sta_crypto_done(cvg_vdev_t *vdev, iot_pkt_t *buf);
|
||
|
|
||
|
#else /* PLC_SUPPORT_STA_ROLE */
|
||
|
|
||
|
#define cvg_sec_auth_ca_sta_check_cek_seq(vdev, cek_seq)
|
||
|
|
||
|
#define cvg_sec_auth_ca_sta_is_init(vdev) (0)
|
||
|
|
||
|
#define cvg_sec_auth_ca_sta_is_cmking(vdev) (0)
|
||
|
|
||
|
#define cvg_sec_auth_ca_sta_is_ceking(vdev) (0)
|
||
|
|
||
|
#define cvg_sec_auth_ca_sta_get_auth_ts(vdev) (0)
|
||
|
|
||
|
static inline uint32_t cvg_sec_auth_ca_sta_crypto_done(cvg_vdev_t *vdev,
|
||
|
iot_pkt_t *buf)
|
||
|
{
|
||
|
(void)vdev;
|
||
|
iot_pkt_free(buf);
|
||
|
return CRYPTO_RET_NOSUPP;
|
||
|
}
|
||
|
|
||
|
#endif /* PLC_SUPPORT_STA_ROLE */
|
||
|
|
||
|
#if (PLC_SUPPORT_CCO_ROLE)
|
||
|
|
||
|
/*
|
||
|
* @brief cvg_sec_auth_ca_cco_crypto_done() - async crypto done handling
|
||
|
* @param vdev: pointer to vdev
|
||
|
* @param buf: iot pkt to contain async crypto result, and the callee
|
||
|
* should free the pkt
|
||
|
* return:
|
||
|
* CRYPTO_RET_OK -- for success case
|
||
|
* otherwise -- error code, see CRYPTO_RET_XXX
|
||
|
*/
|
||
|
uint32_t cvg_sec_auth_ca_cco_crypto_done(cvg_vdev_t *vdev, iot_pkt_t *buf);
|
||
|
|
||
|
#else /* PLC_SUPPORT_CCO_ROLE */
|
||
|
|
||
|
static inline uint32_t cvg_sec_auth_ca_cco_crypto_done(cvg_vdev_t *vdev,
|
||
|
iot_pkt_t *buf)
|
||
|
{
|
||
|
(void)vdev;
|
||
|
iot_pkt_free(buf);
|
||
|
return CRYPTO_RET_NOSUPP;
|
||
|
}
|
||
|
|
||
|
#endif /* PLC_SUPPORT_CCO_ROLE */
|
||
|
|
||
|
#else /* (PLC_SUPPORT_AUTH_TYPE == PLC_AUTH_TYPE_CA) */
|
||
|
|
||
|
#define cvg_sec_auth_ca_get_crypto_sn(vdev) (0)
|
||
|
|
||
|
#define cvg_sec_auth_ca_get_key_suit(vdev) (ERR_NOSUPP)
|
||
|
|
||
|
#define cvg_sec_auth_ca_sta_check_cek_seq(vdev, cek_seq)
|
||
|
|
||
|
#define cvg_sec_auth_ca_sta_is_init(vdev) (0)
|
||
|
|
||
|
#define cvg_sec_auth_ca_sta_is_cmking(vdev) (0)
|
||
|
|
||
|
#define cvg_sec_auth_ca_sta_is_ceking(vdev) (0)
|
||
|
|
||
|
#define cvg_sec_auth_ca_sta_get_auth_ts(vdev) (0)
|
||
|
|
||
|
static inline uint8_t cvg_sec_auth_ca_get_cek_seq(cvg_vdev_t *vdev,
|
||
|
uint8_t *cek_seq)
|
||
|
{
|
||
|
(void)vdev;
|
||
|
(void)cek_seq;
|
||
|
return ERR_NOSUPP;
|
||
|
}
|
||
|
|
||
|
static inline uint32_t cvg_sec_auth_ca_crypto(cvg_vdev_t *vdev, uint8_t is_cek,
|
||
|
uint8_t cek_seq, uint8_t *indata, uint32_t indata_len, uint8_t *outdata,
|
||
|
uint8_t is_encrypt, uint8_t *iv, uint8_t *crypto_tag)
|
||
|
{
|
||
|
(void)vdev;
|
||
|
(void)is_cek;
|
||
|
(void)cek_seq;
|
||
|
(void)indata;
|
||
|
(void)indata_len;
|
||
|
(void)outdata;
|
||
|
(void)is_encrypt;
|
||
|
(void)iv;
|
||
|
(void)crypto_tag;
|
||
|
return ERR_NOSUPP;
|
||
|
}
|
||
|
|
||
|
static inline uint32_t cvg_sec_auth_ca_sta_crypto_done(cvg_vdev_t *vdev,
|
||
|
iot_pkt_t *buf)
|
||
|
{
|
||
|
(void)vdev;
|
||
|
iot_pkt_free(buf);
|
||
|
return CRYPTO_RET_NOSUPP;
|
||
|
}
|
||
|
|
||
|
static inline uint32_t cvg_sec_auth_ca_cco_crypto_done(cvg_vdev_t *vdev,
|
||
|
iot_pkt_t *buf)
|
||
|
{
|
||
|
(void)vdev;
|
||
|
iot_pkt_free(buf);
|
||
|
return CRYPTO_RET_NOSUPP;
|
||
|
}
|
||
|
|
||
|
#endif /* (PLC_SUPPORT_AUTH_TYPE == PLC_AUTH_TYPE_CA) */
|
||
|
|
||
|
#ifdef __cplusplus
|
||
|
}
|
||
|
#endif
|
||
|
|
||
|
#endif /* CVG_SEC_AUTH_ca_H */
|